Marcelo Santana

Recife, Brazil

Debian l10n Portuguese team member, electronic engineer passionate about technology, free software and open standards.

  • "New in Debian stable Stretch: nftables" by Arturo Borrero González

    Debian Project at 2017-05-07T11:15:04Z

    Status: published

    "New in Debian stable Stretch: nftables" by Arturo Borrero González

    Marcelo Santana likes this.

  • Testing Dianara v1.3.5 Alpha...

    at 2016-09-04T00:31:35Z

    Hey there, Pumpers! o/

    Today I tagged the development version of my client, Dianara, as "alpha", in preparation for the next release by the end of the month.

    The most noticeable changes, as illustrated in the screenshot, are:

    • Items highlighted due to filtering rules will show reason for highlighting. As visible on the left side of the screenshot, that post was highlighted due to it matching the words "" and "Security" in the post contents, which I had configured as a filtering rule previously.
    • After downloading an attachment, a button will appear, to open the file using the default program from the user's desktop environment. So if a post has audio attached, after saving it, an "Open" button will appear (right side of the screenshot), and clicking it will open the file with Amarok, Qmmp, VLC, or whatever your default audio player is =)
    • Added buttons to rotate images in the image viewer. Also via keyboard, with Ctrl+Left and Ctrl+Right. This is mostly for the case of images uploaded upside down, or not taken in the right direction for whatever reason. (Lower part of the screenshot)

    Also, building Dianara with Qt 5 is officially supported now. Note that your system will need a Qt 5 build of the QOAuth library, which most GNU/linux distributions still don't provide. Mageia 6 does, and so does openSUSE (in a separate repository).

    If your system's language is German, you'll also have a full German translation, thanks to @Bd Sn, who got the translation up to date again!

    As always, code here:, and instructions to build in the INSTALL file.

    Testing and feedback is appreciated =)


    Douglas Perkins, Christopher Allan Webber, der.hans, Bd Sn and 9 others likes this.

    Colegota, Christopher Allan Webber, der.hans, legolas and 4 others shared this.

    \o/ Lo probaré en cuanto termine de personalizar mi Slackware :D

    GNUstav Huarcaya at 2016-09-05T13:59:40Z

    Now "almost RC"... testing and feedback appreciated! =)

    JanKusanagi at 2016-09-28T16:43:57Z

  • DebConf16 photos (high resolution) available

    Debian Project at 2016-08-05T18:33:40Z

    The DebConf16 group photos (high resolution) are available at

    Marcelo Santana likes this.

    Marcelo Santana, Jakukyo Friel shared this.

  • One Liberated Laptop

    Elena ``of Valhalla'' at 2016-07-24T18:36:01Z


    After many days of failed attempts, yesterday @Diego Roversi finally managed to setup SPI on the BeagleBone White¹, and that means that today at our home it was Laptop Liberation Day!

    We took the spare X200, opened it, found the point we were on in the tutorial installing libreboot on x200, connected all of the proper cables on the clip³ and did some reading tests of the original bios.


    While the tutorial mentioned a very conservative setting (512kHz), just for fun we tried to read it at different speed and all results up to 16384 kHz were equal, with the first failure at 32784 kHz, so we settled on using 8192 kHz.

    Then it was time to customize our libreboot image with the right MAC address, and that's when we realized that the sheet of paper where we had written it down the last time had been put in a safe place… somewhere…

    Luckily we also had taken a picture, and that was easier to find, so we checked the keyboard map², followed the instructions to customize the image, flashed the chip, partially reassembled the laptop, started it up and… a black screen, some fan noise and nothing else.

    We tried to reflash the chip (nothing was changed), tried the us keyboard image, in case it was the better tested one (same results) and reflashed the original bios, just to check that the laptop was still working (it was).

    It was lunchtime, so we stopped our attempts. As soon as we started eating, however, we realized that this laptop came with 3GB of RAM, and that surely meant "no matching pairs of RAM", so just after lunch we reflashed the first image, removed one dimm, rebooted and finally saw a gnu-hugging penguin!

    We then tried booting some random live usb key we had around (failed the first time, worked the second and further one with no changes), and then proceeded to install Debian.

    Running the installer required some attempts and a bit of duckduckgoing: parsing the isolinux / grub configurations from the libreboot menu didn't work, but in the end it was as easy as going to the command line and running:

    linux (usb0)/install.amd/vmlinuz
    initrd (usb0)/install.amd/initrd.gz

    From there on, it was the usual debian installation and a well know environment, and there were no surprises. I've noticed that grub-coreboot is not installed (grub-pc is) and I want to investigate a bit, but rebooting worked out of the box with no issue.

    Next step will be liberating my own X200 laptop, and then if you are around the @Gruppo Linux Como area and need a 16 pin clip let us know and we may bring everything to one of the LUG meetings⁴

    ¹ yes, white, and most of the instructions on the interwebz talk about the black, which is extremely similar to the white… except where it isn't

    ² wait? there are keyboard maps? doesn't everybody just use the us one regardless of what is printed on the keys? Do I *live* with somebody who doesn't? :D

    ³ the breadboard in the picture is only there for the power supply, the chip on it is a cheap SPI flash used to test SPI on the bone without risking the laptop :)

    ⁴ disclaimer: it worked for us. it may not work on *your* laptop. it may brick it. it may invoke a tentacled monster, it may bind your firstborn son to a life of servitude to some supernatural being. Whatever happens, it's not our fault.

    Marcelo Santana, MATTEO BECHINI, Sajith Sasidharan, Sean Tilley and 10 others likes this.

    Marcelo Santana, Benjamin Cook, Benjamin Cook, Benjamin Cook and 2 others shared this.

    Aaaand second laptop liberated (no pictures, they wouldn't be significantly different from the ones of the first).

    (mostly: I still have the original wifi card, until I can find one supported by a free firmware)

    Elena ``of Valhalla'' at 2016-07-25T20:50:05Z

  • Bits from Debian: Debian and Tor Services available as Onion Services

    Debian Project at 2016-08-01T15:40:03Z

    Link to original post: Debian and Tor Services available as Onion Services

    We, the Debian project and the Tor project are enabling Tor onion services for several of our sites. These sites can now be reached without leaving the Tor network, providing a new option for securely connecting to resources provided by Debian and Tor.

    The freedom to use open source software may be compromised when access to that software is monitored, logged, limited, prevented, or prohibited. As a community, we acknowledge that users should not feel that their every action is trackable or observable by others. Consequently, we are pleased to announce that we have started making several of the various web services provided by both Debian and Tor available via onion services.

    While onion services can be used to conceal the network location of the machine providing the service, this is not the goal here. Instead, we employ onion services because they provide end-to-end integrity and confidentiality, and they authenticate the onion service end point.

    For instance, when users connect to the onion service running at http://sejnfjrq6szgca7v.onion/, using a Tor-enabled browser such as the TorBrowser, they can be certain that their connection to the Debian website cannot be read or modified by third parties, and that the website that they are visiting is indeed the Debian website. In a sense, this is similar to what using HTTPS provides. However, crucially, onion services do not rely on third-party certification authorities (CAs). Instead, the onion service name cryptographically authenticates its cryptographic key.

    In addition to the Tor and Debian websites, the Debian FTP and the Debian Security archives are available from .onion addresses, enabling Debian users to update their systems using only Tor connections. With the apt-transport-tor package installed, the following entries can replace the normal debian mirror entries in the apt configuration file (/etc/apt/sources.list):

      deb  tor+http://vwakviie2ienjx6t.onion/debian          jessie            main
      deb  tor+http://vwakviie2ienjx6t.onion/debian          jessie-updates    main
      deb  tor+http://sgvtcaew4bxjd7ln.onion/debian-security jessie/updates    main

    Likewise, Tor's Debian package repository is available from an onion service :

      deb tor+http://sdscoq7snqtznauu.onion/   jessie    main

    Where appropriate, we provide services redundantly from several backend machines using OnionBalance. The Debian OnionBalance package is available from the Debian backports repository.

    Lists of several other new onion services offered by Debian and Tor are available from and respectively. We expect to expand these lists in the near future to cover even more of Debian's and Tor's services.

    Jakukyo Friel, Marcelo Santana, kenyahhtah, guile and 8 others likes this.

    Jakukyo Friel, Marcelo Santana, Claes Wallin (韋嘉誠), Kevin Everets and 10 others shared this.

    I was using tor+http to the clearnet addresses of debian-security and tor repo. Now updated.

    These onion services are snappy!

    Claes Wallin (韋嘉誠) at 2016-08-02T17:07:28Z

  • Thadeu Lima de Souza Cascardo at 2016-07-07T14:47:57Z

    I am going to talk about copyleft at FISL next week.

    Any suggestions on addressing pro-permissive-licenses or anti-copyleft people? I would expect some of the audience to be part of that group. But not the majority of the audience.

    Should I address more of the public that doesn't know too much about copyleft, GPL and enforcement work, and how that is important? And maybe warn them about anti-copyleft?

    Marcelo Santana likes this.

    Marcelo Santana shared this.

    First level itens are questions/objections that might come from the public. Second level are part of the possible answer.

    * GPL/AGPL/FDL are too long and require huge license notices.

    ** These are the only licenses that:

    *** Define what "source code"/"source files" is. **Most** (not all) of the other licenses (specially: CC BY, CC BY-SA) don't have such definition.

    *** Specially in the case of the latest GPL (I have only read **this** entirely): Have provisions against digital handcuffs.

    *** Specially in the case of the latest GPL: Have previsions against overpriced redistribution if the redistribution in binary/ready/object form is made **first and with a price/charge**, in which the redistribution of the source happens only when requested by the user and so the redistributor tries to charge once again (in this case, the GPL limits the second charge to the direct costs associated with a phisical redistribution, so the redistributor cannot put profit margin upon this charge). This doesn't apply if the redistribution happens in source form only, and also in some other scenarios described in the GPL.

    * These licenses require that one inserts the license notices in every file.

    ** No, that's a recommendation, so that, if the whole project's source files happen to be downloaded by the user, and the user then takes just one single file out for use of his own reason, he can be quickly reminded of the license. This answer is similar to our reasoning for correctly licensing JavaScript, in that the web developer receives the README and LICENSE/COPYING files, and simply deletes them, or choses not inform users/visitors of the site about the license of the JavaScript and, most importantly, about where to find the complete and corresponding source code/files.

    * Are functional data under the Peer Production License, a copyfarleft license, considered free/libre?

    ** No, because it restricts selling. The PPL can be used for non-functional data. The Telecomunist Manifest, that created the copyfarleft movement advises *against* using the PPL for functional data, and *considers* the GPL and related strong copyleft licenses as the best ones for functional works. See: <>.

    * Is ZFS free/libre software?

    ** Yes, it is. However, due to poor licensing choice from the copyright holders of the ZFS implementation for the Linux kernel, redistributors must-not redistribute ZFS in object/binary form, only in source form. See: <>.

    * Is CC BY-SA a GPL equivalent for non-functional works?

    ** Not exactly. The closer equivalent is Free/Libre Art License, this is the license that the FSF recommends for non-functional data. See: <>.

    Regarding your last questions: It all depends on your target-audience. If you know that they are willing to learn such things, do so. Note that according to The Principles of Community-Oriented GPL Enforcement published by FSF and Software Freedom Conservancy (<>), this must be done in a collaborative way first, presenting suggestions, asking for the violators to help on solving the issue together with you,  and perhaps even asking them to assign someone from their group as a "copyleft compliance manager" for that issue. There's a rescent discussion on libreplanet-discuss mailing list about GPL enforcement in China, in which someone suggested this "manager" assignment, see: <>.

    Adonay Felipe Nogueira at 2016-07-09T01:36:36Z

  • DPL Mehdi Dogguy was recently interviewed by iTWire.

    Debian Project at 2016-05-02T19:01:32Z

    DPL Mehdi Dogguy was recently interviewed by iTWire, he discusses Debian, communication and his roadmap for the future.

    Marcelo Santana, lostson, der.hans likes this.

    Marcelo Santana, lostson, lostson shared this.

  • rnetclient 2016.0

    Thadeu Lima de Souza Cascardo at 2016-04-07T02:29:25Z

    O rnetclient 2016.0 já está disponível aqui.

    A nova versão suporta a transmissão de declarações de 2016, além de retificações de 2013 a 2015. Possivelmente, anos posteriores são suportados, desde que não haja mudanças inesperadas no protocolo da Receita Federal.

    Outras melhorias incluem:

    • Não transmitir a declaração se não for possível gravar o arquivo de recibo. Em versões anteriores, se um arquivo de recibo já existisse, o arquivo não era sobrescrito, mas o novo recibo não era gravado em nenhum arquivo.
    • Teste unitário, verificando que alterações no código ainda permitem a correta identificação e leitura de declarações de anos anteriores.

    Agradeço ao Gabriel F. T. Gomes pelos testes e contribuições a esta versão.

    Caso tenha algum problema com o uso do rnetclient, por favor, reporte na lista software-impostos.

    Thadeu Cascardo.

    Marcelo Santana, Arcee likes this.

    Marcelo Santana, Arcee, Alexandre Oliva shared this.

  • Evan Prodromou at 2015-09-21T16:46:09Z

    Next steps for

    I don't have the time, energy, or money to put into keeping the pump network going by myself any more. I'd like to get some help.

    Ideally, what I'd like to do is transfer the copyrights, domains and data to a non-profit that could collect donations to keep the servers running. Budget-wise, it's about $5K/year, including servers, domain registration, and SSL certs.

    It'd also be great if some of the people who have been sending in pull requests could start working on the software directly. There are a lot of PRs backed up.

    I'm open to any suggestions on this stuff; I don't feel like I've been a good steward to lately, and I'd like to get us back on track., MATTEO BECHINI, Evan Prodromou, l30bravo and 26 others likes this.

    Fabián Bonetti, victorhck, João Patrício, Lars Wirzenius and 29 others shared this.

    Show all 7 replies

    I would definitely like to assist on the administrative side though my current employer keeps tightening the reins as time goes by. If one of these pending transfer proposals goes through, that may change. I have a period with my hands tied on certain functions if I were an operator at a corporate entity if that were a new job for me.

    If @Christopher Allan Webber and @Bradley M. Kuhn want to loop me in on e-mail discussion my Launchpad page ~skellat has a current & correct e-mail for me.

    I have some co-workers with BBAs who are willing to jump ship if the price is right...

    Stephen Michael Kellat at 2015-09-21T19:05:14Z

    Being realistic with myself, I can't donate time on the coding. I could probably donate some time for administration, but since I'm not in anybody's "web of trust" (cryptographically or socially) here, I won't suggest it. However, I would like to say I am definitely willing to contribute my meager funds to an appropriate place to help keep the lights on. Thank you for carrying the network as much as you have, Evan!

    Charles Stanhope at 2015-09-21T19:42:32Z

    Claes Wallin (韋嘉誠), Evan Prodromou, Christopher Allan Webber, pingi likes this.

    Thank you for evanrything, which includes a whole whole whole lot!

    Mike Linksvayer at 2015-09-22T18:10:27Z

    Claes Wallin (韋嘉誠), Evan Prodromou, jrobb, mnd and 6 others likes this.

    Thank you so much for everything!!

    l30bravo at 2015-09-24T17:42:22Z

  • Ian and Linux

    Debian Project at 2015-08-27T11:45:07Z

    How Ian Murdock (the Ian in Debian) came to find Linux and start Debian.

    Marcelo Santana likes this.

    Marcelo Santana, Dana shared this.

  • Interview with Francesca Ciceri

    Debian Project at 2015-04-01T07:51:14Z

    FLOSS developers interview with Francesca Ciceri, Debian Developer and zombie fan.

    Raúl Benencia, Christopher Allan Webber, SombreKnave, Marcelo Santana and 2 others likes this.

    Jakukyo Friel, Christopher Allan Webber, SombreKnave, SombreKnave and 6 others shared this.

    Enjoying this series of interviews.

    SombreKnave at 2015-04-01T12:45:50Z

  • Stefano Zacchiroli at 2014-06-06T09:53:57Z

    FSF's email self-defense guide #privacy #gnupg

    Jakukyo Friel, Steven Hamilton, johns, Marcelo Santana likes this.

    Marcelo Santana, Digital Roffey shared this.

    for some more in-depth directions I like ;)

    etalas at 2014-06-22T19:44:09Z

  • SombreKnave at 2014-05-26T14:16:33Z

    Interesting what he says about building from source -- I think that the removing bundled analytics / spyware packages is what has helped me most when promoting F-Droid to non-techies.

    I.e. "Look here first and if it's in FDroid then that means it won't have adverts"

    Marcelo Santana likes this.

  • 3D design with free software

    Laura Arjona Reina at 2014-03-15T09:34:03Z

    3D design #freesoftware : you can use #Blender or if you like to program, #OpenSCAD #debbcn #bcn2014minidebconf

    Marcelo Santana likes this.

    EVAnaRkISTO shared this.

  • Thadeu Lima de Souza Cascardo at 2014-03-16T13:38:42Z

    rnetclient, cliente livre para envio da Declaração de Ajuste Anual do IRPF, está em sua versão 2014.1.

    Testes, patches, documentação, entre outros, são bem-vindos.

    Sidney Batista Filho, Marcelo Santana likes this.

    Sidney Batista Filho, Marcelo Santana, Alexandre Oliva shared this.

  • Francesca Ciceri at 2014-03-21T08:42:24Z

    Back to, thanks to @larjona 's enthusiasm :).
    Hopefully I'll be able to navigate through the new interface *and* the new features (well, new since the migration).

    Marcelo Santana, Artopal, Greg Grossmeier, Christopher Allan Webber and 2 others likes this.

    Welcome back!

    The website is nice, but I recommend to use a desktop client until some issues are addressed in the Web UI. For example Dianara allows to edit posts once published, and Pumpa makes mentions to CC the person you mentioned. There are other interesting features too.

    Laura Arjona Reina at 2014-03-21T09:25:38Z

    Christopher Allan Webber, Francesca Ciceri likes this.

    Thanks! It's good to be with all you again :)

    Francesca Ciceri at 2014-03-23T10:19:14Z

  • Aracnus at 2014-03-20T14:25:21Z

    Marco Civil: a força das operadoras de telefonia por trás da disputa política
    Excelente apanhado geral sobre a "novela" do Marco Civil da Internet


    #teles #marcocivildainternet #liberdade #internet #brasil

    Marcelo Santana likes this.

  • The Tor Project, Inc. at 2013-10-03T02:10:46Z

    Tor and silk road takedown.

    Marcelo Santana, Faisal Rehman, GDFEJK, Stefano Costa and 1 others likes this.

    Sandro Santilli, Claes Wallin (韋嘉誠), Stefano Zacchiroli shared this.

    Show all 5 replies
    "So far, nothing about this case makes us think that there are new ways to compromise Tor (the software or the network). The FBI says that their suspect made mistakes in operational security, and was found through actual detective work."

    This is probably true, but what would the FBI have said if they had solved the case using some undisclosed way of compromising the network?

    Claes Wallin (韋嘉誠) at 2013-10-03T08:14:15Z

    I don't think they did compromise Tor. The mistakes that were made seem pretty believable.
    Besides, the NSA does not play with the FBI so even though the NSA knows vulnerabilities the FBI doesn't necessarily have access to them. at 2013-10-03T08:31:46Z

    Good point. So the whole Patriot and Homeland Security business has not actually changed any of this?

    Claes Wallin (韋嘉誠) at 2013-10-03T17:57:51Z

    Ok, this makes it pretty clear that TOR hackery was not necessary to bring down this Dread Pirate:

    Claes Wallin (韋嘉誠) at 2013-10-08T08:07:14Z