"New in Debian stable Stretch: nftables" by Arturo Borrero González
"New in Debian stable Stretch: nftables" by Arturo Borrero González http://ral-arturo.org/2017/05/05/debian-stretch-stable-nftables.html
Marcelo Santana likes this.
Testing Dianara v1.3.5 Alpha...
Hey there, Pumpers! o/
The most noticeable changes, as illustrated in the screenshot, are:
- Items highlighted due to filtering rules will show reason for highlighting. As visible on the left side of the screenshot, that post was highlighted due to it matching the words "Pump.io" and "Security" in the post contents, which I had configured as a filtering rule previously.
- After downloading an attachment, a button will appear, to open the file using the default program from the user's desktop environment. So if a post has audio attached, after saving it, an "Open" button will appear (right side of the screenshot), and clicking it will open the file with Amarok, Qmmp, VLC, or whatever your default audio player is =)
- Added buttons to rotate images in the image viewer. Also via keyboard, with Ctrl+Left and Ctrl+Right. This is mostly for the case of images uploaded upside down, or not taken in the right direction for whatever reason. (Lower part of the screenshot)
Also, building Dianara with Qt 5 is officially supported now. Note that your system will need a Qt 5 build of the QOAuth library, which most GNU/linux distributions still don't provide. Mageia 6 does, and so does openSUSE (in a separate repository).
If your system's language is German, you'll also have a full German translation, thanks to @Bd Sn, who got the translation up to date again!
As always, code here: gitlab.com/dianara/dianara-dev, and instructions to build in the INSTALL file.
Testing and feedback is appreciated =)
One Liberated Laptop
After many days of failed attempts, yesterday @Diego Roversi finally managed to setup SPI on the BeagleBone White¹, and that means that today at our home it was Laptop Liberation Day!
We took the spare X200, opened it, found the point we were on in the tutorial installing libreboot on x200, connected all of the proper cables on the clip³ and did some reading tests of the original bios.
While the tutorial mentioned a very conservative setting (512kHz), just for fun we tried to read it at different speed and all results up to 16384 kHz were equal, with the first failure at 32784 kHz, so we settled on using 8192 kHz.
Then it was time to customize our libreboot image with the right MAC address, and that's when we realized that the sheet of paper where we had written it down the last time had been put in a safe place… somewhere…
Luckily we also had taken a picture, and that was easier to find, so we checked the keyboard map², followed the instructions to customize the image, flashed the chip, partially reassembled the laptop, started it up and… a black screen, some fan noise and nothing else.
We tried to reflash the chip (nothing was changed), tried the us keyboard image, in case it was the better tested one (same results) and reflashed the original bios, just to check that the laptop was still working (it was).
It was lunchtime, so we stopped our attempts. As soon as we started eating, however, we realized that this laptop came with 3GB of RAM, and that surely meant "no matching pairs of RAM", so just after lunch we reflashed the first image, removed one dimm, rebooted and finally saw a gnu-hugging penguin!
We then tried booting some random live usb key we had around (failed the first time, worked the second and further one with no changes), and then proceeded to install Debian.
Running the installer required some attempts and a bit of duckduckgoing: parsing the isolinux / grub configurations from the libreboot menu didn't work, but in the end it was as easy as going to the command line and running:
From there on, it was the usual debian installation and a well know environment, and there were no surprises. I've noticed that
grub-corebootis not installed ( grub-pcis) and I want to investigate a bit, but rebooting worked out of the box with no issue.
Next step will be liberating my own X200 laptop, and then if you are around the @Gruppo Linux Como area and need a 16 pin clip let us know and we may bring everything to one of the LUG meetings⁴
¹ yes, white, and most of the instructions on the interwebz talk about the black, which is extremely similar to the white… except where it isn't
² wait? there are keyboard maps? doesn't everybody just use the us one regardless of what is printed on the keys? Do I *live* with somebody who doesn't? :D
³ the breadboard in the picture is only there for the power supply, the chip on it is a cheap SPI flash used to test SPI on the bone without risking the laptop :)
⁴ disclaimer: it worked for us. it may not work on *your* laptop. it may brick it. it may invoke a tentacled monster, it may bind your firstborn son to a life of servitude to some supernatural being. Whatever happens, it's not our fault.
Bits from Debian: Debian and Tor Services available as Onion ServicesLink to original post: Debian and Tor Services available as Onion Services
We, the Debian project and the Tor project are enabling Tor onion services for several of our sites. These sites can now be reached without leaving the Tor network, providing a new option for securely connecting to resources provided by Debian and Tor.
The freedom to use open source software may be compromised when access to that software is monitored, logged, limited, prevented, or prohibited. As a community, we acknowledge that users should not feel that their every action is trackable or observable by others. Consequently, we are pleased to announce that we have started making several of the various web services provided by both Debian and Tor available via onion services.
While onion services can be used to conceal the network location of the machine providing the service, this is not the goal here. Instead, we employ onion services because they provide end-to-end integrity and confidentiality, and they authenticate the onion service end point.
For instance, when users connect to the onion service running at http://sejnfjrq6szgca7v.onion/, using a Tor-enabled browser such as the TorBrowser, they can be certain that their connection to the Debian website cannot be read or modified by third parties, and that the website that they are visiting is indeed the Debian website. In a sense, this is similar to what using HTTPS provides. However, crucially, onion services do not rely on third-party certification authorities (CAs). Instead, the onion service name cryptographically authenticates its cryptographic key.
In addition to the Tor and Debian websites, the Debian FTP and the Debian Security archives are available from .onion addresses, enabling Debian users to update their systems using only Tor connections. With the apt-transport-tor package installed, the following entries can replace the normal debian mirror entries in the apt configuration file (
deb tor+http://vwakviie2ienjx6t.onion/debian jessie main deb tor+http://vwakviie2ienjx6t.onion/debian jessie-updates main deb tor+http://sgvtcaew4bxjd7ln.onion/debian-security jessie/updates main
Likewise, Tor's Debian package repository is available from an onion service :
deb tor+http://sdscoq7snqtznauu.onion/torproject.org jessie main
Lists of several other new onion services offered by Debian and Tor are available from https://onion.debian.org and https://onion.torproject.org respectively. We expect to expand these lists in the near future to cover even more of Debian's and Tor's services.
- I am going to talk about copyleft at FISL next week.
Any suggestions on addressing pro-permissive-licenses or anti-copyleft people? I would expect some of the audience to be part of that group. But not the majority of the audience.
Should I address more of the public that doesn't know too much about copyleft, GPL and enforcement work, and how that is important? And maybe warn them about anti-copyleft?
Marcelo Santana likes this.
Marcelo Santana shared this.First level itens are questions/objections that might come from the public. Second level are part of the possible answer.
* GPL/AGPL/FDL are too long and require huge license notices.
** These are the only licenses that:
*** Define what "source code"/"source files" is. **Most** (not all) of the other licenses (specially: CC BY, CC BY-SA) don't have such definition.
*** Specially in the case of the latest GPL (I have only read **this** entirely): Have provisions against digital handcuffs.
*** Specially in the case of the latest GPL: Have previsions against overpriced redistribution if the redistribution in binary/ready/object form is made **first and with a price/charge**, in which the redistribution of the source happens only when requested by the user and so the redistributor tries to charge once again (in this case, the GPL limits the second charge to the direct costs associated with a phisical redistribution, so the redistributor cannot put profit margin upon this charge). This doesn't apply if the redistribution happens in source form only, and also in some other scenarios described in the GPL.
* These licenses require that one inserts the license notices in every file.
* Are functional data under the Peer Production License, a copyfarleft license, considered free/libre?
** No, because it restricts selling. The PPL can be used for non-functional data. The Telecomunist Manifest, that created the copyfarleft movement advises *against* using the PPL for functional data, and *considers* the GPL and related strong copyleft licenses as the best ones for functional works. See: <https://www.gnu.org/licenses/license-list.en.html#PPL>.
* Is ZFS free/libre software?
** Yes, it is. However, due to poor licensing choice from the copyright holders of the ZFS implementation for the Linux kernel, redistributors must-not redistribute ZFS in object/binary form, only in source form. See: <https://www.fsf.org/licensing/zfs-and-linux>.
* Is CC BY-SA a GPL equivalent for non-functional works?
** Not exactly. The closer equivalent is Free/Libre Art License, this is the license that the FSF recommends for non-functional data. See: <https://www.gnu.org/licenses/licenses.html.en#OtherWorks>.
Regarding your last questions: It all depends on your target-audience. If you know that they are willing to learn such things, do so. Note that according to The Principles of Community-Oriented GPL Enforcement published by FSF and Software Freedom Conservancy (<https://www.fsf.org/licensing/enforcement-principles>), this must be done in a collaborative way first, presenting suggestions, asking for the violators to help on solving the issue together with you, and perhaps even asking them to assign someone from their group as a "copyleft compliance manager" for that issue. There's a rescent discussion on libreplanet-discuss mailing list about GPL enforcement in China, in which someone suggested this "manager" assignment, see: <https://lists.gnu.org/archive/html/libreplanet-discuss/2016-06/msg00052.html>.
DPL Mehdi Dogguy was recently interviewed by iTWire.
DPL Mehdi Dogguy was recently interviewed by iTWire, he discusses Debian, communication and his roadmap for the future.
O rnetclient 2016.0 já está disponível aqui.
A nova versão suporta a transmissão de declarações de 2016, além de retificações de 2013 a 2015. Possivelmente, anos posteriores são suportados, desde que não haja mudanças inesperadas no protocolo da Receita Federal.
Outras melhorias incluem:
- Não transmitir a declaração se não for possível gravar o arquivo de recibo. Em versões anteriores, se um arquivo de recibo já existisse, o arquivo não era sobrescrito, mas o novo recibo não era gravado em nenhum arquivo.
- Teste unitário, verificando que alterações no código ainda permitem a correta identificação e leitura de declarações de anos anteriores.
Agradeço ao Gabriel F. T. Gomes pelos testes e contribuições a esta versão.
Caso tenha algum problema com o uso do rnetclient, por favor, reporte na lista software-impostos.
- Next steps for pump.io
I don't have the time, energy, or money to put into keeping the pump network going by myself any more. I'd like to get some help.
Ideally, what I'd like to do is transfer the copyrights, domains and data to a non-profit that could collect donations to keep the servers running. Budget-wise, it's about $5K/year, including servers, domain registration, and SSL certs.
It'd also be great if some of the people who have been sending in pull requests could start working on the software directly. There are a lot of PRs backed up.
I'm open to any suggestions on this stuff; I don't feel like I've been a good steward to pump.io lately, and I'd like to get us back on track.Show all 7 replies
I would definitely like to assist on the administrative side though my current employer keeps tightening the reins as time goes by. If one of these pending transfer proposals goes through, that may change. I have a period with my hands tied on certain functions if I were an operator at a corporate entity if that were a new job for me.
I have some co-workers with BBAs who are willing to jump ship if the price is right...Being realistic with myself, I can't donate time on the coding. I could probably donate some time for administration, but since I'm not in anybody's "web of trust" (cryptographically or socially) here, I won't suggest it. However, I would like to say I am definitely willing to contribute my meager funds to an appropriate place to help keep the lights on. Thank you for carrying the pump.io network as much as you have, Evan!
Interview with Francesca Ciceri
FLOSS developers interview with Francesca Ciceri, Debian Developer and zombie fan.
- FSF's email self-defense guide https://emailselfdefense.fsf.org/ #privacy #gnupg
Interesting what he says about building from source -- I think that the removing bundled analytics / spyware packages is what has helped me most when promoting F-Droid to non-techies.
I.e. "Look here first and if it's in FDroid then that means it won't have adverts"
Marcelo Santana likes this.
- rnetclient, cliente livre para envio da Declaração de Ajuste Anual do IRPF, está em sua versão 2014.1.
Testes, patches, documentação, entre outros, são bem-vindos.
- Back to identi.ca, thanks to @larjona 's enthusiasm :).
Hopefully I'll be able to navigate through the new interface *and* the new features (well, new since the migration).
The website is nice, but I recommend to use a desktop client until some issues are addressed in the Web UI. For example Dianara allows to edit posts once published, and Pumpa makes mentions to CC the person you mentioned. There are other interesting features too.
Marco Civil: a força das operadoras de telefonia por trás da disputa política
Excelente apanhado geral sobre a "novela" do Marco Civil da Internet
#teles #marcocivildainternet #liberdade #internet #brasil
Marcelo Santana likes this.
- How to Protect Your Users from NSA Backdoors: An Open Letter to Technology Companies https://www.eff.org/deeplinks/2014/02/open-letter-to-tech-companies
Olivier Berger shared this.
Tor and silk road takedown. https://blog.torproject.org/blog/tor-and-silk-road-takedownShow all 5 replies"So far, nothing about this case makes us think that there are new ways to compromise Tor (the software or the network). The FBI says that their suspect made mistakes in operational security, and was found through actual detective work."
This is probably true, but what would the FBI have said if they had solved the case using some undisclosed way of compromising the network?Ok, this makes it pretty clear that TOR hackery was not necessary to bring down this Dread Pirate: http://motherboard.vice.com/blog/everything-the-silk-road-founder-did-to-get-caught