Elena ``of Valhalla'' valhalla@identi.ca

  • 2017-02-22T12:36:16Z via social.gl-como.it To: Public

    Untangling the duality of Free Software and Open Source
    Back in December, John Mark Walker wrote an article on the relation between Free Software and Open Source. In his view, conflating Free Software and Open Source "is to undermine beliefs that are fundamental to free software and associated movement." The comments on his article revealed a different thinking from
  • Mobile-ish devices as freedom respecting working environments

    2017-02-12T10:05:04Z via social.gl-como.it To: Public

    On planet FSFE, there is starting to be a conversation on using tablets / Android as the main working platform.

    It started with the article by Henri Bergius which nicely covers all practical points, but is quite light on the issues of freedom.

    This was rectified by the article by David Boddie which makes an apt comparison of Android to “the platform it is replacing in many areas of work and life: Microsoft Windows” and criticises its lack of effective freedom, even when the OS was supposed to be under a free license.

    I fully agree that lightweight/low powered hardware can be an excellent work environment, especially when on the go, and even for many kinds of software developement, but I'd very much rather have that hardware run an environment that I can trust like Debian (or another traditional GNU/Linux distribution) rather than the phone based ones where, among other problems, there is no clear distinction between what is local and trustable and what is remote and under somebody else's control.

    In theory, it would be perfectly possible to run Debian on most tablet and tablet-like hardware, and have such an environment; in practice this is hard for a number of reasons including the lack of mainline kernel support for most hardware and the way actually booting a different OS on it usually ranges from the quite hard to the downright impossible.

    Luckily, there is some niche hardware that uses tablet/phone SoCs but is sold with a GNU/Linux distribution and can be used as a freedom respecting work environment on-the-go: my current setup includes an OpenPandora (running Angstrom + a Debian chroot) and an Efika MX Smartbook, but they are both showing their age badly: they have little RAM (especially the Pandora), and they aren't fully supported by a mainline kernel, which means that you're stuck on an old kernel and dependent on the producer for updates (which for the Efika ended quite early; at least the Pandora is still somewhat supported, at least for bugfixes).

    Right now I'm looking forward to two devices as a replacement: the DragonBox Pyra (still under preorders) and the THERES-I laptop kit (hopefully available for sale "in a few months", and with no current mainline support for the SoC, but there is hope to see it from the sunxi community).

    As for software, the laptop/clamshell designs means that using a regular Desktop Environment (or, in my case, Window Manager) works just fine; I do hope that the availability of Pyra (with its touchscreen and 4G/"phone" chip) will help to give a bit of life back to the efforts to improve mobile software on Debian

    Hopefully, more such devices will continue to be available, and also hopefully the trend for more openness of the hardware itself will continue; sadly I don't see this getting outside of a niche market in the next few years, but I think that this niche will remain strong enough to be sustainable.

    P.S. from nitpicker-me: David Boddie mentions the ability to easily download sources for any component with apt-get source: the big difference IMHO is given by apt-get build-dep, which also install every dependency needed to actually build the code you have just downloaded.

    P.S.2: I also agree with Davide Boddie that supporting Conservancy is very important, and there are still a few hours left to have the contribution count twice.

    Christopher Allan Webber , Tyng-Ruey Chuang , der.hans , Mike Linksvayer and 1 others like this.

    Mike Linksvayer , Stephen Michael Kellat shared this.

    A small thing, but I can't help noticing that Pyra schematics are apparently under a non-free (NC) license for which they get (deservedly, I guess; why do people do this; why is NC still a thing?) 17 pages of mind destroying licensing discussions https://pyra-handheld.com/boards/threads/power-memory-and-schematics.78631/

    Mike Linksvayer at 2017-02-12T21:32:11Z

  • Bradley M. Kuhn on paragraph 2 questions

    2017-02-09T17:03:20Z via social.gl-como.it To: Public






    From the answer to the last question on https://fosdem.org/2017/schedule/event/copyleft_defense/

    # this_was_too_epic_not_to_do_this
    # what_do_you_mean_this_is_not_tumblr?
    # of_course_it's_not,_this_is_federated!
    # also_my_screncapping_skills_are_not_tumblr_grade

    And, for a person I know who complains about screencaps, this is the transcript:

    but remember the GPL was designed to defend your freedom
    and the conversation you're actually having is
    how much freedom can we take away, please tell us!
    and we say "you are not allowed to take away any freedom"
    but can we take away a little bit of freedom?
    well you have to ask a lawyer
    why should we have to ask a lawyer how much freedom we can take away?
    you should tell us how much we can oppress you
    don't fall in that trap

    uıɐɾ ʞ ʇɐɯɐs , der.hans , Jason Self , sazius and 1 others like this.

    Stephen Michael Kellat , Kevin Everets , der.hans , Jason Self shared this.

  • New match sprint for Conservancy supporters

    2017-02-08T08:33:46Z via social.gl-como.it To: Public

    Announcing a new match sprint for 150 Supporters - Software Freedom Conservancy
    Conservancy is excited to announce that an anonymous donor has agreed to match 150 new or renewing Supporters. They’ve challenged us to meet the goal quickly: the match starts now along with FOSDEM in Brussels, and runs about a week to the end of Monday, February 13 (noon on Tuesday, February 14 UTC).
    If you're not a supporter yet (or you were, but didn't renew during the previous match), you have another chance for your donation to count twice, but it won't last long.

    In case you're wondering why it is important to support Conservancy, you can look at the services they provide to Free Software projects.

    I would also recommend looking at the video for Bradley M. Kuhn's keynote at FOSDEM, but it's still not available and may not be in time for the match sprint (so I recommend to donate first, watch the video later :) ).
  • 2017-01-31T19:19:48Z via social.gl-como.it To: Public

    Supporting children in doing data science
    As children use digital media to learn and socialize, others are collecting and analyzing data about these activities. In school and at play, these children find that they are the subjects of data …
  • 2017-01-26T11:34:15Z via social.gl-como.it To: Public

    Python Milano
    Prendere pacchetti da pip e buttarli in un virtualenv è sicuramente una gran comodità, ma vuol dire eseguire sulle nostre macchine codice di provenienza non controllata, con potenziali conseguenze negative

    Al contrario, le distribuzioni GNU/Linux, ed in particolare Debian offrono un ambiente più controllato, comunque ricco di codice, contrariamente a quanto si dice in giro non sono orrendamente datate, e in generale per quello che manca è facile contribuire, a vantaggio di tutti.

    Speaker: Elena ``of Valhalla''
    Mercoledì 22 febbraio dalle 19.00 alle 20.30 sarò all'incontro di Python Milano a parlare di perché non fare deploy basati su pip+virtualenv, ma sui pacchetti Debian (stable + backports), e di come aiutare Debian pacchettizzando quello di cui si ha bisogno e che eventualmente manca alla distribuzione.

    Il posto è:

    Via Giulio e Corrado Venini, 42, Milano, MI

  • 2017-01-26T09:03:10Z via social.gl-como.it To: Public

    Collaboration with SiFive
    Today, we're excited to announce a collaboration with
    SiFive, a company founded by the creators of
    RISC-V and dedicated to open source silicon. In the rest of this
    update, we'll describe the collaboration in detail, what it means for
    the Open-V microcontroller, and what it means to you, our supporters.
    This collaboration lowered the required funding a bit, and in general looks like an overall improvement of both Open-V and the ecosystem, but they still need everybody's help for the campaign to succeed.

    (I do wonder — and hope — if they are still working on something else to reduce further the amount of money needed from the crowdfunding)
    Open-V is exciting, and I'm going to go back and check my support level. Maybe I can contribute a little more.

    Sometimes I wonder if projects with goals like Open-V (completely open source down to the silicon) have to be approached indirectly. For example, delivered inside a whole other product or project with more mass appeal.

    Charles ☕ Stanhope at 2017-01-26T14:58:54Z

    James Dearing 🐲 likes this.

  • 2017-01-24T08:36:44Z via social.gl-como.it To: Public

    OMEMO « vanitasvitae's blog

    I also read a lot of articles suggesting alternatives to WhatsApp. [...]
    Every now and then the news mention another alternative, the XMPP network.

    Nice to see that OMEMO support is spreading among XMPP clients

    Edit: removed identi.ca only mentions of people

    Scott Sweeny likes this.

    Scott Sweeny shared this.

  • New pajama

    2017-01-22T13:54:34Z via social.gl-como.it To: Public

    I may have been sewing myself a new pajama.

    It was plagued with issues; one of the sleeve is wrong side out and I only realized it when everything was almost done (luckily the pattern is symmetric and it is barely noticeable) and the swirl moved while I was sewing it on (and the sewing machine got stuck multiple times: next time I'm using interfacing, full stop.), and it's a bit deformed, but it's done.

    For the swirl, I used Inkscape to Simplify (Ctrl-L) the original Debian Swirl a few times, removed the isolated bits, adjusted some spline nodes by hand and printed on paper. I've then cut, used water soluble glue to attach it to the wrong side of a scrap of red fabric, cut the fabric, removed the paper and then pinned and sewed the fabric on the pajama top.
    As mentioned above, the next time I'm doing something like this, some interfacing will be involved somewhere, to keep me sane and the sewing machine happy.

    Blogging, because it is somewhat relevant to Free Software :) and there are even sources, under a DFSG-Free license :)

    Charles ☕ Stanhope , der.hans , Christopher Allan Webber like this.

    Meglio una felpa??

    Matteo Bechini at 2017-01-25T18:37:21Z

    >> Matteo Bechini:

    “Meglio una felpa??”

    ma a me serviva un pigiama, non una felpa...

    Elena ``of Valhalla'' at 2017-01-25T19:03:16Z

    Matteo Bechini likes this.

  • 2017-01-20T14:12:25Z via social.gl-como.it To: Public

    mjg59 | Android apps, IMEIs and privacy
    There's been a sudden wave of people concerned about the Meitu selfie app's use of unique phone IDs. Here's what we know:
  • TIL: sex wasn't actually free

    2017-01-19T08:57:13Z via social.gl-como.it To: Public

    Matteo Bechini likes this.

  • 2017-01-18T09:02:34Z via social.gl-como.it To: Public

    Private Internet Access match extended - Just one week! - Software Freedom Conservancy
    The Software Freedom Conservancy provides a non-profit home and services to Free, Libre and Open Source Software (FLOSS) projects.
    I did renew, but it seems that I forgot to post here about the match, luckily it seems I'm still just in time.
  • 2017-01-16T08:20:22Z via social.gl-como.it To: Public

    debacle@framasphere.org 2017-01-15 13:59:01:

    Please help DebianMobile!

    If you care about open hardware and free software, if you care about a trustworthy operating system in your pocket, please consider to help getting Debian run on mobile devices. Join the effort and let's see, what can be achieved. Currently, this is a hackers/developers party, there is not much for end users, yet, so please be warned and don't hold your breath. #debian #debianmobile #openhardware #freesoftware #mobile #handheld #pyra #neo900 #zerophoneMobile - Debian Wiki

    @Gruppo Linux Como

    Stephen Michael Kellat , Matteo Bechini , Charles ☕ Stanhope like this.

    Stephen Michael Kellat shared this.

  • 2017-01-13T16:55:46Z via social.gl-como.it To: Public

    snabeltann@flokk.no 2017-01-13 15:30:21:
    Learn SELinux with the SELinux colouring book


    #fun #selinux #education #art #computer #security

  • Modern XMPP Server

    2017-01-13T12:25:12Z via social.gl-como.it To: Public

    I've published a new HOWTO on my website:

    Enrico already wrote about the Why (and the What, Who and When), so I'll just quote his conclusion and move on to the How.

    I now have an XMPP setup which has all the features of the recent fancy chat systems, and on top of that it runs, client and server, on Free Software, which can be audited, it is federated and I can self-host my own server in my own VPS if I want to, with packages supported in Debian.


    I've decided to install prosody, mostly because it was recommended by the RTC QuickStart Guide; I've heard that similar results can be reached with ejabberd and other servers.

    I'm also targeting Debian stable (+ backports); as I write this is jessie; if there are significant differences I will update this article when I will upgrade my server to stretch. Right now, this means that I'm using prosody 0.9 (and that's probably also the version that will be available in stretch).

    Installation and prerequisites

    You will need to enable the backports repository and then install the packages prosody and prosody-modules.

    You also need to setup some TLS certificates (I used Let's Encrypt); and make them readable by the prosody user; you can see Chapter 12 of the RTC QuickStart Guide for more details.

    On your firewall, you'll need to open the following TCP ports:

    • 5222 (client2server)

    • 5269 (server2server)

    • 5280 (default http port for prosody)

    • 5281 (default https port for prosody)

    The latter two are needed to enable some services provided via http(s), including rich media transfers.

    With just a handful of users, I didn't bother to configure LDAP or anything else, but just created users manually via:

    prosodyctl adduser alice@example.org

    In-band registration is disabled by default (and I've left it that way, to prevent my server from being used to send spim).

    prosody configuration

    You can then start configuring prosody by editing /etc/prosody/prosody.cfg.lua and changing a few values from the distribution defaults.

    First of all, enforce the use of encryption and certificate checking both for client2server and server2server communications with:

    c2s_require_encryption = true
    s2s_secure_auth = true

    and then, sadly, add to the whitelist any server that you want to talk to and doesn't support the above:

    s2s_insecure_domains = { "gmail.com" }


    For each virtualhost you want to configure, create a file /etc/prosody/conf.avail/chat.example.org.cfg.lua with contents like the following:

    VirtualHost "chat.example.org"
    enabled = true
    ssl = {
    key = "/etc/ssl/private/example.org-key.pem";
    certificate = "/etc/ssl/public/example.org.pem";

    For the domains where you also want to enable MUCs, add the follwing lines:

    Component "conference.chat.example.org" "muc"
    restrict_room_creation = "local"

    the "local" configures prosody so that only local users are allowed to create new rooms (but then everybody can join them, if the room administrator allows it): this may help reduce unwanted usages of your server by random people.

    You can also add the following line to enable rich media transfers via http uploads (XEP-0363):

    Component "upload.chat.trueelena.org" "http_upload"

    The defaults are pretty sane, but see https://modules.prosody.im/mod_http_upload.html for details on what knobs you can configure for this module

    Don't forget to enable the virtualhost by linking the file inside /etc/prosody/conf.d/.

    additional modules

    Most of the other interesting XEPs are enabled by loading additional modules inside /etc/prosody/prosody.cfg.lua (under modules_enabled); to enable mod_something just add a line like:


    Most of these come from the prosody-modules package (and thus from https://modules.prosody.im/ ) and some may require changing when prosody 0.10 will be available; when this is the case it is mentioned below.

    • mod_carbons (XEP-0280)
      To keep conversations syncronized while using multiple devices at the same time.

      This will be included by default in prosody 0.10.

    • mod_privacy + mod_blocking (XEP-0191)
      To allow user-controlled blocking of users, including as an anti-spim measure.

      In prosody 0.10 these two modules will be replaced by mod_privacy.

    • mod_smacks (XEP-0198)
      Allow clients to resume a disconnected session before a customizable timeout and prevent message loss.

    • mod_mam (XEP-0313)
      Archive messages on the server for a limited period of time (default 1 week) and allow clients to retrieve them; this is required to syncronize message history between multiple clients.

      With prosody 0.9 only an in-memory storage backend is available, which may make this module problematic on servers with many users. prosody 0.10 will fix this by adding support for an SQL backed storage with archiving capabilities.

    • mod_throttle_presence + mod_filter_chatstates (XEP-0352)
      Filter out presence updates and chat states when the client announces (via Client State Indication) that the user isn't looking. This is useful to reduce power and bandwidth usage for "useless" traffic.

    @Gruppo Linux Como @LIFO

    Fabián Bonetti , der.hans , Laura Arjona , B. Ross Ashley and 4 others like this.

    Fabián Bonetti , Jorge , Kevin Everets , JanKusanagi shared this.

  • 2017-01-11T16:00:34Z via social.gl-como.it To: Public

    Modern and secure instant messaging
    Conversations is a really nice, actively developed, up to date XMPP client for Android that has the nice feature of telling you what XEPs are supported by the server one is using: Some days ago, me and Valhalla played the game of trying to see what happens when one turns them all on: I would send her screenshots from my Conversations, and she would...

    Diane Trout likes this.

    @valhalla@identi.ca I wish i could find the time to get support for more of those extensions into telepathy gabble

    Diane Trout at 2017-01-11T16:35:43Z

    @Diane Trout Some of those do change things for mobile clients *a lot* (and iirc telepathy is also used on some non-android mobiles, right?).

    Elena ``of Valhalla'' at 2017-01-13T12:43:07Z

  • 2017-01-10T15:34:44Z via social.gl-como.it To: Public

    polo2ro@framasphere.org 2017-01-10 12:36:10:
    Amazon n'a vraiment aucune pitié pour les pauvres consommateurs américains!

    amazon echo - How can I stop Alexa from ordering things if it hears a voice on TV? - Internet of Things Stack Exchange


    #amazon #alexa
    How can I stop Alexa from ordering things if it hears a voice on TV?
    According to The Register, lots of Amazon Echo devices were accidentally triggered by a presenter saying 'Alexa ordered me a dollhouse'.
    Telly station CW-6 said the blunder happened during a Thu...

    Stephen Michael Kellat likes this.

    Stephen Michael Kellat shared this.

  • 2017-01-07T11:40:14Z via social.gl-como.it To: Public

    debacle@framasphere.org 2017-01-07 00:07:27:

    Federated XMPP chat (and more) with Movim: A success story

    Some fundamental information about the XMPP based movim social network.

    #xmpp #jabber #movim #federation #freesoftware #socialnetwork #php
    Federated XMPP chat (and more) with Movim: A success story
    There are many reasons to be unhappy with current social media sites and chat applications. For a long time, there was no viable alternative, especially not, if you wanted usability and integration. Now there is hope, with Movim.
    The downsides of OSNs
    Online Social Networks, such as Facebook or Go

    Alberto Moshpirit likes this.

  • 2017-01-07T11:17:20Z via social.gl-como.it To: Public

    Campaign Extension
    To make a long story short, we're extending the Open-V campaign by 45
    days and hope to release some exciting news very soon to justify this
    Hopefully, they will find an agreement with the orgs they are talking with and they will manage to have a successful project even if the crowdfunding wasn't enought.

    (I did notice that the HiFive1 did raise a similar amount of money - and possibly the bit more the got came from when people were losing any hope that Open-V could make it.)

    Charles ☕ Stanhope likes this.

  • 2017-01-05T17:21:40Z via social.gl-como.it To: Public

    Writing for others
    What your users want the software to do is only one aspect of their needs when it comes to any programming you do. In addition there's the aspect of where they want it to work. Now, I'm not going to suggest that you must make your software work everywhere. But I am going to suggest that you need to consider where your users live in terms of their software environment.
    (btw, all of the yakking blog is quite a recommended read if you are interested in writing Free Software)