Elena ``of Valhalla'' valhalla@identi.ca

  • 2017-01-16T08:20:22Z via social.gl-como.it To: Public

    debacle@framasphere.org 2017-01-15 13:59:01:

    Please help DebianMobile!

    If you care about open hardware and free software, if you care about a trustworthy operating system in your pocket, please consider to help getting Debian run on mobile devices. Join the effort and let's see, what can be achieved. Currently, this is a hackers/developers party, there is not much for end users, yet, so please be warned and don't hold your breath. #debian #debianmobile #openhardware #freesoftware #mobile #handheld #pyra #neo900 #zerophoneMobile - Debian Wiki

    @Gruppo Linux Como

    Stephen Michael Kellat , Matteo Bechini , Charles ☕ Stanhope like this.

    Stephen Michael Kellat shared this.

  • 2017-01-13T16:55:46Z via social.gl-como.it To: Public

    snabeltann@flokk.no 2017-01-13 15:30:21:
    Learn SELinux with the SELinux colouring book


    #fun #selinux #education #art #computer #security

  • Modern XMPP Server

    2017-01-13T12:25:12Z via social.gl-como.it To: Public

    I've published a new HOWTO on my website:

    Enrico already wrote about the Why (and the What, Who and When), so I'll just quote his conclusion and move on to the How.

    I now have an XMPP setup which has all the features of the recent fancy chat systems, and on top of that it runs, client and server, on Free Software, which can be audited, it is federated and I can self-host my own server in my own VPS if I want to, with packages supported in Debian.


    I've decided to install prosody, mostly because it was recommended by the RTC QuickStart Guide; I've heard that similar results can be reached with ejabberd and other servers.

    I'm also targeting Debian stable (+ backports); as I write this is jessie; if there are significant differences I will update this article when I will upgrade my server to stretch. Right now, this means that I'm using prosody 0.9 (and that's probably also the version that will be available in stretch).

    Installation and prerequisites

    You will need to enable the backports repository and then install the packages prosody and prosody-modules.

    You also need to setup some TLS certificates (I used Let's Encrypt); and make them readable by the prosody user; you can see Chapter 12 of the RTC QuickStart Guide for more details.

    On your firewall, you'll need to open the following TCP ports:

    • 5222 (client2server)

    • 5269 (server2server)

    • 5280 (default http port for prosody)

    • 5281 (default https port for prosody)

    The latter two are needed to enable some services provided via http(s), including rich media transfers.

    With just a handful of users, I didn't bother to configure LDAP or anything else, but just created users manually via:

    prosodyctl adduser alice@example.org

    In-band registration is disabled by default (and I've left it that way, to prevent my server from being used to send spim).

    prosody configuration

    You can then start configuring prosody by editing /etc/prosody/prosody.cfg.lua and changing a few values from the distribution defaults.

    First of all, enforce the use of encryption and certificate checking both for client2server and server2server communications with:

    c2s_require_encryption = true
    s2s_secure_auth = true

    and then, sadly, add to the whitelist any server that you want to talk to and doesn't support the above:

    s2s_insecure_domains = { "gmail.com" }


    For each virtualhost you want to configure, create a file /etc/prosody/conf.avail/chat.example.org.cfg.lua with contents like the following:

    VirtualHost "chat.example.org"
    enabled = true
    ssl = {
    key = "/etc/ssl/private/example.org-key.pem";
    certificate = "/etc/ssl/public/example.org.pem";

    For the domains where you also want to enable MUCs, add the follwing lines:

    Component "conference.chat.example.org" "muc"
    restrict_room_creation = "local"

    the "local" configures prosody so that only local users are allowed to create new rooms (but then everybody can join them, if the room administrator allows it): this may help reduce unwanted usages of your server by random people.

    You can also add the following line to enable rich media transfers via http uploads (XEP-0363):

    Component "upload.chat.trueelena.org" "http_upload"

    The defaults are pretty sane, but see https://modules.prosody.im/mod_http_upload.html for details on what knobs you can configure for this module

    Don't forget to enable the virtualhost by linking the file inside /etc/prosody/conf.d/.

    additional modules

    Most of the other interesting XEPs are enabled by loading additional modules inside /etc/prosody/prosody.cfg.lua (under modules_enabled); to enable mod_something just add a line like:


    Most of these come from the prosody-modules package (and thus from https://modules.prosody.im/ ) and some may require changing when prosody 0.10 will be available; when this is the case it is mentioned below.

    • mod_carbons (XEP-0280)
      To keep conversations syncronized while using multiple devices at the same time.

      This will be included by default in prosody 0.10.

    • mod_privacy + mod_blocking (XEP-0191)
      To allow user-controlled blocking of users, including as an anti-spim measure.

      In prosody 0.10 these two modules will be replaced by mod_privacy.

    • mod_smacks (XEP-0198)
      Allow clients to resume a disconnected session before a customizable timeout and prevent message loss.

    • mod_mam (XEP-0313)
      Archive messages on the server for a limited period of time (default 1 week) and allow clients to retrieve them; this is required to syncronize message history between multiple clients.

      With prosody 0.9 only an in-memory storage backend is available, which may make this module problematic on servers with many users. prosody 0.10 will fix this by adding support for an SQL backed storage with archiving capabilities.

    • mod_throttle_presence + mod_filter_chatstates (XEP-0352)
      Filter out presence updates and chat states when the client announces (via Client State Indication) that the user isn't looking. This is useful to reduce power and bandwidth usage for "useless" traffic.

    @Gruppo Linux Como @LIFO

    der.hans , Laura Arjona , B. Ross Ashley , JanKusanagi and 3 others like this.

    Jorge , Kevin Everets , JanKusanagi shared this.

  • 2017-01-11T16:00:34Z via social.gl-como.it To: Public

    Modern and secure instant messaging
    Conversations is a really nice, actively developed, up to date XMPP client for Android that has the nice feature of telling you what XEPs are supported by the server one is using: Some days ago, me and Valhalla played the game of trying to see what happens when one turns them all on: I would send her screenshots from my Conversations, and she would...

    Diane Trout likes this.

    @valhalla@identi.ca I wish i could find the time to get support for more of those extensions into telepathy gabble

    Diane Trout at 2017-01-11T16:35:43Z

    @Diane Trout Some of those do change things for mobile clients *a lot* (and iirc telepathy is also used on some non-android mobiles, right?).

    Elena ``of Valhalla'' at 2017-01-13T12:43:07Z

  • 2017-01-10T15:34:44Z via social.gl-como.it To: Public

    polo2ro@framasphere.org 2017-01-10 12:36:10:
    Amazon n'a vraiment aucune pitié pour les pauvres consommateurs américains!

    amazon echo - How can I stop Alexa from ordering things if it hears a voice on TV? - Internet of Things Stack Exchange


    #amazon #alexa
    How can I stop Alexa from ordering things if it hears a voice on TV?
    According to The Register, lots of Amazon Echo devices were accidentally triggered by a presenter saying 'Alexa ordered me a dollhouse'.
    Telly station CW-6 said the blunder happened during a Thu...

    Stephen Michael Kellat likes this.

    Stephen Michael Kellat shared this.

  • 2017-01-07T11:40:14Z via social.gl-como.it To: Public

    debacle@framasphere.org 2017-01-07 00:07:27:

    Federated XMPP chat (and more) with Movim: A success story

    Some fundamental information about the XMPP based movim social network.

    #xmpp #jabber #movim #federation #freesoftware #socialnetwork #php
    Federated XMPP chat (and more) with Movim: A success story
    There are many reasons to be unhappy with current social media sites and chat applications. For a long time, there was no viable alternative, especially not, if you wanted usability and integration. Now there is hope, with Movim.
    The downsides of OSNs
    Online Social Networks, such as Facebook or Go

    Alberto Moshpirit likes this.

  • 2017-01-07T11:17:20Z via social.gl-como.it To: Public

    Campaign Extension
    To make a long story short, we're extending the Open-V campaign by 45
    days and hope to release some exciting news very soon to justify this
    Hopefully, they will find an agreement with the orgs they are talking with and they will manage to have a successful project even if the crowdfunding wasn't enought.

    (I did notice that the HiFive1 did raise a similar amount of money - and possibly the bit more the got came from when people were losing any hope that Open-V could make it.)

    Charles ☕ Stanhope likes this.

  • 2017-01-05T17:21:40Z via social.gl-como.it To: Public

    Writing for others
    What your users want the software to do is only one aspect of their needs when it comes to any programming you do. In addition there's the aspect of where they want it to work. Now, I'm not going to suggest that you must make your software work everywhere. But I am going to suggest that you need to consider where your users live in terms of their software environment.
    (btw, all of the yakking blog is quite a recommended read if you are interested in writing Free Software)
  • 2017-01-04T08:12:20Z via social.gl-como.it To: Public

    debacle@framasphere.org 2017-01-01 18:37:12:

    Happy Public Domain Day!

    Seventy years after their respective deaths, the works of - Alfred Stieglitz, US-American photographer, see here- Alfred Rosenberg, Baltic German philosopher, ideologue of the Nazi Party - Gerhart Hauptmann, German dramatist and novelist, Nobel Prize winner in Literature in 1912 - Gertrude Stein, US-American novelist, poet, playwright, wrote one of the first "coming out stories" - H. G. Wells, Engish "father of science fiction" (The Time Machine, The War of the Worlds) - John Maynard Keynes, British economist, co-inventor of the Bretton Woods system - László Moholy-Nagy, Hungarian painter and photographer - Manuel de Falla, Spanish composer - Patty Hill, co-composer "Happy Birthday to You", which led to a lot of copyright issues- Paul Lincke, German composer and theater conductor, "father" of the Berlin operetta and composer of the (unofficial) Berlin anthem https://www.youtube.com/watch?v=tnLxfoDJtTs

    and many more finally became public domain today.

    Public Domain Day also reminds us of the over-extended copyright periods that harm culture in favour of benefit for few. Copyright should, similar to patents, term 20 years after publication instead of 70 years (rounded, so this can go up to almost 71 years) after creators death.

    #publicdomainday #freeculture #cc0
    Alfred Stieglitz

    Charles ☕ Stanhope likes this.

    Sarah Elkins shared this.

  • 2016-12-24T17:09:43Z via social.gl-como.it To: Public

    OK, I thought about it and there are two things that make me really uncomfortable with this post (and, no, pineapple is not one of them). The first is the very idea of policing pizza toppings.
    /me fully agrees on what MadameZou is saying on the topic.

    (except for her ideas on pizza kebab (not my favourite, but it isn't so bad) and pineapple on pizza (YKINMKBYKIO, as long as you don't get near me with that thing). I do agree however that the pizza speck and mascarpone from her town is delicious. And I am partial to mele and gorgonzola, which is quite widespread in the north and considered blasphemous in the south.)

    On an hopefully more useful note, bad pizza is widespread in Italy, even in the traditional pizza areas, especially (but not only) in the more touristic restaurants where they think they can get away with it because their customers aren't coming back anyway. If you can ask some local for recommendations you have higher hopes to get a good one, but it has to be a pizza-lover local and remember that different parts of Italy have quite different ideas on how pizza should be (It can vary between very thin (~1mm) and crunchy to 4-5 cm high and quite soft), and the results will vary because of that.
  • 2016-12-17T20:55:22Z via social.gl-como.it To: Public

    Mailpile: Too Cool for PGP
    Some kids are just too cool for school.

    And some security experts are too cool for OpenPGP.

    It's almost become a rite of passage for security folks: work in the trenches, build a reputation, climb the ivory tower, write a detailed epiphany about why you've given up on PGP. Suggest we all buy an iPhone and use Signal, start giving people phone numbers instead of e-mail addresses......

    Matthew , uıɐɾ ʞ ʇɐɯɐs , Timo Kankare , Freemor and 7 others like this.

    Freemor , Claes Wallin (韋嘉誠) , Benjamin Cook , Benjamin Cook and 6 others shared this.

    Brilliant post =)

    JanKusanagi at 2016-12-17T21:21:57Z

  • 2016-12-12T12:49:14Z via social.gl-como.it To: Public

    Five Things You Notice When You Quit the News
    I grew up believing that following the news makes you a better citizen. Eight years after having quit, that idea now seems ridiculous—that consuming a particu

    Freemor , jrobertson like this.

    Freemor shared this.

  • xmpp web client

    2016-12-07T08:46:31Z via social.gl-como.it To: Public

    Dear lazyweb,

    I'm setting up an xmpp server for myself and my family, and that's the easy part.

    Now my problem is that some of my relatives can't install a real client everywhere, because reasons, and would need a web interface to be able to connect at least some of the time, and this is where I'm having problems.

    Does anybody know of such a client that is still under development (even in mostly maintenance mode, but not completely abandoned), and has a decent chance to work?

    Of course it has to be free software, and installing it on my own server shouldn't be a nightmare (lots of bonus points if it is already in Debian, a bonus point or two if at least it is reasonably easy to package).

    @valhalla@identi.ca I think I saw that freedom box decided to use jsxc. I haven't tried it yet, but it's features list looks good and it's still b getting updates in Debian https://tracker.debian.org/pkg/libjs-jsxc

    Diane Trout at 2016-12-07T16:18:32Z

    I've never tried it but this one looks nice: http://getkaiwa.com/

    sazius at 2016-12-07T19:12:45Z

    I've also received some answers on friendica ( http://social.gl-como.it/display/3e3ce0df205847cc6135c1b142694988 ) and I think I'll start by looking at jsxc.

    Thanks everybody

    Elena ``of Valhalla'' at 2016-12-08T10:07:14Z

  • 2016-12-02T20:20:47Z via social.gl-como.it To: Public

    Mining for Education
    How would you feel if all the food in your child’s school canteen were provided by one manufacturer of packaged snacks and soft drinks? How would you feel if your child’s diet were limited to crisps, cheese-flavoured tortilla chips, and sugary, carbonated beverages, with no chance of a healthier alternative?
    I *cough* may have played minetest *sometime*, but I didn't know that there were also some education-oriented mods.

    Jorge likes this.

  • 2016-11-30T08:43:41Z via social.gl-como.it To: Public

    snabeltann@flokk.no 2016-11-30 08:37:37:
    My fight against CDN libraries

    A very nice writeup and awesome work by David Revoy of the Pepper & Carrot webcomic:

    A CDN ( acronym for Content Delivery Network ) library is often a single line of code proposed "generously" by an external service to let you link and embed a complex features, the easy way. A common example is Google Web Fonts:

    <link href="https://fonts.googleapis.com/css?family=Lobster" rel="stylesheet">

    Paste this line in the header of your website and 'tadaaa!', you can use the font 'Lobster' to decorate all your texts. Easy, quick, efficient and fast to load. Merci Google. So, what's the problem?

    Well a big one: Privacy of the readers of Pepper&Carrot. In our example, users of Google Web Fonts are bound by Google's privacy policy. It allows Google to collect a large amount of data about readers: log data (e.g. browser version), location data (the IP address of your site's visitors) and more because they can track your path or history threw all the website using their other networks of CDN.

    ... And I didn't had a CDN only for Google Web Font. I had also a CDN for Addthis (easy social-networks buttons), Gravatar (easy avatars), Font-awesome (easy icons), etc... As many, many website around!

    Read the full post at his blog!

    #privacy #web #openculture #comics
    My fight against CDN libraries
    Official homepage of Pepper&Carrot, a free/libre and open-source webcomic about Pepper, a young witch and her cat, Carrot. They live in a fantasy universe of potions, magic, and creatures.

    Omar Vega Ramos , Matteo Bechini , Kesara , catonano and 8 others like this.

    Omar Vega Ramos , Christopher Allan Webber , Sarah Elkins shared this.

  • 2016-11-29T05:56:40Z via social.gl-como.it To: Public

    ch3@diaspora.punkbeer.me 2016-11-29 00:09:07:

    #HaraldWelte about 10 years of #Openmoko:


    #Neo1973 #GTA04 #GTA01 #GTA02 #FOSS #fs #freesw #freesoftware #smartphone #openphoenux #tinkerphone #linux #gsm #android #fairphone #FSO

    Claes Wallin (韋嘉誠) , Charles ☕ Stanhope , Christopher Allan Webber like this.

    Claes Wallin (韋嘉誠) , Christopher Allan Webber shared this.

  • No more debugging (for today)

    2016-11-28T20:54:05Z via social.gl-como.it To: Public

    This afternoon my SO asked me to help him use kicad, because he was having issues understanding how it was working.

    I was a bit surprised but said "ok, sure", and found out that it has been having serious rendering issues and spent the rest of the afternoon and the evening trying to reproduce it around.

    In the meanwhile, he was trying to understand issues with a firewall that wasn't working properly.

    Then we were getting ready to go to sleep, turned the alarm clock on and... it didn't. Then the led blinked a few times. So I grabbed the multimeter and checked the power supply (it gives 4.something V instead of the 7 it is supposed to).

    Then my SO and me looked each other, laughed, and we said "no. we're NOT debugging our alarm clock this evening".

    This looks like an excellent time for a dead tree book (no, I'm not going to trust the ebook reader not to break, not this evening) and then a good night of sleep.

    Charles ☕ Stanhope likes this.

  • 2016-11-26T11:41:58Z via social.gl-como.it To: Public

    The World's First Open Source RISC-V-based 32-bit μC
    On a first glance it doesn't look that impressive, as yet another micro with an expensive devboard, but it's a huge step forward for the availability of RISC-V and Open Hardware down to the chip level.

    Claes Wallin (韋嘉誠) , Charles ☕ Stanhope , Benjamin Cook , jrobertson like this.

    Claes Wallin (韋嘉誠) shared this.

  • 2016-11-26T09:27:35Z via social.gl-como.it To: Public

    Petter Reinholdtsen: Quicker Debian installations using eatmydata
    Two years ago, I did some experiments with eatmydata and the Debian installation system, observing how using eatmydata could speed up the installation quite a bit. My testing measured speedup around 20-40 percent for Debian Edu, where we install around 1000 packages from within the installer. The eatmydata package provide a way to disable/delay fil...