Re: [Server-devel] antitheft:: avoiding the need - cont.
On Sun, Aug 26, 2012 at 12:32 PM, wrote: > I plan to attend the OLPC conference in San Francisco in October. I will > be available there to anyone who wishes to discuss our Laptops to Lesotho > model in more detail. > > You can see the Rules & Regulations, Contracts, and Fine Schedules written > in December 2010 for Nohana Primary School on our blog at: > http://olpc2010-lesotho.blogspot.com/p/2011-rules-regulations-contracts-fee.html > > Janissa Balcomb > Laptops to Lesotho Inc. > www.laptopstolesotho.org > > > ___ > Server-devel mailing list > Server-devel@lists.laptop.org > http://lists.laptop.org/listinfo/server-devel > > Excellent! Can you submit a proposal, if you haven't already, to discuss such issues? http://olpcsf.org/summit cheers, Sameer -- Sameer Verma, Ph.D. Professor, Information Systems San Francisco State University http://verma.sfsu.edu/ http://commons.sfsu.edu/ http://olpcsf.org/ http://olpcjamaica.org.jm/ ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] antitheft:: avoiding the need - cont. 2
p.s. One anti-theft thing that I forgot to mention in my previous list serve response was that we label and ENGRAVE all the laptops with big bold numbers and codes in various locations on the laptops so anyone can tell exactly who they belong to. Its pretty obvious they are from a school or organization, not individually owned. Through public outreach, contact with the local police, and local word-of-mouth, most everyone in the region knows about our project. So anyone seen with one of these laptops who isnt a student or teacher at one of our schools would be reported to the authorities. Even communities with schools that dont have computers want to cooperate and "stay on our good side" because they know we are gradually expanding to other schools in the area. We find that if we give them incentive to cooperate and keep them invested, theyll bend over backwards to help. Janissa Balcomb Laptops to Lesotho Inc. www.laptopstolesotho.org ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] antitheft
In Peru, after around 2 years of regular contacts with the people in charge of the deployment of the laptops in the government, the constitution of an hack-tivism group and a document approved by OLPC (US), they have allowed on person to have access to the secret key allowing for the signature of a build. The person they've allowed access to is Sebastian Silva (icarito on IRC) and he's working on a localized build right now (which is only available for XO's 1.5 at this point while a huge majority of laptops in Peru are XO's 1.0). In this regard (and this is the antitheft method I was talking about, not the teachers-students-parents compromise from Lesotho), it has been a huge brake for the improvements of the local implementation. That's what I meant. Tony, I'm not sure who's got the build-signing key in your case, but I would recommend you try finding out, as this might unlock your situation. As we were discussing here, it is very unlikely that anyone with bad intentions would take the time to try to produce a new build in order to hack laptops that can only be updated in physical presence, yet this seems to be why the anti-build-update mechanism was created in the first place. I hope this can be improved in the future. Yannick Le dimanche 26 août 2012 à 20:14 +0200, Tony Anderson a écrit : > Hi, > > The Saint Jabob school in Kigali where I am providing deployment support > is not currently allowing the students to take laptops home > because the antitheft capability is not implemented. > > The laptops were donated by WCE in Stuttgart. The laptops are locked. > The software version installed (852) does not allow the screen to be > rotated (a real problem for pdf reading). Recently, OLPC Germany has > helped provide the school with some additional laptops, also locked, but > with a 860 build. > > So essentially, there are two problems. One, being able to install a > custom XO and second, to enable the XS-0.7 server to provide > activation-leases. > > The os-build documentation (http://wiki.laptop.org/go/OS_Builder) > suggests that it is possible for a deployment to 'sign' a custom build. > If I knew how to do this, it would be possible to install an identical > build on all of the schools laptops. > > The description of the 'antitheft howto' > (http://wiki.laptop.org/go/Antitheft_HowTo) > implies that this can be done by a deployment based > on the serial-number and uuid. > > Somehow I need to get this resolved by Jan. 7 when the new school year > begins so that the students can take the laptops home. > > Naturally, all of this must be done without internet access. > > Tony > > > > > On 08/26/2012 06:00 PM, server-devel-requ...@lists.laptop.org wrote: > > Send Server-devel mailing list submissions to > > server-devel@lists.laptop.org > > > > To subscribe or unsubscribe via the World Wide Web, visit > > http://lists.laptop.org/listinfo/server-devel > > or, via email, send a message with subject or body 'help' to > > server-devel-requ...@lists.laptop.org > > > > You can reach the person managing the list at > > server-devel-ow...@lists.laptop.org > > > > When replying, please edit your Subject line so it is more specific > > than "Re: Contents of Server-devel digest..." > > > > > > Today's Topics: > > > > 1. antitheft (Sameer Verma) > > 2. Re: antitheft (Yannick Warnier) > > > > > > -- > > > > Message: 1 > > Date: Sat, 25 Aug 2012 12:41:43 -0500 > > From: Sameer Verma > > To: XS Devel,"Devel's in the > > Details" > > Subject: [Server-devel] antitheft > > Message-ID: > > > > Content-Type: text/plain; charset=ISO-8859-1 > > > > Hello! > > > > I'm looking to get a sense of how widely antitheft is being used and > > to what level of success. There was a post recently where Bruce Baikie > > came across 500 XO-1s in Ethiopia, that were locked, but the server > > was dead/gone/missing/ so these were unusable. On the other hand, when > > XOs are not set up for antitheft, there is attrition (we have some in > > one of our Jamaica projects, although its fairly low). > > > > 1) Does antitheft work as advertised? > > 2) What are comfortable parameters for it to work? How many hours > > should the lease be? > > > > Not looking for very specific answers...more like a conversation around it. > > > > cheers, > > Sameer > > ___ > Server-devel mailing list > Server-devel@lists.laptop.org > http://lists.laptop.org/listinfo/server-devel ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] antitheft
Hi, The Saint Jabob school in Kigali where I am providing deployment support is not currently allowing the students to take laptops home because the antitheft capability is not implemented. The laptops were donated by WCE in Stuttgart. The laptops are locked. The software version installed (852) does not allow the screen to be rotated (a real problem for pdf reading). Recently, OLPC Germany has helped provide the school with some additional laptops, also locked, but with a 860 build. So essentially, there are two problems. One, being able to install a custom XO and second, to enable the XS-0.7 server to provide activation-leases. The os-build documentation (http://wiki.laptop.org/go/OS_Builder) suggests that it is possible for a deployment to 'sign' a custom build. If I knew how to do this, it would be possible to install an identical build on all of the schools laptops. The description of the 'antitheft howto' (http://wiki.laptop.org/go/Antitheft_HowTo) implies that this can be done by a deployment based on the serial-number and uuid. Somehow I need to get this resolved by Jan. 7 when the new school year begins so that the students can take the laptops home. Naturally, all of this must be done without internet access. Tony On 08/26/2012 06:00 PM, server-devel-requ...@lists.laptop.org wrote: Send Server-devel mailing list submissions to server-devel@lists.laptop.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.laptop.org/listinfo/server-devel or, via email, send a message with subject or body 'help' to server-devel-requ...@lists.laptop.org You can reach the person managing the list at server-devel-ow...@lists.laptop.org When replying, please edit your Subject line so it is more specific than "Re: Contents of Server-devel digest..." Today's Topics: 1. antitheft (Sameer Verma) 2. Re: antitheft (Yannick Warnier) -- Message: 1 Date: Sat, 25 Aug 2012 12:41:43 -0500 From: Sameer Verma To: XS Devel, "Devel's in the Details" Subject: [Server-devel] antitheft Message-ID: Content-Type: text/plain; charset=ISO-8859-1 Hello! I'm looking to get a sense of how widely antitheft is being used and to what level of success. There was a post recently where Bruce Baikie came across 500 XO-1s in Ethiopia, that were locked, but the server was dead/gone/missing/ so these were unusable. On the other hand, when XOs are not set up for antitheft, there is attrition (we have some in one of our Jamaica projects, although its fairly low). 1) Does antitheft work as advertised? 2) What are comfortable parameters for it to work? How many hours should the lease be? Not looking for very specific answers...more like a conversation around it. cheers, Sameer ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] antitheft:: avoiding the need - cont.
I plan to attend the OLPC conference in San Francisco in October. I will be available there to anyone who wishes to discuss our Laptops to Lesotho model in more detail. You can see the Rules & Regulations, Contracts, and Fine Schedules written in December 2010 for Nohana Primary School on our blog at: http://olpc2010-lesotho.blogspot.com/p/2011-rules-regulations-contracts-fee.html Janissa Balcomb Laptops to Lesotho Inc. www.laptopstolesotho.org ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] antitheft:: avoiding the need
We got around the need for antitheft measures with a community-based approach. This may not work in all communities, but it has worked very well for us. BEFORE distributing any computers for student use, we held meetings with all participants, including teachers, students, parents, and the community. After getting their input, we guided the teachers and school administrators in developing a written set of rules and regulations for the project, with four sets of contracts that the students, parents, teachers, and school administration had to sign in order to participate in the project. We did this by posing a series of "what if" scenarios, and then requiring the local educators to come up with answers that best suited their school and community's culture, needs, and economic situation. Included in the contracts that resulted from this were "fine schedules" and clearly defined consequences for any damage, loss, or theft of a laptop. Because we work in very poor communities, "work in lieu of fines" for parents was included, with a very detailed schedule of hours and type of work required. One critical stipulation that we required to be included in the governing documents was that, if a laptop goes missing (lost or stolen), the project comes to a complete halt until there is a satisfactory resolution. What constitutes a satisfactory resolution is clearly defined in the documents. Since deployment, within the school and immediate community, laptops can be left unattended in classrooms and the school yard without worry. This is because they aren't ever really "unattended." The entire community is hyper-vigilant about keeping an eye on them. When students or teachers who live in other communities take laptops home, they are hyper-vigilant about taking care of the laptops and protecting them, to the point that one teacher who lives in an unsafe area will not even take his flash drive home with him, let alone a laptop. Their protectiveness is so strong that one school paid to put burglar bars on the classrooms and storage room, and another school hired a security guard for off-hours. The result has been that 2½ years after deployment, we have not had a single laptop damaged, lost, or stolen. This is especially impressive considering that I was told repeatedly before we started about cases of computer theft and vandalism at other computer projects in the country. We were told this would be a major impediment, but we proved them wrong. Our approach was a long, grueling process, but by bringing the participants into the process, allowing them to customize the governing documents to meet their needs, and giving them complete control over the outcome, we have not had to deal with any theft or vandalism. That's not to say it can't happen someday, or that it will be as effective in all countries and communities, but I think it is essential to long-term success to incorporate community involvement in the design, implementation, and operation of any computer project. The time invested in laying the groundwork pays huge dividends in the long run. Janissa Balcomb Laptops to Lesotho Inc. www.laptopstolesotho.org ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] antitheft
Le samedi 25 août 2012 à 12:41 -0500, Sameer Verma a écrit : > Hello! > > I'm looking to get a sense of how widely antitheft is being used and > to what level of success. There was a post recently where Bruce Baikie > came across 500 XO-1s in Ethiopia, that were locked, but the server > was dead/gone/missing/ so these were unusable. On the other hand, when > XOs are not set up for antitheft, there is attrition (we have some in > one of our Jamaica projects, although its fairly low). > > 1) Does antitheft work as advertised? > 2) What are comfortable parameters for it to work? How many hours > should the lease be? Hi Sameer, Not sure if Sebastian Silva is on this list, but from a conversation with him not so long ago, it appeared as if the antitheft mechanism was the main reason why Peru was now in a blocked situation where most XO's have completely outdated software: it makes it too difficult to update for local communities, and in practice there has be no account of any theft reported to the server since the beginning of the national distribution (of now around 850,000 laptops). As far as I understood, it has served no purpose whatsoever at the national level. It doesn't mean in any way that it is bad, but at least locally, the project would have been better without it. Hope it helps, Yannick ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Antitheft system failure
On Jul 10, 2012, at 11:43 AM, Elias Jacobo Castillo wrote: > Hi Reuben, This are the answers .. > > Questions: > > -Which OS are you using? This is for XO 1.5, correct? > > R. Yes, we are using.. > > -Have you been able to get an unactivated XO to connect to the XS and accept > a lease from the initial XO Activation screen? > > R. No we can’t get this XOs activated through the XS Server. Do you see the leases on the XS in /library/xs-activation/leases? > > -Do you see any output in /var/log/messages when the XO is attempting to > connect to the wireless? > > R. Yes, almost all the XOs get the connection, the car/log/messages shows the > XOs trying to connect and get connected.. Can you send the log? Also, have you reviewed the links? Do you have questions? Regards, Reuben > > > De: Reuben K. Caron [mailto:reu...@laptop.org] > Enviado el: lunes, 09 de julio de 2012 01:31 p.m. > Para: Edward Lopez > CC: server-devel; Elias Jacobo Castillo > Asunto: Re: [Server-devel] Antitheft system failure > > Edward, Elias, > > Let's look at this in phases: > > -1: The XO has no lease and needs a lease to run. So using either method (a. > Standard Leases) or (b. Delegated Leases) you preload the XS with leases. > -2: You turn the XO and it the SD card, USB, and Open Wifi for a lease. > -3. It finds an open AP connected to the XS which contains a valid lease and > is transferred to the XO over the wireless. > -4. Now the XO can run until the lease runs out. During this time two things > can happen. The lease can be auto-updated through method (b) or the lease can > expire and the XO will have to request a new lease from the server again in > the same fashion as #3. > -5. Now if you follow method (b) you will be able to mark the laptop stolen. > The problem you are seeing is that you have not implemented method (b); > therefore the XO does not "trust" the stolen message that it received from > the server. > > Method (a): > > http://wiki.laptop.org/go/XS-activation#Loading_activation_data > > Method (b): > > http://wiki.laptop.org/go/XS-activation#Delegated_leases > http://wiki.laptop.org/go/Antitheft_HowTo > -You already have master keys generated > -All of the tools needed are preinstalled on an XS. > > Questions: > > -Which OS are you using? This is for XO 1.5, correct? > -Have you been able to get an unactivated XO to connect to the XS and accept > a lease from the initial XO Activation screen? > -Do you see any output in /var/log/messages when the XO is attempting to > connect to the wireless? > > Regards, > > Reuben > > > On Jul 9, 2012, at 3:04 PM, Edward Lopez wrote: > > > We have a small deployment of servers (ver 0.7), that we are planning to do > soon, but we have problems with the antitheft system: in a small test lab > have 18 XOs just 6 appears included at the antitheft list in the Moodle and > even with the registered XOs we tested the “stolen” option and noting > happens. We had tested with a default server with an open AP connected at > eth1 and still the same > > Your help will be appreciated > > Edward López > Educatrachachos > > NOTIFICACION DE CONFIDENCIALIDAD > La información aquí transmitida sólo es enviada para la persona o entidad a > que se dirige y puede contener material confidencial y/o privilegiado. Está > prohibida cualquier revisión, retransmisión, diseminación u otro uso, o la > toma de cualquier acción con base en esta información por personas o > entidades que no sea el destinatario a quien va dirigida. Si usted recibió > este mensaje por error, por favor avise al remitente y anule el material > adjunto de cualquier computadora. Cualquier opinión expresada en este mensaje > proviene del remitente, excepto cuando el mensaje establezca lo contrario y > el remitente este autorizado para establecer que dichas opiniones provienen > de SEFIN. > > Disclaimer: > The information transmitted is intended only for the person or entity to > which it is addressed and may contain confidential and/or privileged > material. Any review, retransmission, dissemination or other use of, or > partaking of any action in reliance upon, this information by persons or > entities other than the intended recipient is prohibited. If you received > this in error, please contact the sender and delete the material from any > computer. > ___ > Server-devel mailing list > Server-devel@lists.laptop.org > http://lists.laptop.org/listinfo/server-devel > > > NOTIFICACION DE CONFIDENCIALIDAD > La información aquí transmitida sólo es en
Re: [Server-devel] Antitheft system failure
Edward, Elias, Let's look at this in phases: -1: The XO has no lease and needs a lease to run. So using either method (a. Standard Leases) or (b. Delegated Leases) you preload the XS with leases. -2: You turn the XO and it the SD card, USB, and Open Wifi for a lease. -3. It finds an open AP connected to the XS which contains a valid lease and is transferred to the XO over the wireless. -4. Now the XO can run until the lease runs out. During this time two things can happen. The lease can be auto-updated through method (b) or the lease can expire and the XO will have to request a new lease from the server again in the same fashion as #3. -5. Now if you follow method (b) you will be able to mark the laptop stolen. The problem you are seeing is that you have not implemented method (b); therefore the XO does not "trust" the stolen message that it received from the server. Method (a): http://wiki.laptop.org/go/XS-activation#Loading_activation_data Method (b): http://wiki.laptop.org/go/XS-activation#Delegated_leases http://wiki.laptop.org/go/Antitheft_HowTo -You already have master keys generated -All of the tools needed are preinstalled on an XS. Questions: -Which OS are you using? This is for XO 1.5, correct? -Have you been able to get an unactivated XO to connect to the XS and accept a lease from the initial XO Activation screen? -Do you see any output in /var/log/messages when the XO is attempting to connect to the wireless? Regards, Reuben On Jul 9, 2012, at 3:04 PM, Edward Lopez wrote: > We have a small deployment of servers (ver 0.7), that we are planning to do > soon, but we have problems with the antitheft system: in a small test lab > have 18 XOs just 6 appears included at the antitheft list in the Moodle and > even with the registered XOs we tested the “stolen” option and noting > happens. We had tested with a default server with an open AP connected at > eth1 and still the same > > Your help will be appreciated > > Edward López > Educatrachachos > > NOTIFICACION DE CONFIDENCIALIDAD > La información aquí transmitida sólo es enviada para la persona o entidad a > que se dirige y puede contener material confidencial y/o privilegiado. Está > prohibida cualquier revisión, retransmisión, diseminación u otro uso, o la > toma de cualquier acción con base en esta información por personas o > entidades que no sea el destinatario a quien va dirigida. Si usted recibió > este mensaje por error, por favor avise al remitente y anule el material > adjunto de cualquier computadora. Cualquier opinión expresada en este mensaje > proviene del remitente, excepto cuando el mensaje establezca lo contrario y > el remitente este autorizado para establecer que dichas opiniones provienen > de SEFIN. > > Disclaimer: > The information transmitted is intended only for the person or entity to > which it is addressed and may contain confidential and/or privileged > material. Any review, retransmission, dissemination or other use of, or > partaking of any action in reliance upon, this information by persons or > entities other than the intended recipient is prohibited. If you received > this in error, please contact the sender and delete the material from any > computer. > ___ > Server-devel mailing list > Server-devel@lists.laptop.org > http://lists.laptop.org/listinfo/server-devel ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] Antitheft system failure
We have a small deployment of servers (ver 0.7), that we are planning to do soon, but we have problems with the antitheft system: in a small test lab have 18 XOs just 6 appears included at the antitheft list in the Moodle and even with the registered XOs we tested the "stolen" option and noting happens. We had tested with a default server with an open AP connected at eth1 and still the same Your help will be appreciated Edward López Educatrachachos NOTIFICACION DE CONFIDENCIALIDAD La información aquí transmitida sólo es enviada para la persona o entidad a que se dirige y puede contener material confidencial y/o privilegiado. Está prohibida cualquier revisión, retransmisión, diseminación u otro uso, o la toma de cualquier acción con base en esta información por personas o entidades que no sea el destinatario a quien va dirigida. Si usted recibió este mensaje por error, por favor avise al remitente y anule el material adjunto de cualquier computadora. Cualquier opinión expresada en este mensaje proviene del remitente, excepto cuando el mensaje establezca lo contrario y el remitente este autorizado para establecer que dichas opiniones provienen de SEFIN. Disclaimer: The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or partaking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer. ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Antitheft: sending a fake stolen...
On Mon, Aug 24, 2009 at 6:05 PM, Martin Langhoff wrote: > On Mon, Aug 24, 2009 at 11:45 PM, C. Scott Ananian wrote: >> so you should probably return a >> lease which is valid except for the fact that the signed string has an >> randomly-chosen UUID > > Exactly my thoughts -- as you can see in the bug. Implementing that > goes beyond merely coding it -- it would mean checking that the > various (released) versions of the client code do the right thing with > these "mixed messages". > > And that is what I am postponing right now (with this bug as TODO + > documentation). I updated http://wiki.laptop.org/go/Theft_deterrence_protocol#Theft-deterrent_server_response with more detail on 'real looking' leases. --scott -- ( http://cscott.net/ ) ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Antitheft: sending a fake stolen...
On Mon, Aug 24, 2009 at 11:45 PM, C. Scott Ananian wrote: > so you should probably return a > lease which is valid except for the fact that the signed string has an > randomly-chosen UUID Exactly my thoughts -- as you can see in the bug. Implementing that goes beyond merely coding it -- it would mean checking that the various (released) versions of the client code do the right thing with these "mixed messages". And that is what I am postponing right now (with this bug as TODO + documentation). cheers, m -- martin.langh...@gmail.com mar...@laptop.org -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Antitheft: sending a fake stolen...
On Mon, Aug 24, 2009 at 6:37 AM, Martin Langhoff wrote: > A while ago, Daniel fixed a bug in my changes to olpc-update, and that > left me with a to-do item on the xs-activation side. > > Reviewed the situation on the OAT proto concept of always sending a > stolen token, with the idea that xs-activation should do what the > protocol proposes: always send a 'stolen' element, to prevent a > relatively simple proxy from blocking stolen msgs. > > The situation is a tad more complex, as a proxy could block any > message not containing a lease. > > For the time being I've filed my notes in > http://dev.laptop.org/ticket/9444 -- so this is a 'for later'. As I wrote in http://wiki.laptop.org/go/Theft_deterrence_protocol: "Care should be taken to ensure that these cases can not be easily distinguished by the presence or contents of other fields in the message." A proxy can't tell a valid leave from an invalid lease without knowing the UUID for every serial number, so you should probably return a lease which is valid except for the fact that the signed string has an randomly-chosen UUID (it can't be a fixed "bad" UUID, because that can be easily tested.) --scott -- ( http://cscott.net/ ) ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] Antitheft: sending a fake stolen...
A while ago, Daniel fixed a bug in my changes to olpc-update, and that left me with a to-do item on the xs-activation side. Reviewed the situation on the OAT proto concept of always sending a stolen token, with the idea that xs-activation should do what the protocol proposes: always send a 'stolen' element, to prevent a relatively simple proxy from blocking stolen msgs. The situation is a tad more complex, as a proxy could block any message not containing a lease. For the time being I've filed my notes in http://dev.laptop.org/ticket/9444 -- so this is a 'for later'. cheers, m -- martin.langh...@gmail.com mar...@laptop.org -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff ___ Server-devel mailing list Server-devel@lists.laptop.org http://lists.laptop.org/listinfo/server-devel