[Tails-dev] .xsession-errors file filled with WARNING message
Since a couple of Tails versions back, my .xsession-errors file continues to be filled with: (gnome-settings-daemon:(snip)): updates-plugin-WARNING **: failed to get time: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name org.freedesktop.PackageKit was not provided by any .service files (snip) = removed numbers I Googled but found nothing to indicate what this error means and nothing on how to fix it. Rootkit? Trojan? Any ideas? ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] Persistent Tor start in Tails vs location aware Tor entry guards (LATEG)
Hi,
[can you please decide what mailing-list this discussion should happen
on, and then we can stop cross-posting over 4 mailing-list?]
Patrick Schleizer wrote (02 Jan 2016 22:36:13 GMT) :
> But I think location aware Tor entry guards (LATEG) are wrong headed.
> The topic of LATEG is so difficult to explain to the user, that as you
> plan, you cannot add it the the UI. Perhaps buried under an advanced
> setting, but that's not worth so much. So it cannot be manual by
> default. Only automatic.
I agree.
> Which brings me to the issue.
> There is a reason, why Tor picks a Tor entry guard and sticks to it. By
> changing it more often than Tor would do, you are subverting the reason
> for using Tor entry guards in the first place. In a sense, you are to a
> small degree thereby becoming a Tor developer, and modifying Tor's relay
> choosing algorithm.
I think I see what you mean, and indeed it's the kind of things about
which my self-confidence is pretty low, and I'd personally rather
avoid fiddling with things I don't understand.
But the thing is: by using random guards every time Tails starts, we
are _already_ making the very same kind of decisions. Only, we are
making it very badly, and this has been going on for too many years
already.
Let's face it: as distro integrators, in the current state of things,
we have to make a decision to compensate for the fact that Tor's guard
selection wasn't designed with our threat model in mind.
Keeping things as-is would be a decision. Using fully persistent entry
guards (not location aware), like Tor Browser users get currently,
would be another decision. We cannot escape it, so we're trying to
make this decision in a way that's much better for the vast majority
of Tails users.
> I wonder, if the whole LATEG thing would not be much better implemented
> in Tor itself. If so, then any (further) research of the entry guard
> topic would still apply to Tails, and not to Tor only.
With my (lazy by design) distro integrator's hat, I can only agree:
the more work is done by little-t-tor, the less I have to deal with
myself, and the more is shared cross-distro. Yay.
However, taking a step back, I'm not sure it makes a whole lot of
sense: to be location-aware, tor would have to gain knowledge about
new concepts, and interface with OS services, that it can currently
happily ignore so far; add to this that tor is multi-platform;
I expect it's not an easy problem to deal with at this specific place,
but again: if someone solves it, I certainly won't complain :)
> The documentation advice for advanced users caring about AdvGoalTracking
> could be to use obfuscated [private] bridges and to alternate
> them per travel location.
Right, I think it's important that people who what more control can
get it this way, and IIRC our current best proposal does not prevent
anyone from doing this.
> Or perhaps you might be able to explain in tor-launcher /
> anon-connection-wizard [1] [2] [3] the LATEG / AdvGoalTracking issue.
If the configuration GUI has good facilities to document a broad and
complex problem, yay, bringing the doc closer to the software is
probably a winning strategy.
>> [...] By adding the SSID, we prevent attackers from being able to
>> spoof only the MAC address of the router to reuse a given Tor state;
>> they also have to spoof the SSID which is visible to the user and might
>> be detected as malicious. [...]
> I find it unlikely, that users might judge an often changing SSID
> malicious. FreeWifi832458252823523 vs FreeWifi358235892435. How many
> users are going to remember that? I would guess, they would just click
> through whatever hoops required to make the WiFi connect again.
I have no time/energy to think seriouly about it now, and I've been
postponing my reply for a month due to this, so I'll try to be
pragmatic: I'm adding this as a FIXME on our blueprint, and will come
back to it later.
I'm not sure I understand the problem you mean to raise, though.
Can you please elaborate what problem you see if users do exactly this
("click through whatever hoops required to make the WiFi connect
again", which I agree is very likely)?
Thanks!
Cheers,
--
intrigeri
___
Tails-dev mailing list
Tails-dev@boum.org
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to
tails-dev-unsubscr...@boum.org.
[Tails-dev] Limiting the Amount of Software in Tails
Hello, There are a few software packages installed in Tails from contrib and non-free that concern me. gobi-loader (contrib) Firmware loader for Qualcomm Gobi USB chipsets firmware-libertas (non-free) Binary firmware for Marvell Libertas 8xxx wireless cards firmware-linux-nonfree (non-free) firmware-misc-nonfree (non-free) Binary firmware for various drivers in the Linux kernel Especially the last packages introduce a lot of closed-source software that could compromise Tails. Could someone explain the reasoning for including these software packages? Maybe Tails could add a boot option to disable non-free software? Cheers, Michael English ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
[Tails-dev] Fwd: problems
Forwarding to our user support mailing-list: --- Begin Message --- I have found with tails 2.0 that it cannot print to a cannon mg5550 printer, as openprint doesn't have a driver for it, and cannon doesn't provide a ppd for the model. Also, when you put a DVD in and go to videos, it doesn't play the DVd, instead it seperates the sound from the video files and puts it into a big folder. ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.--- End Message --- -- intrigeri ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
[Tails-dev] intrigeri vs. Tails Redmine
Hi, > > sajolida: > being responsible for tracking "End-user > documentation" and "Website" tickets > Sounds like the pie needs divided up; a need for a project (ticket) manager. Feel free to assign anything to me if you think I can help with, or learn from, it. Wordlife, Spencer ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
[Tails-dev] problems
I have found with tails 2.0 that it cannot print to a cannon mg5550 printer, as openprint doesn't have a driver for it, and cannon doesn't provide a ppd for the model. Also, when you put a DVD in and go to videos, it doesn't play the DVd, instead it seperates the sound from the video files and puts it into a big folder. ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] intrigeri vs. Tails Redmine
anonym: > intrigeri: >> That's not all. I'll still need to follow changes to subsets of our >> Redmine. I don't know for sure since I've not clearly identified my >> needs ye, but I guess I'll have to improve our Redmine toolbox to make >> this possible. I suspect that some of you are in the same situation. >> Tell me your needs (privately or on some dedicated blueprint) and I'll >> try to take them into account while looking for solutions to mine. > > Could you please clarify what you mean here? Obviously it's not > sustainable to rely on a single person (you) following all of Redmine, > but in order to not have tickets be forgotten or go unnoticed, we need > some processes and tools to deal with it instead. I assume this is what > you are getting at, and that you already has some ideas for it. Please > share! Frontdesk is already responsible for doing something with tickets in "Status: New" (I understand that this is forced for people who don't have a special role). Maybe we could have other mechanisms to spread the responsibility of tracking what's happening on Redmine. As said to intrigeri in private, for example I wouldn't mind being responsible for tracking "End-user documentation" and "Website" tickets for example. ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] Adding watchers on Redmine [Was: intrigeri vs. Tails Redmine]
intrigeri: > sajolida wrote (05 Feb 2016 11:20:31 GMT) : >> Adding someone else to the watchers list is something that you showed me >> on your computer but I failed to do myself. I'm thinking maybe I don't >> have permissions to do this or something. > >> Could you tell me where this is supposed to be? > > In the right sidebar, when logged in, on an existing ticket's page, > I see a "Watchers" section, with an "Add" button. > > When creating a ticket, there's a "Watchers" field at the bottom of > the form: https://labs.riseup.net/code/projects/tails/issues/new Damn! Got them. There they were! Maybe I should report UX bugs to Redmine itself :) ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
Re: [Tails-dev] Any plans for an emergency release & alt spin question
Hi, Anonymous wrote (06 Feb 2016 08:30:37 GMT) : > A lot of updates to components of Tails are occurring. Yes. as always… until all free software releases and security bug disclosure synchronize with our own release calendar :) > Should I download 2.0 now If you want to use Tails, yes, sure. Anything older is affected by severe publicly known security issues. > The size of the ISO is very large for some of us For most upgrade paths, we provide automatic upgrades, that are much smaller to download. > and > I would rather know now whether 2.0 will exist > as the go-to current version for the next month or two. We try hard to keep this updated: https://tails.boum.org/contribute/calendar/ > However, when "just the basics" are considered this could > result in a much smaller sized ISO. One thing to keep in mind is that "the basics" has no universally valid meaning. E.g. for some people, good localization into some specific language, or availability of some accessibility tool, is part of the basics. For others, it's not. Cheers, -- intrigeri ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
[Tails-dev] Any plans for an emergency release & alt spin question
A lot of updates to components of Tails are occurring. Should I download 2.0 now or wait for another release prior to the next stable version? Remember the last two versions released and the distance in time between them? The size of the ISO is very large for some of us and I would rather know now whether 2.0 will exist as the go-to current version for the next month or two. & I would join any official Tails team working on an alternative, smaller ISO perhaps with Openbox and no large DM, video/audio tools, office suite, and so on, [but we know that won't happen]. However, when "just the basics" are considered this could result in a much smaller sized ISO. ___ Tails-dev mailing list Tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to tails-dev-unsubscr...@boum.org.
