Re: [Trisquel-users] I found a new libre distro you all might be interested in...
In Arch too much packages already are systemd dependent, dbus, audio mixers, some desktop enviroments like GNOME...
Re: [Trisquel-users] 13Aug2017 buy Trisquel laptop
Apparently the K: drive does have space. You could move stuff from the SSD to the K: drive
[Trisquel-users] Re : 13Aug2017 buy Trisquel laptop
If your disk is (almost) full, you cannot install another system on it. You would need to make space, moving data on another disk. From Trisquel live system, you can use the "Disk Usage Analyzer" in the "System Settings" to discover what takes most of the disk space. If you wish, you can move the data using the live system too. https://trisquel.info/en/wiki/install-trisquel-windows-dual-boot-0 details the procedure to follow when you do not see the option "Install Trisquel Alongside Windows [version]".
[Trisquel-users] Re : I found a new libre distro you all might be interested in...
There is no good excuse to make systemd required for things that clearly don't need it. Examples?
[Trisquel-users] Re : Please recommend a free-software Mercurial hosting service
If I say “A programmer complies his code...“ you will say that I am a bigot, sexist, regressive, and all of that I have never witnessed that behavior on this forum. I witnessed the opposite behavior: you complaining in this very thread that someone chose a generic developer to be female. The herd mentality of social justice that you belong to do exactly the kind of discrimination they so much complain about *You* are the one complaining in great length about the way other users of this forum express themselves.
Re: [Trisquel-users] Best way to install/use Tor with Trisquel?
Ok, thanks for the advice. I'll download it and give it a try :)
Re: [Trisquel-users] Best way to install/use Tor with Trisquel?
> Hi, I'm just wondering what is the best way to install/use Tor with > Trisquel? I'm using Trisquel 7; If you mean normal web browsing you should use the Tor Browser (https://www.torproject.org/projects/torbrowser.html.en). > however, the Tor Browser doesn't seem > to be listed in the Trisquel repository. Does that mean it's not > technically libre? Tor browser is free software (https://www.torproject.org/docs/faq.html.en#DistributingTor). > If not, is it possible to use Tor with a different browser, e.g. > Icecat? Yes, it's possible but you shouldn't. Tor browser is a modified version of firefox with security+privacy patches to ensure anonimity.
Re: [Trisquel-users] 13Aug2017 buy Trisquel laptop
When you are writing a new post, below the box for text there is a "File attachments" option. You can upload images there :)
[Trisquel-users] Re : One-line password generator.
Or alternatively, if the scheme is fine given a sufficient number of words, why don't you simply provide a calculation for what that number of words actually is? I think this would be much more constructive than just saying multiple times that what was provided doesn't work. At the same time, it would be worth comparing that to a string of characters (which is what you appear to be advocating), particularly looking at how long the string of characters needs to be to match the string of words. I can do that. Knowing the way the password was generated and assuming the random number generation is not vulnerable, the password with n American words is as strong as the password with 2.7 x n 64-base characters (the exact coefficient is log(62155)/log(64)). What number n is sufficiently large? It depends the cracker (the computing power at her disposal, the time she is willing to spend, the electricity bill she is willing to pay). Let us take an extreme case to be safe: the NSA trying to crack Laura Poitras' passwords. Edward Snowden, who better knows NSA's capabilities than us, advised Laura: Assume your adversary is capable of one trillion guesses per second. https://www.wired.com/2014/10/snowdens-first-emails-to-poitras/ With n = 4, the NSA would need to keep that guessing rate during 86 days in average (86 days being half of the time to enumerate all passwords that can be generated). I doubt the NSA considers many people are worth such a computing effort. For most people, the NSA probably has faster ways to get the information, though threats for instance. But Laura Poitras may be worth it. With n = 5, the NSA would need 6118 years in average. Starting today. Actually, to finish earlier, the NSA had better wait a few years (decades?), to get greater computing power, than start now. Let us take both cases: n = 4 and 2.7 x 4 = 11: $ words=4; dic=/usr/share/hunspell/en_US.dic; max=$(wc -l < $dic); for i in $(seq $words); do r=$(od -A n -N 4 -t u4 /dev/random); cut -d / -f 1 $dic | sed -n $(expr $r % $max + 1)p; done | tr '\n' ' ' ingoing jar Emmet nemeses $ head -c 8 /dev/urandom | base64 | head -c 11 && echo b+B59UXulCA n = 5 and 2.7 x 5 = 13: $ words=5; dic=/usr/share/hunspell/en_US.dic; max=$(wc -l < $dic); for i in $(seq $words); do r=$(od -A n -N 4 -t u4 /dev/random); cut -d / -f 1 $dic | sed -n $(expr $r % $max + 1)p; done | tr '\n' ' ' stimuli poet parasite Caresa tinfoil $ head -c 9 /dev/urandom | base64 | head -c 13 && echo sI2L5LOkCPkoJ (NB: the 11-character password actually is a little stronger than the four-word password; the 13-character password is a little weaker than the five-word password: I have to round...) Now the subjective question: do you prefer to use (in particular remember and type) "ingoing jar Emmet nemeses" or "b+B59UXulCA"? "stimuli poet parasite Caresa tinfoil" or "sI2L5LOkCPkoJ"? To answer the question, you can refer to the mnemonic marioxcc described (making up the first sentence to remember "b+B5", etc.).
Re: [Trisquel-users] Best way to install/use Tor with Trisquel?
There is only one good way to use tor in any distribution. Download it directly from the website and use it like it comes by default. Do not install extensions or move any configuration.
[Trisquel-users] Best way to install/use Tor with Trisquel?
Hi, I'm just wondering what is the best way to install/use Tor with Trisquel? I'm using Trisquel 7; however, the Tor Browser doesn't seem to be listed in the Trisquel repository. Does that mean it's not technically libre? If not, is it possible to use Tor with a different browser, e.g. Icecat?
Re: [Trisquel-users] I found a new libre distro you all might be interested in...
You did a strong case against system calmstorm. I am thinking on going away from it. But I will stay on Parabola :) I love having programs that work better each day. Stable for me means "same old bugs for a while"
Re: [Trisquel-users] I found a new libre distro you all might be interested in...
I second that notion. I hope in the future that 0.2 comes out very soon. Init freedom + software freedom = slam dunk!
Re: [Trisquel-users] I found a new libre distro you all might be interested in...
I would, except I would want to put hyperbola on first, and then switch to parabola... and only if parabola has a way to remove the dumb dependencies on systemd. I just really hate the idea of hostile people controlling whats on my computer even if it is libre. I want software that I can trust that doesn't force its way onto me. When I don't need it. There is no good excuse to make systemd required for things that clearly don't need it. In such a way that if you try to remove systemd, it removes everything else... ;/
Re: [Trisquel-users] I found a new libre distro you all might be interested in...
hmm... I suppose I should trust you, its just weird that I always have issues with parabola on my thinkpad x200... My issue with systemd for arch based distros though is that the wifi doesn't connect correctly for whatever reason, nor does ethernet. due to a systemd glitch. I cannot remember much since I distanced myself from hyperbola temporarily which still has systemd... and parabola... which I hope will make an easy way to wipe out systemd... I saw this glitch either on systemd's github page or archlinux's github page. I will keep looking though. https://www.ostechnix.com/fix-job-netctl-service-failed-error-arch-linux/ this page has this error on it with a supposed fix, except of course, there is a problem with this fix, It doesn't fix it if your still in the process of installing it... here is the error I talk about that annoys me: Job for netctl@wlp9s0\x2dsktab.service failed because the control process exited with error code. See "systemctl status "netctl@wlp9s0\\x2dsktab.service"" and "journalctl -xe" for details.
Re: [Trisquel-users] 13Aug2017 buy Trisquel laptop
hi happy_gnu I'll be away from the internet tomorrow, but how do I send you images here?
Re: [Trisquel-users] 13Aug2017 buy Trisquel laptop
Please go to BIOS take pictures of it and post them here so we can help you.
Re: [Trisquel-users] can a website see from which folder firefox uploads a file?
Thank you for the useful link! Another link inside that page stated that javascript could really be used to discover the full path, but as long as there is no javascript involved, it should be impossible. Which I think is the way it should be! ;) Thanks.
Re: [Trisquel-users] Please recommend a free-software Mercurial hosting service
Vaya que ores ignorante. Tu desconocimiento de historia es mas triste que tus argumentos. Muchas mujeres han aportado muchísimo a la ciencia, matemáticas y computación. Tu eres el que se siente ofendido por lo palabra "she". Solo por uno palabra decidiste quien era yo y como pensaba. Yo nunca me he ofendido nunca por ver la palabra "he". Pues soy hombre. En México hay una gran cantidad de narcos. Pero la mayoría de la gente es buena y amable. Si realmente eres mexicano lo debiras saber. Pero si tristemente en México hay muchas personas ignorantes. Como en tu caso. Llenas de machismo y que se quejan por la más pequeña estupidez. Tu crees que me asustan tus historias de la policía? Vivo en una de las ciudades más violentas de México. He ido trabajado en la semefo. Conozco el olor de los muertos y de los sepultados. He conocido a gente en prisión. Eso no hace malos a todos los mexicanos. Como ya dije me siento mal por ti. Tu ignorancia de la historia. Tu machismo y tu rapidez para juzgar y tus prejuicios. Ojala algún día tus pensamientos sirvan y no sean tóxicos.
Re: [Trisquel-users] Please recommend a free-software Mercurial hosting service
I acknowledge that I made a mistake in assuming that you were from the United States. Let us try to recap. By a wide margin. most programmers are male, and moreover “he” is the generic pronoun in English. Then, why do you use “she” to refer to an undetermined programmer? I know the reason. It is because you believe that men are the evil oppressors, basically ogres, and women are pure and vulnerable damsels in distress with long and blond hair like Rapunzel. Thus for your eyes, male programmers do not matter. You give all importance to females and your language reflects this. You do not even think that dismissing male programmers is something wrong. After all, they are male, so they are evil ogres. They do not deserve any mention in your mind. And if somebody, like me, complains, is because he must be a “bigot” if he thinks that the evil ogres (men) deserve any recognition. But men are not ogres. Men are the pillars of modern society. Men built and continue building modern society. Nearly every technology that we use on a daily, and that is the only thing that separates us from the stone age, has been invented, developed and deployed by men. So if you hate men so much, you can stop using your computer right now. The transistor was invented by a team of men (Shockley, Bardeen, and many more), the theoretical background of electricity was devised by several men through a period of around 100 years (Maxwell, Ampere, Faraday, etc.). You can also stop using electric appliances, and cars for that matter (Marcus, Diesel, Benz, etc.). You will end up living in a cave. >3.- I've read (yeah because people who are smart actually read) a lot of technical books that use the word "she". Oh right. Technical books are always right and never use incorrect English, right? Just because some other people use “she” as generic, this does not mean that it is standard English. Most publications (personal observation) that use one of either “he“ or “she”, use “he”, and thus your reasoning would lead you to use “he” as well since it is the prevalent convention as technical writing. >4.- You are so bigot that you find the word "she" offensive. There is not a single reason to feel offended. Yet you do. What do people do when they do do not have any argument against the critique? They try to dodge the critique by criticizing the other person and ignoring the argument as you have done here calling me “bigot”. This is the ad hominem fallacy. >5.- The only reason the word "he" is generic is because of tradition. There is no other reason. I refuse to follow old stupid traditions. I guess that by “stupid tradition” you mean the etymology of the word, which is just like most words we use in day to day speech. I already referenced the origin of the word “he” as generic: The most prevalent meaning of “man” used to be generic centuries ago, and “he” has been generic since then. That is the reason that the generic pronoun in English is “he”, not “she”. This is en etymological fact of English, regardless of whether you like it or not. If you do not like the English language, free feel to speak whatever language you find acceptable according to your social justice warrior complex. >I hope one day you can come to latinamerica and realize what is actually to be a nice human being. Lots of latinamericans are wonderful and warm human beings. I live in Latin America. You are right, it's such a nice place with wonderful human beings, unicorns and fairies. Actually people is so nice here in Mexico that it is a common event that innocent citizens are kidnapped by the kind-hearted police or else by cartels, tortured and quartered, and then they leave the cadavers in mass graves to be found weeks or months later, or simply dumped in the streets for anybody to see. That is to say nothing about the wonderful human beings that politicians are across all of Latin America. They are so kind hearted that Latin American heads of state are routinely judged for corruption, as Luiz da Silva and his associates, just to name an example. You are right, this is such a nice place and we have such a nice people. - If I say “A programmer complies his code...“ you will say that I am a bigot, sexist, regressive, and all of that, yet this is standard English and does not exclude anybody. If you say “A programmer complies hercode...” then you think that you are progressive, egalitarian, stand for social justice, and so on. Do you see the problem here? The herd mentality of social justice that you belong to do exactly the kind of discrimination they so much complain about, yet they see it as a virtue, because they see the groups they discriminate (males in this case) as evil ogres and unworthy of any equal treatment, despite so much talk of “equality”. Having elaborated on my point and addressed your arguments (or lack
Re: [Trisquel-users] 13Aug2017 buy Trisquel laptop
Hi Magic Banana, I need help. Trisquel installation reported: "This computer currently has no detected operating system. What would you like to do?" Then 3 options, so I backed out of the install procedure fearing I would damage the Win7 OS. ***I'm on another internet search for help with Win7 backup errors*** My attempts to backup my Win7 computer failed (error code: 0x8007007b) 3x I tried different solutions. I wanted to have a backup so I could install Trisquel - I thought the backup needs to be done and would be safe enough, even though I wanted to wait for the arrival of my Trisquel Laptop. I Spent another frustrating day on failed attempts... I wish my Trisquel laptop was here already :(
Re: [Trisquel-users] Where to upload videos?
https://archive.org/ Greetings.
Re: [Trisquel-users] One-line password generator.
> Your “trillion guesses per second” is an arbitrary number. You are deluding yourself you think that any serious attacker will be so limited. What is the actual number, then? > Of course, Bitcoin miners are highly specialized and can not be used for password cracking. I would like to suggest suggest sticking to facts and evidence pertaining to password cracking. Bitcoin may be based in cryptography, but that doesn't necessarily mean you can apply rules to Bitcoin 1:1 onto passwords. > Conclusion: In 2017, your suggested scheme is more broken than DES in 1998. I didn't see the source of this conclusion in the paragraphs that preceded it. It seems to me you were just claiming that computer power grows by a certain amount in 19 years (why 19 years? Why not 10, or 50?) to an extent greater than the figure Magic Banana supplied. But what your conclusion here states suggests that the scheme itself is fundamentally broken. If that is the case, then why is it not possible to simply increase the number of words to achieve an acceptable strength, thus increasing the number of possibilities even further? Or alternatively, if the scheme is fine given a sufficient number of words, why don't you simply provide a calculation for what that number of words actually is? I think this would be much more constructive than just saying multiple times that what was provided doesn't work. At the same time, it would be worth comparing that to a string of characters (which is what you appear to be advocating), particularly looking at how long the string of characters needs to be to match the string of words. That way, we could compare the relative lengths and strengths of both methods directly. > Your original point was about bugs. The man page talks about cryptographic attacks. This seems like a bit of a semantic argument, no? I took what Magic Banana wrote to mean that /dev/random is safer than /dev/urandom, which you seem to implicitly admit here, and therefore /dev/random ought to be used. Considering the only trade-off is having to wait a little longer, I can't see I can think of any fundamental flaw in this reasoning. How about this: what is the reason you recommend /dev/urandom when /dev/random would (as you freely admit) be safer? You could argue forever about how much safer it is, but why take the chance?
Re: [Trisquel-users] One-line password generator.
>That is true: it cost US$ 250,000 and used 1,856 custom chips to crack one DES key in a little more than two days. This is grossly misleading. It is like saying “It cost 10,000,000 USD to build your CPU”, conflating the cost of the equipment (semiconductor plant) with a single unit of output (the CPU). 250,000 USD is the cost to build the equipment. The cost to crack a key is much cheaper and is basically only the cost of electricity and maintenance plus a tiny fraction of the cost of the equipment (it is amortized over many runs). >At one trillion guesses per second, the NSA needs 6118 years to crack the password Your emphasis on “billions” and “trillions” to make the wimpy entropy of your password generation scheme appear impressive merely adds to the humorist value of your message. Your “trillion guesses per second” is an arbitrary number. You are deluding yourself you think that any serious attacker will be so limited. This is roughly the computing power of one Bitcoin miner with a cost of around 100 USD. Of course, Bitcoin miners are highly specialized and can not be used for password cracking. This is meant as an illustration of the cheap cost of computing equipment. And again, computing equipment can be reused, so the cost per run is even lower. You could argue than Bitcoin miners are cheap because there are economies of scale, but so there will be in any serious brute-force attack. If the password hash is iterated, as most are, this adds just a couple orders of magnitude to the cost. >Do you realize that means the effort (basically the time and energy) to crack the password by brute force is multiplied by 2^7.6 = 194? It would, if we still were in 1998, but we are not. We are not stuck with 20-years-old technology. Today's digital electronics are much faster, cheaper and energy-efficient. I am sorry if the number 194 sounds big in your mind. Factors like this are routinely ignored in cryptographic analysis. As a rough rule of thumb, computing power to cost ratio doubles every 1.5 years (this is not Moore law, but it is related). 19 years is thus an increase by a factor of 2^12.7≈6500. Your factor of 2^7.6 pales in comparison. Conclusion: In 2017, your suggested scheme is more broken than DES in 1998. >Here is an excerpt from 'man urandom', which makes my point: No, it does not. You tried to change the argument without anybody noticing but your attempt failed. I quote you with emphasis added: >Notice also that my solution uses /dev/random, not /dev/urandom. /dev/urandom providing only pseudo-randomness, there is a risk (although it should be OK) of a bug Your original point was about bugs. The man page talks about cryptographic attacks. Regarding the risk of cryptographicaly attacks on the CSPRNG, this only affects the conditional entropy of subsequent bytes when attacker knows part of the past output of /dev/urandom, which is not the case here. Moreover, the fact that the entropy pool is continuously mixed with new entropy makes any attack on the CSPRNG algorithm much more difficult. Also, a cryptographic attack can always compromise the security of a practical cryptographic system, so saying “Don't use this because it is vulnerable to cryptographic attacks” is equivalent to saying “Do not use any modern cryptography”. If you are so afraid of cryptographic breaks, free feel to use the one-time pad instead of GNU PG to encrypt your data. - Enough of giving you free lessons about the cost of brute force attacks. I am sharing my knowledge altruistically, but I gain nothing, and I have other things to do, so I withdraw from this discussion. If you want to learn about brute force attacks, a good starting point would be the paper “Understanding brute force” by D. J. Bernstein.
Re: [Trisquel-users] A new forums member saying hello
Thanks a lot to the three of you. Much appreciated!
Re: [Trisquel-users] One-line password generator.
>use five words. At one trillion guesses per second >needs 6118 years to crack the password Always 5 random words user account psswd ;)
Re: [Trisquel-users] One-line password generator.
The fact that you shared this script made me feel like there is some kindness in your heart. And that you like to help others. I hope you stop attacking others here. Magic Banana didn't insult you. Just shared a different way of doing things. He disagreed with you but was respectful. Learn to be nice to others. Stop insulting people without reason.
