On Sat, 2 Aug 2014 15:41:36 + (UTC)
intrigeri wrote:
> Hi,
>
> I've noticed this while doing the code review:
>
> > +Once enabled at the boot prompt, I2P can be started manually
> > +through the menu:
> >
> > Applications -> Internet -> i2p
>
> How about dropping that second step?
On Sat, 2 Aug 2014 17:43:17 + (UTC)
HW42 wrote:
> > FWIW, I didn't include that because at least in Debian unstable I
> > cannot get it to work and I definitely have a "new enough" curl.
> > Maybe it will work in Tails, but I've not tried it yet.
>
> On Tails 1.1 it works when you replace
i'm running short of time i hoped for a longer, proper discussion.
#1 is still best, until persistence is available.
in addition, either rngd or haveged should also be started, in that
preferred order, to further improve the entropy in both blocking and
non-blocking pools once init has completed,
On Sat, Aug 2, 2014 at 11:46 AM, Jacob Appelbaum wrote:
>
> I'm not really convinced. An attacker who attacks the RNG is going to
> find all of the plausable public seeds. This is what brl did with
> exegesis to attack the Debian RNG bug:
yes, the difference is that different seeds require a diff
Hey everyone,
would it not be an good idea to mirror the whole webpage with the
download section as a hidden service? I could do that on a and unmetered
100mbit/s vserver. Or ist that regarding to the downlink speeds
obsololete (but at least the webpage itself would be a cool idea in my
mind).
On 8/2/14, coderman wrote:
> On Fri, Aug 1, 2014 at 10:24 AM, Jacob Appelbaum
> wrote:
>> ...
>> Sure - if we have entropy, we can seed anything. :)
>
> *grin*
>
>
>
>
>> How is that worse? The goal is entropy collectin. A public value is
>> not entropic.
>
> but a public value in addition to oth
Hey everyone,
would it not be an good idea to mirror the whole webpage with the
download section as a hidden service? I could do that on a and unmetered
100mbit/s vserver. Or ist that regarding to the downlink speeds
obsololete (but at least the webpage itself would be a cool idea in my
mind).
Am Sat, 2 Aug 2014 15:54:00 + (UTC)
schrieb Kill Your TV :
> On Sat, 2 Aug 2014 14:15:48 + (UTC)
> intrigeri wrote:
>
> > Oh, I forgot: it would be wonderful if addressing #7416 ("Have GnuPG
> > use the Tor SOCKS port directly") could be sneaked in as step 0.
> > It's a two-lines chang
Hi,
at the contributors summit, we reinforced our current 2.0 and 3.0
definitions as the broad priorities we have for the next year(s).
Then, we started refining these milestones, but it was too daunting
a task to fine tune all details.
So, IIRC we decided we had until early September (?) to prop
On Sat, 2 Aug 2014 13:51:06 + (UTC)
intrigeri wrote:
> Regarding the firewall rules:
>
> Why does i2psvc need direct access to Tor's DNSPort?
I forgot to address this in the previous email. In my testing, DNS
requests were made to the TorDNS ports (when bootstrapping) and were
blocked.
I
On Sat, 2 Aug 2014 14:15:48 + (UTC)
intrigeri wrote:
> Oh, I forgot: it would be wonderful if addressing #7416 ("Have GnuPG
> use the Tor SOCKS port directly") could be sneaked in as step 0.
> It's a two-lines change, and I'd love it if I could do steps 3 and
> 4 only once for #7512 and #741
Hi,
Jacob Appelbaum wrote (27 Jul 2014 14:24:53 GMT) :
> On 7/27/14, intrigeri wrote:
>>> How shall we scope the audit? What do you have in mind?
>>
>> Everything that relies on privilege separation (see sudo
>> configuration) could be worth looking it. In particular, I'm thinking
>> of the incre
sajol...@pimienta.org wrote:
> The next Tails contributors meeting is scheduled for:
>
> Sunday August 3
> #tails-dev (irc.indymedia.org/h7gf2ha3hefoj5ls.onion)
> 7pm UTC (9pm CEST)
Remember that's tomorrow!
> Every one interested in contributing to Tails is welcome.
>
> A
Hi,
I've noticed this while doing the code review:
> +Once enabled at the boot prompt, I2P can be started manually
> +through the menu:
>
> Applications -> Internet -> i2p
How about dropping that second step?
I mean, once the user has opted-in for using I2P, we could as well
integrate its
Hi,
Jacob Appelbaum wrote (27 Jul 2014 14:24:53 GMT) :
> Vidalia is unmaintained but it isn't currently a security problem.
> Long term, we need a different solution for sustainability, of course.
Yes. Once Tor#8641 is implemented [1] in Torbutton, I think that it
would be enough, for us to drop
On Sat, 2 Aug 2014 13:51:06 + (UTC)
intrigeri wrote:
[...]
>
> > +# Let's make sure that *just* the "i2psvc" user has access to the
> > I2P files +chown -R i2psvc:i2psvc /usr/share/i2p
> > +find /usr/share/i2p -type f \( -name '*.jar' -o -name '*.war' \)
> > -print0 | xargs -r -0 chmod 640
Hi Miguel,
Miguel Landaeta wrote (02 Aug 2014 14:44:20 GMT) :
> I'm not a libvirt or Vagrant maintainer but I can take care of this
> package.
This would totally rock. \o/
> However, I think vagrant needs to be updated. Otherwise, this package
> is not really useful.
Right. There's been WIP doc
intrigeri:
> 2. drop the publicly known value => urandom is seeded by date +%s.%N
>only
If you are going that route, would it make sense to drop the dot in date
+%s%N as well to remove another publicly known value?
___
Tails-dev mailing list
Tails-d
Hi,
(Note: I'm dropping parts of the discussion that are made moot thanks
to Kill Your TV's branch: it's too late to discuss if it would be
worth doing $this or not, when the work has already been done, and the
code seems close to be mergeable :)
Jacob Appelbaum wrote (27 Jul 2014 14:24:53 GMT) :
On Sat, Jun 28, 2014 at 10:23:20PM +0200, intrigeri wrote:
> Dear libvirt / Vagrant maintainers,
>
> [...]
>
> Would you be interested in maintaining vagrant-libvirt in Debian?
> It would greatly help at least Tails [1] and Freepto [2].
Hi,
I'm not a libvirt or Vagrant maintainer but I can take
Hi,
> 1. explain in the commit message why no-auto-key-locate is removed;
>is this GnuPG's default behavior?
> 2. update "3.6.16 GnuPG" in the design doc
> 3. run the automated test suite on an ISO built with these changes in
> 4. test incremental upgrades with these changes in
Oh, I forgot:
Hi,
Kill Your TV wrote (01 Aug 2014 13:57:06 GMT) :
> If that includes leaving the comments intact, maybe the attached patch
> is usable?
Yes, this looks like what I had in mind. What else is needed, IMO, to
make this mergeable is:
1. explain in the commit message why no-auto-key-locate is remo
Hi,
first, thanks a lot for this great work!
I've reviewed the intentions and the code. The former looks perfectly
fine to me, the latter is a very good start, but could use some
improvements here and there => see below.
I have *not* built an ISO from this branch, nor tested it yet.
I'll wait fo
El Sat, 02 Aug 2014 13:25:30 +0200
intrigeri escribió:
> Hi,
>
> [No need to Cc me, I do read the list. Thanks!]
>
> emma peel wrote (02 Aug 2014 10:34:11 GMT) :
> > I will dive on git and come back with a cleaner patch based in
> > devel
>
> Note that Kill Your TV already submitted an updated
Hi,
Jacob Appelbaum wrote (27 Jul 2014 13:36:25 GMT) :
> On 7/27/14, intrigeri wrote:
>> Yes. I think all it takes is adapting the doc + writing a live-config
>> hook that adds enable the needed credentials in sudoers, and makes the
>> I2P launcher visible. Anyone willing to give it a try? I'd be
Hi,
[No need to Cc me, I do read the list. Thanks!]
emma peel wrote (02 Aug 2014 10:34:11 GMT) :
> I will dive on git and come back with a cleaner patch based in devel
Note that Kill Your TV already submitted an updated patch on the list:
Message-Id: <20140801135706.B5F97AE1D2@smtp.postman.i2
intrigeri:
> sycamoreone wrote (02 Aug 2014 10:12:38 GMT) :
>> > Am I doing something wrong, or did they change their policy regarding Tor?
> Last time I checked, connecting with a SASL-authenticated account *to
> their Hidden Service* did work. I don't think irc.i.o is supposed to
> work over Tor.
sycamoreone wrote (02 Aug 2014 10:12:38 GMT) :
> Am I doing something wrong, or did they change their policy regarding Tor?
Last time I checked, connecting with a SASL-authenticated account *to
their Hidden Service* did work. I don't think irc.i.o is supposed to
work over Tor. Are you using the HS
El Fri, 01 Aug 2014 14:50:03 +0200
intrigeri escribió:
> Hi,
>
> intrigeri wrote (14 Jul 2014 10:38:47 GMT) :
> > Also, I would find it good to be even closer to duraconf's gpg.conf:
> > e.g.
>
> > * we could plausibly take the "algorithm and ciphers" section as-is
> > * the no-honor-keyserver
Hi,
Kill Your TV wrote (01 Aug 2014 17:18:28 GMT) :
> Perhaps it would be good to have an official "fallback" IRC
> channel/network for Tails?
We can try using Indymedia's IRC network for this. I'm concerned this
might lead to have duplicated channels forever, though.
Cheers,
--
intrigeri
_
Kill Your TV:
>> As OFTC is blocking Tor lately, we will try to gather on
>> > irc.indymedia.org.
> [..]
>
> As I asked in #tails yesterday:
>
>Since it's been hard to connect to OFTC with Tor recently, has
>there been any talk of #tails* (or even #*tor*) moving elsewhere?
Today
31 matches
Mail list logo