> This git repository has every version of Linux-libre ever, it all fits into
> ~350MB, and versions will never disappear.
Assuming those disks are backed up.
--
Caleb Herbert
OpenPGP public key: http://bluehome.net/csh/pubkey
signature.asc
Description: This is a digitally signed message
> There are numerous mitigations for Spectre that won't work on libre
> systems because they require (proprietary) microcode changes which
> neither Trisquel nor I will provide. For obvious reasons of them
> being proprietary.
> I understand that those dedicated to software freedom would not
>
> Youw website is also good but may I ask (genuine question) why do you think
> so many people use google fonts api? Is there really no alternative?
Copypasta JS magic is easier than actually, you know, hosting everything
you want people to see.
You can have the font files on your website and
> It is probably best to use the Dragora support resources,
> OK?
Except Dragora is tiny and its support is not realistic.
Even Trisquel has poor support.
My Trisquel system is a massive pile of workarounds, and it frustrates
me.
--
Caleb Herbert
OpenPGP public key:
On Sun, 2018-01-14 at 11:06 -0800, Mason Hock wrote:
> I'm not aware of a TorBirdy equivalent for any other mail client. The
> instructions for torifying an email client say to use Thunderbird instead
>
> https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/EMail
>
> and the
Guns are the Tor of meatspace.
signature.asc
Description: This is a digitally signed message part
On Sun, 2018-01-14 at 21:44 +0100, gnu...@openmailbox.org wrote:
> Distros were an example. I have a need to download various different files
> and don't want to be revealed what I download. Not because it's "illegal" but
>
> because it's private.
Sure :p
The internet is for porn, Tor
ADFENO, there's a more blatant user freedom issue with Wire Desktop: its
dependence on Electron.
signature.asc
Description: This is a digitally signed message part
Node.js is fine, but Electron is questionable and needs to be audited
for licensing issues.
signature.asc
Description: This is a digitally signed message part
And in addendum to that, use the torrent links for ISO images instead of
direct downloads where possible. It's a lot less costly!
What is Seafile?
signature.asc
Description: This is a digitally signed message part
On Thu, 2018-01-18 at 15:48 +0100, dh...@fastmail.com wrote:
> If family black sheep had grades, mine would be obsidian.
>
> I simply tell them that they have
> already fucked their privacy and they are beyond help; they can figure out
> how to reset their password on their own.
I don't do
> > The one's linked to from the FSF use libre JavaScript...
>
> I know that. I also do a little JS programming myself but that is not
> important. LibreJS is just as good as 'free software' which may send packets
> to Amazon. I don't see myself auditing every JavaScript code on every
>
On Sun, 2018-01-14 at 10:48 +0100, i_write_wo...@posteo.net wrote:
> I have very little to add except for a caution: if you are a minor and maybe
> even if you aren't, please do not email pictures of yourself to Facebook
> addicts.
Thank you for mentioning this. I never thought about simply
Stop getting so many systems all the time.
If you're distro-hopping, stop it.
If you're really serious about switching to a distro, show you're
serious by donating $50 to a distro every time you switch to it.
Red Hat sells regular, no-tech-support versions of its distro for $50
each, and this
On Sat, 2018-01-13 at 22:55 -0800, Mason Hock wrote:
> Facebook is designed to addict its "users" with what its former
> vice-president describes as "dopemine-driven feedback loops."
>
> https://www.theguardian.com/technology/2017/dec/11/facebook-former-executive-ripping-society-apart
>
> Your
> I am sorry for you m8. Get a job maybe and your place so you can distribute
> fuckoffs in complete tranquility
I'm not the OP, but I am in the same boat. I have a job, but it doesn't
pay enough for me to support myself fully. Transportation is especially
expensive! (More than $210 US each
> I don't know if it is even possible now to protect a child from being
> profiled by Facebook until they are old enough to protect themselves, but if
> you do you will have given your child a choice, which is a great gift and
> something I never felt that I had.
Friends, esp. girls, will
"I mean, don't this attacks have to be executed in my computer?"
Yes.
"If I don't use JavaScript in my browser, and only use free software, is
there a way I could still be attacked?"
It probably helps but a program being free software doesn't mean it's free of
problems (a concrete example
If I don't use JavaScript in my browser, and only use free software, is there
a way I could still be attacked? I mean, don't this attacks have to be
executed in my computer?
"So perhaps it can't really be fixed with software patches but indeed just
'mitigated'."
Indeed; they are all "mitigations." Plus: There are numerous mitigations for
Spectre that won't work on libre systems because they require (proprietary)
microcode changes which neither Trisquel nor I
> https://yro.slashdot.org/story/18/01/19/2210246/trump-signs-surveillance-extension-into-law
Ugh.
> If only laws like this had a prayer of passing in the US.
https://yro.slashdot.org/story/18/01/19/2210246/trump-signs-surveillance-extension-into-law
EmacsWiki: Site Map - https://www.emacswiki.org/
Practical Emacs Tutorial - http://ergoemacs.org/emacs/emacs.html
> I store them in Gnome Keyring.
I store them in my head. :)
> Nothing can save us from Spectre except a new CPU.
Yep, and the new CPUs are sure to require a non-free BIOS. Spectre is very bad
news for freedom and privacy.
> Recently I started doing something which is probably silly: if I
> FWIW in EU GDPR which starts to apply in May 2018 the IP address is now
> considered personal data, legally and must be anonymized. So software
> vendors who provide such "features" or who close tickets because they are
> not in the mood will perhaps be forced to comply with all that. Or who
> another application could exploit Spectre to access your browser
I store them in Gnome Keyring. Which of course is still unsafe to Spectre.
Nothing can save us from Spectre except a new CPU.
Recently I started doing something which is probably silly: if I have to
enable JS for short in a
Guys, good news. Leah gave me a super simple solution to get the kernel
updated. It's ok to use linux-libre for the updated kernels, but then:
ariella@/ $ sudo rm vmlinuz initrd.img
ariella@/ $ sudo ln -s /boot/vmlinuz-4.14.13-gnu vmlinuz
ariella@/ $ sudo ln -s /boot/initrd.img-4.14.13-gnu
> A false sense of security is worse than no security at all, see
--disclaimer
That's a key point for all these tests. Remember that side-channel-execution
is a hardware bug, not software. So perhaps it can't really be fixed with
software patches but indeed just 'mitigated'. Whoever makes
> Perhaps it is because of your time investment in your test that you weight
your test far too heavily.
No. It is because it shows something actual, not ideological or theoretical
like "would be better... if". As soon as Firefox (or a derivative) shows a
better behavior and overall
I'm knob, thought I already had done that.
Meltdown was fixed:
Spectre and Meltdown mitigation detection tool v0.31
Checking for vulnerabilities against running kernel Linux 4.14.14-gnu #1 SMP
Wed Jan 17 15:33:18 UTC 2018 x86_64
CPU is Intel(R) Core(TM)2 CPU P8600 @ 2.40GHz
CVE-2017-5753
Of course. Enabling JS is still unsafe, but the particular issue you link to
relies on having the passwords stored in the browser. Even without JS enabled,
another application could exploit Spectre to access your browser, so it is
still wise to avoid storing passwords in your browser. I agree
Yep, I don't think that was needed. I think proprietary software is evil
don't get me wrong, but this goes a bit too far as for what it actually is.
Firetools + gufw + noscript in your web browser
That's my thoughts... but yeah clamtk is better than clamav merely because
it is a gui.
Proprietary software is not always malware but it is very often malware. So
often that it's a bit scary.
Microsoft example #1
Google example #2
Apple example #3
adobe flash example #4
intel example #5
the list goes very long, but yeah... you are kind of right at least about it
not
> Is this code snippet copyrightable?
Here is the full script:
#!/bin/bash
if [ -z "$1" ]; then
echo "No link supplied as argument"
exit
fi
# [i] http://funbutlearn.com/2013/02/direct-download-link-to-your-google.html
echo $1 | sed -r -e
> Mason, some humans are more vulnerable to these malicious features
My fear is that, even if there currently still exist people who are not
susceptible to Facebook's manipulation, one day soon Facebook will acheive such
efficiency that this is no lnger the case. Facebook isn't a naturally
That doesn't matter. A script can log your key presses.
Just to follow up on this, I'm now hosting the fonts myself! (The font files
themselves are on an Amazon S3 bucket, but the CSS file that points at them
is now on the server).
Thanks again for the quality feedback :)
Yikes. I avoid saving passwords in my browser as well.
Mason, some humans are more vulnerable to these malicious features for more
or less or analogous or metaphorically similar reasons as why some perfectly
nice and heroically brave decorated combat veterans might prefer to politely
decline your invitation to a fireworks show and why other
> I think I have already done that. Right now I find Chromium least worse
> because of the results of the test
Perhaps it is because of your time investment in your test that you weight
your test far too heavily. Your complaints are reasonable, but there is also
a reasonable explanation for
yes faithful newbie to GNU Emacs: What do you recommend for web development
with GNU Emacs?
what for API develop, backends, pure javascript or some framework?, Slim
Framework or what better... an too its posible talk with servers providers,
but i tell you i'm so-so newbie jejeje, english
You could just use ClamAV like many suggested.
Please lets maintain the manners inside this forum.
> Apparently the current packages in belenos are too old?
Maybe. If so, you can get a newer kernel from jxself's repo.
They are, hence mason's advice:
https://trisquel.info/forum/vulnerable-meltdown#comment-126601
Hmm, installed latest lowlatency lts kernel:
Spectre and Meltdown mitigation detection tool v0.31
Checking for vulnerabilities against running kernel Linux 4.4.0-93-lowlatency
#116~14.04.1+7.0trisquel1 SMP PREEMPT Mon Aug 28 17:34:47 UTC 20 x86_64
CPU is Intel(R) Core(TM)2 CPU P8600 @
You were already told several times (by bobstechsite and onpon4) that ClamAV
exists. It is free software. It is in Trisquel repository. And it aims at
protecting Windows systems. So, no, Comodo is *not* the only available
anti-virus that can be installed on GNU/Linux.
SuperTramp83
> "devil, hell, Satan, a nightmare, it's the worst thing that may happen to
your computer or smartphone, we are the best around"
that escalated quickly
With LibreJS, the "New issue" button does not do anything. And I believe one
must have a GitHub account to file an issue. Signing up requires executing
proprietary JavaScript too.
If somebody here already has a GitHub account and does not care about
executing the proprietary JavaScript
I sense great things. People call me and say I have the best senses.
I think you misunderstood my question.
Administrating an instance is not easy.
SuperTramp83,
I never met a person so dogmatic like you in the
computer/software/Internet field; "every proprietor software is malware,
devil, hell, Satan, a nightmare, it's the worst thing that may happen to your
computer or smartphone, we are the best around".
If you read
Is it advisable to use a public instance or set up own?:)
Ok. I tried myself but I am getting an error during compiling of the browser.
Their documentation seems incorrect. Then I tried simply running make but it
asks for libdom which is not available on openSUSE's repo. So I gave up.
Not only you installed proprietary malware but you also enlarged your attack
surface.
* every proprietary software is malware. Prove me wrong. PROTIP: you can't
** In order to work an antivirus needs full access to your machine, it needs
root privileges and it is constantly and actively
Yes. File at will.
>It is certainly not as bad as Facebook, and its decentralization prevents
any addiction to it from being exploited by any one power, but it could still
be psychologically harmful.
Yes. I shall point out that I wasn't experienced at the time and was not
prepared to the powerful influence a
>How does it behave on the tcpdump test?
Haven't tested it yet. Very lazy right now. Maybe tomorrow.
I suppose you noticed my sense of humor, don't you?
See https://asciimoo.github.io/searx/
I have just checked every .js and .css file in
https://github.com/wireapp/wire-desktop/tree/master/electron and its
subdirectories. The rest is HTML, JSON, and images, i.e., data. It looks
like the Wire developer make a good job at inserting the GNU GPLv3+ copyright
notice at the
> I am new in the forum and New in town.
Fantastic!
Oh, searX is a search enginge?
I thought it was just some general nickname for "any search engine".
What is it that makes searX "good" compared to others like StartPage for
example?
Hello onpon4,
thank you very much for your really appreciated advice and
suggestions.
On Trisquel 7 operating system I'll use ClamAV/ClamTK rather than Comodo for
Linux antivirus.
That's a proprietary program. I suggest you don't use it.
If you want an antivirus program, that's ClamAV. Look for "ClamTK"; it's in
the repo and acts as a graphical frontend for ClamAV. But I should note that
antivirus on GNU/Linux is not for your own protection; it's for the
protection
It has always been the case in human history that when a particular entity
gains power over certain resources it results in suppression, dictatorship,
exploitation, misery etc. Yet people keep repeating the nonsense about how
good it is to be ambitious, successful, "more than others", "a
> What do you use Google apps for? Which ones do you use?
Gmail, Google Drive (rarely Docs), Calendar.
> Evolution, LibreOffice and a shiny SFTP client/file manager plugin met my
needs.
I use them too but they can't replace the above.
Hello bobstechsite,
thank you very much for your advice, comments and the
attached link; I really appreciate it.
Until last year on my notebook I had the Ubuntu 16 operating system and I
used the Comodo Antivirus for Linux.
Early this year I moved from Ubuntu 16 to
1. Both
2. Either. Just make sure it's the "Ubuntu" version and matches your OS
3. AVG and Sophos support GNU/Linux as well I think
If you want to stay "fully-free" (and you should, because you're using
Trisquel!) you're better off with ClamTk. You can install it through the
"Add/Remove
Hello to all Trisquel Community,
I am new in the forum and New in town.
The only antivirus for Linux computers I know is Comodo Antivirus for Linux
as of the link below:
https://www.comodo.com/home/internet-security/antivirus-for-linux.php?track=8251
I have a
On Sat, 2018-01-13 at 22:53 +0100, i_write_wo...@posteo.net wrote:
> Does Riot still work? I never used the videoconferencing feature, but it's
> what I'm using to communicate with my person in written English.
Riot video works. I use it with my boyfriend.
> The web app is/was easy to install
On Sun, 2018-01-14 at 14:45 +0100, svenerik...@protonmail.com wrote:
> I see. My problem when it comes to this is what I do after I do the:
>
> git clone https://github.com/wireapp/wire-desktop.git
This program uses Electron. Most Electron programs are distributed in
such a way that free
On Sat, 2018-01-13 at 20:11 +0100, lc...@dcc.ufmg.br wrote:
> I used to use http://meet.jit.si or http://vroom.im to do videotelephony
> through WebRTC between two Trisquel 7 systems separated by an ocean (I live
> in Brazil, my family in France). They do not work anymore. Maybe because of
> (just a little though!! use searX \0/ )
The quality of their image search results, and the interface, reminds me
of Google Images circa 2005.
--
Caleb Herbert
OpenPGP public key: http://bluehome.net/csh/pubkey
signature.asc
Description: This is a digitally signed message part
On Thu, 2018-01-18 at 10:47 +0100, stu...@anchev.net wrote:
> I also learned to download files with public access from Google Drive without
>
> having to log in to Google Drive or use of JS. If the link is to a file, it
> can easily be converted to a direct link. Here is a bash script line
On Thu, 2018-01-18 at 01:57 +0100, stu...@anchev.net wrote:
> > You use Chromium desite not understanding every line of source code. You
> have argued, and I agree, that this requires trust.
>
> I use it just because I haven't found anything better (privacy-wise).
Appeal to Futility. :-(
>
> Coz it's fast like hell? Coz it's as fast as Links2 or Dillo but much more
> usable?
Hell yeah, it is! Links2 sux.
--
Caleb Herbert
OpenPGP public key: http://bluehome.net/csh/pubkey
signature.asc
Description: This is a digitally signed message part
> I appreciate that, but since then you have seemed to only mistrust free
> software developers by default, refusing to accept their software if you
> can't understand every line of code yourself to prove that it is perfect,
> while you seem quite trusting of Google, putting the burden on
80 matches
Mail list logo