SVG are not pictures in the way you would consider a picture. See, you can
zoom inside of them infinitely without losing detail, so you know there is
code involved. It is considered (though I am not sure it has been proven)
that this code could be used to attack the browser. (doing more than
SVG pictures are actually potentially dangerous, that's why the Tor Browser
disables them if you move the security slider to a higher position. BUT I
don't know about png images. As for the file extension being enough to
prevent a file from executing code, it should be simple to test, if I
Agreed. You should also fully encrypt the hard drive (while we are at it,
harden the kernel, restrict applications, encrypt all files with GPG, etc
etc). However, adding a BIOS password will protect against some specific
situations. Like, you leave the laptop unattended for a short time and
Thanks!
Though usually I prefer to install from repos...
May I suggest adding this link?
http://www.insanitybit.com/2012/05/31/compile-and-patch-your-own-secure-linux-kernel-with-pax-and-grsecurity/
Grsec + linux-libre = damn secure linux kernel! Perfect for our GNU.
Actually following ESR would be a good thing... less work and more time, less
new features more security. Tor Browser uses ESR and works like a charm :)
I would love to have Icecat in Debian's repos, would like to try it out :)
just for the fun of it at least!
Thanks for those links.
It seems to me that this is all a big mess, and only time will solve
anything... people are trying to do things in one way and another, but
computers are so complicated that you always end up fucking up somehow...
Maybe the LibreSSL is a good approach, but it does
One question out of curiosity: can you set a BIOS password with Libreboot?
Since it is free software and there is no hidden master password, setting
such a password would make that machine quite secure :)
I know this has been subject of many debates since the news came out, and
while the situation might not be as bad as it seems, I do remember without a
doubt that Jacob Applebaum (one of the journalists that is helping releasing
the NSA documents and therefore has access to most information)
Correct
Being stripped down could be a good thing... since that would make the code
easier to maintain and audit when necessary.
Not that I think the GNU/Linux distros out there will start using it, BSD
distros might.
I like the idea of KISS software :)
webgl.disabled = true
WebGL is a potential security risk.
I noticed that in Tor Browser, that line is true. Could it be that the
NoScript addon handles that issue?
Anyway, I would encourage anyone to use NoScript. Even if you set it to allow
all by default, it will protect you from XSS
I am in a hurry right now, sorry for the short reply.
A quick websearch revealed these links:
https://www.techdirt.com/articles/20141229/06331329532/how-nsa-works-hard-to-break-encryption-any-way-it-can.shtml
Having a release date for the point releases would force the developers to
make sure that security updates were done in time.
Now, I understand that Trisquel basically has one developer, Ruben, and it's
very hard for one man alone to do all this work by himself. Which is kinda
funny, seeing
I didn't know of this, but apparently OpenSSL has been forked by the OpenBSD
team into LibreSSL. Has been so for some time now, I just didn't know of it
yet. Their goal is apparently to make it more secure by making the code
easier to review by everyone. Modernizing the code, they say. What
Also, found this link
http://www.openbsd.org/papers/eurobsdcon2014-libressl.html
I am speaking from memory here but I think Jacob Appelbaum said in a speech
that SSH keys were broken and the NSA had made it not secure... Does that
apply to OpenSSH?
As for the transparent audit, I think (again from memory) that Theo de Radt
(the main guy behind OpenBSD) had refused to
YES!
Honestly I sometimes wish to go back to Trisquel, since Debian isn't very
polished and the software is outdated (even using the backports), but the
lack of security updates (in a timely manner) puts me away from that idea. I
think having point releases would help a LOT. That would at
It could be a problem of codecs on your system. Tor Browser allows for
gstreamer to be used which means that formats you play on your system should
also play on the browser. Try going to
about:config
search for media.gstreamer.enabled
and turn it false. Now go to youtube and try playing a
I think one chance would be to use GTA04 running Replicant and F-Droid repos
for OSMAnd.
Read this link
http://blog.replicant.us/2014/06/replicant-4-2-on-the-goldelico-gta04/ there
is a video showing support for it.
I think it would be nice setup. Also you got a music player on the pack :P
I don't know what you mean sideload them, but yes, you can either access
internet with usb cable or download the files for offline instalation.
also remember to enable seeing hidden folders.
After talking with Nico (who is the developer of Bananian, a Debian based OS
for the Banana Pi board, you can visit his website at www.bananian.org) the
Banana Pro has a wifi chip that is supported by an open source driver. I made
that specific question and his answer was this:
3.) The
Although that could be potentially good. It would make your computer a lot
more private and hard to track if everyone shared the same MAC Address ;)
But yes, sometimes people need the real MAC so it's a good idea to save it.
I know, but the idea is that we stop doing that. Just as an IP
can't/shouldn't be used to identify a user, same way a MAC address
can't/shouldn't.
Also, there is the very stupid (or very futuristic as someone called it) idea
of build our own networks, that I suggested in a thread in the
Just installing VLC or smplayer wouldn't solve that?
How did you curl'd the live streams? Any special option or parameter that you
had to insert? For example with the m3u8 links that were specified above, are
you able to curl them?
Is it possible to instead of using VLC to play the stream, use wget or curl
to download the stream into a file? One that you could later (or in real
time) play localy in your vlc or media player? If you try using wget or curl
with that link it will just download the m3u8 file itself. Not the
If you want to use Tor, just download the Tor Browser Bundle. It is simpler
(since it already has it's own tor session running) and is more secure (the
new security slider gives you more control without harming anonymity).
http://www.instructables.com/id/PCB-designing-and-isolationmilling-only-using-free/
Don't know much about this, but thought someone could read on it and be
useful to the community.
Thanks for the reply :)
I know it can be done with mplayer and vlc. But I am really interested in
learning how to do it with curl/wget.
Thanks anyway for your info :)
If anyone has knowledge about how to do it the way I intended please share :)
Hello,
Privacy by policy is no privacy at all.
First, no one is going to jail because of your privacy, even less when you
are using a free service and not paying them. So, even if the people behind
the project are honest, they still have to comply with the law. They log your
IP and
If you can, try contacting ioerror, Jacob Appelbaum, I remember him saying he
did that very same thing to prevent someone from feeding him a fake update on
Debian.
FSF.org and GNU.org have a lot of great information, and I totally support
the use of free software only. However, I would suggest that you take their
articles and opinions with a grain of salt. This isn't a religion you know,
not everything they say is right. In this particular context, I
I would have to disagree with the principle: freedom is not an issue of
easy or difficult. By that principle, Skype would be free because it is
(maybe) easier to use.
Now, I understand agree that if something is terribly hard to do on your own,
you should be free to use a service that
What about Bitmessage? Would that be a SaaSS? You store a part of the
encrypted database, but not all of it so you can't say that someone else is
not storing your encrypted email until you fetch it from the network (from
what I understand, please someone with more knowledge on Bitmessage
Hi,
I had never heard of this addon.
If I might ask, from what I know Firefox (Iceweasel, Icecat, Tor Browser,
etc) comes with built-in support for WebM and OGG, correct? Without any
additional codecs installed in your system, if you just install firefox, you
can play those formats online,
Hey, thank you so much for valuable and informative post! :)
Well, to be honest I have kinda made a decision, or two:
1. I will buy (probably) a banana pi, which is based on AllWinner A20. It's
better hardware than Olimex board I was mentioning (dual core, more ram,
better graphics) and I
I don't think that's viable. You see, AllWinner will keep making some of
their boards as long as there is a 5 units order. You can't possibly get
that in a single forum. Maybe if the FSF did it together with the EFF. But
they don't go with that kind of thing very much...
On the other
I am currently looking at Bananian (www.bananian.org) which I can't really
grasp if is fully free or blobed down.
Do you guys think the linux-libre scripts will work in armhf kernel?
Yes, blocking all by default and accepting each one request is safer... but I
am not sure if it will be simpler.
Anyway, that would avoid some stupid mistakes like running Tor and opening
links in regular browser :P
Allow to clarify.
RMS said he uses IceCat and Tor. Many people think that makes it OK. Well,
maybe in a freedom perspective (one can argue that IceCat is more free than
Firefox or Tor Browser, but from a user point of view they are the same).
However from a security and privacy perspective,
Thank you for the information!
Now if only the Tor Browser Bundle had an ARM release... Wishful thinking.
I hope at least the ARM repos of Debian have the latest Tor release, I can
use that running as service.
P.S.: In terms of security, Chrome is the best. Mozilla and Tor Project are
keeping tabs on their development so they can implement some of their
solutions. But from a privacy standpoint, Chrome is a nightmare compared to
firefox. That's why Tor Browser is based on Firefox. So you see, it's
And as for the software I used Open Shot. It's so far the best video editor I
have found under GNU/Linux. It is very simple for newbies, and still has a
lot of features for advanced users.
I cut the pictures using screenshots and GIMP.
The voice was synthesized online (see my post below).
I
Thank you for your useful contributions.
The board I am thinking about getting is a A13 from Olimex. I am just waiting
to get some more information (it turns out we have another user of such a
board here in the forum!) before I buy.
As for RMS... he used his computer offline and without GUI.
Why did you desoldered the wifi chip? Isn't that enough to disable the
driver?
I think this would be a good idea. If the code is mature enough that is.
https://goblinrefuge.com/mediagoblin/u/gnuser/m/torbirdy-hq/
HQ version available.
I guess you can't teach new tricks to an old dog :P
Maybe he could speak with the people from Tor Project. Try to suggest him
that.
I heard you the first time, no need to double post :P
Anyway, that's the problem, you get a fingerprint issue and one day that will
bite you right in the butt. For example, how many people do you think are
using IceCat with Tor and visit the FSF and GNU pages everyday? You can bet
that
Well, to each his own I think.
As for the other subject... Sorry man, that sucks :S
Censorship and surveillance are terrible things really, that is why I am such
a fan of Tor. Too bad that Tor only traffics TCP and most VOIP like Linphone
will use UDP. Skype can get by because:
1. They use
AFAIK Think Penguin has no machine with free BIOS.
AllWinner are still very limited, but they get more interesting every day.
And from a comment above, it seems you can use linux-libre with it, which
coupled with a Debian or a Ubuntu installation (where you could run
trisquelize script) you
I wish to avoid that. EVEN because you can only compile the Browser (they
explain that in their page, it's quite easy to compile the firefox modified
version, but not so much tor all itself), but like I said, if the Tor in the
repos is up to date, I will take a brave step and try building my
Why did you choose Ubuntu over Debian? Seeing as Debian is the officialy
supported distro for this board, what drove you to Ubuntu?
Btw, did you ever tried their Debian image? How did it perform?
I want only the part of the script that removes non-free packages.
That being said, I would LOVE if you could share the linux-libre work you
have done. Did you use some kind of debblober or did you took the already
existent linux-libre and worked on top of it?
Also why did you desoldered
Thanks for those!
It seems like a great project, and I wish them the best. I will keep tabs on
them too. But anyway, I would like to buy something this year (in the next
months probably). SO, I will probably go with a A13-Olinuxino-Wifi. I am just
waiting to get more information from
I couldn't be sure if the images provided by Igor are free or not, I couldn't
find sources.
Hello.
Thanks for commenting, was starting to think that nobody cared about Torbirdy
:P
I am not particularly proud of that video, it's just a slideshow and the
voice is not the best, but I felt it was important to have a video that
explained things in a simple way for everybody. The Tor
I watched his speech today too. I cracked up laughing when he said that. It
took Tor years, but it finally managed to convince even RMS to use the web :P
However, if IceCat user agent is unique... hum, RMS might be pretty easy to
follow online, lol. How many people use IceCat with Tor? He
Dude!! I was gonna post now about that exactly model!! I have been
investating and want to buy one of those! But I was worried about some issues
with it (which version of the boot program came pre installed, how free was
the android pre installed, the wifi, etc).
Could you please please
I know about ThinkPenguin and LibreTrend. Both are good projects. BUT none of
them have open BIOS, and none of them are as free and open like AllWinner
boards :)
Soon (a couple of months/years) we will be able to run GNU/Linux with full
GPU/VPU support for low cost!
Hello.
Thanks everyone for the info provided so far.
I have found this:
https://olimex.wordpress.com/2013/08/30/cedarx-for-allwinner-is-liberated/
As it seems, if one is going with a Single Board Computer (or a System on a
Chip, I don't know if these terms are meant to say the same thing),
Hey again.
Thanks for the comments again. Thank you leny2010.
Well, I have been doing a LOT of reading... and I am both much more informed
and much more confused :P
So, I will try to share my discoveries and my questions with you guys, maybe
we can work something together:
1. AllWinner
Could you please provide some links for those think client computer you
mentioned?
Thanks.
I know, that's the link I posted in my own thread... But it doesn't have all
the answers I am looking for.
That's why I created this thread.
for anonymity.
Keep in mind I don't use any of the emails that appear on the video.
https://goblinrefuge.com/mediagoblin/u/gnuser/m/torbirdy-presentation/
Addon to my post above: why do we have libre drivers for hardware in pcs and
not in tablets?? Is it really that different? How much hard would it be to
run Trisquel in a tablet for example?
Thanks for all the replies.
Well, expanding in my original post:
Cell phones are not secure because even from a hardware perspective the modem
(which is closed source and kinda like a black box) can access the microphone
directly. That allows the police and well connected crackers to spy on
Hi.
In a hurry right now, but would like to ask for input/insight into this:
cellphones are basically non-secure non-private non-free because of the close
baseband running inside, which can access the entire device. What about
wifi-only devices? From both a freedom perspective, security
Nope.
Linphone has video too.
Audio codecs are speex (16 and 8 KHz), gsm, pcmu, among others. I suggest
speex 16 as it is free and you get very good quality.
Video codecs are VP8, H264 and MPEG4. Of course, go with VP8 (H264 hasn't
worked for me for some reason).
It also has the ability to
Forgot to put the website: http://www.linphone.org/
Also, don't forget to go to media encryption and choose ZRTP. You don't want
them to hear what you say! (again, japanese chicks... kinky stuff... you
don't what them to hear you!!!)
Hello.
Having had the same problems, I would suggest Linphone. Is free software and
it works very well in android, mac, linux, windows whatever.
Good luck with that japanese chick, I hear they are into kinky stuff ;-D good
luck my friend.
If you need help with linphone (which you probably
Hey there quantumgravity.
Well, being myself a user who uses TBB as the default browser for a long time
now, I can totally say that it's a fine browsing experience, and you won't
really miss anything. Just be careful, it might get addictive ;) Also, it's
not just the browser that got
well, it was a two different questions in one thing.
1. Can I get different pieces and make them work together (as in connect a
GPU and WIFI and MOtherboard that were not supposed to work together)?
2. Can I create a graphics card or a wireless card? As in, create it myself?
Make the
Agree. As you can see I was replying to quantumgravity post. I actually meant
to say that security and privacy are not easy to obtain. All the steps I
mentioned are not THAT hard, but they are nearly impossible to some friends
of mine that have the idea that computers were made to run
A stupid question: is it so impossible to build your own computer? For me it
sure is, but I wonder if a tech savvy person who is used to mod devices
could do it.
Apparently there is a home made laptop for sale (about 1500€ IIRC).
Yes, when you install Debian you install only FLOSS. Just like Trisquel.
Then you can install non free software if you want to. Just like Trisquel.
So, I don't understand why so much hate towards Debian (without which,
Trisquel wouldn't exist).
But yes, I was referring to that kernel, you can
I hate to bump my own threads, but if anyone could provide insight, I would
love to have some feedback :)
Thank you.
I know :P This voting system is just ridiculous, but I won't stop saying what
I believe in just because someone can censor me.
Also, this voting system might prove more harmful to the forum than to me. I
do know a thing or two about scripts, and it would be very easy to turn the
entire
gluglug laptop + trisquel + tbb would be a good start... but not the end of
it.
If you wanted to have a secure system that could protect your private
communications you would have to go a greater lenght.
I would suggest:
1. firewall, close all ports except 80 and 443.
2. use tbb, thunderbird
Hello.
I have performed a fresh install on my laptop, and I used full disk
encryption. If I want/need to install the OS again, to bring everything back
to the defaults, do I need to make new encryption (and wait for the long time
it takes to do so) or can I just install the OS inside the
My two cents:
TAILS is not a libre distro. It has been discussed in another thread.
However, I maintain my opinion that it certainly is the best distro one can
use in the specific user-case it targets, and they don't rely on just adding
proprietary software for any reason, so it's not as
Hey!
Don't feel bad mate :)
Me too feel that having the money to invest in a newer pc would be great, but
I am happy that I actually have a laptop to use that isn't broken. Life is
already expensive A LOT in many ways, computers are the last of our worries
most of the time.
HAVING said
I don't think any distro should be considered as prism breaking. I mean, we
know that the kernel Linux is too damn big and bloated anyway to be read by
someone and say ok, this code is free of backdoors and it has no security
bugs. Even the libre version (which is better than the vanilla
To answer my own questions:
http://usdb.animux.de/ has a lot of lyrics ready to be used in game. But
you need to get the mp3/ogg file yourself. Either rip from a CD or buy the
song online and use it. Sometimes you might get a different timing and it
won't work, but most of the songs
Hello thank you both for your replies.
After taking a look, I think Performous is a good choice. Now I have only
seen the songs that are available on the website. Is there any well known
website where one can download some more popular songs to use with it? Or
should regular midi files be
hello,
Does anyone know a free software game or program that can be used for a fun
time of karaoke? I don't need it to be anything special, even if is not a
game (without any points and so) but will play the instrumental and show the
lyrics it would be cool.
Any help?? :)
You know, google is not your friend... but duckduckgo and startpage are!
http://www.kali.org/
http://www.backtrack-linux.org/
Read the documentation and you will find most software is actually in the
reps. You can install in trisquel and use it. Same goes for TAILS, you don't
need to
Hello.
I have a computer in which I will install either Trisquel or Debian (probably
Debian, but still considering) and I want to use full disk encryption.
Problem is, I have the need to share this computer with a person who knows
very very little about computers, just the basic stuff. So,
As you can read in one comment I made above, I was only suggesting to read
the documentation, in order to use the FREE SOFTWARE that is used in those
distros. Most of it you can get in the reps. I also told NOT to use the
distros because they are non-free. So, it's not like I am linking to
Have you tried playing games like SuperTuxKart (max settings) on it? How well
does it handle that kind of graphics?
Just watched it, not bad. Nothing totally new and amazing, but interesting.
Well, I think we scared Lep away :P Maybe we diverted from the original
thread subject.
I think one good place for you to start would be reading the documentation on
BackTrack Linux. I am not suggesting you use the distro (which is probably
non-free) but just read the documentation, they
These are unknown waters for me. One question: if a device (keyboard or wifi
card or webcam) has software (firmware) written inside of it to be able to
work, but that firmware doesn't talk to the OS (only the driver makes the
connection between computer and device, OS and device) then we
Ok, so, TAILS doesn't ships non-free/closed-source drivers, but it has
non-free/closed-source firmware, is that correct?
From a freedom perspective that's bad, but from a security one, is that
dangerous, as in, can a firmware affect the users privacy somehow? I would
say that a keyboard's
I think we should give Snowden a break here... Just as we understand when a
guy has to use non-free software at work to keep his job (no matter the work
at a factory speech), we could argue that Snowden had to use a distro not
endorsed by the FSF to save his life. I mean, sure he could have
The boot is fast, but the encryption process takes very long. A normal
installation of Debian is about 30 mins, encryption takes hours. That's the
only problem with this method, which is very secure and I recommend :)
Sorry for a dumb question, but what means NFG?
Yes, you are correct, I think full disk encryption is the best option, but it
takes an awful lot of time.
501 - 600 of 1066 matches
Mail list logo