Re: [Trisquel-users] External HDD preparation best practices
Got it, thanks.
Re: [Trisquel-users] Llibreboot - SW vs HW methods for X/T60
I'm not in a situation where I have to defend myself all the time, at all costs. As long as I don't have a proprietary BIOS, anything beyond disk encryption and maybe stuff like grsec and the like is overkill. So I don't see the point nor do I have the need for a GRUB password. It would be an amazing waste of time to get into my house, re-flash and go away just to hope getting my decryption passphrase (else, why not just take the whole computer anyway?). I feel your answer assumes I defend propriety BIOS, but it's early, I'm already tired and I don't have the time to dig much further. My point is that the suggested extra security is most likely extra burden since the probability for such an attack is so low. Plus the user base is so small I doubt it's even worth the time and effort. I mean you can harden your machine forever, it will never be safe unless you never turn it on. On that security spectrum (extreme but useless security to zero security but very useable): - GRUB password can be useful, but not that likely to actually be useful for most people. As you said, unwanted software reflashing would require root access. - Not being able to prevent software reflashing still allows for hardware reflashing, which is a highly unlikely scenario. There's no money in there, and too many risks.
Re: [Trisquel-users] Llibreboot - SW vs HW methods for X/T60
Actually more the other way around: "Why do it with the hardware method (which seems more cumbersome) when you can use the software method instead?"
[Trisquel-users] Yahoo suffers world's biggest hack affecting 1 billion users
They just discovered an even larger hit https://www.yahoo.com/news/yahoo-says-hackers-stole-information-221214183.html
[Trisquel-users] Re : pip installer
It exists. It is called "Trisquel's repository". It has many Python packages.
Re: [Trisquel-users] Root disk full; apt-get clean, apt-get autoclean & apt-get autoremove don't work for me
OK ... synaptic worked for me. First, I was cautious, and removed only one linux-headers-3.13.0.46-lowlatency. When that released a modest amount of disk space, I rebooted and applied synaptic's search-&-destroy to all but the latest three - all but the three-digit numbered linux-headers. That freed up about 8GB, which is plenty for the foreseeable future. Thanks for your interest & suggestions !
[Trisquel-users] Re : External HDD preparation best practices
That would be for Nautilus' developers... but they will probably ask you to use the latest version of Nautilus to confirm that the bug still exists.
Re: [Trisquel-users] pip installer
This isn't a bad idea, but the process isn't transparent. Also, that don't solve the main problem. The better idea is create a separate repository with only free software with free dependencies. This will help to spread the message than non-free software is injust and unethical, and with this persuade PyPI mantainers to only include free software in their repos.
Re: [Trisquel-users] Llibreboot - SW vs HW methods for X/T60
On 14/12/16 22:05, m...@ruggedinbox.com wrote: > As for security (for the overly paranoid), > if someone reflashes the CPU (assuming he can have full access for a > long time, like when stealing it), as long as your drive is encrypted, > I don't see any advantage in allowing re-flashing through hardware only. > I suppose a GRUB password can be a hurdle to prevent software > re-flashing. > > But again, what's the point in securing this part? It's not like it's > likely to happen, and even if it does, it's not like you wouldn't > notice since you wouldn't be able to boot. > I mean the attacker would need the exact naming you used while setting > up Libreboot. You are almost right, but not there. What is reflashed is not the CPU, is the BIOS. What happens is the BIOS is reflashed even though the hard drive is encrypted? The reflashed BIOS would be backdoored, and in spite of encryption would be able to use the network connections to deliver any information from your computer to an outside spy. So you've got a safe BIOS, and you want to ensure it keeps being safe. What kind of attacks can you prevent? -Remote attack: some malicious code manages to enter your computer, get executed, and rewrite the BIOS. But this is not really different than getting rooted. It's like a rootkit, but in the BIOS rather than the hard drive. So in order to prevent it, you just need to follow the usual security measures that prevent getting rooted. -Physical attack: some attacker gets your computer and rewrites the BIOS, either by hardware (with an external computer) or software (booting from an USB drive). Both require physical access to your machine during about 15 minutes. The problem here is not your computer being stolen; the problem is when your computer is *not* stolen and you unsuspectedly continue using it without knowing it is backdoored and everything you do is being sent to spies (well, pretty much as having Microsoft Smart Screen activated) The GRUB password can be a hurdle to prevent software re-flashing? Yes, of course... but then, the BIOS chip could be unwelded from the motherboard and replaced by other BIOS chip chosen to be similar to yours... ...so, my point here...: Not only the BIOS chips needs to require a GRUB password in order to prevent rewriting of the BIOS booting from a USB drive, YOU need to require a password in order to ensure the BIOS that is in your computer hasn't been replaced! Think about it. -- Ignacio Agulló · agu...@ati.es
Re: [Trisquel-users] Llibreboot - SW vs HW methods for X/T60
I see. But even in that case, having access with a Live USB wouldn't change much, right? But sure, that way, they won't be using it at all.
Re: [Trisquel-users] Asus KFSN 4-DRE at the end of november 2016
It looks like it's the cheapest compatible case I can find (http://www.newegg.com/Product/Product.aspx?Item=N82E16811854018_mc=AFC-C8Junction_mmc=AFC-C8Junction-PCPartPicker,%20LLC-_-na-_-na-_-na_sp==10446076=3938566=), which costs just as much as the case :( 2 fans included, but no power supply. My goal is to have something as silent as possible (hopefully less than the X200). Any input welcomed, as usual.
Re: [Trisquel-users] Llibreboot - SW vs HW methods for X/T60
Indeed. That's why I wrote "secure". In my case, I'm sharing a flat with a bunch of people. I don't want their friends to "use" my laptop at all, even with live distro on USB stick (even if they don't know what it is lol) The daunting welcome screen with GRUB password prompt is enough to scare them and press shutdown.
Re: [Trisquel-users] Llibreboot - SW vs HW methods for X/T60
Frankly, that's overkill. It's wasted effort. Encryption is enough, who cares if some ninja re-flashes my machine with some fake Libreboot, that would maybe record my passphrase or something? It's extremely unlikely such a scenario can happen. Plus, if we're talking about workstations, if the said ninja has access to the computer, it's faster and easier to switch the CPU for his. So hardening the access to re-flashing is even more pointless to me.
Re: [Trisquel-users] Black screen at booting
It won't help much. Try to remove quiet on GRUB_CMDLINE_LINUX_DEFAULT in /etc/default/grub to get a verbose boot and be able to see if something is slowing down the boot.
Re: [Trisquel-users] "Best" computer with libreboot?
Have a look at this then: http://www.computerhope.com/issues/ch001380.htm Most likely, the X or T60 are less powerful than the others (older CPUs mainly).
Re: [Trisquel-users] Llibreboot - SW vs HW methods for X/T60
Can it be re-flashed the SW method afterwards? By default, yes, but I think you can prevent it. Yes, that's what I tried to say, if the CPU is re-flashed, it doesn't give you access to the HDD or SSD if encrypted.
Re: [Trisquel-users] Decent tutorial on setting up Claws-Mail
True Superalas this day and age video tutorials serve well. :) I have that manual printed and stored in a folder on desk. hehe
Re: [Trisquel-users] "Best" computer with libreboot?
Thanks. I have (of course) looked at that list, but - probably due to my lack of knowledge - I can't figure out from that, which machine/configuration is most powerful. I found a list of all configurations of all Thinkpads ever produced (apparently) but there are literally hundreds of configurations and I don't have the overview. Can one say generally that T60, X60, T400 or T500 is 'stronger' than others?
Re: [Trisquel-users] Llibreboot - SW vs HW methods for X/T60
Oh, your question is formulated like: "Why do it with the software method when you can use the hardware method instead?" Or am I reading this wrong?
Re: [Trisquel-users] Please contritube to Trisquel 8!
Salman, I would like to offer assistance with the wiki and other roles are possible as well. ;)
Re: [Trisquel-users] Llibreboot - SW vs HW methods for X/T60
Some Libreboot compatible mobo / laptops require hardware flash the first time, some are able to be flashed from software (with flashrom) while running factory bios. Once Libreboot is flashed, it is always possible to flash from software. So if you want to stay somehow "secure", you want to put a password in the GRUB payload to prevent someone to boot a live distro and reflash from there.
Re: [Trisquel-users] Hi everyone
Here is an interesting list...have to check to see if they are Libre as well. https://alternativeto.net/software/skype/?license=opensource
Re: [Trisquel-users] Llibreboot - SW vs HW methods for X/T60
Can you explain this in an even clearer way? If libreboot is first flashed by the HW method, can it be re-flashed the SW method afterwards? But anyway, would it not be impossible for an adversary to gain access to your files on a fully encrypted harddisk even if s/he re-flashed the computer?
Re: [Trisquel-users] "Best" computer with libreboot?
have a look here: https://libreboot.org/docs/hcl/ As for configuration, it's as good as you can afford.
Re: [Trisquel-users] Llibreboot - SW vs HW methods for X/T60
Hence the question: Why bother with the HW method.
Re: [Trisquel-users] Llibreboot - SW vs HW methods for X/T60
It sounds much easier indeed. As for security (for the overly paranoid), if someone reflashes the CPU (assuming he can have full access for a long time, like when stealing it), as long as your drive is encrypted, I don't see any advantage in allowing re-flashing through hardware only. I suppose a GRUB password can be a hurdle to prevent software re-flashing. But again, what's the point in securing this part? It's not like it's likely to happen, and even if it does, it's not like you wouldn't notice since you wouldn't be able to boot. I mean the attacker would need the exact naming you used while setting up Libreboot.
Re: [Trisquel-users] Root disk full; apt-get clean, apt-get autoclean & apt-get autoremove don't work for me
It is safe to remove all of them but the latest working one.
Re: [Trisquel-users] Please contritube to Trisquel 8!
Mangy Dog :) Thank you for your suggestion of using FYRE. I forget it, after your reply I remember back that I used it years ago. I think "I got you idea" on which is the compose technique on how to create those shiny backgrounds. Yes I'm agree, another thread specifically dedicated to Trisquel 8 art work would be a plus ;-) : Development of Trisquel 8.0 "Flidas" Software proposal by category : Art Work. That's a good point, but if I'm not wrong, I didn't find any categories on the fora. Nor for FLIDAS, neither for other categories, being difficult to make any idea on what is happening in any specific field. Anyway, I wish to hear your opinion-answer if it's worth it making custom Trisquel, splashes,icons, etc.. , or if by cons we are reiventing the wheel? Salut.
Re: [Trisquel-users] Root disk full; apt-get clean, apt-get autoclean & apt-get autoremove don't work for me
I will also consider the posibility of boon into a LiveDvd or LiveUSB and resize home and root partitions in order to give a little more space to root and less to home. You can use Gparted for this. But you should be cautious and backup just in case of (unpremeditated) data loss. Some times even to purge I have needed a little extra space i am not sure why.
Re: [Trisquel-users] Root disk full; apt-get clean, apt-get autoclean & apt-get autoremove don't work for me
Remember to be extra careful when removing Kernels :)
Re: [Trisquel-users] Could a Lutris fork be used to create a libre replacement for SteamOS?
yep, it is not like you, jodiendo and stas have the exclusive priority of the trolling keyboard mastery.. :)
Re: [Trisquel-users] Root disk full; apt-get clean, apt-get autoclean & apt-get autoremove don't work for me
First purge the old kernels using synaptic. Then install bleachbit and make it purge the useless crap that accumulated on your hardware during all this time. I used bleachbit on several laptops and distros, it is very safe and it won't purge anything that it should not. Consider unchecking though "memory" and "free disk space". The first is buggy, the second will safely wipe the free space on your hard drive so that it can not be recovered (it will not free space on your disk..). It is always a good idea to back up your data though.
Re: [Trisquel-users] Llibreboot - SW vs HW methods for X/T60
Well, if you use the software method you don't need a BeagleBoard and you don't have to touch the motherboard at all.
Re: [Trisquel-users] Hi everyone
>Because open source is not as good as free software. They share a few similarities but not enough of the critical ones are shared. They don't share a "few similarities", you are talking about the same exact software, only another naming, and behind the naming two opposite (because they are indeed opposite) philosophies. The opensource fan's first typical question is: is the code good? The free software enthusiast's question is: is the code libre, is it ethical? One is the philosophy of convenience and code quality, the other is the philosophy of ethics and social justice. But the software and the licenses are basically the same.
[Trisquel-users] "Best" computer with libreboot?
I find it difficult to figure out, which librebooted computer would have the "best" specs. Though it might require some reconfiguration, which configuration of which model would (probably) be the most powerfull computer with libreboot?
Re: [Trisquel-users] Hi everyone
Well, Nickman, I see your point, but skype is entirely proprietary - to "kick off of skype all the proprietary software" means erase skype. Skype was always proprietary.
Re: [Trisquel-users] Root disk full; apt-get clean, apt-get autoclean & apt-get autoremove don't work for me
hmmm... I don't know. I think reinstalling after you get all your important files onto a flash drive is a good idea. Then of course updating to wily Linux libre, is the next step
[Trisquel-users] Llibreboot - SW vs HW methods for X/T60
Apparently X60 and T60 can me flashed with libreboot by the hardware and the software methods respectively. When it is possible to do by HW method, why would you do it by the S method?
Re: [Trisquel-users] Could a Lutris fork be used to create a libre replacement for SteamOS?
Yeah... this is most definitely trolling on your part. heh.
Re: [Trisquel-users] Hi everyone
What I meant is being open source is better than being proprietary, but yes when I read your post, I have to agree with you, neither one is good. Free software is the best case scenario. Although, Google as much as I dislike some of their stances, you can at least reverse engineer their crap more easily. microsoft not so easily! But to be completely honest, That doesn't change the fact that all proprietary software is horrible whether it has open source elements or not. Because open source is not as good as free software. They share a few similarities but not enough of the critical ones are shared. Because open source doesn't bring freedom to mind. Stallman does say that after all. On an unrelated note though, is there any free software alternative to skype that can generate a phone number which you can use to call people with?
[Trisquel-users] Black screen at booting
hi, starting with gnulinux/trisquel im wondering if its possible to make the boot screen blank/black and maybe speed it up.
Re: [Trisquel-users] Hi everyone
waw I didn't know that were caddys for ssd trough the cd/DVD rom. Now I know!! Many thanks. I definitely will need one of those... I guess that is what is free information, free world, free society. Thanks a lot, again.
Re: [Trisquel-users] Libreboot: weird USB problems
A different USB issue, pasted from one of my older posts: Personally, I found out that a USB external audio card being plugged in on boot prevented Libreboot from starting up on an X200 (docked, at least). I need to unplug it, and plug it back before unlocking the drive the second time (you know, having to put the same passphrase twice). Note that I got rid of pulseaudio and strictly use alsa and jack (via qjackctl and alsamixer). I'll tell the Libreboot team when I'll figure out how to get back on their IRC node (last time I was banned (automatically) because I pasted some logs massively (I thought it would make one post instead of one per line... ).
Re: [Trisquel-users] External HDD preparation best practices
Just so you know, I noticed that after the drive being plugged for a while, the option for safely removing the drive disappears :( Gotta go through gnome-disks to stop the disks from spinning for a while after unmounting. I suppose this should be a bug report to whoever keeps taking care of this software. Should this be a distro-based bug report, or should I find out who deals with Nautilus?
Re: [Trisquel-users] What modern hardware can I use?
What about this? Not new, sure, but there's plenty of power potential, and at least the board itself is rather affordable.
Re: [Trisquel-users] Development of Trisquel 8.0 "Flidas" Software proposal by category : System Tools
I would like to point out that a good printer setup application is very important. on T7 we had to put on the gnome-printer-settings as I remember to get a good gui to setup printers. lolcat is essential..
Re: [Trisquel-users] Development of Trisquel 8.0 "Flidas" Software proposal by category : System Tools
I would like to add (if these were not listed before): mc iptraf mtr htop powertop mat gkrellm dsonf-editor? thanks
Re: [Trisquel-users] What modern hardware can I use?
> motherboards based on VIA chip-set Which are these?
Re: [Trisquel-users] What modern hardware can I use?
Is it known why talos selected this format? Is the hardware not suitable for an atx mainboard? Priced about 200usd?
Re: [Trisquel-users] Hi everyone
I'm sorry SuperTramp it was late when I posted that so I wasn't really thinking about what I was saying. What I meant to say is that if skype were it's own thing and all the proprietary software was kicked off of skype and replaced with free software that would be better.
Re: [Trisquel-users] Development of Trisquel 8.0 "Flidas" Software proposal by category : System Tools
gcc and g++ for compiling programs from the source code.
Re: [Trisquel-users] Decent tutorial on setting up Claws-Mail
Thanks for sharing!
Re: [Trisquel-users] Decent tutorial on setting up Claws-Mail
http://www.claws-mail.org/manual/claws-mail-manual.html
Re: [Trisquel-users] Could a Lutris fork be used to create a libre replacement for SteamOS?
>Do you actually play pokemon go? Or are you trolling. ;) Make an educated guess, mate :)
[Trisquel-users] Re : Please contritube to Trisquel 8!
Michat ;-) You may be interested in having a look at Fyre (available in Trisquel repo) this software has been used for all previous releases of Trisquel https://trisquel.info/fr/2.0-screenshots Fyre provides a rendering of the Peter de Jong map, with an interactive GTK+ frontend and a command line interface for easy and efficient rendering of high-resolution, high quality images Another thread specifically dedicated to Trisquel 8 art work would be a plus ;-) : Development of Trisquel 8.0 "Flidas" Software proposal by category : Art Work ?
