Skip to main content


Public Service Announcement on BDSM and other things

I think this is a good time to remind the Free Software World, especially the part of it based on a certain programming language¹, of the existence of this Debconf Talk (textual, not (too) titillating discussion of N S F W topics).

¹ one that is not my programming language, but even that programming language is ok if used on your own server with a consenting sysadmin.
Questa voce è stata modificata (1 settimana fa)


Leadership in Open Projects

This past weekend, I participated in a training for "Skogsmulle" leaders and it gave me a first hand view of why focusing on leadership of free and open projects is exactly the right thing to do. To give you some context before I talk about why this is relevant for


21 XMPP use-cases and the best ways to achieve them | Erlang Solution blog

If you're considering XMPP for your project but you are unsure if it can provide the functionality you need, you'll eventually end up here:

I'm pretty sure you'll be quite intimidated by such a long list of features and extensions. Fear not, help is here!


Edizione 2017 - DUCC-IT

La Debian/Ubuntu Community Conference Italia 2017 (in breve DUCC-IT 2017) è la quinta edizione dell'evento annuale che riunisce le comunità italiane di Debian e Ubuntu ma anche e soprattutto tutte le realtà italiane attive nel Software Libero, allo scopo di scambiare conoscenze, discutere della situazione attuale e conoscere altri sviluppatori e membri della comunità.
@Gruppo Linux Como


the morning paper: Thou shalt not depend on me: analysing the use of outdated JavaScript libraries on the web (adriancolyer)

Just based on the paper title alone, if you had to guess what the situation is with outdated JavaScript libraries on the web, you’d probably guess it was pretty bad. It turns out it’s very bad indeed, and we’ve created a huge mess with nowhere near enough attention being paid to the issue.


XMPP VirtualHosts, SRV records and letsencrypt certificates

When I set up my XMPP server, a friend of mine asked if I was willing to have a virtualhost with his domain on my server, using the same address as the email.

Setting up prosody and the SRV record on the DNS was quite easy, but then we stumbled on the issue of certificates: of course we would like to use letsencrypt, but as far as we know that means that we would have to setup something custom so that the certificate gets renewed on his server and then sent to mine, and that looks more of a hassle than just him setting up his own prosody/ejabberd on his server.

So I was wondering: dear lazyweb, did any of you have the same issue and already came up with a solution that is easy to implement and trivial to maintain that we missed?

uhm, and now that I've had breakfast I realize that you were using as the jid... sorry

Elena ``of Valhalla'' 4 settimane fa
from IRC:

<nicoo> Anyhow, the issue is that, for a X.509 cert to be valid for XMPP for, it needs to have either in its subjectAltNames (making it able to impersonate any other service on that domain, esp. HTTPS)
<nicoo> or it can have an SRV-ID in subjectAltName
<nicoo> Unfortunately, the CA/B rules don't allow CAs to issue SRV-ID names
<nicoo> There has been some tentative effort to change that, but it seems to be stalled:
<nicoo> Here is the matching Let's Encrypt thread:
<nicoo> I did actually offer to implement it in Boulder (and had a stab at that on a local fork) but it's pointless as long as nothing changes on the CA/B side


The Git Parable

Git is a simple, but extremely powerful system. Most people try to teach Git by demonstrating a few dozen commands and then yelling “tadaaaaa.” I believe this method is flawed. [...]

The following parable will take you on a journey through the creation of a Git-like system from the ground up. Understanding the concepts presented here will be the most valuable thing you can do to prepare yourself to harness the full power of Git...


Fair trade ebooks: how authors could double their royalties without costing their publishers a cent

My latest Publishers Weekly column announces the launch-date for my long-planned "Shut Up and Take My Money" ebook platform, which allows traditionally published authors to serve as retailers for their publishers...
This looks like an excellent way for authors to cut the middleman who is working against their interest while keeping the useful one.

Probably works better for established authors, but for everybody else there are also platforms like storybundle to help them become established; also the article mentions a variant managed by the publisher themselves for multiple authors.

It is also quite likely to work more in the interest of customers, see the way the shop sells to everybody and then takes care to find out which publisher should get the money depending on the location, and I didn't see the absence of DRM being mentioned, but really hope that it is the case, because Cory Doctorow.


Codes of Conduct

These days, most large FLOSS communities have a "Code of Conduct"; a document that outlines the acceptable (and possibly not acceptable) behaviour that contributors to the community should or should not exhibit. By writing such a document, a community can arm itself more strongly in the fight against trolls, harassment, and other forms of antisocia...


Tumblr: when did tumblr collectively decide not to use punctuation like when did this happen why is this a thing (Just rockin' and rollin')

#linguistic nerds being linguistic nerds :D

and gratuitous trolling to @Jacopo Girardi : see, the language EVOLVES!
Jacopo Girardi 3 settimane fa
No time to read all the... robb' lì, the messages in the thing that scrolls ;)


AMD Coreboot/Libreboot support -

AMD to consider Coreboot/Libreboot support. Contact AMD!!! Let them know there is demand.

In AMD’s AMA here , they say they will seriously consider releasing their Platform Security Processor (PSP) source code. This is their equivalent of the Intel Management Engine and would make AMD processors compatible with coreboot/libreboot.
Questa voce è stata modificata (2 mesi fa)


Jim Tolpin (@jimtolpin) • Photos et vidéos Instagram

#woodworking #danger

Instagram post by Jim Tolpin • Mar 5, 2017 at 12:38am UTC

812 Likes, 60 Comments - Jim Tolpin (@jimtolpin) on Instagram: “For those new to my feed...My annual cautionary photo of why table saws deserve utmost caution.…”


Blue capelet

A few weeks ago I was passing by the haberdashery stall at the market and saw some nice blue and white 5 cm high lace; I got back a few days later wearing my blue tunic, confirmed that the colors were matching and bought "3 meters, well, if it's not that much more *all* of it".

Then I stumbled on this, and while I didn't exactly read it (more like recognizing a few words and simple phrases here and there) the pictures were clean enough and I had an idea on how to use the leftover fabric from the blue tunic.


Making most of it, including attaching the lace and assembling the collar with iron-on interfacing took a couple of hours. Then I attached the collar and realized that it wasn't elastic enough and my head didn't enter in the capelet anymore. Unmaking and remaking that part took maybe 3-4 additional hours, in two days :(


Debian docker image is smaller than Oracle Linux 7

$ sudo docker image ls
debian jessie-slim 232f5cd0c765 2 days ago 80 MB
debian jessie 978d85d02b87 2 days ago 123 MB
oraclelinux 7-slim f005b5220b05 8 days ago 114 MB
because I can't resist sharing a bit of a size contest, especially when we're winning :)

Riflessioni non populiste
E poi leggi un bell' articolo sul sole

Cinque luoghi comuni dei «no-euro» da sfatare

La moneta unica è diventata il capro espiatorio di problemi che hanno tutt’altra origine. La realtà è decisamente diversa: i vincoli posti dall’euro sono minimi rispetto ai vantaggi goduti dal nostro paese, i cui problemi nascono altrove. Vediamo perché, con l’aiuto di alcuni grafici


Software Freedom Conservancy matching

Non-profits that provide project support have proven themselves to be necessary for the success and advancement of individual projects and Free Software as a whole. The Free Software Foundation (founded in 1985) serves as a home to GNU projects and a canonical list of Free Software licenses. The Open Source Initiative came about in 1998, maintainin...
There is still about one day left for your donation to count double


Untangling the duality of Free Software and Open Source

Back in December, John Mark Walker wrote an article on the relation between Free Software and Open Source. In his view, conflating Free Software and Open Source "is to undermine beliefs that are fundamental to free software and associated movement." The comments on his article revealed a different thinking from


Mobile-ish devices as freedom respecting working environments

On planet FSFE, there is starting to be a conversation on using tablets / Android as the main working platform.

It started with the article by Henri Bergius which nicely covers all practical points, but is quite light on the issues of freedom.

This was rectified by the article by David Boddie which makes an apt comparison of Android to “the platform it is replacing in many areas of work and life: Microsoft Windows” and criticises its lack of effective freedom, even when the OS was supposed to be under a free license.

I fully agree that lightweight/low powered hardware can be an excellent work environment, especially when on the go, and even for many kinds of software developement, but I'd very much rather have that hardware run an environment that I can trust like Debian (or another traditional GNU/Linux distribution) rather than the phone based ones where, among other problems, there is no clear distinction between what is local and trustable and what is remote and under somebody else's control.

In theory, it would be perfectly possible to run Debian on most tablet and tablet-like hardware, and have such an environment; in practice this is hard for a number of reasons including the lack of mainline kernel support for most hardware and the way actually booting a different OS on it usually ranges from the quite hard to the downright impossible.

Luckily, there is some niche hardware that uses tablet/phone SoCs but is sold with a GNU/Linux distribution and can be used as a freedom respecting work environment on-the-go: my current setup includes an OpenPandora (running Angstrom + a Debian chroot) and an Efika MX Smartbook, but they are both showing their age badly: they have little RAM (especially the Pandora), and they aren't fully supported by a mainline kernel, which means that you're stuck on an old kernel and dependent on the producer for updates (which for the Efika ended quite early; at least the Pandora is still somewhat supported, at least for bugfixes).

Right now I'm looking forward to two devices as a replacement: the DragonBox Pyra (still under preorders) and the THERES-I laptop kit (hopefully available for sale "in a few months", and with no current mainline support for the SoC, but there is hope to see it from the sunxi community).

As for software, the laptop/clamshell designs means that using a regular Desktop Environment (or, in my case, Window Manager) works just fine; I do hope that the availability of Pyra (with its touchscreen and 4G/"phone" chip) will help to give a bit of life back to the efforts to improve mobile software on Debian

Hopefully, more such devices will continue to be available, and also hopefully the trend for more openness of the hardware itself will continue; sadly I don't see this getting outside of a niche market in the next few years, but I think that this niche will remain strong enough to be sustainable.

P.S. from nitpicker-me: David Boddie mentions the ability to easily download sources for any component with apt-get source: the big difference IMHO is given by apt-get build-dep, which also install every dependency needed to actually build the code you have just downloaded.

P.S.2: I also agree with Davide Boddie that supporting Conservancy is very important, and there are still a few hours left to have the contribution count twice.