Skip to main content


New pajama

I may have been sewing myself a new pajama.


It was plagued with issues; one of the sleeve is wrong side out and I only realized it when everything was almost done (luckily the pattern is symmetric and it is barely noticeable) and the swirl moved while I was sewing it on (and the sewing machine got stuck multiple times: next time I'm using interfacing, full stop.), and it's a bit deformed, but it's done.

For the swirl, I used Inkscape to Simplify (Ctrl-L) the original Debian Swirl a few times, removed the isolated bits, adjusted some spline nodes by hand and printed on paper. I've then cut, used water soluble glue to attach it to the wrong side of a scrap of red fabric, cut the fabric, removed the paper and then pinned and sewed the fabric on the pajama top.
As mentioned above, the next time I'm doing something like this, some interfacing will be involved somewhere, to keep me sane and the sewing machine happy.

Blogging, because it is somewhat relevant to Free Software :) and there are even sources, under a DFSG-Free license :)
Questa voce è stata modificata (13 ore fa)
Nice! And I have the same FSF Europe sticker on my laptop :-)


mjg59 | Android apps, IMEIs and privacy

There's been a sudden wave of people concerned about the Meitu selfie app's use of unique phone IDs. Here's what we know:


Private Internet Access match extended - Just one week! - Software Freedom Conservancy

The Software Freedom Conservancy provides a non-profit home and services to Free, Libre and Open Source Software (FLOSS) projects.
I did renew, but it seems that I forgot to post here about the match, luckily it seems I'm still just in time.


Please help DebianMobile!

If you care about open hardware and free software, if you care about a trustworthy operating system in your pocket, please consider to help getting Debian run on mobile devices. Join the effort and let's see, what can be achieved. Currently, this is a hackers/developers party, there is not much for end users, yet, so please be warned and don't hold your breath. #debian #debianmobile #openhardware #freesoftware #mobile #handheld #pyra #neo900 #zerophone

Mobile - Debian Wiki

@Gruppo Linux Como


Modern XMPP Server

I've published a new HOWTO on my website:

Enrico already wrote about the Why (and the What, Who and When), so I'll just quote his conclusion and move on to the How.

I now have an XMPP setup which has all the features of the recent fancy chat systems, and on top of that it runs, client and server, on Free Software, which can be audited, it is federated and I can self-host my own server in my own VPS if I want to, with packages supported in Debian.


I've decided to install prosody, mostly because it was recommended by the RTC QuickStart Guide; I've heard that similar results can be reached with ejabberd and other servers.

I'm also targeting Debian stable (+ backports); as I write this is jessie; if there are significant differences I will update this article when I will upgrade my server to stretch. Right now, this means that I'm using prosody 0.9 (and that's probably also the version that will be available in stretch).

Installation and prerequisites

You will need to enable the backports repository and then install the packages prosody and prosody-modules.

You also need to setup some TLS certificates (I used Let's Encrypt); and make them readable by the prosody user; you can see Chapter 12 of the RTC QuickStart Guide for more details.

On your firewall, you'll need to open the following TCP ports:

  • 5222 (client2server)

  • 5269 (server2server)

  • 5280 (default http port for prosody)

  • 5281 (default https port for prosody)

The latter two are needed to enable some services provided via http(s), including rich media transfers.

With just a handful of users, I didn't bother to configure LDAP or anything else, but just created users manually via:

prosodyctl adduser

In-band registration is disabled by default (and I've left it that way, to prevent my server from being used to send spim).

prosody configuration

You can then start configuring prosody by editing /etc/prosody/prosody.cfg.lua and changing a few values from the distribution defaults.

First of all, enforce the use of encryption and certificate checking both for client2server and server2server communications with:

c2s_require_encryption = true
s2s_secure_auth = true

and then, sadly, add to the whitelist any server that you want to talk to and doesn't support the above:

s2s_insecure_domains = { "" }


For each virtualhost you want to configure, create a file /etc/prosody/conf.avail/ with contents like the following:

VirtualHost ""
enabled = true
ssl = {
key = "/etc/ssl/private/";
certificate = "/etc/ssl/public/";

For the domains where you also want to enable MUCs, add the follwing lines:

Component "" "muc"
restrict_room_creation = "local"

the "local" configures prosody so that only local users are allowed to create new rooms (but then everybody can join them, if the room administrator allows it): this may help reduce unwanted usages of your server by random people.

You can also add the following line to enable rich media transfers via http uploads (XEP-0363):

Component "" "http_upload"

The defaults are pretty sane, but see for details on what knobs you can configure for this module

Don't forget to enable the virtualhost by linking the file inside /etc/prosody/conf.d/.

additional modules

Most of the other interesting XEPs are enabled by loading additional modules inside /etc/prosody/prosody.cfg.lua (under modules_enabled); to enable mod_something just add a line like:


Most of these come from the prosody-modules package (and thus from ) and some may require changing when prosody 0.10 will be available; when this is the case it is mentioned below.

  • mod_carbons (XEP-0280)
    To keep conversations syncronized while using multiple devices at the same time.

    This will be included by default in prosody 0.10.

  • mod_privacy + mod_blocking (XEP-0191)
    To allow user-controlled blocking of users, including as an anti-spim measure.

    In prosody 0.10 these two modules will be replaced by mod_privacy.

  • mod_smacks (XEP-0198)
    Allow clients to resume a disconnected session before a customizable timeout and prevent message loss.

  • mod_mam (XEP-0313)
    Archive messages on the server for a limited period of time (default 1 week) and allow clients to retrieve them; this is required to syncronize message history between multiple clients.

    With prosody 0.9 only an in-memory storage backend is available, which may make this module problematic on servers with many users. prosody 0.10 will fix this by adding support for an SQL backed storage with archiving capabilities.

  • mod_throttle_presence + mod_filter_chatstates (XEP-0352)
    Filter out presence updates and chat states when the client announces (via Client State Indication) that the user isn't looking. This is useful to reduce power and bandwidth usage for "useless" traffic.

@Gruppo Linux Como @LIFO
@lifo blog
Questa voce è stata modificata (1 settimana fa)


Modern and secure instant messaging

Conversations is a really nice, actively developed, up to date XMPP client for Android that has the nice feature of telling you what XEPs are supported by the server one is using: Some days ago, me and Valhalla played the game of trying to see what happens when one turns them all on: I would send her screenshots from my Conversations, and she would...

Amazon n'a vraiment aucune pitié pour les pauvres consommateurs américains!

amazon echo - How can I stop Alexa from ordering things if it hears a voice on TV? - Internet of Things Stack Exchange

#amazon #alexa

How can I stop Alexa from ordering things if it hears a voice on TV?

According to The Register, lots of Amazon Echo devices were accidentally triggered by a presenter saying 'Alexa ordered me a dollhouse'.
Telly station CW-6 said the blunder happened during a Thu...
Fabio 2 settimane fa
"Alexa, ordinami un panino coppa e formaggio. codice autorizzazione: 1. 2. 3. 4."

Elena ``of Valhalla'' 2 settimane fa
@Fabio Dobbiamo registrare una nuova puntata dell'OpenCast...


Federated XMPP chat (and more) with Movim: A success story

Some fundamental information about the XMPP based movim social network.

#xmpp #jabber #movim #federation #freesoftware #socialnetwork #php

Federated XMPP chat (and more) with Movim: A success story

There are many reasons to be unhappy with current social media sites and chat applications. For a long time, there was no viable alternative, especially not, if you wanted usability and integration. Now there is hope, with Movim.
The downsides of OSNs
Online Social Networks, such as Facebook or Go


Campaign Extension

To make a long story short, we're extending the Open-V campaign by 45
days and hope to release some exciting news very soon to justify this
Hopefully, they will find an agreement with the orgs they are talking with and they will manage to have a successful project even if the crowdfunding wasn't enought.

(I did notice that the HiFive1 did raise a similar amount of money - and possibly the bit more the got came from when people were losing any hope that Open-V could make it.)


Writing for others

What your users want the software to do is only one aspect of their needs when it comes to any programming you do. In addition there's the aspect of where they want it to work. Now, I'm not going to suggest that you must make your software work everywhere. But I am going to suggest that you need to consider where your users live in terms of their software environment.
(btw, all of the yakking blog is quite a recommended read if you are interested in writing Free Software)


Happy Public Domain Day!

Seventy years after their respective deaths, the works of - Alfred Stieglitz, US-American photographer, see here- Alfred Rosenberg, Baltic German philosopher, ideologue of the Nazi Party - Gerhart Hauptmann, German dramatist and novelist, Nobel Prize winner in Literature in 1912 - Gertrude Stein, US-American novelist, poet, playwright, wrote one of the first "coming out stories" - H. G. Wells, Engish "father of science fiction" (The Time Machine, The War of the Worlds) - John Maynard Keynes, British economist, co-inventor of the Bretton Woods system - László Moholy-Nagy, Hungarian painter and photographer - Manuel de Falla, Spanish composer - Patty Hill, co-composer "Happy Birthday to You", which led to a lot of copyright issues- Paul Lincke, German composer and theater conductor, "father" of the Berlin operetta and composer of the (unofficial) Berlin anthem

and many more finally became public domain today.

Public Domain Day also reminds us of the over-extended copyright periods that harm culture in favour of benefit for few. Copyright should, similar to patents, term 20 years after publication instead of 70 years (rounded, so this can go up to almost 71 years) after creators death.

#publicdomainday #freeculture #cc0

Alfred Stieglitz


Tumblr: mad-dame-zou (Just rockin' and rollin')

/me fully agrees on what MadameZou is saying on the topic.

(except for her ideas on pizza kebab (not my favourite, but it isn't so bad) and pineapple on pizza (YKINMKBYKIO, as long as you don't get near me with that thing). I do agree however that the pizza speck and mascarpone from her town is delicious. And I am partial to apples and gorgonzola, which is quite widespread in the north and considered blasphemous in the south.)

On an hopefully more useful note, bad pizza is widespread in Italy, even in the traditional pizza areas, especially (but not only) in the more touristic restaurants where they think they can get away with it because their customers aren't coming back anyway. If you can ask some local for recommendations you have higher hopes to get a good one, but it has to be a pizza-lover local and remember that different parts of Italy have quite different ideas on how pizza should be (It can vary between very thin (~1mm) and crunchy to 4-5 cm high and quite soft), and the results will vary because of that.
Questa voce è stata modificata (4 settimane fa)
Fabio 4 settimane fa
Not to speak of the lardo, pomodorini and rucola one.

No no. Let's speak about: where? (let's speck!)

Elena ``of Valhalla'' 4 settimane fa
@Fabio : in the town in the north of Tuscany where mad-dame-zou lives.

Do we want to go there to visit her? parliamone :D

@Diego Roversi


Mailpile: Too Cool for PGP

Some kids are just too cool for school.

And some security experts are too cool for OpenPGP.

It's almost become a rite of passage for security folks: work in the trenches, build a reputation, climb the ivory tower, write a detailed epiphany about why you've given up on PGP. Suggest we all buy an iPhone and use Signal, start giving people phone numbers instead of e-mail addresses......


xmpp web client

Dear lazyweb,

I'm setting up an xmpp server for myself and my family, and that's the easy part.

Now my problem is that some of my relatives can't install a real client everywhere, because reasons, and would need a web interface to be able to connect at least some of the time, and this is where I'm having problems.

Does anybody know of such a client that is still under development (even in mostly maintenance mode, but not completely abandoned), and has a decent chance to work?

Of course it has to be free software, and installing it on my own server shouldn't be a nightmare (lots of bonus points if it is already in Debian, a bonus point or two if at least it is reasonably easy to package).

@debacle uhm, is strophe actually still maintained? from the PTS I've tried the link to the homepage, the watch file one and the git repo in copyright, but they all redirect to a page ( ) that doesn't seem to have any information about it.

I will ping the maintainer of JSXC (just as I've just pinged the maintainer of profanity, because this morning is "ping the maintainers of xmpp stuff day" :) )

(I mean, moving to your own xmpp server isn't fun enough if you don't also try to change your client, is it?)

debacle 2 mesi fa
Yes, strophe has a new homepage. The last git commit was only two days ago and a release eight days ago. Pretty active, it seems.


Mining for Education

How would you feel if all the food in your child’s school canteen were provided by one manufacturer of packaged snacks and soft drinks? How would you feel if your child’s diet were limited to crisps, cheese-flavoured tortilla chips, and sugary, carbonated beverages, with no chance of a healthier alternative?
I *cough* may have played minetest *sometime*, but I didn't know that there were also some education-oriented mods.

My fight against CDN libraries

A very nice writeup and awesome work by David Revoy of the Pepper & Carrot webcomic:

A CDN ( acronym for Content Delivery Network ) library is often a single line of code proposed "generously" by an external service to let you link and embed a complex features, the easy way. A common example is Google Web Fonts:

<link href="" rel="stylesheet">

Paste this line in the header of your website and 'tadaaa!', you can use the font 'Lobster' to decorate all your texts. Easy, quick, efficient and fast to load. Merci Google. So, what's the problem?

Well a big one: Privacy of the readers of Pepper&Carrot. In our example, users of Google Web Fonts are bound by Google's privacy policy. It allows Google to collect a large amount of data about readers: log data (e.g. browser version), location data (the IP address of your site's visitors) and more because they can track your path or history threw all the website using their other networks of CDN.

... And I didn't had a CDN only for Google Web Font. I had also a CDN for Addthis (easy social-networks buttons), Gravatar (easy avatars), Font-awesome (easy icons), etc... As many, many website around!

Read the full post at his blog!

#privacy #web #openculture #comics

My fight against CDN libraries

Official homepage of Pepper&Carrot, a free/libre and open-source webcomic about Pepper, a young witch and her cat, Carrot. They live in a fantasy universe of potions, magic, and creatures.