social.gl-como.it

Comunità

Seen in the window of a shop in Bézier

Immagine/foto

I think that either a word is missing, or there is something seriously wrong in there :)
 
Palms, buildings and cloudy weather with a high chance of rain

Immagine/foto

and then, not seen on the picture because privacy, a group of geeks typing on their laptops while sitting in sight of a swimming pool.

Yes, I'm at #Debian SunCamp, and other than some intermittent issues with the "sun" part this is preparing to be a good and hopefully productive time!
 

Debunk some Debian myths

Debian has many years of history, about 25 years already.With such a long travel over the continous field of developing our UniversalOperating System, some m...
 

mjg59 | Intel AMT on wireless networks

More details about Intel's AMT vulnerablity have been released - it's about the worst case scenario, in that it's a total authentication bypass that appears to exist independent of whether the AMT is being used in Small Business or Enterprise modes
 

Tails - Announcing the Tails Social Contract

We had written and adopted a Code of Conduct since our first public hackfest in Paris in 2014. This code was and is meant as a guide to make our public spaces welcoming and friendly to every sentient being. We have since then worked on a Social Contract which we proudly present today! ...
 

Comunità Debian @ducc-it 2017

Aaaaand back from https://www.ducc.it/ where I've met many members of the Debian and Ubunty communities in Italy, and had a chance to talk about the Debian Community (represented in the slide below :) )

Immagine/foto
(photo by erossi)

Yes, there was a hat...

(and there will be a longer post soon-ish. when it's ready.)

@Gruppo Linux Como
 

Comunità Debian @ducc-it 2017

Aaaaand back from https://www.ducc.it/ where I've met many members of the Debian and Ubunty communities in Italy, and had a chance to talk about the Debian Community (represented in the slide below :) )

Immagine/foto
(photo by erossi)

Yes, there was a hat...

(and there will be a longer post soon-ish. when it's ready.)

@Gruppo Linux Como
 

Back to the roots: FidoNet | blog.windfluechter.net

Back in the good old days there was no Facebook, Google+, Skype and no XMPP servers for people to communicate with each other. The first "social communities" were Bulletin Board Systems (BBS), if you want to see those as social communities.
@Gruppo Linux Como can we run a BBS node for the LUG? can we? can we? :D
 

Back to the roots: FidoNet | blog.windfluechter.net

Back in the good old days there was no Facebook, Google+, Skype and no XMPP servers for people to communicate with each other. The first "social communities" were Bulletin Board Systems (BBS), if you want to see those as social communities.
@Gruppo Linux Como can we run a BBS node for the LUG? can we? can we? :D
 

Duccit 2017

Se non lo sapevate, sapevatelo:

Edizione 2017 - DUCC-IT

16 talk in due giorni, con relatori dall'Italia e dal mondo. La Debian/Ubuntu Community Conference Italia 2017 (in breve DUCC-IT 2017) è la quinta edizione dell'evento annuale che riunisce le comunità italiane di Debian e Ubuntu ma anche e soprattutto tutte le realtà italiane attive nel Software Libero, allo scopo di scambiare conoscenze, discut...
@Gruppo Linux Como
 

mjg59 | Intel's remote AMT vulnerablity

Intel just announced a vulnerability in their Active Management Technology stack. Here's what we know so far.
A well-written analysis on the vulnerability that is being talked about quite a bit among (core|libre)boot users.
 

Comment 12 to: Typo Hunt: Empire Games - Charlie's Diary

Please do not report errors through the Kindle app.

Firstly, they don't get to the authors. (Or even the publishing folks, in some cases.)

Secondly, Amazon use some whacked algorithm to boot books off sale if too many errors are reported.

So reporting via Kindle won't fix errata, but it may get the book yanked off sale (and fuck my income stream)!
I guess that amazon doesn't want to promote low quality typo-ridden stuff to its customers, but not even forwarding those reports sounds quite unexpected.

(or maybe it's written in the app or something: I don't buy from Amazon, so I've never seen it.)
 

Public Service Announcement on BDSM and other things

I think this is a good time to remind the Free Software World, especially the part of it based on a certain programming language¹, of the existence of this Debconf Talk (textual, not (too) titillating discussion of N S F W topics).

¹ one that is not my programming language, but even that programming language is ok if used on your own server with a consenting sysadmin.
 

Riprendiamoci linux!

[PATCH] MAINTAINERS: Drain the swamp

Email message (" [PATCH]MAINTAINERS: Drain the swamp") from Donald Drumpf
 

Leadership in Open Projects

This past weekend, I participated in a training for "Skogsmulle" leaders and it gave me a first hand view of why focusing on leadership of free and open projects is exactly the right thing to do. To give you some context before I talk about why this is relevant for
 

21 XMPP use-cases and the best ways to achieve them | Erlang Solution blog

If you're considering XMPP for your project but you are unsure if it can provide the functionality you need, you'll eventually end up here:

http://xmpp.org/extensions/

I'm pretty sure you'll be quite intimidated by such a long list of features and extensions. Fear not, help is here!
 

Edizione 2017 - DUCC-IT

La Debian/Ubuntu Community Conference Italia 2017 (in breve DUCC-IT 2017) è la quinta edizione dell'evento annuale che riunisce le comunità italiane di Debian e Ubuntu ma anche e soprattutto tutte le realtà italiane attive nel Software Libero, allo scopo di scambiare conoscenze, discutere della situazione attuale e conoscere altri sviluppatori e membri della comunità.
@Gruppo Linux Como
 

Edizione 2017 - DUCC-IT

La Debian/Ubuntu Community Conference Italia 2017 (in breve DUCC-IT 2017) è la quinta edizione dell'evento annuale che riunisce le comunità italiane di Debian e Ubuntu ma anche e soprattutto tutte le realtà italiane attive nel Software Libero, allo scopo di scambiare conoscenze, discutere della situazione attuale e conoscere altri sviluppatori e membri della comunità.
@Gruppo Linux Como
 

the morning paper: Thou shalt not depend on me: analysing the use of outdated JavaScript libraries on the web (adriancolyer)

Just based on the paper title alone, if you had to guess what the situation is with outdated JavaScript libraries on the web, you’d probably guess it was pretty bad. It turns out it’s very bad indeed, and we’ve created a huge mess with nowhere near enough attention being paid to the issue.
 

XMPP VirtualHosts, SRV records and letsencrypt certificates

When I set up my XMPP server, a friend of mine asked if I was willing to have a virtualhost with his domain on my server, using the same address as the email.

Setting up prosody and the SRV record on the DNS was quite easy, but then we stumbled on the issue of certificates: of course we would like to use letsencrypt, but as far as we know that means that we would have to setup something custom so that the certificate gets renewed on his server and then sent to mine, and that looks more of a hassle than just him setting up his own prosody/ejabberd on his server.

So I was wondering: dear lazyweb, did any of you have the same issue and already came up with a solution that is easy to implement and trivial to maintain that we missed?
 

The Git Parable

Git is a simple, but extremely powerful system. Most people try to teach Git by demonstrating a few dozen commands and then yelling “tadaaaaa.” I believe this method is flawed. [...]

The following parable will take you on a journey through the creation of a Git-like system from the ground up. Understanding the concepts presented here will be the most valuable thing you can do to prepare yourself to harness the full power of Git...
 

1968 Demo Interactive - Doug Engelbart Institute

A cool new way to experience the 1968 "Mother of All Demos" with the late Doug Engelbart and his incredible team. Test drive today.
@Gruppo Linux Como
 

Fair trade ebooks: how authors could double their royalties without costing their publishers a cent

My latest Publishers Weekly column announces the launch-date for my long-planned "Shut Up and Take My Money" ebook platform, which allows traditionally published authors to serve as retailers for their publishers...
This looks like an excellent way for authors to cut the middleman who is working against their interest while keeping the useful one.

Probably works better for established authors, but for everybody else there are also platforms like storybundle to help them become established; also the article mentions a variant managed by the publisher themselves for multiple authors.

It is also quite likely to work more in the interest of customers, see the way the shop sells to everybody and then takes care to find out which publisher should get the money depending on the location, and I didn't see the absence of DRM being mentioned, but really hope that it is the case, because Cory Doctorow.
 

Codes of Conduct

These days, most large FLOSS communities have a "Code of Conduct"; a document that outlines the acceptable (and possibly not acceptable) behaviour that contributors to the community should or should not exhibit. By writing such a document, a community can arm itself more strongly in the fight against trolls, harassment, and other forms of antisocia...
 

AMD Coreboot/Libreboot support - Identi.ca

AMD to consider Coreboot/Libreboot support. Contact AMD!!! Let them know there is demand.

In AMD’s AMA here https://www.reddit.com/r/Amd/comments/5x4hxu/we_are_amd_creators_of_athlon_radeon_and_other/ , they say they will seriously consider releasing their Platform Security Processor (PSP) source code. This is their equivalent of the Intel Management Engine and would make AMD processors compatible with coreboot/libreboot.
 

xkcd: Listening

Follow the link to read the alt text, of course.
 

Jim Tolpin (@jimtolpin) • Photos et vidéos Instagram



https://www.instagram.com/p/BRPJJuyjnE4/?taken-by=jimtolpin

#woodworking #danger

Instagram post by Jim Tolpin • Mar 5, 2017 at 12:38am UTC

812 Likes, 60 Comments - Jim Tolpin (@jimtolpin) on Instagram: “For those new to my feed...My annual cautionary photo of why table saws deserve utmost caution.…”
 

Blue capelet

A few weeks ago I was passing by the haberdashery stall at the market and saw some nice blue and white 5 cm high lace; I got back a few days later wearing my blue tunic, confirmed that the colors were matching and bought "3 meters, well, if it's not that much more *all* of it".

Then I stumbled on this, and while I didn't exactly read it (more like recognizing a few words and simple phrases here and there) the pictures were clean enough and I had an idea on how to use the leftover fabric from the blue tunic.

Immagine/foto

Making most of it, including attaching the lace and assembling the collar with iron-on interfacing took a couple of hours. Then I attached the collar and realized that it wasn't elastic enough and my head didn't enter in the capelet anymore. Unmaking and remaking that part took maybe 3-4 additional hours, in two days :(
 

Debian docker image is smaller than Oracle Linux 7

$ sudo docker image ls
REPOSITORY TAG IMAGE ID CREATED SIZE
debian jessie-slim 232f5cd0c765 2 days ago 80 MB
debian jessie 978d85d02b87 2 days ago 123 MB
oraclelinux 7-slim f005b5220b05 8 days ago 114 MB
because I can't resist sharing a bit of a size contest, especially when we're winning :)
 
Riflessioni non populiste
E poi leggi un bell' articolo sul sole

Cinque luoghi comuni dei «no-euro» da sfatare

La moneta unica è diventata il capro espiatorio di problemi che hanno tutt’altra origine. La realtà è decisamente diversa: i vincoli posti dall’euro sono minimi rispetto ai vantaggi goduti dal nostro paese, i cui problemi nascono altrove. Vediamo perché, con l’aiuto di alcuni grafici
 

Software Freedom Conservancy matching

Non-profits that provide project support have proven themselves to be necessary for the success and advancement of individual projects and Free Software as a whole. The Free Software Foundation (founded in 1985) serves as a home to GNU projects and a canonical list of Free Software licenses. The Open Source Initiative came about in 1998, maintainin...
There is still about one day left for your donation to count double
 

Untangling the duality of Free Software and Open Source

Back in December, John Mark Walker wrote an article on the relation between Free Software and Open Source. In his view, conflating Free Software and Open Source "is to undermine beliefs that are fundamental to free software and associated movement." The comments on his article revealed a different thinking from
 
#encripted #im #groupchat #kontalk @Gruppo Linux Como

Kontalk 4.0.0 - final group chat release

After a very long time... Compared to beta6.1, there are just a few bug fixes. For those coming from 3.1.10, here is a quick list of changes: group chats toggle encryption per chat internal logging system sticky conversations new app icon by Giovanni Lauricella organize preferences by category more reliable registration procedure Group chats work fine, but as a community project we always need your feedback for both bugs and improvements. Don't hesitate to open bugs at GitHub or discus...
 

Mobile-ish devices as freedom respecting working environments

On planet FSFE, there is starting to be a conversation on using tablets / Android as the main working platform.

It started with the article by Henri Bergius which nicely covers all practical points, but is quite light on the issues of freedom.

This was rectified by the article by David Boddie which makes an apt comparison of Android to “the platform it is replacing in many areas of work and life: Microsoft Windows” and criticises its lack of effective freedom, even when the OS was supposed to be under a free license.

I fully agree that lightweight/low powered hardware can be an excellent work environment, especially when on the go, and even for many kinds of software developement, but I'd very much rather have that hardware run an environment that I can trust like Debian (or another traditional GNU/Linux distribution) rather than the phone based ones where, among other problems, there is no clear distinction between what is local and trustable and what is remote and under somebody else's control.

In theory, it would be perfectly possible to run Debian on most tablet and tablet-like hardware, and have such an environment; in practice this is hard for a number of reasons including the lack of mainline kernel support for most hardware and the way actually booting a different OS on it usually ranges from the quite hard to the downright impossible.

Luckily, there is some niche hardware that uses tablet/phone SoCs but is sold with a GNU/Linux distribution and can be used as a freedom respecting work environment on-the-go: my current setup includes an OpenPandora (running Angstrom + a Debian chroot) and an Efika MX Smartbook, but they are both showing their age badly: they have little RAM (especially the Pandora), and they aren't fully supported by a mainline kernel, which means that you're stuck on an old kernel and dependent on the producer for updates (which for the Efika ended quite early; at least the Pandora is still somewhat supported, at least for bugfixes).

Right now I'm looking forward to two devices as a replacement: the DragonBox Pyra (still under preorders) and the THERES-I laptop kit (hopefully available for sale "in a few months", and with no current mainline support for the SoC, but there is hope to see it from the sunxi community).

As for software, the laptop/clamshell designs means that using a regular Desktop Environment (or, in my case, Window Manager) works just fine; I do hope that the availability of Pyra (with its touchscreen and 4G/"phone" chip) will help to give a bit of life back to the efforts to improve mobile software on Debian

Hopefully, more such devices will continue to be available, and also hopefully the trend for more openness of the hardware itself will continue; sadly I don't see this getting outside of a niche market in the next few years, but I think that this niche will remain strong enough to be sustainable.

P.S. from nitpicker-me: David Boddie mentions the ability to easily download sources for any component with apt-get source: the big difference IMHO is given by apt-get build-dep, which also install every dependency needed to actually build the code you have just downloaded.

P.S.2: I also agree with Davide Boddie that supporting Conservancy is very important, and there are still a few hours left to have the contribution count twice.
 

Bradley M. Kuhn on paragraph 2 questions

Immagine/fotoImmagine/foto

Immagine/fotoImmagine/foto

Immagine/fotoImmagine/foto

Immagine/fotoImmagine/foto

Immagine/foto

From the answer to the last question on https://fosdem.org/2017/schedule/event/copyleft_defense/

# this_was_too_epic_not_to_do_this
# what_do_you_mean_this_is_not_tumblr?
# of_course_it's_not,_this_is_federated!
# also_my_screncapping_skills_are_not_tumblr_grade

And, for a person I know who complains about screencaps, this is the transcript:


but remember the GPL was designed to defend your freedom
and the conversation you're actually having is
how much freedom can we take away, please tell us!
and we say "you are not allowed to take away any freedom"
but can we take away a little bit of freedom?
well you have to ask a lawyer
why should we have to ask a lawyer how much freedom we can take away?
you should tell us how much we can oppress you
don't fall in that trap
 

Bradley M. Kuhn on paragraph 2 questions

Immagine/fotoImmagine/foto

Immagine/fotoImmagine/foto

Immagine/fotoImmagine/foto

Immagine/fotoImmagine/foto

Immagine/foto

From the answer to the last question on https://fosdem.org/2017/schedule/event/copyleft_defense/

# this_was_too_epic_not_to_do_this
# what_do_you_mean_this_is_not_tumblr?
# of_course_it's_not,_this_is_federated!
# also_my_screncapping_skills_are_not_tumblr_grade

And, for a person I know who complains about screencaps, this is the transcript:


but remember the GPL was designed to defend your freedom
and the conversation you're actually having is
how much freedom can we take away, please tell us!
and we say "you are not allowed to take away any freedom"
but can we take away a little bit of freedom?
well you have to ask a lawyer
why should we have to ask a lawyer how much freedom we can take away?
you should tell us how much we can oppress you
don't fall in that trap
 

New match sprint for Conservancy supporters

Announcing a new match sprint for 150 Supporters - Software Freedom Conservancy

Conservancy is excited to announce that an anonymous donor has agreed to match 150 new or renewing Supporters. They’ve challenged us to meet the goal quickly: the match starts now along with FOSDEM in Brussels, and runs about a week to the end of Monday, February 13 (noon on Tuesday, February 14 UTC).
If you're not a supporter yet (or you were, but didn't renew during the previous match), you have another chance for your donation to count twice, but it won't last long.

In case you're wondering why it is important to support Conservancy, you can look at the services they provide to Free Software projects.

I would also recommend looking at the video for Bradley M. Kuhn's keynote at FOSDEM, but it's still not available and may not be in time for the match sprint (so I recommend to donate first, watch the video later :) ).
 
Andfrnd Uploader Beta

URI: file:///sdcard/Android/data/de.wikilab.android.friendica01/cache/imgs/imgUploadTemp_1486228553373.jpg
File name: /sdcard/Android/data/de.wikilab.android.friendica01/cache/imgs/imgUploadTemp_1486228553373.jpg

Immagine/foto
 

Sniffami la usb

Lo sapevate? Potete sniffare cosa passa su USB:

https://www.kernel.org/doc/Documentation/usb/usbmon.txt

Ma non solo si puo' usare wireshark:

https://wiki.wireshark.org/CaptureSetup/USB

Non mi serve (per ora), ma e' meglio saperlo ...

Sapevatelo anche voi!

@Gruppo Linux Como
 

Sniffami la usb

Lo sapevate? Potete sniffare cosa passa su USB:

https://www.kernel.org/doc/Documentation/usb/usbmon.txt

Ma non solo si puo' usare wireshark:

https://wiki.wireshark.org/CaptureSetup/USB

Non mi serve (per ora), ma e' meglio saperlo ...

Sapevatelo anche voi!

@Gruppo Linux Como
 

Preseeding a debian installation on a libreboot computer

Preseeding a debian installation from the standard installer is as easy as pressing ESC at the right time and pointing it to the url of your preseed file, right?

It is, except when you're using libreboot, and you never pass through that “right time”, because you are skipping the installer's grub.

So, for future reference, here is the right incantation to use at the command line that you get by pressing c at the libreboot menu:


linux (usb0)/install.amd/vmlinuz auto=true url=http://webserver/path/preseed.cfg
initrd (usb0)/install.amd/initrx
boot


simple, once you've found it...

(ok, it took me less than one hour, but I don't want it to take another hour the next time)

#coreboot #libreboot #debian #preseed
 

Proclamation of User Rights | Crowd Supply

At Crowd Supply, we vet products not only for originality, usefulness, and feasibility, but also for their commitment to user rights. Below are the rights our users can expect and our creators agree to uphold. We’ve also provided an example of a way (but not every way) each right can be enacted in the covenant between user and creator.
This is a nice list of principles to evaluate products on.
 

Python Milano

Prendere pacchetti da pip e buttarli in un virtualenv è sicuramente una gran comodità, ma vuol dire eseguire sulle nostre macchine codice di provenienza non controllata, con potenziali conseguenze negative

Al contrario, le distribuzioni GNU/Linux, ed in particolare Debian offrono un ambiente più controllato, comunque ricco di codice, contrariamente a quanto si dice in giro non sono orrendamente datate, e in generale per quello che manca è facile contribuire, a vantaggio di tutti.

Speaker: Elena ``of Valhalla''
Mercoledì 22 febbraio dalle 19.00 alle 20.30 sarò all'incontro di Python Milano a parlare di perché non fare deploy basati su pip+virtualenv, ma sui pacchetti Debian (stable + backports), e di come aiutare Debian pacchettizzando quello di cui si ha bisogno e che eventualmente manca alla distribuzione.

Il posto è:

Mikamai/LinkMe
Via Giulio e Corrado Venini, 42, Milano, MI

http://osm.org/go/0CjFpsmJw--?m=
 

Collaboration with SiFive

Today, we're excited to announce a collaboration with
SiFive, a company founded by the creators of
RISC-V and dedicated to open source silicon. In the rest of this
update, we'll describe the collaboration in detail, what it means for
the Open-V microcontroller, and what it means to you, our supporters.
This collaboration lowered the required funding a bit, and in general looks like an overall improvement of both Open-V and the ecosystem, but they still need everybody's help for the campaign to succeed.

(I do wonder — and hope — if they are still working on something else to reduce further the amount of money needed from the crowdfunding)
 
nuovi vecchi