Salta al contenuto principale



Il bigino sugli alimentatori


Nel caso a qualcuno potesse interessare, un bigino sul funzionamento dei vari tipi di alimentatori:

global.tdk.com/news_center/pub…

( from: righto.com/2012/10/a-dozen-usb… )



One shasum to trust them and in known_hosts bind them.


The default behaviour of ssh in debian testing has changed a bit: now it uses ECDSA and shows SHA256 fingerprints by default instead of using RSA and showing MD5 fingerprints.

Of course, most listings of host fingerprints still only show MD5 fingerprints for an RSA key.

This is a way to ask a server for its keys and print their fingerprints, allowing some crosscheck.

$ ssh-keyscan -t rsa,ecdsa $SERVER > keys.pub && ssh-keygen -lf keys.pub -E md5
$ # check the results against the published listing
$ ssh-keygen -lf keys.pub

I can think of an attack on this: somebody could intercept the communication, send you the right RSA pubkey and their own ECDSA, and then redirect the communication toward their own host.

Relevant links:

permalink.gmane.org/gmane.linu…
bridge.grumpy-troll.org/2011/0…
enricozini.org/2008/tips/ssh-h…

(Post title courtesy of @Enrico Zini )



ssh authentication with an OpenPGP smartcard


I've decided I don't want to keep an ssh key on my traveling laptop, but I still need to be able to authenticate to a number of hosts (and expecially gpg repositories). I also have an OpenPGP smartcard (from the FSFE). A plan is starting to form.

There are a number of guides available, but many of those are obsolete; the following pages are from this decade:



I've had some success from outside X, now I need to find out where I should disable ssh-agent from starting every time a start an X session, so that gpg-agent can take its place.

@Gruppo Linux Como @LIFO #gnupg





Linux Day 2015
Inizia: Sabato Ottobre 24, 2015 @ 11:00 AM GMT+02:00 (Europe/Rome)
Finisce: Sabato Ottobre 24, 2015 @ 8:00 PM GMT+02:00 (Europe/Rome)
Il Linux Day è la principale manifestazione italiana dedicata alla promozione di GNU/Linux e del Software Libero; quest'anno si terrà il 24 ottobre in numerose città Italiane.</p><p>Il GL-Como e il LinuxVar organizzano quest'anno una edizione congiunta, ospitata presso l'Istituto Sant'Elia di Cantù.</p><p>gl-como.it/v2015/linux-day-201…
Posizione: <p class="map"><iframe style="width:100%; height:300px; border:1px solid #ccc" src="openstreetmap.org//export/embe… style="border: 1px solid black"></iframe><br/><small><a href="openstreetmap.org/?mlat=45.743… Ingrandito</a></small></p>





Fiera l'Isola che c'è 2015
Vi ricordiamo che sabato e domenica prossimi il GL-Como sarà presente con un banchetto alla Fiera dell'Isola che c'è

Passate a trovarci!



Introducing Comagick

3397

Comagick, or COMAGICK if you’re feeling fancy, is a free and open source ImageMagick-based language for writing sprite comics. You can check out the repo from Bitbucket.




End Summer Camp


Immagine/foto

Quest'anno all'ESC c'è stato un lieve maltempo (eufemismo), ma questa ne è stata la conseguenza :)

Alla fine dell'arcobaleno c'era un pentolone, e credo che a quell'ora fosse già pieno di gnocchi.




Finding people who have already signed your key


To be sure not to waste time during a ksp to meet people with whom I have already exchanged fingerprints, I decided to do a quick check of the list.

I had already downloaded a recent wotsap db to ~/.wotsapdb;

$ wotsap $MY_KEY &gt; signatures.txt

I've then edited the file, keeping just the signature sections:

This key is signed by, excluding cross-signatures:
[...]
This key is cross-signed with:
[...]
Keys signed by this key, excluding cross-signatures:
[...]

And then grepped the keys in the kps file in that list (maybe doing the reverse would have been better, whatever)

$ for K in `grep "^pub" ksp-dc15.txt | cut -c 15-22 ` ; do grep $K signatures.txt ; done

The first characters on each line tells you if it is a cross signature (X,X), if you have signed the key (-,X) or if they have signed your key (X,-), so that you can mark them on the ksp list as "ignore", "ask if there were problems with your fingerprint / ID", "ask whether they have received your signatures" as relevant.

I only had a few results, so the next step was done by hand.

blog (x)


Printing a 2965 lines text file


Let us image I have a reason to print a text file that is 2965 lines long, is encoded in utf-8 (so a2ps and enscript don't work) and I don't want to destroy a whole forest for it.

I've started by using xelatex to get a nicely typeset A5 page with my file in a monospaced font: partecipants.tex

\documentclass[a5paper]{article}
\usepackage{fontspec}
\usepackage[left=1cm,right=1cm,top=0.8cm,bottom=1cm,foot=0.2cm]{geometry}
\usepackage{listings}

\lstset{ %
  basicstyle=\ttfamily\scriptsize,
  frame=none,
  keepspaces=true,
}

\begin{document}
\lstinputlisting{ksp-dc15.txt}
\end{document}

This gets compiled into partecipants.pdf with

$ xelatex partecipants.tex

And resulted in 44 pages, 4 less than the 48 needed by a2ps, and printable on just 11 A4 sheets.

I wanted it to be easily manageable while walking around, taking notes into it while standing, so I decided to arrange it in booklet form:

$ pdfbook partecipants.pdf

The result, partecipants-book.pdf was printed (two sided, of course) folded and stitched in the middle.

I could have arranged it into signatures, but this would have required an additional sheet to bring the number of pages to a multiple of 16.

I know that there are electronic alternatives around, and I've also considered just carrying around the file and adding notes (to a copy?) with vim, but I'd trust a paper copy more.

blog (x)


Canonical, GPL compliance, restrictive IP policies, derivatives.


Yesterday, both the FSF and Conservancy announced that Canonical, Ltd. changed their Intellectual property rights policy in such a way that they no longer violate the GPL as it used to.

There are a number of personal comments on the matter by people involved in the case: Bradley M. Kuhn, Matthew Garrett and Jonathan Riddell; the TL;DR is that now the situation is fine from a legal point of view, and it has been solved in a shorter time than usual (just two years! speaking of lowered expectations...), but Canonical is still applying restrictions to non-GPL code that are out of place from a Free Software respecting entity.

This made me wonder about the hordes of tiny ubuntu derivatives out there, which are probably too small to attract attention and risk consequences, but are probably not in compliance with Canonical's policies. Should they rebase themselves on Debian, giving their trust to a community who believes in Free Software instead of a company with different priorities?

Should they start contributing upstream to Debian, and turn themselves into Debian Pure Blends? YES, but this is a different and wider matter :)



Underwear, again (still SFW)


Not worn for obvious reasons, but my first pair of split drawers, with a pattern inspired by a number of start-of-century manuals found on archive.org, but adapted to a more modern method.

These were made from an old bedsheet (and they show it, including bleach stains on the side not seen on the pictures), and I have to enlarge them a bit, but they are already wearable.

Detailed instructions to draft the pattern will be available... when ready (probably before the next debian stable release, probably) :)

sewing (x)


Mostly underwear (SFW*)


Lately I have been sewing a bit and since "daguerrotype or it didn't happen", this is a picture of me wearing mostly underwear :)

Shirt-waist wearable mock-up #1, from a wearing history pattern.My first corset, using the pattern from the corset-course by Lynoure; still requires flossing, which requires me deciding on a pattern :)5 gores skirt mockup, from a pattern on tudorlinks, to be used later as a petticoat. Because everybody needs a number of petticoats, but mainly because it was a simple enough pattern to try the Valentina pattern drafting software, which is starting to be usable (YAY!)* The picture may not be SFW if you are reading this post from a victorian/edwardian workplace :)
sewing (x)


Leap second on 31 march


A couple of days ago this appeared in my system logs

Mar 31 23:59:59  kernel: Clock: inserting leap second 23:59:60 UTC

my first reaction of course was "great! they gave us one second more of sleep! MY PRECIOUSSSS", but then I realized that yes, this year there was supposed to be a leap second, but it should have been in June, not in March.

Other people I know noticed the message, but nobody knew anything else about it, and duckduckgoing didn't find anything, so I'm asking the lazyweb: does anybody know what happened?

Update: it seems that this has been traced to a single layer1 ntp server.

blog (x)
Questa voce è stata modificata (9 anni fa)


Come promesso in #fieraElettronicaErba, qui ci sono i repository dei miei progetti 3D, completi in molti casi di impostazioni di slic3r per la stampa su 3DRag.

I più pubblici sono ancora anche su gitorious, ma devo migrarli altrove nei prossimi giorni.

@Gruppo Linux Como





Unless Lenovo can show some sign of understanding the gravity of this mistake, and undertake not to repeat it, then I'm afraid you will be joining Sony on my list of vendors I used to consider buying from. Sure, it's only a gross income loss of $500 a year or so, if you assume I'm alone in this reaction. I don't think I'm alone in being disgusted and angered by this incident.




DUCC-IT


Anche quest'anno si terrà la DUCC-IT, Debian Ubuntu Community Conference Italia: quarta edizione che si terrà a Milano Lambrate sabato 23 e domenica 24 maggio presso il TIM WCAP Accelerator di via Rombon 52.

È aperta la call for paper e chi vuole aiutare nell'organizzazione è il benvenuto, ma soprattutto partecipate: è un'ottima occasione per incontrare un po' tutto il mondo del Software Libero in Italia.

Tutte le info sul sito ufficiale: ducc.it/

@Debian @LIFO @Gruppo Linux Como





Cena della comunità Ninux Lombardia
La comunità lombarda di Ninux è lieta di invitarvi alla

Cena Ninux Lombardia

venerdì 20 febbraio alle 20:00 presso il Ristorante Masaniello
A Pero (MI) in via XXV Aprile 5 (45.5095,9.09146)

Tutti sono i benvenuti: ninuxiani ed aspiranti tali, lombardi e non,
curiosi, coniugi e parenti da convincere a dare autorizzazione
all'installazione di antenne (non garantiamo efficacia :) )
e chiunque altro sia interessato a conoscerci.

Per aderire, aggiungere il proprio nome o nickname (una riga per persona,
selezionando il segno di spunta anziché la X) al sondaggio entro giovedì
12 febbraio, in modo tale da permettere la prenotazione presso il ristorante.

Se avete particolari esigenze (vegetariani, carrozzine, ecc.) scrivete
pure in mailing list, e le comunicheremo al ristorante.

@Gruppo Linux Como



Funny dream


Tonight I've dreamt I was in some kind of computer store and somebody told me that I should always save a copy of my work, as a backup.

I looked at him thinking "you really want to talk about this subject", by SO looked at me as if thinking "oh, no! she's starting!" and then I went into full vcs-home evangelist mode.

I may have just a bit of a problem :)

Questa voce è stata modificata (9 anni fa)





Free Software - We Have the Capacity
When discussing the principles of Free Software, it is all too easy to make the mistake of emphasising one interpretation of Free Software idealism over another. You can frame it two unique ways: "Microsoft is bad" vs "Free Software is great."

One way of interpreting Free Software is in its inherent denouncement of proprietary code and the collective communities attitudes towards proprietary vendors such as Microsoft, Apple, and Adobe. "Proprietary software is bad, and so are the companies that make it," it could be said.

104151

Photo Credit: Defective By Design

But there's a far greater message to be had, and I think it needs to be emphasized to the fullest.

"We have the capacity."

It's easy to focus on the negativity of an opposing ideal first. If nothing, the Free Software community is a fairly passionate one, and although internally it doesn't always agree on everything, overall it's a welcoming enough space that can encourage new people to become a part of it. A good experience of making things together is kind of what keeps a community going. This includes making decisions and assisting newcomers.

I think a better mindset for Free Software is "we have the capacity" because it focuses on all of the things one can do with it, rather than all of the things its opponents cannot do. It is an important distinction because it is foundational to the very tone and tenor of what Free Software is actually about: having the capacity to make things however you want to; you can study new ideas from existing code, and use that to learn how to do something new.

There are communities filled with volunteers that code together because they love it and care about their projects enough to keep working on them. There is code that can be used for free that anyone can install. You can make 3D printers, robots, desktop and web applications. You can use tools to build other tools, and make programs that create other things, such as art, music, and films.

In the end, Free Software is not just about being an alternative to the status quo. It is about giving empowerment to people, and levelling the economic playing field by offering every bit of it for free. By providing the tools and the knowledge to a person, you can give them the power to help themselves.





git rebase
TetsuyO> io vorrei capire (seriamente eh) l'utilità di rebase se non "usalo *solo* quando la roba è locale e non l'ha *mai* vista nessuno"
TetsuyO> dato che appena c'è un push di mezzo, si scatena L'IRDIDDIO
valhalla> TetsuyO: ma in locale è comodo
TetsuyO> valhalla: appunto, in locale. Ma appena si pusha mi sembra DHFA (Distributed Headaches For All) e basta
enrico> TetsuyO: :) si, infatti
enrico> TetsuyO: è come il sadomaso, dà le sue soddisfazioni, ma solo tra le persone consenzienti

Ottima spiegazione di quando è il caso di usare rebase e quando no.

#git #cult-of-git




Andfrnd Uploader Beta

URI: content://media/external/images/media/26173
File name: /storage/emulated/0/DCIM/Camera/IMG_20141007_204605.jpg



I know it has probably existed for ages, and I've probably already read about it, but I've just rediscovered git-annex repair, which can also be run in a plain git repository and is able to retrieve any corrupted object from a remote where it is available, which is something I needed a few weeks ago.

@Gruppo Linux Como @LIFO



questa si che e' una tastiera.... :)


Andfrnd Uploader Beta

URI: file:///sdcard/Android/data/de.wikilab.android.friendica01/cache/imgs/imgUploadTemp_1409668908332.jpg
File name: /sdcard/Android/data/de.wikilab.android.friendica01/cache/imgs/imgUploadTemp_1409668908332.jpg



Reducing useless noise from irssi


Yesterday I missed a query from a friend (with the answer to a question *I* had asked in the first place) because it ended up in window 30-something and my statusbar was full of dim numbers from channels where people had just joined/left.

This morning I've set
activity_hide_level = JOINS PARTS QUITS
and my world is a much neater place :)

(I may have to add NICKS and possibly MODES, but they are rare enough and I'm still not sure I don't care about them, especially the latter.)

blog (x)




229

Now if we, like those characters in recent movies, discovered specific clues in the world around us suggesting that we do in fact live in a simulation, we would of course consider those clues carefully to see what they say about how we should live our lives. --Robin Hanson Listen.


Also as podcast:

3398

Now if we, like those characters in recent movies, discovered specific clues in the world around us suggesting that we do in fact live in a simulation, we would of course consider those clues carefully to see what they say about how we should live our lives.







Stampante 3D alla fiera dell'elettronica
Stampanti 3D
Se siete passati giovedì scorso in sede o sabato in fiera avrete notato una struttura in movimento circondata da piccoli oggetti di plastica colorata: una stampante 3D.

230

Leggi



Mediagoblin donation


I've eventually decided to donate to the current MediaGoblin crowdfunding campaign

I do hope that they will make it to the next unlock level (Aveyah), or at least that they get close enough (with the matching grant this looks feasible) that they decide to work on most of the features.

Questo sito utilizza cookie per riconosce gli utenti loggati e quelli che tornano a visitare. Proseguendo la navigazione su questo sito, accetti l'utilizzo di questi cookie.