Skip to main content

Seen in the window of a shop in Bézier


I think that either a word is missing, or there is something seriously wrong in there :)

Palms, buildings and cloudy weather with a high chance of rain


and then, not seen on the picture because privacy, a group of geeks typing on their laptops while sitting in sight of a swimming pool.

Yes, I'm at #Debian SunCamp, and other than some intermittent issues with the "sun" part this is preparing to be a good and hopefully productive time!
Tom Grz 6 giorni fa
Need a water-proof laptop!

Elena ``of Valhalla'' 5 giorni fa
Luckily there is enough of a roof above the chairs we're sitting in that when it starts to rain we have enough time to pack everything and move inside


Debunk some Debian myths

Debian has many years of history, about 25 years already.With such a long travel over the continous field of developing our UniversalOperating System, some m...
setThemFree 2 settimane fa
I would add that having something like debian stable is a very good option in some cases even for desktop. I have a close relative for whom I installed debian some years ago. I upgraded it couple of times when new releases came, and it just kept working flawlessly. I don't need to worry about it. (They are installing security updates regularly of course).


mjg59 | Intel AMT on wireless networks

More details about Intel's AMT vulnerablity have been released - it's about the worst case scenario, in that it's a total authentication bypass that appears to exist independent of whether the AMT is being used in Small Business or Enterprise modes


Tails - Announcing the Tails Social Contract

We had written and adopted a Code of Conduct since our first public hackfest in Paris in 2014. This code was and is meant as a guide to make our public spaces welcoming and friendly to every sentient being. We have since then worked on a Social Contract which we proudly present today! ...


Comunità Debian @ducc-it 2017

Aaaaand back from where I've met many members of the Debian and Ubunty communities in Italy, and had a chance to talk about the Debian Community (represented in the slide below :) )

(photo by erossi)

Yes, there was a hat...

(and there will be a longer post soon-ish. when it's ready.)

@Gruppo Linux Como


Back to the roots: FidoNet |

Back in the good old days there was no Facebook, Google+, Skype and no XMPP servers for people to communicate with each other. The first "social communities" were Bulletin Board Systems (BBS), if you want to see those as social communities.
@Gruppo Linux Como can we run a BBS node for the LUG? can we? can we? :D


mjg59 | Intel's remote AMT vulnerablity

Intel just announced a vulnerability in their Active Management Technology stack. Here's what we know so far.
A well-written analysis on the vulnerability that is being talked about quite a bit among (core|libre)boot users.


Comment 12 to: Typo Hunt: Empire Games - Charlie's Diary

Please do not report errors through the Kindle app.

Firstly, they don't get to the authors. (Or even the publishing folks, in some cases.)

Secondly, Amazon use some whacked algorithm to boot books off sale if too many errors are reported.

So reporting via Kindle won't fix errata, but it may get the book yanked off sale (and fuck my income stream)!
I guess that amazon doesn't want to promote low quality typo-ridden stuff to its customers, but not even forwarding those reports sounds quite unexpected.

(or maybe it's written in the app or something: I don't buy from Amazon, so I've never seen it.)


Public Service Announcement on BDSM and other things

I think this is a good time to remind the Free Software World, especially the part of it based on a certain programming language¹, of the existence of this Debconf Talk (textual, not (too) titillating discussion of N S F W topics).

¹ one that is not my programming language, but even that programming language is ok if used on your own server with a consenting sysadmin.
Questa voce è stata modificata (1 mese fa)


Leadership in Open Projects

This past weekend, I participated in a training for "Skogsmulle" leaders and it gave me a first hand view of why focusing on leadership of free and open projects is exactly the right thing to do. To give you some context before I talk about why this is relevant for


21 XMPP use-cases and the best ways to achieve them | Erlang Solution blog

If you're considering XMPP for your project but you are unsure if it can provide the functionality you need, you'll eventually end up here:

I'm pretty sure you'll be quite intimidated by such a long list of features and extensions. Fear not, help is here!


Edizione 2017 - DUCC-IT

La Debian/Ubuntu Community Conference Italia 2017 (in breve DUCC-IT 2017) è la quinta edizione dell'evento annuale che riunisce le comunità italiane di Debian e Ubuntu ma anche e soprattutto tutte le realtà italiane attive nel Software Libero, allo scopo di scambiare conoscenze, discutere della situazione attuale e conoscere altri sviluppatori e membri della comunità.
@Gruppo Linux Como


the morning paper: Thou shalt not depend on me: analysing the use of outdated JavaScript libraries on the web (adriancolyer)

Just based on the paper title alone, if you had to guess what the situation is with outdated JavaScript libraries on the web, you’d probably guess it was pretty bad. It turns out it’s very bad indeed, and we’ve created a huge mess with nowhere near enough attention being paid to the issue.


XMPP VirtualHosts, SRV records and letsencrypt certificates

When I set up my XMPP server, a friend of mine asked if I was willing to have a virtualhost with his domain on my server, using the same address as the email.

Setting up prosody and the SRV record on the DNS was quite easy, but then we stumbled on the issue of certificates: of course we would like to use letsencrypt, but as far as we know that means that we would have to setup something custom so that the certificate gets renewed on his server and then sent to mine, and that looks more of a hassle than just him setting up his own prosody/ejabberd on his server.

So I was wondering: dear lazyweb, did any of you have the same issue and already came up with a solution that is easy to implement and trivial to maintain that we missed?

uhm, and now that I've had breakfast I realize that you were using as the jid... sorry

from IRC:

<nicoo> Anyhow, the issue is that, for a X.509 cert to be valid for XMPP for, it needs to have either in its subjectAltNames (making it able to impersonate any other service on that domain, esp. HTTPS)
<nicoo> or it can have an SRV-ID in subjectAltName
<nicoo> Unfortunately, the CA/B rules don't allow CAs to issue SRV-ID names
<nicoo> There has been some tentative effort to change that, but it seems to be stalled:
<nicoo> Here is the matching Let's Encrypt thread:
<nicoo> I did actually offer to implement it in Boulder (and had a stab at that on a local fork) but it's pointless as long as nothing changes on the CA/B side


The Git Parable

Git is a simple, but extremely powerful system. Most people try to teach Git by demonstrating a few dozen commands and then yelling “tadaaaaa.” I believe this method is flawed. [...]

The following parable will take you on a journey through the creation of a Git-like system from the ground up. Understanding the concepts presented here will be the most valuable thing you can do to prepare yourself to harness the full power of Git...


Fair trade ebooks: how authors could double their royalties without costing their publishers a cent

My latest Publishers Weekly column announces the launch-date for my long-planned "Shut Up and Take My Money" ebook platform, which allows traditionally published authors to serve as retailers for their publishers...
This looks like an excellent way for authors to cut the middleman who is working against their interest while keeping the useful one.

Probably works better for established authors, but for everybody else there are also platforms like storybundle to help them become established; also the article mentions a variant managed by the publisher themselves for multiple authors.

It is also quite likely to work more in the interest of customers, see the way the shop sells to everybody and then takes care to find out which publisher should get the money depending on the location, and I didn't see the absence of DRM being mentioned, but really hope that it is the case, because Cory Doctorow.


Codes of Conduct

These days, most large FLOSS communities have a "Code of Conduct"; a document that outlines the acceptable (and possibly not acceptable) behaviour that contributors to the community should or should not exhibit. By writing such a document, a community can arm itself more strongly in the fight against trolls, harassment, and other forms of antisocia...


Tumblr: when did tumblr collectively decide not to use punctuation like when did this happen why is this a thing (Just rockin' and rollin')

#linguistic nerds being linguistic nerds :D

and gratuitous trolling to @Jacopo Girardi : see, the language EVOLVES!
Jacopo Girardi 2 mesi fa
No time to read all the... robb' lì, the messages in the thing that scrolls ;)