Movim is a distributed social networking platform founded in 2010. It can be accessed using existing XMPP clients and Jabber accounts, and is a free and open source software licensed under the AGPL.#movim #ejabberd #socialnetwork #federation #xmpp #agpl #prosody #debian #freesoftware
With version 0.12 released in October, Movim migrated its official server to ejabberd. Before, they were using Metronome, a Prosody fork. Today, we are chatting with Timothée Jaussoin, the founder of Movim, about this very complex migration.
We now have a proper packaging for our Linux distribution – Debian, which certainly makes it easier to maintain. There’s also an improved scalability and more stable CPU and memory consumption, which helps to predict hardware requirements.
Even if I see ejabberd more as a tool that needs integration and tuning to create a proper platform, ejabberd seems to be the more serious solution to build proper messaging systems using the XMPP protocol.
Dear developers,#debian #freesoftware #sourcecode #search #development #debsources #python #agpl3
We're happy to announce that Debsources, the Web application that
allows to browse and search the entire source code of all Debian
releases, is now hosted on the official Debian infrastructure and
available at https://sources.debian.org.
You may already know this service as previously hosted at
sources.debian.net . We took the move to Debian hardware as the
opportunity to officially announce it here.
Debsources is a web service that exposes the content of Debian source
packages on the Web, both via an HTML user interface and a JSON API
. To that end, an updater runs regularly (currently 4 times a day)
to unpack and index new packages from all the available Debian
suites. It also runs various plugins, for example to count lines of
code and measure the size of packages; this information is exposed in
Since all extracted information is stored in a PostgreSQL database,
various data warehouse features are available, such as the list of
file duplicates for every file, or package name search.
More than source code
Worth noting are two "sub-apps" that run on the same infrastructure:
* patches : for packages using 3.0 (quilt) package format, the list
of patches is extracted and exposed, along with some metadata.
* copyright : the copyright files of packages are exposed through
this interface, and displayed in a convenient way if they are
Debsources has been described extensively and used to conduct various
studies on the Debian source code. To learn more check out the paper:
Matthieu Caneill, Daniel M. Germán, Stefano Zacchiroli. The Debsources
Dataset: Two Decades of Free and Open Source Software. In Empirical
Software Engineering, Volume 22, pp. 1405-1437, June, 2017
An open access preprint of the paper and additional information about
Debsources are available on the Debsources documentation page .
Many credits go to everyone who submitted patches and feedback over
the years, thank you! In particular, Stefano Zacchiroli started the
project and wrote the updater infrastructure, and Orestis Ioannou
developed the patches/ and copyright/ apps.
This new instance of the service is hosted by DSA - without whom
sources.debian.org would not exist. Many thanks to the whole team for
their guidance in the d.n -> d.o migration, and in particular to
Julien Cristau and Peter Palfrader.
The previous instance of Debsources had been hosted by IRILL for
more than 4 years, who has also spearheaded the initial development of
the service - thanks for the non-interrupted service!
As always, we're more than happy to hear your feedback; you can
contact us at firstname.lastname@example.org . (See the footer
of the Debsources web page for bug report and contribution
For the Debsources team,
Each time I see the FSFE picture, just like on Daniel’s last post to planet.d.o, where it says:#cloud #freesoftware #openstack #fsfe #debian #privacy
“There is NO CLOUD, just other people’s computers”
it makes me so frustrated. There’s such a thing as private cloud, setup on your own set of servers. I’ve been working on delivering OpenStack to Debian for the last 6 years and a half, motivated exactly to fix this issue: I refuse that the only cloud people could use would be a closed source solution like GCE, AWS or Azure. The FSFE (and the FSF) completely dismissing this work is more than annoying: it is counter productive. Not only the FSFE shouldn’t pull anyone away from the cloud, but it should push for the public to choose cloud providers using free software like OpenStack.
The openstack.org market place lists 23 public cloud providers using OpenStack, so there is now no excuse to use any other type of cloud: for sure, there’s one where you need it. If you use a free software solution like OpenStack, then the question if you’re running on your own hardware, on some rented hardware (on which you deployed OpenStack yourself), or on someone else’s OpenStack deployment is just a practical one, on which you can always back-up quickly. That’s one of the very reason why one should deploy on the cloud: so that it’s possible to redeploy quickly on another cloud provider, or even on your own private cloud. This gives you more freedom than you ever had, because it makes you not dependent anymore on the hosting company you’ve selected: switching provider is just the mater of launching a script. The reality is that neither the FSFE or RMS understand all of this. Please don’t dive into the FSFE very wrong message.
$ echo deb https://deb.debian.org/debian/ experimental main | sudo tee /etc/apt/sources.list.d/experimental.list
$ sudo apt update
$ sudo apt -t experimental install dino-im
deb https://deb.debian.org/debian/ experimental main
A little more than a month ago I wrote how to observe the SIM card ID (aka IMSI number) of mobile phones talking to nearby mobile phone base stations using Debian GNU/Linux and a cheap USB software defined radio, and thus being able to pinpoint the location of people and equipment (like cars and trains) with an accuracy of a few kilometer. Since then we have worked to make the procedure even simpler, and it is now possible to do this without any manual frequency tuning and without building your own packages....
The gr-gsm package is now included in Debian testing and unstable, and the IMSI-catcher code no longer require root access to fetch and decode the GSM data collected using gr-gsm.
Here is an updated recipe, using packages built by Debian and a git clone of two python scripts:
Google Search -> DuckDuckGo (free)I understand, that they advertise their own service here. And while I do believe, that DuckDuckGo does not cheat and keeps your searches private, as a user, one cannot prove it. In any case, one just replaces one centralised search machine with another one. Better use a decentralised service, such as meta search engine Searx.
Let's start off with the easiest one! Switching to DuckDuckGo not only keeps your searches private but also gives you extra advantages such as our bang shortcuts, handy Instant Answers, and knowing you're not trapped in a filter bubble.
Android -> iOS (paid)This is certainly the worst recommendation in their list. I had to check the date of the article, when I read this. Aprils Fool's Day? I'm certainly not a fan of Android and I'm not an Android user anymore, but going for a much more restrictive jail is just stupid. Android has at least relatively free versions, e.g. Replicant. iOS, in contrast, is a carcel with beautifully painted walls. Very high walls with perfectly styled barbed wire on top. Even the most proprietary variants of Android let you at least install free software from F-Droid.org.
The most popular alternative to Android is of course iOS, which offers easy device encryption and encrypted messaging via iMessage by default. We also have tips to increase privacy protection on your iPhone or iPad.
Google Allo -> Signal (free)Again, they recommend to leave one centralised service for another one. And one, that even wants your phone number, otherwise you can't use it. And one, that does not yet have a decent client for Linux. There are messengers around that are federated or completely decentralised, that do not force you give them your phone number, and that have native clients for all major operating systems. My recommendation is XMPP. If you are on Linux, use e.g. Gajim, on Android the best app is probably Conversations, for iOS there is ChatSecure and so on. Alternatives to XMPP are Ring, Matrix and more recently Wire.
There are several services offering private messaging but, as we've mentioned before, Signal gets our recommendation. It offers free, end-to-end encryption for both messages and private calls. It's also recommended by Edward Snowden and renowned security expert Bruce Schneier, among others.
Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.One should also not give up libre software, which is essential in many ways, to purchase a little perceived safety or privacy through non-free or centralised services.
Let's Encrypt is a new Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, thereby enabling encrypted HTTPS on web servers. It simplifies the process by providing a software client, certbot (previously