Scorpio20 - Microca.st

Charles ☕ Stanhope at 2016-06-24T15:42:40Z via AndStatus To: Public

In retrospect, I suppose it was obvious this was going to be done by some player in the certificate business. Comodo is attempting to register "Let's Encrypt" trademarks. https://letsencrypt.org//2016/06/23/defending-our-brand.html

Douglas Perkins likes this.

Scorpio20 , Scorpio20 , Sam Black shared this.

Fortunately in the US, trademark comes from usage and not registration so Comodo doesn't really have a leg to stand on.

Jason Self at 2016-06-24T00:51:43Z

Kete Foy likes this.

another source

Kete Foy at 2016-06-24T01:29:35Z

Charles ☕ Stanhope at 2016-06-24T15:42:32Z via AndStatus To: Public

In retrospect, I suppose it was obvious this was going to be done by some player in the certificate business. Comodo is attempting to register "Let's Encrypt" trademarks. https://letsencrypt.org//2016/06/23/defending-our-brand.html

Douglas Perkins likes this.

Scorpio20 , Scorpio20 , Sam Black shared this.

Fortunately in the US, trademark comes from usage and not registration so Comodo doesn't really have a leg to stand on.

Jason Self at 2016-06-24T00:51:43Z

Kete Foy likes this.

another source

Kete Foy at 2016-06-24T01:29:35Z

Avadiax at 2016-06-23T13:12:17Z via AndStatus To: Public

Do not lie down and fiddle with your mobile phone before you sleep, you may get temporary blindness. http://www.nejm.org/doi/full/10.1056/NEJMc1514294

Scorpio20 , jrobertson shared this.

hmm… Seems people using For don't get to read the nejm. how nice. Wayback machine it is.

Freemor at 2016-06-23T12:42:32Z

Nope they hate archive.org too.. Ixquick proxy?

Freemor at 2016-06-23T12:44:16Z

Nope cookie issue..

No privacy for NEJM readers, how sad.

(Yes I could jump through extra hoops, Tails or such, but the fact is I shouldn't have to, and I'm just not that motivated right now)

Freemor at 2016-06-23T12:49:03Z

[email protected] likes this.

Time to start planning Debian Day 2016!

Debian Project at 2016-06-20T17:01:42Z via AndStatus To: Public

Debian Day will be on Tuesday, August 16th in 2016.

Let others know about your local DebianDay celebration plans!

Scorpio20 likes this.

Scorpio20 shared this.

Stephen Sekula at 2016-06-20T16:58:19Z via AndStatus To: Public

Today is an important day in the US, but not for the reasons echoing around social media. June 19: a step on the way to freedom and equality. https://en.m.wikipedia.org/wiki/Juneteenth

Scorpio20 , jrobb , [email protected] , Stephen Michael Kellat and 1 others like this.

Scorpio20 , Stephen Michael Kellat shared this.

Elena ``of Valhalla'' at 2016-06-20T08:31:57Z via AndStatus To: Public

The fact that something is not packaged by one of the big distributions may be for a number of reasons.

As somebody mentioned, one may simply be that they don't know about it: I will answer about your answers to it later.

Other reasons, however, are basically variants of "this package is not up to our standards": it may be because the package doesn't really work that well, but more often it is because there are issues in maintaining it in the long term.

In this case, one thing that makes me suspicious is the dependance on xulrunner, which afaik is no longer supported by its own upstream (mozilla) as something usable by 3rd parties.

Yes, a snappy (or whatever else) package which bundles an old version of xulrunner will make the program work, but then you're stuck with something that won't ever receive security fixes, and sooner or later may still stop working.

Are you actually sure that you want to start using (and depending on for your work/data) something whose long term future is already at risk?

Admittely, it is hard for a user to find out about this kind of things: they are usually discussed in the open, but you need to know where, and sometimes the reasons are deeply technical, so you have basically two choices: dig down and try to understand the reasons something is done in a certain way (probably best, as it would allow a reasoned choice in some specific cases when you disagree with them, but requires a significant time investment) or just trust that the maintainers are doing what they believe is best for their target users, and they are right a significant majority of the time.

Scorpio20 likes this.

Scorpio20 , Scorpio20 shared this.

Elena ``of Valhalla'' at 2016-06-20T08:31:51Z via AndStatus To: Public

The fact that something is not packaged by one of the big distributions may be for a number of reasons.

As somebody mentioned, one may simply be that they don't know about it: I will answer about your answers to it later.

Other reasons, however, are basically variants of "this package is not up to our standards": it may be because the package doesn't really work that well, but more often it is because there are issues in maintaining it in the long term.

In this case, one thing that makes me suspicious is the dependance on xulrunner, which afaik is no longer supported by its own upstream (mozilla) as something usable by 3rd parties.

Yes, a snappy (or whatever else) package which bundles an old version of xulrunner will make the program work, but then you're stuck with something that won't ever receive security fixes, and sooner or later may still stop working.

Are you actually sure that you want to start using (and depending on for your work/data) something whose long term future is already at risk?

Admittely, it is hard for a user to find out about this kind of things: they are usually discussed in the open, but you need to know where, and sometimes the reasons are deeply technical, so you have basically two choices: dig down and try to understand the reasons something is done in a certain way (probably best, as it would allow a reasoned choice in some specific cases when you disagree with them, but requires a significant time investment) or just trust that the maintainers are doing what they believe is best for their target users, and they are right a significant majority of the time.

Scorpio20 likes this.

Scorpio20 , Scorpio20 shared this.

Claes Wallin (韋嘉誠) at 2016-06-07T07:13:37Z via AndStatus To: Public

I have come to think that federations should be at best frontends to decentralized systems. The concrete example is various web wallets for crypto currencies. I don't know enough about Red Matrix, but I suppose from what I know that it is an example as well.

Identity is the key, as Moxie points out. You can start out on a federated service, which really means a super node in the P2P network, but then you need to be able to take your identity outside without losing your connections.

So, you have a decentralized system at the bottom. Decentralized as in truly P2P. Anyone could participate by just having a client that interacts with the network, without relying on any one particular server.

But people aren't going to do that ... you know, except the ones who are. So you have the situation with identi.ca vs OStatus, but with a third level. There's the big centralized federal entities vs the small self-hosted-with-friends or -with-orgs entities vs the P2P decentralized I'm-just-on-a-mobile-app entities. And they are all talking.

Through the web and the big entities you discover the network. Through the big or small entities you start participating, and with your P2P client you find emancipation and the network lives on regardless of what happens to the big players. But the big players are needed. How many of the people on Facebook know about Twister or BitMessage or whatever? But if the "Facebook" of a P2P+Federation network, with distributed identity, would start censoring, people would really quickly find another federated peer to start publishing on, and if they were worried enough, they would finally take the step off the web and run a desktop or mobile client.

I think there's a lot of amazing P2P social network apps out there, but if they are going to go anywhere in a big way, they need to be on DuckDuckGo, on Google, on Bing, on Yandex, on Baidu. We need searchable frontends and public content, otherwise it's just a niche for cryptoheads. But then we need inroads to heavier decentralization. Pump.io lets you run a client, but you're still reliant on a server being up.

I want git over secure-scuttlebutt, forums over IPFS and SAFE, IM over Ring or Tox or whatever, but I want it discoverable for civilians. And easy onramps toward more decentralization, with clear benefits.

It's not easy, because then people would have done it already.

So, W3C WG Social, awesome that you exist and I hope ActivityStreams 2.0 becomes a thing because we need a vocabulary either way. The messaging revolution will need solid work to stand on, but somebody had better start working on the BitCoin of messaging, rather that a more open, more free, more accessible and sensible SWIFT network.

Who am I? I am nobody, I didn't even finish the tent poles of my social network vaporware. But I can dream, can't I?

jrobb , Alex Jordan , Charles ☕ Stanhope , Douglas Perkins like this.

Scorpio20 , Alex Jordan , Alex Jordan shared this.

Free Software Foundation at 2016-06-07T06:39:53Z via AndStatus To: Public

We just passed the three-year anniversary of the #Snowden revelations, which also happens to be the two-year anniversary of our #encryption education project, Email Self-Defense. https://emailselfdefense.fsf.org

lostson , Alex Jordan , House of Small Dogs , Ben Sturmfels and 2 others like this.

victorhck , Scorpio20 , johan , Alex Jordan and 2 others shared this.

Avadiax at 2016-06-04T10:05:41Z via AndStatus To: Public

Stop using short PGP key ID ... collisions are being detected in the wild. http://gwolf.org/node/4070

Jason Self , Scorpio20 like this.

Claes Wallin (韋嘉誠) , Elena ``of Valhalla'' , Jason Self , Scorpio20 shared this.

Glyn Moody at 2016-06-03T16:10:19Z via AndStatus To: Public

Google’s fair use victory is good for #opensource - http://arstechnica.co.uk/tech-policy/2016/06/googles-fair-use-victory-is-good-for-open-source/ "
No, Google's win won't gut the GPL."

[email protected] likes this.

Scorpio20 shared this.

We Distribute at 2016-06-03T16:09:36Z via AndStatus To: Public

What's going on with OwnCloud?

The recent announcement of the OwnCloud Foundation followed by the announcement of fork of OwnCloud is bound to raise more than a few eyebrows. What happened? How did things get to this point?

Catching the Next Cloud
Earlier today, Frank Karlitschek, co-founder of #OwnCloud, made an announcement about the formation of a new project. Five weeks prior, he had left the company that he had helped start, and some of the core development team have followed him to their new project, NextCloud.

Image/photo

Frank describes a vision for what he wants out of this new project and its respective community: a project that does development out in the open, without any contributor agreements or dual-licensing schemes, with a new trademark held by an independent foundation. A better company culture where shares are equally held by employees, with the hand of development decisions guided by the community-at-large rather than a disconnected small team.

To paraphrase Frank, the best parts of OwnCloud are to be extended to fully support what the community has been asking for: better apps, with features that previously only existed for enterprise customers. In his own words:

We will release a drop in replacement for ownCloud in a few weeks so that users and customers can easily upgrade to Nextcloud to benefit from the new bugfix and security improvements and features. Nextcloud GmbH will provide free support for all current ownCloud customers to simplify a transition.

The OwnCloud Foundation

"One of Frank’s criticisms concerned the need to strengthen the Community. In this regard, we have been working on the creation of the ownCloud Foundation, the formation of which we announced earlier this week."

Recently, the OwnCloud project announced that it was setting up a foundation. While this is a welcome event for any Free Software project, it immediately raised eyebrows. Some of the main criticisms were focused on the nature of the board itself (only 2 seats are elected by the community - the other four are coporate), whereas others have pointed out that only OwnCloud Inc itself appears to have any sponsorship in the foundation.

Meanwhile, a handful of developers of the OwnCloud platform announce that they are leaving their projects. Their announcements can be found on Planet KDE. The general theme appears to be that OwnCloud is putting its corporate needs above its community needs.

The OwnCloud Foundation's had this to say on the matter:

Today’s announcement by our former colleague Frank Karlitschek, that he intends to launch a competitive product to ownCloud into the market using recently poached developers, has both surprised us and – admittedly – disappointed us. In the past, Frank has made a wealth of contributions to the development of the ownCloud Community Edition. With today’s announcement, he is no longer related to the ownCloud project and has started a competing community.

This ends on a particularly strange note, as OwnCloud finally concludes that it has to close its doors after their main lenders cancelled their credit. 8 employee contracts were terminated in the process, and the company will be forced to close its doors. Paradoxically "The ownCloud GmbH is not directly affected by this and the growth of the ownCloud Foundation will remain a key priority."

#NextCloud

Claes Wallin (韋嘉誠) , Jorge , sazius , gledof and 2 others like this.

Stephen Michael Kellat , mnd , Stephen Sekula , Blaise Alleyne and 6 others shared this.

This ends on a particularly strange note, as OwnCloud finally concludes that it has to close its doors after their main lenders cancelled their credit. 8 employee contracts were terminated in the process, and the company will be forced to close its doors. Paradoxically "The ownCloud GmbH is not directly affected by this and the growth of the ownCloud Foundation will remain a key priority."

I'm confused. What closed its doors? I would've thought the business, but the next sentence says the GmbH is not affected. Anyone know?

Mike Linksvayer at 2016-06-03T16:01:35Z

I think I've read somewhere, that the US branch "Inc." has to close down, while the "GmbH" which is the German branch can continue. But I don't have a link to prove.

Tobias Diekershoff at 2016-06-03T16:19:55Z

Claes Wallin (韋嘉誠) , Mike Linksvayer like this.

>> Mike Linksvayer:

“This ends on a particularly strange note, as OwnCloud finally concludes that it has to close its doors after their main lenders cancelled their credit. 8 employee contracts were terminated in the process, and the company will be forced to close its doors. Paradoxically "The ownCloud GmbH is not directly affected by this and the growth of the ownCloud Foundation will remain a key priority."

I'm confused. What closed its doors? I would've thought the business, but the next sentence says the GmbH is not affected. Anyone know?”

The developers themselves and the promise of their future intellectual properties was the asset or other collateral used to secure the debt?

Stephen Michael Kellat at 2016-06-05T19:41:54Z

Alex Jordan likes this.

My interpretation is that the cash flow in the US subsidiary was almost entirely debt-based, and when the original founder is leading a competing project, the creditors no longer believe in the project.

With no revenue to pay salaries and bills, they would be insolvent and forced to liquidate immediately.

Claes Wallin (韋嘉誠) at 2016-06-09T21:36:47Z

The State of Mobile in XMPP 2016

Jorge at 2016-06-03T16:06:17Z via AndStatus To: Public

XMPP is not suited for mobile devices. That’s a myth that has been around for ages. It is mostly spread by people who want to sell you their own proprietary instant messaging solution. But it also gained some popularity through a blog post entitled The (Sad) State of Mobile XMPP in 2014 by Georg Lukas. While Georg wasn’t wrong with his status report per se, it is important to understand that he describes a temporary problem. There was a brief period of time where XMPP actually had some catching up to do. XMPP was fine before, when we had different requirements—In fact I was using an XMPP client on my Nokia E71 back in 2008 (That’s more than two years before WhatsApp was even invented)—and it’s fine now in 2016…

https://gultsch.de/xmpp_2016.html

via: https://primatemind.info/notice/37454

trinux , Colegota , Timo Kankare , jrobertson and 5 others like this.

trinux , Colegota , Arcee , Kevin Everets and 1 others shared this.

Show all 7 replies

>> Morgan McMillian:

“[...] However even then it almost always ends up being SMS. [...]”

Then SMS it is. As long as they can 'find' you on WhatsApp or $CURRENTSILO, they won't touch anything else. Why would they? ;)

JanKusanagi at 2016-06-04T00:07:22Z

[email protected] likes this.

Are there stable public servers again?

[email protected] at 2016-06-04T22:33:22Z

>> [email protected]:

“Are there stable public servers again?”

In the +10 years I've been using jabber/XMPP, there have been, so... yes?

JanKusanagi at 2016-06-04T23:05:42Z

List of public servers if your looking for one. https://xmpp.net/directory.php

Morgan McMillian at 2016-06-05T03:12:27Z

TeamViewer denies hack after PCs hijacked, PayPal accounts drained

coyote at 2016-06-02T19:40:30Z via AndStatus To: Public

In the past 24 hours, we've seen a spike in complaints from people who say their PCs, Macs and servers were taken over via the widely used remote-control tool on their machines. Even users with strong passwords and two-factor authentication enabled on their TeamViewer accounts say they were hit.

http://www.theregister.co.uk/2016/06/01/teamviewer_mass_breach_report/

https://www.meneame.net/story/teamview-niega-haya-sido-hackeada-montones-pcs-secuestrados-eng

Aqa-Ib , Douglas Perkins like this.

Scorpio20 , Douglas Perkins , Freemor shared this.

Proprietary cra... em... software at its best =)

JanKusanagi at 2016-06-02T12:29:42Z

lostson , EricxDu like this.

No he entendido cual fue la brecha de seguridad en teamviewer?

Aqa-Ib at 2016-06-05T22:50:05Z

Openwashing

Elena ``of Valhalla'' at 2016-06-02T19:31:59Z via AndStatus To: Public

Nuand abusing the term "Open Source" for non-free Software

Back in late April, the well-known high-quality SDR hardware company
Nuand published a blog post about an Open Source Release of a VHDL ADS-B
receiver.

I was quite happy at that time about this, and bookmarked it for further investigation at some later point.

Today I actually looked at the source code, and more by coincidence noticed that the LICENSE file contains a license that is anything but Open Source: The license is a "free for evaluation only" license, and it is only valid if you run the code on an actual Nuand board.

I don't know about this specific case, but this is not the first time that somebody claimed that something was Open Source when it wasn't.

From one point of view it isn't a completely bad thing: it means that being Open Source is perceived as having a marketing value, and that at least some markets are voting for it with their wallets, which is a good thing.

Other than that, it's a misleading practice, especially when done with malice. Unluckily IIRC "Open Source" in itself couldn't be trademarked (and there goes one of the supposed advantages over using the term "Free Software"), so there are probably no ways to stop it via legal means, and it's very important that the communities involved take care to spread the word to prevent this tactic from being successful.

Arcee likes this.

Arcee , Sarah Elkins , Scorpio20 shared this.

Aaron Gibson at 2016-06-02T19:30:32Z via AndStatus To: Public

h/t [email protected]

OwnCloud forked to create Nextcloud

The future of your own cloud is here.

Alex Jordan , lostson , Mike Linksvayer , Douglas Perkins like this.

Scorpio20 , Jorge , Freemor , Douglas Perkins and 1 others shared this.

Here is the blog post from the ex-CIO himself: http://karlitschek.de/2016/06/nextcloud/

sazius at 2016-06-02T10:13:27Z

Douglas Perkins likes this.

wow! big news. Definitely something I'll keep an eye on.

Freemor at 2016-06-02T11:44:52Z

I guess https://owncloud.com/owncloud-announces-formation-owncloud-foundation/ (2 days ago, trade association) was an attempt to blunt migration to the soon-to-be-announced nextcloud?

Mike Linksvayer at 2016-06-02T17:22:37Z

Claes Wallin (韋嘉誠) , [email protected] like this.

>> Mike Linksvayer:

“I guess https://owncloud.com/owncloud-announces-formation-owncloud-foundation/ (2 days ago, trade association) was an attempt to blunt migration to the soon-to-be-announced nextcloud?”

I find it interesting that there are financial consequences to the move.

Stephen Michael Kellat at 2016-06-02T23:17:00Z

Alex Jordan likes this.

Speaking of (the not so dead, not so irrelevant) Federation

Freemor at 2016-05-31T08:52:52Z via AndStatus To: Public

Join us for the first Decentralized Web Summit — June 8-9, in SF

The first Decentralized Web Summit is a call for dreamers and builders who believe we can lock the Web open for good. This goal of the Summit (June 8) and Meetup featuring lightning talks and workshops (June 9) is to spark collaboration and take concrete steps to create a better Web.

Full info @

https://blog.archive.org/2016/05/19/join-us-for-the-first-decentralized-web-summit-june-8-9-in-sf/

gledof , Alex Jordan , Claes Wallin (韋嘉誠) , ostfriesenmärz and 3 others like this.

Scorpio20 , Alex Jordan , Claes Wallin (韋嘉誠) , ostfriesenmärz and 1 others shared this.

Cool!

JanKusanagi at 2016-05-21T12:52:16Z

Yes, I'm very excited. Good speakers and they plan to live stream it.

It also looks like they are still open to other joining in with talks/workshops/lightning talks.

Freemor at 2016-05-21T12:54:10Z

Claes Wallin (韋嘉誠) likes this.