Skip to maddog, Stallman, Amadeu, GNU, Debian

Jon ‘maddog’ Hall

Linux Journal

  • IP Voice 2008 - Lisbon, Portugal - March 5th to 6th, 2008 -

    IP Voice 2008 (http://www.ipvoice2008.com/eng/index2.php) will be held in Lisbon, Portugal on March 5th to 6th, 2008, and with the main audience of this conference being targeted to enterprise customers and communication carriers.

    There have been a number of Open Software Phone projects that have happened in the past year and which continue to move forward: more>>

  • Linux Foundation Collaboration Summit - Austin, Texas - April 8th to 10th, 2008 -

    Unlike a lot of the events that I discuss in my Blog, the Linux Foundation Collaboration Summit is a "by invitation only" event with a twist. Normally for "invitation only events", the potential attendee sits by the phone with their prom clothes on, waiting for the call that may or may not come. more>>

  • Campus Party, February 11-17, 2008, Sao Paulo, Brazil -

    After speaking at the Florida Linux Show on February 11th, I return ever-so-briefly to the New England area to re-pack my bags and head for Sao Paulo, Brazil to attend Campus Party (February 11th to 17th, 2008). more>>

  • LPI Community Corner

    Skip to maddog, Stallman, Amadeu, GNU, Debian

    Richard Stallman’s Blog

  • Urgent: Better treatment of workers -

    US citizens: call on Obama to give a preference in federal contracts to companies that treat workers better.

    Please don't use "who" in reference to companies; companies are not people.

  • Urgent: Obama-Warren TPP debate -

    US citizens: call on Obama to hold a debate with Senator Warren about the TPP.

  • Urgent: Climate negotiations -

    US citizens: sign this petition to kick the big polluters out of the climate negotiations.

  • Skip to maddog, Stallman, Amadeu, GNU, Debian

    Sérgio Amadeu

    Trezentos

    Skip to maddog, Stallman, Amadeu, GNU, Debian

    GNU`s News

  • Alfred M. Szmidt: GNU inetutils 1.9.3 -

    The GNU inetutils team is proud to present version 1.9.3 of the GNU networking utilities. The GNU Networking Utilities are the common networking utilities, clients and servers of the GNU Operating System.

    The following is new in this release:

    • ftp

      An old inability to allow other names than the canonical name has been corrected. This means that a machine entry in the .netrc file will now be used as expected. Previously any alias name was replaced by the corresponding canonical name, before reading the .netrc file.

      The internal command ‘hash’ accepts a suffixed letter to the size argument, like ‘12k’, instead of 12288. Made a minor change to the syntax of the command itself, allowing size changes independently of activation of hash markings. After a transfer the summary gives the speed as ‘Mbytes/s’, ‘kbytes/s’, or ‘bytes/s’.

      The .netrc file can be overridden by the environment variable NETRC. Of even higher precedence is the new option ‘-N/–netrc’. The access to the resulting file, whatever method, is now denied unless it is a regular file.

    • ifconfig

      Better command line parsing on BSD and Solaris systems. Touch only changeable flags on all systems.

    • logger

      The ability to use numerical facilities is restored to full range.

    • ping, ping6

      The ability to specify a pattern as payload is corrected.

    • syslogd

      A new switch ‘-T/–local-time’ makes the service ignore a time stamp passed on by the remote host, recording instead the local time at the moment the message was received. As a short form of ‘–pidfile’, the switch ‘-P’ is new.

      In common with other syslogd implementations, rsyslogd and sysklogd, there has for a long time existed an attack vector based on large facility numbers, made public in CVE-2014-3684. This is now mended in our code base.

    • telnetd

      The ability to autologin a client, without using authentication, is now functional in the expected manner, i.e., the prompt for a user name is suppressed in favour of an immediate password prompt.

      In a setting where the client is using a UTF-8 encoding, it was common to observe strange characters in most responses. This was caused by the server daemon, due to incomplete purging of internal protocol data. The issue should now be resolved.

    • whois

      Improved cooperation with servers like ‘whois.arin.net’, ‘whois.eu’, and ‘whois.ripe.net’.

  • FSF Blogs: Asking Obama to protect encryption, and why that's not enough -

    In addition to civil society organizations like the FSF, the letter* was signed by some of the most important cryptologists in the world, including the inventors of many of the key technologies behind modern encryption.

    The letter is a response to recent requests from the US Federal Bureau of Investigation (FBI) and other agencies for laws requiring that backdoors and attack vectors be built into any encrypted system made by US companies. These backdoors would be specially created to allow law enforcement to snoop on the personal information of the company's customers. Even if you trust the government not to misuse your personal information, this is very risky; any backdoor created for the government will significantly weaken software against other attacks as well.

    While free software advocates may not all agree on the details of how narrow government surveillance must be to keep civil liberties intact, we must draw a line at surveillance which prevents effective whistleblowing on corporate and government misbehavior. Mandatory backdoors would definitely do that. Whistleblowers exist outside the NSA -- people must be able to expose (as hypothetical examples) inappropriate influence by Apple on US congresspeople, or secret patent intimidation by Microsoft against free software distributors. Without strong encryption, such sources will know that their identity can be easily discovered, providing a serious deterrent against doing the right thing.

    Another unacceptable result of government-mandated backdoors is that they would effectively make it impossible for US companies to use free software encryption in systems that handle customers' information. The laws requiring specific unmodifiable anti-features would prevent both companies and users from exercising freedom 1 of the Free Software Definition, the freedom to study how a program works, and change it so it does your computing as you wish.

    We are strongly opposed to government-mandated backdoors and are supportive of this letter's intent, but we signed it with some trepidation. This is because the only real victory in control over our software lies not in petitioning the government, but in moving away from proprietary software. Free software can be much more difficult for centralized entities -- either government or corporate -- to control, because any backdoors or other vulnerabilities added to a given version can be reversed in another version and spread to everyone using the program (I wrote more about this resilience in a 2014 article, How can free software protect us from surveillance?). Conversely, proprietary software is never guaranteed to serve our interests -- even if we are assured by the developers of the software that they have not built in a backdoor, we can't verify this because we can't see the source code.

    Let's keep pressuring our government to resist any requirement to deliberately install backdoors in our software, but not put all our eggs in that basket: to really have freedom and security, we need to use our own solutions that we control, from the source code up. A variety of such free software encrypted communication tools already exist. Systems like GnuPG (learn how to use it here), OpenSSL and the rest in the Free Software Directory's encryption category are easily available and new ones are being created every day to meet changing needs. There are even new, free software-based, decentralized, surveillance-resistant systems that we hope will someday replace the massive restrictive corporate systems that government agencies so desperately want complete access to. If we're successful, we'll eventually reach a point where we won't need to petition leaders to protect our privacy in this area, because we'll be able to protect it ourselves.

    *The letter uses the term "free and open source," but the term "open source" misses the point of free software. Read more about the two terms on gnu.org.

  • FSF Events: Richard Stallman to speak in Frankfurt, Germany -

    Richard Stallman's speech will be nontechnical, admission is gratis, and the public is encouraged to attend.

    Speech topic to be determined.

    Please fill out our contact form, so that we can contact you about future events in and around Frankfurt.

  • Skip to maddog, Stallman, Amadeu, GNU, Debian

    Debian Project News

  • Debian 8 Jessie is released - On April 25, the Debian project released a new stable version, Debian 8 "Jessie". Niels Thykier, member of the Release team, gave a summary on his blog of the release process for Jessie seen from the inside.
  • The newsletter for the Debian community - The release of Debian Jessie was accompanied by the first beta release of the Jessie-based DebianEdu and the publication of Debian GNU/Hurd 2015, a snapshot of Debian unstable at the time of Jessie's release, for the unofficial Hurd port.
  • Publicity live coverage - Much like the larger project that houses it, the publicity team is also an international effort relying on contributors, developers, and volunteers across the world in nearly every timezone to accomplish a singular task.