Except for a few distros that assist their users to build everything they install from source (kiss and forks, LFS and forks, gentoo and forks, crux, exherbo, T2-sde, etc), most linux-distributions, offer binaries to be installed, usually backed up by the source code (script) building the package from either their own source code, or what we call upstream (other FOSS sources). How do you know though, that what the source repository shows and what the binary package contains is the same? One way is to build it with the same recipe (packaging source script) and compare the sums. Very few people do this and in very rare and controlled environments is the product the same, meaning checksums are identical (Arch is reporting 15-20% failure to reproduce their own packages). So what most distros do is they sign their packages and by having their public signature key, you know what they built is what you got. But are you sure they built it right, or did they take adequate measures to make sure what they pulled from upstream to build the package is what the author really published? How can you check?
Tag Archives: tor
Luke, don’t follow the Force blindly, you dumb shit! freenode – Irc – trap
32 years of irc, same trap, same practice, higher motives. 
Talk on bitnet was safer and email can be safe, but chatrooms and forums is asking for trouble.
Assumptions: You use linux or other unix, you install binary packages, you have questions that need immediate answers.
Question1: where do you go? How do you get there
Answer1: where the distro you use lists (web site) as places of contact
If it says Irc, freenode (owned by a London Stock Exchange “security technologies” corporation) channel #..name..of…distro… channel, then ask.
Question 3: What do you use to get to freenode irc server?
Answer: I am Luke, the intergalactic dumb shit, I do what they tell me. I look at the repository, there might be hexchat or polari or irssi or more, it doesn’t matter, I download and install the most “popular” software, run it, enter the server, go to the room, ask my question, get my answer, go about my business. No biggie! Continue reading
Which browser to choose for privacy and anonymity and which “free” email?
Cynwulf1 in a comment about waterfox left an advise to not trust so much a “popular browser fork” just because it has become popular “saying” it is safer and more private than the original. After some discussion with friends and associates a couple of links came up as appearing to be telling some truth about why some are really bad, some are equally bad, some not so bad, but all with rational arguments and explanations on how they draw those moral conclusions.
As all things published on the internet, by a variety of portrayed experts, should ultimately be taken under a critical eye, “who is publishing this and why do they want me convinced”, these two links below may answer a common question: What browser is “safer” to use, what email provider respects my privacy and anonymity?
https://spyware.neocities.org/articles/browsers.html
Waterfox is sold out officially, it is part of the corporate world
We had dedicated much energy in the past, 2 years ago, to advocate for Palemoon and you should at least read the piece about the NoScript parody, and how we gave up on it for specific suspicious reasons (still holds unchanged, Palemoon has branded NoScript as “dangerous” because it breaks pages). We had seeked refuge at Waterfox, retaining some old firefox functionality and ensuring us it is blocking all of Mozilla tactics of robbing you of private data and feeding it to “who knows who”.
Waterfox officially was sold by mr Alex Kontos to System1, a UK payperclick ad company, which it would be absurd to believe that it wouldn’t utilize the browser’s ability to feed their other interests with private data. Or why else would they buy to promote their own browser, to make all others break while they are getting robbed?
Thank you Alex for your sincere efforts and sleepless nights of coding, all these years, it has been a great ride, and it is too bad it had to crash in such a bad time for browser variety and period. Goodbye and good luck for all that you had done up to now.
Search term that lead someone to sysdfree (this site)
In most cases there is not much to talk about. The vast majority is people seeking information on distributions that use init systems other than systemd. In most cases people end up looking through the list of distributions, occasional reading specific stories on a specific distribution or a general review. It is not very often out of the thousands of hits to get any feedback in what else people might be interested in that we can provide information on. But here is a search that breaks our monotony.
“fedora without systemd”
We don’t want to make fun of whoever was running the search, after all, it is a possible combination of variables across the open and free/non-free universe of linux and non-linux unix world. What would be impossible to search for would have been systemd without systemd. Even redhat without systemd is a possibility. Continue reading
Devuan testing new amprolla3 powered repository
If you like to test the new amprolla3 powered repository system here is a small list of optional /etc/apt/sources.list
deb https://pkgmaster.devuan.org/merged/ ascii main contrib non-free
deb https://pkgmaster.devuan.org/merged/ ascii-backports main contrib non-free
deb https://pkgmaster.devuan.org/merged/ ascii-proposed-updates main contrib non-free
deb https://pkgmaster.devuan.org/merged/ ascii-security main contrib non-free
deb https://pkgmaster.devuan.org/merged/ ascii-updates main contrib non-free
deb https://pkgmaster.devuan.org/devuan/ ascii-proposed main contrib non-free
deb https://pkgmaster.devuan.org/devuan/ ascii-proposed-security main contrib non-free
Continue reading 
systemd-free linux community 