João Azevedo @joao@librem.one

A month using #XMPP (using @snikket_im) for every call and chat.

An experiment for my wife and me, and, so far, it has worked *really* well.

https://neilzone.co.uk/2023/08/a-month-using-xmpp-using-snikket-for-every-call-and-chat

phosh 0.31.0 is out 🚀📱:

Lots of fixes in #phoc ➕ better xdg-activation ➕ less CPU usage ➕ animations on tiling/max

#phosh now supports the tablet-mode of convertibles (based on work by Jonathan Hall)

p-m-s allows to configure the notification priority for waking up the screen (thanks to Suraj Kumar Mahto).

libcall-ui switched to GTK4 thanks to @antonok.

Check out the full release notes at https://phosh.mobi/releases/rel-0.31.0/

#phosh #librem5 @purism #gnome #linux #mobile #LinuxMobile #MobileLinux

For the NoScript/uBlock/uMatrix gang

yt-dl.org

Access denied

Due to a ruling of the Hamburg Regional Court, access to this website is blocked.

Zugriff gesperrt

Aufgrund eines Urteils des Landgerichts Hamburg ist der Zugriff auf diese Website gesperrt.

Here is a hopefully-useful notice about Linux kernel security issues, as it seems like this knowledge isn't distributed very widely based on the number of emails I get on a weekly basis:

- The kernel security team does not have any "early notice"
announcement list for security fixes for anyone, as that would only
make things more insecure for everyone.

- The kernel community does not assign CVEs, nor do we deal with them
at all. This is documented in the kernel's security policy, yet we
still have a number of people asking for CVE numbers even after
reading that policy. See my longer "CVEs are dead..." talk for full
details about how the CVE process is broken for projects like Linux:
https://kernel-recipes.org/en/2019/talks/cves-are-dead-long-live-the-cve/

- You HAVE to take all of the stable/LTS releases in order to have a
secure and stable system. If you attempt to cherry-pick random
patches you will NOT fix all of the known, and unknown, problems,
but rather you will end up with a potentially more insecure system,
and one that contains known bugs. Reliance on an "enterprise"
distribution to provide this for your systems is up to you, discuss
it with them as to how they achieve this result as this is what you
are paying for. If you aren't paying for it, just use Debian, they
know what they are doing and track the stable kernels and have a
larger installed base than any other Linux distro. For embedded,
use Yocto, they track the stable releases, or keep your own
buildroot-based system up to date with the new releases.

- Test all stable/LTS releases on your workload and hardware before
putting the kernel into "production" as everyone runs a different %
of the kernel source code from everyone else (servers run about
1.5mil lines of code, embedded runs about 3.5mil lines of code, your
mileage will vary). If you can't test releases before moving them
into production, you might want to solve that problem first.

- A fix for a known bug is better than the potential of a fix causing a
future problem as future problems, when found, will be fixed then.

I think I need to give another talk about this issue to go into the above in more detail. So much for me giving a technical talk at Kernel
Recipes this year...

honestly surprised the balloons haven’t been replaced with just a bunch of 🖕 by now

Every #NYT story lately.

Are we just going to ignore the fact that Biden let Hurricane Hillary hit California when he could have used a Sharpie to move it out to sea safely?

Oh gawd this feels too real.

#satire #funny #starwars

Home is where your phone instantly registers to a cellular network 🤪️ #cccamp23 #shotonlibrem5

@nikodunk @nekohayo @jimmac

- Do consider the energy usage of the apps you create. Some frameworks, databases, whatever may make development easier, but they shouldn't require a lot of hardware resources / energy to work properly.

- Do consider the energy usage of your development workflows. Triggering that CI/CD needlessly is a waste of energy, and so is leaving your hardware on when you aren't using it.

Super interesting talk "All cops are broadcasting" @ #cccamp23 !

https://media.ccc.de/v/camp2023-57100-all_cops_are_broadcasting

Quoting Greg Kroah-Hartman:
"After Android, Debian is by far the largest Linux user, and the Debian
kernel developers do an awesome job of tracking the stable kernel
releases which have been documented to fix 99% of known security issues _BEFORE_ they are known (data produced by Google security team for 2 years straight)."

99% is probably a little over optimistic (there's certainly some fixes which land in stable trees after they are publicly known), but his core argument is spot-on.

still hanging out in front of fairydust at the marktplatz #cccamp23 where you can play with our open hardware laptops (MNT Reform and Pocket Reform)

A cake has materialized. #debianday

Debian just turned 30 today, happy birthday #Debian! 🥳

The talk is public now: https://events.ccc.de/camp/2023/hub/camp23/en/event/embedded-rust/

Thanks to all who listened to my newbie impressions of #Prolog at #CCCamp23 ! I hope you learned something too. (The talk was recorded and will be available online.)

If you like the way I present, then see you at my #Rust #workshop on Friday :)

The event description will be put up here: https://events.ccc.de/camp/2023/hub/camp23/en/room/schattenland/

It is my pleasure to announce that I'm leading an #embedded #Rust workshop at the #CCCamp23 . Come on Friday 17:00 to #Schattenland at #ChaosZone .

I'll show you how to use #no_std Rust, aka hard mode. Bring your laptop!