Skip to main content

Search

Items tagged with: Software


 
Bild/Foto

The Intel Management Engine: an attack on computer users' freedom and privacy


The #Intel Management Engine (frequently abbreviated as ME) is a separate #computer within Intel computers, which denies users #control by forcing them to run #nonfree #software that cannot be modified or replaced by anyone but Intel. This is #dangerous and #unjust. It is a very serious #attack on the #freedom, #privacy, and #security of computer users.

The Management Engine started to appear in Intel computers around 2007.

It could, for instance, be used to remotely:
  • Power the computers on and off.
  • Boot computers from remote #storage located on the system administrator's #machine or on a #server, and take control of the computer that way.
  • Retrieve and store various #serial #numbers that #identify the computer hardware.
Over time, Intel #imposed the Management Engine on all Intel computers, removed the ability for computer #users and #manufacturers to disable it, and extended its control over the computer to nearly 100%. It even has access to the main computer's #memory.

It now constitutes a #separate computing environment that is designed to deny users the control of their computer. It can even run #applications that implement Digital Restrictions Management ( #DRM ). See Defective by Design to learn why DRM is bad.

The remote administration is done through applications running inside the Management Engine, such as AMT (Active Management Technology). AMT gives #remote system administrators the same control they would have if sitting in front of the computer. AMT can also control Intel #Ethernet #interfaces and #Wi-Fi cards to #filter or #block #network traffic from going in or out of the computer.

We could correct all these problems if the users were able to run fully free software on the Management Engine, or at least, make it not run any code, effectively disabling it. The former is impossible because the Management Engine will only run code that is #cryptographically signed by Intel. This means that unless someone finds a flaw in the #hardware that enables users to bypass the signature check, users are effectively denied the ability to #install the software they wish in the Management Engine.

Despite all Intel's efforts to make the Management Engine inescapable, software developers have had some success with preventing it from loading code. For instance, the #Libreboot project disables the Management Engine by removing all the code that the Management Engine is supposed to load on some #Thinkpad computers manufactured in #2008, including the R400, T400, T400s, T500, W500, X200, X200s, and X200T.

Also, many Intel computers manufactured in 2006 have the ancestor of the Management Engine which is disabled from the start, such as the Lenovo Thinkpads X60, X60s, X60 Tablet and T60, and many more.

A free software program named intelmetool is capable of detecting if the Management Engine is absent or disabled. With more recent hardware, it is not yet possible to fully disable the Management Engine, as some of the hardware needs to be initialized by it. It is however possible to limit the amount of nonfree software running on the Management Engine by removing parts of the #code and/or by configuring it to not run some code.

Independently from the Management Engine, other issues affect computers users in very similar ways:

Many computers use nonfree boot software (like #BIOS or #UEFI or equivalent) and/or require it to be cryptographically signed by the hardware manufacturer. This raises similar concern for the freedom, privacy, and security of computer users because the boot software is responsible for loading the operating system, and has more control over the computer than the operating system. This issue also affects computers using other architectures such as #ARM.

#AMD computers made after 2013 also have a separate computer within the computer, called PSP (Platform Security Processor), which has similar #issues.

Because of Intel's attack on users' freedom, to avoid being denied freedom, privacy, and security, computer users wanting to use a machine with an Intel processor must use older computers with no Management Engine, or whose Management Engine is disabled.

Whenever companies follow Intel's path, we will need to design our own hardware to keep being able to escape such attacks on freedom, by ensuring that users can run fully free software on it. This will also create the necessary building blocks that will enable users to benefit from hardware #freedoms in the #future, when manufacturing technologies are easily available to end users.

At the moment the only way to avoid this universal backdoor is to use computers that have been certified to respect your freedom (RYF).


#NSA #spyware #spy #mass #surveillance #technology #laptops #CPU #processor #universal #backdoor #malware #Corei3 #Corei5 #Corei7

 
Bild/Foto

The Intel Management Engine: an attack on computer users' freedom and privacy


The #Intel Management Engine (frequently abbreviated as ME) is a separate #computer within Intel computers, which denies users #control by forcing them to run #nonfree #software that cannot be modified or replaced by anyone but Intel. This is #dangerous and #unjust. It is a very serious #attack on the #freedom, #privacy, and #security of computer users.

The Management Engine started to appear in Intel computers around 2007.

It could, for instance, be used to remotely:
  • Power the computers on and off.
  • Boot computers from remote #storage located on the system administrator's #machine or on a #server, and take control of the computer that way.
  • Retrieve and store various #serial #numbers that #identify the computer hardware.
Over time, Intel #imposed the Management Engine on all Intel computers, removed the ability for computer #users and #manufacturers to disable it, and extended its control over the computer to nearly 100%. It even has access to the main computer's #memory.

It now constitutes a #separate computing environment that is designed to deny users the control of their computer. It can even run #applications that implement Digital Restrictions Management ( #DRM ). See Defective by Design to learn why DRM is bad.

The remote administration is done through applications running inside the Management Engine, such as AMT (Active Management Technology). AMT gives #remote system administrators the same control they would have if sitting in front of the computer. AMT can also control Intel #Ethernet #interfaces and #Wi-Fi cards to #filter or #block #network traffic from going in or out of the computer.

We could correct all these problems if the users were able to run fully free software on the Management Engine, or at least, make it not run any code, effectively disabling it. The former is impossible because the Management Engine will only run code that is #cryptographically signed by Intel. This means that unless someone finds a flaw in the #hardware that enables users to bypass the signature check, users are effectively denied the ability to #install the software they wish in the Management Engine.

Despite all Intel's efforts to make the Management Engine inescapable, software developers have had some success with preventing it from loading code. For instance, the #Libreboot project disables the Management Engine by removing all the code that the Management Engine is supposed to load on some #Thinkpad computers manufactured in #2008, including the R400, T400, T400s, T500, W500, X200, X200s, and X200T.

Also, many Intel computers manufactured in 2006 have the ancestor of the Management Engine which is disabled from the start, such as the Lenovo Thinkpads X60, X60s, X60 Tablet and T60, and many more.

A free software program named intelmetool is capable of detecting if the Management Engine is absent or disabled. With more recent hardware, it is not yet possible to fully disable the Management Engine, as some of the hardware needs to be initialized by it. It is however possible to limit the amount of nonfree software running on the Management Engine by removing parts of the #code and/or by configuring it to not run some code.

Independently from the Management Engine, other issues affect computers users in very similar ways:

Many computers use nonfree boot software (like #BIOS or #UEFI or equivalent) and/or require it to be cryptographically signed by the hardware manufacturer. This raises similar concern for the freedom, privacy, and security of computer users because the boot software is responsible for loading the operating system, and has more control over the computer than the operating system. This issue also affects computers using other architectures such as #ARM.

#AMD computers made after 2013 also have a separate computer within the computer, called PSP (Platform Security Processor), which has similar #issues.

Because of Intel's attack on users' freedom, to avoid being denied freedom, privacy, and security, computer users wanting to use a machine with an Intel processor must use older computers with no Management Engine, or whose Management Engine is disabled.

Whenever companies follow Intel's path, we will need to design our own hardware to keep being able to escape such attacks on freedom, by ensuring that users can run fully free software on it. This will also create the necessary building blocks that will enable users to benefit from hardware #freedoms in the #future, when manufacturing technologies are easily available to end users.

At the moment the only way to avoid this universal backdoor is to use computers that have been certified to respect your freedom (RYF).


#NSA #spyware #spy #mass #surveillance #technology #laptops #CPU #processor #universal #backdoor #malware #Corei3 #Corei5 #Corei7

 
Freie #Software braucht eine gute #Dokumentation. In der #Python Welt ist #Sphinx Standard.

Die 2. Auflage meines Buches über Sphinx hat fast 50 Seiten mehr. Das Inhaltsverzeichnis ist umfangreicher geworden.

https://literatur.hasecke.com/post/software-dokumentation-mit-sphinx/

#floss #opensource

 
Bild/Foto

NanoPi M4


This board looks good, if someone has tested it, please share opinion.

Hardware Spec
SoC: Rockchip RK3399 
    CPU: big.LITTLE,Dual-Core Cortex-A72(up to 2.0GHz) + Quad-Core Cortex-A53(up to 1.5GHz) 
    GPU: Mali-T864 GPU,supports OpenGL ES1.1/2.0/3.0/3.1, OpenVG1.1, OpenCL, DX11, and AFBC 
    VPU: 4K VP9 and 4K 10bits H265/H264 60fps decoding, Dual VOP, etc 
PMU: RK808-D PMIC, cooperated with independent DC/DC, enabling DVFS, sofeware power-down, RTC wake-up, system sleep mode 
RAM: Dual-Channel 4GB LPDDR3-1866, or Dual-Channel 2GB DDR3-1866 
Flash: no Onboard eMMC, but has a eMMC socket 
Ethernet: Native Gigabit Ethernet 
Wi-Fi/BT: 802.11a/b/g/n/ac, Bluetooth 4.1, Wi-Fi and Bluetooth combo module, 2x2 MIMO, dual antenna interface 
Video Input: one or two 4-Lane MIPI-CSI, dual ISP, up to 13MPix/s,supports simultaneous input of dual camera data 
Video output 
    HDMI: HDMI 2.0a, supports 4K@60Hz,HDCP 1.4/2.2 
    one 4-Lane MIPI-DSI 
Audio Out: 3.5mm Dual channel headphone jack, or HDMI 
Audio In: one microphone input interface 
USB 3.0: four USB 3.0 Type-A ports 
USB Type-C: Supports USB2.0 OTG and Power input 
microSD Slot x 1 
40Pin GPIO Extension ports: 
    3 X 3V/1.8V I2C, up to 1 x 3V UART, 1 X 3V SPI, 1 x SPDIF_TX, up to 8 x 3V GPIOs 
    1 x 1.8V 8 channels I2S  
24Pin Extension ports: 
    2 independent native USB 2.0 Host 
    PCIe x2 
    PWM x1, PowerKey 
Debug: one Debug UART, 4 Pin 2.54mm header, 3V level, 1500000bps 
LED: 1 x power LED and 1 x GPIO Controlled LED 
RTC Battery: 2 Pin 1.27/1.25mm RTC battery input connector 
Power supply: DC 5V/3A 
PCB: 8 Layer, 85 mm x 56 mm 
Ambient Operating Temperature: -20℃ to 70℃

#hardware #software #gnu #linux #mini #board #pi

 
Bild/Foto

NanoPi M4


This board looks good, if someone has tested it, please share opinion.

Hardware Spec
SoC: Rockchip RK3399 
    CPU: big.LITTLE,Dual-Core Cortex-A72(up to 2.0GHz) + Quad-Core Cortex-A53(up to 1.5GHz) 
    GPU: Mali-T864 GPU,supports OpenGL ES1.1/2.0/3.0/3.1, OpenVG1.1, OpenCL, DX11, and AFBC 
    VPU: 4K VP9 and 4K 10bits H265/H264 60fps decoding, Dual VOP, etc 
PMU: RK808-D PMIC, cooperated with independent DC/DC, enabling DVFS, sofeware power-down, RTC wake-up, system sleep mode 
RAM: Dual-Channel 4GB LPDDR3-1866, or Dual-Channel 2GB DDR3-1866 
Flash: no Onboard eMMC, but has a eMMC socket 
Ethernet: Native Gigabit Ethernet 
Wi-Fi/BT: 802.11a/b/g/n/ac, Bluetooth 4.1, Wi-Fi and Bluetooth combo module, 2x2 MIMO, dual antenna interface 
Video Input: one or two 4-Lane MIPI-CSI, dual ISP, up to 13MPix/s,supports simultaneous input of dual camera data 
Video output 
    HDMI: HDMI 2.0a, supports 4K@60Hz,HDCP 1.4/2.2 
    one 4-Lane MIPI-DSI 
Audio Out: 3.5mm Dual channel headphone jack, or HDMI 
Audio In: one microphone input interface 
USB 3.0: four USB 3.0 Type-A ports 
USB Type-C: Supports USB2.0 OTG and Power input 
microSD Slot x 1 
40Pin GPIO Extension ports: 
    3 X 3V/1.8V I2C, up to 1 x 3V UART, 1 X 3V SPI, 1 x SPDIF_TX, up to 8 x 3V GPIOs 
    1 x 1.8V 8 channels I2S  
24Pin Extension ports: 
    2 independent native USB 2.0 Host 
    PCIe x2 
    PWM x1, PowerKey 
Debug: one Debug UART, 4 Pin 2.54mm header, 3V level, 1500000bps 
LED: 1 x power LED and 1 x GPIO Controlled LED 
RTC Battery: 2 Pin 1.27/1.25mm RTC battery input connector 
Power supply: DC 5V/3A 
PCB: 8 Layer, 85 mm x 56 mm 
Ambient Operating Temperature: -20℃ to 70℃

#hardware #software #gnu #linux #mini #board #pi

 
Opensuse strebt eigene Organisation an
Die Linux-Distribution Opensuse will weniger abhängig von Suse werden und dafür eine eigene Organisation gründen. Ob sie zugleich auch den Namen ändern sollte, ist umstritten.
https://www.pro-linux.de/news/1/27135/opensuse-strebt-eigene-organisation-an.html
#openSuse #Linux #Gnu #Tux #Computer #IT #OpenSource #Software

 
Opensuse strebt eigene Organisation an
Die Linux-Distribution Opensuse will weniger abhängig von Suse werden und dafür eine eigene Organisation gründen. Ob sie zugleich auch den Namen ändern sollte, ist umstritten.
https://www.pro-linux.de/news/1/27135/opensuse-strebt-eigene-organisation-an.html
#openSuse #Linux #Gnu #Tux #Computer #IT #OpenSource #Software

 

Habt ihr gestern noch über den Notebad-Bug gelacht? Als vim-User?


Heute lachen nur noch die Emacs-User:

https://github.com/numirias/security/blob/master/doc/2019-06-04_ace-vim-neovim.md

#software #bugs

 

Habt ihr gestern noch über den Notebad-Bug gelacht? Als vim-User?


Heute lachen nur noch die Emacs-User:

https://github.com/numirias/security/blob/master/doc/2019-06-04_ace-vim-neovim.md

#software #bugs

 
Google schränkt Werbeblocker in Chrome ein
Google schafft die Grundlage von uBlock Origin, uMatrix und Privacy Badger im Chrome-Browser de facto ab. Nach eigenen Angaben, um die Leistung zu verbessern. Der Mutterkonzern Alphabet nennt Werbeblocker allerdings eine Bedrohung für Googles Geschäftsmodell.

https://www.golem.de/news/ublock-und-privacy-badger-google-schraenkt-werbeblocker-in-chrome-ein-1906-141627.html
#Browser #Internet #Computer #Google #Chromium #GoogleChrome #OpenSource #Software #Mozilla #Firefox

 
Google schränkt Werbeblocker in Chrome ein
Google schafft die Grundlage von uBlock Origin, uMatrix und Privacy Badger im Chrome-Browser de facto ab. Nach eigenen Angaben, um die Leistung zu verbessern. Der Mutterkonzern Alphabet nennt Werbeblocker allerdings eine Bedrohung für Googles Geschäftsmodell.

https://www.golem.de/news/ublock-und-privacy-badger-google-schraenkt-werbeblocker-in-chrome-ein-1906-141627.html
#Browser #Internet #Computer #Google #Chromium #GoogleChrome #OpenSource #Software #Mozilla #Firefox

 
Krita 4.2 kommt mit über 1000 Fehlerbereinigungen und neuen Features
Eine brandneue version von Krita, einem professionellen und sehr mächtigen Opensource Grafik- und Malprogramm wurde veröffentlicht und steht zum Download für Windows, Linux und Mac zur Verfügung.
Im Artikel selbst ist ein Video verlinkt, das die neuen Features vorführt.
Der Artikel ist auf englisch.

https://www.omgubuntu.co.uk/2019/05/krita-4-2-released-download
#Krita #Software #OpenSource #graphicdesign #graphicart #News #release
Krita 4.2 Debuts with 1000+ Bug Fixes, New Features

 
Bild/Foto
MX 18.3 refreshed isos now available

Direct download:

https://sourceforge.net/projects/mx-linux/files/Final

mirror sites (these may take some time to populate)

https://mxlinux.org/community/wiki/system/iso-download-mirrors/

torrents:

Torrent Files

Verify your downloads with the following checksums
edebbb542bbc0f0997cf8ca9e3afa79b md5 | sha256 | sig MX-18.3_386.iso 
8d08a8aa016e20847d89a96589f88779 md5 | sha256 | sig MX-18.3_x64.iso

We are pleased to offer MX-18.3 isos for your use.

MX-18.3 is a refresh of our MX-18 release, consisting of bugfixes and application updates since our original release of MX-18.

Note: Existing users do not need to reinstall. All bugfixes and additions will come through the regular update channel.

Updated packages

The latest updates from Debian 9.9 (stretch), antiX and MX repos.

New and updated mx-apps

mx-installer (based on gazelle-installer): The installer workflow has been reworked to allow the user to enter system configuration selections while the major system copy is proceeding, speeding up the actual installation time for the user. This is in addition to the encryption cipher options and select-able ESP install location that were previously added. Improvements to the UEFI boot installation routines have been added as well, along with a ton of of other bug fixes. Special thanks to chkboom/AK-47 for the heavy lifting reworking the installer and to fehlix for the improved UEFI boots on troublesome machines.

The kernel has been updated to 4.19.37-2 (linux-image-4.9.0-5 debian package name). So-called “zombieload” patches are included. Existing users can change kernels with the kernels section of MX-PackageInstaller->Popular Apps if they wish.

The MX Manual

Updated mx-manual with revised sections and screenshots, especially pertaining to the installer.

The antiX live-USB system

All the antiX live-USB features, including persistence (up to 20GB!) and remaster.
Significant improvements to the live-usb-maker system. (Special thanks to fehlix & BitJam for the work on live-usb-maker.)

Improved localization

Thanks to Old Giza and the Translation team, we continue translation refreshes for many mx applications (we love translators!)

Please report bugs to the new bugzilla bugtracker Bug Manager

If posting hardware issues, please post the output of the terminal command “inxi -Fxrz” or use our “Quick-system-info” from the menu, at a minimum.

If posting nvidia-installer issues, please post the contents of /var/log/ddm.log.

If posting installer issues, please post contents of /var/log/minstall.log and /var/log/minstall.conf

If posting remaster issues, please include the contents of /var/log/live/live-remaster.log

If posting issues with MX-PackageInstaller “Popular Apps”, please post contents of /var/log/mxpi.log or /var/log/mxpi.log.old (whichever contains the log of your issue).

Thank you!

Dolphin Oracle (on behalf of the MX Dev Team)
#Debian #Gnu #Linux #Computer #OpenSource #Software

 
Bild/Foto
MX 18.3 refreshed isos now available

Direct download:

https://sourceforge.net/projects/mx-linux/files/Final

mirror sites (these may take some time to populate)

https://mxlinux.org/community/wiki/system/iso-download-mirrors/

torrents:

Torrent Files

Verify your downloads with the following checksums
edebbb542bbc0f0997cf8ca9e3afa79b md5 | sha256 | sig MX-18.3_386.iso 
8d08a8aa016e20847d89a96589f88779 md5 | sha256 | sig MX-18.3_x64.iso

We are pleased to offer MX-18.3 isos for your use.

MX-18.3 is a refresh of our MX-18 release, consisting of bugfixes and application updates since our original release of MX-18.

Note: Existing users do not need to reinstall. All bugfixes and additions will come through the regular update channel.

Updated packages

The latest updates from Debian 9.9 (stretch), antiX and MX repos.

New and updated mx-apps

mx-installer (based on gazelle-installer): The installer workflow has been reworked to allow the user to enter system configuration selections while the major system copy is proceeding, speeding up the actual installation time for the user. This is in addition to the encryption cipher options and select-able ESP install location that were previously added. Improvements to the UEFI boot installation routines have been added as well, along with a ton of of other bug fixes. Special thanks to chkboom/AK-47 for the heavy lifting reworking the installer and to fehlix for the improved UEFI boots on troublesome machines.

The kernel has been updated to 4.19.37-2 (linux-image-4.9.0-5 debian package name). So-called “zombieload” patches are included. Existing users can change kernels with the kernels section of MX-PackageInstaller->Popular Apps if they wish.

The MX Manual

Updated mx-manual with revised sections and screenshots, especially pertaining to the installer.

The antiX live-USB system

All the antiX live-USB features, including persistence (up to 20GB!) and remaster.
Significant improvements to the live-usb-maker system. (Special thanks to fehlix & BitJam for the work on live-usb-maker.)

Improved localization

Thanks to Old Giza and the Translation team, we continue translation refreshes for many mx applications (we love translators!)

Please report bugs to the new bugzilla bugtracker Bug Manager

If posting hardware issues, please post the output of the terminal command “inxi -Fxrz” or use our “Quick-system-info” from the menu, at a minimum.

If posting nvidia-installer issues, please post the contents of /var/log/ddm.log.

If posting installer issues, please post contents of /var/log/minstall.log and /var/log/minstall.conf

If posting remaster issues, please include the contents of /var/log/live/live-remaster.log

If posting issues with MX-PackageInstaller “Popular Apps”, please post contents of /var/log/mxpi.log or /var/log/mxpi.log.old (whichever contains the log of your issue).

Thank you!

Dolphin Oracle (on behalf of the MX Dev Team)
#Debian #Gnu #Linux #Computer #OpenSource #Software

 
Krita 4.2 kommt mit über 1000 Fehlerbereinigungen und neuen Features
Eine brandneue version von Krita, einem professionellen und sehr mächtigen Opensource Grafik- und Malprogramm wurde veröffentlicht und steht zum Download für Windows, Linux und Mac zur Verfügung.
Im Artikel selbst ist ein Video verlinkt, das die neuen Features vorführt.
Der Artikel ist auf englisch.

https://www.omgubuntu.co.uk/2019/05/krita-4-2-released-download
#Krita #Software #OpenSource #graphicdesign #graphicart #News #release
Krita 4.2 Debuts with 1000+ Bug Fixes, New Features

 
So wie ihr es mittlerweile gewohnt seit, haben wir zügig das neue #Halcyon :halcyon: v2.3.2 #Update eingespielt. 🎉

Diesmal gab es wieder einige nette neue Funktionen sowie eine neue Sprache.

Alles nachzulesen im #Changelog auf #NotABug unter: https://notabug.org/halcyon-suite/halcyon/releases

Vielen dank an @halcyon und @nipos für das aktive weiterentwickeln der #Software.

Wir wünschen euch viel Spaß mit der neuen Version.

https://halcyon.anoxinon.de

Einen schönen Sonntag Abend das #AnoxinonTeam :anxde:
Bild/Foto

 
Car manufacturer shutdown your own, paid car because of his ongoing litigation with a component supplier about $something. Impossible? Maybe at the moment, maybe in case of cars but reality in case of #Adobe #software. Would be fine to be able to use a proper #open# source alternative but that doesn't exist for every use case.

#weird #world
https://www.vice.com/en_us/article/a3xk3p/adobe-tells-users-they-can-get-sued-for-using-old-versions-of-photoshop

 
👍 😀 👍 Sehenswerte Doku!!

Software-Rebellen: Die Macht des Teilens | Doku | ARTE

Auf dem Softwaremarkt stehen sich zwei Modelle gegenüber: die sogenannte proprietäre Software der großen Unternehmen und die freie Software, die allen Bürgern kostenlos zur Verfügung steht.

#Software #freieSoftware #OpenSource #proprietäreSoftware #Freiheit #Doku #Arte

https://www.youtube.com/watch?v=BxJyDkIqv5Q

 
#frage #software #mediathekview
Hallo, kann mir jemand erklären warum ich #mediathekview nicht mehr aufbekomme. ich arbeite mit nem ubuntu18.04. bionic...

 
#frage #software #mediathekview
Hallo, kann mir jemand erklären warum ich #mediathekview nicht mehr aufbekomme. ich arbeite mit nem ubuntu18.04. bionic...

 
Bild/Foto
The next #elections to the European #Parliament will be held between 23 and 26 May 2019. We want to make sure that as many candidates as possible are aware of our work to #empower users to control technology.

As it currently stands, more than half of the current Members of the European Parliament will leave the parliament. We need to establish new contacts to advocate for Free Software in the next term. For this we need your help in order to promote the "Public Money? Public Code!" initiative.

1) #Mail to #EU election #candidates

A mail is a good first step to establish contact with a candidate. If you want to contact your candidate by e-mail, here are some hints and tips for your mailing:
•use a concise subject
•introduce yourself as an interested voter
•introduce Free Software, talk about the four freedoms and why #Free #Software is important for you and the EU
•ask a question - i.e. if the candidate wants to support Free Software in the European Parliament, does the candidate shares our values, which we communicate in our "Public Money? Public Code!" Campaign
•ask if she/he needs any additional information or if she/he is open for a personal conversation about this topic
•include a link to our brochure, ask if she/he wants to have a hard copy

Once you have done this mailing you should also try to stay in contact with your candidate. If you do not get an answer within one week ask friendly when you can expect a reply. Once you got an answer please share it with us in order to discuss how to proceed.

2) Contact EU election candidates on social networks

If you want to contact your candidate on social networks here are some hints and tips:

•especially on social networks we highly recommend you to stay calm
•try to be precise
•use our share pics and videos

•use links to our campaign websites and news items
•ask a question - e.g. if the candidate wants to support Free Software in the European Parliament or whether the candidate shares our values which we communicate in our "Public Money? Public Code!" campaign

Please share your thread with us.

If you contact your candidate, please keep in mind that you are probably contacting somebody who is not familiar with Free Software yet and needs to be convinced. There are lots of arguments you can use, e.g.:

•#Interoperability thanks to #Open #Standards
•#Independence through Free Software #licenses
•#Collaboration shares risks and costs
•#Transparency by default
•#Involvement of local partners and economy
•#Auditable code

You will find all arguments on our FSFE website, on the "Public Money? Public Code!" campaign website, or in our new brochure. If you have any questions, please feel free to contact us.

Join our community of freedom fighters

Here are some general hints and tips:

•try to use your own words and do not copy and paste to much
•try to use a non-technical language where possible
•think about which arguments suit which candidate; economic arguments may fit better with candidates who care about the economy, fundamental rights or IT security arguments may fit better with digital rights experts
•do not get upset if a candidate will not follow your arguments, stay calm and try another argument or contact another candidate. There are many who are interested
•always be polite

Thank you for your support!

Best regards,
Alexander Sander

--
Free Software Foundation Europe e.V.
Schönhauser Allee 6/7, 10119 Berlin, Germany.
Registered at Amtsgericht Hamburg, VR 17030
Your support enables our work: https://my.fsfe.org/support

 
Bild/Foto
The next #elections to the European #Parliament will be held between 23 and 26 May 2019. We want to make sure that as many candidates as possible are aware of our work to #empower users to control technology.

As it currently stands, more than half of the current Members of the European Parliament will leave the parliament. We need to establish new contacts to advocate for Free Software in the next term. For this we need your help in order to promote the "Public Money? Public Code!" initiative.

1) #Mail to #EU election #candidates

A mail is a good first step to establish contact with a candidate. If you want to contact your candidate by e-mail, here are some hints and tips for your mailing:
•use a concise subject
•introduce yourself as an interested voter
•introduce Free Software, talk about the four freedoms and why #Free #Software is important for you and the EU
•ask a question - i.e. if the candidate wants to support Free Software in the European Parliament, does the candidate shares our values, which we communicate in our "Public Money? Public Code!" Campaign
•ask if she/he needs any additional information or if she/he is open for a personal conversation about this topic
•include a link to our brochure, ask if she/he wants to have a hard copy

Once you have done this mailing you should also try to stay in contact with your candidate. If you do not get an answer within one week ask friendly when you can expect a reply. Once you got an answer please share it with us in order to discuss how to proceed.

2) Contact EU election candidates on social networks

If you want to contact your candidate on social networks here are some hints and tips:

•especially on social networks we highly recommend you to stay calm
•try to be precise
•use our share pics and videos

•use links to our campaign websites and news items
•ask a question - e.g. if the candidate wants to support Free Software in the European Parliament or whether the candidate shares our values which we communicate in our "Public Money? Public Code!" campaign

Please share your thread with us.

If you contact your candidate, please keep in mind that you are probably contacting somebody who is not familiar with Free Software yet and needs to be convinced. There are lots of arguments you can use, e.g.:

•#Interoperability thanks to #Open #Standards
•#Independence through Free Software #licenses
•#Collaboration shares risks and costs
•#Transparency by default
•#Involvement of local partners and economy
•#Auditable code

You will find all arguments on our FSFE website, on the "Public Money? Public Code!" campaign website, or in our new brochure. If you have any questions, please feel free to contact us.

Join our community of freedom fighters

Here are some general hints and tips:

•try to use your own words and do not copy and paste to much
•try to use a non-technical language where possible
•think about which arguments suit which candidate; economic arguments may fit better with candidates who care about the economy, fundamental rights or IT security arguments may fit better with digital rights experts
•do not get upset if a candidate will not follow your arguments, stay calm and try another argument or contact another candidate. There are many who are interested
•always be polite

Thank you for your support!

Best regards,
Alexander Sander

--
Free Software Foundation Europe e.V.
Schönhauser Allee 6/7, 10119 Berlin, Germany.
Registered at Amtsgericht Hamburg, VR 17030
Your support enables our work: https://my.fsfe.org/support

 

The false dichotomy of Worse Is Better vs. The Right Thing


I'll assume you know about the titular debate, if not here's a decent analysis. In this post I want to go further and show that both approaches are wrong. None of this should sound original to those who know design but unfortunately few in the developer community do.

Any kind of engineering is ultimately about people, their quirks and limitations. The Worse Is Better side understands the limitations of developers and correctly notes that complex products often don't ship at all because their developers run out of time and money before the first usable version sees the light of the day. Also given the iterative nature of design it makes sense to start small and make incremental advances so that potential users can stay in the loop and provide feedback.

The Right Thing side understands the limitations of end users and deservedly criticizes the WIB side for producing software with user-hostile UX. Because the opensource culture is heavily influenced by Unix the WIB approach permeates it to a large degree. However, at this point the mountain of evidence clearly outweighs whatever arguments the WIB side can offer. For example, the essay that sparkled the debate mentions the original Unix approach to handling interrupted system calls -- that approach has since been fixed virtually everywhere because it makes system call handling onerous. Or here now-well-known design expert Don Norman argues that command line experience in Unix is 'horrid'. That article is from 1981, a few years after Unix was released into the wild. Then there's The Unix-Haters Handbook from 1994 that describes something similar. And finally you can look at modern reports of companies getting pwned because some admin misconfigured an internet-facing server. The WIB side will say that, well, they should've known better, they should've read the manual, but I hope you can see the pattern. Git has a similar story: lots of cowboys ready to jump to its defense but also lots of pain and fucked up repos, and even some analysis of what exactly is wrong with Git's architecture and UI.

Like I said before, engineering is ultimately about people and here we have two sides: developers and users. Therefore the correct approach is to consider them both. To some extent this is what MVP is about but, as this article argues, in practice it's often interpreted as producing half-assed products for the sole purpose of getting feedback. The article calls the holistic approach SLC (Simple, Lovable, Complete) meaning that every iteration should be a complete product. This idea that even at 0.0.1 you're building a complete product is quite important. If you are a perfectionist, like myself, this is where to redirect your perfectionism -- at finding the most minimal but complete design at every iteration. When it comes to 'lovable', function-over-form minimalist designs often look attractive and age well, so even if you aren't good at aesthetics you can still do OK if you just keep it simple. Engineering is essentially an art of finding the sweet spot where a product has a high degree of design integrity and a simple mental model for its users but is also approachable for its developers.

#opensource #software #programming #engineering #methodology #design #therightthing #worseisbetter #mvp #slc #minimalism #perfectionism

 

The false dichotomy of Worse Is Better vs. The Right Thing


I'll assume you know about the titular debate, if not here's a decent analysis. In this post I want to go further and show that both approaches are wrong. None of this should sound original to those who know design but unfortunately few in the developer community do.

Any kind of engineering is ultimately about people, their quirks and limitations. The Worse Is Better side understands the limitations of developers and correctly notes that complex products often don't ship at all because their developers run out of time and money before the first usable version sees the light of the day. Also given the iterative nature of design it makes sense to start small and make incremental advances so that potential users can stay in the loop and provide feedback.

The Right Thing side understands the limitations of end users and deservedly criticizes the WIB side for producing software with user-hostile UX. Because the opensource culture is heavily influenced by Unix the WIB approach permeates it to a large degree. However, at this point the mountain of evidence clearly outweighs whatever arguments the WIB side can offer. For example, the essay that sparkled the debate mentions the original Unix approach to handling interrupted system calls -- that approach has since been fixed virtually everywhere because it makes system call handling onerous. Or here now-well-known design expert Don Norman argues that command line experience in Unix is 'horrid'. That article is from 1981, a few years after Unix was released into the wild. Then there's The Unix-Haters Handbook from 1994 that describes something similar. And finally you can look at modern reports of companies getting pwned because some admin misconfigured an internet-facing server. The WIB side will say that, well, they should've known better, they should've read the manual, but I hope you can see the pattern. Git has a similar story: lots of cowboys ready to jump to its defense but also lots of pain and fucked up repos, and even some analysis of what exactly is wrong with Git's architecture and UI.

Like I said before, engineering is ultimately about people and here we have two sides: developers and users. Therefore the correct approach is to consider them both. To some extent this is what MVP is about but, as this article argues, in practice it's often interpreted as producing half-assed products for the sole purpose of getting feedback. The article calls the holistic approach SLC (Simple, Lovable, Complete) meaning that every iteration should be a complete product. This idea that even at 0.0.1 you're building a complete product is quite important. If you are a perfectionist, like myself, this is where to redirect your perfectionism -- at finding the most minimal but complete design at every iteration. When it comes to 'lovable', function-over-form minimalist designs often look attractive and age well, so even if you aren't good at aesthetics you can still do OK if you just keep it simple. Engineering is essentially an art of finding the sweet spot where a product has a high degree of design integrity and a simple mental model for its users but is also approachable for its developers.

#opensource #software #programming #engineering #methodology #design #therightthing #worseisbetter #mvp #slc #minimalism #perfectionism

 

Neue Kaiserära in Japan: Das Jahr-1-Problem - Golem.de

Wenn in Japan mit dem 1. Mai der Kaiser wechselt, ändert sich auch die Zeitrechnung: Die Kalender springen zurück auf das Jahr 1. Das beschäftigt nicht nur die Gesellschaft, sondern auch IT-Abteilungen. Es gibt Angst vor Bugs und Datenverlust.
Als ich davon das erste Mal gehört hatte, musst ich auch dran denken wie viel legacy software es wohl noch gibt, die de Äranamen fest im Code hat und x handgefrickelte Methoden zur Berechnung von Daten.

#Japan #Y2K #Software

 
#gnu #linux #software #os #informatica #computers

I + You + We = Linux ❤️🐧

YouTube: I You We = Linux.mp4 (Алексей Черников)


 
Suche #Software für der Verwaltung einer #Genossenschaft: Mitgliederverwaltung, Verwalten der Anteile, regelmäßige Beiträge, #Bankeinzug, einfache Buchhaltung. #JVerein wäre sowas, kann aber keine Anteile verwalten. Tipps?

#followerpower @hostsharing

 
👍 Open Source im Dienst der Gesellschaft

Die Initiative »Public Money, Public Code« setzt sich dafür ein, dass Software, die mit öffentlichen Geldern finanziert wird, unter Open Source-Lizenzen entwickelt wird. Der Einsatz von quelloffener Software im öffentlichen Sektor hat tatsächlich viele Vorteile.

#OpenSource #PublicMoney #PublicCode #Software #öffentlichenGeldern #OpenSourceLizenzen #quelloffenerSoftware #öffentlichenSektor

https://www.pro-linux.de/artikel/2/1968/open-source-im-dienst-der-gesellschaft.html

 

#Matrix: We have discovered and addressed a #security breach.


source: https://matrix.org/blog/2019/04/11/security-incident/

TL;DR: An attacker gained access to the servers hosting Matrix.org. The intruder had access to the production databases, potentially giving them access to unencrypted message data, password hashes and access tokens. As a precaution, if you're a matrix.org user you should change your #password now.


#hack #software #problem #warning #messenger

 

#Matrix: We have discovered and addressed a #security breach.


source: https://matrix.org/blog/2019/04/11/security-incident/

TL;DR: An attacker gained access to the servers hosting Matrix.org. The intruder had access to the production databases, potentially giving them access to unencrypted message data, password hashes and access tokens. As a precaution, if you're a matrix.org user you should change your #password now.


#hack #software #problem #warning #messenger

 

#Matrix: We have discovered and addressed a #security breach.


source: https://matrix.org/blog/2019/04/11/security-incident/

TL;DR: An attacker gained access to the servers hosting Matrix.org. The intruder had access to the production databases, potentially giving them access to unencrypted message data, password hashes and access tokens. As a precaution, if you're a matrix.org user you should change your #password now.


#hack #software #problem #warning #messenger

 

#Matrix: We have discovered and addressed a #security breach.


source: https://matrix.org/blog/2019/04/11/security-incident/

TL;DR: An attacker gained access to the servers hosting Matrix.org. The intruder had access to the production databases, potentially giving them access to unencrypted message data, password hashes and access tokens. As a precaution, if you're a matrix.org user you should change your #password now.


#hack #software #problem #warning #messenger

 
Mozilla fügt in Firefox einen erweiterten Schutz gegen Tracking durch Fingerprinting und gegen Krypto-Mining ein.
https://www.pro-linux.de/news/1/26958/mozilla-sch%C3%BCtzt-firefox-besser-gegen-fingerprinting-und-krypto-mining.html
#Mozilla #Firefox #Internet #Computer #OpenSource #Software

 
Mozilla fügt in Firefox einen erweiterten Schutz gegen Tracking durch Fingerprinting und gegen Krypto-Mining ein.
https://www.pro-linux.de/news/1/26958/mozilla-sch%C3%BCtzt-firefox-besser-gegen-fingerprinting-und-krypto-mining.html
#Mozilla #Firefox #Internet #Computer #OpenSource #Software