I just launched Voteinit.com which focuses on information on ballot measures. It's just a series of simple tables showing what different groups support which ballot measures in California.
If anyone is interested in doing similar for their state/town/city, contributions welcome on Github! My primary goal is to make it a little less overwhelming to go through 10+ ballot measures.
Firefox beta as a snap. (Definitely easy to install. But not as quick and harder to use for managing files - makes it's own Downloads directory, etc)
Firefox (stock) with custom AppArmor confinement. (Fun to do once, but the future is clearly using portals for file access, etc)
Firefox beta as a Flatpak.
I've now been running Firefox as a Flatpak for over 4 months and have not had any blocking issues.
Getting it installed
Flatpak - already installed on Fedora SilverBlue (comes with Firefox with some Fedora specific optimizations) and EndlessOS at least
Follow Quick Setup. This walks you through installing the Flatpak package as well as the Flathub repo. Now you could easily install Firefox with just 'flatpak install firefox' if you want the Stable Firefox.
Updated Riot was renamed to Element. XMPP info added in comment. And Signal still doesn't let you Unregister
A couple years ago I was a part of a discussion about encrypted messaging.
I was in the Signal camp - we needed it to be quick and easy to setup for users to get setup. Using existing phone numbers makes it easy.
Others were in the Matrix camp - we need to start from scratch and make it distributed so no one organization is in control. We should definitely not tie it to phone numbers.
I was wrong.
Signal has been moving in the direction of adding PINs for some time because they realize the danger of relying on the phone number system. Signal just mandated PINs for everyone as part of that switch. Good for security? I really don't think so. They did it so you could recover some bits of "profile, settings, and who you’ve blocked".
If you lose your phone your profile is lost and all message data is lost too. When you get a new phone and install Signal your contacts are alerted that your Safety Number has changed - and should be re-validated.
If you lost your phone you can use your PIN to recover some parts of your profile and other information. I am unsure if Safety Number still needs to be re-validated or not.
Your profile (or it's encryption key) is stored on at least 5 servers, but likely more. It's protected by secure value recovery.
There are many awesome components of this setup and it's clear that Signal wanted to make this as secure as possible. They wanted to make this a distributed setup so they don't even need to tbe only one hosting it. One of the key components is Intel's SGX which has several known attacks. I simply don't see the value in this and it means there is a new avenue of attack.
By mandating user chosen PINs, my guess is the great majority of users will reuse the PIN that encrypts their phone. Why? PINs are re-used a lot to start, but here is how the PIN deployment went for a lot of Signal users:
Get notification of new message
Click it to open Signal
Get Mandate to set a PIN before you can read the message!
That's horrible. That means people are in a rush to set a PIN to continue communicating. And now that rushed or reused PIN is stored in the cloud.
Hard to leave
They make it easy to get connections upgraded to secure, but their system to unregister when you uninstall has been down Since June 28th at least (tried last on July22nd). Without that, when you uninstall Signal it means:
you might be texting someone and they respond back but you never receive the messages because they only go to Signal
if someone you know joins Signal their messages will be automatically upgraded to Signal messages which you will never receive
In summary, Signal got people to hastily create or reuse PINs for minimal disclosed security benefits. There is a possibility that the push for mandatory cloud based PINS despite all of the pushback is that Signal knows of active attacks that these PINs would protect against. It likely would be related to using phone numbers.
I'm trying out the Element which uses the open Matrix network. I'm not actively encouraging others to join me, but just exploring the communities that exist there. It's already more featureful and supports more platforms than Signal ever did.
First, I strongly recommend switching to Jitsi Meet:
It doesn't require you to sign up at all
It's open source
It's on the cutting edge of privacy and security features
Second, Anything else that runs in a browser instead of trying to get you to download an specific desktop application. Your browser protects you from many stupid things a company may try to do. Installing their app means you are at more risk. (Apps for phones is a different story.).
Zoom actually supports joining a call with a web browser. They just don't promote it. Some things may not work as well but you get to keep more of your privacy and security.
On joining the meeting close the request to run a local app.
Click Launch Meeting in middle of screen.
Again close out of the request to open a local app
Ideally, you now get a join from browser, click that!
If it doesn't work try loading the site in another browser. First try Chrome (or those based on it - Brave/Opera) and then Firefox. It's possible that your organization may have disabled the join from web feature.
If you are a Zoom host or admin (why?) you can also ensure that the web feature is not disabled.
Time for a 20.04 LTS LiveCD memory comparison with a bunch more distros. I last did one in 2016.
Using Lubuntu as an example base memory usage approximately doubled from 2016 (251M) to 2020 (585M). Those numbers aren't strictly comparable because I'm not using the exact same setup as in 16.04 and I enabled more modern features (virtio graphics, EUFI, 4 cores).
Lubuntu is able to work with less at least partially because of Zram. The other distro that has Zram enabled is Endless, but they also use the Chromium browser which generally uses more memory than Firefox (also Elementary uses Ephipany). My guess is if Xubuntu enabled zram it's profile would more closely match Lubuntu.
Time limit for each applicaton launch is approximately 30 seconds.
Accuracy over 1G is by .25G increments. Under 1G, I tried to narrow it down to at least .1G.
Getting out of full screen on YouTube apparently is an intensive task. Dropped testing that.
I bought a hack computer for $299 - it's designed for teaching 8+ year olds programming. That's not my intended use case, but I wanted to support a Linux pre-installed vendor with my purchase (I bought an OLPC back in the day in the buy-one give-one program).
I only use a laptop for company events, which are usually 2-4 weeks a year. Otherwise, I use my desktop. I would have bought a machine with Ubuntu pre-installed if I was looking for more of a daily driver.
First boot takes about 20 seconds. And you are then dropped into what I'm pretty sure is GNOME Initial Setup. They also ask on Wifi connections if they are metered or not.
There are standard philips head screws on the bottom of the laptop, but it wasn't easy to remove the bottom and I didn't want to push - I've been told there is nothing user replaceable within.
The options I'd like change are there, and updating the BIOS was easy enough from the BIOS (although no LVFS support..).
A kids take
Keep in mind this review is done by 6 year old, while the laptop is designed for an 8+ year old.
He liked playing the art game and ball game. The ball game is an intro to the hack content. The art game is just Krita - see the artwork below. First load needed some help, but got the hang of the symmetrical tool.
He was able to install an informational program about Football by himself, though he was hoping it was a game to play.
For target market: It's really the perfect first laptop (if you want to buy new) with what I would generally consider the right trade-offs. Given Endless OS's ability to have great content pre-installed, I may have tried to go for a 128 GB drive. Endless OS is setup to use zram which will minimize RAM issues as much as possible. The core paths are designed for kids, but some applications are definitely not. It will be automatically updating and improving over time. I can't evaluate the actual Hack content whose first year is free, but after that will be $10 a month.
For people who want a cheap Linux pre-installed laptop: I don't think you can do better than this for $299.
CPU really seems to be the best in this price range. A real Intel quad-core, but is cheap enough to have missed some of the vulnerabilities that have plagued Intel (no HT).
Battery life is great
A 1080p screen
RAM and disk sizes. Slow eMMC disk. Not upgrade-able.
Fingerprint reader doesn't work today (and that's not part of their goal with the machine, it defaults to no password)
For free software purists, Trisquel didn't have working wireless or trackpad. The included USB->Ethernet worked though.
Mouse can lack sensitivity at times
Ubuntu: I have had Wifi issues after suspend, but stopping and starting Wifi fixed them
Ubuntu: Boot times are slower than Endless
Ubuntu: Suspend sometimes loses the ability to play sound (gets stuck on headphones)
I do plan on investigating the issues above and see if I can fix any of them.
Purge rsyslog (may speed up boot time and reduces unnecessary writes)
For this class of machine, I'd go deb only (remove snaps) and manual updating
I'm currently running with Wayland and Chromium
If you don't want to use stock Ubuntu, I'd recommend Lubuntu.
Florida, Tennessee, the EU and more are considering one timezone for the entire year - no more changing the clocks. Massachusetts had a group study the issue and recommend making the switch, but only if a majority of Northeast states decide to join them. I would like to see the NJ legislature vote to join them.
Interaction between countries would be helped by having one less factor that can impact collaboration. Below are two examples of ways this will help.
Let's consider a meeting scheduled in EST with partipants from NJ, the EU, and Arizona.
NJ - normal disruption of changing times, but the clock time for the meeting stays the same.
Arizona - The clock time for the meeting changes twice a year.
EU - because they also change their clocks at different points throughout the year. Due to this, they have 4 clock time changes during each year.
This gets more complicated as we add partipants from more countries. UTC can help, but any location that has a time change has to be considered for both of it's timezones.
Global shift work or On-call
Generally, these are scheduled in UTC, but the shifts people actually work are in their local time. That can be disruptive in other ways, like finding child care.
In conclusion, while these may be minor compared to other concerns (like the potential health effects associated with change the clocks), the concerns of global collaboration should also be considered.
I just finished moving my website from Wordpress to Nikola (static site generator), GitLab (git and hosting), and CloudFlare (CDN, HTTPS and more).
Their attitude in the handbook is "DON'T READ THIS MANUAL. IF YOU NEED TO READ IT I FAILED, JUST USE THE THING."
That's my kind of software methodology. Don't blame the user, make the system better.
It is also a great handbook that has had pretty much every question I've asked. Documentation is still essential, but it's nice if the commands are self explanatory.
It just worked to import my Wordpress site (minus comments which I "inlined" or deleted for various reasons). I did do some manual HTML to markdown conversion for pages I want to edit more.
I first tried and had Nikola working with GitHub, but GitLab gives me:
Automatic building - I don't have to have a separate branch for output, I just git push my changes (or change on the website) - and GitLab will run a job to create my website. I know this is possible on GitHub, but GitLab just makes it easy.
The option to upload SSL Certs. If I need to drop CloudFlare for some reason, I can have GitLab maintain my website using HTTPS (Which I need to because I'm on the HSTS preload list).
Easier drive by contributions. GitLab lets you sign in with Google, Twitter, GitHub, or BitBucket. I'm thinking for suggesting changes to say a paper (or even this blog post!), that will make for a lower barrier to entry. (Of course, I'd prefer any OpenID but it's better than requiring a new account)
I absolutely love that they have their company handbook maintained in Git and public to the world (with merge request welcome!).
CloudFlare's free plan rocks. And if I ever need to be able to handle more traffic faster, I can upgrade/downgrade as necessary.