Hugo’s Free Software blog feed
hroy.eu
https://hroy.eu/feeds/
Bits on free software, fsfe, tech politics, and the occasional nerdery...
ikiwiki
2023-10-30T21:09:31Z
https://hroy.eu/tips/awesomeTools/
<a
href="http://creativecommons.org/publicdomain/zero/1.0/">CC0-1.0</a>
Some of these logos may be trademarked. No affiliation or endorsement
whatsoever.
2023-09-04T13:47:11Z
2015-10-30T16:02:20Z
<p>Here some little known, yet awesome apps or tools that I use. Thanks
to the people working on these (I’m glad to have met some of them, and
they’re awesome too)!</p>
<aside class="toc">
</aside>
<h5
id="transportr"><img src="https://hroy.eu/tips/awesomeTools/x28-transportr.png" width="28" height="28" class="img" />
<a href="https://transportr.grobox.de/">Transportr</a></h5>
<p><a href="https://transportr.grobox.de/">Transportr</a> is an Android
app to help you use public transports systems. It’s simply the best one
I’ve seen, and it supports a lot of systems (city-wide like Berlin or
Paris and even long-distance).</p>
<h5
id="feedbin"><img src="https://hroy.eu/tips/awesomeTools/x28-feedbin.png" width="28" height="28" class="img" />
<a href="https://feedbin.me/">Feedbin</a></h5>
<p><a href="https://feedbin.me/">Feedbin</a> is an RSS web reader. It
provides a pleasing reading experience and you can easily browse through
items and share links. If you’re looking to host it yourself, have a <a
href="https://github.com/feedbin/">look at the sources</a>.</p>
<h5
id="ikiwiki"><a href="http://ikiwiki.info"><img src="https://hroy.eu/tips/awesomeTools/ikiwiki.png" width="105" height="28" class="img" /></a>
<span class="hide">ikiwiki</span></h5>
<p><a href="http://ikiwiki.info/">ikiwiki</a> powers this blog, hosted
by <a href="https://www.branchable.com/">branchable</a>. If you like git
and markdow, and editing your texts with your favourite text editor,
this is for you.</p>
<h5
id="known"><img src="https://hroy.eu/tips/awesomeTools/x28-known.png" width="28" height="28" class="img" />
<a href="http://withknown.com/">Known</a></h5>
<p><a href="http://withknown.com/">Known</a> (formerly “idno”) is more
“socially aware” than ikiwiki. It runs with PHP and it’s basically your
easy-to-run <a href="http://indiewebcamp.com/">indieweb</a> space. If
you use it with <a href="http://brid.gy" class="uri">http://brid.gy</a>
you will enjoy a nice integration with twitter and other silos (see <a
href="https://ampoliros.net/2014/a-href-classu-in-reply-toaa-hrefneutralite-plateformeshtml-classu-in-reply-toatiens-japprends-par-bortzmeyer-que-le">an
example of my own</a>).</p>
<h5
id="yunohost"><img src="https://hroy.eu/tips/awesomeTools/x28-yunohost.png" width="28" height="28" class="img" />
<a href="https://yunohost.org/">YunoHost</a></h5>
<p><a href="https://yunohost.org/">YunoHost</a> is custom debian
distribution aiming at making self-hosting easy. It provides a nice web
interface for administration of your self-hosted server and for users of
the web server. If you have basic linux administration skills, this will
be very helpful.</p>
<h5
id="pinboard"><img src="https://hroy.eu/tips/awesomeTools/pinboard.png" width="28" height="28" class="img" />
<a href="https://pinboard.in/">Pinboard</a></h5>
<p><a href="https://pinboard.in/">Pinboard</a> a simple and efficient
bookmarking app that also archives the content of marked pages (if you
pay for it). Unfortunately, Pinboard is not released as free software.
But you can <a href="https://pinboard.in/export/">export your
bookmarks</a>.</p>
<h5
id="sharesome"><img src="https://hroy.eu/tips/awesomeTools/x28-sharesome.png" width="28" height="28" class="img" />
<a href="https://sharesome.5apps.com/">Sharesome</a></h5>
<p><a href="https://sharesome.5apps.com/">Sharesome</a> lets you easily
share files on the web. It has a pleasant interface that works well on
all devices I have tested so far. It’s also available as a <a
href="https://5apps.com/basti/sharesome/">web app</a>. The neat feature
is that you can choose where to host your data (for instance, with <a
href="http://remotestorage.io/">remotestorage</a>; you can get an
account at <a href="https://5apps.com"
class="uri">https://5apps.com</a>).</p>
<h5
id="terms-of-service-didnt-readtosdr"><img src="https://hroy.eu/tips/awesomeTools/x28-tosdr.png" width="28" height="28" class="img" />
<a href="http://tosdr.org/">Terms of Service; Didn’t Read</a></h5>
<p>Some shameless self-promo with <a href="http://tosdr.org/">ToSDR</a>,
the app that tells you what happens to your rights online by rating and
summarising Terms of service and privacy policies. You can also get it
<a href="http://tosdr.org/downloads.html">directly in your web
browser</a> or as <a href="https://5apps.com/tosdr/tosdr/">a web
app</a>.</p>
<hr />
<p>If you’re looking for a curated list of awesome web services that are
free of charge and based on free software and open data, look no further
than Jan’s <a href="http://libreprojects.net/">Libre projects</a>.</p>
Understanding Technology
https://hroy.eu/posts/understandingTechnology/
2023-10-30T19:54:26Z
2015-09-09T12:27:57Z
A collection of links to articles that can help anyone understand technology today.<hr><br><p>A collection of links to <a href="https://hroy.eu/tags/longreads/">great
articles</a> (in <a href="https://hroy.eu/tags/lang:en/">English</a>) that can help
anyone understand <a href="https://hroy.eu/tags/technology/">technology</a> today. I
will update this post from time to time, so <a
href="https://hroy.eu/tags/understandingTech/index.atom">subscribe to the feed to get
updates</a>.</p>
<ul>
<li><p><a
href="http://www.newyorker.com/tech/elements/group-rules-web">On HTML5
and the Group That Rules the Web — The New Yorker</a><br /> Paul Ford,
Nov 2014 <a href="https://hroy.eu/tags/web/">#Web</a>
<a href="https://hroy.eu/tags/W3C/">#W3C</a></p></li>
<li><p><a
href="http://www.bloomberg.com/graphics/2015-paul-ford-what-is-code/">What
<em>is</em> Code? — Bloomberg</a><br /> Paul Ford, June 2015
<a href="https://hroy.eu/tags/software/">#software</a></p></li>
<li><p><a
href="http://harvardmagazine.com/2000/01/code-is-law-html">Code Is Law,
On Liberty in Cyberspace — Harvard Magazine</a><br /> Lawrence Lessig,
Jan 2000 <a href="https://hroy.eu/tags/networkNeutrality/">#network
Neutrality</a></p></li>
<li><p><a
href="https://plus.google.com/+JeanBaptisteQueru/posts/dfydM2Cnepe">Dizzying
but invisible depth</a> <br /> Jean-Baptiste
Quéru<a href="https://hroy.eu/tags/software/">#software</a></p></li>
<li><p><a
href="http://www.gnu.org/philosophy/free-digital-society.en.html">A Free
Digital Society: What Makes Digital Inclusion Good or Bad? —
GNU.org</a><br /> Richard Stallman, Oct 2011</p></li>
</ul>
<p>If you have suggestions for articles that you think belong here, feel
free to share them with me.</p>
https://hroy.eu/tips/openSSL/
2015-07-29T09:52:14Z
2015-07-29T09:37:34Z
<p>Hier, j'étais au <a href="https://leloop.org/">loop</a> avec <a href="https://about.okhin.fr/">Okhin</a> pour refaire le chiffrement de
mon serveur mail, que je viens de réinstaller (Kolab 3.4, Debian 8).</p>
<p>Voici quelques liens qui nous ont été utiles :</p>
<ul>
<li><p><a href="http://www.akadia.com/services/ssh_test_certificate.html">How to create a self-signed SSL Certificate</a></p>
<p>Attention cependant, en suivant ces instructions on crée un
certificat avec le <em>flag CA false</em> alors que pour utiliser un
certificat autosigné sur Android, il faut absolument que le <em>flag
CA</em> soit <em>true</em> (voir <a href="https://hroy.eu/feeds/#androidCAself">ci-dessous</a>).</p>
<p>Finalement, voici la commande qui m'a permis de faire le
certificat, dans <code>/etc/ssl/private/</code>:</p>
<pre><code>openssl req -x509 -new -key totosh.ampoliros.net.key -out totosh.ampoliros.net.csr -days 730
</code></pre>
<p>Cette commande remplace l'étape 2. L'étape 4 n'est donc pas
nécessaire semble-t-il.</p>
<p>Ensuite, je copie <code>totosh.ampoliros.net.csr</code> vers
<code>/etc/ssl/certs/totosh.ampoliros.net.crt</code> puis je configure mes
services pour utiliser ce certificat ainsi que la clé privée générée à
l'étape 1.</p></li>
<li><p><a href="https://www.jeveuxhttps.fr/">Je veux HTTPS</a></p>
<p>Utilisé pour configurer Apache2.</p></li>
<li><p><a href="http://www.iletaitunefoisinternet.fr/ssltls-benjamin-sonntag/">Exemples de configuration Postfix de Benjamin Sonntag</a></p>
<p>Sans oublier de générer <code>dh2048.pem</code>:</p>
<pre><code>openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -2 2048
</code></pre></li>
<li><p><a href="https://docs.kolab.org/howtos/secure-kolab-server.html">Securing all Kolab Services</a></p>
<p>Utilisé pour configurer Cyrus IMAPD.</p></li>
</ul>
<h3>Importer un certificat autosigné dans <span id="androidCAself">Android</a></h3>
<p>Normalement, avec la commande openssl donnée plus haut, on génère un
certificat autosigné acceptable pour Android.</p>
<p>On peut par exemple utiliser l'application <a href="https://f-droid.org/repository/browse/?fdfilter=dav&fdid=at.bitfire.cadroid">CAdroid</a> pour importer le
certificat.</p>
<p>Si on est root sur l'Android, on peut aussi copier le certificat
directement dans le système en passant par <code>adb</code>. C'est la solution
que j'ai choisie.</p>
<p><a href="http://wiki.pcprobleemloos.nl/android/cacert">Installing CAcert certificates on Android as 'system' credentials without lockscreen - instructions</a></p>
<p>(En passant: j'ai un bug sur CyanogenMod qui m'enmpêche pour le moment
de modifier les paramètres de sécurité. Je suis donc passé par <code>adb</code>
pour autoriser l'installation de sources autres que Google avec la
commande: <code>adb shell settings put secure install_non_market_apps 1</code>.)</p>
New defensive publication from ownCloud: file syncing encryption
https://hroy.eu/posts/owncloud-encryption-defpub/
2023-10-30T21:03:18Z
2014-10-21T15:18:22Z
Announcing the first defensive publication from ownCloud<hr><br><p>Last month, I worked with Björn Schießle on ownCloud’s first
defensive publication. This one covers ownCloud’s encryption system.</p>
<p>The challenge is that ownCloud is a free software server for file
syncing and file sharing, and you can connect it to different storage
backends. However, you don’t necessarily want these storage providers to
access data unencrypted.</p>
<p>Thus, being able to use encryption to protect user data is paramount,
but not trivial. Users of local encryption tools such as GnuPG will know
that.</p>
<p>Fortunately, ownCloud has offered an <a
href="https://github.com/owncloud/core/tree/master/apps/files_encryption">encryption
system</a> for <a
href="http://blog.schiessle.org/2013/05/28/introduction-to-the-new-owncloud-encryption-app/">more
than a year</a>.</p>
<p>The source of their defensive publication is available <a
href="https://github.com/linuxdefenders/owncloud-encryption/">on Linux
Defenders’ repositories</a>. In order to make it, I started working from
Björn’s <a
href="http://blog.schiessle.org/2013/05/28/introduction-to-the-new-owncloud-encryption-app/">blog
post</a>. It turns out that Björn already had documents describing their
encryption system which were used for internal purposes. They were very
useful to make figures and illustrate the publication. The point is that
making a defensive publication is not very difficult, most of the time,
pieces are already available and you just need to put them together and
to <a href="http://defensivepublications.org/">submit them to Linux
Defenders</a>.</p>
<p>Encryption for file syncing servers is an important feature worth
protecting from further patents, and that a lot of patents get applied
for about all sorts of “cloud” systems. Just publishing this as a <a
href="http://defensivepublications.org/">defensive publication</a> does
not cost anything, but its benefits are great: a defensive publication
is a statement of prior art that prevents everyone from being able to
exclude anyone to implement what the publication specifies. By
submitting it to the <a
href="http://priorart.ip.com/IPCOM/IPCOM000239206D">IP.com database</a>,
Linux Defenders make sure that the free software community’s innovations
are accessible to patent office examiners who are responsible for
reviewing and granting claims to patent applications.</p>
<p>If you’re also interested in making a defensive publication, we’re
about to <a
href="https://hroy.eu/work/oin/tutorial-linuxdefenders/defpub-guide/">publish
our tutorial</a>. This will <a
href="https://hroy.eu/work/oin/tutorial-linuxdefenders/defpub-guide/">guide
you</a> through the steps and the parts that can make a good defensive
publication. Your feedback is welcome!</p>
How to produce defensive publications
https://hroy.eu/posts/defpub-workflow-rfc/
2023-10-30T19:54:26Z
2014-09-05T07:33:37Z
A proposal and request for comments on how to make it easy for free software projects to produce defensive publications against patents.<hr><br><p>Last month, I <a href="https://hroy.eu/posts/intro-defpubs/">introduced what
defensive publications are</a>: documents describing something (a new
feature, a new algorithm, a new system) in order to prevent further
patents.</p>
<p>Defensive publications are needed because on the one hand, even when
the source code is available to the public, it is not necessarily
accessible to the patent office examiner who’s reviewing patent
applications. This is why we submit defensive publications to their
databases: it makes the review process more aware of what free software
projects develop.</p>
<p>On the other hand, while pushing code to a public repository is easy
for a project contributor, writing and submitting a defensive
publication is not as straightforward.</p>
<p>On of my goals is to help fix this, so that producing defensive
publications gets as easy as possible for Free Software projects. So,
during this month, amongst other patent-related activities, I published
a first version the <a
href="https://github.com/LinuxDefenders/defpub-template/">a defensive
publication template</a> on <a
href="https://github.com/LinuxDefenders/">Github</a>. Hopefully, I will
be able to improve on this version and push other useful things for the
whole <a href="http://linuxdefenders.org/">Linux Defenders</a>
programme. Your feedback would be very appreciated!</p>
<p>A prior observation before explaining how the template works:
obviously, writing defensive publications is not a developer’s top
priority. But writing a defensive publication is not something that can
be left entirely to lawyers (although we can help). Writing a defensive
publication requires insights on:</p>
<ul>
<li>how the code works, how the system is designed</li>
<li>how other solutions, especially prior solutions and current trends
develop</li>
</ul>
<p>For this reason, developers are in a privileged position to write
defensive publications. The situation is not entirely unlike that of
writing documentation. Writing documentation is probably not a
developer’s favourite task (and indeed the state of some documentation
is evidence of this). However, we know that a good documentation is also
a sign of a project’s health and so we make process and tools to
facilitate this task. Fortunately, writing a defensive publication is
not much different from writing documentation, and so we should be able
to <em>kill two birds with one stone</em>.</p>
<h3 id="how-does-it-work">How does it work?</h3>
<p>Once you have identified some part of your software that you want to
write a defensive publication about:</p>
<ol type="1">
<li><p><a
href="https://github.com/LinuxDefenders/defpub-template/archive/master.zip">Download
and extract the template</a></p>
<p>The <code>README</code> should guide you. Especially, you can find
examples of things to use to start your own publication, such as
figures, flowcharts, etc.</p></li>
<li><p>Update variables like:</p>
<pre><code>TITLE
PROJECT
URL
DESCRIPTION
TAGS</code></pre>
<p>(I’ll probably write a script to automate that…)</p></li>
<li><p>Create an <code>abstract.yaml</code> file in <code>src/</code>
(you can one from the <code>example/</code> directory) and also update
the <code>tags</code>. You can edit the abstract itself, later at the
end.</p>
<p>This will later appear on the list of <a
href="http://defensivepublications.org"
class="uri">http://defensivepublications.org</a>.</p></li>
<li><p>You can start writing your document in <code>src/</code> - You
can write in any format provided that you are able to produce a PDF at
the end so we can submit it to the patent office. Right now the template
is very much focused around <a
href="http://johnmacfarlane.net/pandoc/">pandoc</a> which is able to
convert a lot of different kinds of texts, like Markdown to LaTeX. You
can follow the <code>README</code>.</p></li>
</ol>
<p>As you see, it’s a bit rudimentary now, but the idea behind with this
template is that you should be able to take relevant bits of your
documentation and integrate them directly into your defensive
publication’s source files. Then you can use <code>pandoc</code> to
combine all the files together in the relevant order.</p>
<p>That way you don’t have to duplicate content, but rather you reuse
relevant parts of your documentation that describe your software for the
defensive publication.</p>
<p>Once you’ve done that, you need to write the abstract and probably
write an introduction if you need to give more details. Another part to
introduce your publication can be a description of the current state of
the art relevant to your software: basically, what’s the problem your
software solves and how other solutions try to address this problem in
your field.</p>
<p>The template comes with a file <a
href="https://github.com/LinuxDefenders/defpub-template/blob/master/example/template.pdf"><code>example/template.pdf</code></a>
that should guide you through the different parts that make a defensive
publication.</p>
<h3 id="get-involved-with-us">Get involved with us</h3>
<p>If you are interested in writing a defensive publication or have more
questions, don’t hesitate to join <a
href="http://irc.lc/freenode/linuxdefenders/">#linuxdefenders</a> on the
IRC freenode server.</p>
<p>Also, I’m very much interested in your feedback. What’s your opinion?
What do you need to write a defensive publication as easily as
possible?</p>
<hr />
<p>Next month, I should be able to show an example from
<a href="https://hroy.eu/tags/defensivePublications/">defensive publications</a>,
with additional explanation and comments!</p>
Why I want to update the User Data Manifesto
https://hroy.eu/posts/why-new-user-data-manifesto/
2023-09-18T15:16:31Z
2014-08-26T09:39:22Z
I’ve been working on a new version of the User Data Manifesto published by Frank Karlitschek. I think the current version have several problems and I want to fix them.<hr><br><p><strong>Update</strong>: Version 2 of the <a
href="https://userdatamanifesto.org/">User Data Manifesto</a> is
out!</p>
<hr />
<p>In late 2012, a new manifesto emerged from the free software
community: <a href="http://userdatamanifesto.org/1.0/">The User Data
Manifesto</a>, written by Frank Karlitschek of <a
href="http://owncloud.org">Owncloud</a>. Quite similar to the <a
href="http://autonomo.us/2008/07/14/franklin-street-statement/">Franklin
Street Statement</a> on freedom and network services, the manifesto was
taking another approach which I think was good: identifying a new set of
rights for users, or as the manifesto puts it: “defining basic rights
for people to control their own data in the internet age.”</p>
<p>I have applauded the approach and I think the current manifesto is a
good starting point — which is why I have started an effort to create a
new better version built on the <a
href="http://userdatamanifesto.org/1.0/">first version</a>. If you are
interested directly into <a
href="https://github.com/userdatamanifesto/www/pull/4">discussing the
new version</a> then you can <a href="https://hroy.eu/feeds/#my-current-proposal">skip the
first part</a> of this article.</p>
<h3 id="whats-wrong-with-the-current-version">What’s wrong with the
current version?</h3>
<p>Right now, the manifesto consists of 8 points – and I think that’s
probably too much. As you will see, some of these points overlap.
Another thing that’s wrong with the current version is that it mixes
several issues together with no hierarchy or context between these; for
instance, some points are about user rights, some others are about
implementation only (like point 8. Server software transparency).</p>
<p>So let me take some points separately:</p>
<blockquote>
<p>1 - Own the data<br />
The data that someone directly or indirectly creates belongs to the
person who created it.</p>
</blockquote>
<p>This one is very, very problematic. What does “belong” mean, what
does “own” mean? Why is one used in the title and the other in the
description? What happens when several persons “created” data. What does
“create [data]” even mean? I don’t create “data”, my computer generates
data when I do things and make stuff.</p>
<p>This point could be read like a copyright provision and thus justify
current copyright laws. This is probably not the intention behind this.
So this point should be fixed. This reason alone is enough to make it a
necessity to update the current manifesto.</p>
<p>But what was the intention behind this?</p>
<aside class="pull-left">
<table class="img">
<caption>
1991, Sega’s Zero Wing
</caption>
<tr>
<td>
<a href="https://hroy.eu/posts/why-new-user-data-manifesto/Aybabtu.png"><img src="https://hroy.eu/posts/why-new-user-data-manifesto/Aybabtu.png" width="240" height="160" alt="Zero Wing screenshot" class="pull-left aside" /></a>
</td>
</tr>
</table>
</aside>
<p>I think I understand it, and I agree with it. Maybe you know the meme
<a
href="https://en.wikipedia.org/wiki/All_your_base_are_belong_to_us">“All
your base are belong to us”</a> sometimes deviated into “All Your Data
Are Belong to Us” in reference to Google/NSA/etc.</p>
<p>This is basically what we want to prevent. For a user data manifesto
to be effective, it means that even if I use servers to store some of
<em>my data</em>, it does not mean that the server admin should feel
like being able to do as if it was <em>their data</em>.</p>
<p>However, a careful note is needed here. As you will notice, I’m
referring to data as “my data” or “their data.” This is very important
to consider. If we want a good User Data Manifesto, we need to think
clearly about what makes data, “User Data.”</p>
<p>The current version of the manifesto says that what makes User Data
is data “created by the user.” But I think that’s misleading.</p>
<p>Usually, there are two ways in which one might refer to data as
“their data” (i.e. “their own” data):</p>
<ol type="1">
<li><p>Personal data, or personally-identifiable information, are often
referred to by <em>someone</em> as <em>their data</em>. But in our case,
that’s not relevant, this is covered by laws such as data protection in
the European Union. That’s not the scope of this manifesto, because in
this case the <em>person</em> is called the “data subject” and
typically, this person is not necessarily a “user.”</p>
<p>However, this is users that we are concerned with in this manifesto.
Which leads to the second case in which one usually refers to data as
their own data:</p></li>
<li><p>Data that is stored on <em>my</em> hard-drive or other storage
apparatus. In this case, the meaning of ownership of data is an
extension of the ownership of the physical layer on which it sits.</p>
<p>For instance, when I refer to the books that are in my private
library at home, I say that these are <em>my books</em> even though I
have not written any of them. I <em>own</em> these books not because I
have created them, but because I bought them.</p></li>
</ol>
<p>So, for the purpose of the User Data Manifesto, how should we define
User Data to convey the objective that servers admins do not have the
right to do as they wish with user data, i.e. <em>our data</em>?</p>
<p>I propose this:</p>
<blockquote>
<p>“User data” means any data uploaded by a user and/or generated by a
user, while using a service on the Internet.</p>
</blockquote>
<p>This definition is aimed at replacing point 1 of the first version.
This definition is consistent with our current way of referring to data
as “our own data” but it also includes the case where data is not
necessarily generated by devices that we own, but instead are generated
<em>by us, for us</em> on devices that somebody else owns.</p>
<blockquote>
<p>2 - Know where the data is stored<br />
Everybody should be able to know: where their personal data is
physically stored, how long, on which server, in what country, and what
laws apply.</p>
</blockquote>
<p>I have tried to improve this. This is point 2 in [my version of the
manifesto][#mycurrentproposal].</p>
<blockquote>
<p>3 - Choose the storage location<br />
Everybody should always be able to migrate their personal data to a
different provider, server or their own machine at any time without
being locked in to a specific vendor.</p>
</blockquote>
<p>This is point 3 in my version of the manifesto.</p>
<blockquote>
<p>4 - Control access<br />
Everybody should be able to know, choose and control who has access to
their own data to see or modify it.</p>
<p>5 - Choose the conditions<br />
If someone chooses to share their own data, then the owner of the data
selects the sharing license and conditions.</p>
</blockquote>
<p>These two points are now point 1 in my version. I have merged them
together. However, I have modified the part about “choosing the
conditions” and instead refer to “permissions” (as in, read-only,
read-write, etc.). I think the “conditions” as in licensing conditions
are out of scope of this manifesto.</p>
<blockquote>
<p>6 - Invulnerability of data<br />
Everybody should be able to protect their own data against surveillance
and to federate their own data for backups to prevent data loss or for
any other reason.</p>
</blockquote>
<p>This point was redundant with point 4 and it was drafted in a vague
manner, so I have modified it and integrated in point 1 of my version of
the manifesto.</p>
<blockquote>
<p>7 - Use it optimally<br />
Everybody should be able to access and use their own data at all times
with any device they choose and in the most convenient and easiest way
for them.</p>
</blockquote>
<p>I feel this is not in scope with the manifesto because this describes
a feature, not a right, and also because I felt it was a bit vague:
what’s “most convenient and easiest way for them”? So I decided to leave
this one out.</p>
<blockquote>
<p>8 - Server software transparency<br />
Server software should be free and open source software so that the
source code of the software can be inspected to confirm that it works as
specified.</p>
</blockquote>
<p>This is about implementation related to point 3 of the current
version related to the right to choose any location to store their data,
the right to move to another platform. So I have merged it into point 3
of my version of the manifesto regarding the freedom to choose a
platform.</p>
<hr />
<p>That’s it. Overall, I think the manifesto was a good starting point
and that it should be improved and updated. I think that we should
reduce the number of points because 8 is too many; especially because
some of them are redundant. We should also give more context after we
lay out the rules.</p>
<p>This is what I have tried to do with <a
href="https://github.com/userdatamanifesto/www/pull/4">my
modifications</a>. There is a <a
href="https://github.com/userdatamanifesto/www/pull/4">pull request on
Github</a> pending. Feel free to give your impressions there.</p>
<p>Obviously, this is also a request for comments, criticism and
improvement of my version of the manifesto.</p>
<p><strong>Thanks</strong> to Jan-Christoph Borchardt, Maurice
Verheesen, Okhin and Cryptie for their feedback and/or suggested
improvements since April 2013.</p>
<h3 id="my-current-proposal">My current proposal</h3>
<p><a href="http://udm.branchable.com/index.en.html">User Data
Manifesto, v2 DRAFT:</a> as of today, August 26, 2014:</p>
<p>This manifesto aims at defining basic rights for people regarding
their own data in the Internet age. People ought to be free and should
not have to pay allegiance to service providers.</p>
<ol start="0">
<li>
“User data” means any data uploaded by a user and/or generated by a
user, while using a service on the Internet.
</li>
</ol>
<p>Thus, users should have:</p>
<ol type="1">
<li><p>Control over user data access</p>
<p>Data explicitly and willingly uploaded by a user should always be
under the ultimate control of the user. Users should be able to decide
whom to grant (direct) access to their data and under which permissions
such access should occur.</p>
<p>Cryptography (e.g. a <a
href="https://en.wikipedia.org/wiki/PKI">PKI</a>) is necessary to enable
this control.</p>
<p>Data received, generated, collected and/or constructed from users’
online activity while using the service (e.g. metadata or social graph
data) should be made accessible to these users and put under their
control. If this control can’t be given, than this type of data should
be anonymous and not stored for long periods.</p></li>
<li><p>Knowledge of how the data is stored</p>
<p>When the data is uploaded to a specific service provider, users
should be able to know where that specific service provider stores the
data, how long, in which jurisdiction the specific service provider
operates, and which laws apply.</p>
<p>A solution would be, that all users are free to choose to store their
own data on devices (e.g. servers) in their vicinity and under their
direct control. This way, users do not have to rely on centralised
services. The use of peer-to-peer systems and unhosted apps are a means
to that end.</p></li>
<li><p>Freedom to choose a platform</p>
<p>Users should always be able to extract their data from the service at
any time without experiencing any vendor lock-in.</p>
<p>Open standards for formats and protocols, as well as access to the
programs source code under a Free Software license are necessary to
guarantee this.</p></li>
</ol>
<p>If users have these rights, they are in control of their data rather
than being subjugated by service providers.</p>
<p>Many services that deal with user data at the moment are gratis, but
that does not mean they are free. Instead of paying with money, users
are paying with their allegiance to the service providers so that they
can exploit user data (e.g. by selling them or building a profile for
advertisers).</p>
<p>Surrendering privacy in this way may seem to many people a trivial
thing and a small price to pay for the sake of convenience that the
Internet services brings. This has made this kind of exchange to become
common.</p>
<p>Service providers have thus been unwittingly compelled to turn their
valuable Internet services into massive and centralised surveillance
systems. It is of grave importance that people understand/realize this,
since it forms a serious threat to the freedom of humanity</p>
<p>When users control access to the data they upload (Right #1), it
means that data intended to be privately shared should not be accessible
to the service provider, nor shared with governments. Users should be
the only ones to have ultimate control over it and to grant access to
it. Thus, a service should not force you to disclose private data
(including private correspondence) with them.</p>
<p>That means the right to use cryptography<a href="https://hroy.eu/feeds/#fn1"
class="footnote-ref" id="fnref1" role="doc-noteref"><sup>1</sup></a>
should never be denied. On the contrary, cryptography should be enabled
by default and be put under the users’ control with Free Software that
is easy to use.</p>
<p>Some services allow users to submit data with the intention to make
it publicly available for all. Even in these cases, some amount of user
data is kept private (e.g. metadata or social graph data). The user
should also have control over this data, because metadata or logging
information can be used for unfair surveillance. Service providers must
commit to keeping these to a minimum, and only for the purpose of
operating the service.</p>
<p>When users make data available to others, whether to a restrictive
group of people or to large groups, they should be able to decide under
which permissions they grant access to this data. However, this right is
not absolute and should not extend over others’ rights to use the data
once it has been made available to them. What’s more, it does not mean
that users should have the right to impose unfair restrictions to other
people.</p>
<p>Ultimately, to ensure that user data is under the users’ control, the
best technical designs include peer-to-peer or distributed systems, and
unhosted applications. Legally, that means terms of service should
respect users’ rights.</p>
<p>When users use centralised services that uploads data to specific
storage providers instead of relying on peer-to-peer systems, it is
important to know where the providers might store data because they
could be compelled by governments to turn over data they have in their
possession (Right #2).</p>
<p>In the long term, all users should have their own server.
Unfortunately, this is made very difficult by some Internet access
providers that restrict their customers unfairly. Also, being your own
service provider often means having to administer systems which require
expertise and time that most people currently don’t have or are willing
to invest.</p>
<p>Users should not get stuck into a specific technical solution. This
is why they should always be able to leave a platform and settle
elsewhere (Right #3). It means users should be able to have their data
in an open format, and to exchange information with an open protocol. <a
href="http://fsfe.org/activities/os/def.html">Open standards</a> are
standards that are free of copyright and patent constraints. Obviously,
without the source code of the programs used to deal with user data,
this is impractical. This is why programs should be distributed under a
Free Software license like the GNU AGPL-3<a href="https://hroy.eu/feeds/#fn2"
class="footnote-ref" id="fnref2"
role="doc-noteref"><sup>2</sup></a>.</p>
<hr />
<p><strong>Thanks</strong> to <a href="https://hroy.eu//samtuke.com">Sam Tuke</a> for
his feedback on the post and the manifesto!</p>
<aside id="footnotes" class="footnotes footnotes-end-of-document"
role="doc-endnotes">
<hr />
<ol>
<li id="fn1"><p>We mean effective cryptography. If the service provider
enables cryptography but controls the keys or encrypts the data with
your password, it’s probably <a
href="https://en.wikipedia.org/wiki/Snake_oil_%28cryptography%29">snake
oil</a>.<a href="https://hroy.eu/feeds/#fnref1" class="footnote-back"
role="doc-backlink">↩︎</a></p></li>
<li id="fn2"><p>The GNU AGPL-3 safeguards this right by making it a
legal obligation to provide access to the modified program run by the
service provider. (<a href="http://www.gnu.org/licenses/agpl.html">§ 13.
Remote Network Interaction</a>)<a href="https://hroy.eu/feeds/#fnref2" class="footnote-back"
role="doc-backlink">↩︎</a></p></li>
</ol>
</aside>
Intro to Open Invention Network’s defensive publications
https://hroy.eu/posts/intro-defpubs/
2023-10-30T20:13:50Z
2014-07-28T13:13:05Z
What I’ve been working on the last three weeks, my internship at Open Invention Network starts<hr><br><p>Three weeks ago, I started working for <em>Open Invention
Network</em> as an intern<a href="https://hroy.eu/feeds/#fn1" class="footnote-ref" id="fnref1"
role="doc-noteref"><sup>1</sup></a>. <a
href="https://www.openinventionnetwork.com/">Open Invention Network</a>,
or OIN in short, aims at creating a safe environment for Linux and
Linux-based systems to thrive in spite of all the threats that patents
constitute to software developers.</p>
<aside class="dyk-patents2009 sidenote right">
<strong>Did you know?</strong> In 2009-2011 in the US, $20 billion was
spent on patent litigation and patent purchases. In 2011, for Apple and
Google, this spending exceeded spending on research and development. <a
href="http://www.nytimes.com/2012/10/08/technology/patent-wars-among-tech-giants-can-stifle-competition.html?_r=2&pagewanted=all"
title="In the smartphone industry alone, according to a Stanford University analysis, as much as $20 billion was spent on patent litigation and patent purchases in the last two years — an amount equal to eight Mars rover missions. Last year, for the first time, spending by Apple and Google on patent lawsuits and unusually big-dollar patent purchases exceeded spending on research and development of new products, according to public filings.">(source)</a>
</aside>
<p>As one of my activities with <a
href="https://www.openinventionnetwork.com/">OIN</a> in the <a
href="http://www.linuxdefenders.org/">Linux Defenders</a> program, I am
helping Free Software (aka Open Source) projects submit “defensive
publications.”</p>
<p>Defensive publications are sort of anti-patents:</p>
<ul>
<li>while patents are claimed to <em>exclude others</em> from being able
to implement something,</li>
<li>defensive publications <em>prevent anyone to exclude others</em>
from being able to implement something.</li>
</ul>
<p>They’re called defensive because they can be used against further
patent applications or they can be used a posteriori to defend oneself
against patent infringement claims. Indeed, if the software is already
accessible by the public before a patent on it is submitted, there’s no
way you or anyone would be infringing on a patent on that software.
Actually in that situation the patent should be invalidated. Then you
might ask: why do I need to write defensive publications if I have
already published my source code? – Unfortunately, that’s because just
releasing source code is not effective to protect yourself against
patents.</p>
<p>In theory, it is true that you are immune from infringement of
subsequent patents as soon as you’ve made your software source code
publicly accessible online, for instance using a public version control
system like Github.</p>
<p>In practice, it’s not really effective. Here’s why:</p>
<ol type="1">
<li><p>the life of patents begin at the patent office where patent
applications are submitted, then reviewed by patent office staff:</p>
<blockquote>
<p>Patent examiners have a strong sense of the technology that is
patented, but <strong>they’re missing an understanding of what has been
and is currently being developed in the open source world</strong>. As
shocking as it may seem, the result is the examiner formulating an
inaccurate sense of what is innovative. As the final arbiter of a very
significant monopoly grant, they are often grossly uninformed in terms
of what lies beyond their narrowly scoped search. This is not wholly
their fault as they have limited resources and time. However, it is a
strong indication of a faulty system that is so entrenched in the
archaic methods under which patent offices have been operating.</p>
</blockquote>
<p>As <a
href="http://creative-destruction.me/2014/01/21/defensive-publications-shedding-light-on-innovation/">Andrea
pointed out</a>, patent office staff will usually not go to software
repositories and read source code in order to find prior art. That’s why
making it easy for them to read about what you’ve done in software is
necessary. That’s what defensive publications are supposed to
do.</p></li>
</ol>
<ol start="2" type="1">
<li><p>The life of patents end in several ways, whichever comes
first:</p>
<ol type="1">
<li>The patent was filed more than 20 years ago or the patent holders
have not paid their yearly patent-taxes, it’s now in the public
domain</li>
<li>an authoritative court decision has striked out the patent as
invalid (and there’s no appeal pending)</li>
<li>the patent office reverts their decision to grant the patent</li>
</ol>
<p>The problem is that in each of these cases, the process can be quite
long. Litigations can go on for several years, especially since a patent
holder will probably try to appeal a decision that invalidate its
patent.</p>
<p>As for the patent office procedures, they can take a decade. For
instance, it took more than 15 years to strike down a single very broad
Amazon patent application<a href="https://hroy.eu/feeds/#fn2" class="footnote-ref" id="fnref2"
role="doc-noteref"><sup>2</sup></a>.</p>
<p>Meanwhile, the patent will constitute a potential threat that will
effectively encumber the use and distribution of your software.</p></li>
</ol>
<p>Basically, <a href="http://www.defensivepublications.org/">defensive
publications</a> consist in documenting one aspect of software projects
that’s focused on solving a challenge and does it in a new, innovative
way. The document would give some context about the state of the art and
then describe in more details how the system works, usually by using
meaningful diagrams, flowcharts and other figures.</p>
<p><a href="https://www.flickr.com/photos/opensourceway/6554315093/">Not
like this one:</a></p>
<!--![Created by Libby Levi for opensource.com](https://farm8.staticflickr.com/7155/6554315093_d4a9119a17_o.png)-->
<table class="img">
<caption>
Created by Libby Levi for opensource.com
</caption>
<tr>
<td>
<img src="https://hroy.eu/posts/intro-defpubs/666x-typical-patent-software-fig.png" width="666" height="374" alt="Parody of a software patent figure" class="img" id="typical-patent-software-fig" />
</td>
</tr>
</table>
<p>And who’s going to read defensive publications? At <a
href="https://www.openinventionnetwork.com/">OIN</a>, we maintain a
website <a href="http://www.defensivepublications.org/">to list
defensive publications</a>. Then, we submit them to databases used for
prior-art examination by patent office examiners. So the target audience
for these defensive publications is the patent office that reviews
patent applications. A good defensive publication should use generic
terms that are understood even by someone who’s not programming in the
same language as the one used for the program.</p>
<p>Defensive publications may be no more than a re-arrangement of what’s
already written on the project’s blog, or in the documentation. They can
be useful to explain how your program works to other programmers. In
some aspect, they look like a (short!) scientific publication.</p>
<p>For software that works in areas heavily encumbered with patents like
media codecs, actively submitting defensive publications can safeguard
the project’s rights against patent holders. For instance, consider that
<a
href="http://www.washingtonpost.com/blogs/the-switch/wp/2014/07/15/patent-trolls-now-account-for-67-percent-of-all-new-patent-lawsuits/">patent
trolls now account for 67% of all new patent lawsuits</a> and as shown
in a 2012 study, <a
href="http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2146251"
title="Startups and Patent Trolls">startups are not immune to patent
threats</a>.</p>
<p>So part of my job is to work with Free Software projects to help them
submit defensive publications. I have been working with Pablo Joubert on
a defensive publication around search engines making use of <a
href="https://en.wikipedia.org/wiki/Distributed_hash_table">distributed
hash tables (DHT)</a>. Pablo was involved in the <a
href="http://seeks-project.info/">Seeks project</a> and has now started
a new project building upon <a
href="http://seeks-project.info/">seeks</a>. It was very interesting for
me to learn more about how <a
href="https://en.wikipedia.org/wiki/Distributed_hash_table">DHT</a> are
used in peer-to-peer networks and how we can make use of them for new
awesome applications like social search. Now, Pablo also has a document
that explains concisely what the project is and how it works. This could
be the preamble to the documentation 😉</p>
<p>I’ve also worked on a guide to defensive publications and I am
starting to think on how a tutorial might look like. I hope you will
find that useful. I’ll write more
<a href="https://hroy.eu/tags/OpenInventionNetwork/">about that next time</a>!</p>
<p>If you are interested, don’t hesitate to join <a
href="http://irc.lc/freenode/linuxdefenders/">#linuxdefenders</a> on the
IRC freenode server.</p>
<aside id="footnotes" class="footnotes footnotes-end-of-document"
role="doc-endnotes">
<hr />
<ol>
<li id="fn1"><p>Since I passed the bar exam in December last year, I now
have to fulfil two 6-month internships.<a href="https://hroy.eu/feeds/#fnref1"
class="footnote-back" role="doc-backlink">↩︎</a></p></li>
<li id="fn2"><p>It’s patent <a
href="https://register.epo.org/application?number=EP99105948">EP0927945</a>
The patent’s abstract begins like this: “A method and system for placing
an order to purchase an item via the Internet.” This patent was filed at
the European Patent Office in 1998.<a href="https://hroy.eu/feeds/#fnref2"
class="footnote-back" role="doc-backlink">↩︎</a></p></li>
</ol>
</aside>
5 approximations à rectifier pour bien s’y repérer dans les licences libres
https://hroy.eu/posts/jdn-licences-libres-5-approximations/
2023-10-30T20:13:18Z
2014-07-28T13:13:05Z
<p>[[!meta <span class="error">Erreur: cannot parse date/time:
</span>]]</p>
<p>Le <em>Journal du Net</em> publiait la semaine dernière <a
href="http://www.journaldunet.com/solutions/dsi/comparatif-des-licences-open-source.shtml">Comment
se repérer dans la jungle des licences open source</a>. L’article a été
pas mal <a
href="https://twitter.com/JDNSolutions/status/492561458807705600">partagé
sur Twitter</a>. Malheureusement, il souffre de plusieurs approximations
dommageables.</p>
<p>Voici 5 rectifications :</p>
<h3 id="licences-libres-et-licences-open-source-cest-pareil">1. Licences
libres et licences « open source », c’est pareil</h3>
<p>L’article semble semer la confusion en essayant de diviser et de
cataloguer les licences.</p>
<p><strong>Les licences libres et les licences open source forment une
seule et même catégorie</strong>. Autrement dit, il n’y a pas de
différence entre ces types de licences : une licence non-copyleft comme
la licence MIT est autant une licence libre qu’une licence « open
source », une licence copyleft comme la GNU GPL est autant une licence
libre qu’une licence « open source ». La preuve? Il suffit de regarder
la <a href="http://opensource.org/licenses">liste des licences
maintenues par l’Open Source Initiative</a> et <a
href="http://www.gnu.org/licenses/license-list.html">la liste maintenue
par GNU</a> pour constater qu’en pratique, les critères sont les mêmes
puisqu’on aboutit aux mêmes résultats</p>
<p>Pour mieux comprendre les raisons historiques de l’existence de ces
deux termes, <a
href="http://fsfe.org/freesoftware/basics/comparison.html">l’article de
Björn en fait l’exposé</a>.</p>
<h3 id="le-copyleft-ce-nest-pas-un-virus">2. Le copyleft, ce n’est pas
un virus</h3>
<p>On qualifie de <em>licence copyleft</em> une licence libre qui
contient des obligations supplémentaires de manière à sauvegarder les
libertés des utilisateurs. Autrement dit, une clause copyleft interdit
d’interdire.</p>
<p>L’article utilise le terme « contaminant » pour qualifier ce type de
clause. Ce vocabulaire nous vient directement de la propagande de
Microsoft de la fin des années 1990, qui se référait au logiciel libre
comme un « cancer ». Il est temps de s’écarter du vocabulaire de la
pathologie ! Le logiciel libre n’est pas un mal incurable, <strong>c’est
un vecteur de libertés.</strong> (Si vous cherchez absolument à
remplacer le mot <em>copyleft</em> par un mot du langage courant, <a
href="http://blog.hugoroy.eu/2012/01/27/quelques-notes-sur-la-seconde-licence-publique-mozilla-mpl-2-0/#fn-hereditaire">clause
d’hérédité ou héréditaire</a> fonctionne plutôt bien).</p>
<p>Ainsi, le qualificatif de « contaminant » est on ne peut plus
approximatif. Si on s’intéresse à l’analogie, on voit qu’elle ne tient
pas. Si quelqu’un me contamine de sa maladie, je suis passif : je subis,
je reçois la contamination et j’en fais les frais. C’est le contact d’un
autre qui est la source de ma misère. Ce qui m’amène à une troisième
approximation de l’article…</p>
<h3
id="ce-qui-déclenche-le-copyleft-cest-la-distribution-pas-la-publication">3.
Ce qui déclenche le copyleft, c’est la distribution, pas la
publication</h3>
<p>Les licences libres étant principalement des licences de droits
d’auteur (ou copyright selon la juridiction), l’acte qui déclenche les
obligations relatives à la clause copyleft coïncide avec l’acte auquel
le droit d’auteur attache des obligations.</p>
<p>Ainsi, en droit d’auteur, on ne peut pas distribuer une copie d’une
œuvre (ici, un logiciel) sans la permission de son ou ses auteurs. La
distribution, c’est la transmission d’une copie d’une personne, physique
ou morale, à une autre personne. C’est cet acte là, tout à fait
volontaire, qui déclenche les obligations relatives au droit d’auteur,
qui requiert l’autorisation. Cette autorisation est déjà donnée par une
licence libre, la clause copyleft en est cependant une condition. (On
voit bien ici à quel point l’analogie avec la contamination épidémique
est mauvaise.)</p>
<p>Plus spécifiquement, cette condition :</p>
<ul>
<li>concerne uniquement les développements du logiciel qui sont eux
mêmes basés sur le logiciel publié sous licence copyleft; et non les
logiciels qui fonctionnent indépendamment</li>
<li>il ne s’agit pas d’une <a
href="https://twitter.com/hugoroyd/status/492675611597737985">condition
de publication</a> des modifications, en effet il est tout à fait
possible de respecter la licence simplement en distribuant avec les
binaires distribué aux tiers, l’intégralité des sources
correspondantes<a href="https://hroy.eu/feeds/#fn1" class="footnote-ref" id="fnref1"
role="doc-noteref"><sup>1</sup></a>
<ul>
<li>si ce n’est pas le cas, il y a alors pendant trois ans obligation
d’offrir aux tiers à qui on a distribué une copie la possibilité de
demander les sources (voir les détails de la licence pour plus de
précisions)</li>
</ul></li>
</ul>
<p>Par conséquent, il a bien été montré que c’est la distribution du
logiciel qui déclenche les obligations.<a href="https://hroy.eu/feeds/#fn2"
class="footnote-ref" id="fnref2" role="doc-noteref"><sup>2</sup></a>
Ainsi, on peut tout à fait prendre un logiciel libre sous licence
copyleft, y apporter pléthores de modifications, et garder ces
modifications privées voire secrètes si bon vous semble. Ça fait partie
des libertés intégrantes du logiciel libre : on peut les utiliser pour
tout usage, l’utilisation n’est absolument pas restreinte ; et on peut
les modifier de façon à ce qu’ils fonctionnent comme on l’entend.</p>
<h3
id="pas-de-distinction-entre-libre-dun-côté-et-commercial-de-lautre">4.
Pas de distinction entre libre d’un côté et commercial de l’autre</h3>
<p>Contrairement à ce qui est suggéré dans l’article, qui oppose d’un
côté des licences libres et d’un autre côté des licences commerciales ;
il n’y a en réalité pas de raison de procéder à une distinction.</p>
<p>Comme il vient d’être souligné, un logiciel libre est forcément
utilisable sans restriction. <strong>Une clause qui limite l’utilisation
du logiciel à une activité non-commerciale est donc fondamentalement
incompatible avec une licence de logiciel libre.</strong></p>
<p>Il y a d’un côté les licences libres, qui sont généralement des
licences publiques – c’est-à-dire que chacun peut les utiliser pour ses
propres logiciels à destination du public ; et de l’autre côté, les
licences propriétaires qui sont généralement des licences spécifiques ou
spéciales, qui sont utilisées seulement par quelques entreprises et pas
forcément à destination du public mais au contraire parfois pour des
logiciels écrits spécialement avec des modifications propres au client
(ce qu’il est tout à fait possible de faire avec une licence libre par
ailleurs, le client jouira ainsi également des libertés conférées par
les licences).</p>
<h3 id="la-licence-gnu-gpl-est-applicable-en-franceen-europe">5. La
licence GNU GPL est applicable en France/en Europe</h3>
<p>Pour s’en convaincre, il suffit de constater que la licence GPL-2.0 a
bien été appliquée par des ayants droit en Allemagne à plusieurs
reprises (par exemple contre Skype). Bien qu’en France la licence n’ait
pas vraiment fait l’objet d’un examen poussé par un juge (le fait qu’il
y ait peu de litiges est en soi une bonne nouvelle en fait), son
invocation ici et là<a href="https://hroy.eu/feeds/#fn3" class="footnote-ref" id="fnref3"
role="doc-noteref"><sup>3</sup></a> n’a pas entraîné la déclaration de
son incompatibilité<a href="https://hroy.eu/feeds/#fn4" class="footnote-ref" id="fnref4"
role="doc-noteref"><sup>4</sup></a>.</p>
<p>(Seule la <a
href="http://www.langue-francaise.org/Loi_toubon.php">loi Toubon</a>
pourrait causer quelques problèmes, mais rien de très grave en réalité ;
ça se résout très bien en utilisant des doubles licences et ça ne vaut
pas dans tous les cas. Les administrations publiques peuvent très bien
faire développer et utiliser des logiciels libres et elles le font
déjà !)</p>
<hr />
<p>Quoiqu’il en soit, l’objectif de l’article est louable et le petit
tableau <a
href="https://twitter.com/JDNSolutions/status/492561458807705600">récapitulatif
partagé sur Twitter</a> est assez utile.</p>
<p>Pour bien s’y repérer, il y a heureusement plusieurs moyens :</p>
<ul>
<li>Le livre de Benjamin Jean, <a
href="http://framabook.org/option-libre-du-bon-usage-des-licences-libres/">Option
Libre. Du bon usage des licences libres.</a></li>
<li>L’<em>International Free and Open Source Software Law Book</em> qui
permet d’aborder les aspects juridiques de plusieurs juridictions, dont
<a href="http://ifosslawbook.org/france/">la France</a>.</li>
<li>L’<em>International Free and Open Source Software Law Review</em> ou
<a href="http://www.ifosslr.org/ifosslr">IFOSSLR</a> qui permet d’aller
dans le détail avec plusieurs articles à chaque édition.</li>
</ul>
<p>Sinon, la communauté du logiciel libre est également là pour aider
chacun à s’y repérer. L’<a href="https://fsfe.org/legal">équipe
juridique de la FSFE</a> répond régulièrement à ce genre de
questions.</p>
<aside id="footnotes" class="footnotes footnotes-end-of-document"
role="doc-endnotes">
<hr />
<ol>
<li id="fn1"><p>Dans la GPL-3.0 voir le paragraphe « 6. Conveying
Non-Source Forms »<a href="https://hroy.eu/feeds/#fnref1" class="footnote-back"
role="doc-backlink">↩︎</a></p></li>
<li id="fn2"><p>Une précision importante toutefois, il peut exister
d’autres cas de figure où les obligations du copyleft sont déclenchées.
Par exemple, dans la licence <a
href="http://www.gnu.org/licenses/agpl.html">AGPL</a>, la réunion de
deux conditions déclenche aussi ces obligations (section 13): 1) la
modification du code source, 2) l’interaction des utilisateurs avec le
logiciel par l’intermédiaire du réseau (par exemple dans le cas d’une
application web).<a href="https://hroy.eu/feeds/#fnref2" class="footnote-back"
role="doc-backlink">↩︎</a></p></li>
<li id="fn3"><p>Educaffix contre CNRS, ou encore EDU4 contre AFPA, et
d’autres décisions encore…<a href="https://hroy.eu/feeds/#fnref3" class="footnote-back"
role="doc-backlink">↩︎</a></p></li>
<li id="fn4"><p>Certaines dispositions du code de la propriété
intellectuelle sont parfois avancées pour expliquer que la licence GNU
GPL serait nulle en droit français… c’est en réalité un argument
purement académique, car on voit mal qui irait invoquer une telle
nullité ! D’une part, c’est une stratégie désastreuse pour celui qu’on
accuserait de ne pas respecter la licence car, sans licence valide,
c’est la contrefaçon automatiquement – d’autre part, cette nullité
<em>relative</em> n’est en réalité invocable que par l’ayant droit
lui-même. Non seulement cette situation est peu envisageable car il
s’agirait de se tirer une balle dans le pied, d’autre part la <em>ratio
legis</em> de cette disposition du code pourrait nous amener à
considérer qu’elle n’est pas applicable aux cas d’espèce du logiciel
libre. Une discussion donc tout à fait académique mais sans impact sur
la réalité.<a href="https://hroy.eu/feeds/#fnref4" class="footnote-back"
role="doc-backlink">↩︎</a></p></li>
</ol>
</aside>
https://hroy.eu/notes/avoid_ghostery-proprietary/
<a href="http://creativecommons.org/publicdomain/zero/1.0/">CC0-1.0</a> except for the XKCD graphic
2014-10-21T16:04:14Z
2014-04-25T16:06:09Z
<p>I was reading an article by <a class="toggle" href="https://hroy.eu/feeds/#notes-avoid-ghostery-proprietary.lcranor">Lorrie
Cranor</a> in the MIT Technology Review on <a href="http://www.technologyreview.com/view/526421/self-defense/">how it’s difficult even
for her to protect her privacy online</a>.</p>
<div class="toggleable" id="notes-avoid-ghostery-proprietary.lcranor"></div>
<p>I appreciate Lorrie Cranor’s work on privacy at Carnegie Mellon
University. I have extensively cited her study of the length of privacy
policies when I introduced <a href="http://tosdr.org">ToS;DR</a>.</p>
<div class="toggleableend"></div>
<p>However in this article, I was disappointed to see Ghostery
mentioned. Ghostery is an browser extension supposed to help users
against tracking and surveillance on the web. The main problem is
that Ghostery is not released as Free Software[^akaos]</p>
<p>[^akaos]: a.k.a Open Source. Both these terms designate the same
set of programs.</p>
<p><a class="toggle" href="https://hroy.eu/feeds/#notes-avoid-ghostery-proprietary.ghosterycode">Earlier on Twitter</a> I
quickly posted my frustration about this. <strong>People who promote web
privacy should stop promoting Ghostery</strong>, as it’s proprietary.
What’s their business model exactly? ;-)</p>
<div class="toggleable" id="notes-avoid-ghostery-proprietary.ghosterycode"></div>
<p>In <a href="https://twitter.com/hugoroyd/status/459618738091085824">my earlier
tweet</a> I
wrongly stated that the source code was not disclosed; but that’s
not accurate. There is some code disclosed (I suppose it’s
entirely readable and not obfuscated nor minified). But as you’ll
notice, the license is “All rights reserved” so, basically, users
have no rights.</p>
<div class="toggleableend"></div>
<p>Ghostery has been playing on the ambiguity for too long. This
hypocrisy must stop. <a class="toggle" href="https://hroy.eu/feeds/#notes-avoid-ghostery-proprietary.ghosttweet">See these
tweets from years ago…</a></p>
<div class="toggleable" id="notes-avoid-ghostery-proprietary.ghosttweet"></div>
<blockquote class="twitter-tweet" lang="fr"><p><a href="https://twitter.com/accessjames">@accessjames</a> <a href="https://twitter.com/phisab">@phisab</a> We are currently working on making it open source, it's an ongoing project. Ghostery blocks, no need for opting out.</p>— Ghostery (@Ghostery) <a href="https://twitter.com/Ghostery/statuses/290834903745040384">14 Janvier 2013</a></blockquote>
<p><script async src="http://platform.twitter.com/widgets.js" charset="utf-8"></script></p>
<blockquote class="twitter-tweet" lang="en"><p>this is good news :) RT <a href="https://twitter.com/Ghostery">@Ghostery</a>: Currently, you can access Ghostery's code if you unpack the ext. We are still looking to open source, too</p>— Jeekajoo (@jeekajoo) <a href="https://twitter.com/jeekajoo/statuses/339332265215655936">May 28, 2013</a></blockquote>
<p><script async src="http://platform.twitter.com/widgets.js" charset="utf-8"></script></p>
<div class="toggleableend"></div>
https://hroy.eu/notes/openssl-11/
<a href="http://creativecommons.org/publicdomain/zero/1.0/">CC0-1.0</a>
2014-10-21T15:44:11Z
2014-04-12T08:24:04Z
<p><a href="http://online.wsj.com/news/articles/SB10001424052702303873604579495362672447986">Wall Street Journal</a>: The encryption flaw that punctured
the heart of the Internet this week underscores a weakness in
Internet security: <a class="toggle" href="https://hroy.eu/feeds/#notes-openssl-11.openssl11">A good chunk of
it is managed by four European coders and a former military
consultant in Maryland.</a></p>
<div class="toggleable" id="notes-openssl-11.openssl11"></div>
<p>To answer some of the astonished comments I made yesterday, the
lack of contributors to the project is baffling. So: the whole
Internet relied on 10 volunteers and 1 employee and nobody helped
them?</p>
<p>I guess this sort of comes back to one of the essential question
in Free Software: how do you get the users to fund it? For some
kind of software, this can be difficult; but in the case of
OpenSSL I would have thought this to be an easy thing, since so
many banks and web companies intensively rely on it. </p>
<p>But apparently, they didn’t care at all if this major piece of
security they were using was able to keep up with security
standards or not. Considering the number of people involved with
the project, I don't see how it can put enough scrutiny and
efforts to make sure it follows the best security review.</p>
<p>(Now, I have to wonder if the WSJ piece is actually correct in the
way it counts the contributors to the project, because it's fairly
possible that lots of companies making use of OpenSSL actually had
security experts and developers in-house test the code and send
patches and bug reports upstream; a bit like Google and that other
security firm did when they found out about Heartbleed…)</p>
<div class="toggleableend"></div>
<p>According to Brett Simmons, <a href="http://inessential.com/2014/04/11/does_that_pretty_much_wrap_it_up_for_c_">That pretty much wraps it up for
C</a>.</p>
<p>The whole heartbleed bugs also reminds me that OpenSSL is also an
example of bad idea when it comes to
<a href="https://people.gnome.org/~markmc/openssl-and-the-gpl.html">licensing</a>
<a href="https://lwn.net/Articles/428111/">issues</a>.</p>
https://hroy.eu/notes/openssl-tragedy/
<a href="http://creativecommons.org/publicdomain/zero/1.0/">CC0-1.0</a> except for the XKCD graphic
© XKCD <a href="http://creativecommons.org/licenses/by-nc/2.5/">CC-BY-NC-2.5</a>
2014-10-21T15:44:11Z
2014-04-11T08:34:03Z
<p>The <a href="http://heartbleed.com/">heartbleed</a> vulnerability is not only a catastrophic security
issue, <a class="toggle" href="https://hroy.eu/feeds/#notes-openssl-tragedy.heartbleedtopics">it also spans other
interesting topics.</a></p>
<div class="toggleable" id="notes-openssl-tragedy.heartbleedtopics"></div>
<p>The first obvious lesson, is that the communication around the
vulnerability was <a href="http://www.kalzumeus.com/2014/04/09/what-heartbleed-can-teach-the-oss-community-about-marketing/">brilliant marketing</a>. </p>
<p>The other lesson, less satisfying, is why is the majority of the
internet relying on a very poorly funded project?!</p>
<p>The Washington Post published an <a href="http://www.washingtonpost.com/business/technology/heartbleed-bug-puts-the-chaotic-nature-of-the-internet-under-the-magnifying-glass/2014/04/09/00f7064c-c00b-11e3-bcec-b71ee10e9bc3_story.html">article that misses the real
issue</a>. The heartbleed debacle is not an issue with
the fact that <a href="https://blogs.fsfe.org/samtuke/?p=718">OpenSSL is Free Software</a> (the Apple goto
fail bug shows it’s even worse when it’s proprietary--all Apple
users had to wait several days before a patch was sent), nor with
the fact that the Internet have no single authority (if anything,
the openssl library is a single point of failure).</p>
<p>I find it astonishing that OpenSSL is so poorly funded and
apparently lacks a governance strategy that includes large
stakeholders such as the major websites making use of the library
and which, instead, are essentially all irresponsible free-riders.</p>
<p>The real issue here is one of responsibility.</p>
<div class="toggleableend"></div>
<p>XKCD has an <a class="toggle" href="https://hroy.eu/feeds/#notes-openssl-tragedy.xkcd1354">amazingly simple
explanation of how the vulnerability works.</a></p>
<div class="toggleable" id="notes-openssl-tragedy.xkcd1354"></div>
<p><a href="http://xkcd.com/1354/"><img src="https://hroy.eu/notes/openssl-tragedy/heartbleed_explanation.png" width="640" height="1364" class="img" /></a></p>
<div class="toggleableend"></div>
https://hroy.eu/tips/dell-xps-13-touchpad/
<a href="http://creativecommons.org/publicdomain/zero/1.0/">CC0-1.0</a>
2014-11-24T11:17:22Z
2014-04-06T18:29:23Z
<ol>
<li><p>Install the <a href="https://github.com/gunzy83/linux-xps13-archlinux">linux-xps13-archlinux kernel</a> (now <a href="https://aur.archlinux.org/packages.php?O=0&K=linux-xps13&do_Search=Go">in the
AUR</a>)</p>
<p>Note: Since I wrote this, it’s possible that the <a href="https://github.com/gunzy83/linux-xps13-archlinux">patched
kernel</a> now has more features than only touchpad support.</p></li>
<li><p>Install <code>xf86-input-synaptics</code> and, from AUR, <code>touchegg</code> and
<code>touchegg-gce-git</code> (this last one is to be able to configure gestures with
the graphic interface).</p></li>
<li><p>Edit <code>/etc/X11/xorg.conf.d/50-synaptics.conf</code></p>
<pre><code>Section "InputClass"
Identifier "touchpad catchall"
Driver "synaptics"
MatchIsTouchpad "on"
Option "TapButton1" "1"
Option "TapButton2" "0"
Option "TapButton3" "0"
Option "ClickFinger2" "0"
Option "ClickFinger3" "0"
# This option is recommend on all Linux systems using evdev, but cannot be
# enabled by default. See the following link for details:
# http://who-t.blogspot.com/2010/11/how-to-meta:ignore-configuration-errors.html
MatchDevicePath "/dev/input/event*"
EndSection
</code></pre></li>
<li><p>Configure your gestures with Touchègg</p>
<p>Here's my <code>~/.config/touchegg/touchegg.conf</code>:</p>
<script src="https://gist.github.com/hugoroy/10009770.js"></script>
<noscript><pre>
<touchégg>
<settings>
<property name="composed_gestures_time">0</property>
</settings>
<application name="All">
<gesture type="DRAG" fingers="3" direction="RIGHT">
<action type="SEND_KEYS">Super+Right</action>
</gesture>
<gesture type="PINCH" fingers="5" direction="OUT">
<action type="SEND_KEYS">Control+Shift+equal</action>
</gesture>
<gesture type="DRAG" fingers="3" direction="LEFT">
<action type="SEND_KEYS">Super+Left</action>
</gesture>
<gesture type="PINCH" fingers="5" direction="IN">
<action type="SEND_KEYS">Control+minus</action>
</gesture>
<gesture type="DRAG" fingers="3" direction="UP">
<action type="MAXIMIZE_RESTORE_WINDOW"></action>
</gesture>
<gesture type="DRAG" fingers="4" direction="UP">
<action type="SEND_KEYS">Super</action>
</gesture>
<gesture type="DRAG" fingers="4" direction="DOWN">
<action type="SEND_KEYS">Escape</action>
</gesture>
<gesture type="TAP" fingers="3" direction="">
<action type="MOUSE_CLICK">BUTTON=2</action>
</gesture>
<gesture type="DRAG" fingers="3" direction="DOWN">
<action type="SEND_KEYS">Super+Down</action>
</gesture>
</application>
<application name="Evince">
<gesture type="DRAG" fingers="4" direction="LEFT">
<action type="SEND_KEYS">Control+Left</action>
</gesture>
<gesture type="DRAG" fingers="4" direction="RIGHT">
<action type="SEND_KEYS">Control+Right</action>
</gesture>
</application>
<application name="Firefox">
<gesture type="DRAG" fingers="4" direction="LEFT">
<action type="SEND_KEYS">Alt+Left</action>
</gesture>
<gesture type="DRAG" fingers="4" direction="RIGHT">
<action type="SEND_KEYS">Alt+Right</action>
</gesture>
</application>
</touchégg>
</pre><a href="https://gist.github.com/hugoroy/10009770">up to
date version on github</a></noscript></li>
<li><p>Add to your session (using <code>gnome-session-properties</code> for instance):</p>
<ul>
<li><code>touchegg</code>
<!-- - `synclient TapButton3=0`--></li>
</ul></li>
</ol>
<p>The real improvement is that I can use three-finger tapping to
simulate the middle-click mouse button which is used for quick
pasting or for opening links in a new tab.</p>
<p>As far as "pinching" is concerned, it does not work reliably at
all for me.</p>
GNU GPL, JS and BS
https://hroy.eu/posts/gpl-js-bs/
2023-10-30T21:08:30Z
2014-03-28T23:00:00Z
<aside>
<a href="https://hroy.eu/posts/gpl-js-bs/js.png"><img src="https://hroy.eu/posts/gpl-js-bs/js.png" width="100" height="100" alt="JS" class="pull-right aside" /></a>
</aside>
<p><small>This is a long due post, in response to a thread about a <a
href="http://scripting.com/2013/09/16/concordOurGplOutliner">new JS
outliner released under the GPL</a>. I just did not take the time to
write something about it until now… sorry!</small></p>
<p>It’s quite outstanding, but trying to find some good resource online
about this issue is nearly impossible. If you try to read about how the
<a href="https://hroy.eu/tags/GnuGeneralPublicLicense/">GNU GPL</a> impacts
javascript web apps, you will find so much nonsense—that will make you
believe the GPL is going to “infect” everything. (In spite of the fact
that some of the most important Javascript libraries out there are
licensed under the GPL, like Jquery IIRC.)</p>
<p>First, let’s get things straight: the GNU GPL does not infect
anything nor has any “viral” effect. You don’t catch the GPL like the
flu. In order for GPL obligations to kick in and apply to you, you must
either:</p>
<ol type="1">
<li><p>distribute GPL-licensed Javascript files; or</p></li>
<li><p>write something that is <em>based on</em> GPL-licensed Javascript
files.</p></li>
</ol>
<p>In the first case, it’s no surprises that if you download and
distribute GPL-licensed software, you must respect the conditions of the
GPL.</p>
<p>In the second case, it’s a little bit more difficult to grasp,
because you need to understand what constitutes a work <em>based on the
GPL program.</em> And for this, you need an basic understanding of
copyright law.</p>
<p>If you build other Javascript parts which will work with the GPL
Javascript, there’s a fair chance that the whole is based on the GPL
Javascript and thus is subject to the conditions of the GPL. (That’s the
intended effect: it’s <a
href="https://www.gnu.org/copyleft/">copyleft</a>!) So for instance, if
you write Javascript in which you re-use the functions of the GPL JS
library, that will be covered by the GPL as well.</p>
<p>But for pretty much everything else, it’s not covered. So basically,
just <strong>adding a line of <code>script</code> to interact with the
DOM is not going to make the entire website subject to the GPL</strong>.
That would be like saying using LibreOffice forces you to distribute all
documents produced with it under the GPL. It’s just nonsense. Keep in
mind that this is a legal thing, this is copyright law; this is not
software development.</p>
<p>So in the case of the <a
href="http://scripting.com/2013/09/16/concordOurGplOutliner">Concord
outliner</a> it’s pretty obvious: if you put an outliner in your web
app, it’s not going to make the whole web app covered by the GPL.
However, if you integrate the outliner and that you build your web app
on top of that outliner; you expand it, so yes, that’s covered. But hey,
that’s what the GPL is for.</p>
<p>Otherwise, write your own software from scratch or try a program with
an alternative license, like the MPL-2.0.</p>
Mais qui est donc Madame Michu?
https://hroy.eu/posts/madame-michu/
2023-10-30T21:08:07Z
2014-03-28T12:11:18Z
<p><strong>Madame Michu</strong> — Personne fictive, purement
abstractive, parfois abusivement prise comme une réalité, désignant
celle qui est d’un certain âge et qui n’a ni prédisposition ni
expérience particulières dans un domaine, tel que par exemple les
technologies informatiques.</p>
<hr />
<p>« Madame Michu » n’existe pas réellement, c’est une évidence. C’est
une fiction, prise pour une réalité, c’est-à-dire une hypostase comme on
en trouve de nombreuses en droit par exemple : le « bon père de
famille » en droit civil français, « l’homme du métier » en droit des
brevets, etc.</p>
<p>Madame Michu, c’est <strong>juste un utilisateur</strong> pour
paraphraser Ted Nelson. Elle est à l’extrémité du spectre de
l’utilisateur, à l’autre bout duquel se trouve l’<a
href="http://contemporary-home-computing.org/turing-complete-user/">utilisateur-Turing</a>.</p>
<p>De ce fait, avoir recours à cette notion peut être utile pour tenter
d’imaginer comment une technologie ou une technique seraient
potentiellement reçues ou utilisées par une partie de la population. Si,
en cela, l’emploi de cette expression n’a pas nécessairement l’objectif
de dénigrer, force est de constater qu’on a rarement recours à son
pendant masculin. Monsieur Michu existe encore moins que Madame. Cette
féminisation est-elle toujours utile et pertinente ?</p>
<hr />
<p>Synonymes : profane, béotien, l’utilisateur⋅ice lambda</p>
Innovation policy and Internet liability in courts–beyond advertising
https://hroy.eu/posts/innovation-policy/
2023-10-30T20:14:31Z
2014-03-27T23:00:00Z
This is what happens when innovation becomes the only criteria to judge policy, like we see sometimes in law.<hr><br><p><a
href="http://www.newrepublic.com/article/116939/innovation-fetish-naive-buzzword-unites-parties-avoids-policy-choice">Morozov</a>
on innovation policy:</p>
<blockquote>
<p>But why assume that innovation—and, by extension, economic
growth—should be the default yardstick by which we measure the success
of technology policy? One can easily imagine us living with a very
different “Internet” had the regulators of the 1990s banned websites
from leaving small pieces of code—the so-called “cookies”—on our
computers. Would this slow down the growth of the online advertising
industry, making everyday luxuries such as free e-mail unavailable? Most
likely. But advertising is hardly the only way to support an e-mail
service: It can also be supported through fees or even taxes. Such
solutions might be bad for innovation, but the privacy they afford to
citizens might be good for democratic life.</p>
</blockquote>
<p>We should note that this ultimate goal of innovation is also what
drives most of the debate around internet business liability. There’s so
much fear at the European Union that the next law would stifle
innovation and
<a class="toggle" href="https://hroy.eu/feeds/#posts-innovation-policy.killgooglenext">nip in
the bud the “next Google”</a> that any sane debate is almost
impossible.</p>
<div id="posts-innovation-policy.killgooglenext" class="toggleable">
</div>
Of course, nobody’s asking if we even <em>want</em> the next Google to
happen. I certainly don’t want another Google, nor did I want Facebook
to come into existence. I’d much prefer having something like <a
href="http://unhosted.org">unhosted</a> web apps. This is what true
beneficial innovation is about.
<div class="toggleableend">
</div>
<p>This way of thinking about innovation and “the Internet” has also
spread out to Courts.</p>
<p>Consider <a
href="http://www.legalis.net/spip.php?page=jurisprudence-decision&id_article=2634">this
piece about how the Paris Court interprets the LCEN</a> (the French
translation of the <a
href="http://ec.europa.eu/internal_market/e-commerce/directive/index_en.htm">EU
E-commerce 2001 directive</a>):</p>
<blockquote>
<p>Considérant qu’en vertu du même critère, l’exploitation du site par
la commercialisation d’espaces publicitaires, dès lors qu’elle n’induit
pas une capacité d’action du service sur les contenus mis en ligne,
n’est pas davantage de nature à justifier de la qualification d’éditeur
du service en cause ;</p>
</blockquote>
<blockquote>
<p>Qu’il importe d’observer à cet égard, que la LCEN dispose que le
service hébergeur peut être assuré même à titre gratuit, auquel cas il
est nécessairement financé par des recettes publicitaires et qu’elle
n’édicte, en tout état de cause, aucune interdiction de principe à
l’exploitation commerciale d’un service hébergeur au moyen de la
publicité ;</p>
</blockquote>
<p>The crux of the argument is whether a service on the web like YouTube
is merely a hosting provider (in which case it has a derogatory
liability regime) or if it is <em>something else</em> than merely a
hosting provider, in which case they could be found liable for copyright
infringement.</p>
<p>The argument was that since Dailymotion (a YouTube competitor)
displays advertisement next to the allegedly infringing videos, it must
be considered an advertiser instead of a hosting provider. But the Court
was not convinced by this argument.</p>
<p>Instead, and here’s the absolute nonsense, the Court says that:</p>
<ul>
<li>the law says a hosting provider can provide its service without
charge;</li>
<li>which necessarily means the service is financed through
advertising,</li>
<li>thus the law does not forbid to qualify an advertiser as a hosting
provider.</li>
</ul>
<p>See what happened? The problem in this reasoning is that the second
part is totally flawed. Since when a service on the web provided free of
charge is necessarily financed through advertising? Have the judges ever
heard about something called Wikipedia, one of the largest website
worldwide, hosting millions of encyclopedia articles and media—all this
without advertising and without tracking their users.</p>
<p><small>The fact that Wikipedia is run by the non-for-profit Wikimedia
is completely irrelevant, the point is not about the commercial nature
of the provider, but really about the nature of the activity of the
service provider.</small></p>
<p>Thanks to this kind of ill-advised ruling, almost nothing is done to
shape what qualifies as a hosting provider that deserves a derogatory
liability regime.</p>
<p>We need to take back control of innovation and technology policy to
foster privacy and <a href="https://hroy.eu/tags/freeSoftware/">freedom</a>; more
than ever.</p>
A Turing complete user
https://hroy.eu/posts/im-a-turing-complete-user/
2023-10-30T21:09:31Z
2014-02-28T23:00:00Z
<p>I like to consider myself a <a
href="http://contemporary-home-computing.org/turing-complete-user/">Turing
complete user</a>. This is a concept I discovered in a <a
href="http://contemporary-home-computing.org/turing-complete-user/">fascinating
essay</a> written by <a
href="http://art.teleportacia.org/olia.html">Olia Lialina</a> on the
<em>concept of users</em> in computing, and the trend best embodied by
Apple to destroy users and all they stand for.</p>
<p>I guess on of the reasons I liked the article is that I totally
recognise myself in this concept of Turing complete user. But I also
find a little bit sad that this is not a widespread species.</p>
<table class="img">
<caption>
<em>“A scientist of the Future”</em> Title picture of Vanevar Bush’s “As
we make think” from Life magazine, 1945
</caption>
<tr>
<td>
<a href="https://hroy.eu/posts/im-a-turing-complete-user/scientist.jpg"><img src="https://hroy.eu/posts/im-a-turing-complete-user/scientist.jpg" width="500" height="336" class="img" /></a>
</td>
</tr>
</table>
<p>But I can’t believe it’s going to stay that way indefinitely.
Eventually maybe people are going to stop putting up with how bad their
computers respond to them and start doing something about it. Maybe
<a class="toggle" href="https://hroy.eu/feeds/#posts-im-a-turing-complete-user.lifecam">Jan-Christoph</a>
should start a series: “I hate technology.”</p>
<div id="posts-im-a-turing-complete-user.lifecam" class="toggleable">
</div>
I just noticed how it’s funny that [Jan’s homepage][jcborh] currently
features a <a
href="http://jancborchardt.net/img/2010-06-14-web.jpg">collage</a> of
pictures taken for 24 hours while he was wearing a camera on his chest.
Do you see the resemblance with the picture chosen by Olia to represent
the user?
<div class="toggleableend">
</div>
<p>One step towards this is this excellent project, <a
href="http://revealingerrors.com/">Revealing errors</a>.</p>
<p>Anyway, I encourage you to read the <a
href="http://contemporary-home-computing.org/turing-complete-user/">essay</a>
or if that’s more your style there’s a video from the last CCC in
Hamburg:</p>
<figure class="video">
<figcaption>
<a
href="http://media.ccc.de/browse/congress/2013/30C3_-_5547_-_en_-_saal_6_-_201312281730_-_turing_complete_user_-_olia_lialina.html">Turing
Complete User</a> <small>What can be done to protect the term, the
notion and the existence of the Users?</small> <br /><br /> <a
href="https://hroy.eu//cdn.media.ccc.de/congress/2013/webm/30c3-5547-en-Turing_Complete_User_webm.webm">Direct
link to the video</a>
</figcaption>
<video controls="" style="width:100%;">
<source
src="//cdn.media.ccc.de/congress/2013/webm/30c3-5547-en-Turing_Complete_User_webm.webm"
type="video/webm; codecs="vp8, vorbis"">
</video>
</figure>
<hr />
<p>Related: <a
href="https://github.com/hugoroy/user-data-manifesto/blob/master/Manifesto.md">the
user data manifesto</a> (my draft for version 2, feedback welcome)</p>
I ♥ Free Software: Mutt
https://hroy.eu/posts/ilovefs-mutt/
2023-10-30T21:01:06Z
2014-02-13T23:00:00Z
<p>Today is Valentine’s day, a day to celebrate love. But at the Free
Software Foundation Europe, we like to challenge traditions. So we
thought: why not <a href="http://ilovefs.org">also celebrate Free
Software on this day</a>? Because what makes Free Software so great is
the people who make it, it’s the community!</p>
<p>And what better personal example than my use of the <a
href="http://en.wikipedia.org/wiki/Mutt_%28email_client%29">mutt email
agent</a> to explain why this community is truly important?</p>
<p>I’ve always been a bit curious about mutt. Mutt is a program that
lives in your terminal, and basically all it does is show an index of
emails in mailboxes, then lets you view these emails. In the pure UNIX
tradition, the rest is left to other tools. So every tool has its focus
on what it’s good at; and everything is glued together with open formats
and protocoles.</p>
<p>The reason why I’ve been always curious with mutt is because email is
a big part of my workflow (and my life); but I felt that the way I
managed email sucked.</p>
<p>So when I wanted to have a look in mutt, which is quite austere, I
went to “mutterwares”, i.e. tupperware meetings for mutt users. Just
like Mozilla launched the <a
href="http://wiki.mozfr.org/TupperVim">TupperVim</a> to gather vim users
to share tips, experiences, plugins, configs and so forth.</p>
<p>Now, I have been using mutt for nearly a year, and I don’t think I’m
ever going back to something else.</p>
<p>Last Monday, there was a 3rd <a
href="https://wiki.fsfe.org/groups/Paris/Mutterware">Mutterware</a> in
Paris, in which Zack demoed two programs he wrote: <a
href="http://notmuchmail.org/notmuch-mutt/">notmuch-mutt</a> and <a
href="http://git.upsilon.cc/?p=utils/org-mutt.git;a=summary">org-mutt</a>.</p>
<p>Notmuch-mutt enables you to index your entire email archive, so you
can tag emails, search for emails, etc. It also has a killer-feature:
from any email in any inbox, you can reconstruct the entire thread to
which it belongs, no matter where the rest of the emails are stored (for
instance, if you archive your email in other mailboxes).</p>
<table class="img">
<caption>
Zack reconstructed the thread about Mutterware by pressing F9 in mutt
with notmuch-mutt
</caption>
<tr>
<td>
<a href="https://hroy.eu/posts/ilovefs-mutt/zack-mutterware-notmuch.png"><img src="https://hroy.eu/posts/ilovefs-mutt/666x-zack-mutterware-notmuch.png" width="666" height="666" class="img" /></a>
</td>
</tr>
</table>
<p>Org-mutt enables you to glue mutt and org-mode together. So you can
easily create a new task from an email, and you can link that task back
to mutt’s view of that email.</p>
<p>During this mutterware, Zack helped me find why I couldn’t get
org-mode to work, and so <a
href="http://git.upsilon.cc/?p=utils/org-mutt.git;a=commit;h=1ae5a5adb5ee8a41bf5716b8c9247e4d0d6a8fe7">we
fixed a bug</a>! I still have to get something fixed, but it’s already
very useful and great. <em>Update:</em> <a
href="https://hroy.eu/tips/mutt/integration-with-org/">It’s fixed</a>.</p>
<p>So, thanks a BUNCH to Zack and to Michael R. Elkins, mutt
developer.</p>
https://hroy.eu/notes/blackapple/
2013-12-04T14:01:00Z
2013-11-28T10:23:36Z
<p>in 2001, Apple Macbooks[^powerbook] were black and totally badass! (with GNU
Linux on it of course) <a href="https://hroy.eu/tags/FSFE/">#FSFE</a></p>
<table class="img"><caption>Bernhard, Free Software
Foundation Europe, 2001</caption><tr><td><a href="https://hroy.eu/notes/blackapple/18.jpg"><img src="https://hroy.eu/notes/blackapple/666x500-18.jpg" width="666" height="500" class="img" /></a></td></tr></table>
<p><a href="https://twitter.com/hugoroyd/status/405998548392480768" rel="syndication" class="u-syndication pull-right">on
Twitter</a></p>
<p><a href="http://adele.gerwinski.de/~peter/fsfe-20010506/">More photos</a></p>
<p>[^powerbook]: <em>Edit</em>: Bernhard tells me they were called
<a href="https://en.wikipedia.org/wiki/PowerBook_G3">Powerbooks</a> at the time.</p>
MutterWare #2: aller (encore) plus loin dans son utilisation du mail
https://hroy.eu/posts/mutterware-2/
2023-10-30T21:01:37Z
2013-11-20T23:00:00Z
<p>(initalement publié sur <a
href="https://blogs.fsfe.org/hugo/2013/11/mutterware-2-aller-encore-plus-loin-dans-son-utilisation-du-mail/">blogs.fsfe.org</a>)</p>
<p>Mardi soir, Nicolas organisait le <a
href="https://blogs.fsfe.org/nicoulas/?p=151">2e MutterWare</a>. Mais
qu’est-ce que c’est que ça ?</p>
<p><a href="https://wiki.fsfe.org/groups/Paris/Mutterware">Le
MutterWare</a> est une réunion d’utilisateurs de
<a href="https://hroy.eu/tags/Mutt/">Mutt</a> qui veulent partager leurs bonnes
pratiques et quelques astuces bien utiles. Les non-utilisateurs de mutt
curieux sont bienvenus, surtout s’ils sont légèrement blasés de leur
client email ☺</p>
<p>Le nom est inspiré directement du <a
href="http://wiki.mozfr.org/TupperVim">TupperVIM</a> organisé chez
Mozilla, à Paris.</p>
<p>Pour cette deuxième édition, nous avons cette fois été invités à
admirer les bureaux somptueux de <a href="https://hroy.eu/tags/Mozilla/">Mozilla</a>
boulevard Montmartre. Voir la photo <a
href="https://blogs.fsfe.org/nicoulas/?p=151">prise par Yoann</a> :</p>
<table class="img">
<caption>
Démonstration par Paul
</caption>
<tr>
<td>
<a href="https://hroy.eu/posts/mutterware-2/IMAG0884.jpg"><img src="https://hroy.eu/posts/mutterware-2/666x398-IMAG0884.jpg" width="666" height="398" alt="Mutterware" class="img" /></a>
</td>
</tr>
</table>
<p>Encore une fois, ce MutterWare était un bon mélange entre
utilisateurs (très) expérimentés, et non-utilisateurs de Mutt curieux de
voir comment fonctionne le machin et prêts à ouvrir leur terminal pour
commencer à configurer la bête !</p>
<p>Quelques informations ont été ajoutées au wiki de la
<a href="https://hroy.eu/tags/FSFE/">FSFE</a> : <a
href="https://wiki.fsfe.org/groups/Paris/Mutterware">https://wiki.fsfe.org/groups/Paris/Mutterware</a>.</p>
<p>Pour ma part, j’insisterai sur cette <a
href="http://stevelosh.com/blog/2012/10/the-homely-mutt/">très bonne
page qui permet de démarrer sur Mutt</a>. C’est en anglais mais c’est
bien écrit. Cette page a cependant deux défauts à mon avis : elle se
concentre sur l’usage à partir d’un serveur mail chez Google (or Gmail a
des tas de particularités pas très orthodoxes) et elle se limite à un
seul compte. Or je ne sais pas pour vous mais moi, j’ai deux comptes :
l’un est plus, « personnel ».</p>
<p>Enfin, la cerise sur le gâteau, c’est Emmanuel qui l’a apportée en me
montrant l’outil <a href="http://www.escape.de/~tolot/mutt/">t-prot</a>,
qui permet de nous débarrasser de toutes ces petites choses qui peuvent
être désagréables dans le mail : les gens qui font des citations trop
longues, les gens qui font du <a
href="https://en.wikipedia.org/wiki/Top-posting#Top-posting">top-posting</a>
ou encore les gens ont des signatures de 3 kilomètres. T-prot a aussi
des fonctions particulières pour Mutt, comme par exemple l’argument
<code>--pgp-move</code> qui déplace les informations relatives aux
signatures openPGP d’un email vers le bas, et non vers le haut comme
c’est le cas par défaut, ce qui permet d’avoir accès plus directement au
contenu du mail, sans avoir à scroller ! Plus d’infos sur la config
T-prote d’Emmanuel <a
href="https://wiki.fsfe.org/groups/Paris/MutterwareConfigDisplayFilter">sur
le wiki</a>.</p>
<p>Du coup, j’ai touché pas mal à ma config (dispo sur
https://github.com/hugoroy/.mutt). Tout est désormais plus sobre depuis
que j’ai modifié les barres de statuts, retiré la barre d’aide, et
remplacé quelques codes couleurs. Lire ses mails sur Mutt est encore
plus plaisant qu’avant ☺</p>
<p>À bientôt pour la 3e édition ! N’hésitez pas à vous inscrire sur la
liste fsfe Paris <a
href="https://lists.fsfe.org/mailman/listinfo/paris">https://lists.fsfe.org/mailman/listinfo/paris</a>
ou à nous rejoindre sur irc <a
href="irc://irc.freenode.net:6667/#fellows-paris">#fellows-paris</a>.</p>
On the latest GNOME Empathy design
https://hroy.eu/posts/gnome-empathy-design/
2023-10-30T21:06:08Z
2013-11-07T23:00:00Z
<p>So now that I completed the upgrade, I see some new GNOME stuff
coming in. Great, I like new stuff because I generally like the
direction GNOME is taking. I can’t wait to see GNOME 3.10 with the
high-resolution display capabilities!</p>
<p>So I opened one of the GNOME application that I use the most (and I
have been using it for, what? 3-4 years?): <a
href="https://live.gnome.org/Empathy">Empathy</a>. But this upgrade has
got me wondering: do GNOME designers use it?</p>
<p>Okay, so Empathy has <a
href="https://help.gnome.org/misc/release-notes/3.6/users-empathy.html.en">a
new design since 3.6</a>. This is how it looks like after upgrading:</p>
<p><a href="https://hroy.eu/posts/gnome-empathy-design/empathy-large.png"><img src="https://hroy.eu/posts/gnome-empathy-design/empathy-large.png" width="666" height="374" class="img" /></a></p>
<p>First, I was like: “Heeeeey! where are the groups?” I mean, this is a
useful feature when I need to find people related to something specific.
For instance, I’ve got a group of contacts for FSFE but I also have one
for Paris or Berlin. If I’m planning a trip to Berlin, I just open that
group and go talk to friends who are there.</p>
<p>Fortunately, there’s a way to bring the groups back. But that’s not
the point.</p>
<ol type="1">
<li><p>The groups are a very useful feature, I’m not sure why it makes
sense to remove them by default. And anyway for people who don’t use
groups, I suppose it does not change anything: so why remove them for
people how might use them?</p></li>
<li><p>I had to find the Gnome release notes on the Web to see there was
an option to bring the groups back. It just reminds me that there should
be a better way to introduce users to design changes when doing system
upgrades! For instance, when some Firefox addons upgrade, they open a
new tab with release versions, etc.</p></li>
<li><p>The design changes are really questionable. The rationale on the
release notes is consistency with the GNOME Contacts app. But I don’t
understand this. The result is that the list view shows less people than
before, so I can see less people connected at the same time, which makes
the whole list view <em>less</em> useful.</p>
<p>Is that just because designers investigated that most people only
have a handful of contacts connected at the same time? I doubt that’s
the case. Most people I know say that they have more than 300 “friends”
on Facebook usually… so I don’t think I’m the only one with constantly
more than 30 people connected.</p>
<p>Or maybe it is because bigger picture looks nice…</p></li>
</ol>
<h3 id="a-suggestion-for-real-improvement">A suggestion for real
improvement</h3>
<p>While there might be reasons for the redesign, it’s astonishing that
this design did not solve the main problem with the list view. The
Empathy list view has basically not changed since it was first made, and
I <a
href="http://blog.hugoroy.eu/2010/02/13/un-meilleur-affichage-des-listes-de-contacts/">already
complained about it back then</a> (probably I did not reach the right
people, it was kind of silly of me to write that in French).</p>
<p>The main problem IMHO is that the list view does not adapt to the
window size! Go have a look at the screenshot above. This is so silly,
why insist on display each contact on a whole block? What strikes me is
that the solution is obvious. Here’s how Moblin did it in 2009:</p>
<p><a href="https://hroy.eu/posts/gnome-empathy-design/moblin_people.png"><img src="https://hroy.eu/posts/gnome-empathy-design/666x391-moblin_people.png" width="666" height="391" class="img" /></a></p>
<p>With the same screen estate, Empathy would be able to show 4
connected people at the same time, instead of 16. Combine this with a
group view, and you’ve got a decent way to see who’s online; which is
what the list view is for, right?</p>
<hr />
<p><em>Update</em>: I opened an issue about this <a
href="https://bugzilla.gnome.org/show_bug.cgi?id=711667"
class="uri">https://bugzilla.gnome.org/show_bug.cgi?id=711667</a>.</p>
<p>And apparently, GNOME is exploring other designs for the Chat
application: <a href="https://wiki.gnome.org/Design/Apps/Chat"
class="uri">https://wiki.gnome.org/Design/Apps/Chat</a>. But that still
seems like a long way to go, while my proposal seems like a quick
fix.</p>
Suggestion for a GNU/Linux install process
https://hroy.eu/posts/latex-root-full/
2023-10-30T21:02:32Z
2013-11-07T23:00:00Z
<figure id="facepalm-cover">
<a href="https://hroy.eu/posts/latex-root-full/Facepalm666.png"><img src="https://hroy.eu/posts/latex-root-full/Facepalm666.png" width="666" height="202" class="img" /></a>
</figure>
<p>This morning, I wasted a bit less than an hour solving errors during
an <code>apt-get dist-upgrade</code>.</p>
<p>The problem? I ran out of space on the /root partition while
depackaging the upgrade, causing some issues because following packages
could not be extracted properly and so on. I’m not entirely sure I get
everything about what went wrong exactly. Hey, I’m not a Debian
packaging expert!</p>
<p>Anyway, it’s easy to spot the factor here: texlive.</p>
<p>TeXlive is a full TeX distribution. So it’s massive, it’s huge. TeX
is so old, maybe that’s why (or maybe because it’s big because it’s
literate programming? No idea.)</p>
<p>So, small suggestion for the installers out there:</p>
<p>At the step where the user chooses the /root partition size, maybe
ask the question: “Are you going to use LaTeX on that system?” and if
yes, increase the size!</p>
<p>(OK, I’m kidding, I should know better. Still, it would be helpful to
use as much as the default settings from GNU/Linux installs as possible.
Because I trust them to make more sense than I will.)</p>
https://hroy.eu/posts/dell_ubuntu_wireless/
2023-10-30T21:06:31Z
2013-10-30T23:00:00Z
<h3 id="the-windows-tax-problem-and-free-software">The Windows Tax
problem and free software</h3>
<p>At this point, you must have figured this out. I am a free software
advocate. I think it’s both painful and wrong when I’m not in control at
all of the software that I use on my computers.</p>
<p>As many users of GNU/Linux systems know, it’s incredibly difficult to
buy a decent laptop without being forced into buying Microsoft Windows,
even if you don’t want to use it. This is what we usually refer to as
“the Windows tax.” This has two consequences:</p>
<ul>
<li><p>we have to <em>pay</em> indirectly for a Microsoft Windows
license fee through the manufacturer, and we do not even know how much
it really costs us,</p></li>
<li><p>we get hardware that <em>may or may not</em> be supported by the
Linux kernel out-of-the-box, which results in a waste of time in
settings adjustment (or worse).</p></li>
</ul>
<p>If you’re looking for information on where to get hardware free of
pre-installed proprietary software, FSFE volunteers maintain a <a
href="https://wiki.fsfe.org/Hardware%20Vendors">list of Hardware
Vendors</a>.</p>
<p>If you already bought a machine with Windows and want to get your
money back, there’s also tons of information on how to get a <a
href="https://wiki.fsfe.org/WindowsTaxRefund">Windows Tax Refund</a>
(make sure to look at information <a
href="https://wiki.fsfe.org/WindowsTaxRefund#Information_for_specific_countries">specific
to your country</a>).</p>
<p>But getting your money back does not fully fix the problem and takes
a lot of time (sometimes met with deception). Indeed, it does not
resolve the hardware support issue in any way because it does not impact
the manufacturers’ sale, and it sure does not help to make demand of
GNU/Linux grow on the market of pre-installed laptops.</p>
<p>So obviously, one of the best strategy is to reward manufacturers
that meet our demands and supply laptops with GNU/Linux pre-installed
and good hardware support. By good hardware support, I mean that it
should work without requiring non-free software.</p>
<p>And here comes the Dell XPS 13.</p>
<h3
id="dell-xps-13-ubuntu-wireless-issues-with-qualcomm-atheros-ar9462">Dell
XPS 13 Ubuntu: wireless issues with Qualcomm Atheros AR9462</h3>
<p><a href="https://hroy.eu/posts/dell_ubuntu_wireless/logo-wt-bl.png"><img src="https://hroy.eu/posts/dell_ubuntu_wireless/logo-wt-bl.png" width="49" height="49" alt="Dell logo" class="pull-right" /></a></p>
<p>Dell has launched a project to provide developers with a good laptop.
I am not really a developer in my day-to-day life, but I could certainly
enjoy a good laptop as well ☺</p>
<p>Especially, the <a
href="http://www.ubuntu.com/partners/dell/dellxps">XPS 13 comes with
Ubuntu</a>. I have been told by Otto Kekäläinen (FSFE head in Finland!)
there’s even a custom linux kernel and all that. I could have a look at
his XPS 13 while <a href="https://hroy.eu/posts/fsfe_ecm/"
title="Coming back from the first FSFE Coordinators Meeting">in Berlin
last month</a> and it looked amazing.</p>
<p>So I decided to get one, as I was <a
href="http://blogs.fsfe.org/hugo/2013/01/im-looking-for-a-new-laptop-suggestions/">looking
to replace</a> the Thinkpad Edge that has been around me for the last 3
years (which I have not been very pleased with because of several
hardware issues and not so helpful Lenovo customer relations). The only
thing that was holding me on from buying the XPS 13 was the price. It’s
50% more expensive than the budget I usually put into a laptop.</p>
<p>About two weeks ago, I made up my mind and bought one. I got my hands
on it today. And surprise! the wireless connection drops off momentarily
here and then, something like every 10 minutes. And when I deactivate
bluetooth using the Ubuntu menu in the top-right hand corner, the wifi
drops as well (and it’s super strange to get it back, I have not found
the exact pattern that works).</p>
<p>At this point, I was kind of surprised. But well, I go on with the
setup process, hoping that the wireless connectivity does not drop too
often, because the laptop is too thin to have an RJ45 port as
backup!</p>
<p><small>One thing that did not go well during the setup process, even
though Ubuntu asked me for the keyboard layout, it sticked to QWERTY
afterwards, making it quite painful to enter passwords and
stuff.</small></p>
<p>After the setup (which went very quickly), I decided to upgrade
everything. Maybe that’ll solve it… It didn’t. Of course.</p>
<p>So I opened the terminal, and</p>
<pre class="terminal">
<code>$ lspci
Network controller: Atheros Communications Inc. AR9462 Wireless Network Adapter</code>
</pre>
<p>Why. Oh, why Dell? Why are you doing this to me? The <a
href="http://www.dell.com/fr/entreprise/p/xps-13-linux/pd">original
page</a> where I bought the laptop from states quite clearly:</p>
<blockquote>
<p>Intel® Centrino® Advanced-N 6230 802.11 a/g/n</p>
</blockquote>
<p>Having a quick look around and searching, I see that I’m not the only
one who got a different wireless chipset than the one announced by Dell.
I wouldn’t care so much if it were working out-of-the-box after
updating. But it doesn’t!</p>
<p>And No, I don’t want to fix it myself. The reason why I’m buying a
pre-installed GNU/Linux computer in the first place is to make sure
everything is perfectly supported!</p>
<p>I’m now trying to get mine exchanged for the Intel Centrino wireless
card… But of course, tomorrow is a holiday.</p>
<p>Well, maybe it’s for the best. I am not supposed to tweak my laptop
these days: the bar exam orals are approaching!</p>
Kolab, Up and Running on CentOS 6
https://hroy.eu/posts/kolab_up/
2023-10-30T20:12:37Z
2013-10-20T22:00:00Z
<div class="notebox">
<p>
Other posts in the <em>Installing Kolab series</em>: - <strong><a
href="https://hroy.eu/posts/kolab_fail/" title="Database error after setup script">part
1</a></strong> - <strong><a href="https://hroy.eu/posts/kolab_fail-2/"
title="Setup script failure because of SLDAP">part 2</a></strong> -
<strong><a href="https://hroy.eu/posts/kolab_fail-3/" title="SMTP Error 454">part
3</a></strong> - <strong><a href="https://hroy.eu/posts/kolab_fail-4/"
title="Setup script failure on 3.1">part 4</a></strong>
</p>
</div>
<p>So, after about 4 tries on Debian, I decided to give Kolab a try on
CentOS, the community derivative of Red Hat Entreprise Linux.
Fortunately, I was not completely lost here, it seems I kept some habits
from when I was using Fedora.</p>
<p>A few hints, if you want to install CentOS 6.</p>
<ul>
<li>Finding the download link is not easy from the project’s home page.
<a href="http://wiki.centos.org/Download">Go to the wiki.</a></li>
<li>If you do a netinstall, make sure to use reliable sources
<ul>
<li>when I first tried using free.fr (my ISP’s) mirrors, I had an error
during the install process (something like <a
href="http://bugs.centos.org/view.php?id=6130"
class="uri">http://bugs.centos.org/view.php?id=6130</a>)</li>
<li>when I used the official CentOS mirrors, it went okay: <a
href="http://mirror.centos.org/centos/6/os/x86_64/"
class="uri">http://mirror.centos.org/centos/6/os/x86_64/</a></li>
</ul></li>
<li>if you try with the Live CD/DVD, make sure that your hard drive is
encrypted using a QWERTY-layout-friendly pass phrase…</li>
</ul>
<p>After CentOS was set up, I just followed the not-yet-official docs at
kolab: <a
href="http://hosted.kolabsys.com/~vanmeeuwen/build/html/installation-guide/"
class="uri">http://hosted.kolabsys.com/~vanmeeuwen/build/html/installation-guide/</a>.
Everything went smoothly this time. And within a few minutes, I was
running Kolab.</p>
<p>So far, the only issue I’ve got was that I could not get an email
delivered to a <span class="citation"
data-cites="gmail.com">@gmail.com</span> address, Google decided that I
did not meet <a
href="https://support.google.com/mail/answer/81126?p=ipv6_authentication_error&rd=1#authentication">their
standards</a>. It seems the problem is that the IP address has changed
and thus Google does not like that… I hope it will resolve in the
future, there’s nothing wrong with moving servers around and pointing
the domain to a new IP address after all!</p>
Installing kolab, part 4
https://hroy.eu/posts/kolab_fail-4/
2023-10-30T20:12:17Z
2013-10-19T22:00:00Z
<div class="notebox">
<p>
Other posts in the <em>Installing Kolab series</em>: - <strong><a
href="https://hroy.eu/posts/kolab_fail/" title="Database error after setup script">part
1</a></strong> - <strong><a href="https://hroy.eu/posts/kolab_fail-2/"
title="Setup script failure because of SLDAP">part 2</a></strong> -
<strong><a href="https://hroy.eu/posts/kolab_fail-3/" title="SMTP Error 454">part
3</a></strong> - <strong><a href="https://hroy.eu/posts/kolab_up/"
title="Kolab, Up and Running on CentOS 6">part 5</a></strong>
</p>
</div>
<p>After I upgraded from Kolab 3.0 to 3.1, hoping it would solve the
SMTP issue (i.e. I could not send email from the roundcube app freshly
setup by the kolab script! Same problem with msmtp…), I ended up with
another broken kolab instance: Roundcube wouldn’t connect to the
database any more. When I was trying to restart kolab’s service, all I
got was:</p>
<pre><code>root@totosh:/home/hrd# service kolab-saslauthd start
root@totosh:/home/hrd# Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/saslauthd/__init__.py", line 114, in run
self.do_saslauthd()
File "/usr/lib/python2.7/dist-packages/saslauthd/__init__.py", line 195, in do_saslauthd
auth.connect()
File "/usr/lib/python2.7/dist-packages/pykolab/auth/__init__.py", line 148, in connect
from pykolab.auth import ldap
File "/usr/lib/python2.7/dist-packages/pykolab/auth/ldap/__init__.py", line 38, in <module>
import auth_cache
ImportError: No module named auth_cache</code></pre>
<p>Quite fed up, I tried to re-install the thing again. Yes, I’m trying
really hard to make this work.</p>
<p>So this time, I followed the <a
href="http://hosted.kolabsys.com/~vanmeeuwen/build/html/installation-guide/setup-kolab.html#install-setup-kolab">not-yet-official
docs</a> which are up-to-date to deal with kolab 3.1, the latest release
version.</p>
<p>During the setup, I got this:</p>
<pre><code>Please supply a Kolab Service account password. This account is used by various
services such as Postfix, and Roundcube, as anonymous binds to the LDAP server
will not be allowed.
Kolab Service password [xxxxxxxxxxxxxx]:
Traceback (most recent call last):
File "/usr/sbin/setup-kolab", line 42, in <module>
setup.run()
File "/usr/lib/python2.7/dist-packages/pykolab/setup/__init__.py", line 43, in run
components.execute('_'.join(to_execute))
File "/usr/lib/python2.7/dist-packages/pykolab/setup/components.py", line 170, in execute
execute(component)
File "/usr/lib/python2.7/dist-packages/pykolab/setup/components.py", line 202, in execute
components[component_name]['function'](conf.cli_args, kw)
File "/usr/lib/python2.7/dist-packages/pykolab/setup/setup_ldap.py", line 483, in execute
auth.connect()
File "/usr/lib/python2.7/dist-packages/pykolab/auth/__init__.py", line 148, in connect
from pykolab.auth import ldap
File "/usr/lib/python2.7/dist-packages/pykolab/auth/ldap/__init__.py", line 38, in <module>
import auth_cache
ImportError: No module named auth_cache</code></pre>
<p>Yet again, on a completely fresh Debian wheezy, Kolab’s setup
failed.</p>
<p>The conclusion, that others have got to on the IRC channel (hello
bertie if you read this!) is that Kolab was not working on Debian at
that point.</p>
<p>So I’m now trying CentOS, which I never used… I’m not too happy to
have to try to get used to a whole new system just to run Kolab. But I
guess it can’t hurt to learn a little bit about CentOS and since the
machine’s only purpose is actually to run Kolab, it seems like the best
choice.</p>
<p>Fortunately now, some people are contributing to <a
href="https://hroy.eu/posts/looking_forward_mozfest/">fix the Debian packages of
Kolab</a>. I’ll try again in the future!</p>
Facebook, an open source company?
https://hroy.eu/posts/facebook_open-source_company/
2023-10-30T20:57:09Z
2013-10-17T22:00:00Z
<p>In today’s world, communication and branding matter almost as much in
business as they do in conveying ideas and ethics. Which is why I often
wonder, what the people using the term “Open Source” are doing against
<a
href="http://readwrite.com/2013/10/17/is-facebook-the-worlds-largest-open-source-company">this</a>:</p>
<blockquote>
<p>Is Facebook The World’s Largest Open Source Company?</p>
</blockquote>
<p>Yes, says Matt Asay–who claimed that for Free Software/Open Source to
succeed in business, <a
href="http://news.cnet.com/8301-13505_3-10168267-16.html">“it may need a
little help from proprietary software.”</a></p>
<p>So, one must wonder…</p>
<h3 id="what-makes-facebook-an-open-source-company">What makes Facebook
an Open Source company?</h3>
<p>I hope that, at this point, we can drop the notion of Free Software;
because free software focuses on the <a
href="http://www.gnu.org/philosophy/free-sw.en.html">users’ rights</a>
to be in control of the technology that affects them. If there’s anyone
in control of Facebook, it’s Mark Zuckerberg, certainly not the users.
<a class="toggle" href="https://hroy.eu/feeds/#posts-facebook-open-source-company.fsvos">↓↓↓</a></p>
<div id="posts-facebook-open-source-company.fsvos" class="toggleable">
</div>
<ul>
<li><p>Even though open source software and free software designate the
<a href="http://www.gnu.org/philosophy/categories.en.html">exact same
category of software</a>, and the <a
href="http://blog.hugoroy.eu/2012/02/23/free-software-v-open-source-community/">community
of people who develop free and open source software</a> is not as
divided as some might think, there’s no denying that the terms convey
different meaning, have a different emphasis.</p>
<p>Actually, it’s not entirely clear to me what the term Open Source
conveys any more. What hasn’t helped at all, is the belief that “the
Internet”, as Morozov would put it, can been used as the driver for
solving everything in all areas; and that the same is true of Open
Source. Open Source bears some of the same hype that “the Internet”
does. Think open data, open access, open innovation<a href="https://hroy.eu/feeds/#fn1"
class="footnote-ref" id="fnref1" role="doc-noteref"><sup>1</sup></a>,
open government, open science, etc.</p></li>
</ul>
<p>What “<a href="http://dictionary.reference.com/browse/open">open</a>”
even means is relatively ambiguous. Ambiguous enough that Facebook can
claim as far as 2006 to be about a “<a
href="https://www.facebook.com/notes/facebook/the-spirit-of-openness/2223862130">spirit
of openness</a>.”</p>
<p>That reminds me of an <a
href="http://fsfe.org/activities/os/eifv2.en.html">internal European
Commission draft</a> that was leaked on which I worked with Karsten at
the <a href="http://fsfe.org">FSFE</a> in 2009:</p>
<blockquote>
<p>“Specifications, software and software development methods that
promote collaboration and the results of which can freely be accessed,
reused and shared are considered open and lie at one end of the spectrum
while non-documented, proprietary specifications, proprietary software
and the reluctance or resistance to reuse solutions, i.e. the”not
invented here” syndrome, lie at the other end.</p>
</blockquote>
<blockquote>
<p>The spectrum of approaches that lies between these two extremes can
be called the openness continuum.”</p>
</blockquote>
<p>With this kind of nonsense, you can say anything. I was trying to put
it into words. I remember Georg put it brilliantly: to say that
proprietary software lies at one end of the openness continuum equals to
saying that North-Korea lies at one end of the democratic continuum.</p>
<p>Maybe all this is possible, because in this context, open is meant to
refer explicitly to free software/open source software. But that’s
missing the point of what free software actually is about, and about how
you categorise free software.</p>
<p>Proprietary software isn’t at the end of the free software continuum,
it’s antagonistic to free software. They’re opposite. You can’t have
both; it’s either something’s been distributed to the users of the
program with a license that grants them the four essential rights to
use, share, study and improve the program; or it’s not.</p>
<p>Now, let’s go back to Facebook. Without thinking clearly, sure,
Facebook could end up inside the “openness continuum” of whatever.</p>
<p>But before saying that Facebook is an open source company, one must
ask: is Facebook a software company to begin with? And if not, then what
is Facebook doing that has to do with open source at all?</p>
<p>Look closely, and you’ll realise that all that Facebook’s releasing
as free software/open source is not related to the core of the service
they’re providing their users with over at facebook.com.</p>
<p>Sure, it’s publishing some of its in-house developed software, for
data centers, database, etc. In that sense, it’s quite clearly in
accordance to the current mantra, “<a
href="http://tom.preston-werner.com/2011/11/22/open-source-everything.html">open
source (almost) everything</a>” in which the part that’s left off is
actually the most important part.</p>
<p>But that’s not enough to call yourself an “open source company.” Or
does that mean that all manufacturers embedding a linux kernel in their
device are open source companies as soon as they release sources of
their modifications to the kernel? Of course not!</p>
<h3 id="what-makes-a-free-software-company-then">What makes a Free
Software company, then?</h3>
<blockquote>
<p>usage of and contribution to Free Software are not differentiators
for what makes a Free Software company. The critical differentiator is
provision of Free Software downstream to customers. In other words: Free
Software companies are companies that have adopted business models in
which the revenue streams are not tied to proprietary software model
licensing conditions.</p>
</blockquote>
<p>Georg published <a
href="https://fsfe.org/freesoftware/enterprise/freesoftwarecompany.en.html">an
article</a> in 2008 precisely about this issue.</p>
<aside id="footnotes" class="footnotes footnotes-end-of-document"
role="doc-endnotes">
<hr />
<ol>
<li id="fn1">What’s most troubling about “open innovation” is that
innovation itself is deeply misunderstood, too often confused with
merely “packaging” existing technologies–at which Apple excels, even
though Apple is far, far, from being “open.”
<div class="toggleableend">
</div>
<a href="https://hroy.eu/feeds/#fnref1" class="footnote-back" role="doc-backlink">↩︎</a></li>
</ol>
</aside>
Setting up Firefox Sync
https://hroy.eu/posts/setup_mozilla-sync/
2023-10-30T19:54:26Z
2013-10-11T21:03:13Z
<p><a href="https://en.wikipedia.org/wiki/Firefox_Sync">Sync</a> enables
to have Firefox on several devices and to sync bookmarks, passwords,
history, and other browser data between them.</p>
<p>By default, Firefox Sync will use Mozilla’s servers. (Hence, you have
to agree to their Privacy Policy and to their Terms, I hope <a
href="https://tosdr.org/#mozilla">you’ve read them</a>, right?)</p>
<p>There’s nothing wrong with Mozilla, they’re big champion of Free
Software. But on the one hand, there’s definitely something troubling
with sending very private data such as browsing history over the
internet. Fortunately, Sync encrypts locally before uploading data and I
hope they’re up to the Free Software standards of <a
href="https://wiki.mozilla.org/Labs/Weave/Crypto">crypto</a>.</p>
<p>On the other hand, centralisation is often a problem (don’t put all
your eggs in the same basket!). First, it puts the burden of maintaining
huge Sync servers on Mozilla whereas a lot of users could be running
Sync themselves and thus do a favour to Mozilla. Second, Mozilla becomes
a single point of failure in case something’s wrong with Sync; and with
all the crazy stuff NSA’s been doing lately avoiding single points of
failure is good because it raises the costs of surveillance.</p>
<p>And really, it is so simple to set up, that you really wonder why you
haven’t done it before!</p>
<p>[I’m starting yet another folder on this blog/wiki where I’m going to
post some of the <span
class="createlink"><a href="https://hroy.eu/cgi-bin/ikiwiki.cgi?do=create&from=posts%2Fsetup_mozilla-sync&page=configs" rel="nofollow">?</a>configs</span>
for my home servers.]</p>
Installing kolab, part 2
https://hroy.eu/posts/kolab_fail-2/
2023-10-30T20:11:20Z
2013-10-05T22:00:00Z
<div class="notebox">
<p>
Other posts in the <em>Installing Kolab series</em>: - <strong><a
href="https://hroy.eu/posts/kolab_fail/" title="Database error after setup script">part
1</a></strong> - <strong><a href="https://hroy.eu/posts/kolab_fail-3/"
title="SMTP Error 454">part 3</a></strong> - <strong><a
href="https://hroy.eu/posts/kolab_fail-4/" title="Setup script failure on 3.1">part
4</a></strong> - <strong><a href="https://hroy.eu/posts/kolab_up/"
title="Kolab, Up and Running on CentOS 6">part 5</a></strong>
</p>
</div>
<p>I’ve been told not to run setup-kolab twice, and to try the
development packages provided by <a
href="http://mirror.kolabsys.com/pub/debian/kolab-3.0/"
class="uri">http://mirror.kolabsys.com/pub/debian/kolab-3.0/</a>.
Unfortunately, setup-kolab failed, again.</p>
<pre><code>Traceback (most recent call last):
File "/usr/sbin/setup-kolab", line 42, in <module>
setup.run()
File "/usr/lib/python2.7/dist-packages/pykolab/setup/__init__.py", line 43, in run
components.execute('_'.join(to_execute))
File "/usr/lib/python2.7/dist-packages/pykolab/setup/components.py", line 170, in execute
execute(component)
File "/usr/lib/python2.7/dist-packages/pykolab/setup/components.py", line 202, in execute
components[component_name]['function'](conf.cli_args, kw)
File "/usr/lib/python2.7/dist-packages/pykolab/setup/setup_ldap.py", line 247, in execute
setup_ds_admin,
UnboundLocalError: local variable 'setup_ds_admin' referenced before assignment</code></pre>
<p>At this point, I don’t really know what do do any more! I guess I’ll
have to find out how to report a bug in the kolab community. Let’s this
how this goes…</p>
Installing kolab, part 3
https://hroy.eu/posts/kolab_fail-3/
2023-10-30T20:11:51Z
2013-10-05T22:00:00Z
<div class="notebox">
<p>
Other posts in the <em>Installing Kolab series</em>: - <strong><a
href="https://hroy.eu/posts/kolab_fail/" title="Database error after setup script">part
1</a></strong> - <strong><a href="https://hroy.eu/posts/kolab_fail-2/"
title="Setup script failure because of SLDAP">part 2</a></strong> -
<strong><a href="https://hroy.eu/posts/kolab_fail-4/"
title="Setup script failure on 3.1">part 4</a></strong> - <strong><a
href="https://hroy.eu/posts/kolab_up/" title="Kolab, Up and Running on CentOS 6">part
5</a></strong>
</p>
</div>
<p>So the problem related to a former installation of “sldap”. So now I
purged everything and tried running setup-kolab again. It seems now to
be fine. Except that I can’t send emails, getting SMTP error 454 in
roundcube.</p>
<p>But again, I found it was incredibly hard to set up kolab for
self-hosting amateurs. On the one hand, I wished they could get some
inspiration from <a href="http://yunohost.org/">YunoHost</a>, on the
other hand, Kolab has been there for so long that it’s very
professional.</p>
<p>Let’s see how it goes…</p>
Installing kolab, part 1
https://hroy.eu/posts/kolab_fail/
2023-10-30T20:11:04Z
2013-10-04T22:00:00Z
<div class="notebox">
<p>
Other posts in the <em>Installing Kolab series</em>: - <strong><a
href="https://hroy.eu/posts/kolab_fail-2/"
title="Setup script failure because of SLDAP">part 2</a></strong> -
<strong><a href="https://hroy.eu/posts/kolab_fail-3/" title="SMTP Error 454">part
3</a></strong> - <strong><a href="https://hroy.eu/posts/kolab_fail-4/"
title="Setup script failure on 3.1">part 4</a></strong> - <strong><a
href="https://hroy.eu/posts/kolab_up/" title="Kolab, Up and Running on CentOS 6">part
5</a></strong>
</p>
</div>
<p>Grr. I just spent some time setting up a new debian machine to serve
as a new personal and self hosted server. So I started with trying out
kolab.</p>
<p>I followed the instructions in <a
href="http://docs.kolab.org/fr-FR/Kolab_Groupware/3.0/html/Community_Installation_Guide/chap-Community_Installation_Guide-Configuration.html">the
official doc</a> and then run</p>
<pre><code>setup-kolab</code></pre>
<p>Unfortunately, it didn’t work. When accessing the Kolab web admin
interface, I had no way to add users. Then I figured out that I could
not connect as root to mysql even though I had just set up a root
account for mysql during the setup-kolab process. After trying out with
the former mysql password, I discovered the database was there properly.
But still, the Kolab web admin wouldn’t let me add users as if there was
a problem and indeed the Roundcube panel was giving a nice</p>
<blockquote>
<p>DATABASE ERROR: CONNECTION FAILED!</p>
</blockquote>
<p>At this point I thought I could try running setup-kolab again to see
what could get wrong. I can’t even get to the end of it, now I get…</p>
<pre><code>Kolab Service password []:
Traceback (most recent call last):
File "/usr/sbin/setup-kolab", line 42, in <module>
setup.run()
File "/usr/lib/python2.7/dist-packages/pykolab/setup/__init__.py", line 43, in run
components.execute('_'.join(to_execute))
File "/usr/lib/python2.7/dist-packages/pykolab/setup/components.py", line 170, in execute
execute(component)
File "/usr/lib/python2.7/dist-packages/pykolab/setup/components.py", line 202, in execute
components[component_name]['function'](conf.cli_args, kw)
File "/usr/lib/python2.7/dist-packages/pykolab/setup/setup_ldap.py", line 405, in execute
auth._auth.ldap.add_s(dn, ldif)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 195, in add_s
return self.result(msgid,all=1,timeout=self.timeout)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 458, in result
resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 462, in result2
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all,timeout)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 469, in result3
resp_ctrl_classes=resp_ctrl_classes
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 476, in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
File "/usr/lib/python2.7/dist-packages/ldap/ldapobject.py", line 99, in _ldap_call
result = func(*args,**kwargs)
ldap.INAPPROPRIATE_AUTH: {'info': 'Anonymous access is not allowed.', 'desc': 'Inappropriate authentication'}</code></pre>
<p>Yes. Quite annoying.</p>
https://hroy.eu/posts/fsfe_ecm/
2023-10-30T20:58:41Z
2013-10-02T22:00:00Z
<aside class="pull-right">
<span
class="createlink"><a href="https://hroy.eu/cgi-bin/ikiwiki.cgi?do=create&from=posts%2Ffsfe_ecm&page=%2Fimages%2Ffsfe_ecm-group_pic%2F2013-09-ECM-group-picture.JPG" rel="nofollow">?</a>2013-09-ECM-group-picture.JPG</span>
</aside>
<p>Last week, I left Paris for the <a
href="https://blogs.fsfe.org/lucile.falg/2013/10/01/first-european-coordinators-meeting-2/">first
ever FSFE coordinators meeting</a>. So-called “coordinators” who came to
this meeting are FSFE activists, usually volunteers, organising
activities and campaigns with other FSFE fellows and free software
activists in their local area. They also usually hold FSFE fellowship
meetings to prepare such activities, discuss Free Software, attend and
organise talks, etc.<a href="https://hroy.eu/feeds/#fn1" class="footnote-ref" id="fnref1"
role="doc-noteref"><sup>1</sup></a> These coordinators are amongst the
most important volunteers within FSFE. Some of the groups they
coordinate were started around 2005 when the Free Software Foundation
Europe launched the Fellowship programme, which is the primary way free
software activists can identify with the FSFE and support it work.</p>
<p>(BTW, there’s now a very simple way to show us your support, and
that’s to sign-up as a supporter: <a href="https://fsfe.org/support"
class="uri">https://fsfe.org/support</a>.)</p>
<p>As <a href="https://wiki.fsfe.org/election11">former fellowship
representative</a>, I attended 2 <a
href="https://fsfe.org/about/members.html">General Assemblies</a> for
FSFE, and thus had the chance to visit 2 European cities I’ve never been
to, and connect to free software users and developers in the area of
Ljubljana and Lisbon (in 2 weeks, it will be Vienna!)</p>
<p>However, I’ve expressed on these occasions that there should be other
face-to-face meetings within the FSFE, because they’re important for our
personal relations and they’re motivation-boosters. Aside from that, the
meetings themselves can also be very productive.</p>
<p>So the mere fact that this first FSFE coordinators meeting has
happened is already great, and I’m sure looking forward to the next one!
I think we should take the chance that most of us will be at FOSDEM, as
usual, to organise something in addition to FOSDEM (like one day
before).</p>
<p>Thanks to everyone who joined!</p>
<aside id="footnotes" class="footnotes footnotes-end-of-document"
role="doc-endnotes">
<hr />
<ol>
<li id="fn1"><p>Meanwhile in Vienna, Fellows of the FSFE had a booth at
the city hall for the Game City Fair. <a
href="http://blogs.fsfe.org/franz.gratzer/2013/10/03/fsfe-booth-on-game-city-fair-2013-in-vienna/">Check
it out!</a><a href="https://hroy.eu/feeds/#fnref1" class="footnote-back"
role="doc-backlink">↩︎</a></p></li>
</ol>
</aside>
We need another Hacker News
https://hroy.eu/posts/new-hacker-news/
2023-10-30T21:07:32Z
2013-09-21T22:00:00Z
<p>I stumbled upon a Wired article <a
href="https://news.ycombinator.com/item?id=6417084">on Hacker News</a>
this morning, explaining how bitcoin could help homeless people:</p>
<blockquote>
<p>The bitcoin system could become an equalizer for the country’s
homeless, a place where the stigma of living on the streets isn’t as
pronounced.</p>
</blockquote>
<p>The article shows three persons sitting on the floor with dogs and
laptops.</p>
<p>I started reading Morozov’s <a
href="http://clickherethebook.com/">“To Save everything Click Here”</a>
and I thought it was kind of sad that this article wasn’t published
<em>before</em> the book was released. I’m sure Morozov would have had
some brilliant way to depict how insanely absurd this is.
<a class="toggle" href="https://hroy.eu/feeds/#posts-new-hacker-news.save-everything">↓↓↓</a></p>
<div id="posts-new-hacker-news.save-everything" class="toggleable">
</div>
<blockquote class="twitter-tweet">
<p>
I've suspected this all along: Bitcoin is just an underground government
welfare program for the homeless.
</p>
— Evgeny Morozov (<span class="citation"
data-cites="evgenymorozov">@evgenymorozov</span>) <a
href="https://twitter.com/evgenymorozov/statuses/382164506534608896">September
23, 2013</a>
</blockquote>
<script async src="https://hroy.eu//platform.twitter.com/widgets.js"
charset="utf-8"></script>
I had to stop reading it when I really had to focus on the bar written
exams which was this week. So far, I liked it a lot and I really
recommend it. I suppose I’ll write a short review soon.
<div class="toggleableend">
</div>
<p>The article was featured on Hacker News. I find this website less and
less interesting. It has its own cycles. For some time, I think the
website should really have been renamed “Startup News.” But now, I don’t
even think that’s what it is any more. I can’t really tell.</p>
<p>Needless to say, I feel that I really lost interest in it. I started
enjoying RSS again when I discovered Feedbin.me (which was recently
published as free software ☺ <a
href="https://github.com/feedbin/feedbin">on github</a>) but this is a
very different kind of source for reading than communities like hacker
news can be.</p>
<p>So I feel like somebody should start a replacement for hacker news.
Maybe something more focused on actual hackery. Why not something else
more focused on political and technological discussions, on software
freedom and larger subjects related to technology and freedom (which are
both at the centre of what hacking means to me).</p>
<p>I had a look at Lamer News, a hacker news clone based on ruby using
redis for handling data. I tried deploying it to heroku but it didn’t
work for me ☹. I will investigate this later. If you’re interested,
please <a href="http://hugoroy.eu/index.en.html#email">get in
touch</a>.</p>
<p>PS: In case you didn’t know, there’s a way to get the best out of
Hacker News. First, go to your profile settings and enable the
noprocrast option which prevents you from procrastinating too much (the
feature is explained in the FAQ). Second, change your bookmark and go
read the best: <a href="https://news.ycombinator.com/best"
class="uri">https://news.ycombinator.com/best</a> and eventually leave
the rest. (The fact that the “best” of HN is so bad these days is a sign
that the overall quality has really degraded IMHO).</p>