Re: Need mentorship and support

[Jochen Spieker]

Himanshu Shekhar:
> 
> Also, I would love to know about good sources to learn and practice Bash. I
> followed "The Linux Command Line by William E. Shotts".

ABS is my go-to reference for bash:
http://www.tldp.org/LDP/abs/html/

And to get your program into Debian:
http://mentors.debian.net/

J.
-- 
If nightclub doormen recognised me I would be more fulfilled.
[Agree]   [Disagree]
 


signature.asc
Description: Digital signature

Re: iceape availability

[Ken Heard]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 2016-02-25 22:46, Bret Busby wrote:
> On 25/02/2016, Richard Owlett  wrote:
>> On 2/25/2016 7:38 AM, Lisi Reisz wrote:
>>> On Thursday 25 February 2016 12:59:29 Siard wrote:
 On Thu, 25 Feb 2016 14:08:20 +0800, Bret Busby wrote:
> I searched for a .deb package, for iceape, so that I could
> download the package for the iceape suite, to try to
> install it.
 
 AFAIK, Iceape, being the Debian version of Seamonkey, has
 been discontinued for quite some time now. There is only an
 old version for squeeze (oldoldstable) in the repos.
>>> 
>>> https://packages.debian.org/search?suite=default§ion=all&arch=an
y&searchon=names&keywords=Iceape
>>>
>>>
>>> 
Lisi
>>> 
>>> 
>> 
>> That has *SECURITY* patches. But what upstream version is it 
>> based on? SeaMonkey is currently at 2.39 .
>> 
>> 
>> 
> 
> I currently have and use, seamonkey v 2.29 (.1, I think), as the 
> latest version of which I have been aware, has been available as a 
> .deb package.

Is that package available for Debian, or only for the Ubuntu offshoot?
 I ran Lisi's URL for =Seamonkey instead of =Iceweasel but received a
nil return.  Since the demise of Iceape I am using Seamonkey,
presently version 2.31, directly from Mozilla, with Wheezy.

Ken

-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.19 (GNU/Linux)

iEYEARECAAYFAlbQAmcACgkQlNlJzOkJmTerfgCeNH045cqeG11DmOrCKwYHatqR
TkkAniPkAFDvEOQPniULor3FgEKd2574
=b6HA
-END PGP SIGNATURE-

Re: Debian and Firefox/Iceweasel

[mudongliang]

On 02/26/2016 10:53 AM, Charlie Kravetz wrote:
> On Fri, 26 Feb 2016 08:01:43 +1100
> "Daniel"  wrote:
>
> > While not relevant to Debian, Pale Moon for Windows is neat.
>
>
>
> > From: H Kyu [mailto:henry.s@gmail.com]
> > Sent: 26 February, 2016 7:40 AM
> > To: debian-user@lists.debian.org; secur...@debian.org
> > Subject: Debian and Firefox/Iceweasel
>
>
>
> > ​Hello -
>
> > Recently, Mozilla's Firefox browser introduced a few new features that got 
> > me to remove Firefox on my Windows PC altogether.  The features were Hello, 
> > Camera Access (Android), and screen-sharing.  Every single one of those 
> > features did not sit well with me from a security perspective.  On top of 
> > that, Firefox seems to be splitting away from the Gecko engine, the Gecko 
> > engine was the main reason for my using Firefox in the first place - 
> > because I disliked the functional model of WebKits.  If I wanted a WebKit, 
> > I'd have used Chrome.  
>
> > Then there is the interface - I prefer the Firefox 1 interface... in fact, 
> > I prefer the Netscape Navigator 4's interface even better - practical and 
> > informational.  I like my status bar, and all my buttons showing all the 
> > time, even if disabled.  I like status indicators, which includes 
> > grayed-out buttons.  I also prefer the old settings screen where the 
> > browser remembers the last settings tab, and I can see all the settings 
> > without scrolling.  I am still amazed at the fact that Firefox would just 
> > abandon their core fans and move away to cater to others.   
>
> > Debian's Gnome uses Iceweasel much like Windows uses IE.  
>
> > MY QUESTION:  Would Iceweasel also be incorporating those bothersome 
> > features in the near future?  If so, would it be possible to use Debian 
> > without Iceweasel or any Mozilla product?  
>
> > Window 7 coming to an end in 2020, and Windows 10 being essentially 
> > spyware, I am seriously looking for an alternative system.  I have been 
> > using Debian on my 2nd computer for a few years now and I am quite 
> > comfortable with the basics of the operating system so Debian is my first 
> > choice.  But if Iceweasel incorporates those Firefox features, I would have 
> > to also switch away from Debian.  
>
> > Thanks.  - hk ​
>
>
> Latest announcement is that Debian will be using Firefox instead of the
> iceweasel name soon. Knowing that, I would guess, yes, Debian will
Which announcement? Can you show its url?
> include those same features.
>

-- 
My best regards to you.

 No System Is Safe!
 mudongliang

Re: Debian and Firefox/Iceweasel

[Adam Wilson]

On Thu, 25 Feb 2016 12:39:59 -0800 H Kyu  wrote:

> ​Hello -
> 
> Recently, Mozilla's Firefox browser introduced a few new features
> that got me to remove Firefox on my Windows PC altogether.  The
> features were Hello, Camera Access (Android), and screen-sharing.
> Every single one of those features did not sit well with me from a
> security perspective.  On top of that, Firefox seems to be splitting
> away from the Gecko engine, the Gecko engine was the main reason for
> my using Firefox in the first place - because I disliked the
> functional model of WebKits.  If I wanted a WebKit, I'd have used
> Chrome.

If you hate Mozilla that much, just use a different web browser.
Freedom of choice is the Debian way. For browsers similar to the
classic Netscape/Mosaic layout, I recommend Midori, Seamonkey, or even
Konqueror.

Re: KDE 5 in Debian

[Adam Wilson]

On Fri, 26 Feb 2016 03:14:03 +0530 Himanshu Shekhar
 wrote:

> Has anyone tried installing KDE plasma desktop (KDE 5) on Debian
> Stable. Yeah, it's not in stable, but is there any way to install it
> without losing the benefits of Debian stable.

The whole point of Debian stable is that it is supposed to be just
that- stable. Installing packages from testing/unstable will just net
you a FrankenDebian and defeat the whole point of having stable in the
first place with packages that haven't been properly tested/debugged.

Even if you were to install KDE 5, it would require so many updated
dependencies that you'd essentially have created a testing system
anyway.

If you want newer packages, just upgrade to testing. You cannot make
massive system overhauls like this on a stable system without
effectively forfeiting the benefits of a stable system in the first
place.

If you are prepared to put up with some troubleshooting for newer
packages and you know what you're doing, upgrade to testing/unstable.
If not, stick with stable. It Just Works.

> Also, I have Gnome already installed alongside Xfce. Would that
> trouble?

It shouldn't. Which DM do you plan to use after you have carried out
your plan of action? KDM? GDM?

Re: Debian and Firefox/Iceweasel

[Gary Dale]

On 25/02/16 06:38 PM, arian wrote:



Debian's Gnome uses Iceweasel much like Windows uses IE.

I'm not really sure what you mean. It's Debians default browser in the way I 
think IE is currently Windows' default browser, but it's not used outside of 
being used as a browser. Many programs use some flavor of webkit for the like 
of displaying help pages. Which is what IE also does or at least did on Windows.
To clarify, IE is tightly integrated into Windows so that it can't be 
fully removed. Firefox/Iceweasel doesn't have that integration. If you 
don't like a browser, don't use it. Since the OP liked Netscape, perhaps 
he may consider Seamonkey?

Re: Debian and Firefox/Iceweasel

[Jerome BENOIT]

Hello Charlie:

On 26/02/16 03:53, Charlie Kravetz wrote:
> if Iceweasel incorporates those Firefox features, I would have to also switch 
> away from Debian.  


Is it not an extreme attitude ? There are plenty of web browser around: 

https://wiki.debian.org/WebBrowsers

Be aware that the list is not complete: for instance xombrero is not listed.

hth,
Jerome

Re: Debian and Firefox/Iceweasel

[Charlie Kravetz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Fri, 26 Feb 2016 08:01:43 +1100
"Daniel"  wrote:

>While not relevant to Debian, Pale Moon for Windows is neat.
>
> 
>
>From: H Kyu [mailto:henry.s@gmail.com] 
>Sent: 26 February, 2016 7:40 AM
>To: debian-user@lists.debian.org; secur...@debian.org
>Subject: Debian and Firefox/Iceweasel
>
> 
>
>​Hello - 
>
>Recently, Mozilla's Firefox browser introduced a few new features that got me 
>to remove Firefox on my Windows PC altogether.  The features were Hello, 
>Camera Access (Android), and screen-sharing.  Every single one of those 
>features did not sit well with me from a security perspective.  On top of 
>that, Firefox seems to be splitting away from the Gecko engine, the Gecko 
>engine was the main reason for my using Firefox in the first place - because I 
>disliked the functional model of WebKits.  If I wanted a WebKit, I'd have used 
>Chrome.  
>
>Then there is the interface - I prefer the Firefox 1 interface... in fact, I 
>prefer the Netscape Navigator 4's interface even better - practical and 
>informational.  I like my status bar, and all my buttons showing all the time, 
>even if disabled.  I like status indicators, which includes grayed-out 
>buttons.  I also prefer the old settings screen where the browser remembers 
>the last settings tab, and I can see all the settings without scrolling.  I am 
>still amazed at the fact that Firefox would just abandon their core fans and 
>move away to cater to others.   
>
>Debian's Gnome uses Iceweasel much like Windows uses IE.  
>
>MY QUESTION:  Would Iceweasel also be incorporating those bothersome features 
>in the near future?  If so, would it be possible to use Debian without 
>Iceweasel or any Mozilla product?  
>
>Window 7 coming to an end in 2020, and Windows 10 being essentially spyware, I 
>am seriously looking for an alternative system.  I have been using Debian on 
>my 2nd computer for a few years now and I am quite comfortable with the basics 
>of the operating system so Debian is my first choice.  But if Iceweasel 
>incorporates those Firefox features, I would have to also switch away from 
>Debian.  
>
>Thanks.  - hk ​
>

Latest announcement is that Debian will be using Firefox instead of the
iceweasel name soon. Knowing that, I would guess, yes, Debian will
include those same features.

- -- 
Charlie Kravetz
Linux Registered User Number 425914
[http://linuxcounter.net/user/425914.html]
Never let anyone steal your DREAM.   [http://keepingdreams.com]
-BEGIN PGP SIGNATURE-
Version: GnuPG v1

iQEcBAEBAgAGBQJWz74OAAoJEIqui46mydCATjoIAJz0vjHNStfFCR0zdYRgMere
OnxSJEb+Lfvw7Bp7IsYk11VYpxfHCWxoRfSlTkC273cjGy7Xoqp30s7H5QW3r/7U
URRlhJE7j9XGvLSReFpVwKsM/lpKo/8xKF72AbBc7L/f7bxIgdrMXb6keXBzERdJ
JYDt1y7s9JCfbk6Q+hWM/lAlsbm48oPRC+ooqgLpsiSIYQQXm8Ma+3GwzRYF6hRR
0xLN/1MzEi0dvIv65UT9NZWj1r+mesBDxY/AnuaOJGmFMH9zWrvAh0j2t5Nf98EY
jkBmgU0YsPQEpqy6npD1al75xfQVU3Ou4eggm4A4rpKgO4YEKU7yG30AJxRSnrk=
=zmgj
-END PGP SIGNATURE-

Re: Debian and Firefox/Iceweasel

[John Hasler]

H Kyu writes:
> Would Iceweasel also be incorporating those bothersome features in the
> near future? If so, would it be possible to use Debian without
> Iceweasel or any Mozilla product?

GNOME does not require Iceweasel and Debian requires neither GNOME nor
Iceweasel.  There are many desktop environments[1] in the archive and
also many browsers.

[1] It is possible to do just fine with no DE at all, but I won't
suggest that.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: Debian and Firefox/Iceweasel

[Lisi Reisz]

On Thursday 25 February 2016 21:01:43 Daniel wrote:
> While not relevant to Debian, Pale Moon for Windows is neat.

Pale Moon can be used in Debian too.

https://www.google.co.uk/search?q=Pale+Moon+debian&oq=Pale+Moon+debian&aqs=chrome..69i57.3921j0j7&sourceid=chrome&es_sm=93&ie=UTF-8

Lisi

> From: H Kyu [mailto:henry.s@gmail.com]
> Sent: 26 February, 2016 7:40 AM
> To: debian-user@lists.debian.org; secur...@debian.org
> Subject: Debian and Firefox/Iceweasel
>
>
>
> ​Hello -
>
> Recently, Mozilla's Firefox browser introduced a few new features that got
> me to remove Firefox on my Windows PC altogether.  The features were Hello,
> Camera Access (Android), and screen-sharing.  Every single one of those
> features did not sit well with me from a security perspective.  On top of
> that, Firefox seems to be splitting away from the Gecko engine, the Gecko
> engine was the main reason for my using Firefox in the first place -
> because I disliked the functional model of WebKits.  If I wanted a WebKit,
> I'd have used Chrome.
>
> Then there is the interface - I prefer the Firefox 1 interface... in fact,
> I prefer the Netscape Navigator 4's interface even better - practical and
> informational.  I like my status bar, and all my buttons showing all the
> time, even if disabled.  I like status indicators, which includes
> grayed-out buttons.  I also prefer the old settings screen where the
> browser remembers the last settings tab, and I can see all the settings
> without scrolling.  I am still amazed at the fact that Firefox would just
> abandon their core fans and move away to cater to others.
>
> Debian's Gnome uses Iceweasel much like Windows uses IE.
>
> MY QUESTION:  Would Iceweasel also be incorporating those bothersome
> features in the near future?  If so, would it be possible to use Debian
> without Iceweasel or any Mozilla product?
>
> Window 7 coming to an end in 2020, and Windows 10 being essentially
> spyware, I am seriously looking for an alternative system.  I have been
> using Debian on my 2nd computer for a few years now and I am quite
> comfortable with the basics of the operating system so Debian is my first
> choice.  But if Iceweasel incorporates those Firefox features, I would have
> to also switch away from Debian.
>
> Thanks.  - hk ​

Re: Debian and Firefox/Iceweasel

[Lisi Reisz]

On Thursday 25 February 2016 20:39:59 H Kyu wrote:
> But if Iceweasel incorporates those Firefox features, I would have
> to also switch away from Debian.

You are confusing Debian with Gnome.  Debian is the distro.  Gnome is the 
Desktop environment.  I believe that Gnome uses Iceweasel by default, though 
I am sure that you can change it.  I have so far never used a DE that used 
Iceweasel by default.  There are plenty of others browsers you can use in 
Debian!!  In fact, I thought that the default browser in Gnome was Evolution, 
but I don't use Gnome, so I am probably wrong.

Disliking the entirely avoidable Iceweasel is a very poor reason to consider 
avoiding Debian. ;-) :-)

Lisi

Re: Debian and Firefox/Iceweasel

[Patrick Bartek]

On Thu, 25 Feb 2016, H Kyu wrote:

> ​Hello -
> 
> Recently, Mozilla's Firefox browser introduced a few new features
> that got me to remove Firefox on my Windows PC altogether.  The
> features were Hello, Camera Access (Android), and screen-sharing.
> Every single one of those features did not sit well with me from a
> security perspective.  On top of that, Firefox seems to be splitting
> away from the Gecko engine, the Gecko engine was the main reason for
> my using Firefox in the first place - because I disliked the
> functional model of WebKits.  If I wanted a WebKit, I'd have used
> Chrome.
> 
> Then there is the interface - I prefer the Firefox 1 interface... in
> fact, I prefer the Netscape Navigator 4's interface even better -
> practical and informational.  I like my status bar, and all my
> buttons showing all the time, even if disabled.  I like status
> indicators, which includes grayed-out buttons.  I also prefer the old
> settings screen where the browser remembers the last settings tab,
> and I can see all the settings without scrolling.  I am still amazed
> at the fact that Firefox would just abandon their core fans and move
> away to cater to others.

I like real manual transmissions:  They are simplier, last two to
three times longer (maybe more) than automatics, have fewer problems,
give better gas mileage, are easier to repair when they do break, and
the driver chooses the proper time to shift not some design engineer.
Unfortunately, almost all cars and trucks come with automatic by
default.  No one these days is even taught how to drive with a manual
transmission.  Makes for lousier drivers.

Ditto, the classic browser interface.  Everything these days is oriented
to users of smartphones and tablets which software providers have
deemed THE MARKET.  Progress doesn't alway mean better.

> Debian's Gnome uses Iceweasel much like Windows uses IE.

Not really.  Iceweasel is just Firefox with all branding removed.
Necessary to fulfill Debian and Firefox's legal policies.

> MY QUESTION:  Would Iceweasel also be incorporating those bothersome
> features in the near future?  If so, would it be possible to use
> Debian without Iceweasel or any Mozilla product?

It might.  And, of course.

Feel free to use any Linux compatible browser you wish.
There are more than just Firefox/Iceweasel or Chrome.  Just because
they aren't in the repositories, doesn't mean they won't work.


> Window 7 coming to an end in 2020, and Windows 10 being essentially
> spyware, I am seriously looking for an alternative system.  I have
> been using Debian on my 2nd computer for a few years now and I am
> quite comfortable with the basics of the operating system so Debian
> is my first choice.  But if Iceweasel incorporates those Firefox
> features, I would have to also switch away from Debian.

Take a look at Opera.  Lots of others, too, out there.

B

Re: Debian and Firefox/Iceweasel

[arian]

> Debian's Gnome uses Iceweasel much like Windows uses IE. 
I'm not really sure what you mean. It's Debians default browser in the way I 
think IE is currently Windows' default browser, but it's not used outside of 
being used as a browser. Many programs use some flavor of webkit for the like 
of displaying help pages. Which is what IE also does or at least did on Windows.

> MY QUESTION:  Would Iceweasel also be incorporating those bothersome features 
> in the near future?  If so, would it be possible to use Debian without 
> Iceweasel or any Mozilla product? 

Iceweasel _is_ firefox, it just has some branding like name and artwork 
replaced. Also, the dispute that lead to this was recently settled, and 
debian's firefox will be called firefox again [1]

I have not witnessed the three you mentioned on my own, but that does not mean 
its not there and it never will be. If these features are provided by nonfree 
software, like html5-drm is, debian will not allow that into main and contrib - 
but mozilla would not include non-free in their products. They might create 
interfaces for that though, like they did with html5-drm. Note that iceweasel 
not supporting screen sharing does not make you that more safe from an attacker 
breaking into iceweasel and using it as screen sharing tool: There is nothing 
to prevent any X client from taking screen shots. Of course that assumes 
firefox' screen sharing only becomes active at your request.

But it is totally possible to ditch firefox/iceweasel and the other mozilla 
products, there are plenty of other browsers:

# aptitude show www-browser
No current or candidate version found for www-browser
Package: www-browser
State: not a real package
Provided by: chimera2 (2.0a19-8+b2), chromium (47.0.2526.80-1~deb8u1), chromium
 (48.0.2564.116-1), conkeror (1.0~~pre-1+git141025-1), conkeror
 (1.0~~pre-1+git160130-1), dillo (3.0.4-2+b1), dillo (3.0.5-2), dwb 
(20140702hg-2),
 dwb (20150419git-2+b1), edbrowse (3.5.1-1), edbrowse (3.6.0.1-1), 
elinks
 (0.12~pre6-11+b2), elinks (0.12~pre6-5+b2), epiphany-browser 
(3.14.1-1),
 epiphany-browser (3.18.4-1), hv3 (3.0~fossil20110109-6), iceweasel
 (38.5.0esr-1~deb8u2), iceweasel (44.0.2-1), iceweasel (45.0~b5-1), 
konqueror
 (4:15.08.3-1), konqueror (4:15.12.1-1), konqueror (4:4.14.2-1), 
links (2.12-1+b1),
 links (2.8-2+b3), links2 (2.12-1+b1), links2 (2.8-2+b3), lynx 
(2.8.9dev8-4),
 lynx-cur (2.8.9dev1-2+deb8u1), midori (0.5.11-ds1-2), netrik 
(1.16.1-1.1), netrik
 (1.16.1-2), netsurf (3.2+dfsg-2), netsurf (3.2+dfsg-2.2), 
netsurf-fb
 (3.2+dfsg-2+b1), netsurf-fb (3.2+dfsg-2.2+b1), netsurf-gtk 
(3.2+dfsg-2+b1),
 netsurf-gtk (3.2+dfsg-2.2+b1), qupzilla (1.8.9~dfsg1-3), surf 
(0.6-1), surf
 (0.7-1), uzbl (0.0.0~git.20120514-1.1), uzbl 
(0.0.0~git.20120514-1.2), w3m
 (0.5.3-19), w3m (0.5.3-26), xemacs21-mule (21.4.22-14), 
xemacs21-mule
 (21.4.22-14~deb8u1), xemacs21-mule-canna-wnn (21.4.22-14), 
xemacs21-mule-canna-wnn
 (21.4.22-14~deb8u1), xemacs21-nomule (21.4.22-14), xemacs21-nomule
 (21.4.22-14~deb8u1)

many of them won't be what you're looking for in a browser, but some might be. 
Every somewhat modern but mozilla stuff will use some flavour of webkit though. 
Exception to that exception: Mozilla Servo (that's not yet in debian though)
> 
> Window 7 coming to an end in 2020, and Windows 10 being essentially spyware, 
> I am seriously looking for an alternative system.  I have been using Debian 
> on my 2nd computer for a few years now and I am quite comfortable with the 
> basics of the operating system so Debian is my first choice.  But if 
> Iceweasel incorporates those Firefox features, I would have to also switch 
> away from Debian. 

Always good to hear this!

Regards, Arian

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815006



signature.asc
Description: OpenPGP digital signature

KDE 5 in Debian

[Himanshu Shekhar]

Has anyone tried installing KDE plasma desktop (KDE 5) on Debian Stable.
Yeah, it's not in stable, but is there any way to install it without losing
the benefits of Debian stable.

Also, I have Gnome already installed alongside Xfce. Would that trouble?

Debian and Firefox/Iceweasel

[H Kyu]

​Hello -

Recently, Mozilla's Firefox browser introduced a few new features that got
me to remove Firefox on my Windows PC altogether.  The features were Hello,
Camera Access (Android), and screen-sharing.  Every single one of those
features did not sit well with me from a security perspective.  On top of
that, Firefox seems to be splitting away from the Gecko engine, the Gecko
engine was the main reason for my using Firefox in the first place -
because I disliked the functional model of WebKits.  If I wanted a WebKit,
I'd have used Chrome.

Then there is the interface - I prefer the Firefox 1 interface... in fact,
I prefer the Netscape Navigator 4's interface even better - practical and
informational.  I like my status bar, and all my buttons showing all the
time, even if disabled.  I like status indicators, which includes
grayed-out buttons.  I also prefer the old settings screen where the
browser remembers the last settings tab, and I can see all the settings
without scrolling.  I am still amazed at the fact that Firefox would just
abandon their core fans and move away to cater to others.

Debian's Gnome uses Iceweasel much like Windows uses IE.

MY QUESTION:  Would Iceweasel also be incorporating those bothersome
features in the near future?  If so, would it be possible to use Debian
without Iceweasel or any Mozilla product?

Window 7 coming to an end in 2020, and Windows 10 being essentially
spyware, I am seriously looking for an alternative system.  I have been
using Debian on my 2nd computer for a few years now and I am quite
comfortable with the basics of the operating system so Debian is my first
choice.  But if Iceweasel incorporates those Firefox features, I would have
to also switch away from Debian.

Thanks.  - hk ​

Re: iceape availability

[Sven Hartge]

Bret Busby  wrote:
> On 26/02/2016, Peter Ludikovsky  wrote:

>> That is more than risky.
>> 1) Iceape is EOL since 2013: https://www.debian.org/security/2013/dsa-2819

> Now that has me puzzled.

> Given that iceape was (I believe) part of Debian 6, I am surprised
> that the LTS that is due to expire on Monday coming, apparently does
> not extend to packages in Debian 6, that are classified as
> "vulnerable", as is shown in this instance.

There are several packages, including Iceape, which have been marked as
unsupportable and were not part of the LTS at all. The list can be found
here:
http://anonscm.debian.org/cgit/collab-maint/debian-security-support.git/tree/security-support-ended.deb6

Grüße,
Sven.

-- 
Sigmentation fault. Core dumped.

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

[Thomas Schmitt]

Hi,

Henrique de Moraes Holschuh wrote:
> MD5 alone can be somewhat dangerous even in benevolent environments: if the
> data sets are large enough or you are just unlucky,

The size of the data set does not matter much.
As already stated, there is the Pidgeon Hole Principle, which tells
us that a 128 bit hashsum cannot be the mapping result of all inputs
of 129 bit without having 1 exp 128 collisions. Roughly each MD5
will appear twice among the messages of 129 bit length.

Since MD5 is computed bytewise, you will get about 256 times
each possible MD5 value from the set of all 17 byte inputs.


Nevertheless the size of 128 is considered sufficient for UUID.
  https://en.wikipedia.org/wiki/Universally_unique_identifier
says:

  A UUID is simply a 128-bit value. [...]
  The intent of UUIDs is to enable distributed systems to uniquely
  identify information without significant central coordination.
  In this context the word unique should be taken to mean
  "practically unique" rather than "guaranteed unique".

then comes some math
  
https://en.wikipedia.org/wiki/Universally_unique_identifier#Random_UUID_probability_of_duplicates

  "only after generating 1 billion UUIDs every second for the next 100 years,
   the probability of creating just one duplicate would be about 50%."

The only "practical" objection against MD5 in this context would be
that we first have to prove its quality of uniformly distributing the
results over the space of 2 exp 128 possible values.
  https://en.wikipedia.org/wiki/Hash_function#Uniformity

I am not aware that MD5 was accused of not having enough of this property.
This also yields the "practical" randomness which UUID presumes.
I understand the table in
  http://michiel.buddingh.eu/distribution-of-hash-values
that MD5 has denser and sparser regions, but still is quite well uniform.


As already stated too, the Birthday Paradox hits when you create a large
collection of MD5 and add more. You have to expect the first collision
after about 2 exp 64 values. (That is about the probability to get stomped
into the earth by a 10 km asteroid until tomorrow evening. So take this
as benchmark whether you should be worried about MD5 collisions.)

I also have read a good argument in this thread about the lifetime
of contemporary hardware. It gives you few chances to process 2 exp 64
data sets of 16 bytes (256 billion gigabytes).


Have a nice day :)

Thomas

Re: iceape availability

[Bret Busby]

On 26/02/2016, Peter Ludikovsky  wrote:
> That is more than risky.
> 1) Iceape is EOL since 2013: https://www.debian.org/security/2013/dsa-2819

Now that has me puzzled.

Given that iceape was (I believe) part of Debian 6, I am surprised
that the LTS that is due to expire on Monday coming, apparently does
not extend to packages in Debian 6, that are classified as
"vulnerable", as is shown in this instance.

-- 

Bret Busby
Armadale
West Australia

..

"So once you do know what the question actually is,
 you'll know what the answer means."
- Deep Thought,
 Chapter 28 of Book 1 of
 "The Hitchhiker's Guide to the Galaxy:
 A Trilogy In Four Parts",
 written by Douglas Adams,
 published by Pan Books, 1992

Re: Need mentorship and support

[Surya Saha]

Here is a little site which is good for spotting basic mistakes in shell
scripts.

http://www.shellcheck.net/

-Surya


On Thu, Feb 25, 2016 at 2:23 PM, Himanshu Shekhar 
wrote:

> Thanks a lot for reviewing the code.
> I thank you a lot.
>
> On Feb 25, 2016 9:41 PM, "Jean-Baptiste Thomas" <
> cau2jeaf1ho...@laposte.net> wrote:
> >
> > > github.com/himanshushekharb16/ProxyMan
> >
> > Hi Himanshu. Quick look at main.sh.
> >
> > 1) Some messages are written to stdout, others to stderr. I think
> > that writing everything to stderr would be preferable, if only for
> > consistency. Rule of thumb : if it's data, write to stdout ; if
> > it's messages, write to stderr, even if they're not errors. A
> > function like this is useful :
> >
> >   msg ()
> >   {
> > fmt=$1
> > shift
> > printf "myprog: $fmt\\n" "$@" >&2
> >   }
> >
> > or
> >
> >   msg ()
> >   {
> > echo myprog: "$@" >&2
> >   }
> >
> > if you prefer echo.
> >
> > 2) After "case $choice in toggle)",
> >
> >   if [ $mode == "'none'" ]; then
> >
> > is not safe. Should have double quotes around $mode.
> >
> > 3) You seem to like to quote string constants, as in
> >
> >   if [[ $4 == 'y' ]]; then
> >
> > It doesn't hurt anything, but it's completely unnecessary. Just
> > a heads-up.
> >
> > 4) exit is often called without an argument. Or not called at
> > all. A program that succeeds must exit with status zero.
> > Conversely, exiting with status zero constitutes a promise that
> > everything went well. Even if the exit status is less important
> > for interactive programs such as yours, it's a good habit to get
> > into.
> >
> > 5) There's a general lack of checking for failure of operations
> > that can fail (writing to files, copying files...).
> >
>
> I am novice to bash. In fact, I learned bash a little bit just to
> implement the idea. So, there are examples that show my immaturity. My bad!
>
> Also, I would love to know about good sources to learn and practice Bash.
> I followed "The Linux Command Line by William E. Shotts".
> > 6) Lots of variable references without double quotes around them,
> > EG when calling configure_apt(). What if, say, the password
> > contains white space or "?" or "*" or "[" ?
>
> Please tell me about how to read special characters as @, ? etc. in
> password, as @ is the point after authentication where IP starts.
>
> >
> > Sorry if this sounds like nit-picking but attention to detail is
> > a big part of quality. Good luck.
>
> Mark Zuckerberg said, "We should break things, to make them better".
> And you quoted the points where things may break.
> Thanks again. :)
>



-- 

Surya Saha
Sol Genomics Network
Boyce Thompson Institute, Ithaca, NY, USA
http://www.linkedin.com/in/suryasaha
https://twitter.com/SahaSurya

Re: Need mentorship and support

[Himanshu Shekhar]

Thanks a lot for reviewing the code.
I thank you a lot.

On Feb 25, 2016 9:41 PM, "Jean-Baptiste Thomas" 
wrote:
>
> > github.com/himanshushekharb16/ProxyMan
>
> Hi Himanshu. Quick look at main.sh.
>
> 1) Some messages are written to stdout, others to stderr. I think
> that writing everything to stderr would be preferable, if only for
> consistency. Rule of thumb : if it's data, write to stdout ; if
> it's messages, write to stderr, even if they're not errors. A
> function like this is useful :
>
>   msg ()
>   {
> fmt=$1
> shift
> printf "myprog: $fmt\\n" "$@" >&2
>   }
>
> or
>
>   msg ()
>   {
> echo myprog: "$@" >&2
>   }
>
> if you prefer echo.
>
> 2) After "case $choice in toggle)",
>
>   if [ $mode == "'none'" ]; then
>
> is not safe. Should have double quotes around $mode.
>
> 3) You seem to like to quote string constants, as in
>
>   if [[ $4 == 'y' ]]; then
>
> It doesn't hurt anything, but it's completely unnecessary. Just
> a heads-up.
>
> 4) exit is often called without an argument. Or not called at
> all. A program that succeeds must exit with status zero.
> Conversely, exiting with status zero constitutes a promise that
> everything went well. Even if the exit status is less important
> for interactive programs such as yours, it's a good habit to get
> into.
>
> 5) There's a general lack of checking for failure of operations
> that can fail (writing to files, copying files...).
>

I am novice to bash. In fact, I learned bash a little bit just to implement
the idea. So, there are examples that show my immaturity. My bad!

Also, I would love to know about good sources to learn and practice Bash. I
followed "The Linux Command Line by William E. Shotts".
> 6) Lots of variable references without double quotes around them,
> EG when calling configure_apt(). What if, say, the password
> contains white space or "?" or "*" or "[" ?

Please tell me about how to read special characters as @, ? etc. in
password, as @ is the point after authentication where IP starts.

>
> Sorry if this sounds like nit-picking but attention to detail is
> a big part of quality. Good luck.

Mark Zuckerberg said, "We should break things, to make them better".
And you quoted the points where things may break.
Thanks again. :)

Re: iceape availability

[Bret Busby]

On 26/02/2016, Peter Ludikovsky  wrote:
> That is more than risky.
> 1) Iceape is EOL since 2013: https://www.debian.org/security/2013/dsa-2819
> 2) While Ubuntu is based on Debian, there's (sometimes) a huge
> difference in the software releases shipped:
>   * libc6: 2.11 (Debian 6) vs. 2.21 (Ubuntu 15.10)
>   * libssl: 0.9.8o vs. 1.0.2d
>   * libgtk: 2.20.1 vs 2.24.28
>   So there's a good chance iceape won't even install, and if it does,
> you might experience strange behaviour, or nothing at all.
>
> Regards,
> /peter
>
> Am 25.02.2016 um 16:27 schrieb Bret Busby:
>> On 25/02/2016, Peter Ludikovsky  wrote:
>>> Hello,
>>>
>>> Yes, and no. You can run `apt-get -d install iceape`, and it will
>>> download the package, and the missing dependencies, to
>>> /var/cache/apt/archives/. However, if you want to install something on a
>>> machine without internet access you might be better off with apt-medium
>>> [1], although I never used that.
>>>
>>> And I'm sorry, but I don't understand your second question. I assume
>>> that you think that the security repository is independent of the
>>> others, but that's not so. A Debian installation usually uses 3
>>> repositories together:
>>> * A "base" repo, containing the release packages
>>> * A "security" repo, containing security fixes for those packages
>>> * An "updates" repo that serves updates for non-security relevant bugs
>>>
>>> As always, we might be able to better help you if you can give us a
>>> description of what you want to do.
>>>
>>> Regards,
>>> /peter
>>>
>>> Am 25.02.2016 um 09:32 schrieb Bret Busby:
 On 25/02/2016, Peter Ludikovsky  wrote:
> Hello,
>
> Searching for a single .deb & trying to install that is the way
> proprietary systems handle it. With Debian, and most other Linux
> distros, there's repositories, and tools to handle dependencies. Open
> a
> command line / terminal and enter
> sudo apt-get install iceape
>
> It will pull iceape, and all dependencies, from the Debian repos, and
> install them.
>
> Updates are handled similarily.
>
> Regards,
> /peter
>
> Am 25.02.2016 um 07:08 schrieb Bret Busby:
>> Hello.
>>
>> I searched for a .deb package, for iceape, so that I could download
>> the package for the iceape suite, to try to install it.
>>
>> Ahat I found, is apparently submerged in a "security pool".
>>
>> I found that what is apparently provided as the iceape suite .deb
>> package, is just something that has endless unsatisfiable
>> dependencies.
>>
>> Is an installable .deb package for the iceape suite, available?
>>
>
>

 Is there a way (a switch for the apt-get command?) to download all of
 the dependencies? I have looked at man apt-get, and, that has an
 option "download" (as opposed to install or find), but I could not
 find, from the man entry for apt-get, how to download the package and
 all of its dependencies; that is, to download the particular package,
 and, its dependency packages, so that they can be stored, and,
 installed (or, tried to be installed) on different systems as wanted.

 Also, does a means exist, for specifying a particular repository for
 only the particular instantiation of the command, so that, for
 example, as iceape is only in the security pool repository, to specify
 only for the installation of iceape (or, if it can be done, for the
 download of iceape and its dependencies, to a directory on the
 computer), the particular repository path?


>>>
>>>
>>
>> Okay.
>>
>> Explicitly, what I want to try to do, and, the reason that I want to
>> know whether the repository can be specified for only, and, limited
>> to, a single instantiation of a download or install command,  is to
>> try to install iceape on a Ubuntu installation.
>>
>> iceape has functionality that seamonkey does not have, and, the
>> specific functionality that I want, is the primary reason for me
>> wanting to try this.
>>
>> I do not know whether iceape and seamonkey can be concurrently
>> installed on the same system.
>>
>> With the LTS for Debian 6 (which I believe to be the latest version
>> operating system for which iceape is an available package), due to end
>> on Monday, I want to try an installation on a system, to install
>> iceape on a new installation of UbuntuMATE 15.10, so that I would
>> install UbuntuMATE on the system, and then try to install iceape.
>>
>
>

I am not sure how it all works out, but I have just searched, and, the
seamonkey.deb package that I have installed, and, have been running,
on my UbuntuMATE 15.10 installations, is version 2.29, which I had
understood to have been the latest available version of seamonkey, as
a deb package, and, the release date for seamonkey.deb v 2.29, appears
to be 2014-09-27, so it is 14 months old, and, that would also make it
two STS versions of Ubuntu, old (14.10->15.04->1

Re: a server question?

[Karen Lewellen]

Hi,
Let me speak to your fine questions below, the ones I can answer I mean.


On Thu, 25 Feb 2016, to...@tuxteam.de wrote:


This is Alpine complaining that it lost its connection to the
server?


yes.  I am running Alpine when it happens.



To try to help debugging the problem, it'd be useful to know

- - where Alpine is running: on the remote server? On your home
 machine?


Alpine is running on the dreamhost servers.  I access the Ubintu shell 
they provide via ssh tellnet.




- - how is Alpine connected to "its" server? POP? imap?

To the best of  my knowledge it is an imap configuration.  So I was told 
when dreamhost did the setup.



- - where is this server? Is it your provider's server? Is it
 on your machine?


My providers server.  At one time they moved my account closer, alpine 
also closes   when I follow a link in emails sometimes as well.

Thanks for providing your wisdom here!
Karen





regards
- -- t
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlbPG+IACgkQBcgs9XrR2kaikACfdcZeaNNfPxsHdrONwN3qKRvK
eQsAmwcv3kfl3dMHUHjJwbQchiDE5KXo
=roek
-END PGP SIGNATURE-

x11vnc session unrecoverable after trying to switch user in xfce

[Vyacheslav Napadovsky]

Hello.

I'm using debian 8 latest version of packages gdm3=3.14.1-7
 task-xfce-desktop=3.31+deb8u1 x11vnc=0.9.13-1.2+b2 xfswitch-plugin=0.0.1-5

(I switched to gdm3 from lightdm with "dpkg-reconfigure gdm3")

I launch x11vnc with this command line:
/usr/bin/x11vnc -norc -forever -shared -bg -rfbauth /etc/x11vnc.pass
-autoport 5900 -o /var/log/x11vnc.log

After I successfully log in into any account and then trying to switch
user, the image in VNC client become corrupted and if I reconnect with VNC
client then only black screen appears.
The issues recovered only after
systemctl restart gdm3
(even without restarting x11vnc)

Moreover, after I finish xfce session (end session), x11vnc server crashes
(although I started x11vnc with -forever option)

root@ExchangeServer:~# tail -20 /var/log/x11vnc.log
25/02/2016 18:32:31 Enabling full-color cursor updates for client ::1
25/02/2016 18:32:31 Enabling NewFBSize protocol extension for client ::1
25/02/2016 18:32:31 Switching from ZRLE to hextile Encoding for client ::1
25/02/2016 18:32:31 Pixel format for client ::1:
25/02/2016 18:32:31   32 bpp, depth 24, little endian
25/02/2016 18:32:31   true colour: max r 255 g 255 b 255, shift r 16 g 8 b 0
25/02/2016 18:32:31 no translation needed
25/02/2016 18:32:33 copy_tiles: allocating first_line at size 33
25/02/2016 18:32:36 created selwin: 0x125
25/02/2016 18:32:36 called initialize_xfixes()
25/02/2016 18:32:36 cursor_noshape_updates_clients: 0
25/02/2016 18:32:38 cursor_noshape_updates_clients: 0
25/02/2016 18:32:40 cursor_noshape_updates_clients: 0
25/02/2016 18:32:40 cursor_noshape_updates_clients: 0
25/02/2016 18:33:57 Battling with something for -norepeat!! (1 resets left)
25/02/2016 18:33:57 Disabled X server key autorepeat.
25/02/2016 18:33:57   to force back on run: 'xset r on' (2 times)
25/02/2016 18:34:04 cursor_noshape_updates_clients: 0
caught XIO error:
25/02/2016 18:34:07 deleted 32 tile_row polling images.

root@ExchangeServer:~# systemctl status x11vnc
● x11vnc.service - VNC Server for X11
   Loaded: loaded (/etc/systemd/system/x11vnc.service; static)
   Active: failed (Result: exit-code) since Чт 2016-02-25 18:34:07 MSK;
16min ago
  Process: 16565 ExecStart=/usr/bin/x11vnc -norc -forever -shared -bg
-rfbauth /etc/x11vnc.pass -autoport 5900 -o /var/log/x11vnc.log
(code=exited, status=0/SUCCESS)
 Main PID: 16664 (code=exited, status=3)

фев 25 18:32:26 ExchangeServer x11vnc[16565]: PORT=5900
фев 25 18:34:07 ExchangeServer systemd[1]: x11vnc.service: main process
exited, code=exited, status=3/NOTIMPLEMENTED
фев 25 18:34:07 ExchangeServer systemd[1]: Unit x11vnc.service entered
failed state.

Regards,
Vyacheslav Napadovsky



-- 
Vyacheslav Napadovsky

Re: iceape availability

[Peter Ludikovsky]

That is more than risky.
1) Iceape is EOL since 2013: https://www.debian.org/security/2013/dsa-2819
2) While Ubuntu is based on Debian, there's (sometimes) a huge
difference in the software releases shipped:
  * libc6: 2.11 (Debian 6) vs. 2.21 (Ubuntu 15.10)
  * libssl: 0.9.8o vs. 1.0.2d
  * libgtk: 2.20.1 vs 2.24.28
  So there's a good chance iceape won't even install, and if it does,
you might experience strange behaviour, or nothing at all.

Regards,
/peter

Am 25.02.2016 um 16:27 schrieb Bret Busby:
> On 25/02/2016, Peter Ludikovsky  wrote:
>> Hello,
>>
>> Yes, and no. You can run `apt-get -d install iceape`, and it will
>> download the package, and the missing dependencies, to
>> /var/cache/apt/archives/. However, if you want to install something on a
>> machine without internet access you might be better off with apt-medium
>> [1], although I never used that.
>>
>> And I'm sorry, but I don't understand your second question. I assume
>> that you think that the security repository is independent of the
>> others, but that's not so. A Debian installation usually uses 3
>> repositories together:
>> * A "base" repo, containing the release packages
>> * A "security" repo, containing security fixes for those packages
>> * An "updates" repo that serves updates for non-security relevant bugs
>>
>> As always, we might be able to better help you if you can give us a
>> description of what you want to do.
>>
>> Regards,
>> /peter
>>
>> Am 25.02.2016 um 09:32 schrieb Bret Busby:
>>> On 25/02/2016, Peter Ludikovsky  wrote:
 Hello,

 Searching for a single .deb & trying to install that is the way
 proprietary systems handle it. With Debian, and most other Linux
 distros, there's repositories, and tools to handle dependencies. Open a
 command line / terminal and enter
 sudo apt-get install iceape

 It will pull iceape, and all dependencies, from the Debian repos, and
 install them.

 Updates are handled similarily.

 Regards,
 /peter

 Am 25.02.2016 um 07:08 schrieb Bret Busby:
> Hello.
>
> I searched for a .deb package, for iceape, so that I could download
> the package for the iceape suite, to try to install it.
>
> Ahat I found, is apparently submerged in a "security pool".
>
> I found that what is apparently provided as the iceape suite .deb
> package, is just something that has endless unsatisfiable
> dependencies.
>
> Is an installable .deb package for the iceape suite, available?
>


>>>
>>> Is there a way (a switch for the apt-get command?) to download all of
>>> the dependencies? I have looked at man apt-get, and, that has an
>>> option "download" (as opposed to install or find), but I could not
>>> find, from the man entry for apt-get, how to download the package and
>>> all of its dependencies; that is, to download the particular package,
>>> and, its dependency packages, so that they can be stored, and,
>>> installed (or, tried to be installed) on different systems as wanted.
>>>
>>> Also, does a means exist, for specifying a particular repository for
>>> only the particular instantiation of the command, so that, for
>>> example, as iceape is only in the security pool repository, to specify
>>> only for the installation of iceape (or, if it can be done, for the
>>> download of iceape and its dependencies, to a directory on the
>>> computer), the particular repository path?
>>>
>>>
>>
>>
> 
> Okay.
> 
> Explicitly, what I want to try to do, and, the reason that I want to
> know whether the repository can be specified for only, and, limited
> to, a single instantiation of a download or install command,  is to
> try to install iceape on a Ubuntu installation.
> 
> iceape has functionality that seamonkey does not have, and, the
> specific functionality that I want, is the primary reason for me
> wanting to try this.
> 
> I do not know whether iceape and seamonkey can be concurrently
> installed on the same system.
> 
> With the LTS for Debian 6 (which I believe to be the latest version
> operating system for which iceape is an available package), due to end
> on Monday, I want to try an installation on a system, to install
> iceape on a new installation of UbuntuMATE 15.10, so that I would
> install UbuntuMATE on the system, and then try to install iceape.
> 



signature.asc
Description: OpenPGP digital signature

Re: a server question?

[tomas]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Thu, Feb 25, 2016 at 10:35:07AM -0500, Karen Lewellen wrote:
> Hi everyone,

[...]

> very very often I will be say in alpine reading my in box and
> suddenly everything freezes.
> I get an error,
> "waited 15 seconds for server to respond, still waiting."
> often this reaches a full minute then the program asks if I want to
> disconnect.
> I have asked dreamhost about the problem, since it is random and
> they cannot duplicate it, trouble shooting presents a challenge.
> For those of you who maintain your own servers tough, I am wondering
> if You might have an idea about the error?  Is there a setting or
> configuration in Alpine that might prevent it from happening?

This is Alpine complaining that it lost its connection to the
server?

To try to help debugging the problem, it'd be useful to know

- - where Alpine is running: on the remote server? On your home
  machine?

- - how is Alpine connected to "its" server? POP? imap?

- - where is this server? Is it your provider's server? Is it
  on your machine?

regards
- -- t
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlbPG+IACgkQBcgs9XrR2kaikACfdcZeaNNfPxsHdrONwN3qKRvK
eQsAmwcv3kfl3dMHUHjJwbQchiDE5KXo
=roek
-END PGP SIGNATURE-

Re: iceape availability

[Bret Busby]

On 25/02/2016, Richard Owlett  wrote:
> On 2/25/2016 7:38 AM, Lisi Reisz wrote:
>> On Thursday 25 February 2016 12:59:29 Siard wrote:
>>> On Thu, 25 Feb 2016 14:08:20 +0800, Bret Busby wrote:
 I searched for a .deb package, for iceape, so that I could download
 the package for the iceape suite, to try to install it.
>>>
>>> AFAIK, Iceape, being the Debian version of Seamonkey, has been
>>> discontinued for quite some time now. There is only an old version for
>>> squeeze (oldoldstable) in the repos.
>>
>> https://packages.debian.org/search?suite=default§ion=all&arch=any&searchon=names&keywords=Iceape
>>
>> Lisi
>>
>>
>
> That has *SECURITY* patches. But what upstream version is it
> based on? SeaMonkey is currently at 2.39 .
>
>
>

I currently have and use, seamonkey v 2.29 (.1, I think), as the
latest version of which I have been aware, has been available as a
.deb package.


-- 

Bret Busby
Armadale
West Australia

..

"So once you do know what the question actually is,
 you'll know what the answer means."
- Deep Thought,
 Chapter 28 of Book 1 of
 "The Hitchhiker's Guide to the Galaxy:
 A Trilogy In Four Parts",
 written by Douglas Adams,
 published by Pan Books, 1992

Re: a server question?

[Henning Follmann]

On Thu, Feb 25, 2016 at 10:35:07AM -0500, Karen Lewellen wrote:
> Hi everyone,
> Our nonprofit organization has an account with dreamhost.
> www.dreamhost.com
> they provide a shell using Ubuntu, which I use exclusively to manage
> things like email.
> They provide alpine, which functions for me elsewhere fine, but has
> issues on the dreamhost side.
> My question is about something more general though.
> very very often I will be say in alpine reading my in box and
> suddenly everything freezes.
> I get an error,
> "waited 15 seconds for server to respond, still waiting."
> often this reaches a full minute then the program asks if I want to
> disconnect.
> I have asked dreamhost about the problem, since it is random and
> they cannot duplicate it, trouble shooting presents a challenge.
> For those of you who maintain your own servers tough, I am wondering
> if You might have an idea about the error?  Is there a setting or
> configuration in Alpine that might prevent it from happening?
> Thanks,
> Karen
>


The answer is very simple. Your hoster doesn't help you ( and I really
don't care who's fault it is). They don't fullfill the needs for your
purpose. Ditch them. Find somebody who will serv you better (it might cost
you more though). Also realize that cheaper doesn't mean you will pay less.


-H
 

-- 
Henning Follmann   | hfollm...@itcfollmann.com

a server question?

[Karen Lewellen]

Hi everyone,
Our nonprofit organization has an account with dreamhost.
www.dreamhost.com
they provide a shell using Ubuntu, which I use exclusively to manage 
things like email.
They provide alpine, which functions for me elsewhere fine, but has issues 
on the dreamhost side.

My question is about something more general though.
very very often I will be say in alpine reading my in box and suddenly 
everything freezes.

I get an error,
"waited 15 seconds for server to respond, still waiting."
often this reaches a full minute then the program asks if I want to 
disconnect.
I have asked dreamhost about the problem, since it is random and they 
cannot duplicate it, trouble shooting presents a challenge.
For those of you who maintain your own servers tough, I am wondering if 
You might have an idea about the error?  Is there a setting or 
configuration in Alpine that might prevent it from happening?

Thanks,
Karen

Re: iceape availability

[Richard Owlett]

On 2/25/2016 7:38 AM, Lisi Reisz wrote:

On Thursday 25 February 2016 12:59:29 Siard wrote:

On Thu, 25 Feb 2016 14:08:20 +0800, Bret Busby wrote:

I searched for a .deb package, for iceape, so that I could download
the package for the iceape suite, to try to install it.


AFAIK, Iceape, being the Debian version of Seamonkey, has been
discontinued for quite some time now. There is only an old version for
squeeze (oldoldstable) in the repos.


https://packages.debian.org/search?suite=default§ion=all&arch=any&searchon=names&keywords=Iceape

Lisi




That has *SECURITY* patches. But what upstream version is it 
based on? SeaMonkey is currently at 2.39 .

Re: iceape availability

[Bret Busby]

On 25/02/2016, Peter Ludikovsky  wrote:
> Hello,
>
> Yes, and no. You can run `apt-get -d install iceape`, and it will
> download the package, and the missing dependencies, to
> /var/cache/apt/archives/. However, if you want to install something on a
> machine without internet access you might be better off with apt-medium
> [1], although I never used that.
>
> And I'm sorry, but I don't understand your second question. I assume
> that you think that the security repository is independent of the
> others, but that's not so. A Debian installation usually uses 3
> repositories together:
> * A "base" repo, containing the release packages
> * A "security" repo, containing security fixes for those packages
> * An "updates" repo that serves updates for non-security relevant bugs
>
> As always, we might be able to better help you if you can give us a
> description of what you want to do.
>
> Regards,
> /peter
>
> Am 25.02.2016 um 09:32 schrieb Bret Busby:
>> On 25/02/2016, Peter Ludikovsky  wrote:
>>> Hello,
>>>
>>> Searching for a single .deb & trying to install that is the way
>>> proprietary systems handle it. With Debian, and most other Linux
>>> distros, there's repositories, and tools to handle dependencies. Open a
>>> command line / terminal and enter
>>> sudo apt-get install iceape
>>>
>>> It will pull iceape, and all dependencies, from the Debian repos, and
>>> install them.
>>>
>>> Updates are handled similarily.
>>>
>>> Regards,
>>> /peter
>>>
>>> Am 25.02.2016 um 07:08 schrieb Bret Busby:
 Hello.

 I searched for a .deb package, for iceape, so that I could download
 the package for the iceape suite, to try to install it.

 Ahat I found, is apparently submerged in a "security pool".

 I found that what is apparently provided as the iceape suite .deb
 package, is just something that has endless unsatisfiable
 dependencies.

 Is an installable .deb package for the iceape suite, available?

>>>
>>>
>>
>> Is there a way (a switch for the apt-get command?) to download all of
>> the dependencies? I have looked at man apt-get, and, that has an
>> option "download" (as opposed to install or find), but I could not
>> find, from the man entry for apt-get, how to download the package and
>> all of its dependencies; that is, to download the particular package,
>> and, its dependency packages, so that they can be stored, and,
>> installed (or, tried to be installed) on different systems as wanted.
>>
>> Also, does a means exist, for specifying a particular repository for
>> only the particular instantiation of the command, so that, for
>> example, as iceape is only in the security pool repository, to specify
>> only for the installation of iceape (or, if it can be done, for the
>> download of iceape and its dependencies, to a directory on the
>> computer), the particular repository path?
>>
>>
>
>

Okay.

Explicitly, what I want to try to do, and, the reason that I want to
know whether the repository can be specified for only, and, limited
to, a single instantiation of a download or install command,  is to
try to install iceape on a Ubuntu installation.

iceape has functionality that seamonkey does not have, and, the
specific functionality that I want, is the primary reason for me
wanting to try this.

I do not know whether iceape and seamonkey can be concurrently
installed on the same system.

With the LTS for Debian 6 (which I believe to be the latest version
operating system for which iceape is an available package), due to end
on Monday, I want to try an installation on a system, to install
iceape on a new installation of UbuntuMATE 15.10, so that I would
install UbuntuMATE on the system, and then try to install iceape.

-- 

Bret Busby
Armadale
West Australia

..

"So once you do know what the question actually is,
 you'll know what the answer means."
- Deep Thought,
 Chapter 28 of Book 1 of
 "The Hitchhiker's Guide to the Galaxy:
 A Trilogy In Four Parts",
 written by Douglas Adams,
 published by Pan Books, 1992

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

[Christian Seiler]

On 02/25/2016 03:07 PM, Stefan Monnier wrote:
>> MD5 alone can be somewhat dangerous even in benevolent environments: if the
>> data sets are large enough or you are just unlucky, you are going to hit a
>> colision and corrupt-or-lose-data-on-dedup sooner or later.
> 
> [G]it doesn't seem worried about this.  Admittedly, they use sha1 rather
> than md5, so they have 160bit instead of 128bit, with a correspondingly
> lower probability of collisions, but I'd be interested to know about
> cases where md5 lead to accidental collisions.

Well, I wouldn't necessarily use that as a benchmark: git could have used
SHA2-256 from the start - it's not like SHA2 is something brand new, it
was already 4 years old when git was developed.

I haven't heard of any _accidental_ collision of either MD5 or SHA1 so
far, but I might be mistaken. (There are of course famous intentional
collisions in MD5, see .)

From a mathematical standpoint: if we assume that the values a hash may
produce are uniformly distributed and cover the entire range of possible
outputs, due to the birthday paradox accidental collisions occur every
2^(bitsize/2) inputs; for MD5 that would be 2^64, for SHA1 that would be
2^80.

Whether you can live with that is up to you.

Regards,
Christian



signature.asc
Description: OpenPGP digital signature

Re: aptitude purge vlc removes approximately 116 other KDE packages

[Lisi Reisz]

On Thursday 25 February 2016 14:12:16 Felix Miata wrote:
> Keith Christian composed on 2016-02-25 06:45 (UTC-0700):
> > Running Debian Jessie on a non-critical system at home.  Wanted to use
> > xine-ui instead of vlc as a video player, since there appeared to be
> > some sort of conflict.
> >
> > Ran aptitude -y purge vlc to do the obvious.  116 packages were
> > removed, most of the core of KDE.
> >
> > Why were so many other packages dependent on vlc?  116 removals just
> > to get rid of one package is quite alot!
>
> My guess is that the trigger was
>
>   phonon-backend-vlc
>
> that various KDE components depend on, notifications in particular.
>
> > I have the complete aptitude purge log in a file on disk so the names
> > are readily available, but, there must be a more efficient way to
> > reinstall the 116 packages.
> >
> > Is there a KDE meta-package that will install the majority of KDE that
> > was removed?
>
> Most of it will probably be picked up via one or a few:
>
>   kde-standard
>
> may be enough. Others that should help if that's not good enough, or get
> the ball rolling if you don't wish to risk overshoot:
>
>   kde-workspace
>   kde-runtime
>   kde-baseapps
>   kde-plasma-desktop
>
> If you do want the whole kitchen sink:
>
>   kde-full

But that would surely bring vlc back?  Do you know the song "There's a hole in 
my bucket, dear Eliza"?

Lisi

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

[Stefan Monnier]

>> MD5 alone can be somewhat dangerous even in benevolent environments: if the
>> data sets are large enough or you are just unlucky, you are going to hit a
>> colision and corrupt-or-lose-data-on-dedup sooner or later.
> it doesn't seem worried about this.  Admittedly, they use sha1 rather
 ^
 G


Stefan "Damn concise names!"

Re: aptitude purge vlc removes approximately 116 other KDE packages

[Felix Miata]

Keith Christian composed on 2016-02-25 06:45 (UTC-0700):

> Running Debian Jessie on a non-critical system at home.  Wanted to use
> xine-ui instead of vlc as a video player, since there appeared to be
> some sort of conflict.

> Ran aptitude -y purge vlc to do the obvious.  116 packages were
> removed, most of the core of KDE.

> Why were so many other packages dependent on vlc?  116 removals just
> to get rid of one package is quite alot!

My guess is that the trigger was

phonon-backend-vlc

that various KDE components depend on, notifications in particular.

> I have the complete aptitude purge log in a file on disk so the names
> are readily available, but, there must be a more efficient way to
> reinstall the 116 packages.

> Is there a KDE meta-package that will install the majority of KDE that
> was removed?

Most of it will probably be picked up via one or a few:

kde-standard

may be enough. Others that should help if that's not good enough, or get the
ball rolling if you don't wish to risk overshoot:

kde-workspace
kde-runtime
kde-baseapps
kde-plasma-desktop

If you do want the whole kitchen sink:

kde-full
-- 
"The wise are known for their understanding, and pleasant
words are persuasive." Proverbs 16:21 (New Living Translation)

 Team OS/2 ** Reg. Linux User #211409 ** a11y rocks!

Felix Miata  ***  http://fm.no-ip.com/

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

[Stefan Monnier]

> MD5 alone can be somewhat dangerous even in benevolent environments: if the
> data sets are large enough or you are just unlucky, you are going to hit a
> colision and corrupt-or-lose-data-on-dedup sooner or later.

it doesn't seem worried about this.  Admittedly, they use sha1 rather
than md5, so they have 160bit instead of 128bit, with a correspondingly
lower probability of collisions, but I'd be interested to know about
cases where md5 lead to accidental collisions.


Stefan

Re: aptitude purge vlc removes approximately 116 other KDE packages

[The Wanderer]

On 2016-02-25 at 08:45, Keith Christian wrote:

> Running Debian Jessie on a non-critical system at home.  Wanted to
> use xine-ui instead of vlc as a video player, since there appeared to
> be some sort of conflict.
> 
> Ran aptitude -y purge vlc to do the obvious.  116 packages were 
> removed, most of the core of KDE.
> 
> Why were so many other packages dependent on vlc?  116 removals just 
> to get rid of one package is quite alot!

The chain of dependencies is:

kde-runtime -> phonon -> phonon-backend | phonon-backend-vlc -> vlc

However, the 'backend' step in this chain is a virtual package; the
packages which provide it are phonon-backend-vlc,
phonon-backend-gstreamer, and phonon-backend-null. (The VLC alternative
is listed explicitly first in the phonon dependencies, which is why you
get that unless you specifically specify one of the others.)

If you install either the GStreamer or the NULL backend before purging
vlc, you should be able to avoid this massive removal set.

> I have the complete aptitude purge log in a file on disk so the
> names are readily available, but, there must be a more efficient way
> to reinstall the 116 packages.
> 
> Is there a KDE meta-package that will install the majority of KDE
> that was removed?

At first blush, you might try task-kde-desktop; that's what gets used if
you tell the Debian installer to install the KDE desktop as part of
initial system setup.

I don't know if there are suitable metapackages other than that, but you
might be best off with a manual install action based on the packages
listed in your log file.

-- 
   The Wanderer

The reasonable man adapts himself to the world; the unreasonable one
persists in trying to adapt the world to himself. Therefore all
progress depends on the unreasonable man. -- George Bernard Shaw



signature.asc
Description: OpenPGP digital signature

Re: Warning Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

[Henrique de Moraes Holschuh]

On Tue, 23 Feb 2016, David Wright wrote:
> 1) I do what fdupes does, ie identify files (in a benevolent
>environment) using the MD5 signature to detect duplicate
>contents.

MD5 alone can be somewhat dangerous even in benevolent environments: if the
data sets are large enough or you are just unlucky, you are going to hit a
colision and corrupt-or-lose-data-on-dedup sooner or later.

At least use data-size + hash.  But even that won't save you for
colisions... the "full fix" is to use the hash (or size + hash) as a screen
to detect possible matches: when it matches, compare the two data-sets to
ensure they're really equal before you trigger the dedup.

I am not going to bother with the detail that you need to ensure one of the
data sets can't/didn't change under you between the comparison and the dedup
getting commited to storage.

> 2) In view of your statement that faster hashes exist, I would
>like to explore replacing my use of MD5 by such a hash.

Any wide-enough hash will do if you use it just for screening, where you
don't care for for any security properties of the hash.  And at that point,
you might as well use a wide-enough CRC (ensure it is vectorizable and get
the compiler to vectorize it!) if it proves to be faster than crypto
hashes...

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

aptitude purge vlc removes approximately 116 other KDE packages

[Keith Christian]

Running Debian Jessie on a non-critical system at home.  Wanted to use
xine-ui instead of vlc as a video player, since there appeared to be
some sort of conflict.

Ran aptitude -y purge vlc to do the obvious.  116 packages were
removed, most of the core of KDE.

Why were so many other packages dependent on vlc?  116 removals just
to get rid of one package is quite alot!

I have the complete aptitude purge log in a file on disk so the names
are readily available, but, there must be a more efficient way to
reinstall the 116 packages.

Is there a KDE meta-package that will install the majority of KDE that
was removed?


Keith

Re: Configure my headless Debian server as "bluetooth loudspeaker"

[Stefan Monnier]

> http://blog.stevenocchipinti.com/2012/10/bluetooth-audio-streaming-from-phone-to.html/

> Looks like this is relevant for you.

Indeed, thank you very much!


Stefan

Re: iceape availability

[Lisi Reisz]

On Thursday 25 February 2016 12:59:29 Siard wrote:
> On Thu, 25 Feb 2016 14:08:20 +0800, Bret Busby wrote:
> > I searched for a .deb package, for iceape, so that I could download
> > the package for the iceape suite, to try to install it.
>
> AFAIK, Iceape, being the Debian version of Seamonkey, has been
> discontinued for quite some time now. There is only an old version for
> squeeze (oldoldstable) in the repos.

https://packages.debian.org/search?suite=default§ion=all&arch=any&searchon=names&keywords=Iceape

Lisi

Re: iceape availability

[Siard]

On Thu, 25 Feb 2016 14:08:20 +0800, Bret Busby wrote:
> I searched for a .deb package, for iceape, so that I could download
> the package for the iceape suite, to try to install it.

AFAIK, Iceape, being the Debian version of Seamonkey, has been
discontinued for quite some time now. There is only an old version for
squeeze (oldoldstable) in the repos.

You'd better get Seamonkey itself from here:
www.seamonkey-project.org/releases/
No need to install it. Just execute 'seamonkey' in the extracted folder.

Need mentorship and support

[Himanshu Shekhar]

I made some bash scripts to set proxy on a standard Debian /  Ubuntu
distribution about a month ago.
The tool works well. However, I would love that to be included as a part of
the base system because present systems lack some features as
authentication and a normal user would not like to fall into the
complications of configuration files.

I would like to get some support about creating installable packages or how
to ensure proper future of the small piece of code I made.
Also, it would be great if the code works across distributions and shell
environments.

The project link is below. Pull requests are welcome. You are welcome to
contribute.

github.com/himanshushekharb16/ProxyMan

To use the code, obtain it from
github.com/himanshushekharb16/ProxyMan/releases

Looking forward for your responses.

Re: aptitude program list

[Jörg-Volker Peetz]

Richard Hector wrote on 02/25/16 00:35:
> On 25/02/16 09:18, Jörg-Volker Peetz wrote:
>> Better generate such a list with aptitude itself which allows to
>> exclude automatically installed packages
>>
>> aptitude -F "%p" '~i!~M' > list_of_packages_manually_installed
> 
> Or perhaps
> 
>   aptitude search -F "%p" '~i!~M' > list_of_packages_manually_installed
> 
> Richard

Yes, sure. Thanks for the correction.

Regards,
jvp.

Re: iceape availability

[Darac Marjal]

On Thu, Feb 25, 2016 at 04:32:47PM +0800, Bret Busby wrote:

On 25/02/2016, Peter Ludikovsky  wrote:

Hello,

Searching for a single .deb & trying to install that is the way
proprietary systems handle it. With Debian, and most other Linux
distros, there's repositories, and tools to handle dependencies. Open a
command line / terminal and enter
sudo apt-get install iceape

It will pull iceape, and all dependencies, from the Debian repos, and
install them.

Updates are handled similarily.

Regards,
/peter

Am 25.02.2016 um 07:08 schrieb Bret Busby:

Hello.

I searched for a .deb package, for iceape, so that I could download
the package for the iceape suite, to try to install it.

Ahat I found, is apparently submerged in a "security pool".

I found that what is apparently provided as the iceape suite .deb
package, is just something that has endless unsatisfiable
dependencies.

Is an installable .deb package for the iceape suite, available?






Is there a way (a switch for the apt-get command?) to download all of
the dependencies? I have looked at man apt-get, and, that has an
option "download" (as opposed to install or find), but I could not
find, from the man entry for apt-get, how to download the package and
all of its dependencies; that is, to download the particular package,
and, its dependency packages, so that they can be stored, and,
installed (or, tried to be installed) on different systems as wanted.


Sounds like you might want to look at apt-zip. (Disclaimer: It's been a 
while since I actually used apt-zip, so someone might be able to point 
to something better). This is intended for offline machines to get their 
updates using a ZIP disk or similar.  The idea is that you install 
apt-zip onto the offline machine and then run something like


$ apt-zip-list --packages=iceape --medium=/mnt/zipdisk

This will produce a script which calls 'wget' to download iceape and all 
required packages (note: it won't download ALL the dependencies, just 
those missing from the offline system - ALL dependencies would probably 
include parts of the base system, which you should already have).


You can run the produced script on an online system (you can even run it 
on Windows, with a bit of work) to download all the debs to the transfer 
disk. Then, when you bring the disk back to the offline system, you'd 
run


$ apt-zip-inst --medium=/mnt/zipdisk

to install the new packages.



Also, does a means exist, for specifying a particular repository for
only the particular instantiation of the command, so that, for
example, as iceape is only in the security pool repository, to specify
only for the installation of iceape (or, if it can be done, for the
download of iceape and its dependencies, to a directory on the
computer), the particular repository path?




--
For more information, please reread.


signature.asc
Description: PGP signature

Re: iceape availability

[Peter Ludikovsky]

Hello,

Yes, and no. You can run `apt-get -d install iceape`, and it will
download the package, and the missing dependencies, to
/var/cache/apt/archives/. However, if you want to install something on a
machine without internet access you might be better off with apt-medium
[1], although I never used that.

And I'm sorry, but I don't understand your second question. I assume
that you think that the security repository is independent of the
others, but that's not so. A Debian installation usually uses 3
repositories together:
* A "base" repo, containing the release packages
* A "security" repo, containing security fixes for those packages
* An "updates" repo that serves updates for non-security relevant bugs

As always, we might be able to better help you if you can give us a
description of what you want to do.

Regards,
/peter

Am 25.02.2016 um 09:32 schrieb Bret Busby:
> On 25/02/2016, Peter Ludikovsky  wrote:
>> Hello,
>>
>> Searching for a single .deb & trying to install that is the way
>> proprietary systems handle it. With Debian, and most other Linux
>> distros, there's repositories, and tools to handle dependencies. Open a
>> command line / terminal and enter
>> sudo apt-get install iceape
>>
>> It will pull iceape, and all dependencies, from the Debian repos, and
>> install them.
>>
>> Updates are handled similarily.
>>
>> Regards,
>> /peter
>>
>> Am 25.02.2016 um 07:08 schrieb Bret Busby:
>>> Hello.
>>>
>>> I searched for a .deb package, for iceape, so that I could download
>>> the package for the iceape suite, to try to install it.
>>>
>>> Ahat I found, is apparently submerged in a "security pool".
>>>
>>> I found that what is apparently provided as the iceape suite .deb
>>> package, is just something that has endless unsatisfiable
>>> dependencies.
>>>
>>> Is an installable .deb package for the iceape suite, available?
>>>
>>
>>
> 
> Is there a way (a switch for the apt-get command?) to download all of
> the dependencies? I have looked at man apt-get, and, that has an
> option "download" (as opposed to install or find), but I could not
> find, from the man entry for apt-get, how to download the package and
> all of its dependencies; that is, to download the particular package,
> and, its dependency packages, so that they can be stored, and,
> installed (or, tried to be installed) on different systems as wanted.
> 
> Also, does a means exist, for specifying a particular repository for
> only the particular instantiation of the command, so that, for
> example, as iceape is only in the security pool repository, to specify
> only for the installation of iceape (or, if it can be done, for the
> download of iceape and its dependencies, to a directory on the
> computer), the particular repository path?
> 
> 



signature.asc
Description: OpenPGP digital signature

Re: iceape availability

[Petter Adsen]

On Thu, 25 Feb 2016 16:32:47 +0800
Bret Busby  wrote:

> Is there a way (a switch for the apt-get command?) to download all of
> the dependencies? I have looked at man apt-get, and, that has an
> option "download" (as opposed to install or find), but I could not
> find, from the man entry for apt-get, how to download the package and
> all of its dependencies; that is, to download the particular package,
> and, its dependency packages, so that they can be stored, and,
> installed (or, tried to be installed) on different systems as wanted.

Try 'sudo apt-get install --download-only packagename'. Any downloaded
packages should end up in /var/cache/apt/archives.

Petter

-- 
"I'm ionized"
"Are you sure?"
"I'm positive."

Re: iceape availability

[Bret Busby]

On 25/02/2016, Peter Ludikovsky  wrote:
> Hello,
>
> Searching for a single .deb & trying to install that is the way
> proprietary systems handle it. With Debian, and most other Linux
> distros, there's repositories, and tools to handle dependencies. Open a
> command line / terminal and enter
> sudo apt-get install iceape
>
> It will pull iceape, and all dependencies, from the Debian repos, and
> install them.
>
> Updates are handled similarily.
>
> Regards,
> /peter
>
> Am 25.02.2016 um 07:08 schrieb Bret Busby:
>> Hello.
>>
>> I searched for a .deb package, for iceape, so that I could download
>> the package for the iceape suite, to try to install it.
>>
>> Ahat I found, is apparently submerged in a "security pool".
>>
>> I found that what is apparently provided as the iceape suite .deb
>> package, is just something that has endless unsatisfiable
>> dependencies.
>>
>> Is an installable .deb package for the iceape suite, available?
>>
>
>

Is there a way (a switch for the apt-get command?) to download all of
the dependencies? I have looked at man apt-get, and, that has an
option "download" (as opposed to install or find), but I could not
find, from the man entry for apt-get, how to download the package and
all of its dependencies; that is, to download the particular package,
and, its dependency packages, so that they can be stored, and,
installed (or, tried to be installed) on different systems as wanted.

Also, does a means exist, for specifying a particular repository for
only the particular instantiation of the command, so that, for
example, as iceape is only in the security pool repository, to specify
only for the installation of iceape (or, if it can be done, for the
download of iceape and its dependencies, to a directory on the
computer), the particular repository path?


-- 

Bret Busby
Armadale
West Australia

..

"So once you do know what the question actually is,
 you'll know what the answer means."
- Deep Thought,
 Chapter 28 of Book 1 of
 "The Hitchhiker's Guide to the Galaxy:
 A Trilogy In Four Parts",
 written by Douglas Adams,
 published by Pan Books, 1992

Re: Encrypted PDF isn't

[Richard Hector]

On 25/02/16 18:23, David Wright wrote:
> On Wed 24 Feb 2016 at 23:10:42 (+), Lisi Reisz wrote:
>>> On Wednesday 24 February 2016 21:16:46 David Wright wrote:
> encrypted.pdf
>>> 
>>> No, sadly it is not!
>>> 
>>> Sorry, David. ;-)
> Well it turns out that the problem has affected other people, eg 
> http://superuser.com/questions/983368/both-pdftk-and-qpdf-fail-at-protecting-my-documents
>
> 
(still unanswered), but
> https://en.wikipedia.org/wiki/Portable_Document_Format#Security_and_signatures
>
> 
knows the answer. You have to encrypt with
> $ pdftk secret.pdf output /tmp/encrypted.pdf user_pw foo
> 
> The man page for pdftk is therefore quite wrong when it says:
> 
> Encrypt a PDF using 128-bit strength (the default), withhold all
> permissions (the default) pdftk 1.pdf output 1.128.pdf owner_pw
> foopass
> 
> The owner_pw seems to be quite farcical when writing a pdf. 
> However, if you set both passwords (with different keys), giving 
> either key will decrypt it:
> 
> $ pdftk secret.pdf output /tmp/encrypted.pdf user_pw foo owner_pw
> bar $ pdftk /tmp/encrypted.pdf input_pw foo cat output
> /tmp/u-used.pdf WARNING: The creator of the input PDF: 
> /tmp/encrypted.pdf has set an owner password (which is not required
> to handle this PDF). You did not supply this password. Please
> respect any copyright. $ pdftk /tmp/encrypted.pdf input_pw bar cat
> output /tmp/o-used.pdf $
> 
> (Both /tmp/u-used.pdf and /tmp/o-used.pdf are decrypted.)

Not just the man page is wrong; if you add 'verbose' to the end of
your original commandline, it will tell you clearly that the output
will be encrypted (128 bit). Which of course it isn't.

I take it you'll be filing a bug?

Richard