Re: crc not installed but rsync using it? ...

[Fabrice BAUZAC-STEHLY]

David Wright writes:

> On Tue 29 Sep 2020 at 15:50:35 (+0200), Albretch Mueller wrote:
>>  But how could you have some assurance that that data relates to what
>> their users thought of to be?
>
> You can't. That's not what CRCs are for. They're not cryptographic,
> so they are useless for any type of assurance that the data is intact.

More precisely, hashes that are not cryptographic-grade are useless for
assurance that the data has not been modified by a third-party.  They
can still be useful for assurance that data has not been altered by wire
issues and other physical (non-human) issues.

--
Fabrice BAUZAC-STEHLY
PGP 015AE9B25DCB0511D200A75DE5674DEA514C891D

Re: crc not installed but rsync using it? ...

[Andrei POPESCU]

On Ma, 29 sep 20, 16:20:10, Albretch Mueller wrote:
> 
>  I don't know of a single "secure"/"private" OS, software stack or any
> such approaches being taken seriously. Do you?

Tails: https://tails.boum.org/

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: crc not installed but rsync using it? ...

[Dan Ritter]

David Wright wrote: 
> On Tue 29 Sep 2020 at 15:50:35 (+0200), Albretch Mueller wrote:
> > On 9/24/20, Reco  wrote:
> > > On Thu, Sep 24, 2020 at 05:50:16PM +0200, Albretch Mueller wrote:
> > >> >> How do I get all packages to be locally installed using dpkg from a
> > >> >> public Windows machine?
> > >> >
> > >> > I'm not sure I understand this question or how it relates to the
> > >> > previous one.
> > >>
> > >>  How do I get the deb files in order to install locally (via dpkg
> > >> --install) the necessary utilities to run CRC32 and/or CRC64
> > >
> > > Typical Debian install has perl already, so you don't have to install
> > > anything - [1].
> > >
> > > [1] http://billauer.co.il/blog/2011/05/perl-crc32-crc-xs-module/
> > 
> >  But I don't see anything when I go:
> > 
> >  which crc, crc32, crc64 ...
> 
> Imagine you did find an executable called crc32. What would you do
> with it?
> 
> You find some data that's in an archive file called foo.zap. The
> program zap claims to include a crc32 check within the archive.
> Do you expect to type   crc32 --check foo.zap   and get some
> meaningful output, or what?

Would it be useful to suggest Reflections on Trusting Trust?
https://www.win.tue.nl/~aeb/linux/hh/thompson/trust.html

-dsr-

Re: crc not installed but rsync using it? ...

[David Wright]

On Tue 29 Sep 2020 at 15:50:35 (+0200), Albretch Mueller wrote:
> On 9/24/20, Reco  wrote:
> > On Thu, Sep 24, 2020 at 05:50:16PM +0200, Albretch Mueller wrote:
> >> >> How do I get all packages to be locally installed using dpkg from a
> >> >> public Windows machine?
> >> >
> >> > I'm not sure I understand this question or how it relates to the
> >> > previous one.
> >>
> >>  How do I get the deb files in order to install locally (via dpkg
> >> --install) the necessary utilities to run CRC32 and/or CRC64
> >
> > Typical Debian install has perl already, so you don't have to install
> > anything - [1].
> >
> > [1] http://billauer.co.il/blog/2011/05/perl-crc32-crc-xs-module/
> 
>  But I don't see anything when I go:
> 
>  which crc, crc32, crc64 ...

Imagine you did find an executable called crc32. What would you do
with it?

You find some data that's in an archive file called foo.zap. The
program zap claims to include a crc32 check within the archive.
Do you expect to type   crc32 --check foo.zap   and get some
meaningful output, or what?

On Tue 29 Sep 2020 at 15:48:09 (+0200), Albretch Mueller wrote:
> On 9/26/20, Michael Stone  wrote:
> > On Sat, Sep 26, 2020 at 02:11:30PM +0200, Albretch Mueller wrote:
> >>On 9/25/20, Michael Stone  wrote:
> >>> Just one would be good enough (pick the sha256sum). What you're doing is
> >>> a waste of time. If you want to future proof then use sha3, via the
> >>> rhash package.
> >>
> >> Something that I have noticed is that texts are too close to people's
> >>hearts to expect for people to just be technical about them. I use
> >>those three algorithms because some people "understand", md5 and not
> >>sha###sum. I mean, you may get some legacy data with their md5sum but
> >>the maintainers of the data may not be around. Once I found an rsync
> >>log that included the CRC signatures, that is why I include these
> >>kinds fo algorithms.
> >
> > Sorry, still makes no sense and is a waste of time. You're creating new
> > hashes right now, it doesn't matter if someone else might have made some
> > other hash some other time.
> 
>  But how could you have some assurance that that data relates to what
> their users thought of to be?

You can't. That's not what CRCs are for. They're not cryptographic,
so they are useless for any type of assurance that the data is intact.
Anyone modifying the data merely has to recalculate a new CRC and
substitute is for the original.

CRCs are a quick check on data segments when you're transmitting
segments of a file. If a CRC doesn't agree with its segment, you
ask for its retransmission. At the end of the transfer, you might
do a final CRC check on the whole file, for speed, but it would
be pointless to keep the number, as compared with checking the
file's MD5/SHAnnn digest if that had been archived. That's why
md5sum and shaNNNsum have a -c option.

Cheers,
David.

Re: crc not installed but rsync using it? ...

[Reco]

Hi.

On Tue, Sep 29, 2020 at 03:50:35PM +0200, Albretch Mueller wrote:
> On 9/24/20, Reco  wrote:
> > On Thu, Sep 24, 2020 at 05:50:16PM +0200, Albretch Mueller wrote:
> >> >> How do I get all packages to be locally installed using dpkg from a
> >> >> public Windows machine?
> >> >
> >> > I'm not sure I understand this question or how it relates to the
> >> > previous one.
> >>
> >>  How do I get the deb files in order to install locally (via dpkg
> >> --install) the necessary utilities to run CRC32 and/or CRC64
> >
> > Typical Debian install has perl already, so you don't have to install
> > anything - [1].
> >
> > [1] http://billauer.co.il/blog/2011/05/perl-crc32-crc-xs-module/
> 
>  But I don't see anything when I go:
> 
>  which crc, crc32, crc64 ...

What I meant is it's trivial to implement these in perl, as [1] shows
us.

Reco

Re: crc not installed but rsync using it? ...

[Albretch Mueller]

> If you want to defend against on-disk corruption, use ZFS.

> If you want to be alerted to every change to a set of files, use
> tripwire or aide. Both are packaged for Debian.

> ...

 Really?!? Well, I would say that is only part of the story and not
even the most interesting one. I am amazed to notice at times
technical people talking like it is all so obvious that if you don't
see things that way it is because "you are 'too' paranoid".

> Your paranoia is excessive ...

 Or maybe your normalcy bias is? or both?

On 9/25/20, Michael Stone  wrote:
> On Fri, Sep 25, 2020 at 09:01:26AM -0400, Gene Heskett wrote:
>>Your paranoia is excessive. I have 5 machines online ATM, but they are
>>all on a local network in the 1902.168.xx.xx block, which is NOT
>>routable from the internet but are NAT'd to my net address by having
>>such a setup in a router running dd-wrt. In nearly 2 decades, no one has
>>come into my systems from the internet that I didn't give the
>>credentials to do so.
>
> You post this all the time, but it's irrelevant at best and misleading
> at worst. On a default debian system these days an external firewall is
> basically a noop because there are no services listening. The attack
> vector in modern environments is much more likely to be client exploits
> (e.g., web browser) and a perimeter firewall adds zero protection from
> that threat.
>
> And, honestly, most people who are compromised have no clue that they
> are unless someone tells them.

 Thank you! This I am relating may be considered to be totally off
topic in the Debian Linux mailing list by most people or maybe not. In
my case I have constantly noticed how they use js to own my box, from
blocking access to certain sites, to multiversing real time the sites
I go to. Just to cite an example, you google your crush or go to her
pages and what you get are pages with people with bruises on their
faces, pictures of bed bugs, bed bugs' bites on people's skin, ...
They also make single individuals and a bunch of "social
responsibility committee" kinds of people scratch their body around in
quite theatrical ways when you are on the streets:

 
https://theintercept.com/2016/04/09/fbis-shared-responsibility-committees-to-identify-radicalized-muslims-raises-alarms/

 You could figure out what would happen next and who could possibly
horizontally and vertically orchestrate, coordinate, pay and legally
protect the perpetrators doing such things.

 I don't know of a single "secure"/"private" OS, software stack or any
such approaches being taken seriously. Do you?

 To me those concepts are a joke when it comes to computers. IT
companies tell people: "we care about your privacy" and "We the
people" don't even realize what a callous joke that is on so many
levels. If they care about "one's own privacy" (as they say) that
tacitly means you have no privacy whatsoever! Maybe I am too old, too
romantic. It is my understanding of that thing they used to call
"privacy", it was something only one could possibly take care of by
oneself. The only "private"/"secure" way to own you computer to me (as
I heard Linus Torvalds once say making all kinds of faces) is never
connecting it to the Internet

On 9/29/20, Albretch Mueller  wrote:
> On 9/25/20, Jonathan Dowland  wrote:
>> On Thu, Sep 24, 2020 at 05:58:49PM -0500, David Wright wrote:
>>>I can't believe the answer is as simple as visiting
>>>https://packages.debian.org/index
>>>and downloading the packages you want (in binary mode).
>>
>> Plus (possibly several) iterations of downloading the dependencies,
>> and their dependencies, etc., cross-referencing against your installed
>> package list (if you have it) to trim down the list.
>
>  OK, you are talking right there about what I need:
>
>  Is there such a thing as a java program (which could be used also on
> WIndows or a mac) which you could tell which Debian package you need
> and your Debian Release and it would download all pacakges you need
> and even tell you the sequence in which  you have to install htem?
>
>>
>>
>> --
>> Please do not CC me, I am subscribed to the list.
>>
>>    Jonathan Dowland
>> ✎ j...@debian.org
>> https://jmtd.net
>>
>>
>

Re: crc not installed but rsync using it? ...

[Albretch Mueller]

On 9/25/20, Jonathan Dowland  wrote:
> On Thu, Sep 24, 2020 at 05:58:49PM -0500, David Wright wrote:
>>I can't believe the answer is as simple as visiting
>>https://packages.debian.org/index
>>and downloading the packages you want (in binary mode).
>
> Plus (possibly several) iterations of downloading the dependencies,
> and their dependencies, etc., cross-referencing against your installed
> package list (if you have it) to trim down the list.

 OK, you are talking right there about what I need:

 Is there such a thing as a java program (which could be used also on
WIndows or a mac) which you could tell which Debian package you need
and your Debian Release and it would download all pacakges you need
and even tell you the sequence in which  you have to install htem?

>
>
> --
> Please do not CC me, I am subscribed to the list.
>
> Jonathan Dowland
> ✎  j...@debian.org
>  https://jmtd.net
>
>

Re: crc not installed but rsync using it? ...

[Albretch Mueller]

On 9/24/20, Reco  wrote:
> On Thu, Sep 24, 2020 at 05:50:16PM +0200, Albretch Mueller wrote:
>> >> How do I get all packages to be locally installed using dpkg from a
>> >> public Windows machine?
>> >
>> > I'm not sure I understand this question or how it relates to the
>> > previous one.
>>
>>  How do I get the deb files in order to install locally (via dpkg
>> --install) the necessary utilities to run CRC32 and/or CRC64
>
> Typical Debian install has perl already, so you don't have to install
> anything - [1].
>
> Reco
>
> [1] http://billauer.co.il/blog/2011/05/perl-crc32-crc-xs-module/

 But I don't see anything when I go:

 which crc, crc32, crc64 ...

Re: crc not installed but rsync using it? ...

[Albretch Mueller]

On 9/26/20, Michael Stone  wrote:
> On Sat, Sep 26, 2020 at 02:11:30PM +0200, Albretch Mueller wrote:
>>On 9/25/20, Michael Stone  wrote:
>>> Just one would be good enough (pick the sha256sum). What you're doing is
>>> a waste of time. If you want to future proof then use sha3, via the
>>> rhash package.
>>
>> Something that I have noticed is that texts are too close to people's
>>hearts to expect for people to just be technical about them. I use
>>those three algorithms because some people "understand", md5 and not
>>sha###sum. I mean, you may get some legacy data with their md5sum but
>>the maintainers of the data may not be around. Once I found an rsync
>>log that included the CRC signatures, that is why I include these
>>kinds fo algorithms.
>
> Sorry, still makes no sense and is a waste of time. You're creating new
> hashes right now, it doesn't matter if someone else might have made some
> other hash some other time.

 But how could you have some assurance that that data relates to what
their users thought of to be?

Re: crc not installed but rsync using it? ...

[Michael Stone]

On Sat, Sep 26, 2020 at 02:11:30PM +0200, Albretch Mueller wrote:

On 9/25/20, Michael Stone  wrote:

Just one would be good enough (pick the sha256sum). What you're doing is
a waste of time. If you want to future proof then use sha3, via the
rhash package.


Something that I have noticed is that texts are too close to people's
hearts to expect for people to just be technical about them. I use
those three algorithms because some people "understand", md5 and not
sha###sum. I mean, you may get some legacy data with their md5sum but
the maintainers of the data may not be around. Once I found an rsync
log that included the CRC signatures, that is why I include these
kinds fo algorithms.


Sorry, still makes no sense and is a waste of time. You're creating new 
hashes right now, it doesn't matter if someone else might have made some 
other hash some other time.

Re: crc not installed but rsync using it? ...

[Dan Ritter]

mick crane wrote: 
> 
> When all this internet kicked off I thought anybody could have a go but
> apparently you need to be with a provider.

If you have enough money, skill, and time you can be your own
ISP.

The nature of "ISP" is in the first word, "Internet". It
requires you to be connected to one or more other networks. At
normal household scales, it is most cost-effective to buy that
connectivity from an entity that has infrastructure in your
area.

In the early 1990s a single T1 (1.54Mb/s bidirectional) to a larger
provide, a router, a server and a set of modems connected to phone lines
was all you needed to set up shop as a local ISP. The T1 might be 3 or 4
thousand dollars a month, so you needed a few hundred customers to break
even. If your average customer connected at 9600 baud and was online for
four hours a day, and a day is really only 12 hours long to account for
peak usage patterns, a modem and phone line could support 3 customers
and you could hang 160 modems off of that T1, so you would max out at
about 600 customers before you started getting enough complaints about
speed that they looked for someone else.

For the USA, I have great connectivity: there are three ISPs
willing to deliver consumer-class gigabit links to my house, so
I pay about 5x what I paid in 2000 for a connection 34000x
faster. And all the other services that an ISP would offer me, I
handle myself with Debian machines.

-dsr-

Re: crc not installed but rsync using it? ...

[Albretch Mueller]

On 9/25/20, Michael Stone  wrote:
> Just one would be good enough (pick the sha256sum). What you're doing is
> a waste of time. If you want to future proof then use sha3, via the
> rhash package.

 Something that I have noticed is that texts are too close to people's
hearts to expect for people to just be technical about them. I use
those three algorithms because some people "understand", md5 and not
sha###sum. I mean, you may get some legacy data with their md5sum but
the maintainers of the data may not be around. Once I found an rsync
log that included the CRC signatures, that is why I include these
kinds fo algorithms.

Re: crc not installed but rsync using it? ...

[David Wright]

On Fri 25 Sep 2020 at 10:33:51 (+0100), Jonathan Dowland wrote:
> On Thu, Sep 24, 2020 at 05:58:49PM -0500, David Wright wrote:
> > On Thu 24 Sep 2020 at 17:50:16 (+0200), Albretch Mueller wrote:
> > > >> How do I get all packages to be locally installed using dpkg from a
> > > >> public Windows machine?
> > > >
> > >  How do I get the deb files in order to install locally (via dpkg
> > > --install) the necessary utilities to run CRC32 and/or CRC64
> > 
> > I can't believe the answer is as simple as visiting
> > https://packages.debian.org/index
> > and downloading the packages you want (in binary mode).
> 
> Plus (possibly several) iterations of downloading the dependencies,
> and their dependencies, etc., cross-referencing against your installed
> package list (if you have it) to trim down the list.

Sure. One might assume that the OP is familiar with the abilites of
apt and dpkg to manipulate their lists, so that apt can do this job.

And, if not, I would suggest their taking the linux laptop to the
public Windows machine so that any iteration is short and speedy.

I wrote simple, not easy.

Cheers,
David.

Re: crc not installed but rsync using it? ...

[mick crane]

On 2020-09-25 23:42, Gene Heskett wrote:

On Friday 25 September 2020 18:10:42 Stefan Monnier wrote:


> He may have changed it, but at the time I first started using it on
> a "pc" it had to be registered before it would access the 2nd port.

I don't understand what you're referring to:
- What is the "it" that had to be registered?


That edition of dd-wrt.  You had to get a keyfile from brainslayer.  
You

didn't have to get one to go with a router version.  And it sometimes
took most of a week for him to service your key request.


- With whom/what did it have to be registered?
- What 2nd port of what?


The second ethernet port of the pc you built to run it.


When all this internet kicked off I thought anybody could have a go but 
apparently you need to be with a provider.


mick

--
Key ID4BFEBB31

Re: crc not installed but rsync using it? ...

[Stefan Monnier]

>> I don't understand what you're referring to:
>> - What is the "it" that had to be registered?
> That edition of dd-wrt.

Oooo!  You were running DD-wrt on a pc??

Indeed, OpenWRT also supports running on a PC, but it would never have
occurred to me to do that.  I'd just use Debian instead: much easier to
upgrade, for example.  Indeed, I used to run Debian on my WL-700gE just
because it was much more comfortable than OpenWRT (tho the 64MB of RAM
made `apt-get` pretty damn slow).

> You had to get a keyfile from brainslayer.

Doesn't sound like Free Software, so I would have stayed far away from it.


Stefan

Re: crc not installed but rsync using it? ...

[Gene Heskett]

On Friday 25 September 2020 18:10:42 Stefan Monnier wrote:

> > He may have changed it, but at the time I first started using it on
> > a "pc" it had to be registered before it would access the 2nd port.
>
> I don't understand what you're referring to:
> - What is the "it" that had to be registered?

That edition of dd-wrt.  You had to get a keyfile from brainslayer.  You 
didn't have to get one to go with a router version.  And it sometimes 
took most of a week for him to service your key request.

> - With whom/what did it have to be registered?
> - What 2nd port of what?

The second ethernet port of the pc you built to run it.
>
>
> Stefan


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: crc not installed but rsync using it? ...

[Stefan Monnier]

>> BTW, depending on what you expect from an "ARM board" and what you
>> consider "affordable", you could go for an actual router (many of
>> which are based on ARM nowadays).
> It has to run Debian or a Debian derivative.

I can't see any reason why you couldn't install Debian on a "Brume".
The manufacturer put a logo of Ubuntu on the product's web pages, so
they may have some Ubuntu image available.  I don't see a DTS file for
it in the vanilla Linux kernel, tho, so it might be difficult to get
up-to-date kernels in the future.


Stefan

Re: crc not installed but rsync using it? ...

[John Hasler]

Stefan writes:
> BTW, depending on what you expect from an "ARM board" and what you
> consider "affordable", you could go for an actual router (many of
> which are based on ARM nowadays).

It has to run Debian or a Debian derivative.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: crc not installed but rsync using it? ...

[Stefan Monnier]

> He may have changed it, but at the time I first started using it on 
> a "pc" it had to be registered before it would access the 2nd port.

I don't understand what you're referring to:
- What is the "it" that had to be registered?
- With whom/what did it have to be registered?
- What 2nd port of what?


Stefan

Re: crc not installed but rsync using it? ...

[Stefan Monnier]

> I have an Espressobin.  It isn't stable due to some sort of power supply
> problem (and the available schematics are incorrect). I tried three
> different units: it's a design problem.  I may go back to messing with
> it and try clocking is down, but I don't trust it now.  Too bad, because
> the specs make it ideal.  It not only has three real NICs, but it also
> has a real 1 Gbit switch.
>
> I'll look at the BPI-R1 and BPI-R2.

BTW, depending on what you expect from an "ARM board" and what you
consider "affordable", you could go for an actual router (many of which
are based on ARM nowadays).  E.g.

https://www.gl-inet.com/products/gl-mv1000/


-- Stefan

Re: crc not installed but rsync using it? ...

[Stefan Monnier]

> I have an Espressobin.  It isn't stable due to some sort of power supply
> problem (and the available schematics are incorrect).  I tried three
> different units: it's a design problem.  I may go back to messing with
> it and try clocking is down, but I don't trust it now.  Too bad, because
> the specs make it ideal.  It not only has three real NICs, but it also
> has a real 1 Gbit switch.
>
> I'll look at the BPI-R1 and BPI-R2.

I don't know anything about the BPI-R2, but the stories I've heard about
the BPI-R1 aren't much more encouraging than yours about the espressobin
(which is why so far I'm sticking to my BananaPi-based hack).

I also found the Orange Pi R1, but with 256MB it's rather underpowered
for my taste (and it's only 100Mb/s ethernets).  [ And I've had
stability problems (apparently linked to power) with my Orange Pi mini,
so I look at "orange pi" with suspicion.  ]


Stefan

Re: crc not installed but rsync using it? ...

[Brian]

On Fri 25 Sep 2020 at 17:21:03 +0100, Tixy wrote:

> On Fri, 2020-09-25 at 18:07 +0300, Andrei POPESCU wrote:
> > On Vi, 25 sep 20, 10:23:43, Michael Stone wrote:
> > > On Fri, Sep 25, 2020 at 09:01:26AM -0400, Gene Heskett wrote:
> > > > 
> [...]
> > > > such a setup in a router running dd-wrt. In nearly 2 decades, no one has
> > > > come into my systems from the internet that I didn't give the
> > > > credentials to do so.
> > > 
> > > You post this all the time, but it's irrelevant at best and misleading at
> > > worst. On a default debian system these days an external firewall is
> > > basically a noop because there are no services listening.
> > 
> > Well, besides exim (still installed by default as far as I know), CUPS 
> > (probably pulled by most DEs)
> 
> On my lamptop exim and cups are only listening on address 127.0.0.1.
> The only other listening process is init (systemd) listening on 0.0.0.0
> port 111. Hmm, that's rpcbind, installed by using NFS shares? Good job
> I have a firewall between me and the internet ;-) (But seriously, one
> thing I hadn't considerer for the very rare time I use public wifi).

An exim4 installation does indeed only listen on localhost:

  dc_local_interfaces='127.0.0.1 ; ::1'

in /etc/exim4/update-exim4.conf.conf.

Also, exim4 has Priority: optional and is no longer part of a default
installation.

The default cupsd.conf has

  Listen localhost:631

A dd-wrt based router using packet filtering contributes nothing in
this situation.

-- 
Brian.

Re: crc not installed but rsync using it? ...

[John Hasler]

Stefan writes:
> I assume you mean tho ethernet NICs (many boards have two NICs in the
> form of ethernet + wifi).

Yes, of course.  I don't want WiFi on a router and I want real NICs, not
ones faked via USB.

> I know of the BPI-R1 and BPI-R2 and the espressobin, but hopefully
> there's more.

I have an Espressobin.  It isn't stable due to some sort of power supply
problem (and the available schematics are incorrect). I tried three
different units: it's a design problem.  I may go back to messing with
it and try clocking is down, but I don't trust it now.  Too bad, because
the specs make it ideal.  It not only has three real NICs, but it also
has a real 1 Gbit switch.

I'll look at the BPI-R1 and BPI-R2.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: crc not installed but rsync using it? ...

[Gene Heskett]

On Friday 25 September 2020 12:06:07 John Hasler wrote:

> I wrote:
> > Same here, though I use a pc running Debian as a router.
>
> Gene writes:
> > ...I found I didn't have to register the router...
>
> Don't know what you mean by that. 

He may have changed it, but at the time I first started using it on 
a "pc" it had to be registered before it would access the 2nd port.  The 
router reflashes didn't need that. That was obviously more than a decade 
back up the log.

> My DSL modem is in bridge mode, of 
> course, and pppoe on the pc just works.  The old Dell I use has been
> running for about ten years now.  Will be replaced as soon as I find
> an affordable ARM board with two NICs.

Very niche market John, doubtfull now that the r-pi has been sold. We may 
find that by carefull inspection of the routers available though. But it 
won't be sold as anything but a router. We'll likely have to look thru 
the camo cloaking of its router propaganda to find it. High likelyhood 
we already have it and we've not looked in the proper place.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: crc not installed but rsync using it? ...

[Tixy]

On Fri, 2020-09-25 at 18:07 +0300, Andrei POPESCU wrote:
> On Vi, 25 sep 20, 10:23:43, Michael Stone wrote:
> > On Fri, Sep 25, 2020 at 09:01:26AM -0400, Gene Heskett wrote:
> > > 
[...]
> > > such a setup in a router running dd-wrt. In nearly 2 decades, no one has
> > > come into my systems from the internet that I didn't give the
> > > credentials to do so.
> > 
> > You post this all the time, but it's irrelevant at best and misleading at
> > worst. On a default debian system these days an external firewall is
> > basically a noop because there are no services listening.
> 
> Well, besides exim (still installed by default as far as I know), CUPS 
> (probably pulled by most DEs)

On my lamptop exim and cups are only listening on address 127.0.0.1.
The only other listening process is init (systemd) listening on 0.0.0.0
port 111. Hmm, that's rpcbind, installed by using NFS shares? Good job
I have a firewall between me and the internet ;-) (But seriously, one
thing I hadn't considerer for the very rare time I use public wifi).

-- 
Tixy

Re: crc not installed but rsync using it? ...

[Stefan Monnier]

> Will be replaced as soon as I find an affordable ARM board with
> two NICs.

Ah, yes, that.  I assume you mean tho ethernet NICs (many boards have
two NICs in the form of ethernet + wifi).

I know of the BPI-R1 and BPI-R2 and the espressobin, but hopefully
there's more.

FWIW, I use a Banana Pi where the mini-USB OTG port is used as the
second NICs (via the gether gadget).  The upside is that it frees up the
ethernet port of the computer which is connected to it, so I "daisy chained"
the second computer which I would have ideally connected to the BPI.


Stefan

Re: crc not installed but rsync using it? ...

[John Hasler]

I wrote:
> Same here, though I use a pc running Debian as a router.

Gene writes:
> ...I found I didn't have to register the router...

Don't know what you mean by that.  My DSL modem is in bridge mode, of
course, and pppoe on the pc just works.  The old Dell I use has been
running for about ten years now.  Will be replaced as soon as I find an
affordable ARM board with two NICs.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: crc not installed but rsync using it? ...

[Stefan Monnier]

>>I usually give the OP credit for not clicking on the links he runs across
>>that aren't on the up and up. I dunno, but the odor about them seems to
>>be warning enough for me.
> That's simply not true.  Compromised web sites are a thing, among
> other issues.

Yup.  The widespread existence of "bad links" that smell very strongly
does not mean that there aren't odorless "bad links".
Often, the more self-confident you are, the more vulnerable you are.


Stefan "self-confidently aware that he's quite self-confident"

Re: crc not installed but rsync using it? ...

[Michael Stone]

On Fri, Sep 25, 2020 at 10:56:56AM -0400, Gene Heskett wrote:

I usually give the OP credit for not clicking on the links he runs across
that aren't on the up and up. I dunno, but the odor about them seems to
be warning enough for me.


That's simply not true. Compromised web sites are a thing, among other 
issues.

Re: crc not installed but rsync using it? ...

[Andrei POPESCU]

On Vi, 25 sep 20, 10:23:43, Michael Stone wrote:
> On Fri, Sep 25, 2020 at 09:01:26AM -0400, Gene Heskett wrote:
> > Your paranoia is excessive. I have 5 machines online ATM, but they are
> > all on a local network in the 1902.168.xx.xx block, which is NOT
> > routable from the internet but are NAT'd to my net address by having

NAT is just a nuisance, in *both* directions.

> > such a setup in a router running dd-wrt. In nearly 2 decades, no one has
> > come into my systems from the internet that I didn't give the
> > credentials to do so.
> 
> You post this all the time, but it's irrelevant at best and misleading at
> worst. On a default debian system these days an external firewall is
> basically a noop because there are no services listening.

Well, besides exim (still installed by default as far as I know), CUPS 
(probably pulled by most DEs) and SSH server (quite common for many 
users), plenty of other softwares are listening on some port, e.g. mpd, 
syncthing (web interface), qbittorrent-nox (web interface), barrier, 
just to name a few.

Most of these have some sort of password protection available, which may 
or may not be enabled by default, assuming it's even reasonably secure.

A firewall does provide and additional layer of protection for them.

> The attack vector
> in modern environments is much more likely to be client exploits (e.g., web
> browser) and a perimeter firewall adds zero protection from that threat.

Agreed.

> And, honestly, most people who are compromised have no clue that they are
> unless someone tells them.

Agreed as well.

> Telling people that all they need to do is install a perimeter firewall and
> then they're secure is simply wrong.

Yep.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: crc not installed but rsync using it? ...

[Gene Heskett]

On Friday 25 September 2020 10:23:43 Michael Stone wrote:

> On Fri, Sep 25, 2020 at 09:01:26AM -0400, Gene Heskett wrote:
> >Your paranoia is excessive. I have 5 machines online ATM, but they
> > are all on a local network in the 1902.168.xx.xx block, which is NOT
> > routable from the internet but are NAT'd to my net address by having
> > such a setup in a router running dd-wrt. In nearly 2 decades, no one
> > has come into my systems from the internet that I didn't give the
> > credentials to do so.
>
> You post this all the time, but it's irrelevant at best and misleading
> at worst. On a default debian system these days an external firewall
> is basically a noop because there are no services listening. The
> attack vector in modern environments is much more likely to be client
> exploits (e.g., web browser) and a perimeter firewall adds zero
> protection from that threat.
>
> And, honestly, most people who are compromised have no clue that they
> are unless someone tells them.
>
> Telling people that all they need to do is install a perimeter
> firewall and then they're secure is simply wrong.

I usually give the OP credit for not clicking on the links he runs across 
that aren't on the up and up. I dunno, but the odor about them seems to 
be warning enough for me.  If OTOH, the OP succumbs, then he/she is 
going to get bit eventually and there is little you or I can do to stop 
it.

It all boils down to a believeing in TANSTAAFL. We both obviously have 
experiences going back decades, and thats my experience. I find 
TANSTAAFL to be a law that you can't break if you tried. Like a western 
actor whose real name was Marion Morrison once said, stupid should hurt. 
What he didn't say was that it also should teach. And I don't believe we 
can argue about that.

Stay safe and well Michael.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: crc not installed but rsync using it? ...

[Andrei POPESCU]

On Vi, 25 sep 20, 13:49:25, Albretch Mueller wrote:
> 
>  My thinking may (once again) be a bit unhinged, but I would use,
> e.g., crc because it internatlly used by rsync, which I also use in my
> code.

Just for the archives, rsync is using MD5, and only if you specify the 
--checksum option.

Still unclear why the algorithm used by rsync is relevant in any way...

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: crc not installed but rsync using it? ...

[Michael Stone]

On Fri, Sep 25, 2020 at 09:01:26AM -0400, Gene Heskett wrote:

Your paranoia is excessive. I have 5 machines online ATM, but they are
all on a local network in the 1902.168.xx.xx block, which is NOT
routable from the internet but are NAT'd to my net address by having
such a setup in a router running dd-wrt. In nearly 2 decades, no one has
come into my systems from the internet that I didn't give the
credentials to do so.


You post this all the time, but it's irrelevant at best and misleading 
at worst. On a default debian system these days an external firewall is 
basically a noop because there are no services listening. The attack 
vector in modern environments is much more likely to be client exploits 
(e.g., web browser) and a perimeter firewall adds zero protection from 
that threat. 

And, honestly, most people who are compromised have no clue that they 
are unless someone tells them.


Telling people that all they need to do is install a perimeter firewall 
and then they're secure is simply wrong.

Re: crc not installed but rsync using it? ...

[Gene Heskett]

On Friday 25 September 2020 09:25:20 John Hasler wrote:

> Gene writes:
> > No you are not the only one, but you are a minority that does not
> > always want to understand how to use the internet and be safe at the
> > same time.  It can be done, I'm doing it.  And I've been doing it
> > since the later 90's.
>
> Same here, though I use a pc running Debian as a router.

I did too, John H., until that PC upchucked something over a decade back, 
and I found I didn't have to register the router, much much easier to 
maintain. The CF boot media for the PC was a PITA. Lasted 6 months at 
best with the ext3 filesystem abusing it. And used around 200 watts. The 
Buffalo Netfinity router might use 10 watts.  With the radio turned off, 
even less.

Stay safe and well, John.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: crc not installed but rsync using it? ...

[Michael Stone]

On Fri, Sep 25, 2020 at 01:49:25PM +0200, Albretch Mueller wrote:

I have losts of (not necessarily all) text files (say in the 10 of
thousands) in various directories which I need to process in a batch,
but before I do that I want to make sure that I get a baseline of the
source files. I use:

a)  crc
b)  md5sum
c) sha###sum

because those are three different checksum utilities based on
different algorithms which work fast enough and offer a set signatures
which are good enough.


Just one would be good enough (pick the sha256sum). What you're doing is 
a waste of time. If you want to future proof then use sha3, via the 
rhash package.

Re: crc not installed but rsync using it? ...

[John Hasler]

Gene writes:
> No you are not the only one, but you are a minority that does not
> always want to understand how to use the internet and be safe at the
> same time.  It can be done, I'm doing it.  And I've been doing it
> since the later 90's.

Same here, though I use a pc running Debian as a router.

-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: crc not installed but rsync using it? ...

[Gene Heskett]

On Friday 25 September 2020 07:54:54 Albretch Mueller wrote:

> On 9/25/20, Greg Wooledge  wrote:
> > On Thu, Sep 24, 2020 at 05:58:49PM -0500, David Wright wrote:
> >> On Thu 24 Sep 2020 at 17:50:16 (+0200), Albretch Mueller wrote:
> >> > >> How do I get all packages to be locally installed using dpkg
> >> > >> from a public Windows machine?
> >> >
> >> > Why do you think you need to do this? What do you hope to achieve
> >> > by doing this?
> >>
> >> Perhaps the answer might be hinted at in postings like:
> >> https://lists.debian.org/debian-user/2019/10/msg00449.html
> >> https://lists.debian.org/debian-user/2020/08/msg00352.html
>
>  Yes, I am the one who posted both messages and, as I said, in my kind
> of reality I can't "simply" connect my work computer to the Internet
> and "just" go: apt-get ...
>
Your paranoia is excessive. I have 5 machines online ATM, but they are 
all on a local network in the 1902.168.xx.xx block, which is NOT 
routable from the internet but are NAT'd to my net address by having 
such a setup in a router running dd-wrt. In nearly 2 decades, no one has 
come into my systems from the internet that I didn't give the 
credentials to do so. dns is handled by host files locally, but a name 
that is unk to the host files is sent to the router where the resolution 
is done by my ISP's dns servers. Each of those machines has a cron job 
that updates software availability of updates on a daily basis, and thet 
can indeed sudo apt-get update|list --upgradable|upgrade.  Each can also 
run a browser and download an appimage, dpkg, tarball or whatever from 
any site on the net serving it.

Your inability to look at "security" in light of what is available to 
keep you secure, on a 24/7/365 basis by spending maybe $70 US on a 
router capable of being reflashed to run something like dd-wrt (theres 3 
or so others that can also do this) to serve as your guard dog, is a 
poor excuse indeed.

I even serve up my web pages such as they are, from this machine, but my 
connection is cheap and slow, so I do run a second copy of iptables on 
this machine which currently has 102 bot addresses blocked. It seems 
they want to mirror my site which uses up my upload bandwidth, 
constituting a DDOS.

I don't mind their indexing it, so the search engines can serve the 
results, but the minute I see them downloading everything they can 
touch, they get added to iptables and dropped.  Those blocked addy's 
are, because they are moved around to get around such blocking about 
weekly, are blocked on a /24, or for the bigger offenders, a /16 basis.  
That also blocks their paying subscribers too, but I officially don't 
care that they choose to use an ISP that also abuses the net residents  
like that.  Is it a war?  Sure it is, but computers never sleep, they 
can stand guard while you are sleeping. They don't need a vacation or 
time off duty.  Use them for what they are good at.
 
>  I never connect my work computer to the Internet. That is why I
> always install packages locally via dpkg, which is an option debian
> users have, no? I see a lot of people asking the same kinds of
> questiions I ask, so it seems as Lenon sang that "I am not the only
> one"

No you are not the only one, but you are a minority that does not always 
want to understand how to use the internet and be safe at the same time. 
It can be done, I'm doing it.  And I've been doing it since the later 
90's.

>  L
Like Greg,  I've said it, and done.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: crc not installed but rsync using it? ...

[Dan Ritter]

Albretch Mueller wrote: 
> On 9/24/20, Sven Hartge  wrote:
> 
> > Why do you think you need to do this? What do you hope to achieve by
> > doing this?
> 
>  I have losts of (not necessarily all) text files (say in the 10 of
> thousands) in various directories which I need to process in a batch,
> but before I do that I want to make sure that I get a baseline of the
> source files. I use:
> 
>  a)  crc
>  b)  md5sum
>  c) sha###sum
> 
>  because those are three different checksum utilities based on
> different algorithms which work fast enough and offer a set signatures
> which are good enough.
> 
>  My thinking may (once again) be a bit unhinged, but I would use,
> e.g., crc because it internatlly used by rsync, which I also use in my
> code.
> 
>  So, how do you think I can improve my baselining of the source files?

If you want to defend against on-disk corruption, use ZFS.

If you want to be alerted to every change to a set of files, use
tripwire or aide. Both are packaged for Debian.

If you want to make sure that a directory full of files doesn't
change during processing, remove your write privileges for that
directory. "sudo chmod a-w DIRECTORY" will do that.

If you want to make sure of the previous case but you are going
to run a process that runs as root and you aren't sure it won't
assign itself write privileges, "sudo chattr +i DIRECTORY" will
make it immutable.

Don't reinvent the wheel.

-dsr-

Re: crc not installed but rsync using it? ...

[Albretch Mueller]

On 9/25/20, Greg Wooledge  wrote:
> On Thu, Sep 24, 2020 at 05:58:49PM -0500, David Wright wrote:
>> On Thu 24 Sep 2020 at 17:50:16 (+0200), Albretch Mueller wrote:
>> > >> How do I get all packages to be locally installed using dpkg from a
>> > >> public Windows machine?
>
>> > Why do you think you need to do this? What do you hope to achieve by
>> > doing this?
>>
>> Perhaps the answer might be hinted at in postings like:
>> https://lists.debian.org/debian-user/2019/10/msg00449.html
>> https://lists.debian.org/debian-user/2020/08/msg00352.html

 Yes, I am the one who posted both messages and, as I said, in my kind
of reality I can't "simply" connect my work computer to the Internet
and "just" go: apt-get ...

 I never connect my work computer to the Internet. That is why I
always install packages locally via dpkg, which is an option debian
users have, no? I see a lot of people asking the same kinds of
questiions I ask, so it seems as Lenon sang that "I am not the only
one"

 L

Re: crc not installed but rsync using it? ...

[Albretch Mueller]

On 9/24/20, Sven Hartge  wrote:

> Why do you think you need to do this? What do you hope to achieve by
> doing this?

 I have losts of (not necessarily all) text files (say in the 10 of
thousands) in various directories which I need to process in a batch,
but before I do that I want to make sure that I get a baseline of the
source files. I use:

 a)  crc
 b)  md5sum
 c) sha###sum

 because those are three different checksum utilities based on
different algorithms which work fast enough and offer a set signatures
which are good enough.

 My thinking may (once again) be a bit unhinged, but I would use,
e.g., crc because it internatlly used by rsync, which I also use in my
code.

 So, how do you think I can improve my baselining of the source files?

 L

Re: crc not installed but rsync using it? ...

[Greg Wooledge]

On Thu, Sep 24, 2020 at 05:58:49PM -0500, David Wright wrote:
> On Thu 24 Sep 2020 at 17:50:16 (+0200), Albretch Mueller wrote:
> > >> How do I get all packages to be locally installed using dpkg from a
> > >> public Windows machine?

> > Why do you think you need to do this? What do you hope to achieve by
> > doing this?
> 
> Perhaps the answer might be hinted at in postings like:
> https://lists.debian.org/debian-user/2019/10/msg00449.html
> https://lists.debian.org/debian-user/2020/08/msg00352.html

... oh, he's one of THOSE.

I'm done.

Re: crc not installed but rsync using it? ...

[Jonathan Dowland]

On Thu, Sep 24, 2020 at 05:58:49PM -0500, David Wright wrote:

I can't believe the answer is as simple as visiting
https://packages.debian.org/index
and downloading the packages you want (in binary mode).


Plus (possibly several) iterations of downloading the dependencies,
and their dependencies, etc., cross-referencing against your installed
package list (if you have it) to trim down the list.


--
Please do not CC me, I am subscribed to the list.

  Jonathan Dowland
✎j...@debian.org
   https://jmtd.net

Re: crc not installed but rsync using it? ...

[David Wright]

On Thu 24 Sep 2020 at 17:50:16 (+0200), Albretch Mueller wrote:
> >> How do I get all packages to be locally installed using dpkg from a
> >> public Windows machine?
> >
> > I'm not sure I understand this question or how it relates to the
> > previous one.
> 
>  How do I get the deb files in order to install locally (via dpkg
> --install) the necessary utilities to run CRC32 and/or CRC64

I can't believe the answer is as simple as visiting
https://packages.debian.org/index
and downloading the packages you want (in binary mode).

Or is the problem your aversion to plugging a USB stick
into a public computer lest it become terminally polluted?

On Thu 24 Sep 2020 at 20:23:51 (+0200), Sven Hartge wrote:
> Albretch Mueller  wrote:

> > How do I get the deb files in order to install locally (via dpkg
> > --install) the necessary utilities to run CRC32 and/or CRC64
> 
> Why do you think you need to do this? What do you hope to achieve by
> doing this?

Perhaps the answer might be hinted at in postings like:
https://lists.debian.org/debian-user/2019/10/msg00449.html
https://lists.debian.org/debian-user/2020/08/msg00352.html

Cheers,
David.

Re: crc not installed but rsync using it? ...

[Sven Hartge]

Albretch Mueller  wrote:

>>> How do I get all packages to be locally installed using dpkg from a
>>> public Windows machine?
>>
>> I'm not sure I understand this question or how it relates to the
>> previous one.

> How do I get the deb files in order to install locally (via dpkg
> --install) the necessary utilities to run CRC32 and/or CRC64

Why do you think you need to do this? What do you hope to achieve by
doing this?

Grüße,
Sven

-- 
Sigmentation fault. Core dumped.

Re: crc not installed but rsync using it? ...

[Reco]

On Thu, Sep 24, 2020 at 05:50:16PM +0200, Albretch Mueller wrote:
> >> How do I get all packages to be locally installed using dpkg from a
> >> public Windows machine?
> >
> > I'm not sure I understand this question or how it relates to the
> > previous one.
> 
>  How do I get the deb files in order to install locally (via dpkg
> --install) the necessary utilities to run CRC32 and/or CRC64

Typical Debian install has perl already, so you don't have to install
anything - [1].

Reco

[1] http://billauer.co.il/blog/2011/05/perl-crc32-crc-xs-module/

Re: crc not installed but rsync using it? ...

[Thomas Pircher]

Albretch Mueller wrote:
>  How do I get the deb files in order to install locally (via dpkg
> --install) the necessary utilities to run CRC32 and/or CRC64

Hmm, the 'necessary utilities' might be jacksum, if it can calculate the
CRCs you are after, and what Debian release you are on.

How to get the package and its dependencies to your machine, that is a
different question and depends on what type of internet access you have,
if at all.

Is `apt install jacksum` not an option for you?

Thomas

Re: crc not installed but rsync using it? ...

[Greg Wooledge]

On Thu, Sep 24, 2020 at 05:50:16PM +0200, Albretch Mueller wrote:
> >> How do I get all packages to be locally installed using dpkg from a
> >> public Windows machine?
> >
> > I'm not sure I understand this question or how it relates to the
> > previous one.
> 
>  How do I get the deb files in order to install locally (via dpkg
> --install) the necessary utilities to run CRC32 and/or CRC64

http://xyproblem.info/

Re: crc not installed but rsync using it? ...

[Albretch Mueller]

>> How do I get all packages to be locally installed using dpkg from a
>> public Windows machine?
>
> I'm not sure I understand this question or how it relates to the
> previous one.

 How do I get the deb files in order to install locally (via dpkg
--install) the necessary utilities to run CRC32 and/or CRC64

 Thank you,
 lbrtchx

Re: crc not installed but rsync using it? ...

[Thomas Pircher]

Albretch Mueller wrote:
> rsync uses crc for its data integrity checks. Why is it you can't use
> it like any other OS utility?

The code for CRC is so small and simple that virtually all applications
choose to implement it directly, rather than use a library or an
external application for it.

Also, note, there is no single `crc` (unlike MD5 or sha128). Strictly
speaking, Cyclic Redundancy Code is an algorithm, and you need to
specify more parameters (bit-width, polynom, initial value, and more) to
be able to actually implement it in code.
Sometimes people also say CRC when it is unambiguous in a certain field,
like CRC-32 for ethernet frames).

> How do I get all packages to be locally installed using dpkg from a
> public Windows machine?

I'm not sure I understand this question or how it relates to the
previous one.

Cheers,
Thomas

Re: crc not installed but rsync using it? ...

[Greg Wooledge]

On Thu, Sep 24, 2020 at 03:09:05PM +0200, Albretch Mueller wrote:
> rsync uses crc for its data integrity checks. Why is it you can't use
> it like any other OS utility?
> 
> $ date; which crc
> Thu Sep 24 07:54:55 CEST 2020
> 

CRC is a family of checksum algorithms.  They're generally considered
to be primitive and outdated.  For the most part, you won't find
standalone tools for each CRC variant.  You could probably find one tool
that implements several of them, with options to select the one you
would like.

Tab completion tells me I've got one called "crc32" installed.

unicorn:~$ dpkg -S /usr/bin/crc32
libarchive-zip-perl: /usr/bin/crc32

>From its man page:

   Note that the CRC-32 checksum is merely used  for  error  detection  in
   transmission  and storage.  It is not intended to guard against the ma‐
   licious modification of files (i.e., it is not a cryptographic hash).

There may very well be others.  Or, you could implement the algorithm(s)
yourself in C.  It would make a nice little freshman computer science
homework assignment.

crc not installed but rsync using it? ...

[Albretch Mueller]

rsync uses crc for its data integrity checks. Why is it you can't use
it like any other OS utility?

$ date; which crc
Thu Sep 24 07:54:55 CEST 2020

$ date; which rsync
Thu Sep 24 07:54:59 CEST 2020
/usr/bin/rsync

$ rsync --version
rsync  version 3.1.2  protocol version 31
Copyright (C) 1996-2015 by Andrew Tridgell, Wayne Davison, and others.
Web site: http://rsync.samba.org/
Capabilities:
64-bit files, 64-bit inums, 64-bit timestamps, 64-bit long ints,
socketpairs, hardlinks, symlinks, IPv6, batchfiles, inplace,
append, ACLs, xattrs, iconv, symtimes, prealloc

rsync comes with ABSOLUTELY NO WARRANTY.  This is free software, and you
are welcome to redistribute it under certain conditions.  See the GNU
General Public Licence for details.
$

How do I get all packages to be locally installed using dpkg from a
public Windows machine?

lbrtchx