Re: [gentoo-user] Xscreensaver 3D modules don't work

[Philip Webb]

160328 Corbin wrote:
> On 03/28/2016 02:09 AM, Philip Webb wrote:
>> Since I set up the system in my new machine in Oct 2015 ,
>> the 3D modules in Xscreensaver (now 5.34) have refused to run ;
>> the rest of Xscreensaver is working as advertised.
>> I did drop Perl support, but that seems to be related to I/net use
>> & shows no sign of relating to 3D rendering.
>> I have the 'opengl' flag enabled, have 'eselect-opengl' set to Nvidia
>> & have 'qtopengl-4.8.6-r1' installed (also the virtual),
>> tho' that is needed for Kdelibs with no sign of screensaving.
> Is the screensaver package your having problems with
> called "x11-misc/rss-glx" ?

No : it's Xscreensaver itself ; no also to your inquiries re USE flags.

> Do you have the VIDEO_CARDS flag "nvidia" set in your "make.conf" ?

Yes.

> I am using Nvidia driver 340.96.

I've just updated to 361.28 : everything else is working properly.

> The "x11-misc/rss-glx" screensavers work just fine.

I hadn't come across it before.
If I emerge it, will it automatically be adopted by Xscreensaver ?

Does anyone else have any thoughts re my original query ?

Thanks so far (smile).

-- 
,,
SUPPORT ___//___,   Philip Webb
ELECTRIC   /] [] [] [] [] []|   Cities Centre, University of Toronto
TRANSIT`-O--O---'   purslowatchassdotutorontodotca

[gentoo-user] Optimum sound settings for QEMU VM?

[waltdnes]

  I'm involved in beta testing Gstreamer 1.x support for HTML5 under
Pale Moon (a Firefox fork).  So far so good; it works.  I use a QEMU VM
for some building and testing.  Things work great on a real physical
machine, but audio absolutely sucks in the QEMU VM.  I get an annoying
warble-stutter and the playback seems a bit slower than it should be.
The same thing also happens with mplayer playing a .wav file, so it's
definitely not a Pale Moon browser problem.

  The VM gets 3 gigs of RAM (host has 8), 4 gigs of swap space, and 3 of
the host's 4 cores.  Resources should not be a problem.  Has anybody got
better performance?  If so, what are your kernel and sound card settings?

  I launch QEMU with "-soundhw hda".  Here are the "make menuconfig"
kernel config sound driver settings for the Gentoo guest VM.

Device Drivers  --->


<*> Sound Card Support  --->


<*>   Advanced Linux Sound Architecture  --->


[*] PCI sound devices  --->
HD-Audio  --->


<*> HD Audio PCI
(64) Pre-allocated buffer size for HD-audio driver
[*] Build hwdep interface for HD-audio driver
<*> Build Realtek HD-audio codec support
<*> Build Analog Device HD-audio codec support

-- 
Walter Dnes 
I don't run "desktop environments"; I run useful applications

Re: [gentoo-user] Re: DRM Problem : Radeon HD 7670M

[JingYuan Chen]

James,

Thanks for your response and suggestion !

Rich0's kernel crash dump page is interesting to me. I think that I could
find some useful information in it. I used Gentoo Live DVD to install
Gentoo into my laptop. I will use it to check VGA configuration again this
weekend.


Thank you !



Regards,
Phil

On Sun, Mar 27, 2016 at 1:06 AM, James  wrote:

> JingYuan Chen  gmail.com> writes:
>
>
> > I had installed Gentoo in my laptop  successfully last weekend. My laptop
> is Toshiba Satellite L840. I found that my VGA card is Radeon HD 7670M
> using
> "lspci -k" command. Therefore, I refer to Gentoo's Radeon wiki page to
> configure 4.1.15-r1 kernel with TURKS firmware and emerge linux-firmware
> atom.
> > However, my new kernel can not load TURKS successfully. I notice that
> there is an error message with DRM in dmesg's output. It shows
> [drm:evergreen_init] *ERROR* Failed to load firmware.
> > Why Evergreen ? Is not Northern Islands ? I am sure that the filename I
> gave is TURKS's firmware in menuconfig.
> > How could I make the dmesg's error message more verbose to debug ?
> > Are there some configurations should I check again ?
> > p.s. I built it in kernel not in modules.
> > Any advice would be greatly appreciated.
>
>
> Look directly into /lib/firmware/radeon/ and make sure you do not have
> a typo somewhere.
>
> Building directly into the kernel is a really good idea for video drivers.
>
> Another tool you may want to check out, is Rich0's kernel crash dump page::
>
> https://wiki.gentoo.org/wiki/Kernel_Crash_Dumps
>
>
> Last, when all else fails and is actually quite easy is to find a
> liveCD/DVD, from any distro that boots your lappy with the radeon driver
> that works. Then you parse about to find the one it uses. Some of these
> drivers are very close in the components and vendor card vendors have
> a 'malaise' of dis information surrounding the exact specs of the video
> components in there hardware, particularly laptop and tablet vendors.
>
>
> Just keep looking around, trying different ones out and something will
> work, eventually.
>
> 'lspci -k' show video driver details use on a generic livedvd booted
> system.
>
> A livedvd was created to give away at a recent california conference but I
> did not see it posted anywhere on the Release Engineering project pages.
> There are other gentoo derivative distros with livedvd you can bootup
> to help find the correct driver.
>
>
>
> good hunting,
> James
>
>
>

Re: [gentoo-user] DRM Problem : Radeon HD 7670M

[JingYuan Chen]

Mick,

Thanks for your response and suggestion !

When compiled the new kernel, there was no error message. I can use the new
kernel to boot my laptop successfully. So that I am sure that the relative
firmware filenames I gave are correct.

I will try another kernel version or Evergreen firmware this weekend.


Thank you !



Regards,
Phil

On Sun, Mar 27, 2016 at 12:47 AM, Mick  wrote:

> On Sunday 27 Mar 2016 00:23:21 JingYuan Chen wrote:
> > Hello,
> >
> > I had installed Gentoo in my laptop  successfully last weekend. My laptop
> > is Toshiba Satellite L840. I found that my VGA card is Radeon HD 7670M
> > using "lspci -k" command. Therefore, I refer to Gentoo's Radeon wiki page
> > to configure 4.1.15-r1 kernel with TURKS firmware and emerge
> linux-firmware
> > atom.
> >
> > However, my new kernel can not load TURKS successfully. I notice that
> there
> > is an error message with DRM in dmesg's output. It shows
> > [drm:evergreen_init] *ERROR* Failed to load firmware.
>
> So the kernel *wants* to load the Evergreen firmware blobs.
>
>
> > Why Evergreen ? Is not Northern Islands ? I am sure that the filename I
> > gave is TURKS's firmware in menuconfig.
>
> Sure, but the kernel seems to think that the hardware is evergreen for some
> reason.  The Radeon HD 7670M apparently is based on the same chipset as
> Radeon
> HD 6650M:
>
> http://www.notebookcheck.net/AMD-Radeon-HD-7670M.69483.0.html
>
> so it may be that the foundry it came out of was of an Evergreen batch.
>
>
> > How could I make the dmesg's error message more verbose to debug ?
> >
> > Are there some configurations should I check again ?
> >
> > p.s. I built it in kernel not in modules.
> >
> > Any advice would be greatly appreciated.
> >
> > Regards,
> > Phil
>
> I would first check that you have in your menuconfig the complete space
> separated Turks stanza:
>
> radeon/BTC_rlc.bin radeon/TURKS_mc.bin radeon/TURKS_me.bin
> radeon/TURKS_pfp.bin radeon/TURKS_smc.bin radeon/SUMO_uvd.bin
>
> and make sure there are no misspellings in there.  If it still complains,
> then
> replace these with the Evergreen (or whatever dmesg complains about) and
> try
> booting again.
>
> BTW, have you tried booting different kernels, or LiveISOs to see what they
> detect the hardware as?
>
> --
> Regards,
> Mick

Re: [gentoo-user] Re: Encrypted cell 2 gentoo

[covici]

Not if you use smtp with port 587 and not use plain login options.

Max R.D. Parmer  wrote:

> The recipients mail server could still see the message in plaintext.
> 
> If you are concerned your correspondent's mail server might be used to
> try to read their messages then another layer of encryption is needed
> that only the recipient themselves can decrypt and that would be
> GPG/PGP.
> 
> It depends on your particular needs whether that extra step is needed.
> 
> --
> 0x7D964D3361142ACF
> 
> On Mon, Mar 28, 2016, at 13:45, cov...@ccs.covici.com wrote:
> > If you have your own mta and use imap-s won't that do it?
> > 
> > Max R.D. Parmer  wrote:
> > 
> > > Ahh, OK. So secure communications between all these clients.
> > > 
> > > The two big players for client-side encryption for email or messaging
> > > data would be GPG and OTR; for VoIP you would want to look into ZRTP.
> > > There are several clients that support these three protocols on all the
> > > platforms you've listed (though support for ZRTP is across the board
> > > pretty rare).
> > > 
> > > Unfortunately, I'm not aware of any single cohesive guide to tie it
> > > altogether.
> > > 
> > > --
> > > 0x7D964D3361142ACF
> > > 
> > > On Mon, Mar 28, 2016, at 09:13, James wrote:
> > > > Max R.D. Parmer  trystero.is> writes:
> > > > 
> > > > 
> > > > 
> > > > 
> > > > > Do I understand correctly that you're looking to set up a Gentoo 
> > > > > server
> > > > > as a "hub" from which you can retrieve your mail using any of your
> > > > > client systems?
> > > > 
> > > > Not really. Yes that has to work but... What I want to read up on 
> > > > and test is encrypted (secure) communications between the (2) major
> > > > cell phone types and whatever client on a gentoo workstation. The 
> > > > goal is good security, that is reasonable to setup and manage
> > > > and allows folks to use any of those 3 devices to exchange encrypted
> > > > mail.
> > > > Suppose I had a friend that has an ios phone. What page do I send him to
> > > > to encrypt his emails? What will work with thunderbird, sylpheed, etc.
> > > > Some discussion, url links that I can refer others to and then
> > > > recommendations.
> > > > 
> > > > > If I understood correctly, interoperability should be easy because
> > > > > mostly it comes down to IMAP/SMTP/POP3 and support for those protocols
> > > > > is pretty good across lots of applications. But maybe I got it wrong?
> > > > 
> > > > What I want to do is find documents that at least provide an overview
> > > > of which specific apps to put on a cell phone (android or ios) some
> > > > example configs and then a few docs on the gentoo side.
> > > > 
> > > > Free or do you buys those apps from a vendor on the cell phones?
> > > > Which ones are better, i.e. more trusted or have different algos
> > > > for encryptions (bit-lenght etc). May, I just need to find
> > > > a forum where this is routinely discuss to see what's new, what's
> > > > not secure, what may be prohibited by whom, etc etc.
> > > > 
> > > > 
> > > > OK?
> > > > 
> > > > James  
> > > > 
> > > > 
> > > > 
> > > > 
> > > 
> > 
> > -- 
> > Your life is like a penny.  You're going to lose it.  The question is:
> > How do
> > you spend it?
> > 
> >  John Covici
> >  cov...@ccs.covici.com
> > 
> 

-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

 John Covici
 cov...@ccs.covici.com

Re: [gentoo-user] Re: Encrypted cell 2 gentoo

[Max R.D. Parmer]

The recipients mail server could still see the message in plaintext.

If you are concerned your correspondent's mail server might be used to
try to read their messages then another layer of encryption is needed
that only the recipient themselves can decrypt and that would be
GPG/PGP.

It depends on your particular needs whether that extra step is needed.

--
0x7D964D3361142ACF

On Mon, Mar 28, 2016, at 13:45, cov...@ccs.covici.com wrote:
> If you have your own mta and use imap-s won't that do it?
> 
> Max R.D. Parmer  wrote:
> 
> > Ahh, OK. So secure communications between all these clients.
> > 
> > The two big players for client-side encryption for email or messaging
> > data would be GPG and OTR; for VoIP you would want to look into ZRTP.
> > There are several clients that support these three protocols on all the
> > platforms you've listed (though support for ZRTP is across the board
> > pretty rare).
> > 
> > Unfortunately, I'm not aware of any single cohesive guide to tie it
> > altogether.
> > 
> > --
> > 0x7D964D3361142ACF
> > 
> > On Mon, Mar 28, 2016, at 09:13, James wrote:
> > > Max R.D. Parmer  trystero.is> writes:
> > > 
> > > 
> > > 
> > > 
> > > > Do I understand correctly that you're looking to set up a Gentoo server
> > > > as a "hub" from which you can retrieve your mail using any of your
> > > > client systems?
> > > 
> > > Not really. Yes that has to work but... What I want to read up on 
> > > and test is encrypted (secure) communications between the (2) major
> > > cell phone types and whatever client on a gentoo workstation. The 
> > > goal is good security, that is reasonable to setup and manage
> > > and allows folks to use any of those 3 devices to exchange encrypted
> > > mail.
> > > Suppose I had a friend that has an ios phone. What page do I send him to
> > > to encrypt his emails? What will work with thunderbird, sylpheed, etc.
> > > Some discussion, url links that I can refer others to and then
> > > recommendations.
> > > 
> > > > If I understood correctly, interoperability should be easy because
> > > > mostly it comes down to IMAP/SMTP/POP3 and support for those protocols
> > > > is pretty good across lots of applications. But maybe I got it wrong?
> > > 
> > > What I want to do is find documents that at least provide an overview
> > > of which specific apps to put on a cell phone (android or ios) some
> > > example configs and then a few docs on the gentoo side.
> > > 
> > > Free or do you buys those apps from a vendor on the cell phones?
> > > Which ones are better, i.e. more trusted or have different algos
> > > for encryptions (bit-lenght etc). May, I just need to find
> > > a forum where this is routinely discuss to see what's new, what's
> > > not secure, what may be prohibited by whom, etc etc.
> > > 
> > > 
> > > OK?
> > > 
> > > James  
> > > 
> > > 
> > > 
> > > 
> > 
> 
> -- 
> Your life is like a penny.  You're going to lose it.  The question is:
> How do
> you spend it?
> 
>  John Covici
>  cov...@ccs.covici.com
> 

Re: [gentoo-user] Re: Encrypted cell 2 gentoo

[covici]

If you have your own mta and use imap-s won't that do it?

Max R.D. Parmer  wrote:

> Ahh, OK. So secure communications between all these clients.
> 
> The two big players for client-side encryption for email or messaging
> data would be GPG and OTR; for VoIP you would want to look into ZRTP.
> There are several clients that support these three protocols on all the
> platforms you've listed (though support for ZRTP is across the board
> pretty rare).
> 
> Unfortunately, I'm not aware of any single cohesive guide to tie it
> altogether.
> 
> --
> 0x7D964D3361142ACF
> 
> On Mon, Mar 28, 2016, at 09:13, James wrote:
> > Max R.D. Parmer  trystero.is> writes:
> > 
> > 
> > 
> > 
> > > Do I understand correctly that you're looking to set up a Gentoo server
> > > as a "hub" from which you can retrieve your mail using any of your
> > > client systems?
> > 
> > Not really. Yes that has to work but... What I want to read up on 
> > and test is encrypted (secure) communications between the (2) major
> > cell phone types and whatever client on a gentoo workstation. The 
> > goal is good security, that is reasonable to setup and manage
> > and allows folks to use any of those 3 devices to exchange encrypted
> > mail.
> > Suppose I had a friend that has an ios phone. What page do I send him to
> > to encrypt his emails? What will work with thunderbird, sylpheed, etc.
> > Some discussion, url links that I can refer others to and then
> > recommendations.
> > 
> > > If I understood correctly, interoperability should be easy because
> > > mostly it comes down to IMAP/SMTP/POP3 and support for those protocols
> > > is pretty good across lots of applications. But maybe I got it wrong?
> > 
> > What I want to do is find documents that at least provide an overview
> > of which specific apps to put on a cell phone (android or ios) some
> > example configs and then a few docs on the gentoo side.
> > 
> > Free or do you buys those apps from a vendor on the cell phones?
> > Which ones are better, i.e. more trusted or have different algos
> > for encryptions (bit-lenght etc). May, I just need to find
> > a forum where this is routinely discuss to see what's new, what's
> > not secure, what may be prohibited by whom, etc etc.
> > 
> > 
> > OK?
> > 
> > James  
> > 
> > 
> > 
> > 
> 

-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

 John Covici
 cov...@ccs.covici.com

Re: [gentoo-user] Encrypted cell 2 gentoo

[wabenbau]

James  wrote:

> Hello,
> 
> I've been googling for some guides on setting up encrypted mail
> on a gentoo system and specifically how you would set up the apple
> or android phone on the other end. Lots to read. Guidance on the
> applications (both cell phone and the gentoo workstations. I guess
> that inter-operability is what I'm most curious about. I'm not
> running a MTA, but I could if that helps?

For PGP encrypted mail on android phones you can use K-9 Mail 
together with OpenKeychain or AGP. All of these apps are available
at fdroid.org and also at Google playstore.

A good address for information and apps about privacy on phones is 

https://guardianproject.info

--
Regards
wabe

Re: [gentoo-user] Re: Encrypted cell 2 gentoo

[Mick]

On Monday 28 Mar 2016 10:54:49 Max R.D. Parmer wrote:
> I think the paper on Intel issues Mick is referring to is the one I
> linked not too long ago:
> http://blog.invisiblethings.org/papers/2015/x86_harmful.pdf

Yes, here's the M/L thread:

http://article.gmane.org/gmane.linux.gentoo.user/288720


> It seems like you're looking for something like the EFF's "surveillance
> self-defense"[1] site but with some stuff specific to Gentoo.
> 
> [1]: https://ssd.eff.org/

Also worth a read, for sysadmins at least is this:

https://bettercrypto.org/static/applied-crypto-hardening.pdf

Revisit regularly, as this is WIP and it gets updated every now and then as 
more vulnerabilities are discovered.

-- 
Regards,
Mick

signature.asc
Description: This is a digitally signed message part.

Re: [gentoo-user] Re: Encrypted cell 2 gentoo

[Max R.D. Parmer]

I think the paper on Intel issues Mick is referring to is the one I
linked not too long ago:
http://blog.invisiblethings.org/papers/2015/x86_harmful.pdf

It seems like you're looking for something like the EFF's "surveillance
self-defense"[1] site but with some stuff specific to Gentoo.

[1]: https://ssd.eff.org/

--
0x7D964D3361142ACF

On Mon, Mar 28, 2016, at 10:25, James wrote:
> Mick  gmail.com> writes:
> 
> > > Ahh, OK. So secure communications between all these clients.
> > > The two big players for client-side encryption for email or messaging
> > > data would be GPG and OTR; 
> 
> Good 2 know. I'll keep searching for docs. 
> 
> > Also S/MIME encryption of the email message body using SSL certificates 
> > achieves the same end result (i.e. encrypted payload) as GnuPG offers.  
> > For GPG you may need a plugin (e.g. enigmail on T'bird) or something 
> > similar for phone clients, but S/MIME is usually available by default for
> >  most email clients and platforms.
> 
> OK, so maybe I'll test out a few devices, provide some feedback and then
> seen about a (gentoo wiki) page. If the community is not interested in 
> that I bet these guys would put up some sort of community cook-book on
> this topic:: [1] 
> 
> Dont know who they are, but they seem to be on the right track,
> and they big on Gentoo!
> 
> > A word of caution:  Snowden warned us that the end devices do not ossess 
> > strong enough randomness generators to ensure that the encryption they 
> > perform cannot be reverse engineered.
> 
> Intel has long been hiding extra hardware inside of their processors, for
> a
> variety of nefarious activities. Here is a link where they now let the
> retail world in on what has been going on for decades [2].
> 
> This is why the US gov keeps hyping how bad security is, so the gov can
> take
> steps and the sub-contract out the details for billions (it's the new
> cold
> war and we have to be scared enough to get the govs to protect us, right?
> And all of that horse_feathers
> 
> Anyone doing gate/register design/validations with Intel parts, decades
> ago,
> stumbled into areas of the the intel chips with hidden hardware. Just
> slice
> them and put them under any high res scanner nowadays Sadly,
> everybody
> in the chip bidness does this routinely now. SoCs are all full
> of this crap.
> 
> The old AT phone switches (think 3B2) had this sort of 'undefined
> hardware'. Nothing new 'signal intercept' is good to search on, but most
> of the Intel (get the pun?) has been scrubbed form the internet on 
> 'signal intercept'; particularly the Rf stuff.
> 
> > A recent article shared on this M/L also showed that anything with Intel 
> > inside® can be deemed as intentionally weakened to enable potential 
> > interference with our privacy.
> 
> Got that link handy? Part of the SSL v2 v3 stuff? I was hoping somebody
> would write up a summary, and  detail action plans from a gentoo
> workstation, gentoo server and gentoo-cluster perspective on the state
> of SSL.* issues.  
> 
> > Therefore treat your encrypted communications and their content with  
> > caution, because you don't know how private these may remain in the 
> > future.
> 
> Kinda like a very gorgeous woman, with a low credit score (yak yak yhak)?
> Or like an 'old bug' flying towards the light (ZAP)?
> Certainly, but, the low rent hacks might be held at bay a little longer.
> Still, we should make the effort to streamline and document pathways,
> with
> ample warnings of cautions.
> 
> 
> [1] https://wiki.installgentoo.com/index.php/Encryption
> 
> [2]
> http://www.extremetech.com/extreme/184828-intel-unveils-new-xeon-chip-with-integrated-fpga-touts-20x-performance-boost
> 
> 

[gentoo-user] Re: Encrypted cell 2 gentoo

[James]

Mick  gmail.com> writes:

> > Ahh, OK. So secure communications between all these clients.
> > The two big players for client-side encryption for email or messaging
> > data would be GPG and OTR; 

Good 2 know. I'll keep searching for docs. 

> Also S/MIME encryption of the email message body using SSL certificates 
> achieves the same end result (i.e. encrypted payload) as GnuPG offers.  
> For GPG you may need a plugin (e.g. enigmail on T'bird) or something 
> similar for phone clients, but S/MIME is usually available by default for
>  most email clients and platforms.

OK, so maybe I'll test out a few devices, provide some feedback and then
seen about a (gentoo wiki) page. If the community is not interested in 
that I bet these guys would put up some sort of community cook-book on
this topic:: [1] 

Dont know who they are, but they seem to be on the right track,
and they big on Gentoo!

> A word of caution:  Snowden warned us that the end devices do not ossess 
> strong enough randomness generators to ensure that the encryption they 
> perform cannot be reverse engineered.

Intel has long been hiding extra hardware inside of their processors, for a
variety of nefarious activities. Here is a link where they now let the
retail world in on what has been going on for decades [2].

This is why the US gov keeps hyping how bad security is, so the gov can take
steps and the sub-contract out the details for billions (it's the new cold
war and we have to be scared enough to get the govs to protect us, right?
And all of that horse_feathers

Anyone doing gate/register design/validations with Intel parts, decades ago,
stumbled into areas of the the intel chips with hidden hardware. Just slice
them and put them under any high res scanner nowadays Sadly, everybody
in the chip bidness does this routinely now. SoCs are all full
of this crap.

The old AT phone switches (think 3B2) had this sort of 'undefined
hardware'. Nothing new 'signal intercept' is good to search on, but most
of the Intel (get the pun?) has been scrubbed form the internet on 
'signal intercept'; particularly the Rf stuff.

> A recent article shared on this M/L also showed that anything with Intel 
> inside® can be deemed as intentionally weakened to enable potential 
> interference with our privacy.

Got that link handy? Part of the SSL v2 v3 stuff? I was hoping somebody
would write up a summary, and  detail action plans from a gentoo
workstation, gentoo server and gentoo-cluster perspective on the state
of SSL.* issues.  

> Therefore treat your encrypted communications and their content with  
> caution, because you don't know how private these may remain in the 
> future.

Kinda like a very gorgeous woman, with a low credit score (yak yak yhak)?
Or like an 'old bug' flying towards the light (ZAP)?
Certainly, but, the low rent hacks might be held at bay a little longer.
Still, we should make the effort to streamline and document pathways, with
ample warnings of cautions.


[1] https://wiki.installgentoo.com/index.php/Encryption

[2]
http://www.extremetech.com/extreme/184828-intel-unveils-new-xeon-chip-with-integrated-fpga-touts-20x-performance-boost

Re: [gentoo-user] Re: Encrypted cell 2 gentoo

[Mick]

On Monday 28 Mar 2016 09:26:54 Max R.D. Parmer wrote:
> Ahh, OK. So secure communications between all these clients.
> 
> The two big players for client-side encryption for email or messaging
> data would be GPG and OTR; 

Also S/MIME encryption of the email message body using SSL certificates 
achieves the same end result (i.e. encrypted payload) as GnuPG offers.  For 
GPG you may need a plugin (e.g. enigmail on T'bird) or something similar for 
phone clients, but S/MIME is usually available by default for most email 
clients and platforms.

A word of caution:

Snowden warned us that the end devices do not possess strong enough randomness 
generators to ensure that the encryption they perform cannot be reverse 
engineered.

A recent article shared on this M/L also showed that anything with Intel 
inside® can be deemed as intentionally weakened to enable potential 
interference with our privacy.

Therefore treat your encrypted communications and their content with caution, 
because you don't know how private these may remain in the future.

-- 
Regards,
Mick

signature.asc
Description: This is a digitally signed message part.

Re: [gentoo-user] Re: Encrypted cell 2 gentoo

[Max R.D. Parmer]

Ahh, OK. So secure communications between all these clients.

The two big players for client-side encryption for email or messaging
data would be GPG and OTR; for VoIP you would want to look into ZRTP.
There are several clients that support these three protocols on all the
platforms you've listed (though support for ZRTP is across the board
pretty rare).

Unfortunately, I'm not aware of any single cohesive guide to tie it
altogether.

--
0x7D964D3361142ACF

On Mon, Mar 28, 2016, at 09:13, James wrote:
> Max R.D. Parmer  trystero.is> writes:
> 
> 
> 
> 
> > Do I understand correctly that you're looking to set up a Gentoo server
> > as a "hub" from which you can retrieve your mail using any of your
> > client systems?
> 
> Not really. Yes that has to work but... What I want to read up on 
> and test is encrypted (secure) communications between the (2) major
> cell phone types and whatever client on a gentoo workstation. The 
> goal is good security, that is reasonable to setup and manage
> and allows folks to use any of those 3 devices to exchange encrypted
> mail.
> Suppose I had a friend that has an ios phone. What page do I send him to
> to encrypt his emails? What will work with thunderbird, sylpheed, etc.
> Some discussion, url links that I can refer others to and then
> recommendations.
> 
> > If I understood correctly, interoperability should be easy because
> > mostly it comes down to IMAP/SMTP/POP3 and support for those protocols
> > is pretty good across lots of applications. But maybe I got it wrong?
> 
> What I want to do is find documents that at least provide an overview
> of which specific apps to put on a cell phone (android or ios) some
> example configs and then a few docs on the gentoo side.
> 
> Free or do you buys those apps from a vendor on the cell phones?
> Which ones are better, i.e. more trusted or have different algos
> for encryptions (bit-lenght etc). May, I just need to find
> a forum where this is routinely discuss to see what's new, what's
> not secure, what may be prohibited by whom, etc etc.
> 
> 
> OK?
> 
> James  
> 
> 
> 
> 

[gentoo-user] Re: Encrypted cell 2 gentoo

[James]

Max R.D. Parmer  trystero.is> writes:




> Do I understand correctly that you're looking to set up a Gentoo server
> as a "hub" from which you can retrieve your mail using any of your
> client systems?

Not really. Yes that has to work but... What I want to read up on 
and test is encrypted (secure) communications between the (2) major
cell phone types and whatever client on a gentoo workstation. The 
goal is good security, that is reasonable to setup and manage
and allows folks to use any of those 3 devices to exchange encrypted mail.
Suppose I had a friend that has an ios phone. What page do I send him to
to encrypt his emails? What will work with thunderbird, sylpheed, etc.
Some discussion, url links that I can refer others to and then
recommendations.

> If I understood correctly, interoperability should be easy because
> mostly it comes down to IMAP/SMTP/POP3 and support for those protocols
> is pretty good across lots of applications. But maybe I got it wrong?

What I want to do is find documents that at least provide an overview
of which specific apps to put on a cell phone (android or ios) some
example configs and then a few docs on the gentoo side.

Free or do you buys those apps from a vendor on the cell phones?
Which ones are better, i.e. more trusted or have different algos
for encryptions (bit-lenght etc). May, I just need to find
a forum where this is routinely discuss to see what's new, what's
not secure, what may be prohibited by whom, etc etc.


OK?

James  

Re: [gentoo-user] Encrypted cell 2 gentoo

[Max R.D. Parmer]

Do I understand correctly that you're looking to set up a Gentoo server
as a "hub" from which you can retrieve your mail using any of your
client systems?

If I understood correctly, interoperability should be easy because
mostly it comes down to IMAP/SMTP/POP3 and support for those protocols
is pretty good across lots of applications. But maybe I got it wrong?

--
0x7D964D3361142ACF

On Mon, Mar 28, 2016, at 08:21, James wrote:
> Hello,
> 
> I've been googling for some guides on setting up encrypted mail
> on a gentoo system and specifically how you would set up the apple
> or android phone on the other end. Lots to read. Guidance on the
> applications (both cell phone and the gentoo workstations. I guess
> that inter-operability is what I'm most curious about. I'm not running a 
> MTA, but I could if that helps?
> 
> 
> 
> 

[gentoo-user] Encrypted cell 2 gentoo

[James]

Hello,

I've been googling for some guides on setting up encrypted mail
on a gentoo system and specifically how you would set up the apple
or android phone on the other end. Lots to read. Guidance on the
applications (both cell phone and the gentoo workstations. I guess
that inter-operability is what I'm most curious about. I'm not running a 
MTA, but I could if that helps?

Re: [gentoo-user] New Laptop Will Be Here in Few Days

[Lee]

Thanks so much!
On Mar 28, 2016 1:37 AM, "Adam Carter"  wrote:

> On Mon, Mar 28, 2016 at 5:21 PM, Lee  wrote:
>
>> Thanks!
>>
> FWIW i also used ~amd64 gcc, and;
> CFLAGS="-march=broadwell -O2 -pipe"
> VIDEO_CARDS="intel i965"
> CPU_FLAGS_X86="aes avx avx2 fma3 mmx popcnt sse sse2 sse3 sse4_1 sse4_2
> ssse3"
>

Re: [gentoo-user] The Project Begins!

[Michael Orlitzky]

On 03/27/2016 01:10 AM, Hunter Jozwiak wrote:
> 
> Okay. Thanks for that information. Is there a more descriptive version of
> the twenty USE flags I should use for Apache, because the index is rather
> vague. I pulled up the wiki page, clicked on a link that was attached to one
> of the USE flags, which in turn opened up another three hundred plus USE
> opportunities.
> 
> 

The APACHE2_MODULES flags all correspond to a module on this list:

  https://httpd.apache.org/docs/2.4/mod/

The best way to figure out what each one does is to click the link and
see what directives it provides.

Re: [gentoo-user] Xscreensaver 3D modules don't work

[Corbin]

On 03/28/2016 02:09 AM, Philip Webb wrote:

Since I set up the system in my new machine in Oct 2015 ,
the 3D modules in Xscreensaver (now 5.34) have refused to run ;
the rest of Xscreensaver is working as advertised.

I did drop Perl support, but that seems to be related to I/net use
& shows no sign of relating to 3D rendering.

I have the 'opengl' flag enabled, have 'eselect-opengl' set to Nvidia
& have 'qtopengl-4.8.6-r1' installed (also the virtual),
tho' that is needed for Kdelibs with no sign of screensaving.

Has anyone else run into this problem ?  Does anyone have any advice ?



Is the screensaver package your having problems with called 
"x11-misc/rss-glx"?


Do you have the USE flag "opencl" set in your "make.conf" / or on a 
"package.use", or not used at all? ( Check eselect setting as well. )


Do you have the USE flag "xscreensaver" set in your "make.conf" / or on 
a "package.use", or not used at all?


Do you have the USE flag "vaapi" OR "vdpau" set in your "make.conf" / or 
on a "package.use", or not used at all?


Do you have the VIDEO_CARDS flag "nivida" set in your "make.conf" / or 
not used at all? ( emerge @module-rebuild ? )


More info would be helpful in diagnosis.

I am using Nvidia driver 340.96.
I have the USE flags "xscreensaver / opencl / opengl / vaapi" in 
"make.conf", and VIDEO_CARDS="nvidia" in "make.conf".

The eselect opencl / opengl is set to nvidia.

The "x11-misc/rss-glx" screensavers work just fine. I like the 
"GLMatrix" one.

Re: [gentoo-user] New Laptop Will Be Here in Few Days

[Adam Carter]

On Mon, Mar 28, 2016 at 5:21 PM, Lee  wrote:

> Thanks!
>
FWIW i also used ~amd64 gcc, and;
CFLAGS="-march=broadwell -O2 -pipe"
VIDEO_CARDS="intel i965"
CPU_FLAGS_X86="aes avx avx2 fma3 mmx popcnt sse sse2 sse3 sse4_1 sse4_2
ssse3"

[gentoo-user] Xscreensaver 3D modules don't work

[Philip Webb]

Since I set up the system in my new machine in Oct 2015 ,
the 3D modules in Xscreensaver (now 5.34) have refused to run ;
the rest of Xscreensaver is working as advertised.

I did drop Perl support, but that seems to be related to I/net use
& shows no sign of relating to 3D rendering.

I have the 'opengl' flag enabled, have 'eselect-opengl' set to Nvidia
& have 'qtopengl-4.8.6-r1' installed (also the virtual),
tho' that is needed for Kdelibs with no sign of screensaving.

Has anyone else run into this problem ?  Does anyone have any advice ?

-- 
,,
SUPPORT ___//___,   Philip Webb
ELECTRIC   /] [] [] [] [] []|   Cities Centre, University of Toronto
TRANSIT`-O--O---'   purslowatchassdotutorontodotca

Re: [gentoo-user] New Laptop Will Be Here in Few Days

[Lee]

Thanks!
On Mar 27, 2016 11:12 PM, "Adam Carter"  wrote:

> On Sun, Mar 27, 2016 at 1:39 AM, Lee  wrote:
>
>> New Clevo W670RZQ Laptop with 6th Gen i7 cpu, hm170 Intel chipset and on-
>> board graphics.
>>
>> Will the latest stable kernel and firmware packages work with it? Will
>> the most recent minimal install disc be adequate for my needs, or should I
>> go with another distribution for the purpose of having a working  nic?
>>
> Skylake/6th gen + Intel HD 520 video working fine for me. ~amd64 kernel
> but amd64 linux-firmware. I went straight to ~amd64 for the kernel since
> the hardware is pretty new, and using the latest kernel seems prudent to me
> when using recently released hardware. System was built when ~amd64 was
> 4.4. Everything worked.
>

Re: [gentoo-user] New Laptop Will Be Here in Few Days

[Adam Carter]

On Sun, Mar 27, 2016 at 1:39 AM, Lee  wrote:

> New Clevo W670RZQ Laptop with 6th Gen i7 cpu, hm170 Intel chipset and on-
> board graphics.
>
> Will the latest stable kernel and firmware packages work with it? Will the
> most recent minimal install disc be adequate for my needs, or should I go
> with another distribution for the purpose of having a working  nic?
>
Skylake/6th gen + Intel HD 520 video working fine for me. ~amd64 kernel but
amd64 linux-firmware. I went straight to ~amd64 for the kernel since the
hardware is pretty new, and using the latest kernel seems prudent to me
when using recently released hardware. System was built when ~amd64 was
4.4. Everything worked.