[Tails-dev] Please review merge bugfix/disable-flawed-Pidgin-features
Hi, A few security issues were discovered in Pidgin recently (CVE-2013-0271, CVE-2013-0272, CVE-2013-0273, CVE-2013-0274). Three of those affect specific protocols (mxit and sametime), and another one is about uPnP that is disabled in Tails' Pidgin configuration by default. The maintainer of Pidgin in Debian has no time to quickly issue a security update for stable right now, and at first glance the upstream patches don't trivially apply to stable's Pidgin. Given our 0.17 release schedule, I think we should workaround these issues in the easiest and quickest way. So, I propose we simply delete the shared libraries that implement mxit and sametime, the same way we do it for the msn support already. Implemented in bugfix/disable-flawed-Pidgin-features, candidate for 0.17 = please review and merge into testing and devel. If nobody has time to review and merge that until the time I build the final image tomorrow, then I guess I'll take the liberty to do it myself. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Oversimplified and incorrect doc about MAC addresses
Hi, Ken Grahm wrote (19 Feb 2013 22:20:14 GMT) : On the subject, this tool: https://github.com/EtiennePerot/macchiato seems to satisfy some of the concerns documented here: https://tails.boum.org/todo/macchanger/#index4h1 Indeed, it's going in the right direction. Thanks for the pointer! I've just added information about macchiato on this ticket page (commit 7d14e1c6). Don't hesitate contributing to the OUI list shipped with macchiato; as upstream puts it [1]: If you have a common computer, then feel free to post a comment below listing your OUI prefixes of your network adapters. make sure to specify which category of network adapter each OUI prefix corresponds to. Or you can send a pull request on the macchiato GitHub repository. Or the Bitbucket one. Whichever you prefer. [1] https://perot.me/mac-spoofing-what-why-how-and-something-about-coffee Cheers! ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] autostarting Iceweasel [Was: Training Journalists in Istanbul]
Hi, Runa A. Sandvik wrote (04 Feb 2013 15:12:51 GMT) : - Firefox will start automatically once you are connected to the Internet. FWIW, I've proposed we don't do this anymore, pending discussion: https://tails.boum.org/todo/dont_autostart_iceweasel/ Most users did not wait for the Tails website to load before entering another URL in the address bar. Users did not question if they were actually using Tor. While I understand this could be an issue for the TBB, I personally don't think this is a problem for Tails: unless you do it differently on purpose, when you're using Tails, you're using Tor, and as a end-user one should not have to manually check or question this fact. Runa and others, do you think this is a problem that users act this way? Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] email client configuration [Was: Training Journalists in Istanbul]
Hi, Runa A. Sandvik wrote (04 Feb 2013 15:12:51 GMT) : - One user tried the email client, skipped the part where you set up the mail servers, and tried to write an email. I believe that the Icedove (rebranded Thunderbird) account creation assistant will improve this a lot; we're working on the migration: https://tails.boum.org/todo/Return_of_Icedove__63__/ I wonder if there is a way to improve this, as most users expect the mail client to work just like the one they are used to in their normal operating system. I'm not sure I follow. These users, or someone else, had to configure the [email client] they are used to in their normal operating system at some point to use a relay host, if they wanted it to be able to send email in a way that's accepted by most MX out there, right? The way one does it in Tails is not that different: one enables persistence for the email client, sets their email accounts up, and is done with it. I'm not sure how we could make this easier. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] keyboard layout [Was: Training Journalists in Istanbul]
Hi, Runa A. Sandvik wrote (04 Feb 2013 15:12:51 GMT) : - Tails uses a US keyboard layout by default. This can be confusing for anyone with a different keyboard layout. The Tails greeter allows to switch to another language and keyboard layout: https://tails.boum.org/doc/first_steps/startup_options/index.en.html#index2h1 We're aware that this feature can easily be missed, see our plans to revamp the greeter UI: https://tails.boum.org/todo/tails-greeter:_revamp_UI/ https://tails.boum.org/todo/tails-greeter_vs._Wheezy/ A few users mentioned that the tap-touchpad-to-click functionality did not work. It would be totally awesome if we had some complete bug reports for this, else there's not much we can do about it. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] [tor-reports] Training Journalists in Istanbul
Hi, Runa A. Sandvik wrote (04 Feb 2013 15:12:51 GMT) : I asked a few people to try out Tails and let me know if something was confusing, did not work, or could be improved: Thanks a *lot* for all this valuable input! I'm going to reply to each topic in separate emails, so that we can have one thread per topic. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] misc. improvement ideas [Was: Training Journalists in Istanbul]
Hi, Runa A. Sandvik wrote (04 Feb 2013 15:12:51 GMT) : - One user pointed out that there is no logout or shutdown option available when using Tails in Windows XP mode. Right. We've got a bugfix branch that just needs some testing and hopefully will make it in time for Tails 0.17. - The shutdown process can look a bit scary for anyone who is not used to Linux, especially the part where it wipes the memory. A friendly splash-screen of some sort would be good. Yes, sure. I believe that the Plymouth integration in Wheezy is a bit better, and might allow us to have something nicer. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] disabling default Pidgin profiles? [Was: Training Journalists in Istanbul]
In my experience with general users the Pidgin IRC popup is rather confusing - zero percent of them had ever heard of IRC - yet it is a valuable direct channel to you dev types, once they understand it. Would there be any way to provide some informative context on first run? Though clearly without persistence it would be first run every run, which could be annoying. If you disable it, virtually no elementary users will ever enable it. On Fri, Feb 22, 2013 at 7:03 PM, intrigeri intrig...@boum.org wrote: Hi, Runa A. Sandvik wrote (04 Feb 2013 15:12:51 GMT) : - A few users seemed confused when Pidgin automatically connected to IRC. Interesting. Any idea if these confused users had any previous experience with IM (like: knowing that the first thing you generally have to do is setup an account), and maybe with IRC in particular? I wonder if it would be better to have that disabled by default, and instead take users through the process of setting up their own accounts. I'm personally a bit torn on that one. On the one hand, I think it should be kept as straightforward as possible to boot Tails, start Pidgin, and go get some support on IRC, so I'm wary of any additional required steps. On the other hand, I understand there's some potential for confusion, and I find it tempting to disable the auto-generated profiles by default and document how to enable them or create one's own account. Any other opinions? FWIW, here's our ticket about improving Pidgin doc: https://tails.boum.org/todo/better_pidgin_and_otr_documentation/ Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev -- Chris Doten Program Manager, Information Communication Technology National Democratic Institute for International Affairs (NDI) cdo...@ndi.org | +1 202-728-5684 | Skype/Twitter: cdoten | http://demworks. org ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Tails Mac support [Was: Training Journalists in Istanbul]
On Fri, Feb 22, 2013 at 6:58 PM, intrigeri intrig...@boum.org wrote: The remaining part of the problem will be solved by adding UEFI support [3] to Tails. We're currently making plans with Debian Live upstream so that this support is added there, and benefits all Debian Live systems. [3] https://tails.boum.org/todo/UEFI/ Don't you already regret basing Tails off a binary distro like Debian? I mean, updating TODO lists once in a while and making “plans” sounds fun and all, but not only are you completely dependent on an upstream distro's features implementation cycle — you are missing the opportunity to learn new things while implementing those features yourself. I mean, Liberté was the first Linux distro to ship with a UEFI Secure Boot-based trusted boot chain — do you think you will ever be able to say something of the sort about Tails? Open Source development is supposed to be exciting, not this… bureaucracy. -- Maxim Kammerer Liberté Linux: http://dee.su/liberte ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Shutdown button in camouflage mode
Hi, On Sat, 16 Feb 2013 18:55:47 + Alan a...@boum.org wrote: If someone tests and ACK's this, I'm happy to take it for 0.17. Else, it will have to wait for the next (point-)release. Thanks. I applied the patch to a running experimental and it works. I volonteer to test it on top of 0.17rc1 once I got it. Tested on a build of 0.17-rc1+bugfix/shutdown_with_camouflage. It works fine for me. Thus, please review and merge bugfix/shutdown_with_camouflage. There is no ticket. Cheers ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev
Re: [Tails-dev] Shutdown button in camouflage mode
Alan wrote (22 Feb 2013 21:18:08 GMT) : Tested on a build of 0.17-rc1+bugfix/shutdown_with_camouflage. It works fine for me. Merged, thanks! ___ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev