Re: [Trisquel-users] Spotify - or the like - in privacy
> It doesn't seem to be possible to use spotify etc in complete privacy. Hell no. (See attachment) > What could be the *most* private way to use spotify (or a similar service)? If you want something similar to Spotify without the freedom and privacy issues, maybe Nuclear would work for you. https://github.com/nukeop/nuclear
Re: [Trisquel-users] Spotify - or the like - in privacy
A radio receiver and a free-to-air radio channel?
[Trisquel-users] Spotify - or the like - in privacy
In a family with children in all sizes there is a huge demand for something like spotify - with the latest and most popular music. It doesn't seem to be possible to use spotify etc in complete privacy. What could be the *most* private way to use spotify (or a similar service)?
Re: [Trisquel-users] Trisquel 8 does not boot after updating and upgrading
If you install linux-image-5.4.2-gnu for example you will forever be stuck on 5.4.2 so that's not what you want to do. The idea is you don't install the linux-image packages directly but one of the metapackages, which then pull in the linux-image packages as a dependency. Those metapackages are the ones that enable you to get updates to newer versions according to whatever sort of upgrade rules you want. They are described in detail in the table on https://jxself.org/linux-libre/ along with the upgrade rules that go along with them. Find a rule (aka "use case") you like, and install the package shown.
[Trisquel-users] Re : Verifying install files (Zotero)
In that scenario, the attacker would modify the hashes as well, dstillman's point. Publishing the hashes would however allow somebody to get the binary in another way (for instance from a friend with a pendrive) and still be able to check if it was tampered.
Re: [Trisquel-users] Verifying install files (Zotero)
He's not right in terms of his company hosting the download infrastructure being any kind of assurance of security. Not too many years ago an extremely popular Windows utility called CCleaner had its download servers hacked, and it was serving up pure malware as "CCleaner updates" to some of the largest corporations in the world.
[Trisquel-users] Verifying install files (Zotero)
I wish to install Zotero (a powerful reference manager which is frees software). Unfortunately Zotero is not in Trisquel's repository (I wonder why not?). Hence one has to download the install file from the zotero.org. They don't provide checksums or other means for verification. On the Zotero forum, dstillman, who is an administrator at the zotero site, wrote: Checksums are useful if you're downloading software via HTTP or from an untrusted mirror. If you're downloading from a trusted site via HTTPS, there's not really much benefit — if someone could modify the binaries (or, in the case of a PKI failure, serve you a different binary), there's a good chance they could modify the hashes too. While those would be in separate locations with separate access permissions, you basically have to trust us to protect our own infrastructure either way, since anything we could set up to post hashes to the website at build time we can do ourselves to monitor changes without people needing to verify hashes manually. Needless to say, we keep access to the deployment pipeline extremely locked down and monitor all changes. And the same goes for updates, which Zotero downloads via HTTPS from zotero.org subdomains. (On macOS and Windows the executables are also signed, but Linux doesn't support that, and in any case it doesn't provide much additional security as long as you know you're getting the file from zotero.org.) If dstillman is right, does it mean that checksum'ing files has no meaning? And is he right?
Re: [Trisquel-users] Trisquel 8 does not boot after updating and upgrading
OK, apt update appears to be working now, but apt upgrade is not offering any upgrades. uname -r still outputs: 5.3.12-gnu I tried entering: sudo apt install linux-image-5. ... and then double-tabbing to see what kernel versions are available to install. The only 5.4 options were: 5.4.2-gnu 5.4.2-gnue.nonpae Shall I apt install one of these? Or is there another step I need to take to put the repo back in charge of pushing me the latest LTS kernel? I appreciate your help with this. Just FYI though, this: wget -O - https://jxself.org/gpg.asc | sudo apt-key add - Produced some odd display in my terminal. It did some business then seemed to have hung. It turned out it was waiting for my password, but the order the output came in made that unclear, I only realized because I happened to hit the space bar and that produced another password prompt. It might have been better to give this suggestion as two separate commands: wget -O - https://jxself.org/gpg.asc sudo apt-key add - ... or put a sudo at the start so the password prompt came up before any further output :)
Re: [Trisquel-users] Jami version in the Trisquel 8 repos is still called Ring
Ignore this, it seems like it was either a race conditions bug or, most likely, user error (although I still can't figure out what I did wrong the first time). I now have the repo added and apt update is loading from it, but I can't actually install Jami due to dependency problems. See the discussion at: https://git.jami.net/savoirfairelinux/jami-packaging/issues/39
Re: [Trisquel-users] trisquel 9 roadmap
I've never used GNOME, only LXDE on lubuntu and now xfce on trisquel mini. As I said - old computers..
Re: [Trisquel-users] Jami version in the Trisquel 8 repos is still called Ring
I just tried to follow the manual instructions using 64-bit Trisquel 8.0. Everything seemed to be working until I got to: > sudo sh -c "echo 'deb [signed-by=/usr/share/keyrings/jami-archive-keyring.gpg] https://dl.jami.net/nightly/ubuntu_16.04/ ring main' > /etc/apt/sources.list.d/jami.list" It didn't seem to do anything and I was left sitting on a ">" prompt. I checked my sources list and nothing seems to have been added. There may be something I don't understand here, but "sh" doesn't seem to be a program on my system, and I can't find anything called that in the Trisquel repos. Is there something missing in this command? If this is a user error on my part, please help! If you can see something that needs to be fixed, please share that info here: https://git.jami.net/savoirfairelinux/jami-packaging/issues/39 BTW that command was cut'n'pasted verbatim from : https://jami.net/download-jami-linux/#manual-install
Re: [Trisquel-users] Jami version in the Trisquel 8 repos is still called Ring
Trisquel is now officially supported by Jami! https://jami.net/download-jami-linux/
