Re: Planning to create a new distro of Ubuntu
On Tue, Nov 5, 2013 at 1:50 AM, Benjamin Kerensa bkere...@ubuntu.com wrote: It is unclear why Linux Mint disables all of their security updates although to some degree they have tried to justify their disabling of kernel updates by suggesting that such updates could make a system unstable and that normal users shouldn't get these kinds of updates. Sounds like bad maintainers justifying being bad if you ask me. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Planning to create a new distro of Ubuntu
On Tue, Nov 5, 2013 at 2:40 AM, Robie Basak robie.ba...@ubuntu.com wrote: It's fine to call out their security policy. That appears to be based on fact. But I don't think it's reasonable to speculate by attacking them, especially in their absence and without having an understanding of their rationale. In no way did I personally attack anybody, I stated an opinion and an opinion that will be iterated by anybody who cares about security. And in no way could that ever be considered speculation because it is not theoretical that the policy is bad, it is well known that any policy that leaves a user in a state of bad security is bad. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Let good developers like Mozilla to maintenance their packages
On Fri, Sep 20, 2013 at 1:06 PM, Felix Miata mrma...@earthlink.net wrote: Ubuntu was born less than 9 years ago. Of the most popular current distros, it's among the youngest. The more mature Mozilla developers picked their Linux distros before Ubuntu did more than a little maturing, 10-15 years ago, so these more experienced developers are mostly RedHat-Fedora (heavily Gnome/GTK), SuSE-openSUSE (more evenly KDE as Gnome), Mandrake-Mandriva-Mageia (more strongly KDE than Gnome), Debian, Slackware and maybe a few other more mature distro users. Most devs don't switch distros willy nilly. Those Mozilla devs using *buntu are mostly younger and less experienced, and more likely volunteers than subsidized or salaried to work on Mozilla. I can' tell if you are serious or trolling right now. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: [nvidia-graphics-drivers] frustration with slow Nvidia drivers release schedule
On Fri, Sep 6, 2013 at 11:51 AM, Paulo Roberto de Oliveira Castro p.oliveira.cas...@gmail.com wrote: 2013/9/2 Jordon Bedwell jor...@envygeeks.com my suggestion is your realize the real facts that all operating systems provide outdated drivers and it's your job to update them if you want the latest drivers and to expect the distro to be able to keep up like that is silly to say the least. That's a lie. On many other linux distro the drivers are in sync to upstream (or very close to it). Sure it is if you consider RPMFusion official (and I don't even remember properly if they carry it.) I'll let you have that so I don't have to explain known facts like the ones that are kind of stated here: https://fedoraproject.org/wiki/Forbidden_items?rd=ForbiddenItems#NVIDIA_Proprietary_Graphics_Drivers -- https://en.opensuse.org/SDB:NVIDIA_drivers I'm no Fedora or OpenSuse user so I'll take those as facts that pretty much imply that it would be impossible for them to be in sync or close to in sync which leaves Arch and all the others that I'm not willing to verify. Did you pull this magic metric only from Arch and then claim somebody else lied? I only assume to ask that question because you did briefly mention Arch. It's silly to think that a distro cannot keep up like that, many already do, and they work pretty well. Almost as silly as you thinking it's Ubuntu's job to be your hardware vendor and give you the latest drivers? -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: [nvidia-graphics-drivers] frustration with slow Nvidia drivers release schedule
On Fri, Sep 6, 2013 at 1:50 PM, Paulo Roberto de Oliveira Castro p.oliveira.cas...@gmail.com wrote: Yes, that is what I was trying to say. They want it work and to be as fast as it can be, without worrying about it. I'm out of this one, the straw man just came out. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Proposal to change default search engine
On Mon, Jun 24, 2013 at 12:55 PM, Alexander Hanff a.ha...@think-privacy.com wrote: After launching NoDPI.org and successfully chasing Phorm out of the UK and EU, I took up a position at Privacy International, where I headed up their Digital Privacy portfolio for 3 years. I'll just leave this here: http://www.guardian.co.uk/uk/2013/jun/21/gchq-cables-secret-world-communications-nsa http://arstechnica.com/tech-policy/2013/06/new-leaks-british-intels-direct-from-fiber-taps-worse-than-the-us/ Startpage is based in the Netherlands and are a Dutch company, which means they are not vulnerable to US surveillance laws. Furthermore, they are certified by Europrise, the leading privacy auditing body in the EU, funded by the European Commission. I know the team personally and have visited their office on a number of occasions, they have always taken my advice to heart and implemented every change I have suggested to them. I have absolutely every confidence that they are a privacy enhancing technology and a benefit to the world I would stake my reputation on that in a heartbeat. Sure they aren't. But they are vulnerable to Dutch orders, and Article 125K of the Criminal code is mighty interesting. I also managed to find: http://www.dutchnews.nl/news/archives/2013/06/dutch_security_service_has_rec.php http://www.dutchnews.nl/news/archives/2013/06/no_prism_for_dutch_security_bo.php -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
No USN for Chromium on Ubuntu?
We just got DSA-2706-1 which upgraded Debian's Chromium to 27 but received no USN for the old version of Chromium in Ubuntu so I was wondering if there was going to be a USN and an update since normally I get USN's before DSA's. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Is this so hard to fix? Or important?
On Sun, Jun 9, 2013 at 2:18 AM, Ma Xiaojun damage3...@gmail.com wrote: On Sun, Jun 9, 2013 at 2:55 PM, Robert Park robert.p...@canonical.com wrote: I propose that we fix Eog, but leave the file with the extension .png ;-) Is it that hard to change a file name? Is it that hard for you to send a patch changing a file name? -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Is this so hard to fix? Or important?
On Sun, Jun 9, 2013 at 8:52 AM, Ma Xiaojun damage3...@gmail.com wrote: I can understand that it may be quite hard to do a reliable migration on released versions. However, cannot you take a chance to fix it in Ubuntu+1? I'm using Saucy now but I don't mind you break things temporally to fix this bug. It wouldn't matter if you minded because Saucy is in development so it would be rather ironic for you to mind things breaking. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Is this so hard to fix? Or important?
On Sun, Jun 9, 2013 at 8:55 PM, Daniel Hollocher danielholloc...@gmail.com wrote: On Sun, Jun 9, 2013 at 11:56 AM, Andrew Starr-Bochicchio a.star...@gmail.com wrote: On Sun, Jun 9, 2013 at 10:25 AM, Rodney Dawes rodney.da...@canonical.com wrote: Furthermore, as already stated, this is a bug in eog (or perhaps gdk-pixbuf), if it can't open an image file where the extension doesn't match the content. https://bugs.launchpad.net/ubuntu/+source/eog/+bug/172416 https://bugzilla.gnome.org/show_bug.cgi?id=490067 Hey, I looked into this and found those bug reports as well. FWIW, the last piece of the puzzle is that eog is abandoned: http://en.wikipedia.org/wiki/Eye_of_GNOME Abandoned is a relative term. It just had a release a few months ago so I wouldn't consider it abandoned and planned replacement doesn't mean the death of it, it could be months, maybe even years before it's replacement is finished and approved but even then somebody should track the bug and make sure the case still isn't the same. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Source packages appropriate by default?
On Wed, May 22, 2013 at 1:54 PM, Dale Amon a...@vnl.com wrote: On Wed, May 22, 2013 at 01:56:08PM +0200, Benjamin Drung wrote: Commenting/Uncommenting deb-src lines in /etc/apt/sources.list seems much simpler/easier. I can deal with that... I always have changes to make to sources.list anyway, so uncommenting a few more items is not an issue. To add to this commenting issue. This morning I reinstalled 13.04 and decided to see if there was really a difference when disabling the sources, talk about a massive speed up of an apt update. To me the reduction of time spent doing an apt update was so big I built a bash function to enable and disable them as I need them. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Adobe Flash Broken For Obvious Case?
On Tue, May 21, 2013 at 4:10 AM, Ma Xiaojun damage3...@gmail.com wrote: Hi, ( I know this can be made into a bug report. ) On 13.04 64bit with Adobe Flash installed. Go to youtube.com, play any video, right-click and select Settings... Then a dialog pops up, but it doesn't respond to user click at all; the only way to close it is refresh the page... I know Adobe may be the one to blame. But can we workaround in our side? There is no may be to blame... they are to blame since it's their software. Workarounds create messes that people have to clean up later so I would vote no and I wouldn't expect a fix from Adobe either considering Flash on Linux is dead again unless you have Chrome. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Source packages appropriate by default?
On Mon, May 20, 2013 at 11:19 AM, Scott Kitterman ubu...@kitterman.com wrote: Apt will error out that it can't find the package. I think that if we are distributing binaries, we should (perhaps must, I'm not sure) enable the source repositories in order to , as a free software distribution, provide the source that goes with the binaries we distribute. Required to make them available, but that doesn't mean they have to be enabled inside of apt and all the source packages are readily available via packages.ubuntu.com which means you are already complying with the GPL by making them readily available. Even with that said I'm inclined to disagree with disabling them, 4MB is trivial now days. I'm more surprised that people are more upset about 4MB than the 5% that is still claimed by the system for the system which adds up to a lot more than 4MB on some systems which on a even a small 32GB SSD is what, 1.5GB? -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Final Freeze for Ubuntu 13.04 (Raring) now in effect
On Thu, Apr 18, 2013 at 7:20 PM, Gunnar Hjalmarsson gunna...@ubuntu.comwrote: On 2013-04-18 23:00, Adam Conrad wrote: 1) Installer/release-critical bugs that absolutely MUST get fixed lest we risk shipping a broken image that turns computers pink What's wrong with pink? Bad troll is bad. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Unity-2d packages in Raring
On Mon, Apr 1, 2013 at 4:08 PM, Colin Law clan...@googlemail.com wrote: Just out of interest does anyone know why, on Raring, I keep getting updates for unity-2d packages when unity-2d is, I thought, dead and buried? Seems odd unless you are less than 12.10 but there could always be a deprecation period. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Puppet version bump
On Tue, Feb 5, 2013 at 3:00 PM, John Moser john.r.mo...@gmail.com wrote: On a related note, Puppet 3.1 came out ... yesterday. So next debate: 3.0.2 or 3.1 into Debian experimental? (I've been trying to get it brought in) If it were me, I would rather fight to upgrade once, not twice. 3.1 did not include https://projects.puppetlabs.com/issues/16856 or I would be lobbying heavily for 3.1 into Experimental and then directly into Ubuntu. As is, there are good arguments for sticking to 3.0.2 in this scenario (notably: stuff was deprecated in 3.0; it is GONE in 3.1, and now Ubuntu/Debian have to make a jump since next Stable will be 2.7 for Debian and the last was 2.7 for Ubuntu. The 2.7 - 3.1 jump is nasty). Exactly my point, I would rather fight once to upgrade then fight once to upgrade then have to fight again to figure out what hell broke in the next upgrade though most of the time it can be somewhat straight forward if treading carefully. I'd rather it all fall down at once during a test-run and it be fixed than me have to do those runs twice in the same year. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Puppet version bump
On Tue, Feb 5, 2013 at 4:16 PM, Alec Warner anta...@google.com wrote: Last time I checked, it took a human to actually dist-upgrade (to go from 2.7 to 3.0...) What you expect and what everybody and their mother does are two different things. Are people really doing that and not expecting things to go horribly wrong? :) You wouldn't believe how many people I've seen do it and expect nothing to go wrong just because they hear Ubuntu is easy, just because they hear that Ubuntu has tools to help you upgrade, just because they hear this and that they expect the case to be perfect upgrade. I'm not talking about people I directly work with, I'm talking about clients. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Puppet version bump
On Sat, Jan 26, 2013 at 1:19 PM, John Moser john.r.mo...@gmail.com wrote: I'm noticing that 2.7 is still the version of Puppet in Raring; however, version 3.0 was released October 1, 2012, before release of 12.04: https://groups.google.com/forum/#!topic/puppet-users/lqmTBX9XDtw/discussion Does this package currently not have a maintainer, or is it just slow 12.04 was released on 26/4/12 not in October. 12.10 was released in October and Puppets release was after the feature freeze. You will need to wait until 13.04. It has nothing to do with being slow, it has to do with them either releasing before the feature freeze or having to wait until the next release cycle. Typically a feature freeze happens 1-2 months before release... so if puppet releases 3.0 in October there is no reason for it to make it into 12.10 (in that case) because there were probably no super important security updates that mandated an extreme exception. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu and derivatives (Re: Ubuntu.com Download Page)
On Fri, Jan 25, 2013 at 5:13 PM, Allison Randal alli...@ubuntu.com wrote: On 01/25/2013 02:38 PM, Scott Kitterman wrote: Each flavor has a dedicated landing page: kubuntu.org, edubuntu.org, xubuntu.org, ubuntustudio.org, mythbuntu.org, lubuntu.net. The one for *U*buntu (with *U* for Unity is ubuntu.com. By that flawed and short-sighted logic how do you explain Ubuntu with a G for GNOME up until a couple of years ago? -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu and derivatives (Re: Ubuntu.com Download Page)
On Fri, Jan 25, 2013 at 5:24 PM, Allison Randal alli...@ubuntu.com wrote: That was meant to be *U* for Unity ;), but the winky got lost when I had to manually retrieve/resend the message. (Mailman isn't as smart as Launchpad about figuring out messages sent from one of many different aliases.) Fair enough... now it makes more sense! Also yeah I have that problem sometimes too where I accidentally send from my GMail and Ubuntu is like nope, not today bud. The fact is, Ubuntu is the name of two distinct things: a project encompassing many flavors, and one of those flavors. Recognizing which one you're talking about at any given moment helps immensely. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Improving Access to Themes etc.
On Fri, Jan 18, 2013 at 4:02 PM, Vesa Paatero vpaat...@lavabit.com wrote: By using the normal settings programs to configure the desktop, I could only see four themes to select from, two of which were high-contrast themes and the other two being Ubuntu themes with orange activation colors. So, the choices we narrow, there were not really any different styles to select from. Do you make the same complaints to Apple and Microsoft? As I couldn't find a better solution then, I went to tamper with the color settings of GTK and, after some late evenings' work, managed to eradicate the oranges and bring about a satisfying look feel. It seems that crux of the matter is not so much a lack of themes because there are some themes available in the repositories (using e.g. Synaptic) and a lot more on some GTK or Gnome-related web pages. It is more about how to make the themes accessible to Ubuntu users, especially new users some of which might just go away if they can't change the default color scheme reasonably soon. What I suggest is adding some theme packs to Ubuntu Software Centre. It already has a category called something like Themes and Customizations, but it seems not to contain any packages with desktop themes. Another possibility would be to add some sort of Welcome to Ubuntu window when you first boot Ubuntu, giving helpful links to some basic things such as setting your default browser, finding the applications you want and changing your desktop theme. There are already tons of themes in the repository here is a quick grep: murrine-themes gtk-clearlooks-gperfection2-theme gtk-smooth-themes Not to mention http://browse.deviantart.com/?q=unity+themes It's simple to install a theme on Linux, open up your home folder, create a .theme folder and start adding themes and then select them from the theme selector. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Problem with Quantal and a KVM
On Thu, Jan 3, 2013 at 5:05 AM, Sander Smeenk ssme...@freshdot.net wrote: Quoting Jordon Bedwell (jor...@envygeeks.com): I agree, just did not want to say it. I get the feeling there are a lot of people working on Linux these days who have never set foot into a data centre. Your statement is full of fail and horseshit. Not to start a war at this beautiful start of 2013, but your reply isn't really constructive either, Jordon. And bringing that up makes you a better person. Do you see any added value to a 'splash screen' hiding *everything* that is happening on *SERVER* installs? Disable it? It takes but one obvious edit inside of /etc/default/grub. Pro tip: - quiet splash + nosplash Pro tip: update-grub And framebuffered consoles. I can see *some* value of having larger terminals than the default 80x24. But the way it is now, it does not work on every system. Launchpad is full of bugs against the kernel because the display is blank on a device until X kicks in... And this is more constructive than my comments? Jump in and help fix them bugs. Complaining is not any more constructive than what I did, helping is constructive. Unfortunately I don't have any of these problems on my KVM's or my servers that run Ubuntu or Debian, so I cannot help in this area but YOU CAN. On my laptop running Precise, this too is the case. Are we on about servers or laptops? Pick one. It's nice for my mom. She also runs Ubuntu *DESKTOP* and is now no longer scared by all the text scrolling over the screen when she boots her computer. For experienced Linux admins it is a right PAIN in the ASS to not be able to see what's going on. You would think for a sysadmin who manages Linux and even the specific distro Ubuntu you would know that you can tap esc anytime and see the text while plymouth is up you would also think you would know about the pro tip above. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Promote puppet to main?
On Tue, Dec 25, 2012 at 12:52 PM, Luis Mondesi lem...@gmail.com wrote: If somebody out there is starting something from scratch, use Chef/Puppet. If you are stuck with something old but useful, then try to start a new project with a modern system in parallel (use the old system to deploy the client of the new. etc...) I don't know, here lately I've been swaying towards dvcs w/ Juju and Charms but I can't say I wouldn't use Puppet or Chef (actually I can say I probably wouldn't use Chef -- depending on if it was really my choice -- sometimes clients want what they know and as long as it isn't a security hazard I'll probably not fight it, unless it's detrimental to them.) Cfengine dropped the ball with the migration to cfengine3. I hope the same doesn't happen to Chef. Puppet dropped the ball with the quasi-Ruby syntax at first and then changing to full ruby later like Chef did from the beginning. (for the record I still don't prefer puppet over chef or any other system. I'm still managing a large cfengine2 precisely because it works!) -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Possible inclusion of zram-config on default install
-1. I am not on a netbook and even my laptop have 12gb of Ram. It would be nice if Ubuntu did detect your ram and decide but not force it on people like me who aren't memory constrained. On Fri, Dec 7, 2012 at 4:32 PM, Fabio Pedretti fabio@libero.it wrote: It would be nice if Ubuntu could include zram-config by default. This package set up compressed RAM swap space and can lower RAM requirements for running and installing Ubuntu. It should be a win for every configuration. Since kernel 3.8 the zram module is out of staging, I am using it since precise with no problem. The bug request is here: https://bugs.launchpad.net/ubuntu/+source/zram-config/+bug/381059 -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: chromium memory conumption on x86_64
On Wed, Nov 28, 2012 at 4:13 PM, Enrico Weigelt enrico.weig...@vnc.biz wrote: Honestly, I dont know anymore, as it's now several month ago (I guess it was somewhere in spring / early summer). But: I've noticed that problem almost immediately after switching to Ubuntu, and I've got the feeling that it gets slightly worse over time. I think the former invalidates the latter and makes all arguments moot. Even more so now that it seems that you have not tested on the latest releases in any of the repos to confirm if this is still the case and now that you have come out with that you can't remember but don't seem to be trying to just gather information on the latest release. Correct me if I'm wrong but to me your statement implies exactly as I stated. It would be more beneficial to your cause to document the behavior and report it at that time with information /or/ try to replicate it on the latest versions available via the distro... or even not-available via the distro to see if it happens with your own compile though that might not matter much in the case of a browser. I'm not saying Chrome is Firefox, or Firefox is Chrome, but it's cases like these that always made it hard for Firefox to fix memory issues, everybody claimed to have a memory problem, but only a few actually gave information over just complaining and never documenting it or claiming it was a while ago and not worth it to keep testing on latest versions. Saying Ubuntu uses more memory than /insert distro here/ is irrelevant, give us examples and data, or it's just FUD from a fanboy and I'm not trying to be mean here, but without data it seems exactly as so, most just won't say it. I've no problem being straight up. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu for Android
On Mon, Nov 19, 2012 at 6:56 PM, Chris Mosetick cmoset...@gmail.com wrote: Hi James, I too would like to know where to get a Ubuntu for Android phone. Good find on the new video. At the moment, hardware wise it still seems like vapor. Let me know if you find out any details. FWIW, I'm in the U.S., but I'm all about international shipping if I need to go that route. James, join me in #ubuntu-android on Freenode if you would like to exchange more thoughts sometime. https://wiki.ubuntu.com/Nexus7/Installation http://www.engadget.com/2012/10/27/ubuntu-nexus-7-installer/ -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: EFF Privacy; hopefully Ubuntu will listen to users
On Mon, Nov 5, 2012 at 8:55 AM, Robie Basak robie.ba...@canonical.com wrote: Forks happen when people disagree. Is there really any disagreement here? Have any privacy-related patches actually been rejected, or is it just that nobody has written them? Patches being rejected are a bit narrow, when the Canonical lead implies (at least to me and a few others) he does not care about privacy in the default install and has not answered the many numerous complaints with nothing more than We are not violating the law and even going as far as ignoring the NTP issue... he speaks louder than rejecting patches on a tracker. This is from my perspective though and I have not really followed all too closely since I am the type of person to remove what I don't want and block stuff like Canonical's NTP and other tracking via our hardware firewalls instead of complaining about stuff that I myself can fix. But to me and a few others it's come to the point where it's becoming a side job and eventually a lot of users will just take out. We've just had the Ubuntu Developer Summit during which the next release was planned, and everyone was welcome (both in person and online). I must have missed the session on privacy, or did nobody propose one? I don't think there was one, I think this is a case of the few speaking and protecting the many and the few not having the same power as the many because some people won't do anything until the many step up and embarrass the top brass. What I am saying is, at this point I am to believe that Canonical and Ubuntu do not care one bit about this privacy cock up and they don't care that the few notice and are trying to help the many. They are probably gonna hold off until the many step up and embarrass Canonical. I think what Canonical and Ubuntu are doing is alienating old Linux users who are used to telling their computers what to do, not having their computer tell them what they are going to do and then them having to step up and almost be like no, fu** that noise, you will do what I want, not what you want. (and again, this is from my perspective, do feel free to correct me with pure fact if this is not the case) -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: EFF Privacy; hopefully Ubuntu will listen to users
On Mon, Nov 5, 2012 at 11:14 AM, Jeremy Bicha jer...@bicha.net wrote: One example is http://pad.lv/1065652 which while obviously a user interface change, happened after Final Freeze without the typical paperwork; presumably because it was *that* critical to mitigate the privacy concerns. I think you are starting intermingle and confuse the difference between addressing privacy concerns and avoiding a lawsuit by adding in legal notices, the latter has nothing to do with the former and the latter only addresses the concerns of Canonical and Ubuntu. Even if you try to argue it addresses anything, it's not. Realize the truth. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Update manager mandating rebooting
On Wed, Oct 31, 2012 at 12:00 PM, Daniel J Blueman dan...@quora.org wrote: I was thinking along the lines of we have something in the indicator area to avoid forgetting to reboot. Point is, it's almost certainly not a convenient time to reboot after you just opened up to get something actually done and update manager scans in the background and find updates. There is already something in the indicator that indicates a restart is needed, your gear icon will turn red and warn you that you need to restart, it does that for me even though I refuse to use update manager (I'm old, and always in the terminal, I like my apt cookies daily.) When you click the gear icon it also says a restart or reboot is needed. Of course, Debian derivatives relaunch background services. A desktop notification should be present to notify the user that a logout _or_ reboot is needed. There's just no need to reboot unless upstart is vulnerable (and then it doesn't publish services on the network). That's a subjective point of view, if libssl is vulnerable or the kernel is vulnerable you need to restart too, not because you can't restart services or use a rolling Kernel (read KSplice) but because there are multiple ways to look at it, from my perspective a login and logout is just as fast as a reboot (because reboot requires less steps for me since again I'm already in my terminal and my laptop boots at blazing speeds.) I would much rather reboot than trust a system that assumes it knows every possible service that could be using a vulnerable lib reliably and reboot them. It's easier that way. Easy is good but easy shouldn't be annoying like what you describe happens with update manager when you update . -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Default group
On Thu, Oct 18, 2012 at 4:31 AM, Nicolas Michel be.nicolas.mic...@gmail.com wrote: To be honnest I never gave a try to Ubuntu One, probably for bad conservative reasons. I will try it. But I still feel that even if you're right that pushing things into the cloud make things simpler, there are still some flaws : Most of these flaws are always subjective, except when it comes to security, since UbuntuOne still does not have encryption (from last I heard) it's not a viable solution for people who need to backup secure documents, and it comes at a cost too since AmazonS3 now supports built-in encryption without the need of a 3rd party source. It comes at even more of a cost when people realize that s3fs is not hard to use at all. I don't know why Canonical or Ubuntu or whoever owns it does not see these problems but whatever, I'm not their CTO. - what if we don't have access to internet and only want to share on the Then you share the folder via LAN while still allowing UbuntuOne to Sync. Ubuntu does not prevent you from accessing the folder at all, or doing what you want with it, except renaming it, you do have to play a little bit of filesystem trickery to rename it as a normal user. - what with DLNA ? Are users needs to be technical guys to be able to use. What has DLNA got to do with normal file storage? It's not content hosting. Unless they started with it recently and went CDN which would be pretty amazing considering they have no support for things like the WD Live, Sony/Samsung/LG Blueray or others but a quick Google search suggests they are not a content provider. - of course I think about the speed. To come-back on my earlier exemple in a gaming LAN : what if I want to share some Gigs of data to others in the same LAN? It can't be done through Ubuntu One I guess? Although technical solutions exists to do it (and really the most simple seems to me webdav - a pretty good solution I think but until now it's usage never really took-off). Speed is more or less on your end, if Canonical is smart they will geo-host via AWS (that is unless they build their own infrastructure then you would hope they still zone.) If they are on AWS they have access to a pipes bigger by 10x if not more than anything you could get for less than 10-50K (1-50K realistically depending on the type of servers they get) a month unless you are in KC (or North California) and manage to convince Google to make your area a Fibrehood. Nobody is stopping you from sharing gigs of data though. If you are suggesting using it for storing games and what-have-you so called live-data then that's on you because no storage service like Ubuntu one is designed for that sort of thing, that requires an entirely different stack design, one that thinks about what happens between point a and point b and not one that only wants you to make it to point b. People often assume that servers are the same, they are not. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Default group
On Wed, Oct 17, 2012 at 8:59 AM, John Moser john.r.mo...@gmail.com wrote: I suggest all users should go into group 'users' as the default group, with $HOME default to 700 and in the group 'users'. A umask of 027 or the traditional 022 is still viable: the files in $HOME are not visible because you cannot list the contents of $HOME (not readable) or change into it to access the files within (not executable). A user can grant permissions to other users to access his files simply by making the directory readable by them--by 'users' or others (thus everyone) or by fine-grained POSIX ACLs selecting for individual users and groups. The problem with this is how are you going to fix permissions on bad software like Ruby Gems who do not reset permissions when packaging and uploading to the public repository (because they claim this would violate security even though it comes from a public repo like the Debian repo and having public read and execute on a public gem from a public place is bad.) This has a huge impact as a default permission for not just examples like Ruby gems but other software do not reset when packaging, making it more cumbersome to package software and making it so now work around's are the rule and not the exception. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: DNS caching disabled for 12.10...still
On Sun, Oct 7, 2012 at 10:47 PM, Daniel J Blueman dan...@quora.org wrote: Can you elaborate the specific reasons/mechanisms why without per-user caching, dnsmasq is still a security weakness? At least these views should be shared upstream so we can work on resolving the issues. It's a subjective security issue IMO. Pretty flawed in some cases, in others it sounds like the guy who only pokes the bear while it's in the cage and if the cage is nowhere to be found then it's game over, won't even go near it. What I am saying is for the average user it's a case of why are you letting them on your PC at all if you do not have a single ounce of trust and absolutely need per-user caching because you fear they will attempt to poison you. For other environments it's another situation but those environments are the rule apparently and not the exception... even though they are the minority IMO. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: chromium no longer maintained
On Tue, Sep 4, 2012 at 12:58 AM, Benjamin Kerensa bkere...@ubuntu.com wrote: Daniel is talking about chromium-browser not Google Chrome which is closed source and he is correct chromium-browser is outdated since the maintainer of the package has moved on to other projects. Please don't spread lies. The bulk (most of) of Google Chrome is open source, it's called, wait for it...Chromiumn. The way you talk you seem to think that Chrome started as a fork of Chromium that was closed off when Chromium was a fork of Chrome that went open source, which means that the truth is, the bulk (most of) of Chrome is open source and you are spreading lies. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: chromium no longer maintained
On Tue, Sep 4, 2012 at 2:35 AM, Nicolas Michel be.nicolas.mic...@gmail.com wrote: You have wrong. Chromium is and ever was the core of the web browser from Google. And it is open source (there was no before, no after, no fork - it is the core). Google Chrome is that core, plus a certain amout of code which is not open-source and so, you don't have access to the source code of Google Chrome itself (which is a packages chromium + other codes). While I don't completely understand what you are saying I will attempt to refute it. Please do research before stating somebody is wrong: In September 2008, Google released a large portion of Chrome's source code as an open source project called Chromium [2], which Chrome releases are still based on. [1] [1] http://en.wikipedia.org/wiki/Google_Chrome [2] http://arstechnica.com/information-technology/2008/09/google-unveils-chrome-source-code-and-linux-port/ While today Chrome may be be based off of Chromium, originally Chromium was based off of Chrome. Chrome is the original, Chromium is the fork. I am correct as I stated exactly that. So I repeat again, stop spreading lies and use fact and truth please. Thanks and have a great day sir. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Network Manager dependencies
On Wed, Aug 22, 2012 at 7:27 PM, Dale Amon a...@vnl.com wrote: I usually de-install it on servers. A server has the interfaces and static IP addresses I tell it has and it should never, ever even consider overriding those settings. NM is okay (usually) for portable luser devices, but not for the rack. I think I would be a little bit upset if Ubuntu started defaulting to NM on servers. It brings nothing better or new to the table and as everybody already mentioned it's focus is primarily mobile users. I have it on my laptop, wouldn't live without it, but on my desktop I remove it and use ifupdown because removing NM allows me to remove dependencies I'll never need or use and ones that I wouldn't file a ticket over because so many other users need it. I guess this whole NM issue might fall under the tasksel issue, I prefer not to use it but a friend of mine does...you prefer NM I prefer to stay away from it, preference perhaps? But with preference comes the problem that NM relies on wpasupplicant and a couple of other wireless tools that we would absolutely never need on a server, unless we are crazy or there is some one-off sysadmin who has some crazy ideas. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Why are there dependencies that aren't actually dependencies on some packages?
Since when does Brasero or other packages need/require liblaunchpad-integration-common to work properly, or they will suddenly fall to the ground and never work again. I've noticed quite a few packages that require launchpad integration when they don't actually need or require it, it's fine to have launchpad integration, it is not fine to label it as a dependency (in my eyes) when it is not, a recommend sure, a dependency, seriously? Should the term spam be retooled to also include packages and their dependencies now? -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Are UI developers all left handed?
On 08/09/2012 10:08 AM, Conscious User wrote: (2) when the hands return from the keyboard to the mouse, they frequently do it to access GUI elements that are usually on the left in most DEs. This could be wishful thinking, the address bar extends across the screen so you are assuming they always hit the left. The search bar is on the right, not the left and in Chrome it's the address bar. The close button on Windows (the biggest OS) are on the right, not the left. The only time they hit the bottom left or the upper left is when they don't know a key command (which is rare since the vast majority know the majors like F5, back and forward and the majors in most any text editor) or when they need to open up an app, but as you already implied they repeat the same tasks over and over again so that is still a rare occurance. It could be just a conincidence but perhaps they chose a left biased design because the human eye is naturally biased towards the left, whether you read ltr or rtl, it's built into humans and it's also built into dogs. A lot of people don't notice but people tend to look left before right... actually some people if they pay attention might find that it's easier to move your eye to the left than the right, no matter who they are, because again, it's built in. Yeah ergnomically it does not fit, but visually it does. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Are UI developers all left handed?
On 08/08/2012 10:25 AM, Phillip Susi wrote: GNOME SHELL. The thing you have to hit to do anything is in the top left corner. Want to log out? That's in the top right, fastest thing you'll be able to hit ever. Which hand you prefer to hold the mouse with has no bearing on how fast you can click anything on the screen, nor does where it is on the screen. Moving the cursor to the left or to the right is done with equal ease no matter which hand you favor. It has a lot of bearing for people. Proper usability testing would have pointed that out, and Canonicals decision not to allow the toolbar to be on the right if users wanted is completely ignorant, more ignorant then the joke of a Usability test Canonical did... more of a joke then a requirement of a Usability test requiring users to be as they put it employed full-time or to be full-time student... Or that you even bothered to ask about design when you were testing usability which should have focused on usability, not isn't this purrty. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Are UI developers all left handed?
On 08/08/2012 12:34 PM, Phillip Susi wrote: If you actually explained how it has any bearing, rather than going on a useless rant, your message might have some value to this list. Speaking of useless. And because critiscm is ranting... oh yeah that is usually the go to word for people now everything is either a rant or a troll now days. Don't expect me to throw on the training wheels old chap. Do something useful.. go move around your arm until you figure out the simplest thing about it. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Are UI developers all left handed?
On 08/08/2012 01:27 PM, Phillip Susi wrote: Constructive criticism identifies a problem, explains why it is a problem, and suggests what can be done to fix it. Complaining about what was done in the past, and how it was done, often with little basis in reality, is ranting. See the difference? I said criticism, I said nothing about constructive, you seem to be under the impression that all criticism must be constructive, this isn't grade school, I'm not here to tell you how to do your job, or to teach you how to do it. I just throw the trash out when I don't like it and move after criticising it. I've no time to sit down and do what you guys should have done right, which step one would have been a /real/ usability test. A 15 person sample group made up of unequal numbers and a somewhat biased requirement list is far from anything considered good. Actually you know, to be honest, I wouldn't even criticise Unity if some people at Canonical weren't so keen/sure on implying it being good and usable to all and being perfect and having tasteful design decisions. Or if they would have admitted the Usability test was dodgy. I would just consider it another environment I do not like and move on without a word, but the way past tickets were handled changed that. If you want to have a productive discussion, then you should focus on explaining why it is any harder for a right handed person to move the mouse to the left than to the right, rather than insult me. Who said I wanted to be productive for you guys? People far higher you have already established they don't really give a crap about what users want because it's not tasteful to them. With that said, I've adopted a criticise, throw out the trash and walk away attitude towards anything included in Ubuntu now. That is what's great about Linux, there are so many ways to make it your own and you get to be selective about where you give back to opensource. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Are UI developers all left handed?
On 08/08/2012 07:08 PM, decle...@nuxwin.com wrote: Please, You are not happy with Unity? So, I recommend you to simply move back to gnome or any other UI of your choice, and then set up your launcher where and as you want but please, stop to scare/annoy all Ubuntu developers! You do not feel very good or what? Unity is an ambitious UI and any suggestion for improvement is welcome but in constructive way ! To resume, stop to cry now. I get all your mail and I lost a lot of time because you ! ! ! This email is ironic. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: autoremoving metapackages doesn't remove dependencies... can we create hybrid-metapackages that do?
On Wed, Jun 27, 2012 at 11:44 AM, Chris McClimans ubuntu-devel-disc...@hippiehacker.org wrote: Why does autoremoving the ubuntu-virt-mgmt metapackage fail to remove any dependencies, while autoremoving the virt-manager package works as expected? Is there a difference in the way that metapackages are processed vs normal packages? Think of a meta-package as a grocery list. Think of a normal package as the ingredients. With the grocery list you can add and remove anything you want and some things aren't explicitly required and might even get removed later... but with the ingredients, everything is required and if you remove one ingredient you might as well remove the rest because it's just not going to taste right. That doesn't mean there aren't optional ingredients though, those are just recommends ;) I looked at the debian/control on the source for both of them but didn't see anything out of the ordinary. There are a few different things, the install size should be blank and debian/rules should be a bit different. If they are treated differently, I'd like to know how to create a hybrid-metapackage. When a hybrid-metapackage is autoremoved, it's dependencies should be removed with it. You can force apt (well I don't know if this is still the case though) by adjusting /etc/apt/apt.conf.d/*autoremove and removing meta-packages from the list of never auto-mark but that is pretty dangerous, if you decide to remove a required from ubuntu-desktop that isn't a requirement at all and probably just a bloat-package that is useful to some then you end up removing it all. I guess you could have the meta-package trigger on uninstall and do an extra dpkg uninstall though I don't know if that would even work, I've never actually tried sorcery like that. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: multiple reports of same bug-needs fixing
On Fri, Jun 1, 2012 at 7:28 PM, Phillip Susi ps...@ubuntu.com wrote: On 06/01/2012 03:59 PM, Sam Smith wrote: Once is fine. A second time after a week or three is too. Three times in as many days is the definition of spam. What bad dictionary do you use? Or are these just subjective semantics? -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: please fix Bug#923940 or Bug#882254
On May 31, 2012 4:59 AM, Alexandre Strube su...@surak.eti.br wrote: - please tell us how this e-mail of yours is helpful in any way at all. Please tell us how this statement is useful as well. You are no less an ass at this point, considering you thought it useful to even include this. - I don't really understand how important this bug is. Perhaps you could explain us. Does it really take a genius to know how brightness on a screen can have a huge impact on the battery? A full brightness screen vs 2 steps from lowest light could be the difference between 4 hours and 30 minutes. Even on LED backlit screens. Especially on the new AMD APUs where the screen can sometimes use as much power as the APU. And on Trinity the screen will probably use more since if I remember right they can use as little as 20 watts and average between 30 and 40 at 100%. So based on that an LED backlit LCD could use 25 watts at 15 and would use more or almost as much power as the Trinity APU on battery. Which means this bug is very important to the future of ultrabooks and mid-range notebooks. Most people just assume that notebooks can't last a while on battery so they live with it, I assume. Some people know they can get 4-6 hours out of a notebook, especially AMD APU, and even with 1080p video playing. - If would be nice if you could fix the bug yourself, and let us know. I am pretty sure you are capable of doing it. Way to try and be suttle while being an ass. The way you are treating him I would cheer if he fixed it and didn't share though. You don't care obviously so why should he care to help you be lazy? Perhaps a patch to these bugs would be more useful to actually help fixing them than calling the work of others ridiculous. He's not wrong, and this is not uncommon. Are you new here? There are hundreds (if not ten fold) of bugs that have not been addressed in years. It's not uncommon for a bug like this to get ignored but such is life on a big project. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Questions and patches related to casper.
Because Ubuntus goal is easy, yes you can be advanced but easy is priority and dd is 'hard' in a sense depending on how you look at it. I think it would be better to diagnose the grub problems and go that route making the installer error free. On May 16, 2012 10:31 PM, Akkana Peck akk...@shallowsky.com wrote: Ben Greear writes: I have been having issues trying to do a persistent-usb image for Ubuntu 12.04. I got it working once on Oneiric, but only on a multi-distro USB stick using grub, with a separate partition for casper, like this: http://shallowsky.com/blog/linux/install/ubuntu-persistent-live-cd.html I've never had any luck on either O or P in getting a single-boot USB stick to be persistent. I'm currently setting up some USB sticks to use in a classroom/workshop setting, with everybody booted from the same image. After wasting most of a day trying to make persistence work, it occurred to me to wonder why I was doing all that work: for a USB stick, why not just install Ubuntu to the stick, and have a normal install that saves whatever changes you make? No need for overlays like casper, just install to a normal filesystem on the USB stick. So I tried it. The grub install failed the first time so I had to re-run it (be careful that you're installing grub to the USB stick, not to your hard drive) but otherwise it seems to work fine so far. I've installed several extra packages on it, customized the user theme and added a few programs and icons. It seems like a much easier solution than fighting with the undocumented casper persistence stuff. Ubuntu should consider shipping a filesystem image that can be dd-ed to a USB stick, in addition to the CD ISO iamges that require special magic to be made persistent. It would make it so much easier to introduce newcomers to Ubuntu. ...Akkana -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Tor application-firewall support
On Tue, Apr 24, 2012 at 5:40 PM, Sam Smith smick...@hotmail.com wrote: Isn't Android Linux based? Just because it's loosely based on Linux does not mean it is close to the same Linux, same type of Linux or even close to the same build of Linux. Though with this latest release of the Linux kernel we are step closer to them being a bit closer to the same and with the next even closer but they will never be even close to the same Linux. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Recent OpenSSL update that breaks cloudfront and rubygems.org?
The recent update to OpenSSL in Precise has rendered cloudfront.com unusable (as well as several other hosts which people have noted throughout other various bugs -- the one I discovered was https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/986147). Can we please get a fix since this breaks downloading from RubyGems.org on Precise and could potentially break quite a few development machines. Doing -tls1 or -ssl3 or enforcing a specific cipher allows it to work but this is a big problem considering it breaks many Python and Ruby applications like bundler, net/https, rubygems, and eventmachine (unless you work around it) and libraries and applications that rely on them. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On Thu, Apr 5, 2012 at 8:18 AM, Dale Amon a...@vnl.com wrote: On Wed, Apr 04, 2012 at 07:55:09PM -0400, Sam Smith wrote: I use SpiderOak because it offers client-side encryption. It provides the security privacy I seek. I'd prefer to use Ubuntu One, but until it supports client-side AES 256-bit encryption additionally encrypts the decryption key itself (like SpiderOak does) I won't even consider it. And rightly so. With the new NSA capabilities going into place and the atmosphere around the world, you are absolutely not safe in your privacy if it is possible for anyone to acquire your keys or decrypt your files without stealing your computer and beating or threatening the password out of you. I include various State's laws seizures and court orders under the classification of 'stealing and threatening'. Encrypting the encryption key has nothing to do with security, you guys are spreading FUD and assumptions now IMO. Encrypting the key has to do with usability, it's no more secure than having a single encryption key that you have memorized and actually it's the same concept except fragmented between you and the data... they still need only attempt to break into a single file and then they have access to all the other files... They encrypt your encryption key because it's much more feasible to re-encrypt a single file then it is to re-encrypt the entire set of fragmented data. Whether on your computer or not if you have gigabytes or hundreds of gigabytes of data it could take quite a long time to re-encrypt it unless you have dedicated crypto hardware. Then you have to re-upload all that data again, wasting their bandwidth and wasting more space on their servers. This is why utilities just create a strong encryption key for themselves and encrypt that file with your key. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Ubuntu One needs cloud encryption like LastPass does it
On Thu, Apr 5, 2012 at 5:42 PM, Sam Smith smick...@hotmail.com wrote: The point is that SpiderOak (and Lastpass) never know the user's password. And never receive the encryption key. The key never leaves the user's computer. The server never gets it. The only thing that ever lands on the server is an encrypted blob. From their website Retrieve files from any internet-connected device, Access all your data in one de-duplicated location... I know to the easy consumer that doesn't spell lies but to me it reads We do know your encryption key, if we want to and little do you know, we do have the ability to get the key that encrypts the encryption key too. Companies lie all the time, or they tell pieces of a story and never tell the entire story. Though I don't know if it's more of a lie then an assumption on their end and maybe even they themselves not even understanding what could possibly go wrong, or they just don't care because the user doesn't pay too much attention after WE NEVER KNOW. The key to knowing the full story is read Retrieve files from any internet-connected device. To add to it, let me point out this: Easily access all of your data from any device within your SpiderOak network or on the web which contradicts this: SpiderOak never stores or knows a user's password or the plaintext encryption keys which means not even SpiderOak employees can access the data and it's no so much a direct contradiction as much as an arrogant assumption that we (or I guess only I in this conversation) don't realise that their employees do have a way to access it, they just need to do a couple minutes worth of work, that is what makes it contradict. What this means is that the user doesn't have to worry about the 3rd party taking care of the data. If the 3rd party is hacked, if the 3rd party has a rogue employee, etc. The data has a much better chance of being safe than if it's implemented like say iCloud where even if the data is encrypted Apple holds the encryption key and can access the data anytime they want. If Apple can access the data, a rogue employee and a hacker can potentially access the data. As you argue for encryption on UbuntuOne you need realise that all third parties are adversaries, Ubuntu is one and so is SpiderOak. It's not much more secure, yes it *might* be considered more secure from external adversaries after they have the data but it surely isn't more secure from internal ones, the fact that you can access your data from 'anywhere' proves that. That rogue employee need only attack the website from inside the company and all is lost, or push out a dirty update and even more is lost. You think it can't happen, ask Google if it can. You aren't as safe as you assume, you are not even seeing the entire picture of all possible attacks. Just because Apple or Ubuntu can access the data doesn't mean that an external 'hacker' can. That is an arrogant assumption IMO, the only difference in this case is that even if the so called 'hacker' gets your data he need do more work but the fact he got your data in the first place is just as bad in both cases, irregardless of the encryption, you are just protected (somewhat, depending and one could only really know if they actually know how they use the encryption. So at this point I would assume I am no more secure if using SpiderOak.) You are just as vulnerable to actual data theft encrypted or unencrypted, and by data I mean any data, encrypted or not. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: can we find a solution to bug #820895 (show Process Name in log files) (imaginative solution/description presented)?
Stop throwing around privacy like there is some big security flaw in Linux, there are tools that do what everyone wants, it seems to me that nobody is willing to even look or everybody is fed baby food, what is the point of being on Linux if you aren't going to use the terminal for what it's there for? Try searching for once. On Tue, Feb 7, 2012 at 2:42 PM, Jason Todd jtodd...@hotmail.com wrote: Both MAC and Windows have applications for protecting users privacy regarding outgoing internet connections. Control over outgoing internet connections is a huge privacy area that is non-existent in ubuntu. Here's a great little program for Apple MACs: http://www.obdev.at/products/littlesnitch/index.html IMHO the lack of any sort of privacy protection for Ubuntu's outgoing internet connections is a huge problem. Many users will not use Ubuntu because they can't control their outgoing connections. I can understand linux's lack of support considering it has traditionally been Server Oriented. But if Ubuntu wants to succeed on the Desktop, it needs to address this issue. Because apparmor and selinux never existed, right? That's just what we need, another tool to do what two tools could do if they just had a single tool to merge them together. How about we find a way to make an application that merges apparmor and iptables (as a wrapper not as a t ool that does them both) rather then trying to reinvent the wheel and then after reinventing it putting spinners on it so it's ugly. I am really hoping you great developers can do something about this over the next couple years so that by 14.04 users will be able to control (and have knowledge of) outgoing internet connections on Ubuntu. Maybe Canonical can create an application that will provide these functions? I think for Ubuntu to succeed, Canonical needs to start devoting some resources to creating a high-quality application/program like this one. Being able to control and have knowledge of the Operating System and installed-Programs' internet connection behavior is an important privacy feature. Because netstat no longer allows you to see location and application anymore. -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: multiarch pulling in i386 packages
On Thu, Feb 2, 2012 at 2:33 AM, Ritesh Raj Sarraf r...@researchut.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On my x86_64 Ubuntu install, I have CrossOver installed. Its package description looks like: Package: ia32-crossover-pro Status: install ok installed Priority: optional Section: non-free/otherosfs Installed-Size: 117268 Maintainer: CrossOver Packager i...@codeweavers.com Architecture: amd64 Version: 10.2.0-1 Replaces: cxoffice, cxoffice-xandros, cxoffice2, ia32-crossover-demo-xandros (= 10.2.0-1), ia32-crossover-pro-canonical-demo (= 10.2.0-1), ia32-crossover-pro-demo (= 10.2.0-1), ia32-crossover-pro-xandros (= 10.2.0-1), ia32-crossover-standard (= 10.2.0-1), ia32-crossover-standard-canonical-demo (= 10.2.0-1), ia32-crossover-standard-demo (= 10.2.0-1), ia32-crossover-xandros (= 10.2.0-1), xandros-cxoffice-patch-1.3.1-3 Provides: cxoffice5 Depends: libc6-i386, ia32-libs | ia32-apt-get, lib32gcc1, lib32nss-mdns, lib32z1, perl5-base, perl-modules, python (= 2.4), python-gtk2, python-glade2 Conflicts: cxoffice ( 3.0), cxoffice-xandros, cxoffice2, cxoffice5, ia32-crossover-demo-xandros (= 10.2.0-1), ia32-crossover-pro-xandros (= 10.2.0-1), ia32-crossover-xandros (= 10.2.0-1), xandros-cxoffice-patch-1.3.1-3 It has a depends on ia32-libs. In Ubuntu ia32-libs now depends on ia32-libs-multiarch, which if I install, will pull in a lot of i386 arch of the packages. 14:00:13 rrs@champaran:~$ sudo apt-get install ia32-libs-multiarch Reading package lists... Done Building dependency tree Reading state information... Done The following extra packages will be installed: bluez-alsa:i386 glib-networking:i386 gstreamer0.10-fluendo-mp3:i386 gstreamer0.10-plugins-base:i386 gstreamer0.10-plugins-good:i386 gtk2-engines:i386 gtk2-engines-murrine:i386 gtk2-engines-oxygen:i386 gtk2-engines-pixbuf:i386 ibus-gtk:i386 libaa1:i386 libaio1:i386 libao-common libao4:i386 libasn1-8-heimdal:i386 libasound2:i386 libasound2-plugins:i386 libasyncns0:i386 libatk1.0-0:i386 libaudio2:i386 libaudiofile0:i386 libavahi-client3:i386 libavahi-common-data:i386 libavahi-common3:i386 libavc1394-0:i386 libcaca0:i386 libcairo-gobject2:i386 libcairo2:i386 libcanberra-gtk-module:i386 libcanberra-gtk0:i386 libcanberra0:i386 libcap2:i386 libcapi20-3:i386 libcdparanoia0:i386 libcroco3:i386 libcups2:i386 libcupsimage2:i386 libcurl3:i386 libdatrie1:i386 libdv4:i386 libesd0:i386 libexif12:i386 libexpat1:i386 libflac8:i386 libfontconfig1:i386 libfreetype6:i386 libgail-common:i386 libgail18:i386 libgd2-xpm:i386 libgdbm3:i386 libgdk-pixbuf2.0-0:i386 libgettextpo0:i386 libgl1-mesa-glx:i386 libglapi-mesa:i386 libglu1-mesa:i386 libgnutls26:i386 libgomp1:i386 libgphoto2-2:i386 libgphoto2-port0:i386 libgssapi-krb5-2:i386 libgssapi3-heimdal:i386 libgstreamer-plugins-base0.10-0:i386 libgstreamer0.10-0:i386 libgtk2.0-0:i386 libhcrypto4-heimdal:i386 libheimbase1-heimdal:i386 libheimntlm0-heimdal:i386 libhx509-5-heimdal:i386 libibus-1.0-0:i386 libice6:i386 libidn11:i386 libiec61883-0:i386 libieee1284-3:i386 libjack-jackd2-0:i386 libjasper1:i386 libjpeg-turbo8:i386 libjpeg8:i386 libjson0:i386 libk5crypto3:i386 libkeyutils1:i386 libkrb5-26-heimdal:i386 libkrb5-3:i386 libkrb5support0:i386 liblcms1:i386 libldap-2.4-2:i386 libltdl7:i386 libmad0:i386 libmikmod2:i386 libmng1:i386 libmpg123-0:i386 libnspr4:i386 libnss3:i386 libodbc1:i386 libogg0:i386 liboil0.3:i386 libopenal1:i386 liborc-0.4-0:i386 libp11-kit0:i386 libpango1.0-0:i386 libpixman-1-0:i386 libpulse-mainloop-glib0:i386 libpulse0:i386 libpulsedsp:i386 libqt4-dbus:i386 libqt4-declarative:i386 libqt4-designer:i386 libqt4-network:i386 libqt4-opengl:i386 libqt4-qt3support:i386 libqt4-script:i386 libqt4-scripttools:i386 libqt4-sql:i386 libqt4-svg:i386 libqt4-test:i386 libqt4-xml:i386 libqt4-xmlpatterns:i386 libqtcore4:i386 libqtgui4:i386 libqtwebkit4 libqtwebkit4:i386 libraw1394-11:i386 libroken18-heimdal:i386 librsvg2-2:i386 librsvg2-common:i386 librtmp0:i386 libsamplerate0:i386 libsane:i386 libsasl2-2:i386 libsdl-image1.2:i386 libsdl-mixer1.2:i386 libsdl-net1.2:i386 libsdl-ttf2.0-0:i386 libsdl1.2debian:i386 libshout3:i386 libsm6:i386 libsndfile1:i386 libsoup-gnome2.4-1:i386 libsoup2.4-1:i386 libspeex1:i386 libspeexdsp1:i386 libsqlite3-0:i386 libssl0.9.8:i386 libstdc++5:i386 libstdc++6:i386 libtag1-vanilla:i386 libtag1c2a:i386 libtasn1-3:i386 libtdb1:i386 libthai0:i386 libtheora0:i386 libtiff4:i386 libunistring0:i386 libusb-0.1-4:i386 libv4l-0:i386 libv4lconvert0:i386 libvisual-0.4-0:i386 libvorbis0a:i386 libvorbisenc2:i386 libvorbisfile3:i386 libwavpack1:i386 libwind0-heimdal:i386 libwrap0:i386 libx11-6:i386 libxau6:i386 libxaw7:i386 libxcb-render0:i386 libxcb-shm0:i386 libxcb1:i386 libxcomposite1:i386 libxcursor1:i386 libxdamage1:i386 libxdmcp6:i386 libxext6:i386 libxfixes3:i386 libxft2:i386 libxi6:i386 libxinerama1:i386 libxml2:i386 libxmu6:i386
Bug 657901 (Kernel having a required dependency of wireless tools)
I was wondering if we could get the kernel team to fix https://bugs.launchpad.net/ubuntu/+source/linux/+bug/657901 before the Kernel freeze since it's an LTS. I'm all for it being installed by default as a recommend but I would certainly love to remove it too much like we are able to rid of most of the bluetooth components (just an example.) -- Ubuntu-devel-discuss mailing list Ubuntu-devel-discuss@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel-discuss
Re: Understanding the definitions and expectations of our membership processes
Hola, On Fri, July 29, 2011 11:01 am, Michael Bienia wrote: This leads to the next question: how much do you trust the person writing the endorsement? Of course I trust endorsements from long-standing dev members with a great reputation where I trust their ability to judge the packaging skills and trustworthiness of the applicant. But should I apply the same trust to e.g. a dev member who got accepted himself a month ago? Why should you not trust that persons judgement unless there is compelling reason to believe their judgement should not be trusted. It seems counter-intuitive to okay them for inclusion and then default on your own judgement of them by not trusting them without a very good reason to not trust them. Yes, it's just fine to review an endorsement they give, like any open ecosystem would and does currently do, but flat out not trusting their judgement seems like you feel they don't belong there in the first place which leads to two questions: Why did you okay them them for inclusion at all if you aren't going to trust their judgement on skill? Why would you okay him/her for inclusion if you have any reasonable doubt about their judgement on skill? In most cases all I've got are a couple lines in a endorsement from persons I've worked with to different degrees and who have a different amount of reputation. As I've never met anyone from the dev community in person till now, it makes it harder to build up a trust relationship to them. -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
Re: Just gimme the IP!
On 6/14/2011 2:59 PM, Luke Faraone wrote: We could just get an API key from whatismyip.com, or use whatismyip.org Wouldn't it be much more viable to just create a quick script on a sub-domain ip.launchpad.net or ip.ubuntu.com or ip.canonical.com and then curl or wget it? EXP: curl -s ip.envygeeks.com wget -q -O - ip.envygeeks.com No added text, no need to grep, no need to sed, nothing but the IP. You can even have the script adjust the curl command per interface too making it so if you have multiple IP's you can get each one. -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
