The officially official Devuan Forum!

You are not logged in.

#1 Re: Off-topic » ${THEY} continue crippling browsers... » 2021-04-30 17:08:52

I'm sure that if you look at most browsers and in fact the source code of many well known GUI applications, you'll find similar.

As headstick knows, Theo de Raadt gave a fairly casual "best of a bad lot" endorsement to chromium, as the code quality and security aspects are well ahead of Firefox, but chromium comes with many other problems such as horrible UI and being a google project.  It's partially why there are so many forks.  The problem I find is that none of the forks are any good or worthwhile or come with their own problems - Brave being one example.  Or the fork is from the likes of Microsoft...

Terrible choices, but given all those choices Firefox still come out looking like a better option than many others.  Aping chromium and taking google's money for years has gotten them to where they are now - fielding the only viable contender to a chromium / chromium based mono culture, having lost most "market share" to chromium, but with google in a position to pull the plug at any time... talk about "own the resistance".

#2 Re: Off-topic » ${THEY} continue crippling browsers... » 2021-04-30 07:16:30

andyprough wrote:

But palemoon didn't really even block the extension he was mad about, just made you flip a bit in about:config to be able to install it. For example, he's upset that they "blocked" noscript, but I was still using noscript with palemoon quite recently by flipping that bit in about:config.

Mozilla have been doing this for years with firefox i.e. removing UI elements from the browser chrome and only allowing tuning them in js config. If you look at for example Seamonkey's configuration, you will have a rough idea of earlier firefox configuration. Firefox UI based configuration is unusable to the extent that it was designed to ensure the user easily misses the things Mozilla (and its paymaster google) want them to miss. My point is that its not an excuse to remove an on/off control and the insist that users can alter the js config to get that same result.  Why remove that control if you're not planning to deprecate it?

Once a project goes down that route, they're already knee deep in the same philosophy as e.g.  the gnome or chromium projects - i.e. contempt for the end user and manipulation of said users to use the software only in the way the UI designers intended it.

As a general rule - if the UI control is removed, the ability to tune that variable from the js will follow, then it will be a compiler flag, then gone altogether.  If you consider it carefully there is no other viable reasoning for hiding a UA control in the first place other than to deprecate it altogether to stop users from changing it

#3 Re: Off-topic » ${THEY} continue crippling browsers... » 2021-04-29 17:15:36

Head_on_a_Stick wrote:
mstrohm wrote:

Pale Moon looks promising

No, it doesn't: https://digdeeper.neocities.org/ghost/b … l#palemoon

That article comes across as to being spurred by a particular agenda, but citations are relevant.  The developers are making some very questionable decisions - and perhaps it's time the browser's fans cast their minds back as to why they stopped using browsers such as chrome or firefox?

The way the forum is administered and how the lead developers behave, may be irrelevant to the actual software itself, but the obnoxious and arrogant posturing and in particular the attitudes on show in the "insect" comment and the posting directed at the individual trying to work on an OpenBSD port, is in fact reflected in the code - in the decisions regarding tor, add ons, blocking user agent override, etc - in general foisting changes on users for a particular reason, while publicly offering another line of reasoning - not so plausible reasoning.  For example the UA override removal and reasons stated for doing so were questionable - and it's likely that the same narcissistic reasoning of "branding" was behind that, as it was with the OpenBSD port situation - in that allowing users to masquerade as firefox his perceived "market share" suffers. It looks like it's - "Our browser, Our way"...  Except in reality it's a fork, with the  overwhelming bulk of that code being from decades of dev work at Mozilla (and Netscape before that).

#4 Re: Off-topic » ${THEY} continue crippling browsers... » 2021-04-26 17:14:10

They are developing and maintaining a boatload of "garbage features", yet FTP protocol handling has to go.

FTP is "secure" because it's used by those with a good understanding of why they use it, i.e. those who will check the md5sum of a downloaded file. It's just not useful to mainstream faecebookers.

People have more to worry about from malicious js used in websites served over over https run by phishing scammers and the like...

#5 Re: Off-topic » ${THEY} continue crippling browsers... » 2021-04-24 14:13:04

I still use ftp professionally. I've had to go back to filezillla at work for simple anon ftp etc.

There is nothing wrong with using it. If you download an .iso image and check the md5sum, that is really no different to using SSL/TLS.  Ultimately you should have the choice. They have willfully deprecated it as part of a wider industry led strategy and not because of any concerns over maintaining it.

HTTPS is being de facto standardised to force all traffic via google, faecebook, amazon, ms, cloudflare, et al.

#6 Re: Installation » I had to use sudo to setup my printer » 2021-04-16 17:10:06

You could have tried:

su
system-config-printer

#7 Re: Installation » Very slow wifi!! » 2021-03-04 07:56:30

The "invalid misc" is what you need to look into. The other devices may be ok, but is this computer closer to any potential sources of interference?

rtl8168 is your ethernet.

The broadcom devices supported by the b43 driver will not work at all without proprietary firmware extracted from the wl vendor driver tarball. If you installed what was needed  via downloading and installing with dpkg, then you've probably done enough, but it wouldn't hurt to enable contrib and non-free repositories as suggested, and do an upgrade, just in case whatever packages you downloaded were for an older release? Perhaps you can elaborate on why they were installed manually and where they were sourced from?

Or did you in fact instlll wl via some other source?

#8 Re: Off-topic » Choose your browser carefully » 2020-11-03 23:58:20

No.

Ron and zapper retaliated to post no 4, with the somewhat condescending "stockholm syndrome" comments, then proceeded with a line of argumentation in much the same format - i.e emotionally charged and misinformed.

Then when I offered critique of their top favourite web browser, grew more hostile and emotional and continued to paint me as a google fan / apologist.

I'm more of a Microsoft fan actually.

#9 Re: Off-topic » Choose your browser carefully » 2020-11-02 23:47:50

Ron wrote:

Did you bother to get the other side of the story?

https://forum.palemoon.org/viewtopic.ph … 56#p134236

A lot of this stuff I really don't get, I admit.

Clearly.  Did you check the times of postings?  Did you read Ibara's OP in the thread you linked?  He was given less than 24 hours before they sent in some cretinous amateur legal rep, with "cease and desist" threats...

Did you consider that it was a private individual attempting to port the software to OpenBSD and not in any way someone representing the project?  Did you consider that it was someone who was not out for commercial gain, who was only creating a port of the browser on OpenBSD as a service to others?  If you have a problem with that, you have a problem with FOSS and you should immediately switch to Mozilla or google as that's exactly how they operate.  In fact, somehwhat in Mozilla's defense, they were never so obnoxious in their dealings with Debian during the Iceweasel years - and they were obnoxious enough - but unlike this petty project, they may have at least had reason to be  - as the developers of the software.

Ron wrote:

But from what I can glean from it, they made some changes that weren't allowed for it to still be called Pale Moon. What's the problem with that?

Nothing "wrong with it" as such, that's the terms of the MPL, as defined by the organisation you seem to hate so much, who incidentally created firefox and developed it on from the codebase as provided by the netscape browser.  Your cult of personality "Moon Child", simply patches older code and adds his own branding and logo and then issues threats - check the licence before you deign to lecture others.  There are few other FOSS projects using such a licence and issuing such threats.

Ron wrote:

That would be like me getting a Ford car, putting in a GM engine, but still labeling it and selling it as a Ford, which would clearly be wrong. Am I right or am I wrong?

You're wrong.

Head_on_a_Stick wrote:

Oh, hello cynwulf, I didn't recognise you in your new sockpuppet big_smile

Errr what... ummmm?

Head_on_a_Stick wrote:

ibara could have still used the system libraries and just rebranded the port as Newmoon (or whatever) and I strongly suspect he would have done so had the Palemoon people not been such a bunch of wankstains.

It's obvious to me as to Ibara's intentions.  The "Palemoon people" simply chose to wave their "legal" dicks around...

In terms of their credibility - all doubt has now been removed.  Pompous, self important pricks...

Which reminds me - nice to see you headstick.

#10 Re: Off-topic » Choose your browser carefully » 2020-11-02 00:38:33

Head_on_a_Stick wrote:

Juicy issue thread for those who are curious: https://github.com/jasperla/openbsd-wip/issues/86

So the Palemoon devs were assholes and pissed off ibara sufficiently that he dropped the port. @ibara is active over at daemonforums.org and he is an absolute legend, I will hear no ill will spoken of him.

They are even bigger cunts than I took them for...  Threatening and talking trademarks, while quoting the MPL... when they simply patch obsolete Mozilla code and stick their own badge on it and release as proprietary freeware.

I'm just disappointed that Ibara bothered to try and port the thing at all.

@golinux, thanks I just hope headstick's link will be an education for some as to nature of the arseholes involvled in that project.  But I don't hold out much hope, because fanbois are so often taken in by such snake oil salesmen.

@Ron, old code - especially something based on netscape, also has vulnerabilities or fundamental design flaws...  new code can have the same, but developers of newer code don't really have any excuses.

#11 Re: Desktop and Multimedia » [SOLVED] Beowulf: Xserver native mode in AMD Ryzen 5 Pro 4650G » 2020-11-01 10:28:31

I you get kernel source from kernel.org, you will get the firmware regardless.

#12 Re: Off-topic » Choose your browser carefully » 2020-11-01 09:44:34

zapper, there is no "feud". You are spreading misinformation and betraying your own ignorance. Please stop.

This a bad case of "the mote and the beam"... first exhibit is your trolling of the OpendBSD misc mailing list with misinformation:

https://marc.info/?l=openbsd-misc&m=158692336815902&w=2

Software like wine or palemoon belongs in "ports" in any of the BSD projects. They are not part of the base system. If you want an OpenBSD port of palemoon, you're free to contribute one.

Your embarassingly childish outburst again on the misc mailing list, only betrayed yout complete lack of knowledge of the project.

https://marc.info/?l=openbsd-misc&m=158692845817261&w=2

Because you cannot post snything factual or worth taking the time to read you are ignored.

@Ron, is "old and obsolete, though still actively developed, code" better?

#13 Re: Devuan » Will Devuan ever stop being based on Debian? » 2020-11-01 09:21:41

zapper wrote:

Whenever HyperbolaBSD is finished...

I wouldn't hold your breath nor stake your hopes on a project which makes such "hyperbolic" statements as:
"Due to the Linux kernel rapidly proceeding down an unstable path..." and talks a lit about GPL3 while planning to base its project on code which is anything but.

zapper wrote:

I have interest in this because of wine-staging doesn't work in it

So you have an interest in an, at this stage, theoretical project from developers that want use the OpenBSD kernel, GNU userland, remove all firmware and "liberate" the kernel, just so that you can run wine and MS Windows programmes? I see.

zapper wrote:

Edit here, OpenBSD disabled the mutlilib in wine for security reasons,

The OpenBSD project don't do any work on wine. The wine port has been incomplete / broken / abandoned for years.

#14 Re: Devuan » Will Devuan ever stop being based on Debian? » 2020-11-01 08:29:38

mt12345 wrote:

I didnt know pulseaudio is Lennart's
LOL

You mentioned Slackware. Obviously you didn't know that 14.2 implements pulseaudio as the default sound server and its not straightforward to remove. So presumably you also didn't know you were running it...?

mt12345 wrote:
siva wrote:

Debian's implementation of systemd is fine

So why so many complaints on #systemd Freenode from Debianers?

You've made a black and white statement about systend in Debian and here you admit that you actually have nothing to back that up except for some "complaints"?

The third and final, bit of Poettering software is avahi.  He did not to my knowledge write any of the "*kits" as some have incorrectly stated above.

#15 Re: Desktop and Multimedia » [SOLVED] Beowulf: Xserver native mode in AMD Ryzen 5 Pro 4650G » 2020-10-30 17:58:06

The kernel in backpors has been attemped:

2.- Install the last linux image from backports (linux-image-5.8.0-0.bpo.2-amd64) => System does not boot until you pass "nomodeset" in the GRUB_CMDLINE_LINUX_DEFAULT of the /etc/default/grub file

nomodeset effectively prevents that module loading, as it requires KMS, so loading it results in an unbootable or unusable system and not loading it results in X loading the vesa driver. Hence my advice to builld the latest stable (5.9.x) and then onto mainline if needed.

The missing firmware wont make any difference there.

#16 Re: Desktop and Multimedia » [SOLVED] Beowulf: Xserver native mode in AMD Ryzen 5 Pro 4650G » 2020-10-30 16:59:46

This is very very new hardware. Build the latest stable kernel from git or kernel.org and ensure you install firmware, if that gives the same result fetch the mainline kernel and do the same.  Don't expect miracles on few months old hardware though...

#17 Re: News & Announcements » X.Org ------> ex-org? » 2020-10-30 16:46:15

X11 is already in "maintenance mode", all current development is on wayland. The main issue is that Red Hat was the biggest contributor to X, so unless someone steps up, it will die - good or bad depending on how you look at it.

Red Hat are heavily invested in gnome project and that project are shifting to wayland, enabling it by default.  KDE project also have wayland implemented in their window manager.

#18 Re: Other Issues » Accidentally caught close terminal whilst running gdebi-gtk » 2020-10-30 16:28:51

I doubt you need to reinstall...

First:

 # apt-get -f install
 # dpkg --remove --force-remove-reinstreq virtualbox

What happens?

#19 Re: Off-topic » Choose your browser carefully » 2020-10-30 08:20:49

Ron, being a one man project with a few helpers is still to all intents and purposes a one man project - Slackware for example (and he hasn't released in 4 years), is still a one man project.  Debian for example is not.

So no I'm not spreading "misinformation".

Zapper, a very secure piece of software can still be a data mining telemetry engine - but can do that securely (as paradoxical as that may seem).  You're perhaps conflating security and privacy - a common fallacy. Using your logic, bug ridden code with multiple vulnerabilities could be considered "security focused", if it doesnt "phone home" [to google]?

"Webextensions vulnerabilities" won't occur "much" in pale moon, they won't occur at all, as it doesn't implement webextensions. So not sure what your point is there?

So thus far I remain unconvinced that pale moon, based on dead firefox code, is more secure by default on account of it not bundling the google spyware (which you can disable in firefox) and not using webextensions.

I'm not sure of the stance on noscript, I'm sceptical of add ons which come with a default whitelist which includes facebook, google, etc.  It boils down to privacy not being something you can just install.

If you want further confirmation of which browser is the most secure, then I suggest you read this comment by Theo de Raadt of OpenBSD:

https://marc.info/?l=openbsd-misc&m=152872551609819

Or is the lead developer of arguably the most secure FOSS OS also spreading misinformation?

To add: One can find plenty of vulnerabilities in webextensions. It looks shoddy, but sadly xulrunner (xul xpcom) was actually quite poor in terms of security and privacy and there were whole slews of vulnerabilities in that over the years, so its not a great choice. It calls the whole idea of "browser addons" into question. When you install any add on you essentially place trust in a 3rd party - who are then in a position to intercept all traffic.

A search of cvedetails.com for anything relating to xul xpcom or xulrunner gives over 800 results where a search for webextensions gives just over 250 or so. obviously as webextensions is still in its early years (it only completely replaced xul xpcom around 3 years ago) and due to much greater exposure and being a much bigger target (who is going to care about looking for vulnerabilities in dead and obsolete code used by <1% ?) it stands to reason there will be more cves there and more recent ones. Whether its privacy focused designed to be secure or part of a google plot is an entirely separate issue.

#20 Re: Off-topic » Choose your browser carefully » 2020-10-29 18:03:10

I don't disagree with many of your points, but a largely unknown browser from a one man project forked from dead code which was previously developed by a large paid team of devs, cannot automatically be considered secure - especially as that generation of firefox/mozilla was never particularly secure to begin with. You seem to be missing the point the firefox cves will mostly apply to its forks as well... Check the dates of all of those exploitable and bear in mind that most of his security fixes are backports.  I assune that the two cves, one severe and remote, are palemoon specific and that firefox was not affected as it was not based on the same obsolete code. .You're also skipping over the fact that modern browser have security features such as sandboxing. Despite the bundled data collection, chromium project is currently the most secure.

He also only dropped google's safebrowsing telemetry because the version in his fork was obsolete and unsupported by google. Not for any rationale relating to privacy. Same reason geo.ip was dropped - and for that he found a reolacement. Go to that site and see how precisley and efficiently it locates you.

I have nothing against palemoon, but agree with the author of the linked article that user spinning it as a privacy and/or security focused browser are doing so out based sone misunderstanding. Its pre australis firefox.

Pale moon amounts to a tiny fraction of a percent of browser marketshare, where firefox is more than a few percent and chromium is massive (a massive monopoly). These browsers have greater exposure, more eyeballs and are bigger and more attractive targets, so it stands to reason that move vulnerabilities are found and fixed.

#21 Re: Off-topic » Choose your browser carefully » 2020-10-28 17:56:01

zapper wrote:

Palemoon does not phone home anymore if it ever did. That I don't know[...]

I hope I'm not alone in seeing the fallacy there...

If data collection can be disabled, in firefox then I don't personally see the need for any of the current 3rd party forks or "based on" projects. With the exception of ungoogled chromium I can't see the benefits.

Of course the browsers, the web in fact has becone hugely complex and is largely under the control of several huge US corporations (including FAANGS). To build a new browser is beyond the resources of any individual, small project - beyond anyone lacking the support of those. Linux itsekf haa become largely developed and financed by fortune 500 companies.  A web browser like chromium/blink is a larger codebase now than some entire OS'. If you have tried building firefox or chromium from source you will know what I mean.

From a security perspective, firefox has been catching with chromium in terms of multi process sandboxing and other security features, pale moon, a fork of a several years old firefox release, isnt even close.

#22 Re: Off-topic » Choose your browser carefully » 2020-10-27 08:12:43

There was a thread about Mozilla recently on LQ:

https://www.linuxquestions.org/question … 175682595/

The trouble is, that the alternatives to Firefox are worse. The 3rd party forks are what amounts to snake oil salesmen peddling their wares. I despise the UIs of both chromium anf Firefox, but just learned to live with them and disable the telemetry / data collection where possible.

#23 Re: Hardware & System Configuration » Freeze at startup probably caused by nvidia driver » 2020-10-23 07:45:15

Unless one uses older hardware, intel graphics and/or rhe nouveau or vesa drivers you're pretty much stuck with proprietary firmware for display adapters . Even when using a completely FOSS solution, x86 as an architecture uses a lot of firmware, much of it already on the devices - and it's almost always proprietary.

#24 Re: Devuan » Meet Chimaera's deepsea theme » 2020-10-23 07:39:07

You can't please all of the people all of the time...

I remember when Debian Squeeze released with the "space fun" theme. It was hated by most, but it actually grew on me eventually. There's no accounting for taste.  Ubuntu were a success with their brown themes and then their purple ones, despite all the critique.  When all is said and done it's just a default and the user will change it to suit, minutes after installation.

#25 Re: Hardware & System Configuration » Freeze at startup probably caused by nvidia driver » 2020-10-22 22:02:08

No information at all about the hardware, no logs or configuration posted - hence no replies...

Board footer

Forum Software