Moving to https

This commit is contained in:
Bob Mottram 2016-08-08 17:21:03 +01:00
parent c625f0d56a
commit 5a2cfcec2a
24 changed files with 1843 additions and 1108 deletions

View File

@ -16,7 +16,7 @@
</center> </center>
#+END_EXPORT #+END_EXPORT
Freedombone is really just a couple of [[http://www.gnu.org/software/bash][bash]] scripts which install and configure software on a Debian GNU/Linux system. If you're a system administrator, software engineer or Linux hobbyist you'll probably be familiar with command line scripting and be able to make your own modifications or custom variants to suit your needs. Freedombone is licensed under the [[https://www.gnu.org/licenses/agpl.html][GNU Affero General Public License version 3]] (or later). Freedombone is really just a couple of [[https://www.gnu.org/software/bash][bash]] scripts which install and configure software on a Debian GNU/Linux system. If you're a system administrator, software engineer or Linux hobbyist you'll probably be familiar with command line scripting and be able to make your own modifications or custom variants to suit your needs. Freedombone is licensed under the [[https://www.gnu.org/licenses/agpl.html][GNU Affero General Public License version 3]] (or later).
You can find the source code for this project [[https://github.com/bashrc/freedombone][on Github]]. You can find the source code for this project [[https://github.com/bashrc/freedombone][on Github]].

View File

@ -46,7 +46,7 @@
* I don't have a static IP address. Can I still install this system? * I don't have a static IP address. Can I still install this system?
Yes. The minimum requirements are to have some hardware that you can install Debian onto and also that you have administrator access to your internet router so that you can forward ports to the system which has Freedombone installed. Yes. The minimum requirements are to have some hardware that you can install Debian onto and also that you have administrator access to your internet router so that you can forward ports to the system which has Freedombone installed.
The lack of a static IP address can be worked around by using a dynamic DNS service. Freedombone uses [[http://troglobit.com/inadyn.html][inadyn]] , which supports a variety of dynamic DNS providers. The lack of a static IP address can be worked around by using a dynamic DNS service. Freedombone uses [[https://troglobit.com/inadyn.html][inadyn]] , which supports a variety of dynamic DNS providers.
* Why not support building images for Raspberry Pi? * Why not support building images for Raspberry Pi?
The FreedomBox project supports Raspberry Pi builds, and the image build system for Freedombone is based on the same system. However, although the Raspberry Pi can run a version of Debian it requires a closed proprietary blob in order to boot the hardware. Who knows what that blob might contain or what exploits it could facilitate. From an adversarial point of view if you were trying to deliver "bulk equipment interference" then it doesn't get any better than piggybacking on something which has control of the boot process, and hence all subsequently run processes. The FreedomBox project supports Raspberry Pi builds, and the image build system for Freedombone is based on the same system. However, although the Raspberry Pi can run a version of Debian it requires a closed proprietary blob in order to boot the hardware. Who knows what that blob might contain or what exploits it could facilitate. From an adversarial point of view if you were trying to deliver "bulk equipment interference" then it doesn't get any better than piggybacking on something which has control of the boot process, and hence all subsequently run processes.
@ -160,49 +160,6 @@ And see some error related to checking for changes in the IP address then you ca
https://check.torproject.org/ https://check.torproject.org/
https://www.whatsmydns.net/whats-my-ip-address.html https://www.whatsmydns.net/whats-my-ip-address.html
https://www.privateinternetaccess.com/pages/whats-my-ip/ https://www.privateinternetaccess.com/pages/whats-my-ip/
http://checkip.two-dns.de
http://ip.dnsexit.com
http://ifconfig.me/ip
http://ipecho.net/plain
http://checkip.dyndns.org/plain
http://ipogre.com/linux.php
http://whatismyipaddress.com/
http://ip.my-proxy.com/
http://websiteipaddress.com/WhatIsMyIp
http://getmyipaddress.org/
http://www.my-ip-address.net/
http://myexternalip.com/raw
http://www.canyouseeme.org/
http://www.trackip.net/
http://icanhazip.com/
http://www.iplocation.net/
http://www.howtofindmyipaddress.com/
http://www.ipchicken.com/
http://whatsmyip.net/
http://www.ip-adress.com/
http://checkmyip.com/
http://www.tracemyip.org/
http://checkmyip.net/
http://www.lawrencegoetz.com/programs/ipinfo/
http://www.findmyip.co/
http://ip-lookup.net/
http://www.dslreports.com/whois
http://www.mon-ip.com/en/my-ip/
http://www.myip.ru
http://ipgoat.com/
http://www.myipnumber.com/my-ip-address.asp
http://www.whatsmyipaddress.net/
http://formyip.com/
http://www.displaymyip.com/
http://www.bobborst.com/tools/whatsmyip/
http://www.geoiptool.com/
http://checkip.dyndns.com/
http://myexternalip.com/
http://www.ip-adress.eu/
http://www.infosniper.net/
http://wtfismyip.com/
http://ipinfo.io/
http://httpbin.org/ip
#+end_src #+end_src
* How do I change my encryption settings? * How do I change my encryption settings?

View File

@ -49,7 +49,7 @@ With the right technology the internet can be a space for free expression, explo
</center> </center>
#+END_EXPORT #+END_EXPORT
This is personal or family scale computing, which can then federate to global proportions. We need [[http://www.alainet.org/en/articulo/168669][community controlled]] information systems and to achieve that they must be inexpensive and simple to install and maintain. This is the opposite of the current dominant paradigm of [[https://www.youtube.com/watch?v=XZmGGAbHqa0][titanic server warehouses]] owned by a tiny number of individuals and it's what is sometimes refered to as [[http://mediagoblin.org/news/userops.html]["userops"]] - i.e. a user being able to do what traditionally only a professional systems administrator would be able to. This is personal or family scale computing, which can then federate to global proportions. We need community controlled information systems and to achieve that they must be inexpensive and simple to install and maintain. This is the opposite of the current dominant paradigm of [[https://www.youtube.com/watch?v=XZmGGAbHqa0][titanic server warehouses]] owned by a tiny number of individuals and it's what is sometimes refered to as [[https://mediagoblin.org/news/userops.html]["userops"]] - i.e. a user being able to do what traditionally only a professional systems administrator would be able to.
With a system installed in your home you also have greater legal protection against unwarranted or "bulk warrant" searches. In general as soon as you put your information onto systems which you don't own then you no longer have the same property rights over it, together with "/no reasonable expectation of privacy/" otherwise known as the third party doctrine. We all know that's a nonsense, and so maybe we should do something about it. With a system installed in your home you also have greater legal protection against unwarranted or "bulk warrant" searches. In general as soon as you put your information onto systems which you don't own then you no longer have the same property rights over it, together with "/no reasonable expectation of privacy/" otherwise known as the third party doctrine. We all know that's a nonsense, and so maybe we should do something about it.
@ -73,8 +73,8 @@ You can bypass all of these dilemmas and take back ownership of your internet co
Freedombone is an example of the internet as it was supposed to be: a network of peers, rather than a small number of gigantic server farms with everyone connecting to them. Even if they're well run, centralised server farms become a conspicuous target for /all kinds of nefariousness/ and in any future wars they're bound to be amongst the first facilities to receive the "/shock and awe/" treatment. Also consider just what is being "farmed". If a robust information society is desirable then excessive centralisation of control over information should be avoided. Freedombone is an example of the internet as it was supposed to be: a network of peers, rather than a small number of gigantic server farms with everyone connecting to them. Even if they're well run, centralised server farms become a conspicuous target for /all kinds of nefariousness/ and in any future wars they're bound to be amongst the first facilities to receive the "/shock and awe/" treatment. Also consider just what is being "farmed". If a robust information society is desirable then excessive centralisation of control over information should be avoided.
An emphasis of the Freedombone project is the protection of private communications from indiscriminate mass surveillance, otherwise known as "/bulk intercept/" or "/warrantless wiretapping/". With only a few exceptions data entering and leaving the system is encrypted using settings recommended by [[https://bettercrypto.org][bettercrypto.org]]. Stored emails are encrypted such that only someone knowing your GPG password can read them and a GPG key is created automatically if you don't already have one. The system is firewalled with only the necessary ports being opened. Exclusively [[http://en.wikipedia.org/wiki/Free_software][free software]] is used so that all of it can potentially be security audited and proprietary repositories are disabled by default. There are still numerous security problems with the internet in general and software always contains bugs, but a best attempt has been made to ensure that the Freedombone is at least more secure than average. An emphasis of the Freedombone project is the protection of private communications from indiscriminate mass surveillance, otherwise known as "/bulk intercept/" or "/warrantless wiretapping/". With only a few exceptions data entering and leaving the system is encrypted using settings recommended by [[https://bettercrypto.org][bettercrypto.org]] . Stored emails are encrypted such that only someone knowing your GPG password can read them and a GPG key is created automatically if you don't already have one. The system is firewalled with only the necessary ports being opened. Exclusively [[https://en.wikipedia.org/wiki/Free_software][free software]] is used so that all of it can potentially be security audited and proprietary repositories are disabled by default. There are still numerous security problems with the internet in general and software always contains bugs, but a best attempt has been made to ensure that the Freedombone is at least more secure than average.
#+BEGIN_CENTER #+BEGIN_CENTER
This site can also be accessed via a Tor browser at [[http://4fvfozz6g3zmvf76.onion][http://4fvfozz6g3zmvf76.onion]] This site can also be accessed via a Tor browser at 4fvfozz6g3zmvf76.onion
#+END_CENTER #+END_CENTER

View File

@ -105,8 +105,8 @@ freedombone menuconfig
** On a single board computer (SBC) ** On a single board computer (SBC)
Currently the following boards are supported: Currently the following boards are supported:
* [[http://beagleboard.org/BLACK][Beaglebone Black]] * [[https://beagleboard.org/BLACK][Beaglebone Black]]
* [[http://linux-sunxi.org/Cubietech_Cubieboard2][Cubieboard 2]] * [[https://linux-sunxi.org/Cubietech_Cubieboard2][Cubieboard 2]]
* [[https://linux-sunxi.org/Cubietruck][Cubietruck (Cubieboard 3)]] * [[https://linux-sunxi.org/Cubietruck][Cubietruck (Cubieboard 3)]]
* [[https://www.olimex.com/Products/OLinuXino/A20/A20-OLinuXIno-LIME/open-source-hardware][olinuxino Lime]] * [[https://www.olimex.com/Products/OLinuXino/A20/A20-OLinuXIno-LIME/open-source-hardware][olinuxino Lime]]
* [[https://www.olimex.com/Products/OLinuXino/A20/A20-OLinuXIno-LIME2/open-source-hardware][olinuxino Lime2]] * [[https://www.olimex.com/Products/OLinuXino/A20/A20-OLinuXIno-LIME2/open-source-hardware][olinuxino Lime2]]

View File

@ -150,7 +150,7 @@ If for any reason things don't seem to be updating you can force an update by is
zeronetavahi zeronetavahi
#+END_SRC #+END_SRC
** Chat ** Chat
If you have a Tox client installed on your system then you can use that to communicate with other mesh peers. A limitation is that if peers change you may need to quit the application and restart it in order to receive the updated list of DHTnodes. The [[https://github.com/Tox/toxic][Toxic]] client is installed by default, but you may also want to install [[https://github.com/tux3/qTox][qTox]] or [[http://utox.org][uTox]] for a more conventional-looking user experience. If you have a Tox client installed on your system then you can use that to communicate with other mesh peers. A limitation is that if peers change you may need to quit the application and restart it in order to receive the updated list of DHTnodes. The [[https://github.com/Tox/toxic][Toxic]] client is installed by default, but you may also want to install [[https://github.com/tux3/qTox][qTox]] for a more conventional-looking user experience.
You can obtain Tox IDs for users on the network via the initial web page. You can obtain Tox IDs for users on the network via the initial web page.
@ -193,7 +193,7 @@ sudo batman stop
After a few seconds your usual internet wifi connection should be re-established. After a few seconds your usual internet wifi connection should be re-established.
* Further reading * Further reading
For much more extensive details about deploying wireless networks there is an excellent book called [[http://wndw.net][Wireless Networking in the Developing World]] which is worth reading. It's not necessarily exclusively about mesh networks, but may be useful in terms of advice about antennas, reflections, extending wifi range and so on. For much more extensive details about deploying wireless networks there is an excellent book called [[https://wndw.net][Wireless Networking in the Developing World]] which is worth reading. It's not necessarily exclusively about mesh networks, but may be useful in terms of advice about antennas, reflections, extending wifi range and so on.
#+BEGIN_EXPORT html #+BEGIN_EXPORT html
<center> <center>

View File

@ -43,7 +43,7 @@ If you find this project useful then you may wish to consider donating to [[./re
Testing of the install on different hardware. Also pentesting on test installations to find vulnerabilities. Testing of the install on different hardware. Also pentesting on test installations to find vulnerabilities.
** Web design and artwork ** Web design and artwork
A better design for this website would be nice to have. Photos, icons or other artwork are all welcome. I've always liked the cartoon artwork of the [[http://www.mediagoblin.org/][Mediagoblin]] project, and attractive graphics can help to get people initially interested. A better design for this website would be nice to have. Photos, icons or other artwork are all welcome. I've always liked the cartoon artwork of the [[https://www.mediagoblin.org/][Mediagoblin]] project, and attractive graphics can help to get people initially interested.
** More education and promotion ** More education and promotion
#+BEGIN_CENTER #+BEGIN_CENTER

View File

@ -39,7 +39,7 @@ ssh username@domainname -p 2222
emacs ~/README emacs ~/README
#+END_SRC #+END_SRC
You should transfer any passwords to a password manager such as [[http://www.keepassx.org/][KeepassX]] and then delete them from the README file. To save the file after removing passwords use *CTRL-x CTRL-s*. You should transfer any passwords to a password manager such as [[https://www.keepassx.org/][KeepassX]] and then delete them from the README file. To save the file after removing passwords use *CTRL-x CTRL-s*.
To exit you can either just close the terminal or use *CTRL-x CTRL-c* followed by the *exit* command. To exit you can either just close the terminal or use *CTRL-x CTRL-c* followed by the *exit* command.
* Improving ssh security * Improving ssh security
@ -98,7 +98,7 @@ ssh username@address.onion -p 2222
Subsequently even if dynamic DNS isn't working you may still be able to administer your system. Using the onion address also gives you some degree of protection against corporate or government metadata analysis, since it becomes more difficult to passively detect which systems are communicating. Subsequently even if dynamic DNS isn't working you may still be able to administer your system. Using the onion address also gives you some degree of protection against corporate or government metadata analysis, since it becomes more difficult to passively detect which systems are communicating.
* Syncing to the Cloud * Syncing to the Cloud
[[https://syncthing.net][Syncthing]] provides a similar capability to proprietary systems such as [[http://www.drop-dropbox.com/][Dropbox]], and also is well suited for use with low power single board computers. You can have one or more directories which are synchronized across your various laptops/desktops/devices, and this makes it hard for you to ever lose important files. The manner in which the synchronization is done is pretty secure, such that it would be difficult for passive adversaries (mass surveillance, "/men in the middle/", etc) to know what files you're sharing. Of course, you don't necessarily need to be running a server in order to use Syncthing, but if you do have a server which is always running then there's always at least one place to synchronize your files to or from. [[https://syncthing.net][Syncthing]] provides a similar capability to proprietary systems such as Dropbox, and also is well suited for use with low power single board computers. You can have one or more directories which are synchronized across your various laptops/desktops/devices, and this makes it hard for you to ever lose important files. The manner in which the synchronization is done is pretty secure, such that it would be difficult for passive adversaries (mass surveillance, "/men in the middle/", etc) to know what files you're sharing. Of course, you don't necessarily need to be running a server in order to use Syncthing, but if you do have a server which is always running then there's always at least one place to synchronize your files to or from.
Freedombone provides Syncthing shared directories for each user on the system, plus a single shared directory for all users. The expected most common scenario here is that of a family in which members may not want to share /all of their files/ with each other, but might want to share some in a common pool (eg. birthday photos). You can also easily share between different servers. Freedombone provides Syncthing shared directories for each user on the system, plus a single shared directory for all users. The expected most common scenario here is that of a family in which members may not want to share /all of their files/ with each other, but might want to share some in a common pool (eg. birthday photos). You can also easily share between different servers.
@ -199,8 +199,8 @@ echo "(add-to-list 'load-path \"~/elisp/gnu-social-mode\")" >> ~/.emacs
echo "(require 'gnu-social-mode)" >> ~/.emacs echo "(require 'gnu-social-mode)" >> ~/.emacs
echo "(setq gnu-social-server-textlimit 2000" >> ~/.emacs echo "(setq gnu-social-server-textlimit 2000" >> ~/.emacs
echo " gnu-social-server \"yourgnusocialdomain\"" >> ~/.emacs echo " gnu-social-server \"yourgnusocialdomain\"" >> ~/.emacs
echo " gnu-social-username \"yourusername\"" >> ~/.emacs echo " gnu-social-username \"yourusername\"" >> ~/.emacs
echo " gnu-social-password \"gnusocialpassword\")" >> ~/.emacs echo " gnu-social-password \"gnusocialpassword\")" >> ~/.emacs
#+end_src #+end_src
And as a quick reference the main keys are: And as a quick reference the main keys are:
@ -298,7 +298,7 @@ net_proxy_user = HexChat
# /set irc_hide_version ON # /set irc_hide_version ON
# /set identd OFF <-- NOT working on all HexChat-based IRC software. # /set identd OFF <-- NOT working on all HexChat-based IRC software.
# But still highly suggested to include & use it. # But still highly suggested to include & use it.
# Probable not needed on UNIX, source: http://xchat.org/faq/#q21 # Probable not needed on UNIX, source: https://xchat.org/faq/#q21
dcc_auto_chat = 0 dcc_auto_chat = 0
dcc_auto_resume = 0 dcc_auto_resume = 0
dcc_auto_send = 0 dcc_auto_send = 0
@ -450,7 +450,7 @@ If you wish to make backups of the OMEMO keys then they can be found within:
If you wish to use OpenPGP to encrypt your messages then go to *Edit/Accounts*, select your account and then the *Personal Information* tab. You can then choose your GPG key. When initiating a chat you can select the *Advanced* button and then select *Toggle OpenPGP Encryption*. OpenPGP is not as secure as OMEMO, but does allow you to use XMPP in a similar style to email in that the recipient of the message does not necessarily need to be online at the same time that you send it. If you wish to use OpenPGP to encrypt your messages then go to *Edit/Accounts*, select your account and then the *Personal Information* tab. You can then choose your GPG key. When initiating a chat you can select the *Advanced* button and then select *Toggle OpenPGP Encryption*. OpenPGP is not as secure as OMEMO, but does allow you to use XMPP in a similar style to email in that the recipient of the message does not necessarily need to be online at the same time that you send it.
*** Using with Profanity *** Using with Profanity
The [[http://profanity.im][Profanity]] shell based user interface and is perhaps the simplest way to use XMPP from a laptop. It's also a good way to ensure that your OTR keys are the same even when logging in from different laptops or devices, and it also means that if those devices later become compomised then there are no locally stored OTR keys to be found. The [[https://profanity.im][Profanity]] shell based user interface and is perhaps the simplest way to use XMPP from a laptop. It's also a good way to ensure that your OTR keys are the same even when logging in from different laptops or devices, and it also means that if those devices later become compomised then there are no locally stored OTR keys to be found.
#+BEGIN_SRC bash #+BEGIN_SRC bash
ssh username@domain -p 2222 ssh username@domain -p 2222
@ -498,7 +498,7 @@ and quote that. If they quote theirs back you can check it with:
/otr theirfp /otr theirfp
#+END_SRC #+END_SRC
If the fingerprints match then you can be pretty confident that unless you have been socially engineered via the question and answer you probably are talking to who you think you are, and that it will be difficult for mass surveillance systems to know the content of the conversation. For more details see [[http://www.profanity.im/otr.html][this guide]]. If the fingerprints match then you can be pretty confident that unless you have been socially engineered via the question and answer you probably are talking to who you think you are, and that it will be difficult for mass surveillance systems to know the content of the conversation. For more details see [[https://www.profanity.im/otr.html][this guide]]
When accessed via the user control panel the client is automatically routed through Tor and so if you are also using OTR then this provides protection for both message content and metadata. When accessed via the user control panel the client is automatically routed through Tor and so if you are also using OTR then this provides protection for both message content and metadata.
*** Using with Jitsi *** Using with Jitsi
@ -625,7 +625,7 @@ Select /Administrator controls/ then select the *About* screen.
The RSS reader is accessible only via an onion address. This provides a reasonable degree of reading privacy, making it difficult for passive adversaries such as governments, corporations or criminals to create lists of sites which you are subscribed to. The RSS reader is accessible only via an onion address. This provides a reasonable degree of reading privacy, making it difficult for passive adversaries such as governments, corporations or criminals to create lists of sites which you are subscribed to.
To set up the system open http://rss_reader_onion_address/ and log in with username *admin* and the password obtained either at the beginning of the install or from the README file in your home directory. You can then select the *Actions* menu and begin adding your feeds. To set up the system open http://rss_reader_onion_address and log in with username *admin* and the password obtained either at the beginning of the install or from the README file in your home directory. You can then select the *Actions* menu and begin adding your feeds.
** On mobile ** On mobile
To access the RSS reader from a mobile device you can install a Tor compatible browser such as OrFox. It will try to automatically change to the mobile version of the user interface. Remember to add the site to the NoScript whitelist, and you may also need to turn HTTPS Everywhere off. To access the RSS reader from a mobile device you can install a Tor compatible browser such as OrFox. It will try to automatically change to the mobile version of the user interface. Remember to add the site to the NoScript whitelist, and you may also need to turn HTTPS Everywhere off.
@ -640,8 +640,8 @@ Add the following to your configuration, changing the address and password as ap
#+begin_src emacs-lisp :tangle no #+begin_src emacs-lisp :tangle no
(setq avandu-tt-rss-api-url "http://rss_reader_onion_address/api/" (setq avandu-tt-rss-api-url "http://rss_reader_onion_address/api/"
avandu-user "admin" avandu-user "admin"
avandu-password "mypassword") avandu-password "mypassword")
#+end_src #+end_src
If you don't already have Emacs set up to route through Tor then also add the following: If you don't already have Emacs set up to route through Tor then also add the following:

View File

@ -37,7 +37,7 @@ So if you want to use your own email address hosted on your own system you do ne
* A technical note about email transport security * A technical note about email transport security
Port 465 is used for SMTP and this is supposedly deprecated for secure email. However, using TLS from the start of the communications seems far more secure than starting off with insecure communications and then trying to upgrade it with a command to begin TLS, as happens with STARTTLS. There are [[https://www.eff.org/deeplinks/2014/11/starttls-downgrade-attacks][possible attacks against STARTTLS]] in which the command to begin secure communications is removed or overwritten which could then result in email being transferred in plain text over the internet and be readable by third parties. Port 465 is used for SMTP and this is supposedly deprecated for secure email. However, using TLS from the start of the communications seems far more secure than starting off with insecure communications and then trying to upgrade it with a command to begin TLS, as happens with STARTTLS. There are [[https://www.eff.org/deeplinks/2014/11/starttls-downgrade-attacks][possible attacks against STARTTLS]] in which the command to begin secure communications is removed or overwritten which could then result in email being transferred in plain text over the internet and be readable by third parties.
From http://motherboard.vice.com/read/email-encryption-is-broken: From https://motherboard.vice.com/read/email-encryption-is-broken:
#+BEGIN_QUOTE #+BEGIN_QUOTE
The researchers also uncovered mass scale attacks of STARTTLS sessions being stripped of their encryption. That attack itself isn't new: internet service providers sometimes do it to monitor users; organizations may use it to keep an eye on employees; or it may come from a malicious actor The researchers also uncovered mass scale attacks of STARTTLS sessions being stripped of their encryption. That attack itself isn't new: internet service providers sometimes do it to monitor users; organizations may use it to keep an eye on employees; or it may come from a malicious actor
@ -54,7 +54,7 @@ quit
exit exit
#+END_SRC #+END_SRC
Having a password on your GPG key will prevent someone from reading your email /even if your server gets lost or stolen/ or if someone else has physical access to it. Make the password something long and unlikely to be guessable or vulnerable to a brute force [[http://en.wikipedia.org/wiki/Dictionary_attack][dictionary attack]]. Having a password on your GPG key will prevent someone from reading your email /even if your server gets lost or stolen/ or if someone else has physical access to it. Make the password something long and unlikely to be guessable or vulnerable to a brute force [[https://en.wikipedia.org/wiki/Dictionary_attack][dictionary attack]].
* Publishing your GPG public key * Publishing your GPG public key
If you havn't already then you should publish your GPG public key so that others can find it. If you havn't already then you should publish your GPG public key so that others can find it.

View File

@ -1,15 +1,15 @@
<?xml version="1.0" encoding="UTF-8" standalone="no"?> <?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Created with Inkscape (http://www.inkscape.org/) --> <!-- Created with Inkscape (https://www.inkscape.org/) -->
<svg <svg
xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:dc="https://purl.org/dc/elements/1.1/"
xmlns:cc="http://creativecommons.org/ns#" xmlns:cc="https://creativecommons.org/ns#"
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:rdf="https://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:svg="http://www.w3.org/2000/svg" xmlns:svg="https://www.w3.org/2000/svg"
xmlns="http://www.w3.org/2000/svg" xmlns="https://www.w3.org/2000/svg"
xmlns:xlink="http://www.w3.org/1999/xlink" xmlns:xlink="https://www.w3.org/1999/xlink"
xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd" xmlns:sodipodi="https://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape" xmlns:inkscape="https://www.inkscape.org/namespaces/inkscape"
id="svg3039" id="svg3039"
version="1.1" version="1.1"
inkscape:version="0.48.4 r9939" inkscape:version="0.48.4 r9939"
@ -23,7 +23,7 @@
rdf:about=""> rdf:about="">
<dc:format>image/svg+xml</dc:format> <dc:format>image/svg+xml</dc:format>
<dc:type <dc:type
rdf:resource="http://purl.org/dc/dcmitype/StillImage" /> rdf:resource="https://purl.org/dc/dcmitype/StillImage" />
<dc:title></dc:title> <dc:title></dc:title>
</cc:Work> </cc:Work>
</rdf:RDF> </rdf:RDF>

Before

Width:  |  Height:  |  Size: 16 KiB

After

Width:  |  Height:  |  Size: 16 KiB

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2016-04-06 Wed 18:52 --> <!-- 2016-08-08 Mon 17:16 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -56,13 +56,96 @@
border: 1px solid black; border: 1px solid black;
} }
pre.src:hover:before { display: inline;} pre.src:hover:before { display: inline;}
pre.src-sh:before { content: 'sh'; } /* Languages per Org manual */
pre.src-bash:before { content: 'sh'; } pre.src-asymptote:before { content: 'Asymptote'; }
pre.src-awk:before { content: 'Awk'; }
pre.src-C:before { content: 'C'; }
/* pre.src-C++ doesn't work in CSS */
pre.src-clojure:before { content: 'Clojure'; }
pre.src-css:before { content: 'CSS'; }
pre.src-D:before { content: 'D'; }
pre.src-ditaa:before { content: 'ditaa'; }
pre.src-dot:before { content: 'Graphviz'; }
pre.src-calc:before { content: 'Emacs Calc'; }
pre.src-emacs-lisp:before { content: 'Emacs Lisp'; } pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
pre.src-R:before { content: 'R'; } pre.src-fortran:before { content: 'Fortran'; }
pre.src-perl:before { content: 'Perl'; } pre.src-gnuplot:before { content: 'gnuplot'; }
pre.src-java:before { content: 'Java'; } pre.src-haskell:before { content: 'Haskell'; }
pre.src-sql:before { content: 'SQL'; } pre.src-java:before { content: 'Java'; }
pre.src-js:before { content: 'Javascript'; }
pre.src-latex:before { content: 'LaTeX'; }
pre.src-ledger:before { content: 'Ledger'; }
pre.src-lisp:before { content: 'Lisp'; }
pre.src-lilypond:before { content: 'Lilypond'; }
pre.src-matlab:before { content: 'MATLAB'; }
pre.src-mscgen:before { content: 'Mscgen'; }
pre.src-ocaml:before { content: 'Objective Caml'; }
pre.src-octave:before { content: 'Octave'; }
pre.src-org:before { content: 'Org mode'; }
pre.src-oz:before { content: 'OZ'; }
pre.src-plantuml:before { content: 'Plantuml'; }
pre.src-processing:before { content: 'Processing.js'; }
pre.src-python:before { content: 'Python'; }
pre.src-R:before { content: 'R'; }
pre.src-ruby:before { content: 'Ruby'; }
pre.src-sass:before { content: 'Sass'; }
pre.src-scheme:before { content: 'Scheme'; }
pre.src-screen:before { content: 'Gnu Screen'; }
pre.src-sed:before { content: 'Sed'; }
pre.src-sh:before { content: 'shell'; }
pre.src-sql:before { content: 'SQL'; }
pre.src-sqlite:before { content: 'SQLite'; }
/* additional languages in org.el's org-babel-load-languages alist */
pre.src-forth:before { content: 'Forth'; }
pre.src-io:before { content: 'IO'; }
pre.src-J:before { content: 'J'; }
pre.src-makefile:before { content: 'Makefile'; }
pre.src-maxima:before { content: 'Maxima'; }
pre.src-perl:before { content: 'Perl'; }
pre.src-picolisp:before { content: 'Pico Lisp'; }
pre.src-scala:before { content: 'Scala'; }
pre.src-shell:before { content: 'Shell Script'; }
pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
/* additional language identifiers per "defun org-babel-execute"
in ob-*.el */
pre.src-cpp:before { content: 'C++'; }
pre.src-abc:before { content: 'ABC'; }
pre.src-coq:before { content: 'Coq'; }
pre.src-groovy:before { content: 'Groovy'; }
/* additional language identifiers from org-babel-shell-names in
ob-shell.el: ob-shell is the only babel language using a lambda to put
the execution function name together. */
pre.src-bash:before { content: 'bash'; }
pre.src-csh:before { content: 'csh'; }
pre.src-ash:before { content: 'ash'; }
pre.src-dash:before { content: 'dash'; }
pre.src-ksh:before { content: 'ksh'; }
pre.src-mksh:before { content: 'mksh'; }
pre.src-posh:before { content: 'posh'; }
/* Additional Emacs modes also supported by the LaTeX listings package */
pre.src-ada:before { content: 'Ada'; }
pre.src-asm:before { content: 'Assembler'; }
pre.src-caml:before { content: 'Caml'; }
pre.src-delphi:before { content: 'Delphi'; }
pre.src-html:before { content: 'HTML'; }
pre.src-idl:before { content: 'IDL'; }
pre.src-mercury:before { content: 'Mercury'; }
pre.src-metapost:before { content: 'MetaPost'; }
pre.src-modula-2:before { content: 'Modula-2'; }
pre.src-pascal:before { content: 'Pascal'; }
pre.src-ps:before { content: 'PostScript'; }
pre.src-prolog:before { content: 'Prolog'; }
pre.src-simula:before { content: 'Simula'; }
pre.src-tcl:before { content: 'tcl'; }
pre.src-tex:before { content: 'TeX'; }
pre.src-plain-tex:before { content: 'Plain TeX'; }
pre.src-verilog:before { content: 'Verilog'; }
pre.src-vhdl:before { content: 'VHDL'; }
pre.src-xml:before { content: 'XML'; }
pre.src-nxml:before { content: 'XML'; }
/* add a generic configuration mode; LaTeX export needs an additional
(add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
pre.src-conf:before { content: 'Configuration File'; }
table { border-collapse:collapse; } table { border-collapse:collapse; }
caption.t-above { caption-side: top; } caption.t-above { caption-side: top; }
@ -95,6 +178,7 @@
{ font-size: 10px; font-weight: bold; white-space: nowrap; } { font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight .org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; } { background-color: #ffff00; color: #000000; font-weight: bold; }
.org-svg { width: 90%; }
/*]]>*/--> /*]]>*/-->
</style> </style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" /> <link rel="stylesheet" type="text/css" href="solarized-light.css" />
@ -171,31 +255,31 @@ for the JavaScript code in this tag.
</colgroup> </colgroup>
<tbody> <tbody>
<tr> <tr>
<td class="org-left"><a href="#orgheadline1">Backup keys</a></td> <td class="org-left"><a href="#org4907e41">Backup keys</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline2">Backup to USB</a></td> <td class="org-left"><a href="#orgf34d4c2">Backup to USB</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline3">Restore from USB</a></td> <td class="org-left"><a href="#org462e852">Restore from USB</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline4">Distributed/remote backups</a></td> <td class="org-left"><a href="#orgd061e2e">Distributed/remote backups</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline5">Restore from a friend</a></td> <td class="org-left"><a href="#org7e9b4a7">Restore from a friend</a></td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
</div> </div>
<div id="outline-container-orgheadline1" class="outline-2"> <div id="outline-container-org4907e41" class="outline-2">
<h2 id="orgheadline1">Backup keys</h2> <h2 id="org4907e41">Backup keys</h2>
<div class="outline-text-2" id="text-orgheadline1"> <div class="outline-text-2" id="text-org4907e41">
<p> <p>
As part of the Freedombone installation the GPG key used to encrypt backups will have been added to the <i>.gnupg</i> keyring in your home directory. Ensure that you have a copy of all your keys by plugging in a LUKS encrypted USB drive and then running the commands: As part of the Freedombone installation the GPG key used to encrypt backups will have been added to the <i>.gnupg</i> keyring in your home directory. Ensure that you have a copy of all your keys by plugging in a LUKS encrypted USB drive and then running the commands:
</p> </p>
@ -219,9 +303,9 @@ A pro-tip for the best possible security is to create multiple USB drives contai
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline2" class="outline-2"> <div id="outline-container-orgf34d4c2" class="outline-2">
<h2 id="orgheadline2">Backup to USB</h2> <h2 id="orgf34d4c2">Backup to USB</h2>
<div class="outline-text-2" id="text-orgheadline2"> <div class="outline-text-2" id="text-orgf34d4c2">
<p> <p>
First and foremost - <b>encrypt your USB drives</b>! Even if you think you have "<i>nothing to hide</i>" if you accidentally lose a USB thumb drive (it's easy to lose small objects) and it's not encrypted then potentially someone might be able to obtain enough information about you to commit identity fraud, take out loans, open bank accounts, etc. Use LUKS encryption. In Ubuntu you can do this using the <i>Disk Utility</i> application. Some instructions <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">can be found here</a>. First and foremost - <b>encrypt your USB drives</b>! Even if you think you have "<i>nothing to hide</i>" if you accidentally lose a USB thumb drive (it's easy to lose small objects) and it's not encrypted then potentially someone might be able to obtain enough information about you to commit identity fraud, take out loans, open bank accounts, etc. Use LUKS encryption. In Ubuntu you can do this using the <i>Disk Utility</i> application. Some instructions <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">can be found here</a>.
</p> </p>
@ -253,9 +337,9 @@ When the backup ends remove the USB drive and keep it somewhere safe. Even if it
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline3" class="outline-2"> <div id="outline-container-org462e852" class="outline-2">
<h2 id="orgheadline3">Restore from USB</h2> <h2 id="org462e852">Restore from USB</h2>
<div class="outline-text-2" id="text-orgheadline3"> <div class="outline-text-2" id="text-org462e852">
<p> <p>
Log into the system and become the root user: Log into the system and become the root user:
</p> </p>
@ -279,9 +363,9 @@ Enter the LUKS password for the USB drive. When the restore is complete you can
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline4" class="outline-2"> <div id="outline-container-orgd061e2e" class="outline-2">
<h2 id="orgheadline4">Distributed/remote backups</h2> <h2 id="orgd061e2e">Distributed/remote backups</h2>
<div class="outline-text-2" id="text-orgheadline4"> <div class="outline-text-2" id="text-orgd061e2e">
<p> <p>
Distributed backups are a better way of ensuring the persistence of your data, such that even if your system gets stolen or destroyed then the data will still be recoverable from your friends. Since the backups are encrypted your friends (or anyone else with access to their systems) won't be able to read your backed up content even if their systems are subsequently compromised. Distributed backups are a better way of ensuring the persistence of your data, such that even if your system gets stolen or destroyed then the data will still be recoverable from your friends. Since the backups are encrypted your friends (or anyone else with access to their systems) won't be able to read your backed up content even if their systems are subsequently compromised.
</p> </p>
@ -305,12 +389,12 @@ You can then enter the usernames, domains and ssh logins for one or more remote
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline5" class="outline-2"> <div id="outline-container-org7e9b4a7" class="outline-2">
<h2 id="orgheadline5">Restore from a friend</h2> <h2 id="org7e9b4a7">Restore from a friend</h2>
<div class="outline-text-2" id="text-orgheadline5"> <div class="outline-text-2" id="text-org7e9b4a7">
</div><div id="outline-container-orgheadline6" class="outline-3"> </div><div id="outline-container-org50e5958" class="outline-3">
<h3 id="orgheadline6">With a completely new Freedombone installation</h3> <h3 id="org50e5958">With a completely new Freedombone installation</h3>
<div class="outline-text-3" id="text-orgheadline6"> <div class="outline-text-3" id="text-org50e5958">
<p> <p>
This is the ultimate disaster recovery scenario in which you are beginning completely from scratch with new hardware and a new Freedombone installation (configured with the same username and domain names). It is assumed that the old hardware was destroyed, but that you have the backup key stored on a USB thumb drive. This is the ultimate disaster recovery scenario in which you are beginning completely from scratch with new hardware and a new Freedombone installation (configured with the same username and domain names). It is assumed that the old hardware was destroyed, but that you have the backup key stored on a USB thumb drive.
</p> </p>
@ -338,9 +422,9 @@ Finally select <i>Restore from remote backup</i> and enter the domain name of th
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline7" class="outline-3"> <div id="outline-container-org76d9030" class="outline-3">
<h3 id="orgheadline7">On an existing Freedombone installation</h3> <h3 id="org76d9030">On an existing Freedombone installation</h3>
<div class="outline-text-3" id="text-orgheadline7"> <div class="outline-text-3" id="text-org76d9030">
<p> <p>
This is for more common situations in which maybe some data became corrupted and you want to restore it. This is for more common situations in which maybe some data became corrupted and you want to restore it.
</p> </p>

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2016-02-27 Sat 22:06 --> <!-- 2016-08-08 Mon 17:19 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -56,13 +56,96 @@
border: 1px solid black; border: 1px solid black;
} }
pre.src:hover:before { display: inline;} pre.src:hover:before { display: inline;}
pre.src-sh:before { content: 'sh'; } /* Languages per Org manual */
pre.src-bash:before { content: 'sh'; } pre.src-asymptote:before { content: 'Asymptote'; }
pre.src-awk:before { content: 'Awk'; }
pre.src-C:before { content: 'C'; }
/* pre.src-C++ doesn't work in CSS */
pre.src-clojure:before { content: 'Clojure'; }
pre.src-css:before { content: 'CSS'; }
pre.src-D:before { content: 'D'; }
pre.src-ditaa:before { content: 'ditaa'; }
pre.src-dot:before { content: 'Graphviz'; }
pre.src-calc:before { content: 'Emacs Calc'; }
pre.src-emacs-lisp:before { content: 'Emacs Lisp'; } pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
pre.src-R:before { content: 'R'; } pre.src-fortran:before { content: 'Fortran'; }
pre.src-perl:before { content: 'Perl'; } pre.src-gnuplot:before { content: 'gnuplot'; }
pre.src-java:before { content: 'Java'; } pre.src-haskell:before { content: 'Haskell'; }
pre.src-sql:before { content: 'SQL'; } pre.src-java:before { content: 'Java'; }
pre.src-js:before { content: 'Javascript'; }
pre.src-latex:before { content: 'LaTeX'; }
pre.src-ledger:before { content: 'Ledger'; }
pre.src-lisp:before { content: 'Lisp'; }
pre.src-lilypond:before { content: 'Lilypond'; }
pre.src-matlab:before { content: 'MATLAB'; }
pre.src-mscgen:before { content: 'Mscgen'; }
pre.src-ocaml:before { content: 'Objective Caml'; }
pre.src-octave:before { content: 'Octave'; }
pre.src-org:before { content: 'Org mode'; }
pre.src-oz:before { content: 'OZ'; }
pre.src-plantuml:before { content: 'Plantuml'; }
pre.src-processing:before { content: 'Processing.js'; }
pre.src-python:before { content: 'Python'; }
pre.src-R:before { content: 'R'; }
pre.src-ruby:before { content: 'Ruby'; }
pre.src-sass:before { content: 'Sass'; }
pre.src-scheme:before { content: 'Scheme'; }
pre.src-screen:before { content: 'Gnu Screen'; }
pre.src-sed:before { content: 'Sed'; }
pre.src-sh:before { content: 'shell'; }
pre.src-sql:before { content: 'SQL'; }
pre.src-sqlite:before { content: 'SQLite'; }
/* additional languages in org.el's org-babel-load-languages alist */
pre.src-forth:before { content: 'Forth'; }
pre.src-io:before { content: 'IO'; }
pre.src-J:before { content: 'J'; }
pre.src-makefile:before { content: 'Makefile'; }
pre.src-maxima:before { content: 'Maxima'; }
pre.src-perl:before { content: 'Perl'; }
pre.src-picolisp:before { content: 'Pico Lisp'; }
pre.src-scala:before { content: 'Scala'; }
pre.src-shell:before { content: 'Shell Script'; }
pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
/* additional language identifiers per "defun org-babel-execute"
in ob-*.el */
pre.src-cpp:before { content: 'C++'; }
pre.src-abc:before { content: 'ABC'; }
pre.src-coq:before { content: 'Coq'; }
pre.src-groovy:before { content: 'Groovy'; }
/* additional language identifiers from org-babel-shell-names in
ob-shell.el: ob-shell is the only babel language using a lambda to put
the execution function name together. */
pre.src-bash:before { content: 'bash'; }
pre.src-csh:before { content: 'csh'; }
pre.src-ash:before { content: 'ash'; }
pre.src-dash:before { content: 'dash'; }
pre.src-ksh:before { content: 'ksh'; }
pre.src-mksh:before { content: 'mksh'; }
pre.src-posh:before { content: 'posh'; }
/* Additional Emacs modes also supported by the LaTeX listings package */
pre.src-ada:before { content: 'Ada'; }
pre.src-asm:before { content: 'Assembler'; }
pre.src-caml:before { content: 'Caml'; }
pre.src-delphi:before { content: 'Delphi'; }
pre.src-html:before { content: 'HTML'; }
pre.src-idl:before { content: 'IDL'; }
pre.src-mercury:before { content: 'Mercury'; }
pre.src-metapost:before { content: 'MetaPost'; }
pre.src-modula-2:before { content: 'Modula-2'; }
pre.src-pascal:before { content: 'Pascal'; }
pre.src-ps:before { content: 'PostScript'; }
pre.src-prolog:before { content: 'Prolog'; }
pre.src-simula:before { content: 'Simula'; }
pre.src-tcl:before { content: 'tcl'; }
pre.src-tex:before { content: 'TeX'; }
pre.src-plain-tex:before { content: 'Plain TeX'; }
pre.src-verilog:before { content: 'Verilog'; }
pre.src-vhdl:before { content: 'VHDL'; }
pre.src-xml:before { content: 'XML'; }
pre.src-nxml:before { content: 'XML'; }
/* add a generic configuration mode; LaTeX export needs an additional
(add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
pre.src-conf:before { content: 'Configuration File'; }
table { border-collapse:collapse; } table { border-collapse:collapse; }
caption.t-above { caption-side: top; } caption.t-above { caption-side: top; }
@ -95,6 +178,7 @@
{ font-size: 10px; font-weight: bold; white-space: nowrap; } { font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight .org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; } { background-color: #ffff00; color: #000000; font-weight: bold; }
.org-svg { width: 90%; }
/*]]>*/--> /*]]>*/-->
</style> </style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" /> <link rel="stylesheet" type="text/css" href="solarized-light.css" />
@ -163,7 +247,7 @@ for the JavaScript code in this tag.
</center> </center>
<p> <p>
Freedombone is really just a couple of <a href="http://www.gnu.org/software/bash">bash</a> scripts which install and configure software on a Debian GNU/Linux system. If you're a system administrator, software engineer or Linux hobbyist you'll probably be familiar with command line scripting and be able to make your own modifications or custom variants to suit your needs. Freedombone is licensed under the <a href="https://www.gnu.org/licenses/agpl.html">GNU Affero General Public License version 3</a> (or later). Freedombone is really just a couple of <a href="https://www.gnu.org/software/bash">bash</a> scripts which install and configure software on a Debian GNU/Linux system. If you're a system administrator, software engineer or Linux hobbyist you'll probably be familiar with command line scripting and be able to make your own modifications or custom variants to suit your needs. Freedombone is licensed under the <a href="https://www.gnu.org/licenses/agpl.html">GNU Affero General Public License version 3</a> (or later).
</p> </p>
<p> <p>

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2016-04-10 Sun 22:14 --> <!-- 2016-08-08 Mon 17:19 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -56,13 +56,96 @@
border: 1px solid black; border: 1px solid black;
} }
pre.src:hover:before { display: inline;} pre.src:hover:before { display: inline;}
pre.src-sh:before { content: 'sh'; } /* Languages per Org manual */
pre.src-bash:before { content: 'sh'; } pre.src-asymptote:before { content: 'Asymptote'; }
pre.src-awk:before { content: 'Awk'; }
pre.src-C:before { content: 'C'; }
/* pre.src-C++ doesn't work in CSS */
pre.src-clojure:before { content: 'Clojure'; }
pre.src-css:before { content: 'CSS'; }
pre.src-D:before { content: 'D'; }
pre.src-ditaa:before { content: 'ditaa'; }
pre.src-dot:before { content: 'Graphviz'; }
pre.src-calc:before { content: 'Emacs Calc'; }
pre.src-emacs-lisp:before { content: 'Emacs Lisp'; } pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
pre.src-R:before { content: 'R'; } pre.src-fortran:before { content: 'Fortran'; }
pre.src-perl:before { content: 'Perl'; } pre.src-gnuplot:before { content: 'gnuplot'; }
pre.src-java:before { content: 'Java'; } pre.src-haskell:before { content: 'Haskell'; }
pre.src-sql:before { content: 'SQL'; } pre.src-java:before { content: 'Java'; }
pre.src-js:before { content: 'Javascript'; }
pre.src-latex:before { content: 'LaTeX'; }
pre.src-ledger:before { content: 'Ledger'; }
pre.src-lisp:before { content: 'Lisp'; }
pre.src-lilypond:before { content: 'Lilypond'; }
pre.src-matlab:before { content: 'MATLAB'; }
pre.src-mscgen:before { content: 'Mscgen'; }
pre.src-ocaml:before { content: 'Objective Caml'; }
pre.src-octave:before { content: 'Octave'; }
pre.src-org:before { content: 'Org mode'; }
pre.src-oz:before { content: 'OZ'; }
pre.src-plantuml:before { content: 'Plantuml'; }
pre.src-processing:before { content: 'Processing.js'; }
pre.src-python:before { content: 'Python'; }
pre.src-R:before { content: 'R'; }
pre.src-ruby:before { content: 'Ruby'; }
pre.src-sass:before { content: 'Sass'; }
pre.src-scheme:before { content: 'Scheme'; }
pre.src-screen:before { content: 'Gnu Screen'; }
pre.src-sed:before { content: 'Sed'; }
pre.src-sh:before { content: 'shell'; }
pre.src-sql:before { content: 'SQL'; }
pre.src-sqlite:before { content: 'SQLite'; }
/* additional languages in org.el's org-babel-load-languages alist */
pre.src-forth:before { content: 'Forth'; }
pre.src-io:before { content: 'IO'; }
pre.src-J:before { content: 'J'; }
pre.src-makefile:before { content: 'Makefile'; }
pre.src-maxima:before { content: 'Maxima'; }
pre.src-perl:before { content: 'Perl'; }
pre.src-picolisp:before { content: 'Pico Lisp'; }
pre.src-scala:before { content: 'Scala'; }
pre.src-shell:before { content: 'Shell Script'; }
pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
/* additional language identifiers per "defun org-babel-execute"
in ob-*.el */
pre.src-cpp:before { content: 'C++'; }
pre.src-abc:before { content: 'ABC'; }
pre.src-coq:before { content: 'Coq'; }
pre.src-groovy:before { content: 'Groovy'; }
/* additional language identifiers from org-babel-shell-names in
ob-shell.el: ob-shell is the only babel language using a lambda to put
the execution function name together. */
pre.src-bash:before { content: 'bash'; }
pre.src-csh:before { content: 'csh'; }
pre.src-ash:before { content: 'ash'; }
pre.src-dash:before { content: 'dash'; }
pre.src-ksh:before { content: 'ksh'; }
pre.src-mksh:before { content: 'mksh'; }
pre.src-posh:before { content: 'posh'; }
/* Additional Emacs modes also supported by the LaTeX listings package */
pre.src-ada:before { content: 'Ada'; }
pre.src-asm:before { content: 'Assembler'; }
pre.src-caml:before { content: 'Caml'; }
pre.src-delphi:before { content: 'Delphi'; }
pre.src-html:before { content: 'HTML'; }
pre.src-idl:before { content: 'IDL'; }
pre.src-mercury:before { content: 'Mercury'; }
pre.src-metapost:before { content: 'MetaPost'; }
pre.src-modula-2:before { content: 'Modula-2'; }
pre.src-pascal:before { content: 'Pascal'; }
pre.src-ps:before { content: 'PostScript'; }
pre.src-prolog:before { content: 'Prolog'; }
pre.src-simula:before { content: 'Simula'; }
pre.src-tcl:before { content: 'tcl'; }
pre.src-tex:before { content: 'TeX'; }
pre.src-plain-tex:before { content: 'Plain TeX'; }
pre.src-verilog:before { content: 'Verilog'; }
pre.src-vhdl:before { content: 'VHDL'; }
pre.src-xml:before { content: 'XML'; }
pre.src-nxml:before { content: 'XML'; }
/* add a generic configuration mode; LaTeX export needs an additional
(add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
pre.src-conf:before { content: 'Configuration File'; }
table { border-collapse:collapse; } table { border-collapse:collapse; }
caption.t-above { caption-side: top; } caption.t-above { caption-side: top; }
@ -95,6 +178,7 @@
{ font-size: 10px; font-weight: bold; white-space: nowrap; } { font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight .org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; } { background-color: #ffff00; color: #000000; font-weight: bold; }
.org-svg { width: 90%; }
/*]]>*/--> /*]]>*/-->
</style> </style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" /> <link rel="stylesheet" type="text/css" href="solarized-light.css" />
@ -170,54 +254,54 @@ for the JavaScript code in this tag.
</colgroup> </colgroup>
<tbody> <tbody>
<tr> <tr>
<td class="org-left"><a href="#orgheadline1">Main menu</a></td> <td class="org-left"><a href="#org5b9a404">Main menu</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline2">User control panel</a></td> <td class="org-left"><a href="#orge6a192d">User control panel</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline3">About screen</a></td> <td class="org-left"><a href="#org36307fe">About screen</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline4">Email filtering rules</a></td> <td class="org-left"><a href="#org802b84b">Email filtering rules</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline5">Hubzilla menu</a></td> <td class="org-left"><a href="#org8311261">Hubzilla menu</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline6">IRC menu</a></td> <td class="org-left"><a href="#orge818a90">IRC menu</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline7">Media menu</a></td> <td class="org-left"><a href="#org38dc9e7">Media menu</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline8">Repository mirrors</a></td> <td class="org-left"><a href="#org69caf17">Repository mirrors</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline9">Backup and restore menu</a></td> <td class="org-left"><a href="#org9d94b93">Backup and restore menu</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline10">Security menu</a></td> <td class="org-left"><a href="#orgf5b1503">Security menu</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline11">User management menu</a></td> <td class="org-left"><a href="#orge4d717e">User management menu</a></td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
<div id="outline-container-orgheadline1" class="outline-2"> <div id="outline-container-org5b9a404" class="outline-2">
<h2 id="orgheadline1">Main menu</h2> <h2 id="org5b9a404">Main menu</h2>
<div class="outline-text-2" id="text-orgheadline1"> <div class="outline-text-2" id="text-org5b9a404">
<p> <p>
You can access the main menu by logging into the system. You can access the main menu by logging into the system.
</p> </p>
@ -250,9 +334,9 @@ To select anythng on the control panel use the <b>up and down</b> cursor keys an
</div> </div>
</div> </div>
<div id="outline-container-orgheadline2" class="outline-2"> <div id="outline-container-orge6a192d" class="outline-2">
<h2 id="orgheadline2">User control panel</h2> <h2 id="orge6a192d">User control panel</h2>
<div class="outline-text-2" id="text-orgheadline2"> <div class="outline-text-2" id="text-orge6a192d">
<p> <p>
When a user initially logs in they will see a version of the control panel with restricted options aimed at the kinds of things which someone who isn't the administrator might wish to do. An expected scenario is that you might have a few friends or family members on the system, and this is who this menu is intended for. When a user initially logs in they will see a version of the control panel with restricted options aimed at the kinds of things which someone who isn't the administrator might wish to do. An expected scenario is that you might have a few friends or family members on the system, and this is who this menu is intended for.
</p> </p>
@ -274,9 +358,9 @@ It's also possible for the user to define email filtering rules, add a ssh publi
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline3" class="outline-2"> <div id="outline-container-org36307fe" class="outline-2">
<h2 id="orgheadline3">About screen</h2> <h2 id="org36307fe">About screen</h2>
<div class="outline-text-2" id="text-orgheadline3"> <div class="outline-text-2" id="text-org36307fe">
<p> <p>
To find out your current domain names select the About screen from the main menu. This is especially useful for finding your onion addresses. For improved security by compartmentalisation, and also simpler implementation, each application has its own onion address. To find out your current domain names select the About screen from the main menu. This is especially useful for finding your onion addresses. For improved security by compartmentalisation, and also simpler implementation, each application has its own onion address.
</p> </p>
@ -299,9 +383,9 @@ The Local Mirrors contains mirrored copies of the git repositories used by the s
</div> </div>
</div> </div>
<div id="outline-container-orgheadline4" class="outline-2"> <div id="outline-container-org802b84b" class="outline-2">
<h2 id="orgheadline4">Email filtering rules</h2> <h2 id="org802b84b">Email filtering rules</h2>
<div class="outline-text-2" id="text-orgheadline4"> <div class="outline-text-2" id="text-org802b84b">
<p> <p>
You can add users to mailing lists, or block particular email addresses or subject lines in this menu. You can add users to mailing lists, or block particular email addresses or subject lines in this menu.
</p> </p>
@ -316,9 +400,9 @@ You can add users to mailing lists, or block particular email addresses or subje
</div> </div>
</div> </div>
<div id="outline-container-orgheadline5" class="outline-2"> <div id="outline-container-org8311261" class="outline-2">
<h2 id="orgheadline5">Hubzilla menu</h2> <h2 id="org8311261">Hubzilla menu</h2>
<div class="outline-text-2" id="text-orgheadline5"> <div class="outline-text-2" id="text-org8311261">
<p> <p>
This allows you to set the global directory location and obtain an SSL/TLS certificate if necessary. This allows you to set the global directory location and obtain an SSL/TLS certificate if necessary.
</p> </p>
@ -333,9 +417,9 @@ This allows you to set the global directory location and obtain an SSL/TLS certi
</div> </div>
</div> </div>
<div id="outline-container-orgheadline6" class="outline-2"> <div id="outline-container-orge818a90" class="outline-2">
<h2 id="orgheadline6">IRC menu</h2> <h2 id="orge818a90">IRC menu</h2>
<div class="outline-text-2" id="text-orgheadline6"> <div class="outline-text-2" id="text-orge818a90">
<p> <p>
You can view the current IRC password or change it from here. Currently the IRC server does not work equally well on clrearnet and via Tor, so there is an option to switch from one to the other. Initially the IRC server will be running on clearnet (i.e. no onion routing). You can view the current IRC password or change it from here. Currently the IRC server does not work equally well on clrearnet and via Tor, so there is an option to switch from one to the other. Initially the IRC server will be running on clearnet (i.e. no onion routing).
</p> </p>
@ -350,9 +434,9 @@ You can view the current IRC password or change it from here. Currently the IRC
</div> </div>
</div> </div>
<div id="outline-container-orgheadline7" class="outline-2"> <div id="outline-container-org38dc9e7" class="outline-2">
<h2 id="orgheadline7">Media menu</h2> <h2 id="org38dc9e7">Media menu</h2>
<div class="outline-text-2" id="text-orgheadline7"> <div class="outline-text-2" id="text-org38dc9e7">
<p> <p>
It's possible to add playable media to a USB drive and plug it into the system, then make it accessible to other devices such as tablets or phones on your local network via DLNA. It's possible to add playable media to a USB drive and plug it into the system, then make it accessible to other devices such as tablets or phones on your local network via DLNA.
</p> </p>
@ -367,9 +451,9 @@ It's possible to add playable media to a USB drive and plug it into the system,
</div> </div>
</div> </div>
<div id="outline-container-orgheadline8" class="outline-2"> <div id="outline-container-org69caf17" class="outline-2">
<h2 id="orgheadline8">Repository mirrors</h2> <h2 id="org69caf17">Repository mirrors</h2>
<div class="outline-text-2" id="text-orgheadline8"> <div class="outline-text-2" id="text-org69caf17">
<p> <p>
If you don't want to use the default repositories, or don't have access to them, then you can obtain them from another Freedombone server (the details can be found on the other server on the <b>About</b> screen of the control panel). If you don't want to use the default repositories, or don't have access to them, then you can obtain them from another Freedombone server (the details can be found on the other server on the <b>About</b> screen of the control panel).
</p> </p>
@ -384,9 +468,9 @@ If you don't want to use the default repositories, or don't have access to them,
</div> </div>
</div> </div>
<div id="outline-container-orgheadline9" class="outline-2"> <div id="outline-container-org9d94b93" class="outline-2">
<h2 id="orgheadline9">Backup and restore menu</h2> <h2 id="org9d94b93">Backup and restore menu</h2>
<div class="outline-text-2" id="text-orgheadline9"> <div class="outline-text-2" id="text-org9d94b93">
<p> <p>
You can create backups or restore from backup here. It's also possible to create keydrives which store the backup key. You can create backups or restore from backup here. It's also possible to create keydrives which store the backup key.
</p> </p>
@ -401,9 +485,9 @@ You can create backups or restore from backup here. It's also possible to create
</div> </div>
</div> </div>
<div id="outline-container-orgheadline10" class="outline-2"> <div id="outline-container-orgf5b1503" class="outline-2">
<h2 id="orgheadline10">Security menu</h2> <h2 id="orgf5b1503">Security menu</h2>
<div class="outline-text-2" id="text-orgheadline10"> <div class="outline-text-2" id="text-orgf5b1503">
<p> <p>
If you need to generate SSL/TLS certificates or change cypher details due to changing recommendations then you can do that here. If you are changing cypher details be extra careful not to make mistakes/typos, which could reduce the security of your system. If you need to generate SSL/TLS certificates or change cypher details due to changing recommendations then you can do that here. If you are changing cypher details be extra careful not to make mistakes/typos, which could reduce the security of your system.
</p> </p>
@ -418,9 +502,9 @@ If you need to generate SSL/TLS certificates or change cypher details due to cha
</div> </div>
</div> </div>
<div id="outline-container-orgheadline11" class="outline-2"> <div id="outline-container-orge4d717e" class="outline-2">
<h2 id="orgheadline11">User management menu</h2> <h2 id="orge4d717e">User management menu</h2>
<div class="outline-text-2" id="text-orgheadline11"> <div class="outline-text-2" id="text-orge4d717e">
<p> <p>
Users can be added or removed here. Users can be added or removed here.
</p> </p>

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2016-06-23 Thu 17:53 --> <!-- 2016-08-08 Mon 17:19 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -56,13 +56,96 @@
border: 1px solid black; border: 1px solid black;
} }
pre.src:hover:before { display: inline;} pre.src:hover:before { display: inline;}
pre.src-sh:before { content: 'sh'; } /* Languages per Org manual */
pre.src-bash:before { content: 'sh'; } pre.src-asymptote:before { content: 'Asymptote'; }
pre.src-awk:before { content: 'Awk'; }
pre.src-C:before { content: 'C'; }
/* pre.src-C++ doesn't work in CSS */
pre.src-clojure:before { content: 'Clojure'; }
pre.src-css:before { content: 'CSS'; }
pre.src-D:before { content: 'D'; }
pre.src-ditaa:before { content: 'ditaa'; }
pre.src-dot:before { content: 'Graphviz'; }
pre.src-calc:before { content: 'Emacs Calc'; }
pre.src-emacs-lisp:before { content: 'Emacs Lisp'; } pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
pre.src-R:before { content: 'R'; } pre.src-fortran:before { content: 'Fortran'; }
pre.src-perl:before { content: 'Perl'; } pre.src-gnuplot:before { content: 'gnuplot'; }
pre.src-java:before { content: 'Java'; } pre.src-haskell:before { content: 'Haskell'; }
pre.src-sql:before { content: 'SQL'; } pre.src-java:before { content: 'Java'; }
pre.src-js:before { content: 'Javascript'; }
pre.src-latex:before { content: 'LaTeX'; }
pre.src-ledger:before { content: 'Ledger'; }
pre.src-lisp:before { content: 'Lisp'; }
pre.src-lilypond:before { content: 'Lilypond'; }
pre.src-matlab:before { content: 'MATLAB'; }
pre.src-mscgen:before { content: 'Mscgen'; }
pre.src-ocaml:before { content: 'Objective Caml'; }
pre.src-octave:before { content: 'Octave'; }
pre.src-org:before { content: 'Org mode'; }
pre.src-oz:before { content: 'OZ'; }
pre.src-plantuml:before { content: 'Plantuml'; }
pre.src-processing:before { content: 'Processing.js'; }
pre.src-python:before { content: 'Python'; }
pre.src-R:before { content: 'R'; }
pre.src-ruby:before { content: 'Ruby'; }
pre.src-sass:before { content: 'Sass'; }
pre.src-scheme:before { content: 'Scheme'; }
pre.src-screen:before { content: 'Gnu Screen'; }
pre.src-sed:before { content: 'Sed'; }
pre.src-sh:before { content: 'shell'; }
pre.src-sql:before { content: 'SQL'; }
pre.src-sqlite:before { content: 'SQLite'; }
/* additional languages in org.el's org-babel-load-languages alist */
pre.src-forth:before { content: 'Forth'; }
pre.src-io:before { content: 'IO'; }
pre.src-J:before { content: 'J'; }
pre.src-makefile:before { content: 'Makefile'; }
pre.src-maxima:before { content: 'Maxima'; }
pre.src-perl:before { content: 'Perl'; }
pre.src-picolisp:before { content: 'Pico Lisp'; }
pre.src-scala:before { content: 'Scala'; }
pre.src-shell:before { content: 'Shell Script'; }
pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
/* additional language identifiers per "defun org-babel-execute"
in ob-*.el */
pre.src-cpp:before { content: 'C++'; }
pre.src-abc:before { content: 'ABC'; }
pre.src-coq:before { content: 'Coq'; }
pre.src-groovy:before { content: 'Groovy'; }
/* additional language identifiers from org-babel-shell-names in
ob-shell.el: ob-shell is the only babel language using a lambda to put
the execution function name together. */
pre.src-bash:before { content: 'bash'; }
pre.src-csh:before { content: 'csh'; }
pre.src-ash:before { content: 'ash'; }
pre.src-dash:before { content: 'dash'; }
pre.src-ksh:before { content: 'ksh'; }
pre.src-mksh:before { content: 'mksh'; }
pre.src-posh:before { content: 'posh'; }
/* Additional Emacs modes also supported by the LaTeX listings package */
pre.src-ada:before { content: 'Ada'; }
pre.src-asm:before { content: 'Assembler'; }
pre.src-caml:before { content: 'Caml'; }
pre.src-delphi:before { content: 'Delphi'; }
pre.src-html:before { content: 'HTML'; }
pre.src-idl:before { content: 'IDL'; }
pre.src-mercury:before { content: 'Mercury'; }
pre.src-metapost:before { content: 'MetaPost'; }
pre.src-modula-2:before { content: 'Modula-2'; }
pre.src-pascal:before { content: 'Pascal'; }
pre.src-ps:before { content: 'PostScript'; }
pre.src-prolog:before { content: 'Prolog'; }
pre.src-simula:before { content: 'Simula'; }
pre.src-tcl:before { content: 'tcl'; }
pre.src-tex:before { content: 'TeX'; }
pre.src-plain-tex:before { content: 'Plain TeX'; }
pre.src-verilog:before { content: 'Verilog'; }
pre.src-vhdl:before { content: 'VHDL'; }
pre.src-xml:before { content: 'XML'; }
pre.src-nxml:before { content: 'XML'; }
/* add a generic configuration mode; LaTeX export needs an additional
(add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
pre.src-conf:before { content: 'Configuration File'; }
table { border-collapse:collapse; } table { border-collapse:collapse; }
caption.t-above { caption-side: top; } caption.t-above { caption-side: top; }
@ -95,6 +178,7 @@
{ font-size: 10px; font-weight: bold; white-space: nowrap; } { font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight .org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; } { background-color: #ffff00; color: #000000; font-weight: bold; }
.org-svg { width: 90%; }
/*]]>*/--> /*]]>*/-->
</style> </style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" /> <link rel="stylesheet" type="text/css" href="solarized-light.css" />
@ -171,19 +255,19 @@ for the JavaScript code in this tag.
</colgroup> </colgroup>
<tbody> <tbody>
<tr> <tr>
<td class="org-left"><a href="#org615222a">I don't have a static IP address. Can I still install this system?</a></td> <td class="org-left"><a href="#orgb7c1e53">I don't have a static IP address. Can I still install this system?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orge65ac24">Why not support building images for Raspberry Pi?</a></td> <td class="org-left"><a href="#org3d1a6d8">Why not support building images for Raspberry Pi?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org618bb31">Why use Github?</a></td> <td class="org-left"><a href="#org65dd2d0">Why use Github?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgb2070b7">Keys and emails should not be stored on servers. Why do you do that?</a></td> <td class="org-left"><a href="#orgc71a5ba">Keys and emails should not be stored on servers. Why do you do that?</a></td>
</tr> </tr>
<tr> <tr>
@ -191,95 +275,95 @@ for the JavaScript code in this tag.
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgfe54735">Why can't I access my .onion site with a Tor browser?</a></td> <td class="org-left"><a href="#org61177cd">Why can't I access my .onion site with a Tor browser?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orge1d4bf5">What is the best hardware to run this system on?</a></td> <td class="org-left"><a href="#org9deac95">What is the best hardware to run this system on?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org7830fc4">Can I add more users to the system?</a></td> <td class="org-left"><a href="#orge432828">Can I add more users to the system?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgaca4b9">Why not use Signal for mobile chat?</a></td> <td class="org-left"><a href="#orge80f248">Why not use Signal for mobile chat?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgdfe48b6">What is the most secure chat app to use on mobile?</a></td> <td class="org-left"><a href="#orga13aa35">What is the most secure chat app to use on mobile?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orga7590b">How do I remove a user from the system?</a></td> <td class="org-left"><a href="#orgec94b45">How do I remove a user from the system?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgf7c3373">How do I reset the tripwire?</a></td> <td class="org-left"><a href="#org2de3b9e">How do I reset the tripwire?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org1671e7a">Is metadata protected?</a></td> <td class="org-left"><a href="#org73d8767">Is metadata protected?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org4bfc42">How do I create email processing rules?</a></td> <td class="org-left"><a href="#orge102a24">How do I create email processing rules?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org8da60a9">Why isn't dynamic DNS working?</a></td> <td class="org-left"><a href="#org712b605">Why isn't dynamic DNS working?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org80b899c">How do I change my encryption settings?</a></td> <td class="org-left"><a href="#org3822e27">How do I change my encryption settings?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgd372087">How do I get a domain name?</a></td> <td class="org-left"><a href="#orgea6d6d2">How do I get a domain name?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org5152d4a">How do I get a "real" SSL/TLS/HTTPS certificate?</a></td> <td class="org-left"><a href="#org3b6d8b4">How do I get a "real" SSL/TLS/HTTPS certificate?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org851167c">How do I renew a Let's Encrypt certificate?</a></td> <td class="org-left"><a href="#orgabe05bb">How do I renew a Let's Encrypt certificate?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org5f627df">I tried to renew a Let's Encrypt certificate and it failed. What should I do?</a></td> <td class="org-left"><a href="#org4e0c7bc">I tried to renew a Let's Encrypt certificate and it failed. What should I do?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgb35c769">Why use self-signed certificates?</a></td> <td class="org-left"><a href="#org84e7119">Why use self-signed certificates?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgaa66ed6">Why not use the services of $company instead? They took the Seppuku pledge</a></td> <td class="org-left"><a href="#org3376bf8">Why not use the services of $company instead? They took the Seppuku pledge</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgdcf88db">Why does my email keep getting rejected as spam by Gmail/etc?</a></td> <td class="org-left"><a href="#org2a57f9c">Why does my email keep getting rejected as spam by Gmail/etc?</a></td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
</div> </div>
<div id="outline-container-org615222a" class="outline-2"> <div id="outline-container-orgb7c1e53" class="outline-2">
<h2 id="org615222a">I don't have a static IP address. Can I still install this system?</h2> <h2 id="orgb7c1e53">I don't have a static IP address. Can I still install this system?</h2>
<div class="outline-text-2" id="text-org615222a"> <div class="outline-text-2" id="text-orgb7c1e53">
<p> <p>
Yes. The minimum requirements are to have some hardware that you can install Debian onto and also that you have administrator access to your internet router so that you can forward ports to the system which has Freedombone installed. Yes. The minimum requirements are to have some hardware that you can install Debian onto and also that you have administrator access to your internet router so that you can forward ports to the system which has Freedombone installed.
</p> </p>
<p> <p>
The lack of a static IP address can be worked around by using a dynamic DNS service. Freedombone uses <a href="http://troglobit.com/inadyn.html">inadyn</a> , which supports a variety of dynamic DNS providers. The lack of a static IP address can be worked around by using a dynamic DNS service. Freedombone uses <a href="https://troglobit.com/inadyn.html">inadyn</a> , which supports a variety of dynamic DNS providers.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orge65ac24" class="outline-2"> <div id="outline-container-org3d1a6d8" class="outline-2">
<h2 id="orge65ac24">Why not support building images for Raspberry Pi?</h2> <h2 id="org3d1a6d8">Why not support building images for Raspberry Pi?</h2>
<div class="outline-text-2" id="text-orge65ac24"> <div class="outline-text-2" id="text-org3d1a6d8">
<p> <p>
The FreedomBox project supports Raspberry Pi builds, and the image build system for Freedombone is based on the same system. However, although the Raspberry Pi can run a version of Debian it requires a closed proprietary blob in order to boot the hardware. Who knows what that blob might contain or what exploits it could facilitate. From an adversarial point of view if you were trying to deliver "bulk equipment interference" then it doesn't get any better than piggybacking on something which has control of the boot process, and hence all subsequently run processes. The FreedomBox project supports Raspberry Pi builds, and the image build system for Freedombone is based on the same system. However, although the Raspberry Pi can run a version of Debian it requires a closed proprietary blob in order to boot the hardware. Who knows what that blob might contain or what exploits it could facilitate. From an adversarial point of view if you were trying to deliver "bulk equipment interference" then it doesn't get any better than piggybacking on something which has control of the boot process, and hence all subsequently run processes.
</p> </p>
@ -289,9 +373,9 @@ So although the Raspberry Pi is cheap and hugely popular it's not supported by t
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org618bb31" class="outline-2"> <div id="outline-container-org65dd2d0" class="outline-2">
<h2 id="org618bb31">Why use Github?</h2> <h2 id="org65dd2d0">Why use Github?</h2>
<div class="outline-text-2" id="text-org618bb31"> <div class="outline-text-2" id="text-org65dd2d0">
<p> <p>
Github is paradoxically a centralized, closed and proprietary system which happens to mostly host free and open source projects. Up until now it has been relatively benign, but at some point in the name of "growth" it will likely start becoming more evil, or just become like SourceForge - which was also once much loved by FOSS developers, but turned into a den of malvertizing. Github is paradoxically a centralized, closed and proprietary system which happens to mostly host free and open source projects. Up until now it has been relatively benign, but at some point in the name of "growth" it will likely start becoming more evil, or just become like SourceForge - which was also once much loved by FOSS developers, but turned into a den of malvertizing.
</p> </p>
@ -309,9 +393,9 @@ Currently many of the repositories used for applications which are not yet packa
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgb2070b7" class="outline-2"> <div id="outline-container-orgc71a5ba" class="outline-2">
<h2 id="orgb2070b7">Keys and emails should not be stored on servers. Why do you do that?</h2> <h2 id="orgc71a5ba">Keys and emails should not be stored on servers. Why do you do that?</h2>
<div class="outline-text-2" id="text-orgb2070b7"> <div class="outline-text-2" id="text-orgc71a5ba">
<p> <p>
Ordinarily this is good advice. However, the threat model for a device in your home is different from the one for a generic server in a massive warehouse. Compare and contrast: Ordinarily this is good advice. However, the threat model for a device in your home is different from the one for a generic server in a massive warehouse. Compare and contrast:
</p> </p>
@ -369,17 +453,17 @@ In the home environment a box with a good firewall and no GUI components install
</div> </div>
</div> </div>
<div id="outline-container-orgfe54735" class="outline-2"> <div id="outline-container-org61177cd" class="outline-2">
<h2 id="orgfe54735">Why can't I access my .onion site with a Tor browser?</h2> <h2 id="org61177cd">Why can't I access my .onion site with a Tor browser?</h2>
<div class="outline-text-2" id="text-orgfe54735"> <div class="outline-text-2" id="text-org61177cd">
<p> <p>
Probably you need to add the site to the NoScript whitelist. Typically click/press on the noscript icon (or select from the menu on mobile) then select <i>whitelist</i> and add the site URL. You may also need to disable HTTPS Everywhere when using onion addresses, which don't use https. Probably you need to add the site to the NoScript whitelist. Typically click/press on the noscript icon (or select from the menu on mobile) then select <i>whitelist</i> and add the site URL. You may also need to disable HTTPS Everywhere when using onion addresses, which don't use https.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orge1d4bf5" class="outline-2"> <div id="outline-container-org9deac95" class="outline-2">
<h2 id="orge1d4bf5">What is the best hardware to run this system on?</h2> <h2 id="org9deac95">What is the best hardware to run this system on?</h2>
<div class="outline-text-2" id="text-orge1d4bf5"> <div class="outline-text-2" id="text-org9deac95">
<p> <p>
It was originally designed to run on the Beaglebone Black, but that should be regarded as the most minimal system, because it's single core and has by today's standards a small amount of memory. Obviously the more powerful the hardware is the faster things like web pages (blog, social networking, etc) will be served but the more electricity such a system will require if you're running it 24/7. A good compromise between performance and energy consumption is something like an old netbook. The battery of an old netbook or laptop even gives you <a href="https://en.wikipedia.org/wiki/Uninterruptible_power_supply">UPS capability</a> to keep the system going during brief power outages or cable re-arrangements, and that means using full disk encryption on the server also becomes more practical. It was originally designed to run on the Beaglebone Black, but that should be regarded as the most minimal system, because it's single core and has by today's standards a small amount of memory. Obviously the more powerful the hardware is the faster things like web pages (blog, social networking, etc) will be served but the more electricity such a system will require if you're running it 24/7. A good compromise between performance and energy consumption is something like an old netbook. The battery of an old netbook or laptop even gives you <a href="https://en.wikipedia.org/wiki/Uninterruptible_power_supply">UPS capability</a> to keep the system going during brief power outages or cable re-arrangements, and that means using full disk encryption on the server also becomes more practical.
</p> </p>
@ -389,9 +473,9 @@ It was originally designed to run on the Beaglebone Black, but that should be re
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org7830fc4" class="outline-2"> <div id="outline-container-orge432828" class="outline-2">
<h2 id="org7830fc4">Can I add more users to the system?</h2> <h2 id="orge432828">Can I add more users to the system?</h2>
<div class="outline-text-2" id="text-org7830fc4"> <div class="outline-text-2" id="text-orge432828">
<p> <p>
Yes. Freedombone can support a small number of users, for a "<i>friends and family</i>" type of home installation. This gives them access to an email account, XMPP, SIP phone and the blog (depending on whether the variant which you installed includes those). Yes. Freedombone can support a small number of users, for a "<i>friends and family</i>" type of home installation. This gives them access to an email account, XMPP, SIP phone and the blog (depending on whether the variant which you installed includes those).
</p> </p>
@ -415,9 +499,9 @@ Another point is that Freedombone installations are not intended to support many
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgaca4b9" class="outline-2"> <div id="outline-container-orge80f248" class="outline-2">
<h2 id="orgaca4b9">Why not use Signal for mobile chat?</h2> <h2 id="orge80f248">Why not use Signal for mobile chat?</h2>
<div class="outline-text-2" id="text-orgaca4b9"> <div class="outline-text-2" id="text-orge80f248">
<p> <p>
Celebrities recommend Signal. It's Free Software so it must be good, right? Celebrities recommend Signal. It's Free Software so it must be good, right?
</p> </p>
@ -438,9 +522,9 @@ To give credit where it's due Signal is good, but it could be a lot better. The
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgdfe48b6" class="outline-2"> <div id="outline-container-orga13aa35" class="outline-2">
<h2 id="orgdfe48b6">What is the most secure chat app to use on mobile?</h2> <h2 id="orga13aa35">What is the most secure chat app to use on mobile?</h2>
<div class="outline-text-2" id="text-orgdfe48b6"> <div class="outline-text-2" id="text-orga13aa35">
<p> <p>
On mobile there are various options. The apps which are likely to be most secure are ones which have end-to-end encryption enabled by default and which can also be onion routed via Orbot. End-to-end encryption secures the content of the message and onion routing obscures the metadata, making it hard for a passive adversary to know who is communicating with who. On mobile there are various options. The apps which are likely to be most secure are ones which have end-to-end encryption enabled by default and which can also be onion routed via Orbot. End-to-end encryption secures the content of the message and onion routing obscures the metadata, making it hard for a passive adversary to know who is communicating with who.
</p> </p>
@ -450,13 +534,13 @@ The current safest way to chat is to use <a href="https://conversations.im/">Con
</p> </p>
<p> <p>
There are many <a href="#orgaca4b9">other fashionable chat apps</a> with end-to-end security, but often they are closed source, have a single central server or can't be onion routed. It's also important to remember that closed source chat apps should be assumed to be untrustworthy, since their security cannot be independently verified. There are many <a href="#orge80f248">other fashionable chat apps</a> with end-to-end security, but often they are closed source, have a single central server or can't be onion routed. It's also important to remember that closed source chat apps should be assumed to be untrustworthy, since their security cannot be independently verified.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orga7590b" class="outline-2"> <div id="outline-container-orgec94b45" class="outline-2">
<h2 id="orga7590b">How do I remove a user from the system?</h2> <h2 id="orgec94b45">How do I remove a user from the system?</h2>
<div class="outline-text-2" id="text-orga7590b"> <div class="outline-text-2" id="text-orgec94b45">
<p> <p>
To remove a user: To remove a user:
</p> </p>
@ -472,9 +556,9 @@ Select <i>Administrator controls</i> then <i>Manage Users</i> and then <i>Delete
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgf7c3373" class="outline-2"> <div id="outline-container-org2de3b9e" class="outline-2">
<h2 id="orgf7c3373">How do I reset the tripwire?</h2> <h2 id="org2de3b9e">How do I reset the tripwire?</h2>
<div class="outline-text-2" id="text-orgf7c3373"> <div class="outline-text-2" id="text-org2de3b9e">
<p> <p>
The tripwire will be automatically reset once per week. If you want to reset it earlier then do the following: The tripwire will be automatically reset once per week. If you want to reset it earlier then do the following:
</p> </p>
@ -490,9 +574,9 @@ Select <i>Administrator controls</i> then "reset tripwire" using cursors and spa
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org1671e7a" class="outline-2"> <div id="outline-container-org73d8767" class="outline-2">
<h2 id="org1671e7a">Is metadata protected?</h2> <h2 id="org73d8767">Is metadata protected?</h2>
<div class="outline-text-2" id="text-org1671e7a"> <div class="outline-text-2" id="text-org73d8767">
<blockquote> <blockquote>
<p> <p>
"<i>We kill people based on metadata</i>" "<i>We kill people based on metadata</i>"
@ -508,9 +592,9 @@ Even when using Freedombone metadata analysis by third parties is still possible
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org4bfc42" class="outline-2"> <div id="outline-container-orge102a24" class="outline-2">
<h2 id="org4bfc42">How do I create email processing rules?</h2> <h2 id="orge102a24">How do I create email processing rules?</h2>
<div class="outline-text-2" id="text-org4bfc42"> <div class="outline-text-2" id="text-orge102a24">
<div class="org-src-container"> <div class="org-src-container">
<pre class="src src-bash">ssh username@domainname -p 2222 <pre class="src src-bash">ssh username@domainname -p 2222
@ -567,9 +651,9 @@ Spamassassin is also available and within Mutt you can use the S (shift+s) key t
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org8da60a9" class="outline-2"> <div id="outline-container-org712b605" class="outline-2">
<h2 id="org8da60a9">Why isn't dynamic DNS working?</h2> <h2 id="org712b605">Why isn't dynamic DNS working?</h2>
<div class="outline-text-2" id="text-org8da60a9"> <div class="outline-text-2" id="text-org712b605">
<p> <p>
If you run the command: If you run the command:
</p> </p>
@ -589,57 +673,14 @@ And see some error related to checking for changes in the IP address then you ca
<pre class="src src-text">https://check.torproject.org/ <pre class="src src-text">https://check.torproject.org/
https://www.whatsmydns.net/whats-my-ip-address.html https://www.whatsmydns.net/whats-my-ip-address.html
https://www.privateinternetaccess.com/pages/whats-my-ip/ https://www.privateinternetaccess.com/pages/whats-my-ip/
http://checkip.two-dns.de
http://ip.dnsexit.com
http://ifconfig.me/ip
http://ipecho.net/plain
http://checkip.dyndns.org/plain
http://ipogre.com/linux.php
http://whatismyipaddress.com/
http://ip.my-proxy.com/
http://websiteipaddress.com/WhatIsMyIp
http://getmyipaddress.org/
http://www.my-ip-address.net/
http://myexternalip.com/raw
http://www.canyouseeme.org/
http://www.trackip.net/
http://icanhazip.com/
http://www.iplocation.net/
http://www.howtofindmyipaddress.com/
http://www.ipchicken.com/
http://whatsmyip.net/
http://www.ip-adress.com/
http://checkmyip.com/
http://www.tracemyip.org/
http://checkmyip.net/
http://www.lawrencegoetz.com/programs/ipinfo/
http://www.findmyip.co/
http://ip-lookup.net/
http://www.dslreports.com/whois
http://www.mon-ip.com/en/my-ip/
http://www.myip.ru
http://ipgoat.com/
http://www.myipnumber.com/my-ip-address.asp
http://www.whatsmyipaddress.net/
http://formyip.com/
http://www.displaymyip.com/
http://www.bobborst.com/tools/whatsmyip/
http://www.geoiptool.com/
http://checkip.dyndns.com/
http://myexternalip.com/
http://www.ip-adress.eu/
http://www.infosniper.net/
http://wtfismyip.com/
http://ipinfo.io/
http://httpbin.org/ip
</pre> </pre>
</div> </div>
</div> </div>
</div> </div>
<div id="outline-container-org80b899c" class="outline-2"> <div id="outline-container-org3822e27" class="outline-2">
<h2 id="org80b899c">How do I change my encryption settings?</h2> <h2 id="org3822e27">How do I change my encryption settings?</h2>
<div class="outline-text-2" id="text-org80b899c"> <div class="outline-text-2" id="text-org3822e27">
<p> <p>
Suppose that some new encryption vulnerability has been announced and that you need to change your encryption settings. Maybe an algorithm thought to be secure is now no longer so and you need to remove it. You can change your settings by doing the following: Suppose that some new encryption vulnerability has been announced and that you need to change your encryption settings. Maybe an algorithm thought to be secure is now no longer so and you need to remove it. You can change your settings by doing the following:
</p> </p>
@ -655,9 +696,9 @@ Select <i>Administrator controls</i> then select <i>Security Settings</i>. You w
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgd372087" class="outline-2"> <div id="outline-container-orgea6d6d2" class="outline-2">
<h2 id="orgd372087">How do I get a domain name?</h2> <h2 id="orgea6d6d2">How do I get a domain name?</h2>
<div class="outline-text-2" id="text-orgd372087"> <div class="outline-text-2" id="text-orgea6d6d2">
<p> <p>
Suppose that you have bought a domain name (rather than using a free subdomain on freedns) and you want to use that instead. Suppose that you have bought a domain name (rather than using a free subdomain on freedns) and you want to use that instead.
</p> </p>
@ -725,9 +766,9 @@ You should now be able to send an email from <i>postmaster@mynewdomainname</i> a
</div> </div>
</div> </div>
<div id="outline-container-org5152d4a" class="outline-2"> <div id="outline-container-org3b6d8b4" class="outline-2">
<h2 id="org5152d4a">How do I get a "real" SSL/TLS/HTTPS certificate?</h2> <h2 id="org3b6d8b4">How do I get a "real" SSL/TLS/HTTPS certificate?</h2>
<div class="outline-text-2" id="text-org5152d4a"> <div class="outline-text-2" id="text-org3b6d8b4">
<p> <p>
If you did the full install or selected the social variant then the system will have tried to obtain a Let's Encrypt certificate automatically during the install process. If this failed for any reason, or if you have created a new site which you need a certificate for then do the following: If you did the full install or selected the social variant then the system will have tried to obtain a Let's Encrypt certificate automatically during the install process. If this failed for any reason, or if you have created a new site which you need a certificate for then do the following:
</p> </p>
@ -747,9 +788,9 @@ One thing to be aware of is that Let's Encrypt doesn't support many dynamic DNS
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org851167c" class="outline-2"> <div id="outline-container-orgabe05bb" class="outline-2">
<h2 id="org851167c">How do I renew a Let's Encrypt certificate?</h2> <h2 id="orgabe05bb">How do I renew a Let's Encrypt certificate?</h2>
<div class="outline-text-2" id="text-org851167c"> <div class="outline-text-2" id="text-orgabe05bb">
<p> <p>
Normally certificates will be automatically renewed once per month, so you don't need to be concerned about it. If anything goes wrong with the automatic renewal then you should receive a warning email. Normally certificates will be automatically renewed once per month, so you don't need to be concerned about it. If anything goes wrong with the automatic renewal then you should receive a warning email.
</p> </p>
@ -769,9 +810,9 @@ Select <i>Administrator controls</i> then <b>Security settings</b> then <b>Renew
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org5f627df" class="outline-2"> <div id="outline-container-org4e0c7bc" class="outline-2">
<h2 id="org5f627df">I tried to renew a Let's Encrypt certificate and it failed. What should I do?</h2> <h2 id="org4e0c7bc">I tried to renew a Let's Encrypt certificate and it failed. What should I do?</h2>
<div class="outline-text-2" id="text-org5f627df"> <div class="outline-text-2" id="text-org4e0c7bc">
<p> <p>
Most likely it's because Let's Encrypt doesn't support your particular domain or subdomain. Currently free subdomains tend not to work. You'll need to buy a domain name, link it to your dynamic DNS account and then do: Most likely it's because Let's Encrypt doesn't support your particular domain or subdomain. Currently free subdomains tend not to work. You'll need to buy a domain name, link it to your dynamic DNS account and then do:
</p> </p>
@ -787,9 +828,9 @@ Select <i>Administrator controls</i> then <b>Security settings</b> then <b>Creat
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgb35c769" class="outline-2"> <div id="outline-container-org84e7119" class="outline-2">
<h2 id="orgb35c769">Why use self-signed certificates?</h2> <h2 id="org84e7119">Why use self-signed certificates?</h2>
<div class="outline-text-2" id="text-orgb35c769"> <div class="outline-text-2" id="text-org84e7119">
<p> <p>
Almost everywhere on the web you will read that self-signed certificates are worthless. They bring up <i>scary-scary looking</i> browser warnings and gurus will advise you not to use them. Self-signed certificates are quite useful though. What the scary warnings mean - and it would be good if they explained this more clearly - is that you have an encrypted connection established but there is <i>no certainty about who that connection is with</i>. Almost everywhere on the web you will read that self-signed certificates are worthless. They bring up <i>scary-scary looking</i> browser warnings and gurus will advise you not to use them. Self-signed certificates are quite useful though. What the scary warnings mean - and it would be good if they explained this more clearly - is that you have an encrypted connection established but there is <i>no certainty about who that connection is with</i>.
</p> </p>
@ -811,17 +852,17 @@ For now a self-signed certificate will probably in most cases protect your commu
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgaa66ed6" class="outline-2"> <div id="outline-container-org3376bf8" class="outline-2">
<h2 id="orgaa66ed6">Why not use the services of $company instead? They took the Seppuku pledge</h2> <h2 id="org3376bf8">Why not use the services of $company instead? They took the Seppuku pledge</h2>
<div class="outline-text-2" id="text-orgaa66ed6"> <div class="outline-text-2" id="text-org3376bf8">
<p> <p>
<a href="https://cryptostorm.org/viewtopic.php?f=63&amp;t=2954&amp;sid=7de2d1e699cfde2f574e6a7f6ea5a173">That pledge</a> is utterly worthless. Years ago people trusted Google in the same sort of way, because they promised not be be evil and because a lot of the engineers working for them seemed like honest types who were "<i>on our side</i>". Post-<a href="https://en.wikipedia.org/wiki/Nymwars">nymwars</a> and post-<a href="https://en.wikipedia.org/wiki/PRISM_(surveillance_program)">PRISM</a> we know exactly how much Google cared about the privacy and security of its users. But Google is only one particular example. In general don't trust pledges made by companies, even if the people running them seem really sincere. <a href="https://cryptostorm.org/viewtopic.php?f=63&amp;t=2954&amp;sid=7de2d1e699cfde2f574e6a7f6ea5a173">That pledge</a> is utterly worthless. Years ago people trusted Google in the same sort of way, because they promised not be be evil and because a lot of the engineers working for them seemed like honest types who were "<i>on our side</i>". Post-<a href="https://en.wikipedia.org/wiki/Nymwars">nymwars</a> and post-<a href="https://en.wikipedia.org/wiki/PRISM_(surveillance_program)">PRISM</a> we know exactly how much Google cared about the privacy and security of its users. But Google is only one particular example. In general don't trust pledges made by companies, even if the people running them seem really sincere.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgdcf88db" class="outline-2"> <div id="outline-container-org2a57f9c" class="outline-2">
<h2 id="orgdcf88db">Why does my email keep getting rejected as spam by Gmail/etc?</h2> <h2 id="org2a57f9c">Why does my email keep getting rejected as spam by Gmail/etc?</h2>
<div class="outline-text-2" id="text-orgdcf88db"> <div class="outline-text-2" id="text-org2a57f9c">
<p> <p>
Welcome to the world of email. Email is really the archetypal decentralized service, developed during the early days of the internet. In principle anyone can run an email server, and that's exactly what you're doing with Freedombone. Email is very useful, but it has a big problem, and that's that the protocols are totally insecure. That made it easy for spammers to do their thing, and in response highly elaborate spam filtering and blocking systems were developed. Chances are that your emails are being blocked in this way. Sometimes the blocking is so indisciminate that entire countries are excluded. What can you do about it? Unless you control the block list at the receiving end you may not be able to do much unless you can find an email proxy server which is trusted by the receiving server. Welcome to the world of email. Email is really the archetypal decentralized service, developed during the early days of the internet. In principle anyone can run an email server, and that's exactly what you're doing with Freedombone. Email is very useful, but it has a big problem, and that's that the protocols are totally insecure. That made it easy for spammers to do their thing, and in response highly elaborate spam filtering and blocking systems were developed. Chances are that your emails are being blocked in this way. Sometimes the blocking is so indisciminate that entire countries are excluded. What can you do about it? Unless you control the block list at the receiving end you may not be able to do much unless you can find an email proxy server which is trusted by the receiving server.
</p> </p>
@ -862,19 +903,19 @@ Return to the <a href="index.html">home page</a>
<style type="text/css"> <style type="text/css">
.back-to-top { .back-to-top {
position: fixed; position: fixed;
bottom: 2em; bottom: 2em;
right: 0px; right: 0px;
text-decoration: none; text-decoration: none;
color: #000000; color: #000000;
background-color: rgba(235, 235, 235, 0.80); background-color: rgba(235, 235, 235, 0.80);
font-size: 12px; font-size: 12px;
padding: 1em; padding: 1em;
display: none; display: none;
} }
.back-to-top:hover { .back-to-top:hover {
background-color: rgba(135, 135, 135, 0.50); background-color: rgba(135, 135, 135, 0.50);
} }
</style> </style>
@ -883,15 +924,15 @@ Return to the <a href="index.html">home page</a>
</div> </div>
<script type="text/javascript"> <script type="text/javascript">
var offset = 220; var offset = 220;
var duration = 500; var duration = 500;
jQuery(window).scroll(function() { jQuery(window).scroll(function() {
if (jQuery(this).scrollTop() > offset) { if (jQuery(this).scrollTop() > offset) {
jQuery('.back-to-top').fadeIn(duration); jQuery('.back-to-top').fadeIn(duration);
} else { } else {
jQuery('.back-to-top').fadeOut(duration); jQuery('.back-to-top').fadeOut(duration);
} }
}); });
</script> </script>
</div> </div>
</body> </body>

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2016-05-06 Fri 20:43 --> <!-- 2016-08-08 Mon 17:19 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -56,13 +56,96 @@
border: 1px solid black; border: 1px solid black;
} }
pre.src:hover:before { display: inline;} pre.src:hover:before { display: inline;}
pre.src-sh:before { content: 'sh'; } /* Languages per Org manual */
pre.src-bash:before { content: 'sh'; } pre.src-asymptote:before { content: 'Asymptote'; }
pre.src-awk:before { content: 'Awk'; }
pre.src-C:before { content: 'C'; }
/* pre.src-C++ doesn't work in CSS */
pre.src-clojure:before { content: 'Clojure'; }
pre.src-css:before { content: 'CSS'; }
pre.src-D:before { content: 'D'; }
pre.src-ditaa:before { content: 'ditaa'; }
pre.src-dot:before { content: 'Graphviz'; }
pre.src-calc:before { content: 'Emacs Calc'; }
pre.src-emacs-lisp:before { content: 'Emacs Lisp'; } pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
pre.src-R:before { content: 'R'; } pre.src-fortran:before { content: 'Fortran'; }
pre.src-perl:before { content: 'Perl'; } pre.src-gnuplot:before { content: 'gnuplot'; }
pre.src-java:before { content: 'Java'; } pre.src-haskell:before { content: 'Haskell'; }
pre.src-sql:before { content: 'SQL'; } pre.src-java:before { content: 'Java'; }
pre.src-js:before { content: 'Javascript'; }
pre.src-latex:before { content: 'LaTeX'; }
pre.src-ledger:before { content: 'Ledger'; }
pre.src-lisp:before { content: 'Lisp'; }
pre.src-lilypond:before { content: 'Lilypond'; }
pre.src-matlab:before { content: 'MATLAB'; }
pre.src-mscgen:before { content: 'Mscgen'; }
pre.src-ocaml:before { content: 'Objective Caml'; }
pre.src-octave:before { content: 'Octave'; }
pre.src-org:before { content: 'Org mode'; }
pre.src-oz:before { content: 'OZ'; }
pre.src-plantuml:before { content: 'Plantuml'; }
pre.src-processing:before { content: 'Processing.js'; }
pre.src-python:before { content: 'Python'; }
pre.src-R:before { content: 'R'; }
pre.src-ruby:before { content: 'Ruby'; }
pre.src-sass:before { content: 'Sass'; }
pre.src-scheme:before { content: 'Scheme'; }
pre.src-screen:before { content: 'Gnu Screen'; }
pre.src-sed:before { content: 'Sed'; }
pre.src-sh:before { content: 'shell'; }
pre.src-sql:before { content: 'SQL'; }
pre.src-sqlite:before { content: 'SQLite'; }
/* additional languages in org.el's org-babel-load-languages alist */
pre.src-forth:before { content: 'Forth'; }
pre.src-io:before { content: 'IO'; }
pre.src-J:before { content: 'J'; }
pre.src-makefile:before { content: 'Makefile'; }
pre.src-maxima:before { content: 'Maxima'; }
pre.src-perl:before { content: 'Perl'; }
pre.src-picolisp:before { content: 'Pico Lisp'; }
pre.src-scala:before { content: 'Scala'; }
pre.src-shell:before { content: 'Shell Script'; }
pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
/* additional language identifiers per "defun org-babel-execute"
in ob-*.el */
pre.src-cpp:before { content: 'C++'; }
pre.src-abc:before { content: 'ABC'; }
pre.src-coq:before { content: 'Coq'; }
pre.src-groovy:before { content: 'Groovy'; }
/* additional language identifiers from org-babel-shell-names in
ob-shell.el: ob-shell is the only babel language using a lambda to put
the execution function name together. */
pre.src-bash:before { content: 'bash'; }
pre.src-csh:before { content: 'csh'; }
pre.src-ash:before { content: 'ash'; }
pre.src-dash:before { content: 'dash'; }
pre.src-ksh:before { content: 'ksh'; }
pre.src-mksh:before { content: 'mksh'; }
pre.src-posh:before { content: 'posh'; }
/* Additional Emacs modes also supported by the LaTeX listings package */
pre.src-ada:before { content: 'Ada'; }
pre.src-asm:before { content: 'Assembler'; }
pre.src-caml:before { content: 'Caml'; }
pre.src-delphi:before { content: 'Delphi'; }
pre.src-html:before { content: 'HTML'; }
pre.src-idl:before { content: 'IDL'; }
pre.src-mercury:before { content: 'Mercury'; }
pre.src-metapost:before { content: 'MetaPost'; }
pre.src-modula-2:before { content: 'Modula-2'; }
pre.src-pascal:before { content: 'Pascal'; }
pre.src-ps:before { content: 'PostScript'; }
pre.src-prolog:before { content: 'Prolog'; }
pre.src-simula:before { content: 'Simula'; }
pre.src-tcl:before { content: 'tcl'; }
pre.src-tex:before { content: 'TeX'; }
pre.src-plain-tex:before { content: 'Plain TeX'; }
pre.src-verilog:before { content: 'Verilog'; }
pre.src-vhdl:before { content: 'VHDL'; }
pre.src-xml:before { content: 'XML'; }
pre.src-nxml:before { content: 'XML'; }
/* add a generic configuration mode; LaTeX export needs an additional
(add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
pre.src-conf:before { content: 'Configuration File'; }
table { border-collapse:collapse; } table { border-collapse:collapse; }
caption.t-above { caption-side: top; } caption.t-above { caption-side: top; }
@ -95,6 +178,7 @@
{ font-size: 10px; font-weight: bold; white-space: nowrap; } { font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight .org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; } { background-color: #ffff00; color: #000000; font-weight: bold; }
.org-svg { width: 90%; }
/*]]>*/--> /*]]>*/-->
</style> </style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" /> <link rel="stylesheet" type="text/css" href="solarized-light.css" />
@ -196,7 +280,7 @@ With the right technology the internet can be a space for free expression, explo
</center> </center>
<p> <p>
This is personal or family scale computing, which can then federate to global proportions. We need <a href="http://www.alainet.org/en/articulo/168669">community controlled</a> information systems and to achieve that they must be inexpensive and simple to install and maintain. This is the opposite of the current dominant paradigm of <a href="https://www.youtube.com/watch?v=XZmGGAbHqa0">titanic server warehouses</a> owned by a tiny number of individuals and it's what is sometimes refered to as <a href="http://mediagoblin.org/news/userops.html">"userops"</a> - i.e. a user being able to do what traditionally only a professional systems administrator would be able to. This is personal or family scale computing, which can then federate to global proportions. We need community controlled information systems and to achieve that they must be inexpensive and simple to install and maintain. This is the opposite of the current dominant paradigm of <a href="https://www.youtube.com/watch?v=XZmGGAbHqa0">titanic server warehouses</a> owned by a tiny number of individuals and it's what is sometimes refered to as <a href="https://mediagoblin.org/news/userops.html">"userops"</a> - i.e. a user being able to do what traditionally only a professional systems administrator would be able to.
</p> </p>
<p> <p>
@ -240,12 +324,12 @@ Freedombone is an example of the internet as it was supposed to be: a network of
</p> </p>
<p> <p>
An emphasis of the Freedombone project is the protection of private communications from indiscriminate mass surveillance, otherwise known as "<i>bulk intercept</i>" or "<i>warrantless wiretapping</i>". With only a few exceptions data entering and leaving the system is encrypted using settings recommended by <a href="https://bettercrypto.org/">bettercrypto.org</a>. Stored emails are encrypted such that only someone knowing your GPG password can read them and a GPG key is created automatically if you don't already have one. The system is firewalled with only the necessary ports being opened. Exclusively <a href="http://en.wikipedia.org/wiki/Free_software">free software</a> is used so that all of it can potentially be security audited and proprietary repositories are disabled by default. There are still numerous security problems with the internet in general and software always contains bugs, but a best attempt has been made to ensure that the Freedombone is at least more secure than average. An emphasis of the Freedombone project is the protection of private communications from indiscriminate mass surveillance, otherwise known as "<i>bulk intercept</i>" or "<i>warrantless wiretapping</i>". With only a few exceptions data entering and leaving the system is encrypted using settings recommended by <a href="https://bettercrypto.org/">bettercrypto.org</a> . Stored emails are encrypted such that only someone knowing your GPG password can read them and a GPG key is created automatically if you don't already have one. The system is firewalled with only the necessary ports being opened. Exclusively <a href="https://en.wikipedia.org/wiki/Free_software">free software</a> is used so that all of it can potentially be security audited and proprietary repositories are disabled by default. There are still numerous security problems with the internet in general and software always contains bugs, but a best attempt has been made to ensure that the Freedombone is at least more secure than average.
</p> </p>
<div class="org-center"> <div class="org-center">
<p> <p>
This site can also be accessed via a Tor browser at <a href="http://4fvfozz6g3zmvf76.onion/"><a href="http://4fvfozz6g3zmvf76.onion/">http://4fvfozz6g3zmvf76.onion/</a></a> This site can also be accessed via a Tor browser at 4fvfozz6g3zmvf76.onion
</p> </p>
</div> </div>
</div> </div>

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2016-04-23 Sat 13:25 --> <!-- 2016-08-08 Mon 17:19 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -56,13 +56,96 @@
border: 1px solid black; border: 1px solid black;
} }
pre.src:hover:before { display: inline;} pre.src:hover:before { display: inline;}
pre.src-sh:before { content: 'sh'; } /* Languages per Org manual */
pre.src-bash:before { content: 'sh'; } pre.src-asymptote:before { content: 'Asymptote'; }
pre.src-awk:before { content: 'Awk'; }
pre.src-C:before { content: 'C'; }
/* pre.src-C++ doesn't work in CSS */
pre.src-clojure:before { content: 'Clojure'; }
pre.src-css:before { content: 'CSS'; }
pre.src-D:before { content: 'D'; }
pre.src-ditaa:before { content: 'ditaa'; }
pre.src-dot:before { content: 'Graphviz'; }
pre.src-calc:before { content: 'Emacs Calc'; }
pre.src-emacs-lisp:before { content: 'Emacs Lisp'; } pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
pre.src-R:before { content: 'R'; } pre.src-fortran:before { content: 'Fortran'; }
pre.src-perl:before { content: 'Perl'; } pre.src-gnuplot:before { content: 'gnuplot'; }
pre.src-java:before { content: 'Java'; } pre.src-haskell:before { content: 'Haskell'; }
pre.src-sql:before { content: 'SQL'; } pre.src-java:before { content: 'Java'; }
pre.src-js:before { content: 'Javascript'; }
pre.src-latex:before { content: 'LaTeX'; }
pre.src-ledger:before { content: 'Ledger'; }
pre.src-lisp:before { content: 'Lisp'; }
pre.src-lilypond:before { content: 'Lilypond'; }
pre.src-matlab:before { content: 'MATLAB'; }
pre.src-mscgen:before { content: 'Mscgen'; }
pre.src-ocaml:before { content: 'Objective Caml'; }
pre.src-octave:before { content: 'Octave'; }
pre.src-org:before { content: 'Org mode'; }
pre.src-oz:before { content: 'OZ'; }
pre.src-plantuml:before { content: 'Plantuml'; }
pre.src-processing:before { content: 'Processing.js'; }
pre.src-python:before { content: 'Python'; }
pre.src-R:before { content: 'R'; }
pre.src-ruby:before { content: 'Ruby'; }
pre.src-sass:before { content: 'Sass'; }
pre.src-scheme:before { content: 'Scheme'; }
pre.src-screen:before { content: 'Gnu Screen'; }
pre.src-sed:before { content: 'Sed'; }
pre.src-sh:before { content: 'shell'; }
pre.src-sql:before { content: 'SQL'; }
pre.src-sqlite:before { content: 'SQLite'; }
/* additional languages in org.el's org-babel-load-languages alist */
pre.src-forth:before { content: 'Forth'; }
pre.src-io:before { content: 'IO'; }
pre.src-J:before { content: 'J'; }
pre.src-makefile:before { content: 'Makefile'; }
pre.src-maxima:before { content: 'Maxima'; }
pre.src-perl:before { content: 'Perl'; }
pre.src-picolisp:before { content: 'Pico Lisp'; }
pre.src-scala:before { content: 'Scala'; }
pre.src-shell:before { content: 'Shell Script'; }
pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
/* additional language identifiers per "defun org-babel-execute"
in ob-*.el */
pre.src-cpp:before { content: 'C++'; }
pre.src-abc:before { content: 'ABC'; }
pre.src-coq:before { content: 'Coq'; }
pre.src-groovy:before { content: 'Groovy'; }
/* additional language identifiers from org-babel-shell-names in
ob-shell.el: ob-shell is the only babel language using a lambda to put
the execution function name together. */
pre.src-bash:before { content: 'bash'; }
pre.src-csh:before { content: 'csh'; }
pre.src-ash:before { content: 'ash'; }
pre.src-dash:before { content: 'dash'; }
pre.src-ksh:before { content: 'ksh'; }
pre.src-mksh:before { content: 'mksh'; }
pre.src-posh:before { content: 'posh'; }
/* Additional Emacs modes also supported by the LaTeX listings package */
pre.src-ada:before { content: 'Ada'; }
pre.src-asm:before { content: 'Assembler'; }
pre.src-caml:before { content: 'Caml'; }
pre.src-delphi:before { content: 'Delphi'; }
pre.src-html:before { content: 'HTML'; }
pre.src-idl:before { content: 'IDL'; }
pre.src-mercury:before { content: 'Mercury'; }
pre.src-metapost:before { content: 'MetaPost'; }
pre.src-modula-2:before { content: 'Modula-2'; }
pre.src-pascal:before { content: 'Pascal'; }
pre.src-ps:before { content: 'PostScript'; }
pre.src-prolog:before { content: 'Prolog'; }
pre.src-simula:before { content: 'Simula'; }
pre.src-tcl:before { content: 'tcl'; }
pre.src-tex:before { content: 'TeX'; }
pre.src-plain-tex:before { content: 'Plain TeX'; }
pre.src-verilog:before { content: 'Verilog'; }
pre.src-vhdl:before { content: 'VHDL'; }
pre.src-xml:before { content: 'XML'; }
pre.src-nxml:before { content: 'XML'; }
/* add a generic configuration mode; LaTeX export needs an additional
(add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
pre.src-conf:before { content: 'Configuration File'; }
table { border-collapse:collapse; } table { border-collapse:collapse; }
caption.t-above { caption-side: top; } caption.t-above { caption-side: top; }
@ -95,6 +178,7 @@
{ font-size: 10px; font-weight: bold; white-space: nowrap; } { font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight .org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; } { background-color: #ffff00; color: #000000; font-weight: bold; }
.org-svg { width: 90%; }
/*]]>*/--> /*]]>*/-->
</style> </style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" /> <link rel="stylesheet" type="text/css" href="solarized-light.css" />
@ -170,11 +254,11 @@ for the JavaScript code in this tag.
</colgroup> </colgroup>
<tbody> <tbody>
<tr> <tr>
<td class="org-left"><a href="#orgf5eb1b9">Building an image for a Single Board Computer or Virtual Machine</a></td> <td class="org-left"><a href="#org335ae25">Building an image for a Single Board Computer or Virtual Machine</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgbb187ae">Checklist</a></td> <td class="org-left"><a href="#orgb4eb938">Checklist</a></td>
</tr> </tr>
<tr> <tr>
@ -182,34 +266,34 @@ for the JavaScript code in this tag.
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgde28312">Installation</a></td> <td class="org-left"><a href="#org4002596">Installation</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgfb04cde">Social Key Management - the 'Unforgettable Key'</a></td> <td class="org-left"><a href="#orge3fbd6f">Social Key Management - the 'Unforgettable Key'</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org9c24556">Final Setup</a></td> <td class="org-left"><a href="#org293c14e">Final Setup</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org45dffb">Keydrives</a></td> <td class="org-left"><a href="#orgf32608e">Keydrives</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgeabcb9d">On Client Machines</a></td> <td class="org-left"><a href="#orgc0d5d65">On Client Machines</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org53e4300">Administering the system</a></td> <td class="org-left"><a href="#orgab97535">Administering the system</a></td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
<div id="outline-container-orgf5eb1b9" class="outline-2"> <div id="outline-container-org335ae25" class="outline-2">
<h2 id="orgf5eb1b9">Building an image for a Single Board Computer or Virtual Machine</h2> <h2 id="org335ae25">Building an image for a Single Board Computer or Virtual Machine</h2>
<div class="outline-text-2" id="text-orgf5eb1b9"> <div class="outline-text-2" id="text-org335ae25">
<p> <p>
You don't have to trust images downloaded from random internet locations signed with untrusted keys. You can build one from scratch yourself, and this is the recommended procedure for maximum security. For guidance on how to build images see the manpage for the <b>freedombone-image</b> command. You don't have to trust images downloaded from random internet locations signed with untrusted keys. You can build one from scratch yourself, and this is the recommended procedure for maximum security. For guidance on how to build images see the manpage for the <b>freedombone-image</b> command.
</p> </p>
@ -295,9 +379,9 @@ If the image build fails with an error such as "<i>Error reading from server. Re
</div> </div>
</div> </div>
<div id="outline-container-orgbb187ae" class="outline-2"> <div id="outline-container-orgb4eb938" class="outline-2">
<h2 id="orgbb187ae">Checklist</h2> <h2 id="orgb4eb938">Checklist</h2>
<div class="outline-text-2" id="text-orgbb187ae"> <div class="outline-text-2" id="text-orgb4eb938">
<p> <p>
Before installing Freedombone you will need a few things. Before installing Freedombone you will need a few things.
</p> </p>
@ -311,17 +395,17 @@ Before installing Freedombone you will need a few things.
</ul> </ul>
</div> </div>
</div> </div>
<div id="outline-container-orgde28312" class="outline-2"> <div id="outline-container-org4002596" class="outline-2">
<h2 id="orgde28312">Installation</h2> <h2 id="org4002596">Installation</h2>
<div class="outline-text-2" id="text-orgde28312"> <div class="outline-text-2" id="text-org4002596">
<p> <p>
There are three install options: Laptop/Desktop/Netbook, SBC and Virtual Machine. There are three install options: Laptop/Desktop/Netbook, SBC and Virtual Machine.
</p> </p>
</div> </div>
<div id="outline-container-orgbbfdf87" class="outline-3"> <div id="outline-container-org5b4f8c3" class="outline-3">
<h3 id="orgbbfdf87">On a Laptop, Netbook or Desktop machine</h3> <h3 id="org5b4f8c3">On a Laptop, Netbook or Desktop machine</h3>
<div class="outline-text-3" id="text-orgbbfdf87"> <div class="outline-text-3" id="text-org5b4f8c3">
<p> <p>
If you have an existing system, such as an old laptop or netbook which you can leave running as a server, then install a new version of Debian Jessie onto it. During the Debian install you won't need the print server or the desktop environment, and unchecking those will reduce the attack surface. Once Debian enter the following commands: If you have an existing system, such as an old laptop or netbook which you can leave running as a server, then install a new version of Debian Jessie onto it. During the Debian install you won't need the print server or the desktop environment, and unchecking those will reduce the attack surface. Once Debian enter the following commands:
</p> </p>
@ -340,16 +424,16 @@ freedombone menuconfig
</div> </div>
</div> </div>
<div id="outline-container-org447e0ab" class="outline-3"> <div id="outline-container-org0ef1235" class="outline-3">
<h3 id="org447e0ab">On a single board computer (SBC)</h3> <h3 id="org0ef1235">On a single board computer (SBC)</h3>
<div class="outline-text-3" id="text-org447e0ab"> <div class="outline-text-3" id="text-org0ef1235">
<p> <p>
Currently the following boards are supported: Currently the following boards are supported:
</p> </p>
<ul class="org-ul"> <ul class="org-ul">
<li><a href="http://beagleboard.org/BLACK">Beaglebone Black</a></li> <li><a href="https://beagleboard.org/BLACK">Beaglebone Black</a></li>
<li><a href="http://linux-sunxi.org/Cubietech_Cubieboard2">Cubieboard 2</a></li> <li><a href="https://linux-sunxi.org/Cubietech_Cubieboard2">Cubieboard 2</a></li>
<li><a href="https://linux-sunxi.org/Cubietruck">Cubietruck (Cubieboard 3)</a></li> <li><a href="https://linux-sunxi.org/Cubietruck">Cubietruck (Cubieboard 3)</a></li>
<li><a href="https://www.olimex.com/Products/OLinuXino/A20/A20-OLinuXIno-LIME/open-source-hardware">olinuxino Lime</a></li> <li><a href="https://www.olimex.com/Products/OLinuXino/A20/A20-OLinuXIno-LIME/open-source-hardware">olinuxino Lime</a></li>
<li><a href="https://www.olimex.com/Products/OLinuXino/A20/A20-OLinuXIno-LIME2/open-source-hardware">olinuxino Lime2</a></li> <li><a href="https://www.olimex.com/Products/OLinuXino/A20/A20-OLinuXIno-LIME2/open-source-hardware">olinuxino Lime2</a></li>
@ -426,9 +510,9 @@ Using the password 'freedombone'. Take a note of the new login password and then
</div> </div>
</div> </div>
<div id="outline-container-org7807744" class="outline-3"> <div id="outline-container-org6d2c7b6" class="outline-3">
<h3 id="org7807744">As a Virtual Machine</h3> <h3 id="org6d2c7b6">As a Virtual Machine</h3>
<div class="outline-text-3" id="text-org7807744"> <div class="outline-text-3" id="text-org6d2c7b6">
<p> <p>
Virtualbox and Qemu are supported. You can run a 64 bit Qemu image with: Virtualbox and Qemu are supported. You can run a 64 bit Qemu image with:
</p> </p>
@ -450,42 +534,42 @@ The default login will be username 'fbone' and password 'freedombone'. Take a no
</div> </div>
</div> </div>
<div id="outline-container-orgfb04cde" class="outline-2"> <div id="outline-container-orge3fbd6f" class="outline-2">
<h2 id="orgfb04cde">Social Key Management - the 'Unforgettable Key'</h2> <h2 id="orge3fbd6f">Social Key Management - the 'Unforgettable Key'</h2>
<div class="outline-text-2" id="text-orgfb04cde"> <div class="outline-text-2" id="text-orge3fbd6f">
<p> <p>
During the install procedure you will be asked if you wish to import GPG keys. If you don't already possess GPG keys then just select "Ok" and they will be generated during the install. If you do already have GPG keys then there are a few possibilities During the install procedure you will be asked if you wish to import GPG keys. If you don't already possess GPG keys then just select "Ok" and they will be generated during the install. If you do already have GPG keys then there are a few possibilities
</p> </p>
</div> </div>
<div id="outline-container-org285c7d1" class="outline-3"> <div id="outline-container-org8b41155" class="outline-3">
<h3 id="org285c7d1">You have the gnupg keyring on an encrypted USB drive</h3> <h3 id="org8b41155">You have the gnupg keyring on an encrypted USB drive</h3>
<div class="outline-text-3" id="text-org285c7d1"> <div class="outline-text-3" id="text-org8b41155">
<p> <p>
If you previously made a master keydrive containing the full keyring (the .gnupg directory). This is the most straightforward case, but not as secure as splitting the key into fragments. If you previously made a master keydrive containing the full keyring (the .gnupg directory). This is the most straightforward case, but not as secure as splitting the key into fragments.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgff616ab" class="outline-3"> <div id="outline-container-org1f06b9d" class="outline-3">
<h3 id="orgff616ab">You have a number of key fragments on USB drives retrieved from friends</h3> <h3 id="org1f06b9d">You have a number of key fragments on USB drives retrieved from friends</h3>
<div class="outline-text-3" id="text-orgff616ab"> <div class="outline-text-3" id="text-org1f06b9d">
<p> <p>
If you previously made some USB drives containing key fragments then retrieve them from your friends and plug them in one after the other. After the last drive has been read then remove it and just select "Ok". The system will then try to reconstruct the key. For this to work you will need to have previously made three or more <a href="#org45dffb">Keydrives</a>. If you previously made some USB drives containing key fragments then retrieve them from your friends and plug them in one after the other. After the last drive has been read then remove it and just select "Ok". The system will then try to reconstruct the key. For this to work you will need to have previously made three or more <a href="#orgf32608e">Keydrives</a>.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgff957c" class="outline-3"> <div id="outline-container-orgdfd043a" class="outline-3">
<h3 id="orgff957c">You can specify some ssh login details for friends servers containing key fragments</h3> <h3 id="orgdfd043a">You can specify some ssh login details for friends servers containing key fragments</h3>
<div class="outline-text-3" id="text-orgff957c"> <div class="outline-text-3" id="text-orgdfd043a">
<p> <p>
Enter three or more sets of login details and the installer will try to retrieve key fragments and then assemble them into the full key. This only works if you previously were using remote backups and had social key management enabled. Enter three or more sets of login details and the installer will try to retrieve key fragments and then assemble them into the full key. This only works if you previously were using remote backups and had social key management enabled.
</p> </p>
</div> </div>
</div> </div>
</div> </div>
<div id="outline-container-org9c24556" class="outline-2"> <div id="outline-container-org293c14e" class="outline-2">
<h2 id="org9c24556">Final Setup</h2> <h2 id="org293c14e">Final Setup</h2>
<div class="outline-text-2" id="text-org9c24556"> <div class="outline-text-2" id="text-org293c14e">
<p> <p>
Any manual post-installation setup instructions or passwords can be found in /home/username/README. You should remove any passwords from that file and store them within a password manager such as KeepassX. Any manual post-installation setup instructions or passwords can be found in /home/username/README. You should remove any passwords from that file and store them within a password manager such as KeepassX.
</p> </p>
@ -603,16 +687,16 @@ On your internet router, typically under firewall settings, open the following p
</div> </div>
</div> </div>
<div id="outline-container-org45dffb" class="outline-2"> <div id="outline-container-orgf32608e" class="outline-2">
<h2 id="org45dffb">Keydrives</h2> <h2 id="orgf32608e">Keydrives</h2>
<div class="outline-text-2" id="text-org45dffb"> <div class="outline-text-2" id="text-orgf32608e">
<p> <p>
After installing for the first time it's a good idea to create some keydrives. These will store your gpg key so that if all else fails you will still be able to restore from backup. There are two ways to do this: After installing for the first time it's a good idea to create some keydrives. These will store your gpg key so that if all else fails you will still be able to restore from backup. There are two ways to do this:
</p> </p>
</div> </div>
<div id="outline-container-org88a0044" class="outline-3"> <div id="outline-container-org3cc4a72" class="outline-3">
<h3 id="org88a0044">Master Keydrive</h3> <h3 id="org3cc4a72">Master Keydrive</h3>
<div class="outline-text-3" id="text-org88a0044"> <div class="outline-text-3" id="text-org3cc4a72">
<p> <p>
This is the traditional security model in which you carry your full keyring on an encrypted USB drive. To make a master keydrive first format a USB drive as a LUKS encrypted drive. In Ubuntu this can be <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">done from the <i>Disk Utility</i> application</a>. Then plug it into the Freedombone system, then from your local machine run: This is the traditional security model in which you carry your full keyring on an encrypted USB drive. To make a master keydrive first format a USB drive as a LUKS encrypted drive. In Ubuntu this can be <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">done from the <i>Disk Utility</i> application</a>. Then plug it into the Freedombone system, then from your local machine run:
</p> </p>
@ -628,9 +712,9 @@ Select <i>Administrator controls</i> then <i>Backup and Restore</i> then <i>Back
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org9e44d48" class="outline-3"> <div id="outline-container-org48cb53f" class="outline-3">
<h3 id="org9e44d48">Fragment keydrives</h3> <h3 id="org48cb53f">Fragment keydrives</h3>
<div class="outline-text-3" id="text-org9e44d48"> <div class="outline-text-3" id="text-org48cb53f">
<p> <p>
This breaks your GPG key into a number of fragments and randomly selects one to add to the USB drive. First format a USB drive as a LUKS encrypted drive. In Ubuntu this <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">can be done from the <i>Disk Utility</i> application</a>. Plug it into the Freedombone system then from your local machine run the following commands: This breaks your GPG key into a number of fragments and randomly selects one to add to the USB drive. First format a USB drive as a LUKS encrypted drive. In Ubuntu this <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">can be done from the <i>Disk Utility</i> application</a>. Plug it into the Freedombone system then from your local machine run the following commands:
</p> </p>
@ -651,9 +735,9 @@ Fragments are randomly assigned and so you will need at least three or four keyd
</div> </div>
</div> </div>
</div> </div>
<div id="outline-container-orgeabcb9d" class="outline-2"> <div id="outline-container-orgc0d5d65" class="outline-2">
<h2 id="orgeabcb9d">On Client Machines</h2> <h2 id="orgc0d5d65">On Client Machines</h2>
<div class="outline-text-2" id="text-orgeabcb9d"> <div class="outline-text-2" id="text-orgc0d5d65">
<p> <p>
You can configure laptops or desktop machines which connect to the Freedombone server in the following way. This alters encryption settings to improve overall security. You can configure laptops or desktop machines which connect to the Freedombone server in the following way. This alters encryption settings to improve overall security.
</p> </p>
@ -671,9 +755,9 @@ freedombone-client
</div> </div>
</div> </div>
<div id="outline-container-org53e4300" class="outline-2"> <div id="outline-container-orgab97535" class="outline-2">
<h2 id="org53e4300">Administering the system</h2> <h2 id="orgab97535">Administering the system</h2>
<div class="outline-text-2" id="text-org53e4300"> <div class="outline-text-2" id="text-orgab97535">
<p> <p>
To administer the system after installation log in via ssh, become the root user and then launch the control panel. To administer the system after installation log in via ssh, become the root user and then launch the control panel.
</p> </p>

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2016-02-27 Sat 22:09 --> <!-- 2016-08-08 Mon 17:19 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -56,13 +56,96 @@
border: 1px solid black; border: 1px solid black;
} }
pre.src:hover:before { display: inline;} pre.src:hover:before { display: inline;}
pre.src-sh:before { content: 'sh'; } /* Languages per Org manual */
pre.src-bash:before { content: 'sh'; } pre.src-asymptote:before { content: 'Asymptote'; }
pre.src-awk:before { content: 'Awk'; }
pre.src-C:before { content: 'C'; }
/* pre.src-C++ doesn't work in CSS */
pre.src-clojure:before { content: 'Clojure'; }
pre.src-css:before { content: 'CSS'; }
pre.src-D:before { content: 'D'; }
pre.src-ditaa:before { content: 'ditaa'; }
pre.src-dot:before { content: 'Graphviz'; }
pre.src-calc:before { content: 'Emacs Calc'; }
pre.src-emacs-lisp:before { content: 'Emacs Lisp'; } pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
pre.src-R:before { content: 'R'; } pre.src-fortran:before { content: 'Fortran'; }
pre.src-perl:before { content: 'Perl'; } pre.src-gnuplot:before { content: 'gnuplot'; }
pre.src-java:before { content: 'Java'; } pre.src-haskell:before { content: 'Haskell'; }
pre.src-sql:before { content: 'SQL'; } pre.src-java:before { content: 'Java'; }
pre.src-js:before { content: 'Javascript'; }
pre.src-latex:before { content: 'LaTeX'; }
pre.src-ledger:before { content: 'Ledger'; }
pre.src-lisp:before { content: 'Lisp'; }
pre.src-lilypond:before { content: 'Lilypond'; }
pre.src-matlab:before { content: 'MATLAB'; }
pre.src-mscgen:before { content: 'Mscgen'; }
pre.src-ocaml:before { content: 'Objective Caml'; }
pre.src-octave:before { content: 'Octave'; }
pre.src-org:before { content: 'Org mode'; }
pre.src-oz:before { content: 'OZ'; }
pre.src-plantuml:before { content: 'Plantuml'; }
pre.src-processing:before { content: 'Processing.js'; }
pre.src-python:before { content: 'Python'; }
pre.src-R:before { content: 'R'; }
pre.src-ruby:before { content: 'Ruby'; }
pre.src-sass:before { content: 'Sass'; }
pre.src-scheme:before { content: 'Scheme'; }
pre.src-screen:before { content: 'Gnu Screen'; }
pre.src-sed:before { content: 'Sed'; }
pre.src-sh:before { content: 'shell'; }
pre.src-sql:before { content: 'SQL'; }
pre.src-sqlite:before { content: 'SQLite'; }
/* additional languages in org.el's org-babel-load-languages alist */
pre.src-forth:before { content: 'Forth'; }
pre.src-io:before { content: 'IO'; }
pre.src-J:before { content: 'J'; }
pre.src-makefile:before { content: 'Makefile'; }
pre.src-maxima:before { content: 'Maxima'; }
pre.src-perl:before { content: 'Perl'; }
pre.src-picolisp:before { content: 'Pico Lisp'; }
pre.src-scala:before { content: 'Scala'; }
pre.src-shell:before { content: 'Shell Script'; }
pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
/* additional language identifiers per "defun org-babel-execute"
in ob-*.el */
pre.src-cpp:before { content: 'C++'; }
pre.src-abc:before { content: 'ABC'; }
pre.src-coq:before { content: 'Coq'; }
pre.src-groovy:before { content: 'Groovy'; }
/* additional language identifiers from org-babel-shell-names in
ob-shell.el: ob-shell is the only babel language using a lambda to put
the execution function name together. */
pre.src-bash:before { content: 'bash'; }
pre.src-csh:before { content: 'csh'; }
pre.src-ash:before { content: 'ash'; }
pre.src-dash:before { content: 'dash'; }
pre.src-ksh:before { content: 'ksh'; }
pre.src-mksh:before { content: 'mksh'; }
pre.src-posh:before { content: 'posh'; }
/* Additional Emacs modes also supported by the LaTeX listings package */
pre.src-ada:before { content: 'Ada'; }
pre.src-asm:before { content: 'Assembler'; }
pre.src-caml:before { content: 'Caml'; }
pre.src-delphi:before { content: 'Delphi'; }
pre.src-html:before { content: 'HTML'; }
pre.src-idl:before { content: 'IDL'; }
pre.src-mercury:before { content: 'Mercury'; }
pre.src-metapost:before { content: 'MetaPost'; }
pre.src-modula-2:before { content: 'Modula-2'; }
pre.src-pascal:before { content: 'Pascal'; }
pre.src-ps:before { content: 'PostScript'; }
pre.src-prolog:before { content: 'Prolog'; }
pre.src-simula:before { content: 'Simula'; }
pre.src-tcl:before { content: 'tcl'; }
pre.src-tex:before { content: 'TeX'; }
pre.src-plain-tex:before { content: 'Plain TeX'; }
pre.src-verilog:before { content: 'Verilog'; }
pre.src-vhdl:before { content: 'VHDL'; }
pre.src-xml:before { content: 'XML'; }
pre.src-nxml:before { content: 'XML'; }
/* add a generic configuration mode; LaTeX export needs an additional
(add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
pre.src-conf:before { content: 'Configuration File'; }
table { border-collapse:collapse; } table { border-collapse:collapse; }
caption.t-above { caption-side: top; } caption.t-above { caption-side: top; }
@ -95,6 +178,7 @@
{ font-size: 10px; font-weight: bold; white-space: nowrap; } { font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight .org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; } { background-color: #ffff00; color: #000000; font-weight: bold; }
.org-svg { width: 90%; }
/*]]>*/--> /*]]>*/-->
</style> </style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" /> <link rel="stylesheet" type="text/css" href="solarized-light.css" />
@ -170,34 +254,34 @@ for the JavaScript code in this tag.
</colgroup> </colgroup>
<tbody> <tbody>
<tr> <tr>
<td class="org-left"><a href="#orgheadline1">What is a mesh network?</a></td> <td class="org-left"><a href="#org7571d97">What is a mesh network?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline2">The Freedombone Mesh</a></td> <td class="org-left"><a href="#org723a71f">The Freedombone Mesh</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline3">Installation</a></td> <td class="org-left"><a href="#org20b8881">Installation</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline4">Wifi adaptors</a></td> <td class="org-left"><a href="#orge8c3e69">Wifi adaptors</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline5">Using the mesh</a></td> <td class="org-left"><a href="#org123d626">Using the mesh</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline6">Further reading</a></td> <td class="org-left"><a href="#org2fe4976">Further reading</a></td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
<div id="outline-container-orgheadline1" class="outline-2"> <div id="outline-container-org7571d97" class="outline-2">
<h2 id="orgheadline1">What is a mesh network?</h2> <h2 id="org7571d97">What is a mesh network?</h2>
<div class="outline-text-2" id="text-orgheadline1"> <div class="outline-text-2" id="text-org7571d97">
<p> <p>
The internet as it currently exists is mostly organised according to a client/server model. Servers run the web services and store the data and clients are the laptops, desktops and other devices accessing the servers. In a mesh network there isn't any clear division between clients and servers. The computers on a mesh network are known as "peers" and they can perform the functions of both clients and servers. Commonly this is also known as a "peer to peer" network. The internet as it currently exists is mostly organised according to a client/server model. Servers run the web services and store the data and clients are the laptops, desktops and other devices accessing the servers. In a mesh network there isn't any clear division between clients and servers. The computers on a mesh network are known as "peers" and they can perform the functions of both clients and servers. Commonly this is also known as a "peer to peer" network.
</p> </p>
@ -229,20 +313,20 @@ Example use cases would be:
</div> </div>
</div> </div>
<div id="outline-container-orgheadline2" class="outline-2"> <div id="outline-container-org723a71f" class="outline-2">
<h2 id="orgheadline2">The Freedombone Mesh</h2> <h2 id="org723a71f">The Freedombone Mesh</h2>
<div class="outline-text-2" id="text-orgheadline2"> <div class="outline-text-2" id="text-org723a71f">
<p> <p>
The Freedombone mesh is offline - in the sense of not being part of the larger internet - and consists of a set of computers with the software installed communicating wirelessly using ordinary wifi. Peers can enter or leave the network and it will adjust automatically. All communications between peers is end-to-end encrypted, so although it's easy to join the network it's not easy to passively evesdrop. The Freedombone mesh is offline - in the sense of not being part of the larger internet - and consists of a set of computers with the software installed communicating wirelessly using ordinary wifi. Peers can enter or leave the network and it will adjust automatically. All communications between peers is end-to-end encrypted, so although it's easy to join the network it's not easy to passively evesdrop.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline3" class="outline-2"> <div id="outline-container-org20b8881" class="outline-2">
<h2 id="orgheadline3">Installation</h2> <h2 id="org20b8881">Installation</h2>
<div class="outline-text-2" id="text-orgheadline3"> <div class="outline-text-2" id="text-org20b8881">
</div><div id="outline-container-orgheadline7" class="outline-3"> </div><div id="outline-container-org865e6de" class="outline-3">
<h3 id="orgheadline7">Two types of system</h3> <h3 id="org865e6de">Two types of system</h3>
<div class="outline-text-3" id="text-orgheadline7"> <div class="outline-text-3" id="text-org865e6de">
<p> <p>
Installation is split into two categories, <i>routers</i> and <i>user devices</i>. Installation is split into two categories, <i>routers</i> and <i>user devices</i>.
</p> </p>
@ -260,9 +344,9 @@ Small computers acting as mesh routers can also be battery operated or solar pow
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline8" class="outline-3"> <div id="outline-container-org6438efa" class="outline-3">
<h3 id="orgheadline8">Installing on routers</h3> <h3 id="org6438efa">Installing on routers</h3>
<div class="outline-text-3" id="text-orgheadline8"> <div class="outline-text-3" id="text-org6438efa">
<p> <p>
Whatever system you're going to use as a mesh router should have a new Debian Jessie install on it. It's advisable that this be a new install so that there is no existing software on the system which could confuse the mesh install process. Whatever system you're going to use as a mesh router should have a new Debian Jessie install on it. It's advisable that this be a new install so that there is no existing software on the system which could confuse the mesh install process.
</p> </p>
@ -332,9 +416,9 @@ The reboot is needed in order to enable zram and the hardware random number gene
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline9" class="outline-3"> <div id="outline-container-org7952cce" class="outline-3">
<h3 id="orgheadline9">Installing on user devices</h3> <h3 id="org7952cce">Installing on user devices</h3>
<div class="outline-text-3" id="text-orgheadline9"> <div class="outline-text-3" id="text-org7952cce">
<p> <p>
Typically on a laptop with a Debian-based distro installed, open a terminal and type: Typically on a laptop with a Debian-based distro installed, open a terminal and type:
</p> </p>
@ -368,16 +452,16 @@ sudo dpkg -i batctl_2014.1.0-2_amd64.deb
</div> </div>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline4" class="outline-2"> <div id="outline-container-orge8c3e69" class="outline-2">
<h2 id="orgheadline4">Wifi adaptors</h2> <h2 id="orge8c3e69">Wifi adaptors</h2>
<div class="outline-text-2" id="text-orgheadline4"> <div class="outline-text-2" id="text-orge8c3e69">
<p> <p>
There are a small number of wifi adaptors which are compatible with a fully free software stack. There are a small number of wifi adaptors which are compatible with a fully free software stack.
</p> </p>
</div> </div>
<div id="outline-container-orgheadline10" class="outline-3"> <div id="outline-container-orgc1ab644" class="outline-3">
<h3 id="orgheadline10">Atheros AR9271</h3> <h3 id="orgc1ab644">Atheros AR9271</h3>
<div class="outline-text-3" id="text-orgheadline10"> <div class="outline-text-3" id="text-orgc1ab644">
<p> <p>
To install the firmware for this: To install the firmware for this:
</p> </p>
@ -395,17 +479,17 @@ mv *.fw /lib/firmware
</div> </div>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline5" class="outline-2"> <div id="outline-container-org123d626" class="outline-2">
<h2 id="orgheadline5">Using the mesh</h2> <h2 id="org123d626">Using the mesh</h2>
<div class="outline-text-2" id="text-orgheadline5"> <div class="outline-text-2" id="text-org123d626">
<p> <p>
The following sections only apply to <i>client devices</i>. Mesh <i>routers</i> are only for routing network traffic and operating <a href="https://en.wikipedia.org/wiki/BitTorrent_tracker">trackers</a> and <a href="https://en.wikipedia.org/wiki/Distributed_hash_table">distributed hash tables</a> for bootstrapping purposes. The following sections only apply to <i>client devices</i>. Mesh <i>routers</i> are only for routing network traffic and operating <a href="https://en.wikipedia.org/wiki/BitTorrent_tracker">trackers</a> and <a href="https://en.wikipedia.org/wiki/Distributed_hash_table">distributed hash tables</a> for bootstrapping purposes.
</p> </p>
</div> </div>
<div id="outline-container-orgheadline11" class="outline-3"> <div id="outline-container-orgc862ae7" class="outline-3">
<h3 id="orgheadline11">Switching from internet to mesh mode</h3> <h3 id="orgc862ae7">Switching from internet to mesh mode</h3>
<div class="outline-text-3" id="text-orgheadline11"> <div class="outline-text-3" id="text-orgc862ae7">
<p> <p>
To join the mesh network open a terminal and type: To join the mesh network open a terminal and type:
</p> </p>
@ -435,11 +519,11 @@ If for any reason things don't seem to be updating you can force an update by is
</div> </div>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline12" class="outline-3"> <div id="outline-container-org193f44f" class="outline-3">
<h3 id="orgheadline12">Chat</h3> <h3 id="org193f44f">Chat</h3>
<div class="outline-text-3" id="text-orgheadline12"> <div class="outline-text-3" id="text-org193f44f">
<p> <p>
If you have a Tox client installed on your system then you can use that to communicate with other mesh peers. A limitation is that if peers change you may need to quit the application and restart it in order to receive the updated list of DHTnodes. The <a href="https://github.com/Tox/toxic">Toxic</a> client is installed by default, but you may also want to install <a href="https://github.com/tux3/qTox">qTox</a> or <a href="http://utox.org/">uTox</a> for a more conventional-looking user experience. If you have a Tox client installed on your system then you can use that to communicate with other mesh peers. A limitation is that if peers change you may need to quit the application and restart it in order to receive the updated list of DHTnodes. The <a href="https://github.com/Tox/toxic">Toxic</a> client is installed by default, but you may also want to install <a href="https://github.com/tux3/qTox">qTox</a> for a more conventional-looking user experience.
</p> </p>
<p> <p>
@ -484,9 +568,9 @@ A note for the security-conscious is that broadcasting Tox IDs via the network (
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline13" class="outline-3"> <div id="outline-container-orge82459e" class="outline-3">
<h3 id="orgheadline13">Blogging</h3> <h3 id="orge82459e">Blogging</h3>
<div class="outline-text-3" id="text-orgheadline13"> <div class="outline-text-3" id="text-orge82459e">
<p> <p>
The Freedombone mesh uses a fully decentralized blogging system called <a href="https://github.com/HelloZeroNet/ZeroBlog">ZeroBlog</a>. It behaves rather like other peer-to-peer file sharing systems in that if you are reading the blog of another user you are also simultaneously seeding it to other peers (acting as both a client and a server). This allows the system to scale well, while also being robust to any peer failing or leaving the network. The Freedombone mesh uses a fully decentralized blogging system called <a href="https://github.com/HelloZeroNet/ZeroBlog">ZeroBlog</a>. It behaves rather like other peer-to-peer file sharing systems in that if you are reading the blog of another user you are also simultaneously seeding it to other peers (acting as both a client and a server). This allows the system to scale well, while also being robust to any peer failing or leaving the network.
</p> </p>
@ -504,17 +588,17 @@ To add a new blog entry click the <i>new post</i> button, edit the title and con
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline14" class="outline-3"> <div id="outline-container-org35fb05a" class="outline-3">
<h3 id="orgheadline14">Other services</h3> <h3 id="org35fb05a">Other services</h3>
<div class="outline-text-3" id="text-orgheadline14"> <div class="outline-text-3" id="text-org35fb05a">
<p> <p>
It is hoped that a decentralized forum will be added, but this is not yet complete. In the mean time a substitute is to use the Tox group chat feature. It is hoped that a decentralized forum will be added, but this is not yet complete. In the mean time a substitute is to use the Tox group chat feature.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline15" class="outline-3"> <div id="outline-container-org1bfcc2c" class="outline-3">
<h3 id="orgheadline15">Turning off the mesh</h3> <h3 id="org1bfcc2c">Turning off the mesh</h3>
<div class="outline-text-3" id="text-orgheadline15"> <div class="outline-text-3" id="text-org1bfcc2c">
<p> <p>
If you wish to return to the internet then open a terminal and type: If you wish to return to the internet then open a terminal and type:
</p> </p>
@ -531,11 +615,11 @@ After a few seconds your usual internet wifi connection should be re-established
</div> </div>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline6" class="outline-2"> <div id="outline-container-org2fe4976" class="outline-2">
<h2 id="orgheadline6">Further reading</h2> <h2 id="org2fe4976">Further reading</h2>
<div class="outline-text-2" id="text-orgheadline6"> <div class="outline-text-2" id="text-org2fe4976">
<p> <p>
For much more extensive details about deploying wireless networks there is an excellent book called <a href="http://wndw.net/">Wireless Networking in the Developing World</a> which is worth reading. It's not necessarily exclusively about mesh networks, but may be useful in terms of advice about antennas, reflections, extending wifi range and so on. For much more extensive details about deploying wireless networks there is an excellent book called <a href="https://wndw.net/">Wireless Networking in the Developing World</a> which is worth reading. It's not necessarily exclusively about mesh networks, but may be useful in terms of advice about antennas, reflections, extending wifi range and so on.
</p> </p>
<center> <center>

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2016-02-27 Sat 22:10 --> <!-- 2016-08-08 Mon 17:19 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -56,13 +56,96 @@
border: 1px solid black; border: 1px solid black;
} }
pre.src:hover:before { display: inline;} pre.src:hover:before { display: inline;}
pre.src-sh:before { content: 'sh'; } /* Languages per Org manual */
pre.src-bash:before { content: 'sh'; } pre.src-asymptote:before { content: 'Asymptote'; }
pre.src-awk:before { content: 'Awk'; }
pre.src-C:before { content: 'C'; }
/* pre.src-C++ doesn't work in CSS */
pre.src-clojure:before { content: 'Clojure'; }
pre.src-css:before { content: 'CSS'; }
pre.src-D:before { content: 'D'; }
pre.src-ditaa:before { content: 'ditaa'; }
pre.src-dot:before { content: 'Graphviz'; }
pre.src-calc:before { content: 'Emacs Calc'; }
pre.src-emacs-lisp:before { content: 'Emacs Lisp'; } pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
pre.src-R:before { content: 'R'; } pre.src-fortran:before { content: 'Fortran'; }
pre.src-perl:before { content: 'Perl'; } pre.src-gnuplot:before { content: 'gnuplot'; }
pre.src-java:before { content: 'Java'; } pre.src-haskell:before { content: 'Haskell'; }
pre.src-sql:before { content: 'SQL'; } pre.src-java:before { content: 'Java'; }
pre.src-js:before { content: 'Javascript'; }
pre.src-latex:before { content: 'LaTeX'; }
pre.src-ledger:before { content: 'Ledger'; }
pre.src-lisp:before { content: 'Lisp'; }
pre.src-lilypond:before { content: 'Lilypond'; }
pre.src-matlab:before { content: 'MATLAB'; }
pre.src-mscgen:before { content: 'Mscgen'; }
pre.src-ocaml:before { content: 'Objective Caml'; }
pre.src-octave:before { content: 'Octave'; }
pre.src-org:before { content: 'Org mode'; }
pre.src-oz:before { content: 'OZ'; }
pre.src-plantuml:before { content: 'Plantuml'; }
pre.src-processing:before { content: 'Processing.js'; }
pre.src-python:before { content: 'Python'; }
pre.src-R:before { content: 'R'; }
pre.src-ruby:before { content: 'Ruby'; }
pre.src-sass:before { content: 'Sass'; }
pre.src-scheme:before { content: 'Scheme'; }
pre.src-screen:before { content: 'Gnu Screen'; }
pre.src-sed:before { content: 'Sed'; }
pre.src-sh:before { content: 'shell'; }
pre.src-sql:before { content: 'SQL'; }
pre.src-sqlite:before { content: 'SQLite'; }
/* additional languages in org.el's org-babel-load-languages alist */
pre.src-forth:before { content: 'Forth'; }
pre.src-io:before { content: 'IO'; }
pre.src-J:before { content: 'J'; }
pre.src-makefile:before { content: 'Makefile'; }
pre.src-maxima:before { content: 'Maxima'; }
pre.src-perl:before { content: 'Perl'; }
pre.src-picolisp:before { content: 'Pico Lisp'; }
pre.src-scala:before { content: 'Scala'; }
pre.src-shell:before { content: 'Shell Script'; }
pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
/* additional language identifiers per "defun org-babel-execute"
in ob-*.el */
pre.src-cpp:before { content: 'C++'; }
pre.src-abc:before { content: 'ABC'; }
pre.src-coq:before { content: 'Coq'; }
pre.src-groovy:before { content: 'Groovy'; }
/* additional language identifiers from org-babel-shell-names in
ob-shell.el: ob-shell is the only babel language using a lambda to put
the execution function name together. */
pre.src-bash:before { content: 'bash'; }
pre.src-csh:before { content: 'csh'; }
pre.src-ash:before { content: 'ash'; }
pre.src-dash:before { content: 'dash'; }
pre.src-ksh:before { content: 'ksh'; }
pre.src-mksh:before { content: 'mksh'; }
pre.src-posh:before { content: 'posh'; }
/* Additional Emacs modes also supported by the LaTeX listings package */
pre.src-ada:before { content: 'Ada'; }
pre.src-asm:before { content: 'Assembler'; }
pre.src-caml:before { content: 'Caml'; }
pre.src-delphi:before { content: 'Delphi'; }
pre.src-html:before { content: 'HTML'; }
pre.src-idl:before { content: 'IDL'; }
pre.src-mercury:before { content: 'Mercury'; }
pre.src-metapost:before { content: 'MetaPost'; }
pre.src-modula-2:before { content: 'Modula-2'; }
pre.src-pascal:before { content: 'Pascal'; }
pre.src-ps:before { content: 'PostScript'; }
pre.src-prolog:before { content: 'Prolog'; }
pre.src-simula:before { content: 'Simula'; }
pre.src-tcl:before { content: 'tcl'; }
pre.src-tex:before { content: 'TeX'; }
pre.src-plain-tex:before { content: 'Plain TeX'; }
pre.src-verilog:before { content: 'Verilog'; }
pre.src-vhdl:before { content: 'VHDL'; }
pre.src-xml:before { content: 'XML'; }
pre.src-nxml:before { content: 'XML'; }
/* add a generic configuration mode; LaTeX export needs an additional
(add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
pre.src-conf:before { content: 'Configuration File'; }
table { border-collapse:collapse; } table { border-collapse:collapse; }
caption.t-above { caption-side: top; } caption.t-above { caption-side: top; }
@ -95,6 +178,7 @@
{ font-size: 10px; font-weight: bold; white-space: nowrap; } { font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight .org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; } { background-color: #ffff00; color: #000000; font-weight: bold; }
.org-svg { width: 90%; }
/*]]>*/--> /*]]>*/-->
</style> </style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" /> <link rel="stylesheet" type="text/css" href="solarized-light.css" />
@ -170,62 +254,62 @@ for the JavaScript code in this tag.
</colgroup> </colgroup>
<tbody> <tbody>
<tr> <tr>
<td class="org-left"><a href="#orgheadline1">What are mirrors and why do they exist?</a></td> <td class="org-left"><a href="#org5255c28">What are mirrors and why do they exist?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline2">What security do mirrors have?</a></td> <td class="org-left"><a href="#org3a71074">What security do mirrors have?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline3">How do I set up mirrors?</a></td> <td class="org-left"><a href="#orgad30640">How do I set up mirrors?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline4">Do mirrors include debian package repositories?</a></td> <td class="org-left"><a href="#orgf55466c">Do mirrors include debian package repositories?</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline5">What do I need to do to keep the mirrored repositories updated?</a></td> <td class="org-left"><a href="#orgae578f8">What do I need to do to keep the mirrored repositories updated?</a></td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
<div id="outline-container-orgheadline1" class="outline-2"> <div id="outline-container-org5255c28" class="outline-2">
<h2 id="orgheadline1">What are mirrors and why do they exist?</h2> <h2 id="org5255c28">What are mirrors and why do they exist?</h2>
<div class="outline-text-2" id="text-orgheadline1"> <div class="outline-text-2" id="text-org5255c28">
<p> <p>
It would be nice if all of the applications used by this project were packaged for Debian, but currently they're not. This means that various upstream git repositories are used and these mostly reside on Github. What if Github were to go away, become paying only or be censored in some manner which was difficult to work around? To guard against this possibility the repositories are mirrored on each install and can then be made available to other users so that new installations or updates could still occur without the original default repos. It would be nice if all of the applications used by this project were packaged for Debian, but currently they're not. This means that various upstream git repositories are used and these mostly reside on Github. What if Github were to go away, become paying only or be censored in some manner which was difficult to work around? To guard against this possibility the repositories are mirrored on each install and can then be made available to other users so that new installations or updates could still occur without the original default repos.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline2" class="outline-2"> <div id="outline-container-org3a71074" class="outline-2">
<h2 id="orgheadline2">What security do mirrors have?</h2> <h2 id="org3a71074">What security do mirrors have?</h2>
<div class="outline-text-2" id="text-orgheadline2"> <div class="outline-text-2" id="text-org3a71074">
<p> <p>
On each install you have a <i>mirrors</i> user created, whose only purpose is to mirror upstream repositories. A random password is generated for the <i>mirrors</i> user which can be seen within the control panel and so given to other users who may need it. On each install you have a <i>mirrors</i> user created, whose only purpose is to mirror upstream repositories. A random password is generated for the <i>mirrors</i> user which can be seen within the control panel and so given to other users who may need it.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline3" class="outline-2"> <div id="outline-container-orgad30640" class="outline-2">
<h2 id="orgheadline3">How do I set up mirrors?</h2> <h2 id="orgad30640">How do I set up mirrors?</h2>
<div class="outline-text-2" id="text-orgheadline3"> <div class="outline-text-2" id="text-orgad30640">
<p> <p>
The interactive installer will ask whether you want to configure the main respositories. Enter the URL, which will typically be an onion address, the ssh port number and the password for the mirrors on that system. The interactive installer will ask whether you want to configure the main respositories. Enter the URL, which will typically be an onion address, the ssh port number and the password for the mirrors on that system.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline4" class="outline-2"> <div id="outline-container-orgf55466c" class="outline-2">
<h2 id="orgheadline4">Do mirrors include debian package repositories?</h2> <h2 id="orgf55466c">Do mirrors include debian package repositories?</h2>
<div class="outline-text-2" id="text-orgheadline4"> <div class="outline-text-2" id="text-orgf55466c">
<p> <p>
No. Packages for Debian will still be accessed in the conventional manner. No. Packages for Debian will still be accessed in the conventional manner.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline6" class="outline-2"> <div id="outline-container-orge448ccd" class="outline-2">
<h2 id="orgheadline6">Can I change mirrors after the system has been installed</h2> <h2 id="orge448ccd">Can I change mirrors after the system has been installed</h2>
<div class="outline-text-2" id="text-orgheadline6"> <div class="outline-text-2" id="text-orge448ccd">
<p> <p>
Yes. From the control panel select "<i>Set the main repository</i>" Yes. From the control panel select "<i>Set the main repository</i>"
</p> </p>
@ -240,9 +324,9 @@ Yes. From the control panel select "<i>Set the main repository</i>"
</div> </div>
</div> </div>
<div id="outline-container-orgheadline5" class="outline-2"> <div id="outline-container-orgae578f8" class="outline-2">
<h2 id="orgheadline5">What do I need to do to keep the mirrored repositories updated?</h2> <h2 id="orgae578f8">What do I need to do to keep the mirrored repositories updated?</h2>
<div class="outline-text-2" id="text-orgheadline5"> <div class="outline-text-2" id="text-orgae578f8">
<p> <p>
Nothing. That happens as part of regular automatic updates. Nothing. That happens as part of regular automatic updates.
</p> </p>

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2016-05-06 Fri 20:04 --> <!-- 2016-08-08 Mon 17:19 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -56,13 +56,96 @@
border: 1px solid black; border: 1px solid black;
} }
pre.src:hover:before { display: inline;} pre.src:hover:before { display: inline;}
pre.src-sh:before { content: 'sh'; } /* Languages per Org manual */
pre.src-bash:before { content: 'sh'; } pre.src-asymptote:before { content: 'Asymptote'; }
pre.src-awk:before { content: 'Awk'; }
pre.src-C:before { content: 'C'; }
/* pre.src-C++ doesn't work in CSS */
pre.src-clojure:before { content: 'Clojure'; }
pre.src-css:before { content: 'CSS'; }
pre.src-D:before { content: 'D'; }
pre.src-ditaa:before { content: 'ditaa'; }
pre.src-dot:before { content: 'Graphviz'; }
pre.src-calc:before { content: 'Emacs Calc'; }
pre.src-emacs-lisp:before { content: 'Emacs Lisp'; } pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
pre.src-R:before { content: 'R'; } pre.src-fortran:before { content: 'Fortran'; }
pre.src-perl:before { content: 'Perl'; } pre.src-gnuplot:before { content: 'gnuplot'; }
pre.src-java:before { content: 'Java'; } pre.src-haskell:before { content: 'Haskell'; }
pre.src-sql:before { content: 'SQL'; } pre.src-java:before { content: 'Java'; }
pre.src-js:before { content: 'Javascript'; }
pre.src-latex:before { content: 'LaTeX'; }
pre.src-ledger:before { content: 'Ledger'; }
pre.src-lisp:before { content: 'Lisp'; }
pre.src-lilypond:before { content: 'Lilypond'; }
pre.src-matlab:before { content: 'MATLAB'; }
pre.src-mscgen:before { content: 'Mscgen'; }
pre.src-ocaml:before { content: 'Objective Caml'; }
pre.src-octave:before { content: 'Octave'; }
pre.src-org:before { content: 'Org mode'; }
pre.src-oz:before { content: 'OZ'; }
pre.src-plantuml:before { content: 'Plantuml'; }
pre.src-processing:before { content: 'Processing.js'; }
pre.src-python:before { content: 'Python'; }
pre.src-R:before { content: 'R'; }
pre.src-ruby:before { content: 'Ruby'; }
pre.src-sass:before { content: 'Sass'; }
pre.src-scheme:before { content: 'Scheme'; }
pre.src-screen:before { content: 'Gnu Screen'; }
pre.src-sed:before { content: 'Sed'; }
pre.src-sh:before { content: 'shell'; }
pre.src-sql:before { content: 'SQL'; }
pre.src-sqlite:before { content: 'SQLite'; }
/* additional languages in org.el's org-babel-load-languages alist */
pre.src-forth:before { content: 'Forth'; }
pre.src-io:before { content: 'IO'; }
pre.src-J:before { content: 'J'; }
pre.src-makefile:before { content: 'Makefile'; }
pre.src-maxima:before { content: 'Maxima'; }
pre.src-perl:before { content: 'Perl'; }
pre.src-picolisp:before { content: 'Pico Lisp'; }
pre.src-scala:before { content: 'Scala'; }
pre.src-shell:before { content: 'Shell Script'; }
pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
/* additional language identifiers per "defun org-babel-execute"
in ob-*.el */
pre.src-cpp:before { content: 'C++'; }
pre.src-abc:before { content: 'ABC'; }
pre.src-coq:before { content: 'Coq'; }
pre.src-groovy:before { content: 'Groovy'; }
/* additional language identifiers from org-babel-shell-names in
ob-shell.el: ob-shell is the only babel language using a lambda to put
the execution function name together. */
pre.src-bash:before { content: 'bash'; }
pre.src-csh:before { content: 'csh'; }
pre.src-ash:before { content: 'ash'; }
pre.src-dash:before { content: 'dash'; }
pre.src-ksh:before { content: 'ksh'; }
pre.src-mksh:before { content: 'mksh'; }
pre.src-posh:before { content: 'posh'; }
/* Additional Emacs modes also supported by the LaTeX listings package */
pre.src-ada:before { content: 'Ada'; }
pre.src-asm:before { content: 'Assembler'; }
pre.src-caml:before { content: 'Caml'; }
pre.src-delphi:before { content: 'Delphi'; }
pre.src-html:before { content: 'HTML'; }
pre.src-idl:before { content: 'IDL'; }
pre.src-mercury:before { content: 'Mercury'; }
pre.src-metapost:before { content: 'MetaPost'; }
pre.src-modula-2:before { content: 'Modula-2'; }
pre.src-pascal:before { content: 'Pascal'; }
pre.src-ps:before { content: 'PostScript'; }
pre.src-prolog:before { content: 'Prolog'; }
pre.src-simula:before { content: 'Simula'; }
pre.src-tcl:before { content: 'tcl'; }
pre.src-tex:before { content: 'TeX'; }
pre.src-plain-tex:before { content: 'Plain TeX'; }
pre.src-verilog:before { content: 'Verilog'; }
pre.src-vhdl:before { content: 'VHDL'; }
pre.src-xml:before { content: 'XML'; }
pre.src-nxml:before { content: 'XML'; }
/* add a generic configuration mode; LaTeX export needs an additional
(add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
pre.src-conf:before { content: 'Configuration File'; }
table { border-collapse:collapse; } table { border-collapse:collapse; }
caption.t-above { caption-side: top; } caption.t-above { caption-side: top; }
@ -95,6 +178,7 @@
{ font-size: 10px; font-weight: bold; white-space: nowrap; } { font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight .org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; } { background-color: #ffff00; color: #000000; font-weight: bold; }
.org-svg { width: 90%; }
/*]]>*/--> /*]]>*/-->
</style> </style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" /> <link rel="stylesheet" type="text/css" href="solarized-light.css" />
@ -186,9 +270,9 @@ Mobile phones are insecure devices, but they're regarded as being so essential t
</table> </table>
</center> </center>
<div id="outline-container-orgc988f00" class="outline-2"> <div id="outline-container-org603725e" class="outline-2">
<h2 id="orgc988f00">Open</h2> <h2 id="org603725e">Open</h2>
<div class="outline-text-2" id="text-orgc988f00"> <div class="outline-text-2" id="text-org603725e">
<p> <p>
Use a Linux based phone operating system. Typically this will mean Android, but could also mean Cyanogenmod or Replicant. Cyanogen is the most preferable, because you can usually get an up to date image with a recent kernel which will give you better security against exploits. If you're buying a phone then look for a model which is supported by Cyanogenmod. Replicant is the most free (as in freedom) but only runs on a small number of phone models. If you have a phone which runs a full GNU/Linux system then that's fantastic, and you can probably use it in much the same way as a desktop system and the rest of the advice on this page won't apply. If you don't have a phone capable of running a Linux based operating system then consider selling, giving away or bartering your existing one. Use a Linux based phone operating system. Typically this will mean Android, but could also mean Cyanogenmod or Replicant. Cyanogen is the most preferable, because you can usually get an up to date image with a recent kernel which will give you better security against exploits. If you're buying a phone then look for a model which is supported by Cyanogenmod. Replicant is the most free (as in freedom) but only runs on a small number of phone models. If you have a phone which runs a full GNU/Linux system then that's fantastic, and you can probably use it in much the same way as a desktop system and the rest of the advice on this page won't apply. If you don't have a phone capable of running a Linux based operating system then consider selling, giving away or bartering your existing one.
</p> </p>
@ -199,45 +283,45 @@ Why is it so important to run Linux on a phone? Aren't <i>iThings</i> supposed t
</div> </div>
</div> </div>
<div id="outline-container-org6812923" class="outline-2"> <div id="outline-container-org6db6899" class="outline-2">
<h2 id="org6812923">Remove</h2> <h2 id="org6db6899">Remove</h2>
<div class="outline-text-2" id="text-org6812923"> <div class="outline-text-2" id="text-org6db6899">
<p> <p>
So maybe you're running Android and the phone came with some apps already installed. Almost certainly they'll be proprietary. Go to Settings/Apps and then uninstall or deactivate any apps which you really don't need. Mostly preinstalled apps are intended to send your data to companies who will then sell it to advertisers or governments under the business model of <i>surveillance capital</i>. It's not a good idea to get caught up in that, and to avoid becoming addicted to apps which are surveilling you without consent or installing spyware in the background without your knowledge. So maybe you're running Android and the phone came with some apps already installed. Almost certainly they'll be proprietary. Go to Settings/Apps and then uninstall or deactivate any apps which you really don't need. Mostly preinstalled apps are intended to send your data to companies who will then sell it to advertisers or governments under the business model of <i>surveillance capital</i>. It's not a good idea to get caught up in that, and to avoid becoming addicted to apps which are surveilling you without consent or installing spyware in the background without your knowledge.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orge0fcdf4" class="outline-2"> <div id="outline-container-orgc09c95e" class="outline-2">
<h2 id="orge0fcdf4">Encrypt</h2> <h2 id="orgc09c95e">Encrypt</h2>
<div class="outline-text-2" id="text-orge0fcdf4"> <div class="outline-text-2" id="text-orgc09c95e">
<p> <p>
Encrypt your phone. This can usually be done via <b>Settings/Security</b> and you may need to fully charge the phone first. Encryption means that if you lose your phone or it gets stolen then there is less chance that anyone who picks it up will get access to your data, photos and so on. Encrypt your phone. This can usually be done via <b>Settings/Security</b> and you may need to fully charge the phone first. Encryption means that if you lose your phone or it gets stolen then there is less chance that anyone who picks it up will get access to your data, photos and so on.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org87c1781" class="outline-2"> <div id="outline-container-org2e14d67" class="outline-2">
<h2 id="org87c1781">Apps</h2> <h2 id="org2e14d67">Apps</h2>
<div class="outline-text-2" id="text-org87c1781"> <div class="outline-text-2" id="text-org2e14d67">
<p> <p>
Installing <b>F-droid</b> and only adding any new apps via F-droid will ensure that you are always using free and open source software. Open source is not a panacea, since bugs can and do still occur, but it will help you to avoid the worst security and privacy pitfalls. Installing <b>F-droid</b> and only adding any new apps via F-droid will ensure that you are always using free and open source software. Open source is not a panacea, since bugs can and do still occur, but it will help you to avoid the worst security and privacy pitfalls.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgaca6fdb" class="outline-2"> <div id="outline-container-orgd826e0e" class="outline-2">
<h2 id="orgaca6fdb">Lock</h2> <h2 id="orgd826e0e">Lock</h2>
<div class="outline-text-2" id="text-orgaca6fdb"> <div class="outline-text-2" id="text-orgd826e0e">
<p> <p>
Add a lock screen, preferably with a password which is not easy for other people to guess or for quicker access with a PIN number. Install an app called <b>Locker</b>, activate it and set the maximum number of password guesses to ten (or whatever you feel comfortable with). If bad people get hold of your phone then they may try to brute force your lock screen password or PIN (i.e. automatically trying millions of common word and number combinations) and the locker app will prevent them from succeeding by resetting the phone back to its factory default condition and wiping the data. Add a lock screen, preferably with a password which is not easy for other people to guess or for quicker access with a PIN number. Install an app called <b>Locker</b>, activate it and set the maximum number of password guesses to ten (or whatever you feel comfortable with). If bad people get hold of your phone then they may try to brute force your lock screen password or PIN (i.e. automatically trying millions of common word and number combinations) and the locker app will prevent them from succeeding by resetting the phone back to its factory default condition and wiping the data.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org8852762" class="outline-2"> <div id="outline-container-org462e34f" class="outline-2">
<h2 id="org8852762">Onion</h2> <h2 id="org462e34f">Onion</h2>
<div class="outline-text-2" id="text-org8852762"> <div class="outline-text-2" id="text-org462e34f">
<p> <p>
Both governments and corporations want to compile matadata dossiers about you. Who you communicated with, when and how often. They want this so that they can data mine, simulate, predict and then ultimately influence (sometimes also called "nudge") your actions and preferences in the directions they prefer. By routing your connections through a number of proxy servers (Tor routers) you can make it perhaps not <i>theoretically</i> impossible but at least <i>very hard</i> for them to have a complete and accurate list of who your friends are, your religion, politics, likely health issues, sexual orientation and what news sites or books you read. Both governments and corporations want to compile matadata dossiers about you. Who you communicated with, when and how often. They want this so that they can data mine, simulate, predict and then ultimately influence (sometimes also called "nudge") your actions and preferences in the directions they prefer. By routing your connections through a number of proxy servers (Tor routers) you can make it perhaps not <i>theoretically</i> impossible but at least <i>very hard</i> for them to have a complete and accurate list of who your friends are, your religion, politics, likely health issues, sexual orientation and what news sites or books you read.
</p> </p>
@ -248,9 +332,9 @@ In F-droid under the <b>repositories</b> menu you can enable the <b>guardian pro
</div> </div>
</div> </div>
<div id="outline-container-org3c8b1c0" class="outline-2"> <div id="outline-container-org8818a9f" class="outline-2">
<h2 id="org3c8b1c0">ssh</h2> <h2 id="org8818a9f">ssh</h2>
<div class="outline-text-2" id="text-org3c8b1c0"> <div class="outline-text-2" id="text-org8818a9f">
<p> <p>
The most secure way to access email is via an ssh connection and shell interface. This is not highly convenient, but it does keep your email and GPG key off of the phone which improves your security. If your phone is subsequently stolen then even if an adversary can get past the lock screen <i>there are no emails stored on the phone</i>. Install <b>Connectbot</b>, generate an RSA key of at least 2048 bits and give it a password. Copy and paste the ssh public key to a pastebin and then add it to <i>home/myusername</i>.ssh/authorized keys on Freedombone. Then add an ssh account for the Freedombone, using port 2222. Before you log in you will need to ensure that the ssh key is unlocked. If you lose your phone then you can remove that public key from <i>authorized_keys</i> and anyone in possession of the phone will no longer be able to get ssh access to your system. The most secure way to access email is via an ssh connection and shell interface. This is not highly convenient, but it does keep your email and GPG key off of the phone which improves your security. If your phone is subsequently stolen then even if an adversary can get past the lock screen <i>there are no emails stored on the phone</i>. Install <b>Connectbot</b>, generate an RSA key of at least 2048 bits and give it a password. Copy and paste the ssh public key to a pastebin and then add it to <i>home/myusername</i>.ssh/authorized keys on Freedombone. Then add an ssh account for the Freedombone, using port 2222. Before you log in you will need to ensure that the ssh key is unlocked. If you lose your phone then you can remove that public key from <i>authorized_keys</i> and anyone in possession of the phone will no longer be able to get ssh access to your system.
</p> </p>
@ -261,18 +345,18 @@ This is a <i>defense in depth</i> approach in which there are multiple hurdles w
</div> </div>
</div> </div>
<div id="outline-container-org9fad5e1" class="outline-2"> <div id="outline-container-orgf468a25" class="outline-2">
<h2 id="org9fad5e1">Services</h2> <h2 id="orgf468a25">Services</h2>
<div class="outline-text-2" id="text-org9fad5e1"> <div class="outline-text-2" id="text-orgf468a25">
<p> <p>
For information on configuring various apps to work with Freedombone see the <a href="./usage.html">usage section</a>. Also see advice on chat apps in the <a href="./faq.html">FAQ</a>. For information on configuring various apps to work with Freedombone see the <a href="./usage.html">usage section</a>. Also see advice on chat apps in the <a href="./faq.html">FAQ</a>.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org27ba21c" class="outline-2"> <div id="outline-container-org47ef0a2" class="outline-2">
<h2 id="org27ba21c">Battery preservation</h2> <h2 id="org47ef0a2">Battery preservation</h2>
<div class="outline-text-2" id="text-org27ba21c"> <div class="outline-text-2" id="text-org47ef0a2">
<p> <p>
Even with free software apps it's not difficult to get into a situation where your battery doesn't last for long. To maximize battery life access RSS feeds via the onion-based mobile reader within a Tor-compatible browser and not from a locally installed RSS app. Even with free software apps it's not difficult to get into a situation where your battery doesn't last for long. To maximize battery life access RSS feeds via the onion-based mobile reader within a Tor-compatible browser and not from a locally installed RSS app.
</p> </p>

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2016-04-10 Sun 10:46 --> <!-- 2016-08-08 Mon 17:20 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -56,13 +56,96 @@
border: 1px solid black; border: 1px solid black;
} }
pre.src:hover:before { display: inline;} pre.src:hover:before { display: inline;}
pre.src-sh:before { content: 'sh'; } /* Languages per Org manual */
pre.src-bash:before { content: 'sh'; } pre.src-asymptote:before { content: 'Asymptote'; }
pre.src-awk:before { content: 'Awk'; }
pre.src-C:before { content: 'C'; }
/* pre.src-C++ doesn't work in CSS */
pre.src-clojure:before { content: 'Clojure'; }
pre.src-css:before { content: 'CSS'; }
pre.src-D:before { content: 'D'; }
pre.src-ditaa:before { content: 'ditaa'; }
pre.src-dot:before { content: 'Graphviz'; }
pre.src-calc:before { content: 'Emacs Calc'; }
pre.src-emacs-lisp:before { content: 'Emacs Lisp'; } pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
pre.src-R:before { content: 'R'; } pre.src-fortran:before { content: 'Fortran'; }
pre.src-perl:before { content: 'Perl'; } pre.src-gnuplot:before { content: 'gnuplot'; }
pre.src-java:before { content: 'Java'; } pre.src-haskell:before { content: 'Haskell'; }
pre.src-sql:before { content: 'SQL'; } pre.src-java:before { content: 'Java'; }
pre.src-js:before { content: 'Javascript'; }
pre.src-latex:before { content: 'LaTeX'; }
pre.src-ledger:before { content: 'Ledger'; }
pre.src-lisp:before { content: 'Lisp'; }
pre.src-lilypond:before { content: 'Lilypond'; }
pre.src-matlab:before { content: 'MATLAB'; }
pre.src-mscgen:before { content: 'Mscgen'; }
pre.src-ocaml:before { content: 'Objective Caml'; }
pre.src-octave:before { content: 'Octave'; }
pre.src-org:before { content: 'Org mode'; }
pre.src-oz:before { content: 'OZ'; }
pre.src-plantuml:before { content: 'Plantuml'; }
pre.src-processing:before { content: 'Processing.js'; }
pre.src-python:before { content: 'Python'; }
pre.src-R:before { content: 'R'; }
pre.src-ruby:before { content: 'Ruby'; }
pre.src-sass:before { content: 'Sass'; }
pre.src-scheme:before { content: 'Scheme'; }
pre.src-screen:before { content: 'Gnu Screen'; }
pre.src-sed:before { content: 'Sed'; }
pre.src-sh:before { content: 'shell'; }
pre.src-sql:before { content: 'SQL'; }
pre.src-sqlite:before { content: 'SQLite'; }
/* additional languages in org.el's org-babel-load-languages alist */
pre.src-forth:before { content: 'Forth'; }
pre.src-io:before { content: 'IO'; }
pre.src-J:before { content: 'J'; }
pre.src-makefile:before { content: 'Makefile'; }
pre.src-maxima:before { content: 'Maxima'; }
pre.src-perl:before { content: 'Perl'; }
pre.src-picolisp:before { content: 'Pico Lisp'; }
pre.src-scala:before { content: 'Scala'; }
pre.src-shell:before { content: 'Shell Script'; }
pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
/* additional language identifiers per "defun org-babel-execute"
in ob-*.el */
pre.src-cpp:before { content: 'C++'; }
pre.src-abc:before { content: 'ABC'; }
pre.src-coq:before { content: 'Coq'; }
pre.src-groovy:before { content: 'Groovy'; }
/* additional language identifiers from org-babel-shell-names in
ob-shell.el: ob-shell is the only babel language using a lambda to put
the execution function name together. */
pre.src-bash:before { content: 'bash'; }
pre.src-csh:before { content: 'csh'; }
pre.src-ash:before { content: 'ash'; }
pre.src-dash:before { content: 'dash'; }
pre.src-ksh:before { content: 'ksh'; }
pre.src-mksh:before { content: 'mksh'; }
pre.src-posh:before { content: 'posh'; }
/* Additional Emacs modes also supported by the LaTeX listings package */
pre.src-ada:before { content: 'Ada'; }
pre.src-asm:before { content: 'Assembler'; }
pre.src-caml:before { content: 'Caml'; }
pre.src-delphi:before { content: 'Delphi'; }
pre.src-html:before { content: 'HTML'; }
pre.src-idl:before { content: 'IDL'; }
pre.src-mercury:before { content: 'Mercury'; }
pre.src-metapost:before { content: 'MetaPost'; }
pre.src-modula-2:before { content: 'Modula-2'; }
pre.src-pascal:before { content: 'Pascal'; }
pre.src-ps:before { content: 'PostScript'; }
pre.src-prolog:before { content: 'Prolog'; }
pre.src-simula:before { content: 'Simula'; }
pre.src-tcl:before { content: 'tcl'; }
pre.src-tex:before { content: 'TeX'; }
pre.src-plain-tex:before { content: 'Plain TeX'; }
pre.src-verilog:before { content: 'Verilog'; }
pre.src-vhdl:before { content: 'VHDL'; }
pre.src-xml:before { content: 'XML'; }
pre.src-nxml:before { content: 'XML'; }
/* add a generic configuration mode; LaTeX export needs an additional
(add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
pre.src-conf:before { content: 'Configuration File'; }
table { border-collapse:collapse; } table { border-collapse:collapse; }
caption.t-above { caption-side: top; } caption.t-above { caption-side: top; }
@ -95,6 +178,7 @@
{ font-size: 10px; font-weight: bold; white-space: nowrap; } { font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight .org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; } { background-color: #ffff00; color: #000000; font-weight: bold; }
.org-svg { width: 90%; }
/*]]>*/--> /*]]>*/-->
</style> </style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" /> <link rel="stylesheet" type="text/css" href="solarized-light.css" />

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2016-04-06 Wed 08:14 --> <!-- 2016-08-08 Mon 17:20 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -56,13 +56,96 @@
border: 1px solid black; border: 1px solid black;
} }
pre.src:hover:before { display: inline;} pre.src:hover:before { display: inline;}
pre.src-sh:before { content: 'sh'; } /* Languages per Org manual */
pre.src-bash:before { content: 'sh'; } pre.src-asymptote:before { content: 'Asymptote'; }
pre.src-awk:before { content: 'Awk'; }
pre.src-C:before { content: 'C'; }
/* pre.src-C++ doesn't work in CSS */
pre.src-clojure:before { content: 'Clojure'; }
pre.src-css:before { content: 'CSS'; }
pre.src-D:before { content: 'D'; }
pre.src-ditaa:before { content: 'ditaa'; }
pre.src-dot:before { content: 'Graphviz'; }
pre.src-calc:before { content: 'Emacs Calc'; }
pre.src-emacs-lisp:before { content: 'Emacs Lisp'; } pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
pre.src-R:before { content: 'R'; } pre.src-fortran:before { content: 'Fortran'; }
pre.src-perl:before { content: 'Perl'; } pre.src-gnuplot:before { content: 'gnuplot'; }
pre.src-java:before { content: 'Java'; } pre.src-haskell:before { content: 'Haskell'; }
pre.src-sql:before { content: 'SQL'; } pre.src-java:before { content: 'Java'; }
pre.src-js:before { content: 'Javascript'; }
pre.src-latex:before { content: 'LaTeX'; }
pre.src-ledger:before { content: 'Ledger'; }
pre.src-lisp:before { content: 'Lisp'; }
pre.src-lilypond:before { content: 'Lilypond'; }
pre.src-matlab:before { content: 'MATLAB'; }
pre.src-mscgen:before { content: 'Mscgen'; }
pre.src-ocaml:before { content: 'Objective Caml'; }
pre.src-octave:before { content: 'Octave'; }
pre.src-org:before { content: 'Org mode'; }
pre.src-oz:before { content: 'OZ'; }
pre.src-plantuml:before { content: 'Plantuml'; }
pre.src-processing:before { content: 'Processing.js'; }
pre.src-python:before { content: 'Python'; }
pre.src-R:before { content: 'R'; }
pre.src-ruby:before { content: 'Ruby'; }
pre.src-sass:before { content: 'Sass'; }
pre.src-scheme:before { content: 'Scheme'; }
pre.src-screen:before { content: 'Gnu Screen'; }
pre.src-sed:before { content: 'Sed'; }
pre.src-sh:before { content: 'shell'; }
pre.src-sql:before { content: 'SQL'; }
pre.src-sqlite:before { content: 'SQLite'; }
/* additional languages in org.el's org-babel-load-languages alist */
pre.src-forth:before { content: 'Forth'; }
pre.src-io:before { content: 'IO'; }
pre.src-J:before { content: 'J'; }
pre.src-makefile:before { content: 'Makefile'; }
pre.src-maxima:before { content: 'Maxima'; }
pre.src-perl:before { content: 'Perl'; }
pre.src-picolisp:before { content: 'Pico Lisp'; }
pre.src-scala:before { content: 'Scala'; }
pre.src-shell:before { content: 'Shell Script'; }
pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
/* additional language identifiers per "defun org-babel-execute"
in ob-*.el */
pre.src-cpp:before { content: 'C++'; }
pre.src-abc:before { content: 'ABC'; }
pre.src-coq:before { content: 'Coq'; }
pre.src-groovy:before { content: 'Groovy'; }
/* additional language identifiers from org-babel-shell-names in
ob-shell.el: ob-shell is the only babel language using a lambda to put
the execution function name together. */
pre.src-bash:before { content: 'bash'; }
pre.src-csh:before { content: 'csh'; }
pre.src-ash:before { content: 'ash'; }
pre.src-dash:before { content: 'dash'; }
pre.src-ksh:before { content: 'ksh'; }
pre.src-mksh:before { content: 'mksh'; }
pre.src-posh:before { content: 'posh'; }
/* Additional Emacs modes also supported by the LaTeX listings package */
pre.src-ada:before { content: 'Ada'; }
pre.src-asm:before { content: 'Assembler'; }
pre.src-caml:before { content: 'Caml'; }
pre.src-delphi:before { content: 'Delphi'; }
pre.src-html:before { content: 'HTML'; }
pre.src-idl:before { content: 'IDL'; }
pre.src-mercury:before { content: 'Mercury'; }
pre.src-metapost:before { content: 'MetaPost'; }
pre.src-modula-2:before { content: 'Modula-2'; }
pre.src-pascal:before { content: 'Pascal'; }
pre.src-ps:before { content: 'PostScript'; }
pre.src-prolog:before { content: 'Prolog'; }
pre.src-simula:before { content: 'Simula'; }
pre.src-tcl:before { content: 'tcl'; }
pre.src-tex:before { content: 'TeX'; }
pre.src-plain-tex:before { content: 'Plain TeX'; }
pre.src-verilog:before { content: 'Verilog'; }
pre.src-vhdl:before { content: 'VHDL'; }
pre.src-xml:before { content: 'XML'; }
pre.src-nxml:before { content: 'XML'; }
/* add a generic configuration mode; LaTeX export needs an additional
(add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
pre.src-conf:before { content: 'Configuration File'; }
table { border-collapse:collapse; } table { border-collapse:collapse; }
caption.t-above { caption-side: top; } caption.t-above { caption-side: top; }
@ -95,6 +178,7 @@
{ font-size: 10px; font-weight: bold; white-space: nowrap; } { font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight .org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; } { background-color: #ffff00; color: #000000; font-weight: bold; }
.org-svg { width: 90%; }
/*]]>*/--> /*]]>*/-->
</style> </style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" /> <link rel="stylesheet" type="text/css" href="solarized-light.css" />
@ -162,9 +246,9 @@ for the JavaScript code in this tag.
<h1>Support</h1> <h1>Support</h1>
</center> </center>
<div id="outline-container-orgheadline1" class="outline-2"> <div id="outline-container-org043f153" class="outline-2">
<h2 id="orgheadline1">Contact details</h2> <h2 id="org043f153">Contact details</h2>
<div class="outline-text-2" id="text-orgheadline1"> <div class="outline-text-2" id="text-org043f153">
<p> <p>
This site can also be accessed via a Tor browser at <b>4fvfozz6g3zmvf76.onion</b> This site can also be accessed via a Tor browser at <b>4fvfozz6g3zmvf76.onion</b>
</p> </p>
@ -191,21 +275,21 @@ This site can also be accessed via a Tor browser at <b>4fvfozz6g3zmvf76.onion</b
</div> </div>
</div> </div>
<div id="outline-container-orgheadline9" class="outline-2"> <div id="outline-container-org6910c34" class="outline-2">
<h2 id="orgheadline9">Things which would be nice to have</h2> <h2 id="org6910c34">Things which would be nice to have</h2>
<div class="outline-text-2" id="text-orgheadline9"> <div class="outline-text-2" id="text-org6910c34">
</div><div id="outline-container-orgheadline2" class="outline-3"> </div><div id="outline-container-org60f0fd7" class="outline-3">
<h3 id="orgheadline2">Ideas</h3> <h3 id="org60f0fd7">Ideas</h3>
<div class="outline-text-3" id="text-orgheadline2"> <div class="outline-text-3" id="text-org60f0fd7">
<p> <p>
Know of some fabulous web system which could run on Freedombone, but currently doesn't? Contact the above, and be prepared to make a compelling argument for why it should be included. Know of some fabulous web system which could run on Freedombone, but currently doesn't? Contact the above, and be prepared to make a compelling argument for why it should be included.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline3" class="outline-3"> <div id="outline-container-org8772744" class="outline-3">
<h3 id="orgheadline3">Money</h3> <h3 id="org8772744">Money</h3>
<div class="outline-text-3" id="text-orgheadline3"> <div class="outline-text-3" id="text-org8772744">
<p> <p>
At the present time this project is not seeking any funding. There is no crowdfunding campaign and no slick marketing video. Those aren't ruled out as future possibilities, but for now they're just not needed. At the present time this project is not seeking any funding. There is no crowdfunding campaign and no slick marketing video. Those aren't ruled out as future possibilities, but for now they're just not needed.
</p> </p>
@ -216,27 +300,27 @@ If you find this project useful then you may wish to consider donating to <a hre
</div> </div>
</div> </div>
<div id="outline-container-orgheadline4" class="outline-3"> <div id="outline-container-orgf3a6c70" class="outline-3">
<h3 id="orgheadline4">Testing and reporting bugs</h3> <h3 id="orgf3a6c70">Testing and reporting bugs</h3>
<div class="outline-text-3" id="text-orgheadline4"> <div class="outline-text-3" id="text-orgf3a6c70">
<p> <p>
Testing of the install on different hardware. Also pentesting on test installations to find vulnerabilities. Testing of the install on different hardware. Also pentesting on test installations to find vulnerabilities.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline5" class="outline-3"> <div id="outline-container-org47fd2dc" class="outline-3">
<h3 id="orgheadline5">Web design and artwork</h3> <h3 id="org47fd2dc">Web design and artwork</h3>
<div class="outline-text-3" id="text-orgheadline5"> <div class="outline-text-3" id="text-org47fd2dc">
<p> <p>
A better design for this website would be nice to have. Photos, icons or other artwork are all welcome. I've always liked the cartoon artwork of the <a href="http://www.mediagoblin.org/">Mediagoblin</a> project, and attractive graphics can help to get people initially interested. A better design for this website would be nice to have. Photos, icons or other artwork are all welcome. I've always liked the cartoon artwork of the <a href="https://www.mediagoblin.org/">Mediagoblin</a> project, and attractive graphics can help to get people initially interested.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline6" class="outline-3"> <div id="outline-container-org614c269" class="outline-3">
<h3 id="orgheadline6">More education and promotion</h3> <h3 id="org614c269">More education and promotion</h3>
<div class="outline-text-3" id="text-orgheadline6"> <div class="outline-text-3" id="text-org614c269">
<div class="org-center"> <div class="org-center">
<div class="figure"> <div class="figure">
@ -254,18 +338,18 @@ Raising awareness beyond the near zero current level, overcoming fear and parano
</div> </div>
</div> </div>
<div id="outline-container-orgheadline7" class="outline-3"> <div id="outline-container-org55ed8d3" class="outline-3">
<h3 id="orgheadline7">Translations</h3> <h3 id="org55ed8d3">Translations</h3>
<div class="outline-text-3" id="text-orgheadline7"> <div class="outline-text-3" id="text-org55ed8d3">
<p> <p>
To add translations modify the json files within the <b>locale</b> subdirectory. Then make a pull request on the <a href="https://github.com/bashrc/freedombone">Github site</a>. To add translations modify the json files within the <b>locale</b> subdirectory. Then make a pull request on the <a href="https://github.com/bashrc/freedombone">Github site</a>.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline8" class="outline-3"> <div id="outline-container-org83bbf21" class="outline-3">
<h3 id="orgheadline8">Packaging</h3> <h3 id="org83bbf21">Packaging</h3>
<div class="outline-text-3" id="text-orgheadline8"> <div class="outline-text-3" id="text-org83bbf21">
<p> <p>
Helping to package GNU Social and Hubzilla for Debian would be beneficial. Helping to package GNU Social and Hubzilla for Debian would be beneficial.
</p> </p>

View File

@ -1,272 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-01-07 Thu 14:34 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
<meta name="generator" content="Org-mode" />
<meta name="author" content="Bob Mottram" />
<meta name="description" content="Turn the Beaglebone Black into a personal communications server"
/>
<meta name="keywords" content="freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber" />
<style type="text/css">
<!--/*--><![CDATA[/*><!--*/
.title { text-align: center;
margin-bottom: .2em; }
.subtitle { text-align: center;
font-size: medium;
font-weight: bold;
margin-top:0; }
.todo { font-family: monospace; color: red; }
.done { font-family: monospace; color: green; }
.priority { font-family: monospace; color: orange; }
.tag { background-color: #eee; font-family: monospace;
padding: 2px; font-size: 80%; font-weight: normal; }
.timestamp { color: #bebebe; }
.timestamp-kwd { color: #5f9ea0; }
.org-right { margin-left: auto; margin-right: 0px; text-align: right; }
.org-left { margin-left: 0px; margin-right: auto; text-align: left; }
.org-center { margin-left: auto; margin-right: auto; text-align: center; }
.underline { text-decoration: underline; }
#postamble p, #preamble p { font-size: 90%; margin: .2em; }
p.verse { margin-left: 3%; }
pre {
border: 1px solid #ccc;
box-shadow: 3px 3px 3px #eee;
padding: 8pt;
font-family: monospace;
overflow: auto;
margin: 1.2em;
}
pre.src {
position: relative;
overflow: visible;
padding-top: 1.2em;
}
pre.src:before {
display: none;
position: absolute;
background-color: white;
top: -10px;
right: 10px;
padding: 3px;
border: 1px solid black;
}
pre.src:hover:before { display: inline;}
pre.src-sh:before { content: 'sh'; }
pre.src-bash:before { content: 'sh'; }
pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
pre.src-R:before { content: 'R'; }
pre.src-perl:before { content: 'Perl'; }
pre.src-java:before { content: 'Java'; }
pre.src-sql:before { content: 'SQL'; }
table { border-collapse:collapse; }
caption.t-above { caption-side: top; }
caption.t-bottom { caption-side: bottom; }
td, th { vertical-align:top; }
th.org-right { text-align: center; }
th.org-left { text-align: center; }
th.org-center { text-align: center; }
td.org-right { text-align: right; }
td.org-left { text-align: left; }
td.org-center { text-align: center; }
dt { font-weight: bold; }
.footpara:nth-child(2) { display: inline; }
.footpara { display: block; }
.footdef { margin-bottom: 1em; }
.figure { padding: 1em; }
.figure p { text-align: center; }
.inlinetask {
padding: 10px;
border: 2px solid gray;
margin: 10px;
background: #ffffcc;
}
#org-div-home-and-up
{ text-align: right; font-size: 70%; white-space: nowrap; }
textarea { overflow-x: auto; }
.linenr { font-size: smaller }
.code-highlighted { background-color: #ffff00; }
.org-info-js_info-navigation { border-style: none; }
#org-info-js_console-label
{ font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" />
<script type="text/javascript">
/*
@licstart The following is the entire license notice for the
JavaScript code in this tag.
Copyright (C) 2012-2013 Free Software Foundation, Inc.
The JavaScript code in this tag is free software: you can
redistribute it and/or modify it under the terms of the GNU
General Public License (GNU GPL) as published by the Free Software
Foundation, either version 3 of the License, or (at your option)
any later version. The code is distributed WITHOUT ANY WARRANTY;
without even the implied warranty of MERCHANTABILITY or FITNESS
FOR A PARTICULAR PURPOSE. See the GNU GPL for more details.
As additional permission under GNU GPL version 3 section 7, you
may distribute non-source (e.g., minimized or compacted) forms of
that code without the copy of the GNU GPL normally required by
section 4, provided you include this license notice and a URL
through which recipients can access the Corresponding Source.
@licend The above is the entire license notice
for the JavaScript code in this tag.
*/
<!--/*--><![CDATA[/*><!--*/
function CodeHighlightOn(elem, id)
{
var target = document.getElementById(id);
if(null != target) {
elem.cacheClassElem = elem.className;
elem.cacheClassTarget = target.className;
target.className = "code-highlighted";
elem.className = "code-highlighted";
}
}
function CodeHighlightOff(elem, id)
{
var target = document.getElementById(id);
if(elem.cacheClassElem)
elem.className = elem.cacheClassElem;
if(elem.cacheClassTarget)
target.className = elem.cacheClassTarget;
}
/*]]>*///-->
</script>
</head>
<body>
<div id="preamble" class="status">
<a name="top" id="top"></a>
</div>
<div id="content">
<div class="center">
<div class="figure">
<p><img src="images/logo.png" alt="logo.png" />
</p>
</div>
</div>
<center>
<table style="width:50%; border:0">
<tr>
<td><center><a href="variants.html">Variants</a></center></td>
<td><center><a href="installation.html">Install</a></center></td>
<td><center><a href="usage.html">Use</a></center></td>
<td><center><a href="backups.html">Backups</a></center></td>
</tr>
<tr>
<td><center><a href="code.html">Code</a></center></td>
<td><center><a href="related.html">Related</a></center></td>
<td><center><a href="faq.html">F.A.Q.</a></center></td>
<td><center><a href="support.html">Contact/Support</a></center></td>
</tr>
</table>
</center>
<p>
With the right technology the internet can be a space for free expression, exploration, cooperation, learning and fun. A place to connect with others are share experiences. It doesn't have to be a gloomy surveillance prison owned and run by a diabolical synthesis of money-grabbing megacorporations and prurient government spooks. Freedombone is designed to help you surmount the contemporary digital privacy conundrums and to increase your online autonomy. It's a self-hosted home server configuration which can be installed onto any computer capable of running <a href="https://www.debian.org/">Debian</a>, so if you have an old laptop or netbook which you can leave turned on then you can use Freedombone to provide your own internet services, such as blogging, wiki, email, chat and social networking and have independence from the well known internet companies.
</p>
<p>
This is personal or family scale computing, which can then federate to global proportions. We need <i>community controlled</i> information systems and to achieve that they must be inexpensive and simple to install and maintain. This is the opposite of the current dominant paradigm of <a href="https://www.youtube.com/watch?v=XZmGGAbHqa0">titanic server warehouses</a> owned by a tiny number of individuals and it's what is sometimes refered to as <a href="http://mediagoblin.org/news/userops.html">"userops"</a> - i.e. a user being able to do what traditionally only a professional systems administrator would be able to.
</p>
<p>
With a system installed in your home you also have greater legal protection against unwarranted searches. In general as soon as you put your information onto systems which you don't own then you no longer have the same property rights over it, together with "<i>no reasonable expectation of privacy</i>". We all know that's a nonsense, and so maybe we should do something about it.
</p>
<blockquote>
<p>
"With the increasing move of our computing to cloud infrastructures, we give up the control of our computing to the managers of those infrastructures. Our terminals (laptops, desktops) might now be running entirely on Free Software, but this is increasingly irrelevant given that most of what actually matters gets executed on a remote closed system that we dont control. The Free Software community needs to work to help users keep the control of all their computing, by developing suitable alternatives and facilitating their deployment." &#x2013; Lucas Nussbaum
</p>
</blockquote>
<p>
Today everyone is concerned about privacy on the internet. Wanting privacy doesn't necessarily mean you have "something to hide". It just means having the ability to choose <i>what information to share, with whom and under what conditions</i> and therefore being able to shape your own life story. The loss of ability to choose via the "involuntary sharing" which many people experience when using communications systems built by the well known internet companies, means that you're no longer really running your own affairs and that others may begin to exert an improper amount of influence over you. Mass surveillance is perhaps the ultimate in involuntary sharing and it's only through the use of freedom respecting software together with a solid determination to overcome state and corporate abuses of technology that we can hope to get to the kind of internet in which respect for human dignity is built in as a core feature.
</p>
<div class="center">
<div class="figure">
<p><img src="images/nocloud.png" alt="nocloud.png" />
</p>
</div>
</div>
<p>
Another problem is the precariousness of the terms of service. Except in rare cases such terms are not easy to read, so many people end up clicking through terms which if explained more clearly they would never agree to. Over the past decade many internet users have had the unpleasant experience of having their blogs, videos or other web content inexplicably removed, typically due to some ill-defined terms of service violation or a false accusation of copyright infringement.
</p>
<p>
You can bypass all of these dilemmas and take back ownership of your internet content with Freedombone. Originally based upon the Beaglebone Black, Freedombone is a small and cheap home server which enables you to use email, have your own web site and do social networking without any built-in spying and without having to agree to any legal terms of service other than those of your ISP. It provides independence and security in an era where those things are in short supply.
</p>
<blockquote>
<p>
"The deepest problem is that the system architecture that has evolved in recent years holds masses of information on many people with no intelligence value, but with vast potential for political abuse." &#x2013; Ross Anderson
</p>
</blockquote>
<p>
Freedombone is an example of the internet as it was supposed to be: a network of peers, rather than a small number of gigantic server farms with everyone connecting to them. Even if they're well run, centralised server farms become a conspicuous target for <i>all kinds of nefariousness</i> and in any future wars they're bound to be amongst the first facilities to receive the "<i>shock and awe</i>" treatment. Also consider just what is being "farmed". If a robust information society is desirable then excessive centralisation of control over information should be avoided.
</p>
<p>
An emphasis of the Freedombone project is the protection of private communications from indiscriminate mass surveillance, otherwise known as "<i>bulk intercept</i>" or "<i>warrantless wiretapping</i>". With only a few exceptions data entering and leaving the system is encrypted using settings recommended by <a href="https://bettercrypto.org/">bettercrypto.org</a>. Stored emails are encrypted such that only someone knowing your GPG password can read them and a GPG key is created automatically if you don't already have one. The system is firewalled with only the necessary ports being opened. Exclusively <a href="http://en.wikipedia.org/wiki/Free_software">free software</a> is used so that all of it can potentially be security audited and proprietary repositories are disabled by default. There are still numerous security problems with the internet in general and software always contains bugs, but a best attempt has been made to ensure that the Freedombone is at least more secure than average.
</p>
<center>
This site can also be accessed via a Tor browser at <a href="4fvfozz6g3zmvf76.onion">4fvfozz6g3zmvf76.onion</a>
</center>
</div>
<div id="postamble" class="status">
<style type="text/css">
.back-to-top {
position: fixed;
bottom: 2em;
right: 0px;
text-decoration: none;
color: #000000;
background-color: rgba(235, 235, 235, 0.80);
font-size: 12px;
padding: 1em;
display: none;
}
.back-to-top:hover {
background-color: rgba(135, 135, 135, 0.50);
}
</style>
<div class="back-to-top">
<a href="#top">Back to top</a> | <a href="mailto:bob@robotics.uk.to">E-mail me</a>
</div>
<script type="text/javascript">
var offset = 220;
var duration = 500;
jQuery(window).scroll(function() {
if (jQuery(this).scrollTop() > offset) {
jQuery('.back-to-top').fadeIn(duration);
} else {
jQuery('.back-to-top').fadeOut(duration);
}
});
</script>
</div>
</body>
</html>

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2016-06-21 Tue 21:44 --> <!-- 2016-08-08 Mon 17:20 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -178,6 +178,7 @@
{ font-size: 10px; font-weight: bold; white-space: nowrap; } { font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight .org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; } { background-color: #ffff00; color: #000000; font-weight: bold; }
.org-svg { width: 90%; }
/*]]>*/--> /*]]>*/-->
</style> </style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" /> <link rel="stylesheet" type="text/css" href="solarized-light.css" />
@ -253,15 +254,15 @@ for the JavaScript code in this tag.
</colgroup> </colgroup>
<tbody> <tbody>
<tr> <tr>
<td class="org-left"><a href="#orge3d9d37">Readme</a></td> <td class="org-left"><a href="#org8df4c1a">Readme</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org595826c">Improving ssh security</a></td> <td class="org-left"><a href="#org0ece9b9">Improving ssh security</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org432abd5">Administrating the system via an onion address (Tor)</a></td> <td class="org-left"><a href="#org3a2883b">Administrating the system via an onion address (Tor)</a></td>
</tr> </tr>
<tr> <tr>
@ -273,46 +274,46 @@ for the JavaScript code in this tag.
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgfc22380">Syncing to the Cloud</a></td> <td class="org-left"><a href="#org9c7dc70">Syncing to the Cloud</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org90179f1">Play Music</a></td> <td class="org-left"><a href="#orgd4cedd9">Play Music</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orga7f2adf">Microblogging (GNU Social)</a></td> <td class="org-left"><a href="#org7074e86">Microblogging (GNU Social)</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org5f01d74">Sharing things</a></td> <td class="org-left"><a href="#org4852d92">Sharing things</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgc69bdef">Social Network</a></td> <td class="org-left"><a href="#org5596b58">Social Network</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org86b14a3">Chat Services</a></td> <td class="org-left"><a href="#orgcac4966">Chat Services</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#org3fc8f93">RSS Reader</a></td> <td class="org-left"><a href="#orgff77a66">RSS Reader</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgabf039d">Git Projects</a></td> <td class="org-left"><a href="#org7d41716">Git Projects</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgc1f220c">Adding or removing users</a></td> <td class="org-left"><a href="#org9b9f095">Adding or removing users</a></td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
<div id="outline-container-orge3d9d37" class="outline-2"> <div id="outline-container-org8df4c1a" class="outline-2">
<h2 id="orge3d9d37">Readme</h2> <h2 id="org8df4c1a">Readme</h2>
<div class="outline-text-2" id="text-orge3d9d37"> <div class="outline-text-2" id="text-org8df4c1a">
<p> <p>
After the system has installed a README file will be generated which contains passwords and some brief advice on using the installed systems. You can read this with the following commands: After the system has installed a README file will be generated which contains passwords and some brief advice on using the installed systems. You can read this with the following commands:
</p> </p>
@ -325,7 +326,7 @@ emacs ~/README
</div> </div>
<p> <p>
You should transfer any passwords to a password manager such as <a href="http://www.keepassx.org/">KeepassX</a> and then delete them from the README file. To save the file after removing passwords use <b>CTRL-x CTRL-s</b>. You should transfer any passwords to a password manager such as <a href="https://www.keepassx.org/">KeepassX</a> and then delete them from the README file. To save the file after removing passwords use <b>CTRL-x CTRL-s</b>.
</p> </p>
<p> <p>
@ -333,9 +334,9 @@ To exit you can either just close the terminal or use <b>CTRL-x CTRL-c</b> follo
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org595826c" class="outline-2"> <div id="outline-container-org0ece9b9" class="outline-2">
<h2 id="org595826c">Improving ssh security</h2> <h2 id="org0ece9b9">Improving ssh security</h2>
<div class="outline-text-2" id="text-org595826c"> <div class="outline-text-2" id="text-org0ece9b9">
<p> <p>
To improve ssh security you can generate an ssh key pair on your system and then upload the public key to the Freedombone. To improve ssh security you can generate an ssh key pair on your system and then upload the public key to the Freedombone.
</p> </p>
@ -388,9 +389,9 @@ If you wish to only use ssh keys then log in to the Freedombone, become the root
</div> </div>
</div> </div>
<div id="outline-container-org432abd5" class="outline-2"> <div id="outline-container-org3a2883b" class="outline-2">
<h2 id="org432abd5">Administrating the system via an onion address (Tor)</h2> <h2 id="org3a2883b">Administrating the system via an onion address (Tor)</h2>
<div class="outline-text-2" id="text-org432abd5"> <div class="outline-text-2" id="text-org3a2883b">
<p> <p>
You can also access your system via the Tor system using an onion address. To find out what the onion address for ssh access is you can do the following: You can also access your system via the Tor system using an onion address. To find out what the onion address for ssh access is you can do the following:
</p> </p>
@ -436,11 +437,11 @@ Subsequently even if dynamic DNS isn't working you may still be able to administ
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgfc22380" class="outline-2"> <div id="outline-container-org9c7dc70" class="outline-2">
<h2 id="orgfc22380">Syncing to the Cloud</h2> <h2 id="org9c7dc70">Syncing to the Cloud</h2>
<div class="outline-text-2" id="text-orgfc22380"> <div class="outline-text-2" id="text-org9c7dc70">
<p> <p>
<a href="https://syncthing.net/">Syncthing</a> provides a similar capability to proprietary systems such as <a href="http://www.drop-dropbox.com/">Dropbox</a>, and also is well suited for use with low power single board computers. You can have one or more directories which are synchronized across your various laptops/desktops/devices, and this makes it hard for you to ever lose important files. The manner in which the synchronization is done is pretty secure, such that it would be difficult for passive adversaries (mass surveillance, "<i>men in the middle</i>", etc) to know what files you're sharing. Of course, you don't necessarily need to be running a server in order to use Syncthing, but if you do have a server which is always running then there's always at least one place to synchronize your files to or from. <a href="https://syncthing.net/">Syncthing</a> provides a similar capability to proprietary systems such as Dropbox, and also is well suited for use with low power single board computers. You can have one or more directories which are synchronized across your various laptops/desktops/devices, and this makes it hard for you to ever lose important files. The manner in which the synchronization is done is pretty secure, such that it would be difficult for passive adversaries (mass surveillance, "<i>men in the middle</i>", etc) to know what files you're sharing. Of course, you don't necessarily need to be running a server in order to use Syncthing, but if you do have a server which is always running then there's always at least one place to synchronize your files to or from.
</p> </p>
<p> <p>
@ -448,9 +449,9 @@ Freedombone provides Syncthing shared directories for each user on the system, p
</p> </p>
</div> </div>
<div id="outline-container-org7421627" class="outline-3"> <div id="outline-container-org4cf4458" class="outline-3">
<h3 id="org7421627">On a laptop</h3> <h3 id="org4cf4458">On a laptop</h3>
<div class="outline-text-3" id="text-org7421627"> <div class="outline-text-3" id="text-org4cf4458">
<p> <p>
Install syncthing: Install syncthing:
</p> </p>
@ -505,9 +506,9 @@ Now wait for a few minutes. Eventually you will see two messages appear within t
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org885214c" class="outline-3"> <div id="outline-container-org6ba3f07" class="outline-3">
<h3 id="org885214c">On Android</h3> <h3 id="org6ba3f07">On Android</h3>
<div class="outline-text-3" id="text-org885214c"> <div class="outline-text-3" id="text-org6ba3f07">
<p> <p>
Install Syncthing and Connectbot from F-droid. Install Syncthing and Connectbot from F-droid.
</p> </p>
@ -538,12 +539,12 @@ Now wait for a few minutes or more. Eventually you should receive two notificati
</div> </div>
</div> </div>
</div> </div>
<div id="outline-container-org90179f1" class="outline-2"> <div id="outline-container-orgd4cedd9" class="outline-2">
<h2 id="org90179f1">Play Music</h2> <h2 id="orgd4cedd9">Play Music</h2>
<div class="outline-text-2" id="text-org90179f1"> <div class="outline-text-2" id="text-orgd4cedd9">
</div><div id="outline-container-orgfbf053e" class="outline-3"> </div><div id="outline-container-org567e37f" class="outline-3">
<h3 id="orgfbf053e">With the DLNA service</h3> <h3 id="org567e37f">With the DLNA service</h3>
<div class="outline-text-3" id="text-orgfbf053e"> <div class="outline-text-3" id="text-org567e37f">
<p> <p>
An easy way to play music on any mobile device in your home is to use the DLNA service. Copy your music into a directory called "<i>Music</i>" on a USB thumb drive and then insert it into from socket on the Beaglebone. An easy way to play music on any mobile device in your home is to use the DLNA service. Copy your music into a directory called "<i>Music</i>" on a USB thumb drive and then insert it into from socket on the Beaglebone.
</p> </p>
@ -584,12 +585,12 @@ The DLNA service will only work within your local home network, and isn't remote
</div> </div>
</div> </div>
<div id="outline-container-orga7f2adf" class="outline-2"> <div id="outline-container-org7074e86" class="outline-2">
<h2 id="orga7f2adf">Microblogging (GNU Social)</h2> <h2 id="org7074e86">Microblogging (GNU Social)</h2>
<div class="outline-text-2" id="text-orga7f2adf"> <div class="outline-text-2" id="text-org7074e86">
</div><div id="outline-container-org04f903f" class="outline-3"> </div><div id="outline-container-org536a192" class="outline-3">
<h3 id="org04f903f">Initial setup</h3> <h3 id="org536a192">Initial setup</h3>
<div class="outline-text-3" id="text-org04f903f"> <div class="outline-text-3" id="text-org536a192">
<p> <p>
To log into your GNU Social site first obtain your username and password from the "microblogging" section of the readme file. To log into your GNU Social site first obtain your username and password from the "microblogging" section of the readme file.
</p> </p>
@ -618,17 +619,17 @@ GNU Social has a clutter-free mobile user interface which can be accessed via a
</div> </div>
</div> </div>
<div id="outline-container-orgd56113a" class="outline-3"> <div id="outline-container-org4ef8f04" class="outline-3">
<h3 id="orgd56113a">Direct Messages (DMs) and privacy</h3> <h3 id="org4ef8f04">Direct Messages (DMs) and privacy</h3>
<div class="outline-text-3" id="text-orgd56113a"> <div class="outline-text-3" id="text-org4ef8f04">
<p> <p>
One important point about GNU Social is that although direct messages (DMs) are treated as being private their security is quite poor. If you want real communications privacy then use other systems such as XMPP+OMEMO/OTR, Tox or email with GPG. GNU Social is primarily about <i>fully public communications</i>. One important point about GNU Social is that although direct messages (DMs) are treated as being private their security is quite poor. If you want real communications privacy then use other systems such as XMPP+OMEMO/OTR, Tox or email with GPG. GNU Social is primarily about <i>fully public communications</i>.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org3bf45e1" class="outline-3"> <div id="outline-container-org3cfddda" class="outline-3">
<h3 id="org3bf45e1">Using with Emacs</h3> <h3 id="org3cfddda">Using with Emacs</h3>
<div class="outline-text-3" id="text-org3bf45e1"> <div class="outline-text-3" id="text-org3cfddda">
<p> <p>
If you are an Emacs user it's also possible to set up GNU Social mode as follows: If you are an Emacs user it's also possible to set up GNU Social mode as follows:
</p> </p>
@ -713,9 +714,9 @@ And as a quick reference the main keys are:
</div> </div>
</div> </div>
<div id="outline-container-org5f01d74" class="outline-2"> <div id="outline-container-org4852d92" class="outline-2">
<h2 id="org5f01d74">Sharing things</h2> <h2 id="org4852d92">Sharing things</h2>
<div class="outline-text-2" id="text-org5f01d74"> <div class="outline-text-2" id="text-org4852d92">
<p> <p>
If you have the GNU Social microblogging system installed then it's also possible to share things or services between groups or with particular users. This can be useful for sharing items within a family, club or in a local sharing economy. Sharing things freely, without money, reveals the social basis at the root of all economics which money normally conceals or obscures. If you have the GNU Social microblogging system installed then it's also possible to share things or services between groups or with particular users. This can be useful for sharing items within a family, club or in a local sharing economy. Sharing things freely, without money, reveals the social basis at the root of all economics which money normally conceals or obscures.
</p> </p>
@ -742,20 +743,20 @@ The "<i>catalog</i>" button then allows you to search for shared things within t
</div> </div>
</div> </div>
<div id="outline-container-orgc69bdef" class="outline-2"> <div id="outline-container-org5596b58" class="outline-2">
<h2 id="orgc69bdef">Social Network</h2> <h2 id="org5596b58">Social Network</h2>
<div class="outline-text-2" id="text-orgc69bdef"> <div class="outline-text-2" id="text-org5596b58">
</div><div id="outline-container-org4b6c656" class="outline-3"> </div><div id="outline-container-orgbfdc8d2" class="outline-3">
<h3 id="org4b6c656">Domains</h3> <h3 id="orgbfdc8d2">Domains</h3>
<div class="outline-text-3" id="text-org4b6c656"> <div class="outline-text-3" id="text-orgbfdc8d2">
<p> <p>
Both Hubzilla and GNU Social try to obtain certificates automatically at the time of installation via Let's Encrypt. This will likely mean that in order for this to work you'll need to have obtained at least one "official" domain via a domain selling service, since Let's Encrypt mostly doesn't seem to work with free subdomains from sites such as freeDNS. Both Hubzilla and GNU Social try to obtain certificates automatically at the time of installation via Let's Encrypt. This will likely mean that in order for this to work you'll need to have obtained at least one "official" domain via a domain selling service, since Let's Encrypt mostly doesn't seem to work with free subdomains from sites such as freeDNS.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgb6e62a1" class="outline-3"> <div id="outline-container-orgfc8ffd0" class="outline-3">
<h3 id="orgb6e62a1">Initial install</h3> <h3 id="orgfc8ffd0">Initial install</h3>
<div class="outline-text-3" id="text-orgb6e62a1"> <div class="outline-text-3" id="text-orgfc8ffd0">
<p> <p>
On first visiting your Hubzilla site you'll see the login screen. The first thing you need to do is <b>register</b> a new user. The first user on the system then becomes its administrator. On first visiting your Hubzilla site you'll see the login screen. The first thing you need to do is <b>register</b> a new user. The first user on the system then becomes its administrator.
</p> </p>
@ -769,19 +770,19 @@ On first visiting your Hubzilla site you'll see the login screen. The first thin
</div> </div>
</div> </div>
<div id="outline-container-org86b14a3" class="outline-2"> <div id="outline-container-orgcac4966" class="outline-2">
<h2 id="org86b14a3">Chat Services</h2> <h2 id="orgcac4966">Chat Services</h2>
<div class="outline-text-2" id="text-org86b14a3"> <div class="outline-text-2" id="text-orgcac4966">
</div><div id="outline-container-orgb6eb58a" class="outline-3"> </div><div id="outline-container-org4d5e594" class="outline-3">
<h3 id="orgb6eb58a">IRC</h3> <h3 id="org4d5e594">IRC</h3>
<div class="outline-text-3" id="text-orgb6eb58a"> <div class="outline-text-3" id="text-org4d5e594">
<p> <p>
IRC is useful for multi-user chat. The classic use case is for software development where many engineers might need to coordinate their activities, but it's also useful for meetings, parties and general socialising. IRC is useful for multi-user chat. The classic use case is for software development where many engineers might need to coordinate their activities, but it's also useful for meetings, parties and general socialising.
</p> </p>
</div> </div>
<div id="outline-container-org71879cc" class="outline-4"> <div id="outline-container-org34795cb" class="outline-4">
<h4 id="org71879cc">Irssi</h4> <h4 id="org34795cb">Irssi</h4>
<div class="outline-text-4" id="text-org71879cc"> <div class="outline-text-4" id="text-org34795cb">
<p> <p>
The easiest way to use irssi is to connect to your system, like this: The easiest way to use irssi is to connect to your system, like this:
</p> </p>
@ -797,9 +798,9 @@ Then select <b>IRC</b> from the menu. However, other than via this method using
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgf7d08ae" class="outline-4"> <div id="outline-container-org377d44d" class="outline-4">
<h4 id="orgf7d08ae">HexChat</h4> <h4 id="org377d44d">HexChat</h4>
<div class="outline-text-4" id="text-orgf7d08ae"> <div class="outline-text-4" id="text-org377d44d">
<p> <p>
HexChat (formerly XChat) is compatible with proxying via Tor and so provides the best security when connecting to your IRC server. It will allow you to connect to your IRC server's onion address. HexChat (formerly XChat) is compatible with proxying via Tor and so provides the best security when connecting to your IRC server. It will allow you to connect to your IRC server's onion address.
</p> </p>
@ -856,7 +857,7 @@ mkdir -p ~/.config/hexchat
<span class="org-string"># /set irc_hide_version ON</span> <span class="org-string"># /set irc_hide_version ON</span>
<span class="org-string"># /set identd OFF &lt;-- NOT working on all HexChat-based IRC software.</span> <span class="org-string"># /set identd OFF &lt;-- NOT working on all HexChat-based IRC software.</span>
<span class="org-string"># But still highly suggested to include &amp; use it.</span> <span class="org-string"># But still highly suggested to include &amp; use it.</span>
<span class="org-string"># Probable not needed on UNIX, source: http://xchat.org/faq/#q21</span> <span class="org-string"># Probable not needed on UNIX, source: https://xchat.org/faq/#q21</span>
<span class="org-string">dcc_auto_chat = 0</span> <span class="org-string">dcc_auto_chat = 0</span>
<span class="org-string">dcc_auto_resume = 0</span> <span class="org-string">dcc_auto_resume = 0</span>
<span class="org-string">dcc_auto_send = 0</span> <span class="org-string">dcc_auto_send = 0</span>
@ -977,9 +978,9 @@ Click <b>close</b> and then <b>connect</b>.
</div> </div>
</div> </div>
<div id="outline-container-orgfdef80e" class="outline-4"> <div id="outline-container-org81247ef" class="outline-4">
<h4 id="orgfdef80e">Emacs</h4> <h4 id="org81247ef">Emacs</h4>
<div class="outline-text-4" id="text-orgfdef80e"> <div class="outline-text-4" id="text-org81247ef">
<p> <p>
If you are an Emacs user then you can also connect to your IRC server via Emacs. If you are an Emacs user then you can also connect to your IRC server via Emacs.
</p> </p>
@ -1012,9 +1013,9 @@ Add the following to your Emacs configuration file:
</div> </div>
</div> </div>
</div> </div>
<div id="outline-container-orga47b34a" class="outline-4"> <div id="outline-container-org41c87a5" class="outline-4">
<h4 id="orga47b34a">Changing or removing the IRC password</h4> <h4 id="org41c87a5">Changing or removing the IRC password</h4>
<div class="outline-text-4" id="text-orga47b34a"> <div class="outline-text-4" id="text-org41c87a5">
<p> <p>
By default the IRC server is set up to require a password for users to log in. The password is the same for all users. If you want to change or remove the password: By default the IRC server is set up to require a password for users to log in. The password is the same for all users. If you want to change or remove the password:
</p> </p>
@ -1032,20 +1033,20 @@ Select <i>Administrator controls</i> then <b>IRC Menu</b> and then change the pa
</div> </div>
</div> </div>
<div id="outline-container-org4cbadf7" class="outline-3"> <div id="outline-container-org6b7b6d2" class="outline-3">
<h3 id="org4cbadf7">XMPP/Jabber</h3> <h3 id="org6b7b6d2">XMPP/Jabber</h3>
<div class="outline-text-3" id="text-org4cbadf7"> <div class="outline-text-3" id="text-org6b7b6d2">
</div><div id="outline-container-org1d5c458" class="outline-4"> </div><div id="outline-container-org3c55a7b" class="outline-4">
<h4 id="org1d5c458">About XMPP</h4> <h4 id="org3c55a7b">About XMPP</h4>
<div class="outline-text-4" id="text-org1d5c458"> <div class="outline-text-4" id="text-org3c55a7b">
<p> <p>
A well written article on the state of XMPP and how it compares to other chat protocols <a href="https://gultsch.de/xmpp_2016.html">can be found here</a>. A well written article on the state of XMPP and how it compares to other chat protocols <a href="https://gultsch.de/xmpp_2016.html">can be found here</a>.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org9b877b5" class="outline-4"> <div id="outline-container-org52b79aa" class="outline-4">
<h4 id="org9b877b5">Using with Gajim</h4> <h4 id="org52b79aa">Using with Gajim</h4>
<div class="outline-text-4" id="text-org9b877b5"> <div class="outline-text-4" id="text-org52b79aa">
<p> <p>
In mid 2016 <a href="https://gajim.org/">Gajim</a> became the first desktop XMPP client to support the <a href="https://en.wikipedia.org/wiki/OMEMO">OMEMO end-to-end security standard</a>, which is superior to the more traditional <a href="https://en.wikipedia.org/wiki/Off-the-Record_Messaging">OTR</a> since it also includes multi-user chat and the ratcheting mechanism pioneered by Open Whisper Systems. To install it: In mid 2016 <a href="https://gajim.org/">Gajim</a> became the first desktop XMPP client to support the <a href="https://en.wikipedia.org/wiki/OMEMO">OMEMO end-to-end security standard</a>, which is superior to the more traditional <a href="https://en.wikipedia.org/wiki/Off-the-Record_Messaging">OTR</a> since it also includes multi-user chat and the ratcheting mechanism pioneered by Open Whisper Systems. To install it:
</p> </p>
@ -1091,11 +1092,11 @@ If you wish to use OpenPGP to encrypt your messages then go to <b>Edit/Accounts<
</div> </div>
</div> </div>
<div id="outline-container-orgdbd4d8a" class="outline-4"> <div id="outline-container-org867a7ab" class="outline-4">
<h4 id="orgdbd4d8a">Using with Profanity</h4> <h4 id="org867a7ab">Using with Profanity</h4>
<div class="outline-text-4" id="text-orgdbd4d8a"> <div class="outline-text-4" id="text-org867a7ab">
<p> <p>
The <a href="http://profanity.im/">Profanity</a> shell based user interface and is perhaps the simplest way to use XMPP from a laptop. It's also a good way to ensure that your OTR keys are the same even when logging in from different laptops or devices, and it also means that if those devices later become compomised then there are no locally stored OTR keys to be found. The <a href="https://profanity.im/">Profanity</a> shell based user interface and is perhaps the simplest way to use XMPP from a laptop. It's also a good way to ensure that your OTR keys are the same even when logging in from different laptops or devices, and it also means that if those devices later become compomised then there are no locally stored OTR keys to be found.
</p> </p>
<div class="org-src-container"> <div class="org-src-container">
@ -1175,7 +1176,7 @@ and quote that. If they quote theirs back you can check it with:
</div> </div>
<p> <p>
If the fingerprints match then you can be pretty confident that unless you have been socially engineered via the question and answer you probably are talking to who you think you are, and that it will be difficult for mass surveillance systems to know the content of the conversation. For more details see <a href="http://www.profanity.im/otr.html">this guide</a>. If the fingerprints match then you can be pretty confident that unless you have been socially engineered via the question and answer you probably are talking to who you think you are, and that it will be difficult for mass surveillance systems to know the content of the conversation. For more details see <a href="https://www.profanity.im/otr.html">this guide</a>
</p> </p>
<p> <p>
@ -1183,9 +1184,9 @@ When accessed via the user control panel the client is automatically routed thro
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org90d13ea" class="outline-4"> <div id="outline-container-orgffff539" class="outline-4">
<h4 id="org90d13ea">Using with Jitsi</h4> <h4 id="orgffff539">Using with Jitsi</h4>
<div class="outline-text-4" id="text-org90d13ea"> <div class="outline-text-4" id="text-orgffff539">
<p> <p>
Jitsi is the recommended communications client for desktop or laptop systems, since it includes the <i>off the record</i> (OTR) feature which provides some additional security beyond the usual SSL certificates. Jitsi is the recommended communications client for desktop or laptop systems, since it includes the <i>off the record</i> (OTR) feature which provides some additional security beyond the usual SSL certificates.
</p> </p>
@ -1215,9 +1216,9 @@ You can also <a href="https://www.youtube.com/watch?v=vgx7VSrDGjk">see this vide
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org674c893" class="outline-4"> <div id="outline-container-orga156aee" class="outline-4">
<h4 id="org674c893">Using with Ubuntu</h4> <h4 id="orga156aee">Using with Ubuntu</h4>
<div class="outline-text-4" id="text-org674c893"> <div class="outline-text-4" id="text-orga156aee">
<p> <p>
The default XMPP client in Ubuntu is Empathy. Using Empathy isn't as secure as using Jitsi, since it doesn't include the <i>off the record</i> feature, but since it's the default it's what many users will have easy access to. The default XMPP client in Ubuntu is Empathy. Using Empathy isn't as secure as using Jitsi, since it doesn't include the <i>off the record</i> feature, but since it's the default it's what many users will have easy access to.
</p> </p>
@ -1235,17 +1236,17 @@ Click on <b>Advanced</b> and make sure that <b>Encryption required</b> and <b>Ig
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org2e63910" class="outline-4"> <div id="outline-container-orgf175285" class="outline-4">
<h4 id="org2e63910">Using Tor Messenger</h4> <h4 id="orgf175285">Using Tor Messenger</h4>
<div class="outline-text-4" id="text-org2e63910"> <div class="outline-text-4" id="text-orgf175285">
<p> <p>
Tor Messenger is a messaging client which supports XMPP, and its onion routing enables you to protect the metadata of chat interactions to some extent by making it difficult for an adversary to know which server is talking to which. You can download Tor Messenger from <a href="https://torproject.org/">torproject.org</a> and the setup is pretty simple. Tor Messenger is a messaging client which supports XMPP, and its onion routing enables you to protect the metadata of chat interactions to some extent by making it difficult for an adversary to know which server is talking to which. You can download Tor Messenger from <a href="https://torproject.org/">torproject.org</a> and the setup is pretty simple.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgdf79200" class="outline-4"> <div id="outline-container-org9ce4d3e" class="outline-4">
<h4 id="orgdf79200">Using with Android/Conversations</h4> <h4 id="org9ce4d3e">Using with Android/Conversations</h4>
<div class="outline-text-4" id="text-orgdf79200"> <div class="outline-text-4" id="text-org9ce4d3e">
<p> <p>
Install <a href="https://f-droid.org/">F-Droid</a> Install <a href="https://f-droid.org/">F-Droid</a>
</p> </p>
@ -1281,16 +1282,16 @@ Then select <b>Next</b>. When chatting you can use the lock icon to encrypt your
</div> </div>
</div> </div>
</div> </div>
<div id="outline-container-orga259026" class="outline-3"> <div id="outline-container-orgff81b02" class="outline-3">
<h3 id="orga259026">Tox</h3> <h3 id="orgff81b02">Tox</h3>
<div class="outline-text-3" id="text-orga259026"> <div class="outline-text-3" id="text-orgff81b02">
<p> <p>
Tox is an encrypted peer-to-peer messaging system and so should work without Freedombone. It uses a system of nodes which act as a sort of directory service allowing users to find and connect to each other. The Tox node ID on the Freedombone can be found within the README within your home directory. If you have other users connect to your node then you will be able to continue chatting even when no other nodes are available. Tox is an encrypted peer-to-peer messaging system and so should work without Freedombone. It uses a system of nodes which act as a sort of directory service allowing users to find and connect to each other. The Tox node ID on the Freedombone can be found within the README within your home directory. If you have other users connect to your node then you will be able to continue chatting even when no other nodes are available.
</p> </p>
</div> </div>
<div id="outline-container-org83b215d" class="outline-4"> <div id="outline-container-org5ed532f" class="outline-4">
<h4 id="org83b215d">Using the Toxic client</h4> <h4 id="org5ed532f">Using the Toxic client</h4>
<div class="outline-text-4" id="text-org83b215d"> <div class="outline-text-4" id="text-org5ed532f">
<p> <p>
Log into your system with: Log into your system with:
</p> </p>
@ -1314,20 +1315,20 @@ Then from the menu select <b>Tox Chat</b>. Tox is encrypted by default and also
</div> </div>
</div> </div>
<div id="outline-container-orgd8e7757" class="outline-3"> <div id="outline-container-org417c7f6" class="outline-3">
<h3 id="orgd8e7757">VoIP (Voice and text chat)</h3> <h3 id="org417c7f6">VoIP (Voice and text chat)</h3>
<div class="outline-text-3" id="text-orgd8e7757"> <div class="outline-text-3" id="text-org417c7f6">
</div><div id="outline-container-org7913951" class="outline-4"> </div><div id="outline-container-org21c27dd" class="outline-4">
<h4 id="org7913951">Text chat</h4> <h4 id="org21c27dd">Text chat</h4>
<div class="outline-text-4" id="text-org7913951"> <div class="outline-text-4" id="text-org21c27dd">
<p> <p>
In addition to voice it is also possible to do text chat via mumble. The security of this is pretty good provided that you do it via Plumble and Orbot on mobile, but compared to other options such as XMPP/Conversations or Tox the security is not as good, since the mumble server currently doesn't support forward secrecy. In addition to voice it is also possible to do text chat via mumble. The security of this is pretty good provided that you do it via Plumble and Orbot on mobile, but compared to other options such as XMPP/Conversations or Tox the security is not as good, since the mumble server currently doesn't support forward secrecy.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org1bfee6a" class="outline-4"> <div id="outline-container-orgf100334" class="outline-4">
<h4 id="org1bfee6a">Using with Ubuntu</h4> <h4 id="orgf100334">Using with Ubuntu</h4>
<div class="outline-text-4" id="text-org1bfee6a"> <div class="outline-text-4" id="text-orgf100334">
<p> <p>
Within the software center search for "mumble" and install the client then run it. Skip through the audio setup wizard. Within the software center search for "mumble" and install the client then run it. Skip through the audio setup wizard.
</p> </p>
@ -1337,9 +1338,9 @@ Click on "add new" to add a new server and enter the default domain name for the
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org4e4a652" class="outline-4"> <div id="outline-container-org2eb781a" class="outline-4">
<h4 id="org4e4a652">Using with Android</h4> <h4 id="org2eb781a">Using with Android</h4>
<div class="outline-text-4" id="text-org4e4a652"> <div class="outline-text-4" id="text-org2eb781a">
<p> <p>
Install <a href="https://f-droid.org/">F-Droid</a> Install <a href="https://f-droid.org/">F-Droid</a>
</p> </p>
@ -1374,24 +1375,24 @@ Selecting the server by pressing on it then connects you to the server so that y
</div> </div>
</div> </div>
</div> </div>
<div id="outline-container-org7337f0d" class="outline-3"> <div id="outline-container-org38b9f4e" class="outline-3">
<h3 id="org7337f0d">SIP phones</h3> <h3 id="org38b9f4e">SIP phones</h3>
<div class="outline-text-3" id="text-org7337f0d"> <div class="outline-text-3" id="text-org38b9f4e">
<p> <p>
Freedombone also supports SIP phones The username and domain is the same as for your email address, and the SIP password and extension number will appear within the README file in your home directory. Various SIP client options are available, such as CSipSimple on Android and Jitsi on desktop or laptop machines. Ideally use clients which support ZRTP, which will provide the best level of security. Freedombone also supports SIP phones The username and domain is the same as for your email address, and the SIP password and extension number will appear within the README file in your home directory. Various SIP client options are available, such as CSipSimple on Android and Jitsi on desktop or laptop machines. Ideally use clients which support ZRTP, which will provide the best level of security.
</p> </p>
</div> </div>
<div id="outline-container-org2f40c6c" class="outline-4"> <div id="outline-container-orgbb967c4" class="outline-4">
<h4 id="org2f40c6c">About ZRTP</h4> <h4 id="orgbb967c4">About ZRTP</h4>
<div class="outline-text-4" id="text-org2f40c6c"> <div class="outline-text-4" id="text-orgbb967c4">
<p> <p>
<a href="https://jitsi.org/Documentation/ZrtpFAQ">ZRTP</a> appears to be the current best standard to end-to-end encrypted voice calls, combining good security with simplicity of use. When the initial cryptographic negotiation between phones is done at the start of a call a short authentication string (SAS) is calculated and displayed at both ends. To check that there isn't anyone intercepting the call and acting as a <i>man in the middle</i> - as <a href="https://en.wikipedia.org/wiki/Stingray_phone_tracker">stingray type devices</a> try to do - the short authentication string can be read out and verbally confirmed between the callers. If it's the same then you can be pretty confident that the call is secure. <a href="https://jitsi.org/Documentation/ZrtpFAQ">ZRTP</a> appears to be the current best standard to end-to-end encrypted voice calls, combining good security with simplicity of use. When the initial cryptographic negotiation between phones is done at the start of a call a short authentication string (SAS) is calculated and displayed at both ends. To check that there isn't anyone intercepting the call and acting as a <i>man in the middle</i> - as <a href="https://en.wikipedia.org/wiki/Stingray_phone_tracker">stingray type devices</a> try to do - the short authentication string can be read out and verbally confirmed between the callers. If it's the same then you can be pretty confident that the call is secure.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org044989d" class="outline-4"> <div id="outline-container-org2201e80" class="outline-4">
<h4 id="org044989d">Using with CSIPSimple</h4> <h4 id="org2201e80">Using with CSIPSimple</h4>
<div class="outline-text-4" id="text-org044989d"> <div class="outline-text-4" id="text-org2201e80">
<p> <p>
Add an account. Under <b>General Wizards</b> choose <b>Expert</b> and enter the following details: Add an account. Under <b>General Wizards</b> choose <b>Expert</b> and enter the following details:
</p> </p>
@ -1447,9 +1448,9 @@ If everything is working the account should appear in green with a status of <b>
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-org5f453e7" class="outline-4"> <div id="outline-container-org3c35ea8" class="outline-4">
<h4 id="org5f453e7">Using with Ring</h4> <h4 id="org3c35ea8">Using with Ring</h4>
<div class="outline-text-4" id="text-org5f453e7"> <div class="outline-text-4" id="text-org3c35ea8">
<p> <p>
From the menu select <b>Manage accounts</b>. From the menu select <b>Manage accounts</b>.
</p> </p>
@ -1502,9 +1503,9 @@ Select the <b>Security</b> tab. Under <b>SRTP Key Exchange</b> select <b>ZRTP</b
</div> </div>
</div> </div>
<div id="outline-container-org3fc8f93" class="outline-2"> <div id="outline-container-orgff77a66" class="outline-2">
<h2 id="org3fc8f93">RSS Reader</h2> <h2 id="orgff77a66">RSS Reader</h2>
<div class="outline-text-2" id="text-org3fc8f93"> <div class="outline-text-2" id="text-orgff77a66">
<p> <p>
The way that RSS reading is set up on Freedombone gives you strong reading privacy. Not only is there onion routing between you and the server but also between the server and the source of the RSS feed. The only down side is that many RSS feeds are still http only, and so could be vulnerable to injection attacks, but it's expected that more of this will go to https in the foreseeable future due to a combination of growing recognition of security issues and systems like Let's Encrypt which make obtaining certificates much easier. The way that RSS reading is set up on Freedombone gives you strong reading privacy. Not only is there onion routing between you and the server but also between the server and the source of the RSS feed. The only down side is that many RSS feeds are still http only, and so could be vulnerable to injection attacks, but it's expected that more of this will go to https in the foreseeable future due to a combination of growing recognition of security issues and systems like Let's Encrypt which make obtaining certificates much easier.
</p> </p>
@ -1516,9 +1517,9 @@ The way that RSS reading is set up on Freedombone gives you strong reading priva
</div> </div>
</div> </div>
<div id="outline-container-orgcc8cdb1" class="outline-3"> <div id="outline-container-org1da9c1d" class="outline-3">
<h3 id="orgcc8cdb1">Finding the onion address</h3> <h3 id="org1da9c1d">Finding the onion address</h3>
<div class="outline-text-3" id="text-orgcc8cdb1"> <div class="outline-text-3" id="text-org1da9c1d">
<p> <p>
See the control panel for the RSS reader onion address. See the control panel for the RSS reader onion address.
</p> </p>
@ -1543,9 +1544,9 @@ To set up the system open <a href="http://rss_reader_onion_address/">http://rss_
</div> </div>
</div> </div>
<div id="outline-container-org994f7e4" class="outline-3"> <div id="outline-container-orgf7948f5" class="outline-3">
<h3 id="org994f7e4">On mobile</h3> <h3 id="orgf7948f5">On mobile</h3>
<div class="outline-text-3" id="text-org994f7e4"> <div class="outline-text-3" id="text-orgf7948f5">
<p> <p>
To access the RSS reader from a mobile device you can install a Tor compatible browser such as OrFox. It will try to automatically change to the mobile version of the user interface. Remember to add the site to the NoScript whitelist, and you may also need to turn HTTPS Everywhere off. To access the RSS reader from a mobile device you can install a Tor compatible browser such as OrFox. It will try to automatically change to the mobile version of the user interface. Remember to add the site to the NoScript whitelist, and you may also need to turn HTTPS Everywhere off.
</p> </p>
@ -1557,9 +1558,9 @@ A note for the paranoid is that on mobile devices you get redirected to a differ
</blockquote> </blockquote>
</div> </div>
</div> </div>
<div id="outline-container-org1ecbba3" class="outline-3"> <div id="outline-container-orgd3a8a1d" class="outline-3">
<h3 id="org1ecbba3">With Emacs</h3> <h3 id="orgd3a8a1d">With Emacs</h3>
<div class="outline-text-3" id="text-org1ecbba3"> <div class="outline-text-3" id="text-orgd3a8a1d">
<p> <p>
If you are an Emacs user then you can also read your RSS feeds via the <a href="https://github.com/dk87/avandu">Avandu</a> mode. If you are an Emacs user then you can also read your RSS feeds via the <a href="https://github.com/dk87/avandu">Avandu</a> mode.
</p> </p>
@ -1601,9 +1602,9 @@ And ensure that the Tor daemon is installed:
</div> </div>
</div> </div>
</div> </div>
<div id="outline-container-orgabf039d" class="outline-2"> <div id="outline-container-org7d41716" class="outline-2">
<h2 id="orgabf039d">Git Projects</h2> <h2 id="org7d41716">Git Projects</h2>
<div class="outline-text-2" id="text-orgabf039d"> <div class="outline-text-2" id="text-org7d41716">
<p> <p>
Github is ok, but it's proprietary and funded by venture capital. If you been around on the internet for long enough then you know how this story eventually works itself out - i.e. badly for the users. It's really only a question of time. If you're a software developer or do things which involve the Git version control system then it's a good idea to become accustomed to hosting your own repositories, before the inevitable Github shitstorm happens. Github is ok, but it's proprietary and funded by venture capital. If you been around on the internet for long enough then you know how this story eventually works itself out - i.e. badly for the users. It's really only a question of time. If you're a software developer or do things which involve the Git version control system then it's a good idea to become accustomed to hosting your own repositories, before the inevitable Github shitstorm happens.
</p> </p>
@ -1641,9 +1642,9 @@ This will stop any spam accounts being created by random strangers or bots. You
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgc1f220c" class="outline-2"> <div id="outline-container-org9b9f095" class="outline-2">
<h2 id="orgc1f220c">Adding or removing users</h2> <h2 id="org9b9f095">Adding or removing users</h2>
<div class="outline-text-2" id="text-orgc1f220c"> <div class="outline-text-2" id="text-org9b9f095">
<p> <p>
Log into the system with: Log into the system with:
</p> </p>
@ -1681,19 +1682,19 @@ Return to the <a href="index.html">home page</a>
<style type="text/css"> <style type="text/css">
.back-to-top { .back-to-top {
position: fixed; position: fixed;
bottom: 2em; bottom: 2em;
right: 0px; right: 0px;
text-decoration: none; text-decoration: none;
color: #000000; color: #000000;
background-color: rgba(235, 235, 235, 0.80); background-color: rgba(235, 235, 235, 0.80);
font-size: 12px; font-size: 12px;
padding: 1em; padding: 1em;
display: none; display: none;
} }
.back-to-top:hover { .back-to-top:hover {
background-color: rgba(135, 135, 135, 0.50); background-color: rgba(135, 135, 135, 0.50);
} }
</style> </style>
@ -1702,15 +1703,15 @@ Return to the <a href="index.html">home page</a>
</div> </div>
<script type="text/javascript"> <script type="text/javascript">
var offset = 220; var offset = 220;
var duration = 500; var duration = 500;
jQuery(window).scroll(function() { jQuery(window).scroll(function() {
if (jQuery(this).scrollTop() > offset) { if (jQuery(this).scrollTop() > offset) {
jQuery('.back-to-top').fadeIn(duration); jQuery('.back-to-top').fadeIn(duration);
} else { } else {
jQuery('.back-to-top').fadeOut(duration); jQuery('.back-to-top').fadeOut(duration);
} }
}); });
</script> </script>
</div> </div>
</body> </body>

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2016-04-06 Wed 18:55 --> <!-- 2016-08-08 Mon 17:20 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -56,13 +56,96 @@
border: 1px solid black; border: 1px solid black;
} }
pre.src:hover:before { display: inline;} pre.src:hover:before { display: inline;}
pre.src-sh:before { content: 'sh'; } /* Languages per Org manual */
pre.src-bash:before { content: 'sh'; } pre.src-asymptote:before { content: 'Asymptote'; }
pre.src-awk:before { content: 'Awk'; }
pre.src-C:before { content: 'C'; }
/* pre.src-C++ doesn't work in CSS */
pre.src-clojure:before { content: 'Clojure'; }
pre.src-css:before { content: 'CSS'; }
pre.src-D:before { content: 'D'; }
pre.src-ditaa:before { content: 'ditaa'; }
pre.src-dot:before { content: 'Graphviz'; }
pre.src-calc:before { content: 'Emacs Calc'; }
pre.src-emacs-lisp:before { content: 'Emacs Lisp'; } pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
pre.src-R:before { content: 'R'; } pre.src-fortran:before { content: 'Fortran'; }
pre.src-perl:before { content: 'Perl'; } pre.src-gnuplot:before { content: 'gnuplot'; }
pre.src-java:before { content: 'Java'; } pre.src-haskell:before { content: 'Haskell'; }
pre.src-sql:before { content: 'SQL'; } pre.src-java:before { content: 'Java'; }
pre.src-js:before { content: 'Javascript'; }
pre.src-latex:before { content: 'LaTeX'; }
pre.src-ledger:before { content: 'Ledger'; }
pre.src-lisp:before { content: 'Lisp'; }
pre.src-lilypond:before { content: 'Lilypond'; }
pre.src-matlab:before { content: 'MATLAB'; }
pre.src-mscgen:before { content: 'Mscgen'; }
pre.src-ocaml:before { content: 'Objective Caml'; }
pre.src-octave:before { content: 'Octave'; }
pre.src-org:before { content: 'Org mode'; }
pre.src-oz:before { content: 'OZ'; }
pre.src-plantuml:before { content: 'Plantuml'; }
pre.src-processing:before { content: 'Processing.js'; }
pre.src-python:before { content: 'Python'; }
pre.src-R:before { content: 'R'; }
pre.src-ruby:before { content: 'Ruby'; }
pre.src-sass:before { content: 'Sass'; }
pre.src-scheme:before { content: 'Scheme'; }
pre.src-screen:before { content: 'Gnu Screen'; }
pre.src-sed:before { content: 'Sed'; }
pre.src-sh:before { content: 'shell'; }
pre.src-sql:before { content: 'SQL'; }
pre.src-sqlite:before { content: 'SQLite'; }
/* additional languages in org.el's org-babel-load-languages alist */
pre.src-forth:before { content: 'Forth'; }
pre.src-io:before { content: 'IO'; }
pre.src-J:before { content: 'J'; }
pre.src-makefile:before { content: 'Makefile'; }
pre.src-maxima:before { content: 'Maxima'; }
pre.src-perl:before { content: 'Perl'; }
pre.src-picolisp:before { content: 'Pico Lisp'; }
pre.src-scala:before { content: 'Scala'; }
pre.src-shell:before { content: 'Shell Script'; }
pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
/* additional language identifiers per "defun org-babel-execute"
in ob-*.el */
pre.src-cpp:before { content: 'C++'; }
pre.src-abc:before { content: 'ABC'; }
pre.src-coq:before { content: 'Coq'; }
pre.src-groovy:before { content: 'Groovy'; }
/* additional language identifiers from org-babel-shell-names in
ob-shell.el: ob-shell is the only babel language using a lambda to put
the execution function name together. */
pre.src-bash:before { content: 'bash'; }
pre.src-csh:before { content: 'csh'; }
pre.src-ash:before { content: 'ash'; }
pre.src-dash:before { content: 'dash'; }
pre.src-ksh:before { content: 'ksh'; }
pre.src-mksh:before { content: 'mksh'; }
pre.src-posh:before { content: 'posh'; }
/* Additional Emacs modes also supported by the LaTeX listings package */
pre.src-ada:before { content: 'Ada'; }
pre.src-asm:before { content: 'Assembler'; }
pre.src-caml:before { content: 'Caml'; }
pre.src-delphi:before { content: 'Delphi'; }
pre.src-html:before { content: 'HTML'; }
pre.src-idl:before { content: 'IDL'; }
pre.src-mercury:before { content: 'Mercury'; }
pre.src-metapost:before { content: 'MetaPost'; }
pre.src-modula-2:before { content: 'Modula-2'; }
pre.src-pascal:before { content: 'Pascal'; }
pre.src-ps:before { content: 'PostScript'; }
pre.src-prolog:before { content: 'Prolog'; }
pre.src-simula:before { content: 'Simula'; }
pre.src-tcl:before { content: 'tcl'; }
pre.src-tex:before { content: 'TeX'; }
pre.src-plain-tex:before { content: 'Plain TeX'; }
pre.src-verilog:before { content: 'Verilog'; }
pre.src-vhdl:before { content: 'VHDL'; }
pre.src-xml:before { content: 'XML'; }
pre.src-nxml:before { content: 'XML'; }
/* add a generic configuration mode; LaTeX export needs an additional
(add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
pre.src-conf:before { content: 'Configuration File'; }
table { border-collapse:collapse; } table { border-collapse:collapse; }
caption.t-above { caption-side: top; } caption.t-above { caption-side: top; }
@ -95,6 +178,7 @@
{ font-size: 10px; font-weight: bold; white-space: nowrap; } { font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight .org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; } { background-color: #ffff00; color: #000000; font-weight: bold; }
.org-svg { width: 90%; }
/*]]>*/--> /*]]>*/-->
</style> </style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" /> <link rel="stylesheet" type="text/css" href="solarized-light.css" />
@ -170,54 +254,54 @@ for the JavaScript code in this tag.
</colgroup> </colgroup>
<tbody> <tbody>
<tr> <tr>
<td class="org-left"><a href="#orgheadline1">Things to be aware of</a></td> <td class="org-left"><a href="#orge5254be">Things to be aware of</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline2">A technical note about email transport security</a></td> <td class="org-left"><a href="#org023a46e">A technical note about email transport security</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline3">Add a password to your GPG key</a></td> <td class="org-left"><a href="#org13d1ae1">Add a password to your GPG key</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline4">Publishing your GPG public key</a></td> <td class="org-left"><a href="#org2b05efe">Publishing your GPG public key</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline5">Mutt email client</a></td> <td class="org-left"><a href="#org609d2a8">Mutt email client</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline6">Thunderbird/Icedove</a></td> <td class="org-left"><a href="#org7e71ee0">Thunderbird/Icedove</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline7">K9 Android client</a></td> <td class="org-left"><a href="#org859f614">K9 Android client</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline8">Subscribing to mailing lists</a></td> <td class="org-left"><a href="#org0c0172c">Subscribing to mailing lists</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline9">Adding email addresses to a group/folder</a></td> <td class="org-left"><a href="#orga06b4bf">Adding email addresses to a group/folder</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline10">Ignoring incoming emails</a></td> <td class="org-left"><a href="#orgd21a27d">Ignoring incoming emails</a></td>
</tr> </tr>
<tr> <tr>
<td class="org-left"><a href="#orgheadline11">Your own mailing list</a></td> <td class="org-left"><a href="#org5310f10">Your own mailing list</a></td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
<div id="outline-container-orgheadline1" class="outline-2"> <div id="outline-container-orge5254be" class="outline-2">
<h2 id="orgheadline1">Things to be aware of</h2> <h2 id="orge5254be">Things to be aware of</h2>
<div class="outline-text-2" id="text-orgheadline1"> <div class="outline-text-2" id="text-orge5254be">
<p> <p>
Even though this system makes it easy to set up an email server, running your own email system is still not easy and this is mainly due to the huge amount of collatoral damage caused by spammers over a long period of time, which in turn is due to the inherent insecurity of email protocols which enabled spam to become a big problem. Email is still very popular though and most internet services require that you have an email address in order to register. Even though this system makes it easy to set up an email server, running your own email system is still not easy and this is mainly due to the huge amount of collatoral damage caused by spammers over a long period of time, which in turn is due to the inherent insecurity of email protocols which enabled spam to become a big problem. Email is still very popular though and most internet services require that you have an email address in order to register.
</p> </p>
@ -231,15 +315,15 @@ So if you want to use your own email address hosted on your own system you do ne
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline2" class="outline-2"> <div id="outline-container-org023a46e" class="outline-2">
<h2 id="orgheadline2">A technical note about email transport security</h2> <h2 id="org023a46e">A technical note about email transport security</h2>
<div class="outline-text-2" id="text-orgheadline2"> <div class="outline-text-2" id="text-org023a46e">
<p> <p>
Port 465 is used for SMTP and this is supposedly deprecated for secure email. However, using TLS from the start of the communications seems far more secure than starting off with insecure communications and then trying to upgrade it with a command to begin TLS, as happens with STARTTLS. There are <a href="https://www.eff.org/deeplinks/2014/11/starttls-downgrade-attacks">possible attacks against STARTTLS</a> in which the command to begin secure communications is removed or overwritten which could then result in email being transferred in plain text over the internet and be readable by third parties. Port 465 is used for SMTP and this is supposedly deprecated for secure email. However, using TLS from the start of the communications seems far more secure than starting off with insecure communications and then trying to upgrade it with a command to begin TLS, as happens with STARTTLS. There are <a href="https://www.eff.org/deeplinks/2014/11/starttls-downgrade-attacks">possible attacks against STARTTLS</a> in which the command to begin secure communications is removed or overwritten which could then result in email being transferred in plain text over the internet and be readable by third parties.
</p> </p>
<p> <p>
From <a href="http://motherboard.vice.com/read/email-encryption-is-broken">http://motherboard.vice.com/read/email-encryption-is-broken</a>: From <a href="https://motherboard.vice.com/read/email-encryption-is-broken">https://motherboard.vice.com/read/email-encryption-is-broken</a>:
</p> </p>
<blockquote> <blockquote>
@ -249,9 +333,9 @@ The researchers also uncovered mass scale attacks of STARTTLS sessions being str
</blockquote> </blockquote>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline3" class="outline-2"> <div id="outline-container-org13d1ae1" class="outline-2">
<h2 id="orgheadline3">Add a password to your GPG key</h2> <h2 id="org13d1ae1">Add a password to your GPG key</h2>
<div class="outline-text-2" id="text-orgheadline3"> <div class="outline-text-2" id="text-org13d1ae1">
<p> <p>
If you didn't use existing GPG keys during the Freedombone installation then you'll need to add a password to your newly generated private key. This is highly recommended. Go through the following sequence of commands to ssh into the Freedombone and then change your GPG password. If you didn't use existing GPG keys during the Freedombone installation then you'll need to add a password to your newly generated private key. This is highly recommended. Go through the following sequence of commands to ssh into the Freedombone and then change your GPG password.
</p> </p>
@ -268,14 +352,14 @@ quit
</div> </div>
<p> <p>
Having a password on your GPG key will prevent someone from reading your email <i>even if your server gets lost or stolen</i> or if someone else has physical access to it. Make the password something long and unlikely to be guessable or vulnerable to a brute force <a href="http://en.wikipedia.org/wiki/Dictionary_attack">dictionary attack</a>. Having a password on your GPG key will prevent someone from reading your email <i>even if your server gets lost or stolen</i> or if someone else has physical access to it. Make the password something long and unlikely to be guessable or vulnerable to a brute force <a href="https://en.wikipedia.org/wiki/Dictionary_attack">dictionary attack</a>.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline4" class="outline-2"> <div id="outline-container-org2b05efe" class="outline-2">
<h2 id="orgheadline4">Publishing your GPG public key</h2> <h2 id="org2b05efe">Publishing your GPG public key</h2>
<div class="outline-text-2" id="text-orgheadline4"> <div class="outline-text-2" id="text-org2b05efe">
<p> <p>
If you havn't already then you should publish your GPG public key so that others can find it. If you havn't already then you should publish your GPG public key so that others can find it.
</p> </p>
@ -289,9 +373,9 @@ gpg --send-keys username@domainname
</div> </div>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline5" class="outline-2"> <div id="outline-container-org609d2a8" class="outline-2">
<h2 id="orgheadline5">Mutt email client</h2> <h2 id="org609d2a8">Mutt email client</h2>
<div class="outline-text-2" id="text-orgheadline5"> <div class="outline-text-2" id="text-org609d2a8">
<div class="org-center"> <div class="org-center">
<div class="figure"> <div class="figure">
@ -457,9 +541,9 @@ When reading emails you will initially need to enter your GPG password. It will
</div> </div>
</div> </div>
<div id="outline-container-orgheadline6" class="outline-2"> <div id="outline-container-org7e71ee0" class="outline-2">
<h2 id="orgheadline6">Thunderbird/Icedove</h2> <h2 id="org7e71ee0">Thunderbird/Icedove</h2>
<div class="outline-text-2" id="text-orgheadline6"> <div class="outline-text-2" id="text-org7e71ee0">
<p> <p>
Another common way in which you may want to access email is via Thunderbird (also known as Icedove on Debian). This may be especially useful if you're trying to convert former Windows users who may previously have been using some version of Outlook. Another common way in which you may want to access email is via Thunderbird (also known as Icedove on Debian). This may be especially useful if you're trying to convert former Windows users who may previously have been using some version of Outlook.
</p> </p>
@ -469,9 +553,9 @@ The following instructions should be carried out on the client machines (laptop,
</p> </p>
</div> </div>
<div id="outline-container-orgheadline12" class="outline-4"> <div id="outline-container-org9eb8410" class="outline-4">
<h4 id="orgheadline12">Initial setup</h4> <h4 id="org9eb8410">Initial setup</h4>
<div class="outline-text-4" id="text-orgheadline12"> <div class="outline-text-4" id="text-org9eb8410">
<p> <p>
Install <b>Thunderbird</b> and <b>Enigmail</b>. How you do this just depends upon your distro and software manager or "app store". Install <b>Thunderbird</b> and <b>Enigmail</b>. How you do this just depends upon your distro and software manager or "app store".
</p> </p>
@ -527,9 +611,9 @@ Select "<b>yes</b>" to change default settings.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline13" class="outline-4"> <div id="outline-container-org26bdb18" class="outline-4">
<h4 id="orgheadline13">Import your GPG keys</h4> <h4 id="org26bdb18">Import your GPG keys</h4>
<div class="outline-text-4" id="text-orgheadline13"> <div class="outline-text-4" id="text-org26bdb18">
<p> <p>
On the Freedombone export your GPG public and private keys. On the Freedombone export your GPG public and private keys.
</p> </p>
@ -578,9 +662,9 @@ shred -zu ~/private_key.gpg
</div> </div>
</div> </div>
<div id="outline-container-orgheadline14" class="outline-4"> <div id="outline-container-org6232242" class="outline-4">
<h4 id="orgheadline14">Using for the first time</h4> <h4 id="org6232242">Using for the first time</h4>
<div class="outline-text-4" id="text-orgheadline14"> <div class="outline-text-4" id="text-org6232242">
<p> <p>
Click on the Thunderbird menu, which looks like three horizontal bars on the right hand side. Click on the Thunderbird menu, which looks like three horizontal bars on the right hand side.
</p> </p>
@ -615,9 +699,9 @@ Get into the habit of using email encryption and encourage others to do so. Rem
</div> </div>
</div> </div>
<div id="outline-container-orgheadline15" class="outline-4"> <div id="outline-container-org76969e1" class="outline-4">
<h4 id="orgheadline15">Making folders visible</h4> <h4 id="org76969e1">Making folders visible</h4>
<div class="outline-text-4" id="text-orgheadline15"> <div class="outline-text-4" id="text-org76969e1">
<p> <p>
By default you won't be able to see any folders which you may have created earlier using the <i>mailinglistrule</i> script. To make folders visible select: By default you won't be able to see any folders which you may have created earlier using the <i>mailinglistrule</i> script. To make folders visible select:
</p> </p>
@ -633,12 +717,12 @@ Make sure that "<b>show only subscribed folders</b>" is not checked. Then click
</div> </div>
</div> </div>
<div id="outline-container-orgheadline7" class="outline-2"> <div id="outline-container-org859f614" class="outline-2">
<h2 id="orgheadline7">K9 Android client</h2> <h2 id="org859f614">K9 Android client</h2>
<div class="outline-text-2" id="text-orgheadline7"> <div class="outline-text-2" id="text-org859f614">
</div><div id="outline-container-orgheadline16" class="outline-4"> </div><div id="outline-container-org38cc6da" class="outline-4">
<h4 id="orgheadline16">A point about GPG on Android</h4> <h4 id="org38cc6da">A point about GPG on Android</h4>
<div class="outline-text-4" id="text-orgheadline16"> <div class="outline-text-4" id="text-org38cc6da">
<p> <p>
Before trying to set up email on Android you may want to consider whether you really need to do this. Android (and its variants) is not a particularly secure operating system and whether or not you wish to store GPG keys on it depends on your threat model and in what situations you'll be using your device. Before trying to set up email on Android you may want to consider whether you really need to do this. Android (and its variants) is not a particularly secure operating system and whether or not you wish to store GPG keys on it depends on your threat model and in what situations you'll be using your device.
</p> </p>
@ -648,9 +732,9 @@ If you are going to use email on an Android device then ensure that you have ful
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline17" class="outline-4"> <div id="outline-container-org5d2163b" class="outline-4">
<h4 id="orgheadline17">Compiling the development version</h4> <h4 id="org5d2163b">Compiling the development version</h4>
<div class="outline-text-4" id="text-orgheadline17"> <div class="outline-text-4" id="text-org5d2163b">
<p> <p>
To get K9 working with Freedombone you'll need to install development versions of OpenKeychain and K9. At the time of writing the versions available in F-Droid do not support PGP/MIME or the "hidden recipient" feature of GPG. It is hoped that at some stage the patches will be integrated into the mainline or functionally equivalent changes made. Admittedly, this is not at all user friendly, but currently it's the only way to read Freedombone email on Android systems. To get K9 working with Freedombone you'll need to install development versions of OpenKeychain and K9. At the time of writing the versions available in F-Droid do not support PGP/MIME or the "hidden recipient" feature of GPG. It is hoped that at some stage the patches will be integrated into the mainline or functionally equivalent changes made. Admittedly, this is not at all user friendly, but currently it's the only way to read Freedombone email on Android systems.
</p> </p>
@ -856,9 +940,9 @@ Save and exit with <b>CTRL-o</b>, <b>CTRL-x</b>.
</div> </div>
</div> </div>
<div id="outline-container-orgheadline18" class="outline-4"> <div id="outline-container-org3c79dbd" class="outline-4">
<h4 id="orgheadline18">Import your GPG key into OpenKeychain</h4> <h4 id="org3c79dbd">Import your GPG key into OpenKeychain</h4>
<div class="outline-text-4" id="text-orgheadline18"> <div class="outline-text-4" id="text-org3c79dbd">
<p> <p>
With your device connected to a laptop via USB cable and with USB debugging enabled on it: With your device connected to a laptop via USB cable and with USB debugging enabled on it:
</p> </p>
@ -883,9 +967,9 @@ Then on your device select OpenKeychain and import your key from file.
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline19" class="outline-4"> <div id="outline-container-org5c95636" class="outline-4">
<h4 id="orgheadline19">Incoming server settings</h4> <h4 id="org5c95636">Incoming server settings</h4>
<div class="outline-text-4" id="text-orgheadline19"> <div class="outline-text-4" id="text-org5c95636">
<ul class="org-ul"> <ul class="org-ul">
<li>Select settings/account settings</li> <li>Select settings/account settings</li>
<li>Select Fetching mail/incoming server</li> <li>Select Fetching mail/incoming server</li>
@ -897,9 +981,9 @@ Then on your device select OpenKeychain and import your key from file.
</ul> </ul>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline20" class="outline-4"> <div id="outline-container-org86df7eb" class="outline-4">
<h4 id="orgheadline20">Outgoing (SMTP) server settings</h4> <h4 id="org86df7eb">Outgoing (SMTP) server settings</h4>
<div class="outline-text-4" id="text-orgheadline20"> <div class="outline-text-4" id="text-org86df7eb">
<ul class="org-ul"> <ul class="org-ul">
<li>Select settings/account settings</li> <li>Select settings/account settings</li>
<li>Select Sending mail/outgoing server</li> <li>Select Sending mail/outgoing server</li>
@ -912,9 +996,9 @@ Then on your device select OpenKeychain and import your key from file.
</ul> </ul>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline21" class="outline-4"> <div id="outline-container-org19bbf5d" class="outline-4">
<h4 id="orgheadline21">Crypto settings</h4> <h4 id="org19bbf5d">Crypto settings</h4>
<div class="outline-text-4" id="text-orgheadline21"> <div class="outline-text-4" id="text-org19bbf5d">
<p> <p>
Select <b>settings</b>, <b>Account settings</b>, <b>OpenKeychain</b> and then select your key and press <b>Allow</b>. You should now be able to decrypt emails by entering your GPG passphrase. Select <b>settings</b>, <b>Account settings</b>, <b>OpenKeychain</b> and then select your key and press <b>Allow</b>. You should now be able to decrypt emails by entering your GPG passphrase.
</p> </p>
@ -924,9 +1008,9 @@ You may also want to change the amount of time for which passwords are remembere
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline22" class="outline-4"> <div id="outline-container-orgb823df0" class="outline-4">
<h4 id="orgheadline22">Folders</h4> <h4 id="orgb823df0">Folders</h4>
<div class="outline-text-4" id="text-orgheadline22"> <div class="outline-text-4" id="text-orgb823df0">
<p> <p>
To view any new folders which you may have created using the <i>mailinglistrule</i> script from your inbox press the <b>K9 icon</b> at the top left to access folders, then press the <b>menu button</b> and select <b>refresh folder list</b>. To view any new folders which you may have created using the <i>mailinglistrule</i> script from your inbox press the <b>K9 icon</b> at the top left to access folders, then press the <b>menu button</b> and select <b>refresh folder list</b>.
</p> </p>
@ -938,9 +1022,9 @@ If your folder still doesn't show up then press the <b>menu button</b>, select <
</div> </div>
</div> </div>
<div id="outline-container-orgheadline8" class="outline-2"> <div id="outline-container-org0c0172c" class="outline-2">
<h2 id="orgheadline8">Subscribing to mailing lists</h2> <h2 id="org0c0172c">Subscribing to mailing lists</h2>
<div class="outline-text-2" id="text-orgheadline8"> <div class="outline-text-2" id="text-org0c0172c">
<p> <p>
To subscribe to a mailing list log in as your user (i.e. not the root user). To subscribe to a mailing list log in as your user (i.e. not the root user).
</p> </p>
@ -956,9 +1040,9 @@ Select <i>Administrator controls</i> then <b>Email filtering rules</b> then <b>A
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline9" class="outline-2"> <div id="outline-container-orga06b4bf" class="outline-2">
<h2 id="orgheadline9">Adding email addresses to a group/folder</h2> <h2 id="orga06b4bf">Adding email addresses to a group/folder</h2>
<div class="outline-text-2" id="text-orgheadline9"> <div class="outline-text-2" id="text-orga06b4bf">
<p> <p>
Similar to adding mailing list folders you can also add specified email addresses into a group/folder. Similar to adding mailing list folders you can also add specified email addresses into a group/folder.
</p> </p>
@ -974,9 +1058,9 @@ Select <i>Administrator controls</i> then <b>Email filtering rules</b> then <b>A
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline10" class="outline-2"> <div id="outline-container-orgd21a27d" class="outline-2">
<h2 id="orgheadline10">Ignoring incoming emails</h2> <h2 id="orgd21a27d">Ignoring incoming emails</h2>
<div class="outline-text-2" id="text-orgheadline10"> <div class="outline-text-2" id="text-orgd21a27d">
<p> <p>
It is possible to ignore incoming emails if they are from a particular email address or if the subject line contains particular text. It is possible to ignore incoming emails if they are from a particular email address or if the subject line contains particular text.
</p> </p>
@ -992,9 +1076,9 @@ Select <i>Administrator controls</i> then <b>Email filtering rules</b> then <b>B
</p> </p>
</div> </div>
</div> </div>
<div id="outline-container-orgheadline11" class="outline-2"> <div id="outline-container-org5310f10" class="outline-2">
<h2 id="orgheadline11">Your own mailing list</h2> <h2 id="org5310f10">Your own mailing list</h2>
<div class="outline-text-2" id="text-orgheadline11"> <div class="outline-text-2" id="text-org5310f10">
<p> <p>
If you want to set up a public mailing list then when installing the system remember to set the <b>PUBLIC_MAILING_LIST</b> variable within <b>freedombone.cfg</b> to the name of your list. The name should have no spaces in it. Public mailing lists are unencrypted so anyone will be able to read the contents, including non subscribers. If you want to set up a public mailing list then when installing the system remember to set the <b>PUBLIC_MAILING_LIST</b> variable within <b>freedombone.cfg</b> to the name of your list. The name should have no spaces in it. Public mailing lists are unencrypted so anyone will be able to read the contents, including non subscribers.
</p> </p>

View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head> <head>
<!-- 2016-04-10 Sun 20:05 --> <!-- 2016-08-08 Mon 17:20 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" /> <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title> <title></title>
@ -56,13 +56,96 @@
border: 1px solid black; border: 1px solid black;
} }
pre.src:hover:before { display: inline;} pre.src:hover:before { display: inline;}
pre.src-sh:before { content: 'sh'; } /* Languages per Org manual */
pre.src-bash:before { content: 'sh'; } pre.src-asymptote:before { content: 'Asymptote'; }
pre.src-awk:before { content: 'Awk'; }
pre.src-C:before { content: 'C'; }
/* pre.src-C++ doesn't work in CSS */
pre.src-clojure:before { content: 'Clojure'; }
pre.src-css:before { content: 'CSS'; }
pre.src-D:before { content: 'D'; }
pre.src-ditaa:before { content: 'ditaa'; }
pre.src-dot:before { content: 'Graphviz'; }
pre.src-calc:before { content: 'Emacs Calc'; }
pre.src-emacs-lisp:before { content: 'Emacs Lisp'; } pre.src-emacs-lisp:before { content: 'Emacs Lisp'; }
pre.src-R:before { content: 'R'; } pre.src-fortran:before { content: 'Fortran'; }
pre.src-perl:before { content: 'Perl'; } pre.src-gnuplot:before { content: 'gnuplot'; }
pre.src-java:before { content: 'Java'; } pre.src-haskell:before { content: 'Haskell'; }
pre.src-sql:before { content: 'SQL'; } pre.src-java:before { content: 'Java'; }
pre.src-js:before { content: 'Javascript'; }
pre.src-latex:before { content: 'LaTeX'; }
pre.src-ledger:before { content: 'Ledger'; }
pre.src-lisp:before { content: 'Lisp'; }
pre.src-lilypond:before { content: 'Lilypond'; }
pre.src-matlab:before { content: 'MATLAB'; }
pre.src-mscgen:before { content: 'Mscgen'; }
pre.src-ocaml:before { content: 'Objective Caml'; }
pre.src-octave:before { content: 'Octave'; }
pre.src-org:before { content: 'Org mode'; }
pre.src-oz:before { content: 'OZ'; }
pre.src-plantuml:before { content: 'Plantuml'; }
pre.src-processing:before { content: 'Processing.js'; }
pre.src-python:before { content: 'Python'; }
pre.src-R:before { content: 'R'; }
pre.src-ruby:before { content: 'Ruby'; }
pre.src-sass:before { content: 'Sass'; }
pre.src-scheme:before { content: 'Scheme'; }
pre.src-screen:before { content: 'Gnu Screen'; }
pre.src-sed:before { content: 'Sed'; }
pre.src-sh:before { content: 'shell'; }
pre.src-sql:before { content: 'SQL'; }
pre.src-sqlite:before { content: 'SQLite'; }
/* additional languages in org.el's org-babel-load-languages alist */
pre.src-forth:before { content: 'Forth'; }
pre.src-io:before { content: 'IO'; }
pre.src-J:before { content: 'J'; }
pre.src-makefile:before { content: 'Makefile'; }
pre.src-maxima:before { content: 'Maxima'; }
pre.src-perl:before { content: 'Perl'; }
pre.src-picolisp:before { content: 'Pico Lisp'; }
pre.src-scala:before { content: 'Scala'; }
pre.src-shell:before { content: 'Shell Script'; }
pre.src-ebnf2ps:before { content: 'ebfn2ps'; }
/* additional language identifiers per "defun org-babel-execute"
in ob-*.el */
pre.src-cpp:before { content: 'C++'; }
pre.src-abc:before { content: 'ABC'; }
pre.src-coq:before { content: 'Coq'; }
pre.src-groovy:before { content: 'Groovy'; }
/* additional language identifiers from org-babel-shell-names in
ob-shell.el: ob-shell is the only babel language using a lambda to put
the execution function name together. */
pre.src-bash:before { content: 'bash'; }
pre.src-csh:before { content: 'csh'; }
pre.src-ash:before { content: 'ash'; }
pre.src-dash:before { content: 'dash'; }
pre.src-ksh:before { content: 'ksh'; }
pre.src-mksh:before { content: 'mksh'; }
pre.src-posh:before { content: 'posh'; }
/* Additional Emacs modes also supported by the LaTeX listings package */
pre.src-ada:before { content: 'Ada'; }
pre.src-asm:before { content: 'Assembler'; }
pre.src-caml:before { content: 'Caml'; }
pre.src-delphi:before { content: 'Delphi'; }
pre.src-html:before { content: 'HTML'; }
pre.src-idl:before { content: 'IDL'; }
pre.src-mercury:before { content: 'Mercury'; }
pre.src-metapost:before { content: 'MetaPost'; }
pre.src-modula-2:before { content: 'Modula-2'; }
pre.src-pascal:before { content: 'Pascal'; }
pre.src-ps:before { content: 'PostScript'; }
pre.src-prolog:before { content: 'Prolog'; }
pre.src-simula:before { content: 'Simula'; }
pre.src-tcl:before { content: 'tcl'; }
pre.src-tex:before { content: 'TeX'; }
pre.src-plain-tex:before { content: 'Plain TeX'; }
pre.src-verilog:before { content: 'Verilog'; }
pre.src-vhdl:before { content: 'VHDL'; }
pre.src-xml:before { content: 'XML'; }
pre.src-nxml:before { content: 'XML'; }
/* add a generic configuration mode; LaTeX export needs an additional
(add-to-list 'org-latex-listings-langs '(conf " ")) in .emacs */
pre.src-conf:before { content: 'Configuration File'; }
table { border-collapse:collapse; } table { border-collapse:collapse; }
caption.t-above { caption-side: top; } caption.t-above { caption-side: top; }
@ -95,6 +178,7 @@
{ font-size: 10px; font-weight: bold; white-space: nowrap; } { font-size: 10px; font-weight: bold; white-space: nowrap; }
.org-info-js_search-highlight .org-info-js_search-highlight
{ background-color: #ffff00; color: #000000; font-weight: bold; } { background-color: #ffff00; color: #000000; font-weight: bold; }
.org-svg { width: 90%; }
/*]]>*/--> /*]]>*/-->
</style> </style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" /> <link rel="stylesheet" type="text/css" href="solarized-light.css" />