free
/
freedomboneeee
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove solarized css 

Turns out this contained insecure Google fonts
This commit is contained in:
Bob Mottram 2016-08-08 17:42:34 +01:00
parent 5a2cfcec2a
commit f2a8fa194a
30 changed files with 613 additions and 1219 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/EN/backups.org
View File

@ -4,7 +4,7 @@
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="solarized-light.css" />
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]

2
doc/EN/code.org
View File

@ -4,7 +4,7 @@
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="solarized-light.css" />
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]

2
doc/EN/controlpanel.org
View File

@ -4,7 +4,7 @@
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Control Panel
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="solarized-light.css" />
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]

2
doc/EN/faq.org
View File

@ -4,7 +4,7 @@
#+KEYWORDS: freedombox, debian, beaglebone, hubzilla, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Frequently asked questions
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="solarized-light.css" />
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]

2
doc/EN/index.org
View File

@ -4,7 +4,7 @@
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="solarized-light.css" />
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]

2
doc/EN/installation.org
View File

@ -4,7 +4,7 @@
#+KEYWORDS: freedombox, debian, beaglebone, hubzilla, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="solarized-light.css" />
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]

2
doc/EN/mesh.org
View File

@ -4,7 +4,7 @@
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="solarized-light.css" />
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]

2
doc/EN/mirrors.org
View File

@ -4,7 +4,7 @@
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Mirroring git repositories
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="solarized-light.css" />
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]

2
doc/EN/mobile.org
View File

@ -4,7 +4,7 @@
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="solarized-light.css" />
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]

2
doc/EN/related.org
View File

@ -4,7 +4,7 @@
#+KEYWORDS: freedombox, debian, beaglebone, hubzilla, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="solarized-light.css" />
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]

2
doc/EN/support.org
View File

@ -4,7 +4,7 @@
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="solarized-light.css" />
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]

2
doc/EN/usage.org
View File

@ -4,7 +4,7 @@
#+KEYWORDS: freedombox, debian, beaglebone, hubzilla, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="solarized-light.css" />
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]

2
doc/EN/usage_email.org
View File

@ -4,7 +4,7 @@
#+KEYWORDS: freedombox, debian, beaglebone, hubzilla, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="solarized-light.css" />
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]

2
doc/EN/variants.org
View File

@ -4,7 +4,7 @@
#+KEYWORDS: freedombox, debian, beaglebone, red matrix, email, web server, home server, internet, censorship, surveillance, social network, irc, jabber
#+DESCRIPTION: Turn the Beaglebone Black into a personal communications server
#+OPTIONS: ^:nil toc:nil
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="solarized-light.css" />
#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="freedombone.css" />
#+BEGIN_CENTER
[[file:images/logo.png]]

56
website/EN/backups.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-08-08 Mon 17:16 -->
<!-- 2016-08-08 Mon 17:40 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
@ -181,7 +181,7 @@
.org-svg { width: 90%; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" />
<link rel="stylesheet" type="text/css" href="freedombone.css" />
<script type="text/javascript">
/*
@licstart The following is the entire license notice for the
@ -255,31 +255,31 @@ for the JavaScript code in this tag.
</colgroup>
<tbody>
<tr>
<td class="org-left"><a href="#org4907e41">Backup keys</a></td>
<td class="org-left"><a href="#org52799f3">Backup keys</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgf34d4c2">Backup to USB</a></td>
<td class="org-left"><a href="#org1ecf17e">Backup to USB</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org462e852">Restore from USB</a></td>
<td class="org-left"><a href="#org2b2e626">Restore from USB</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgd061e2e">Distributed/remote backups</a></td>
<td class="org-left"><a href="#orgeaba0aa">Distributed/remote backups</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org7e9b4a7">Restore from a friend</a></td>
<td class="org-left"><a href="#org287c635">Restore from a friend</a></td>
</tr>
</tbody>
</table>
</div>
<div id="outline-container-org4907e41" class="outline-2">
<h2 id="org4907e41">Backup keys</h2>
<div class="outline-text-2" id="text-org4907e41">
<div id="outline-container-org52799f3" class="outline-2">
<h2 id="org52799f3">Backup keys</h2>
<div class="outline-text-2" id="text-org52799f3">
<p>
As part of the Freedombone installation the GPG key used to encrypt backups will have been added to the <i>.gnupg</i> keyring in your home directory. Ensure that you have a copy of all your keys by plugging in a LUKS encrypted USB drive and then running the commands:
</p>
@ -303,9 +303,9 @@ A pro-tip for the best possible security is to create multiple USB drives contai
</p>
</div>
</div>
<div id="outline-container-orgf34d4c2" class="outline-2">
<h2 id="orgf34d4c2">Backup to USB</h2>
<div class="outline-text-2" id="text-orgf34d4c2">
<div id="outline-container-org1ecf17e" class="outline-2">
<h2 id="org1ecf17e">Backup to USB</h2>
<div class="outline-text-2" id="text-org1ecf17e">
<p>
First and foremost - <b>encrypt your USB drives</b>! Even if you think you have "<i>nothing to hide</i>" if you accidentally lose a USB thumb drive (it's easy to lose small objects) and it's not encrypted then potentially someone might be able to obtain enough information about you to commit identity fraud, take out loans, open bank accounts, etc. Use LUKS encryption. In Ubuntu you can do this using the <i>Disk Utility</i> application. Some instructions <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">can be found here</a>.
</p>
@ -337,9 +337,9 @@ When the backup ends remove the USB drive and keep it somewhere safe. Even if it
</p>
</div>
</div>
<div id="outline-container-org462e852" class="outline-2">
<h2 id="org462e852">Restore from USB</h2>
<div class="outline-text-2" id="text-org462e852">
<div id="outline-container-org2b2e626" class="outline-2">
<h2 id="org2b2e626">Restore from USB</h2>
<div class="outline-text-2" id="text-org2b2e626">
<p>
Log into the system and become the root user:
</p>
@ -363,9 +363,9 @@ Enter the LUKS password for the USB drive. When the restore is complete you can
</p>
</div>
</div>
<div id="outline-container-orgd061e2e" class="outline-2">
<h2 id="orgd061e2e">Distributed/remote backups</h2>
<div class="outline-text-2" id="text-orgd061e2e">
<div id="outline-container-orgeaba0aa" class="outline-2">
<h2 id="orgeaba0aa">Distributed/remote backups</h2>
<div class="outline-text-2" id="text-orgeaba0aa">
<p>
Distributed backups are a better way of ensuring the persistence of your data, such that even if your system gets stolen or destroyed then the data will still be recoverable from your friends. Since the backups are encrypted your friends (or anyone else with access to their systems) won't be able to read your backed up content even if their systems are subsequently compromised.
</p>
@ -389,12 +389,12 @@ You can then enter the usernames, domains and ssh logins for one or more remote
</p>
</div>
</div>
<div id="outline-container-org7e9b4a7" class="outline-2">
<h2 id="org7e9b4a7">Restore from a friend</h2>
<div class="outline-text-2" id="text-org7e9b4a7">
</div><div id="outline-container-org50e5958" class="outline-3">
<h3 id="org50e5958">With a completely new Freedombone installation</h3>
<div class="outline-text-3" id="text-org50e5958">
<div id="outline-container-org287c635" class="outline-2">
<h2 id="org287c635">Restore from a friend</h2>
<div class="outline-text-2" id="text-org287c635">
</div><div id="outline-container-org5425985" class="outline-3">
<h3 id="org5425985">With a completely new Freedombone installation</h3>
<div class="outline-text-3" id="text-org5425985">
<p>
This is the ultimate disaster recovery scenario in which you are beginning completely from scratch with new hardware and a new Freedombone installation (configured with the same username and domain names). It is assumed that the old hardware was destroyed, but that you have the backup key stored on a USB thumb drive.
</p>
@ -422,9 +422,9 @@ Finally select <i>Restore from remote backup</i> and enter the domain name of th
</p>
</div>
</div>
<div id="outline-container-org76d9030" class="outline-3">
<h3 id="org76d9030">On an existing Freedombone installation</h3>
<div class="outline-text-3" id="text-org76d9030">
<div id="outline-container-org0266761" class="outline-3">
<h3 id="org0266761">On an existing Freedombone installation</h3>
<div class="outline-text-3" id="text-org0266761">
<p>
This is for more common situations in which maybe some data became corrupted and you want to restore it.
</p>

4
website/EN/code.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-08-08 Mon 17:19 -->
<!-- 2016-08-08 Mon 17:40 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
@ -181,7 +181,7 @@
.org-svg { width: 90%; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" />
<link rel="stylesheet" type="text/css" href="freedombone.css" />
<script type="text/javascript">
/*
@licstart The following is the entire license notice for the

92
website/EN/controlpanel.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-08-08 Mon 17:19 -->
<!-- 2016-08-08 Mon 17:40 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
@ -181,7 +181,7 @@
.org-svg { width: 90%; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" />
<link rel="stylesheet" type="text/css" href="freedombone.css" />
<script type="text/javascript">
/*
@licstart The following is the entire license notice for the
@ -254,54 +254,54 @@ for the JavaScript code in this tag.
</colgroup>
<tbody>
<tr>
<td class="org-left"><a href="#org5b9a404">Main menu</a></td>
<td class="org-left"><a href="#org7798388">Main menu</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orge6a192d">User control panel</a></td>
<td class="org-left"><a href="#org7446ce9">User control panel</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org36307fe">About screen</a></td>
<td class="org-left"><a href="#orgc745e55">About screen</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org802b84b">Email filtering rules</a></td>
<td class="org-left"><a href="#org16f8c7c">Email filtering rules</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org8311261">Hubzilla menu</a></td>
<td class="org-left"><a href="#org885866f">Hubzilla menu</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orge818a90">IRC menu</a></td>
<td class="org-left"><a href="#orgc9ffd23">IRC menu</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org38dc9e7">Media menu</a></td>
<td class="org-left"><a href="#org328e16d">Media menu</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org69caf17">Repository mirrors</a></td>
<td class="org-left"><a href="#org2236307">Repository mirrors</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org9d94b93">Backup and restore menu</a></td>
<td class="org-left"><a href="#org8a8afac">Backup and restore menu</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgf5b1503">Security menu</a></td>
<td class="org-left"><a href="#org849e095">Security menu</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orge4d717e">User management menu</a></td>
<td class="org-left"><a href="#org96186b7">User management menu</a></td>
</tr>
</tbody>
</table>
<div id="outline-container-org5b9a404" class="outline-2">
<h2 id="org5b9a404">Main menu</h2>
<div class="outline-text-2" id="text-org5b9a404">
<div id="outline-container-org7798388" class="outline-2">
<h2 id="org7798388">Main menu</h2>
<div class="outline-text-2" id="text-org7798388">
<p>
You can access the main menu by logging into the system.
</p>
@ -334,9 +334,9 @@ To select anythng on the control panel use the <b>up and down</b> cursor keys an
</div>
</div>
<div id="outline-container-orge6a192d" class="outline-2">
<h2 id="orge6a192d">User control panel</h2>
<div class="outline-text-2" id="text-orge6a192d">
<div id="outline-container-org7446ce9" class="outline-2">
<h2 id="org7446ce9">User control panel</h2>
<div class="outline-text-2" id="text-org7446ce9">
<p>
When a user initially logs in they will see a version of the control panel with restricted options aimed at the kinds of things which someone who isn't the administrator might wish to do. An expected scenario is that you might have a few friends or family members on the system, and this is who this menu is intended for.
</p>
@ -358,9 +358,9 @@ It's also possible for the user to define email filtering rules, add a ssh publi
</p>
</div>
</div>
<div id="outline-container-org36307fe" class="outline-2">
<h2 id="org36307fe">About screen</h2>
<div class="outline-text-2" id="text-org36307fe">
<div id="outline-container-orgc745e55" class="outline-2">
<h2 id="orgc745e55">About screen</h2>
<div class="outline-text-2" id="text-orgc745e55">
<p>
To find out your current domain names select the About screen from the main menu. This is especially useful for finding your onion addresses. For improved security by compartmentalisation, and also simpler implementation, each application has its own onion address.
</p>
@ -383,9 +383,9 @@ The Local Mirrors contains mirrored copies of the git repositories used by the s
</div>
</div>
<div id="outline-container-org802b84b" class="outline-2">
<h2 id="org802b84b">Email filtering rules</h2>
<div class="outline-text-2" id="text-org802b84b">
<div id="outline-container-org16f8c7c" class="outline-2">
<h2 id="org16f8c7c">Email filtering rules</h2>
<div class="outline-text-2" id="text-org16f8c7c">
<p>
You can add users to mailing lists, or block particular email addresses or subject lines in this menu.
</p>
@ -400,9 +400,9 @@ You can add users to mailing lists, or block particular email addresses or subje
</div>
</div>
<div id="outline-container-org8311261" class="outline-2">
<h2 id="org8311261">Hubzilla menu</h2>
<div class="outline-text-2" id="text-org8311261">
<div id="outline-container-org885866f" class="outline-2">
<h2 id="org885866f">Hubzilla menu</h2>
<div class="outline-text-2" id="text-org885866f">
<p>
This allows you to set the global directory location and obtain an SSL/TLS certificate if necessary.
</p>
@ -417,9 +417,9 @@ This allows you to set the global directory location and obtain an SSL/TLS certi
</div>
</div>
<div id="outline-container-orge818a90" class="outline-2">
<h2 id="orge818a90">IRC menu</h2>
<div class="outline-text-2" id="text-orge818a90">
<div id="outline-container-orgc9ffd23" class="outline-2">
<h2 id="orgc9ffd23">IRC menu</h2>
<div class="outline-text-2" id="text-orgc9ffd23">
<p>
You can view the current IRC password or change it from here. Currently the IRC server does not work equally well on clrearnet and via Tor, so there is an option to switch from one to the other. Initially the IRC server will be running on clearnet (i.e. no onion routing).
</p>
@ -434,9 +434,9 @@ You can view the current IRC password or change it from here. Currently the IRC
</div>
</div>
<div id="outline-container-org38dc9e7" class="outline-2">
<h2 id="org38dc9e7">Media menu</h2>
<div class="outline-text-2" id="text-org38dc9e7">
<div id="outline-container-org328e16d" class="outline-2">
<h2 id="org328e16d">Media menu</h2>
<div class="outline-text-2" id="text-org328e16d">
<p>
It's possible to add playable media to a USB drive and plug it into the system, then make it accessible to other devices such as tablets or phones on your local network via DLNA.
</p>
@ -451,9 +451,9 @@ It's possible to add playable media to a USB drive and plug it into the system,
</div>
</div>
<div id="outline-container-org69caf17" class="outline-2">
<h2 id="org69caf17">Repository mirrors</h2>
<div class="outline-text-2" id="text-org69caf17">
<div id="outline-container-org2236307" class="outline-2">
<h2 id="org2236307">Repository mirrors</h2>
<div class="outline-text-2" id="text-org2236307">
<p>
If you don't want to use the default repositories, or don't have access to them, then you can obtain them from another Freedombone server (the details can be found on the other server on the <b>About</b> screen of the control panel).
</p>
@ -468,9 +468,9 @@ If you don't want to use the default repositories, or don't have access to them,
</div>
</div>
<div id="outline-container-org9d94b93" class="outline-2">
<h2 id="org9d94b93">Backup and restore menu</h2>
<div class="outline-text-2" id="text-org9d94b93">
<div id="outline-container-org8a8afac" class="outline-2">
<h2 id="org8a8afac">Backup and restore menu</h2>
<div class="outline-text-2" id="text-org8a8afac">
<p>
You can create backups or restore from backup here. It's also possible to create keydrives which store the backup key.
</p>
@ -485,9 +485,9 @@ You can create backups or restore from backup here. It's also possible to create
</div>
</div>
<div id="outline-container-orgf5b1503" class="outline-2">
<h2 id="orgf5b1503">Security menu</h2>
<div class="outline-text-2" id="text-orgf5b1503">
<div id="outline-container-org849e095" class="outline-2">
<h2 id="org849e095">Security menu</h2>
<div class="outline-text-2" id="text-org849e095">
<p>
If you need to generate SSL/TLS certificates or change cypher details due to changing recommendations then you can do that here. If you are changing cypher details be extra careful not to make mistakes/typos, which could reduce the security of your system.
</p>
@ -502,9 +502,9 @@ If you need to generate SSL/TLS certificates or change cypher details due to cha
</div>
</div>
<div id="outline-container-orge4d717e" class="outline-2">
<h2 id="orge4d717e">User management menu</h2>
<div class="outline-text-2" id="text-orge4d717e">
<div id="outline-container-org96186b7" class="outline-2">
<h2 id="org96186b7">User management menu</h2>
<div class="outline-text-2" id="text-org96186b7">
<p>
Users can be added or removed here.
</p>

182
website/EN/faq.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-08-08 Mon 17:19 -->
<!-- 2016-08-08 Mon 17:40 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
@ -181,7 +181,7 @@
.org-svg { width: 90%; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" />
<link rel="stylesheet" type="text/css" href="freedombone.css" />
<script type="text/javascript">
/*
@licstart The following is the entire license notice for the
@ -255,19 +255,19 @@ for the JavaScript code in this tag.
</colgroup>
<tbody>
<tr>
<td class="org-left"><a href="#orgb7c1e53">I don't have a static IP address. Can I still install this system?</a></td>
<td class="org-left"><a href="#orgbafd579">I don't have a static IP address. Can I still install this system?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org3d1a6d8">Why not support building images for Raspberry Pi?</a></td>
<td class="org-left"><a href="#orged19012">Why not support building images for Raspberry Pi?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org65dd2d0">Why use Github?</a></td>
<td class="org-left"><a href="#org74026c6">Why use Github?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgc71a5ba">Keys and emails should not be stored on servers. Why do you do that?</a></td>
<td class="org-left"><a href="#org126e23e">Keys and emails should not be stored on servers. Why do you do that?</a></td>
</tr>
<tr>
@ -275,83 +275,83 @@ for the JavaScript code in this tag.
</tr>
<tr>
<td class="org-left"><a href="#org61177cd">Why can't I access my .onion site with a Tor browser?</a></td>
<td class="org-left"><a href="#org75cce91">Why can't I access my .onion site with a Tor browser?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org9deac95">What is the best hardware to run this system on?</a></td>
<td class="org-left"><a href="#org4467c4b">What is the best hardware to run this system on?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orge432828">Can I add more users to the system?</a></td>
<td class="org-left"><a href="#orgde22f15">Can I add more users to the system?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orge80f248">Why not use Signal for mobile chat?</a></td>
<td class="org-left"><a href="#orgb072290">Why not use Signal for mobile chat?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orga13aa35">What is the most secure chat app to use on mobile?</a></td>
<td class="org-left"><a href="#orgb0c8f93">What is the most secure chat app to use on mobile?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgec94b45">How do I remove a user from the system?</a></td>
<td class="org-left"><a href="#org2c67925">How do I remove a user from the system?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org2de3b9e">How do I reset the tripwire?</a></td>
<td class="org-left"><a href="#org041ea91">How do I reset the tripwire?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org73d8767">Is metadata protected?</a></td>
<td class="org-left"><a href="#org6d6be47">Is metadata protected?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orge102a24">How do I create email processing rules?</a></td>
<td class="org-left"><a href="#orgd314d7e">How do I create email processing rules?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org712b605">Why isn't dynamic DNS working?</a></td>
<td class="org-left"><a href="#orgeb0289a">Why isn't dynamic DNS working?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org3822e27">How do I change my encryption settings?</a></td>
<td class="org-left"><a href="#org281e534">How do I change my encryption settings?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgea6d6d2">How do I get a domain name?</a></td>
<td class="org-left"><a href="#org228d836">How do I get a domain name?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org3b6d8b4">How do I get a "real" SSL/TLS/HTTPS certificate?</a></td>
<td class="org-left"><a href="#org936141c">How do I get a "real" SSL/TLS/HTTPS certificate?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgabe05bb">How do I renew a Let's Encrypt certificate?</a></td>
<td class="org-left"><a href="#orgbe98840">How do I renew a Let's Encrypt certificate?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org4e0c7bc">I tried to renew a Let's Encrypt certificate and it failed. What should I do?</a></td>
<td class="org-left"><a href="#org1c5192f">I tried to renew a Let's Encrypt certificate and it failed. What should I do?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org84e7119">Why use self-signed certificates?</a></td>
<td class="org-left"><a href="#org5b7491f">Why use self-signed certificates?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org3376bf8">Why not use the services of $company instead? They took the Seppuku pledge</a></td>
<td class="org-left"><a href="#org6fd1027">Why not use the services of $company instead? They took the Seppuku pledge</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org2a57f9c">Why does my email keep getting rejected as spam by Gmail/etc?</a></td>
<td class="org-left"><a href="#org260d8cc">Why does my email keep getting rejected as spam by Gmail/etc?</a></td>
</tr>
</tbody>
</table>
</div>
<div id="outline-container-orgb7c1e53" class="outline-2">
<h2 id="orgb7c1e53">I don't have a static IP address. Can I still install this system?</h2>
<div class="outline-text-2" id="text-orgb7c1e53">
<div id="outline-container-orgbafd579" class="outline-2">
<h2 id="orgbafd579">I don't have a static IP address. Can I still install this system?</h2>
<div class="outline-text-2" id="text-orgbafd579">
<p>
Yes. The minimum requirements are to have some hardware that you can install Debian onto and also that you have administrator access to your internet router so that you can forward ports to the system which has Freedombone installed.
</p>
@ -361,9 +361,9 @@ The lack of a static IP address can be worked around by using a dynamic DNS serv
</p>
</div>
</div>
<div id="outline-container-org3d1a6d8" class="outline-2">
<h2 id="org3d1a6d8">Why not support building images for Raspberry Pi?</h2>
<div class="outline-text-2" id="text-org3d1a6d8">
<div id="outline-container-orged19012" class="outline-2">
<h2 id="orged19012">Why not support building images for Raspberry Pi?</h2>
<div class="outline-text-2" id="text-orged19012">
<p>
The FreedomBox project supports Raspberry Pi builds, and the image build system for Freedombone is based on the same system. However, although the Raspberry Pi can run a version of Debian it requires a closed proprietary blob in order to boot the hardware. Who knows what that blob might contain or what exploits it could facilitate. From an adversarial point of view if you were trying to deliver "bulk equipment interference" then it doesn't get any better than piggybacking on something which has control of the boot process, and hence all subsequently run processes.
</p>
@ -373,9 +373,9 @@ So although the Raspberry Pi is cheap and hugely popular it's not supported by t
</p>
</div>
</div>
<div id="outline-container-org65dd2d0" class="outline-2">
<h2 id="org65dd2d0">Why use Github?</h2>
<div class="outline-text-2" id="text-org65dd2d0">
<div id="outline-container-org74026c6" class="outline-2">
<h2 id="org74026c6">Why use Github?</h2>
<div class="outline-text-2" id="text-org74026c6">
<p>
Github is paradoxically a centralized, closed and proprietary system which happens to mostly host free and open source projects. Up until now it has been relatively benign, but at some point in the name of "growth" it will likely start becoming more evil, or just become like SourceForge - which was also once much loved by FOSS developers, but turned into a den of malvertizing.
</p>
@ -393,9 +393,9 @@ Currently many of the repositories used for applications which are not yet packa
</p>
</div>
</div>
<div id="outline-container-orgc71a5ba" class="outline-2">
<h2 id="orgc71a5ba">Keys and emails should not be stored on servers. Why do you do that?</h2>
<div class="outline-text-2" id="text-orgc71a5ba">
<div id="outline-container-org126e23e" class="outline-2">
<h2 id="org126e23e">Keys and emails should not be stored on servers. Why do you do that?</h2>
<div class="outline-text-2" id="text-org126e23e">
<p>
Ordinarily this is good advice. However, the threat model for a device in your home is different from the one for a generic server in a massive warehouse. Compare and contrast:
</p>
@ -453,17 +453,17 @@ In the home environment a box with a good firewall and no GUI components install
</div>
</div>
<div id="outline-container-org61177cd" class="outline-2">
<h2 id="org61177cd">Why can't I access my .onion site with a Tor browser?</h2>
<div class="outline-text-2" id="text-org61177cd">
<div id="outline-container-org75cce91" class="outline-2">
<h2 id="org75cce91">Why can't I access my .onion site with a Tor browser?</h2>
<div class="outline-text-2" id="text-org75cce91">
<p>
Probably you need to add the site to the NoScript whitelist. Typically click/press on the noscript icon (or select from the menu on mobile) then select <i>whitelist</i> and add the site URL. You may also need to disable HTTPS Everywhere when using onion addresses, which don't use https.
</p>
</div>
</div>
<div id="outline-container-org9deac95" class="outline-2">
<h2 id="org9deac95">What is the best hardware to run this system on?</h2>
<div class="outline-text-2" id="text-org9deac95">
<div id="outline-container-org4467c4b" class="outline-2">
<h2 id="org4467c4b">What is the best hardware to run this system on?</h2>
<div class="outline-text-2" id="text-org4467c4b">
<p>
It was originally designed to run on the Beaglebone Black, but that should be regarded as the most minimal system, because it's single core and has by today's standards a small amount of memory. Obviously the more powerful the hardware is the faster things like web pages (blog, social networking, etc) will be served but the more electricity such a system will require if you're running it 24/7. A good compromise between performance and energy consumption is something like an old netbook. The battery of an old netbook or laptop even gives you <a href="https://en.wikipedia.org/wiki/Uninterruptible_power_supply">UPS capability</a> to keep the system going during brief power outages or cable re-arrangements, and that means using full disk encryption on the server also becomes more practical.
</p>
@ -473,9 +473,9 @@ It was originally designed to run on the Beaglebone Black, but that should be re
</p>
</div>
</div>
<div id="outline-container-orge432828" class="outline-2">
<h2 id="orge432828">Can I add more users to the system?</h2>
<div class="outline-text-2" id="text-orge432828">
<div id="outline-container-orgde22f15" class="outline-2">
<h2 id="orgde22f15">Can I add more users to the system?</h2>
<div class="outline-text-2" id="text-orgde22f15">
<p>
Yes. Freedombone can support a small number of users, for a "<i>friends and family</i>" type of home installation. This gives them access to an email account, XMPP, SIP phone and the blog (depending on whether the variant which you installed includes those).
</p>
@ -499,9 +499,9 @@ Another point is that Freedombone installations are not intended to support many
</p>
</div>
</div>
<div id="outline-container-orge80f248" class="outline-2">
<h2 id="orge80f248">Why not use Signal for mobile chat?</h2>
<div class="outline-text-2" id="text-orge80f248">
<div id="outline-container-orgb072290" class="outline-2">
<h2 id="orgb072290">Why not use Signal for mobile chat?</h2>
<div class="outline-text-2" id="text-orgb072290">
<p>
Celebrities recommend Signal. It's Free Software so it must be good, right?
</p>
@ -522,9 +522,9 @@ To give credit where it's due Signal is good, but it could be a lot better. The
</p>
</div>
</div>
<div id="outline-container-orga13aa35" class="outline-2">
<h2 id="orga13aa35">What is the most secure chat app to use on mobile?</h2>
<div class="outline-text-2" id="text-orga13aa35">
<div id="outline-container-orgb0c8f93" class="outline-2">
<h2 id="orgb0c8f93">What is the most secure chat app to use on mobile?</h2>
<div class="outline-text-2" id="text-orgb0c8f93">
<p>
On mobile there are various options. The apps which are likely to be most secure are ones which have end-to-end encryption enabled by default and which can also be onion routed via Orbot. End-to-end encryption secures the content of the message and onion routing obscures the metadata, making it hard for a passive adversary to know who is communicating with who.
</p>
@ -534,13 +534,13 @@ The current safest way to chat is to use <a href="https://conversations.im/">Con
</p>
<p>
There are many <a href="#orge80f248">other fashionable chat apps</a> with end-to-end security, but often they are closed source, have a single central server or can't be onion routed. It's also important to remember that closed source chat apps should be assumed to be untrustworthy, since their security cannot be independently verified.
There are many <a href="#orgb072290">other fashionable chat apps</a> with end-to-end security, but often they are closed source, have a single central server or can't be onion routed. It's also important to remember that closed source chat apps should be assumed to be untrustworthy, since their security cannot be independently verified.
</p>
</div>
</div>
<div id="outline-container-orgec94b45" class="outline-2">
<h2 id="orgec94b45">How do I remove a user from the system?</h2>
<div class="outline-text-2" id="text-orgec94b45">
<div id="outline-container-org2c67925" class="outline-2">
<h2 id="org2c67925">How do I remove a user from the system?</h2>
<div class="outline-text-2" id="text-org2c67925">
<p>
To remove a user:
</p>
@ -556,9 +556,9 @@ Select <i>Administrator controls</i> then <i>Manage Users</i> and then <i>Delete
</p>
</div>
</div>
<div id="outline-container-org2de3b9e" class="outline-2">
<h2 id="org2de3b9e">How do I reset the tripwire?</h2>
<div class="outline-text-2" id="text-org2de3b9e">
<div id="outline-container-org041ea91" class="outline-2">
<h2 id="org041ea91">How do I reset the tripwire?</h2>
<div class="outline-text-2" id="text-org041ea91">
<p>
The tripwire will be automatically reset once per week. If you want to reset it earlier then do the following:
</p>
@ -574,9 +574,9 @@ Select <i>Administrator controls</i> then "reset tripwire" using cursors and spa
</p>
</div>
</div>
<div id="outline-container-org73d8767" class="outline-2">
<h2 id="org73d8767">Is metadata protected?</h2>
<div class="outline-text-2" id="text-org73d8767">
<div id="outline-container-org6d6be47" class="outline-2">
<h2 id="org6d6be47">Is metadata protected?</h2>
<div class="outline-text-2" id="text-org6d6be47">
<blockquote>
<p>
"<i>We kill people based on metadata</i>"
@ -592,9 +592,9 @@ Even when using Freedombone metadata analysis by third parties is still possible
</p>
</div>
</div>
<div id="outline-container-orge102a24" class="outline-2">
<h2 id="orge102a24">How do I create email processing rules?</h2>
<div class="outline-text-2" id="text-orge102a24">
<div id="outline-container-orgd314d7e" class="outline-2">
<h2 id="orgd314d7e">How do I create email processing rules?</h2>
<div class="outline-text-2" id="text-orgd314d7e">
<div class="org-src-container">
<pre class="src src-bash">ssh username@domainname -p 2222
@ -651,9 +651,9 @@ Spamassassin is also available and within Mutt you can use the S (shift+s) key t
</p>
</div>
</div>
<div id="outline-container-org712b605" class="outline-2">
<h2 id="org712b605">Why isn't dynamic DNS working?</h2>
<div class="outline-text-2" id="text-org712b605">
<div id="outline-container-orgeb0289a" class="outline-2">
<h2 id="orgeb0289a">Why isn't dynamic DNS working?</h2>
<div class="outline-text-2" id="text-orgeb0289a">
<p>
If you run the command:
</p>
@ -678,9 +678,9 @@ https://www.privateinternetaccess.com/pages/whats-my-ip/
</div>
</div>
<div id="outline-container-org3822e27" class="outline-2">
<h2 id="org3822e27">How do I change my encryption settings?</h2>
<div class="outline-text-2" id="text-org3822e27">
<div id="outline-container-org281e534" class="outline-2">
<h2 id="org281e534">How do I change my encryption settings?</h2>
<div class="outline-text-2" id="text-org281e534">
<p>
Suppose that some new encryption vulnerability has been announced and that you need to change your encryption settings. Maybe an algorithm thought to be secure is now no longer so and you need to remove it. You can change your settings by doing the following:
</p>
@ -696,9 +696,9 @@ Select <i>Administrator controls</i> then select <i>Security Settings</i>. You w
</p>
</div>
</div>
<div id="outline-container-orgea6d6d2" class="outline-2">
<h2 id="orgea6d6d2">How do I get a domain name?</h2>
<div class="outline-text-2" id="text-orgea6d6d2">
<div id="outline-container-org228d836" class="outline-2">
<h2 id="org228d836">How do I get a domain name?</h2>
<div class="outline-text-2" id="text-org228d836">
<p>
Suppose that you have bought a domain name (rather than using a free subdomain on freedns) and you want to use that instead.
</p>
@ -766,9 +766,9 @@ You should now be able to send an email from <i>postmaster@mynewdomainname</i> a
</div>
</div>
<div id="outline-container-org3b6d8b4" class="outline-2">
<h2 id="org3b6d8b4">How do I get a "real" SSL/TLS/HTTPS certificate?</h2>
<div class="outline-text-2" id="text-org3b6d8b4">
<div id="outline-container-org936141c" class="outline-2">
<h2 id="org936141c">How do I get a "real" SSL/TLS/HTTPS certificate?</h2>
<div class="outline-text-2" id="text-org936141c">
<p>
If you did the full install or selected the social variant then the system will have tried to obtain a Let's Encrypt certificate automatically during the install process. If this failed for any reason, or if you have created a new site which you need a certificate for then do the following:
</p>
@ -788,9 +788,9 @@ One thing to be aware of is that Let's Encrypt doesn't support many dynamic DNS
</p>
</div>
</div>
<div id="outline-container-orgabe05bb" class="outline-2">
<h2 id="orgabe05bb">How do I renew a Let's Encrypt certificate?</h2>
<div class="outline-text-2" id="text-orgabe05bb">
<div id="outline-container-orgbe98840" class="outline-2">
<h2 id="orgbe98840">How do I renew a Let's Encrypt certificate?</h2>
<div class="outline-text-2" id="text-orgbe98840">
<p>
Normally certificates will be automatically renewed once per month, so you don't need to be concerned about it. If anything goes wrong with the automatic renewal then you should receive a warning email.
</p>
@ -810,9 +810,9 @@ Select <i>Administrator controls</i> then <b>Security settings</b> then <b>Renew
</p>
</div>
</div>
<div id="outline-container-org4e0c7bc" class="outline-2">
<h2 id="org4e0c7bc">I tried to renew a Let's Encrypt certificate and it failed. What should I do?</h2>
<div class="outline-text-2" id="text-org4e0c7bc">
<div id="outline-container-org1c5192f" class="outline-2">
<h2 id="org1c5192f">I tried to renew a Let's Encrypt certificate and it failed. What should I do?</h2>
<div class="outline-text-2" id="text-org1c5192f">
<p>
Most likely it's because Let's Encrypt doesn't support your particular domain or subdomain. Currently free subdomains tend not to work. You'll need to buy a domain name, link it to your dynamic DNS account and then do:
</p>
@ -828,9 +828,9 @@ Select <i>Administrator controls</i> then <b>Security settings</b> then <b>Creat
</p>
</div>
</div>
<div id="outline-container-org84e7119" class="outline-2">
<h2 id="org84e7119">Why use self-signed certificates?</h2>
<div class="outline-text-2" id="text-org84e7119">
<div id="outline-container-org5b7491f" class="outline-2">
<h2 id="org5b7491f">Why use self-signed certificates?</h2>
<div class="outline-text-2" id="text-org5b7491f">
<p>
Almost everywhere on the web you will read that self-signed certificates are worthless. They bring up <i>scary-scary looking</i> browser warnings and gurus will advise you not to use them. Self-signed certificates are quite useful though. What the scary warnings mean - and it would be good if they explained this more clearly - is that you have an encrypted connection established but there is <i>no certainty about who that connection is with</i>.
</p>
@ -852,17 +852,17 @@ For now a self-signed certificate will probably in most cases protect your commu
</p>
</div>
</div>
<div id="outline-container-org3376bf8" class="outline-2">
<h2 id="org3376bf8">Why not use the services of $company instead? They took the Seppuku pledge</h2>
<div class="outline-text-2" id="text-org3376bf8">
<div id="outline-container-org6fd1027" class="outline-2">
<h2 id="org6fd1027">Why not use the services of $company instead? They took the Seppuku pledge</h2>
<div class="outline-text-2" id="text-org6fd1027">
<p>
<a href="https://cryptostorm.org/viewtopic.php?f=63&amp;t=2954&amp;sid=7de2d1e699cfde2f574e6a7f6ea5a173">That pledge</a> is utterly worthless. Years ago people trusted Google in the same sort of way, because they promised not be be evil and because a lot of the engineers working for them seemed like honest types who were "<i>on our side</i>". Post-<a href="https://en.wikipedia.org/wiki/Nymwars">nymwars</a> and post-<a href="https://en.wikipedia.org/wiki/PRISM_(surveillance_program)">PRISM</a> we know exactly how much Google cared about the privacy and security of its users. But Google is only one particular example. In general don't trust pledges made by companies, even if the people running them seem really sincere.
</p>
</div>
</div>
<div id="outline-container-org2a57f9c" class="outline-2">
<h2 id="org2a57f9c">Why does my email keep getting rejected as spam by Gmail/etc?</h2>
<div class="outline-text-2" id="text-org2a57f9c">
<div id="outline-container-org260d8cc" class="outline-2">
<h2 id="org260d8cc">Why does my email keep getting rejected as spam by Gmail/etc?</h2>
<div class="outline-text-2" id="text-org260d8cc">
<p>
Welcome to the world of email. Email is really the archetypal decentralized service, developed during the early days of the internet. In principle anyone can run an email server, and that's exactly what you're doing with Freedombone. Email is very useful, but it has a big problem, and that's that the protocols are totally insecure. That made it easy for spammers to do their thing, and in response highly elaborate spam filtering and blocking systems were developed. Chances are that your emails are being blocked in this way. Sometimes the blocking is so indisciminate that entire countries are excluded. What can you do about it? Unless you control the block list at the receiving end you may not be able to do much unless you can find an email proxy server which is trusted by the receiving server.
</p>

4
website/EN/index.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-08-08 Mon 17:19 -->
<!-- 2016-08-08 Mon 17:41 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
@ -181,7 +181,7 @@
.org-svg { width: 90%; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" />
<link rel="stylesheet" type="text/css" href="freedombone.css" />
<script type="text/javascript">
/*
@licstart The following is the entire license notice for the

118
website/EN/installation.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-08-08 Mon 17:19 -->
<!-- 2016-08-08 Mon 17:41 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
@ -181,7 +181,7 @@
.org-svg { width: 90%; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" />
<link rel="stylesheet" type="text/css" href="freedombone.css" />
<script type="text/javascript">
/*
@licstart The following is the entire license notice for the
@ -254,11 +254,11 @@ for the JavaScript code in this tag.
</colgroup>
<tbody>
<tr>
<td class="org-left"><a href="#org335ae25">Building an image for a Single Board Computer or Virtual Machine</a></td>
<td class="org-left"><a href="#org3b901e2">Building an image for a Single Board Computer or Virtual Machine</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgb4eb938">Checklist</a></td>
<td class="org-left"><a href="#org9ddd6bf">Checklist</a></td>
</tr>
<tr>
@ -266,34 +266,34 @@ for the JavaScript code in this tag.
</tr>
<tr>
<td class="org-left"><a href="#org4002596">Installation</a></td>
<td class="org-left"><a href="#orgdd974d3">Installation</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orge3fbd6f">Social Key Management - the 'Unforgettable Key'</a></td>
<td class="org-left"><a href="#orgc5792b7">Social Key Management - the 'Unforgettable Key'</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org293c14e">Final Setup</a></td>
<td class="org-left"><a href="#orgaa4fa3d">Final Setup</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgf32608e">Keydrives</a></td>
<td class="org-left"><a href="#org475add9">Keydrives</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgc0d5d65">On Client Machines</a></td>
<td class="org-left"><a href="#org51089f0">On Client Machines</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgab97535">Administering the system</a></td>
<td class="org-left"><a href="#org3e4a672">Administering the system</a></td>
</tr>
</tbody>
</table>
<div id="outline-container-org335ae25" class="outline-2">
<h2 id="org335ae25">Building an image for a Single Board Computer or Virtual Machine</h2>
<div class="outline-text-2" id="text-org335ae25">
<div id="outline-container-org3b901e2" class="outline-2">
<h2 id="org3b901e2">Building an image for a Single Board Computer or Virtual Machine</h2>
<div class="outline-text-2" id="text-org3b901e2">
<p>
You don't have to trust images downloaded from random internet locations signed with untrusted keys. You can build one from scratch yourself, and this is the recommended procedure for maximum security. For guidance on how to build images see the manpage for the <b>freedombone-image</b> command.
</p>
@ -379,9 +379,9 @@ If the image build fails with an error such as "<i>Error reading from server. Re
</div>
</div>
<div id="outline-container-orgb4eb938" class="outline-2">
<h2 id="orgb4eb938">Checklist</h2>
<div class="outline-text-2" id="text-orgb4eb938">
<div id="outline-container-org9ddd6bf" class="outline-2">
<h2 id="org9ddd6bf">Checklist</h2>
<div class="outline-text-2" id="text-org9ddd6bf">
<p>
Before installing Freedombone you will need a few things.
</p>
@ -395,17 +395,17 @@ Before installing Freedombone you will need a few things.
</ul>
</div>
</div>
<div id="outline-container-org4002596" class="outline-2">
<h2 id="org4002596">Installation</h2>
<div class="outline-text-2" id="text-org4002596">
<div id="outline-container-orgdd974d3" class="outline-2">
<h2 id="orgdd974d3">Installation</h2>
<div class="outline-text-2" id="text-orgdd974d3">
<p>
There are three install options: Laptop/Desktop/Netbook, SBC and Virtual Machine.
</p>
</div>
<div id="outline-container-org5b4f8c3" class="outline-3">
<h3 id="org5b4f8c3">On a Laptop, Netbook or Desktop machine</h3>
<div class="outline-text-3" id="text-org5b4f8c3">
<div id="outline-container-org9c1f7d4" class="outline-3">
<h3 id="org9c1f7d4">On a Laptop, Netbook or Desktop machine</h3>
<div class="outline-text-3" id="text-org9c1f7d4">
<p>
If you have an existing system, such as an old laptop or netbook which you can leave running as a server, then install a new version of Debian Jessie onto it. During the Debian install you won't need the print server or the desktop environment, and unchecking those will reduce the attack surface. Once Debian enter the following commands:
</p>
@ -424,9 +424,9 @@ freedombone menuconfig
</div>
</div>
<div id="outline-container-org0ef1235" class="outline-3">
<h3 id="org0ef1235">On a single board computer (SBC)</h3>
<div class="outline-text-3" id="text-org0ef1235">
<div id="outline-container-orgdcdaae2" class="outline-3">
<h3 id="orgdcdaae2">On a single board computer (SBC)</h3>
<div class="outline-text-3" id="text-orgdcdaae2">
<p>
Currently the following boards are supported:
</p>
@ -510,9 +510,9 @@ Using the password 'freedombone'. Take a note of the new login password and then
</div>
</div>
<div id="outline-container-org6d2c7b6" class="outline-3">
<h3 id="org6d2c7b6">As a Virtual Machine</h3>
<div class="outline-text-3" id="text-org6d2c7b6">
<div id="outline-container-orgfb19f9c" class="outline-3">
<h3 id="orgfb19f9c">As a Virtual Machine</h3>
<div class="outline-text-3" id="text-orgfb19f9c">
<p>
Virtualbox and Qemu are supported. You can run a 64 bit Qemu image with:
</p>
@ -534,42 +534,42 @@ The default login will be username 'fbone' and password 'freedombone'. Take a no
</div>
</div>
<div id="outline-container-orge3fbd6f" class="outline-2">
<h2 id="orge3fbd6f">Social Key Management - the 'Unforgettable Key'</h2>
<div class="outline-text-2" id="text-orge3fbd6f">
<div id="outline-container-orgc5792b7" class="outline-2">
<h2 id="orgc5792b7">Social Key Management - the 'Unforgettable Key'</h2>
<div class="outline-text-2" id="text-orgc5792b7">
<p>
During the install procedure you will be asked if you wish to import GPG keys. If you don't already possess GPG keys then just select "Ok" and they will be generated during the install. If you do already have GPG keys then there are a few possibilities
</p>
</div>
<div id="outline-container-org8b41155" class="outline-3">
<h3 id="org8b41155">You have the gnupg keyring on an encrypted USB drive</h3>
<div class="outline-text-3" id="text-org8b41155">
<div id="outline-container-orgb0e6560" class="outline-3">
<h3 id="orgb0e6560">You have the gnupg keyring on an encrypted USB drive</h3>
<div class="outline-text-3" id="text-orgb0e6560">
<p>
If you previously made a master keydrive containing the full keyring (the .gnupg directory). This is the most straightforward case, but not as secure as splitting the key into fragments.
</p>
</div>
</div>
<div id="outline-container-org1f06b9d" class="outline-3">
<h3 id="org1f06b9d">You have a number of key fragments on USB drives retrieved from friends</h3>
<div class="outline-text-3" id="text-org1f06b9d">
<div id="outline-container-org4948a7a" class="outline-3">
<h3 id="org4948a7a">You have a number of key fragments on USB drives retrieved from friends</h3>
<div class="outline-text-3" id="text-org4948a7a">
<p>
If you previously made some USB drives containing key fragments then retrieve them from your friends and plug them in one after the other. After the last drive has been read then remove it and just select "Ok". The system will then try to reconstruct the key. For this to work you will need to have previously made three or more <a href="#orgf32608e">Keydrives</a>.
If you previously made some USB drives containing key fragments then retrieve them from your friends and plug them in one after the other. After the last drive has been read then remove it and just select "Ok". The system will then try to reconstruct the key. For this to work you will need to have previously made three or more <a href="#org475add9">Keydrives</a>.
</p>
</div>
</div>
<div id="outline-container-orgdfd043a" class="outline-3">
<h3 id="orgdfd043a">You can specify some ssh login details for friends servers containing key fragments</h3>
<div class="outline-text-3" id="text-orgdfd043a">
<div id="outline-container-org9132662" class="outline-3">
<h3 id="org9132662">You can specify some ssh login details for friends servers containing key fragments</h3>
<div class="outline-text-3" id="text-org9132662">
<p>
Enter three or more sets of login details and the installer will try to retrieve key fragments and then assemble them into the full key. This only works if you previously were using remote backups and had social key management enabled.
</p>
</div>
</div>
</div>
<div id="outline-container-org293c14e" class="outline-2">
<h2 id="org293c14e">Final Setup</h2>
<div class="outline-text-2" id="text-org293c14e">
<div id="outline-container-orgaa4fa3d" class="outline-2">
<h2 id="orgaa4fa3d">Final Setup</h2>
<div class="outline-text-2" id="text-orgaa4fa3d">
<p>
Any manual post-installation setup instructions or passwords can be found in /home/username/README. You should remove any passwords from that file and store them within a password manager such as KeepassX.
</p>
@ -687,16 +687,16 @@ On your internet router, typically under firewall settings, open the following p
</div>
</div>
<div id="outline-container-orgf32608e" class="outline-2">
<h2 id="orgf32608e">Keydrives</h2>
<div class="outline-text-2" id="text-orgf32608e">
<div id="outline-container-org475add9" class="outline-2">
<h2 id="org475add9">Keydrives</h2>
<div class="outline-text-2" id="text-org475add9">
<p>
After installing for the first time it's a good idea to create some keydrives. These will store your gpg key so that if all else fails you will still be able to restore from backup. There are two ways to do this:
</p>
</div>
<div id="outline-container-org3cc4a72" class="outline-3">
<h3 id="org3cc4a72">Master Keydrive</h3>
<div class="outline-text-3" id="text-org3cc4a72">
<div id="outline-container-org3bd27a7" class="outline-3">
<h3 id="org3bd27a7">Master Keydrive</h3>
<div class="outline-text-3" id="text-org3bd27a7">
<p>
This is the traditional security model in which you carry your full keyring on an encrypted USB drive. To make a master keydrive first format a USB drive as a LUKS encrypted drive. In Ubuntu this can be <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">done from the <i>Disk Utility</i> application</a>. Then plug it into the Freedombone system, then from your local machine run:
</p>
@ -712,9 +712,9 @@ Select <i>Administrator controls</i> then <i>Backup and Restore</i> then <i>Back
</p>
</div>
</div>
<div id="outline-container-org48cb53f" class="outline-3">
<h3 id="org48cb53f">Fragment keydrives</h3>
<div class="outline-text-3" id="text-org48cb53f">
<div id="outline-container-org7491e32" class="outline-3">
<h3 id="org7491e32">Fragment keydrives</h3>
<div class="outline-text-3" id="text-org7491e32">
<p>
This breaks your GPG key into a number of fragments and randomly selects one to add to the USB drive. First format a USB drive as a LUKS encrypted drive. In Ubuntu this <a href="https://help.ubuntu.com/community/EncryptedFilesystemsOnRemovableStorage">can be done from the <i>Disk Utility</i> application</a>. Plug it into the Freedombone system then from your local machine run the following commands:
</p>
@ -735,9 +735,9 @@ Fragments are randomly assigned and so you will need at least three or four keyd
</div>
</div>
</div>
<div id="outline-container-orgc0d5d65" class="outline-2">
<h2 id="orgc0d5d65">On Client Machines</h2>
<div class="outline-text-2" id="text-orgc0d5d65">
<div id="outline-container-org51089f0" class="outline-2">
<h2 id="org51089f0">On Client Machines</h2>
<div class="outline-text-2" id="text-org51089f0">
<p>
You can configure laptops or desktop machines which connect to the Freedombone server in the following way. This alters encryption settings to improve overall security.
</p>
@ -755,9 +755,9 @@ freedombone-client
</div>
</div>
<div id="outline-container-orgab97535" class="outline-2">
<h2 id="orgab97535">Administering the system</h2>
<div class="outline-text-2" id="text-orgab97535">
<div id="outline-container-org3e4a672" class="outline-2">
<h2 id="org3e4a672">Administering the system</h2>
<div class="outline-text-2" id="text-org3e4a672">
<p>
To administer the system after installation log in via ssh, become the root user and then launch the control panel.
</p>

106
website/EN/mesh.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-08-08 Mon 17:19 -->
<!-- 2016-08-08 Mon 17:41 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
@ -181,7 +181,7 @@
.org-svg { width: 90%; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" />
<link rel="stylesheet" type="text/css" href="freedombone.css" />
<script type="text/javascript">
/*
@licstart The following is the entire license notice for the
@ -254,34 +254,34 @@ for the JavaScript code in this tag.
</colgroup>
<tbody>
<tr>
<td class="org-left"><a href="#org7571d97">What is a mesh network?</a></td>
<td class="org-left"><a href="#org7c8ca94">What is a mesh network?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org723a71f">The Freedombone Mesh</a></td>
<td class="org-left"><a href="#org931a679">The Freedombone Mesh</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org20b8881">Installation</a></td>
<td class="org-left"><a href="#orgd22790b">Installation</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orge8c3e69">Wifi adaptors</a></td>
<td class="org-left"><a href="#orgb9d1166">Wifi adaptors</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org123d626">Using the mesh</a></td>
<td class="org-left"><a href="#orgf6be28b">Using the mesh</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org2fe4976">Further reading</a></td>
<td class="org-left"><a href="#org0ee72c1">Further reading</a></td>
</tr>
</tbody>
</table>
<div id="outline-container-org7571d97" class="outline-2">
<h2 id="org7571d97">What is a mesh network?</h2>
<div class="outline-text-2" id="text-org7571d97">
<div id="outline-container-org7c8ca94" class="outline-2">
<h2 id="org7c8ca94">What is a mesh network?</h2>
<div class="outline-text-2" id="text-org7c8ca94">
<p>
The internet as it currently exists is mostly organised according to a client/server model. Servers run the web services and store the data and clients are the laptops, desktops and other devices accessing the servers. In a mesh network there isn't any clear division between clients and servers. The computers on a mesh network are known as "peers" and they can perform the functions of both clients and servers. Commonly this is also known as a "peer to peer" network.
</p>
@ -313,20 +313,20 @@ Example use cases would be:
</div>
</div>
<div id="outline-container-org723a71f" class="outline-2">
<h2 id="org723a71f">The Freedombone Mesh</h2>
<div class="outline-text-2" id="text-org723a71f">
<div id="outline-container-org931a679" class="outline-2">
<h2 id="org931a679">The Freedombone Mesh</h2>
<div class="outline-text-2" id="text-org931a679">
<p>
The Freedombone mesh is offline - in the sense of not being part of the larger internet - and consists of a set of computers with the software installed communicating wirelessly using ordinary wifi. Peers can enter or leave the network and it will adjust automatically. All communications between peers is end-to-end encrypted, so although it's easy to join the network it's not easy to passively evesdrop.
</p>
</div>
</div>
<div id="outline-container-org20b8881" class="outline-2">
<h2 id="org20b8881">Installation</h2>
<div class="outline-text-2" id="text-org20b8881">
</div><div id="outline-container-org865e6de" class="outline-3">
<h3 id="org865e6de">Two types of system</h3>
<div class="outline-text-3" id="text-org865e6de">
<div id="outline-container-orgd22790b" class="outline-2">
<h2 id="orgd22790b">Installation</h2>
<div class="outline-text-2" id="text-orgd22790b">
</div><div id="outline-container-orgaf1dcd4" class="outline-3">
<h3 id="orgaf1dcd4">Two types of system</h3>
<div class="outline-text-3" id="text-orgaf1dcd4">
<p>
Installation is split into two categories, <i>routers</i> and <i>user devices</i>.
</p>
@ -344,9 +344,9 @@ Small computers acting as mesh routers can also be battery operated or solar pow
</p>
</div>
</div>
<div id="outline-container-org6438efa" class="outline-3">
<h3 id="org6438efa">Installing on routers</h3>
<div class="outline-text-3" id="text-org6438efa">
<div id="outline-container-orgdda14e8" class="outline-3">
<h3 id="orgdda14e8">Installing on routers</h3>
<div class="outline-text-3" id="text-orgdda14e8">
<p>
Whatever system you're going to use as a mesh router should have a new Debian Jessie install on it. It's advisable that this be a new install so that there is no existing software on the system which could confuse the mesh install process.
</p>
@ -416,9 +416,9 @@ The reboot is needed in order to enable zram and the hardware random number gene
</p>
</div>
</div>
<div id="outline-container-org7952cce" class="outline-3">
<h3 id="org7952cce">Installing on user devices</h3>
<div class="outline-text-3" id="text-org7952cce">
<div id="outline-container-orgec708f5" class="outline-3">
<h3 id="orgec708f5">Installing on user devices</h3>
<div class="outline-text-3" id="text-orgec708f5">
<p>
Typically on a laptop with a Debian-based distro installed, open a terminal and type:
</p>
@ -452,16 +452,16 @@ sudo dpkg -i batctl_2014.1.0-2_amd64.deb
</div>
</div>
</div>
<div id="outline-container-orge8c3e69" class="outline-2">
<h2 id="orge8c3e69">Wifi adaptors</h2>
<div class="outline-text-2" id="text-orge8c3e69">
<div id="outline-container-orgb9d1166" class="outline-2">
<h2 id="orgb9d1166">Wifi adaptors</h2>
<div class="outline-text-2" id="text-orgb9d1166">
<p>
There are a small number of wifi adaptors which are compatible with a fully free software stack.
</p>
</div>
<div id="outline-container-orgc1ab644" class="outline-3">
<h3 id="orgc1ab644">Atheros AR9271</h3>
<div class="outline-text-3" id="text-orgc1ab644">
<div id="outline-container-org99dc976" class="outline-3">
<h3 id="org99dc976">Atheros AR9271</h3>
<div class="outline-text-3" id="text-org99dc976">
<p>
To install the firmware for this:
</p>
@ -479,17 +479,17 @@ mv *.fw /lib/firmware
</div>
</div>
</div>
<div id="outline-container-org123d626" class="outline-2">
<h2 id="org123d626">Using the mesh</h2>
<div class="outline-text-2" id="text-org123d626">
<div id="outline-container-orgf6be28b" class="outline-2">
<h2 id="orgf6be28b">Using the mesh</h2>
<div class="outline-text-2" id="text-orgf6be28b">
<p>
The following sections only apply to <i>client devices</i>. Mesh <i>routers</i> are only for routing network traffic and operating <a href="https://en.wikipedia.org/wiki/BitTorrent_tracker">trackers</a> and <a href="https://en.wikipedia.org/wiki/Distributed_hash_table">distributed hash tables</a> for bootstrapping purposes.
</p>
</div>
<div id="outline-container-orgc862ae7" class="outline-3">
<h3 id="orgc862ae7">Switching from internet to mesh mode</h3>
<div class="outline-text-3" id="text-orgc862ae7">
<div id="outline-container-orgf2c3333" class="outline-3">
<h3 id="orgf2c3333">Switching from internet to mesh mode</h3>
<div class="outline-text-3" id="text-orgf2c3333">
<p>
To join the mesh network open a terminal and type:
</p>
@ -519,9 +519,9 @@ If for any reason things don't seem to be updating you can force an update by is
</div>
</div>
</div>
<div id="outline-container-org193f44f" class="outline-3">
<h3 id="org193f44f">Chat</h3>
<div class="outline-text-3" id="text-org193f44f">
<div id="outline-container-orgcd46ff3" class="outline-3">
<h3 id="orgcd46ff3">Chat</h3>
<div class="outline-text-3" id="text-orgcd46ff3">
<p>
If you have a Tox client installed on your system then you can use that to communicate with other mesh peers. A limitation is that if peers change you may need to quit the application and restart it in order to receive the updated list of DHTnodes. The <a href="https://github.com/Tox/toxic">Toxic</a> client is installed by default, but you may also want to install <a href="https://github.com/tux3/qTox">qTox</a> for a more conventional-looking user experience.
</p>
@ -568,9 +568,9 @@ A note for the security-conscious is that broadcasting Tox IDs via the network (
</p>
</div>
</div>
<div id="outline-container-orge82459e" class="outline-3">
<h3 id="orge82459e">Blogging</h3>
<div class="outline-text-3" id="text-orge82459e">
<div id="outline-container-org263117f" class="outline-3">
<h3 id="org263117f">Blogging</h3>
<div class="outline-text-3" id="text-org263117f">
<p>
The Freedombone mesh uses a fully decentralized blogging system called <a href="https://github.com/HelloZeroNet/ZeroBlog">ZeroBlog</a>. It behaves rather like other peer-to-peer file sharing systems in that if you are reading the blog of another user you are also simultaneously seeding it to other peers (acting as both a client and a server). This allows the system to scale well, while also being robust to any peer failing or leaving the network.
</p>
@ -588,17 +588,17 @@ To add a new blog entry click the <i>new post</i> button, edit the title and con
</p>
</div>
</div>
<div id="outline-container-org35fb05a" class="outline-3">
<h3 id="org35fb05a">Other services</h3>
<div class="outline-text-3" id="text-org35fb05a">
<div id="outline-container-org902cd85" class="outline-3">
<h3 id="org902cd85">Other services</h3>
<div class="outline-text-3" id="text-org902cd85">
<p>
It is hoped that a decentralized forum will be added, but this is not yet complete. In the mean time a substitute is to use the Tox group chat feature.
</p>
</div>
</div>
<div id="outline-container-org1bfcc2c" class="outline-3">
<h3 id="org1bfcc2c">Turning off the mesh</h3>
<div class="outline-text-3" id="text-org1bfcc2c">
<div id="outline-container-org5a433bf" class="outline-3">
<h3 id="org5a433bf">Turning off the mesh</h3>
<div class="outline-text-3" id="text-org5a433bf">
<p>
If you wish to return to the internet then open a terminal and type:
</p>
@ -615,9 +615,9 @@ After a few seconds your usual internet wifi connection should be re-established
</div>
</div>
</div>
<div id="outline-container-org2fe4976" class="outline-2">
<h2 id="org2fe4976">Further reading</h2>
<div class="outline-text-2" id="text-org2fe4976">
<div id="outline-container-org0ee72c1" class="outline-2">
<h2 id="org0ee72c1">Further reading</h2>
<div class="outline-text-2" id="text-org0ee72c1">
<p>
For much more extensive details about deploying wireless networks there is an excellent book called <a href="https://wndw.net/">Wireless Networking in the Developing World</a> which is worth reading. It's not necessarily exclusively about mesh networks, but may be useful in terms of advice about antennas, reflections, extending wifi range and so on.
</p>

50
website/EN/mirrors.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-08-08 Mon 17:19 -->
<!-- 2016-08-08 Mon 17:41 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
@ -181,7 +181,7 @@
.org-svg { width: 90%; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" />
<link rel="stylesheet" type="text/css" href="freedombone.css" />
<script type="text/javascript">
/*
@licstart The following is the entire license notice for the
@ -254,62 +254,62 @@ for the JavaScript code in this tag.
</colgroup>
<tbody>
<tr>
<td class="org-left"><a href="#org5255c28">What are mirrors and why do they exist?</a></td>
<td class="org-left"><a href="#org83db8d9">What are mirrors and why do they exist?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org3a71074">What security do mirrors have?</a></td>
<td class="org-left"><a href="#org2d1c77a">What security do mirrors have?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgad30640">How do I set up mirrors?</a></td>
<td class="org-left"><a href="#org7662467">How do I set up mirrors?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgf55466c">Do mirrors include debian package repositories?</a></td>
<td class="org-left"><a href="#org60e79fb">Do mirrors include debian package repositories?</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgae578f8">What do I need to do to keep the mirrored repositories updated?</a></td>
<td class="org-left"><a href="#orgab207c0">What do I need to do to keep the mirrored repositories updated?</a></td>
</tr>
</tbody>
</table>
<div id="outline-container-org5255c28" class="outline-2">
<h2 id="org5255c28">What are mirrors and why do they exist?</h2>
<div class="outline-text-2" id="text-org5255c28">
<div id="outline-container-org83db8d9" class="outline-2">
<h2 id="org83db8d9">What are mirrors and why do they exist?</h2>
<div class="outline-text-2" id="text-org83db8d9">
<p>
It would be nice if all of the applications used by this project were packaged for Debian, but currently they're not. This means that various upstream git repositories are used and these mostly reside on Github. What if Github were to go away, become paying only or be censored in some manner which was difficult to work around? To guard against this possibility the repositories are mirrored on each install and can then be made available to other users so that new installations or updates could still occur without the original default repos.
</p>
</div>
</div>
<div id="outline-container-org3a71074" class="outline-2">
<h2 id="org3a71074">What security do mirrors have?</h2>
<div class="outline-text-2" id="text-org3a71074">
<div id="outline-container-org2d1c77a" class="outline-2">
<h2 id="org2d1c77a">What security do mirrors have?</h2>
<div class="outline-text-2" id="text-org2d1c77a">
<p>
On each install you have a <i>mirrors</i> user created, whose only purpose is to mirror upstream repositories. A random password is generated for the <i>mirrors</i> user which can be seen within the control panel and so given to other users who may need it.
</p>
</div>
</div>
<div id="outline-container-orgad30640" class="outline-2">
<h2 id="orgad30640">How do I set up mirrors?</h2>
<div class="outline-text-2" id="text-orgad30640">
<div id="outline-container-org7662467" class="outline-2">
<h2 id="org7662467">How do I set up mirrors?</h2>
<div class="outline-text-2" id="text-org7662467">
<p>
The interactive installer will ask whether you want to configure the main respositories. Enter the URL, which will typically be an onion address, the ssh port number and the password for the mirrors on that system.
</p>
</div>
</div>
<div id="outline-container-orgf55466c" class="outline-2">
<h2 id="orgf55466c">Do mirrors include debian package repositories?</h2>
<div class="outline-text-2" id="text-orgf55466c">
<div id="outline-container-org60e79fb" class="outline-2">
<h2 id="org60e79fb">Do mirrors include debian package repositories?</h2>
<div class="outline-text-2" id="text-org60e79fb">
<p>
No. Packages for Debian will still be accessed in the conventional manner.
</p>
</div>
</div>
<div id="outline-container-orge448ccd" class="outline-2">
<h2 id="orge448ccd">Can I change mirrors after the system has been installed</h2>
<div class="outline-text-2" id="text-orge448ccd">
<div id="outline-container-orgfe13e42" class="outline-2">
<h2 id="orgfe13e42">Can I change mirrors after the system has been installed</h2>
<div class="outline-text-2" id="text-orgfe13e42">
<p>
Yes. From the control panel select "<i>Set the main repository</i>"
</p>
@ -324,9 +324,9 @@ Yes. From the control panel select "<i>Set the main repository</i>"
</div>
</div>
<div id="outline-container-orgae578f8" class="outline-2">
<h2 id="orgae578f8">What do I need to do to keep the mirrored repositories updated?</h2>
<div class="outline-text-2" id="text-orgae578f8">
<div id="outline-container-orgab207c0" class="outline-2">
<h2 id="orgab207c0">What do I need to do to keep the mirrored repositories updated?</h2>
<div class="outline-text-2" id="text-orgab207c0">
<p>
Nothing. That happens as part of regular automatic updates.
</p>

58
website/EN/mobile.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-08-08 Mon 17:19 -->
<!-- 2016-08-08 Mon 17:41 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
@ -181,7 +181,7 @@
.org-svg { width: 90%; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" />
<link rel="stylesheet" type="text/css" href="freedombone.css" />
<script type="text/javascript">
/*
@licstart The following is the entire license notice for the
@ -270,9 +270,9 @@ Mobile phones are insecure devices, but they're regarded as being so essential t
</table>
</center>
<div id="outline-container-org603725e" class="outline-2">
<h2 id="org603725e">Open</h2>
<div class="outline-text-2" id="text-org603725e">
<div id="outline-container-org0045915" class="outline-2">
<h2 id="org0045915">Open</h2>
<div class="outline-text-2" id="text-org0045915">
<p>
Use a Linux based phone operating system. Typically this will mean Android, but could also mean Cyanogenmod or Replicant. Cyanogen is the most preferable, because you can usually get an up to date image with a recent kernel which will give you better security against exploits. If you're buying a phone then look for a model which is supported by Cyanogenmod. Replicant is the most free (as in freedom) but only runs on a small number of phone models. If you have a phone which runs a full GNU/Linux system then that's fantastic, and you can probably use it in much the same way as a desktop system and the rest of the advice on this page won't apply. If you don't have a phone capable of running a Linux based operating system then consider selling, giving away or bartering your existing one.
</p>
@ -283,45 +283,45 @@ Why is it so important to run Linux on a phone? Aren't <i>iThings</i> supposed t
</div>
</div>
<div id="outline-container-org6db6899" class="outline-2">
<h2 id="org6db6899">Remove</h2>
<div class="outline-text-2" id="text-org6db6899">
<div id="outline-container-org3477838" class="outline-2">
<h2 id="org3477838">Remove</h2>
<div class="outline-text-2" id="text-org3477838">
<p>
So maybe you're running Android and the phone came with some apps already installed. Almost certainly they'll be proprietary. Go to Settings/Apps and then uninstall or deactivate any apps which you really don't need. Mostly preinstalled apps are intended to send your data to companies who will then sell it to advertisers or governments under the business model of <i>surveillance capital</i>. It's not a good idea to get caught up in that, and to avoid becoming addicted to apps which are surveilling you without consent or installing spyware in the background without your knowledge.
</p>
</div>
</div>
<div id="outline-container-orgc09c95e" class="outline-2">
<h2 id="orgc09c95e">Encrypt</h2>
<div class="outline-text-2" id="text-orgc09c95e">
<div id="outline-container-org2a139a5" class="outline-2">
<h2 id="org2a139a5">Encrypt</h2>
<div class="outline-text-2" id="text-org2a139a5">
<p>
Encrypt your phone. This can usually be done via <b>Settings/Security</b> and you may need to fully charge the phone first. Encryption means that if you lose your phone or it gets stolen then there is less chance that anyone who picks it up will get access to your data, photos and so on.
</p>
</div>
</div>
<div id="outline-container-org2e14d67" class="outline-2">
<h2 id="org2e14d67">Apps</h2>
<div class="outline-text-2" id="text-org2e14d67">
<div id="outline-container-orgffded37" class="outline-2">
<h2 id="orgffded37">Apps</h2>
<div class="outline-text-2" id="text-orgffded37">
<p>
Installing <b>F-droid</b> and only adding any new apps via F-droid will ensure that you are always using free and open source software. Open source is not a panacea, since bugs can and do still occur, but it will help you to avoid the worst security and privacy pitfalls.
</p>
</div>
</div>
<div id="outline-container-orgd826e0e" class="outline-2">
<h2 id="orgd826e0e">Lock</h2>
<div class="outline-text-2" id="text-orgd826e0e">
<div id="outline-container-orge024bad" class="outline-2">
<h2 id="orge024bad">Lock</h2>
<div class="outline-text-2" id="text-orge024bad">
<p>
Add a lock screen, preferably with a password which is not easy for other people to guess or for quicker access with a PIN number. Install an app called <b>Locker</b>, activate it and set the maximum number of password guesses to ten (or whatever you feel comfortable with). If bad people get hold of your phone then they may try to brute force your lock screen password or PIN (i.e. automatically trying millions of common word and number combinations) and the locker app will prevent them from succeeding by resetting the phone back to its factory default condition and wiping the data.
</p>
</div>
</div>
<div id="outline-container-org462e34f" class="outline-2">
<h2 id="org462e34f">Onion</h2>
<div class="outline-text-2" id="text-org462e34f">
<div id="outline-container-org707863e" class="outline-2">
<h2 id="org707863e">Onion</h2>
<div class="outline-text-2" id="text-org707863e">
<p>
Both governments and corporations want to compile matadata dossiers about you. Who you communicated with, when and how often. They want this so that they can data mine, simulate, predict and then ultimately influence (sometimes also called "nudge") your actions and preferences in the directions they prefer. By routing your connections through a number of proxy servers (Tor routers) you can make it perhaps not <i>theoretically</i> impossible but at least <i>very hard</i> for them to have a complete and accurate list of who your friends are, your religion, politics, likely health issues, sexual orientation and what news sites or books you read.
</p>
@ -332,9 +332,9 @@ In F-droid under the <b>repositories</b> menu you can enable the <b>guardian pro
</div>
</div>
<div id="outline-container-org8818a9f" class="outline-2">
<h2 id="org8818a9f">ssh</h2>
<div class="outline-text-2" id="text-org8818a9f">
<div id="outline-container-orgd046cf8" class="outline-2">
<h2 id="orgd046cf8">ssh</h2>
<div class="outline-text-2" id="text-orgd046cf8">
<p>
The most secure way to access email is via an ssh connection and shell interface. This is not highly convenient, but it does keep your email and GPG key off of the phone which improves your security. If your phone is subsequently stolen then even if an adversary can get past the lock screen <i>there are no emails stored on the phone</i>. Install <b>Connectbot</b>, generate an RSA key of at least 2048 bits and give it a password. Copy and paste the ssh public key to a pastebin and then add it to <i>home/myusername</i>.ssh/authorized keys on Freedombone. Then add an ssh account for the Freedombone, using port 2222. Before you log in you will need to ensure that the ssh key is unlocked. If you lose your phone then you can remove that public key from <i>authorized_keys</i> and anyone in possession of the phone will no longer be able to get ssh access to your system.
</p>
@ -345,18 +345,18 @@ This is a <i>defense in depth</i> approach in which there are multiple hurdles w
</div>
</div>
<div id="outline-container-orgf468a25" class="outline-2">
<h2 id="orgf468a25">Services</h2>
<div class="outline-text-2" id="text-orgf468a25">
<div id="outline-container-org27b00a4" class="outline-2">
<h2 id="org27b00a4">Services</h2>
<div class="outline-text-2" id="text-org27b00a4">
<p>
For information on configuring various apps to work with Freedombone see the <a href="./usage.html">usage section</a>. Also see advice on chat apps in the <a href="./faq.html">FAQ</a>.
</p>
</div>
</div>
<div id="outline-container-org47ef0a2" class="outline-2">
<h2 id="org47ef0a2">Battery preservation</h2>
<div class="outline-text-2" id="text-org47ef0a2">
<div id="outline-container-orgc2d54ec" class="outline-2">
<h2 id="orgc2d54ec">Battery preservation</h2>
<div class="outline-text-2" id="text-orgc2d54ec">
<p>
Even with free software apps it's not difficult to get into a situation where your battery doesn't last for long. To maximize battery life access RSS feeds via the onion-based mobile reader within a Tor-compatible browser and not from a locally installed RSS app.
</p>

4
website/EN/related.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-08-08 Mon 17:20 -->
<!-- 2016-08-08 Mon 17:41 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
@ -181,7 +181,7 @@
.org-svg { width: 90%; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" />
<link rel="stylesheet" type="text/css" href="freedombone.css" />
<script type="text/javascript">
/*
@licstart The following is the entire license notice for the

58
website/EN/support.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-08-08 Mon 17:20 -->
<!-- 2016-08-08 Mon 17:41 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
@ -181,7 +181,7 @@
.org-svg { width: 90%; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" />
<link rel="stylesheet" type="text/css" href="freedombone.css" />
<script type="text/javascript">
/*
@licstart The following is the entire license notice for the
@ -246,9 +246,9 @@ for the JavaScript code in this tag.
<h1>Support</h1>
</center>
<div id="outline-container-org043f153" class="outline-2">
<h2 id="org043f153">Contact details</h2>
<div class="outline-text-2" id="text-org043f153">
<div id="outline-container-org9b35a3b" class="outline-2">
<h2 id="org9b35a3b">Contact details</h2>
<div class="outline-text-2" id="text-org9b35a3b">
<p>
This site can also be accessed via a Tor browser at <b>4fvfozz6g3zmvf76.onion</b>
</p>
@ -275,21 +275,21 @@ This site can also be accessed via a Tor browser at <b>4fvfozz6g3zmvf76.onion</b
</div>
</div>
<div id="outline-container-org6910c34" class="outline-2">
<h2 id="org6910c34">Things which would be nice to have</h2>
<div class="outline-text-2" id="text-org6910c34">
</div><div id="outline-container-org60f0fd7" class="outline-3">
<h3 id="org60f0fd7">Ideas</h3>
<div class="outline-text-3" id="text-org60f0fd7">
<div id="outline-container-orgfe6be35" class="outline-2">
<h2 id="orgfe6be35">Things which would be nice to have</h2>
<div class="outline-text-2" id="text-orgfe6be35">
</div><div id="outline-container-org375e872" class="outline-3">
<h3 id="org375e872">Ideas</h3>
<div class="outline-text-3" id="text-org375e872">
<p>
Know of some fabulous web system which could run on Freedombone, but currently doesn't? Contact the above, and be prepared to make a compelling argument for why it should be included.
</p>
</div>
</div>
<div id="outline-container-org8772744" class="outline-3">
<h3 id="org8772744">Money</h3>
<div class="outline-text-3" id="text-org8772744">
<div id="outline-container-orgd9a0d3b" class="outline-3">
<h3 id="orgd9a0d3b">Money</h3>
<div class="outline-text-3" id="text-orgd9a0d3b">
<p>
At the present time this project is not seeking any funding. There is no crowdfunding campaign and no slick marketing video. Those aren't ruled out as future possibilities, but for now they're just not needed.
</p>
@ -300,27 +300,27 @@ If you find this project useful then you may wish to consider donating to <a hre
</div>
</div>
<div id="outline-container-orgf3a6c70" class="outline-3">
<h3 id="orgf3a6c70">Testing and reporting bugs</h3>
<div class="outline-text-3" id="text-orgf3a6c70">
<div id="outline-container-orge1edd06" class="outline-3">
<h3 id="orge1edd06">Testing and reporting bugs</h3>
<div class="outline-text-3" id="text-orge1edd06">
<p>
Testing of the install on different hardware. Also pentesting on test installations to find vulnerabilities.
</p>
</div>
</div>
<div id="outline-container-org47fd2dc" class="outline-3">
<h3 id="org47fd2dc">Web design and artwork</h3>
<div class="outline-text-3" id="text-org47fd2dc">
<div id="outline-container-org3667859" class="outline-3">
<h3 id="org3667859">Web design and artwork</h3>
<div class="outline-text-3" id="text-org3667859">
<p>
A better design for this website would be nice to have. Photos, icons or other artwork are all welcome. I've always liked the cartoon artwork of the <a href="https://www.mediagoblin.org/">Mediagoblin</a> project, and attractive graphics can help to get people initially interested.
</p>
</div>
</div>
<div id="outline-container-org614c269" class="outline-3">
<h3 id="org614c269">More education and promotion</h3>
<div class="outline-text-3" id="text-org614c269">
<div id="outline-container-orge563f2b" class="outline-3">
<h3 id="orge563f2b">More education and promotion</h3>
<div class="outline-text-3" id="text-orge563f2b">
<div class="org-center">
<div class="figure">
@ -338,18 +338,18 @@ Raising awareness beyond the near zero current level, overcoming fear and parano
</div>
</div>
<div id="outline-container-org55ed8d3" class="outline-3">
<h3 id="org55ed8d3">Translations</h3>
<div class="outline-text-3" id="text-org55ed8d3">
<div id="outline-container-org6c154af" class="outline-3">
<h3 id="org6c154af">Translations</h3>
<div class="outline-text-3" id="text-org6c154af">
<p>
To add translations modify the json files within the <b>locale</b> subdirectory. Then make a pull request on the <a href="https://github.com/bashrc/freedombone">Github site</a>.
</p>
</div>
</div>
<div id="outline-container-org83bbf21" class="outline-3">
<h3 id="org83bbf21">Packaging</h3>
<div class="outline-text-3" id="text-org83bbf21">
<div id="outline-container-org3c73e48" class="outline-3">
<h3 id="org3c73e48">Packaging</h3>
<div class="outline-text-3" id="text-org3c73e48">
<p>
Helping to package GNU Social and Hubzilla for Debian would be beneficial.
</p>

304
website/EN/usage.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-08-08 Mon 17:20 -->
<!-- 2016-08-08 Mon 17:41 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
@ -181,7 +181,7 @@
.org-svg { width: 90%; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" />
<link rel="stylesheet" type="text/css" href="freedombone.css" />
<script type="text/javascript">
/*
@licstart The following is the entire license notice for the
@ -254,15 +254,15 @@ for the JavaScript code in this tag.
</colgroup>
<tbody>
<tr>
<td class="org-left"><a href="#org8df4c1a">Readme</a></td>
<td class="org-left"><a href="#org6618aa3">Readme</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org0ece9b9">Improving ssh security</a></td>
<td class="org-left"><a href="#org3cb2369">Improving ssh security</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org3a2883b">Administrating the system via an onion address (Tor)</a></td>
<td class="org-left"><a href="#orgd75415f">Administrating the system via an onion address (Tor)</a></td>
</tr>
<tr>
@ -274,46 +274,46 @@ for the JavaScript code in this tag.
</tr>
<tr>
<td class="org-left"><a href="#org9c7dc70">Syncing to the Cloud</a></td>
<td class="org-left"><a href="#orgbbd3336">Syncing to the Cloud</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgd4cedd9">Play Music</a></td>
<td class="org-left"><a href="#orgd5c85fa">Play Music</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org7074e86">Microblogging (GNU Social)</a></td>
<td class="org-left"><a href="#org770856e">Microblogging (GNU Social)</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org4852d92">Sharing things</a></td>
<td class="org-left"><a href="#orgc54a7f2">Sharing things</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org5596b58">Social Network</a></td>
<td class="org-left"><a href="#org2955f60">Social Network</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgcac4966">Chat Services</a></td>
<td class="org-left"><a href="#org6365387">Chat Services</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgff77a66">RSS Reader</a></td>
<td class="org-left"><a href="#org4ef6739">RSS Reader</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org7d41716">Git Projects</a></td>
<td class="org-left"><a href="#org5973593">Git Projects</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org9b9f095">Adding or removing users</a></td>
<td class="org-left"><a href="#orgb97836a">Adding or removing users</a></td>
</tr>
</tbody>
</table>
<div id="outline-container-org8df4c1a" class="outline-2">
<h2 id="org8df4c1a">Readme</h2>
<div class="outline-text-2" id="text-org8df4c1a">
<div id="outline-container-org6618aa3" class="outline-2">
<h2 id="org6618aa3">Readme</h2>
<div class="outline-text-2" id="text-org6618aa3">
<p>
After the system has installed a README file will be generated which contains passwords and some brief advice on using the installed systems. You can read this with the following commands:
</p>
@ -334,9 +334,9 @@ To exit you can either just close the terminal or use <b>CTRL-x CTRL-c</b> follo
</p>
</div>
</div>
<div id="outline-container-org0ece9b9" class="outline-2">
<h2 id="org0ece9b9">Improving ssh security</h2>
<div class="outline-text-2" id="text-org0ece9b9">
<div id="outline-container-org3cb2369" class="outline-2">
<h2 id="org3cb2369">Improving ssh security</h2>
<div class="outline-text-2" id="text-org3cb2369">
<p>
To improve ssh security you can generate an ssh key pair on your system and then upload the public key to the Freedombone.
</p>
@ -389,9 +389,9 @@ If you wish to only use ssh keys then log in to the Freedombone, become the root
</div>
</div>
<div id="outline-container-org3a2883b" class="outline-2">
<h2 id="org3a2883b">Administrating the system via an onion address (Tor)</h2>
<div class="outline-text-2" id="text-org3a2883b">
<div id="outline-container-orgd75415f" class="outline-2">
<h2 id="orgd75415f">Administrating the system via an onion address (Tor)</h2>
<div class="outline-text-2" id="text-orgd75415f">
<p>
You can also access your system via the Tor system using an onion address. To find out what the onion address for ssh access is you can do the following:
</p>
@ -437,9 +437,9 @@ Subsequently even if dynamic DNS isn't working you may still be able to administ
</p>
</div>
</div>
<div id="outline-container-org9c7dc70" class="outline-2">
<h2 id="org9c7dc70">Syncing to the Cloud</h2>
<div class="outline-text-2" id="text-org9c7dc70">
<div id="outline-container-orgbbd3336" class="outline-2">
<h2 id="orgbbd3336">Syncing to the Cloud</h2>
<div class="outline-text-2" id="text-orgbbd3336">
<p>
<a href="https://syncthing.net/">Syncthing</a> provides a similar capability to proprietary systems such as Dropbox, and also is well suited for use with low power single board computers. You can have one or more directories which are synchronized across your various laptops/desktops/devices, and this makes it hard for you to ever lose important files. The manner in which the synchronization is done is pretty secure, such that it would be difficult for passive adversaries (mass surveillance, "<i>men in the middle</i>", etc) to know what files you're sharing. Of course, you don't necessarily need to be running a server in order to use Syncthing, but if you do have a server which is always running then there's always at least one place to synchronize your files to or from.
</p>
@ -449,9 +449,9 @@ Freedombone provides Syncthing shared directories for each user on the system, p
</p>
</div>
<div id="outline-container-org4cf4458" class="outline-3">
<h3 id="org4cf4458">On a laptop</h3>
<div class="outline-text-3" id="text-org4cf4458">
<div id="outline-container-org6497c4a" class="outline-3">
<h3 id="org6497c4a">On a laptop</h3>
<div class="outline-text-3" id="text-org6497c4a">
<p>
Install syncthing:
</p>
@ -506,9 +506,9 @@ Now wait for a few minutes. Eventually you will see two messages appear within t
</p>
</div>
</div>
<div id="outline-container-org6ba3f07" class="outline-3">
<h3 id="org6ba3f07">On Android</h3>
<div class="outline-text-3" id="text-org6ba3f07">
<div id="outline-container-org30f3a65" class="outline-3">
<h3 id="org30f3a65">On Android</h3>
<div class="outline-text-3" id="text-org30f3a65">
<p>
Install Syncthing and Connectbot from F-droid.
</p>
@ -539,12 +539,12 @@ Now wait for a few minutes or more. Eventually you should receive two notificati
</div>
</div>
</div>
<div id="outline-container-orgd4cedd9" class="outline-2">
<h2 id="orgd4cedd9">Play Music</h2>
<div class="outline-text-2" id="text-orgd4cedd9">
</div><div id="outline-container-org567e37f" class="outline-3">
<h3 id="org567e37f">With the DLNA service</h3>
<div class="outline-text-3" id="text-org567e37f">
<div id="outline-container-orgd5c85fa" class="outline-2">
<h2 id="orgd5c85fa">Play Music</h2>
<div class="outline-text-2" id="text-orgd5c85fa">
</div><div id="outline-container-orgf7176fb" class="outline-3">
<h3 id="orgf7176fb">With the DLNA service</h3>
<div class="outline-text-3" id="text-orgf7176fb">
<p>
An easy way to play music on any mobile device in your home is to use the DLNA service. Copy your music into a directory called "<i>Music</i>" on a USB thumb drive and then insert it into from socket on the Beaglebone.
</p>
@ -585,12 +585,12 @@ The DLNA service will only work within your local home network, and isn't remote
</div>
</div>
<div id="outline-container-org7074e86" class="outline-2">
<h2 id="org7074e86">Microblogging (GNU Social)</h2>
<div class="outline-text-2" id="text-org7074e86">
</div><div id="outline-container-org536a192" class="outline-3">
<h3 id="org536a192">Initial setup</h3>
<div class="outline-text-3" id="text-org536a192">
<div id="outline-container-org770856e" class="outline-2">
<h2 id="org770856e">Microblogging (GNU Social)</h2>
<div class="outline-text-2" id="text-org770856e">
</div><div id="outline-container-org53a22e0" class="outline-3">
<h3 id="org53a22e0">Initial setup</h3>
<div class="outline-text-3" id="text-org53a22e0">
<p>
To log into your GNU Social site first obtain your username and password from the "microblogging" section of the readme file.
</p>
@ -619,17 +619,17 @@ GNU Social has a clutter-free mobile user interface which can be accessed via a
</div>
</div>
<div id="outline-container-org4ef8f04" class="outline-3">
<h3 id="org4ef8f04">Direct Messages (DMs) and privacy</h3>
<div class="outline-text-3" id="text-org4ef8f04">
<div id="outline-container-org47e0d48" class="outline-3">
<h3 id="org47e0d48">Direct Messages (DMs) and privacy</h3>
<div class="outline-text-3" id="text-org47e0d48">
<p>
One important point about GNU Social is that although direct messages (DMs) are treated as being private their security is quite poor. If you want real communications privacy then use other systems such as XMPP+OMEMO/OTR, Tox or email with GPG. GNU Social is primarily about <i>fully public communications</i>.
</p>
</div>
</div>
<div id="outline-container-org3cfddda" class="outline-3">
<h3 id="org3cfddda">Using with Emacs</h3>
<div class="outline-text-3" id="text-org3cfddda">
<div id="outline-container-orgfc8168f" class="outline-3">
<h3 id="orgfc8168f">Using with Emacs</h3>
<div class="outline-text-3" id="text-orgfc8168f">
<p>
If you are an Emacs user it's also possible to set up GNU Social mode as follows:
</p>
@ -714,9 +714,9 @@ And as a quick reference the main keys are:
</div>
</div>
<div id="outline-container-org4852d92" class="outline-2">
<h2 id="org4852d92">Sharing things</h2>
<div class="outline-text-2" id="text-org4852d92">
<div id="outline-container-orgc54a7f2" class="outline-2">
<h2 id="orgc54a7f2">Sharing things</h2>
<div class="outline-text-2" id="text-orgc54a7f2">
<p>
If you have the GNU Social microblogging system installed then it's also possible to share things or services between groups or with particular users. This can be useful for sharing items within a family, club or in a local sharing economy. Sharing things freely, without money, reveals the social basis at the root of all economics which money normally conceals or obscures.
</p>
@ -743,20 +743,20 @@ The "<i>catalog</i>" button then allows you to search for shared things within t
</div>
</div>
<div id="outline-container-org5596b58" class="outline-2">
<h2 id="org5596b58">Social Network</h2>
<div class="outline-text-2" id="text-org5596b58">
</div><div id="outline-container-orgbfdc8d2" class="outline-3">
<h3 id="orgbfdc8d2">Domains</h3>
<div class="outline-text-3" id="text-orgbfdc8d2">
<div id="outline-container-org2955f60" class="outline-2">
<h2 id="org2955f60">Social Network</h2>
<div class="outline-text-2" id="text-org2955f60">
</div><div id="outline-container-orga651b22" class="outline-3">
<h3 id="orga651b22">Domains</h3>
<div class="outline-text-3" id="text-orga651b22">
<p>
Both Hubzilla and GNU Social try to obtain certificates automatically at the time of installation via Let's Encrypt. This will likely mean that in order for this to work you'll need to have obtained at least one "official" domain via a domain selling service, since Let's Encrypt mostly doesn't seem to work with free subdomains from sites such as freeDNS.
</p>
</div>
</div>
<div id="outline-container-orgfc8ffd0" class="outline-3">
<h3 id="orgfc8ffd0">Initial install</h3>
<div class="outline-text-3" id="text-orgfc8ffd0">
<div id="outline-container-orge522249" class="outline-3">
<h3 id="orge522249">Initial install</h3>
<div class="outline-text-3" id="text-orge522249">
<p>
On first visiting your Hubzilla site you'll see the login screen. The first thing you need to do is <b>register</b> a new user. The first user on the system then becomes its administrator.
</p>
@ -770,19 +770,19 @@ On first visiting your Hubzilla site you'll see the login screen. The first thin
</div>
</div>
<div id="outline-container-orgcac4966" class="outline-2">
<h2 id="orgcac4966">Chat Services</h2>
<div class="outline-text-2" id="text-orgcac4966">
</div><div id="outline-container-org4d5e594" class="outline-3">
<h3 id="org4d5e594">IRC</h3>
<div class="outline-text-3" id="text-org4d5e594">
<div id="outline-container-org6365387" class="outline-2">
<h2 id="org6365387">Chat Services</h2>
<div class="outline-text-2" id="text-org6365387">
</div><div id="outline-container-org510eaa0" class="outline-3">
<h3 id="org510eaa0">IRC</h3>
<div class="outline-text-3" id="text-org510eaa0">
<p>
IRC is useful for multi-user chat. The classic use case is for software development where many engineers might need to coordinate their activities, but it's also useful for meetings, parties and general socialising.
</p>
</div>
<div id="outline-container-org34795cb" class="outline-4">
<h4 id="org34795cb">Irssi</h4>
<div class="outline-text-4" id="text-org34795cb">
<div id="outline-container-org7f2b808" class="outline-4">
<h4 id="org7f2b808">Irssi</h4>
<div class="outline-text-4" id="text-org7f2b808">
<p>
The easiest way to use irssi is to connect to your system, like this:
</p>
@ -798,9 +798,9 @@ Then select <b>IRC</b> from the menu. However, other than via this method using
</p>
</div>
</div>
<div id="outline-container-org377d44d" class="outline-4">
<h4 id="org377d44d">HexChat</h4>
<div class="outline-text-4" id="text-org377d44d">
<div id="outline-container-org2329002" class="outline-4">
<h4 id="org2329002">HexChat</h4>
<div class="outline-text-4" id="text-org2329002">
<p>
HexChat (formerly XChat) is compatible with proxying via Tor and so provides the best security when connecting to your IRC server. It will allow you to connect to your IRC server's onion address.
</p>
@ -978,9 +978,9 @@ Click <b>close</b> and then <b>connect</b>.
</div>
</div>
<div id="outline-container-org81247ef" class="outline-4">
<h4 id="org81247ef">Emacs</h4>
<div class="outline-text-4" id="text-org81247ef">
<div id="outline-container-org3e7b5f6" class="outline-4">
<h4 id="org3e7b5f6">Emacs</h4>
<div class="outline-text-4" id="text-org3e7b5f6">
<p>
If you are an Emacs user then you can also connect to your IRC server via Emacs.
</p>
@ -1013,9 +1013,9 @@ Add the following to your Emacs configuration file:
</div>
</div>
</div>
<div id="outline-container-org41c87a5" class="outline-4">
<h4 id="org41c87a5">Changing or removing the IRC password</h4>
<div class="outline-text-4" id="text-org41c87a5">
<div id="outline-container-org1b9f23a" class="outline-4">
<h4 id="org1b9f23a">Changing or removing the IRC password</h4>
<div class="outline-text-4" id="text-org1b9f23a">
<p>
By default the IRC server is set up to require a password for users to log in. The password is the same for all users. If you want to change or remove the password:
</p>
@ -1033,20 +1033,20 @@ Select <i>Administrator controls</i> then <b>IRC Menu</b> and then change the pa
</div>
</div>
<div id="outline-container-org6b7b6d2" class="outline-3">
<h3 id="org6b7b6d2">XMPP/Jabber</h3>
<div class="outline-text-3" id="text-org6b7b6d2">
</div><div id="outline-container-org3c55a7b" class="outline-4">
<h4 id="org3c55a7b">About XMPP</h4>
<div class="outline-text-4" id="text-org3c55a7b">
<div id="outline-container-org19aa154" class="outline-3">
<h3 id="org19aa154">XMPP/Jabber</h3>
<div class="outline-text-3" id="text-org19aa154">
</div><div id="outline-container-orgf695784" class="outline-4">
<h4 id="orgf695784">About XMPP</h4>
<div class="outline-text-4" id="text-orgf695784">
<p>
A well written article on the state of XMPP and how it compares to other chat protocols <a href="https://gultsch.de/xmpp_2016.html">can be found here</a>.
</p>
</div>
</div>
<div id="outline-container-org52b79aa" class="outline-4">
<h4 id="org52b79aa">Using with Gajim</h4>
<div class="outline-text-4" id="text-org52b79aa">
<div id="outline-container-org6d69ab3" class="outline-4">
<h4 id="org6d69ab3">Using with Gajim</h4>
<div class="outline-text-4" id="text-org6d69ab3">
<p>
In mid 2016 <a href="https://gajim.org/">Gajim</a> became the first desktop XMPP client to support the <a href="https://en.wikipedia.org/wiki/OMEMO">OMEMO end-to-end security standard</a>, which is superior to the more traditional <a href="https://en.wikipedia.org/wiki/Off-the-Record_Messaging">OTR</a> since it also includes multi-user chat and the ratcheting mechanism pioneered by Open Whisper Systems. To install it:
</p>
@ -1092,9 +1092,9 @@ If you wish to use OpenPGP to encrypt your messages then go to <b>Edit/Accounts<
</div>
</div>
<div id="outline-container-org867a7ab" class="outline-4">
<h4 id="org867a7ab">Using with Profanity</h4>
<div class="outline-text-4" id="text-org867a7ab">
<div id="outline-container-org4205991" class="outline-4">
<h4 id="org4205991">Using with Profanity</h4>
<div class="outline-text-4" id="text-org4205991">
<p>
The <a href="https://profanity.im/">Profanity</a> shell based user interface and is perhaps the simplest way to use XMPP from a laptop. It's also a good way to ensure that your OTR keys are the same even when logging in from different laptops or devices, and it also means that if those devices later become compomised then there are no locally stored OTR keys to be found.
</p>
@ -1184,9 +1184,9 @@ When accessed via the user control panel the client is automatically routed thro
</p>
</div>
</div>
<div id="outline-container-orgffff539" class="outline-4">
<h4 id="orgffff539">Using with Jitsi</h4>
<div class="outline-text-4" id="text-orgffff539">
<div id="outline-container-org32deb15" class="outline-4">
<h4 id="org32deb15">Using with Jitsi</h4>
<div class="outline-text-4" id="text-org32deb15">
<p>
Jitsi is the recommended communications client for desktop or laptop systems, since it includes the <i>off the record</i> (OTR) feature which provides some additional security beyond the usual SSL certificates.
</p>
@ -1216,9 +1216,9 @@ You can also <a href="https://www.youtube.com/watch?v=vgx7VSrDGjk">see this vide
</p>
</div>
</div>
<div id="outline-container-orga156aee" class="outline-4">
<h4 id="orga156aee">Using with Ubuntu</h4>
<div class="outline-text-4" id="text-orga156aee">
<div id="outline-container-org8f9c182" class="outline-4">
<h4 id="org8f9c182">Using with Ubuntu</h4>
<div class="outline-text-4" id="text-org8f9c182">
<p>
The default XMPP client in Ubuntu is Empathy. Using Empathy isn't as secure as using Jitsi, since it doesn't include the <i>off the record</i> feature, but since it's the default it's what many users will have easy access to.
</p>
@ -1236,17 +1236,17 @@ Click on <b>Advanced</b> and make sure that <b>Encryption required</b> and <b>Ig
</p>
</div>
</div>
<div id="outline-container-orgf175285" class="outline-4">
<h4 id="orgf175285">Using Tor Messenger</h4>
<div class="outline-text-4" id="text-orgf175285">
<div id="outline-container-org6a1a5a4" class="outline-4">
<h4 id="org6a1a5a4">Using Tor Messenger</h4>
<div class="outline-text-4" id="text-org6a1a5a4">
<p>
Tor Messenger is a messaging client which supports XMPP, and its onion routing enables you to protect the metadata of chat interactions to some extent by making it difficult for an adversary to know which server is talking to which. You can download Tor Messenger from <a href="https://torproject.org/">torproject.org</a> and the setup is pretty simple.
</p>
</div>
</div>
<div id="outline-container-org9ce4d3e" class="outline-4">
<h4 id="org9ce4d3e">Using with Android/Conversations</h4>
<div class="outline-text-4" id="text-org9ce4d3e">
<div id="outline-container-org9df7d0f" class="outline-4">
<h4 id="org9df7d0f">Using with Android/Conversations</h4>
<div class="outline-text-4" id="text-org9df7d0f">
<p>
Install <a href="https://f-droid.org/">F-Droid</a>
</p>
@ -1282,16 +1282,16 @@ Then select <b>Next</b>. When chatting you can use the lock icon to encrypt your
</div>
</div>
</div>
<div id="outline-container-orgff81b02" class="outline-3">
<h3 id="orgff81b02">Tox</h3>
<div class="outline-text-3" id="text-orgff81b02">
<div id="outline-container-org92a8406" class="outline-3">
<h3 id="org92a8406">Tox</h3>
<div class="outline-text-3" id="text-org92a8406">
<p>
Tox is an encrypted peer-to-peer messaging system and so should work without Freedombone. It uses a system of nodes which act as a sort of directory service allowing users to find and connect to each other. The Tox node ID on the Freedombone can be found within the README within your home directory. If you have other users connect to your node then you will be able to continue chatting even when no other nodes are available.
</p>
</div>
<div id="outline-container-org5ed532f" class="outline-4">
<h4 id="org5ed532f">Using the Toxic client</h4>
<div class="outline-text-4" id="text-org5ed532f">
<div id="outline-container-org9f5940e" class="outline-4">
<h4 id="org9f5940e">Using the Toxic client</h4>
<div class="outline-text-4" id="text-org9f5940e">
<p>
Log into your system with:
</p>
@ -1315,20 +1315,20 @@ Then from the menu select <b>Tox Chat</b>. Tox is encrypted by default and also
</div>
</div>
<div id="outline-container-org417c7f6" class="outline-3">
<h3 id="org417c7f6">VoIP (Voice and text chat)</h3>
<div class="outline-text-3" id="text-org417c7f6">
</div><div id="outline-container-org21c27dd" class="outline-4">
<h4 id="org21c27dd">Text chat</h4>
<div class="outline-text-4" id="text-org21c27dd">
<div id="outline-container-orgc4e224c" class="outline-3">
<h3 id="orgc4e224c">VoIP (Voice and text chat)</h3>
<div class="outline-text-3" id="text-orgc4e224c">
</div><div id="outline-container-orgaa66520" class="outline-4">
<h4 id="orgaa66520">Text chat</h4>
<div class="outline-text-4" id="text-orgaa66520">
<p>
In addition to voice it is also possible to do text chat via mumble. The security of this is pretty good provided that you do it via Plumble and Orbot on mobile, but compared to other options such as XMPP/Conversations or Tox the security is not as good, since the mumble server currently doesn't support forward secrecy.
</p>
</div>
</div>
<div id="outline-container-orgf100334" class="outline-4">
<h4 id="orgf100334">Using with Ubuntu</h4>
<div class="outline-text-4" id="text-orgf100334">
<div id="outline-container-org87535d9" class="outline-4">
<h4 id="org87535d9">Using with Ubuntu</h4>
<div class="outline-text-4" id="text-org87535d9">
<p>
Within the software center search for "mumble" and install the client then run it. Skip through the audio setup wizard.
</p>
@ -1338,9 +1338,9 @@ Click on "add new" to add a new server and enter the default domain name for the
</p>
</div>
</div>
<div id="outline-container-org2eb781a" class="outline-4">
<h4 id="org2eb781a">Using with Android</h4>
<div class="outline-text-4" id="text-org2eb781a">
<div id="outline-container-orgfab184a" class="outline-4">
<h4 id="orgfab184a">Using with Android</h4>
<div class="outline-text-4" id="text-orgfab184a">
<p>
Install <a href="https://f-droid.org/">F-Droid</a>
</p>
@ -1375,24 +1375,24 @@ Selecting the server by pressing on it then connects you to the server so that y
</div>
</div>
</div>
<div id="outline-container-org38b9f4e" class="outline-3">
<h3 id="org38b9f4e">SIP phones</h3>
<div class="outline-text-3" id="text-org38b9f4e">
<div id="outline-container-org4b9e852" class="outline-3">
<h3 id="org4b9e852">SIP phones</h3>
<div class="outline-text-3" id="text-org4b9e852">
<p>
Freedombone also supports SIP phones The username and domain is the same as for your email address, and the SIP password and extension number will appear within the README file in your home directory. Various SIP client options are available, such as CSipSimple on Android and Jitsi on desktop or laptop machines. Ideally use clients which support ZRTP, which will provide the best level of security.
</p>
</div>
<div id="outline-container-orgbb967c4" class="outline-4">
<h4 id="orgbb967c4">About ZRTP</h4>
<div class="outline-text-4" id="text-orgbb967c4">
<div id="outline-container-orgdf50949" class="outline-4">
<h4 id="orgdf50949">About ZRTP</h4>
<div class="outline-text-4" id="text-orgdf50949">
<p>
<a href="https://jitsi.org/Documentation/ZrtpFAQ">ZRTP</a> appears to be the current best standard to end-to-end encrypted voice calls, combining good security with simplicity of use. When the initial cryptographic negotiation between phones is done at the start of a call a short authentication string (SAS) is calculated and displayed at both ends. To check that there isn't anyone intercepting the call and acting as a <i>man in the middle</i> - as <a href="https://en.wikipedia.org/wiki/Stingray_phone_tracker">stingray type devices</a> try to do - the short authentication string can be read out and verbally confirmed between the callers. If it's the same then you can be pretty confident that the call is secure.
</p>
</div>
</div>
<div id="outline-container-org2201e80" class="outline-4">
<h4 id="org2201e80">Using with CSIPSimple</h4>
<div class="outline-text-4" id="text-org2201e80">
<div id="outline-container-org167ff55" class="outline-4">
<h4 id="org167ff55">Using with CSIPSimple</h4>
<div class="outline-text-4" id="text-org167ff55">
<p>
Add an account. Under <b>General Wizards</b> choose <b>Expert</b> and enter the following details:
</p>
@ -1448,9 +1448,9 @@ If everything is working the account should appear in green with a status of <b>
</p>
</div>
</div>
<div id="outline-container-org3c35ea8" class="outline-4">
<h4 id="org3c35ea8">Using with Ring</h4>
<div class="outline-text-4" id="text-org3c35ea8">
<div id="outline-container-org264560f" class="outline-4">
<h4 id="org264560f">Using with Ring</h4>
<div class="outline-text-4" id="text-org264560f">
<p>
From the menu select <b>Manage accounts</b>.
</p>
@ -1503,9 +1503,9 @@ Select the <b>Security</b> tab. Under <b>SRTP Key Exchange</b> select <b>ZRTP</b
</div>
</div>
<div id="outline-container-orgff77a66" class="outline-2">
<h2 id="orgff77a66">RSS Reader</h2>
<div class="outline-text-2" id="text-orgff77a66">
<div id="outline-container-org4ef6739" class="outline-2">
<h2 id="org4ef6739">RSS Reader</h2>
<div class="outline-text-2" id="text-org4ef6739">
<p>
The way that RSS reading is set up on Freedombone gives you strong reading privacy. Not only is there onion routing between you and the server but also between the server and the source of the RSS feed. The only down side is that many RSS feeds are still http only, and so could be vulnerable to injection attacks, but it's expected that more of this will go to https in the foreseeable future due to a combination of growing recognition of security issues and systems like Let's Encrypt which make obtaining certificates much easier.
</p>
@ -1517,9 +1517,9 @@ The way that RSS reading is set up on Freedombone gives you strong reading priva
</div>
</div>
<div id="outline-container-org1da9c1d" class="outline-3">
<h3 id="org1da9c1d">Finding the onion address</h3>
<div class="outline-text-3" id="text-org1da9c1d">
<div id="outline-container-org6ead57c" class="outline-3">
<h3 id="org6ead57c">Finding the onion address</h3>
<div class="outline-text-3" id="text-org6ead57c">
<p>
See the control panel for the RSS reader onion address.
</p>
@ -1544,9 +1544,9 @@ To set up the system open <a href="http://rss_reader_onion_address/">http://rss_
</div>
</div>
<div id="outline-container-orgf7948f5" class="outline-3">
<h3 id="orgf7948f5">On mobile</h3>
<div class="outline-text-3" id="text-orgf7948f5">
<div id="outline-container-org6dae73a" class="outline-3">
<h3 id="org6dae73a">On mobile</h3>
<div class="outline-text-3" id="text-org6dae73a">
<p>
To access the RSS reader from a mobile device you can install a Tor compatible browser such as OrFox. It will try to automatically change to the mobile version of the user interface. Remember to add the site to the NoScript whitelist, and you may also need to turn HTTPS Everywhere off.
</p>
@ -1558,9 +1558,9 @@ A note for the paranoid is that on mobile devices you get redirected to a differ
</blockquote>
</div>
</div>
<div id="outline-container-orgd3a8a1d" class="outline-3">
<h3 id="orgd3a8a1d">With Emacs</h3>
<div class="outline-text-3" id="text-orgd3a8a1d">
<div id="outline-container-org8621941" class="outline-3">
<h3 id="org8621941">With Emacs</h3>
<div class="outline-text-3" id="text-org8621941">
<p>
If you are an Emacs user then you can also read your RSS feeds via the <a href="https://github.com/dk87/avandu">Avandu</a> mode.
</p>
@ -1602,9 +1602,9 @@ And ensure that the Tor daemon is installed:
</div>
</div>
</div>
<div id="outline-container-org7d41716" class="outline-2">
<h2 id="org7d41716">Git Projects</h2>
<div class="outline-text-2" id="text-org7d41716">
<div id="outline-container-org5973593" class="outline-2">
<h2 id="org5973593">Git Projects</h2>
<div class="outline-text-2" id="text-org5973593">
<p>
Github is ok, but it's proprietary and funded by venture capital. If you been around on the internet for long enough then you know how this story eventually works itself out - i.e. badly for the users. It's really only a question of time. If you're a software developer or do things which involve the Git version control system then it's a good idea to become accustomed to hosting your own repositories, before the inevitable Github shitstorm happens.
</p>
@ -1642,9 +1642,9 @@ This will stop any spam accounts being created by random strangers or bots. You
</p>
</div>
</div>
<div id="outline-container-org9b9f095" class="outline-2">
<h2 id="org9b9f095">Adding or removing users</h2>
<div class="outline-text-2" id="text-org9b9f095">
<div id="outline-container-orgb97836a" class="outline-2">
<h2 id="orgb97836a">Adding or removing users</h2>
<div class="outline-text-2" id="text-orgb97836a">
<p>
Log into the system with:
</p>

158
website/EN/usage_email.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-08-08 Mon 17:20 -->
<!-- 2016-08-08 Mon 17:41 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
@ -181,7 +181,7 @@
.org-svg { width: 90%; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" />
<link rel="stylesheet" type="text/css" href="freedombone.css" />
<script type="text/javascript">
/*
@licstart The following is the entire license notice for the
@ -254,54 +254,54 @@ for the JavaScript code in this tag.
</colgroup>
<tbody>
<tr>
<td class="org-left"><a href="#orge5254be">Things to be aware of</a></td>
<td class="org-left"><a href="#orgb824c0d">Things to be aware of</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org023a46e">A technical note about email transport security</a></td>
<td class="org-left"><a href="#orgc72b620">A technical note about email transport security</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org13d1ae1">Add a password to your GPG key</a></td>
<td class="org-left"><a href="#orgee6abbd">Add a password to your GPG key</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org2b05efe">Publishing your GPG public key</a></td>
<td class="org-left"><a href="#org8275896">Publishing your GPG public key</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org609d2a8">Mutt email client</a></td>
<td class="org-left"><a href="#org5101189">Mutt email client</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org7e71ee0">Thunderbird/Icedove</a></td>
<td class="org-left"><a href="#org08c3371">Thunderbird/Icedove</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org859f614">K9 Android client</a></td>
<td class="org-left"><a href="#org977e91e">K9 Android client</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org0c0172c">Subscribing to mailing lists</a></td>
<td class="org-left"><a href="#org563073c">Subscribing to mailing lists</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orga06b4bf">Adding email addresses to a group/folder</a></td>
<td class="org-left"><a href="#orgd570e78">Adding email addresses to a group/folder</a></td>
</tr>
<tr>
<td class="org-left"><a href="#orgd21a27d">Ignoring incoming emails</a></td>
<td class="org-left"><a href="#org422c59c">Ignoring incoming emails</a></td>
</tr>
<tr>
<td class="org-left"><a href="#org5310f10">Your own mailing list</a></td>
<td class="org-left"><a href="#org60ff188">Your own mailing list</a></td>
</tr>
</tbody>
</table>
<div id="outline-container-orge5254be" class="outline-2">
<h2 id="orge5254be">Things to be aware of</h2>
<div class="outline-text-2" id="text-orge5254be">
<div id="outline-container-orgb824c0d" class="outline-2">
<h2 id="orgb824c0d">Things to be aware of</h2>
<div class="outline-text-2" id="text-orgb824c0d">
<p>
Even though this system makes it easy to set up an email server, running your own email system is still not easy and this is mainly due to the huge amount of collatoral damage caused by spammers over a long period of time, which in turn is due to the inherent insecurity of email protocols which enabled spam to become a big problem. Email is still very popular though and most internet services require that you have an email address in order to register.
</p>
@ -315,9 +315,9 @@ So if you want to use your own email address hosted on your own system you do ne
</p>
</div>
</div>
<div id="outline-container-org023a46e" class="outline-2">
<h2 id="org023a46e">A technical note about email transport security</h2>
<div class="outline-text-2" id="text-org023a46e">
<div id="outline-container-orgc72b620" class="outline-2">
<h2 id="orgc72b620">A technical note about email transport security</h2>
<div class="outline-text-2" id="text-orgc72b620">
<p>
Port 465 is used for SMTP and this is supposedly deprecated for secure email. However, using TLS from the start of the communications seems far more secure than starting off with insecure communications and then trying to upgrade it with a command to begin TLS, as happens with STARTTLS. There are <a href="https://www.eff.org/deeplinks/2014/11/starttls-downgrade-attacks">possible attacks against STARTTLS</a> in which the command to begin secure communications is removed or overwritten which could then result in email being transferred in plain text over the internet and be readable by third parties.
</p>
@ -333,9 +333,9 @@ The researchers also uncovered mass scale attacks of STARTTLS sessions being str
</blockquote>
</div>
</div>
<div id="outline-container-org13d1ae1" class="outline-2">
<h2 id="org13d1ae1">Add a password to your GPG key</h2>
<div class="outline-text-2" id="text-org13d1ae1">
<div id="outline-container-orgee6abbd" class="outline-2">
<h2 id="orgee6abbd">Add a password to your GPG key</h2>
<div class="outline-text-2" id="text-orgee6abbd">
<p>
If you didn't use existing GPG keys during the Freedombone installation then you'll need to add a password to your newly generated private key. This is highly recommended. Go through the following sequence of commands to ssh into the Freedombone and then change your GPG password.
</p>
@ -357,9 +357,9 @@ Having a password on your GPG key will prevent someone from reading your email <
</div>
</div>
<div id="outline-container-org2b05efe" class="outline-2">
<h2 id="org2b05efe">Publishing your GPG public key</h2>
<div class="outline-text-2" id="text-org2b05efe">
<div id="outline-container-org8275896" class="outline-2">
<h2 id="org8275896">Publishing your GPG public key</h2>
<div class="outline-text-2" id="text-org8275896">
<p>
If you havn't already then you should publish your GPG public key so that others can find it.
</p>
@ -373,9 +373,9 @@ gpg --send-keys username@domainname
</div>
</div>
</div>
<div id="outline-container-org609d2a8" class="outline-2">
<h2 id="org609d2a8">Mutt email client</h2>
<div class="outline-text-2" id="text-org609d2a8">
<div id="outline-container-org5101189" class="outline-2">
<h2 id="org5101189">Mutt email client</h2>
<div class="outline-text-2" id="text-org5101189">
<div class="org-center">
<div class="figure">
@ -541,9 +541,9 @@ When reading emails you will initially need to enter your GPG password. It will
</div>
</div>
<div id="outline-container-org7e71ee0" class="outline-2">
<h2 id="org7e71ee0">Thunderbird/Icedove</h2>
<div class="outline-text-2" id="text-org7e71ee0">
<div id="outline-container-org08c3371" class="outline-2">
<h2 id="org08c3371">Thunderbird/Icedove</h2>
<div class="outline-text-2" id="text-org08c3371">
<p>
Another common way in which you may want to access email is via Thunderbird (also known as Icedove on Debian). This may be especially useful if you're trying to convert former Windows users who may previously have been using some version of Outlook.
</p>
@ -553,9 +553,9 @@ The following instructions should be carried out on the client machines (laptop,
</p>
</div>
<div id="outline-container-org9eb8410" class="outline-4">
<h4 id="org9eb8410">Initial setup</h4>
<div class="outline-text-4" id="text-org9eb8410">
<div id="outline-container-orge9dc056" class="outline-4">
<h4 id="orge9dc056">Initial setup</h4>
<div class="outline-text-4" id="text-orge9dc056">
<p>
Install <b>Thunderbird</b> and <b>Enigmail</b>. How you do this just depends upon your distro and software manager or "app store".
</p>
@ -611,9 +611,9 @@ Select "<b>yes</b>" to change default settings.
</p>
</div>
</div>
<div id="outline-container-org26bdb18" class="outline-4">
<h4 id="org26bdb18">Import your GPG keys</h4>
<div class="outline-text-4" id="text-org26bdb18">
<div id="outline-container-orgd99324a" class="outline-4">
<h4 id="orgd99324a">Import your GPG keys</h4>
<div class="outline-text-4" id="text-orgd99324a">
<p>
On the Freedombone export your GPG public and private keys.
</p>
@ -662,9 +662,9 @@ shred -zu ~/private_key.gpg
</div>
</div>
<div id="outline-container-org6232242" class="outline-4">
<h4 id="org6232242">Using for the first time</h4>
<div class="outline-text-4" id="text-org6232242">
<div id="outline-container-orgdaf2524" class="outline-4">
<h4 id="orgdaf2524">Using for the first time</h4>
<div class="outline-text-4" id="text-orgdaf2524">
<p>
Click on the Thunderbird menu, which looks like three horizontal bars on the right hand side.
</p>
@ -699,9 +699,9 @@ Get into the habit of using email encryption and encourage others to do so. Rem
</div>
</div>
<div id="outline-container-org76969e1" class="outline-4">
<h4 id="org76969e1">Making folders visible</h4>
<div class="outline-text-4" id="text-org76969e1">
<div id="outline-container-org8c934cf" class="outline-4">
<h4 id="org8c934cf">Making folders visible</h4>
<div class="outline-text-4" id="text-org8c934cf">
<p>
By default you won't be able to see any folders which you may have created earlier using the <i>mailinglistrule</i> script. To make folders visible select:
</p>
@ -717,12 +717,12 @@ Make sure that "<b>show only subscribed folders</b>" is not checked. Then click
</div>
</div>
<div id="outline-container-org859f614" class="outline-2">
<h2 id="org859f614">K9 Android client</h2>
<div class="outline-text-2" id="text-org859f614">
</div><div id="outline-container-org38cc6da" class="outline-4">
<h4 id="org38cc6da">A point about GPG on Android</h4>
<div class="outline-text-4" id="text-org38cc6da">
<div id="outline-container-org977e91e" class="outline-2">
<h2 id="org977e91e">K9 Android client</h2>
<div class="outline-text-2" id="text-org977e91e">
</div><div id="outline-container-org064e583" class="outline-4">
<h4 id="org064e583">A point about GPG on Android</h4>
<div class="outline-text-4" id="text-org064e583">
<p>
Before trying to set up email on Android you may want to consider whether you really need to do this. Android (and its variants) is not a particularly secure operating system and whether or not you wish to store GPG keys on it depends on your threat model and in what situations you'll be using your device.
</p>
@ -732,9 +732,9 @@ If you are going to use email on an Android device then ensure that you have ful
</p>
</div>
</div>
<div id="outline-container-org5d2163b" class="outline-4">
<h4 id="org5d2163b">Compiling the development version</h4>
<div class="outline-text-4" id="text-org5d2163b">
<div id="outline-container-orge3b9988" class="outline-4">
<h4 id="orge3b9988">Compiling the development version</h4>
<div class="outline-text-4" id="text-orge3b9988">
<p>
To get K9 working with Freedombone you'll need to install development versions of OpenKeychain and K9. At the time of writing the versions available in F-Droid do not support PGP/MIME or the "hidden recipient" feature of GPG. It is hoped that at some stage the patches will be integrated into the mainline or functionally equivalent changes made. Admittedly, this is not at all user friendly, but currently it's the only way to read Freedombone email on Android systems.
</p>
@ -940,9 +940,9 @@ Save and exit with <b>CTRL-o</b>, <b>CTRL-x</b>.
</div>
</div>
<div id="outline-container-org3c79dbd" class="outline-4">
<h4 id="org3c79dbd">Import your GPG key into OpenKeychain</h4>
<div class="outline-text-4" id="text-org3c79dbd">
<div id="outline-container-org0c7be33" class="outline-4">
<h4 id="org0c7be33">Import your GPG key into OpenKeychain</h4>
<div class="outline-text-4" id="text-org0c7be33">
<p>
With your device connected to a laptop via USB cable and with USB debugging enabled on it:
</p>
@ -967,9 +967,9 @@ Then on your device select OpenKeychain and import your key from file.
</p>
</div>
</div>
<div id="outline-container-org5c95636" class="outline-4">
<h4 id="org5c95636">Incoming server settings</h4>
<div class="outline-text-4" id="text-org5c95636">
<div id="outline-container-orgdd1cf35" class="outline-4">
<h4 id="orgdd1cf35">Incoming server settings</h4>
<div class="outline-text-4" id="text-orgdd1cf35">
<ul class="org-ul">
<li>Select settings/account settings</li>
<li>Select Fetching mail/incoming server</li>
@ -981,9 +981,9 @@ Then on your device select OpenKeychain and import your key from file.
</ul>
</div>
</div>
<div id="outline-container-org86df7eb" class="outline-4">
<h4 id="org86df7eb">Outgoing (SMTP) server settings</h4>
<div class="outline-text-4" id="text-org86df7eb">
<div id="outline-container-org4d5e90d" class="outline-4">
<h4 id="org4d5e90d">Outgoing (SMTP) server settings</h4>
<div class="outline-text-4" id="text-org4d5e90d">
<ul class="org-ul">
<li>Select settings/account settings</li>
<li>Select Sending mail/outgoing server</li>
@ -996,9 +996,9 @@ Then on your device select OpenKeychain and import your key from file.
</ul>
</div>
</div>
<div id="outline-container-org19bbf5d" class="outline-4">
<h4 id="org19bbf5d">Crypto settings</h4>
<div class="outline-text-4" id="text-org19bbf5d">
<div id="outline-container-orgee7a6a8" class="outline-4">
<h4 id="orgee7a6a8">Crypto settings</h4>
<div class="outline-text-4" id="text-orgee7a6a8">
<p>
Select <b>settings</b>, <b>Account settings</b>, <b>OpenKeychain</b> and then select your key and press <b>Allow</b>. You should now be able to decrypt emails by entering your GPG passphrase.
</p>
@ -1008,9 +1008,9 @@ You may also want to change the amount of time for which passwords are remembere
</p>
</div>
</div>
<div id="outline-container-orgb823df0" class="outline-4">
<h4 id="orgb823df0">Folders</h4>
<div class="outline-text-4" id="text-orgb823df0">
<div id="outline-container-org87b0d22" class="outline-4">
<h4 id="org87b0d22">Folders</h4>
<div class="outline-text-4" id="text-org87b0d22">
<p>
To view any new folders which you may have created using the <i>mailinglistrule</i> script from your inbox press the <b>K9 icon</b> at the top left to access folders, then press the <b>menu button</b> and select <b>refresh folder list</b>.
</p>
@ -1022,9 +1022,9 @@ If your folder still doesn't show up then press the <b>menu button</b>, select <
</div>
</div>
<div id="outline-container-org0c0172c" class="outline-2">
<h2 id="org0c0172c">Subscribing to mailing lists</h2>
<div class="outline-text-2" id="text-org0c0172c">
<div id="outline-container-org563073c" class="outline-2">
<h2 id="org563073c">Subscribing to mailing lists</h2>
<div class="outline-text-2" id="text-org563073c">
<p>
To subscribe to a mailing list log in as your user (i.e. not the root user).
</p>
@ -1040,9 +1040,9 @@ Select <i>Administrator controls</i> then <b>Email filtering rules</b> then <b>A
</p>
</div>
</div>
<div id="outline-container-orga06b4bf" class="outline-2">
<h2 id="orga06b4bf">Adding email addresses to a group/folder</h2>
<div class="outline-text-2" id="text-orga06b4bf">
<div id="outline-container-orgd570e78" class="outline-2">
<h2 id="orgd570e78">Adding email addresses to a group/folder</h2>
<div class="outline-text-2" id="text-orgd570e78">
<p>
Similar to adding mailing list folders you can also add specified email addresses into a group/folder.
</p>
@ -1058,9 +1058,9 @@ Select <i>Administrator controls</i> then <b>Email filtering rules</b> then <b>A
</p>
</div>
</div>
<div id="outline-container-orgd21a27d" class="outline-2">
<h2 id="orgd21a27d">Ignoring incoming emails</h2>
<div class="outline-text-2" id="text-orgd21a27d">
<div id="outline-container-org422c59c" class="outline-2">
<h2 id="org422c59c">Ignoring incoming emails</h2>
<div class="outline-text-2" id="text-org422c59c">
<p>
It is possible to ignore incoming emails if they are from a particular email address or if the subject line contains particular text.
</p>
@ -1076,9 +1076,9 @@ Select <i>Administrator controls</i> then <b>Email filtering rules</b> then <b>B
</p>
</div>
</div>
<div id="outline-container-org5310f10" class="outline-2">
<h2 id="org5310f10">Your own mailing list</h2>
<div class="outline-text-2" id="text-org5310f10">
<div id="outline-container-org60ff188" class="outline-2">
<h2 id="org60ff188">Your own mailing list</h2>
<div class="outline-text-2" id="text-org60ff188">
<p>
If you want to set up a public mailing list then when installing the system remember to set the <b>PUBLIC_MAILING_LIST</b> variable within <b>freedombone.cfg</b> to the name of your list. The name should have no spaces in it. Public mailing lists are unencrypted so anyone will be able to read the contents, including non subscribers.
</p>

4
website/EN/variants.html
View File

@ -3,7 +3,7 @@
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en">
<head>
<!-- 2016-08-08 Mon 17:20 -->
<!-- 2016-08-08 Mon 17:41 -->
<meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title></title>
@ -181,7 +181,7 @@
.org-svg { width: 90%; }
/*]]>*/-->
</style>
<link rel="stylesheet" type="text/css" href="solarized-light.css" />
<link rel="stylesheet" type="text/css" href="freedombone.css" />
<script type="text/javascript">
/*
@licstart The following is the entire license notice for the

303
website/solarized-dark.css
View File

@ -1,303 +0,0 @@
@import url(http://fonts.googleapis.com/css?family=Inconsolata);
@import url(http://fonts.googleapis.com/css?family=PT+Sans);
@import url(http://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700);
article,
aside,
details,
figcaption,
figure,
footer,
header,
hgroup,
nav,
section,
summary {
display: block;
}
audio,
canvas,
video {
display: inline-block;
}
audio:not([controls]) {
display: none;
height: 0;
}
[hidden] {
display: none;
}
html {
font-family: sans-serif;
-webkit-text-size-adjust: 100%;
-ms-text-size-adjust: 100%;
}
body {
margin: 0;
}
a:focus {
outline: thin dotted;
}
a:active,
a:hover {
outline: 0;
}
h1 {
font-size: 2em;
}
abbr[title] {
border-bottom: 1px dotted;
}
b,
strong {
font-weight: bold;
}
dfn {
font-style: italic;
}
mark {
background: #ff0;
color: #000;
}
code,
kbd,
pre,
samp {
font-family: monospace, serif;
font-size: 1em;
}
pre {
white-space: pre-wrap;
word-wrap: break-word;
}
q {
quotes: "\201C" "\201D" "\2018" "\2019";
}
small {
font-size: 80%;
}
sub,
sup {
font-size: 75%;
line-height: 0;
position: relative;
vertical-align: baseline;
}
sup {
top: -0.5em;
}
sub {
bottom: -0.25em;
}
img {
border: 0;
}
svg:not(:root) {
overflow: hidden;
}
figure {
margin: 0;
}
fieldset {
border: 1px solid #c0c0c0;
margin: 0 2px;
padding: 0.35em 0.625em 0.75em;
}
legend {
border: 0;
padding: 0;
}
button,
input,
select,
textarea {
font-family: inherit;
font-size: 100%;
margin: 0;
}
button,
input {
line-height: normal;
}
button,
html input[type="button"],
input[type="reset"],
input[type="submit"] {
-webkit-appearance: button;
cursor: pointer;
}
button[disabled],
input[disabled] {
cursor: default;
}
input[type="checkbox"],
input[type="radio"] {
box-sizing: border-box;
padding: 0;
}
input[type="search"] {
-webkit-appearance: textfield;
-moz-box-sizing: content-box;
-webkit-box-sizing: content-box;
box-sizing: content-box;
}
input[type="search"]::-webkit-search-cancel-button,
input[type="search"]::-webkit-search-decoration {
-webkit-appearance: none;
}
button::-moz-focus-inner,
input::-moz-focus-inner {
border: 0;
padding: 0;
}
textarea {
overflow: auto;
vertical-align: top;
}
table {
border-collapse: collapse;
border-spacing: 0;
}
html {
font-family: 'PT Sans', sans-serif;
}
pre,
code {
font-family: 'Inconsolata', sans-serif;
}
h1,
h2,
h3,
h4,
h5,
h6 {
font-family: 'PT Sans Narrow', sans-serif;
font-weight: 700;
}
html {
background-color: #073642;
color: #839496;
margin: 1em;
}
body {
background-color: #002b36;
margin: 0 auto;
max-width: 23cm;
border: 1pt solid #586e75;
padding: 1em;
}
code {
background-color: #073642;
padding: 2px;
}
a {
color: #b58900;
}
a:visited {
color: #cb4b16;
}
a:hover {
color: #cb4b16;
}
h1 {
color: #d33682;
}
h2,
h3,
h4,
h5,
h6 {
color: #859900;
}
pre {
background-color: #002b36;
color: #839496;
border: 1pt solid #586e75;
padding: 1em;
box-shadow: 5pt 5pt 8pt #073642;
}
pre code {
background-color: #002b36;
}
h1 {
font-size: 2.8em;
}
h2 {
font-size: 2.4em;
}
h3 {
font-size: 1.8em;
}
h4 {
font-size: 1.4em;
}
h5 {
font-size: 1.3em;
}
h6 {
font-size: 1.15em;
}
.tag {
background-color: #073642;
color: #d33682;
padding: 0 0.2em;
}
.todo,
.next,
.done {
color: #002b36;
background-color: #dc322f;
padding: 0 0.2em;
}
.tag {
-webkit-border-radius: 0.35em;
-moz-border-radius: 0.35em;
border-radius: 0.35em;
}
.TODO {
-webkit-border-radius: 0.2em;
-moz-border-radius: 0.2em;
border-radius: 0.2em;
background-color: #2aa198;
}
.NEXT {
-webkit-border-radius: 0.2em;
-moz-border-radius: 0.2em;
border-radius: 0.2em;
background-color: #268bd2;
}
.ACTIVE {
-webkit-border-radius: 0.2em;
-moz-border-radius: 0.2em;
border-radius: 0.2em;
background-color: #268bd2;
}
.DONE {
-webkit-border-radius: 0.2em;
-moz-border-radius: 0.2em;
border-radius: 0.2em;
background-color: #859900;
}
.WAITING {
-webkit-border-radius: 0.2em;
-moz-border-radius: 0.2em;
border-radius: 0.2em;
background-color: #cb4b16;
}
.HOLD {
-webkit-border-radius: 0.2em;
-moz-border-radius: 0.2em;
border-radius: 0.2em;
background-color: #d33682;
}
.NOTE {
-webkit-border-radius: 0.2em;
-moz-border-radius: 0.2em;
border-radius: 0.2em;
background-color: #d33682;
}
.CANCELLED {
-webkit-border-radius: 0.2em;
-moz-border-radius: 0.2em;
border-radius: 0.2em;
background-color: #859900;
}

303
website/solarized-light.css
View File

@ -1,303 +0,0 @@
@import url(http://fonts.googleapis.com/css?family=Inconsolata);
@import url(http://fonts.googleapis.com/css?family=PT+Sans);
@import url(http://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700);
article,
aside,
details,
figcaption,
figure,
footer,
header,
hgroup,
nav,
section,
summary {
display: block;
}
audio,
canvas,
video {
display: inline-block;
}
audio:not([controls]) {
display: none;
height: 0;
}
[hidden] {
display: none;
}
html {
font-family: sans-serif;
-webkit-text-size-adjust: 100%;
-ms-text-size-adjust: 100%;
}
body {
margin: 0;
}
a:focus {
outline: thin dotted;
}
a:active,
a:hover {
outline: 0;
}
h1 {
font-size: 2em;
}
abbr[title] {
border-bottom: 1px dotted;
}
b,
strong {
font-weight: bold;
}
dfn {
font-style: italic;
}
mark {
background: #ff0;
color: #000;
}
code,
kbd,
pre,
samp {
font-family: monospace, serif;
font-size: 1em;
}
pre {
white-space: pre-wrap;
word-wrap: break-word;
}
q {
quotes: "\201C" "\201D" "\2018" "\2019";
}
small {
font-size: 80%;
}
sub,
sup {
font-size: 75%;
line-height: 0;
position: relative;
vertical-align: baseline;
}
sup {
top: -0.5em;
}
sub {
bottom: -0.25em;
}
img {
border: 0;
}
svg:not(:root) {
overflow: hidden;
}
figure {
margin: 0;
}
fieldset {
border: 1px solid #c0c0c0;
margin: 0 2px;
padding: 0.35em 0.625em 0.75em;
}
legend {
border: 0;
padding: 0;
}
button,
input,
select,
textarea {
font-family: inherit;
font-size: 100%;
margin: 0;
}
button,
input {
line-height: normal;
}
button,
html input[type="button"],
input[type="reset"],
input[type="submit"] {
-webkit-appearance: button;
cursor: pointer;
}
button[disabled],
input[disabled] {
cursor: default;
}
input[type="checkbox"],
input[type="radio"] {
box-sizing: border-box;
padding: 0;
}
input[type="search"] {
-webkit-appearance: textfield;
-moz-box-sizing: content-box;
-webkit-box-sizing: content-box;
box-sizing: content-box;
}
input[type="search"]::-webkit-search-cancel-button,
input[type="search"]::-webkit-search-decoration {
-webkit-appearance: none;
}
button::-moz-focus-inner,
input::-moz-focus-inner {
border: 0;
padding: 0;
}
textarea {
overflow: auto;
vertical-align: top;
}
table {
border-collapse: collapse;
border-spacing: 0;
}
html {
font-family: 'PT Sans', sans-serif;
}
pre,
code {
font-family: 'Inconsolata', sans-serif;
}
h1,
h2,
h3,
h4,
h5,
h6 {
font-family: 'PT Sans Narrow', sans-serif;
font-weight: 700;
}
html {
background-color: #eee8d5;
color: #657b83;
margin: 1em;
}
body {
background-color: #fdf6e3;
margin: 0 auto;
max-width: 23cm;
border: 1pt solid #93a1a1;
padding: 1em;
}
code {
background-color: #eee8d5;
padding: 2px;
}
a {
color: #b58900;
}
a:visited {
color: #cb4b16;
}
a:hover {
color: #cb4b16;
}
h1 {
color: #d33682;
}
h2,
h3,
h4,
h5,
h6 {
color: #859900;
}
pre {
background-color: #fdf6e3;
color: #657b83;
border: 1pt solid #93a1a1;
padding: 1em;
box-shadow: 5pt 5pt 8pt #eee8d5;
}
pre code {
background-color: #fdf6e3;
}
h1 {
font-size: 2.8em;
}
h2 {
font-size: 2.4em;
}
h3 {
font-size: 1.8em;
}
h4 {
font-size: 1.4em;
}
h5 {
font-size: 1.3em;
}
h6 {
font-size: 1.15em;
}
.tag {
background-color: #eee8d5;
color: #d33682;
padding: 0 0.2em;
}
.todo,
.next,
.done {
color: #fdf6e3;
background-color: #dc322f;
padding: 0 0.2em;
}
.tag {
-webkit-border-radius: 0.35em;
-moz-border-radius: 0.35em;
border-radius: 0.35em;
}
.TODO {
-webkit-border-radius: 0.2em;
-moz-border-radius: 0.2em;
border-radius: 0.2em;
background-color: #2aa198;
}
.NEXT {
-webkit-border-radius: 0.2em;
-moz-border-radius: 0.2em;
border-radius: 0.2em;
background-color: #268bd2;
}
.ACTIVE {
-webkit-border-radius: 0.2em;
-moz-border-radius: 0.2em;
border-radius: 0.2em;
background-color: #268bd2;
}
.DONE {
-webkit-border-radius: 0.2em;
-moz-border-radius: 0.2em;
border-radius: 0.2em;
background-color: #859900;
}
.WAITING {
-webkit-border-radius: 0.2em;
-moz-border-radius: 0.2em;
border-radius: 0.2em;
background-color: #cb4b16;
}
.HOLD {
-webkit-border-radius: 0.2em;
-moz-border-radius: 0.2em;
border-radius: 0.2em;
background-color: #d33682;
}
.NOTE {
-webkit-border-radius: 0.2em;
-moz-border-radius: 0.2em;
border-radius: 0.2em;
background-color: #d33682;
}
.CANCELLED {
-webkit-border-radius: 0.2em;
-moz-border-radius: 0.2em;
border-radius: 0.2em;
background-color: #859900;
}