Possibly new user. Lots of noob questions
- Anmelden oder Registrieren um Kommentare zu schreiben
Hello everyone!!
I have some questions that you possibly could give some insights on. May I Write a couple of them? I'm sorry if it's long, repeated questions. If so, just tell me to continue searching or something ahah
BACKGROUND INFO
A month ago I was using Win7 only. The thing is, I've been hating using Win7 for quite a while: bad user experience, unnecessary complexity (when digging into errors etc) , philosophy of corporation, closed code, privacy, security, etc
Since then I've been using Dual-Boot WIN7 (I barely use, simply keeping updated, data, software I need) and Elementary Freya (I've been using most of the time, but having problems with it)
lately, I've been reading a lot about the free software etc. I was a bit obsessed with it and searched for a while.
QUESTIONS/INFO
1 - Windows7 (there's no chance I'll move to win8 or win10) has lots of security and privacy flaws (some of them on purpose it seems). I can't do a clean install without getting virus or malware at some extent, so security is a real issue. As for privacy (backdoors, content of updates, remote control) it's actually a real concern or remote/hypothetical issue? I've been thinking a lot on this.
2 - Elementary OS is Ubuntu based (I don't know if I should mention this since I don't want to make a distro war ahah) but being so, I can't find much information about how secure and private it is. Any idea? Compared to free open source OS like Trisquel? Many blobs and closed source code? Trisquel with good support on problems?
3 - I'm currently at university and I need to use software that is windows specifically: microsoft office (for group stuff, libreOffice warned me of compatibility issues on formatting when I used MS file type and stuff), GAMS simulation, MATLAB (linux version exists I think), Decision Analysis software (MACBETH), CAD/Modelling (SOLIDWORKS) and VirtualBox I'd like to maintain. How to work around this, VBox in trisquel and virtualize win7? Not quite a workaround for privacy/security right? Will I have a rough time with specific software when I need it? A way around? Wine works in trisquel? (no idea if it is free/open)
4 - I read on forum about hardware issues with Trisquel. I have a toshiba laptop Tecra M11 almost 6y old (i5 vpro 5xx generation, 8Gb Ram, SSD drive, nvidia nvs with cuda card). Any problem with this? Can't make it libre boot I guess?
5.1 - Dual-boot, privacy issue? To go from elementary to trisquel I simply need to erase partitions and boot with a usb flash and then install after partitioning again? Would it allow encryption (since it's not entire disk)? If it allows, would I be able to resize partitions later if I need to? I have Grub boot loader (or whatever it is called ahah), would it be messed up after substituting OS? (that is, would I boot normally?)
5.2 - When installing freya (and before it was Mint) I followed online guides about the "do something else" being a better option and most of the guides (quite a couple of them) would suggest the following:
boot partition (200-500Mb)
root partition (around 20-30Gb)
home partition (all the rest) which was the only that could be encrypted according to my tries
Swap partition (depending on ram, 1x, 1.5x, or 2x total amount)
Problem I have right now: can't do updates/install software correctly and getting warnings saying my boot partition is full (lots of kernel stuff I think). The workarounds I found could mess config files and are an hassle to do in general
Should I not get a boot partition?
With this scheme, can all partitions be encrypted? (normally it's possible to apply to home folder or entire disk only right?)
6 - Configure Desktop on trisquel is easy? (I'm a beginner on gnu/linux world, so sometimes tweaking and solving problems gets quite hard and overwhelming when starting this stuff) to something really different than the original?
For example: no upper and no lower bar (I hate bars, no idea why!!), have "status" icons (battery, network, sound, account) on right upper corner in a line, "applications" icon on left upper corner, and on lower part of screen having dock which only shows circle icons of programs I use the most; Or something similar, wouldn't get much used on the default one :)
7 - All 100% or near open/free software laptops are core2duo based and some years old? I would be interested in one IF it was quite lightweight/portable (my laptop is already a bit heavy when carrying around all the time o.o)
I'm so sorry for writting so much, keeping it small was never my strong point.
Thank you in advance, if this is not suited to forum (too long, questions solved somewhere) just give the hint and I'll move on
JackSkell
How to edit the original post?
8 - trisquel has a diferent browser. doesn't that make stand out more from the "crowd"? Not Google DNS right?
> How to edit the original post?
You can edit the post by hitting the deceptively titled 'edit' button. Unless
you're using LibreJS, that is (which for some reason Trisquel, of all sites,
does not support).
> trisquel has a different browser
Than what? Vanilla Firefox? Trisquel has Abrowser (which comes with the
Trisquel DE), which is a fork of Firefox which comes with only free plugins
available. Trisquel also has IceCat, which is part of the GNUzilla suite- GNU's
modified Mozilla programs, which come with a whole host of plugins from the
EFF, GNU, and other nice places designed to preserve your freedom and privacy,
like LibreJS (designed to prevent non-free JavaScript running) and HTTPS
Everywhere (which has a list of websites which support SSL, and connects to
them using it, regardless of whether the link you followed or typed specified
it). These Firefox derivatives may make Trisquel stand out of the crowd, but
not really much more than, say, Debian, which packages Iceweasel and the like.
> Not Google DNS right?
What does this mean?
Thanks for the repply! I'm with icecat (not on trisquel though, need wifi adapter first) without LibreJS (couldn't see clearly most websites) and there's no edit button :O
Ah I see. I was wondering that thing of standing out with addons vs regular browser no addons (but leaking so much info to third parties).
Networking is all mambo-jambo to me, I read somewhere to avoid at all costs using google DNS server (which keeps lots of records it seems). I only saw this issue when troubleshooting network issues on university campus (default dns server was set to google and needed to be replaced by "automatic" in order to connect to wi fi). I see in my connection now that it actually is my ip adress less 1 digit. SO it is my isp control I suppose than.
So, my bad, sorry for the confusion!
The edit button disappears after a while, or after someone has replied to the post.
Oh.
> without LibreJS ... there's no edit button
That's strange. I was expecting it be because of LibreJS, not the lack of it
(for some strange reason the Trisquel site does not support LibreJS, even
though the JavaScript is free and (should?) be tagged properly). There should
be an edit button. Oh well. It's been a long time since I've posted through
IceCat, or indeed any web browser.
- Of course you cannot install Windows without getting a malware: Windows is malware! You can consider that Microsoft (and who has enough power over Microsoft such as governments) own all Windows systems and the data on them. It is not hypothetical: the https://en.wikipedia.org/wiki/NSAKEY is/are known since Windows NT4, Microsoft can remotely install whatever it wants on a (usually specific) Windows system, it was shown that every search in Explorer, the title of any media played on Windows Media Player, etc. is sent to Microsoft. Etc.
- Any proprietary software (including firmware) potentially is malware. You are denied the right to know. That is not acceptable. Trisquel is 100% free software.
- You had better talk to your teachers, raise the ethical issue you have with proprietary software, and ask for the permission to use equivalent free software (LibreOffice instead of MS Office, GNU Octave instead of MATLAB, FreeCAD or LibreCAD, etc.) even if that means a harder work. Teachers are sensible to students who are prone to work harder.
- Wifi may be problematic (but you can buy an adapter at ThinkPenguin or Tehnoetic and be sure it will work). It depends on the chipset. You had better try Trisquel from a Live system and see by yourself.
- See https://trisquel.info/en/wiki/installation-guide and https://trisquel.info/en/wiki/setup for installation instructions. The installer proposes the encryption of the sole /home partition. It proposes a reasonable partitioning schema by default but you can make opt for a manual partitioning. Yours is reasonable as well and you can execute 'df -h' on one of your systems to see your actual usages of the system partitions (double these digits to be at ease). I do not see much point to have /boot separated from / unless you want different filesystems for them. The drawback is obvious: a bad dimensioning and you will end up with one of the two partitions full although the other one is empty. I believe (I do not double boot) Trisquel's install will overwrite the MBR. GRUB will therefore be configured from Trisquel (and list all your systems: do not worry). You can then reinstall GRUB from another installed system if you wish.
- In Trisquel, you get the option to delete a bar with Alt+Right click on it. But you may want GNOME Shell where the "Activity" view can show the icons of frequently used programs. Maybe GDM too for a few additional functionalities such as the ability to lock the screen. They are a few clicks away in the "Synaptic package manager" (in the "System parameters").
- The only laptops that are free down to the BIOS are sold at http://minifree.org but if you compromise on the BIOS for more recent hardware then get it from http://libre.thinkpenguin.com and have the guarantee that it will perfectly work with Linux-libre hence Trisquel.
- No Google DNS. Because I use https://github.com/dillbyrne/random-agent-spoofer/releases I am not sure whether Abrowser's default useragent identifies Trisquel. If that useragent is the generic Firefox one, I do not think Abrowser can be set apart from the generic Firefox. If you are really concerned about your anonymity on the Web, you can download and use the Tor browser (that tries to be as generic as possible to avoid fingerprinting).
[1]
not quite sure what your asking but it is definitely a real concern that there are backdoors in windows 7
[2]
Elementary OS contains non-free binary blobs which definitely could be a privacy issue as you can not see the source code
[3]
"libreOffice warned me of compatibility issues on formatting when I used MS file type and stuff"
do you have the specific file that gave this warning on libreoffice? because i have never had a MS office file fail to load in libreoffice
"MATLAB (linux version exists I think)"
you could try these free as in freedom programs:
https://www.gnu.org/software/octave/
http://freemat.sourceforge.net/#home
"Decision Analysis software (MACBETH),"
i could not find any free as in freedom software for this hopefully someone else on this forum knows of some
"CAD/Modelling (SOLIDWORKS)"
http://directory.fsf.org/wiki/Category/Business/cad
also the program Blender may be good for this
"Will I have a rough time with specific software when I need it?"
there are very few non-free programs you cant get a free replacement for so ask on this forum and we will try to help
[4]
"Any problem with this?"
if your worried about whether Trisquel will work with your computer you can just try it first from a live CD without installing it once you have checked everything you need to work works from the live CD (wifi, bluetooth etc etc)
you can install it without worry
"Can't make it libre boot I guess?"
sorry but currently no one knows how to run libreboot on this machine
you can look at a list of compatible systems here:
http://www.libreboot.org/docs/hcl/index.html#supported_list
[5.1]
"Would it allow encryption (since it's not entire disk)?"
its definitely possible to just encrypt certain disks partitions
"If it allows, would I be able to resize partitions later if I need to?"
again i think its definitely possible i am not too knowledgeable about resizing encrypted partitions but other people on this forum should be able to tell you how
"would it be messed up after substituting OS?"
i don’t think so but id recommend asking others on this forum that could answer you better
[5.2]
"With this scheme, can all partitions be encrypted?"
if your running a librebooted machine is possible to encrypt everything including the boot partition:
http://www.libreboot.org/docs/gnulinux/encrypted_trisquel.html
as for other machines i don’t know but others on this forum could answer you
[6]
"I hate bars, no idea why!!"
if you hate bars you should try gnome 3:
https://upload.wikimedia.org/wikipedia/commons/9/97/GNOME_Shell.png
you can install it with this command sudo apt-get install gnome-shell
and then you can chose which Desktop Environment you want at login
[7]
"I would be interested in one IF it was quite lightweight/portable (my laptop is already a bit heavy when carrying around all the time o.o)"
take a look at the Thinkpad x60 or Thinkpad x200 which can run Libreboot. i own both(well one is my sisters) and they are very lightweight
https://www.youtube.com/watch?v=tnC9MAAK8sw
https://www.youtube.com/watch?v=YILJLtkx5tM
the x60 is by far the easiest to install Libreboot on and you can pick them up quite cheap
you can also buy computers pre installed with Libreboot here:
http://minifree.org/
1 - wingobs **is** malware. Yes, backdoors and security threats are quite real. Depends how much of an interesting target you are for an attacker. Spyware and adware are the most common form of malware (they are everywhere on the average joe computers..) but they are fortunately tied to proprietary software, not the free software.
2 - I wouldn't trust a private company for my computing and in fact I don't. I trust only community developed OSes or OSi whatever that writes..
3 - Virtualization. Yes.
4 - Download ISO and dd if of the USB stick and see if the live runs well. wifi bloody wifi.
5 - My partition schema
/ 2 gb
/usr 7 gb
/var 3 gb
swap as ram (I actually set it to half ram that is 2 gb)
/tmp 3 gb
/home all the rest
6 - Tweaking your desktop is easy. You say you used Elementary. I like very much its style so I made Xfce look like it. I posted here about it (instructions included) -> https://trisquel.info/en/forum/share-your-desktop?page=5#comment-76929
7 - I plan to buy one. I don't have one yet but as far as I know X200 from minifree is an excellent lappy and it's very portable and lightweight.
Welcome to the community!
Thanks!!
Saw the desktop, looks fantastic! Something I really enjoy on these OS types, you do what you want to on it.
I'll have to use a software called GABI (Life cycle assessment) which only works on windows. I could try wine I guess? Or wine is not open and free software? Otherwise, I need VBox or boot win7 on startup. Comparing these 2 options, in terms of privacy it's the same right? And more secure using VBox? (about privacy & security issues)
Wine is free software. It is in Trisquel's repository. VirtualBox is free software too but the so-called "guest additions" are not: http://changelogs.ubuntu.com/changelogs/pool/multiverse/v/virtualbox-guest-additions-iso/virtualbox-guest-additions-iso_4.1.12-1/copyright
Neither GaBi nor Windows is free software. Both are denying your essential freedoms.
One thing to note about resizing partitions: I'm pretty sure Trisquel uses XFS for /home by default. XFS has some advantages over ext4, but it has a disadvantage in that you normally can't reduce it in size. So if you want to make sure you can resize it, you should set up your partitions manually and make /home an ext4 partition (or some other file system that can be downsized).
Does anyone know how home directory encryption works in Trisquel? In my case, I
set up my partitions manually in netinstall. I have one partition for root
(formatted with ext4) in /dev/sda1 taking up 490GB. I then have one swap
partition in /dev/sda2 taking up the rest. I selected 'encrypt home directory'
in the options. The only thing I can gather from looking around the filesystem
is this mysterious '.ecryptfs' thing in /home. What is it? How does Trisquel
encrypt/decrypt a section of an ext4 partition at a time? Or has it actually
created an encrypted partition behind my back, which doesn't show up somehow?
I don't know the technical details, but each user's directory in /home is individually encrypted. I don't think it has anything to do with the filesystem.
eCryptfs is a cryptographic file systems: https://en.wikipedia.org/wiki/Filesystem-level_encryption
Tried that when installing elementary with dual boot (win7) but couldn't workout with it. It creates a sdaX which I can't modify or partition inside to have root etc. So it gave me error. I'll try later after getting some free space just to experiment on it. it would look like
"eCryptfs file
sda1 (win7 recovery)
sda2 (win7)
sda3 (encrypted file system)
the 3 sda occupying all space but couldn't configure further. I'll look into the web
I would advise to separate /home from /. The default partitioning does that for you is you wish. It includes a swap partition too. You can then easily only encrypt the user data: the installer proposes it.
Thanks to a separate /home, it becomes possible to (re)install a free operating system without touching the user data (and then specify the proper mount point for /home in /etc/fstab).
WOW!! Thanks A LOT for these answers!! And so fast. Really really, it were so many questions that I almost felt as if I was offending by asking them ahah
I'll take a second careful look at all you said!! Precious information (I always keep stuff like this aha)
So I can maintain the 2 win partitions untouched and encrypt the others possibly. nice. I'd want both the root and home; Windows is so bhlaaggg that I can access everything on it from my freya.
SuperTramp, you have / 2Gb, that's root right? Where does all the OS and programs go for? I don't know the var, usr and temp well enough but I'll investigate. Univers starts again tomorrow, so I'll make good use of the week to try this.
Just one more thing, Magic Banana, no google by default right? Which one is then? You can add those add-ons to Abrowser and IceCat? I tried the fingerprint webpage at fss or eff or something: less plugins, less fingerprint (but more info sucked out of you); more plugins, bigger fingerprint (stand out more from the crowd but less information leaking). How to deal with it? Plus, Abrowser and icecat are gigantly less used then default firefox and chrome, so won't they be more obvious around the net? I know some stuff on TOR but would only use for sensitive information search. I'd have to get bridge to conceal or vpn or something.
Once again, thanks a lot for the support :D :D Good night everyone!! (or not so bad in case someone's having a rough night to sleep)
Best regards from King of Halloween JackSkellington
Program files mainly are in /usr. If you want the whole file hierarchy standard, here it is: http://refspecs.linuxfoundation.org/FHS_3.0/fhs/index.html
I am not very knowledgeable when it comes to networking. Cannot DNS server be automatically discovered (and be those of your ISP)? If so, I believe there is no default.
Abrowser and Icecat are Firefox derivatives. Firefox add-ons (such as Random Agent Spoofer that I mention and works against fingerprinting) work with both Abrowser and Icecat. Abrowser's add-on repository exclusively contains free software (no need to check by yourself): https://trisquel.info/browser/addons
> As for privacy ... it's actually a real concern or remote/hypothetical issue
Trust me- privacy under Windows is definitely a real concern. Read this:
https://www.fsf.org/windows. Even if it was a 'hypothetical' concern (whatever
that means) the simple fact that Microsoft (or whatever organisation) has the
power to abuse its users and the users are only not being directly abused
because Microsoft allows it, is grounds enough in my mind to reject Windows.
That is the nature of proprietary software- regardless of whether the user (the
company) is selling out its useds to the NSA, the fact that proprietary
software gives corporations the power to do such a thing without the user even
knowing about it is grounds enough to reject proprietary software. I would urge
you to, and wipe the last vestiges of Windows from your machine.
>Elementary OS is Ubuntu based [concerns, etc.]
Elementary OS contains non-free software, and doesn't really seem to
distinguish between free and non-free software in its repos. You would be
better of using an FSF-endorsed free software only distribution, such as
Trisquel. Trisquel too is based off Ubuntu, but has all the non-free and
ambiguous bits taken out, including blobs in Linux.
> microsoft office ... (libreOffice warned me of compatibility issues on
> formatting when I used MS file type
Why are you using the MS file types then? For they are secret formats stuffed
with evil. Use the OpenDocument formats (ods, odt, etc.) native to LibreOffice
if you want perfect file creation and compatibility. Sure, there may be some
minor issues when it comes to opening these files in MS Word, but it isn't the
Document Foundation's fault that Microsoft uses a secret format that is
fiendishly difficult to implement and for which the specification is thousands
of pages long. It's Microsoft's fault that they continue to stick to their
formats and have failed to implement open formats properly. ODF is an open and
universal standard. If MS Word can't handle it, that just proves that MS Word
is shit.
I use the ODF formats for everything school-related, and have never had any
problems- either on my side, because LibreOffice can create them perfectly, or
on the school side, because MS Office can actually handle ODT quite well these
days. At least for the few seconds it takes me to print the things.
> toshiba laptop Tecra M11 almost 6y old
The older the better, generally speaking. I have a 6-year old ASUS N43S.
Everything seems fine with yours except
> nvidia nvs with cuda card
No idea what that is- but it sure sounds scary. Look up the exact model on
https://h-node.org/ and see if it works with only free drivers. If not, don't
sweat- it'll probably have Intel Sandybridge integrated graphics or something
of the sort, which should be fine if you're willing to live without the best 3D
acceleration. I use integrated graphics without any real problems.
I used libre which created the ODF file to share with some friends. Then I opened in MSoffice and gave warning of compatibility (it was either this, or I created MS file type and when opening in libre it gave warning). Anyway, not a problem since everything was equal!
That's what I hate about microsoft: they get to dominate not by quality and transparency but by brute force (the way they started is quite an example, eliminating all others one by one). Competition is always good, given equal barriers to everyone :)
No graphic problems so far, only wifi (no connections; I posted the details somewhere here) when I used live-trisquel on DVD. So I need a usb adapter (there are some on thinkpinguin as someone noted but I need to check how much it gets considering I'd be buying from europe)
> Then I opened in MSoffice and gave warning of compatibility
This doesn't happen in MS Word 2013 and above. Even in the versions before
that, the 'corrupted data', 'unrecoverable data' and 'compatibility issues'
notifications are simply designed to scare people into using Microsoft's
secret .doc format. Apart from that, MS Office actually supports ODF decently
well.
> Competition is always good
And cooperation is even better!
So, I tried trisquel 7.0 Live a while ago and I had no wireless connections available. From terminal trying to see the hardware I got (lspci commands) the following info:
00:16.0 Communication controller: Intel Corporation 5 Series/3400 Series Chipset HECI Controller (rev 06)
00:19.0 Ethernet controller: Intel Corporation 82577LM Gigabit Network Connection (rev 06)
03:00.0 Network controller: Intel Corporation Centrino Advanced-N 6200 (rev 35)
So my hardware doesn't support trisquel right? I guess I won't be able to install and substitute elementary (which has to be re-installed anyway due to lots of kernel stuff pilling up in boot partition...).
This is your wifi 03:00.0 Network controller: Intel Corporation Centrino Advanced-N 6200 (rev 35)
It will not run on free software. You can get a new internal card relatively cheap but your computer might reject it. Or you could get an external usb wifi dongle.
So any of these USB sticks would make it work? And many choices too
https://www.thinkpenguin.com/catalog/wireless-networking-gnulinux
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
The Thinkpenguin usb wifi dongles will work; I'm using one on a
Toshiba laptop.
On 09/14/2015 04:05 PM, name at domain wrote:
> So any of these USB sticks would make it work? And many choices
> too
>
> https://www.thinkpenguin.com/catalog/wireless-networking-gnulinux
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJV9yrFAAoJEPDWzxLwi2tAEqEH/2nZRLskKzSxvDOpm1g0+9MJ
kfYm7eTk0nFxyOspHHiW9IEv6zR49vWMzoFM/BFh24Yfxa/Y9q/uEwjCKLuimqjX
Sv4un715GiD5x6r85pf69m/TkXUgQF8z3I/0P6wXkFIYInFAmUVE8uTi9eOFBCXo
nwWwrjko583h0+uIpAuKxW6nrGJWaSniB/jq9DBFfRm8dRne3F/jTZbM1w91iDOr
EXdjYFmU+4ZEs/2vqXmfsJMjofnRysyg4cIQl8u8KUgcQakolEFU7sf8K5KSbPXh
D8Eh1YdeaPXhE60RhMWfhvcERhmxF/i+7Jn6p7AFmcz9nQJDKN12gEi6m3BmyD4=
=sUEw
-----END PGP SIGNATURE-----
Yeah. Here's one more choice for you! :)
https://tehnoetic.com/tehnoetic-wireless-adapter-gnu-linux-libre-tet-n150
These are all FSF endorsed hardware https://www.fsf.org/resources/hw/endorsement/respects-your-freedom
woho thanks!! In € so it's europe, right what I needed.
8 - trisquel has a diferent browser. doesn't that make stand out more from the "crowd"? Not Google DNS right?
what do you mean exactly? The DNS server your system will use does not depend on the browser. You will have to set it either by file config or directly in the router settings.
Ah I see!! My bad then. I had the issue on university wifi only. I checked current connection detail and it is same number as my router's. So any specific DNS server recommended? I guess it's up to isp so far. I need to set either in the router or config. I see. Thanks :)
Just use the DNS your ISP provides; there generally isn't a major advantage to using any others.
I do wonder, though: is there a public DNS other than Google's that one could use if the ISP-provided DNS is down? Wondering because that's happened to us before.
There is an advantage if the DNS server lies. In France for instance, the executive power is now allowed to unilaterally (who needs judges?) impose to the major ISPs the censorship of sites that are supposed to turn innocent citizens into terrorists (and the list of censored sites is secret). This censorship happens at the DNS level: the DNS servers pretend there is no site bearing the name the user types (typically in a Web browser). That also means the censorship is pretty ineffective: the user only needs to specify foreign DNS servers to bypass it.
Other attacks to Net neutrality happen through DNS servers for commercial reasons. Again in France, an ISP used to block the content coming from Google's ad servers. Whenever a user was requesting a page with Google commercials, it was altered independently of the wish of this user.
Another common practice is to return a page with commercials instead of a 404 error.
I connect to the nets always through the VPN and use my VPN provider's DNS server now. In the past I used Openic and in particular these two:
95.85.9.86
151.236.29.92
Very responsive and fast. I live in Italy and these two gave me better performance than my ISP's DNS servers..
And, besides, I still prefer something like openic to my ISP easily logging lists of the website I visit..
go to the openic website and see the two that are the fastest for you.
how do you change your DNS provider?
You can set that in the router settings. Just search for an entry on DNS. You can also edit /etc/resolv.conf
add:
nameserver 95.85.9.86
nameserver 151.236.29.92
save and restart network or computer.
cheers
- Anmelden oder Registrieren um Kommentare zu schreiben