Trisquel is less secure than Ubuntu at this point

64 Antworten [Letzter Beitrag]
lembas
Offline
Beigetreten: 05/13/2010

You're welcome.

>It's just that in order to keep my system safe I don't go around installing anything just because some website says me "trust me, install this and dive in!"

This is a very sound policy. I think things from the repo are inherently safer.

The whole situation with the certificates is so very broken. We both browse the web with a browser that contains certificates from e.g. TÜRKTRUST (Turkish Military Force Solidarity Foundation), Comodo, CNNIC (China Internet Network Information Center), Intel, Baltimore, Japanese government, Microsoft, Staat der Nederlanden (Netherlands) and two dozen other CAs.

https://en.wikipedia.org/wiki/Certificate_authority#CA_compromise

GNUser
Offline
Beigetreten: 07/17/2013

Yes, it's really a broken system by this point.

There are two alternatives to someone who wants to be a little bit safer:

1. Use something like Web of Trust. At least you have the power of community to back you up.

2. Test the site fingerprint manually in https://www.grc.com/fingerprints.htm
Yes, you are still trusting a 3rd source, but at least you can check if there is anything suspicious....

So, yeah, I don't really think https is anywhere as safe as it once was... But it still provides some good protection (at least it's harder for a cracker or for your ISP to spy on you than if you were running simple http).

I wonder, could one make a addon for abrowser that would check the certificate AND the fingerprint in GRC? That would double the protection.

dudeski

I am a member!

Offline
Beigetreten: 07/03/2013

Hehe. =P Well, yeah, but they probably wouldn't be all nice and sexy copylefted hardware. And there are other use cases too.. Then again, most people have fancy smartphones now so yeah.

Well, they do link to an explaination on how to add the proper root certificates.

As for the beagleboard, it's an ARM chip, and last I checked Trisquel only runs on x86(-64).

GNUser
Offline
Beigetreten: 07/17/2013

Lol, yeah, I was just making a joke :P

Already explained the certificate thing in above comment, and as for the last statement.... =( damn! I was really getting excited (thinking that if Ubuntu ran there, Trisquel would run too) and now, it all comes down to this.
Hum.... well, I will hardly ever buy a new computer anyway, I might probably end up with a yeeloong one day. When computers like these can no longer do anything and we are forced to use newer things that were made to spy on us.... I will probably start fishing xD and counting rocks xD looooool.

I would have to say, I wouldn't actually mind having a low end "computer"... If I could get a machine that would not phone home, not have any closed source hardware or software, and allowed me to:

browse web;
edit documents;
watch videos (youtube and videos on computer);
use Tor Browser, Pidgin and OTR;

I would probably be happy with that. You don't need a lot of machine power to do that. People used to do these things with a pentium 2, 256 mbs ram, 32 mbs graphics card. Well, I will keep looking and dreaming :P

quantumgravity
Offline
Beigetreten: 04/22/2013

I also think about buying a yeeloong but after everything I've read, watching youtube videos / videos in general will be difficult.
I quote this link: http://b.mtjm.eu/lemote-yeeloong.html

> Gentoo has patches making full-screen low quality YouTube videos playable (used WatchVideo for this), this probably could be ported to other distros. There are ongoing discussions on a new SiliconMotion video driver on the X.Org development list, maybe this driver will improve this situation (it has xrandr support).

So I think you need some special patches for watching low-res-videos (!) which are only provided by gentoo.

Don't know if it's possible to liberate gentoo; we could kick out the default kernel and use linux-libre instead, but I don't know if they have free-only repos.

andrew
Offline
Beigetreten: 04/19/2012

On 01/08/13 19:53, shiretoko wrote:
> Don't know if it's possible to liberate gentoo; we could kick out
> the default kernel and use linux-libre instead, but I don't know if
> they have free-only repos.

I think Ututo is (or was?) based on Gentoo. But I don't know how
English-friendly it is. I recall there being an English version, but the
online documentation is Spanish.

Andrew.

Michał Masłowski

I am a member!

I am a translator!

Offline
Beigetreten: 05/15/2010

> So I think you need some special patches for watching low-res-videos
> (!) which are only provided by gentoo.

The fact that only Gentoo provides them is not important. No one had
applied them in gNS nor Parabola since e.g. they might depend on other
X.Org versions, recent X.Org broke other acceleration for this graphics
chip, upstream rejected these patches, and no Parabola contributor can
fix/debug the MIPS assembly there.

> Don't know if it's possible to liberate gentoo; we could kick out the
> default kernel and use linux-libre instead, but I don't know if they
> have free-only repos.

It's easy, making a Gentoo-based free distro is much harder.

GNUser
Offline
Beigetreten: 07/17/2013

Thanks for the link.
Too bad yeelong does not come in a x86(x64) flavor. If I could get it to run Trisquel, doing the stuff I mentioned, I would buy it. Even if I think that the price would be too high given the specs.

miga
Offline
Beigetreten: 09/17/2011

Parabola is amazing. Totally worth the tedious install (and honestly, not too bad once you do it a few times like I have).

GNUser
Offline
Beigetreten: 07/17/2013

Lol, thanks for the heads up :P
I might try it, do you know if they have a CD ISO, or do they work with DVD ISO only?