Choose style:

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Pikolo

Pages: 1 [2] 3 4 ... 8
16
You need to go to login to google and go to settings https://www.google.com/settings/security/lesssecureapps, then "allow less secure applications". Thunderbird(like most email clients actually... I think Outlook wasn't either a few months back) is currently not compatible with the OAuth2 standard Google is pushing.

You can apparently also use "App specific passwords" that would allow thunderbird to only access email on your google account, but I've not figured that out the last time I was configuring my email client.

17
Advanced Topics / Re: Sources and how to build peppermint
« on: May 05, 2017, 11:44:02 pm »
I think the biggest security/privacy concerns these days are going to be implemented in hardware such as the "Trusted Platform Module" and the like .. completely bypassing software security, and ensured for the life of the PC.

If you want to loose the peace of mind on how far you've underestimated the maliciousness of hardware backdoors in your system, read this: https://libreboot.org/faq.html#intel. Just a few weeks ago, Intel admitted someone found a bug affecting most Intel processors since 2010: https://www.theregister.co.uk/2017/05/01/intel_amt_me_vulnerability/

Purging the backdoor is an exercise in electronic engineering: https://hardenedlinux.github.io/firmware/2016/11/17/neutralize_ME_firmware_on_sandybridge_and_ivybridge.html. This is a version for less technical users:
Quote
The ME consists of an individual processor core, code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating systemís memory as well as to reserve a region of protected external memory to supplement the MEís limited internal RAM. The ME also has network access with its own MAC address through the Intel Gigabit Ethernet Controller integrated in the southbridge (ICH or PCH).

The Intel Management Engine with its proprietary firmware has complete access to and control over the PC: it can power on or shut down the PC, read all open files, examine all running applications, track all keys pressed and mouse movements, and even capture or display images on the screen. And it has a network interface that is demonstrably insecure, which can allow an attacker on the network to inject rootkits that completely compromise the PC and can report to the attacker all activities performed on the PC. It is a threat to freedom, security, and privacy that canít be ignored.

Just in case that isn't clear from the quote - the ME is a keylogger with it's own network connection, ie. it is NOT affected by your laptop's firewall.

18
Development / Re: PM8 ideas?
« on: May 05, 2017, 06:30:43 pm »
This might be too hard to implement, but would definitely be useful:

introducing a per application notification cooldown

Doing it for the XFCE power manager would be enough. The current situation on my laptop, is as follows:
If I turn notifications off. I get no warning when my laptop is about to die due to being out of power.
If I turn notifications on. I get about 2 hours of "Fully charged"/"Charging" notifications in row when my laptop is charging the last few %.
I get no notifications on full screen apps(VLC watching a movie for example).

I'm proposing the cooldown, because the stream of "Charging"/"Not charging" notifications makes me want to turn them off... and when I do that, I forget to turn them on afterwards :-\

19
Advanced Topics / Re: Sources and how to build peppermint
« on: May 05, 2017, 06:10:56 pm »
I don't think Ulysses will succeed in making a reproducible build(that's the CS buzzword for "getting the same binary in independent compilation") of the whole PMOS system. I know that Debian has been trying really hard to use repeatable builds for a few years now, yet building an .iso is not yet possible that way.

Finding out if a certain package can be built that way shouldn't be hard. About 80% of them are, if I can read https://wiki.debian.org/ReproducibleBuilds correctly. Since Ubuntu often takes packages from Debian unstable, that ratio for PMOS will probably be lower. I applaud your project

20
The hint will be very handy ;) I'm still learning Bash.

Apparently Ubuntu realizes the problem and no-one has touched it yet: https://bugs.launchpad.net/ubufox/+bug/1627808

I honestly don't know what I expected. Kind of needed to let the steam off, find out what the problem is, and see whether I'm the only one affected. You seem to have the same status.

One thing I can do:
I hereby propose NOT shipping/disabling Ubufox in PMOS8, because it hampers performance and the benefits are marginal. Plus it's written in XUL, so Firefox 57(scheduled for ~November) will remove it anyway

21
Ok, I read more logs(https://launchpad.net/ubuntu/xenial/+source/firefox/+changelog & the firefox-next equivalent) and it seems like e10s, aka. electrolysis should be entirely separate from Rust.

Can other people test if "Multiprocess Windows" in about:support shows they have electrolysis working themselves?

According to
Code: [Select]
user@machine ~ $ cat /home/"$(groups | awk '{print $1}')"/.mozilla/firefox/peppermint.default/extensions.ini
"$(groups | awk '{print $1}')" is bash for "Your username"
Ubufox, aka. Ubuntu Modifications is Multiprocess incompatible. It should be disabled by running in Safe Mode, but I'll have to double check that.

Does it even do anything except adding the "Restart Firefox, you've updated the package" button on the taskbar?

22
Software & Applications / Ubuntu building Firefox for the Bronze Age
« on: April 21, 2017, 07:04:36 am »
I recently noticed Firefox got slower. Then I read an article on ArsTechnica about Mozilla deploying Rust and electrolysis. This prompted me to take a peek into the task manager, where I found out that there is only a single, gigant Firefox process. I remember having two ~half size each in January, so I checked about:support... and it turns out electrolysis is indeed disabled. It says that's because of an extension, but running in safe mode doesn't change it.

Looking into about:buildconfig, it turns out Firefox is now built with --enable-alsa and --disable-rust, the second of which seems to be the root cause of the problem. I think they started doing that ins 50.1 or 50.2. I will probably file a bug on this. Any ideas on why they might be hampering their users?

PS. Sorry for the pun in the title

PS2. Currently the only references to this are "built without Rust for now" in the release announcement and https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1681107 bug making FLAC decoding fail in the browser

23
Advanced Topics / Re: Feature request?
« on: March 15, 2017, 05:57:11 pm »
Peppermint doesn't package kernels, we take them from Ubuntu 16.04 due to using their repository. Which means we(disclaimer: just a  user here, not on the dev team, but it feels wrong to call PMOS "it") don't set the flags in the kernel.

You could try switching to the 4.8 kernel(HWE) and it might be included. It should soon be on by default(in PMOS 8 I assume) and you can ask for instructions if you want to do it manualy. HWE kernel (4.8 ) is supported by the Ubuntu kernel team.

Another option is using the mainline kernel, either by building it yourself(I don't recommend it) or from the kernel team alpha PPA. I think they're built with default settings, but I've never tried it

24
Advanced Topics / Re: Warning after a GRUB update(9.03.17)
« on: March 09, 2017, 05:18:26 pm »
Thank you for answering!

25
Advanced Topics / Warning after a GRUB update(9.03.17)
« on: March 09, 2017, 12:23:23 pm »
As in the title, I got a warning after an update:

"The configuartion of the file etc/grub.d/10_linux was modified by you or a script". Changelog:
Code: [Select]
--- /etc/grub.d/10_linux	2017-03-07 21:59:56.165908859 +0000
+++ /etc/grub.d/10_linux.dpkg-new 2017-03-01 21:01:02.000000000 +0000
@@ -39,7 +39,7 @@
 else
   case ${GRUB_DISTRIBUTOR} in
     Ubuntu|Kubuntu)
-      OS="Peppermint GNU/Linux"
+      OS="${GRUB_DISTRIBUTOR}"
       ;;
     *)
       OS="${GRUB_DISTRIBUTOR} GNU/Linux"
@@ -177,11 +177,17 @@
  linux ${rel_dirname}/${basename}.efi.signed root=${linux_root_device_thisversion} ro ${args}
 EOF
   else
-    sed "s/^/$submenu_indentation/" << EOF
- linux ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args}
+    if [ x"$GRUB_FORCE_PARTUUID" = x ]; then
+        sed "s/^/$submenu_indentation/" << EOF
+        linux ${rel_dirname}/${basename} root=${linux_root_device_thisversion} ro ${args}
+EOF
+    else
+        sed "s/^/$submenu_indentation/" << EOF
+        linux ${rel_dirname}/${basename} root=PARTUUID=${GRUB_FORCE_PARTUUID} ro ${args}
 EOF
+    fi
   fi
-  if test -n "${initrd}" ; then
+  if test -n "${initrd}" && [ x"$GRUB_DISABLE_INITRD" != xtrue ]; then
     # TRANSLATORS: ramdisk isn't identifier. Should be translated.
     if [ x"$quiet_boot" = x0 ] || [ x"$type" != xsimple ]; then
       message="$(gettext_printf "Loading initial ramdisk ...")"
It gives me an option to keep the old version of the new one. Should I just approve it? Never seen such a warning before

26
Advanced Topics / Re: HWE has arrived
« on: February 28, 2017, 08:31:07 am »
Sure. Sorry for the delay
Code: [Select]
pshem@PiLenovo ~ $ inxi -G
Graphics:  Card: Intel 3rd Gen Core processor Graphics Controller
           Display Server: X.Org 1.18.4 drivers: intel (unloaded: fbdev,vesa)
           Resolution: 1366x768@59.97hz
           GLX Renderer: Mesa DRI Intel Ivybridge Mobile
           GLX Version: 3.0 Mesa 17.0.0 - padoka PPA

27
Advanced Topics / Re: HWE has arrived
« on: February 21, 2017, 09:56:00 pm »
It worked. Thank you very much for teaching me how to use the apt log, PCNetSpec!

Now, let's see if it fixed the regression....

Edit: It DID, and WOW! Average FPS in a benchmark I run every graphics update is up by 3 FPS, from 24 to 25.5(was 24.9 on Mesa13, so there is slight progress there). No freezes I've seen so far... Will test longer, but I think something is deeeply wrong with the new xserver package for intel is broken, to the point where I might try to file a launchpad bug

28
Advanced Topics / Re: HWE has arrived
« on: February 21, 2017, 09:26:00 pm »
If it's kept in the memory, should I restart before veryfing I'm golden? Either way, I made a script to do both because that makes me feel safer  ::)
Code: [Select]
#! /bin/bash

#remove
sudo apt-get remove xserver-xorg-video-qxl-hwe-16.04 xserver-xorg-video-vesa-hwe-16.04 linux-image-generic-16.04 xserver-xorg-video-amdgpu-hwe-16.04 linux-generic-16.04 xserver-xorg-input-synaptics-hwe-16.04 xserver-xorg-hwe-16.04 xserver-xorg-video-all-hwe-16.04 xserver-xorg-video-fbdev-hwe-16.04 xserver-xorg-video-vmware-hwe-16.04 xserver-xorg-video-intel-hwe-16.04 xserver-xorg-core-hwe-16.04 xserver-xorg-input-wacom-hwe-16.04 thermald xserver-xorg-input-evdev-hwe-16.04 linux-headers-generic-16.04 xserver-xorg-video-nouveau-hwe-16.04 xserver-xorg-input-all-hwe-16.04 xserver-xorg-video-radeon-hwe-16.04 xserver-xorg-video-ati-hwe-16.04

#reinstall
sudo apt-get install --reinstall xserver-xorg-input-all xserver-xorg-input-synaptics xserver-xorg xserver-xorg-video-r128 xserver-xorg-video-siliconmotion xserver-xorg-video-vesa xserver-xorg-video-nouveau xserver-xorg-video-amdgpu xserver-xorg-core xserver-xorg-video-cirrus xserver-xorg-video-trident xserver-xorg-video-fbdev xserver-xorg-video-savage xserver-xorg-input-wacom xserver-xorg-input-vmmouse xserver-xorg-video-mach64 xserver-xorg-video-sisusb xserver-xorg-video-intel xserver-xorg-video-tdfx xserver-xorg-video-vmware xserver-xorg-input-evdev xserver-xorg-video-all xserver-xorg-video-ati xserver-xorg-video-radeon xserver-xorg-video-neomagic xserver-xorg-video-mga xserver-xorg-video-openchrome

Given my long good run with the 4.8 kernel, I'm removing the 4.4 headers instead. Wish me luck. If I don't reply before tomorrow, it means I butchered my system :D

Edit after running: seems like I got the linux-generic names wrong, but the rest installed fine. Restart time

29
Advanced Topics / Re: HWE has arrived
« on: February 21, 2017, 07:56:26 pm »
Okay, don't blame me if this goes horribly wrong:
Code: [Select]
sudo apt-get remove xserver-xorg-video-qxl-hwe-16.04 xserver-xorg-video-vesa-hwe-16.04 linux-image-generic-hwe-16.04 xserver-xorg-video-amdgpu-hwe-16.04 linux-generic-hwe-16.04 xserver-xorg-input-synaptics-hwe-16.04 xserver-xorg-hwe-16.04 xserver-xorg-video-all-hwe-16.04 xserver-xorg-video-fbdev-hwe-16.04 xserver-xorg-video-vmware-hwe-16.04 xserver-xorg-video-intel-hwe-16.04 xserver-xorg-core-hwe-16.04 xserver-xorg-input-wacom-hwe-16.04 thermald xserver-xorg-input-evdev-hwe-16.04 linux-headers-generic-hwe-16.04 xserver-xorg-video-nouveau-hwe-16.04 xserver-xorg-input-all-hwe-16.04 xserver-xorg-video-radeon-hwe-16.04 xserver-xorg-video-ati-hwe-16.04
then:
Code: [Select]
sudo apt-get install --reinstall xserver-xorg-input-all xserver-xorg-input-synaptics xserver-xorg xserver-xorg-video-r128 xserver-xorg-video-siliconmotion xserver-xorg-video-vesa xserver-xorg-video-nouveau xserver-xorg-video-amdgpu xserver-xorg-core xserver-xorg-video-cirrus xserver-xorg-video-trident xserver-xorg-video-fbdev xserver-xorg-video-savage xserver-xorg-input-wacom xserver-xorg-input-vmmouse xserver-xorg-video-mach64 xserver-xorg-video-sisusb xserver-xorg-video-intel xserver-xorg-video-tdfx xserver-xorg-video-vmware xserver-xorg-input-evdev xserver-xorg-video-all xserver-xorg-video-ati xserver-xorg-video-radeon xserver-xorg-video-neomagic xserver-xorg-video-mga xserver-xorg-video-openchrome
you might then need to manually uninstall the 4.8 kernel.
4.8 kernel has been running here since late Decemebr without issues, I intend to leave it. Just one question though...
Shouldn't I install the new packages first? Because it seems like I'll be doing operations on an X emulated terminal that involve removing X...
The other way around it I can think of is doing something like
Code: [Select]
sudo stopx
if that's even a command. I think I read an update tutorial for aptosid once that dealt with turning the X server off for updates
3rd way I can think of is chaining them, so that the commands are executed and hopefully It all works afterwards :)

30
Advanced Topics / Re: HWE has arrived
« on: February 21, 2017, 07:06:58 pm »
possibly...

do you have a log file with the update in it ?

Maybe? Where would I look for that?

Ask Ubuntu suggests it's in /var/log/apt/history.log and I scrolled through it to find the relevant command
Code: [Select]
Start-Date: 2017-02-19  03:20:17
Commandline: apt install --install-recommends xserver-xorg-hwe-16.04
Requested-By: pshem (1000)
Install: xserver-xorg-video-qxl-hwe-16.04:amd64 (0.1.4-3ubuntu3~16.04.1, automatic), xserver-xorg-video-vesa-hwe-16.04:amd64 (1:2.3.4-1build2~16.04.1, automatic), linux-image-generic-hwe-16.04:amd64 (4.8.0.36.8, automatic), xserver-xorg-video-amdgpu-hwe-16.04:amd64 (1.1.2-1~16.04.1, automatic), linux-generic-hwe-16.04:amd64 (4.8.0.36.8, automatic), xserver-xorg-input-synaptics-hwe-16.04:amd64 (1.8.3-1ubuntu1~16.04.1, automatic), xserver-xorg-hwe-16.04:amd64 (1:7.7+13ubuntu4~16.04.2), xserver-xorg-video-all-hwe-16.04:amd64 (1:7.7+13ubuntu4~16.04.2, automatic), xserver-xorg-video-fbdev-hwe-16.04:amd64 (1:0.4.4-1build5~16.04.1, automatic), xserver-xorg-video-vmware-hwe-16.04:amd64 (1:13.1.0-2ubuntu3~16.04.1, automatic), xserver-xorg-video-intel-hwe-16.04:amd64 (2:2.99.917+git20160706-1ubuntu1~16.04.1, automatic), xserver-xorg-core-hwe-16.04:amd64 (2:1.18.4-1ubuntu6.1~16.04.1, automatic), xserver-xorg-input-wacom-hwe-16.04:amd64 (1:0.33.0-0ubuntu1~16.04.1, automatic), thermald:amd64 (1.5-2ubuntu2, automatic), xserver-xorg-input-evdev-hwe-16.04:amd64 (1:2.10.2-1ubuntu1~16.04.1, automatic), linux-headers-generic-hwe-16.04:amd64 (4.8.0.36.8, automatic), xserver-xorg-video-nouveau-hwe-16.04:amd64 (1:1.0.12-2~16.04.1, automatic), xserver-xorg-input-all-hwe-16.04:amd64 (1:7.7+13ubuntu4~16.04.2, automatic), xserver-xorg-video-radeon-hwe-16.04:amd64 (1:7.7.1-1~16.04.1, automatic), xserver-xorg-video-ati-hwe-16.04:amd64 (1:7.7.1-1~16.04.1, automatic)
Remove: xserver-xorg-input-all:amd64 (1:7.7+13ubuntu3), xserver-xorg-input-synaptics:amd64 (1.8.2-1ubuntu3), xserver-xorg:amd64 (1:7.7+13ubuntu3), xserver-xorg-video-r128:amd64 (6.10.0-1build2), xserver-xorg-video-siliconmotion:amd64 (1:1.7.8-1ubuntu6), xserver-xorg-video-vesa:amd64 (1:2.3.4-1build2), xserver-xorg-video-nouveau:amd64 (1:1.0.12+git1607191931.6473b6~gd~x), xserver-xorg-video-amdgpu:amd64 (1.1.99+git1609091931.0f8df8~gd~x), xserver-xorg-core:amd64 (2:1.18.4-0ubuntu0.2), xserver-xorg-video-cirrus:amd64 (1:1.5.3-1ubuntu3), xserver-xorg-video-trident:amd64 (1:1.3.7-1build2), xserver-xorg-video-fbdev:amd64 (1:0.4.4-1build5), xserver-xorg-video-savage:amd64 (1:2.3.8-1ubuntu3), xserver-xorg-input-wacom:amd64 (1:0.32.0-0ubuntu3), xserver-xorg-input-vmmouse:amd64 (1:13.1.0-1ubuntu2), xserver-xorg-video-mach64:amd64 (6.9.5-1build2), xserver-xorg-video-sisusb:amd64 (1:0.9.6-2build5), xserver-xorg-video-intel:amd64 (2:2.99.917+git1609081931.15c5ff~gd~x), xserver-xorg-video-tdfx:amd64 (1:1.4.6-1build2), xserver-xorg-video-vmware:amd64 (1:13.1.0-2ubuntu3), xserver-xorg-input-evdev:amd64 (1:2.10.1-1ubuntu2), xserver-xorg-video-all:amd64 (1:7.7+13ubuntu3), xserver-xorg-video-ati:amd64 (1:7.7.99+git1609061931.38797a~gd~x), xserver-xorg-video-radeon:amd64 (1:7.7.99+git1609061931.38797a~gd~x), xserver-xorg-video-neomagic:amd64 (1:1.2.9-1build2), xserver-xorg-video-mga:amd64 (1:1.6.4-1build2), xserver-xorg-video-openchrome:amd64 (1:0.3.3+git20160310-1)
End-Date: 2017-02-19  03:21:21

Pages: 1 [2] 3 4 ... 8