Fuyez Amazon (et les DRM en général)
Tout récemment, une lectrice sur Amazon Kindle a vu son compte Amazon fermé sans explication. Conséquence immédiate : elle ne peut plus lire aucun des livres qu'elle avait achetés chez eux. Les réponses du service clients se résument grosso modo à : « on est dans notre droit et on vous emmerde ».
apt-get install mini-debconf goodies-debian
Vous avez peut-être entendu parler de la mini-DebConf à venir. Une mini-DebConf, c'est un rassemblement de debianistes avec des conférences et des ateliers. Et donc, il va y en avoir une à Paris, le week-end des 24 et 25 novembre.
An email header field to indicate you would like encrypted replies
As you may know, when Phil Zimmermann published PGP, his goal was to counter the wide spying possibilities the development of electronic communications offered to the authorities, by promoting the general use of encryption so that 1. governments would not be able to restrict it afterwards and 2. it becomes possible to encrypt messages for privacy without drawing suspicion.
Now, cryptography has made its way and is widely use, but mostly for commercial website and only sparsely for mail. Indeed, contrary to signing, encrypting a message requires that the recipient has a crypto key and is able and willing to use it to decrypt your message.
To alleviate this problem, I thought that it would be useful to have a way, when sending a message, to tell your recipients that you would like that they encrypt their answers, because you are able and willing to get encrypted mail. I think the most relevant way to do that would be by adding a dedicated header field:
Encryption-Desired: PGP
In that header, one would be able to indicate what protocols he accepts. I suggest a comma-separated list, with the following possible values: PGP (or PGP/MIME and PGP/traditional for people that only accept one of these two PGP formats), S/MIME. For instance:
Encryption-Desired: PGP/MIME, S/MIME
It may be useful to be able to indicate that you either always wish your
messages to be encrypted, or that it is only for this message's replies. If this
is really relevant, it would take two distinct headers: Encryption-Desired and Reply-Encryption-Desired.
Any thought about that proposal? Next thing to do, determine how to have that standardized at IANA and how to promote it.
Why phishers must looove smartphones
Phishing is a fraud technique that consists in reproducing the content of a targeted website, directing users to it, and recording their credentials when they log into your website. It is like fishing fish with fake food, only you phish humans with fake websites.
Well, I have a good news for the phishers: people are using more and more smartphones, and mobile browsers are making your job really easy. In fact, many regular smartphone user simply have no way to tell your fake website apart from the real one.
Naming LVM volume groups
Classified in : Homepage, Debian, Command line
When you start using Linux' logical volume manager, one of the first question you have to answer is: what name will you give to your volume group? The usual answer is: vg1, vg2, etc. Although it does not bear any specific meaning, this naming convention is simple and seems functional enough.
In fact, this is a bad idea, which can have nasty consequences on the long term. Here is why: one day, your computer will eventually give out. To save your precious data, you will remove its drives and plug them into another computer. If you are using LVM with the same naming convention on that second computer, you will then get a name conflict, which will prevent you from seeing the volume group you want to recover.
The solution is to name volume groups uniquely across all your computers, and if possible other people's. An elegant way to achieve this is to use your host names as a basis. For instance, on a machine called “Piñacolada”, you would name a single volume group “pinacolada”, or two volume groups “pinacolada1” and “pinacolada2”. Or perhaps “vg-pinacolada0” or whatever, you get the idea.