NSA: Please Turn off the Lights When You Leave. Nothing to See Here.

Linux Advocate Dietrich Schmitz shows how the general public can take action to truly protect their privacy using GnuPG with Evolution email. Read the details.

Mailvelope for Chrome: PGP Encrypted Email Made Easy

Linux Advocate Dietrich Schmitz officially endorses what he deems is a truly secure, easy to use PGP email encryption program. Read the details.

Step off Microsoft's License Treadmill to FOSS Linux

Linux Advocate Dietrich Schmitz reminds CIOs that XP Desktops destined for MS end of life support can be reprovisioned with FOSS Linux to run like brand new. Read how.

Bitcoin is NOT Money -- it's a Commodity

Linux Advocate shares news that the U.S. Treasury will treat Bitcoin as a Commodity 'Investment'. Read the details.

Google Drive Gets a Failing Grade on Privacy Protection

Linux Advocate Dietrich Schmitz puts out a public service privacy warning. Google Drive gets a failing grade on protecting your privacy.

Email: A Fundamentally Broken System

Email needs an overhaul. Privacy must be integrated.


Cookie Cutter Distros Don't Cut It


The 'Linux Inside' Stigma - It's real and it's a problem.

U.S. Patent and Trademark Office Turn a Deaf Ear

Linux Advocate Dietrich Schmitz reminds readers of a long ago failed petition by Mathematician Prof. Donald Knuth for stopping issuance of Software Patents.

Thursday, April 24, 2014

Two stories critical of systemd taken offline

by Dietrich Schmitz

There are two stories I wrote last year in progression as I waded through a sea of technical information regarding systemd.

The two taken in totality paint a picture that would represent I am against systemd.

In a follow-on story, I continue my technical evaluation of the merits of systemd including cgroups.

My conclusion then and today is that systemd is, on net, a technology advancement which I accept and use today in Fedora 20.

A site has recently been using one of those stories as reference material in a campaign to boycott systemd.  I do not wish to be associated with any such campaign.

Accordingly, I have taken off-line those two stories which are now inconsistent with my viewpoint.  

People can change their minds about things, and often do, as I have done.

All hail Lennart Poettering.  -- Dietrich

Monday, April 21, 2014


by Dietrich Schmitz

You read that right.  I deem Google's proprietary Chrome (Freeware License) browser UNSAFE FOR GENERAL USE .

I can't make it any clearer than that.

Why is Google's Chrome browser unsafe?

It's pretty simple.  Google chose to not allow Chrome's code base to be shareable to the general public.

For your purposes, that means it doesn't operate under Open Source Gnu General Public License v2 (GPLv2) license terms which would allow the entire code base to be independently vetted by external audit for hidden vulnerabilities and exploits that may be resident much like HeartBleed in openSSL and NIST's Eliptical Curve Cryptography (ECC) which was discovered to have been weakened by the NSA.  The aforementioned rogue bugs lay hidden for quite some time, exploitable to those who knew of their presence.

The only ray of sunshine is that their source code is open source, which allowed discovery and corrective action to be taken.

Sadly, one has to draw the line in today's world.  We know the score with the NSA.  The Fox is in the hen house and now it's time to take action.

Severe action is needed.  

Accordingly, I am putting Google on notice and charging them with knowledge that their code base is 'closed' to the general public and must be 'opened' for independent external audit to assure no vulnerabilities exist of any kind (excluding discovered defects in Chrome's upstream dependencies).

It's no more Google Chrome for me.  And I hope you will follow suit.

Take action.  Switch to a 100% open source browser, like Mozilla's Firefox or Midori or Gnome's Web or KDE's Konqueror today.

I would remind the readers that despite assurances from Google to consumers that their privacy remains intact, it turns out last year that the NSA were able to drill through Google's SSL firewall and pitch camp on the inside for an unspecified period of time, unbeknownst to Google, as they sampled the clear text unencrypted Gmail and Drive meta data belonging to you.  Of course, publicly Google expressed outrage for what the NSA had done.

But actions speak louder than words.  You see, Google has had ample time to formally announce and roll out strong encryption for Gmail and Drive for their consumer-facing services.  To date, they have done nothing.  

Yet, on their commercial service side, they quickly reacted to the Fox in the Hen House last year and put in place FIPS governmental standard strong encryption.  

Corporate America is 'big business'.  Consumers play second fiddle, and because Google state in a revised language TOS agreement that they parse your clear text meta data to generate advertising revenue, the message to the consumer is that 'profit' takes precedence over their privacy.  

That is simply unacceptable and quite worrisome despite the 'lip service' they have given on tightening up their SSL standard.

No, consumer data, yours, is still sitting in clear text drive storage medium in the Gmail / Drive cloud where it can be read at will if/as/when it suits Google and/or any other governmental agency.

And, with Chrome being closed source, there is no way to know for sure what is or isn't happening during your Internet browser sessions is there?

Dear Reader, switching to open source is the only way that Security through Transparency can be achieved.  Do it today.


-- Dietrich

Enhanced by Zemanta

Friday, April 18, 2014

Advocating for Security through Transparency

by Dietrich Schmitz

That's a screen shot (below) of the BitBucket repository for commits to ongoing development of dwb (dynamic web browser).

Oh, that's nice.  What's my point?

dwb is 100% pure Gnu Public Licensed code. That means, you, anyone, developers, users, the world, can see it, change it, for free. That has always been the basis for GPLv2 and the primary reason for why I opt to use dwb. Want to know what's going on with their code? Help yourself -- look around. Only, don't forget to turn the lights out when you leave. ;)

dwb (dynamic web browser) BitBucket repository commits page

You don't get that with Google's Chrome. Nope. Sorry. They won't let you see their code base. Of course, they are within their legal rights to do so, but, that doesn't mean I have to use their browser if I cannot know what it is doing, do I?

Ask yourself this question: Notice lately how Google Plus will periodically 'freeze' with the cpu utilization at 100%? 

What are they doing exactly?  (Shrugs)

That's Chrome doing whatever it does. :/ Whatever has a big question mark hanging over it for me.  My confidence in Google to 'Do No Evil' has fallen dramatically in the past 9 months since the Edward Snowden NSA Prism and other revelations.

You see, 'proprietary code' (not open source) often leads to some level of exploitation for commercial or 'other' purposes. Because Chrome is 'closed source', we cannot know for certain 'if' Google cooperates in some capacity with governmental information collection and sharing. That's because there is no public access for review of their code base, unlike dwb.

Taking the overt step to use dwb is my personal choice.  Yours may be different, but, if you truly believe in the power we (Humanity) hold over the "n'er-do-wells" of the world by embracing Open Source, then I urge you to make it your policy to not use proprietary software.  Take a stand and fight back. Set an example for others to follow and use open source applications only such as dwb, Mozilla Firefox, for the sake of security through transparency.

-- Dietrich
Enhanced by Zemanta

Wednesday, April 16, 2014

dwb - A Webkit Browser, Highly Understated, Lightweight and FAST

by Dietrich Schmitz

I've been looking for browser alternatives to Chrome and Firefox.

Both are relatively bulky -- replete with features -- which is to be expected.

Chrome does things I don't like and I simply cannot account for why. At times it will remain quiet and at other times it will do whatever it decides to do and throttle up even pegging the cpu. My netbook strains to cooperate when that happens.

To a lesser extent that happens with Firefox, but really not nearly as often. I know from personal experience that opening a google plus tab will elicit periods of frenetic cpu activity which I watch in my LXDE cpu graph. Seconds can pass even minutes before Chrome settles down.  That annoys me.

So, I know Google Chrome is not 100% open source like Chromium. What are they doing exactly with my bandwidth? There is no way to know for sure and there certainly isn't any transparency given one cannot see Google's Chrome source code. That is 'off limits'.

This goes against the grain with me. I hold in reverence open source standards; Gnu Public License v2 in particular ensures public oversight to any single piece of code used.

This is what transparency is all about. It's hard to create 'rogue' code in the open source world, when 'many eyes' can see what is or isn't being coded and if something is 'amiss', corrective action can be taken appropriately.

Still, one wonders, if Linux was not open source, how long would such exploits thrive before being noticed? That is an important question and a major distinction for readers to consider -- especially those who currently depend on proprietary and closed source Microsoft Legacy (x86) Windows. Transparency is not a given in the Windows world.

Alright, you get the point. So, I began looking for something which is more lightweight and open source and, as important, would run reasonably well on my Netbook without pegging the cpu like Chrome does. Luckily, after a few days of searching around with Google and testing various browsers, I came upon one obscure Lightweight browser called dwb (dynamic webkit browser). It struck me at how minimal the developer's web page appeared to be. That minimalist mindset fit with my programming philosophy and was just what I was looking for.

With that, initially, I installed a revision of dwb found in the Fedora 20 repo. It worked, but, for some unknown reason it was not recognizing the presence of Adobe's Flash plugin. And, even after I reinstalled the newest 11.2.202 update, the error still persisted on youtube's website.

So, I uninstalled dwb with yum and then dispatched directly to the BitBucket dwb project site which supports git, downloaded a copy of the project, manually compiled and installed the newest version of dwb. That fixed the flash problem. That was yesterday and I've been puttering around using dwb exclusively ever since.

This is day two and I am here posting up my experience with dwb after several hours of use under my belt.

What a hoot. That's right. dwb is making me smile and I really think it is funny how straight up I was able to quickly adapt to using a 'keyboard-centric' minimalist browser and it got me to thinking about the general public.

People tend to be lazy and are reluctant to change habits.

But using dwb was not a radical change either.

In fact after a few minutes of googling dwb, I located some documentation at the BitBucket git project where dwb is developed and also some good material on the Arch wiki. (Is there ever anything but 'good' material on the Arch wiki?)

So, I admit being a computer geek does help getting up to speed. But I would bet some of the curious readers might be wondering if they should try dwb.

I say: "Why not?"

You stumble. You fall. You then pick yourself up, dust off and try again. It's like your first experience with a bicycle and training wheels as a child. After a while (hours) you start building up confidence as navigation becomes easier. Reading the Arch Wiki on dwb helped immensely and I don't think I have read for more than a half hour to find the keyboard shortcuts I use most often.

It's not that you can't use your mouse. Quite the opposite. A judicious amount of mouse use in combination with the keyboard will result in gained efficiency as you begin recalling which key does what.

I began to chuckle at how fast I was able to perform the same tasks on dwb verses Google Chrome. And I would add that I have yet to see an open tab to Google Plus peg the cpu -- not once has it happened. So, that makes me wonder even more -- what the heck is Chrome doing with my bandwidth? 

As I continued using dwb, the thought occurred to me, it's not just that dwb is small, compact and arguably the fastest browser -- it's that the keyboard still provides major advantages when included in the design of any software. As the dwb home page says:

"dwb is a lightweight web browser based on the webkit web browser engine and the gtk toolkit. dwb is highly customizable and can be easily configured through a web interface. It intends to be mostly keyboard driven, inspired by firefox's vimperator plugin."

And that is the point:  Keyboard optimization.  The icing on the cake is, if you should happen to know how to use the vi editor, all the better, as many of dwb's shortcuts parallel with vi.


  • vi-like shortcuts
  • Link following via keyboard hints
  • Bookmarks
  • Quickmarks
  • Cookie support, whitelisting of cookies
  • Proxy support
  • Userscript support
  • Tab completion for history, bookmarks, userscripts
  • Custom stylesheets
  • Javascript blocker with whitelisting support
  • Flash plugin blocker with whitelisting support
  • Adblocking with filterlists
  • Webinterface for keyboard and settings configuration
  • Custom commands, binding command sequences to shortcuts
  • Extendable via extensions/scripts
  • Extension manager

So, are you feeling adventurous today? Give dwb a try.

dwb should be found in your Distro's repo, otherwise, the above link reaches the git repo.

Reach me with questions. -- Dietrich

Enhanced by Zemanta

Monday, April 7, 2014

Get in the Game. Fedora is Linux Done Right

by Dietrich Schmitz

Join Fedora's growing community backed by a multi-billion dollar sales commercial Distribution, Red Hat Enterprise Linux (RHEL).

Consolidated development on one Distribution with continual refinement and focus. Don't waste time with non-standard cookie cutter, me too Distros which, most likely, won't be here in five years.

The next Fedora Desktop Linux is taking shape, continually evolving.  Being the first to include new advanced technologies like systemd, Fedora leads the way to the future of Linux.

That's right.  Fedora is a 'test bed' for future RHEL feature enhancements. Most importantly, work done on Fedora is 100% Linux Standard Base (LSB) ISO compliant.

How important is Linux Standard Base?

One need only look to the pure number of Distros that exist today for examples of variation to understand the problems inherent in added complexity introduced by ignoring standards like LSB.

So, download Fedora today.

And, Get in the Game. Fedora is Linux Done Right.

-- Dietrich

Enhanced by Zemanta

Thursday, April 3, 2014

NSA: Please Turn the Lights off When You Leave. Nothing to See Here.

by Dietrich Schmitz

It's all out in the open now. The NSA can 'cherry pick' your private and personal Internet meta data whenever they wish. Right?

Wrong. They cannot.

That is, of course, provided you, the general public, place obstacles in their way which will impede, or, better yet, stop them entirely from peering into your private affairs.

Yes, that's right. You have tools at your disposal which will most assuredly put the kibosh on the NSA. Stop them cold in their tracks. They'll come, discover they can't see anything, and leave.

What is it that will stop them from seeing your private data?:

Gnu Privacy Guard (GnuPG) or, just GPG for short.

Free and Gnu Public Licensed GnuPG is a form of strong encryption which has been deemed by experts, including whistle blower Edward Snowden, as effective in keeping your data from being snooped upon.

I recommend to Linux users free Gnu Public Licensed Evolution email for both personal and business needs. (Image left, Edward Snowden, credit: Flickr user DonkeyHotey)

Evolution email running on my Fedora 20 LXDE Desktop

Evolution is feature-complete, mature (that means stable), and supports GnuPG (OpenPGP) encryption formatted email.

Use it once or twice and I am confident you'll get the hang of it.  It will even use your existing Gmail or other email account with secure TLS POP3/IMAP connectivity.

And, for those eager to install Evolution, here is a good tutorial to get you up to speed quickly.

Need to wrap your mind around GPG? Read more about it here.

Just to give you a visual of what an Evolution created gpg-encrypted gmail looks like 'after the fact' from Gmail's web view -- there's truly nothing to see -- this is what the Google staff and NSA would find:

Evolution GPG-protected email stored on Gmail.  Nothing to see.

And, as always, if you have questions or need help, do not hesitate to contact me.

So, NSA? Please turn off the lights when you leave. Nothing to see here.  Thanks!

-- Dietrich

Enhanced by Zemanta