William A. Mahaffey III
2015-Sep-18 09:09 UTC
HTTPS on freebsd.org, git, reproducible builds
On 09/18/15 08:47, Daniel DP. Plominski wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > well, encryption does not cost much, most mobile devices are now fast enough > for IP obfuscation there vpn providers or anonymity networks like Tor > > you should look for "when leaken metadata", customized Firefox > versionslike the "torbundle" package or FreeBSD features such as: > disabled tcp timpstamp, activated net.inet.ip.stealth etc. > > may be that the most information are not critical of freebsd.org > on a page about political commitment, however, twice what you click on > > in the post snowden/nsa area, i think it is not heard now de rigueur, > but should be compulsory > > best regards > Daniel Plominski > Am 18/09/15 um 14:32 schrieb Mark Felder:Where is that 'net.inet.ip.stealth' setting ? I didn't find it in my /etc/defaults/rc.conf file .... [root at kabini1, /etc, 9:09:24am] 347 % grep stealth defaults/rc.conf [root at kabini1, /etc, 9:09:25am] 348 % uname -a FreeBSD kabini1.local 9.3-RELEASE-p24 FreeBSD 9.3-RELEASE-p24 #0: Sat Aug 22 01:54:44 UTC 2015 root at amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64 [root at kabini1, /etc, 9:09:27am] 349 % -- William A. Mahaffey III ---------------------------------------------------------------------- "The M1 Garand is without doubt the finest implement of war ever devised by man." -- Gen. George S. Patton Jr.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 well, encryption does not cost much, most mobile devices are now fast enough for IP obfuscation there vpn providers or anonymity networks like Tor you should look for "when leaken metadata", customized Firefox versionslike the "torbundle" package or FreeBSD features such as: disabled tcp timpstamp, activated net.inet.ip.stealth etc. may be that the most information are not critical of freebsd.org on a page about political commitment, however, twice what you click on in the post snowden/nsa area, i think it is not heard now de rigueur, but should be compulsory best regards Daniel Plominski Am 18/09/15 um 14:32 schrieb Mark Felder:> > > On Fri, Sep 18, 2015, at 07:21, Mark Felder wrote: >> >>> Same goes for use of svn, which has no native >>> signable hashed commit graph, as freebsd's >>> canonical repo... instead of git which does. >>> >> >> svn is available over https >> > > I got caught up in the https discussion and didn't cover this properly. > > No, I don't think we're going to use git any time soon. There's an > official mirror here, though: > > https://github.com/freebsd/ >-----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJV/BSXAAoJEHqkZNWiQao7eLcQALn2BmgWR+GIA61OKzBnO3xQ RKSXyJDONYhiQRG53TEmukFxfOuW4nzsWCpu4Qb+OEr+DdvbujDH+9CpzvF3CkNW iw9WfSsmtjGMpfDQU27o6+QMSJfXgNGel3iPYYr+uYwpUXks0AS+FAFQJ3vr9G/N 5jKTj0UJJvplqRc/eaRuRREfxlWL5pC8ngEILs2Wk+B54+0L3jpk9pbOO5aLkFPE F99CFSWLkx2hI6plXMHO4pwfoBXn4satcUp41flHmPTLPO9HKdfi+RaT9bfE7Apb iSQ06dGE16uGWj75/+Mv6Dt5DpIX1iKgodvGsizl2H5xviuIgKpMN9d/wMLAdKBu UGbvGgLaSlcFjwVTkN5hV5WtlpG1LHctQF3oU7iWnvZklYIPvwLUXpUp0sKrqsvi zlHywQwR7Ym3n4icRrE+l38HdZDnVAmw6DLuqTKCdXp1K4/oNywArZh9A8btX+1W i1Qz5odpqI1fiC6qXzU13ymaOTkRN1oeyuDpwjoIrLe24/kJRfIyGu91ptn4OmVC JS+XAQ1NGgFVXTvSO1HfyR5P304BvqRUxr3MK7d8iba5fIgAg5cPqicSQC1A/F5D At1+38mRtSxy7De9jHwfbEndi/sDO+gUJwfV/2KaAW4lrf7nGt727tBesBveVysk 6Jsj+nHsBKp02hkB9R4p =1Yo9 -----END PGP SIGNATURE-----