tcit, le 25/09/2013 à 21:27
(Permalink)

CAFAI, le 27/09/2013 à 21:09
«Human Rights Watch has previously expressed concerns about the lack of adequate parliamentary oversight of intelligence services in France in the context of intelligence cooperation with countries with poor records on torture. In June President Hollande announced that an inspectorate of the intelligence services would be created, and that the powers of the parliamentary delegation would be broadened so as to strengthen its oversight. Can you confirm what the timeline is for these plans, and what steps are being taken to ensure that oversight of the security services is effective and independent?

As you know, the European Convention on Human Rights requires that any interference by a public body, with the right to privacy musthave an appropriate legal basis and be necessary and proportionate.

In a report of April 2013 the UN Special Rapporteur on freedom of opinion and expression, Frank La Rue, urged States to regard communications surveillance as “a highly intrusive act that potentially interferes with the rights to freedom of expression and privacy and threatens the foundations of a democratic society.”»
(Permalink)

CAFAI, le 27/09/2013 à 21:07
Règles internationales des fréquences hertziennes (pdf)
(Permalink)

Fchaix, le 18/09/2013 à 22:16
Plein de commandes utiles dans vim.
(Permalink)

CAFAI, le 27/09/2013 à 21:05
cheatsheet vim
(Permalink)

CAFAI, le 27/09/2013 à 21:04
The following files contain the full English documentation for Vim and the Vim FAQ in a single PDF file. The files are fully cross referenced using interal hyperlinks. Each file is about 11 MB.

pdf A4 : http://nathangrigg.net/vimhelp/vimhelp-a4.pdf
pdf iPad: http://nathangrigg.net/vimhelp/vimhelp-ipad.pdf

Automatic conversion script : https://github.com/nathangrigg/vimhelppdf

A blog post with more information: http://nathangrigg.net/2013/09/reproducing-vim-help-as-a-fully-cross-referenced-pdf/
(Permalink)

CAFAI, le 27/09/2013 à 21:03
Expert en télécommunications, porte-parole de French Data Network, le plus ancien fournisseur d’accès à Internet en France encore en exercice et actuel président de la Fédération FDN, Benjamin Bayart viendra nous exposer ce qu’est effectivement Internet et comment cet outil a permis de modifier fondamentalement la façon dont nous faisons société.

Il existe donc désormais un outil qui offre la possibilité à chacun d’entre nous, non seulement d’accéder à tout moment à une multitude de contenus, mais également de diffuser ses propres contenus de façon autonome (ou pas) et sans que ces contenus soient au préalable filtrés, analysés, avalisés ou censurés par une tierce partie (ou pas).

Dès lors des enjeux forts semblent vouloir se dégager si l’on souhaite défendre ce bien commun qu’est l’Internet. Parmi ces enjeux citons à minima celui qui consiste en la nécessité de préserver la neutralité du réseau, condition sine qua non si l’on souhaite défendre les libertés fondamentales telle que celle énoncé dans l’article 11 de la déclaration des droits de l’homme et du citoyen qui garantit à tout citoyen le droit de parler, écrire et imprimer librement.

Cette conférence tous publics est l’occasion pour tous, quelques soient vos connaissances en informatique, de découvrir ou de redécouvrir pourquoi et comment internet doit rester un espace d’échange libre et ouvert.

La conférence se déroulera le samedi 5 octobre 2013 de 16h à 17h en salle des conférences B001 (RDC de la faculté Segalen).

A retrouver aussi sur https://confs.fr
(Permalink)

CAFAI, le 27/09/2013 à 21:02
Back in June, when the contents of Edward Snowden's cache of NSA documents were just starting to be revealed and we learned about the NSA collecting phone metadata of every American, many people -- including President Obama -- discounted the seriousness of the NSA's actions by saying that it's just metadata.

Lots and lots of people effectively demolished that trivialization, but the arguments are generally subtle and hard to convey quickly and simply. I have a more compact argument: metadata equals surveillance.

Imagine you hired a detective to eavesdrop on someone. He might plant a bug in their office. He might tap their phone. He might open their mail. The result would be the details of that person's communications. That's the "data."

Now imagine you hired that same detective to surveil that person. The result would be details of what he did: where he went, who he talked to, what he looked at, what he purchased -- how he spent his day. That's all metadata.

When the government collects metadata on people, the government puts them under surveillance. When the government collects metadata on the entire country, they put everyone under surveillance. When Google does it, they do the same thing. Metadata equals surveillance; it's that simple.

http://www.wired.com/opinion/2013/06/phew-it-was-just-metadata-not-think-again/
(Permalink)

CAFAI, le 27/09/2013 à 21:01
Dans son rapport sur le projet de loi d'indépendance de l'audiovisuel public, le sénateur socialiste David Assouline explique avoir renoncé à son amendement de transfert de la Hadopi vers le CSA pour permettre à l'Assemblée d'en débattre, et pour élargir le sujet. Mais il affirme qu'il ne faut pas que le CSA devienne régulateur d'Internet, comme l'espère pourtant son président Olivier Schrameck.
(Permalink)

CAFAI, le 27/09/2013 à 21:01
Sous le nom générique (et souvent erroné) de NAT se trouve tout un zoo de techniques variées et n'ayant en commun que leur complexité et leur fragilité. Ce nouveau RFC documente les problèmes liés à une technique particulière, nommée « double NAT » ou « NAT 444 » ou encore « CGN ». Lorsqu'un malheureux paquet IP subit deux traductions, qu'est-ce qui va casser ?
(Permalink)

Sammy Fisher Jr, le 25/09/2013 à 17:43
Et voilà... on en parlait, ils sont en train de le faire : utiliser le droit des femmes comme cheval de Troie pour censurer les hébergeurs.
(Permalink)

CAFAI, le 27/09/2013 à 21:00
Dans un rapport d’information déposé à l’Assemblée nationale le 17 septembre 2013, la délégation aux droits de la femme et à l’égalité des chances préconise plusieurs mesures pour renforcer la lutte contre la prostitution. La députée Maud Olivier réclame spécialement le filtrage ou plutôt blocage administratif des sites proposant ces services tarifés.
(Permalink)

CAFAI, le 27/09/2013 à 20:58
HowTo Reverse DNS

Documentation existante:

   Installation et configuration de bind
    Gestion des zoneshttp://chiliproject.tetaneutral.net/projects/tetaneutral/wiki/Bind
   BIND - http://chiliproject.tetaneutral.net/projects/tetaneutral/wiki/Bind#Gestion-des-zones
(Permalink)

CAFAI, le 27/09/2013 à 20:57
validns, a high performance DNS/DNSSEC zone validator.



Validns is a standalone command line RFC 1034/1035 zone file validation tool that, in addition to basic syntactic and semantic zone checks, includes DNSSEC signature verification and NSEC/NSEC3 chain validation, as well a number of optional policy checks on the zone.

The utility was developed with the goal of it being the last verification step in the chain of production and publication of one or more zones containing up to many thousands (or millions) of signed records, making the speed of operation a primary focus, and reflect on validns’ design.

The utility is currently being used by several major DNS operators.

Currently, validns offers the following features:

   parse RFC 1035-compliant zone files (so called “BIND” file format)
   supports most of the standard record types
   informs the user precisely where and what the errors are
   verifies RRSIG signatures
   NSEC/NSEC3 chain validation
   supports signature validation in the future or in the past
   built-in policy checks
(Permalink)

CAFAI, le 27/09/2013 à 20:56
Se débarasser de github,gmail

«Redirect that monthly allowance you send Github’s way and purchase your own point of presence on the internet. Get a domain name. Get off Gmail. Maintain your own social presence. Start to stop being the product.»
(Permalink)

CAFAI, le 27/09/2013 à 20:55
Une critique de StartSSL
(Permalink)

CAFAI, le 27/09/2013 à 20:54
SSL/TLS Deployment Best Practices

SSL/TLS is a deceptively simple technology. It is easy to deploy, and it just works . . . except that it does not, really. The first part is true—SSL is easy to deploy—but it turns out that it is not easy to deploy correctly. To ensure that SSL provides the necessary security, users must put more effort into properly configuring their servers.

In 2009, we began our work on SSL Labs because we wanted to understand how SSL was used and to remedy the lack of easy-to-use SSL tools and documentation. We have achieved some of our goals through our global surveys of SSL usage, as well as the online assessment tool, but the lack of documentation is still evident. This document is a first step toward addressing that problem.

Our aim here is to provide clear and concise instructions to help overworked administrators and programmers spend the minimum time possible to obtain a secure site or web application. In pursue of clarity, we sacrifice completeness, foregoing certain advanced topics. The focus is on advice that is practical and easy to understand. For those interested in advanced topics, we provide references at the end of the guide.

Download the guide:

   SSL/TLS Deployment Best Practices (PDF)
   Version 1.3 / 17 September 2013

https://www.ssllabs.com/downloads/SSL_TLS_Deployment_Best_Practices_1.3.pdf
(Permalink)

CAFAI, le 27/09/2013 à 20:54
From now on, you should see a delightful lock next to https://konklone.com in your browser’s URL bar, because I’ve switched this site to use HTTPS. I paid $0 for the trouble.

Why you should bother doing the same:

   SSL’s not perfect, but we need to make surveillance as expensive as possible
   For privacy not to be suspicious, privacy should be on by default
   And hey, bonus: more complete referrer information in Google Analytics for people visiting from sites already using HTTPS (like Hacker News).

This post shows how to do your part in building a surveillance-resistant Internet by switching your site to HTTPS. Though it takes a bunch of steps, each one is very simple, and you should be able to finish this in under an hour.

A quick overview: to use HTTPS on the web today, you need to obtain a certificate file that’s signed by a company that browsers trust. Once you have it, you tell your web server where it is, where your associated private key is, and open up port 443 for business. You don’t necessarily have to be a professional software developer to do this, but you do need to be okay with the command line, and comfortable configuring a web server you control.

Most certificates cost money, but at Micah Lee’s suggestion, I used StartSSL. They’re who the EFF uses, and their basic certificates for individuals are free. (They’ll ask you to pay for a higher level certificate if your site is commercial in nature.) The catch is that their website is difficult to use at first — especially if you’re new to the concepts and terminology behind SSL certificates (like me). Fortunately, it’s not actually that hard; it’s just a lot of small steps.

Below, we’ll go step by step through signing up with StartSSL and creating your certificate. We’ll also cover installing it via nginx, but you can use the certificate with whatever web server you want.
(Permalink)

hoa, le 27/09/2013 à 20:53
Je me suis toujours demandé pourquoi sous Linux VLC lançait une nouvelle instance à chaque nouveau fichier.

En fait, il suffit juste de cocher une option. :)
(Permalink)

CAFAI, le 27/09/2013 à 20:53
So I'm scanning the Internet with a DNS version request, because it'd be a useful datapoint in my Friday #Brucon talk mentioning that BIND is still the overwhelming favorite DNS server on the Internet. The abuse reports are an interesting read, such as one that claims "This activity is neither just a scanning nor unexpected attempts, but a sophisticated attack". Nope, it's just scanning, and terribly unsophisticated
(Permalink)

herveleblouch, le 27/09/2013 à 20:53
>> pour la simplification de la gamme d'outillage

le kit farel est un kit d'outils simple composé d'outils classiques (tournevis, clés, etc..) pour monter ou réparer des produits achetés dans le commerce certifiés "kit farel".

(plus besoin de rechercher "la clé adéquate" dans son atelier de 12m² en bordel)
(Permalink)

CAFAI, le 27/09/2013 à 20:52
Tomorrow, the European Commission will finally release its long-awaited draft proposal for a Regulation to complete the European single market for electronic communications. After promising the European Parliament strong measures in favour of net neutrality during her nomination hearing in 2010, she is now seeking to ensure its destruction.

"It is very disappointing that the Commission has failed to propose meaningful Net neutrality safeguards and end restrictions on freedom of communication of European citizens – after endless promises to do so" says Joe McNamee, Executive Director of EDRi, "it is now up to the European Parliament to protect freedoms in Europe."

In 2010, Kroes said that discrimination by internet companies for "commercially motivated reasons, that is absolutely a no go". Today, she is legislating for this discrimination. She now proposes to:

   allow special deals as long as they do not "substantially" impair the general quality of internet access services (see recital 50) and
   as long as they are not “widely used as a substitute for internet access service" (see article 2 – paragraph 15);
   allow special deals between access and content providers as long as they do not “impair in a recurring or continuous manner the general quality of internet access services" (see article 23 – paragraph 2 part 2)
   a broad range of exceptions to the prohibition of discriminatory measures (see article 23 (5) – a to d)

The opposition to Kroes in the Commission was huge. Senior Commissioners like Internal Market Commissioner Michel Barnier, Home Affairs Commissioner Malmström, Enterprise Commissioner Antonio Tajani and Justice and Fundamental Rights Commissioner fought hard to protect European businesses and citizens – but their arguments fell on deaf ears.

The European Commission Directorate-General for Justice went so far as to state that they were "concerned that such provisions risk having a great negative impact on consumers' freedom of expression and information, as guaranteed by Article 11 of the Charter" of Fundamental Rights.

If you want to find out in detail what the Regulation means for fundamental rights and the open, neutral Internet in Europe, you can read our FAQ here (pdf)

http://www.edri.org/files/11092013-FAQ-NN-regulation.pdf
http://ec.europa.eu/transparency/regdoc/rep/1/2013/EN/1-2013-627-EN-F1-1.Pdf
(Permalink)

Les Petits Liens Malfaisants, le 27/09/2013 à 14:29
Pour HADOPI :-)
(Permalink)

Neuromancien, le 27/09/2013 à 20:51
via http://petitetremalfaisant.eu/shaarli/?aXD74Q
(Permalink)