Fwd: Facebook’s manual on credible threats of violence (theguardian.com) 2017-05-24 No Comments

Interesting and disturbing:
Facebook’s manual on credible threats of violence (theguardian.com)

Re-introducing app-portage/fetchcommandwrapper 2017-05-16 No Comments


When I started fetchcommandwrapper about 6 years ago it was a proof of concept: It plugged into portage replacing wget for downloads, facilitating ${GENTOO_MIRRORS} and aria2 to both download faster and distribute loads across mirrors. A hack for sure, but with some potential.

Back then public interest was non-existent, fetchcommandwrapper had some issues — e.g. metadata.xsd downloads failed and some sites rejected downloading before it made aria2 dress like wget — and I stopped using it myself, eventually.

With the latest bug reports, bugfixes and release of version 0.8 in Gentoo, fetchcommandwrapper is ready for general use now. To give it a shot, you emerge app-portage/fetchcommandwrapper and append source /usr/share/fetchcommandwrapper/make.conf to /etc/portage/make.conf. Done.

If you have extra options that you would like to pass to aria2c, put them in ${FETCHCOMMANDWRAPPER_EXTRA}, or ${FETCHCOMMANDWRAPPER_OPTIONS} for fetchcommendwrapper itself; for example


tells fetchcommandwrapper that my download link has 600KB/s only and makes aria2 in turn drop connections to mirrors that cannot keep up with at least a third of that, so that faster mirrors get a chance to take their place.

For non-ebuild bugs, feel free to use https://github.com/gentoo/fetchcommandwrapper/issues to report.

Best, Sebastian

Disqus(ting) / Fwd: What’s Wrong with Disqus? 2017-05-08 No Comments

What’s Wrong with Disqus? / Replacing Disqus with Github Comments (donw.io)

Fwd: x11-misc/safeeyes: Protect your eyes from eye strain / asthenopia 2017-04-30 No Comments

Hey there!

If you are not subscribed to the new Gentoo packages feed, let me quickly introduce you to SafeEyes that I started using on a daily basis. It has found it’s way into Gentoo as x11-misc/safeeyes now. This article does a good job:

SafeEyes Protects You From Eye Strain When Working On The Computer (webupd8.org)

Best, Sebastian

Fwd: An der Basis gegen Amazon 2017-04-09 No Comments

An der Basis gegen Amazon (jetzt.de, Eva Hoffmann)

Fwd: Wer ist eigentlich meine verrückte Nachbarin 2017-03-27 No Comments

Ohne viele Worte: Wer ist eigentlich meine verrückte Nachbarin (ZEIT Online)

Why I recommend Debian over Ubuntu by now 2017-02-28 No Comments

I recently noticed that I would clearly suggest Debian over Ubuntu to someone about to make that choice.

A few reasons why:

  • The Chromium browser lagged so much behind Debian in Ubuntu recently, that payment on AirBnB would fail on Ubuntu (16.10) while working well on Debian; the update/fix took way too long.
  • The corefonts installer is broken (and not hard to fix) in Ubuntu (16.10). I would not recommend any of the workarounds I have seen, the bug is not fixed for two years. Affected a non-IT friend of mine.
  • The shutdown process of a freshly installed Ubuntu 16.04 took ages due to the cups-browsed daemon. Experienced that at a Linux install party.
  • Pycharm freezes soon after start-up on Ubuntu (16.10)
  • Right now Debian has Postgresql 9.6, latest alpha Ubuntu only has Postgresql 9.5 (while we want 9.6 features on the server at work).
  • The Debian community will like you way better if you are not actually on Ubuntu if you end up asking questions in the Debian channel at some point (say you have questions on Debian packaging)

So much for now.

Creating Fedora chroots on Debian, Gentoo, … easily 2017-02-18 No Comments


Just a quick tip on how to easily create a Fedora chroot environment from (even a non-Fedora) Linux distribution.

I am going to show the process on Debian stretch but it’s not be much different elsewhere.

Since I am going to leverage pip/PyPI, I need it available — that and a few non-Python widespread dependencies:

# apt install python-pip db-util lsb-release rpm yum
# pip install image-bootstrap pychroot

Now for the actual chroot creation, process and usage is very close to debootstrap of Debian:

# directory-bootstrap fedora --release 25 /var/lib/fedora_25_chroot

Done. Now let’s prove we have actual Fedora 25 in there. For lsb_release we need package redhat-lsb here, but the chroot was is functional before that already.

# pychroot /var/lib/fedora_25_chroot dnf -y install redhat-lsb
# pychroot /var/lib/fedora_25_chroot lsb_release -a
LSB Version:    :core-4.1-amd64:core-4.1-noarch:[..]:printing-4.1-noarch
Distributor ID: Fedora
Description:    Fedora release 25 (Twenty Five)
Release:        25
Codename:       TwentyFive

Note the use of pychroot which does bind mounts of /dev and friends out of the box, mainly.

directory-bootstrap is part of image-bootstrap and, besides Fedora, also supports creation of chroots for Arch Linux and Gentoo.

See you 🙂

Fwd: Security (or lack of) at Number26 2017-01-09 No Comments


I would like to share a talk that I attended at 33c3. It’s about a company with a banking license and accounts with actual money. Some people downplay these issues as “yeah, but the issues were fixed” and “every major bank probably has something like this”. I would like to reply:

  • With a bit of time and interest, any moderate hobby security researcher could have found what he found, including me.
  • The issues uncovered are not mere issues of a product, they are issues in processes and culture.

When I checked earlier, Number26 did not have open positions for security professionals. They do now:

Senior Security Engineer (f/m)

The video: Shut Up and Take My Money! (33c3)

Fwd: (German) Telefónica verkauft Bewegungsdaten seiner O2/E-Plus-Kunden (auch blau.de) No Comments

Telefónica verkauft jetzt Bewegungsdaten seiner O2/E-Plus-Kunden

Widersprechen auf: