Planet F-Droid

December 09, 2019

Fairphone

Your phone isn’t born in a store: Meet the makers

Your phone and its materials have been handled hundreds of times by hundreds of people. They’re more than an assembly line: meet the Makers. 

Unboxing a new phone is a great feeling. It’s shiny and fresh and all yours. It’s sealed, clean, and pristine. It’s not necessarily the most obvious moment to reflect on your phone’s journey from dusty mines and busy factories to your hand. But here at Fairphone, that’s exactly what this moment means: your phone is the culmination of a massive team effort, spanning the globe and crossing cultures. That brief, pleasing moment of unboxing is the final baton pass in a long relay line of individuals working together to create something. 

Helping people to understand and appreciate the human connection within our technology is what Fairphone is all about. We want the world to see what happens behind the screens. We want to take you on a journey into our supply chain and introduce you to Fairphone’s secret spark: the Makers. 

There are people who made your phone. When you buy a Fairphone, you can look them in the eye.


We’ve got exciting news about how every Fairphone purchase directly helps these workers to earn a living wage, improve conditions in their factory, and how we’re rewarding progress in worker satisfaction. We’ll also be sharing more behind-the-scenes footage from your Fairphone’s infancy.

Subscribe to our Community Newsletter so you don’t miss it.

The post Your phone isn’t born in a store: Meet the makers appeared first on Fairphone.

by Jan at December 09, 2019 12:39

December 05, 2019

Pine 64

December Update: Thank You For 2019!

Welcome to the last community update of the year. I think that 2019 will be remembered as the year PINE64 transitioned from being a relatively niche FOSS hardware project to a mainstream one. This transition is an exciting prospect for all of us involved with PINE64, and we cannot wait to see how the project develops over the next 12 months. Let me take this opportunity to thank those of you whom...

Source

by Lukasz Erecinski at December 05, 2019 21:46

Purism

Librem 5 on the Free Software Foundation’s Ethical Tech Gift Giving Guide

The Free Software Foundation (FSF), like Purism believe in promoting worldwide user freedoms. The FSF have been championing people’s software freedom rights for 34 years and have created the guidelines and compliance that most of the free software world relies on. This is why we are so proud that our operating system, PureOS, has previously been certified by the FSF and now, our Librem 5 smartphone, has been added to their Ethical Tech Gift Giving guide. The FSF had this to say about why the Librem 5 is on their guide:

Although it won’t be released until Q2 2020, this phone is one to keep an eye on. We’re giving it a tentative recommendation because the company has publicly committed to doing the right things for prioritizing user freedom and privacy, and because we have evaluated and endorsed the operating system it will run.

The Ethical Tech Gift Giving guide is a list of gifts approved by the FSF for our loved ones this festive season. It prioritizes devices that respect the freedoms of our friends and families over the latest gadget from Facebook, Amazon, Apple, Google, and countless other companies because “freedom is the gift that keeps on giving”. Big Tech require our complete trust in their proprietary exploitative systems, whether using a free email account, buying a heavily subsidized phone or tablet and even using a search engine. We pay for them by giving up the freedom over our lives and give them control to exploit us and our loved ones to increase shareholder value.

The Librem 5, and all of Purism’s products and services, put people’s freedoms first. It is not an easy task, because Big Tech has tight control on so much of our world, but we are growing to create a better future. In some areas we are advancing on low-level freedoms and with the Librem 5 we are boldly marching forward to challenge a multi-trillion-dollar duopoly.

When you pre-order a Librem 5 today what you get is the peace of mind that you or your loved ones won’t be exploited or manipulated for profit and power. Putting your trust in us does not require you to give up any freedoms. In fact, your trust can be verified because the software and hardware of the Librem 5 are open and auditable. We don’t subsidize the cost of our hardware by selling your data or locking you in, you aren’t paying part of the cost with your privacy and your freedom.

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the-people stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

The post Librem 5 on the Free Software Foundation’s Ethical Tech Gift Giving Guide appeared first on Purism.

by Purism at December 05, 2019 21:10

Librem 5 USA

Announcing the Librem 5 USA–the same freedom, security, and privacy-respecting phone, now with Made in USA electronic fabrication

We continue to enjoy seeing the reactions from customers who have received their Librem 5 units from the Birch batch. Now that Birch is out and we continue to make progress on the Librem 5 (with more updates to come!), we are excited to be able to reveal another important project we have been working on for many months. Purism now offers an important Librem 5 option for our customers that have particular concerns around security and the supply chain.

We are committed to constantly improving the security of our products. One concern we hear repeatedly from our customers is over attacks in the hardware and software supply chain. We have written about the importance of protecting the digital supply chain before, and as we grow we continue to find new opportunities to further strengthen the security of our own supply chain, including most recently by offering the PureBoot Bundle–tamper-evident firmware straight from our facility.

While we continue to improve the security of our Librem laptops, we also recognize that one of the most important computers many people own is their smart phone. This is the device you carry with you everywhere you go and likely has some of your most sensitive and personal data–it’s the device most at risk from a security and privacy standpoint. If there’s any device that should have as secure of a supply chain as possible, it’s a phone. Our experience in making our Librem 5 devkits in the USA and most recently moving Librem Key production to the same US facility has led to today, where we are excited to announce a new USA-produced version of the Librem 5 phone!

“Having a secure auditable US based supply chain including parts procurement, fabrication, testing, assembly, and fulfillment all from within the same facility is the best possible security story.” — Todd Weaver

The Librem 5 USA is similar to our existing Librem 5 on the outside and has the same form factor and specs, but on the inside the PCBA (Printed Circuit Board Assembly) will be fabricated in the same US facility that made our Librem 5 devkits and Librem Key. By moving the supply chain into the same facility complex as our assembly and fulfillment center, we can directly oversee each stage of the production. The Librem 5 USA exists alongside our regular Librem 5 as a premium product for customers who are concerned about the hardware supply chain and want to support us as we expand our own US operations.

Librem 5 PCBLibrem 5 PCBA

Since the Librem 5 USA is being made in parallel with the regular Librem 5, we are able to offer this version quickly with shipping starting in Q3 2020 (meaning about a 6 to 9 month lead time from order placement to order delivery). Existing Librem 5 orders can also upgrade to the Librem 5 USA without losing your place in line by using their order number as a coupon code. Pre-order now so you can reserve your place in line! For more information about the Librem 5 USA, check out our product page.

 

The post Librem 5 USA appeared first on Purism.

by Kyle Rankin at December 05, 2019 15:40

December 04, 2019

OsmAnd

OsmAnd 3.10 (iOS)

OsmAnd 3.10 (iOS)

December 04, 2019

We are pleased to announce that the iOS version of OsmAnd has become even more convenient!

Great thanks to all iOS users for choosing OsmAnd for your adventures! You can read further what's new in Osmand 3.10 or update your application here and try out all the changes yourself.

• New Redesigned Navigation preparation screen

We improved the Navigation preparation screen. Now you can add "Home", "Work" point of destination. The short way to Options menu.

When your trip is ready, you can see the altitude/slope graph, which you can scale for all your trip.

• Added support for Online SQL maps

We added more maps to "Online maps" (General menu-> Map-> Map type-> online maps). These maps are available for Overlay/Underlay, too.

The next you can add your Online SQL maps for Overlay/Underlay. Click to file with SQL-format and "Copy to OsmAnd Maps". Now you can choose it in Overlay/Underlay menu.

You can switch on "Seekbar" on screen for showing transparency of your Overlay/Underlay on the map.

• Combine all options to control Contour lines on the map in one new screen

You can control settings of Contour lines in the new screen. Go to General menu-> Map-> Map style-> Contour lines.

We added more color schemes for Contour lines.

• Added two more Quick Actions to quickly turn on/off Contour lines and Hillshades

In this release we added new actions for Quick action: Show/Hide for Contour lines and Hillshades.

• Updated basemap

Now the World overview map has a more detailed road network and is smaller in size.

• Fixed issue with ruler numbers disappear

As you know, there is the tool named "Radius ruler" in OsmAnd (General menu-> Configure screen-> Right Panel-> Radiuis ruler). There was a bug with a number of circles for Radius ruler tool. Now you can see all circles without this mistake.

• Completely deleted Firebase analytics

Since we follow our Privacy Policy - in this release, we have removed the Firebase analytics. Now neither of our applications collect any private information of our users.

• Fixed Open in OsmAnd bug in iOS 13

• Fixed Mapillary performance

• Fixed few UI bugs

And remember that only together we can achieve the best results!

New features are coming SOON!

____________________________

OsmAnd at Facebook, Twitter, and Reddit!

Join us at our groups of Telegram (EN), (IT), (FR), (DE), (RU), (UA).

Get it on App Store

December 04, 2019 20:10

Purism

coreboot 4.11: Leaving No Librem Behind

One of Purism’s core beliefs is to ensure that to the best of our ability, all new features, fixes, and improvements will be applied to all products, past and present. With that in mind, we’re excited to share with you the many improvements to our coreboot-based firmware over the past few months:

  • Updated to latest coreboot release (4.11)
  • Removed the VGA BIOS (VBIOS) blob from all firmware images
  • Eliminated display flicker from video mode changes at boot
  • Updated the CPU microcode to help mitigate speculative execution type vulnerabilities

We’ve also been busy improving our tamper-evident PureBoot firmware:

  • Fixed issue with Qubes VMs failing to run at startup
  • Fixed issue booting distros using a bootloader spec (BLS) format grub configuration (ie, Fedora 30/31 and derivatives)
  • Fixed graphical corruption/flicker when booting an OS (may still happen occasionally on the Librem 15v4)
  • Added automatic detection of boot device
  • Added a Factory Reset option to automatically reset and configure the TPM, Librem Key, and boot device
  • Improved error handling and status messages

coreboot 4.11 Update

coreboot 4.11 was mostly a clean-up release, but since we skipped over 4.10 (due to some regressions affecting Skylake/Kabylake platforms) this release effectively includes over a year’s progress on the coreboot codebase. Rather than enumerate all the changes, we’ll just link to the release notes:

coreboot 4.11 release notes
coreboot 4.10 release notes

VGA BIOS Removal

One of the biggest additions to coreboot as part of the 4.11 release was the addition of coreboot native graphics init (libgfxinit – a Spark-based ancillary project to coreboot) support for the Broadwell, Skylake, and Kabylake platforms. This allowed us to give the VBIOS the old heave-ho, and replace it with clean, auditable, safe code. Ditching this legacy blob also helped us with the next improvement…

Display Flicker Elimination

One of the biggest issues with the use of the VBIOS to initialize the display was we had no control over what it did. It would init the display in VGA text mode (640×400), switch to a VESA-compatible mode (1280×1024) to show the boot splash, switch back to VGA text mode before booting, and finally switch to the panel native resolution when the OS driver loads. Now, we use a single resolution up until the OS driver loads, and have ensured that the boot splash is the first thing displayed.

CPU Microcode Updates

Shortly after the first speculative execution vulnerabilities were discovered back in early 2018, Intel released microcode updates to help mitigate them, and has continued to do so in the time since. While microcode updates can also be loaded by the OS, the user is best protected when they are done by the system firmware, and applied in conjunction with mitigations at the OS level. To that end, Purism aims to release firmware updates quickly whenever new CPU microcodes are released. Our current 4.11-Purism-1 release (and PureBoot beta-11 release) include the latest microcode for each platform.

Qubes VM Autostart

A problem that had plagued all PureBoot betas to date, this issue was caused by HEADS not correctly passing some command-line arguments to the Xen hypervisor. Qubes 4.1 should now be fully functional on Librem devices running PureBoot, same as those running our standard coreboot/SeaBIOS firmware.

Bootloader Spec Distros

With the release of Fedora 30, a new dynamic format grub.cfg was introduced, which stores boot menu entries in individual files using bootloader spec (BLS) format. Patches were added to the upstream HEADS project to parse these files and allow booting of distros using them.

Display Corruption Elimination

Another long-standing issue had been the corruption of the display (often seen as a brief rainbow flicker) when booting an OS from PureBoot. This was caused by a misconfiguration of IOMMU for the HEADS Linux payload and has now been fixed.

Automatic Boot Device Detection

Until now, HEADS/PureBoot assumed a static default boot device, and if the user’s config differed, required non-trivial intervention to select and save the boot device, update the firmware, reboot, and then re-sign all files in the /boot partition. Now PureBoot will automatically detect the correct /boot device at startup (the user can still change/override if needed). Although a relatively small change, it has a big improvement in user experience, and is one of the many such improvements Purism has contributed to the HEADS project.

Factory Reset Function

On the flip side, the Factory/OEM Reset Function is one of the larger changes Purism has contributed. While the impetus for the change was to streamline setup at the factory, this can be used anytime a clean start is desired and essentially makes the configuration of PureBoot (and HEADS) a 1-click operation. It will reset the TPM, reset your Librem key, generate new GPG keys (and back up to USB), load them into the firmware, configure the boot device, and sign all files in /boot.

Improved Error Handling

We’re continually working to make the PureBoot user experience simpler, easier, and more friendly. One of the ways we do that is to provide error messages, dialogs, etc which give the user a clear understanding of what happened, why it happened, and what action they need to take. The past few PureBoot betas have made significant strides on that front.

On the Horizon

While there aren’t any specific feature of which to speak, we certainly have no intention of slowing down. For instance, PureBoot is currently undergoing an internal UX review and once we have smoothed out some more rough edges in the UI we hope to be announcing the 1.0 release of PureBoot. A big thanks to all our current beta testers who have provided their feedback and ideas.

The post coreboot 4.11: Leaving No Librem Behind appeared first on Purism.

by MrChromebox at December 04, 2019 17:06

Purism Closes $2.5m Note Series

Purism closes a $2.5m note series, all from inbound investment inquiries.

Purism as a Social Purpose Company (SPC) ensures the rights of humanity by creating products that fully respect people, and that mission has garnered a lot of attention and growth. One of the reasons Purism registered as an SPC was so that we could accept inbound investment without the risk that a toxic investor could force us to violate our values for profit (a common problem in C corporations). As a social purpose company Purism enshrines in its articles of incorporation that we must do what is good for society, therefore avoiding any and all toxic funding by virtue of the strictness of those articles.

Funding growth—in addition to the triple-digit (yes that is over doubling) shipped revenue growth year-over-year since 2014 that Purism has been fortunate to see—can come in many forms, be that inventory financing, lines of credit, investment, and equity financing, to name a few.

“Growth financing through convertible notes is an easy way secure the future of our vision, without compromising our beliefs. Having it come from inbound customers who love what we do is the best possible story.” — Todd Weaver

Convertible notes have a cap and ours has been reached–even if you have more investors who would oversubscribe the note. Like a show that sells out, you can either turn fans away or open a second night. While our growth has nearly entirely come from revenue, we continue to get inbound inquiries from people who believe in what we are doing and who would like to support us with investment. With this convertible note coming to a close yet still having investors who would like to participate, it opens the door to a second note series, so we can continue to invest in larger growth in US operations, and a future that we all can be proud to live in.

The post Purism Closes $2.5m Note Series appeared first on Purism.

by Purism at December 04, 2019 16:56

December 03, 2019

/e/ foundation

Tell us about your experience with your e.email account

Help up improve our service!

 

Thanks for creating an e.email account, we are thrilled to have you as a member of the /e/ family!

While we have you, we would be grateful if you could tell us about your experience with your e.email account: what you like, what you don’t and what you’d like to see improved

We have created a small survey available in several languages to capture your valuable input.
The survey is completely anonymous. We won’t share any data with third parties.

by Alexis Noetinger at December 03, 2019 15:42

December 02, 2019

Purism

A Different Kind of Transparency

When we announced the Librem 5 crowdfunding campaign we promised we would publish the Librem 5 hardware schematics when we ship. That promise is also rooted in our articles of incorporation to release schematics of any hardware we author. We’ve shipped the first Librem 5 phones from the Birch batch to backers and photos, videos and positive early impressions are being shared.

Librem 5 Birch Hardware Schematics

We are excited to share the hardware schematics for the Librem 5 Birch batch with you today.



You may be wondering why anyone would share their hardware schematics with the world? After all making a ground breaking open and freedom respecting phone is expensive and takes a long time. We are doing it because we believe in the freedom to choose hardware and software that treats you like a person and not a commodity to be exploited for profit.

We believe that you should have full ownership of your hardware, you shouldn’t have to essentially rent it from a company to be safe. While privacy and security are popular marketing terms these days, when many companies use those words they expect your complete and blind trust and reliance. While we believe you should trust us, we don’t require you to put blind trust in us. By publishing our schematics we give you the ability to verify that trust on your own (or with the help of someone else).

We’ve previously released hardware schematics for the Librem 5 devkits and now the Librem 5 Birch batch and will continue to share up-to-date specifications for future products and iterations. Why is this important for you even if you have no interest in looking at the specifications? Open hardware schematics allow anyone to audit, verify and contribute to more freedom respecting products. You shouldn’t have to blindly trust that any corporation has your best interests in mind.

X-Ray Images

In addition to us publishing our hardware schematics we are also sharing X-Ray scans of the components to empower anyone with access to the tools to be able compare their hardware to the reference and ensure no nefarious components have been added. By being completely transparent, we are showing you can trust us rather than just telling you. We are also giving you the tools to verify that trust.

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the people—stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

The post A Different Kind of Transparency appeared first on Purism.

by Sean Packham at December 02, 2019 19:27

Guardian Project

Trusted Update Channels vs. Scratching Your Itch

One of the great things about free software is that people can easily take a functional program or library and customize it as they see fit. Anyone can come along, submit bug fixes or improvements, and they can be easily shared across many people, projects, and organizations. With distribution systems like Python’s pypi, there is an update channel that the trusted maintainers can publish fixes so consumers of the library can easily get updates. When talking about update channels and code, it is unavoidable to also talk about people and trust. One key piece is the trust relationship between the consumer and the maintainer. The ideal software distribution system would be a blind, trustworthy pipe between the software maintainers and each end user.

Since we are talking about libraries of code, the natural relationship turns out to be different than the trust relationship: it is between the consumer and the library itself, not the maintainers. I use Requests for handling HTTP, not @nateprewitt’s fork. My setup.py includes a reference to 'requests', not to the maintainers who I trust to keep the library updated.

There have been cases were libraries were taken over and used to distribute malware. Or another case where someone offered to take over a popular library, then inserted malware into it. If it is really easy for maintainers to hand over a library to someone else, then that will be abused. If they are too hard to hand over, then many valuable libraries will be abandoned or forked. Having to check for forks is an added cost for library consumers, so ideally there would always be a trusted maintainer.

For large projects like Requests or distros like Debian, there is a process for ensuring that new maintainers are doing the right thing. There are also many small libraries that are very valuable. For example, apache_log_parser or pymtp. In these cases, the cost of doing a proper process of handing over to a new maintainer is quite large as compared to the overall effort the library author put into the library. Or it might be a single maintainer who is now overburdened with other work.

In F-Droid, reviewing app merge requests, aka fdroiddata, is also about reviewing whether the trust relationship is changing. This is on top of making sure the new code works, ensuring its still free software, and that all of the Anti-Features are properly marked. Getting this review right is important especially when you consider that in F-Droid, many apps are automatically updated without core contributors reviewing it.

All developers must consider these trust issues at a number of key points in the process of developing software, including:

  • when adding a library to any piece of software
  • helping a new maintainer take over existing software
  • reviewing changes to the URL of the source code reposistory

There are also some ideas about how to better map who we need to trust to the process of including software. One interesting example is cargo-crev for the Rust ecosystem. It provides a system of describing and cryptographically linking trusted developers and their reviews of software packages.

December 02, 2019 00:00

This Week in F-Droid

Trusted Update Channels vs. Scratching Your Itch

One of the great things about free software is that people can easily take a functional program or library and customize it as they see fit. Anyone can come along, submit bug fixes or improvements, and they can be easily shared across many people, projects, and organizations. With distribution systems like Python’s pypi, there is an update channel that the trusted maintainers can publish fixes so consumers of the library can easily get updates. When talking about update channels and code, it is unavoidable to also talk about people and trust. One key piece is the trust relationship between the consumer and the maintainer. The ideal software distribution system would be a blind, trustworthy pipe between the software maintainers and each end user.

Since we are talking about libraries of code, the natural relationship turns out to be different than the trust relationship: it is between the consumer and the library itself, not the maintainers. I use Requests for handling HTTP, not @nateprewitt’s fork. My setup.py includes a reference to 'requests', not to the maintainers who I trust to keep the library updated.

There have been cases were libraries were taken over and used to distribute malware. Or another case where someone offered to take over a popular library, then inserted malware into it. If it is really easy for maintainers to hand over a library to someone else, then that will be abused. If they are too hard to hand over, then many valuable libraries will be abandoned or forked. Having to check for forks is an added cost for library consumers, so ideally there would always be a trusted maintainer.

For large projects like Requests or distros like Debian, there is a process for ensuring that new maintainers are doing the right thing. There are also many small libraries that are very valuable. For example, apache_log_parser or pymtp. In these cases, the cost of doing a proper process of handing over to a new maintainer is quite large as compared to the overall effort the library author put into the library. Or it might be a single maintainer who is now overburdened with other work.

In F-Droid, reviewing app merge requests, aka fdroiddata, is also about reviewing whether the trust relationship is changing. This is on top of making sure the new code works, ensuring its still free software, and that all of the Anti-Features are properly marked. Getting this review right is important especially when you consider that in F-Droid, many apps are automatically updated without core contributors reviewing it.

All developers must consider these trust issues at a number of key points in the process of developing software, including:

  • when adding a library to any piece of software
  • helping a new maintainer take over existing software
  • reviewing changes to the URL of the source code reposistory

There are also some ideas about how to better map who we need to trust to the process of including software. One interesting example is cargo-crev for the Rust ecosystem. It provides a system of describing and cryptographically linking trusted developers and their reviews of software packages.

by eighthave at December 02, 2019 00:00

November 29, 2019

Purism

Black Friday & Cyber Monday 2019 Laptop Specials

Get 10% off Librem Laptops

It’s Black Friday! Get 10% off the base Librem 13 v4 and Librem 15 v4 laptops. If you’re looking for added security choose a Pureboot bundle or our anti-interdiction services from the firmware drop-down on the configuration page. Shipping is on us too! We offer free international shipping to pretty much anywhere in the world.

What makes our Librem laptops so special? These are my favorite things:

Get 10% off a Librem Laptop

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the people—stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

The post Black Friday & Cyber Monday 2019 Laptop Specials appeared first on Purism.

by Sean Packham at November 29, 2019 21:44

November 27, 2019

/e/ foundation

/e/ smartphones are back in stock

/e/ SMARTPHONES ARE BACK IN STOCK!

/e/ smartphones are back in stock so don’t wait!
We have a broad selection of models and colours available, from the /e/ Galaxy S7 with its compact form factor, to the /e/ Galaxy S9+ with its gorgeous display and a dual camera to shoot amazing pictures.
Join hundreds of others and choose your unGoogled Android smartphone today

 

All our smartphones come with a one year warranty and a 14 day return policy!

What will you get if your order today?

A premium grade Smartphone. Your future smartphone has been checked and reconditioned to be fully working at our partners facilities. We only select smartphones ‘Good-as-New’ so no surprises.

unGoogled Android. /e/OS is at the core of our privacy by design ecosystem. We don’t scan your data on your phone or in your cloud, we don’t track your location hundred times a day, we don’t collect what you’re doing with your apps.

One account for your privacy. a free account with your email address that ends in @e.email, 5GB of free and private storage, and convenient back up and access for your mails, calendar, contacts, documents, tasks and notes

Apps to get things done Our app directory will give you access to more than 60,000 free apps directly from the OS. You can check if each application respects your personal data with our privacy score that analyses the apps for you and gives them a score from 0 to 10.

One final thing before you place your order

We currently do not support paid apps or integrated purchases. We are continually adding new apps to our library to give the best experience but some apps might not be yet available in our directory. In the event that an app is not yet listed, we will offer you alternatives to access it and install it on your smartphone.

Still ready for it? Click below and you’ll be set within minutes

by Alexis Noetinger at November 27, 2019 18:00

Purism

Breaking Ground

We are often asked, why does the Librem 5 cost that much? Well, there are several reasons and I will try to explain the most important ones.

First of all, the design of the Librem 5 is unique in many ways. Most importantly the hardware is designed from the ground up by us and for us. The Librem 5 is a complete custom design, not based on any reference design, specifically designed with all the goals we all want to achieve – open, safe, secure, respecting your privacy and digital rights. This rules out existing mobile phone reference designs, like from MTK, Qualcomm and the others. When we first approached hardware manufacturers almost two years ago with this project most of them instantly said “No, sorry, impossible, we can not help you.”. Others warned us, that it could never work, that it was too complicated, “the industry does not do that” and so forth.

And yet here we are, later than we wanted, but we are actually shipping first hardware! It is possible but it comes at a price.

From-scratch Hardware Design

What made and makes the hardware design expensive are several things. First of all the lack of reference design. Most other phones (especially Android phones) are based more or less on reference designs of the chipset, (i.e. from the CPU manufacturers). If you go with a, say, MTK-based design, then the hardware design is more like going shopping. You pick some peripheral hardware choices like display, cameras, storage and very few other things. Your differentiator compared to other MTK-based phones are these choices and the customization of the Android system–as far as you can customize it at all. The nice part is that you get pretty much everything from the chipset maker. The SDK (Software Development Kit) or BSP (Board Support Package) comes with all the drivers ready to go, but beware, many of them are binary-only mystery code.

We did not have this luxury. We had to design the hardware from scratch and we also have to develop many drivers ourselves–everything that is not yet available as free software in upstream mainline Linux kernels. This also includes a lot of low level work we had to do for the support of the i.MX8M Quad CPU we chose. The i.MX8M was, at the time when we made this choice, still pretty young and mainlining its support in the Linux kernel had just begun. Some critical drivers were just barely starting to work, like the GPU support. Other mission critical things like power management, clock scaling (for the CPU, GPU and RAM) are just now starting to hit mainline and still need a lot of work. Peripherals like charge controller, accelerometer, gyroscope and magnetometer were only partially implemented. We had to work around bugs in the display controller of the i.MX8M to support the LCD and so on and so on.

Separated Chipsets

Current smartphone chipsets also make hardware design a lot easier since most of the critical components of a smartphone are already integrated into the main CPU, onto the single silicon die. This has lots of advantages but also a ton of problems concerning security and privacy. These integrated peripherals are sitting on the same silicon, tied tightly to the CPU. Complex parts like the cellular modem or the WiFi can access the very same RAM that is used at runtime to store your most private data, but at the same time they are controlled by binary-only firmware that no one except the manufacturer of that chip has access to. You have to trust that this firmware does not contain any malicious code to eavesdrop or spy on you. Trust in closed non-auditable complex computer systems is something everyone has learned the hard way we should not have. The news is full each day of zero day bugs and exploits throughout the stack–from applications to operating systems and even down to the very silicon the whole stuff runs on.

So we chose to separate the most critical parts from the CPU. The WiFi, Bluetooth and cellular modems are sitting on separate M.2 cards, separated from the CPU by defined interfaces (SDIO and USB) and–a Purism signature feature–can be physically switched off by hardware kill switches. All of that makes the hardware design even more complicated, more parts, more components, more interfaces. But we are convinced this is the only way to be as safe as possible.

Groundbreaking Work

This low level Linux kernel work and the hardware design work do not come for free. We started to research and develop this for the development kit in early 2017, the development kit started shipping in December 2018. We learned a lot from doing the dev kit and this experience is now going into the hardware design of the Librem 5 phone.

We were the first to announce, develop and deliver a Linux based mobile device development platform. Funny fact, a few months after we made the dev kit public others announced development boards following the very same principles (separating CPU and baseband/radios), using very similar hardware design ideas (like the 18650 battery holder) and some more details–even our hardware kill switches found new friends 🙂 We don’t mind this! We made this available, for free, to share, to study, to modify and to use for whatever others see fit. We made it available for the greater public good, to foster ethical products that protect digital rights and don’t exploit.

I am convinced we laid out a path and have been breaking ground, not only for the Librem 5 but also for other projects and products.

But this of course is expensive. The hardware with its separated peripherals costs a lot more just in parts alone than a comparable smartphone. The hardware design effort took many person months of hard work, a lot more than an off-the-shelf smartphone design would have cost.

The Software

And then there is the software. I already talked about all the Linux kernel work we had to invest in, to support peripherals, to tune things and also in parts to–frankly speaking–do NXP’s job in developing free software support for their CPU. Especially in the beginning (early 2018 and into 2019), it was pretty tough, but I also have to point out that NXP has heard us and many others and has significantly ramped up their Linux mainlining efforts – thanks!

But it is not only the kernel and drivers that we had and have to invest in. We also chose not to use a platform like Android, we chose to base on a system and platform that is maintained by a huge open source community, that is openly governed and to which anyone can contribute. We chose to use the same operating system base as we use on the Purism Librem laptops (PureOS), which is a Debian derivative. For applications and the graphical user interface we chose the same pattern: open governance, free software and active community and thus based on the same environment we use on our Librem laptops – GNOME.

In the beginning people called us crazy for that choice. It would be too much effort, there are alternatives (Plasma Mobile, Ubuntu Touch etc.) and that we would never make it with GNOME. Well, here we are, we are shipping with GNOME / GTK+ and we achieved exactly what we wanted: convergence between the desktop / laptop and the phone. Applications written for or modified with some care and not too much effort can now seamlessly run on the desktop and on smaller screens like the phone. This is simply amazing! And all of that with the same tools, the same programming environment and the same libraries and packages as on the desktop–truely write once and run everywhere (maybe having to recompile 🙂 ).

This convergence is a very unique feature now coming to PureOS. Quite a few have tried before us but did not get it this far. We created one of the first truly convergent environments: the same operating system base (Debian, deb packages), the same tools and SDK and the (pretty much) same applications for the desktop and the phone.

Again we are breaking ground, paving the way for many more to follow. All of our code is public, all our changes to upstream projects go upstream as soon as possible. The GNOME project has for a long time been thinking about mobile applications but never came around. Purism is making this a reality now, together with the GNOME community.

Only the Beginning

This development comes at a high price. We have a team of about 15 developers full time working on this for almost two years. You can easily figure how much money we already put into this, and we are not done yet. The release of the Librem 5 is only the beginning. We are committed to continue to develop the software and the hardware, this is not a single-shot project, this is breaking ground and making use of it afterwards.

With the release of the Librem 5 the story has just begun.

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the people—stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

The post Breaking Ground appeared first on Purism.

by Nicole Faerber at November 27, 2019 17:39

Librem 5 Birch Shipping Announcement

We are delighted to share that early yesterday we shipped the first Librem 5 Birch devices to backers. US backers should start receiving their devices throughout the day and international backers can expect theirs within a few days. The Librem 5 is just one part of our mission to give the world ethical alternatives to Big Tech products and services that respect your privacy and security. From myself and the rest of the Purism team we would like to thank you for your support and your belief in us, by doing so you’ve made it your mission too.

Librem 5 Birch

Birch Hardware Improvements

We made a number of hardware improvements from the Librem 5 Aspen to the Librem 5 Birch batch. We have a much improved antennae design, shield protectors across all components on the PCBA, rubber bumpers to help tighten up the fit of component placement, strong clips to secure the WiFi and Cellular cards, shorter cables to clean-up the cable routing, tighter overall tolerance, improved thermal dissipation into the case. To say that we are proud of what the team was able to accomplish in the short time since our last batch does not do them enough justice.

Librem 5 Birch Back

Ongoing Software Improvements

The largest area new Librem 5 owners will see is the rapid pace of software and kernel development to greatly improve thermal management and power consumption. It is an area with a lot of opportunities to make significant development; mainline Linux and power optimizations on the Librem 5 are green-field opportunities to see giant leaps forward now that we have the hardware in the field. An analogy which may help those who don’t follow the depths of hardware and software innovation, the Librem 5 hardware is sprinting around a track (when it should sit idle until you need it to sprint for a millisecond), so utilizes a lot of power; power equals heat, so you will see a lot of great “better ways to do nothing” while we ask the CPU, RAM, Radios, to all idle to save power and in turn save heat.

If you speak to long term Purism customers they will tell you that we are always constantly improving our products. What we ship today will be better tomorrow and the day after that through software upgrades.

When we created the first crowdfunding campaigns for our Librem 15 and Librem 13 laptops, we announced we would replace the existing proprietary firmware with coreboot and disable the Intel Management Engine. At the time some people criticized us not only to say that we couldn’t do it, but that we didn’t even intend on doing it.

It took time and a lot of effort but we followed through with our promise and now we maintain updated coreboot images going back to the earliest public releases of product and PureBoot images going back to the Librem 13v2 and Librem 15v3–all of which disable and neutralize the Intel Management Engine. You can find out more on our coreboot page.

This is why we’ve pledged to offer life time software updates for the Librem 5. We want you to be using your Librem 5 for years to come and this is also echoed in the hardware design with a modular and easy to replace components.

Another humorous example of delivering and updating is when we were deciding to ship our Librem 5 devkit (to developers) in 2018 we confirmed that the screen hardware worked, but the kernel and graphics stack needed more development by our team; rather than wait we told backers that they will get the hardware, then do a future software update to get a working screen (it was a devkit afterall 🙂 ). We subsequently released the software to bring the screen up, and have continued to make improvements rapidly.

Turns out while testing we confirmed the Librem 5 Birch devices have two software issues (outside our larger roadmap of enhancements): a delayed power-up process and a call audio routing bug. What does that mean for Birch backers receiving their phone now? To turn on your Librem 5 disconnect it from a power source and hold down the power button until it turns on. Currently calling is established (e.g. both sides connect fine) but audio is not routed (no voice heard or sent), this will be a few days until the bug is fixed. We will notify Birch backers as soon as an update is ready. To check for updates for your Librem 5 open the Software app and go to “Updates” tab.

Lastly we are constantly making improvements to thermals and power consumption. With the current software image Birch devices will throttle and run through the battery quickly but we decided that we still wanted to get them into the hands of backers so that they can be part of the journey and experience the weekly progress our team ships to you. Over the coming weeks and months we will add software support for more hardware such as camera, video out etc.

Thank You

All of us at Purism can’t wait to hear what the community thinks of the progress we’ve made. We know there are some rough edges and that it currently isn’t an Android or iOS replacement (although it is for me). Two years ago we took on the mission of building a phone on a CPU never put in a mobile device, running PureOS, and writing the mobile bits of the OS, to give people the choice of a truly freedom and privacy respecting phone. Today we are one step closer to realizing that goal. Thank you to everyone who believed in us and stuck with us during the challenges. Here’s to many more shipping announcements and Librem 5 software updates.

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the people—stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

The post Librem 5 Birch Shipping Announcement appeared first on Purism.

by Todd Weaver at November 27, 2019 16:23

November 25, 2019

Purism

Purism’s contributions to Linux 5.4

Following up on our report for our contributions to Linux 5.3, here’s a list of Purism’s contributions to the Linux kernel for the 5.4 cycle. We contributed 20 patches including improving the devkit’s IMU and panel drivers, made more preparation for a mainline display stack and submitted the first fixes for bugs that cropped up during the Librem 5 Aspen board bringup:

Librem 5 Charge Controller

The Librem 5 and the devkit share very similar charge controllers and while the driver itself was there we added support for the particular chip revision:

Librem 5 IMU sensor

We’ve developed support for the ST LSM9DS1 IMU sensor device. We haven’t mentioned that before because it was merged late (for rc8) for Linux 5.3. During this development we fixed a bug that prevented various sensor devices from working correctly in userspace (hope that this will be useful to others too) and cleaned up some things:

Librem 5 Display Stack

The tps65132 is part of the regulators driving the LCD on the Librem 5 and there was a bug when using the driver as wired up in the phone:

While (as of this writing) the DSI host controller driver is not yet merged (we hope to merge it for 5.5 or 5.6) some of its surrounding components got into place. We wired up the iomuxc (that allows to toggle between the DCSS and LCDIF display controllers) in the imx8MQ’s device tree and fixed a surrounding naming issue:

Furthermore we added the MIPI D-PHY that was merged in the last iteration in the device tree:

There were lots of minor improvements that went into the Librem 5 Devkit’s panel driver like adding regulator support (for proper power on/off):

Drive-by patches

We also contributed two minor fixes that came about while debugging other issues:

Code review

This round we contributed 23 Reviewed-by: or Tested-by: tags to patches by other authors – which is more than ever before. One reason was code review within the iio subsystem to enable mainline support for the Devkit’s intertial measurement unit (IMU). Another driver was prompted by Lucas Stach’s submission of per process MMU support for the etnaviv DRM driver which is needed for proper texture support on the Librem 5’s GPU.

Due to our work on the Librem 5 board bringup there was a slightly lower number of upstream submissions so far for the 5.5 cycle so we might combine the 5.5 and 5.6 cycle updates, but who knows so stay tuned!

The post Purism’s contributions to Linux 5.4 appeared first on Purism.

by Guido Günther at November 25, 2019 11:20

November 20, 2019

FreeYourGadget

Donations via Liberapay re-opened

You can finally donate to Gadgetbridge again!

After more than a year we bit the bullet and re-enabled donations on liberapay by complying with what had to be done to make that work. We were already almost dried up and were unable to buy devices we wanted to support. To make Gadgetbridge even better please consider to donate!

by Andreas Shimokawa at November 20, 2019 23:00

Purism

Librem 5 Birch Shipping update — delay of just a few days.

We want to give everyone a super quick update on shipping of the current batch of Librem 5 smartphones.

There’s a delay. But, never fear, it’s only a delay of just a couple days.

We had hoped, and expected, that the resistor issue (mentioned in this post last week) wouldn’t delay shipping, but it turns out it has caused a few days’ delay.

We have just received official word that final parts for Birch are shipping to us as we speak — and we expect to have them on Tuesday, November 26 (next week). At which point we will be shipping phones out those receiving this batch of Librem 5’s next week.  (There is always a chance the final parts will be delivered early, but the tracking currently says November 26.)

Thank you again to all of you for your patience and support as we ship the world’s most privacy and Freedom respecting smartphone. We’re excited for many of you to be receiving yours in the next week.

The post Librem 5 Birch Shipping update — delay of just a few days. appeared first on Purism.

by Purism at November 20, 2019 22:04

November 19, 2019

Fairphone

Teaming up with Vodafone

With every phone we make and sell, with every industry partner that follows our example, with every customer who starts a conversation about what makes their phone fair, we take another step forward in our quest for a fairer electronics industry.

Our first challenge was to prove you can make an ethical phone and survive. Now we’re out to prove to the industry that it’s the best way to thrive. This is our 3rd generation phone. We’ve learned massively through experience, and that’s essential when you’re blazing a trail for which no map exists. We’ve strengthened and professionalized our organization. We’ve built a more stable and scalable company. We focused on further improvement of our product and supply chain, and we’ve worked on expanding our impact and sales. Now, we’ve teamed up with Vodafone. Having the belief and support of such a large operator helps us to bring sustainable electronics to the mainstream market. This truly is one of the strongest signals we can send to the industry.

We sat down with Leon Boshuizen, who worked on this partnership for the last 10 months, to get some insights into what this means for our mission, our company and Leon personally.

Hi Leon, can you give us the quick elevator pitch about this milestone?

The strategic partnership between Vodafone and Fairphone goes beyond Vodafone selling the Fairphone 3 in multiple countries. I especially look forward to our knowledge-sharing collaboration, in terms of sustainability, circular economy and industry requirements, among others. As one of the leading operators in the market, Vodafone gives us a bigger platform, the credibility and the scale we need to change the industry together.

What makes Vodafone a good fit for us?

Vodafone made a commitment to becoming a purpose lead company. Driven by senior management within the company, they are looking to halve their environmental impact by 2025. In our months working together on this partnership, it became apparent how serious Vodafone is about their sustainability commitments, so we’re happy to partner with them and contribute to these goals.

If you turn the question around, Fairphone is a good fit for them as well, since we are the recognized experts in sustainable smartphones – Because of the products we offer, but also based on our knowledge in value chain projects and rooted in our long-term efforts to change this industry.

 As Leon says: Seeing is believing.

So what does this mean for customers in Europe?

With Vodafone’s enormous reach, we’re really increasing our visibility. Now there are far more shops across multiple countries – the UK, Germany, Italy, Spain and Ireland by the end of 2019, to be exact – for anyone interested in the Fairphone 3 to see and test the device. I always say, that seeing is believing.

And what does it mean for Fairphone as a company?

We really stepped our game up, scaling up to work with one of the largest operators in the world. Which means, we matured into a professional organization, meeting the demands of these big operators. This is a great proof point for our mission to create a demand for ethical consumer electronics. Within the week after the Vodafone announcement, we’ve seen a boost in leads and requests from within the industry. So this partnership really is a powerful signal to other players in the industry.

What does it mean for you personally?

Having worked for Vodafone in the past, on a personal level, this partnership makes me really proud as well. It was a long term project and having people who believe in it on both sides really kept the momentum going. There was a lot of conversation and discussion for about 9 months and in the end, it really kicked into hyperspeed. This is more than just a business deal – it’s something that truly matters. Benefiting people and planet. Actually, in my 13 years in this industry, this partnership deal means the most to me.

Thanks for your time, Leon.

The post Teaming up with Vodafone appeared first on Fairphone.

by Jan at November 19, 2019 16:36

OsmAnd

OsmAnd 3.5

OsmAnd 3.5

November 19, 2019

After a long pause, we are happy to announce the new 3.5 OsmAnd release for Android devices. You already can update the application in Google Play and check the following long-awaited improvements in the new app version.

Updated application and profile Settings

We think that it is not very convenient to use default profiles for a very specific use-case. We give the opportunity our users to make your profile with all settings, icons and etc.

We modified general menu. Now you can choose and set any parameters for the navigation profile and switch on special plugins for each profile.

Now you can create your own navigation profiles based on default profiles but with your parameters. To do this you should choose in general menu Settings -> Manage application parametres. In the new window, please click "+Add".

We show an example of how to make your own profile. We choose Offroad type for driving a car when we use passes in forests, mountains, etc.

At first, it is necessary to choose a base profile. The most common is "Driving", but in this case, you can choose "Cycling", too. Next, we name of our profile - "Offroad" and select Navigation type. In this case, it is "Bicycle".

After that, we select icon and color for our Navigation profile. As you can see, we prepared many icons for your future choices.

We click the "SAVE" button to save our "Offroad" navigation profile.

After that, we go to the general menu, choose "Offroad" navigation profile. We set all of our own parameters for the screen, map, navigation, and general settings. Of course, here we can switch on the required plugins.

Now we have our "Offroad" navigation profile in the Navigation panel. We can turn on and off our profile in "Application profiles" menu.

In the next article in our blog, we will show you examples with navigation profiles. It will be Brouter and routing.xml for "Navigation type".

Export/Import navigation profiles

Now you can export or import navigation profiles. You should choose to Configure profile-> Actions (for export), for profile import you should select its file on the device and open it with OsmAnd.

New map download dialog

Now when you want a map for a certain area you can tap directly on the World map and OsmAnd suggests downloading a map for the chosen area.

Updated basemap

Now the World overview map has a more detailed road network and is smaller in size.

Ski routing

Now you can use ski routing. At first, you need to change Map style in Configure map menu to "Winter and ski". After that, you can use ski profile. We added height profile and route complexity to the route details.

Improve visible of Undeground objects

Now when you hide "Overground objects" (General menu-> Configure map-> Map rendering->Hide. You can see transparence overground roads, it is useful for the orientation of your underground objects.

Added colors scheme for Contour lines

Now you can see Contour lines on dark overlays.

Add new category for Driving style of bicycle

We added "Prefer unpaved roads" to Driving style for bicycle profile. Now you can choose unpaved roads for your trips.

What is more in this release?

- Night theme fixes

- Fixed few routing issues around the world

- Fixed flooded areas around the world

- Bugs fixed

_________________________________________________

OsmAnd at Facebook, Twitter, and Reddit!

Join us at our groups of Telegram (EN), (IT), (FR), (DE), (RU).

Get it on Google PlayGet it on AmazonGet it on App Store

November 19, 2019 16:00

Jolla

Sailfish X for Sony Xperia 10 now available

Today we are happy to announce the availability of Sailfish X for Sony Xperia 10. We also introduce a campaign giving all existing Sailfish customers a nice offer on the Sailfish X licence for Xperia 10, and for other devices.

As the latest additions to the Sailfish X product family, the Xperia 10 and Xperia 10 Plus have been reviewed as good value-for-money devices with eye-catching 6 and 6.5-inch 21:9 displays, and premium build quality. The devices are also the first Sailfish devices to come with user data encryption enabled by default. We think they’re great devices and we think you’ll love them too.

The Xperia 10 and Xperia 10 Plus can fully utilise all the latest features and updates in the recently announced Sailfish OS 3.2.0 Torronsuo release, including the latest hardware adaptation support updates, the enhanced security features, the latest Android App Support and more.

 

*Sailfish X offer for all Sailfish users

To celebrate the release of Sailfish X for the Sony Xperia 10 and Xperia 10 Plus, we have a special offer for all current Sailfish customers: you can now purchase a new Sailfish X licence for any supported Sailfish device for just 29.90€ for a limited time (normal price 49.90€). No matter which Sailfish based device you’ve been using, as long as you have purchased a licence or a Sailfish OS device, and activated your Jolla account, this is for you!

To be clear, this can be any Jolla branded phone / tablet, Intex Aquafish, Sony Xperia, Gemini PDA etc. The offer is valid only for a limited time period until December 31, 2019, so if you want to get a new Sailfish device, now is a good time for it!

To utilise the offer, just go to the Jolla Shop and log in with your Jolla account.

 

 

Sailfish X survey gave us valuable feedback

In order to better understand the wishes for the Sailfish X program, we conducted a survey during the summer of 2019. The response was phenomenal and many Sailfish X users gave us valuable feedback on satisfaction levels, availability, pricing, and other topics.

One of the questions was about wishes and willingness to switch to newer Sailfish X devices. Over 63% of respondents answered that they are interested in moving to a newer device with Sailfish X. This is one of the reasons why we’ve focused our efforts on introducing new devices and also why we are today announcing this special offer for current Sailfish customers.

We’ve also been exploring the possibility of switching to a subscription-based model for the Sailfish X program. From the survey we found out that the majority of respondents clearly do not support this idea, and hence we’ve decided not to continue on this path for now. Sailfish X is a community program at the end of the day, and we value the feedback a lot. Thanks to all survey participants!

 

About Android app support for Sony Xperia X

The Sony Xperia X device has been the pilot and the flagship for the Sailfish X program. It has now been two years since the first release of Sailfish X for Sony Xperia X and we’ve released many software updates supporting it up until now, and with more to come in the future.

Support for new device options is a constant request from Sailfish X program users. Adding new devices to the Sailfish X portfolio comes with a cumulative maintenance cost. This has resulted in a decision that we won’t be upgrading the Android app support to Android 8.1 on the Xperia X, or other older generation devices like the Jolla C.

The problem is that porting Android app support 8.1 to Xperia X would mean that we update the baseport to Android 8 on that device. We can’t do this over the air, which means that we would have to create and maturize new HW adaptation for Xperia X and either stop supporting old adaptation or to support two adaptations for Xperia X. Supporting two different adaptions for same device would obviously be more work than just having one. If we’d only support new adaptation with SW updates would mean that old users would need to reflash their devices or they would stop getting updates.

We simply don’t have the necessary resources to do it justice given the older hardware and several additional HW adaptation versions needed to support them now and in future.

This isn’t a decision we’ve taken lightly. We are rightly well-known in the industry for the exceptional long-term support we provide for all of our devices and we will naturally be providing all the regular Sailfish OS software updates for the Xperia X, including Android 4.4 support, just as we do for many other older devices. The recent release of Sailfish OS 3.2.0 Torronsuo underlines our commitment to this.

We hope you’ll enjoy Sailfish X on the new Xperia 10 and Xperia 10 Plus as much as we do and will take up our offer!

Keep on sailing,
Martin

The post Sailfish X for Sony Xperia 10 now available appeared first on Jolla Blog.

by James Noori at November 19, 2019 09:33

November 18, 2019

NewPipe

NewPipe release retrospection: 0.17.1 - 0.17.4

You might have wondered why there haven’t been any release announcements since 0.16.2. Unfortunately, writing these blog posts can consume a lot of time which our developers often think is better invested in writing new features or fixing bugs.

However, you, the users, should have the chance to track all the changes made from release to release in such summaries, and we apologize for having had let things slide for a while. In this blog post, I want to provide a really short summary of what has changed in the last months, and what is yet to come in the upcoming 0.18.0 release.

Changes in 0.17.1

In 0.17.1, the team fixed a lot of bugs. There were disappearing buttons, performance issues as well as an unnecessary storage of settings. In the extractor, a bug causing an intermittent issue (yay, that’s the kind of bug developers like most!) in the YouTube video search within NewPipe as well as a problem with the ever annoying ReCaptcha widgets have been fixed.

There’s also been a couple of improvements. For instance, an action regarding long-press menus for the playlists has been restored. Also, a switch has been added to choose between the Storage Access Framework (SAF) or legacy file pickers. This is important as some ROMs haven’t implemented the SAF completely and are therefore not fully compliant with the so-called CTS. NewPipe now detects whether the SAF is available and if not uses the old picker as a fallback.

The only novelty introduced in this release is a localization for Thai. Thanks to all translators helping make NewPipe available in native languages!

It seems the 0.17.0 release hasn’t made it through due to some issues. However, @TobiGr has provided a summary of what has changed from 0.17.0 to 0.17.1. New features involved a playback resume feature that allows for resuming streams where you stopped last time after switching to another stream. Furthermore, the downloader received a couple of minor additions, and there also have a few improvements and of course many bug fixes.

For more information, see also the release page, which also contains a description of the 0.17.0 release.

Changes in 0.17.2

0.17.2 was a hotfix release that became necessary due to changes made by YouTube to their website, which broke most alternative YouTube frontends as well, including youtube-dl.

Big thanks to @Stypox for providing a fix soon after the issue was reported, allowing us to publish the fix quickly (not even a single day, after all!).

I want to repeat once again that we highly appreciate bug reports by users. They’re by far the most important line of feedback we can utilize. However, I ask you not to overuse “same here” in comments following an initial bug report. Please use less spammy methods like GitHub reactions (the small emoticons on the lower left corner) to confirm a bug. If you can contribute more useful information such as links to other repositories affected by the same bug or results of your own investigation, please don’t hesitate to comment. Problems arise only when there’s too much off-topic such as YouTube bashing or simple confirms, they produce a huge wave of notifications, mails etc., and distract from the really useful comments. We’ve had similar issues lately in other issues and PRs, and this really just binds resources that are better invested in writing fixes. Please see also my comment in the respective issue.

For more information, see also the release page.

Changes in 0.17.3

In this release, again many improvements have been added to NewPipe. Most notably, a new option has been added to clear all positions in playlists. Until then, you had to clear your entire watch history, however in most cases that’s undesirable. Another useful addition is that NewPipe can now show hidden files in the file picker.

Most of you probably know invidio.us, a free/open-source alternative web frontend to YouTube. NewPipe has been able to open links to the central instance for a while already. 0.17.3 now also supports opening URLs pointing to all publicly listed instances, which means you can open links to Invidious in NewPipe just like you can open links to YouTube. Also, links to music.youtube.com can now be opened in NewPipe.

The most interesting bugs fixed in this release are an annoying exception caused by a small but important typo in the extractor. Furthermore, a bug in the playback of live streams has been resolved. Also, a bug producing performance problems has been fixed in the extractor.

For more information, see also the release page.

Changes in 0.17.4

In 0.17.4, the accessibility for blind people has been improved a little. Thanks to @fcnjd for assisting @theScrabi with helpful advice while implementing these changes. Furthermore, the wording of the description of the “video download folder” has been improved grammar wise.

Some bugs have been fixed regarding the download of videos from YouTube. Furthermore, some bugs related to scrolling have been resolved. The “clear search box” is now animated properly, and a lot of issues with the SoundCloud implementation could be fixed in this release, making this provider more reliable than ever before.

A few minor changes involve an upgrade of two dependencies (ExoPlayer and OkHttp) as well as migrating to the Android X APIs (a rather large and notable change that shouldn’t go unmentioned).

For more information, see also the release page.

Upcoming release

Soon Team NewPipe will be able to release version 0.18.0. We will post a release announcement here once ready. A few changes which we can announce already involve using new localization and downloader implementations introduced in the extractor as well as adding support for the Kotlin language, allowing the development of new features in this language. Another noteworthy feature we can announce already is the overhaul of the “What’s new” section, including a properly sorted feed and subscription groups to further improve your user experience.

Help wanted for website maintenance

We hope you can understand the reasons for the missing release announcements. We’ll try to post updates on our work more regularly again. Let us know what you think in the comments. If you like writing blog posts and think you could help us there, please see this issue.

Where to get the latest version

We recommend you to install the F-Droid app as it notifies you as soon as an update for NewPipe is available.

Please let us know what your experience of the latest release is, especially bugs in need of fixing. As usual, you can reach out to us via IRC (#newpipe on freenode), open issues on GitHub or ideally use our built-in crash reporter to send us machine-readable issue reports, or send in fixes yourself.

November 18, 2019 23:00

Purism

Oxidizing Squeekboard

Abstract

Oxidation is a process of adding oxygen to a chemical compound. Some examples are burning, and rusting. This experiment concerns the Rusting of a compound called Squeekboard: a derivative of Eekboard, originally containing high quantities of C, and reacting eagerly with GObject, GTK, and the X windowing system.

The goal of the ongoing experiment is to measure properties of Rust and the consequences of its application in real-world conditions. Due to safety and time concerns, the widely popular approach of Rewrite it in Rust (RiiR) was dismissed in favor of a gradual oxidation process.

Tested hypotheses were:

  • does replacing C code with Rust reduce overall compound size?
  • does using Rust instead of C reduce the incidence of uncontrollable reactions with memory (e.g. segfaults)?
  • how to oxidize existing compounds rich in C?
  • can compounds with Rust in them be manufactured using existing industrial processes?

Methodology

The experiment relies entirely on Squeekboard as the subject. It has been chosen due to the need to redesign it for a new process (X.org to Wayland), and due to being relatively easy to separate.

Because Rust is an element belonging to the programming language group, this analysis ignores all other constituents of Squeekboard. Squeekboard’s programming languages are almost exclusively Rust and C, with some shell and Meson impurities, which are subsequently ignored, as replacing them with Rust is not expected to yield useful results.

Quantities of programming languages are measured in Significant Lines of Code (SLOC) as determined by the cloc tool.

The measure of memory reactions is the sum of anecdotal crashes, and filed memory-related issues in the bug tracker.

Unfortunately, some factors could not be rigorously accounted for due to the Squeekboard compound being under active development. For that reason, all conclusions relating measurements to macroscopic properties carry a significant margin of error.

Size changes

Squeekboard was separated from Eekboard when it contained about 15 thousands SLOC of C. At the time of this analysis, it contained 5567 SLOC, out of which 3526 are of C, and 2041 of Rust, dropping from 14862 lines of C before the oxidation, for a reduction of 62.5%.

Lines of code by language

Figure 1: Lines of code by language. This figure approximates the timeline of the changes within the Squeekboard compound. Commits were ordered according to git log. Because several changes could happen in parallel, there are artifacts in form of spikes and troughs resulting from one set of changes being displayed, then seemingly reversed (parallel set of changes displayed), ending with the first applied again (merge commit).

The general trend of size change is steeply downwards, owing chiefly to the removal of unnecessary DBus complexes, custom types, and the simplification of objects. A large drop in the middle of the figure stands out, corresponding to commit c7d5e8d, which replaced custom styling with a GTK calls. Two less pronounced drops in C size happened before that event: 4bf4500 and 6f5f497, cleaning up previously unconnected pieces. A later commit (521796a) removes a quantity of Rust by replacing an included copy of bitflags, relying instead on one provided externally.

With most recent changes, the trend flattens out, however. Considering that there are very few unnecessary components within Squeekboard, and the future need to make it exhibit new properties and behaviours, it can be expected that the trend will soon reverse.

The oxidation timeline contains three main phases: the introduction of Rust, which held at several hundred lines of code for a significant number of commits, followed by the phase of rapid increase (starting with the inclusion of bitflags in a6ee303), and a final flat phase of no increase. The general trend of the increase of Rust content seems to be matched by an opposite, but stronger trend of C content decrease, resulting in overall decrease.

Increase in Rust content versus total size, by commit

Figure 2: Increase in Rust content versus total size, by commit. The red line is a least squares fit with slope equal to 0.53.

Increase in Rust content versus total size, by commit, zoomed in

Figure 3: Increase in Rust content versus total size, by commit, zoomed in.

In order to determine if adding Rust lines correlates with a change in total size, a correlation factor was calculated. The resulting value equals 0.196, suggesting a weak positive correlation. It suggests that on a short time scale, changing the amount of Rust does not correlate with total size changes a lot.

Additional least squares fit was calculated to determine whether adding Rust is the cause of total code changes. The value obtained is equal 0.53, meaning that for each added line of Rust code, the total size changes by about 0.53 lines.

At a glance, it means that C is not being converted to Rust much at all, which is inconsistent with the large scale trend. Unfortunately, this kind of analysis is only concerned with single commits, and therefore only confirms that C to Rust conversion does not happen on the scale of single commits.

The 0.53 value could mean that adding a line of Rust removes 0.47 lines of C on average, however it’s difficult to verify due to the binomial distribution of commits: most are either concerned exclusively with C or in Rust.

Reactions with memory

The remaining question regarding the properties of a mixed C and Rust compound concerns its reactions with memory. Rust is regarded as a highly controllable element, as opposed to C. In the process of creating the converted version of Squeekboard, it has proven to be true so far. Before the conversion, spontaneous disintegration was a regular part of the development process, occurring at unpredictable intervals across most development activities. As the conversion progressed, such incidents became less common, and instead when mistakes are made, Squeekboard simply cannot be built.

However, such protection is not perfect. There is still danger of making undetected mistakes at the C/Rust interface, including the risk of leaking memory through it. considering that Squeekboard still relies on C bases, careful memory interactions will always be necessary in some places, especially in Rust FFI parts that receive calls from or call C.

While analyzing memory interaction anomalies with tools like memcheck, heaptrack, and massif, the Rust contents didn’t cause any obvious issues.

Oxidation process

The process of removing C groups and replacing them with Rust is best done in small chunks. Since the conversion itself must be done in a single step, it’s generally advisable to break down any conversion into a series of smaller ones whenever possible.

The first step for any conversion is identifying the property to be bestowed upon the compound: e.g. easier interaction with JSON, or less time spent changing some internal part while developing. Following that, we will get an early idea of what kind of work needs to be done. Such work will generally involve several objects. In Squeekboard, the best strategy seemed to be converting each object separately in a change on its own, slowly approaching the core needed change.

The general advice for such conversion is: pass trivial structures like Rectangle, Point by value, using repr(C). Store CStrings if the C side needs to read their contents. And finally, pass complicated Rust/C objects as pointers. C objects can be represented in Rust as struct MyCObbj(*const c_void);, whereas Rust must be kept boxed since creation: Box::into_raw(boxobj) gives a pointer to an instance of struct rustobj;. Such objects still need to be freed manually using Box::from_raw(rawobj), but allow more freedom as more objects are converted.

Industrial process

In order to build Squeekboard in significant quantities, the Meson build system is used. While it’s perfectly suited for pure C compounds, integrating Rust poses new challenges.

Initial additions of Rust required not many changes: adding rust to the project specification, the relevant .rs files, and linking the results together. That approach had a large shortcoming: ready-made Rust parts are not contained in single files, and often use a complicated synthesis process, orchestrated by Cargo.

While Cargo is also a build system, and Meson’s counterpart, it really works much better as a package manager, while Meson is light years ahead of it as a build system. for this reason, the Squeekboard process team decided not to switch to Cargo wholesale, but rather use a Cargo process as subservient to the orchestrating Meson one.

In order to achieve this, Cargo configuration and some glue has been added to the project, and the result of the Cargo process (librs) has been carefully and statically linked to the rest of results as a custom_target. That procedure required Meson 0.51, which complicated matters a bit.

Ultimately, even Cargo tests are useable through Meson, although they are not linked to the C components, and therefore cannot test C interactions (this area has not been explored yet).

Debian

As Squeekboard is further integrated into the Debian process, it has been important to test its building in a Debian environment. The first snag was hit with Meson 0.51, which was not available in Buster. After packaging Meson, the packaging of Squeekboard itself posed some issues related to Debian versions of Rust pieces not necessarily corresponding to crates.io (Cargo repository) ones. It has been resolved by removing the Cargo.lock as part of the build process, although it is clearly not a perfect solution.

General remarks

The conversion of C to Rust caused Squeekboard’s structure to change considerably, with some costs and benefits. The most important benefit was replacing the bloated XML receptor with a YAML one based on serde, saving on the order of a thousand lines, while improving validation. Another benefit is the usage of typed hash tables and arrays, reducing the possibility of errors.

One big downside of conversion is the need to add glue parts between C and Rust for every conversion. While they are strictly Rust, their structure is often exactly like C, operating on raw pointers, with the added overhead of converting to Boxes and managing their locations, negating many of the benefits of Rust. Thankfully, as oxidation progresses, and the objects they deal with receive no more attention from C, they either mature to idiomatic Rust, or get removed entirely.

Experiences interfacing with external parts have been mostly positive: Wayland interfaces can be created using the same rules as internal ones, and calling Wayland functions directly in Rust is easier than connecting through C-based types. GTK usage in the recently finished popover experiment has been more mixed, degrading to “C-in-Rust” for some holes in GVariant support, while still allowing to manipulate data more easily.

Summary

As the progress of Squeekboard oxidation progressed, its size was greatly reduced (by 62.5%). However, it’s difficult to attribute those changes to oxidation alone, as many unused and unnecessary pieces have been removed or replaced. At the same time, additional properties have been added, muddling the picture even more.

On the scale of a commit, no reduction of total size as a function of Rust additions had been found either. This result is also quite uncertain, with a low correlation factor of 0.196.

There exists anecdotal evidence for having more Rust making memory errors more obvious and easier to remedy, based on the development process itself.

The oxidation experiment being successful itself proved that coexistence of C and Rust is possible, and achievable with some build process changes, and even adhering to Debian-like processes.

Credits

The authors of this paper would like to acknowledge the #debian-rust channel and the patient Debian wizards at Purism for process help, the Veusz project, Python, and LibreOffice for data analysis, and the Rust, Meson, and Cargo projects for providing tools necessary for the experiment.

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the people—stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

The post Oxidizing Squeekboard appeared first on Purism.

by Dorota Czaplejewicz at November 18, 2019 13:18

November 15, 2019

Purism

Librem 5 October 2019 Software Update

The Librem 5 software team were busy in October, improving power consumption and heat generation through kernel and driver changes. The team also refactored and improved integration between various apps by using libfolks as a common foundation, added new features to keyboard, Settings, Shell and Compositor and squashed many bugs.

Here’s a list of the top things the Librem 5 software team worked on during October:

Note: Some of the changes mentioned below refer to amber (PureOS stable) and amber-phone (PureOS phone specific packages).

Kernel

Our ongoing improvements to frequency management in linux-imx8 and linux-next and general improvements to mxsfb have improved battery life.

S3-suspend/resume has been looked into again and should be functional.

Version v7 of the nwl mipi dsl host controller driver has been submitted for review upstream.

Patches to fix probing of the Rohm bd718x7 power regulator when built as a module were submitted upstream.

Improvements to GPU thermal throttling behavior have been submitted and accepted upstream.

Version v1 of the mxsfb patch to handle nwl timing requirements was submitted for review upstream.

Support for max17055 has been added to the 17042 fuel gauge driver.

Work to enable the devfreq driver for the development kit continues.

Got busfreq (devfreq) kernel, ATF, DDR firmware and U-Boot working, as well as U-Boot booting from eMMC.

To ease the transition to a softpinned Mesa, this change keeps both the old and new memory allocation strategies around so that old and new versions of Mesa will still work.

Some issues with the module that provides Wireless LAN and Bluetooth have been completed, solving problems with firmware version reporting, slow connections and inconsistent throughput.

Keyboard

A new release of Squeekboard brings together efforts in a number of areas, both from the Purism team and from contributors from the forums and elsewhere.

Work on the keyboard layout for landscape screen orientation was completed, which overlaps with the more general problem of adjusting the keyboard to any display size.

The touchable area of buttons were made bigger to make typing easier and less error-prone.

The implementation of the keyboard is now approaching the original design with our first implementation of the language switcher, allowing users to easily switch between keyboard layouts.

Librem 5 Onscreen Keyboard

Support for multi-codepoint sequences has enabled layouts to be created for more complex writing systems, such as Japanese Kana scripts.

Contributors have been submitting layouts for different languages in the simple YAML format that Squeekboard uses to describe where all the symbols are placed. Here’s a list of layouts that appeared or were updated in October:

Translation activity continues to be discussed in the forum.

Messaging

Chatty has been renamed to Chats to aligne with the naming standard of other GNOME applications.

Interoperability between Chats and Contacts was improved to make it easier to access contacts in Chats.

Translations have been updated from the Zanata translation service.

Flatpak builds of Chats now include libphonenumber and enable it in Evolution Data Server.

We fixed the following issues:

Shell and Compositor

Phosh 0.1.2 has been released. You can find the code, tagged in the repository.

Previously in October, we released Phosh 0.1.1, with contributions from Hysterical Raisins and Bart Ribbers. In tandem with this, Phoc 0.1.1 was also released, with contributions from Simon Ser, Aleksis and Bart Ribbers. Phoc was uploaded to the amber distribution of PureOS, making it available to all PureOS users.

Phoc now handles power button presses to blank/unblank the display.

Unix signal handling were simplified.

Although not purely a shell feature, an on-screen keyboard stub was added to Phosh. The is the final piece to allow the usage of Phosh’s PureOS packages without any special hacks.
On a similar theme, a gbp.conf file was added to the repository to make releases of Phosh simpler.

Meanwhile, Phoc started using its own defines for XWayland selection instead of relying on those from wlroots, and keybinding handling was improved.

A number of fixes were ported between rootston and Phoc, preparing us for switching to a newer version of wlroots. This needed doing because our fork of wlroots was getting old.

To help improve performance, we started packaging a softpinned Mesa that improves performance by employing a different memory allocation strategy.
Looking ahead, a fix to the Debian Bullseye build of Phoc anticipates future updates to the distribution used, and this is also reflected in the work to enable Phosh builds for Bullseye, too.

Also with future features in mind, the display server was turned into a GObject in preparation for dynamic keyboard layout switching.

We fixed the following issues:

  • missing icons in activity switcher for GNOME apps
  • GLib signal emission on layer-surface size changes
  • choosing an existing running application activates it instead of launching another instance now
  • running in a gdm session is detected to avoid double unlock

We fixed the following issues:

Calls and Audio Subsystems

Initial support for libfolks has been added to Calls, making it easier to integrate the application with others that use contact information.

More of interest to development kit users, Aleksander Morgado’s independent upstream port of SIM7100 voice support has now been merged. We’re very grateful for Aleksander’s efforts to support the SIM7100.

Wys now uses a machine-specific configuration database to discover the audio codec and modem in use. This means we no longer need device-specific packages to provide hardware configuration via systemd unit configuration files, as was previously the case.

Aleksander Morgado’s work on ModemManager emergency call support has been merged upstream, providing low-level support for emergency call provision.

Applications

Efforts to make GNOME Calculator adaptive have begun, though how it should be implemented is being reviewed by the Purism and GNOME designers.

GNOME Settings (Control Center) has seen gradual improvements over the month, with a new design for the information panel, a refactored cellular panel sent upstream. Now that the new gnome-bluetooth module has been packaged, the Bluetooth panel should work as expected. A new D-Bus API also enables the SIM card to be automatically unlocked when the phone starts up.

Librem 5 Cellular Settings

Since the phone is currently limited to using simple passcodes, a modification to pam (the Pluggable Authentication Modules library) allows simple numeric passwords to be used. This limitation is expected to be lifted in the near future.

Because it was previously very easy to accidentally dim the screen to a level where use of the GUI was very difficult, a fix to set the minimum brightness to 10 percent is much appreciated by those with development kits who were relying on the touchscreen as their only input device.

Support for NetworkManager secrets improves the experience of network authentication and connecting to wireless networks in general.

Some user experience improvements are needed to make the phone easier to use, even if they duplicate functionality that already exists. One of these involves asking the user to unlock the SIM card automatically when the user starts the phone and the modem is enabled using the hardware switch.

Design

The Design team has been reviewing merge requests to the Podcasts application, including one to port it to use HdyViewSwitcher.

Mockups for Phosh landscape mode were created, anticipating how the shell will look in landscape mode.

Infrastructure

Documentation for the available image types is lagging behind the state of the art. Until the developer documentation catches up, see this snippet for hints and tips on the naming scheme in use.

Packages for the phone are being built for PureOS. With that in mind, it’s useful to provide separate debug packages, to keep packages small for users while still providing debugging symbols for developers.

To make things work well on PureOS, we need to work around the use of an older version of systemd in the PureOS amber distribution.

When developing software on a platform, it can be useful to have a collection of tools that assist in development. The librem5-dev-tools package is used to conveniently install such tools in a similar way to the standard Debian/PureOS devscripts package.

Documentation

October is the month where our focus shifted onto the user documentation. Despite this, contributors made sure that parts of the developer documentation were kept up-to-date.

Christophe Roux submitted a documentation hint for downloading Librem 5 system images and Julian Hofer submitted a change to remove direct DConf access from the Flatpak permissions guide.

Initial versions of the phone’s user documentation, including the user guide and quick start guide, were produced. These are expected to evolve over time, especially between batches of phones, as the software and hardware are updated and upgraded.

Until next month!
The Librem 5 Software Team

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the people—stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

The post Librem 5 October 2019 Software Update appeared first on Purism.

by Purism at November 15, 2019 19:12

Librem 5 Birch’s 10kΩ Resistor Fun, Devices Prepping for Shipping

Purism is working to solve no shortage of problems; making a phone with a never-before used CPU for mobile, to authoring a mobile OS, to designing the hardware from scratch. Not to forget forging a social purpose company, avoiding toxic funding, and solving digital civil rights by creating products that are convenient to use and look good. All because of your continued support.

Many of our customers are interested in what goes on behind the scenes when making a phone, so we wanted to share for transparency the kinds of issues that can come up. For instance, with our Birch batch, we sent our hardware engineers the very first phones off of the line ahead of schedule so they could perform quality control testing. We discovered a 10kΩ resistor was missing from the PCBA!

This manifested itself into a non-working USB. We are fortunate to have incredibly talented engineers on our team who quickly traced this error down so we could add the resistor to the remaining Birch devices, restore USB, and keep us on track to ship all Birch devices to backers without changing the Birch shipping window.

Thank you for the continued support and spreading the great news about the Librem 5, it is the single best way to make sure we all have a mobile phone that respects society.

The post Librem 5 Birch’s 10kΩ Resistor Fun, Devices Prepping for Shipping appeared first on Purism.

by Todd Weaver at November 15, 2019 19:11

November 13, 2019

/e/ foundation

Leaving Apple & Google: /e/OS 2020 roadmap! 2 new smartphones are supported

Leaving Apple & Google:
/e/OS 2020 roadmap! 2 new smartphones are supported

/e/OS: a roadmap for 2020!

Interested in learning more about our plans for 2020?

New name?
Easy installer?
More privacy features?

Discover our roadmap for 2020 and later!

/e/OS is available on 2 new smartphones

Don’t know how to flash your smartphone with /e/ OS, or don’t have time?

Send it to us, and get it back brand-new flashed a few days later!

About to launch under beta…
More information very soon…

Did you purchase your /e/ smartphone?

You can now get a smartphone with /e/ pre-installed to enjoy your new digital life, fully unGoogled!

Choose from available models:

– Galaxy S7
– Galaxy S7 Edge
– Galaxy S9
– Galaxy S9+

Learn more here…

How to contribute and support the /e/ project?

We are often asked how to contribute to the /e/ project and we are pleased to answer this question because users’ contributions are key to the success of an ambitious project like ours.

Now is the good time! There has never been that many questions and comments about user’s data privacy, Google, Apple and alternatives to regain control over data privacy… The timing is great and you can contribute in many ways

Test /e/OS, report bugs, contribute to patches!

Anyone is really welcome to report issues with /e/OS, and possible solutions. Just make sure you can reproduce the problem, post appropriate context information, possibly some “logs”, and ideally… a solution 🙂

Help others! Join the global community!

We have a growing community of users who are discussing their experience with /e/OS. Join now, you will be able to help others answer common or uncommon questions they have about /e/:

Join /e/ Community Forum
Join the Support Channel

Join discussions, spread the word!

It’s important to share your experience on our forums, tell us about what you like, your frustrations… It helps us to identify improvements for the product and make it a Premium mobile ecosystem.

Also, please share the word! Every day, new users discover /e/ and love the project. We need all forces to ensure that as many people as possible learn about the project. We can’t count on mainstream media for this!

So share with friends and your community channels, talk about /e/ on social media, say why you like it!
You can also share what we post on Mastodon and Twitter

Contribute financially

With your help, we can support a growing team of passionate contributors, keep /e/ completely independent and make /e/OS sustainable over time.

Every donation helps the project to pursue additional developments, rent servers for compilation, rent servers to host your e.email account or the community forum, pay for domain names and other key expenses amongst other things.

If you can afford a recurring donation, become a /e/ Patron!

Otherwise, choose from the different donations options, and get a reward in return!

Subscribe to our Telegram announcement channel to get latest news!

Follow us on Twitter and Mastodon: @e_mydata

by Samuel Cazin at November 13, 2019 16:07

Purism

“What Librem 5 batch am I in?”

“What Librem 5 batch am I in?”

Previously we’ve indicated that we would contact people as their particular batch is being prepared for shipping. For instance, we have started sending out emails to backers who will receive Birch in the coming days and weeks.

As we mentioned in our post Supplying the Demand, we were surprised at the demand for our early batches. We also expect that some customers will change their mind one (or more) times about which batch they’d prefer as each batch comes out and more videos, pictures, and articles are posted. For these and other reasons we’ve been reluctant to notify people which batch they are likely to be in, as it could change as people change their minds and slots open up.

All that said, we also understand the excitement and suspense behind the Librem 5.

With that in mind, we’ve decided to inform everyone of which batch they are most *likely* to be in. We will be emailing each backer to let them know their likely batch assignment.

Please understand that this is an estimate–some people’s batch assignment might change to a sooner or later batch as we continue to process Librem 5 orders.

The post “What Librem 5 batch am I in?” appeared first on Purism.

by Purism at November 13, 2019 14:30

November 08, 2019

NewPipe

We lost donations through a Bitcoin scam

Team NewPipe lost some of your donations through a Bitcoin scam. The founder of NewPipe, Christian Schabesberger, explains the details of the attack in an open letter to the community.


Dear NewPipe users/developer/maintainer,

Earlier this year, on 26 June 2019, I fell victim to a bitcoin scam. Unfortunately, we, the team, lost all the donated bitcoins we had received until that date.

My intention was to sell all the coins, as the current trading rate was at around ~10.000€ per coin at this time. The amount of coins we lost back then was 0.12728048 BTC ~ 1200€. The attack has been successful on a lot of people. It’s been an issue within the Electrum bitcoin wallet and has been described in detail in this issue.

I reported the issue to the German police right after the incident, providing as many details and digital traces as I could collect, and as far as I know, a bigger investigation about this scam attack is being worked on by German federal law enforcement. I also learned a lot from this attack, and have implemented measures to reduce the chance for another such scam attack to work on me in the future.

A careful user found traces for an incident on the Bitcoin wallet and asked for more details on GitHub. I have to admit that I totally forgot that I intended to write a blog post like this, explaining the incident in detail and what actions have been taken. I did not intend to hold back information, but simply forgot about informing our donors, contributors and users.

I sincerely apologize for this incident, I am very sorry about what happened and we are working on moving financial project responsibilities away from me. @TheAssassin and @TobiGr have plans on founding a NewPipe e.V., a public not-for-profit association under German jurisdiction, to take over maintenance of the project and handle the financial aspects (i.e., the donations, and what will be funded by those). This way, a set of people will decide about the money and share the responsibility.

Yours sincerely

Christian Schabesberger
aka Schabi
aka @theScrabi

November 08, 2019 20:00

November 06, 2019

Purism

The Librem 13 reviewed by Unbox Therapy

Simple. Clean. The most secure experience you can have.

Just over a week ago Unbox Therapy reviewed our Librem 13 v4 on their YouTube channel and the video has been watched over 2.3 million times. Thank you to Willy from the Unbox Therapy team for getting a Librem 13 in front of Lewis, he did an excellent job talking about and demoing our privacy and security focused hardware and software.

He loved the ease and convenience of our hardware kill switches and how they could be used to seamlessly toggle the WiFi/Bluetooth and the Camera and mic on and off without restarting the system – in Lewis’s own words, “That’s pretty cool, you have to admit that!”


Get your Librem Laptop

We are very proud of our kill switches, they are the most secure way to disable components of a laptop that can be used to spy on you — as they physically disconnect the circuitry, like removing the light socket from the wall.

Lewis agrees, “The switch is obviously the best implementation”, no need for tape over your camera and mic.

Lewis was impressed by the number of ports on the Librem 13: 2 USB 3.0, 1 USB type C, headphone port, HDMI port, SD card slot and the 2 hardware kill switches all in aluminum chassis weighing only 3lbs (1.4kg).

On the software side Lewis liked how the entire PureOS onboarding process helps you be more secure – especially setting a disk encryption password to protect the whole system and your data. He liked that we got plugins and security rules “baked-in” to the browser by default, enforcing HTTPS everywhere and disabling many advertising and web trackers. Overall Lewis was impressed with the look-and-feel of a modern GNOME GNU/Linux system, finding it easy to multi-task, search for and open files and apps.

The PureBoot Bundle

If you are looking for the most secure and privacy respecting laptop, then look no further than our PureBoot Bundle – A v4 Librem 13 or 15 paired with a paired Librem Key for the ultimate hardware and software tamper detection. Find out more about how we made it possible to detect tampering with the Librem Key and our Chief Security Officer’s best practices to stay safe and secure.


Browse the Purism Shop

Photos courtesy of Unbox Therapy 1, 2.

The post The Librem 13 reviewed by Unbox Therapy appeared first on Purism.

by Purism at November 06, 2019 14:15

November 05, 2019

Pine 64

November Update: Brave Heart, Pinebook Pro reception and more

Our core focus for the past month was on getting the manufacturing process and shipping of the Pinebook Pro, PinePhone and PineTime development kits back on track. I will not reiterate the events that led to the delays of those devices in this post, but if you’re interested then read the detailed account of what happened in last month’s community update. With the Pinebook Pros and PineTime...

Source

by Lukasz Erecinski at November 05, 2019 14:16

November 04, 2019

Jolla

Sailfish OS Torronsuo is now available

Sailfish OS 3.2.0 Torronsuo is a substantial release introducing updated hardware adaptation support, which enables us to bring Sailfish X to newer generation devices like the Sony Xperia 10. The Xperia 10 is also the first device to come with user data encryption enabled by default, and with SELinux, Security-Enhanced Linux, access control framework enabled. We’ll be rolling out SELinux policies in phases. For now Torronsuo introduces SELinux policies for display control (MCE), device startup and background services (systemd), and more will follow in upcoming releases. We have a few details of the Xperia 10 support to finalise, and will announce Sailfish X for the Sony Xperia 10 within the upcoming weeks.

Torronsuo National Park is in the Tavastia Proper region of Finland. This park is valuable for its birdlife and butterfly species. Roughly a hundred species nest in the area. Part of the birds and insects are species that typically live in the northern areas, and they aren’t seen much elsewhere in southern Finland.

 

Calling Experience

We have also improved the calling experience in co-operation with our partner OMP, who is developing Aurora OS. For incoming calls the country of the caller is now displayed if the call is coming from abroad. The call ending flow has been redesigned from a full-screen dialog to a less intrusive and more light-weight call ending popup, and you can now set a reminder to call someone back when receiving a call or from the call history view in the Phone app via a long tap on the caller name. More improvements to the call experience are also in the pipeline for upcoming releases. For example we are currently working on improving the one hand usage of the call ending popup.

 

 

Onboarding Experience

We are continuously improving the onboarding experience for new users. For example, pulley menu indications have been refined to make the menu easier to spot. Feedback showed that after deleting a note or contact some new users waited for the remorse timer to complete before continuing with other tasks. This prompted us to simplify the content deletion use cases across the operating system.

 

Clock app

Torronsuo also includes updates to the Clock app, which enjoys a bunch of enhancements and bug fixes. You can set the alarm snooze interval in Settings > Apps > Clock. Timers can now be configured more accurately to the nearest second and you can reset the progress of all saved timers with one pulley menu action.

And many more

You’ll find a whole host of other improvements elsewhere too. Battery notifications have been calmed down so they’ll now appear less frequently and contacts search works better in case you have a lot of contacts synced to the device. Android app opening is more reliable and Android contacts performance is notably improved. Twitter works more smoothly with the Sailfish Browser. Editing WLAN networks now offers more enterprise EAP options which were previouslly only accessible from the connection dialog. Many connectivity issues have been fixed, including OpenVPN certificate authentication. Along with Torronsuo we have updated Sailfish OS SDK to version 2.3.

Warm thanks to our partner OMP for the support and for co-developing many of the core improvements with Jolla for Torronsuo. We hope you enjoy Torronsuo as much as we had fun making it. Big things are on the horizon for Sailfish OS, and we are excited to have you with us on the ride. 🙂

For more information please read the release notes.

The post Sailfish OS Torronsuo is now available appeared first on Jolla Blog.

by James Noori at November 04, 2019 22:00

November 03, 2019

Paul Schaub

On “Clean Architecture”

I recently did what I rarely do: buy and read an educational book. Shocking, I know, but I can assure you that I’m fine 😉

The book I ordered is Clean Architecture – A Craftsman’s Guide to Software Structure and Design by Robert C. Martin. As the title suggests it is about software architecture.

I’ve barely read half of the book, but I’ve already learned a ton! I find it curious that as a halfway decent programmer, I often more or less know what Martin is talking about when he is describing a certain architectural pattern, but I often didn’t know said pattern had a name, or what consequences using said pattern really implied. It is really refreshing to see the bigger picture and having all the pros and cons of certain design decisions layed out in an overview.

One important point the book is trying to put across is how important it is to distinguish between important things like business rule, and not so important things as details. Let me try to give you an example.

Lets say I want to build a reactive Android XMPP chat application using Smack (foreshadowing? 😉 ). Lets identify the details. Surely Smack is a detail. Even though I’d be using Smack for some of the core functionalities of the app, I could just as well chose another XMPP library like babbler to get the job done. But there are even more details, Android for example.

In fact, when you strip out all the details, you are left with reactive chat application. Even XMPP is a detail! A chat application doesn’t care, what protocol you use to send and receive messages, heck it doesn’t even care if it is run on Android or on any other device (that can run java).

I’m still not quite sure, if the keyword reactive is a detail, as I’d say it is a more a programming paradigm. Details are things that can easily be switched out and/or extended and I don’t think you can easily replace a programming paradigm.

The book does a great job of identifying and describing simple rules that, when applied to a project lead to a cleaner, more structured architecture. All in all it teaches how important software architecture in general is.

There is however one drawback with the book. It constantly wants to make you want to jump straight into your next big project with lots of features, so it is hard to keep reading while all that excited ;P

If you are a software developer – no matter whether you work on small hobby projects or big enterprise products, whether or not you pursue to become a Software Architect – I can only recommend reading this book!

One more thought: If you want to support a free software project, maybe donating books like this is a way to contribute?

Happy Hacking!

by vanitasvitae at November 03, 2019 19:21

October 31, 2019

Fairphone

October 30, 2019

Purism

Librem 5 September 2019 Software Update

Here’s what happened to the Librem 5 software in September. This doesn’t cover every single improvement or fix that was made, just a selection of them. You can follow the development of the software in our GitLab instance.

Applications

Developers and designers on the Librem 5 team have been working to bring the user experience closer to the design goals, with lots of help from developers and designers elsewhere in the community.

Messaging

Chatty is still receiving new features, like support for file uploads to XMPP chats.

There has also been a certain amount of polishing and fine-tuning the user interface, with improvements to the conversation view.

Chatty now starts in the background to ensure that incoming messages can be received even when the application itself is not shown.

Settings

An incredible amount of work has been put into making the Settings application work well in portrait mode. The large number of dialogs and pages, combined with the combinations of options that can be chosen, make it a challenging application to work on.

Network dialogs can expose a lot of settings, making it difficult to present them nicely on smaller screens. Despite that, the known networks dialogs have been updated to work well on the phone.

Other dialogs, such as Notifications needed some work to make them adapt to the Librem 5’s display.

Behind the scenes, a few improve the application for general GNOME users as well as users of the phone.

Software

GNOME Software has been adapted for use on the phone and can be used to install new applications, as well as to update the system software.

Calls

One of the notable new features in Calls is that incoming calls can now be accepted when the screen is locked.

Improvements in emergency call support that are being made upstream in ModemManager aim to provide better provision of emergency calls in a range of situations – such as when the SIM is locked or not present.

Thank you for the entries to the ringtone competition, which are now included in the default system image.

Other Applications

In addition to working on high priority tasks, our developers have taken the initiative to get a few more applications working seamlessly on the phone. The Podcasts app is one of these, getting minor fixes to work on the Librem 5.

Libhandy

The adaptive widget library continues to get more features and improvements, culminating in developer.puri.sm.

Libhandy is now also packaged for PureOS.

Shell and Compositor

The shell now shows all available applications, not just favorites which still appear at the top of the app drawer. A search bar makes it easier than before to locate applications.

The general experience of using the shell has also been improved thanks to a flurry of changes which make easier to find the app you are looking for. We’d like to thank Zander Brown for the many contributions to this release.

Alongside new features like these, rendering performance has been increased through tweaking low-level drawing, such as blending.

Notifications from applications are now supported. This was introduced to support Chatty, and was further improved by Zander Brown. As a result, many applications that use notifications are now noisier than before, making the notification settings useful.

The translations for the shell itself have been updated despite problems with the Zanata service that we have been using (see the Community section below). This occurred in merges over the course of the month.

Thanks to a submitted upstream), Clutter-GTK applications should now work on the phone. There are quite a few popular applications that use Clutter-GTK, so having it work is important to users.

SDL applications received similar attention to ensure that they use the Wayland backend rather than fall back on X11 support.

The order of layers can be merge request ensured that the virtual keyboard doesn’t get hidden behind layers that expect text input.

When the user shuts down the phone, the screen now shows visual feedback to the user.

Key bindings for the shell are now read in the same way as GNOME shell, using the same schema. This makes configuring and using the shell easier when using an attached keyboard.

Virtual Keyboard

Squeekboard, the virtual keyboard, has seen active development over the last month, being refactored and rewritten in parts.

The way keyboards are styled got some changes.

Multitouch input is now supported and the keyboard handles multi-key rollover, it should now keep up with users who type quickly.

A number of forum members have contributed keyboard layouts for more languages and started a forum discussion on the best practices for language and keyboard contribution and discovery.

Kernel

We start with an overview of Purism’s contributions to Linux 5.3 that covers much of the current work on supporting the phone in the latest stable release of the kernel.

Alongside this, efforts continue to mainline support for the accelerometer and other peripherals.

Community

In response to demand from members of the list of applications in development for the phone.

For a while we have been using the Zanata translation server to manage translations of the shell and other components. Unfortunately, there were some issues with the service earlier in the summer.

Media

Photos and videos of the Librem 5 in different stages of production have been appearing on a video of an early production phone in use.

Documentation

Progress on the developer documentation has slowed down as the immediate focus shifts to user documentation. Guides for user manual.

Work is ongoing to produce a quick start guide for the phone in a printable format.

More to Come

We’re trying to increase the rate of progress reports as we move into the last quarter of 2019. Unfortunately, things slipped a little when we got to the end of summer, so the reports get longer to write and have to contain more things, and so on. In any case, we’ll try to get an October update out by the end of the month.

Thanks for reading!

The post Librem 5 September 2019 Software Update appeared first on Purism.

by Purism at October 30, 2019 13:54

October 29, 2019

Purism

Anti-interdiction Services

I often refer to Purism as a company that sits on a three-legged stool of freedom, privacy and security. I’ve even written posts in the past about how those concepts all fit together. While Purism focuses on all of these categories at the same time, we have an incredibly diverse customer base from many different walks of life and often our customers care more about one of the categories than the others. This means that sometimes we offer features or advancements that appeal only to a segment of our overall customer base.

For instance, customers who prioritize freedom might buy a Librem laptop because of the FSF endorsement of PureOS, the coreboot firmware, or our careful selection of hardware that can run on free software drivers. Customers who prioritize privacy might buy a Librem laptop because of the hardware kill switches or our commitment to privacy in our Social Purpose Corporation charter. Customers who prioritize security might pick us for our hardware kill switches, the fact we disable and neutralize the Management Engine by default, because of our PureBoot tamper-evident firmware, how we protect our supply chain, or because of how well our hardware runs QubesOS.

In this post I’m going to elaborate on a service we’ve offered for quite some time, but haven’t publicized much, that will be of particular interest to security-focused customers–our anti-interdiction service. This is a custom add-on service we have provided in the past to high-risk customers who are especially concerned about detecting any tampering with their hardware during shipment. Up until now you had to request this service explicitly to get details but starting today we are listing it as an additional upgrade you can add to any laptop order.

What is Interdiction?

The word interdiction in our context refers to a laptop being intercepted between the time it leaves our fulfillment center and the time you receive and open the box. The goal of the attacker is to implant malicious hardware or software, often to give them a remote backdoor into the system, without the recipient knowing. While this may seem far-fetched, and it’s certainly not something every Purism customer needs to worry about, there is precedent for these concerns for certain high-risk customers. While the most famous example might be the NSA interdiction of network hardware as part of the Snowden revelations, there are similar concerns for other governments as well.

Of course you don’t have to be targeted by a nation state to be at risk of interdiction. Hardware kill switches don’t just protect you from a nation state that might snoop on your webcam and microphone, but also a random hacker or a vengeful ex who might install a Remote Access Trojan on your system to snoop on and extort you. Likewise, anyone along the shipping route from a customs official to a delivery person or even someone at the destination like a malicious neighbor or vindictive ex might be motivated to install spyware on your system.

How Our Anti-interdiction Services Work

The goal with our anti-interdiction services isn’t to make it impossible for any adversary regardless of their capabilities from interdicting your laptop, and we don’t claim to prevent interdiction. What we offer instead is a way to detect interdiction–a set of measures custom-tailored to you and your threat that should make the job of interdicting your laptop without your knowledge much more difficult and your laptop much safer than with the normal shipping process. While some of the individual measures have countermeasures, the idea is that in aggregate (and customized for each individual) these measures become increasingly more difficult to defeat. A customs official who isn’t looking to implant anything may not care about arousing suspicion–they may just cut through tamper-evident seals–but someone who wants to modify your laptop does care about leaving a trace. For them, failure to defeat all of the measures risks alerting you to the tampering.

Because the anti-interdiction services aim to detect tampering, not prevent tampering, we don’t offer a refund if someone does tamper with your laptop in shipment since that’s something outside of our control. If a shipment is tampered with, however, the anti-interdiction process will help us determine what was tampered with and we can work with you to bring the laptop back to a from-the-factory state.

Our anti-interdiction process started relatively simply at first and continues to evolve and improve over time. As I mentioned, we customize the process for each customer based on their risk and their own capabilities, and this service ends up requiring a lot of back-and-forth between us and a customer as we pick which measures we’ll use and which we won’t. Some options include:

  • Customized tamper-evident tape on the sealed plastic bag surrounding the laptop itself
  • Customized tamper-evident tape on the internal, branded box
  • Glitter nail polish covering the center (or all) screws on the bottom of the laptop
  • Pictures of all of the above plus pictures of the inside of the laptop before sealing the bottom case
  • All pictures sent to the customer out-of-band, signed by Purism and encrypted against the customer’s GPG key
  • All coordination occurring over GPG-protected email

Integration with PureBoot Bundle

While the above measures are focused on detecting hardware tampering, now that we offer the PureBoot Bundle which configures a laptop and Librem Key with our tamper-evident PureBoot firmware at the factory, we now add some advanced software-based tamper-detection to anti-interdiction including:

  • Shipping the laptop and Librem Key to separate addresses
  • Postponing shipment of the laptop until the Librem Key is delivered
  • Configuring the Librem Key and PureBoot with custom, user-provided GPG keys and/or PINs

Could You Offer This By Default?

It would be great to offer this kind of protection to each order, but as you can see these anti-interdiction measures require a lot of customization and additional work at our fulfillment center as well as a lot of back-and-forth coordination with each customer so it’s not feasible to make it the default at this point. For the customers who face these kinds of threats the extra protection, effort and cost is worth it. Even if you don’t face threats at these levels, you may still be interested in the PureBoot Bundle which offers some of the protection without the additional effort and cost of full anti-interdiction services.

How Do I Get It?

To add anti-interdiction to your laptop order, select PureBoot Bundle Anti-Interdiction for your firmware option when you customize your Librem 13 or Librem 15 order. As we get feedback from customers and the state of the art with tamper detection improves, we will continue to adjust and add new measures to our anti-interdiction service. If you have ideas on how to enhance our anti-interdiction measures even further please let us know!

The post Anti-interdiction Services appeared first on Purism.

by Kyle Rankin at October 29, 2019 20:46

Fairphone

This Week in F-Droid

New language: Polish

We are pleased to announce the launch of the completed Polish translation on this site! The Polish translators have covered almost all the text that can be translated, with 100% of the client, website strings, static pages, and tutorials available in Polish. On top of that, 95% of the documentation, 83% of the blog posts, and 78% of the app summaries are in Polish. If you want to see this reach 100%, contribute on Weblate.

This does not mean that every bit of text on the site is in Polish, since we get the app descriptions from the app developers. To make it easier for translators to contribute translations to all the apps in F-Droid, you can find the Translation links for apps that have set up a translation service.

More languages

We would love to include all completed languages as they are ready. Unfortunately, this site is so large that we currently do not have the resources to generate the full website for all languages. This site currently generates about 43,000 pages. The test site includes all translations, whether incomplete or not. It is currently 92,500 pages, and takes more than twice as long to build.

In order to support more pages, we need help optimizing Jekyll. No other part of F-Droid uses Ruby, so the contributors are not well equipped to optimize our Jekyll setup. Another more labor-intensive option might be to port the site to Hugo.

Follow the full discussion on our forum.

by eighthave at October 29, 2019 00:00

October 27, 2019

FreeYourGadget

Gadgetbridge 0.38.0: Amazfit Bip GTR (NOT RECOMMENDED)

Gadgetbridge 0.38.0 has been released and will appear on F-Droid soon!

We added initial support the Amazfit GTR, but just like with the Mi Band 4 and Amazfit Bip Lite support, unfortunatly this sounds better than it is.

WE CANNOT RECOMMEND THIS DEVICE TO OUR USERS, SINCE YOU HAVE TO INSTALL MI FIT SOMEWHERE, CREATE AN ACCOUNT AND GET A DEVICE SPECIFIC AUTH KEY FROM MI FIT ON A ROOTED PHONE

Other methods then the above might exist, but in the end you need Mi Fit with an account once, then get hold of your secret auth key, and input that in Gadgetbridge.

As always, we want to remind you that we will move completely to Codeberg this autumn. The wiki can already only be updated there, while all wiki changes will be mirrored to github. Please create a Codeberg account, if you want to modify the wiki or if you want your issues/PRs and comments to be properly assigned to you again on Codeberg.

The reason for the move in one sentence: A free project deserves a free home!

For user-facing changes since the last blog post, check the following list.

Version 0.38.0

  • Amazfit GTR: Initial and incomplete support, mostly untested
  • Amazfit Bip: add Portuguese to the list of selectable languages
  • Mi Band 4: Enable emoji font setting
  • Makibes HR3: Support the english version
  • Makibes HR3: Enable bluetooth pairing for working reconnection
  • Work around crash when trying to display changelog
  • Sleep detection settings: Rolling 24 hours (existing style) or Noon to noon
  • Add alternative color to heartrate in chart settings

Version 0.37.1

  • Amazfit Bip Lite: Support flashing firmware and watchfaces

by Andreas Shimokawa at October 27, 2019 23:00

October 26, 2019

Gregor Santner

Markor v2.2 - Presentations, Voice notes, Markdown table editor

Markor v2.2 update is out! Get the update from F-Droid, Google Play or GitHub!
Continue reading to find out what’s new, improved and fixed in this update.

Create Presentations with Markor & Markdown

Markor makes creating presentation slides with plaintext faster & easier than ever.
Presentations can be exported & shared as PDF & HTML. This means you can create & prepare for presentations fast with Markor, open it on a PC or share it via E-Mail & WhatsApp.

The example presentation (as seen in the video) is bundled with Markor. Press the + button at the file browser to create a new file, select the presentation-beamer.md template and you get the whole Abed Nadir presentation.
It’s the easiest way to start your presentation as most common slide styles are included. (Like custom slide background color & image, centered image, bullet points, title only slides, ..)

Excerpt of the presentation, includes information about the syntax:

---
class: beamer
---

-----------------
# Cool presentation

## Abed Nadir

{{ post.date_today }}

-----------------
## Slide title


1. All Markdown features of Markor are **supported** for Slides too
2. Start new slides with 3 more hyphens (---) separated by empty lines
3. End last slide with hyphens too
4. Slide backgrounds can be configured using CSS, for all and individual slides
5. Print / PDF export in landscape mode
6. Create title only slides (like first slide) by starting the slide (line after ---) with "# title"


-----------------
## Slide with centered image
* Images can be centered by adding 'imghcenter' in alt text & grown to page size with 'imgbig'
* Example: `![text imghcenter imgbig text](a.jpg)`

![imghcenter imgbig](file:///android_asset/img/flowerfield.jpg)


-----------------

Audio Recording / Voice Notes

Add voice notes to your documents (all formats)! You can find the audio recording option in the attachment menu.

Highest priority: Privacy!
Audio recording is always started and stopped manually by the user!
Audio recording requires the audio recording permission, it must be granted before recording can start.


  • Play the recording prior to saving with the left button
  • Starts and stop audio recording with the right button. If you did a spelling error and want to re-record just press the record button again. Only the last recording will be added to the document
  • Markor will suggest a time based filename for saving but you can choose any filename (*.wav) you want
  • Markor inserts the audio recording with HTML syntax. You can listen to it at Markor’s View Mode

Create Markdown tables fast

There is now a easy way to add tables to your Markdown documents!
Use the new editor table button to add tables!

  • Long press the table button to start a table (=create table header)
  • Short press the table button to add a new row to the table
  • You can choose the amount of columns as you wish. Max 5 recommended.
  • The last used column count is highlighted

Notice: Markdown tables must always have a header (---|---|---). If you don’t need the header text, remove the line above the header ( | | ).

Other new features, enhancements & bugfixes

Notice: Development changelog is always available from GitHub. See the commit history for code changes.

  • Added Presentations & Slides with Markdown
  • Added audio recording dialog which allows to add voice to documents. Manual interaction required to start & stop voice recording. Voice recording permission required for this feature
  • Added editor button to create Markdown tables
  • Markdown Footnotes support added
  • Added attachment button for all formats (insert color, link, image, file, audio, date)
  • Date/Time button long press now inserts text with last used format
  • Improved SD Card reading & writing
  • Added option to File-import-dialog to import to notebook instead of current folder
  • Reordered editor buttons so global actions are on same position at all formats
  • Source code highlighting for View mode
  • Added settings option to enable experimental features
  • New experimental feature: Convert epub to plaintext and replace current text with ebook
  • New experimental feature: Speed Reading for (text from) edit mode
  • New Special Keys option: Indent / Deindent current line
  • Copy textfile to clipboard from file browser
  • Added highlighting todo.txt due dates
  • Long press the todo.txt date button to insert due date
  • Sepia editor theme

October 26, 2019 22:00

October 24, 2019

Fairphone

October 23, 2019

Purism

Supplying the Demand

Thank you all for the continued support and remarkable demand for the Librem 5.

As we’ve shared earlier, we are iterating through shipping batches. The purpose of doing so is to increment and improve with each batch toward mass production and share that story publicly. As a result, these earlier batches are limited in quantity as we move toward mass production. Publicly releasing iterated hardware at this level of transparency is extremely uncommon, but in nearly everything we do we try to lead by example. Forming as a Social Purpose Corporation, open sourcing all our software, having PureOS be FSF endorsed, securing the lower layers of computing, or manufacturing a revolutionary mobile phone from scratch… all have required sacrifice but are well worth it to provide people with a values-driven alternative to Big Tech.

Demand for Early Batches

A surprising amount of people wanted “the earliest batch possible” even understanding that Aspen and Birch will have known issues. It has been inspiring to learn that thousands of people want early iterations. It shows that even with a not-yet-mass-produced device, our supporters want to have and own a phone that fully respects their freedoms and are willing to accept being an early adopter and all that goes with that.

We intended on the second revision of Aspen (black case) getting into the hands of backers, but due to the results of quality control tests against RAM clocking at full-speed (consuming power and generating heat), we made the decision to move those backers to Birch and deliver the rest of Aspen to developers and staff. This issue will be corrected and tested prior to the shipping of the Birch batch. As we progress toward the larger (but still limited) Birch batch we can already see the writing on the wall; we have more demand for early batches than the supply planned until we reach mass production.

We know that many of you have been frustrated by the lack of public updates around the Aspen batch until now, and we hear you. We are trying to balance the myriad (but imminently solvable) challenges of perfecting the Librem 5, with the aim to update all of you with detailed updates as early and often as we can.

Please continue to be patient. You will get your Librem 5. It’s just a matter of iterating through the supply toward mass production to meet the demand. Your support and understanding as we’ve designed and built this revolutionary mobile phone from schematics on up has been much appreciated.

Purism Delivers

As a quick recap of all we’ve done, which should showcase that we have a long history of delivery and industry uncommon transparency:

The demand for the Librem 5 is immense and we appreciate all the excitement and interest. We are excited too! Purism was founded with the goal of creating the Librem 5 and our focus now is on delivering it. This is no easy task, but we’re devoted to this cause.

Batch Updates

As we approach the Birch delivery window, we are also able to share some greater detail on each batch, current known issues, and our roadmap.

Librem 5 Aspen has three primary known issues, first is thermal throttling, second is unoptimal antenna routing, and third is CPU placement for thermal dissipation. (NOTE: Thermal throttling is solved by additional kernel development via software update). Shipping of Librem 5 Aspen devices has concluded. Shipping resumes with the Birch batch.

Librem 5 Birch has two known issues, thermal throttling, and CPU placement for thermal dissipation. (NOTE: Again thermal throttling is solved by additional kernel development via software update). All Librem 5 Birch devices are expected to ship before November 26th, however due to a delay the beginning of the shipping window (October 29th) will now be moved to November 15th.

Librem 5 Chestnut has one known issue, CPU placement for thermal dissipation. There is no current expected delays in delivery; before December 31st.

Librem 5 Dogwood already has board design changes to route the CPU to the inner side which will allow for improved and direct thermal dissipation through the aluminum chassis. By solving issues from Aspen, Birch, and Chestnut the Dogwood batch has no known issues at this time. The Librem 5 Dogwood is currently our test batch before mass production and there are no expected delays in delivery.

Librem 5 Evergreen is our mass production batch and there are no expected delays in delivery.

We will assign customers to particular batches as each phone is tested and ready to ship. Once a particular customer’s order is ready to ship, we will contact them to confirm their batch preference and get final shipping details.

Thank You

We’d like to thank everyone for the continued support and excitement for what we do. We wouldn’t have accomplished everything we have and be on the cusp of disrupting the smartphone market if it wasn’t for every single one of you.

The post Supplying the Demand appeared first on Purism.

by Todd Weaver at October 23, 2019 15:04

October 22, 2019

Purism

PureBoot Best Practices

PureBoot is our cutting-edge secured boot process that combines a number of technologies including:

  • Neutralized and Disabled Intel Management Engine where only the code absolutely essential for the system to boot is left in the ME.
  • Coreboot the free software BIOS replacement.
  • A Trusted Platform Module (TPM) chip.
  • Heads, our tamper-evident boot software that loads from within coreboot and uses the TPM and the user’s own GPG keys to detect tampering within the BIOS, kernel, and GRUB config.
  • Librem Key, our USB security token that integrates with Heads to alert the user to tampering with an easy “green light good, red light bad” process.
  • Integration between the Librem Key and LUKS disk encryption so you can unlock your disk with your Librem Key.

Recently we started offering the PureBoot Bundle–PureBoot installed and configured on your laptop at the factory and bundled with a pre-configured Librem Key so you can detect tampering from the moment you unbox your laptop. It’s been great to see so many customers select the PureBoot Bundle and now that PureBoot is on so many more customer laptops, we felt it was a good time to write up a post to describe some best practices when using PureBoot.

If you are just getting started with PureBoot and want to know the basics, check out our Getting Started Guide for pointers on what to do when you start up your PureBoot Bundle for the first time. In this post I’ll assume you have already gone through the first boot and first reboot of your laptop and have settled into daily use.

Create Your Own Keys

To make PureBoot easier to use, from the factory we default to well-known and weak PINs for the TPM, GPG user PIN and GPG admin PIN. We recommend that once get your laptop and perform the initial boot, that you change the TPM, GPG admin and GPG user PINs to something unique. We document that process here.

We also generate unique GPG secret keys for each customer directly on the Librem Key, and store the corresponding public GPG key on a USB drive we ship with the laptop. Purism doesn’t back up these private keys when we generate them, so the private keys only exist on your specific Librem Key. For the average user who only intends on using the GPG key on the Librem Key for tamper detection, the factory-provided key should work fine required you trust Purism. The beauty of PureBoot, though, is that you aren’t required to trust Purism to be secure.

If you would like to replace the factory-provided GPG key with your own GPG key, or you intend on using the Librem Key for other GPG operations like signing email, and not just for tamper detection, you can follow the steps documented here to generate a new GPG key and replace the existing keys with your own.

Update Software With Packagekit

By default PureOS uses Packagekit, integrated with Gnome Software, to perform software updates. If you’ve ever been prompted by the default PureOS desktop to reboot and install updates, this is Packagekit. While you can certainly use other tools (including apt on the command line) to update PureOS, Packagekit offers some additional benefits when you use PureBoot, in particular when it comes to avoiding false positives.

PureBoot alerts you whenever any existing file in /boot changes. This means that any time you update software that changes files in /boot (such as with kernel updates or other system updates that might update the initrd file under /boot), PureBoot will issue an alert the next time you reboot. The easiest way to tell the difference between actual tampering of files in /boot and changes caused by package updates is to re-sign all of the changed files in /boot immediately after they change. The more time that goes by between the legitimate changes and a reboot, the better the chance you will forget about that software update and may interpret a harmless alert about changes in /boot as an attack, or dismiss an alert about a legitimate attack because you assume it’s related to a software update.

If you use Packagekit to perform your updates, the process goes something like this:

  • Tell Packagekit to reboot and apply updates
  • The computer reboots
  • PureBoot confirms the firmware and /boot files have not been tampered with and boots into PureOS
  • Packagekit applies updates in a restricted environment and then reboots again
  • If Packagekit changed files in /boot, PureBoot will alert you

Since you know the changes occurred only during this Packagekit update window, you can reasonably conclude the changes were caused by Packagekit. Then you immediately re-sign all files in /boot before booting into your OS, thereby sealing the current known good state in a trusted environment. If you get an alert about files changing in /boot at a later date, you have a stronger reason to be suspicious.

Traveling With PureBoot

Traveling presents a higher-than-normal risk for tampering, because you are more likely to leave your laptop unattended in an unfamiliar area strangers have access to, potentially for extended periods of time. Whether it’s for relatively brief periods of time during customs or other security checks, or more extended periods of time if you leave your laptop in your hotel room, PureBoot can help give you piece of mind when your laptop is out of your hands as long as you follow a few best practices.

Travel Best Practice 1: Keep Your Librem Key With You

When you turn on your laptop, PureBoot proves that it hasn’t been tampered with by sending a special code over USB to your Librem Key. If the code matches what the Librem Key itself generated, the Librem Key blinks green, notifying you the computer is safe, otherwise it blinks red. This procedure works because you keep your Librem Key with you so even if an attacker tampers with the laptop they can’t tamper with the Librem Key. If you leave both your laptop and your Librem Key at your hotel room, an attacker could potentially reset both devices (or guess your PIN) and you may not notice until it’s too late. Whenever you leave your laptop unattended, unplug your Librem Key and put it in your pocket or purse.

Librem Key Tip: If you wear jeans, you may not know that they have a custom “Librem Key pocket” just above the larger front-right pocket! It’s the best place to store your Librem Key, as long as you remember to remove it before your jeans go in the wash.

Travel Best Practice 2: Don’t Add/Remove/Update Software While Traveling

Because travel presents a larger risk of tampering, you want to make sure to remove as many false positives as possible, so that if PureBoot does detect tampering, you know to be suspicious. One of the biggest causes of false positives with PureBoot is from software updates, so if you need to install, remove, or update software, do it before you travel. Then before you leave, reboot the laptop and boot back into your OS to ensure that PureBoot does not detect any tampering. While you are traveling, try to avoid making changes (in particular software changes) to your laptop. That way if PureBoot does detect tampering either during traveling or right when you return, you have a strong reason to suspect tampering.

Travel Best Practice 3: Power Off Your Laptop When Unattended, Don’t Suspend

Librem Laptops encrypt the hard drive by default, and hopefully if you reinstalled a different OS, you also enabled disk encryption. When your laptop is suspended, an attacker with enough time alone with your machine can attempt a “cold boot attack” to retrieve disk encryption keys and other secrets from RAM. Beyond that, if your login password is weak, or you disabled screen locking when resuming from a suspended state, an attacker will have an easier time tampering with your machine if it’s suspended. By powering off your laptop whenever it’s unattended, you ensure that the attacker has to crack your disk encryption password before they can tamper with anything.

By powering off your laptop whenever it’s unattended, it means that when you return to your laptop, you will power it on and PureBoot will be able to test the system for tampering. If PureBoot does detect tampering, you will have a better chance of pinpointing when it happened since you are testing the system each time you use it.

Set Up Two-Factor Disk Unlocking

One of the final pieces of the PureBoot technology stack is the use of the Librem Key to enable multi-factor authentication to unlock your disk. This means that instead of typing in a passphrase to unlock the disk, you can use a combination of your Librem Key (something you have) and your Librem Key GPG user PIN (something you know) to unlock the disk. This is not only more secure, it’s also more convenient. This means you can set a very long, difficult passphrase as your fallback disk unlock passphrase, and potentially set a somewhat easier-to-type GPG unlock PIN that you use to unlock the disk normally.

We do not yet enable this feature in PureBoot by default, but if you would like to set up two-factor disk unlocking, we have created a script for PureOS and Debian that can help automate the process while we work with upstream providers to included this functionality in Debian and PureOS by default. In the meantime you can read our guide here on how to download and use our script to enable this feature.

Conclusion

We’ve been very pleased to see so many people use PureBoot. We believe it’s one of the best (and one of the few) ways to provide high security on laptops while giving you full control over all of the keys. By following these best practices you can get the most out of PureBoot. If you’d like to read more, check out our full PureBoot documentation.

The post PureBoot Best Practices appeared first on Purism.

by Kyle Rankin at October 22, 2019 01:57

October 17, 2019

/e/ foundation

Leaving Apple & Google: /e/OS on 3 new smartphones, Announcing the “mail-in” flashing service & Special Gift for the 500th /e/ smartphone order!

Leaving Apple & Google:
– /e/OS on 3 new smartphones,
– Announcing the “mail-in” flashing service
– Special Gift for the 500th /e/ smartphone order!

/e/ OS is available on 3 new smartphones

Three new smartphones are now supported by /e/OS this week!

– Samsung Galaxy A5 (2016) (a5xelte)
– Xiaomi Redmi Note 7 Pro (violet)
– Xiaomi Mi 8 (dipper)

Download, flash, test and report issues if any:
https://doc.e.foundation/devices/

Announcing the /e/ “mail-in” flashing service!

Don’t know how to flash your smartphone with /e/ OS, or don’t have time?

Send it to us, and get it back brand-new flashed a few days later!

About to launch under beta…
More information very soon…

Be the 500th to order an /e/ smartphone and get a special gift!

3 months ago, we have started to sell smartphones with /e/ OS pre-installed. Close to 500 users already got theirs.

Be the 500th purchaser and you will get a special hoodie!

Learn more about this operation at:
https://e.foundation/be-the-500th-to-order-and-win-a-e-sweatshirt

A reminder: you can now increase your storage at ecloud.global!

We are offering 64, 128 and 256GB of extended storage space, with convenient monthly or yearly payments. To subscribe, just connect online to your /e/ account.

In the File tab, locate the button underneath your current storage usage progress bar, and click ‘Increase Storage Size’

https://ecloud.global

How to contribute and support the /e/ project?

We are often asked how to contribute to the /e/ project and we are pleased to answer this question because users’ contributions are key to the success of an ambitious project like ours.

Now is the good time! There has never been that many questions and comments about user’s data privacy, Google, Apple and alternatives to regain control over data privacy… The timing is great and you can contribute in many ways

Test /e/OS, report bugs, contribute to patches!

Anyone is really welcome to report issues with /e/OS, and possible solutions. Just make sure you can reproduce the problem, post appropriate context information, possibly some “logs”, and ideally… a solution 🙂

Help others! Join the global community!

We have a growing community of users who are discussing their experience with /e/OS. Join now, you will be able to help others answer common or uncommon questions they have about /e/:

Join /e/ Community Forum
Join the Support Channel

Join discussions, spread the word!

It’s important to share your experience on our forums, tell us about what you like, your frustrations… It helps us to identify improvements for the product and make it a Premium mobile ecosystem.

Also, please share the word! Every day, new users discover /e/ and love the project. We need all forces to ensure that as many people as possible learn about the project. We can’t count on mainstream media for this!

So share with friends and your community channels, talk about /e/ on social media, say why you like it!
You can also share what we post on Mastodon and Twitter

Contribute financially

With your help, we can support a growing team of passionate contributors, keep /e/ completely independent and make /e/OS sustainable over time.

Every donation helps the project to pursue additional developments, rent servers for compilation, rent servers to host your e.email account or the community forum, pay for domain names and other key expenses amongst other things.

If you can afford a recurring donation, become a /e/ Patron!

Otherwise, choose from the different donations options, and get a reward in return!

Subscribe to our Telegram announcement channel to get latest news!

Follow us on Twitter and Mastodon: @e_mydata

by Samuel Cazin at October 17, 2019 04:34

October 16, 2019

/e/ foundation

Be the 500th to order and WIN A /e/ Sweatshirt!

Will you be our #Lucky500th?

We are so close to celebrating a new milestone: our 500th /e/ equipped smartphone finding a home.

And since none of this would be possible without our dedicated users, our 500th order will receive an /e/ hoodie as our thanks!

WE HAVE LIMITED QUANTITIES IN STOCK SO DON’T WAIT!

All our smartphones ship with a set of brand new and original accessories: charger, usb cable and an in-ear headset

by Samuel Cazin at October 16, 2019 15:32

Purism

Librem 5 Aspen Batch – Photo and Video Gallery

Librem 5‘s from the Aspen batch have started shipping to early backers so we’ve done a roundup of some of the best photos and videos shared by us and others as well as some never seen before photos.

Photos

Black Anodized Aluminum Chassis

The Librem 5 case has evolved to a black anodized aluminium shell (with non-metal backing to keep radio reception quality high) with flush, easy-to-slide hardware kill switches.

From the Factory Floor

The Purism factory is ready to ship thousands of Librem 5s to backers over the coming months.

Shell and Applications

Just look at how great PureOS with GNOME and our default applications look on mobile!

Updating PureOS

PureOS is secure and easy to update for any user.

In the Wild

People have been using their Librem 5 while traveling, working and relaxing to connect to WiFi hotspots, browse the internet, use social media, play games and yes… to call and send text messages.

Videos:

If you are looking to see the Librem 5 in action, we’ve got you covered.  Including a hands-on (and hardware teardown) from “The Linux Gamer” featuring our CEO, Todd Weaver.

  • Purism: The Librem 5 Now shipping on Archive.org and YouTube.
  • Purism: Librem 5 Hardware Kill Switches on Archive.org and YouTube.
  • Purism: Librem 5 First Run Walk-through on YouTube.
  • The Linux Gamer: I got my hands on the Librem 5 Phone on YouTube.
  • The Linux Gamer: Librem 5 teardown with Purism CEO Todd Weaver on YouTube.

We will continue to share more media and stories from other users as they roll in. Thank you to our community for the support and excitement for helping us make a private, secure and open Linux smartphone!

 

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the people—stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

The post Librem 5 Aspen Batch – Photo and Video Gallery appeared first on Purism.

by Purism at October 16, 2019 15:19

Halo Privacy partners with Purism

SAN FRANCISCO, Calif. & SEATTLE, Wash., October 15, 2019 — Halo Privacy partners with Purism to provide best-in-class secure hardware devices to large enterprise customers in defense, aerospace, and the cryptocurrency/fintech sector.

Halo is excited to deliver solutions utilizing Purism’s industry unique security stack across Librem Laptops, the Librem 5 phone, and including the recently released Made in the USA Librem Key. This advanced security combines hardware with PureBoot, Purism’s UEFI replacement (combining coreboot, Heads, TPM, and Librem Key), to cryptographically guarantee signing of the lowest level of hardware and firmware.

Halo Privacy, combines custom managed attribution techniques with strong cryptography to secure communications from direct attack while maintaining confidentiality for a user’s identity. By integrating with the Purism suite, Halo significantly reduces the attack surface while providing strong assurance based on the integrity of Purism’s supply chain.

Building on a foundation of shared enthusiasm for privacy and control, Purism and Halo Privacy are happy to announce a partnership focused around delivering Purism hardware into Halo Privacy’s Corona & Eclipse secure communications platforms. Halo is a solutions partner with its network of Government and private sector clients. As an additional step, Halo is allocating developer resources to deliver additional functionality on Purism’s platform.

“Halo Privacy has proven to be an instrumental partner with Purism, helping shape some of the security products by getting involved in the early phases of development and product purchasing.” says Todd Weaver, Founder & CEO of Purism.

“When looking to mitigate the supply chain risk in publicly available hardware offerings, nothing compares to Purism. Delivering solutions using the foundational strength of Purism’s products provides an unparalleled level of confidence and control” says Lance Gaines, Founder & CTO of Halo Privacy.

 

About Purism:

Purism is a Social Purpose Corporation devoted to bringing security, privacy, software freedom, and digital independence to everyone’s personal computing experience. With operations based in San Francisco, California, and around the world, Purism manufactures premium-quality laptops and phones, creating beautiful and powerful devices meant to protect users’ digital lives without requiring a compromise on ease of use. Purism designs and assembles its hardware by carefully selecting internationally sourced components to be privacy-respecting and fully Free-Software-compliant. Security and privacy-centric features come built-in with every product Purism makes, making security and privacy the simpler, logical choice for individuals and businesses.

Media Contact:
Marie Williams
Coderella
415-689-4029
pr@puri.sm

About Halo Privacy:

Halo Privacy was founded by like-minded experts with many years of experience in government and industrial secure communications who believe that genuine privacy is still possible. The Halo approach to securing privacy goes beyond just hardware and technology. A keen understanding that the greatest threats to privacy are often human, coupled with the know-how to assume an attacker’s perspective, have allowed Halo to protect the most sensitive information for grateful clients in the government and private sectors. Through a combination sophisticated intelligence tradecraft, streamlined training and proprietary disruptive technology, Halo offers every client a tailored privacy solution. For customers from government entities to corporations to family offices seeking a low profile, we place a secure “Halo” around our clients’ smartphones, laptops, smart homes and businesses that protects the information, intellectual property and personal privacy of everyone and everything inside the “Halo.” Simple training and concierge-level staff support ensure frictionless client use of the Halo systems. In fact, anyone who can manage email and a smartphone is already savvy enough to communicate securely within the Halo.

For more information, please contact: press@haloprivacy.com

The post Halo Privacy partners with Purism appeared first on Purism.

by Purism at October 16, 2019 14:50

October 11, 2019

FreeYourGadget

Gadgetbridge 0.37.0: Makibes HR3 support, and finally Amazfit Bip Lite (NOT RECOMMENDED)

Gadgetbridge 0.37.0 has been released and will appear on F-Droid soon!

One highlight is Makibes HR3 support was contributed by Lukas Schwichtenberg. Thank you Lukas for the great work.

We also managed to support the Amazfit Bip Lite, but just like with the Mi Band 4 support, unfortunatly this sounds better than it is.

WE CANNOT RECOMMEND THIS DEVICE TO OUR USERS, SINCE YOU HAVE TO INSTALL MI FIT SOMEWHERE, CREATE AN ACCOUNT AND GET A DEVICE SPECIFIC AUTH KEY FROM MI FIT ON A ROOTED PHONE

Other methods then the above might exist, but in the end you need Mi Fit with an account once, then get hold of your secret auth key, and input that in Gadgetbridge.

There are some contradicting claims about the Bip Lite, so it might be possible to pair without a key. If that should be the case, we will release an update.

As always, we want to remind you that we will move completely to Codeberg this autumn. The wiki can already only be updated there, while all wiki changes will be mirrored to github. Please create a Codeberg account, if you want to modify the wiki or if you want your issues/PRs and comments to be properly assigned to you again on Codeberg.

The reason for the move in one sentence: A free project deserves a free home!

For user-facing changes since the last blog post, check the following list.

Version 0.37.0

  • Initial Makibes HR3 support
  • Amazfit Bip Lite: Inittal working support, firmware update is disabled for now (we do not have any firmware for testing)
  • Amazfit Cor 2: Enable Emoji Font setting and 3rd party HR access
  • Find Phone now also vibration in addition to playing the ring tone
  • ID115: All settings are now per-device
  • Time format settings are now per-device for all supported devices
  • Wrist location settings are now per-device for all supported devices
  • Work around broken layout in database management activity
  • Show toast in case no app is installed which can handle GPX files
  • Mi Band 4/Amazfit Bip Lite: Trim white spaces and new lines from auth key
  • Mi Band 4/Amazfit Bip Lite: Display a toast and do not try to pair if there was no auth key supplied
  • Skip service scan if supported device could be recognized without uuids during discovery

Version 0.36.2

  • Amazfit Bip: Untested support for Lite variant
  • Force Lineage OS to ask for permission when Trust is used to fix non-working incoming calls
  • Charts: List multiple sleep sessions per day

Version 0.36.1

  • Mi Band 2/3/4, Amazfit Bip/Cor: Add setting to expose the HR sensor to 3rd party apps
  • Mi Band 4: Really fix weather location not being updated on the Band
  • Mi Band 4: Fix call notifcation not stopping when call gets answered or rejected on the phone
  • Amazfit Bip/Cor: Support for custom emoji font
  • ZeTime: Enable emoji support
  • ZeTime: Make watch language the same as the phone language by default
  • New status and alarms widget
  • Fix crash when entering notification filter settings
  • Make diagram settings accessible from charts activity
  • Add option to hide the floating plus button in the main activity
  • Fix a potential crash on Android 4.4 KitKat

by Andreas Shimokawa at October 11, 2019 22:00

October 07, 2019

Guardian Project

IOCipher 64-bit builds

IOCipher v0.5 includes fulil 64-bit support and works with the latest SQLCipher versions. This means that the minimum supported SDK version had to be bumped to android-14, which is still older than what Google Play Services and Android Support libraries require.

One important thing to note is that newer SQLCipher versions require an upgrade procedure since they changed how the data is encrypted. Since IOCipher does use a SQLCipher database, and IOCipher virtual disks will have to be upgraded. That can be done by directly using the SQLCipher migration method on your IOCipher database files before opening them again. It should be possible to stick with SQLCipher v3.5.9 to avoid this, but this has not been tested.

October 07, 2019 00:00

October 05, 2019

Pine 64

October Update: PineTime, Delays and Shipping News

This month’s update will be slightly shorter than usual – I have been dealing with some health issues recently, which significantly reduced my time to actively engage with the community. Hopefully I’ll make it up to you in November. September has been a bitter-sweet month for us. On the one hand, we’ve seen a lot of great developments: the first Pinebook Pros have reached their owners...

Source

by Lukasz Erecinski at October 05, 2019 23:52

October 02, 2019

This Week in F-Droid

Testing helps get updates out

After a few month hiatus, our staging setup for the complete buildserver is again running, thanks to the Reproducible Builds team who host that infrastructure. These Continuous Integration (CI) jobs create a complete buildserver from scratch once a week based on the current source code (e.g. master). This buildserver instance is then used to build all apps that have not yet been built on this machine. Getting these CI jobs running again pointed us to a key issue that was blocking the publishing of updates for over a week.

We often get questions about how people can contribute to F-Droid. One less visible but nonetheless important way to contribute is monitoring these CI jobs and then troubleshooting the cause. All of these server setups are automated, and all of the software that run f-droid.org are free software.

Anyone can follow the CI tests, the official tests for the build and publish process are all listed on the fdroidserver project README. And then we welcome merge requests to fix the issue, filing an issue to report and track the problem, or even discussion of the problem in our chat room.

by eighthave at October 02, 2019 00:00

September 30, 2019

Fairphone

September 27, 2019

/e/ foundation

Protected: Building the 3rd mobile ecosystem” – /e/ project update Q3 2019

This content is password protected. To view it please enter your password below:

by admin at September 27, 2019 08:06

September 25, 2019

Purism

Purism & Linux 5.3

Following up on our report for Linux 5.2, here’s a list of Purism’s contributions for the 5.3 cycle Linux kernel. We contributed 12 patches, which include the Librem 5 devkit device tree and a driver for the i.MX8MQs D-PHY.

Librem 5 devkit device tree

Besides the kernel sources, the Linux git repository contains device tree files for all different kinds of hardware. These are not only used by the kernel itself, but also incorporated in other projects like U-Boot: they let the software know what the hardware looks like. We need it to bind the correct drivers, initialize clocks, assign the correct address ranges, interrupts, pin muxes, pad configs–and lots of other things. As of Linux 5.3, the Librem 5 devkit hardware description is supported in mainline Linux:

Device tree parts are usually only added to components that have working drivers. Since not all display subsystem drivers are merged yet (see below), the current device tree does not (yet) describe the display hardware; it will be added once the drivers are merged. However, the current device tree is enough to boot the board from eMMC or network and supports WiFi, modem and different kinds of sensors.

Following the initial merge, we enabled the power key in device tree:

Support the i.MX8MQ’s MIPI D-PHY

Getting a picture out of an LCD panel, on a modern smartphone like the Librem 5 using MIPI DSI, involves several components. The driver for the MIPI DSI LCD panel sits at the very bottom of the stack, and is panel-specific (it was mainlined last month). The other components usually reside on the SoC itself; in the case of the Librem5 and its devkit, an i.MX8MQ. These components are:

  • The MIPI D-PHY, that interfaces with the panel–in the i.MX8MQ, the IP core comes from Mixel.
  • The MIPI DSI host controller driver, an IP core from Northwest Logic; it outputs to the D-PHY.
  • The display controller, that feeds the display data to the DSI host controller. i.MX8MQ has two of them: the Display Controller Subsystem (DCSS)–which can also handle DisplayPort and HDMI–and the simpler eLCDIF.

From the above components, only the eLCDIF had a mainline driver (called mxsfb) and so, in order to get the LCD going, we contributed the Mixel D-PHY driver for 5.3:

Which leaves us only with the MIPI DSI host controller driver (currently under review) and some i.MX8MQ patches (specific to mxsfb) to get a picture on the LCD with a mainline kernel. Many thanks to Robert Chiras, Fabio Estevam, Sam Ravnborg and Kishon Vijay Abraham I for reviewing, testing and merging this driver! Robert is also the author of the D-PHY driver in NXPs BSP, on which we based this driver.

The above is not enough for 3D acceleration, though; we need the etnaviv kernel driver for the Vivante GPU, but the necessary changes will be the topic of another blog post.

Mainlining the DCSS driver will also be a huge effort… but NXP wants to look at it, so hopefully we will get both display port and HDMI support in mainline Linux in a not too distant future.

More hardware support

We added support for the BroadMobi BM818 M.2 card, one of the possible modems for the Librem 5:

We fixed a typo in the docs:

And added irqsteer to the i.MQ8MQ device tree, a component needed for DCSS (see above):

 We also contributed two reviews to published patches.

Again, many thanks to all the reviewers so far! And stay tuned, for there is more coming soon concerning the Linux 5.4 kernel.

The post Purism & Linux 5.3 appeared first on Purism.

by Guido Günther at September 25, 2019 09:09

September 24, 2019

Purism

First Librem 5 Smartphones are Shipping

SAN FRANCISCO, Calif., September 24, 2019 — The first Librem 5 smartphones roll off the assembly line and ship to customers.

Earlier this month, Purism announced an iterative, transparent shipping schedule for the highly anticipated Librem 5, security and privacy focused smartphone. Today’s shipment marks the beginning of that process, with more Librem 5s to ship in the coming shipment batches.

“This is a big moment,” stated Todd Weaver, founder and CEO of Purism. “Not just for us as a company, but for everyone concerned about issues of privacy, security, and user freedom. The Librem 5 represents years of work, building the software and hardware required to make this phone a reality.”

Everyone who pre-ordered the Librem 5 smartphone will be receiving an email letting them know which shipping batch — and what shipping date window — they are scheduled for, before we prepare each batch for shipment.  You can find more details in the batch shipping announcement and the FAQ.

“Seeing the amazing effort of the Purism team, and holding the first fully functioning Librem 5, has been the most inspirational moment of Purism’s five year history,” stated Todd Weaver.  “It has taken nothing short of each and every teammate devoting their expertise in earnest to get to where we are, plus a community of remarkable people who understand that we must succeed in creating a phone that offers society complete control and ownership to fully respect them as humans. This is what the Librem 5 stands for and in my humble view is a phone that represents the largest of visions shouting from the rooftops, ‘I will not give up my freedom!’  This is a personal note of thanks to the Purism team, the backers who have supported us overwhelmingly every step of the way, and the community who has volunteered from spreading the word, shared ideas, bought phones, and developed immense amounts of code.”

About Purism:

Purism is a Social Purpose Corporation devoted to bringing security, privacy, software freedom, and digital independence to everyone’s personal computing experience. With operations based in San Francisco, California, and around the world, Purism manufactures premium-quality laptops and phones, creating beautiful and powerful devices meant to protect users’ digital lives without requiring a compromise on ease of use. Purism designs and assembles its hardware by carefully selecting internationally sourced components to be privacy-respecting and fully Free-Software-compliant. Security and privacy-centric features come built-in with every product Purism makes, making security and privacy the simpler, logical choice for individuals and businesses.

Media Contact:
Marie Williams
Coderella
415-689-4029
pr@puri.sm

 

The post First Librem 5 Smartphones are Shipping appeared first on Purism.

by Purism at September 24, 2019 20:46

September 21, 2019

Purism

Software Freedom Day

Today we celebrate software freedom!

In case you haven’t heard of it before, “software freedom” is a commitment made by programmers: to release apps in a way that always benefits the everyday user. A “free software” application upholds these four essential freedoms, defined by the Free Software Foundation:

  • The freedom to run the program as you wish, for any purpose

  • The freedom to study how the program works, and change it so it does your computing as you wish; access to the source code is a precondition for this

  • The freedom to redistribute copies, so you can help others

  • The freedom to distribute copies of your modified versions to others; by doing this, you give the whole community a chance to benefit from your changes (access to the source code is a precondition for this)

As part of its social purpose charter, all software released by Purism is free software. That means our software includes a lot of free software created by others–thank you!

We make this commitment with a “free software license” that formally grants these freedoms. This means you don’t need to ask us permission to use our software–you already have it. If you are a programmer, you are free to tweak or even overhaul an application. If you are a consultant, you are free to provide supporting services. If you are an everyday user, you are free to choose whoever you like to provide programming and other services, or even learn how to do it yourself.

There’s a veritable rabbit-hole of information about the software freedom movement out there

But here are four simple actions you can take today to support software freedom:

  1. Join or donate to the Free Software Foundation. They originated, and continue to spearhead, the free software movement. In many ways they foresaw the troubles with digital civil rights that we have today; giving them a louder voice will very likely help forestall more troubles tomorrow.

  2. Buy something from Purism 😉 Whether you buy a laptop, pre-order a phone or subscribe to our services, your support funds our ongoing efforts to advance software freedom and safety.

  3. Try out some free software! Here are some great options:
  4. Switch to copyleft. If you are a programmer and lead a project that uses CC-BY, MIT or Apache-2.0, consider switching to CC-BY-SA-4.0, GPL-3.0-or-later or AGPL-3.0-or-later. Any free software license is good, but a copyleft license is better because it enshrines the four freedoms for your users. This is also applicable to commercial software. Our own software uses copyleft licenses by default–it’s just one of the ways we put the user in control. You can dive into the weeds at copyleft.org.

That’s it–feel free to use, study, modify, distribute and share free software. Happy software freedom day, and may the source be with you!

The post Software Freedom Day appeared first on Purism.

by David Seaward at September 21, 2019 06:17

September 20, 2019

Purism

Mirrors for Speedier Downloads

To put it briefly, PureOS provides ISO images and packages for download. Recently, we’ve seen increased traffic on our download site, and we expect that traffic to grow. We’re hoping to address increased traffic with mirrors for both package updates and downloads.

We’re very happy to announce that Sonic, a highly-ranked and privacy-respecting ISP, has offered to host a mirror for PureOS. This will alleviate some of the traffic, especially for those in North America, without compromising security. The security of the packages remains guaranteed by our signatures; the mirror simply holds another, identical set of packages, signed with Purism’s key.

The mirror is easy to use. For example, if you’d like to use the mirrors for downloading an image, simply use this URL: https://mirrors.sonic.net/pureos/downloads/. And here’s the link to the most recent GNOME Live build.

If you’d like to use the mirror for your packages, you have two choices:

1. use the command line to edit your /etc/apt/sources.list
2. use Software to add the mirror URL

The first choice is pretty quick and easy. In the terminal, use your favorite text editor to edit this file, /etc/apt/sources.list, and insert the following line:

deb https://mirrors.sonic.net/pureos/repo/pureos/ amber main
deb https://mirrors.sonic.net/pureos/repo/pureos/ amber-updates main
deb https://mirrors.sonic.net/pureos/repo/pureos/ amber-security main

Then run and apt-get update, and you should be all set.

If you prefer to use the Software tool, simply open Software. You can find it among the apps, by going to the upper left-hand corner of the desktop and clicking on “Activities”; then “Show Applications”, which is the last icon in the dock usually–a collection of nine squares.

Once you see all your apps you can either search for “Software” or scroll down a bit until you see it. And once the first “Software” is open, go to the menu on the top bar where it says “Software” again. There, the drop-down menu will show you an entry for “Software repositories”–and that is where we’ll make our changes, in order to use the new North American mirror. Appropriately enough, once you’ve clicked on the Software repositories menu entry you’ll see the “Software & Updates” screen. In the “Other Software” tab you can enter the new mirror’s URL by clicking on the “Add” button in the bottom left. Now, enter this entire line:

deb https://mirrors.sonic.net/pureos/repo/pureos/ amber main
deb https://mirrors.sonic.net/pureos/repo/pureos/ amber-updates main
deb https://mirrors.sonic.net/pureos/repo/pureos/ amber-security main

You’re almost done. Hit the “Add Source” button and authenticate with your password. Finally, hit “Close” then “Reload” and you should have a snappy, speedy new mirror for your packages.

Packages are updated four times a day on the mirrors and more can be done if necessary, but this will be more than enough for now. Enjoy! And thank you very much to Sonic.

The post Mirrors for Speedier Downloads appeared first on Purism.

by jeremiah foster at September 20, 2019 17:33

September 18, 2019

Purism

SIM Application Toolkit: Avoid Being Exploited

Technologies are often created with good intent, to make our life easier, to solve problems in a convenient way. The Management Engine in Intel’s CPUs, for instance, was intended to make the life of admins easier. It allowed for remote access on a very low level, so they could even do complete remote reinstalls of a machine. And if you have to manage a large fleet of machines, distributed within a larger enterprise, this can save huge amounts of effort, time–and thus money.

Implementation details matter

Sadly, many of these technologies that were meant as good are implemented in a way that bears more harm than advantages. The ME, for example, is fully proprietary and closed. It is even undocumented in most parts, so it can not be publicly reviewed and audited. It is a piece of software, software has bugs and so has the ME implementation; the news are full of it lately.

The same is true for something that many mobile phone users are totally unaware of–the SIM Application Toolkit, also called SIM Toolkit, SAT/USAT or STK.

The SIM Application Toolkit

Its name already points to the origin: the SIM card. It is the tiny chip card you insert into your phone, to get access to the cellular network of an operator. The SIM card used to be a fairly simple device, which you can imagine as the key to unlock the access to the network: i.e., it stores a secret (a cryptographic key) along with an ID (the IMSI) and some details about the issuing operator, etc. This data set grants you access to the operator’s network.

But phones [also called handset, or ‘terminal equipment’ (TE), in mobile terms] have become more and more powerful. And setting up these cards has become more and more complicated; you need an SMS center number, details for the MMS server, mailbox dial-in number… and a lot more. All this needs to be properly set up in the mobile, to make full use of both the mobile and the network. To make this even more complicated, these details (and the way to set them up) are different from operator to operator. The process for this initial setup is (also) called provisioning. It was to make this (and other things) as convenient and least painful as possible for users that SAT was invented.

The name SAT tells us not only that it is SIM-related, but also that it contains the term application: SIM cards can, and today they usually do, indeed contain small applications or applets. They are small computers on their own, they run code, and they can indeed be programmed. Most are based on the JavaCard standard and can be programmed with small Java applets. The SAT defines a standard way to interface the SAT applets with the modem and the phone.

Here comes the tricky part

SAT applets can have access to modem traffic, especially to SMS. They can execute on the SIM card–pretty much without any knowledge from the user. SAT applets can even initiate unsolicited communication (e.g. sending SMS) and can get updated and/or changed by the operator, over the air. All this is part of the 3GPP standards. SAT applets can also interact with the user, if the handset implements the user interface parts of SAT with simple menus, limited icon display and reading input from the ‘dial pad’.

SAT applets are an important part of the provisioning by the operators, when new SIM cards get activated. But their implementation details are not public. Their code is not public, and is thus likely to contain security flaws.

The SIM Jacker and the S@T Browser

One of these flaws has just surfaced: it is called SIM Jacker, and it exploits the S@T Browser component, found in many SIM cards. It allows for exposing critical user data, like the currently connected cell tower ID. The cell tower ID can easily be matched against databases, and is pretty much equal to having a geographical position. An attacker would thus be able to locate a user–accurately enough to determine, for example, if someone is at home or not. And it must be assumed that more information about the user can very well be extracted in a similar way.

This is possible when attackers send a specially crafted SMS to a mobile. It is not visible to the user and will initiate, again without the user knowing, an automated response by the mobile. The mobile then sends it back to the attacker, exposing for example what the user cell tower ID is.

Protecting the Librem 5

Purism is actively working with its modem manufacturers in order to protect Librem 5 users from such exploits. We are also investigating how to have a configuration option: how to opt-in to SAT, if you really need it (e.g. for initial provisioning), and disable it again afterwards–in order to avoid any such forms of exploitation.

 

Discover the Librem 5

Purism believes building the Librem 5 is just one step on the road to launching a digital rights movement, where we—the people—stand up for our digital rights, where we place the control of your data and your family’s data back where it belongs: in your own hands.

Preorder now

The post SIM Application Toolkit: Avoid Being Exploited appeared first on Purism.

by Nicole Faerber at September 18, 2019 21:47

/e/ foundation

Leaving Apple & Google: /e/OS on 3 new smartphones & Premium Cloud plans now available!

Leaving Apple & Google: /e/OS on 3 new smartphones & Premium Cloud plans now available!

/e/ OS is available on 3 new smartphones

Three new high-end smartphones are now supported by /e/OS:

– OnePlus 6T “fajita”
– OnePlus 7 (beta) “guacamoleb”
– OnePlus 7Pro “guacamole”

Download, flash, test and report issues if any!
https://gitlab.e.foundation/e/wiki/en/wikis/devices-list

Need more storage at ecloud.global?

Our first Premium storage plans are available!

We are now offering 64, 128 and 256GB of extended storage space, with convenient monthly or yearly payments.
As paid storage plans are in beta, it will be limited for now to the 100 first subscribers!

To subscribe to a storage plan, just connect to your /e/ account.

In your file settings, locate the button underneath your current storage usage progress bar, and click ‘Increase Storage Size’

https://ecloud.global

How to contribute and support the /e/ project?

We are often asked how to contribute to the /e/ project and we are pleased to answer this question because users’ contributions are key to the success of an ambitious project like ours.

Now is the good time! There has never been that many questions and comments about user’s data privacy, Google, Apple and alternatives to regain control over data privacy… The timing is great and you can contribute in many ways

Test /e/OS, report bugs, contribute to patches!

Anyone is really welcome to report issues with /e/OS, and possible solutions. Just make sure you can reproduce the problem, post appropriate context information, possibly some “logs”, and ideally… a solution 🙂

Help others! Join the global community!

We have a growing community of users who are discussing their experience with /e/OS. Join now, you will be able to help others answer common or uncommon questions they have about /e/:

Join /e/ Community Forum
Join the Support Channel

Join discussions, spread the word!

It’s important to share your experience on our forums, tell us about what you like, your frustrations… It helps us to identify improvements for the product and make it a Premium mobile ecosystem.

Also, please share the word! Every day, new users discover /e/ and love the project. We need all forces to ensure that as many people as possible learn about the project. We can’t count on mainstream media for this!

So share with friends and your community channels, talk about /e/ on social media, say why you like it!
You can also share what we post on Mastodon and Twitter

Contribute financially

With your help, we can support a growing team of passionate contributors, keep /e/ completely independent and make /e/OS sustainable over time.

Every donation helps the project to pursue additional developments, rent servers for compilation, rent servers to host your e.email account or the community forum, pay for domain names and other key expenses amongst other things.

If you can afford a recurring donation, become a /e/ Patron!

Otherwise, choose from the different donations options, and get a reward in return!

Subscribe to our Telegram announcement channel to get latest news!

Follow us on Twitter and Mastodon: @e_mydata

by Samuel Cazin at September 18, 2019 16:10

September 17, 2019

Purism

A Guest Post by Evon Ho

Evon Ho, a first year Computer Science student at Southern New Hampshire University, asked us a few questions about Purism. Todd Weaver, Purism’s founder and CEO, answered them, and Evon wrote the following essay:

Purism: A Privacy Based Computer Company

It all started when Todd Weaver, Founder and CEO of Purism, realized Big Tech could not be trusted as moral guardians of his and his children’s data. The current paradigm of corporations data hoarding is, as Todd describes it, built on “a tech-stack of exploitation”–and not by accident, but by design. Companies such as Google and Microsoft–and especially Facebook–intentionally collect, store and share user data to whomever they see fit. In recent events, the California Consumer Privacy Act, which becomes effective on January 1, 2020, will make residents of California able to know what personal data is being collected about them, know whether their personal data is sold or disclosed and to whom, say no to the sale of personal data, access their personal data, request a business delete any personal data information about a consumer collected from that consumer and not be discriminated against for exercising their privacy rights. This sounds good, and it is, but not according to Big Tech. Big Tech such as Facebook hired a firm to run ads that said things like “Your next click could cost you $5! Say no to the California Consumer Privacy Act”. Big Tech does not care about privacy, they care about their bottom line. This is where Purism comes in.

Purism is a privacy focused company. Their devices, the Librem5, Librem13 and Librem15 run PureOS–a GNU/Linux distribution that puts privacy, security and freedom first, by design. It includes popular privacy-respecting software such as PureBrowser. The OS helps you “Surf the web safely without being tracked by advertisers or marketers” and allows you to easily encrypt your entire OS and data with your own encryption keys. This is huge, especially if you understand how much of your “private” data is actually being shared.

I e-mailed the company asking questions about the entrepreneurial aspects of running a computer company, expecting an employee to send over a typical pre-written list of information. To my surprise and excitement, the CEO and Founder Todd Weaver e-mailed me himself, and answered my questions. This was very inspiring.

There are quite a few entrepreneurial aspects of running a computer company. You must manufacture your own computers and design your own software. Because the software in PureOS is free software, there exists a community of paid and volunteer developers who maintain it. This is beneficial in many ways, such as it allows the code to be freely auditable and if there’s a bug it’s usually fixed fairly quickly. There are some challenges that one must overcome as well, such as delays in manufacturing and the management of growth based on cash flow–this is crucial. With dedication and perseverance, these challenges are easily overcome, and one can move onto the designing process.

To design a computer from scratch, you must have a goal in mind. Purism’s goal is to give consumers “a computer that you fully own and control”. This goal then allows them to list all the reasons why current laptops and phones cannot meet such a goal. They then look to solve each reason of incompatibility to produce a new and improved device that allows one to fully own and control their device. To fund such a company, one needs an investment of capital. Founder and CEO Todd Weaver invested his own money into the company initially, then ran crowd-funding to bring the first product to market.

Purism’s goals for the future include continuing to improve and expand their products to offer a convenient alternative that respects people and their digital lives. This is a noble and respectable goal, and I for one would love to use a Librem when I graduate Southern New Hampshire University and work as a software developer.

In conclusion, if one has a worthy goal in mind such as Purism’s privacy-first approach, nothing is impossible–not even running a successful computer company.

Thank you, Evon–we loved it, and are very proud that you chose us. Keep up the good work!

The post A Guest Post by Evon Ho appeared first on Purism.

by Purism at September 17, 2019 15:05

Fairphone