Damn Small Linux (DSL) Forums
Welcome, Guest. Please login or register.
Did you miss your activation email?
November 28, 2014, 01:33:36 PM

Login with username, password and session length
News
The new DSL forums are now open.
Stats
297841 Posts in 294159 Topics by 213 Members
Latest Member: Raffles
Search:     Advanced search
* Home Help Search Login Register
Get The Official Damn Small Linux Book. Great VPS hosting provided by Tektonic

+  Damn Small Linux (DSL) Forums
|-+  Recent Posts
Pages: 1 2 [3] 4 5 ... 10
 21 
 on: October 26, 2014, 09:41:37 PM 
Started by Veeshush - Last post by CNK
Disabling it is easy:

Edit > Preferences > Advanced > Encryption > and deselect "Use SSL 3.0" in the protocols area. I'm not too concerned about this sort of thing (if I was, I probably wouldn't be using Firefox 2 anyway), though I have just disabled SSL 3.0 because it looks like nothing uses it nowadays anyway.

Sure enough, that test website now says my browser isn't vulnerable to any stray POODLEs lurking in the interwebs (though I think the work involved in that attack would be far less than worthwhile for anyone looking at my internet data.

Actually I would rather my Email was secure than my Web browsing, though my Slypheed logs don't make it clear what encryption method is used with my IMAP accounts. I might look into that some time, but I'm still not that fussed.


As for those plugins. I'm not going to go through that web page, but the NoScript Download Page (https://noscript.net/getit) says under "Direct Download":

"Users of Firefox 2.0 and below are urged to upgrade their very unsafe browser. For those few who can't, latest legacy-compatible NoScript version is 1.10."

With a link to V. 1.10. So that's easy.

AdBlock Edge is too new for Firefox 2.0 support, but AdBlock Plus which it's based on will work if you use the old V. 1.0.2 (https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/versions/?page=2#version-1.0.2). Though funnilly enough, the Firefox website is now so broken with Firefox 2.0 that the download link doesn't seem to work.

After looking at the page's source code (one gets used to this technique after using Firefox 2 for a while these days), here's the download URL (https://addons.mozilla.org/firefox/downloads/file/51047/adblock_plus-1.0.2-fx+sm+tb.xpi).

Finally, that first web page you linked to doesn't work in Forefox 2 (it uses a later encryption method (probably TLS 1.2 or 1.1) that Firefox 2 doesn't support and for sume silly reason they haven't enabled TLS 1.0 as a fallback), so here's a link to the Google cache of the page (http://webcache.googleusercontent.com/search?hl=en-AU&q=cache:RmrAAP0cnwwJ:https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack%2Bhttps://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack&gbv=2&&ct=clnk). Though of course that means revealing to Google that you are worried about angry POODLEs, and archive.org doesn't have it archived! Ahh!!! Oh, wait, there's a link to add it to the archive... The power of collective web users triumphs again! (https://web.archive.org/web/20141026212757/https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack)

 22 
 on: October 26, 2014, 10:11:16 AM 
Started by Veeshush - Last post by fatmac
Don't forget that you can make up for difficient ram by using a swap partition.Smiley

 23 
 on: October 26, 2014, 01:01:12 AM 
Started by Veeshush - Last post by Veeshush
See: https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack

Here's a test: https://www.ssllabs.com/ssltest/viewMyClient.html


Also here's some search engines to possibly add (particularly StartPage): https://prism-break.org/en/subcategories/gnu-linux-web-search/

And some addons: https://prism-break.org/en/subcategories/gnu-linux-web-browser-addons/ But I don't know if any of them would even work on Bon Echo. My thinking is that with Adblock Edge and Noscript especially, browsing would be a lot quicker on older machines that get hung up on scripts and ads. Not as fast as Dillo, but better than nothing. Just a thought, if it's even possible.

But the main thing is that SSL 3 should be disabled.

 24 
 on: October 25, 2014, 11:24:46 PM 
Started by Veeshush - Last post by Veeshush
My plan is to use it for some of my amateur radio stuff. In particular, I am going to use it for 2 meter packet and running a 440 MHz repeater (though I've considered looking into modifying the transmit and receive boards and setting it up for the 222 MHz band).

Ah neat. You should stick some videos on Youtube of it.

What are your plans for your system? I'd like to know. DSL is really an awesome OS.

Pretty much just to keep it running. I want to pick up that DSL book on Amazon give that a look over. Personally, I just started really swapping over all my systems (except for my main, I need to get some SSDs to duel boot) with Linux cause of the post Snowden stuff. That, I'm just so tired of babysitting Windows installs, tracking down all the updates, etc. Scrubbed XP off an old box and threw Debian on once XP went End of Life. Then I got thinking about this system, I was just "why am I keeping a Win98 install?" so I threw DSL on it.

I used to like Puppy, but it has gotten to bloated for me in terms of a mini-distro.

Yeah, I could never get into Puppy.

 25 
 on: October 25, 2014, 11:07:02 PM 
Started by Veeshush - Last post by Veeshush
There's test here: https://shellshocker.net/ (I tested DSL 4.11.rc2)

Not really a surprise as every Linux distro was pretty much affected by this. If it can be patched though, it should.

Here's a Wilders thread covering Shellshock: https://www.wilderssecurity.com/threads/major-bash-vulnerability-affects-linux-unix-mac-os-x-shell-shock.368559/

 26 
 on: October 25, 2014, 10:15:28 AM 
Started by betatest3 - Last post by fatmac
What about a DSL-NG - New Generation - even if it tops out around the 100Mb mark, for the newer machines, with up to date kernels - could this be practical?
(Or even as a 64bit DSL)

 27 
 on: October 25, 2014, 09:32:40 AM 
Started by mkarcz - Last post by fatmac
The OP only has one post recorded, so I wouldn't hold your breath. :lol:

Regarding the 'up time' of Linux, you can count it in years, but it would be advisable to check it occasionally.

 28 
 on: October 24, 2014, 04:31:33 AM 
Started by mkarcz - Last post by AE7XQ
mkarcz,

You started this topic over a year ago. I don't feel comfortable bumping an old thread like this, but I would like to ask how this project worked out. Were you able to keep your system running non-stop for a year without having to shutdown? I am curious as I am setting up a system for use in controlling a 440 MHz repeater. I would like to know how long I can run my system unattended before I have to log in and do anything administrative. I thank you for your time and consideration.

To other members, I would like to say "I'm sorry" for bumping this. However, my question was in regards to the original post and thus most appropriate here.

 29 
 on: October 24, 2014, 04:26:41 AM 
Started by betatest3 - Last post by AE7XQ
Doing some thinking. Perhaps we can introduce DSL to a new type of user base. Specifically ARM devices, such as the Raspberry Pi. In truth, I don't know much regarding how ARM devices function, or what type of OS Hierarchy they require. However, I am willing to bet that it is more than just an EXT3 formatted SD card and a kernel swap. Still, I think if it was done, it might generate a little more interest in DSL.

 30 
 on: October 24, 2014, 04:21:26 AM 
Started by AE7XQ - Last post by AE7XQ
Thanks for the advice. I will look up Bash commands later. My work is briefly stalled due to a home repair issue. However, I will certainly check into that. USB stick is certainly easier than burning a CD.

Pages: 1 2 [3] 4 5 ... 10
Powered by SMF 1.1.19 | SMF © 2013, Simple Machines
Mercury design by Bloc