From kb at 2bits.com  Thu May  3 11:24:19 2018
From: kb at 2bits.com (Khalid Baheyeldin)
Date: Thu, 3 May 2018 11:24:19 -0400
Subject: [kwlug-disc] [Security-news] Drupal 7 and 8 core critical
 release on April 25th, 2018 PSA-2018-003
In-Reply-To: <CA+TuoW0i3KC9OkqTu3zY1r8sG3-TvS8AiPDhM6ZQ1SFkdC1chQ@mail.gmail.com>
References: <mailman.2411.1524503438.32134.security-news@drupal.org>
 <CA+TuoW0i3KC9OkqTu3zY1r8sG3-TvS8AiPDhM6ZQ1SFkdC1chQ@mail.gmail.com>
Message-ID: <CA+TuoW19E0hR6Ha5ofhQCbrFHjO3PUBEgR2LzmcspRi7bAZy5g@mail.gmail.com>

That last one was weaponized within hours.

https://www.bleepingcomputer.com/news/security/hackers-dont-give-site-owners-time-to-patch-start-exploiting-new-drupal-flaw-within-hours/

On Mon, Apr 23, 2018 at 3:29 PM, Khalid Baheyeldin <kb at 2bits.com> wrote:

> Another security release in two days between 12:00 and 14:00 (EDT).
>
> If you have a Drupal site, be prepared to apply it as soon as it comes out.
>
>
> ---------- Forwarded message ----------
> From:  <security-news at drupal.org>
> Date: Mon, Apr 23, 2018 at 1:09 PM
> Subject: [Security-news] Drupal 7 and 8 core critical release on April
> 25th, 2018 PSA-2018-003
> To: security-news at drupal.org
>
>
> View online: https://www.drupal.org/psa-2018-003
>
> There will be a security release of * Drupal 7.x, 8.4.x, and 8.5.x on April
> 25th, 2018 between 16:00 - 18:00 UTC*. This PSA is to notify that the
> Drupal
> core release is outside of the regular schedule [1] of security releases.
> For
> all security updates, the Drupal Security Team urges you to reserve time
> for
> core updates at that time because there is some risk that exploits might be
> developed within hours or days. Security release announcements will appear
> on
> the Drupal.org security advisory page.
>
> This security release is a follow-up to the one released as
> SA-CORE-2018-002
> [2] on March 28.
>
>   * Sites on 7.x or 8.5.x can immediately update when the advisory
> isreleased
>     using the normal procedure.
>   * Sites on 8.4.x should immediately update to the 8.4.8 release that
> willbe
>     provided in the advisory, and then plan to update to 8.5.3 or the
> latest
>     security release as soon as possible (since 8.4.x no longer receives
>     official security coverage).
>
> The security advisory will list the appropriate version numbers for each
> branch. Your site's update report page will recommend the 8.5.x release
> even
> if you are on 8.4.x or an older release, but temporarily updating to the
> provided backport for your site's current version will ensure you can
> update
> quickly without the possible side effects of a minor version update.
>
> Patches for Drupal 7.x, 8.4.x, 8.5.x and 8.6.x will be provided in addition
> to the releases mentioned above. (If your site is on a Drupal 8 release
> older
> than 8.4.x, it no longer receives security coverage and will not receive a
> security update. The provided patches may work for your site, but upgrading
> is strongly recommended as older Drupal versions contain other disclosed
> security vulnerabilities.)
>
> This release will not require a database update.
>
> The CVE for this issue is CVE-2018-7602. The Drupal-specific identifier for
> the issue will be SA-CORE-2018-004.
>
> The Security Team or any other party is not able to release any more
> information about this vulnerability until the announcement is made. The
> announcement will be made public at https://www.drupal.org/security, over
> Twitter, and in email for those who have subscribed to our email list. To
> subscribe to the email list: login on Drupal.org, go to your user profile
> page, and subscribe to the security newsletter on the Edit ? My newsletters
> tab.
>
> Journalists interested in covering the story are encouraged to email
> security-press at drupal.org to be sure they will get a copy of the
> journalist-focused release. The Security Team will release a
> journalist-focused summary email at the same time as the new code release
> and
> advisory.
> If you find a security issue, please report it at
> https://www.drupal.org/security-team/report-issue.
>
>
> [1] https://www.drupal.org/node/1173280
> [2] https://www.drupal.org/sa-core-2018-002
>
> _______________________________________________
> Security-news mailing list
> Security-news at drupal.org
> Unsubscribe at https://lists.drupal.org/mailman/listinfo/security-news
>
>
> --
> Khalid M. Baheyeldin
> 2bits.com, Inc.
> Fast Reliable Drupal
> Drupal optimization, development, customization and consulting.
> Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
> Simplicity is the ultimate sophistication. -- anonymous
>



-- 
Khalid M. Baheyeldin
2bits.com, Inc.
Fast Reliable Drupal
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
Simplicity is the ultimate sophistication. -- anonymous
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180503/21bd8299/attachment.htm>

From chamunks at gmail.com  Thu May  3 11:58:48 2018
From: chamunks at gmail.com (Chamunks)
Date: Thu, 03 May 2018 15:58:48 +0000
Subject: [kwlug-disc] [Security-news] Drupal 7 and 8 core critical
 release on April 25th, 2018 PSA-2018-003
In-Reply-To: <CA+TuoW19E0hR6Ha5ofhQCbrFHjO3PUBEgR2LzmcspRi7bAZy5g@mail.gmail.com>
References: <mailman.2411.1524503438.32134.security-news@drupal.org>
 <CA+TuoW0i3KC9OkqTu3zY1r8sG3-TvS8AiPDhM6ZQ1SFkdC1chQ@mail.gmail.com>
 <CA+TuoW19E0hR6Ha5ofhQCbrFHjO3PUBEgR2LzmcspRi7bAZy5g@mail.gmail.com>
Message-ID: <CAN4GX9Gjm7_21QHxhc-_mmkiFZaQEueV6p-nMNSusJ_tS4CMMg@mail.gmail.com>

Do we keep website snapshots of the KWLUG?  I imagine we must but I just
want to ask.

On Thu, May 3, 2018 at 11:24 AM Khalid Baheyeldin <kb at 2bits.com> wrote:

> That last one was weaponized within hours.
>
>
> https://www.bleepingcomputer.com/news/security/hackers-dont-give-site-owners-time-to-patch-start-exploiting-new-drupal-flaw-within-hours/
>
> On Mon, Apr 23, 2018 at 3:29 PM, Khalid Baheyeldin <kb at 2bits.com> wrote:
>
>> Another security release in two days between 12:00 and 14:00 (EDT).
>>
>> If you have a Drupal site, be prepared to apply it as soon as it comes
>> out.
>>
>>
>> ---------- Forwarded message ----------
>> From:  <security-news at drupal.org>
>> Date: Mon, Apr 23, 2018 at 1:09 PM
>> Subject: [Security-news] Drupal 7 and 8 core critical release on April
>> 25th, 2018 PSA-2018-003
>> To: security-news at drupal.org
>>
>>
>> View online: https://www.drupal.org/psa-2018-003
>>
>> There will be a security release of * Drupal 7.x, 8.4.x, and 8.5.x on
>> April
>> 25th, 2018 between 16:00 - 18:00 UTC*. This PSA is to notify that the
>> Drupal
>> core release is outside of the regular schedule [1] of security releases.
>> For
>> all security updates, the Drupal Security Team urges you to reserve time
>> for
>> core updates at that time because there is some risk that exploits might
>> be
>> developed within hours or days. Security release announcements will
>> appear on
>> the Drupal.org security advisory page.
>>
>> This security release is a follow-up to the one released as
>> SA-CORE-2018-002
>> [2] on March 28.
>>
>>   * Sites on 7.x or 8.5.x can immediately update when the advisory
>> isreleased
>>     using the normal procedure.
>>   * Sites on 8.4.x should immediately update to the 8.4.8 release that
>> willbe
>>     provided in the advisory, and then plan to update to 8.5.3 or the
>> latest
>>     security release as soon as possible (since 8.4.x no longer receives
>>     official security coverage).
>>
>> The security advisory will list the appropriate version numbers for each
>> branch. Your site's update report page will recommend the 8.5.x release
>> even
>> if you are on 8.4.x or an older release, but temporarily updating to the
>> provided backport for your site's current version will ensure you can
>> update
>> quickly without the possible side effects of a minor version update.
>>
>> Patches for Drupal 7.x, 8.4.x, 8.5.x and 8.6.x will be provided in
>> addition
>> to the releases mentioned above. (If your site is on a Drupal 8 release
>> older
>> than 8.4.x, it no longer receives security coverage and will not receive a
>> security update. The provided patches may work for your site, but
>> upgrading
>> is strongly recommended as older Drupal versions contain other disclosed
>> security vulnerabilities.)
>>
>> This release will not require a database update.
>>
>> The CVE for this issue is CVE-2018-7602. The Drupal-specific identifier
>> for
>> the issue will be SA-CORE-2018-004.
>>
>> The Security Team or any other party is not able to release any more
>> information about this vulnerability until the announcement is made. The
>> announcement will be made public at https://www.drupal.org/security, over
>> Twitter, and in email for those who have subscribed to our email list. To
>> subscribe to the email list: login on Drupal.org, go to your user profile
>> page, and subscribe to the security newsletter on the Edit ? My
>> newsletters
>> tab.
>>
>> Journalists interested in covering the story are encouraged to email
>> security-press at drupal.org to be sure they will get a copy of the
>> journalist-focused release. The Security Team will release a
>> journalist-focused summary email at the same time as the new code release
>> and
>> advisory.
>> If you find a security issue, please report it at
>> https://www.drupal.org/security-team/report-issue.
>>
>>
>> [1] https://www.drupal.org/node/1173280
>> [2] https://www.drupal.org/sa-core-2018-002
>>
>> _______________________________________________
>> Security-news mailing list
>> Security-news at drupal.org
>> Unsubscribe at https://lists.drupal.org/mailman/listinfo/security-news
>>
>>
>> --
>> Khalid M. Baheyeldin
>> 2bits.com, Inc.
>> Fast Reliable Drupal
>> Drupal optimization, development, customization and consulting.
>> Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
>> Simplicity is the ultimate sophistication. -- anonymous
>>
>
>
>
> --
> Khalid M. Baheyeldin
> 2bits.com, Inc.
> Fast Reliable Drupal
> Drupal optimization, development, customization and consulting.
> Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
> Simplicity is the ultimate sophistication. -- anonymous
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180503/05a62588/attachment.htm>

From paul_nijjar at yahoo.ca  Thu May  3 12:05:33 2018
From: paul_nijjar at yahoo.ca (Paul Nijjar)
Date: Thu, 3 May 2018 12:05:33 -0400
Subject: [kwlug-disc] [Security-news] Drupal 7 and 8 core critical
 release on April 25th, 2018 PSA-2018-003
In-Reply-To: <CA+TuoW19E0hR6Ha5ofhQCbrFHjO3PUBEgR2LzmcspRi7bAZy5g@mail.gmail.com>
References: <mailman.2411.1524503438.32134.security-news@drupal.org>
 <CA+TuoW0i3KC9OkqTu3zY1r8sG3-TvS8AiPDhM6ZQ1SFkdC1chQ@mail.gmail.com>
 <CA+TuoW19E0hR6Ha5ofhQCbrFHjO3PUBEgR2LzmcspRi7bAZy5g@mail.gmail.com>
Message-ID: <20180503160532.GB1159@nb-heartburn>

I updated KWLUG to 8.4.8 . Now Drupal wants me to upgrade to 8.5.3,
but Composer won't do it. In the past running the composer upgrade
commands has been enough to switch major release versions, but this
time it is not happening. 

Obviously this is on my shoulders to figure out. But have you heard of
other people running into such problems?

- Paul


On Thu, May 03, 2018 at 11:24:19AM -0400, Khalid Baheyeldin wrote:
> That last one was weaponized within hours.
> 
> https://www.bleepingcomputer.com/news/security/hackers-dont-give-site-owners-time-to-patch-start-exploiting-new-drupal-flaw-within-hours/
> 
> On Mon, Apr 23, 2018 at 3:29 PM, Khalid Baheyeldin <kb at 2bits.com> wrote:
> 
> > Another security release in two days between 12:00 and 14:00 (EDT).
> >
> > If you have a Drupal site, be prepared to apply it as soon as it comes out.
> >
> >
> > ---------- Forwarded message ----------
> > From:  <security-news at drupal.org>
> > Date: Mon, Apr 23, 2018 at 1:09 PM
> > Subject: [Security-news] Drupal 7 and 8 core critical release on April
> > 25th, 2018 PSA-2018-003
> > To: security-news at drupal.org
> >
> >
> > View online: https://www.drupal.org/psa-2018-003
> >
> > There will be a security release of * Drupal 7.x, 8.4.x, and 8.5.x on April
> > 25th, 2018 between 16:00 - 18:00 UTC*. This PSA is to notify that the
> > Drupal
> > core release is outside of the regular schedule [1] of security releases.
> > For
> > all security updates, the Drupal Security Team urges you to reserve time
> > for
> > core updates at that time because there is some risk that exploits might be
> > developed within hours or days. Security release announcements will appear
> > on
> > the Drupal.org security advisory page.
> >
> > This security release is a follow-up to the one released as
> > SA-CORE-2018-002
> > [2] on March 28.
> >
> >   * Sites on 7.x or 8.5.x can immediately update when the advisory
> > isreleased
> >     using the normal procedure.
> >   * Sites on 8.4.x should immediately update to the 8.4.8 release that
> > willbe
> >     provided in the advisory, and then plan to update to 8.5.3 or the
> > latest
> >     security release as soon as possible (since 8.4.x no longer receives
> >     official security coverage).
> >
> > The security advisory will list the appropriate version numbers for each
> > branch. Your site's update report page will recommend the 8.5.x release
> > even
> > if you are on 8.4.x or an older release, but temporarily updating to the
> > provided backport for your site's current version will ensure you can
> > update
> > quickly without the possible side effects of a minor version update.
> >
> > Patches for Drupal 7.x, 8.4.x, 8.5.x and 8.6.x will be provided in addition
> > to the releases mentioned above. (If your site is on a Drupal 8 release
> > older
> > than 8.4.x, it no longer receives security coverage and will not receive a
> > security update. The provided patches may work for your site, but upgrading
> > is strongly recommended as older Drupal versions contain other disclosed
> > security vulnerabilities.)
> >
> > This release will not require a database update.
> >
> > The CVE for this issue is CVE-2018-7602. The Drupal-specific identifier for
> > the issue will be SA-CORE-2018-004.
> >
> > The Security Team or any other party is not able to release any more
> > information about this vulnerability until the announcement is made. The
> > announcement will be made public at https://www.drupal.org/security, over
> > Twitter, and in email for those who have subscribed to our email list. To
> > subscribe to the email list: login on Drupal.org, go to your user profile
> > page, and subscribe to the security newsletter on the Edit ??? My newsletters
> > tab.
> >
> > Journalists interested in covering the story are encouraged to email
> > security-press at drupal.org to be sure they will get a copy of the
> > journalist-focused release. The Security Team will release a
> > journalist-focused summary email at the same time as the new code release
> > and
> > advisory.
> > If you find a security issue, please report it at
> > https://www.drupal.org/security-team/report-issue.
> >
> >
> > [1] https://www.drupal.org/node/1173280
> > [2] https://www.drupal.org/sa-core-2018-002
> >
> > _______________________________________________
> > Security-news mailing list
> > Security-news at drupal.org
> > Unsubscribe at https://lists.drupal.org/mailman/listinfo/security-news
> >
> >
> > --
> > Khalid M. Baheyeldin
> > 2bits.com, Inc.
> > Fast Reliable Drupal
> > Drupal optimization, development, customization and consulting.
> > Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
> > Simplicity is the ultimate sophistication. -- anonymous
> >
> 
> 
> 
> -- 
> Khalid M. Baheyeldin
> 2bits.com, Inc.
> Fast Reliable Drupal
> Drupal optimization, development, customization and consulting.
> Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
> Simplicity is the ultimate sophistication. -- anonymous

> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org


-- 
http://pnijjar.freeshell.org



From paul_nijjar at yahoo.ca  Thu May  3 17:53:51 2018
From: paul_nijjar at yahoo.ca (Paul Nijjar)
Date: Thu, 3 May 2018 17:53:51 -0400
Subject: [kwlug-disc] Maker Expo volunteer applications are open
Message-ID: <20180503215351.GF1336@nb-heartburn>

Maker Expo is being held June 2 and 3 this year, at Kitchener Memorial
Auditorium. In the past it has been a pretty amazing event. They are
looking for volunteers: 

http://www.makerexpo.ca/volunteer/

The volunteer application wants an awful lot of unnecessary data (why
do you need my mailing address?) but I left most of it blank and still
was able to submit.

- Paul

-- 
http://pnijjar.freeshell.org



From paul_nijjar at yahoo.ca  Thu May  3 18:26:13 2018
From: paul_nijjar at yahoo.ca (Paul Nijjar)
Date: Thu, 3 May 2018 18:26:13 -0400
Subject: [kwlug-disc] Adding to Google Calendar from SSH window
In-Reply-To: <CAKyYXOTO6Hv6M-ujAdWcSSRnwL=+U=MZJUNFz=bRvgobc+pg7Q@mail.gmail.com>
References: <20180206180715.GB1036@nb-heartburn>
 <CAKyYXOTO6Hv6M-ujAdWcSSRnwL=+U=MZJUNFz=bRvgobc+pg7Q@mail.gmail.com>
Message-ID: <20180503222612.GH1336@nb-heartburn>


As a followup, I got this working with gcalcli. It is kind of ugly,
but it works. I have a shell script that launches a vim window with a
template to fill out, when then calls gcalcli to make the API call. I
am not thrilled with this but it works well enough for simple events.


On Tue, Feb 06, 2018 at 01:12:09PM -0500, CrankyOldBugger wrote:
> While I'll happily vouch for Thunderbird's integration with Google calendar
> (as I use T-bird to read both my gmail and live.com accounts), I found a
> command line approach via a quick googling:
> https://github.com/insanum/gcalcli
> 
> long story short:
> 
> Google Calendar Command Line Interface
> 
> gcalcli is a Python application that allows you to access your Google
> Calendar(s) from a command line. It's easy to get your agenda, search for
> events, add new events, delete events, edit events, and even import those
> annoying ICS/vCal invites from Microsoft Exchange and/or other sources.
> Additionally, gcalcli can be used as a reminder service and execute any
> application you want when an event is coming up.
> 
> 
> 
> 
> On 6 February 2018 at 13:07, Paul Nijjar via kwlug-disc <
> kwlug-disc at kwlug.org> wrote:
> 
> > My understanding is that it is possible to add events to a Google
> > calendar via the web interface, or from Thunderbird.
> >
> > I am looking for something more lightweight, but which is more
> > interactive than me running a script on the command line. Is there any
> > such software (preferably in the Debian repositories?).
> >
> > Ideally I would be able to use this software in a terminal window.
> > Otherwise a GUI that is more lightweight than Thunderbird might be
> > okay. I DON'T want this software to run all the time (especially if I
> > have a Google account to connect to it).
> >
> > The ability to easily copy entries from one calendar to another would
> > be a bonus.
> >
> > - Paul
> >
> > --
> > http://pnijjar.freeshell.org
> >
> > _______________________________________________
> > kwlug-disc mailing list
> > kwlug-disc at kwlug.org
> > http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
> >

> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org


-- 
http://pnijjar.freeshell.org



From opengeometry at yahoo.ca  Thu May  3 23:58:03 2018
From: opengeometry at yahoo.ca (William Park)
Date: Thu, 3 May 2018 23:58:03 -0400
Subject: [kwlug-disc] Maker Expo volunteer applications are open
In-Reply-To: <20180503215351.GF1336@nb-heartburn>
References: <20180503215351.GF1336@nb-heartburn>
Message-ID: <20180504035803.GB8120@node1.localdomain>

It's weekend, so I signed up.
-- 
William Park <opengeometry at yahoo.ca>

On Thu, May 03, 2018 at 05:53:51PM -0400, Paul Nijjar via kwlug-disc wrote:
> Maker Expo is being held June 2 and 3 this year, at Kitchener Memorial
> Auditorium. In the past it has been a pretty amazing event. They are
> looking for volunteers: 
> 
> http://www.makerexpo.ca/volunteer/
> 
> The volunteer application wants an awful lot of unnecessary data (why
> do you need my mailing address?) but I left most of it blank and still
> was able to submit.
> 
> - Paul
> 
> -- 
> http://pnijjar.freeshell.org
> 
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org



From mb at 3nsoft.com  Sun May  6 16:57:30 2018
From: mb at 3nsoft.com (Mikalai Birukou)
Date: Sun, 6 May 2018 16:57:30 -0400
Subject: [kwlug-disc] Swag from LibrePlanet exhibitions
Message-ID: <2e537f28-1f88-56c7-5d14-4c6baa043d05@3nsoft.com>

As a reminder.

I will bring promised swag from LibrePlanet exhibitions to tomorrow's 
meeting (Monday, May 7). If you aren't coming, ask a friend to pick 
goodies for you :) .

Cheers.




From eschnetter at perimeterinstitute.ca  Mon May  7 17:06:47 2018
From: eschnetter at perimeterinstitute.ca (Erik Schnetter)
Date: Mon, 7 May 2018 17:06:47 -0400
Subject: [kwlug-disc] [kwlug-announce] Meeting Monday: Backups,
 Mail-in-a-Box (May 2018)
In-Reply-To: <20180504165450.GB3538@nb-heartburn>
References: <20180504165450.GB3538@nb-heartburn>
Message-ID: <CADKQjjcde5A4cWuLY87kSJOnMStWPfJden_VfHvzXCaP2oanEg@mail.gmail.com>

On Fri, May 4, 2018 at 12:54 PM, Paul Nijjar via kwlug-announce <
kwlug-announce at kwlug.org> wrote:

>
> If you missed Cory Doctorow when he was here in December (or you would
> like to see him speak again) he is giving a talk entitled "The war on
> general purpose computers is the war on science". I think that this is
> open to the public. It will be held Wednesday May 9 at 2pm. See
> https://www.perimeterinstitute.ca/seminar/war-general-
> purpose-computers-war-science
> for more details.
>

I inquired -- Perimeter's institute colloquium is only open to Perimeter
affiliates. This is not one of the public lectures that are open to the
public.

On the positive side, our colloquia are usually recorded, and are available
online the next day; see <http://pirsa.org>.

-erik

-- 
Erik Schnetter <eschnetter at perimeterinstitute.ca>
http://www.perimeterinstitute.ca/personal/eschnetter/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180507/b9dbdf45/attachment.htm>

From kb at 2bits.com  Tue May  8 01:05:22 2018
From: kb at 2bits.com (Khalid Baheyeldin)
Date: Tue, 8 May 2018 01:05:22 -0400
Subject: [kwlug-disc] How to Archiving Gmail Locally
Message-ID: <CA+TuoW3=USg0w9BSMeuOgc+6PJq8gsurzWvvCYPGtXLz+q_jNA@mail.gmail.com>

So, the tool I use to get mail from Gmail and save it locally is 'getmail4'
(name of package in Ubuntu).

I run it as follows, once a day from cron:

getmail -r gmail.rc

The gmail.rc file has the following:

#=== START
[retriever]
type = SimpleIMAPSSLRetriever
server = imap.gmail.com
username = YOUR_EMAIL_ID # without @...
password = YOUR_PASSWORD
mailboxes = ( "[Gmail]/All Mail", "[Gmail]/Sent Mail", "[Gmail]/Drafts" )

[destination]
type = Maildir
path = ~/mail/gmail/

[options]
verbose = 0
message_log = ~/mail/gmail.log
read_all = false
max_messages_per_session = 1000
received = false
delete = false
#=== END

You may need to enable that setting in Gmail that allows low grade
encryption (or was it plain text?),  forgot its exact name.

In the directory ~/mail/gmail, the script will create subdirectories called
'cur', 'tmp', and 'new'. The first is what contains your emails. The 'new'
directory contains some emails, not sure how they are different from the
ones in 'cur'.

As I mentioned, the objectives were to:

a) have a backup, and
b) find out which messages take the most space and delete them from Gmail

The first one is achieved, but all the messages are in one directory, one
file each. So they are not sorted in any useful order nor by Gmail Label or
date or anything.

They are searchable by grep and friends though, and size can be determined
via ls (but that will just give you a list of cryptic file names, and you
have to use less or something to look inside it).

You can point something like mutt to the directory, but not sure how the
performance will be.
-- 
Khalid M. Baheyeldin
2bits.com, Inc.
Fast Reliable Drupal
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
Simplicity is the ultimate sophistication. -- anonymous
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180508/166d2a53/attachment.htm>

From crankyoldbugger at gmail.com  Tue May  8 09:35:45 2018
From: crankyoldbugger at gmail.com (Jeff Smith)
Date: Tue, 8 May 2018 09:35:45 -0400
Subject: [kwlug-disc] How to Archiving Gmail Locally
In-Reply-To: <CA+TuoW3=USg0w9BSMeuOgc+6PJq8gsurzWvvCYPGtXLz+q_jNA@mail.gmail.com>
References: <CA+TuoW3=USg0w9BSMeuOgc+6PJq8gsurzWvvCYPGtXLz+q_jNA@mail.gmail.com>
Message-ID: <b2e92de2-5779-1ff4-384a-13d7223c6b36@gmail.com>

That was a good meeting last night.? Some good speakers and some swag to
boot...? Also nice to see so many new faces last night.

This is a good script, Khalid.? I've been doing this process more or
less manually, and at random times, by going into Thunderbird,
downloading any over-large folders to the local client, then zipping up
the resulting .eml files and storing them on my own backups server.?
While it's considerably more work than your script, it does allow me
some leeway in what folders I clean up (i.e. do I want to keep this
year's stuff online, can I break larger folders down by years, etc.)

Maybe once I get my manual process to the point where your script can
take over, I can give the impression of being much more organized...



On 2018-05-08 01:05 AM, Khalid Baheyeldin wrote:
> So, the tool I use to get mail from Gmail and save it locally is
> 'getmail4' (name of package in Ubuntu).
>
> I run it as follows, once a day from cron:
>
> getmail -r gmail.rc
>
> The gmail.rc file has the following:
>
> #=== START
> [retriever]
> type = SimpleIMAPSSLRetriever
> server = imap.gmail.com <http://imap.gmail.com>
> username = YOUR_EMAIL_ID # without @...
> password = YOUR_PASSWORD
> mailboxes = ( "[Gmail]/All Mail", "[Gmail]/Sent Mail", "[Gmail]/Drafts" )
>
> [destination]
> type = Maildir
> path = ~/mail/gmail/
>
> [options]
> verbose = 0
> message_log = ~/mail/gmail.log
> read_all = false
> max_messages_per_session = 1000
> received = false
> delete = false
> #=== END
>
> You may need to enable that setting in Gmail that allows low grade
> encryption (or was it plain text?),? forgot its exact name.
>
> In the directory ~/mail/gmail, the script will create subdirectories
> called 'cur', 'tmp', and 'new'. The first is what contains your
> emails. The 'new' directory contains some emails, not sure how they
> are different from the ones in 'cur'.
>
> As I mentioned, the objectives were to:
>
> a) have a backup, and
> b) find out which messages take the most space and delete them from Gmail
>
> The first one is achieved, but all the messages are in one directory,
> one file each. So they are not sorted in any useful order nor by Gmail
> Label or date or anything.
>
> They are searchable by grep and friends though, and size can be
> determined via ls (but that will just give you a list of cryptic file
> names, and you have to use less or something to look inside it).
>
> You can point something like mutt to the directory, but not sure how
> the performance will be.
> -- 
> Khalid M. Baheyeldin
> 2bits.com <http://2bits.com>, Inc.
> Fast Reliable Drupal
> Drupal optimization, development, customization and consulting.
> Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
> Simplicity is the ultimate sophistication. -- anonymous
>
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180508/0f75bb3d/attachment.htm>

From kb at 2bits.com  Tue May  8 11:01:11 2018
From: kb at 2bits.com (Khalid Baheyeldin)
Date: Tue, 8 May 2018 11:01:11 -0400
Subject: [kwlug-disc] How to Archiving Gmail Locally
In-Reply-To: <b2e92de2-5779-1ff4-384a-13d7223c6b36@gmail.com>
References: <CA+TuoW3=USg0w9BSMeuOgc+6PJq8gsurzWvvCYPGtXLz+q_jNA@mail.gmail.com>
 <b2e92de2-5779-1ff4-384a-13d7223c6b36@gmail.com>
Message-ID: <CA+TuoW1rMyjonMiScSn9gBPZY8fmDY5LwL0hd7s3CDR0P+hbMA@mail.gmail.com>

One thing I thought about, is some parsing script that will check the date
of
the message :

ls xargs ...
grep '^Date: '

Then extract the month and year, parse it if necessary, and move the
message
to a folder named: mail/gmail/yyyy/mm/

This should be straightforward, and would get over the large number of
files
in a single directory issue. Using mutt against the directory tree should
also
be possible, now that directories are smaller.

The state of last message downloaded and such are all kept in ~/.getmail,
so it is safe to mess around with the cur directory, I think ...

On Tue, May 8, 2018 at 9:35 AM, Jeff Smith <crankyoldbugger at gmail.com>
wrote:

> That was a good meeting last night.  Some good speakers and some swag to
> boot...  Also nice to see so many new faces last night.
>
> This is a good script, Khalid.  I've been doing this process more or less
> manually, and at random times, by going into Thunderbird, downloading any
> over-large folders to the local client, then zipping up the resulting .eml
> files and storing them on my own backups server.  While it's considerably
> more work than your script, it does allow me some leeway in what folders I
> clean up (i.e. do I want to keep this year's stuff online, can I break
> larger folders down by years, etc.)
>
> Maybe once I get my manual process to the point where your script can take
> over, I can give the impression of being much more organized...
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180508/e79fbb86/attachment.htm>

From gdmalet at gmail.com  Tue May  8 12:32:23 2018
From: gdmalet at gmail.com (Giles Malet)
Date: Tue, 8 May 2018 12:32:23 -0400
Subject: [kwlug-disc] How to Archiving Gmail Locally
In-Reply-To: <CA+TuoW3=USg0w9BSMeuOgc+6PJq8gsurzWvvCYPGtXLz+q_jNA@mail.gmail.com>
References: <CA+TuoW3=USg0w9BSMeuOgc+6PJq8gsurzWvvCYPGtXLz+q_jNA@mail.gmail.com>
Message-ID: <929557fb-2dd9-c1d9-1da8-e03cd8e2bd37@gmail.com>

> In the directory ~/mail/gmail, the script will create subdirectories called
> 'cur', 'tmp', and 'new'.

This is standard 'Maildir' format 
(https://en.wikipedia.org/wiki/Maildir). Some mail clients, such as 
mutt, support it directly; there's a list on the Wikipedia page.

g



From crankyoldbugger at gmail.com  Tue May  8 12:55:27 2018
From: crankyoldbugger at gmail.com (CrankyOldBugger)
Date: Tue, 08 May 2018 16:55:27 +0000
Subject: [kwlug-disc] Update Drupal... again
Message-ID: <CAKyYXOQLrUyOvB3M7cVK_5C6UVZwM0Y1ri33uJg-uajVWkgfKQ@mail.gmail.com>

I know there's been lots of discussion on updating Drupal in here lately,
but this was in my news feed this morning:

https://www.howtogeek.com/fyi/update-your-drupal-website-now-or-hackers-might-turn-it-into-a-cryptocurrency-miner/

Thankfully I'm not smart enough to use Drupal, but I know there are a bunch
of you who do...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180508/0500492d/attachment.htm>

From kb at 2bits.com  Tue May  8 13:00:31 2018
From: kb at 2bits.com (Khalid Baheyeldin)
Date: Tue, 8 May 2018 13:00:31 -0400
Subject: [kwlug-disc] Update Drupal... again
In-Reply-To: <CAKyYXOQLrUyOvB3M7cVK_5C6UVZwM0Y1ri33uJg-uajVWkgfKQ@mail.gmail.com>
References: <CAKyYXOQLrUyOvB3M7cVK_5C6UVZwM0Y1ri33uJg-uajVWkgfKQ@mail.gmail.com>
Message-ID: <CA+TuoW0o5vXgQD=k-KK5KTkv-oPYN1vqF792MQa0EeNr7XcvZQ@mail.gmail.com>

This is not new.

If you updated core for the CVE's that had fixes released on March 28,
April 18 and 28, then you are safe.

https://www.drupal.org/security

What we are seeing now is some sites that did not update, and bad actors
writing automated scripts to exploit these sites.

The media is now reporting on that last bit, not a new vulnerability.

If you did not update on those dates, then your site may already be
compromised. There is a guide on Drupal.org on what to do in this case.

On Tue, May 8, 2018 at 12:55 PM, CrankyOldBugger <crankyoldbugger at gmail.com>
wrote:

> I know there's been lots of discussion on updating Drupal in here lately,
> but this was in my news feed this morning:
>
> https://www.howtogeek.com/fyi/update-your-drupal-website-
> now-or-hackers-might-turn-it-into-a-cryptocurrency-miner/
>
> Thankfully I'm not smart enough to use Drupal, but I know there are a
> bunch of you who do...
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
>


-- 
Khalid M. Baheyeldin
2bits.com, Inc.
Fast Reliable Drupal
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
Simplicity is the ultimate sophistication. -- anonymous
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180508/ed51d638/attachment.htm>

From dscassel at gmail.com  Wed May  9 00:04:32 2018
From: dscassel at gmail.com (Darcy Casselman)
Date: Wed, 9 May 2018 00:04:32 -0400
Subject: [kwlug-disc] Maker Expo volunteer applications are open
In-Reply-To: <20180503215351.GF1336@nb-heartburn>
References: <20180503215351.GF1336@nb-heartburn>
Message-ID: <CAA=K3WeeEjZd3XNFBgg3SyYbmP5V8ftpv3YSD19ihi1SX56usg@mail.gmail.com>

Turns out we really don't need a mailing address, so it's been removed from
the form.

Thanks for the feedback, Paul.

Darcy.


On Thu, May 3, 2018 at 5:53 PM, Paul Nijjar via kwlug-disc <
kwlug-disc at kwlug.org> wrote:

> Maker Expo is being held June 2 and 3 this year, at Kitchener Memorial
> Auditorium. In the past it has been a pretty amazing event. They are
> looking for volunteers:
>
> http://www.makerexpo.ca/volunteer/
>
> The volunteer application wants an awful lot of unnecessary data (why
> do you need my mailing address?) but I left most of it blank and still
> was able to submit.
>
> - Paul
>
> --
> http://pnijjar.freeshell.org
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180509/a7e5e5cb/attachment.htm>

From kb at 2bits.com  Wed May  9 16:05:30 2018
From: kb at 2bits.com (Khalid Baheyeldin)
Date: Wed, 9 May 2018 16:05:30 -0400
Subject: [kwlug-disc] How to Archiving Gmail Locally
In-Reply-To: <929557fb-2dd9-c1d9-1da8-e03cd8e2bd37@gmail.com>
References: <CA+TuoW3=USg0w9BSMeuOgc+6PJq8gsurzWvvCYPGtXLz+q_jNA@mail.gmail.com>
 <929557fb-2dd9-c1d9-1da8-e03cd8e2bd37@gmail.com>
Message-ID: <CA+TuoW38vb1ujMYNn2Ns0o4r5DNjQ3qR0-6oyD1XbjO0RpA4dw@mail.gmail.com>

Thanks Giles.

So, if getmail is using IMAP for retrieval, and copies individual messages
to the MailDir directory, then I move some files (i.e. messages) from cur
to another directory, say 2007/06.

Will getmail be confused by that?

On Tue, May 8, 2018 at 12:32 PM, Giles Malet <gdmalet at gmail.com> wrote:

> In the directory ~/mail/gmail, the script will create subdirectories called
>> 'cur', 'tmp', and 'new'.
>>
>
> This is standard 'Maildir' format (https://en.wikipedia.org/wiki/Maildir).
> Some mail clients, such as mutt, support it directly; there's a list on the
> Wikipedia page.
>
> g
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>



-- 
Khalid M. Baheyeldin
2bits.com, Inc.
Fast Reliable Drupal
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
Simplicity is the ultimate sophistication. -- anonymous
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180509/980e7c11/attachment.htm>

From kb at 2bits.com  Wed May  9 16:17:16 2018
From: kb at 2bits.com (Khalid Baheyeldin)
Date: Wed, 9 May 2018 16:17:16 -0400
Subject: [kwlug-disc] How to Archiving Gmail Locally
In-Reply-To: <CA+TuoW38vb1ujMYNn2Ns0o4r5DNjQ3qR0-6oyD1XbjO0RpA4dw@mail.gmail.com>
References: <CA+TuoW3=USg0w9BSMeuOgc+6PJq8gsurzWvvCYPGtXLz+q_jNA@mail.gmail.com>
 <929557fb-2dd9-c1d9-1da8-e03cd8e2bd37@gmail.com>
 <CA+TuoW38vb1ujMYNn2Ns0o4r5DNjQ3qR0-6oyD1XbjO0RpA4dw@mail.gmail.com>
Message-ID: <CA+TuoW0j77ybkEhtNh_9bDykqJCu8to=1w-5W-fGorwEojQJoQ@mail.gmail.com>

The FAQ says that the state is kept in the oldmail-* files under ~/.getmail.

So it seems to me that it is safe to move the messages themselves.

I will try it out.

On Wed, May 9, 2018 at 4:05 PM, Khalid Baheyeldin <kb at 2bits.com> wrote:

> Thanks Giles.
>
> So, if getmail is using IMAP for retrieval, and copies individual messages
> to the MailDir directory, then I move some files (i.e. messages) from cur
> to another directory, say 2007/06.
>
> Will getmail be confused by that?
>
> On Tue, May 8, 2018 at 12:32 PM, Giles Malet <gdmalet at gmail.com> wrote:
>
>> In the directory ~/mail/gmail, the script will create subdirectories
>>> called
>>> 'cur', 'tmp', and 'new'.
>>>
>>
>> This is standard 'Maildir' format (https://en.wikipedia.org/wiki/Maildir).
>> Some mail clients, such as mutt, support it directly; there's a list on the
>> Wikipedia page.
>>
>> g
>>
>>
>> _______________________________________________
>> kwlug-disc mailing list
>> kwlug-disc at kwlug.org
>> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>>
>
>
>
> --
> Khalid M. Baheyeldin
> 2bits.com, Inc.
> Fast Reliable Drupal
> Drupal optimization, development, customization and consulting.
> Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
> Simplicity is the ultimate sophistication. -- anonymous
>
>


-- 
Khalid M. Baheyeldin
2bits.com, Inc.
Fast Reliable Drupal
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
Simplicity is the ultimate sophistication. -- anonymous
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180509/7432e505/attachment.htm>

From chamunks at gmail.com  Thu May 10 00:10:38 2018
From: chamunks at gmail.com (Chamunks)
Date: Thu, 10 May 2018 04:10:38 +0000
Subject: [kwlug-disc] Swag from LibrePlanet exhibitions
In-Reply-To: <2e537f28-1f88-56c7-5d14-4c6baa043d05@3nsoft.com>
References: <2e537f28-1f88-56c7-5d14-4c6baa043d05@3nsoft.com>
Message-ID: <CAN4GX9HSUdL6ehsT7U72N41SD=atsmTOgXp0s-Cr5R9AumHtRQ@mail.gmail.com>

Thanks so much for bringing the schwag, I'm surprised you had so much I
didn't even see the rest of it I just saw the cellphone thing and the VPN
cards.

On Sun, May 6, 2018 at 4:57 PM Mikalai Birukou via kwlug-disc <
kwlug-disc at kwlug.org> wrote:

> As a reminder.
>
> I will bring promised swag from LibrePlanet exhibitions to tomorrow's
> meeting (Monday, May 7). If you aren't coming, ask a friend to pick
> goodies for you :) .
>
> Cheers.
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180510/3228c3ec/attachment.htm>

From kb at 2bits.com  Fri May 11 00:27:53 2018
From: kb at 2bits.com (Khalid Baheyeldin)
Date: Fri, 11 May 2018 00:27:53 -0400
Subject: [kwlug-disc] How to Archiving Gmail Locally
In-Reply-To: <CA+TuoW0j77ybkEhtNh_9bDykqJCu8to=1w-5W-fGorwEojQJoQ@mail.gmail.com>
References: <CA+TuoW3=USg0w9BSMeuOgc+6PJq8gsurzWvvCYPGtXLz+q_jNA@mail.gmail.com>
 <929557fb-2dd9-c1d9-1da8-e03cd8e2bd37@gmail.com>
 <CA+TuoW38vb1ujMYNn2Ns0o4r5DNjQ3qR0-6oyD1XbjO0RpA4dw@mail.gmail.com>
 <CA+TuoW0j77ybkEhtNh_9bDykqJCu8to=1w-5W-fGorwEojQJoQ@mail.gmail.com>
Message-ID: <CA+TuoW3yRZMup7Yt7rFNrvnZyHVjnSUs0eXLXPrCFpk_def9jA@mail.gmail.com>

Reading a bit more on this, mutt may not understand a directory sorted by
yyyy/mm.

So I started mutt giving it the MailDir that I saved Gmail to, like so:

mutt -f ~/mail/gmail

That directory is the one that contains the cur, new and tmp dirs.

Loading is slow, at 1,778 msg/second, so my total messages of 459,000 takes
several minutes to load.

But it is fast from there, probably because it caches headers or something.

On Wed, May 9, 2018 at 4:17 PM, Khalid Baheyeldin <kb at 2bits.com> wrote:

> The FAQ says that the state is kept in the oldmail-* files under
> ~/.getmail.
>
> So it seems to me that it is safe to move the messages themselves.
>
> I will try it out.
>
> On Wed, May 9, 2018 at 4:05 PM, Khalid Baheyeldin <kb at 2bits.com> wrote:
>
>> Thanks Giles.
>>
>> So, if getmail is using IMAP for retrieval, and copies individual
>> messages to the MailDir directory, then I move some files (i.e. messages)
>> from cur to another directory, say 2007/06.
>>
>> Will getmail be confused by that?
>>
>> On Tue, May 8, 2018 at 12:32 PM, Giles Malet <gdmalet at gmail.com> wrote:
>>
>>> In the directory ~/mail/gmail, the script will create subdirectories
>>>> called
>>>> 'cur', 'tmp', and 'new'.
>>>>
>>>
>>> This is standard 'Maildir' format (https://en.wikipedia.org/wiki/Maildir).
>>> Some mail clients, such as mutt, support it directly; there's a list on the
>>> Wikipedia page.
>>>
>>> g
>>>
>>>
>>> _______________________________________________
>>> kwlug-disc mailing list
>>> kwlug-disc at kwlug.org
>>> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>>>
>>
>>
>>
>> --
>> Khalid M. Baheyeldin
>> 2bits.com, Inc.
>> Fast Reliable Drupal
>> Drupal optimization, development, customization and consulting.
>> Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
>> Simplicity is the ultimate sophistication. -- anonymous
>>
>>
>
>
> --
> Khalid M. Baheyeldin
> 2bits.com, Inc.
> Fast Reliable Drupal
> Drupal optimization, development, customization and consulting.
> Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
> Simplicity is the ultimate sophistication. -- anonymous
>
>


-- 
Khalid M. Baheyeldin
2bits.com, Inc.
Fast Reliable Drupal
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
Simplicity is the ultimate sophistication. -- anonymous
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180511/1088c866/attachment.htm>

From chris at chrisirwin.ca  Fri May 11 16:29:26 2018
From: chris at chrisirwin.ca (Chris Irwin)
Date: Fri, 11 May 2018 16:29:26 -0400
Subject: [kwlug-disc] How to Archiving Gmail Locally
In-Reply-To: <CA+TuoW3yRZMup7Yt7rFNrvnZyHVjnSUs0eXLXPrCFpk_def9jA@mail.gmail.com>
References: <CA+TuoW3=USg0w9BSMeuOgc+6PJq8gsurzWvvCYPGtXLz+q_jNA@mail.gmail.com>
 <929557fb-2dd9-c1d9-1da8-e03cd8e2bd37@gmail.com>
 <CA+TuoW38vb1ujMYNn2Ns0o4r5DNjQ3qR0-6oyD1XbjO0RpA4dw@mail.gmail.com>
 <CA+TuoW0j77ybkEhtNh_9bDykqJCu8to=1w-5W-fGorwEojQJoQ@mail.gmail.com>
 <CA+TuoW3yRZMup7Yt7rFNrvnZyHVjnSUs0eXLXPrCFpk_def9jA@mail.gmail.com>
Message-ID: <20180511202926.ucv5daskzb563eqi@x230.chrisirwin.ca>

On Fri, May 11, 2018 at 12:27:53AM -0400, Khalid Baheyeldin wrote:
>Reading a bit more on this, mutt may not understand a directory sorted by
>yyyy/mm.

You would have to make those directories maildirs as well.

>So I started mutt giving it the MailDir that I saved Gmail to, like so:
>
>mutt -f ~/mail/gmail
>
>That directory is the one that contains the cur, new and tmp dirs.
>
>Loading is slow, at 1,778 msg/second, so my total messages of 459,000 takes
>several minutes to load.
>
>But it is fast from there, probably because it caches headers or something.

If mutt is saving it's header cache, it should be significantly quicker 
afterwards.

I'm not sure what the default is, but I set a specific header_cache in 
my muttrc. My "All Mail" folder with ~100,000 items in loads in about 4 
seconds due to caching. Granted, this is on an SSD.

I'm not sure what your target for the archive is, but if you're planning 
on doing much searching, you might be interested in `notmuch` as well, 
which will index your mail, and can provide search results in maildir 
format, which you could also browse with mutt.

-- 
Chris Irwin

email:   chris at chrisirwin.ca
 xmpp:   chris at chrisirwin.ca
  web: https://chrisirwin.ca




From paul_nijjar at yahoo.ca  Fri May 11 23:28:34 2018
From: paul_nijjar at yahoo.ca (Paul Nijjar)
Date: Fri, 11 May 2018 23:28:34 -0400
Subject: [kwlug-disc] New meeting location: 283 Duke St
Message-ID: <20180512032834.GB4888@nb-heartburn>

Thanks to Colin we now have a new meeting location for KWLUG. This
afternoon Andrew, Colin and I signed away our lives so we could start
using it. Our intention is to try it out for the June meeting: 

https://kwlug.org/283-duke 

I hope the instructions on the above page are clear. Please send
comments about the location writeup to me. 

I am also in discussions with Google around their community space, but
we might as well try this location first. Technically we have not
booked the spot yet because we do not have access to the booking
portal. If everything goes pear-shaped we will just meet at St John's
for another month. 

Along with the new location is a shopping list of things that are not
provided. We can do without many of these things but if you have
extras and/or are willing to donate to the cause we could put an
equipment kit together: 

- DVI and HDMI cables for the projector (an Acer PD 726W). VGA cables
  are already provided with the space. 
- Maybe a microphone/mixer setup for recording podcasts? There is a
  speaker system there (a Sylvania SPA 040) but we probably don't need
  amplification in the space, and offhand I do not think we can use it
  for recording podcasts anyways. 

There are some things other people have promised: 

- Power bar: Colin
- Extension cord: Andrew
- Condenser mic with USB connection: Colin
- KWLUG podcasting netbook: Paul
- Signage: Paul


Maybe there are other things we should be thinking about as well.

-- 
http://pnijjar.freeshell.org



From crankyoldbugger at gmail.com  Sat May 12 08:14:19 2018
From: crankyoldbugger at gmail.com (CrankyOldBugger)
Date: Sat, 12 May 2018 08:14:19 -0400
Subject: [kwlug-disc] New meeting location: 283 Duke St
In-Reply-To: <20180512032834.GB4888@nb-heartburn>
References: <20180512032834.GB4888@nb-heartburn>
Message-ID: <CAKyYXOTYw67WD3Lb0PhL-tpJqNyxWZW7C1dc7WViMee9QjzKww@mail.gmail.com>

Kudos to our Housing Committee: Paul, Colin, Andrew, and all those who
helped out.  Good work, lads!


On Fri, 11 May 2018 at 23:28 Paul Nijjar via kwlug-disc <
kwlug-disc at kwlug.org> wrote:

> Thanks to Colin we now have a new meeting location for KWLUG. This
> afternoon Andrew, Colin and I signed away our lives so we could start
> using it. Our intention is to try it out for the June meeting:
>
> https://kwlug.org/283-duke
>
> I hope the instructions on the above page are clear. Please send
> comments about the location writeup to me.
>
> I am also in discussions with Google around their community space, but
> we might as well try this location first. Technically we have not
> booked the spot yet because we do not have access to the booking
> portal. If everything goes pear-shaped we will just meet at St John's
> for another month.
>
> Along with the new location is a shopping list of things that are not
> provided. We can do without many of these things but if you have
> extras and/or are willing to donate to the cause we could put an
> equipment kit together:
>
> - DVI and HDMI cables for the projector (an Acer PD 726W). VGA cables
>   are already provided with the space.
> - Maybe a microphone/mixer setup for recording podcasts? There is a
>   speaker system there (a Sylvania SPA 040) but we probably don't need
>   amplification in the space, and offhand I do not think we can use it
>   for recording podcasts anyways.
>
> There are some things other people have promised:
>
> - Power bar: Colin
> - Extension cord: Andrew
> - Condenser mic with USB connection: Colin
> - KWLUG podcasting netbook: Paul
> - Signage: Paul
>
>
> Maybe there are other things we should be thinking about as well.
>
> --
> http://pnijjar.freeshell.org
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180512/bfb9473a/attachment.htm>

From mb at 3nsoft.com  Sat May 12 08:15:29 2018
From: mb at 3nsoft.com (Mikalai Birukou)
Date: Sat, 12 May 2018 08:15:29 -0400
Subject: [kwlug-disc] New meeting location: 283 Duke St
In-Reply-To: <20180512032834.GB4888@nb-heartburn>
References: <20180512032834.GB4888@nb-heartburn>
Message-ID: <f9200f70-342a-448d-c694-700c8c54baea@3nsoft.com>

On 2018-05-11 11:28 PM, Paul Nijjar via kwlug-disc wrote:
> https://kwlug.org/283-duke
>
> I hope the instructions on the above page are clear. Please send
> comments about the location writeup to me.

When on the second floor of 283 Duke, I noticed that corridors had names 
like Frederick Street, Breithaupt. I wonder if this permanent. And if 
so, is it a way to navigate inside? :) On which street room 225 is located?





From chaslinux at gmail.com  Sat May 12 09:33:16 2018
From: chaslinux at gmail.com (Charles M)
Date: Sat, 12 May 2018 09:33:16 -0400
Subject: [kwlug-disc] New meeting location: 283 Duke St
In-Reply-To: <f9200f70-342a-448d-c694-700c8c54baea@3nsoft.com>
References: <20180512032834.GB4888@nb-heartburn>
 <f9200f70-342a-448d-c694-700c8c54baea@3nsoft.com>
Message-ID: <CANKsL=P8Yv_zYuScE5HuFycPnZB5YUf1+vX+DzSiB6-86Qju9g@mail.gmail.com>

Paul, I think CR has a few regular size HDMI cables. There was also
recently a mixer donated but I don?t know how functional it is. At least
one slider near the bottom appears broken, but the mixer might still work.
I?m planning on going in to work for a few minutes today so I?ll try to
check it out. You?ll probably need other audio cables. I also have what
looks to be an okay mic (has quite a bit of heft to it) that I?m happy to
donate. I?ll set the equipment in the it office.

Charles

On Sat, May 12, 2018 at 8:15 AM Mikalai Birukou via kwlug-disc <
kwlug-disc at kwlug.org> wrote:

> On 2018-05-11 11:28 PM, Paul Nijjar via kwlug-disc wrote:
> > https://kwlug.org/283-duke
> >
> > I hope the instructions on the above page are clear. Please send
> > comments about the location writeup to me.
>
> When on the second floor of 283 Duke, I noticed that corridors had names
> like Frederick Street, Breithaupt. I wonder if this permanent. And if
> so, is it a way to navigate inside? :) On which street room 225 is located?
>
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-- 
Charles McColm
Blog: http://www.charlesmccolm.com/
Twitter/Identica/Google+: @chaslinux
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180512/7a64c5a7/attachment.htm>

From paul_nijjar at yahoo.ca  Sat May 12 10:05:52 2018
From: paul_nijjar at yahoo.ca (Paul Nijjar)
Date: Sat, 12 May 2018 10:05:52 -0400
Subject: [kwlug-disc] New meeting location: 283 Duke St
In-Reply-To: <f9200f70-342a-448d-c694-700c8c54baea@3nsoft.com>
References: <20180512032834.GB4888@nb-heartburn>
 <f9200f70-342a-448d-c694-700c8c54baea@3nsoft.com>
Message-ID: <20180512140552.GC4888@nb-heartburn>

On Sat, May 12, 2018 at 08:15:29AM -0400, Mikalai Birukou via kwlug-disc wrote:
> On 2018-05-11 11:28 PM, Paul Nijjar via kwlug-disc wrote:
> >https://kwlug.org/283-duke
> >
> >I hope the instructions on the above page are clear. Please send
> >comments about the location writeup to me.
> 
> When on the second floor of 283 Duke, I noticed that corridors had names
> like Frederick Street, Breithaupt. I wonder if this permanent. And if so, is
> it a way to navigate inside? :) On which street room 225 is located?

I will take a look. My understanding is that the internal street names
are permanent. Unfortunately the names are super-confusing because
they are the same as streets that are close to the building (I think
there is a Breithaupt corridor, for example). 

- Paul 

-- 
http://pnijjar.freeshell.org



From chaslinux at gmail.com  Sat May 12 12:11:51 2018
From: chaslinux at gmail.com (Charles M)
Date: Sat, 12 May 2018 12:11:51 -0400
Subject: [kwlug-disc] New meeting location: 283 Duke St
In-Reply-To: <20180512140552.GC4888@nb-heartburn>
References: <20180512032834.GB4888@nb-heartburn>
 <f9200f70-342a-448d-c694-700c8c54baea@3nsoft.com>
 <20180512140552.GC4888@nb-heartburn>
Message-ID: <CANKsL=MBnxT7PuseWBfpvGiLSkuqNVTeWDQWM63-F8=b7gPc-g@mail.gmail.com>

The mixer is a Vestax PMC 17A 3 channel mixer. It's metal with a bit
of heft to it (approx 10lbs). I mentioned the slider at the bottom
seems to be broken. It also lacks XLR mic in and the mic I dropped off
happens to be XLR (though I don't think it needs Phantom power).
Unfortunately the mixer needs a 15v 500ma adapter. I found one in CR,
but the mixer needs a center negative adapter and this adapter is
center positive. I'm going to cut the wire and resolder it to reverse
the polarity before testing it (the adapter) and the mixer.

The mic is a PreSonus M7. I picked it up at a thrift shop thinking I
might use it some time, but I have another mic I use. It feels decent
though the body seems like it's a hardened plastic. The heft on the
mic probably comes from the metal grill and what's inside.


On Sat, May 12, 2018 at 10:05 AM, Paul Nijjar via kwlug-disc
<kwlug-disc at kwlug.org> wrote:
> On Sat, May 12, 2018 at 08:15:29AM -0400, Mikalai Birukou via kwlug-disc wrote:
>> On 2018-05-11 11:28 PM, Paul Nijjar via kwlug-disc wrote:
>> >https://kwlug.org/283-duke
>> >
>> >I hope the instructions on the above page are clear. Please send
>> >comments about the location writeup to me.
>>
>> When on the second floor of 283 Duke, I noticed that corridors had names
>> like Frederick Street, Breithaupt. I wonder if this permanent. And if so, is
>> it a way to navigate inside? :) On which street room 225 is located?
>
> I will take a look. My understanding is that the internal street names
> are permanent. Unfortunately the names are super-confusing because
> they are the same as streets that are close to the building (I think
> there is a Breithaupt corridor, for example).
>
> - Paul
>
> --
> http://pnijjar.freeshell.org
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org



-- 
Charles McColm
Blog: http://www.charlesmccolm.com/
Twitter/Identica/Google+: @chaslinux



From opengeometry at yahoo.ca  Sat May 12 17:52:22 2018
From: opengeometry at yahoo.ca (William Park)
Date: Sat, 12 May 2018 17:52:22 -0400
Subject: [kwlug-disc] Sending array variable over Web/CGI?
Message-ID: <20180512215222.GA30424@node1.localdomain>

Hi all,  (apology if you're seeing it again)

If I'm sending single valued data over web, eg. a=111, b=222, c=333,
then I can do 
    http://.../xxx.cgi?a=111&b=222&c=333

How do I send array data, like A[1]=111, A[2]=222, A[3]=333 to a CGI
script?  I don't think I can do something like
    http://.../xxx.cgi?A[1]=111&A[2]=222&A[3]=333
Or, can I?

I have seen places where a same variable is repeated, eg.
    http://.../xxx.cgi?A=111&A=222&A=333
but that means the CGI script has to build the array.
-- 
William Park <opengeometry at yahoo.ca>



From kb at 2bits.com  Sat May 12 18:39:34 2018
From: kb at 2bits.com (Khalid Baheyeldin)
Date: Sat, 12 May 2018 18:39:34 -0400
Subject: [kwlug-disc] Sending array variable over Web/CGI?
In-Reply-To: <20180512215222.GA30424@node1.localdomain>
References: <20180512215222.GA30424@node1.localdomain>
Message-ID: <CA+TuoW23MmatE-4enZotFDkF9prFK4UYf9DsRXmesVsVX1JqxQ@mail.gmail.com>

You should really be using a POST for this, so the data is not in the URL
at all.

But to your question, you can do:

/cgi?A[0]=111&A[1]=222 ... etc.

If it does not work, try escaping it with:

%5B for [, and %5C for ]


On Sat, May 12, 2018 at 5:52 PM, William Park via kwlug-disc <
kwlug-disc at kwlug.org> wrote:

> Hi all,  (apology if you're seeing it again)
>
> If I'm sending single valued data over web, eg. a=111, b=222, c=333,
> then I can do
>     http://.../xxx.cgi?a=111&b=222&c=333
>
> How do I send array data, like A[1]=111, A[2]=222, A[3]=333 to a CGI
> script?  I don't think I can do something like
>     http://.../xxx.cgi?A[1]=111&A[2]=222&A[3]=333
> Or, can I?
>
> I have seen places where a same variable is repeated, eg.
>     http://.../xxx.cgi?A=111&A=222&A=333
> but that means the CGI script has to build the array.
> --
> William Park <opengeometry at yahoo.ca>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>



-- 
Khalid M. Baheyeldin
2bits.com, Inc.
Fast Reliable Drupal
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
Simplicity is the ultimate sophistication. -- anonymous
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180512/2feb5451/attachment.htm>

From raymondchen625 at gmail.com  Sat May 12 18:55:28 2018
From: raymondchen625 at gmail.com (Raymond Chen)
Date: Sat, 12 May 2018 18:55:28 -0400
Subject: [kwlug-disc] Sending array variable over Web/CGI?
In-Reply-To: <CA+TuoW23MmatE-4enZotFDkF9prFK4UYf9DsRXmesVsVX1JqxQ@mail.gmail.com>
References: <20180512215222.GA30424@node1.localdomain>
 <CA+TuoW23MmatE-4enZotFDkF9prFK4UYf9DsRXmesVsVX1JqxQ@mail.gmail.com>
Message-ID: <CA+LEaar0uPmWCS2RR7M-Y4vVhwkm2TPw6QvB-=phpg0-rxe-Yw@mail.gmail.com>

What's wrong with the CGI script building an array? I think using the same
name multiple times is the way to go, at least it's common in other
language like Java.



On Sat, May 12, 2018 at 6:39 PM Khalid Baheyeldin <kb at 2bits.com> wrote:

> You should really be using a POST for this, so the data is not in the URL
> at all.
>
> But to your question, you can do:
>
> /cgi?A[0]=111&A[1]=222 ... etc.
>
> If it does not work, try escaping it with:
>
> %5B for [, and %5C for ]
>
>
> On Sat, May 12, 2018 at 5:52 PM, William Park via kwlug-disc <
> kwlug-disc at kwlug.org> wrote:
>
>> Hi all,  (apology if you're seeing it again)
>>
>> If I'm sending single valued data over web, eg. a=111, b=222, c=333,
>> then I can do
>>     http://.../xxx.cgi?a=111&b=222&c=333
>>
>> How do I send array data, like A[1]=111, A[2]=222, A[3]=333 to a CGI
>> script?  I don't think I can do something like
>>     http://.../xxx.cgi?A[1]=111&A[2]=222&A[3]=333
>> Or, can I?
>>
>> I have seen places where a same variable is repeated, eg.
>>     http://.../xxx.cgi?A=111&A=222&A=333
>> but that means the CGI script has to build the array.
>> --
>> William Park <opengeometry at yahoo.ca>
>>
>> _______________________________________________
>> kwlug-disc mailing list
>> kwlug-disc at kwlug.org
>> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>>
>
>
>
> --
> Khalid M. Baheyeldin
> 2bits.com, Inc.
> Fast Reliable Drupal
> Drupal optimization, development, customization and consulting.
> Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
> Simplicity is the ultimate sophistication. -- anonymous
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180512/6a76ea87/attachment.htm>

From kb at 2bits.com  Sat May 12 19:23:20 2018
From: kb at 2bits.com (Khalid Baheyeldin)
Date: Sat, 12 May 2018 19:23:20 -0400
Subject: [kwlug-disc] Sending array variable over Web/CGI?
In-Reply-To: <CA+LEaar0uPmWCS2RR7M-Y4vVhwkm2TPw6QvB-=phpg0-rxe-Yw@mail.gmail.com>
References: <20180512215222.GA30424@node1.localdomain>
 <CA+TuoW23MmatE-4enZotFDkF9prFK4UYf9DsRXmesVsVX1JqxQ@mail.gmail.com>
 <CA+LEaar0uPmWCS2RR7M-Y4vVhwkm2TPw6QvB-=phpg0-rxe-Yw@mail.gmail.com>
Message-ID: <CA+TuoW0__qFEMqAQDsUtdLcO_hokcjC0t-AveiJQYf_C1ptZpg@mail.gmail.com>

Nothing wrong with building an array.

The issue here is that the data is in the URL (array or not), and that
means it will be logged in the server's access logs, and crawlers may
follow it, ...etc. It can also reveal things that you may not want to
reveal. An extreme case is login name and password in the URL!

The proper way to avoid all this is to use POST, where the data is not
logged anywhere, and not visible to anyone (if you use SSL).

On Sat, May 12, 2018 at 6:55 PM, Raymond Chen <raymondchen625 at gmail.com>
wrote:

> What's wrong with the CGI script building an array? I think using the same
> name multiple times is the way to go, at least it's common in other
> language like Java.
>
>
>
> On Sat, May 12, 2018 at 6:39 PM Khalid Baheyeldin <kb at 2bits.com> wrote:
>
>> You should really be using a POST for this, so the data is not in the URL
>> at all.
>>
>> But to your question, you can do:
>>
>> /cgi?A[0]=111&A[1]=222 ... etc.
>>
>> If it does not work, try escaping it with:
>>
>> %5B for [, and %5C for ]
>>
>>
>> On Sat, May 12, 2018 at 5:52 PM, William Park via kwlug-disc <
>> kwlug-disc at kwlug.org> wrote:
>>
>>> Hi all,  (apology if you're seeing it again)
>>>
>>> If I'm sending single valued data over web, eg. a=111, b=222, c=333,
>>> then I can do
>>>     http://.../xxx.cgi?a=111&b=222&c=333
>>>
>>> How do I send array data, like A[1]=111, A[2]=222, A[3]=333 to a CGI
>>> script?  I don't think I can do something like
>>>     http://.../xxx.cgi?A[1]=111&A[2]=222&A[3]=333
>>> Or, can I?
>>>
>>> I have seen places where a same variable is repeated, eg.
>>>     http://.../xxx.cgi?A=111&A=222&A=333
>>> but that means the CGI script has to build the array.
>>> --
>>> William Park <opengeometry at yahoo.ca>
>>>
>>> _______________________________________________
>>> kwlug-disc mailing list
>>> kwlug-disc at kwlug.org
>>> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>>>
>>
>>
>>
>> --
>> Khalid M. Baheyeldin
>> 2bits.com, Inc.
>> Fast Reliable Drupal
>> Drupal optimization, development, customization and consulting.
>> Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
>> Simplicity is the ultimate sophistication. -- anonymous
>>
>> _______________________________________________
>> kwlug-disc mailing list
>> kwlug-disc at kwlug.org
>> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>>
>


-- 
Khalid M. Baheyeldin
2bits.com, Inc.
Fast Reliable Drupal
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
Simplicity is the ultimate sophistication. -- anonymous
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180512/f30eb590/attachment.htm>

From opengeometry at yahoo.ca  Sun May 13 01:06:16 2018
From: opengeometry at yahoo.ca (William Park)
Date: Sun, 13 May 2018 01:06:16 -0400
Subject: [kwlug-disc] Sending array variable over Web/CGI?
In-Reply-To: <CA+LEaar0uPmWCS2RR7M-Y4vVhwkm2TPw6QvB-=phpg0-rxe-Yw@mail.gmail.com>
References: <20180512215222.GA30424@node1.localdomain>
 <CA+TuoW23MmatE-4enZotFDkF9prFK4UYf9DsRXmesVsVX1JqxQ@mail.gmail.com>
 <CA+LEaar0uPmWCS2RR7M-Y4vVhwkm2TPw6QvB-=phpg0-rxe-Yw@mail.gmail.com>
Message-ID: <20180513050616.GB26980@node1.localdomain>

The only problem with using same variable name is that you can't skip
element.  I guess, the correct answer is "it depends on what is running
as CGI script". :-)
-- 
William Park <opengeometry at yahoo.ca>

On Sat, May 12, 2018 at 06:55:28PM -0400, Raymond Chen wrote:
> What's wrong with the CGI script building an array? I think using the same
> name multiple times is the way to go, at least it's common in other
> language like Java.
> 
> On Sat, May 12, 2018 at 6:39 PM Khalid Baheyeldin <kb at 2bits.com> wrote:
> 
> > You should really be using a POST for this, so the data is not in the URL
> > at all.
> >
> > But to your question, you can do:
> >
> > /cgi?A[0]=111&A[1]=222 ... etc.
> >
> > If it does not work, try escaping it with:
> >
> > %5B for [, and %5C for ]
> >
> >
> > On Sat, May 12, 2018 at 5:52 PM, William Park via kwlug-disc <
> > kwlug-disc at kwlug.org> wrote:
> >
> >> Hi all,  (apology if you're seeing it again)
> >>
> >> If I'm sending single valued data over web, eg. a=111, b=222, c=333,
> >> then I can do
> >>     http://.../xxx.cgi?a=111&b=222&c=333
> >>
> >> How do I send array data, like A[1]=111, A[2]=222, A[3]=333 to a CGI
> >> script?  I don't think I can do something like
> >>     http://.../xxx.cgi?A[1]=111&A[2]=222&A[3]=333
> >> Or, can I?
> >>
> >> I have seen places where a same variable is repeated, eg.
> >>     http://.../xxx.cgi?A=111&A=222&A=333
> >> but that means the CGI script has to build the array.
> >> --
> >> William Park <opengeometry at yahoo.ca>
> >>
> >> _______________________________________________
> >> kwlug-disc mailing list
> >> kwlug-disc at kwlug.org
> >> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
> >>
> >
> >
> >
> > --
> > Khalid M. Baheyeldin
> > 2bits.com, Inc.
> > Fast Reliable Drupal
> > Drupal optimization, development, customization and consulting.
> > Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
> > Simplicity is the ultimate sophistication. -- anonymous
> >
> > _______________________________________________
> > kwlug-disc mailing list
> > kwlug-disc at kwlug.org
> > http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
> >

> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org



From crankyoldbugger at gmail.com  Sun May 13 09:30:12 2018
From: crankyoldbugger at gmail.com (CrankyOldBugger)
Date: Sun, 13 May 2018 09:30:12 -0400
Subject: [kwlug-disc] Malware found in Ubuntu Snaps Store
Message-ID: <CAKyYXOTSq15zWRdH41P0WT7zLq_hbjUjwRwyOE7R8ZfeqKoZCQ@mail.gmail.com>

I suppose it was improbable, although I had hoped that we were a bit
sheltered from this stuff:

https://www.linuxuprising.com/2018/05/malware-found-in-ubuntu-snap-store.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180513/21747f98/attachment.htm>

From kb at 2bits.com  Sun May 13 11:15:04 2018
From: kb at 2bits.com (Khalid Baheyeldin)
Date: Sun, 13 May 2018 11:15:04 -0400
Subject: [kwlug-disc] Malware found in Ubuntu Snaps Store
In-Reply-To: <CAKyYXOTSq15zWRdH41P0WT7zLq_hbjUjwRwyOE7R8ZfeqKoZCQ@mail.gmail.com>
References: <CAKyYXOTSq15zWRdH41P0WT7zLq_hbjUjwRwyOE7R8ZfeqKoZCQ@mail.gmail.com>
Message-ID: <CA+TuoW1C1UzF_D8NdOpcZ-Bw1M0SRqr8G+PxUG7o7pcuANRucg@mail.gmail.com>

We were sheltered because the tried and tested methodology of repositories
made us immune to this for ~ 25 years or so.

The repositories (e.g. Debian and Ubuntu, ...etc.) relied on getting
applications that were open source of some sort, and had people who
advocated their inclusion. These people do the legwork of straightening out
the kinks in their configure, install, and update, and write code that
would make it into a .deb package, with config.d style configuration, pre
and post install scripts, ...etc.

Either that, or the application was well known enough and already did the
process as part of their release (think the well known databases, desktops,
...etc).

So there were eyes on the software.

Snap's model does not seem to have the equivalent of these safeguards:
stuff may be uploaded by anyone, and we have seen how this makes some apps
purely malware on Android and even Apple (who claim that they review apps).

On Sun, May 13, 2018 at 9:30 AM, CrankyOldBugger <crankyoldbugger at gmail.com>
wrote:

>
> I suppose it was improbable, although I had hoped that we were a bit
> sheltered from this stuff:
>
> https://www.linuxuprising.com/2018/05/malware-found-in-
> ubuntu-snap-store.html
>
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
>


-- 
Khalid M. Baheyeldin
2bits.com, Inc.
Fast Reliable Drupal
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
Simplicity is the ultimate sophistication. -- anonymous
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180513/adce3871/attachment.htm>

From bjonkman at sobac.com  Sun May 13 11:44:36 2018
From: bjonkman at sobac.com (Bob Jonkman)
Date: Sun, 13 May 2018 11:44:36 -0400
Subject: [kwlug-disc] Malware found in Ubuntu Snaps Store
In-Reply-To: <CA+TuoW1C1UzF_D8NdOpcZ-Bw1M0SRqr8G+PxUG7o7pcuANRucg@mail.gmail.com>
References: <CAKyYXOTSq15zWRdH41P0WT7zLq_hbjUjwRwyOE7R8ZfeqKoZCQ@mail.gmail.com>
 <CA+TuoW1C1UzF_D8NdOpcZ-Bw1M0SRqr8G+PxUG7o7pcuANRucg@mail.gmail.com>
Message-ID: <0817ab63-0a2c-31b9-6706-3baa1cce19bf@sobac.com>

Cranky writes:
> I suppose it was improbable

Did you mean "inevitable"?


Khalid writes:
> The repositories [...] had people who
> advocated their inclusion. These people do the legwork...

I don't think these people are appreciated enough. It certainly isn't
the glamour work of programming or spinning up a new distro or
developing a social media website...

--Bob, who would like to see the Floss Fund revived, but isn't willing
to do the legwork...


On 2018-05-13 11:15 AM, Khalid Baheyeldin wrote:
> We were sheltered because the tried and tested methodology of repositories
> made us immune to this for ~ 25 years or so.
> 
> The repositories (e.g. Debian and Ubuntu, ...etc.) relied on getting
> applications that were open source of some sort, and had people who
> advocated their inclusion. These people do the legwork of straightening out
> the kinks in their configure, install, and update, and write code that
> would make it into a .deb package, with config.d style configuration, pre
> and post install scripts, ...etc.
> 
> Either that, or the application was well known enough and already did the
> process as part of their release (think the well known databases, desktops,
> ...etc).
> 
> So there were eyes on the software.
> 
> Snap's model does not seem to have the equivalent of these safeguards:
> stuff may be uploaded by anyone, and we have seen how this makes some apps
> purely malware on Android and even Apple (who claim that they review apps).
> 
> On Sun, May 13, 2018 at 9:30 AM, CrankyOldBugger <crankyoldbugger at gmail.com>
> wrote:
> 
>>
>> I suppose it was improbable, although I had hoped that we were a bit
>> sheltered from this stuff:
>>
>> https://www.linuxuprising.com/2018/05/malware-found-in-
>> ubuntu-snap-store.html


Bob Jonkman <bjonkman at sobac.com>          Phone: +1-519-635-9413
SOBAC Microcomputer Services             http://sobac.com/sobac/
Software   ---   Office & Business Automation   ---   Consulting
GnuPG Fngrprnt:04F7 742B 8F54 C40A E115 26C2 B912 89B0 D2CC E5EA


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: OpenPGP digital signature
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180513/c2f7a106/attachment.sig>

From doug at moens.org  Sun May 13 11:46:21 2018
From: doug at moens.org (doug moen)
Date: Sun, 13 May 2018 11:46:21 -0400
Subject: [kwlug-disc] Malware found in Ubuntu Snaps Store
In-Reply-To: <CAKyYXOTSq15zWRdH41P0WT7zLq_hbjUjwRwyOE7R8ZfeqKoZCQ@mail.gmail.com>
References: <CAKyYXOTSq15zWRdH41P0WT7zLq_hbjUjwRwyOE7R8ZfeqKoZCQ@mail.gmail.com>
Message-ID: <CAGV6i+PjhM_gPgb2hKS5DFoy7QM6Gd3xTYAOFcK3XVvtG0mhgw@mail.gmail.com>

Thanks for posting that, Jeff. I will not be downloading any software from
the Ubuntu snap store.

As Khalid notes, the Google Play store has similar problems. I use F-Droid
instead, which is a curated open source Android app store.

On the other hand, I've been thinking about providing pre-compiled binaries
for my Curv software, and "snap" seems like a good format for Linux
binaries, since it avoids the problem of "dependency hell", which I am
already encountering. But, I guess I'll distribute the binaries via github.

On 13 May 2018 at 09:30, CrankyOldBugger <crankyoldbugger at gmail.com> wrote:

>
> I suppose it was improbable, although I had hoped that we were a bit
> sheltered from this stuff:
>
> https://www.linuxuprising.com/2018/05/malware-found-in-
> ubuntu-snap-store.html
>
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180513/f7db066e/attachment.htm>

From remi at georgianit.com  Sun May 13 11:53:14 2018
From: remi at georgianit.com (Remi Gauvin)
Date: Sun, 13 May 2018 11:53:14 -0400
Subject: [kwlug-disc] Malware found in Ubuntu Snaps Store
In-Reply-To: <CA+TuoW1C1UzF_D8NdOpcZ-Bw1M0SRqr8G+PxUG7o7pcuANRucg@mail.gmail.com>
References: <CAKyYXOTSq15zWRdH41P0WT7zLq_hbjUjwRwyOE7R8ZfeqKoZCQ@mail.gmail.com>
 <CA+TuoW1C1UzF_D8NdOpcZ-Bw1M0SRqr8G+PxUG7o7pcuANRucg@mail.gmail.com>
Message-ID: <e1ba4ad2-0783-0964-c38b-60f609d1fb81@georgianit.com>

On 2018-05-13 11:15 AM, Khalid Baheyeldin wrote:
> We were sheltered because the tried and tested methodology of repositories
> made us immune to this for ~ 25 years or so.
> 
>


One of the things I like about Ubuntu is the great ecosystem of PPA's.
Over the past several years, I found PPA's did a great job of filling
the gaps between what makes it into a relatively stable distro, and
those software packages I need to be newer for a specific task.  PPA's
were certainly more convenient that downloading and compiling from source.

In this regards, I'm a little torn.  On the one hand, it's just as easy
for a bad or careless actor to put a bad package in a PPA.  Without
Snaps isolation, such a package would root a system, essential requiring
a fresh install, or snapshot restore to guarantee system integrity.  Not
to mention her irrevocable lose of private/secret information.

However, in the case of PPA's I could carefully choose which PPA I drew
packages from, (and therefore, essentially, who to trust with the
system.)  With the snap store just allowing anyone to put whatever in
one big repository...well,, we all already know exactly where that
leads, and Ubuntu has provided an example in record time.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: remi.vcf
Type: text/x-vcard
Size: 193 bytes
Desc: not available
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180513/6bbb7353/attachment.vcf>

From kb at 2bits.com  Sun May 13 12:03:33 2018
From: kb at 2bits.com (Khalid Baheyeldin)
Date: Sun, 13 May 2018 12:03:33 -0400
Subject: [kwlug-disc] Malware found in Ubuntu Snaps Store
In-Reply-To: <e1ba4ad2-0783-0964-c38b-60f609d1fb81@georgianit.com>
References: <CAKyYXOTSq15zWRdH41P0WT7zLq_hbjUjwRwyOE7R8ZfeqKoZCQ@mail.gmail.com>
 <CA+TuoW1C1UzF_D8NdOpcZ-Bw1M0SRqr8G+PxUG7o7pcuANRucg@mail.gmail.com>
 <e1ba4ad2-0783-0964-c38b-60f609d1fb81@georgianit.com>
Message-ID: <CA+TuoW0LsRCyi-WaR=g=aDDbHNB+4Vkps5RgTsjbbt7jRBbEgg@mail.gmail.com>

On Sun, May 13, 2018 at 11:53 AM, Remi Gauvin <remi at georgianit.com> wrote:

> On 2018-05-13 11:15 AM, Khalid Baheyeldin wrote:
> > We were sheltered because the tried and tested methodology of
> repositories
> > made us immune to this for ~ 25 years or so.
>
> One of the things I like about Ubuntu is the great ecosystem of PPA's.
> Over the past several years, I found PPA's did a great job of filling
> the gaps between what makes it into a relatively stable distro, and
> those software packages I need to be newer for a specific task.  PPA's
> were certainly more convenient that downloading and compiling from source.
>
> In this regards, I'm a little torn.  On the one hand, it's just as easy
> for a bad or careless actor to put a bad package in a PPA.  Without
> Snaps isolation, such a package would root a system, essential requiring
> a fresh install, or snapshot restore to guarantee system integrity.  Not
> to mention her irrevocable lose of private/secret information.
>
> However, in the case of PPA's I could carefully choose which PPA I drew
> packages from, (and therefore, essentially, who to trust with the
> system.)  With the snap store just allowing anyone to put whatever in
> one big repository...well,, we all already know exactly where that
> leads, and Ubuntu has provided an example in record time.


While PPAs can include malware, it less likely. Why? Because PPAs are
usually created by someone to fill a niche (like you say). For example,
having older, or newer, versions of packages available.

Examples include:

Older PHP versions on LTS releases,
Newer still experimental GIMP releases with 16/32 bit colour,
Newer KStars version with all the latest astrophotography features

Usually, these PPAs have their source published somewhere (Launchpad)
and are built nightly automatically from that source. So the source can
be inspected.

And usually, there is a community behind these, and many users. If
someone tries to slip in malware, it will be discovered quickly.

Reminds of some 12 or so years back, when the founder of Wordpress
tried to slip in invisible link farm stuff in Wordpress, with negative CSS
offsets, but was outed quickly, and apologized.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180513/a68effa2/attachment.htm>

From jecurrie8 at gmail.com  Sun May 13 16:33:31 2018
From: jecurrie8 at gmail.com (Joan Currie)
Date: Sun, 13 May 2018 16:33:31 -0400
Subject: [kwlug-disc] what videos helped you learn Rails API?
Message-ID: <CADd9d7z8OppDcv9zK5Y5QiZRNLdYA35=6hhkegLg9_7iMbbnRQ@mail.gmail.com>

Hi Guys,

I have a question about Rails...  just thought I would ask.
I have been programming in Rails for 4 1/2 years but have just
learned about APIs.  I had been programming with the view
in Rails up to this point, with the MVC.

For people who program in Rails what videos helped you
learn Rails API?  I have gone through
https://gorails.com/series/how-to-build-apis-with-rails.
I found that helpful.

Thank you in advance.

Cheers,
Joan Currie
(really a physical oceanography)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180513/2099d05d/attachment.htm>

From chamunks at gmail.com  Sun May 13 22:04:32 2018
From: chamunks at gmail.com (Chamunks)
Date: Sun, 13 May 2018 22:04:32 -0400
Subject: [kwlug-disc] Malware found in Ubuntu Snaps Store
In-Reply-To: <CA+TuoW0LsRCyi-WaR=g=aDDbHNB+4Vkps5RgTsjbbt7jRBbEgg@mail.gmail.com>
References: <CAKyYXOTSq15zWRdH41P0WT7zLq_hbjUjwRwyOE7R8ZfeqKoZCQ@mail.gmail.com>
 <CA+TuoW1C1UzF_D8NdOpcZ-Bw1M0SRqr8G+PxUG7o7pcuANRucg@mail.gmail.com>
 <e1ba4ad2-0783-0964-c38b-60f609d1fb81@georgianit.com>
 <CA+TuoW0LsRCyi-WaR=g=aDDbHNB+4Vkps5RgTsjbbt7jRBbEgg@mail.gmail.com>
Message-ID: <CAN4GX9Fc6NZWsXTziUuvSEMWxaZKrCqr6SwhO64bZn6C8rX-HQ@mail.gmail.com>

Nothing is immune to supply chain attacks.  The supply chain attack has
been pretty common over the last year or two at this point in other
repository based software delivery systems.

See CCleaner, Chrome extensions, Android app stores, sometimes even the
Apple app store.

Your security system is only as secure as the weakest link in the chain and
who said you need to be good at security just to be an app or package
developer.

Compromise the source code and you've now technically created a far more
potent attack then you could have other ways. Because now in a world where
you're almost asking for trouble if you're not constantly on top of your
updates you're damned if you do damned if you don't.

On Sun, May 13, 2018, 12:03 PM Khalid Baheyeldin <kb at 2bits.com> wrote:

> On Sun, May 13, 2018 at 11:53 AM, Remi Gauvin <remi at georgianit.com> wrote:
>
>> On 2018-05-13 11:15 AM, Khalid Baheyeldin wrote:
>> > We were sheltered because the tried and tested methodology of
>> repositories
>> > made us immune to this for ~ 25 years or so.
>>
>> One of the things I like about Ubuntu is the great ecosystem of PPA's.
>> Over the past several years, I found PPA's did a great job of filling
>> the gaps between what makes it into a relatively stable distro, and
>> those software packages I need to be newer for a specific task.  PPA's
>> were certainly more convenient that downloading and compiling from source.
>>
>> In this regards, I'm a little torn.  On the one hand, it's just as easy
>> for a bad or careless actor to put a bad package in a PPA.  Without
>> Snaps isolation, such a package would root a system, essential requiring
>> a fresh install, or snapshot restore to guarantee system integrity.  Not
>> to mention her irrevocable lose of private/secret information.
>>
>> However, in the case of PPA's I could carefully choose which PPA I drew
>> packages from, (and therefore, essentially, who to trust with the
>> system.)  With the snap store just allowing anyone to put whatever in
>> one big repository...well,, we all already know exactly where that
>> leads, and Ubuntu has provided an example in record time.
>
>
> While PPAs can include malware, it less likely. Why? Because PPAs are
> usually created by someone to fill a niche (like you say). For example,
> having older, or newer, versions of packages available.
>
> Examples include:
>
> Older PHP versions on LTS releases,
> Newer still experimental GIMP releases with 16/32 bit colour,
> Newer KStars version with all the latest astrophotography features
>
> Usually, these PPAs have their source published somewhere (Launchpad)
> and are built nightly automatically from that source. So the source can
> be inspected.
>
> And usually, there is a community behind these, and many users. If
> someone tries to slip in malware, it will be discovered quickly.
>
> Reminds of some 12 or so years back, when the founder of Wordpress
> tried to slip in invisible link farm stuff in Wordpress, with negative CSS
> offsets, but was outed quickly, and apologized.
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180513/137413cc/attachment.htm>

From mb at 3nsoft.com  Mon May 14 11:00:22 2018
From: mb at 3nsoft.com (Mikalai Birukou)
Date: Mon, 14 May 2018 11:00:22 -0400
Subject: [kwlug-disc] EFail: S/MIME & GPG
Message-ID: <7eb69ba4-8e6c-fe1c-a13e-eba837b694bd@3nsoft.com>

May be you've heard about efail paper: 
https://efail.de/efail-attack-paper.pdf

Checkout Table 4, on page 11, to see if your setup is affected.

Partial mitigation is to turn auto-decrypt. Messages can be decrypted, 
opened and viewed only when your detached from the net.




From mb at 3nsoft.com  Mon May 14 11:13:57 2018
From: mb at 3nsoft.com (Mikalai Birukou)
Date: Mon, 14 May 2018 11:13:57 -0400
Subject: [kwlug-disc] EFail: S/MIME & GPG
In-Reply-To: <7eb69ba4-8e6c-fe1c-a13e-eba837b694bd@3nsoft.com>
References: <7eb69ba4-8e6c-fe1c-a13e-eba837b694bd@3nsoft.com>
Message-ID: <200baee9-4f83-2cf6-0b20-61566e116bbd@3nsoft.com>

Random thoughts about efail.

1) Verbatim quote: "In? its? simplest? form,? an? email? is? a text? 
message? conforming to the Internet Message Format (IMF) [26].? As the 
IMF lacks features that are required in the modern Internet,? such? as? 
the? transmission? of? binary? data ..."

Highlight "lacks features that are required in the modern Internet".

2) We have a mix of parsing contexts here: img tag with direct 
replacement of base64-encoded cyphertext with a plain text.

3) Use of malleable encryption, especially in historical context. Quote: 
" Malleability of these two encryption modes is well-known and has been 
exploited in many attacks on network protocols like TLS, IPsec, or SSH 
[14?25], but it has not been exploited in plaintext-recovery attacks on 
email standards."

Reminds me Corry Doctorow's words at PI talk. Something like a rate of 
independent bug rediscovery is 20% a year. APTs, anyone?


Nonetheless, cheer up.


On 2018-05-14 11:00 AM, Mikalai Birukou via kwlug-disc wrote:
> May be you've heard about efail paper: 
> https://efail.de/efail-attack-paper.pdf
>
> Checkout Table 4, on page 11, to see if your setup is affected.
>
> Partial mitigation is to turn auto-decrypt. Messages can be decrypted, 
> opened and viewed only when your detached from the net.
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>




From mb at 3nsoft.com  Mon May 14 11:24:32 2018
From: mb at 3nsoft.com (Mikalai Birukou)
Date: Mon, 14 May 2018 11:24:32 -0400
Subject: [kwlug-disc] EFail: S/MIME & GPG
In-Reply-To: <7eb69ba4-8e6c-fe1c-a13e-eba837b694bd@3nsoft.com>
References: <7eb69ba4-8e6c-fe1c-a13e-eba837b694bd@3nsoft.com>
Message-ID: <c4c373c4-65bf-a303-166e-3cc733d047d6@3nsoft.com>

Random thoughts about efail

4) Isolation of contexts for encrypted and untrusted parts of the message.

5) XSS going wild. Qoute: "We used well-known Cross Site Scripting test 
vectors and placed them in various header fields like Subject: as well 
as in the mail body.? We identified five mail clients which are prone to 
JavaScript execution, allowing the construction of particularly flexible 
backchannels."


On 2018-05-14 11:00 AM, Mikalai Birukou via kwlug-disc wrote:
> May be you've heard about efail paper: 
> https://efail.de/efail-attack-paper.pdf
>
> Checkout Table 4, on page 11, to see if your setup is affected.
>
> Partial mitigation is to turn auto-decrypt. Messages can be decrypted, 
> opened and viewed only when your detached from the net.
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>




From mb at 3nsoft.com  Tue May 15 09:44:45 2018
From: mb at 3nsoft.com (Mikalai Birukou)
Date: Tue, 15 May 2018 09:44:45 -0400
Subject: [kwlug-disc] Cross-post: EFF/EFAIL and Autocrypt
In-Reply-To: <20180515110827.GN24363@beto>
References: <20180515110827.GN24363@beto>
Message-ID: <573a8995-aa5b-e15c-9e6d-b47824bde879@3nsoft.com>

Cross-posting from autocrypt:

Hello autocrypt folks,

many of you have heard of the EFAIL vulnerabilities
as communicated by the EFF.

To the best of current knowledge, the three released
Autocrypt-supporting user facing mail apps are affected
in the following way:

- Enigmail is not affected since version 2.0 (released in March 2018).
   However, there is still an open vulnerability in Thunderbird,
   therefore we recommend that you view messages as plain text
   (menu View > Message Body as > Plain text).

- K-9 Mail/Android was never affected

- Delta.chat was never affected

That being said, we will monitor the situation and related security
discussions and inform here on any new insights, and remain
alert to update our mail software if needed. If you use other mail
programs with PGP support, it's probably a good idea to:

1. Turn off loading of external resources. This is a recommended
    practice for privacy reasons anyway as this can be used
    for remote tracking purposes.

2. Turn off automatic HTML rendering of messages
    unless you really need it.

3. Check if the app or addons you are using
    for PGP are up to date and follow the advise
    of respective developers.

It's also always a good idea to use a
reliable and trustworthy e-mail provider.
After all, the attack requires both of

a) someone possessing recorded encrypted e-mail messages

b) injecting a new mangled recorded message to your incoming mail processing.

An attempted attack would probably show up in your mail INBOX and thus
not go unnoticed.  An attacker with access to a recorded encrypted
message can turn it into a new message that when decrypted and displayed
as HTML with a vulnerable client will reveal the content of the
encrypted message to them. Third parties (other than the e-mail provider)
do usually not have access  to a person's e-mail message
and thus cannot carry out the attack.

Let us conclude that we find the general advice and communication from
the EFF to "stop using PGP"  misleading. It caused a lot of fear and
uncertainty and pushes users into the direction of not using e-mail PGP
encryption where they still should and, as in the case of Autocrypt and
other clients, can safely do. It is also unhelpful and largely
unpractical to recommend using Signal instead of e-mail.

Patrick (Enigmail),
Vincent (K-9 Mail),
Bjoern (Delta.chat),
Holger (muacrypt)
_______________________________________________
Autocrypt mailing list

Post: Autocrypt at lists.mayfirst.org
List info: https://lists.mayfirst.org/mailman/listinfo/autocrypt




From paul_nijjar at yahoo.ca  Thu May 24 12:58:38 2018
From: paul_nijjar at yahoo.ca (Paul Nijjar)
Date: Thu, 24 May 2018 12:58:38 -0400
Subject: [kwlug-disc] OT: Maker Expo 2018 - Last Call for Volunteers!
Message-ID: <20180524165838.GN1133@nb-heartburn>


It sounds as if Maker Expo is looking for more volunteers, so if you
were waffling about whether to help out, Ben would like to persuade
you to help out.

- Paul


----- Forwarded message from Ben Brown via Discuss <discuss at kwartzlab.ca> -----

Date: Thu, 24 May 2018 11:37:14 -0400
From: Ben Brown via Discuss <discuss at kwartzlab.ca>
To: "Members List (kwartzlab)" <members at kwartzlab.ca>, Kwartzlab Discuss
	<discuss at kwartzlab.ca>
Cc: Ben Brown <ben at generik.ca>
Subject: [KwartzLab] Maker Expo 2018 - Last Call for Volunteers!

<http://www.makerexpo.ca/>


    *Last Call for Volunteers!*


        May 24th 2018

Hey folks!?*Maker Expo is just over a week away(!)*?so we're putting out
our last call for volunteers!?We still need to fill some shifts during
the big weekend -- opportunities are below.

Volunteers will receive a Maker Expo volunteer t-shirt, as well as food
and drink during the event. The Maker Expo organizing team is committed
to making the day fun for everyone and that includes our volunteers!
You'll get any required training on-site.?A past survey of volunteers
indicated that 97% would volunteer with us again.?*If you can spare some
time to help us make 2018 our best Maker Expo ever, please sign up using
the button below:*

JOIN US TODAY! <https://www.volgistics.com/ex/portal.dll/ap?ap=978437320>


        *Volunteer Opportunities*

*Workshops:*?We?re running a couple workshops that will need extra
hands. If you want to get creative, and work closely with guests, and
make stuff, this is the job for you. Any additional training will be
provided.

*Speaker Series:*?Help guide visitors and answer questions about our new
speaker series,?as well as?help the emcee facilitate.

*Greeters:*?We want guests to feel immediately at home at Maker Expo.
Greeters help make that happen by welcoming and directing visitors and
answering general questions about the event.

*General volunteers:?*Odd jobs and general assistance for attendees and
exhibitors. This may involve supervising an exhibit for a few minutes
while the exhibitor grabs a bite to eat, or answering general questions
like, ?where are the washrooms??

*Setup/Tear Down*: Help us get the event setup, put up signs, and help
the exhibitors get their stuff to/from their tables. Help us dismantle
the event afterward.


      Get the word out!

If you can't volunteer for the big weekend, please consider sharing our
Call for Volunteers blog post on social media to help spread the word:

http://www.makerexpo.ca/2018/05/volunteer-with-us/

*Thanks for reading (and for your support!),?we hope to see you on June
2nd-3rd!*

Yours truly,
*Ben Brown
Maker Expo Organizer*


_______________________________________________
Discuss mailing list
Discuss at kwartzlab.ca
http://kwartzlab.ca/mailman/listinfo/discuss_kwartzlab.ca


----- End forwarded message -----

-- 
http://pnijjar.freeshell.org



From davecramer at gmail.com  Thu May 24 14:32:25 2018
From: davecramer at gmail.com (Dave Cramer)
Date: Thu, 24 May 2018 14:32:25 -0400
Subject: [kwlug-disc] Waterloo PostgreSQL meetup
Message-ID: <CADK3HHLN2_5Cgxbq6RRh3m84BQ+Y+XOx-n91DHKP+4WgeXwt0Q@mail.gmail.com>

Hello,

I've create a pg meetup https://www.meetup.com/Waterloo-PostgreSQL-Meetup/

I'm thinking of a basic "this is postgres" talk for the first meetup.

Please join if interested and I'm open to other suggestions.

Thanks,
Dave Cramer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180524/71a45303/attachment.htm>

From chamunks at gmail.com  Fri May 25 10:27:12 2018
From: chamunks at gmail.com (Chamunks)
Date: Fri, 25 May 2018 10:27:12 -0400
Subject: [kwlug-disc] Waterloo PostgreSQL meetup
In-Reply-To: <CADK3HHLN2_5Cgxbq6RRh3m84BQ+Y+XOx-n91DHKP+4WgeXwt0Q@mail.gmail.com>
References: <CADK3HHLN2_5Cgxbq6RRh3m84BQ+Y+XOx-n91DHKP+4WgeXwt0Q@mail.gmail.com>
Message-ID: <CAN4GX9Gek5eTCoiubqDeAWStSAa3qa=bUzVEh4=BXWGvOV8yAg@mail.gmail.com>

If I'm in town I'd go to this.

On Thu, May 24, 2018, 2:33 PM Dave Cramer, <davecramer at gmail.com> wrote:

> Hello,
>
> I've create a pg meetup https://www.meetup.com/Waterloo-PostgreSQL-Meetup/
>
> I'm thinking of a basic "this is postgres" talk for the first meetup.
>
> Please join if interested and I'm open to other suggestions.
>
> Thanks,
> Dave Cramer
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180525/7cd13610/attachment.htm>

From paul_nijjar at yahoo.ca  Sat May 26 11:42:44 2018
From: paul_nijjar at yahoo.ca (Paul Nijjar)
Date: Sat, 26 May 2018 11:42:44 -0400
Subject: [kwlug-disc] OT: General Data Protection Regulation
Message-ID: <20180526154243.GA4249@nb-heartburn>

I am trying to understand the EU's new General Data Protection
Regulation (GDPR). 

Does this only apply to personally-identifiable information (PII)?

Does it protect EU citizens from being put into demographic buckets
that are not personally identifiable and being targeted/profiled in
that way?

Does this do something useful or will it turn into a hinderance like
the irritating "we use cookies and if you want to use our
website you must close this modal popup" nonsense? Am I going to have to
close more modal popups because of this? (Has this cookie popup thing
done anything productive at all?)

Is there a good overview about the impacts of this thing? 

- Paul
-- 
http://pnijjar.freeshell.org



From mb at 3nsoft.com  Sat May 26 12:00:47 2018
From: mb at 3nsoft.com (Mikalai Birukou)
Date: Sat, 26 May 2018 12:00:47 -0400
Subject: [kwlug-disc] OT: General Data Protection Regulation
In-Reply-To: <20180526154243.GA4249@nb-heartburn>
References: <20180526154243.GA4249@nb-heartburn>
Message-ID: <95d66c65-1bb5-015e-2b6d-7d7813b50549@3nsoft.com>

Without adding clarity :) , those popups may also be seen as a forced 
consent: https://noyb.eu/

On a side: who knew that this subject will get so entertaining ;)


On 2018-05-26 11:42 AM, Paul Nijjar via kwlug-disc wrote:
> I am trying to understand the EU's new General Data Protection
> Regulation (GDPR).
>
> Does this only apply to personally-identifiable information (PII)?
>
> Does it protect EU citizens from being put into demographic buckets
> that are not personally identifiable and being targeted/profiled in
> that way?
>
> Does this do something useful or will it turn into a hinderance like
> the irritating "we use cookies and if you want to use our
> website you must close this modal popup" nonsense? Am I going to have to
> close more modal popups because of this? (Has this cookie popup thing
> done anything productive at all?)
>
> Is there a good overview about the impacts of this thing?
>
> - Paul




From mb at 3nsoft.com  Mon May 28 09:15:54 2018
From: mb at 3nsoft.com (Mikalai Birukou)
Date: Mon, 28 May 2018 09:15:54 -0400
Subject: [kwlug-disc] Schedule on watcamp-news
Message-ID: <efc10f50-8084-672e-69fe-d38ab8a676cd@3nsoft.com>

watcamp-news email states that next KWLUG meeting is at an original 
place at 6:30pm. While site says new info. May be source for 
watcamp-news should be adjusted.



From dscassel at gmail.com  Wed May 30 13:20:39 2018
From: dscassel at gmail.com (Darcy Casselman)
Date: Wed, 30 May 2018 13:20:39 -0400
Subject: [kwlug-disc] Schedule on watcamp-news
In-Reply-To: <efc10f50-8084-672e-69fe-d38ab8a676cd@3nsoft.com>
References: <efc10f50-8084-672e-69fe-d38ab8a676cd@3nsoft.com>
Message-ID: <CAA=K3Wdx7aFEvKu4-sejjE=isgCsW3NEUc6cxz_-yF5YR23PJw@mail.gmail.com>

I suspect Bob's a little busy these days to keep on top of the watcamp
calendar...

On Mon, May 28, 2018 at 9:15 AM, Mikalai Birukou via kwlug-disc <
kwlug-disc at kwlug.org> wrote:

> watcamp-news email states that next KWLUG meeting is at an original place
> at 6:30pm. While site says new info. May be source for watcamp-news should
> be adjusted.
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180530/5c8df1cf/attachment.htm>

From locklin.jason at gmail.com  Thu May 31 10:06:19 2018
From: locklin.jason at gmail.com (Jason Locklin)
Date: Thu, 31 May 2018 10:06:19 -0400
Subject: [kwlug-disc] OT: Local Hamfest on Sunday
Message-ID: <CABq3__EZwjPaUkpUE2fTtqSo7fxN7d_+5cHX5S0A0agz-=05Tg@mail.gmail.com>

Just a heads-up that the Central Ontario Hamfest is this Sunday
morning at the Waterloo Regional Police Association Recreation Park,
Cambridge. It's a worthwhile outing for anyone interested in radio and
electronics hobbies. It's usually about 90% hobbyists selling
equipment and components, and a handful of commercial vendors of new
electronics, radio equipment, occasionally OTA or VOIP stuff. There
are still vendor spaces available as well.

ps. I will have a tailgate table if anyone has some FLOSS CDs kicking
around I can give away.

Link: http://hamfest.on.ca/
_
Jason