(old)Puppy Linux Discussion Forum

... he doesn't want to lose his users, their donations and corporate sponsorship.

Oh no. That'll be the end of Puppy then.

anikin wrote:

mavrothal wrote:and checks with icanhazip when you want to know your external IP.

Automatically, mind you on *every* startup.

(addition) If Debian, Arch or Slackware don't use these *bogus* pinging scripts, why should Puppy? Why Patrick Volkerding doesn't implement them in Slackware? Because, he doesn't want to lose his users, their donations and corporate sponsorship.

Please stick to facts. That was a bug in tasmod's 'firewallstate' which was gone almost 2 years ago.

Here are some more facts.

Puppy runs as root.

Barry introduced all these things that you are whining about. Where was the whine to Barry? I can't find it.

All I can find is a legitimate whine about xorgwizard putting a file on the HDD with which I agreed.

In essence, what you say is "let the program run.. if it bugs out, bad luck". That's what happens if you run PPM (and others) without the forbidden fruit - aka 'pings'.

Slackware connects to akamai.

stemsee wrote:Certainly no one can sensibly argue that my consciously connecting my computer to the internet with whatever method is less preferable than my computer connecting to the internet because someone else programmed it to. Clearly that should never be the case except by explicit arrangement.

For a long time now, puppy has automatically configured and connected a wired connection if available. Security is a trade off of 'convenience'. Do you find this feature convenient? Do you think the majority of users find this feature convenient? If the former is 'no', please explain. If the latter is 'no', likewise.

I really find this discussion puzzling, the whole goddam thing, considering puppy always has, currently and in the foreseeable future will, run as root by default.

01micko is right - root makes it moot.

Micko wrote:Barry introduced all these things that you are whining about. Where was the whine to Barry? I can't find it.

Guilty as charged. I'm not prepared to point a finger at Barry for various reasons. He introduced me to Linux through Puppy. Intellectually, he's closer to me, than you - he'd never use the word "bleat" in a response to an opponent. Am I not entitled to a little bit of double standards? More importantly though, he's retired and is not part of Woof-CE. I blissfully and sincerely believe, the *features* are killing this community, they are the reason it has so dramatically shrunk recently. "They will be the end of Puppy" - mark my words. I don't hold my breath, though. You guys are in control. You're determined to stand your ground and take down Puppy with you. As for running as root, I absolutely, unconditionally refuse to run any Linux distro in any other manner. *Fear Not Root*.

01micko wrote:Slackware connects to akamai.

Isn't that the case only when you're using KDE?

anikin wrote:

Micko wrote:Barry introduced all these things that you are whining about. Where was the whine to Barry? I can't find it.

Guilty as charged. I'm not prepared to point a finger at Barry for various reasons. He introduced me to Linux through Puppy. Intellectually, he's closer to me, than you - he'd never use the word "bleat" in a response to an opponent. Am I not entitled to a little bit of double standards? More importantly though, he's retired and is not part of Woof-CE. I blissfully and sincerely believe, the *features* are killing this community, they are the reason it has so dramatically shrunk recently. "They will be the end of Puppy" - mark my words. I don't hold my breath, though. You guys are in control. You're determined to stand your ground and take down Puppy with you. As for running as root, I absolutely, unconditionally refuse to run any Linux distro in any other manner. *Fear Not Root*.

You are quite delusional. I like Puppy because it's friendly and easy to use. I'm not switching to something less fun.

Really, aniken. Puppy is not diminishing, or nearing its end, or being taken down. It is so far-flung, wide-spread, and diversified that its scope defies measurement. No one can possibly know any longer what its size or reach is. It's almost self-replicating. It is so substantial it can support any number of factions: visions, revisions, and divisions. It can even support its own feudalism, zealots, and prophets of doom, but that doesn't mean it has to have such features. Please mind your tone, if you are seeking improvement.

anikin wrote:Because, he doesn't want to lose his users, their donations and corporate sponsorship.

This is out of topic, but I'll comment anyway - I'm not aware that the Puppy builders got any donations or corporate sponsorship. If anything, that should make them more independent that those who are beholden to these strings, not the other way around.

The only person trying to make commercial benefits from Puppy is l0wtech, with his Puppy Studio. I don't know how he's doing, but any profit he made is definitely his - it doesn't come back to the Puppy builders, or paying for Puppy infrastructure, etc.

anikin wrote:You guys are in control.

You are mistaken. *You* are in control of *your* Puppy. Making Woof-CE code - the Puppy-builder code - publicly available ensure this. Puppy-building is *fully reproducible*. Go download Woof-CE, and you can run through the same process that 01micko, 666philb, peebee, iguleder, or any other puppy builder do - and you'll get exactly the same Puppy as the released versions. Which other flavours of Linux allows you to do this as easy as Woof-CE does it? Slackware, Fedora, Ubuntu, Debian, Mint, definitely don't.

Once you can build a released version of Puppy from nothing using Woof-CE, it is a trivial matter to make your own modifications to Woof-CE to build your own privacy-hardened version of Puppy. You can even release it to the public at large, if you're feeling generous and concerned that the so-called "mainstream" Puppy has been "led astray". Then let the public vote which one they prefer - yours, or theirs.

I think by now it is quite clear what you wish; and by now it is also quite clear that there are opposing views. You have made your concern very clear, but you also need to accept that there are others don't share your concerns. For the 3rd time - decisions have to be made, and you can't satisfy everyone. In this circumstance, it happens to be you.

But as I said above - it is not a problem, because thanks to Woof-CE, you are in charge of your own Puppy --- if you wish it. Or, if you can't be bothered with Woof-CE, just customise your choice of Puppy and make a remaster, which you can also release to the public to gauge their interest.
If you do plan to engage in this activity, I'd suggest you look at Puli, a variant of Puppy targeted for similar audience. I've not personally used or tested it, but its features are quite extensive so it may be a good base for you to start tinkering with.

I think I’ll try one last time and that’s it for me.

- Puppy pings duckduckgo on first boot to see if it is going to offer a network configuration option/prompt. Without this info, should either offer it regardless of established connection or do not offer it at all. Should this functionality be eliminated so the ping can be deleted?
- Puppy pings duckduckgo on PPM startup to know if it can search for a service pack. More important, in a case of a package installation failure, to know if there is no network and suggest connection, or if the server is down and try for another server or if the package is not there and suggest a database update. Should we abolish this functionality and let the user figure out for him/herself so we can eliminate this ping?
- Puppy pings duckduckgo when a user ask for a video upgrade to know if there is no connection or if no upgrade available and respond accordingly? Should we abolish this functionality and just tell the user that he is “out of luck

eric52 wrote:...but that doesn't mean it has to have such features. Please mind your tone, if you are seeking improvement

jamesbond wrote:...For the 3rd time - decisions have to be made, and you can't satisfy everyone. In this circumstance, it happens to be you...

Do you, guys suggest I should kiss someone on both cheeks ... or maybe on all four to improve the situation - any particular target? Please, advise asap.

How about adding something like mavrothal's last post above (cleaned up a bit and with typos corrected ) to the setup window that appears when Puppy boots for the first time (or every time, if booting from CD), and ask if the user wants Puppy to try to connect? Puppy would not even attempt to connect to a network until the "Accept" button is clicked. If the user clicks the "God, NO" button, none of the connecting and pinging scripts would be activated. How hard would that be?

anikin wrote:

eric52 wrote:...but that doesn't mean it has to have such features. Please mind your tone, if you are seeking improvement

jamesbond wrote:...For the 3rd time - decisions have to be made, and you can't satisfy everyone. In this circumstance, it happens to be you...

Do you, guys suggest I should kiss someone on both cheeks ... or maybe on all four to improve the situation - any particular target? Please, advise asap.

No, you should nicely ask where the code is that makes these pings that you think are so evil. Then you should comment out the appropriate places and remaster it. Should take less than 1/2 an hour.

anikin wrote:.... to improve the situation...

...to improve the situation for you...

As has been advised many times now, the consensus is that a situation does not exist which needs improving. The benefit for the majority is being put above the wishes of a minority.

I don't understand why those pings are so bad.

From a security perspective, if you capture those packets (using MITM), you gain only one thing: now you know it's probably Puppy. However, fingerprinting a distro is incredibly easy anyway (for example, by capturing browser user agents, e-mail client version strings, etc'). In fact, those pings are a less accurate way to fingerprint the distro, because they won't give you its version.

From a privacy perspective, those pings mean nothing: imagine a scenario where you always browse from Tor Browser, so the only traffic that doesn't go through Tor is a duckduckgo.com ping. If someone uses that ping to trace you or to fingerprint your distro, after capturing your Tor traffic, that someone already knows your real location, so this is meaningless.

And if you're worried about outgoing traffic, I can't think of a scenario in which you're connected to the internet, but deliberately choose not to take advantage of this. Why connect your network interface in first place? Put it down to save some battery life.

And by the way, nobody mentioned this: probing of icanhazip.com in ipinfo is disabled by default.

So, ask a user to decide if (s)he ever going to need a help page the first time (s)he boots a new system?

But is there any reason for all these besides FUDD.
Did anyone (including the 200000 pages released by E. Snowden) gave any indication that any of these pings is relevant to surveillance? Government or otherwise?
Is there any indication anywhere on the net that a ping by itself is an avenue of tracing or intrusion? Please someone provide some info of a case that this actually happened somewhere. Something other than FUDD.

Fear on the other hand is the most effective way to inactive and sideline people. Is that what we want? People going around looking over their shoulder?

@Flash and I have offered an idea that may have merit beyond that of whether PUPPY checked the WAN for active service.

MANY other distros and vendor OSes employ this for the same reasons that we are "covering a sub-topic" over the recent days.

On pristine boot, would an opening page before FirstRUN selections post, forcing user to checkoff that he read the page, be a positive/negative. Remember we are ONLY talking about an addition to FirstRUN on the very first boot of a PUP.

The reason for FirstRUN is so very important to every start and has become a Puppy Linux staple following the work of @Shinobar, @BarryK, @TaZoC, @01Micko and the others who acknowledge its value to any Puppy user(s). Its this one beginning which, IMHO, makes a user feel comfortable, in control, and have some knowledge of his understanding of his PUP. Some may feel this artificial, but, it is real for many a novice.

If there is merit in the idea, FirstRUN may offer a simple solutions to provide some satisfaction in using it to give initial user awareness of almost anything which we feel may be important or pertinent to Puppy Linux starts.

Again.

Since the vast majority of distros automagically connect to the internet on boot,without any warnings,why add more complexity to Puppy while progressing backwards?

jamesbond wrote: Once you can build a released version of Puppy from nothing using Woof-CE, it is a trivial matter to make your own modifications to Woof-CE to build your own privacy-hardened version of Puppy. You can even release it to the public at large, if you're feeling generous and concerned that the so-called "mainstream" Puppy has been "led astray". Then let the public vote which one they prefer - yours, or theirs.

snip/

But as I said above - it is not a problem, because thanks to Woof-CE, you are in charge of your own Puppy --- if you wish it. Or, if you can't be bothered with Woof-CE, just customise your choice of Puppy and make a remaster, which you can also release to the public to gauge their interest.

Appears to be a good plan.

Except it's much easier to bitch and moan about a decidedly minority held position than to actually contribute to anything.

mavrothal wrote:...but I’m not building puppies. Other people build or remaster puppies and release them. If none of them wants to change the above in the builds they release why should they be changed in woof?

Let's take the burden off Woof-CE.
An ideal solution would be to disable them *all* in Woof-CE and let Puppy builders make a responsible decision. They are better equipped to handle user feedback. Let them build a test release, with everything disabled to check to see how it goes. Discussions at that level will be much more focused, productive and meaningful. A separation of responsibilities + better leverage and freedom of movement for Puppy builders. Just a humble thought.

01micko wrote: For a long time now, puppy has automatically configured and connected a wired connection if available. Security is a trade off of 'convenience'. Do you find this feature convenient? Do you think the majority of users find this feature convenient? If the former is 'no', please explain. If the latter is 'no', likewise.

First of all my agreement with Anikin is in principle only.
Secondly until recently, I only ever connected to the internet over a wifi connection. Recently I found two desktop PCs in the university library which have BIOSes left to boot from usb. After booting puppy on them I need to manually initiate the eth1 connection, which it then remembers with the savefile and auto-connects next boot which I find immensely convenient, as I am certain do the vast majority of other users.

So in practice, the way puppy pings doesn't bother me much at all, in principle I still agree with Anikin. I do not see a contradiction in my position, except that I am neither complaining about it nor doing the coding in woof-ce, but neither are a lot of the other voices!

Keep up the good work chaps! Puppy is the most versatile distro ever! But why are there so many 's/bin' directories and not just one of each? (linux in general actually)