Recent changes to this wiki. Not to be confused with my history.

Complete source to the wiki is available on gitweb or by cloning this site.

die spammer die
diff --git a/blog/2005-07-21-petit-update-de-voyage-live/comment_1_5e9afa493deff69b2d30273ae9e9f88d._comment b/blog/2005-07-21-petit-update-de-voyage-live/comment_1_5e9afa493deff69b2d30273ae9e9f88d._comment
deleted file mode 100644
index 6e7cb38b..00000000
--- a/blog/2005-07-21-petit-update-de-voyage-live/comment_1_5e9afa493deff69b2d30273ae9e9f88d._comment
+++ /dev/null
@@ -1,12 +0,0 @@
-[[!comment format=creole
- ip="128.71.53.41"
- claimedauthor="RichardVof"
- subject="герметичные пакеты для хранения продуктов"
- date="2019-12-14T11:34:22Z"
- content="""
-Наша фирменная сервисная служба транспортировки была организована с целью, чтоб нашим заказчикам было практично. У нас организации ИП Манин Щекино имеется в наличии свой автомобильный парк а также штат курьеров. Мы готовы доставить нужный товар для вас в оптимальное время. Для этого просто-напросто выберите эту сервисную услугу. Тогда ваш товар будет доставлен предельно точно и быстро. Вы можете рассчитывать на своевременное сопровождение, индивидуальные решения и отличное качество печати.  
-<a href=https://paketos.ru/catalog/pakety-s-ploskim-dnom/>крафт пакет с плоским дном</a> 
- 
- 
-Компания НПК Калагин Волжск стремится предоставить заказчику, шикарный товар и сервис. Наш большой запас изделий( пакетах с вырубной ручкой) на нашем складе, быстрый оборот заказов, прекрасное сервис потенциальных клиентов и более очень доступные каждому покупателю стоимость товара позволяет покупать пакетах с замком (зип-лок пакеты) абсолютно всем. Знаменитая корпорация импортирует, производит, и реализует весь набор упаковки( пакетов с плоским дном).
-"""]]

mise à jour: encore bien content de transmission!
diff --git a/blog/2012-08-12-conversion-rtorrent-vers-transmission.mdwn b/blog/2012-08-12-conversion-rtorrent-vers-transmission.mdwn
index 9f379f1e..6c38d3cb 100644
--- a/blog/2012-08-12-conversion-rtorrent-vers-transmission.mdwn
+++ b/blog/2012-08-12-conversion-rtorrent-vers-transmission.mdwn
@@ -51,4 +51,38 @@ Pour l'utiliser, lancer le script dans le répertoire par défaut de rtorrent av
 
 Voilà, le changement est fait et je suis bien content!
 
-[[!tag "bittorrent" "geek" "software"]]
\ No newline at end of file
+Mise à jour, 2019-12-15:
+
+ * le premier "désavantage" ci-haut est incorrect: Transmission
+   supporte bel et bien un "watch directory" - je n'utilise pas la
+   fonctionnalité parce que le client (`transmission-qt`) communique
+   directement avec le serveur et cette fonction, nécessaire en
+   rtorrent, est superflue avec Transmission
+
+ * le [script de conversion est également disponible sur GitLab](https://gitlab.com/anarcat/scripts/blob/master/rtorrent2transmission)
+
+Aussi, à ce que je me souviens de rtorrent, voici les raisons que je
+suis content de ne plus l'utiliser:
+
+ * `transmission-daemon` a un démarrage plus "standard" avec un
+   fichier `.service` ou `init.d` dans transmission, au lieu d'un hack
+   complexe avec `screen` pour mettre rtorrent en arrière plan
+
+ * j'avais plein de hack avec rtorrent pour faire des choses simples,
+   par exemple le "watch directory" au lieu de juste passer des
+   commandes à rtorrent directement
+
+ * rtorrent, après 14 ans de développement, est encore à une version
+   "beta" (0.9.8 au moment d'écrire ces lignes) contrairement à
+   Transmission (2.94)
+
+ * l'interface de rtorrent est franchement horrible: j'avais toujours
+   de la difficulté à me souvenir des raccourcis claviers,
+   obligatoires pour l'utilisation, et je faisais fréquemment des
+   erreurs. Transmission a une interface graphique intuitive que
+   pratiquement n'importe qui peut utiliser, et qui se connecte
+   (optionnellement!) sur le serveur
+
+Et ce, en plus des "avantages" notés ci-haut...
+
+[[!tag "bittorrent" "geek" "software"]]

Added a comment: герметичные пакеты для хранения продуктов
diff --git a/blog/2005-07-21-petit-update-de-voyage-live/comment_1_5e9afa493deff69b2d30273ae9e9f88d._comment b/blog/2005-07-21-petit-update-de-voyage-live/comment_1_5e9afa493deff69b2d30273ae9e9f88d._comment
new file mode 100644
index 00000000..6e7cb38b
--- /dev/null
+++ b/blog/2005-07-21-petit-update-de-voyage-live/comment_1_5e9afa493deff69b2d30273ae9e9f88d._comment
@@ -0,0 +1,12 @@
+[[!comment format=creole
+ ip="128.71.53.41"
+ claimedauthor="RichardVof"
+ subject="герметичные пакеты для хранения продуктов"
+ date="2019-12-14T11:34:22Z"
+ content="""
+Наша фирменная сервисная служба транспортировки была организована с целью, чтоб нашим заказчикам было практично. У нас организации ИП Манин Щекино имеется в наличии свой автомобильный парк а также штат курьеров. Мы готовы доставить нужный товар для вас в оптимальное время. Для этого просто-напросто выберите эту сервисную услугу. Тогда ваш товар будет доставлен предельно точно и быстро. Вы можете рассчитывать на своевременное сопровождение, индивидуальные решения и отличное качество печати.  
+<a href=https://paketos.ru/catalog/pakety-s-ploskim-dnom/>крафт пакет с плоским дном</a> 
+ 
+ 
+Компания НПК Калагин Волжск стремится предоставить заказчику, шикарный товар и сервис. Наш большой запас изделий( пакетах с вырубной ручкой) на нашем складе, быстрый оборот заказов, прекрасное сервис потенциальных клиентов и более очень доступные каждому покупателю стоимость товара позволяет покупать пакетах с замком (зип-лок пакеты) абсолютно всем. Знаменитая корпорация импортирует, производит, и реализует весь набор упаковки( пакетов с плоским дном).
+"""]]

corriger d'autres fautes mineures
diff --git a/blog/2019-12-12-blockchain-biometrie.mdwn b/blog/2019-12-12-blockchain-biometrie.mdwn
index 1528b1e6..350e3c6b 100644
--- a/blog/2019-12-12-blockchain-biometrie.mdwn
+++ b/blog/2019-12-12-blockchain-biometrie.mdwn
@@ -1,7 +1,7 @@
 [[!meta title="Blockchain et biométrie: un mélange dangereux"]]
 
-En tant que professionnel en sécurité informatique ayant eu un interêt
-passager pour les cryptomonnaies, l'idée du ministre Caire d'enchasser
+En tant que professionnel en sécurité informatique ayant eu un intérêt
+passager pour les cryptomonnaies, l'idée du ministre Caire d'enchâsser
 les données biométriques des Québecois dans un blockchain m'est
 absolument terrifiante et devrait être évitée à tout prix. Le
 blockchain, comme toute technologie, a ses utilités, mais ne devrait pas
@@ -15,7 +15,7 @@ les composantes de la chaîne, ça devient comme impossible »
 Cette affirmation est fausse. Tout blockchain est sous contrôle des
 "mineurs", les opérateurs qui "créent" les "blocks". Seule la nature
 distribuée du système assure l'intégrité de la chaîne, mais si les
-mineurs sont tous sous le contrôle d'une seule entitée, il est possible
+mineurs sont tous sous le contrôle d'une seule entité, il est possible
 pour une majorité de mineurs de pirater la chaîne en créant de fausses
 transactions. Et, en effet, il est arrivé plusieurs fois par le passé
 qu'un groupe de mineurs ait eu le contrôle sur 50% ou plus des

corriger une faute embarrassante (dans le titre!)
diff --git a/blog/2019-12-12-blockchain-biometrie.mdwn b/blog/2019-12-12-blockchain-biometrie.mdwn
index 1f18e8bd..1528b1e6 100644
--- a/blog/2019-12-12-blockchain-biometrie.mdwn
+++ b/blog/2019-12-12-blockchain-biometrie.mdwn
@@ -1,4 +1,4 @@
-[[!meta title="Blockchain et bioémtrie: un mélange dangereux"]]
+[[!meta title="Blockchain et biométrie: un mélange dangereux"]]
 
 En tant que professionnel en sécurité informatique ayant eu un interêt
 passager pour les cryptomonnaies, l'idée du ministre Caire d'enchasser

correction de formattage mineures
diff --git a/blog/2019-12-12-blockchain-biometrie.mdwn b/blog/2019-12-12-blockchain-biometrie.mdwn
index 693ff10d..1f18e8bd 100644
--- a/blog/2019-12-12-blockchain-biometrie.mdwn
+++ b/blog/2019-12-12-blockchain-biometrie.mdwn
@@ -86,7 +86,7 @@ vie privée.
 > > J'ai également écrit à l'autrice de l'article, Mylène Crête, par
 > > l'entremise de ce formulaire:
 > > 
-> > https://www.ledevoir.com/auteur/mylene-crete
+> > <https://www.ledevoir.com/auteur/mylene-crete>
 > > 
 > > Je n'ai pas reçu de réponse à cette seconde requête.
 > > 
@@ -103,4 +103,3 @@ vie privée.
 > > Merci.
 
 [[!tag politique québec légal réflexion blockchain biométrie vie_privée]]
-

creating tag page tag/biométrie
diff --git "a/tag/biom\303\251trie.mdwn" "b/tag/biom\303\251trie.mdwn"
new file mode 100644
index 00000000..2a83c1b2
--- /dev/null
+++ "b/tag/biom\303\251trie.mdwn"
@@ -0,0 +1,4 @@
+[[!meta title="pages tagged biométrie"]]
+
+[[!inline pages="tagged(biométrie)" actions="no" archive="yes"
+feedshow=10]]

creating tag page tag/blockchain
diff --git a/tag/blockchain.mdwn b/tag/blockchain.mdwn
new file mode 100644
index 00000000..37e771b0
--- /dev/null
+++ b/tag/blockchain.mdwn
@@ -0,0 +1,4 @@
+[[!meta title="pages tagged blockchain"]]
+
+[[!inline pages="tagged(blockchain)" actions="no" archive="yes"
+feedshow=10]]

affiner le titre et l'intro
diff --git a/blog/2019-12-12-blockchain-biometrie.mdwn b/blog/2019-12-12-blockchain-biometrie.mdwn
index 1e320e10..693ff10d 100644
--- a/blog/2019-12-12-blockchain-biometrie.mdwn
+++ b/blog/2019-12-12-blockchain-biometrie.mdwn
@@ -1,4 +1,4 @@
-[[!meta title="Blockchain et bioémtrie"]]
+[[!meta title="Blockchain et bioémtrie: un mélange dangereux"]]
 
 En tant que professionnel en sécurité informatique ayant eu un interêt
 passager pour les cryptomonnaies, l'idée du ministre Caire d'enchasser
@@ -7,10 +7,10 @@ absolument terrifiante et devrait être évitée à tout prix. Le
 blockchain, comme toute technologie, a ses utilités, mais ne devrait pas
 être présenté comme une panacée.
 
-Dans l'article, Jean-François Gauthier, de l’Institut de la gouvernance
-numérique, clame que: « Cette technologie-là n’a jamais été piratée
-depuis 2008. [...] T’es obligé de pirater toutes les composantes de la
-chaîne, ça devient comme impossible »
+Dans [l'article du Devoir](https://www.ledevoir.com/politique/quebec/568908/la-technologie-des-bitcoins-pour-proteger-l-identite-numerique-des-quebecois), Jean-François Gauthier, de l’Institut
+de la gouvernance numérique, clame que: « Cette technologie-là n’a
+jamais été piratée depuis 2008. [...] T’es obligé de pirater toutes
+les composantes de la chaîne, ça devient comme impossible »
 
 Cette affirmation est fausse. Tout blockchain est sous contrôle des
 "mineurs", les opérateurs qui "créent" les "blocks". Seule la nature

plainte au conseil de presse
diff --git a/blog/2019-12-12-blockchain-biometrie.mdwn b/blog/2019-12-12-blockchain-biometrie.mdwn
index a51325a2..1e320e10 100644
--- a/blog/2019-12-12-blockchain-biometrie.mdwn
+++ b/blog/2019-12-12-blockchain-biometrie.mdwn
@@ -56,8 +56,51 @@ vie privée.
 
 > Cet article a été écrit en réponse à [cet article](https://www.ledevoir.com/politique/quebec/568908/la-technologie-des-bitcoins-pour-proteger-l-identite-numerique-des-quebecois) et n'a pas été
 > accepté par la rédaction. [Le Devoir](https://www.ledevoir.com/) n'a pas cru bon de publier
-> un correctif et j'ai donc fait une plainte au [conseil de presse](https://conseildepresse.qc.ca/)
-> étant donnée la sévérité des erreurs publiées par le journal.
+> un correctif et j'ai donc fait cette plainte au [conseil de
+> presse](https://conseildepresse.qc.ca/):
+>
+> > J'ai fait suivre l'explication ci-haut à
+> > redaction@ledevoir.com. J'ai reçu cette réponse automatique:
+> > 
+> > > Bonjour,
+> > > Nous accusons réception de votre texte par la présente. 
+> > > S'il est destiné à la section du courrier des lecteurs (moins de
+> > > 2500 caractères, espaces compris), vous devrez vérifier dans nos
+> > > pages dans les jours suivants afin de savoir s'il a été retenu. 
+> > > 
+> > > Pour ceux destinés aux sections Idées et Libre Opinion, nous ne
+> > > communiquerons qu'avec les auteurs des textes sélectionnés, peu de
+> > > temps avant leur publication. Nous privilégions des textes de 5000
+> > > caractères au maximum, espaces compris (environ 550 mots). Nous ne
+> > > pouvons malheureusement pas faire de suivi individuel pour tous les
+> > > textes envoyés. 
+> > >
+> > > Nous vous remercions de votre collaboration,
+> > >
+> > > La rédaction du journal Le Devoir
+> > > 1265 rue Berri, 8e étage
+> > > Montréal, Québec
+> > > H2L 4X4
+> > > redaction@ledevoir.com
+> > 
+> > J'ai également écrit à l'autrice de l'article, Mylène Crête, par
+> > l'entremise de ce formulaire:
+> > 
+> > https://www.ledevoir.com/auteur/mylene-crete
+> > 
+> > Je n'ai pas reçu de réponse à cette seconde requête.
+> > 
+> > Je m'attendais, ce matin, à voir au moins un correctif à l'article
+> > publié dans le journal écrit, mais rien n'a été publié. J'ai
+> > également pris soin de m'assurer que mon texte répondait aux
+> > critères énoncés par la rédaction (soit moins de 550 mots) afin
+> > qu'il puisse être publié en réponse, mais il n'a pas été publié non
+> > plus.
+> > 
+> > Je m'attendrais au moins à un correctif, vu la grossièreté des
+> > erreurs publiées dans l'article de jeudi.
+> > 
+> > Merci.
 
 [[!tag politique québec légal réflexion blockchain biométrie vie_privée]]
 

draft response to le devoir
diff --git a/blog/2019-12-12-blockchain-biometrie.mdwn b/blog/2019-12-12-blockchain-biometrie.mdwn
new file mode 100644
index 00000000..a51325a2
--- /dev/null
+++ b/blog/2019-12-12-blockchain-biometrie.mdwn
@@ -0,0 +1,63 @@
+[[!meta title="Blockchain et bioémtrie"]]
+
+En tant que professionnel en sécurité informatique ayant eu un interêt
+passager pour les cryptomonnaies, l'idée du ministre Caire d'enchasser
+les données biométriques des Québecois dans un blockchain m'est
+absolument terrifiante et devrait être évitée à tout prix. Le
+blockchain, comme toute technologie, a ses utilités, mais ne devrait pas
+être présenté comme une panacée.
+
+Dans l'article, Jean-François Gauthier, de l’Institut de la gouvernance
+numérique, clame que: « Cette technologie-là n’a jamais été piratée
+depuis 2008. [...] T’es obligé de pirater toutes les composantes de la
+chaîne, ça devient comme impossible »
+
+Cette affirmation est fausse. Tout blockchain est sous contrôle des
+"mineurs", les opérateurs qui "créent" les "blocks". Seule la nature
+distribuée du système assure l'intégrité de la chaîne, mais si les
+mineurs sont tous sous le contrôle d'une seule entitée, il est possible
+pour une majorité de mineurs de pirater la chaîne en créant de fausses
+transactions. Et, en effet, il est arrivé plusieurs fois par le passé
+qu'un groupe de mineurs ait eu le contrôle sur 50% ou plus des
+transactions. La principale cryptomonnaie, Bitcoin, a été elle-même
+dupliquée en 2017 suite à une dispute sur sa conception.
+
+D'autre part, on nous indique dans l'encart « le coeur de la notion
+[d'identité numérique], c’est de laisser de côté les identifiants
+statiques qu’on ne change jamais et qu’on peut se faire voler [comme le
+numéro d’assurance sociale] pour aller vers des processus dynamiques
+d’authentification d’une personne », selon Claude Vigeant, spécialiste
+de la cybersécurité et président de la firme Okiok.
+
+On propose donc ici d'utiliser nos données biométriques, alors que la
+propriété intrinsèque de ces données est d'être impossible à changer. On
+peut théoriquement permettre aux gens de changer leur numéro d'assurance
+sociale, de téléphone, et d'autres données privées. Après tout, ce ne
+sont que des contraintes bureaucratiques qui empêchent les gens de
+changer leur numéro d'assurance sociale. Mais il est carrément
+impossible de changer ses données biométriques: qui pourrait changer ses
+empreintes digitales ou son visage suite à une fuite de données?
+
+Autrement dit, on passe d'un identifiant "qu'on ne change jamais" comme
+un numéro d'assurance sociale, à une clé cryptographique qui est
+protégée par un identifiant... qu'on ne change jamais non plus, soit nos
+données biométriques!
+
+D'ailleurs, l'idée qu'on puisse stocker en sécurité ces données
+biométriques me semble fallacieuse. Pratiquement toutes les bases de
+données les plus "sécurisées" du genre ont eu des problème de sécurité
+majeurs, incluant les Caisses Desjardins et Revenu Québec. Je ne vois
+pas en quoi la démarche proposée par le ministre Caire pourrait faire
+mieux. Le blockchain n'assure pas, en soit, la confidentialité des
+données, au contraire. Par principe, il s'agit d'un registre totalement
+public de toutes les transactions. Ce n'est donc certainement pas une
+solution technique, ni nécessaire, ni suffisante, au problème de notre
+vie privée.
+
+> Cet article a été écrit en réponse à [cet article](https://www.ledevoir.com/politique/quebec/568908/la-technologie-des-bitcoins-pour-proteger-l-identite-numerique-des-quebecois) et n'a pas été
+> accepté par la rédaction. [Le Devoir](https://www.ledevoir.com/) n'a pas cru bon de publier
+> un correctif et j'ai donc fait une plainte au [conseil de presse](https://conseildepresse.qc.ca/)
+> étant donnée la sévérité des erreurs publiées par le journal.
+
+[[!tag politique québec légal réflexion blockchain biométrie vie_privée]]
+

bold key items
diff --git a/blog/2019-12-10-evitez-fizz.mdwn b/blog/2019-12-10-evitez-fizz.mdwn
index 7c6113dd..59a62e75 100644
--- a/blog/2019-12-10-evitez-fizz.mdwn
+++ b/blog/2019-12-10-evitez-fizz.mdwn
@@ -22,7 +22,7 @@ Consommateur](https://www.opc.gouv.qc.ca/consommateur/probleme-commercant/etapes
 > m'offrait le service et je [changeait de fournisseur](https://twitter.com/theanarcat/status/1121120509297606656) et je
 > fermais mon compte Fizz.
 >
-> Première plainte: mauvais support technique. Mais l'histoire ne
+> **Première plainte: mauvais support technique.** Mais l'histoire ne
 > s'arrête pas ici! Fizz n'a jamais effacé mes données personnelles de
 > son serveur et continue allégrement à m'envoyer du spam ([exemple en
 > Août](https://twitter.com/theanarcat/status/1158384226942771200)).
@@ -41,8 +41,8 @@ Consommateur](https://www.opc.gouv.qc.ca/consommateur/probleme-commercant/etapes
 > mon égard.
 > 
 > À tout le moins, il me semble y avoir des [lois au Canada
-> interdisant l'envoi de courriels non-sollicités](https://www2.deloitte.com/ca/en/pages/risk/articles/canada-anti-spam-law-casl-faq.html). Donc, plaine
-> #2: Fizz m'envoie du "spam" même si je ne suis plus client.
+> interdisant l'envoi de courriels non-sollicités](https://www2.deloitte.com/ca/en/pages/risk/articles/canada-anti-spam-law-casl-faq.html). Donc, **plainte
+> 2: Fizz m'envoie du "spam" même si je ne suis plus client**.
 
 J'ai reçu cette réponse de l'OPC:
 

creating tag page tag/revue
diff --git a/tag/revue.mdwn b/tag/revue.mdwn
new file mode 100644
index 00000000..b71d2d11
--- /dev/null
+++ b/tag/revue.mdwn
@@ -0,0 +1,4 @@
+[[!meta title="pages tagged revue"]]
+
+[[!inline pages="tagged(revue)" actions="no" archive="yes"
+feedshow=10]]

creating tag page tag/montréal
diff --git "a/tag/montr\303\251al.mdwn" "b/tag/montr\303\251al.mdwn"
new file mode 100644
index 00000000..12ea85ff
--- /dev/null
+++ "b/tag/montr\303\251al.mdwn"
@@ -0,0 +1,4 @@
+[[!meta title="pages tagged montréal"]]
+
+[[!inline pages="tagged(montréal)" actions="no" archive="yes"
+feedshow=10]]

creating tag page tag/téléphone
diff --git "a/tag/t\303\251l\303\251phone.mdwn" "b/tag/t\303\251l\303\251phone.mdwn"
new file mode 100644
index 00000000..4d4df3ee
--- /dev/null
+++ "b/tag/t\303\251l\303\251phone.mdwn"
@@ -0,0 +1,4 @@
+[[!meta title="pages tagged téléphone"]]
+
+[[!inline pages="tagged(téléphone)" actions="no" archive="yes"
+feedshow=10]]

publish fizz blog
diff --git a/blog/2019-10-25-stay-away-from-fizz.mdwn b/blog/2019-10-25-stay-away-from-fizz.mdwn
deleted file mode 100644
index 36791de3..00000000
--- a/blog/2019-10-25-stay-away-from-fizz.mdwn
+++ /dev/null
@@ -1,79 +0,0 @@
-Still need to put this into shape, but I sent this complaint to
-[Office de Protection du Consommateur](https://www.opc.gouv.qc.ca/consommateur/probleme-commercant/etapes/).
-
-J'ai fait affaire avec Fizz pendant quelques mois au début de
-l'année. Quand j'ai tenté de transférer mon numéro de téléphone actuel
-vers Fizz.ca, la procédure a échoué sur leur site web. J'ai tenté de
-rejoindre le support technique, mais ils n'offrent pas de support par
-téléphone et semble cacher délibérément leur adresse postale. Ils
-prétendent avoir un support de "chat" sur leur site web mais il n'a
-jamais fonctionné.
-
-https://twitter.com/theanarcat/status/1115329821163311110
-
-(looking at plans.. https://twitter.com/theanarcat/status/1116406902085255168)
-
-J'ai fini par les rejoindre par Twitter (!), après 2 semaines de
-silence:
-
-https://twitter.com/theanarcat/status/1117549912982532096
-
-Leur support technique était pratiquement incompétent et prétendaient
-qu'il était impossible de "porter" le numéro de téléphone, ce qui
-était faux. Deux semaines plus tard, Fido.ca m'offrait le service et
-je changeait de fournisseur:
-
-https://twitter.com/theanarcat/status/1121120509297606656
-
-... et je fermais mon compte Fizz.
-
-Première plainte: mauvais support technique. Mais l'histoire ne
-s'arrête pas ici! Fizz n'a jamais effacé mes données personnelles de
-son serveur et continue allégrement à m'envoyer du spam, exemple en
-Août:
-
-https://twitter.com/theanarcat/status/1158384226942771200
-
-Après quelques conversations privées sur Twitter (par "DM"), ils ont
-reconnu qu'il y avait un problème de leur côté et m'ont promis de le
-régler. Mais deux semaines plus tard, je recevait un autre courriel de
-leur part.
-
-Et aujourd'hui, je reçois un courriel qui m'avise qu'ils refusent
-simplement de me retirer de leur liste d'envoi:
-
-https://twitter.com/theanarcat/status/1187801950852734976
-
-Je considère que ceci est un bris de confiance du lien client /
-fournisseur. Je ne suis plus client de cette entreprise et considère
-qu'elle devrait détruire toute donnée personnelle qu'elle détient à
-mon égard.
-
-À tout le moins, il me semble y avoir des lois au Canada interdisant
-l'envoi de courriels non-sollicités:
-
-https://www2.deloitte.com/ca/en/pages/risk/articles/canada-anti-spam-law-casl-faq.html
-
-Donc, plaine #2: Fizz m'envoie du "spam" même si je ne suis plus
-client.
-
-Infos Fizz:
-
-https://www.opc.gouv.qc.ca/se-renseigner/liste-des-resultats-de-recherche/details/commercant/690616/
-
-> Update:
-
-> Le problème que vous rencontrez n’est pas de la responsabilité de
-> l’Office de la protection du consommateur. Nous vous suggérons de
-> visiter le [Portail des programmes et services de Services
-> Québec](http://www.gouv.qc.ca/portail/quebec/pgs/citoyens/?lang=fr), qui est le centre de renseignements du gouvernement du
-> Québec. Il diffuse de l’information sur les organismes et les
-> ministères du gouvernement provincial.
-
-Un mois plus tard:
-
-https://twitter.com/theanarcat/status/1199001109546905600
-
-On dirait que je reçois ces cochonneries à tous les 25 du mois.
-
-[[!tag draft]]
diff --git a/blog/2019-12-10-evitez-fizz.mdwn b/blog/2019-12-10-evitez-fizz.mdwn
new file mode 100644
index 00000000..7c6113dd
--- /dev/null
+++ b/blog/2019-12-10-evitez-fizz.mdwn
@@ -0,0 +1,77 @@
+[[!meta title="Évitez le fournisseur Fizz"]]
+
+J'ai envoyé cette plainte à l'[Office de Protection du
+Consommateur](https://www.opc.gouv.qc.ca/consommateur/probleme-commercant/etapes/) au sujet du fournisseur de téléphonie [Fizz](https://fizz.ca/), le
+25 octobre dernier:
+
+> J'ai fait affaire avec Fizz pendant quelques mois au début de
+> l'année. Quand j'ai tenté de transférer mon numéro de téléphone
+> actuel vers Fizz.ca, la procédure a échoué sur leur site web. J'ai
+> tenté de rejoindre le support technique, mais ils n'offrent pas de
+> support par téléphone et semble cacher délibérément leur adresse
+> postale. Ils prétendent avoir un support de "chat" sur leur site web
+> mais il n'a jamais fonctionné.
+> 
+> J'ai fini par les [rejoindre par Twitter](https://twitter.com/theanarcat/status/1117549912982532096) (!), après [2 semaines
+> de silence](https://twitter.com/theanarcat/status/1115329821163311110) et après avoir [annoncé que je recherchais des
+> alternatives](https://twitter.com/theanarcat/status/1116406902085255168).
+>
+> Leur support technique était pratiquement incompétent et
+> prétendaient qu'il était impossible de "porter" le numéro de
+> téléphone, ce qui était faux. Deux semaines plus tard, Fido.ca
+> m'offrait le service et je [changeait de fournisseur](https://twitter.com/theanarcat/status/1121120509297606656) et je
+> fermais mon compte Fizz.
+>
+> Première plainte: mauvais support technique. Mais l'histoire ne
+> s'arrête pas ici! Fizz n'a jamais effacé mes données personnelles de
+> son serveur et continue allégrement à m'envoyer du spam ([exemple en
+> Août](https://twitter.com/theanarcat/status/1158384226942771200)).
+> 
+> Après quelques conversations privées sur Twitter (par "DM"), ils ont
+> reconnu qu'il y avait un problème de leur côté et m'ont promis de le
+> régler. Mais deux semaines plus tard, je recevait un autre courriel
+> de leur part.
+>
+> Et aujourd'hui, je [reçois un courriel](https://twitter.com/theanarcat/status/1187801950852734976) qui m'avise qu'ils
+> refusent simplement de me retirer de leur liste d'envoi.
+> 
+> Je considère que ceci est un bris de confiance du lien client /
+> fournisseur. Je ne suis plus client de cette entreprise et considère
+> qu'elle devrait détruire toute donnée personnelle qu'elle détient à
+> mon égard.
+> 
+> À tout le moins, il me semble y avoir des [lois au Canada
+> interdisant l'envoi de courriels non-sollicités](https://www2.deloitte.com/ca/en/pages/risk/articles/canada-anti-spam-law-casl-faq.html). Donc, plaine
+> #2: Fizz m'envoie du "spam" même si je ne suis plus client.
+
+J'ai reçu cette réponse de l'OPC:
+
+> Le problème que vous rencontrez n’est pas de la responsabilité de
+> l’Office de la protection du consommateur. Nous vous suggérons de
+> visiter le [Portail des programmes et services de Services
+> Québec](http://www.gouv.qc.ca/portail/quebec/pgs/citoyens/?lang=fr), qui est le centre de renseignements du gouvernement du
+> Québec. Il diffuse de l’information sur les organismes et les
+> ministères du gouvernement provincial.
+
+Franchment décevant... Pas surprenant que les compagnies de télécom
+abusent de leur pouvoir avec une telle "protection"...
+
+Depuis que j'ai fait cette plainte, Fizz prétendent avoir résolu le
+problème mais, oh surprise, j'ai reçu, un mois plus tard, [exactement
+le même message](https://twitter.com/theanarcat/status/1199001109546905600) de spam. On dirait que je vais recevoir ces
+cochonneries à tous les 25 du mois... En privé, leur équipe de support
+m'ont indiqué qu'ils avait corrigé le problème en changeant mon
+addresse courriel au dossier, mais je serais pas surprise de recevoir
+encore du spam de cette compagnie pour Noël...
+
+Mon conseil, donc: évitez-donc ce fournisseur à moins que vous ayez la
+certitude absolue de ne jamais avoir besoin de support
+technique. Fizz est un des fournisseurs les moins chers sur le marché,
+et le "onboarding" est très rapide, mais dès qu'il faut parler à un
+humain, c'est carrément impossible. C'est une compagnie de téléphone
+qui ne répond pas au téléphone, avec pratiquement zéro support
+technique.
+
+À éviter.
+
+[[!tag revue téléphone montréal]]

experiences with entr, watchexec and watchman
diff --git a/blog/2019-11-20-file-monitoring-tools.mdwn b/blog/2019-11-20-file-monitoring-tools.mdwn
index 615e31a6..ef7e0f19 100644
--- a/blog/2019-11-20-file-monitoring-tools.mdwn
+++ b/blog/2019-11-20-file-monitoring-tools.mdwn
@@ -33,6 +33,9 @@ entr
  * ISC
  * [Debian package](https://tracker.debian.org/pkg/entr) since 2014 (jessie), up to date
  * finds file from stdin
+ * requires one watch per file, which quickly runs over the builtin
+   limits, so requires [sysctl hacks to actually work](http://entrproject.org/limits.html) on even a
+   medium-sized project
  * has special hacks to reload browser
  * can clear screen between calls
 
@@ -129,11 +132,19 @@ watchexec
  * 2016-2019
  * Rust
  * Apache-2.0
- * No Debian package
+ * No Debian package ([bug 946546](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946546))
  * supports `.gitignore` files and filename patterns
  * merges multiple events
  * fast polling
  * can clear screen between calls
+ * waits for command to complete to launch again
+ * simple commandline, ie. this worked for me:
+ 
+        watchexec -w ./feed2exec/ -e py -d 2000 -v -p tox
+
+   it automatically picked up my `.gitignore` directory, which
+   elegantly avoided the loops I have had in watchman because of the
+   files generated by tox
 
 watchman
 --------
@@ -147,6 +158,16 @@ watchman
  * [Debian package](https://tracker.debian.org/watchman), since 2019 (bullseye)
  * can watch multiple directories
  * waits for settling
+ * somewhat complex client/server architecture, sends output to
+   logfiles, although [watchman-make](https://manpages.debian.org/watchman-make) provides a nice little
+   wrapper:
+
+        watchman-make -p '**/*.py' --run tox
+
+   Unfortunately this doesn't work for my Python project, as it picks
+   up `setup.py` writing the `_version.py` file as a change, and
+   constantely runs the tests, because there's [no way to ignore](https://github.com/facebook/watchman/issues/769)
+   files in `watchman-make`.
 
 Web development
 ===============

add two more (perl-specific) continuous testers
diff --git a/blog/2019-11-20-file-monitoring-tools.mdwn b/blog/2019-11-20-file-monitoring-tools.mdwn
index f8c550d2..615e31a6 100644
--- a/blog/2019-11-20-file-monitoring-tools.mdwn
+++ b/blog/2019-11-20-file-monitoring-tools.mdwn
@@ -190,6 +190,17 @@ examples:
 Unit tests
 ==========
 
+## autotest
+
+<https://metacpan.org/pod/distribution/App-autotest/scripts/autotest>
+
+ * 2012-2015
+ * Perl
+ * Artistic license
+ * Rerun tests on file change
+ * Perl only
+ * No Debian package
+
 ## conttest
 
 <https://github.com/eigenhombre/continuous-testing-helper>
@@ -213,6 +224,17 @@ Unit tests
  * inspiration for the above
  * restricted to a subset of Python test frameworks
 
+## Test::Continuous
+
+<https://metacpan.org/pod/Test::Continuous>
+
+ * 2008-2015
+ * Perl
+ * Artistic license
+ * Run tests on file change
+ * Perl only
+ * No Debian package
+
 File synchronization
 ====================
 

spell out config details
diff --git a/services/print.mdwn b/services/print.mdwn
index a1def7fd..6e7dffc6 100644
--- a/services/print.mdwn
+++ b/services/print.mdwn
@@ -16,9 +16,33 @@ seulement 32MB de ram et 4MB de stockage. En effet, CUPS a besoin de
 p910n envoie la tâche directement à l'imprimante.
 
 J'ai suivi les [instructions de OpenWRT][p910n] pour configurer
-l'imprimante sur la machine. Les instructions pour configurer Mac OS
-n'ont pas fonctionné alors j'ai partagé l'imprimante sur ma machine,
-ce qui semble, pour l'instant, fonctionner.
+l'imprimante sur la machine:
+
+    opkg update
+    opkg install kmod-usb-printer
+    opkg install p910nd luci-app-p910nd
+
+Configuration GUI:
+
+ * enable: checked
+ * device: leave as is (`/dev/usb/lp0`)
+ * interface: `lan`
+ * port: leave as is (`9100`)
+ * bi-directional mode: leave as is? (checked)
+
+Restart the daemon:
+
+    /etc/init.d/p910nd restart
+
+Make sure port 9100 is opened. On the Turris Omnia, it was in use by
+another server, so I bumped the port number to 9101. You can start the
+process by hand with:
+
+    /usr/sbin/p910nd -d -b -f /dev/usb/lp0 0
+
+Les instructions pour configurer Mac OS n'ont pas fonctionné alors
+j'ai partagé l'imprimante sur ma machine, ce qui semble, pour
+l'instant, fonctionner.
 
 [p910n]: https://openwrt.org/docs/guide-user/services/print_server/p910ndprinterserver
 
@@ -26,12 +50,19 @@ Configuration du serveur CUPS
 =============================
 
 Mais après, chaque machine doit configurer "CUPS" parler à
-plastik. Pour configurer `curie`, il faut ajouter une nouvelle
-imprimante de type "AppSocket/HP JetDirect" avec l'URL
-`socket://plastik.anarc.at:9100`. On entre ensuite le nom de
-l'imprimante (`HP-LaserJet-1012`) et on la partage, puis on choisit le
-driver `HP LaserJet 1012 hpijs`, qui est disponible dans le [package
-printer-driver-hpijs](https://tracker.debian.org/printer-driver-hpijs).
+plastik. Pour configurer `curie`, il faut:
+
+ 1. ajouter une nouvelle imprimante de type "AppSocket/HP
+ JetDirect"...
+ 
+ 1. avec l'URL `socket://plastik.anarc.at:9100`
+ 
+ 2. On entre ensuite le nom de l'imprimante (`HP-LaserJet-1012`) 
+ 
+ 3. ... et on la partage
+ 
+ 4. puis on choisit le driver `HP LaserJet 1012 hpijs`, qui est
+    disponible dans le [package printer-driver-hpijs](https://tracker.debian.org/printer-driver-hpijs).
 
 Maintenant que `curie` n'est plus à la maison, j'ai configuré `marcos`
 de la même façon, et j'ai marqué l'imprimante comme partagée

Added a comment: Unit-Tests for Perl
diff --git a/blog/2019-11-20-file-monitoring-tools/comment_3_dce9eb7ba24464b674ca58db58f940e7._comment b/blog/2019-11-20-file-monitoring-tools/comment_3_dce9eb7ba24464b674ca58db58f940e7._comment
new file mode 100644
index 00000000..20329b2f
--- /dev/null
+++ b/blog/2019-11-20-file-monitoring-tools/comment_3_dce9eb7ba24464b674ca58db58f940e7._comment
@@ -0,0 +1,14 @@
+[[!comment format=mdwn
+ ip="84.186.187.107"
+ claimedauthor="mitch"
+ url="https://www.cgarbs.de/blog/"
+ subject="Unit-Tests for Perl"
+ date="2019-12-03T22:39:07Z"
+ content="""
+Perl also has Continuous Testing features based in file monitoring.  There are at least
+
+* [autotest](https://metacpan.org/pod/distribution/App-autotest/scripts/autotest)
+* [Test::Continuous](https://metacpan.org/pod/Test::Continuous)
+
+Neither one seems to be in Debian stable, but they are only one `cpanm` call away.
+"""]]

more hw replacement research
diff --git a/hardware/server/marcos.mdwn b/hardware/server/marcos.mdwn
index d32a0a8b..00c0e796 100644
--- a/hardware/server/marcos.mdwn
+++ b/hardware/server/marcos.mdwn
@@ -104,6 +104,8 @@ Possible issues:
  * embeded SoC from Intel, with *hardcore* proprietary onboard
    software (Intel ME and crazy BIOS)
 
+See also the [Brix](https://www.gigabyte.com/us/Mini-PcBarebone) and [Qotom](https://www.qotom.net/) mini-PCs.
+
 ## Vero
 
 Another target would a home-cinema adapter like the [Vero](https://osmc.tv/vero/) which I
@@ -192,16 +194,27 @@ gnubee (more powerful, among other things).
 
 Supermicro sells cases as well as motherboards, and some of those
 might be interesting for a home server / NAS solution. For example,
-the [721Tq](https://www.supermicro.com/products/chassis/tower/721/SC721TQ-250B) has four hot-swappable 3.5" bays for SATA hard drives
+the [721Tq](https://www.supermicro.com/products/chassis/tower/721/SC721TQ-250B) ([ATIC 235$](http://www.atic.ca/index.php?page=details&psku=122205)) has four hot-swappable 3.5" bays for SATA hard drives
 and two internal 2.5" bays with a [Mini-ITX](https://en.wikipedia.org/wiki/Mini-ITX) motherboard backend
-([235$CAD](http://www.atic.ca/index.php?page=details&psku=122205) at ATIC). It would require building a whole new server
-since marcos is [microATX](https://en.wikipedia.org/wiki/MicroATX) but the Mini-ITX form factor is good
-because it fits well with SoC boards (see below). A friend
-specifically looked at [this atom server](http://www.atic.ca/index.php?page=details&psku=164534) which has a nice price
-tag (618$CAD).
+([235$CAD](http://www.atic.ca/index.php?page=details&psku=122205) at ATIC). 
+
+It would require building a whole new server since marcos is
+[microATX](https://en.wikipedia.org/wiki/MicroATX) but the Mini-ITX form factor is good because it fits
+well with SoC boards (see below). A friend specifically looked at
+[this atom server](http://www.atic.ca/index.php?page=details&psku=164534) which has a nice price tag (618$CAD).
+
+The downside of MiniITX is that, because it's smaller, it's (A) more
+expensive and (B) more limited. For example, it's sometimes difficult
+to find > 8GB boards in that size. See also [this comparison between
+the different board standards](https://www.glinkster.com/mini-itx-vs-micro-atx-vs-atx/).
 
 Supermicro also has what they call [mobile racks](https://www.supermicro.com/products/chassis/mobileRack/) that can fit
-multiple drives in a 5.25" bays.
+multiple drives in a 5.25" bays and might be a better fit. They also
+have larger cases, the [CSE-733T-500B](https://www.supermicro.com/en/products/chassis/tower/733/SC733T-500B) ([ATIC 280$](http://www.atic.ca/index.php?page=details&psku=66130)) or
+[CSE-733TQ-500B](https://www.supermicro.com/en/products/chassis/tower/733/SC733TQ-500B) ([ATIC 300$](http://www.atic.ca/index.php?page=details&psku=63796)), which might do the trick. It
+seems the 20$ extra is because the latter supports [SGPIO](https://en.wikipedia.org/wiki/SGPIO) which
+might presumably have better support for HDD LEDs, a welcome
+improvement.
 
 ## Other SoC boards
 

more fizz junk
diff --git a/blog/2019-10-25-stay-away-from-fizz.mdwn b/blog/2019-10-25-stay-away-from-fizz.mdwn
index 68330824..36791de3 100644
--- a/blog/2019-10-25-stay-away-from-fizz.mdwn
+++ b/blog/2019-10-25-stay-away-from-fizz.mdwn
@@ -70,4 +70,10 @@ https://www.opc.gouv.qc.ca/se-renseigner/liste-des-resultats-de-recherche/detail
 > Québec. Il diffuse de l’information sur les organismes et les
 > ministères du gouvernement provincial.
 
+Un mois plus tard:
+
+https://twitter.com/theanarcat/status/1199001109546905600
+
+On dirait que je reçois ces cochonneries à tous les 25 du mois.
+
 [[!tag draft]]

add fail2ban and sshguard, thanks nick
diff --git a/blog/2019-11-20-file-monitoring-tools.mdwn b/blog/2019-11-20-file-monitoring-tools.mdwn
index 6ca2b627..f8c550d2 100644
--- a/blog/2019-11-20-file-monitoring-tools.mdwn
+++ b/blog/2019-11-20-file-monitoring-tools.mdwn
@@ -247,14 +247,14 @@ am aware of:
  * spawns rsync on file changes
  * Lua configuration can be leveraged to do other things than sync
 
-Integrity checks
-================
+Intrusion detection
+===================
 
-Here again, there are many filesystem integrity checkers, but they are
-not relevant here unless they can also execute arbitrary
-commands. But, again, here's an idea of the other stuff that is out
-there that might be a better fit than trying to fit a square peg in
-this round hole:
+Here again, there are many filesystem integrity checkers and intrusion
+detection systems (IDS), but they are not relevant here unless they
+can also execute arbitrary commands. But, again, here's an idea of the
+other stuff that is out there that might be a better fit than trying
+to fit a square peg in this round hole:
 
  * [AIDE](https://aide.github.io/)
  * [OSSEC](https://www.ossec.net/)
@@ -262,6 +262,17 @@ this round hole:
  * [Tripwire](https://github.com/Tripwire/tripwire-open-source)
  * [Wazuh](https://wazuh.com/)
 
+## fail2ban
+
+<http://www.fail2ban.org/>
+
+ * 2004-2018
+ * Python
+ * GPL-2
+ * [Debian package](https://tracker.debian.org/pkg/fail2ban) since 2005, out of date
+ * parses logfiles and executes commands
+ * handles multiple services and patterns and can escalate
+
 ## iwatch
 
 <http://iwatch.sourceforge.net/>
@@ -275,6 +286,16 @@ this round hole:
    detection system
  * XML configuration (???)
 
+## sshguard
+
+<https://sshguard.net/>
+
+ * 2007-2019
+ * C
+ * ISC
+ * [Debian package](https://tracker.debian.org/pkg/sshguard) since 2007, out of date
+ * similar to fail2ban
+
 Other
 =====
 

Added a comment
diff --git a/blog/2019-11-20-file-monitoring-tools/comment_2_047d534b991b4dd8ea09bf444d9a5699._comment b/blog/2019-11-20-file-monitoring-tools/comment_2_047d534b991b4dd8ea09bf444d9a5699._comment
new file mode 100644
index 00000000..773df6c9
--- /dev/null
+++ b/blog/2019-11-20-file-monitoring-tools/comment_2_047d534b991b4dd8ea09bf444d9a5699._comment
@@ -0,0 +1,9 @@
+[[!comment format=mdwn
+ ip="82.69.3.239"
+ claimedauthor="Nick"
+ subject="comment 2"
+ date="2019-11-22T19:18:20Z"
+ content="""
+fail2ban (likewise sshguard, etc) is a file monitor too, though with a specific intention in mind.  Bon soir.
+
+"""]]

add systemd and livereload, thanks enrico!
diff --git a/blog/2019-11-20-file-monitoring-tools.mdwn b/blog/2019-11-20-file-monitoring-tools.mdwn
index 71f13db9..6ca2b627 100644
--- a/blog/2019-11-20-file-monitoring-tools.mdwn
+++ b/blog/2019-11-20-file-monitoring-tools.mdwn
@@ -110,6 +110,17 @@ inotify-tools
  * somewhat [difficult commandline interface](https://manpages.debian.org/buster/inotify-tools/inotifywait.1.en.html)
  * no event deduplication
 
+systemd .path units
+--------------------
+
+<https://www.freedesktop.org/software/systemd/man/systemd.path.html>
+
+ * 2010-2019
+ * C
+ * GPL-2
+ * [Debian package](https://tracker.debian.org/pkg/systemd/) since 2010
+ * activates a system or user "unit" on inotify changes
+
 watchexec
 ---------
 
@@ -151,6 +162,19 @@ Web development
  * rebuilds markdown files and servers them over HTTP with autoreload
  * relies on GitHub's API for rendering (???)
 
+## livereload
+
+<https://github.com/lepture/python-livereload>
+
+ * 2012-2019
+ * Python
+ * BSD-3
+ * [Debian package](https://tracker.debian.org/pkg/python-livereload) since 2013 (jessie), up to date
+ * watches a directory and triggers a web browser [livereload
+   extension](http://livereload.com/extensions/#installing-sections)
+ * also supports arbitrary commands through custom Python scripts
+ * integration with Python frameworks (Django, Flask, Bottle)
+
 ## frameworks
 
 Many frameworks automatically reload files when they change. A few

fix smileys and add update
diff --git a/blog/2019-11-20-file-monitoring-tools.mdwn b/blog/2019-11-20-file-monitoring-tools.mdwn
index 83702f31..71f13db9 100644
--- a/blog/2019-11-20-file-monitoring-tools.mdwn
+++ b/blog/2019-11-20-file-monitoring-tools.mdwn
@@ -54,7 +54,7 @@ gamin
 <https://people.gnome.org/~veillard/gamin/>
 
  * 2004-2007
- * [Debian package](https://tracker.debian.org/pkg/gamin) since 2005 (!)
+ * [Debian package](https://tracker.debian.org/pkg/gamin) since 2005
  * not a commandline tool
 
 incron
@@ -65,7 +65,7 @@ incron
  * 2006-2012, 2014-2015
  * C++
  * GPL-2
- * [Debian package](https://tracker.debian.org/pkg/incron) since 2007 (!)
+ * [Debian package](https://tracker.debian.org/pkg/incron) since 2007
  * Watches files and launches command in a cron-like (and [rather
    obscure](https://manpages.debian.org/incrontab.5)) syntax
  * no event deduplication
@@ -105,7 +105,7 @@ inotify-tools
  * 2006-2018?
  * C
  * GPL-2
- * [Debian package](https://tracker.debian.org/pkg/inotify-tools) since 2006 (!)
+ * [Debian package](https://tracker.debian.org/pkg/inotify-tools) since 2006
  * canonical wrapper around inotify (Linux-specific)
  * somewhat [difficult commandline interface](https://manpages.debian.org/buster/inotify-tools/inotifywait.1.en.html)
  * no event deduplication
@@ -149,7 +149,7 @@ Web development
  * MIT
  * [Debian package](https://tracker.debian.org/pkg/grip) since 2016 (stretch)
  * rebuilds markdown files and servers them over HTTP with autoreload
- * relies on GitHub's API for rendering (!)
+ * relies on GitHub's API for rendering (???)
 
 ## frameworks
 
@@ -249,7 +249,7 @@ this round hole:
  * emails on file changes
  * can also execute commands, but primarily designed as an intrusion
    detection system
- * XML configuration (!)
+ * XML configuration (???)
 
 Other
 =====
@@ -267,4 +267,9 @@ Other
 I've probably missed half a million such programs so this might be
 expanded with time and your comments.
 
+Update: I've added a bunch of tools. I was relunctant to add all those
+old inotify wrappers because I don't find them as interesting as the
+newer ones - they're really hard to use! - but I guess it's worth
+mentioning them even if just to criticise them. ;)
+
 [[!tag debian debian-planet software review programming]]

even more tools
diff --git a/blog/2019-11-20-file-monitoring-tools.mdwn b/blog/2019-11-20-file-monitoring-tools.mdwn
index 6cbdbbf5..83702f31 100644
--- a/blog/2019-11-20-file-monitoring-tools.mdwn
+++ b/blog/2019-11-20-file-monitoring-tools.mdwn
@@ -201,6 +201,56 @@ am aware of:
  * [git-annex](https://git-annex.branchable.com/)
  * [syncthing](https://syncthing.net/)
 
+## inosync
+
+<https://github.com/hollow/inosync>
+
+ * 2008-2010 (archived upstream)
+ * Python
+ * BSD
+ * [Debian package](https://tracker.debian.org/pkg/inosync) since 2009 (jessie), in [RFA](https://bugs.debian.org/931328)
+ * combination of rsync and inotify
+ * similar to lsyncd
+
+## lsyncd
+
+<https://github.com/axkibe/lsyncd>
+
+ * 2012-2018
+ * Lua, C
+ * GPL-2
+ * [Debian package](https://tracker.debian.org/pkg/lsyncd) since 2010 (jessie), up to date
+ * spawns rsync on file changes
+ * Lua configuration can be leveraged to do other things than sync
+
+Integrity checks
+================
+
+Here again, there are many filesystem integrity checkers, but they are
+not relevant here unless they can also execute arbitrary
+commands. But, again, here's an idea of the other stuff that is out
+there that might be a better fit than trying to fit a square peg in
+this round hole:
+
+ * [AIDE](https://aide.github.io/)
+ * [OSSEC](https://www.ossec.net/)
+ * [Samhain](https://www.la-samhna.de/samhain/)
+ * [Tripwire](https://github.com/Tripwire/tripwire-open-source)
+ * [Wazuh](https://wazuh.com/)
+
+## iwatch
+
+<http://iwatch.sourceforge.net/>
+
+ * 2006-2009
+ * Perl
+ * GPL-2+
+ * [Debian package](https://tracker.debian.org/pkg/iwatch) since 2006
+ * emails on file changes
+ * can also execute commands, but primarily designed as an intrusion
+   detection system
+ * XML configuration (!)
+
 Other
 =====
 

add a flurry of inotify wrappers
diff --git a/blog/2019-11-20-file-monitoring-tools.mdwn b/blog/2019-11-20-file-monitoring-tools.mdwn
index e5a2be6b..6cbdbbf5 100644
--- a/blog/2019-11-20-file-monitoring-tools.mdwn
+++ b/blog/2019-11-20-file-monitoring-tools.mdwn
@@ -57,6 +57,59 @@ gamin
  * [Debian package](https://tracker.debian.org/pkg/gamin) since 2005 (!)
  * not a commandline tool
 
+incron
+------
+
+<https://github.com/ar-/incron>
+
+ * 2006-2012, 2014-2015
+ * C++
+ * GPL-2
+ * [Debian package](https://tracker.debian.org/pkg/incron) since 2007 (!)
+ * Watches files and launches command in a cron-like (and [rather
+   obscure](https://manpages.debian.org/incrontab.5)) syntax
+ * no event deduplication
+
+inoticoming
+-----------
+
+<https://tracker.debian.org/pkg/inoticoming>
+
+ * 2007-2012
+ * C
+ * GPL-2
+ * [Debian package](https://tracker.debian.org/pkg/inoticoming) is upstream
+ * watches directory, fires command
+ * yet another wrapper for inotify
+ * built for [reprepro](https://tracker.debian.org/pkg/reprepro)
+ * no event deduplication
+
+inotify-hookable
+----------------
+
+<https://metacpan.org/pod/App::Inotify::Hookable>
+
+ * 2012-2016
+ * [Debian package](https://tracker.debian.org/pkg/inotify-hookable) since 2013 (jessie)
+ * Perl
+ * GPL-1+
+ * yet another wrapper for inotify
+ * no event deduplication, but can "buffer" multiple events together
+   with a timeout
+
+inotify-tools
+-------------
+
+<https://github.com/rvoicilas/inotify-tools/>
+
+ * 2006-2018?
+ * C
+ * GPL-2
+ * [Debian package](https://tracker.debian.org/pkg/inotify-tools) since 2006 (!)
+ * canonical wrapper around inotify (Linux-specific)
+ * somewhat [difficult commandline interface](https://manpages.debian.org/buster/inotify-tools/inotifywait.1.en.html)
+ * no event deduplication
+
 watchexec
 ---------
 

regroup other alternatives
diff --git a/blog/2019-11-20-file-monitoring-tools.mdwn b/blog/2019-11-20-file-monitoring-tools.mdwn
index c6fa10aa..e5a2be6b 100644
--- a/blog/2019-11-20-file-monitoring-tools.mdwn
+++ b/blog/2019-11-20-file-monitoring-tools.mdwn
@@ -84,11 +84,10 @@ watchman
  * can watch multiple directories
  * waits for settling
 
-Purpose-specific
-================
+Web development
+===============
 
-grip (markdown)
----------------
+## grip (markdown)
 
 <https://github.com/joeyespo/grip>
 
@@ -99,8 +98,22 @@ grip (markdown)
  * rebuilds markdown files and servers them over HTTP with autoreload
  * relies on GitHub's API for rendering (!)
 
-conttest (unit tests)
----------------------
+## frameworks
+
+Many frameworks automatically reload files when they change. A few
+examples:
+
+ * [Flask](http://flask.pocoo.org/) - built-in for code, set [`TEMPLATES_AUTO_RELOAD`](https://flask.palletsprojects.com/en/1.0.x/config/#TEMPLATES_AUTO_RELOAD)
+   for templates
+ * [Django](https://www.djangoproject.com/) - [`runserver`](https://docs.djangoproject.com/en/2.2/ref/django-admin/#runserver) will reload all files at every
+   requests, unless `pyinotify` is installed, in which case it will do
+   so more smartly
+ * [iPython](https://ipython.org/) - has a [autoreload](https://ipython.org/ipython-doc/3/config/extensions/autoreload.html) extension
+
+Unit tests
+==========
+
+## conttest
 
 <https://github.com/eigenhombre/continuous-testing-helper>
 
@@ -112,19 +125,7 @@ conttest (unit tests)
    directory
  * Part of a [continuous testing](http://zerolib.com/continuous-testing.html) strategy on the desktop
 
-kfmon (kobo launcher)
----------------------
-
-<https://github.com/NiLuJe/kfmon>
-
- * 2016-2019
- * C
- * GPL-3
- * No Debian package
- * Launches programs when icons are activated on a Kobo reader
-
-tdaemon (unit tests)
---------------------
+## tdaemon
 
 <https://github.com/brunobord/tdaemon>
 
@@ -135,18 +136,30 @@ tdaemon (unit tests)
  * inspiration for the above
  * restricted to a subset of Python test frameworks
 
-Framework-specific
-------------------
+File synchronization
+====================
 
-Many frameworks automatically reload files when they change. A few
-examples:
+I will not go through a list of all the file synchronization tools
+here. Most of them have some sort of "wake-up" system to notify file
+changes, but they are considered out of scope here unless they can
+also launch custom commands. But just for the sake of the argument, I
+am aware of:
 
- * [Flask](http://flask.pocoo.org/) - built-in for code, set [`TEMPLATES_AUTO_RELOAD`](https://flask.palletsprojects.com/en/1.0.x/config/#TEMPLATES_AUTO_RELOAD)
-   for templates
- * [Django](https://www.djangoproject.com/) - [`runserver`](https://docs.djangoproject.com/en/2.2/ref/django-admin/#runserver) will reload all files at every
-   requests, unless `pyinotify` is installed, in which case it will do
-   so more smartly
- * [iPython](https://ipython.org/) - has a [autoreload](https://ipython.org/ipython-doc/3/config/extensions/autoreload.html) extension
+ * [git-annex](https://git-annex.branchable.com/)
+ * [syncthing](https://syncthing.net/)
+
+Other
+=====
+
+## kfmon (kobo launcher)
+
+<https://github.com/NiLuJe/kfmon>
+
+ * 2016-2019
+ * C
+ * GPL-3
+ * No Debian package
+ * Launches programs when icons are activated on a Kobo reader
 
 I've probably missed half a million such programs so this might be
 expanded with time and your comments.

fix 2014 debian release name
diff --git a/blog/2019-11-20-file-monitoring-tools.mdwn b/blog/2019-11-20-file-monitoring-tools.mdwn
index 09257fef..c6fa10aa 100644
--- a/blog/2019-11-20-file-monitoring-tools.mdwn
+++ b/blog/2019-11-20-file-monitoring-tools.mdwn
@@ -31,7 +31,7 @@ entr
  * 2012-2019
  * C
  * ISC
- * [Debian package](https://tracker.debian.org/pkg/entr) since 2014 (wheezy), up to date
+ * [Debian package](https://tracker.debian.org/pkg/entr) since 2014 (jessie), up to date
  * finds file from stdin
  * has special hacks to reload browser
  * can clear screen between calls

Added a comment: Notify
diff --git a/blog/2019-11-20-file-monitoring-tools/comment_1_0229fd4bd6070d5824e31e6191479e14._comment b/blog/2019-11-20-file-monitoring-tools/comment_1_0229fd4bd6070d5824e31e6191479e14._comment
new file mode 100644
index 00000000..fbeb3d83
--- /dev/null
+++ b/blog/2019-11-20-file-monitoring-tools/comment_1_0229fd4bd6070d5824e31e6191479e14._comment
@@ -0,0 +1,12 @@
+[[!comment format=mdwn
+ ip="194.254.66.210"
+ claimedauthor="Sytoka"
+ subject="Notify"
+ date="2019-11-21T09:35:17Z"
+ content="""
+You also have inotifywait/inotifywatch, inotify-hookable, lsyncd (can do more than just sync)
+
+```bash
+apt-cache show inotify-tools inotify-hookable lsyncd
+```
+"""]]

a new provider, suggested by gagz
diff --git a/services/backup.mdwn b/services/backup.mdwn
index abae281c..d54ee41d 100644
--- a/services/backup.mdwn
+++ b/services/backup.mdwn
@@ -260,6 +260,8 @@ Web: install apache2 + restore wiki.
  * [Hetzner](https://www.hetzner.com/cloud): 3EUR/mth 2GB RAM, 20GB disk, 20TB traffic (≈60mbps) +
    1EUR/TB, 10Gbps?, hourly/monthly billing, Germany
 
+ * [Tetaneutral](https://www.tetaneutral.net/): 1vCPU, 1024Mo DDR, 20Go SSD, 100Go HDD, Debian Stretch : 5 à 10€/mois
+
 ### Large storage options
 
 This was done as part of research for archival in virtual machines.

harmonize formatting
diff --git a/blog/2019-11-20-file-monitoring-tools.mdwn b/blog/2019-11-20-file-monitoring-tools.mdwn
index 29d16139..09257fef 100644
--- a/blog/2019-11-20-file-monitoring-tools.mdwn
+++ b/blog/2019-11-20-file-monitoring-tools.mdwn
@@ -18,7 +18,8 @@ direvent
 <https://www.gnu.org.ua/software/direvent/>
 
  * 2013-2019, GNU project since 2014
- * C, GPL-3
+ * C
+ * GPL-3
  * [Debian package](https://tracker.debian.org/pkg/direvent), since 2015 (stretch), out of date (5.1 vs 5.2)
  * requires a config file to operate
 
@@ -43,8 +44,7 @@ fswatch
  * 2014-2018
  * C++
  * GPL-3
- * [Debian package](https://tracker.debian.org/fswatch) since 2017
-   (buster), up to date
+ * [Debian package](https://tracker.debian.org/fswatch) since 2017 (buster), up to date
  * outputs changesets using a specific syntax, so requires more
    commandline voodoo
 
@@ -77,10 +77,10 @@ watchman
 <http://facebook.github.io/watchman/>
 
  * 2013-2019
- * Facebook
- * [Debian package](https://tracker.debian.org/watchman), since 2019 (bullseye)
  * C++, Python
  * Apache-2
+ * Facebook
+ * [Debian package](https://tracker.debian.org/watchman), since 2019 (bullseye)
  * can watch multiple directories
  * waits for settling
 

fix typo
diff --git a/blog/2019-11-20-file-monitoring-tools.mdwn b/blog/2019-11-20-file-monitoring-tools.mdwn
index de9c75bc..29d16139 100644
--- a/blog/2019-11-20-file-monitoring-tools.mdwn
+++ b/blog/2019-11-20-file-monitoring-tools.mdwn
@@ -1,4 +1,4 @@
-[[!meta title="a quick review of file watches"]]
+[[!meta title="a quick review of file watchers"]]
 
 File watchers. I always forget about those and never use then, but I
 constantly feel like I need them. So I made this list to stop

add fswatch (tx sdk), gamin and kfmon
diff --git a/blog/2019-11-20-file-monitoring-tools.mdwn b/blog/2019-11-20-file-monitoring-tools.mdwn
index 94317ea3..de9c75bc 100644
--- a/blog/2019-11-20-file-monitoring-tools.mdwn
+++ b/blog/2019-11-20-file-monitoring-tools.mdwn
@@ -35,6 +35,28 @@ entr
  * has special hacks to reload browser
  * can clear screen between calls
 
+fswatch
+-------
+
+<http://emcrisostomo.github.io/fswatch/>
+
+ * 2014-2018
+ * C++
+ * GPL-3
+ * [Debian package](https://tracker.debian.org/fswatch) since 2017
+   (buster), up to date
+ * outputs changesets using a specific syntax, so requires more
+   commandline voodoo
+
+gamin
+-----
+
+<https://people.gnome.org/~veillard/gamin/>
+
+ * 2004-2007
+ * [Debian package](https://tracker.debian.org/pkg/gamin) since 2005 (!)
+ * not a commandline tool
+
 watchexec
 ---------
 
@@ -90,6 +112,17 @@ conttest (unit tests)
    directory
  * Part of a [continuous testing](http://zerolib.com/continuous-testing.html) strategy on the desktop
 
+kfmon (kobo launcher)
+---------------------
+
+<https://github.com/NiLuJe/kfmon>
+
+ * 2016-2019
+ * C
+ * GPL-3
+ * No Debian package
+ * Launches programs when icons are activated on a Kobo reader
+
 tdaemon (unit tests)
 --------------------
 

sort entries by name, lowercase
diff --git a/blog/2019-11-20-file-monitoring-tools.mdwn b/blog/2019-11-20-file-monitoring-tools.mdwn
index 3e43bde1..94317ea3 100644
--- a/blog/2019-11-20-file-monitoring-tools.mdwn
+++ b/blog/2019-11-20-file-monitoring-tools.mdwn
@@ -12,7 +12,7 @@ Generic
 
 Those tools an watch files or trees of files and execute whatever.
 
-Direvent
+direvent
 --------
 
 <https://www.gnu.org.ua/software/direvent/>
@@ -22,7 +22,20 @@ Direvent
  * [Debian package](https://tracker.debian.org/pkg/direvent), since 2015 (stretch), out of date (5.1 vs 5.2)
  * requires a config file to operate
 
-Watchexec
+entr
+----
+
+<http://eradman.com/entrproject/>
+
+ * 2012-2019
+ * C
+ * ISC
+ * [Debian package](https://tracker.debian.org/pkg/entr) since 2014 (wheezy), up to date
+ * finds file from stdin
+ * has special hacks to reload browser
+ * can clear screen between calls
+
+watchexec
 ---------
 
 <https://github.com/watchexec/watchexec>
@@ -36,7 +49,7 @@ Watchexec
  * fast polling
  * can clear screen between calls
 
-Watchman
+watchman
 --------
 
 <http://facebook.github.io/watchman/>
@@ -49,23 +62,10 @@ Watchman
  * can watch multiple directories
  * waits for settling
 
-Entr
-----
-
-<http://eradman.com/entrproject/>
-
- * 2012-2019
- * C
- * ISC
- * [Debian package](https://tracker.debian.org/pkg/entr) since 2014 (wheezy), up to date
- * finds file from stdin
- * has special hacks to reload browser
- * can clear screen between calls
-
 Purpose-specific
 ================
 
-Grip (markdown)
+grip (markdown)
 ---------------
 
 <https://github.com/joeyespo/grip>
@@ -77,7 +77,7 @@ Grip (markdown)
  * rebuilds markdown files and servers them over HTTP with autoreload
  * relies on GitHub's API for rendering (!)
 
-Conttest (unit tests)
+conttest (unit tests)
 ---------------------
 
 <https://github.com/eigenhombre/continuous-testing-helper>

creating tag page tag/programming
diff --git a/tag/programming.mdwn b/tag/programming.mdwn
new file mode 100644
index 00000000..80031d47
--- /dev/null
+++ b/tag/programming.mdwn
@@ -0,0 +1,4 @@
+[[!meta title="pages tagged programming"]]
+
+[[!inline pages="tagged(programming)" actions="no" archive="yes"
+feedshow=10]]

document my search for file monitoring tools
diff --git a/blog/2019-11-20-file-monitoring-tools.mdwn b/blog/2019-11-20-file-monitoring-tools.mdwn
new file mode 100644
index 00000000..3e43bde1
--- /dev/null
+++ b/blog/2019-11-20-file-monitoring-tools.mdwn
@@ -0,0 +1,121 @@
+[[!meta title="a quick review of file watches"]]
+
+File watchers. I always forget about those and never use then, but I
+constantly feel like I need them. So I made this list to stop
+searching everywhere for those things which are surprisingly hard to
+find in a search engine.
+
+[[!toc levels=3]]
+
+Generic
+=======
+
+Those tools an watch files or trees of files and execute whatever.
+
+Direvent
+--------
+
+<https://www.gnu.org.ua/software/direvent/>
+
+ * 2013-2019, GNU project since 2014
+ * C, GPL-3
+ * [Debian package](https://tracker.debian.org/pkg/direvent), since 2015 (stretch), out of date (5.1 vs 5.2)
+ * requires a config file to operate
+
+Watchexec
+---------
+
+<https://github.com/watchexec/watchexec>
+
+ * 2016-2019
+ * Rust
+ * Apache-2.0
+ * No Debian package
+ * supports `.gitignore` files and filename patterns
+ * merges multiple events
+ * fast polling
+ * can clear screen between calls
+
+Watchman
+--------
+
+<http://facebook.github.io/watchman/>
+
+ * 2013-2019
+ * Facebook
+ * [Debian package](https://tracker.debian.org/watchman), since 2019 (bullseye)
+ * C++, Python
+ * Apache-2
+ * can watch multiple directories
+ * waits for settling
+
+Entr
+----
+
+<http://eradman.com/entrproject/>
+
+ * 2012-2019
+ * C
+ * ISC
+ * [Debian package](https://tracker.debian.org/pkg/entr) since 2014 (wheezy), up to date
+ * finds file from stdin
+ * has special hacks to reload browser
+ * can clear screen between calls
+
+Purpose-specific
+================
+
+Grip (markdown)
+---------------
+
+<https://github.com/joeyespo/grip>
+
+ * 2012-2018
+ * Python
+ * MIT
+ * [Debian package](https://tracker.debian.org/pkg/grip) since 2016 (stretch)
+ * rebuilds markdown files and servers them over HTTP with autoreload
+ * relies on GitHub's API for rendering (!)
+
+Conttest (unit tests)
+---------------------
+
+<https://github.com/eigenhombre/continuous-testing-helper>
+
+ * 2012-2018 (no official release)
+ * Python
+ * No license
+ * No Debian package
+ * Reruns tests (but also any command) on file change in the current
+   directory
+ * Part of a [continuous testing](http://zerolib.com/continuous-testing.html) strategy on the desktop
+
+tdaemon (unit tests)
+--------------------
+
+<https://github.com/brunobord/tdaemon>
+
+ * 2008-2014 (no official release)
+ * Python
+ * MIT
+ * No Debian package
+ * inspiration for the above
+ * restricted to a subset of Python test frameworks
+
+Framework-specific
+------------------
+
+Many frameworks automatically reload files when they change. A few
+examples:
+
+ * [Flask](http://flask.pocoo.org/) - built-in for code, set [`TEMPLATES_AUTO_RELOAD`](https://flask.palletsprojects.com/en/1.0.x/config/#TEMPLATES_AUTO_RELOAD)
+   for templates
+ * [Django](https://www.djangoproject.com/) - [`runserver`](https://docs.djangoproject.com/en/2.2/ref/django-admin/#runserver) will reload all files at every
+   requests, unless `pyinotify` is installed, in which case it will do
+   so more smartly
+ * [iPython](https://ipython.org/) - has a [autoreload](https://ipython.org/ipython-doc/3/config/extensions/autoreload.html) extension
+
+I've probably missed half a million such programs so this might be
+expanded with time and your comments.
+
+[[!tag debian debian-planet software review programming]]

mention apssa, even if mostly inactive
diff --git a/services/wiki.mdwn b/services/wiki.mdwn
index b2b4a225..12b20c44 100644
--- a/services/wiki.mdwn
+++ b/services/wiki.mdwn
@@ -1,5 +1,6 @@
 J'héberge ici plusieurs wikis, petit inventaire:
 
+ * [APSSA](http://apssa.wiki.orangeseeds.org/) - Alliance des Petits Serveurs | Small Server Alliance
  * [foufem](http://foufem.orangeseeds.org/) - femmes et de féministes aimant le Foulab
  * [CⒶTS](http://cats.orangeseeds.org/) -  - Collective Appalachian Tech Skillshare
  * [réseau libre](http://reseaulibre.ca/) - projet d'internet sans fil communautaire "mesh"

retire rococo site, it was empty and unused
diff --git a/services/wiki.mdwn b/services/wiki.mdwn
index 917b7b3a..b2b4a225 100644
--- a/services/wiki.mdwn
+++ b/services/wiki.mdwn
@@ -1,7 +1,6 @@
 J'héberge ici plusieurs wikis, petit inventaire:
 
  * [foufem](http://foufem.orangeseeds.org/) - femmes et de féministes aimant le Foulab
- * [rococo](http://rococo.wiki.orangeseeds.org/) - projet de relance des rococos
  * [CⒶTS](http://cats.orangeseeds.org/) -  - Collective Appalachian Tech Skillshare
  * [réseau libre](http://reseaulibre.ca/) - projet d'internet sans fil communautaire "mesh"
  * [ce site](http://anarc.at/) - ce site

Added a comment: Security around epub
diff --git a/software/desktop/calibre/comment_15_b928be721fca5d8ef1c0b09eb8996348._comment b/software/desktop/calibre/comment_15_b928be721fca5d8ef1c0b09eb8996348._comment
new file mode 100644
index 00000000..b445a775
--- /dev/null
+++ b/software/desktop/calibre/comment_15_b928be721fca5d8ef1c0b09eb8996348._comment
@@ -0,0 +1,12 @@
+[[!comment format=mdwn
+ ip="87.198.117.59"
+ claimedauthor="federico3"
+ subject="Security around epub"
+ date="2019-11-15T12:47:04Z"
+ content="""
+Hi Anarcat!
+One security issue of book readers is that they often follow URLs inside EPUB files (in HTML, CSS, SVG) and execute javascript.
+
+e. g. https://github.com/babluboy/bookworm/issues/283
+
+"""]]

mention the popcorn computer
diff --git a/hardware/laptop.mdwn b/hardware/laptop.mdwn
index 8deac924..f02e742e 100644
--- a/hardware/laptop.mdwn
+++ b/hardware/laptop.mdwn
@@ -56,6 +56,28 @@ https://www.indiegogo.com/projects/gemini-pda-android-linux-keyboard-mobile-devi
 > lugging a full laptop around with you, the keyboard is better than
 > using the on screen keyboard on the phone.
 
+Popcorn
+-------
+
+https://pocket.popcorncomputer.com/
+
+Cheaper than the Gemini (~200$), Lora instead of GSM.
+
+ * 1080p 4.95"
+ * shipped with Debian
+ * 4xUSB-C (1 power, 2 host, 1 serial)
+ * no headphone jack
+ * Wifi, Bluetooth
+ * LoRa
+ * GNSS (GPS)
+ * 3200mAh battery
+ * external microSD
+ * ARM 1.2GHz Cortex-A53
+ * 2GB ram
+ * 32GB eMMC
+ * Physical keyboard
+
+In pre-order, expected in 2020.
 
 Mnt reform
 ----------

JAA filed bugs
diff --git a/services/archive/web.mdwn b/services/archive/web.mdwn
index f7eefdb0..222b6ffa 100644
--- a/services/archive/web.mdwn
+++ b/services/archive/web.mdwn
@@ -269,8 +269,8 @@ mentioned above, some not.
 
  * [Autistici crawl][crawl]: a simple and fast WARC crawler
  * [crau](https://github.com/turicas/crau): scrapy-based crawler, writes but also list, extracts and
-   replays WARC files, might be missing [redirects](https://github.com/turicas/crau/issues/1) and transfer
-   encoding
+   replays WARC files, might be missing [redirects](https://github.com/turicas/crau/issues/1) and fails to
+   preserve [transfer encoding](https://github.com/turicas/crau/issues/15) and [headers](https://github.com/turicas/crau/issues/16)
  * [Heritrix](https://en.wikipedia.org/wiki/Heritrix) is the Internet Archive crawler (!)
  * [httrack][]: old but basic tool that works. no WARC support.
  * [wget][]: a classic HTTP multipurpose tool.

jvoisin made a blog
diff --git a/blog/2019-10-16-bus-factor/comment_4_9ee8aadb7abef9aabbc7075cffee2be6._comment b/blog/2019-10-16-bus-factor/comment_4_9ee8aadb7abef9aabbc7075cffee2be6._comment
new file mode 100644
index 00000000..f5b4afca
--- /dev/null
+++ b/blog/2019-10-16-bus-factor/comment_4_9ee8aadb7abef9aabbc7075cffee2be6._comment
@@ -0,0 +1,13 @@
+[[!comment format=mdwn
+ username="anarcat"
+ subject="""jvoisin's blog post"""
+ date="2019-11-13T18:35:29Z"
+ content="""
+jvoisin made an [interesting argument](https://dustri.org/b/on-reducing-the-bus-factor-school-rant-edition.html) in response to this post that education might be a key solution to this:
+
+ 1. Encourage people to students to existing projects instead of reinventing old algorithms that have been written a billion times already.
+ 2. Teach students how to collaborate on software projects, with version control systems, issue trackers, handle reviews, be nice on mailing lists.
+ 3. Encourage students to apply to GSOC and similar programs to code during the summer
+
+I'm not convinced *at all* by the last part: students should get high and travel during their holidays, not work on computers. But for everything else, good ideas!
+"""]]

link
diff --git a/services/archive/web.mdwn b/services/archive/web.mdwn
index 486276dc..f7eefdb0 100644
--- a/services/archive/web.mdwn
+++ b/services/archive/web.mdwn
@@ -269,7 +269,8 @@ mentioned above, some not.
 
  * [Autistici crawl][crawl]: a simple and fast WARC crawler
  * [crau](https://github.com/turicas/crau): scrapy-based crawler, writes but also list, extracts and
-   replays WARC files, missing redirects, transfer encoding
+   replays WARC files, might be missing [redirects](https://github.com/turicas/crau/issues/1) and transfer
+   encoding
  * [Heritrix](https://en.wikipedia.org/wiki/Heritrix) is the Internet Archive crawler (!)
  * [httrack][]: old but basic tool that works. no WARC support.
  * [wget][]: a classic HTTP multipurpose tool.

mention crau
diff --git a/services/archive/web.mdwn b/services/archive/web.mdwn
index a9ff7956..486276dc 100644
--- a/services/archive/web.mdwn
+++ b/services/archive/web.mdwn
@@ -268,6 +268,8 @@ Here are the various programs that can archive websites. Some were
 mentioned above, some not.
 
  * [Autistici crawl][crawl]: a simple and fast WARC crawler
+ * [crau](https://github.com/turicas/crau): scrapy-based crawler, writes but also list, extracts and
+   replays WARC files, missing redirects, transfer encoding
  * [Heritrix](https://en.wikipedia.org/wiki/Heritrix) is the Internet Archive crawler (!)
  * [httrack][]: old but basic tool that works. no WARC support.
  * [wget][]: a classic HTTP multipurpose tool.

link to impass
diff --git a/blog/2017-02-18-passwords-entropy.mdwn b/blog/2017-02-18-passwords-entropy.mdwn
index 8ef516ca..1a7b0ac6 100644
--- a/blog/2017-02-18-passwords-entropy.mdwn
+++ b/blog/2017-02-18-passwords-entropy.mdwn
@@ -287,7 +287,7 @@ printable/transferable string*". The priority, in this case, is to have a
 token that is as compact as possible with the given entropy, while at
 the same time using a character set that should cause as little trouble
 as possible on sites that restrict the characters you can use. Gillmor
-is a co-maintainer of the [Assword](https://finestructure.net/assword/)
+is a co-maintainer of the [Assword](https://finestructure.net/assword/) (now known as [impass](https://salsa.debian.org/debian/impass))
 password manager, which chose base64 because it is widely available and
 understood and only takes up 33% more space than the original 8-bit
 binary encoding. After a lengthy discussion, the pass maintainer, Jason

african proverb, from
https://urvikagola.wordpress.com/2019/11/03/grace-hopper-celebration19-orlando/
diff --git a/fortunes.txt b/fortunes.txt
index 3327bd9e..d9f6c890 100644
--- a/fortunes.txt
+++ b/fortunes.txt
@@ -1113,3 +1113,6 @@ Anarchy is not perfection, it is not the absolute ideal which like the
 horizon recedes as fast as we approach it; but it is the way open to
 all progress and all improvements for the benefit of everybody.
                         - Errico Malatesta
+%
+If you want to go fast, go alone. If you want to go far, go together.
+                        - African proverb

cross-ref the blog post and archive wiki page better
diff --git a/blog/2018-10-04-archiving-web-sites.mdwn b/blog/2018-10-04-archiving-web-sites.mdwn
index d9b4e40c..75b26a5d 100644
--- a/blog/2018-10-04-archiving-web-sites.mdwn
+++ b/blog/2018-10-04-archiving-web-sites.mdwn
@@ -275,7 +275,8 @@ itself][].
 >
 > Finally, this article was originally written as a set of notes and
 > documentation in the [[services/archive]] page which may also be of
-> interest to my readers.
+> interest to my readers. This blog post will not be updated in the
+> future while the latter wiki page might.
 
   [this archive of two Bloomberg articles]: https://archive.org/details/anarcat-bloomberg
   [webrecorder.io]: https://webrecorder.io/
diff --git a/services/archive/web.mdwn b/services/archive/web.mdwn
index cd0aefa2..a9ff7956 100644
--- a/services/archive/web.mdwn
+++ b/services/archive/web.mdwn
@@ -1,5 +1,10 @@
 [[!meta title="Website mirroring and archival"]]
 
+Update: I published a [article](/blog/2018-10-04-archiving-web-sites/) [on LWN](https://lwn.net/Articles/766374/) based on this
+documentation, which is a more "narrative" form. The article, however,
+will not be updated any further while those notes are a living
+document that might be updated again eventually.
+
 For various reasons, I've played with website mirroring and
 archival. Particularly at [Koumbit](https://koumbit.org), when a project is over or
 abandoned, we have tried to keep a static copy of active websites. The

notes about wasd latency
diff --git a/hardware/keyboard.mdwn b/hardware/keyboard.mdwn
index 1d2e0dc9..6b091e73 100644
--- a/hardware/keyboard.mdwn
+++ b/hardware/keyboard.mdwn
@@ -90,6 +90,10 @@ everything.
  * custom switches
  * no windows logo (customizable)
  * 145$, 185$ with o-rings and MX-clear
+ * latency around 14ms according to manufacturer:
+   > Debounce delay: after key press delay *12ms*
+   > Algorithm: Time base=1ms, Fixed time =4ms, continuous 3 times with same
+   > result, KEY state can be determined.
 
 Update:
 

new nice to have features
diff --git a/hardware/keyboard.mdwn b/hardware/keyboard.mdwn
index 850e90e8..1d2e0dc9 100644
--- a/hardware/keyboard.mdwn
+++ b/hardware/keyboard.mdwn
@@ -39,6 +39,33 @@ Tactile feel
 
 I liked the clikety feeling of the Model M, but not the sound. Ideally, it would have the same feeling, but less loud. The [MX brown](http://deskthority.net/wiki/Cherry_MX_Brown) seems to have that characteristic, but I am worried it will loose the clikety feeling. The [Cherry MX clear](http://deskthority.net/wiki/Cherry_MX_Clear) may be a good compromise.
 
+Nice to have
+============
+
+Low latency
+-----------
+
+As discussed in [[monitor]] and my [[terminal emulators
+review|blog/2018-05-04-terminal-emulators-2/#latency]], we have very
+little wiggle room for latency in the various I/O component of the
+computer. In theory, we can get sub 30ms latency in the entire chain,
+and keyboards take up almost half of that (14ms). So it would be nice
+to have keyboards with lower latency than this.
+
+Open firmware
+-------------
+
+We now live in a world where every device has its own little computer,
+a controller that parses the electric output of switches and turn that
+into a meaningful data stream, usually over USB, to the main
+computer. Most keyboards, in that sense, are proprietary, but there
+are nice efforts like the [TMK](https://github.com/tmk/tmk_keyboard) and [QMK](https://qmk.fm/) firmware projects that
+attempt to reverse-engineer and replace the existing firmwares.
+
+Having support for an open firmware would be a plus, and would
+possibly allow us to *reduce* the keyboard latency by changing or
+removing the debouncing algorithm.
+
 Keyboard models
 ===============
 

wtf
diff --git a/blog/2019-10-25-stay-away-from-fizz.mdwn b/blog/2019-10-25-stay-away-from-fizz.mdwn
index 97572036..68330824 100644
--- a/blog/2019-10-25-stay-away-from-fizz.mdwn
+++ b/blog/2019-10-25-stay-away-from-fizz.mdwn
@@ -61,4 +61,13 @@ Infos Fizz:
 
 https://www.opc.gouv.qc.ca/se-renseigner/liste-des-resultats-de-recherche/details/commercant/690616/
 
+> Update:
+
+> Le problème que vous rencontrez n’est pas de la responsabilité de
+> l’Office de la protection du consommateur. Nous vous suggérons de
+> visiter le [Portail des programmes et services de Services
+> Québec](http://www.gouv.qc.ca/portail/quebec/pgs/citoyens/?lang=fr), qui est le centre de renseignements du gouvernement du
+> Québec. Il diffuse de l’information sur les organismes et les
+> ministères du gouvernement provincial.
+
 [[!tag draft]]

keep getting crap from fizz
diff --git a/blog/2019-10-25-stay-away-from-fizz.mdwn b/blog/2019-10-25-stay-away-from-fizz.mdwn
new file mode 100644
index 00000000..97572036
--- /dev/null
+++ b/blog/2019-10-25-stay-away-from-fizz.mdwn
@@ -0,0 +1,64 @@
+Still need to put this into shape, but I sent this complaint to
+[Office de Protection du Consommateur](https://www.opc.gouv.qc.ca/consommateur/probleme-commercant/etapes/).
+
+J'ai fait affaire avec Fizz pendant quelques mois au début de
+l'année. Quand j'ai tenté de transférer mon numéro de téléphone actuel
+vers Fizz.ca, la procédure a échoué sur leur site web. J'ai tenté de
+rejoindre le support technique, mais ils n'offrent pas de support par
+téléphone et semble cacher délibérément leur adresse postale. Ils
+prétendent avoir un support de "chat" sur leur site web mais il n'a
+jamais fonctionné.
+
+https://twitter.com/theanarcat/status/1115329821163311110
+
+(looking at plans.. https://twitter.com/theanarcat/status/1116406902085255168)
+
+J'ai fini par les rejoindre par Twitter (!), après 2 semaines de
+silence:
+
+https://twitter.com/theanarcat/status/1117549912982532096
+
+Leur support technique était pratiquement incompétent et prétendaient
+qu'il était impossible de "porter" le numéro de téléphone, ce qui
+était faux. Deux semaines plus tard, Fido.ca m'offrait le service et
+je changeait de fournisseur:
+
+https://twitter.com/theanarcat/status/1121120509297606656
+
+... et je fermais mon compte Fizz.
+
+Première plainte: mauvais support technique. Mais l'histoire ne
+s'arrête pas ici! Fizz n'a jamais effacé mes données personnelles de
+son serveur et continue allégrement à m'envoyer du spam, exemple en
+Août:
+
+https://twitter.com/theanarcat/status/1158384226942771200
+
+Après quelques conversations privées sur Twitter (par "DM"), ils ont
+reconnu qu'il y avait un problème de leur côté et m'ont promis de le
+régler. Mais deux semaines plus tard, je recevait un autre courriel de
+leur part.
+
+Et aujourd'hui, je reçois un courriel qui m'avise qu'ils refusent
+simplement de me retirer de leur liste d'envoi:
+
+https://twitter.com/theanarcat/status/1187801950852734976
+
+Je considère que ceci est un bris de confiance du lien client /
+fournisseur. Je ne suis plus client de cette entreprise et considère
+qu'elle devrait détruire toute donnée personnelle qu'elle détient à
+mon égard.
+
+À tout le moins, il me semble y avoir des lois au Canada interdisant
+l'envoi de courriels non-sollicités:
+
+https://www2.deloitte.com/ca/en/pages/risk/articles/canada-anti-spam-law-casl-faq.html
+
+Donc, plaine #2: Fizz m'envoie du "spam" même si je ne suis plus
+client.
+
+Infos Fizz:
+
+https://www.opc.gouv.qc.ca/se-renseigner/liste-des-resultats-de-recherche/details/commercant/690616/
+
+[[!tag draft]]

yaay dark mode!
diff --git a/software/desktop/firefox.mdwn b/software/desktop/firefox.mdwn
index c026869e..fdd45063 100644
--- a/software/desktop/firefox.mdwn
+++ b/software/desktop/firefox.mdwn
@@ -278,6 +278,8 @@ I have set the following configuration options:
    readable and trigger the vertical dropdown earlier
  * `network.cookie.cookieBehavior` ([ref](http://kb.mozillazine.org/Network.cookie.cookieBehavior#3_2)):
    1 (no third-party cookies)
+ * `browser.in-content.dark-mode`: true (prefer dark CSS, see [this
+   discussion](https://css-tricks.com/dark-modes-with-css/), new in FF ~68)
  * `middlemouse.contentLoadURL` ([ref](http://kb.mozillazine.org/Middlemouse.contentLoadURL)):
    false (got used to chromium not doing that, and it seems too risky:
    passwords can leak in DNS too easily if you miss the field)

more bugs
diff --git a/services/upgrades/buster.mdwn b/services/upgrades/buster.mdwn
index be8d9706..74c9e48a 100644
--- a/services/upgrades/buster.mdwn
+++ b/services/upgrades/buster.mdwn
@@ -393,6 +393,79 @@ kernel bug][], still open.
 [this commit]: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=e839ffab028981ac77f650faf8c84f16e1719738
 [two-finger scrolling bug in Ubuntu]: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1722478
 
+### Antidote 9 failures
+
+[Antidote][] is a powerful spell-and-grammar-checking that's popular
+in the french-speaking community because it's incredibly powerful,
+probably unrivaled in free software.
+
+The upgrade from stretch to buster broke it completely: it wouldn't
+start at all and the buttons wouldn't work in Libreoffice. Upgrading
+from the 9v5.1 to the 9v5.3 Antidote release fixed its startup: now
+the standalone version runs, but not the Libreoffice plugin, even
+after reinstalling that.
+
+Of course, that's proprietary software which I don't support out of
+the box, but I gotta help our users... We've opened a ticket upstream,
+and they said that Debian is unsupported and they suggest upgrading to
+Antidote 10 (which costs money). They also explicitely say they don't
+provide refunds if the upgrade doesn't fail.
+
+They also provide steps to debug the problem and a way to give them
+more information. So we'll see how that flies. The way that works is
+they make you download a file called [DruideInfos.bash.tar.gz][] and,
+yes, that's a bash script in a tar archive. They tell you to
+"uncompress it on the desktop and run it", presumably a user-friendly
+version of `curl | bash`, although my friend had no idea how to
+actually do that. Not sure I like the idea of telling people to run a
+50KB bash script, but at a cursory glance, the script looked more or
+less okay. Even though it does send a lot of private information to
+Druide, they warn about that profusely and it's in the context of the
+user asking for help, so it kind of makes sense. Still, there are a
+few things wrong with the way they're doing this:
+
+ 1. the link is HTTP, in plain text
+
+ 2. it's a huge bash script, for crying out loud, can't antidote ship
+    a self-diagnostic tool in itself instead of telling people to
+    download random stuff over the internet?
+
+ 3. minor: you don't need tar to compress a single file, `gzip`
+    suffices
+
+ 4. probably minor: the username of the staff that created the script
+    leaks in the gzip archive
+
+ 5. the insides of the scripts are of course absolutely
+    horrendous. just to give an example, they write a JSON parser in
+    an inline Python script, written with variables in french, for
+    good measure (spotted by sdk)
+
+Now we're waiting for a response from their tech support.
+
+[DruideInfos.bash.tar.gz]: http://telechargement.druide.com/telecharger/Linux/DruideInfos.bash.tar.gz
+
+### No sleep
+
+The user noticed the laptop doesn't go to sleep when the lid is
+closed. Technically, the bug report is "big power draw even if lid is
+closed", which I concluded was related to suspend not working in some
+situation. I suspect the problem might simply be that suspend doesn't
+trigger if the lid is closed *before* the power cable is
+unplugged.
+
+This might or might not be a regression, unclear.
+
+### Disk problems (unrelated to upgrade)
+
+Unrelated to the upgrade, but I have to write this down *somewhere*:
+that laptop is also showing alarming disk errors when booting, since
+the HDD was replaced with a Samsung 860 SSD. 
+
+When chatting with Samsung support, they suggested checking if the
+disk is well-seated, which we still have to try.
+
+[Antidote]: https://www.antidote.info/
 Resolved
 --------
 

Added a comment: yeah, but...
diff --git a/blog/2019-10-16-bus-factor/comment_3_32a612751faf3d24226fde7f44cd65ac._comment b/blog/2019-10-16-bus-factor/comment_3_32a612751faf3d24226fde7f44cd65ac._comment
new file mode 100644
index 00000000..3c98b824
--- /dev/null
+++ b/blog/2019-10-16-bus-factor/comment_3_32a612751faf3d24226fde7f44cd65ac._comment
@@ -0,0 +1,16 @@
+[[!comment format=mdwn
+ ip="62.216.209.225"
+ claimedauthor="simeon"
+ subject="yeah, but..."
+ date="2019-10-22T20:22:43Z"
+ content="""
+> Lobby governments and research institutions to sponsor only free software projects. Otherwise this civilization will collapse in a crash of spaghetti code before it even has time to get flooded over.
+
+This is the best conclusion I've ever read. I fully second that.
+
+Many projects rely on 1 person. Some get even to a state that could be considered as complete, maybe even with the support of contributors.
+
+Open-End-Projects for critical infrastructure with few or no alternatives, such as libinput, openssl won't stop even when the bus hit. Redhat, MS, Alphabet or newly created (non-)profits will take care (see libreoffice). If not, after a time with painful gap, something new will be born when the need is there. Worst, the \"terminal care Apache Foundation\" will bury it half-alive.
+
+I don't want to down-play busfactor 1. The stress must be enormous. More helpers and co-maintainers would really be helpful. However some projects would not have such massive improvements without a single person having a goal and vision.
+"""]]

mention the new password generator i use
diff --git a/blog/2017-02-18-passwords-entropy.mdwn b/blog/2017-02-18-passwords-entropy.mdwn
index 62d59118..8ef516ca 100644
--- a/blog/2017-02-18-passwords-entropy.mdwn
+++ b/blog/2017-02-18-passwords-entropy.mdwn
@@ -317,6 +317,29 @@ routines to generate tokens, but the procedure is the same: read from
 the kernel's entropy source (and user-generated sources in case of
 KeePass) and transform that data into a transferable string.
 
+Update: I have changed my above function slightly to pick a number of
+characters instead of the password entropy. You rarely need the
+former: most of the time, you want a specific password length and the
+underlying entropy is implicit. This is the new function I use:
+
+    pwg() {
+        CHARS=${1:-28} # in characters
+        #
+        # extract random alphanumeric characters. not '[:alnum:]' because
+        # that doesn't work with busybox.
+        #
+        # this uses urandom because it discards a significant ratio of the
+        # incoming entropy (keeps only 56/256 = 7/32 bytes on average) and
+        # would otherwise quickly deplete the entropy pool. this is safe
+        # because of:
+        #
+        # https://www.2uo.de/myths-about-urandom
+        #
+        # WARNING: do not use this early in the boot process with an
+        # uninitialized PRNG.
+        tr -dc 'A-Za-z0-9' < /dev/urandom | head -c $CHARS
+    }
+
 ## Conclusion
 
 While there are many aspects to password management, we have focused on

make possible alternatives section
diff --git a/services/bookmarks.mdwn b/services/bookmarks.mdwn
index 45e569bb..76fd2641 100644
--- a/services/bookmarks.mdwn
+++ b/services/bookmarks.mdwn
@@ -41,7 +41,12 @@ The [Zotero dataserver][] was also too difficult to setup, and without a Debian
 
 Finally, Zotero is in an uncertain state because of the
 [[software/desktop/firefox]] XULocalypse, so I'm looking for
-replacements. Possible options include:
+replacements.
+
+Possible alternatives
+=====================
+
+Possible alternatives to zotero and/or wallabag include:
 
  * [xapers](https://finestructure.net/xapers/)
  * [pubs](https://github.com/pubs/pubs)
@@ -51,7 +56,7 @@ This also overlaps with bookmarking software like:
 
  * [Turtl](https://turtlapp.com/)
  * [reminiscense](https://github.com/kanishka-linux/reminiscence)
- * [bookmark-archiver](https://pirate.github.io/bookmark-archiver/)
+ * [archivebox](https://archivebox.io/) (previously called [bookmark-archiver](https://pirate.github.io/bookmark-archiver/))
  * [Wallabag](https://wallabag.org/)
  * [Buku](https://github.com/jarun/Buku)
  * [Shiori](https://github.com/RadhiFadlillah/shiori)

yet another bookmarking service
diff --git a/services/bookmarks.mdwn b/services/bookmarks.mdwn
index 486c86dd..45e569bb 100644
--- a/services/bookmarks.mdwn
+++ b/services/bookmarks.mdwn
@@ -55,6 +55,7 @@ This also overlaps with bookmarking software like:
  * [Wallabag](https://wallabag.org/)
  * [Buku](https://github.com/jarun/Buku)
  * [Shiori](https://github.com/RadhiFadlillah/shiori)
+ * [memex](https://worldbrain.io/)
 
 ... and archival software in the [[WARC ecosystem|services/archive]].
 

bad macchiatobin review
diff --git a/hardware/server/marcos.mdwn b/hardware/server/marcos.mdwn
index fe6fc247..d32a0a8b 100644
--- a/hardware/server/marcos.mdwn
+++ b/hardware/server/marcos.mdwn
@@ -220,7 +220,9 @@ requirements (8+GB):
 The [Macchiatobin](https://macchiatobin.net/product/macchiatobin-single-shot/) is interesting because it has a DDR4 socket so
 it supports up to 16GB of ram, but has features I don't need for a
 home server, like three SFP 10Gig-E ports... Could still be
-interesting for a SAN if I ever upgrade the network to 10G. 269$-369$.
+interesting for a SAN if I ever upgrade the network to
+10G. 269$-369$. That said, someone on IRC had a very bad experience
+with it: the capacitors were broken and they refused to take it back.
 
 The [Beelink](http://www.bee-link.com/Beelink-MiniPC-TV-BOX-65-1.html) is also interesting: Intel N3450 4GB DDR, 64GB SSD.
 

fix markdown links
for some reason, references don't mix well with `code` blocks,
although inline works. go figure.
diff --git a/services/mail.mdwn b/services/mail.mdwn
index eb68f3d7..c9b8e4e4 100644
--- a/services/mail.mdwn
+++ b/services/mail.mdwn
@@ -291,14 +291,11 @@ fallback, in `main.cf`:
     smtpd_tls_security_level = may
     smtp_tls_security_level = may
 
-See the [`TLS_README`][] and [`smtp_tls_security_level`][] for more
+See the [`TLS_README`](http://www.postfix.org/TLS_README.html) and [`smtp_tls_security_level`](http://www.postfix.org/postconf.5.html#smtp_tls_security_level) for more
 information.
 
-[`smtp_tls_security_level`]: http://www.postfix.org/postconf.5.html#smtp_tls_security_level
-[`TLS_README`]: http://www.postfix.org/TLS_README.html
-
-This patch is required to disable TLS when a [`content_filter`][] is
-configured (see [`FILTER_README`][] and below).
+This patch is required to disable TLS when a [`content_filter`](http://www.postfix.org/postconf.5.html#content_filter) is
+configured (see [`FILTER_README`](http://www.postfix.org/FILTER_README.html) and below).
 
     diff --git a/postfix/master.cf b/postfix/master.cf
     index b0ed875..6329c70 100644
@@ -315,8 +312,6 @@ configured (see [`FILTER_README`][] and below).
              -o myhostname=delivery.anarc.at
      submission inet n       -       -       -       -       smtpd
 
-[`FILTER_README`]: http://www.postfix.org/FILTER_README.html
-[`content_filter`]: http://www.postfix.org/postconf.5.html#content_filter
 Without this patch, local delivery would hang during my tests.
 
 MTA-STS
@@ -453,11 +448,8 @@ address.
                                     reject_rbl_client zen.spamhaus.org
 
 
-In other words, make sure that [`permit_sasl_authenticated`][] is
-added to [`smtpd_recipient_restrictions`][].
-
-[`smtpd_recipient_restrictions`]: http://www.postfix.org/postconf.5.html#smtpd_recipient_restrictions
-[`permit_sasl_authenticated`]: http://www.postfix.org/postconf.5.html#permit_sasl_authenticated
+In other words, make sure that [`permit_sasl_authenticated`](http://www.postfix.org/postconf.5.html#smtpd_recipient_restrictions) is
+added to [`smtpd_recipient_restrictions`](http://www.postfix.org/postconf.5.html#permit_sasl_authenticated).
 
 Then you need to hook Dovecot SASL authentication into Postfix and
 make sure it is not offered in cleartext:
@@ -616,7 +608,7 @@ References
 ----------
 
  * Koumbit [PostfixConfiguration](https://wiki.koumbit.net/PostfixConfiguration#Postfix_client_SASL_configuration)
- * [`TLS_README`][]
+ * [`TLS_README`](http://www.postfix.org/TLS_README.html)
  * [`SASL_README`](http://www.postfix.org/SASL_README.html)
 
 Delievery and retrieval over SSH

more background on Onyx
diff --git a/hardware/tablet.mdwn b/hardware/tablet.mdwn
index 0acf454c..baf75e58 100644
--- a/hardware/tablet.mdwn
+++ b/hardware/tablet.mdwn
@@ -88,6 +88,16 @@ Otherwise similar to the Glo HD. Retail price around 180$CAD.
 Onyx
 ----
 
+[Onyx][] make all sorts of (e-ink) tablets, from big to small, mostly running
+Android. They [publish some of their source on GitHub][], mostly as a
+"GPL-compliant dump mode", but it's still better than nothing. The
+also have a neat [community forum][]. They are based in China so
+products will ship from there.
+
+[Onyx]: https://en.wikipedia.org/wiki/Onyx_Boox
+[community forum]: http://bbs.onyx-international.com/
+[publish some of their source on GitHub]: https://github.com/onyx-intl/
+
 ### Onyx Boox Max 2
 
 The [Onyx Boox Max 2](https://onyxboox.com/boox_max2) is an awesome creature:

thanks, and response
diff --git a/blog/2019-10-16-bus-factor/comment_2_2391621f66a0297cde17d07316684693._comment b/blog/2019-10-16-bus-factor/comment_2_2391621f66a0297cde17d07316684693._comment
new file mode 100644
index 00000000..57362d77
--- /dev/null
+++ b/blog/2019-10-16-bus-factor/comment_2_2391621f66a0297cde17d07316684693._comment
@@ -0,0 +1,11 @@
+[[!comment format=mdwn
+ username="anarcat"
+ subject="""comment 2"""
+ date="2019-10-17T23:22:00Z"
+ content="""
+Excellent comment and insight, thank you so much for this.
+
+I would only one thing, and it's a thing that someone else mentioned on IRC: they said the problem also exists in their corporate job. And indeed, I feel that, in my corporate experience, there's also strong specialization and the bus factor must be near one.
+
+The difference there is that there are resources (ie. money) to hire and train people when trouble comes...
+"""]]

Added a comment: Audition culture, exploitation, and the failure of "the market"
diff --git a/blog/2019-10-16-bus-factor/comment_1_8e2bfe6b686106ab3ac95eebec23011a._comment b/blog/2019-10-16-bus-factor/comment_1_8e2bfe6b686106ab3ac95eebec23011a._comment
new file mode 100644
index 00000000..2113b268
--- /dev/null
+++ b/blog/2019-10-16-bus-factor/comment_1_8e2bfe6b686106ab3ac95eebec23011a._comment
@@ -0,0 +1,24 @@
+[[!comment format=mdwn
+ ip="37.191.180.161"
+ claimedauthor="Paul Boddie"
+ subject="Audition culture, exploitation, and the failure of &quot;the market&quot;"
+ date="2019-10-17T21:31:11Z"
+ content="""
+There's an [interesting comment](https://lwn.net/Articles/801951/) on that LWN article that sums up a lot of the problem here: it is easier for \"open source companies\" to string people along, question people's commitment or expertise, and to have them constantly auditioning for work that they will never be hired to do. And yet, such practices are almost celebrated in certain \"open source\" communities.
+
+What does that have to do with single-developer projects, you might ask? Well, sometimes these projects come about by people following their own intellectual curiosity and sharing the results with others; sometimes these people buy into the folklore about \"scratching itches\"; but often such things are also done so that people can demonstrate competence and to indicate a strong interest in a particular technological domain.
+
+Having code to show can be a very useful thing when trying to further your career, get hired, and so on, provided that the entity doing the hiring can be bothered to take a look at it. But the world being what it is, it can also help to have connections: people who can profess familiarity with you, your work, your collaborative skills, and so on. Unfortunately, unless those people recognise the value of your project, you'll ultimately have to go and work on their projects instead.
+
+(It can happen that people stumble across independent projects and wish to contribute or improve them, and this has even happened with some of mine. It can also happen that people working for large companies are only interested if you change the licence to something permissive so that they can freeload.)
+
+Since another popular \"open source culture\" pastime involves playing the zero-sum game and trying to get other people to abandon their projects and to contribute to yours (recalling a conference where someone practically went round talks telling speakers to contribute to different projects in that person's own portfolio), it is likely that you will end up either sticking it out in the hope that your own projects remain viable or just going with the flow.
+
+Going with the flow means working on something potentially less rewarding than your own projects in the hope that the outcome will generally be more positive. But it risks being like work without actually getting paid for it. People may prefer to just accept that their own projects are regarded as hobbies by everyone else, but at least they might still enjoy them.
+
+Which leads us back to that commenter. It certainly seems that companies promote contribution to their projects as a way of getting hired: if you do enough interning or auditioning, eventually they might reward you with a position. In communications I have had, such things have been implied, suggested or even actually stated: keep up with your efforts and maybe there is an opportunity to be had.
+
+You don't have to be a prize-winning economist to realise that with enough people wanting to get ahead, there is little incentive for that reward to be granted. The eager brushing off of volunteer effort is also a familiar story in the Free Software realm amongst organisations and projects alike.
+
+All in all, you end up with under-resourced independent projects and potentially over-resourced corporate projects with a handful of under-resourced projects somehow managing to get funded by companies who probably wonder when they can get away with de-funding them. This is presumably \"the market\" doing its thing, to hell with the impact it has on the people involved.
+"""]]

s/python/gtk
diff --git a/blog/2019-10-16-bus-factor.mdwn b/blog/2019-10-16-bus-factor.mdwn
index 0558f896..409de6d2 100644
--- a/blog/2019-10-16-bus-factor.mdwn
+++ b/blog/2019-10-16-bus-factor.mdwn
@@ -11,7 +11,7 @@ any of those projects.
 Now that I have a full time job, I feel the pain. Projects like
 [Gameclock][], [Monkeysign][], [Stressant][], and (to a lesser extent)
 [Wallabako][] all need urgent work: the first three need to be ported
-to Python 3, the first two to Python 2, and the latter will probably
+to Python 3, the first two to GTK 3, and the latter will probably
 die because I am getting a new e-reader. (For the record, more recent
 projects like [undertime][] and [feed2exec][] are doing okay, mostly
 because they were written in Python 3 from the start, and the latter

link to more reflections
diff --git a/blog/2019-10-16-bus-factor.mdwn b/blog/2019-10-16-bus-factor.mdwn
index 059926f6..0558f896 100644
--- a/blog/2019-10-16-bus-factor.mdwn
+++ b/blog/2019-10-16-bus-factor.mdwn
@@ -53,7 +53,13 @@ But unless economics of technology production change significantly in
 the coming decades, this problem will remain, and probably worsen, as
 we keep on scaffolding an entire civilization on shoulders of
 hobbyists that are barely aware their work is being used to power
-phones, cars, airplanes and hospitals.
+phones, cars, airplanes and hospitals. A [lot][] [has][] [been][]
+[written][] on this, but nothing seems to be moving.
+
+[written]: https://medium.com/sustainable-free-and-open-source-communities/we-need-sustainable-free-and-open-source-communities-edf92723d619
+[been]: https://www.vice.com/en_us/article/43zak3/the-internet-was-built-on-the-free-labor-of-open-source-developers-is-that-sustainable
+[has]: https://staltz.com/software-below-the-poverty-line.html
+[lot]: https://onezero.medium.com/the-internet-relies-on-people-working-for-free-a79104a68bcc
 
 And if that doesn't scare you, it damn well should. As a user, one
 thing you can do is, instead of wondering if you should buy a bit of

try to fix link and typo
diff --git a/software.mdwn b/software.mdwn
index 41ce91d8..8a77e96a 100644
--- a/software.mdwn
+++ b/software.mdwn
@@ -21,12 +21,10 @@ Je suis impliqué dans le projet [Monkeysphere](http://monkeysphere.info/) qui v
 Feed2exec
 ---------
 
-J'ai écris un lecteur de fils RSS nommé [feed2exec][] afin de
+J'ai écrit un lecteur de fils RSS nommé [feed2exec](https://gitlab.com/anarcat/feed2exec) afin de
 connecter des fils RSS avec n'importe quoi: courriels, Twitter,
 Mastodon, téléchargements, etc.
 
-[feed2exec]: https://gitlab.com/anarcat/feed2exec
-
 Wallabako
 ---------
 

our bus factor is one
diff --git a/blog/2019-10-16-bus-factor.mdwn b/blog/2019-10-16-bus-factor.mdwn
new file mode 100644
index 00000000..059926f6
--- /dev/null
+++ b/blog/2019-10-16-bus-factor.mdwn
@@ -0,0 +1,82 @@
+[[!meta title="Theory: average bus factor = 1"]]
+
+[Two][] [articles][] recently made me realize that *all* my free
+software projects basically have a [bus factor][] of one. I am the
+sole maintainer of every piece of software I have ever written that I
+still maintain. There *are* projects that I have been the maintainer
+of which have other maintainers now (most notably [AlternC][],
+[Aegir][] and [Linkchecker][]), but I am not the original author of
+any of those projects.
+
+Now that I have a full time job, I feel the pain. Projects like
+[Gameclock][], [Monkeysign][], [Stressant][], and (to a lesser extent)
+[Wallabako][] all need urgent work: the first three need to be ported
+to Python 3, the first two to Python 2, and the latter will probably
+die because I am getting a new e-reader. (For the record, more recent
+projects like [undertime][] and [feed2exec][] are doing okay, mostly
+because they were written in Python 3 from the start, and the latter
+has extensive unit tests. But they do suffer from the occasional
+bitrot (the latter in particular) and need constant upkeep.)
+
+Now that I barely have time to keep up with just the upkeep, I can't
+help but think all of my projects will just die if I stop working on
+them. I have the same feeling about the [packages I maintain in
+Debian][].
+
+What does that mean? Does that mean those packages are useless? That
+no one cares enough to get involved? That I'm not doing a good job at
+including contributors?
+
+I don't think so. I think I'm a friendly person online, and I try my
+best at doing good documentation and followup on my projects. What I
+have come to understand is even more depressing and scary that this
+being a personal failure: that is the situation with everyone,
+everywhere. The LWN article is not talking about silly things like a
+chess clock or a feed reader: we're talking about the Linux input
+drivers. A very deep, core component of the vast majority of computers
+running on the planet, that depend on that single maintainer. And I'm
+not talking about whether those people are paid or not, that's
+related, but not directly the question here. The same realization
+occured with OpenSSL and NTP, GnuPG is in a similar situation, the
+list just goes on and on.
+
+A single guy maintains those projects! Is that a fluke? A statistical
+anomaly? Everything I feel, and read, and know in my decades of
+experience with free software show me a reality that I've been trying
+to deny for all that time: it's the average.
+
+My theory is this: our average bus factor is one. I don't have any
+hard evidence to back this up, no hard research to rely on. I'd love
+to be proven wrong. I'd love for this to change.
+
+But unless economics of technology production change significantly in
+the coming decades, this problem will remain, and probably worsen, as
+we keep on scaffolding an entire civilization on shoulders of
+hobbyists that are barely aware their work is being used to power
+phones, cars, airplanes and hospitals.
+
+And if that doesn't scare you, it damn well should. As a user, one
+thing you can do is, instead of wondering if you should buy a bit of
+proprietary software, consider using free software and donating that
+money to free software projects instead. Lobby governments and
+research institutions to [sponsor only free software
+projects][]. Otherwise this civilization will collapse in a crash of
+spaghetti code before it even has time to [get flooded over][].
+
+[get flooded over]: https://en.wikipedia.org/wiki/The_Year_of_the_Flood
+[sponsor only free software projects]: https://publiccode.eu/
+[bus factor]: https://en.wikipedia.org/wiki/Bus_factor
+[articles]: https://who-t.blogspot.com/2019/10/libinputs-bus-factor-is-1.html
+[Two]: https://lwn.net/Articles/801767/
+[feed2exec]: https://gitlab.com/anarcat/feed2exec/
+[undertime]: https://gitlab.com/anarcat/undertime
+[packages I maintain in Debian]: https://qa.debian.org/developer.php?email=anarcat@debian.org
+[Monkeysign]: https://monkeysign.readthedocs.io/
+[Stressant]: https://stressant.readthedocs.io/
+[Gameclock]: https://gitlab.com/anarcat/gameclock/
+[Wallabako]: https://gitlab.com/anarcat/wallabako/
+[Linkchecker]: https://github.com/linkchecker/linkchecker/
+[Aegir]: https://www.aegirproject.org/
+[AlternC]: https://alternc.org/
+
+[[!tag debian-planet python-planet python software debian]]

managed to get bookworm to work, but it's not so nice
diff --git a/software/desktop/calibre.mdwn b/software/desktop/calibre.mdwn
index 109c2d3f..b31d0dea 100644
--- a/software/desktop/calibre.mdwn
+++ b/software/desktop/calibre.mdwn
@@ -115,8 +115,13 @@ Calibre is...
       doesn't seem to), but fails to load certain ebooks (book #1459
       for example)
     * [Bookworm][] looks very promising, not in Debian ([[!debbug
-      883867]]), but [Flathub][flathub-bookworm].  same problems as
-      GNOME books finding my books (ie. it can't).
+      883867]]), but [Flathub][flathub-bookworm]. scans books on exit,
+      and can take a loong time to scan an entire library (took 24+
+      hours here, and had to kill `pdftohtml` a few times) without a
+      progress bar. but has a nice library browser, although it looks
+      like covers are sorted randomly. search works okay,
+      however. unclear what happens when you add a book, it doesn't
+      end up in the chosen on-disk library.
     * [Buka][] is another "ebook" manager written in Javascript, but
       only supports PDFs for now.
     * [coolreader][] is another alternative, [not yet in Debian

add more of the soundcraft line
diff --git a/hardware/audio.mdwn b/hardware/audio.mdwn
index a48b5926..472de8ee 100644
--- a/hardware/audio.mdwn
+++ b/hardware/audio.mdwn
@@ -96,10 +96,18 @@ XLR and 4 stereo in (for 12 mono in). Only the first two lines have
 inserts. Builtin sd-card recorder with, apparently, 14/4 (14 in, 4
 out) USB support.
 
-The [Soundcraft EPM8][] is very interesting: 430$, with two stero
-output buses and inserts on all 8 XLR/TRS lines. No USB, for that you
-need to bump up to the [Signature 12MTK](https://www.long-mcquade.com/54582/Pro-Audio---Recording/Mixers/Soundcraft/Signature-12MTK-12-Channel-Mixer-with-14-in-12-out-USB-Interface.htm) at 730$ that has 14/12
-USB.
+The [Soundcraft EPM8][] is very interesting: [430$ at L&M][], [360$ at
+steve's][], with two
+stero output buses and inserts on all 8 XLR/TRS lines. No USB, for
+that you need to bump up to the [Signature 12MTK](https://www.long-mcquade.com/54582/Pro-Audio---Recording/Mixers/Soundcraft/Signature-12MTK-12-Channel-Mixer-with-14-in-12-out-USB-Interface.htm) at 730$ that has
+14/12 USB. They also have the equivalent [EFX8][] with a built-in
+effects module, [640$ at L&M][], [540$ at steve's][].
+
+[540$ at steve's]: https://stevesmusic.com/en/soundcraft-efx-8.html
+[360$ at steve's]: https://stevesmusic.com/en/soundcraft-epm-8.html
+[640$ at L&M]: https://www.soundcraft.com/en-US/products/efx8
+[EFX8]: https://www.soundcraft.com/en-US/products/efx8
+[430$ at L&M]: https://www.long-mcquade.com/5620/Pro_Audio_Recording/Mixers/Soundcraft/EPM8_-_8X2_Channel_Mixer.htm
 
 Behringer had a bad reputation over a decade ago, and it seems that
 reputation is still around. They do provide a cheap alternative
@@ -122,7 +130,7 @@ ALSA, but it might be better to just use an analog mixer and feed the
 signal from each unmixed track into an USB audio interface like
 [this](https://www.long-mcquade.com/87374/Pro-Audio---Recording/Audio-Interfaces/Presonus/Studio-68-6-In-8-Out-USB-Audio-Interface.htm), instead of trying to shove everything into a single device.
 
-[Soundcraft EPM8]: https://www.long-mcquade.com/5620/Pro_Audio_Recording/Mixers/Soundcraft/EPM8_-_8X2_Channel_Mixer.htm
+[Soundcraft EPM8]: https://www.soundcraft.com/en-US/products/epm8
 
 There was a lenghty conversation on the [Ardour forums](https://discourse.ardour.org/) about this
 topic, see:

more notes about the note
diff --git a/hardware/tablet.mdwn b/hardware/tablet.mdwn
index e0d9a011..0acf454c 100644
--- a/hardware/tablet.mdwn
+++ b/hardware/tablet.mdwn
@@ -146,6 +146,24 @@ slightly more reasonable:
    TIFF, BMP, WAV, MP3
  * 600$USD
 
+Downsides:
+
+ * [Android 6](http://bbs.onyx-international.com/t/android-upgrade/1827) (!)
+ * Kind of janky Android version: had to hack around to get f-droid
+   installed and the "settings" display is non-standard. but i could
+   get into "developer mode" at least...
+ * [Some compatibility problems with the annotation system](http://bbs.onyx-international.com/t/annotations-with-pen-with-pressure-not-displayed-in-pdf-viewer/1441)
+ * Difficulties syncing with linux at times, [MTP compatibility
+   problems](http://bbs.onyx-international.com/t/onyx-note-pro-not-visible-as-mtp-on-debian-10/1811)?
+ * [Shitty reseller in Canada](http://bbs.onyx-international.com/t/unexpected-delays-and-customs-fees-when-ordering-from-good-ereader/1423) but buying from boox.com seems fine
+   so far
+ * No external sd card
+
+I ended up buying *two* of those (one for a teacher and one for me!
+;), so I guess that means I'm happy with it. My biggest gripe about it
+is the old Android release and weird OS, but the reader is in
+generally excellent.
+
 reMarkable
 ----------
 

some experiences with readers (mupdf and atril failures, mostly)
diff --git a/software/desktop/calibre.mdwn b/software/desktop/calibre.mdwn
index cd4c85ad..109c2d3f 100644
--- a/software/desktop/calibre.mdwn
+++ b/software/desktop/calibre.mdwn
@@ -112,7 +112,8 @@ Calibre is...
    here:
 
     * [Atril][], MATE's version of [Evince][], supports ePUBs (Evince
-      doesn't seem to)
+      doesn't seem to), but fails to load certain ebooks (book #1459
+      for example)
     * [Bookworm][] looks very promising, not in Debian ([[!debbug
       883867]]), but [Flathub][flathub-bookworm].  same problems as
       GNOME books finding my books (ie. it can't).
@@ -136,7 +137,10 @@ Calibre is...
       provides a .deb). It depends on older Firefox releases (or
       "[Pale moon][]", a Firefox fork), see also the [[firefox]]
       XULocalypse for details
-    * [MuPDF][] also reads ePUBs without problems and is really fast
+    * [MuPDF][] also reads ePUBs and is really fast, but the user
+      interface is extremely minimal, and copy-paste doesn't work so
+      well (think "Xpdf"). it also failed to load certain books (e.g.
+      1359) and warns about 3.0 ePUBs (e.g. book 1162)
     * [Okular][] supports ePUBs when `okular-extra-backends` is
       installed
     * [plato][] is another alternative reader for Kobo readers, not in

make a new section on metadata
diff --git a/software/desktop/calibre.mdwn b/software/desktop/calibre.mdwn
index 5192ebac..cd4c85ad 100644
--- a/software/desktop/calibre.mdwn
+++ b/software/desktop/calibre.mdwn
@@ -11,12 +11,19 @@ TL;DR: I'm considering replacing those various [Calibre][] compnents with...
    [Atril][] or [MuPDF][] on the desktop?
  * ebook-editor: [Sigil][].
  * collection browser: [Liber][]? see also [[services/bookmarks]]
+ * metadata editor: no good alternative.
  * device synchronisation: [git-annex][]?
  * RSS reader: [feed2exec][], [wallabako][]
  * ebook web server: [Liber][]?
 
 [git-annex]: https://git-annex.branchable.com/
 
+My biggest blocker that don't really have good alternatives are:
+
+ * collection browser
+ * metadata editor
+ * device sync
+
 See below why and a deeper discussion on all the features.
 
 Problems with Calibre
@@ -211,6 +218,26 @@ Calibre is...
    online articles. See also [[firefox]] (Zotero section) and
    [[bookmarks]] for a longer discussion of that problem.
 
+ * a **metadata editor**: the "collection browser" is based on a lot
+   of metadata that Calibre indexes from the books. It can magically
+   find a lot of stuff in the multitude of file formats it supports,
+   something that is pretty awesome and impressive. For example, I
+   just added a PDF file, and it found the book cover, author,
+   publication date, publisher, language and the original mobi book id
+   (!). It also added the book in the right directory and dumped that
+   metadata and the cover in a file next to the book. And if that's
+   not good enough, it can poll that data from various online sources
+   like Amazon, and Google books.
+   
+   Maybe the [work Peter Keel did][] could be useful in creating some
+   tool which would do this automatically? Or maybe [Sigil][] could
+   help? [Liber][] can also fetch metadata from Google books, but not
+   interactively.
+   
+   I still use Calibre mostly for this.
+
+[work Peter Keel did]: https://seegras.discordia.ch/Blog/life-with-calibre/
+
  * a **device synchronization tool** : I mostly use Calibre to
    synchronize books with an ebook-reader. It can also automatically
    update the database on the ebook with relevant metadata

problème réseau
diff --git "a/services/r\303\251seau.mdwn" "b/services/r\303\251seau.mdwn"
index 879888ac..24388a46 100644
--- "a/services/r\303\251seau.mdwn"
+++ "b/services/r\303\251seau.mdwn"
@@ -5,7 +5,12 @@ Update: ipv6 and dns work better with new router. see good test page: <http://en
 Problèmes connus
 ================
 
- * <del>le réseau [[IPv6]] est intermittent</del> semble être résolu avec teksavvy
+ * le réseau [[IPv6]] est intermittent, <del>semble être résolu avec
+   teksavvy</del> nope, IPv6 tombe environ une fois par mois (à
+   vérifier), cliquer sur "reconnect" de l'interface `WAN6` dans le
+   GUI règle le problème. selon [ce bout de code](https://github.com/openwrt/luci/blob/e712a8a4ac896189c333400134e00977912a918a/modules/luci-mod-network/luasrc/controller/admin/network.lua#L169-L176), il suffirait de
+   faire un `env -i /sbin/ifup %s >/dev/null 2>/dev/null` où `%s` est
+   l'interface réseau. à tester.
  * <del>la qualité de la bande passante varie avec les conditions météo</del> semble être résolu avec le VDSL
  * certaines requêtes DNS échouent, voir [[DNS]] pour les détails
  * le reverse DNS IPv6 ne fonctionne pas, voir mon [review the TSI](https://www.dslreports.com/forum/r30473265-Review)

add toc
diff --git a/hardware/monitor.mdwn b/hardware/monitor.mdwn
index cc492edf..4b29ad00 100644
--- a/hardware/monitor.mdwn
+++ b/hardware/monitor.mdwn
@@ -1,3 +1,5 @@
+[[!toc levels=2]]
+
 [Monitors](https://en.wikipedia.org/wiki/Computer_monitor) are devices that display information visually. They can
 include speakers and other connectors like USB. They were connected
 through [VGA][] connectors for the long time, but that has generally

Added a comment: Or an epub to HTML converter plus lynx…
diff --git a/software/desktop/calibre/comment_14_2c5c0cfd7d55143e984d8b6efd81db3f._comment b/software/desktop/calibre/comment_14_2c5c0cfd7d55143e984d8b6efd81db3f._comment
new file mode 100644
index 00000000..fd51f261
--- /dev/null
+++ b/software/desktop/calibre/comment_14_2c5c0cfd7d55143e984d8b6efd81db3f._comment
@@ -0,0 +1,13 @@
+[[!comment format=mdwn
+ ip="89.1.20.66"
+ claimedauthor="mirabilos"
+ url="http://www.mirbsd.org/music/free/"
+ subject="Or an epub to HTML converter plus lynx…"
+ date="2019-10-10T16:40:32Z"
+ content="""
+I wrote this small shellscript for myself…
+
+http://www.mirbsd.org/cvs.cgi/contrib/hosted/tg/unepub?rev=HEAD
+
+… which unzips an EPUB file and converts the toc.nxc into an index.htm which I can then use with lynx (the standard text mode webbrowser).
+"""]]

Added a comment: Finally, someone says it!
diff --git a/blog/2019-10-06-native-apps-matter/comment_3_d8c3805fa8d311666364a2bb75597cd8._comment b/blog/2019-10-06-native-apps-matter/comment_3_d8c3805fa8d311666364a2bb75597cd8._comment
new file mode 100644
index 00000000..4b30fba4
--- /dev/null
+++ b/blog/2019-10-06-native-apps-matter/comment_3_d8c3805fa8d311666364a2bb75597cd8._comment
@@ -0,0 +1,9 @@
+[[!comment format=mdwn
+ ip="89.1.20.66"
+ claimedauthor="mirabilos"
+ url="http://www.mirbsd.org/music/free/"
+ subject="Finally, someone says it!"
+ date="2019-10-10T16:36:54Z"
+ content="""
+Thanks, much appreciated. I’ve been trying to get this point across for ages…
+"""]]

more latency notes
diff --git a/blog/2018-05-04-terminal-emulators-2/comment_2_f550f0e759d53438e60f6df5e3b28b59._comment b/blog/2018-05-04-terminal-emulators-2/comment_2_f550f0e759d53438e60f6df5e3b28b59._comment
new file mode 100644
index 00000000..219c91e0
--- /dev/null
+++ b/blog/2018-05-04-terminal-emulators-2/comment_2_f550f0e759d53438e60f6df5e3b28b59._comment
@@ -0,0 +1,7 @@
+[[!comment format=mdwn
+ username="anarcat"
+ subject="""Dan Luu's Terminal Latency"""
+ date="2019-10-10T13:30:14Z"
+ content="""
+I don't know how I managed to write this article without quoting *this* specific article from Dan Luu. I somehow managed to see Luu's [terminal latency](https://danluu.com/term-latency/) post, but I just missed the [input latency](https://danluu.com/input-lag/) one. It's just such an eye-opener: we keep on thinking computers get faster and faster while, in reality, they are getting *slower*. The Apple 2e, one of the first personal computers ever built in 1983, had a 30ms input latency. A Thinkpad Carbon X1 laptop running Linux had, in comparison, 170ms input latency. That's just crazy.
+"""]]
diff --git a/hardware/monitor.mdwn b/hardware/monitor.mdwn
index d2aff83c..cc492edf 100644
--- a/hardware/monitor.mdwn
+++ b/hardware/monitor.mdwn
@@ -50,7 +50,7 @@ Full gamut
 Normal
 ------
 
- * [Viewsonic VP2768](https://www.viewsonic.com/us/monitors/shop/professional-monitors/vp2768.html#specs)
+ * [Viewsonic VP2768 27" WQHD 14ms GTG](https://www.viewsonic.com/us/monitors/shop/professional-monitors/vp2768.html#specs)
  * [Dell 27" WQHD 144Hz 1ms GTG TN LED G-SYNC Gaming Monitor
    (S2716DG) - Black](https://www.bestbuy.ca/en-ca/product/dell-dell-27-wqhd-144hz-3ms-gtg-tn-led-g-sync-gaming-monitor-s2716dg-black-s2716dg/10409157) (bestbuy: 450$)
  * [DELL 27" 2ms 144Hz AMD FreeSync Gaming Monitor DisplayPort, HDMI,
@@ -58,6 +58,51 @@ Normal
    computers: 270$)
  * [Dell U2419H 24" Ultrasharp LED Monitor 1920 x 1080 - IPS](https://www.canadacomputers.com/product_info.php?cPath=22_1195_700_1103&item_id=133314):
    (Canada computers: $320, special order)
+ * [Philips Moniteur 276E8VJSB 27 po, IPS 4K UHD 3840 x 2160, 60Hz,
+   5ms](https://www.bureauengros.ca/products/2939812-fr-philips-moniteur-276e8vjsb-27-po-ips-4k-uhd-3840-x-2160-60hz-5ms) (BEG: 380$)
+
+Note on latency
+---------------
+
+Latency might seem like a trivial concern for a non-gamer, but it
+actually matters. In their [Typing with pleasure](https://pavelfatin.com/typing-with-pleasure/#output-latency) article, Pavel
+Fatin explains that even 1ms delays matter. In my [[terminal emulators
+review|blog/2018-05-04-terminal-emulators-2/#latency]], I argue that
+we should follow the GNOME HIG that sets the bar at 10ms. Considering
+that my main work tool (Emacs) has a mean *input* latency of around
+5ms, adding 5ms latency to the *output*, just through the monitor, is
+unacceptable.
+
+So I'll set the bar, arbitrarily, at 2ms, but ideal this would be 1ms
+or below. 
+
+Keep in mind that the best total input latency for a computer is
+currently at 30, with the Apple IIe, [according to Dan Luu](https://danluu.com/input-lag/). But
+that takes into account the entire processing cycle, which includes
+input, processing and output, if we adhere to Fatin's vocabulary. The
+benchmarks I performed in my blog post concern only the *processing*
+side of things, as we don't physically bash on the keyboard to
+generate those keypresses. In other words, assuming a 2ms latency in
+the monitor and 5ms in Emacs, what we actually have is:
+
+| Source | Latency | Notes |
+| ------ | ------- | ----- |
+| Input  | 14 ms   | Fatin, section 2.1, avergge |
+| Emacs  | 5 ms    | Anarcat, section 1, rounded mean |
+| Screen refresh | 8 ms | Fatin, section 2.3, average with 60Hz monitor |
+| Pixel response | 2 ms | Assumption, above |
+| Total  | 29 ms |
+
+So *in theory*, with a 2ms monitor and best conditions in Emacs, we
+should rival the Apple IIe input latency. In practice, considering
+Luu's results, it's very likely that I'm missing some numbers here and
+latency is actually much higher.
+
+In any case, that's way beyond the 10ms objective, so it makes sense
+to reduce the monitor latency if possible. In fact, when looking at
+this, one has to wonder if the [[keyboard]] would be a better place to
+look for latency improvements. After all 7 ms spent in debouncing
+seems pretty horrible...
 
 Resources
 =========

more notes abouve vimium and tridactyl
diff --git a/software/desktop/firefox.mdwn b/software/desktop/firefox.mdwn
index d2e90c68..c026869e 100644
--- a/software/desktop/firefox.mdwn
+++ b/software/desktop/firefox.mdwn
@@ -83,10 +83,17 @@ I am testing those and they might make it to the top list once I'm happy:
    good enough for my purposes.
  * [Livemarks](https://addons.mozilla.org/en-US/firefox/addon/livemarks/) (no deb, [source](https://github.com/nt1m/livemarks)) or [Awesome RSS](https://addons.mozilla.org/en-US/firefox/addon/awesome-rss/) (no deb,
    [source](https://github.com/shgysk8zer0/awesome-rss)) - replace the [Live bookmarks removal](https://support.mozilla.org/en-US/kb/live-bookmarks-migration)
- * [tridactyl](https://github.com/tridactyl/tridactyl) - to use the web browser without the mouse. was
-   [pulled out of AMO][] for a policy violation, might return but in
-   the meantime, i'm trying out [vimium][]. also see the [builtin Firefox shortcuts][]
-
+ * [tridactyl][] - to use the web browser without the mouse. was
+   [pulled from AMO][] for a policy violation, might return but in the
+   meantime, i'm trying out [vimium][], which has the major problem of
+   not entering the "edit mode" (where keybindings are not effective)
+   in text areas, or at least in etherpad. tridactyl has its own
+   annoyances though, like <kbd>C-f</kbd> being bound to "page
+   down". this can be disabled with `:unbind <C-f>`. also see the
+   [builtin Firefox shortcuts][] and the `pentadactyl` entry in the
+   XULocalypse section below
+
+[tridactyl]: https://github.com/tridactyl/tridactyl
 [builtin Firefox shortcuts]: https://support.mozilla.org/en-US/kb/keyboard-shortcuts-perform-firefox-tasks-quickly
 [vimium]: https://github.com/philc/vimium
 [Multi-account containers]: https://github.com/mozilla/multi-account-containers/
@@ -190,7 +197,7 @@ And here are the replacements I have found:
  * [web developer](https://addons.mozilla.org/en-US/firefox/addon/web-developer/): ported
  * [vimperator][]: a few [vimperator alternatives][] have popped
    up. [tridactyl][] was the most prominent one, but was also [pulled
-   from AMO][] for a policy violation. [vimium fx][] and [vim-vixen][]
+   from AMO][] for a policy violation. [vimium-ff][] and [vim-vixen][]
    seem like the only working alternatives right now, although the
    vimperator folks say they lack some features, I couldn't figure out
    which. [pentadactyl][] is the father to all of those, but seems to
@@ -202,7 +209,7 @@ And here are the replacements I have found:
 [vim-vixen]: https://github.com/ueokande/vim-vixen
 [vimfx]: https://github.com/akhodakivskiy/VimFx
 [pentadactyl]: http://web.archive.org/web/20171019152504/http://5digits.org/pentadactyl/
-[vimium fx]: https://addons.mozilla.org/en-US/firefox/addon/vimium-ff/?src=search
+[vimium-ff]: https://addons.mozilla.org/en-US/firefox/addon/vimium-ff/
 [salsa key]: https://addons.mozilla.org/en-US/firefox/addon/saka-key/
 [pulled from AMO]: https://github.com/tridactyl/tridactyl/issues/1800
 [vimperator alternatives]: https://github.com/vimperator/vimperator-labs#end-of-life-and-alternatives

another local provider
diff --git a/hardware/laptop.mdwn b/hardware/laptop.mdwn
index 30986b1b..8deac924 100644
--- a/hardware/laptop.mdwn
+++ b/hardware/laptop.mdwn
@@ -487,5 +487,6 @@ Fournisseurs
 * [Encan Dépôt](http://www.encandepot.com/) - same, across the street
 * [mike's computer shop](https://www.mikescomputershop.com/) - cheap canada seller
 * [canada computers](http://www.canadacomputers.com) - famous toronto computer shop?
+* [CIPC](https://cipc.com/) - another local shop!
 
 [[!tag research]]

fix markup
diff --git a/software/desktop/calibre/comment_12_7fb6eea9ecee3af73a888dd95069e318._comment b/software/desktop/calibre/comment_12_7fb6eea9ecee3af73a888dd95069e318._comment
index 72b9992d..16387790 100644
--- a/software/desktop/calibre/comment_12_7fb6eea9ecee3af73a888dd95069e318._comment
+++ b/software/desktop/calibre/comment_12_7fb6eea9ecee3af73a888dd95069e318._comment
@@ -4,15 +4,17 @@
  date="2019-10-09T17:03:35Z"
  content="""
 Yeah, I noticed some problems with Calibre as well, in 2013.
-https://seegras.discordia.ch/Blog/life-with-calibre/
+
+<https://seegras.discordia.ch/Blog/life-with-calibre/>
 
 I've written some software then, mainly to speed up extraction
 of epub-metatags by a factor of 100(!), but it's grown into 
-a veritable zoo of scripts. You can find them on my 
-https://github.com/Seegras/ site. Mainly:
-- https://github.com/Seegras/epub-meta
-- https://github.com/Seegras/metatags
-might be helpful. 
+a veritable zoo of scripts. You can find them on [my site](https://github.com/Seegras). Mainly:
+
+* https://github.com/Seegras/epub-meta
+* https://github.com/Seegras/metatags
+
+... might be helpful. 
 
 In any case, your posting helped me too, if for not other reason
 than I know now that atril can read epubs; but hopefully this 

move comments to right post
diff --git a/blog/2019-10-08-libreoffice-pdf-batch/comment_3_7fb6eea9ecee3af73a888dd95069e318._comment b/software/desktop/calibre/comment_12_7fb6eea9ecee3af73a888dd95069e318._comment
similarity index 100%
rename from blog/2019-10-08-libreoffice-pdf-batch/comment_3_7fb6eea9ecee3af73a888dd95069e318._comment
rename to software/desktop/calibre/comment_12_7fb6eea9ecee3af73a888dd95069e318._comment
diff --git a/blog/2019-10-08-libreoffice-pdf-batch/comment_4_b7456d39f03e9e2ad870e946778c0afd._comment b/software/desktop/calibre/comment_13_b7456d39f03e9e2ad870e946778c0afd._comment
similarity index 100%
rename from blog/2019-10-08-libreoffice-pdf-batch/comment_4_b7456d39f03e9e2ad870e946778c0afd._comment
rename to software/desktop/calibre/comment_13_b7456d39f03e9e2ad870e946778c0afd._comment

response
diff --git a/blog/2019-10-08-libreoffice-pdf-batch/comment_4_b7456d39f03e9e2ad870e946778c0afd._comment b/blog/2019-10-08-libreoffice-pdf-batch/comment_4_b7456d39f03e9e2ad870e946778c0afd._comment
new file mode 100644
index 00000000..79c1e347
--- /dev/null
+++ b/blog/2019-10-08-libreoffice-pdf-batch/comment_4_b7456d39f03e9e2ad870e946778c0afd._comment
@@ -0,0 +1,7 @@
+[[!comment format=mdwn
+ username="anarcat"
+ subject="""git-annex"""
+ date="2019-10-09T17:04:35Z"
+ content="""
+Re. git-annex, nothing special. I had some hacks to make it ignore the .db file, because Calibre would be really upset if it can't open (ie. write) to the database. But now with "unlocked mode", it's not really a problem anymore.
+"""]]

add comment i got by email, after approval
diff --git a/blog/2019-10-08-libreoffice-pdf-batch/comment_3_7fb6eea9ecee3af73a888dd95069e318._comment b/blog/2019-10-08-libreoffice-pdf-batch/comment_3_7fb6eea9ecee3af73a888dd95069e318._comment
new file mode 100644
index 00000000..72b9992d
--- /dev/null
+++ b/blog/2019-10-08-libreoffice-pdf-batch/comment_3_7fb6eea9ecee3af73a888dd95069e318._comment
@@ -0,0 +1,27 @@
+[[!comment format=mdwn
+ username="Peter Keel"
+ subject="""Calibre replacements"""
+ date="2019-10-09T17:03:35Z"
+ content="""
+Yeah, I noticed some problems with Calibre as well, in 2013.
+https://seegras.discordia.ch/Blog/life-with-calibre/
+
+I've written some software then, mainly to speed up extraction
+of epub-metatags by a factor of 100(!), but it's grown into 
+a veritable zoo of scripts. You can find them on my 
+https://github.com/Seegras/ site. Mainly:
+- https://github.com/Seegras/epub-meta
+- https://github.com/Seegras/metatags
+might be helpful. 
+
+In any case, your posting helped me too, if for not other reason
+than I know now that atril can read epubs; but hopefully this 
+calibre issue leads to more epub-related software packaged for
+debian.
+
+lucidor, btw., was nice, but it's ancient. Not worth porting
+anymore.
+
+BTW: you're managing your books in git-annex? How does that work
+exactly? I'm interested to read another blog-posting about that ;).
+"""]]

response
diff --git a/blog/2019-10-08-libreoffice-pdf-batch/comment_2_1bd2e99a6b1199068b709dc6612dfcfe._comment b/blog/2019-10-08-libreoffice-pdf-batch/comment_2_1bd2e99a6b1199068b709dc6612dfcfe._comment
new file mode 100644
index 00000000..5ba04f8c
--- /dev/null
+++ b/blog/2019-10-08-libreoffice-pdf-batch/comment_2_1bd2e99a6b1199068b709dc6612dfcfe._comment
@@ -0,0 +1,49 @@
+[[!comment format=mdwn
+ username="anarcat"
+ subject="""alternatives"""
+ date="2019-10-09T14:50:46Z"
+ content="""
+> Is that not precisely the idea of unoconv? plus it converts to many other formats and handles the headless server very nicely...
+
+[unoconv][], sure, why not. [Someone][] also suggested
+[lloconv][]. There's also [Pandoc][] that could probably do this as
+well.
+
+The thing is none of those have file manager integration. Plus, it's
+extra software to install. I want the simplest possible instructions,
+targeting novice Linux users, which means as little (commandline, in
+particular) work as possible. Installing new packages is therefore
+superfluous.
+
+By the way, I suspect the above instructions I made *do* reuse
+existing Libreoffice instances if they are already running. I might be
+wrong, but it seems faster with than without... 
+
+Without LibreOffice running:
+
+    ===> multitime results
+    1: libreoffice --headless --convert-to pdf impots.ods
+                Mean        Std.Dev.    Min         Median      Max
+    real        1.726       0.061       1.671       1.695       1.876       
+    user        1.258       0.050       1.208       1.244       1.362       
+    sys         0.226       0.023       0.180       0.231       0.257
+
+
+With LibreOffice running:
+
+    ===> multitime results
+    1: libreoffice --headless --convert-to pdf impots.ods
+                Mean        Std.Dev.    Min         Median      Max
+    real        0.411       0.033       0.367       0.398       0.468       
+    user        0.014       0.006       0.005       0.013       0.022       
+    sys         0.012       0.007       0.001       0.012       0.023
+
+So thanks everyone for the recommendations, those are very useful
+tools! But I think LibreOffice's builtin commandline is fine for this
+purpose for now.
+
+[Pandoc]: https://pandoc.org/
+[unoconv]: http://dag.wiee.rs/home-made/unoconv/
+[lloconv]: https://gitlab.com/ojwb/lloconv
+[Someone]: https://framapiaf.org/@boutil/102928777691782064
+"""]]

fix tag typo
diff --git a/blog/2019-10-08-libreoffice-pdf-batch.mdwn b/blog/2019-10-08-libreoffice-pdf-batch.mdwn
index f72146e3..0bb3b4f0 100644
--- a/blog/2019-10-08-libreoffice-pdf-batch.mdwn
+++ b/blog/2019-10-08-libreoffice-pdf-batch.mdwn
@@ -37,4 +37,4 @@ file (or anything supported by LibreOffice, really) into PDF.
 Now I wonder if this would be a useful addition to the Debian package,
 anyone?
 
-[[!tag debian-planet hack pdf planet-python debian]]
+[[!tag debian-planet hack pdf python-planet debian]]
diff --git a/tag/planet-python.mdwn b/tag/planet-python.mdwn
deleted file mode 100644
index aaab89f8..00000000
--- a/tag/planet-python.mdwn
+++ /dev/null
@@ -1,4 +0,0 @@
-[[!meta title="pages tagged planet-python"]]
-
-[[!inline pages="tagged(planet-python)" actions="no" archive="yes"
-feedshow=10]]

Added a comment: Why not unoconv?
diff --git a/blog/2019-10-08-libreoffice-pdf-batch/comment_1_8cef74cc8613d5ab8f65b9f568256b12._comment b/blog/2019-10-08-libreoffice-pdf-batch/comment_1_8cef74cc8613d5ab8f65b9f568256b12._comment
new file mode 100644
index 00000000..4342faee
--- /dev/null
+++ b/blog/2019-10-08-libreoffice-pdf-batch/comment_1_8cef74cc8613d5ab8f65b9f568256b12._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ ip="88.144.55.174"
+ claimedauthor="Anonymous coward"
+ subject="Why not unoconv?"
+ date="2019-10-08T21:02:54Z"
+ content="""
+Is that not precisely the idea of unoconv? plus it converts to many other formats and handles the headless server very nicely...
+"""]]

creating tag page tag/planet-python
diff --git a/tag/planet-python.mdwn b/tag/planet-python.mdwn
new file mode 100644
index 00000000..aaab89f8
--- /dev/null
+++ b/tag/planet-python.mdwn
@@ -0,0 +1,4 @@
+[[!meta title="pages tagged planet-python"]]
+
+[[!inline pages="tagged(planet-python)" actions="no" archive="yes"
+feedshow=10]]

creating tag page tag/pdf
diff --git a/tag/pdf.mdwn b/tag/pdf.mdwn
new file mode 100644
index 00000000..ca55ed8f
--- /dev/null
+++ b/tag/pdf.mdwn
@@ -0,0 +1,4 @@
+[[!meta title="pages tagged pdf"]]
+
+[[!inline pages="tagged(pdf)" actions="no" archive="yes"
+feedshow=10]]

libreoffice batch hack
diff --git a/blog/2019-10-08-libreoffice-pdf-batch.mdwn b/blog/2019-10-08-libreoffice-pdf-batch.mdwn
new file mode 100644
index 00000000..f72146e3
--- /dev/null
+++ b/blog/2019-10-08-libreoffice-pdf-batch.mdwn
@@ -0,0 +1,40 @@
+[[!meta title="Tip of the day: batch PDF conversion with LibreOffice"]]
+
+Someone asked me today why they couldn't write on the [DOCX][]
+document they received from a student using the pen in their [Onyx
+Note Pro][] reader. The answer, of course, is that while the Onyx can
+read those files, it can't annotate them: that only works with PDFs.
+
+[Onyx Note Pro]: https://onyxboox.com/boox_notepro
+[DOCX]: https://en.wikipedia.org/wiki/Office_Open_XML
+
+Next question then, is of course: do I really need to open each file
+separately and save them as PDF? That's going to take forever, I have
+30 students per class!
+
+> *Fear not, shell scripting and headless mode flies in to the rescue!*
+
+As it turns out, one of the [Libreoffice parameters][] allow you to
+run batch operations on files. By calling:
+
+    libreoffice --headless --convert-to pdf *.docx
+
+[Libreoffice parameters]: https://help.libreoffice.org/Common/Starting_the_Software_With_Parameters
+
+LibreOffice will happily convert all the `*.docx` files in the current
+directory to PDF. But because navigating the commandline can be hard,
+I figured I could push this a tiny little bit further and wrote the
+following script:
+
+    #!/bin/sh
+    
+    exec libreoffice --headless --convert-to pdf "$@"
+
+Drop this in `~/.local/share/nautilus/scripts/libreoffice-pdf`, mark
+it executable, and voilà! You can batch-convert basically any text
+file (or anything supported by LibreOffice, really) into PDF.
+
+Now I wonder if this would be a useful addition to the Debian package,
+anyone?
+
+[[!tag debian-planet hack pdf planet-python debian]]

link to other shortcuts
diff --git a/software/desktop/firefox.mdwn b/software/desktop/firefox.mdwn
index 27773f4a..d2e90c68 100644
--- a/software/desktop/firefox.mdwn
+++ b/software/desktop/firefox.mdwn
@@ -85,8 +85,9 @@ I am testing those and they might make it to the top list once I'm happy:
    [source](https://github.com/shgysk8zer0/awesome-rss)) - replace the [Live bookmarks removal](https://support.mozilla.org/en-US/kb/live-bookmarks-migration)
  * [tridactyl](https://github.com/tridactyl/tridactyl) - to use the web browser without the mouse. was
    [pulled out of AMO][] for a policy violation, might return but in
-   the meantime, i'm trying out [vimium][].
+   the meantime, i'm trying out [vimium][]. also see the [builtin Firefox shortcuts][]
 
+[builtin Firefox shortcuts]: https://support.mozilla.org/en-US/kb/keyboard-shortcuts-perform-firefox-tasks-quickly
 [vimium]: https://github.com/philc/vimium
 [Multi-account containers]: https://github.com/mozilla/multi-account-containers/
 

promote browserpass, display-anchors and url-to-qrcode
diff --git a/software/desktop/firefox.mdwn b/software/desktop/firefox.mdwn
index 3eb62c3b..27773f4a 100644
--- a/software/desktop/firefox.mdwn
+++ b/software/desktop/firefox.mdwn
@@ -24,14 +24,25 @@ or have used in the past.
 
 I have those extensions installed and use them very frequently:
 
+ * [browserpass-ce](https://addons.mozilla.org/en-US/firefox/addon/browserpass-ce/) ([[!debpkg webext-browserpass desc="debian
+   package"]], [source](https://github.com/browserpass/browserpass)) - super fast access to my passwords. use
+   some magic mumble-jumble message passing thing which feels a bit
+   creepy.
+ * [display anchors](https://addons.mozilla.org/en-US/firefox/addon/display-_anchors/) (no deb, [source](https://github.com/Rob--W/display-anchors))
  * [GhostText][] (no debian package, [#910289](https://bugs.debian.org/910289), [source](https://github.com/GhostText/GhostText))- "It's all text" replacement
  * [uBlock Origin][] ([[!debpkg webext-ublock-origin desc="debian
    package"]], [source](https://github.com/gorhill/uBlock)) - making the web sane again
- * [uMatrix][] (no debian package, [#891859](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891859), [source](https://github.com/gorhill/uMatrix)) - making the web
-   somewhat safe again
+ * [uMatrix][] ([[!debpkg webext-umatrix desc="debian package"]],
+   [source](https://github.com/gorhill/uMatrix)) - making the web somewhat safe again
  * [Wallabager][] (no debian package, [source](https://github.com/wallabag/wallabagger)) - to YOLO a bunch
    of links in a pile outside my web browser that I can read offline
    thanks to [Wallabako](https://gitlab.com/anarcat/wallabako/)
+ * [URL to QR Code](https://addons.mozilla.org/en-US/firefox/addon/url-to-qrcode/?src=search) - (no debian package, [source](https://github.com/smoqadam/url-to-qrcode-firefox-addon)) after
+   kicking out that proprietary spyware (!! see below), I found about
+   6 different alternatives (this one and [1](https://addons.mozilla.org/en-US/firefox/addon/qr-code-util/), [2](https://addons.mozilla.org/en-US/firefox/addon/fxqrl/), [3](https://addons.mozilla.org/en-US/firefox/addon/ffqrcoder/),
+   [4](https://addons.mozilla.org/en-US/firefox/addon/qrify/), [5](https://addons.mozilla.org/en-US/firefox/addon/qr-coder/) - what is wrong with you people??) This is the most
+   popular, reviews are mostly positive, seems to be working offline,
+   has a free license, and source is available. Super simple too.
 
 [Wallabager]: https://addons.mozilla.org/en-US/firefox/addon/wallabagger/
 [uMatrix]: https://addons.mozilla.org/firefox/addon/umatrix/
@@ -48,11 +59,6 @@ Ideally, all of those should be packaged for Debian.
 
 I am testing those and they might make it to the top list once I'm happy:
 
- * [browserpass-ce](https://addons.mozilla.org/en-US/firefox/addon/browserpass-ce/) ([[!debpkg webext-browserpass desc="debian
-   package"]], [source](https://github.com/browserpass/browserpass)) - super fast access to my passwords. use
-   some magic mumble-jumble message passing thing which feels a bit
-   creepy.
- * [display anchors](https://addons.mozilla.org/en-US/firefox/addon/display-_anchors/) (no deb, [source](https://github.com/Rob--W/display-anchors))
  * [Multi-account containers][] (no deb, [source](https://github.com/mozilla/multi-account-containers/)) - kind of
    useful, but also a bit strange: impossible to assign an existing
    tab to a container, UI is very clikety (can't open a
@@ -60,12 +66,6 @@ I am testing those and they might make it to the top list once I'm happy:
    on the "+" tab button to choose container.
  * [Open in Browser](https://addons.mozilla.org/en-US/firefox/addon/open-in-browser/) (no deb, [source](https://github.com/Rob--W/open-in-browser)) - reopen the file in the
    browser instead of downloading
- * [URL to QR Code](https://addons.mozilla.org/en-US/firefox/addon/url-to-qrcode/?src=search) - (no debian package, [source](https://github.com/smoqadam/url-to-qrcode-firefox-addon)) after
-   kicking out that proprietary spyware (!! see below), I found about
-   6 different alternatives (this one and [1](https://addons.mozilla.org/en-US/firefox/addon/qr-code-util/), [2](https://addons.mozilla.org/en-US/firefox/addon/fxqrl/), [3](https://addons.mozilla.org/en-US/firefox/addon/ffqrcoder/),
-   [4](https://addons.mozilla.org/en-US/firefox/addon/qrify/), [5](https://addons.mozilla.org/en-US/firefox/addon/qr-coder/) - what is wrong with you people??) This is the most
-   popular, reviews are mostly positive, seems to be working offline,
-   has a free license, and source is available. Super simple too.
  * [Smart HTTPS](https://addons.mozilla.org/en-US/firefox/addon/smart-https-revived/) (no deb, [source](https://github.com/ilGur1132/Smart-HTTPS)) - some use [HTTPS
    everywhere](https://www.eff.org/https-everywhere) but i find that one works too and doesn't require
    sites to be added to a list. nowadays, https URLs match http URLs

sort software list and add details
diff --git a/software/desktop/calibre.mdwn b/software/desktop/calibre.mdwn
index 1cfc7db5..5192ebac 100644
--- a/software/desktop/calibre.mdwn
+++ b/software/desktop/calibre.mdwn
@@ -104,33 +104,38 @@ Calibre is...
    ebook-readers, on different platforms, that can replace Calibre
    here:
 
-    * [Atril][], MATE's version of Evince, supports ePUBs (Evince
-      doesn't)
-    * [MuPDF][] also reads ePUBs without problems and is really fast
-    * [fbreader][] also supports ePUBs, but is much slower than all
-      those others
-    * Emacs (of course) supports ebooks through [nov.el][]
-    * [Okular][] apparently supports ePUBs, but I must be missing a
-      library because it doesn't actually work here
+    * [Atril][], MATE's version of [Evince][], supports ePUBs (Evince
+      doesn't seem to)
+    * [Bookworm][] looks very promising, not in Debian ([[!debbug
+      883867]]), but [Flathub][flathub-bookworm].  same problems as
+      GNOME books finding my books (ie. it can't).
+    * [Buka][] is another "ebook" manager written in Javascript, but
+      only supports PDFs for now.
     * [coolreader][] is another alternative, [not yet in Debian
       (#715470)][]
-    * [lucidor][] also looks interesting, but is not packaged in
-      Debian either (although upstream provides a .deb) and depends on
-      older Firefox releases (or "[Pale moon][]", a Firefox fork)
-    * [koreader][] and [plato][] are good alternatives for the Kobo
-      reader (although koreader also now has builds for Debian)
+    * Emacs (of course) supports ebooks through [nov.el][]
+    * [fbreader][] also supports ePUBs, but is much slower than all
+      those others, and turned proprietary so is unmaintained
+    * [Foliate][] looks gorgeous and is built on top of the ePUB.js
+      library, not in Debian, but [Flathub][flathub-foliate].
     * [GNOME Books][] is interesting, but relies on the GNOME search
       engine and doesn't find my books (and instead lots of other
       garbage). it's been described as "basic" and "the least mature"
       in [this OMG Ubuntu review][]
-    * [Bookworm][] looks very promising, not in Debian ([[!debbug
-      883867]]), but [Flathub][flathub-bookworm]
-    * [Foliate][] looks gorgeous and is built on top of the ePUB.js
-      library, not in Debian, but [Flathub][flathub-foliate]. same
-      problems as GNOME books finding my books (ie. it can't).
-    * [Buka][] is another "ebook" manager written in Javascript, but
-      only supports PDFs for now
+    * [koreader][] is a good alternative reader for the Kobo devices
+      and now also has builds for Debian, but no Debian package
+    * [lucidor][] is a Firefox extension that can read an organize
+      books, but is not packaged in Debian either (although upstream
+      provides a .deb). It depends on older Firefox releases (or
+      "[Pale moon][]", a Firefox fork), see also the [[firefox]]
+      XULocalypse for details
+    * [MuPDF][] also reads ePUBs without problems and is really fast
+    * [Okular][] supports ePUBs when `okular-extra-backends` is
+      installed
+    * [plato][] is another alternative reader for Kobo readers, not in
+      Debian
 
+[Evince]: https://wiki.gnome.org/Apps/Evince
 [flathub-bookworm]: https://www.flathub.org/apps/details/com.github.babluboy.bookworm
 [Buka]: https://github.com/oguzhaninan/Buka
 [flathub-foliate]: https://www.flathub.org/apps/details/com.github.johnfactotum.Foliate

more notes about bookworm
diff --git a/software/desktop/calibre.mdwn b/software/desktop/calibre.mdwn
index baf15123..1cfc7db5 100644
--- a/software/desktop/calibre.mdwn
+++ b/software/desktop/calibre.mdwn
@@ -123,12 +123,15 @@ Calibre is...
       engine and doesn't find my books (and instead lots of other
       garbage). it's been described as "basic" and "the least mature"
       in [this OMG Ubuntu review][]
-    * [Bookworm][] looks very promising
+    * [Bookworm][] looks very promising, not in Debian ([[!debbug
+      883867]]), but [Flathub][flathub-bookworm]
     * [Foliate][] looks gorgeous and is built on top of the ePUB.js
-      library, not in Debian, but [Flathub][flathub-foliate]
+      library, not in Debian, but [Flathub][flathub-foliate]. same
+      problems as GNOME books finding my books (ie. it can't).
     * [Buka][] is another "ebook" manager written in Javascript, but
       only supports PDFs for now
 
+[flathub-bookworm]: https://www.flathub.org/apps/details/com.github.babluboy.bookworm
 [Buka]: https://github.com/oguzhaninan/Buka
 [flathub-foliate]: https://www.flathub.org/apps/details/com.github.johnfactotum.Foliate
 [Foliate]: https://johnfactotum.github.io/foliate/

fix link and link to mail
diff --git a/blog/2016-05-12-email-setup.mdwn b/blog/2016-05-12-email-setup.mdwn
index 8eccc342..fb23f2e5 100644
--- a/blog/2016-05-12-email-setup.mdwn
+++ b/blog/2016-05-12-email-setup.mdwn
@@ -1,5 +1,7 @@
 [[!meta title="Notmuch, offlineimap and Sieve setup"]]
 
+Update: some of this configuration changed. See [[services/mail]].
+
 I've been using Notmuch since about 2011, switching away from Mutt to
 deal with the monstrous amount of emails I was, and still am dealing
 with on the computer. I have contributed a few patches and configs on
@@ -636,7 +638,7 @@ Critical parts are:
 
 The other settings should be self-explanatory.
 
- [Offlineimap]: http://www.offlineimap.org/
+ [OfflineIMAP]: http://www.offlineimap.org/
  [isync]: http://isync.sourceforge.net/
 
 RSS feeds

another answer
diff --git a/software/desktop/calibre/comment_11_fa465e23e6c4369a0aa81de3ae6dc875._comment b/software/desktop/calibre/comment_11_fa465e23e6c4369a0aa81de3ae6dc875._comment
new file mode 100644
index 00000000..05dbe2e9
--- /dev/null
+++ b/software/desktop/calibre/comment_11_fa465e23e6c4369a0aa81de3ae6dc875._comment
@@ -0,0 +1,19 @@
+[[!comment format=mdwn
+ username="anarcat"
+ subject="""comment 11"""
+ date="2019-10-07T13:34:10Z"
+ content="""
+> This appears to be an awful lot of effort to migrate from an open-source project. Perhaps that effort could be applied to helping out with the migration to Python3?  They have a working Beta now: https://github.com/kovidgoyal/calibre/pull/870
+>
+> You don't have to be a Python developer.  It would be helpful just having some willing beta-testers provide some feedback.  
+
+I actually *am* a Python developer. If Python 3 was the only problem with Calibre, I would totally and enthousiastically go that route. But as I explained in the blog post, there are other problems here.
+
+Also, there's only so much time in the day. I am already involved in another major Python 3 conversion in a program we salvaged from being abandoned by its maintainer ([linkchecker][]) and it's basically taking all of my free time at that level right now. I have my own programs I need to port to Python 3. So, sorry, but I don't have (free or paid, actually) time to offer to the Calibre community right now. But you should know that I did contribute quite a few times in the community (bug reports, security backports and patches). My experience then wasn't as great as I would have liked and I prefer not to get involved anymore.
+
+ [linkchecker]: https://github.com/linkchecker/linkchecker/
+
+> Either way, thanks for providing a roadmap of comparable software.  I personally don't want to switch from Calibre, but seeing the alternatives is always helpful for finding ways to improve.
+
+Thanks! That's the spirit with which I'm writing this. I might end up continuing to use Calibre myself too!
+"""]]

remove duplicate comment
diff --git a/software/desktop/calibre/comment_10_6a5852087614c10cc4e8934212fe74c3._comment b/software/desktop/calibre/comment_10_6a5852087614c10cc4e8934212fe74c3._comment
deleted file mode 100644
index aa4d498e..00000000
--- a/software/desktop/calibre/comment_10_6a5852087614c10cc4e8934212fe74c3._comment
+++ /dev/null
@@ -1,14 +0,0 @@
-[[!comment format=mdwn
- ip="71.136.138.224"
- claimedauthor="Jim Sorenson"
- subject="Replace vs Fix"
- date="2019-10-07T06:13:38Z"
- content="""
-This appears to be an awful lot of effort to migrate from an open-source project. Perhaps that effort could be applied to helping out with the migration to Python3?  They have a working Beta now: https://github.com/kovidgoyal/calibre/pull/870
-
-You don't have to be a Python developer.  It would be helpful just having some willing beta-testers provide some feedback.  
-
-Either way, thanks for providing a roadmap of comparable software.  I personally don't want to switch from Calibre, but seeing the alternatives is always helpful for finding ways to improve.
-
-- Jim
-"""]]

Added a comment
diff --git a/software/desktop/calibre/comment_11_4775bdfd0e135631f8076c52af31ac45._comment b/software/desktop/calibre/comment_11_4775bdfd0e135631f8076c52af31ac45._comment
new file mode 100644
index 00000000..3aeea379
--- /dev/null
+++ b/software/desktop/calibre/comment_11_4775bdfd0e135631f8076c52af31ac45._comment
@@ -0,0 +1,12 @@
+[[!comment format=mdwn
+ ip="132.206.154.8"
+ claimedauthor="mvc"
+ subject="comment 11"
+ date="2019-10-07T12:58:41Z"
+ content="""
+I have only used the latest stable fbreader Android app, which is proprietary but still actively maintained, and for me \"just works\". When the project went closed source in 2015 a free software fork targeting Android was created, but I've never tried it: https://gitlab.com/axet/android-book-reader
+
+The free app's bookshelf view was a little annoying, but as I said I was happy to give the developer a small sum of money for the \"premium\" version with a better collection viewer.
+
+I'm not surprised that PDF reflowing would be impossible in the general case for a multicolumn document, but I'm hoping they'll come up with something workable for some of the lengthy books I want to read that were only available in PDF format from the local library. At least I can borrow the physical books if needed!
+"""]]

Added a comment: Higher quality YouTube is DASH-only
diff --git a/blog/2019-10-06-native-apps-matter/comment_2_c34776c405292a5222db913af4560d18._comment b/blog/2019-10-06-native-apps-matter/comment_2_c34776c405292a5222db913af4560d18._comment
new file mode 100644
index 00000000..0da5bbd6
--- /dev/null
+++ b/blog/2019-10-06-native-apps-matter/comment_2_c34776c405292a5222db913af4560d18._comment
@@ -0,0 +1,49 @@
+[[!comment format=mdwn
+ ip="213.219.166.29"
+ claimedauthor="Frans"
+ url="https://fransdejonge.com"
+ subject="Higher quality YouTube is DASH-only"
+ date="2019-10-07T08:09:01Z"
+ content="""
+Unless something changed recently, VLC is limited to 720p. That won't truly affect any conclusions, but for a completely fair comparison you'd have to take down YT to 720p, specifically in mp4 so any potential hardware acceleration can do its job on the browser too. On Chromia you might have to flip a flag to enable that at all.
+
+Alternatively and for a better video viewing experience, you can download or pipe better quality video/audio with youtube-dl.
+
+```
+$ youtube-dl -F \"https://www.youtube.com/watch?v=tyOHcXKlyU8\"  
+[youtube] tyOHcXKlyU8: Downloading webpage
+[youtube] tyOHcXKlyU8: Downloading video info webpage
+WARNING: Unable to extract video title
+[info] Available formats for tyOHcXKlyU8:
+format code  extension  resolution note
+249          webm       audio only DASH audio   60k , opus @ 50k, 6.30MiB
+250          webm       audio only DASH audio   86k , opus @ 70k, 8.18MiB
+140          m4a        audio only DASH audio  131k , m4a_dash container, mp4a.40.2@128k, 15.53MiB
+251          webm       audio only DASH audio  164k , opus @160k, 15.87MiB
+160          mp4        256x144    144p  109k , avc1.4d400c, 24fps, video only, 6.70MiB
+278          webm       256x144    144p  118k , webm container, vp9, 24fps, video only, 11.36MiB
+242          webm       426x240    240p  229k , vp9, 24fps, video only, 13.57MiB
+133          mp4        426x240    240p  294k , avc1.4d4015, 24fps, video only, 12.39MiB
+243          webm       640x360    360p  401k , vp9, 24fps, video only, 22.38MiB
+134          mp4        640x360    360p  579k , avc1.4d401e, 24fps, video only, 22.12MiB
+244          webm       854x480    480p  703k , vp9, 24fps, video only, 32.00MiB
+135          mp4        854x480    480p  809k , avc1.4d401e, 24fps, video only, 31.22MiB
+136          mp4        1280x720   720p 1125k , avc1.4d401f, 24fps, video only, 46.40MiB
+247          webm       1280x720   720p 1242k , vp9, 24fps, video only, 53.06MiB
+248          webm       1920x1080  1080p 2642k , vp9, 24fps, video only, 152.24MiB
+137          mp4        1920x1080  1080p 3770k , avc1.640028, 24fps, video only, 161.78MiB
+43           webm       640x360    medium , vp8.0, vorbis@128k, 83.67MiB
+18           mp4        640x360    medium  460k , avc1.42001E, mp4a.40.2@ 96k (44100Hz), 55.23MiB
+22           mp4        1280x720   hd720 1428k , avc1.64001F, mp4a.40.2@192k (44100Hz) (best)
+```
+
+If I right click on a YouTube video and click \"stats for nerds,\"  I find that it typically prefers to send VP9 with Opus. The Opus stream (251) provides the best audio.
+
+In my case, to match what YouTube sends to my browser I have to use something like this:
+
+```
+$ youtube-dl -f 248+251 \"https://www.youtube.com/watch?v=tyOHcXKlyU8\"
+```
+
+Play that back in VLC or mpv and you'll find it uses a lot more CPU. By contrast, force YouTube to use 720p with H.264 for hardware acceleration and it'll use less. The difference should still be pronounced, mind you, but not quite by an order of magnitude.
+"""]]

Added a comment: Replace vs Fix
diff --git a/software/desktop/calibre/comment_10_6a5852087614c10cc4e8934212fe74c3._comment b/software/desktop/calibre/comment_10_6a5852087614c10cc4e8934212fe74c3._comment
new file mode 100644
index 00000000..aa4d498e
--- /dev/null
+++ b/software/desktop/calibre/comment_10_6a5852087614c10cc4e8934212fe74c3._comment
@@ -0,0 +1,14 @@
+[[!comment format=mdwn
+ ip="71.136.138.224"
+ claimedauthor="Jim Sorenson"
+ subject="Replace vs Fix"
+ date="2019-10-07T06:13:38Z"
+ content="""
+This appears to be an awful lot of effort to migrate from an open-source project. Perhaps that effort could be applied to helping out with the migration to Python3?  They have a working Beta now: https://github.com/kovidgoyal/calibre/pull/870
+
+You don't have to be a Python developer.  It would be helpful just having some willing beta-testers provide some feedback.  
+
+Either way, thanks for providing a roadmap of comparable software.  I personally don't want to switch from Calibre, but seeing the alternatives is always helpful for finding ways to improve.
+
+- Jim
+"""]]

Archival link:

The above link creates a machine-readable RSS feed that can be used to easily archive new changes to the site. It is used by internal scripts to do sanity checks on new entries in the wiki.

Created . Edited .