youbroketheinternet-overlay
===========================
We produce original ebuilds for some items but we also borrow and
build from other sources, then republish them via a secure authen-
tication medium, a Tor onion. Since all of git, rsync and https
protocols can be man in the middled, using a self-authenticating
onion is the way to go. Makes you nervous? Why.. this is not about
anonymity. All the known problems related to onion services are
about de-anonymization. There are no known cases of authenticity
failure, which is what we expect from this. So we copy other
people's ebuilds because we don't want to integrate insecure
overlays into our operating system build procedures. So, if your
ebuild is in here, it's an honor for us to be hosting a copy.
Please drop by
irc://psycyificvaxuzut3t6hcies3stfdtlzqftcnmbb5su3xv4zugplsfad.onion:67/welcome
or http://psycyificvaxuzut3t6hcies3stfdtlzqftcnmbb5su3xv4zugplsfad.onion/PSYC/
or torify telnet psycyificvaxuzut3t6hcies3stfdtlzqftcnmbb5su3xv4zugplsfad.onion
for feedback and 'git pull' offers.
Git was intended for everyone to run their own little git server
and pull from each other. Git was NOT invented for centralized
commercial social networking clouds such as github! If you want
to submit a patch to this overlay, pass it in form of a textual
patch or make your copy of this git available on your own onion.
Github is not a safe infrastructure for a GNU Internet.
If you need some advice on which anti-PRISM tools to install,
have a look at our 'best current practice' recommendations at
http://secushare.psyciumunsqarzsehz5xlgsi2mg4dkvntwf5bwj5kwbcbazwiuhna2ad.onion/comparison.
If you are a developer, some of the ebuilds allow you to symlink or
put a git of the package in /usr/local/src. The ebuild will select
the requested git revision according to the version number you are
emerging, but only if your git is sufficiently up to date.
== app-admin/depot ==
How many different Unix distributions have you tried out in the
past few years? How long did it take for you to get your basic
set of tools installed? For me it didn't take long because I have
been organizing my own software path independently from whatever
distribution's package manager. Depot manages something like a
/usr/local generating symlinks into a /depot of directories per
package. The depot directories can be shared between systems and
possibly hardware architectures. It uses a nifty database system
to ensure consistency and is much more advanced than any script
that would quickly spit out a bunch of symlinks. This tool was
essential in the systems administration of diverse Unix networks
in universities in the 1990s (see LISA paper from 1993 describing
theory and practice), but it can still prove useful to anyone who
moves tools around on several Unix flavors today. You may even
find it useful to organize non-software paths like media files.
== app-arch/zipgrep ==
A replacement for the zipgrep shell script that comes with
app-arch/unzip. This one can handle spaces in filenames, can
recognize ZIP compatible file formats such as ODT, APK or MAFF
and recurses into directories by default.
== app-misc/merge ==
A command that should be a basic unix tool or be integrated
into 'mv' and 'cp' as -m flag. The ability to merge folders
from command line just like you can when drag+dropping folders
into each other with a GUI file manager. How could we exist
without this all these years?
== app-text/lowdown ==
== app-text/ssg3 ==
[ask ng0]
== app-shells/tcsh ==
Removing a long path specification from the command line
can be tedious with tcsh as it has no notion of file names
containing whitespace while editing the command line.
My patch makes CTRL-W aka kill-region do this whenever no
mark has been set (which is the default), instead of giving
an error. Back when tcsh was created, no sane Unix person
would put whitespace into filenames! Filesystems had barely
just learned to even be capable of such perversions.
== dev-db/cayley ==
A graph database written in Go. Borrowed the ebuild from
jm-overlay. Version 0.5.0 looks sloppy and buggy.
== dev-db/agensgraph ==
A transactional graph database based on PostgreSQL. In fact
it comes with its own version of postgresql so it probably
cannot be installed on the same system with a regular pgsql.
AgensGraph is a multi-model database, which supports the
relational and graph data model at the same time that enables
developers to integrate the legacy relational data model and
the flexible graph data model in one database. AgensGraph
is written in C and has close to no dependencies.
== dev-scheme/guile-git ==
[ask ng0]
== dev-lang/psyclpc ==
LPC bytecode interpreter used by psyced. Works also for
implementing Multi-User Dungeon games (MUDs).
== dev-libs/openssl ==
The regular portage openssl files disallow the use of certain
elliptic curve cryptography that pybitmessage happens to need.
== dev-libs/TelegramQML ==
To get this to compile I had to replace all -isystem in the
Makefile generated by qmake into -I, then run "ebuild" on
the unpacked build directory manually. This fix could of
course be automated, FIXME.
== dev-perl/Audio-TagLib ==
The era of MP3 and its ID3 tags is over. Either you want
to store audio in lossless form, using FLAC, or you want
to compress it efficiently while maintaining best quality,
so you want to use Ogg/Opus or AAC. For all of these cases
you need a generic metadata mangling library.
== dev-perl/MIDI-Perl ==
Library for manipulating MIDI files, includes a script to
demultiplex a format 0 MIDI file into multiple files for
each MIDI channel.
== dev-perl/Net-PSYC ==
Perl implementation of the PSYC protocol together with
- git2psyc: git hook to deliver PSYC notifications on commit
- psycion: curses based PSYC client
- psycmp3: PSYC-controllable console mp3 player
- remotor: text-based remote control for Tor routers
- syslog2psyc: forwarding of syslog events via PSYC
and several more nifty tools for automation of
notification and messaging.
== dev-vcs/gitprivacy ==
Probably just a beginning: git-commit-privacy is a tiny
shell script that hides your working hour habits from
the repositories you commit to. It otherwise behaves
exactly like git commit.
== dev-vcs/stagit ==
Static git page generator.
== eclass/git-r3 ==
Added 'git fsck' after fetch to protect from MITM attacks
during git network transactions. This is used by ebuilds
that compile from git rather than from tarballs.
Added support for fetching gits from onions using torsocks.
You can generally fetch gits via Tor if you define
EGIT_SOCKS="torsocks"
in your env.
== eclass/mozilla-addon ==
Used by the Torbrowser add-ons below. You need to define
the "target_torbrowser" USE flag if you want the add-ons
to be installed directly into your browser.
You can also symlink the extensions manually into your
`$HOME/.mozilla/{torbrowser,firefox}/$profile/extensions/`
folder.
With the newer versions of Firefox and Torbrowser you
even have to disable `xpinstall.signatures.required` in
about:config. Thank you Firefox for being paranoid against
your own hard disk.
== media-fonts/unscii ==
[ask ng0]
== media-libs/vid-stab ==
Remove camera shaking from shaken videos. A plug-in for
kdenlive. Simply recompile kdenlive after installing this.
kdenlive should have it in its dependencies, but in fact
the kdenlive ebuild is missing several dependencies.
New: lynX added his "deshake" command line tool for
removing camera shake from video files, since kdenlive
is such a buggy piece of software and overkill if you do
not need to do any editing beyond what ffcut offers.
== media-sound/bpm-measure ==
A little tool to auto-detect or 'tap' the beats per
minute of music media files.
== media-sound/ttymidi ==
Some exotic hardware and specifically Arduino-based tools
do not support MIDI signaling out of the box but rather
transmit MIDI via serial interface. This tiny tool provides
conversion from USB to MIDI signals.
== media-video/ffcat ==
Lossless audio/video concatenation tool. After cutting out
parts video scenes with ffcut you can concatenate them in
a new order using ffcat. Or you can do the same with mp3 or
pretty much any other media format. Uses either ffmpeg or
GPAC, which are both amazing but have terrible UX each.
== media-video/ffcut ==
Lossless audio/video cutting tool to extract video scenes or
remove parts from an mp3 with a practical command-line UX
and without doing any re-encoding. Uses either ffmpeg or
GPAC, which are both amazing but have terrible UX each.
== media-video/ffmpeg ==
Our version adds just a tiny patch that influences the
behaviour of live stream ripping: while the existing
implementation would always pick the newest playlists,
therefore introducing many hiccups whenever the source
is sending faster than we are receiving the stream, this
patch tries to get as many old fragments as possible,
reducing the number of hiccups and prolonging the skips
in exchange. Would be best if this was a runtime option
for ffmpeg, but so far it isn't.
== net-im/qtox ==
[migrated to gentoo portage]
== net-im/ricochet ==
[migrated to gentoo portage]
== net-im/telegram-cli ==
[would need to be updated to new source codes]
Barebones API for remote controlling an account on telegram.org.
Has no proper client interface but comes with enough command-line
editing so you can run a few "secret chats" which are the only
private (end-to-end encrypted) way of using Telegram, if your
counterpart also runs a trustworthy compile. Do not resize the
window after starting. The hardcoded company servers do not
accept connections via Tor. You will be prompted for your GSM
phone number and sent a confirmation token via SMS. Your metadata
becomes available to that company and whoever has authority over
it. At least this libre client doesn't automatically upload your
telephone book, as it doesn't have any. Thanks to jorgicio overlay
for this one, too.
== net-im/toxic ==
Person-to-person encrypted telephony application with CLI-UI.
== net-irc/psyced ==
Server for federated messaging and chat using PSYC, IRC,
XMPP and other protocols. Currently being adapted to work
in a distributed manner over GNUnet.
== net-libs/libpsyc ==
A tiny C implementation of the PSYC protocol syntax for
lightning fast parsing and rendering. Easily beats JSON
and XML.
== net-misc/gnurl ==
Trimmed down variation of curl without all the cruft. GNUnet
uses this.
== net-misc/powwow ==
Enhanced telnet client with automation macros for interaction
with Multi-User Domains (MUDs). Nowadays it is frequently used
as a text-based messaging client with psyced's telnet access.
That's why we also provide a 'cmdsep' flag to avoid making ";"
a command separator symbol as it would keep you from winking.
== net-news/rssget ==
A trivial RSS fetching tool for Perl hackers to modify and
customize. This one specifically skips some unwanted items
and knows how to remove the annoying trailer from certain
podcasts using ffcut.
== net-p2p/cjdns ==
[would need an update from emery]
An Internet overlay based on deterministic DHT-powered routing,
similar to GNUnet's CADET, but less complicated and less secure.
It maps the public key addresses of hosts to virtual IPv6
addresses, which means that you either maintain a hosts file
manually or you re-introduce attack vectors with the use of
DNS. cjdns does not provide anonymity and is not resistant to
fingerprinting users by traffic shaping. This ebuild has been
adopted (= checked for consistency and safety) from the insecure
(plaintext git!) emery overlay. Thank you, emery!
== net-p2p/pybitmessage ==
Cryptographic anonymizing text publication system. Not a lot better
than PGP concerning one-to-one communications (it lacks forward
secrecy) but its strength is clearly in the ability to broadcast
from few senders to many recipients. The latest version also works
over Tor but can be quite a strain on your Tor router depending how
your torrc is configured. It would mostly hide the fact that you
are using Bitmessage and increase your messaging anonymity only
when you are posting to large subscription channels. For mere
private conversation and passive consumption of public channels,
Tor is not needed. You may need to unmask the openssl given in this
overlay for pybitmessage to build successfully.
== net-p2p/retroshare ==
[migrated to gentoo portage]
== net-proxy/torsocks ==
Make proxy-unaware applications access the Internet through
Tor. Includes the notorious 'torify' command.
== net-vpn/gnunet ==
GNUnet is a mesh network routing system not limited to peer-
to-peer usage. It explicitly provides VPN functionality among
the many other things like censorship-resistant anonymous file
publication and sharing.
== net-vpn/gnunet-gtk ==
While compiling from source works great, the ebuilds produce
some mysterious error messages. Please help to figure out
what the problem is. Luckily this package is optional.
== sys-apps/metastore ==
Do you use git for systems administration and get tangled up with
files having wrong ownership? Metastore keeps metadata information
of entire directory trees in a separate file, so you can restore it
each time you check out a git repository.
== sys-apps/quickpkg-newer ==
Wrapper around quickpkg that ensures all atoms installed in the system
have a corresponding tar snapshot in the archive of binary packages,
so you can freely unmerge and reinstall them without recompilation.
== sys-apps/oneshot ==
Command line usability enhancement for Gentoo's emerge. It should in most
cases keep you from breaking your system by only allowing flags that make
sense together. It also includes a partial slot conflict resolution
automation and some other nifty tricks resulting from a decade of
experience with Gentoo usage.
== sys-fs/dmc ==
Command line usability frontend to dm-crypt's cryptsetup, partly compatible
to Truecrypt's command line syntax. Similar in functionality to Jaromil's
Tomb, but with support for multiple file systems. Automates creation and
maintenance of encrypted volumes. A must have for privacy-aware humans.
== www-client/chromium ==
We received a contribution for a recent Chromium that compiles using
clang. We don't recommend using Chromium as a browser, but if you've
being doing so anyhow, then you might find this useful. Maybe it does
not work with USE system-icu.
== www-client/torbrowser ==
By fulfilling most requirements of protocol standards, all web browsers
are currently tuned to conspire with web servers to spy on you, even
if you use them in combination with the Tor anonymization system.
Torbrowser is the only instrument that separates your browsing activity
tab by tab into separate Tor identities, making it significantly harder
for Big Brother to correlate your activities. In other words, this is
the only politically acceptable web browser in existence as of 2015-2016.
== www-plugins/certpatrol ==
Torbrowser/Firefox add-on that monitors HTTPS certificates for
unexpected changes and warns of man-in-the-middle attacks.
== www-plugins/cfc ==
Torbrowser/Firefox add-on that circumvents Cloudflare CAPTCHAs
and other nuisance of the broken web.
== www-plugins/gnash ==
[ask ng0]
== www-plugins/exif_viewer ==
Torbrowser/Firefox add-on to inspect EXIF image metadata while browsing
the web.
== www-servers/onionshare ==
One more great ebuild from Poncho.
== x11-misc/interrobang ==
A tiny launcher menu packing a big bang (syntax).
== x11-plugins/lurch ==
[ask ng0]
== x11-plugins/telegram-purple ==
Mixed from jorgicio and gentoo-zh, these ebuilds produce a plugin for
Pidgin and other libpurple-based messengers. As always don't say
anything private unless you are using "secret chat" and your counter-
part also has a trustworthy client build. Telegram is a commercial
service that may some day monetize your metadata. I have added a
custom 1.4.0_alpha version which is just a git freeze of the current
head of development.
