youbroketheinternet-overlay =========================== We produce original ebuilds for some items but we also borrow and build from other sources, then republish them via a secure authen- tication medium, a Tor onion. Since all of git, rsync and https protocols can be man in the middled, using a self-authenticating onion is the way to go. Makes you nervous? Why.. this is not about anonymity. All the known problems related to onion services are about de-anonymization. There are no known cases of authenticity failure, which is what we expect from this. So we copy other people's ebuilds because we don't want to integrate insecure overlays into our operating system build procedures. So, if your ebuild is in here, it's an honor for us to be hosting a copy. Please drop by irc://loupsycedyglgamf.onion:67/welcome or http://loupsycedyglgamf.onion/PSYC/ or torify telnet loupsycedyglgamf.onion for feedback and 'git pull' offers. Git was intended for everyone to run their own little git server and pull from each other. Git was NOT invented for centralized commercial social networking clouds such as github! If you want to submit a patch to this overlay, pass it in form of a textual patch or make your copy of this git available on your own onion. Github is not a safe infrastructure for a GNU Internet. If you need some advice on which anti-PRISM tools to install, have a look at our 'best current practice' recommendations at http://secushare.cheettyiapsyciew.onion/comparison. If you are a developer, some of the ebuilds allow you to symlink or put a git of the package in /usr/local/src. The ebuild will select the requested git revision according to the version number you are emerging, but only if your git is sufficiently up to date. == app-arch/zipgrep == A replacement for the zipgrep shell script that comes with app-arch/unzip. This one can handle spaces in filenames, can recognize ZIP compatible file formats such as ODT, APK or MAFF and recurses into directories by default. == app-admin/depot == How many different Unix distributions have you tried out in the past few years? How long did it take for you to get your basic set of tools installed? For me it didn't take long because I have been organizing my own software path independently from whatever distribution's package manager. Depot manages something like a /usr/local generating symlinks into a /depot of directories per package. The depot directories can be shared between systems and possibly hardware architectures. It uses a nifty database system to ensure consistency and is much more advanced than any script that would quickly spit out a bunch of symlinks. This tool was essential in the systems administration of diverse Unix networks in universities in the 1990s (see LISA paper from 1993 describing theory and practice), but it can still prove useful to anyone who moves tools around on several Unix flavors today. You may even find it useful to organize non-software paths like media files. == dev-perl/Net-PSYC == Perl implementation of the PSYC protocol together with - git2psyc: git hook to deliver PSYC notifications on commit - psycion: curses based PSYC client - psycmp3: PSYC-controllable console mp3 player - remotor: text-based remote control for Tor routers - syslog2psyc: forwarding of syslog events via PSYC and several more nifty tools for automation of notification and messaging. == dev-lang/psyclpc == LPC bytecode interpreter used by psyced. Works also for implementing Multi-User Dungeon games (MUDs). == dev-libs/openssl == The regular portage openssl files disallow the use of certain elliptic curve cryptography that pybitmessage happens to need. == dev-qt/qzxing == Qt library for QR code generation and decoding. Broken with QT-5.7. == dev-vcs/gitprivacy == Probably just a beginning: git-commit-privacy is a tiny shell script that hides your working hour habits from the repositories you commit to. It otherwise behaves exactly like git commit. == dev-vcs/stagit == Static git page generator. == eclass/git-r3 == Added 'git fsck' after fetch to protect from MITM attacks during git network transactions. This is used by ebuilds that compile from git rather than from tarballs. Added support for fetching gits from onions using torsocks. You can generally fetch gits via Tor if you define EGIT_SOCKS="torsocks" in your env. == eclass/mozilla-addon == Used by the Torbrowser add-ons below. You need to define the "target_torbrowser" USE flag if you want the add-ons to be installed directly into your browser. You can also symlink the extensions manually into your `$HOME/.mozilla/{torbrowser,firefox}/$profile/extensions/` folder. With the newer versions of Firefox and Torbrowser you even have to disable `xpinstall.signatures.required` in about:config. Thank you Firefox for being paranoid against your own hard disk. == media-libs/vid-stab == Remove camera shaking from shaken videos. A plug-in for kdenlive. Simply recompile kdenlive after installing this. kdenlive should have it in its dependencies, but in fact the kdenlive ebuild is missing several dependencies. New: lynX added his "deshake" command line tool for removing camera shake from video files, since kdenlive is such a buggy piece of software and overkill if you do not need to do any editing beyond what mp4cut offers. == media-sound/mumble == From mva's overlay, an ebuild that produces a Qt5 compatible prerelease of mumble 1.3.0 from the current git. Unfortunately it fetches many submodules that cannot be pinned down to a cryptographic hash, therefore this ebuild is not safe from MITM attacks. == media-sound/rxaudio-bin == A *shareware* from 1998: A remote controllable MP3 engine used by psycmp3 from dev-perl/Net-PSYC. Source code was never released. Original website has disappeared. But it works. In almost twenty years it never exhibited non-consensual Internet access, so there is no reason to expect it to contain malware now. The reason it is here is because it has a pretty good control API and no-one cared to rewrite the powerful psycmp3 player to use a free software API. == media-video/flowblade == Multitrack video editor with straightforward UI. Probably not as powerful as kdenlive, but doesn't crash in exchange. Mirrored from jorgicio's overlay, which is hosted on an unreliable commercial cloud offering called github. == media-video/mp4cut == Lossless M4V video editor (M4V = mp4, mov, 3gp and other mp4-based file formats), or rather, it's a a command line scene extractor with a nifty practical command line UX. Based on GPAC, which is amazing but has terrible UX. == net-im/qtox == Person-to-person encrypted telephony application. == net-im/ricochet == Metadata protecting Instant Messenger tool operating peer-to-peer over Tor Hidden Services without using servers. == net-im/telegram-cli == Barebones API for remote controlling an account on telegram.org. Has no proper client interface but comes with enough command-line editing so you can run a few "secret chats" which are the only private (end-to-end encrypted) way of using Telegram, if your counterpart also runs a trustworthy compile. Do not resize the window after starting. The hardcoded company servers do not accept connections via Tor. You will be prompted for your GSM phone number and sent a confirmation token via SMS. Your metadata becomes available to that company and whoever has authority over it. At least this libre client doesn't automatically upload your telephone book, as it doesn't have any. Thanks to jorgicio overlay for this one, too. == net-im/toxic == Person-to-person encrypted telephony application with CLI-UI. == net-im/utox == Person-to-person encrypted telephony application. == net-irc/psyced == Server for federated messaging and chat using PSYC, IRC, XMPP and other protocols. Currently being adapted to work in a distributed manner over GNUnet. == net-libs/libpsyc == A tiny C implementation of the PSYC protocol syntax for lightning fast parsing and rendering. Easily beats JSON and XML. == net-misc/gnunet == GNUnet is a mesh network routing system not limited to peer- to-peer usage, so it belongs into net-misc instead of net-p2p. Usage is a bit unorthodox, but it provides censorship-resistant anonymous file publication and sharing for a start. == net-misc/gnunet-gtk == While compiling from source works great, the ebuilds produce some mysterious error messages. Please help to figure out what the problem is. Luckily this package is optional. == net-misc/gnurl == Trimmed down variation of curl without all the cruft. GNUnet uses this. == net-misc/powwow == Enhanced telnet client with automation macros for interaction with Multi-User Domains (MUDs). Nowadays it is frequently used as a text-based messaging client with psyced's telnet access. That's why we also provide a 'cmdsep' flag to avoid making ";" a command separator symbol as it would keep you from winking. == net-misc/onioncircuits == Another fine item from MeisterP's torbrowser overlay. == net-p2p/cjdns == An Internet overlay based on deterministic DHT-powered routing, similar to GNUnet's CADET, but less complicated and less secure. It maps the public key addresses of hosts to virtual IPv6 addresses, which means that you either maintain a hosts file manually or you re-introduce attack vectors with the use of DNS. cjdns does not provide anonymity and is not resistant to fingerprinting users by traffic shaping. This ebuild has been adopted (= checked for consistency and safety) from the insecure (plaintext git!) emery overlay. Thank you, emery! == net-p2p/pybitmessage == Cryptographic anonymizing text publication system. Not a lot better than PGP concerning one-to-one communications (it lacks forward secrecy) but its strength is clearly in the ability to broadcast from few senders to many recipients. The latest version also works over Tor but can be quite a strain on your Tor router depending how your torrc is configured. It would mostly hide the fact that you are using Bitmessage and increase your messaging anonymity only when you are posting to large subscription channels. For mere private conversation and passive consumption of public channels, Tor is not needed. == net-p2p/retroshare == With the new 0.6 series RetroShare finally has built-in Tor support. Still, it is far too complicated to configure. This needs to get a lot simpler. RetroShare is lightweight and reasonably safe if used in Tor-only mode with DHT disabled. For generic file sharing it's better to use GNUnet. == net-proxy/torsocks == Make proxy-unaware applications access the Internet through Tor. Includes the notorious 'torify' command. == sys-apps/guix == GNU Guix is a package manager. It's also an operating system (GNU GuixSD). Guix might provide updates via a distributed network in the future. Currently this ebuild and sys-apps/guix-binary are open for debugging here, please provide us with input. (* sys-apps/guix is functional, the OpenRC service needs debugging.) == sys-apps/guix-bin == GNU Guix is a package manager for reproducible building. It is therefore legitimate to use its binary installation as you can check its correctness later, by rebuilding the exact identical binary files. == sys-apps/nix == The package manager from Nix. Portage has added its own version without credit to us. Ts! == sys-apps/oneshot == Command line usability enhancement for Gentoo's emerge. It should in most cases keep you from breaking your system by only allowing flags that make sense together. It also includes a partial slot conflict resolution automation and some other nifty tricks resulting from a decade of experience with Gentoo usage. == sys-fs/dmc == Command line usability frontend to dm-crypt's cryptsetup, partly compatible to Truecrypt's command line syntax. Similar in functionality to Jaromil's Tomb, but with support for multiple file systems. Automates creation and maintenance of encrypted volumes. A must have for privacy-aware humans. == www-client/torbrowser == By fulfilling most requirements of protocol standards, all web browsers are currently tuned to conspire with web servers to spy on you, even if you use them in combination with the Tor anonymization system. Torbrowser is the only instrument that separates your browsing activity tab by tab into separate Tor identities, making it significantly harder for Big Brother to correlate your activities. In other words, this is the only politically acceptable web browser in existence as of 2015-2016. == www-plugins/certpatrol == Torbrowser/Firefox add-on that monitors HTTPS certificates for unexpected changes and warns of man-in-the-middle attacks. == www-plugins/cfc == Torbrowser/Firefox add-on that circumvents Cloudflare CAPTCHAs and other nuisance of the broken web. == www-plugins/exif_viewer == Torbrowser/Firefox add-on to inspect EXIF image metadata while browsing the web. == www-servers/onionshare == One more great ebuild from Poncho. == x11-misc/interrobang == A tiny launcher menu packing a big bang (syntax). == x11-plugins/telegram-purple == Mixed from jorgicio and gentoo-zh, these ebuilds produce a plugin for Pidgin and other libpurple-based messengers. As always don't say anything private unless you are using "secret chat" and your counter- part also has a trustworthy client build. Telegram is a commercial service that may some day monetize your metadata. I have added a custom 1.4.0_alpha version which is just a git freeze of the current head of development.