Klaus Knopper answers your Linux questions
Quite a few Xorg versions ago, you had to regenerate directory caches and let the X server rescan the entire font list.
For scalable TrueType fonts, the installation has become a lot less complex since client programs handling TrueType fonts do most of the work themselves through dynamically linked font-rendering libraries.
Although this means less installation work for you, it also means a slightly slower startup time for programs handling fonts, like GIMP or LibreOffice (Figure 1).
To install custom TrueType fonts, it's practical to create a new per-fontset directory – or at least add one extra directory to hold your fonts.
sudo mkdir /usr/share/fonts/truetype/extra
Now, to make a new font available system-wide, you can just copy the
.ttf file there:
sudo cp fontfile.ttf /usr/share/fonts/truetype/extra/
Make sure it's readable for everyone,
sudo chmod 755 /usr/share/fonts/truetype/extra sudo chmod 644 /usr/share/fonts/truetype/extra/fontfile.ttf
and then you're done. :-)
Alternatively, you can check your distribution's package manager for font packages containing free and contributed fonts available for installation.
To check to see whether a program is capable of using TrueType fonts, list its dynamic libraries and look for "freetype" and "font" (Listing 1).
Finding TrueType Fonts
$ ldd /usr/bin/gimp | grep -E 'font|freetype' libfreetype.so.6 => /usr/lib/i386-linux-gnu/libfreetype.so.6 (0xf6e28000) libfontconfig.so.1 => /usr/lib/i386-linux-gnu/libfontconfig.so.1 (0xf6de8000)
Libfreetype is a TrueType-compatible open source library for rendering TrueType fonts in an application, and
libfontconfig lets the program know how to identify a font by name and find a requested font in the filesystem.
Browser Settings in Knoppix 7.2.0 Paranoid?
Isn't that somewhat paranoid? Being a Linux user, there are not so many viruses around that could infect my computer over a website. And, many websites don't work right – shopping and travelling sites especially don't display real-time search results. The first thing I do is select "allow scripts globally (not recommended)." Why do you make things so complicated in Knoppix? Other distros just deliver Firefox with no security plugins installed or enabled, and leave it to the user to add more security stuff.
You are right, the security policy of Knoppix is somewhat more restrictive than other Live systems. In general, the Knoppix philosophy is:
- Don't run any servers and services that are accessible from the Internet, unless the user explicitly requests so.
- Don't use any Internet services and don't transmit any personal data to websites unless the user requests so.
The reason for blocking active content by default is, of course, that an unknown website might contain malicious content that could exploit weaknesses of your browser or trick you into being on a different website, reading your keyboard to obtain passwords or taking screenshots to spy out your desktop.
Even though just a few websites might successfully steal passwords from your computer without your noticing, is it worthwhile to take the chance, rather than investing just a single click on each of your favorite websites to allow active content?
Linux might not be affected by the majority of malware around, but it's still possible to compromise your browser via "cross-site scripting" attacks. And, if you do important stuff with your browser like money transactions or accessing protected websites with your personal data, you don't want others stealing your identity. Therefore, I recommend leaving the default enabled for NoScript and just adding your favorite websites, one by one, to the exception list, to always stay on the safe side. I don't think this is paranoid; I'd call it just being careful. :-) With the NoScript settings for Firefox restricted by default, I can recommend Knoppix with good confidence for online banking and secure access to many websites.
Blocking advertisements with AdBlockPlus is a somewhat "political" issue. On one hand, I perfectly understand that advertisers want to make money by counting clicks or boost the popularity of products. On the other hand, some websites are overloaded with advertisements, and some ads actually consume more bandwidth than the informational part of the page, or cause bad rendering of the page.
When using the web, I want to read information and identify links and locations accurately. But, on some sites, it is virtually impossible to distinguish between the real content and advertisements on a page. If you've ever tried to find the correct download button on a website that offers a product, yet also advertises 10 other products for download, you know what I'm talking about. For shopping on the web, however, the attitude may be different; you might want to switch off AdBlockPlus then.
- YouTube HTML5 video player: http://www.youtube.com/html5
- Lightspark: https://github.com/lightspark/lightspark
- Debian Lightspark package: http://packages.debian.org/sid/browser-plugin-lightspark
Buy this article as PDF
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.