Lately I've been researching on ntpd and wrote a two articles on how to install ntpd on CentOS, Fedora and how to install ntpd on FreeBSD and during my research on ntpd, I've come across OpenNTPD and decided to give it a go on my FreeBSD home router. OpenBSD project is well known for it is high security standards and historically has passed the test of time for being a extraordinary secure UNIX like free operating system. OpenBSD is developed in parallel with FreeBSD, however the development model of the two free operating systems are way different.
As a part of the OpenBSD to be independant in its basis of software from other free operating systems like GNU / Linux and FreeBSD. They develop the all around free software realm known OpenSSH. Along with OpenSSH, one interesting project developed for the main purpose of OpenBSD is OpenNTPD.
"a FREE, easy to use implementation of the Network Time Protocol. It provides the ability to sync the local clock to remote NTP servers and can act as NTP server itself, redistributing the local clock."
OpenNTPD's accent just like OpenBSD's accent is security and hence for FreeBSD installs which targets security openntpd might be a good choice. Besides that the so popular classical ntpd has been well known for being historically "insecure", remote exploits for it has been released already at numerous times.
Another reason for someone to choose run openntpd instead of ntpd is its great simplicity. openntpd configuration is super simple.
Here are the steps I followed to have openntpd time server synchronize clock on my system using other public accessible openntpd servers on the internet.
1. Install openntpd through pkg_add -vr openntpd or via ports tree
a) For binar install with pkg_add issue:
freebsd# pkg_add -vr openntpd
...
b) if you prefer to compile it from source
freebsd# cd /usr/ports/net/openntpd
freebsd# make install clean
...
Default ntpd.conf works just fine without any modifications, if however there is a requirement the openntpd server to listen and accept time synchronization requests from only certain hosts add to conf something like:
listen on 192.168.1.2
listen on 192.168.1.3
listen on 2607:f0d0:3001:0009:0000:0000:0000:0001
listen on 127.0.0.1
This configuration will enable only 192.168.1.2 and 192.168.1.3 IPv4 addresses as well as the IPv6 2607:f0d0:3001:0009:0000:0000:0000:0001 IP to communicate with openntpd.
Its also good idea to check if openntpd has succesfully established connection with its peer remote openntpd time servers. This is necessery to make sure pf / ipfw firewall rules are not preventing connection to remote 123 UDP port:
By default openntpd is also listening to IPv6 if IPv6 support is enabled in freebsd kernel.
6. Resolve openntpd firewall filtering issues
If there is a pf firewall blocking UDP requests to in/out port 123 within /etc/pf.conf rule like:
block in log on $EXT_NIC proto udp all
Before the blocking rule you will have to add pf rules:
# Ipv4 Open outgoing port TCP 123 (NTP)
pass out on $EXT_NIC proto tcp to any port ntp
# Ipv6 Open outgoing port TCP 123 (NTP)
pass out on $EXT_NIC inet6 proto tcp to any port ntp
# Ipv4 Open outgoing port UDP 123 (NTP)
pass out on $EXT_NIC proto udp to any port ntp
# Ipv6 Open outgoing port UDP 123 (NTP)
pass out on $EXT_NIC inet6 proto udp to any port ntp
where $EXT_NIC is defined to be equal to the external lan NIC interface, for example: EXT_NIC="ml0"
Afterwards to load the new pf.conf rules firewall has to be flushed and reloaded:
In conclusion openntpd should be more secure than regular ntpd and in many cases is probably a better choice. Anyhow bear in mind on FreeBSD openntpd is not part of the freebsd world and therefore security updates will not be issued directly by the freebsd dev team, but you will have to regularly update with the latest version provided from the bsd ports to make sure openntpd is 100% secure.
For anyone looking for more precise system clock synchronization and not so focused on security ntpd might be still a better choice. The OpenNTPD's official page states it is designed to reach reasonable time accuracy, but is not after the last microseconds.
On FreeBSD ntpd , ntpdc , ntpdate , ntpq doesn't need to be installed via a specific package like on GNU/Linux as they're part of the FreeBSD world (binary standardly shipped with FreeBSD basis system).
No need for any modifications if you don't want to apply some specific restrictions on whom can access the ntpd server. If you update regularly the FreeBSD system with freebsd-update or directly by rebuilding the FreeBSD kernel / world adding restrictions might be not necessery..
If you check /usr/src/etc/ntp.conf you will notice freebsd project people are running their own ntp servers , by default ntpd will use this servers to fetch timing information. The exact server hosts which as of time of writting are used can be seen in ntp.conf and are:
server 0.freebsd.pool.ntp.org iburst maxpoll 9
server 1.freebsd.pool.ntp.org iburst maxpoll 9
server 2.freebsd.pool.ntp.org iburst maxpoll 9
2. Add ntpd daemon to load on system boot via /etc/rc.conf
By default ntpd is disabled on FreeBSD, you can see if it is disabled or enabled by invoking:
Now as the 3 rc.conf vars are set to "YES", the ntpd can be started. Without having this variables in /etc/rc.conf , "/etc/rc.d/ntpd start" will refuse to start ntpd.
3. Start the ntpd service
freebsd# /etc/rc.d/ntpd start
...
One interesting note to make is ntpd can also operate without specifying any config file (/etc/ntp.conf), the only requirement for the server to start is to have a properly set ntpdate server, like lets say (ntpdate_flags="europe.pool.ntp.org")
4. Permit only certain host or localhost to "talk" to the ntpd server
If you want to imply some ntp server restrictions, the configuration directives are same like on Linux:
To allow only a a host inside a local network with IP 192.168.0.2 as well as localhost, to be able to fetch time information via ntpd server put inside /etc/ntp.conf:
If you want to prohibit ntpd to serve as a Network Time Server, to any other host except localhost, add in /etc/ntp.conf :
restrict default ignore
Allowing and denying certain hosts can be also done on pf (packet filter) or ipfw firewall level, and in my view is easier (and less confusing), than adding restrictions through ntp.conf. Besides that using directly the server firewall to apply restrictions is more secure. If for instance a remote exploit vulnerability is discovered affecting your ntpd server. this will not affect you externally as access to the UDP port 123 will be disabled on a firewall level. Something good to mention is NTP servers communicate between each other using the UDP source/destination (port 123). Hence if the NTPD server has to be publicly accessible and there is a firewall already implemented, access to source/dest port 123 should be included in the configured firewall …
5. Check if the ntp server is running properly / ntp server query operations
To query the now running ntpd server as well as set various configuration options "on the fly" (e.g. without need for ntp.conf edits and init script restart), a tool called ntpdc exists. ntpdc tool could be used to connect to localhost running ntpd as well as to connect and manage remotely a ntpd server. The most basic use of ntpdc is to check (server peers).: freebsd# ntpdc localhost
ntpdc> peers
remote local st poll reach delay offset disp
===================================================
ntpdc has also a non-interactive interface, handy if there is a need for requests to a ntpd to be scripted. To check ntpd server peers non-interactively:
ntpdc is an advanced query tool for ntpd , servers. Another tool exists called ntpq which syntax is almost identical to ntpdc . The main difference between the two is ntpq is a monitoring tool mostly used just for monitoring purposes, where ntpdc can also change plenty of things in the server configuration.
For people who want to learn more on ntpd the man page is a great reading , containing chapters describing thoroughfully exactly how NTPD time servers operate, etc.
Every now and then I have to work on servers running CentOS or Fedora Linux. Very typical problem that I observe on many servers which I have to inherit is the previous administrator did not know about the existence of NTP (Network Time Protocol) or forgot to install the ntpd server. As a consequence the many installed server services did not have a correct clock and at some specific cases this caused issues for web applications running on the server or any CMS installed etc.
The NTP Daemon is existing in GNU / linux since the early days of Linux and it served quite well so far. The NTP protocol has been used since the early days of the internet and for centuries is a standard protocol for BSD UNIX.
ntp is available in I believe all Linux distributions directly as a precompiled binary and can be installed on Fedora, CentOS with:
[root@centos ~]# yum install ntp
ntpd synchronizes the server clock with one of the /etc/ntp.conf defined RedHat NTP list
server 0.rhel.pool.ntp.org
server 1.rhel.pool.ntp.org
server 2.rhel.pool.ntp.org
To Synchronize manually the server system clock the ntp CentOS rpm package contains a tool called ntpdate : Hence its a good practice to use ntpdate to synchronize the local server time with a internet server, the way I prefer to do this is via a government owned ntp server time.nist.gov, e.g.
[root@centos ~]# ntpdate time.nist.gov
8 Feb 14:21:03 ntpdate[9855]: adjust time server 192.43.244.18 offset -0.003770 sec
Alternatively if you prefer to use one of the redhat servers use:
[root@centos ~]# ntpdate 0.rhel.pool.ntp.org
8 Feb 14:20:41 ntpdate[9841]: adjust time server 72.26.198.240 offset 0.005671 sec
Now as the system time is set to a correct time via the ntp server, the ntp server is to be launched:
[root@centos ~]# /etc/init.d/ntpd start
...
To permanently enable the ntpd service to start up in boot time issue also:
[root@centos ~]# chkconfig ntpd on
Using chkconfig and /etc/init.d/ntpd cmds, makes the ntp server to run permanently via the ntpd daemon:
If you prefer to synchronize periodically the system clock instead of running permanently a network server listening (for increased security), you should omit the above chkconfig ntpd on and /etc/init.d/ntpd start commands and instead set in root crontab the time to get synchronize lets say every 30 minutes, like so:
The time synchronization via crontab can be also done using the ntpdate cmd. For example if you want to synchronize the server system clock with a network server every 5 minutes:
ntp package is equipped with ntpq – Standard NTP Query Program. To get very basic stats for the running ntpd daemon use:
[root@centos ~]# ntpq -p
remote refid st t when poll reach delay offset jitter
======================================================
B1-66ER.matrix. 192.43.244.18 2 u 47 64 17 149.280 41.455 11.297
*ponderosa.piney 209.51.161.238 2 u 27 64 37 126.933 32.149 8.382
www2.bitvector. 132.163.4.103 2 u 1 64 37 202.433 12.994 13.999
LOCAL(0) .LOCL. 10 l 24 64 37 0.000 0.000 0.001
The remote field shows the servers to which currently the ntpd service is connected. This IPs are the servers which ntp uses to synchronize the local system server clock. when field shows when last the system was synchronized by the remote time server and the rest is statistical info about connection quality etc.
If the ntp server is to be run in daemon mode (ntpd to be running in the background). Its a good idea to allow ntp connections from the local network and filter incoming connections to port num 123 in /etc/sysconfig/iptables :
-A INPUT -s 192.168.1.0/24 -m state --state NEW -p udp --dport 123 -j ACCEPT
-A INPUT -s 127.0.0.1 -m state --state NEW -p udp --dport 123 -j ACCEPT
-A INPUT -s 0.0.0.0 -m state --state NEW -p udp --dport 123 -j DROP
Restrictions on which IPs can be connected to the ntp server can also be implied on a ntpd level through /etc/ntp.conf. For example if you would like to add the local network IPs range 192.168.0.1/24 to access ntpd, in ntpd.conf should be added policy:
# Hosts on local network are less restricted.
restrict 192.168.0.1 mask 255.255.255.0 nomodify notrap
To deny all access to any machine to the ntpd server add in /etc/ntp.conf:
restrict default ignore
After making any changes to ntp.conf , a server restart is required to load the new config settings, e.g.:
[root@centos ~]# /sbin/service ntpd restart
In most cases I think it is better to imply restrictions on a iptables (firewall) level instead of bothering change the default ntp.conf
Once ntpd is running as daemon, the server listens for UDP connections on udp port 123, to see it use:
I had to create a number of Facebook and Twitter accounts for one of the companies where I am employed. As I had to put Avatars to each and every new account. I therefore had to resize the company logos to fit the to the avatar dimensions.. It took me a bit of research until I found the proper picture dimensions. Here are the dimensions:
For facebook page Avatar the good picture width / height dimensions is a square like:
151x151 pixels
If however you prefer to have a sky scraper picture in Facebook, this is possible as thumbnail pictures up to 180×540 w/h pixels are showing up in FB. At most cases FaceBook automatically resizes the uploaded picture and generates a thumbnail which in most pictures looks okay, however in some odd picture dimensions the picture preview might be messy, so its better to ship the profile pic in standard square size like 151×151, 256×256, 313×313 etc.
For Twitter page Avatar the fixed picture width / height dimensions is:
73x73 pixels
In Twitter again the avatar picture should be a square like, to have twitter during upload automatically resize and make a good looking pic thumbnail. If some picture with a non square dimensions is uploaded as an Avatar for twitter account usually, twitter's pic auto resize server side program chops parts of the picture. This is not a bug but expected behaviour. In Twitter another requirement is that the uploaded avatar image does not exceed 700kb, trying to puload a picture over 700k fails.
In both Facebook and Twitter the uploaded Avatar logo should be in format JPEG, GIF or PNG . To resize the company logo pictures for FB and Twitter, I used GIMP 's:
Image -> Scale Image
menus.
I've red some people claiming the size of the Avatar logo in Facebook could have some impact in terms of e-marketing, but I'm not sure if this is a fact or some false rumour. Anyways it is sure that a wide sky scraper like picture allows you to show more even from the profile and maybe through the picture have larger influence over the audience.
Many younger people, might not know lpr command, historically it was heavily used for printing in the early GNU / Linux days. lpr ships the text to be printed to the printer which is physically attached on LPT (Line Print Terminal) parallel port . Those who lived the DOS era surely know in those "ancient" days, everyone who wanted to print has to use the LPT parallel port
Present time, everyone knows there is almost no modern printer that is attached to the PC via LPT port but rather the USB port is used for communication between the printer the computer. Nevertheless The USB printers on Linux are managed by CUPS, the lpr command is still functional shipping the text to be printed via CUPS (cups-lpd daemon). Before cups-lpd was introduced the service managing the print jobs was lpd Hence lpr is still functional.
To print a plain text file of one page with lpr on Linux:
linux:~# cat text-file-to-print.txt | lpr
For multiple printers to switch between multiple printers there is the PRINTER shell variable:
linux:~# export PRINTER=printer-Name-and-Type
To print a really long text file (a book in TXT) the pr command comes handy. As you can read in the cmd manual pr – converts text files for printing
Lets say you would like to have a 60 lines of text per printed page, the cmd to issue is:
linux:~# pr -l60 text-file-to-print.txt | lrp
All queued printing jobs can be reviewed with the lpq, if you have a printer attached try:
linux:~# lpq
lp is ready and printing
Rank Owner Job Files Total Size
active hipo 1 text-file-to-print.txt 62045 bytes
Since some years it is pretty rare for people to use lpq, since most of the parallel printing is managed by CUPS server, what most people use nowdays to check the printer queue is lpstat : e.g.
linux:~# lpstat
...
Printing status and all things related to queued jobs for printing gets logged in /var/log/lpr.log
There is even more simplistic way to print directly to the printer (if the printer is attached via a LPT port) through the kernel /dev/lp, for example:
linux:~# cat text-file-to-print.txt >> /dev/lp
For more than one printer attached the naming of /dev/lp, might probably be /dev/lp0, /dev/lp1 etc. The lprm command also exists in case if you would like to cancel a printjob in the queue. Lets say I want to cancel a job in the queue with Job ID 5:
linux:~# lrpm 5
...
To cancel a current running job in the middle the /usr/bin/cancel command exists.
An interesting historic fact is that nowdays opening lpr, lpq or any of the other tools for simple text mode printing one sees on top of the page Apple Inc.
Lets clear this up CUPS (Common Unix Printing System) (open source) printing platform is not owned by Apple, since it is licensed under GPL2 and LGPL. The reason why the Apple Inc. shows up in man pages is because in year 2007, the founder of CUPS printing server Michael Sweet hired him to work for Apple Inc. "purchasing" the CUPS source. However as we know they did not really purchased the code, because the code was already belonging to the community (licensed under GPL2). Apple however as a marketing trick used the fact that Sweet worked for them and as probably as a matter of marketing asked him to place the Apple Inc. in the copyright source and manual areas. Obviously this is not true, since Apple Inc. does not hold copyright for CUPS as CUPS can be copied by anyone (its open source) 😉
Most of the people will never print using this commands, since printing is now, ages ahead, anyways for simple people (like me), who just need to print a text with no special fonts or graphics text printing is just great.
Text printing is also a good learning experience for Linux novices and is good to be known just as a piece of UNIX history.
I'm in Sofia for a couple of days being a guest to a friend (thx Nomen), after my stay for a week in Bodesće (a little village nearby Bled located in Slovenia). Yesterday on my way to sleep I wanted to see a movie and asked Nomen to recommend me a movie. His recommendation was a German-Australian movie from 2004 called The Edukators – The Fat years are Over. I had absolutely no idea what it will be like so I didn't expected much but it seems the movie plot took my attention.
The movie plot revolves around 3 avarage German persons who live in Berlin. The three youngsters has just passed the 20s, Peter and Daniel (two close friends who hold some serious anti-capitalist views and does organize house break-ups without stealing.) Peter and Daniel's rich villas break-ups aim is idealistic, they don't steal but just change the order of furniture and leave messages to make rich people aware that money doesn't make them invincible… Jule a girlfriend of Peter, becomes friend with Daniel and they fall in love, while Peter is away for a vacation. During Peters sojourn abroad Daniel tells Jule the secret (Peter and Daniel) are the Edukators whose break-ins has just recently become known via the local Berlin newspapers. The Edukators group leave messages to every of the "victim" homes saying – "die fetten Jahre sind vorbei" – "The fat years are over", a sentence well known from the Holy Bible's story of Joseph in Egypt.
Jule works as a waitress in a luxurious restaurant but her payment is only good to cover her very basic needs as well as pay her debt (as she is already indebted as many youngsters in Germany).
Jule is more indebted compared to many of the young germans, since by accident she hit a rich businessman's car which costs 100 000 eur. Since more than a year she is working for paying the monthly bills to cover richman's car and she succeeded to pay only €55000 …
The Jule's "injustice" is just a part of the many injustices that are in society, but as the youngsters hold anarchistic and anti democratic views, this whole Mercedes crash accelerates as Jule and Daniel break up in the Luxurious Villa of the rich man whose car Jule is still paying.
Just like the other break ups Jule and Daniel change completely the order of the furniture and leave the threatening message die fetten Jahre sind vorbei , this time however they do even more as they decide to drop the sofa in the pool. These time Daniel and Jule's planning is more like an venture than just a well planned Edukators break-in. Suddenly the watchdogs in the yard start barking and the two youngesters has to move quickly to prevent being taken by the police patrol. On the next day Peter is back from his vacation and Jule realizes her mobile phone is missing (probably fallen in the pool or somewhere in the richman's mansion)… On the next night Jule and Daniel, enter the house again in hope to find and cover-up the tracks they left last night and hopefully find, Jule's missing mobile. They don't know however the richman would arrive his villa to stay for the night. As he enter his house, the businessman encounters Jule and immediately recognizes her. Daniel being in the other floor comes down and hits the richman from behind and he enters unconscioness. As the two are panicked they call Peter and tell him about "the villa accident". Daniel arrives immediately and the three "revolutionaries" decide to take the wealthy man who as a hostage bringing him in Jule's uncle mountain hut. The 3 anti-current system democrats and the representative of the wealthy class has to spend few weeks together in a small house each one exposing his stand point and philosophy. Little by little the 4 people become friends and a dramma between Daniel and Peter emerges as Jule is now in love with Daniel and Peter finds out … Hardenberg (the 3 youngesters hostage) happens to be an ex-leader of a Socialist German Student Union some 35 years go … and tells a story how he and his union members hostiged a VIP german person in their youth days and how funny is that he is in the same situation like the person they hostiged so long time ago… The movie is interesting as it really shows the sad reality and the falling democratic system which we have established and follow. It exposes the injustice of the system but it doesn't really offer a solution to the society and economic problems and injustices.
If you're using Debian GNU/Linux wheezy/sid, you have already figured out GNOME3 settings to start GNOME in Classic mode (like in GNOME 2), starts gnome in a mode where the desktop is not showing the usual Computer, Home, Trash etc.
Besides that in that strange back-compitability Classic GNOME mode its impossible to add any program as a link in desktop like in the good old GNOME 2.
Thanksfully this abusive behaviour of the backwards compitability mode is easily fixable by two simple steps, here they are:
1. Install gnome-tweak-tool – (Tool to adjust advanced configuration settings for GNOME
root@debian:~# apt-get install gnome-tweak-tool
2. Start gnome-tweak tool
Press ALT+F2 and run gnome-tweak-tool or run it via xterm / gnome-terminal:
moonman@Moon:~$ gnome-tweak-tool
Change in Desktop, Have file manager handle the desktop the settings to ON
Once the Screenshot Handle Desktop is set to ON, further drag and dropping any application to the Desktop will be working. Something really irritating is that launching applications in GNOME 3 does not work properly if you just press ALT+F2 and type in lets say gnome-terminal , to work around this weirdity you will have to install gnome-shell package.
I've installed Jabber as a platform for internal company communication for a company. It was a requirement for this jabber server to be accessed from a different type of computers / devices different in size, hardware and OS e.g. (Mac OS X, Windows, Linux, Ipad, mobile phones etc.)
Happily there is plenty of free software programs which allows access to jabber for free. On the major operating systems GNU / Linux, Mac OS X and Windows the client jabber accounts are working fine with the wonderful free software Pidgin – The Universal Chat Client
One of the jabber clients, however was primary had to be used on Apple's proprietary IPad / IBad as Richard Stallman likes to call it 😉
The person who had to have the Jabber protocol working on IPad program was not a proficient user and therefore I had the task to find a program to be able to talk to the Jabber protocol for him. A quick search in Google for jabber ipad client led me to few programs said to support Jabber on Ipad :
BeejiveIM for IPad
Jabba
Jabba was looking quite, nice but unfortunately costs $1.99 and should be purchased in Apple's App Store and it was preferrable not to spend money on a trivial thing as a Jabber client. I gave BeejiveIM a try but it required some very complex registration, as well as again required to be purchased (if I remember correctly), so it wasn't an option either.
Then thanksfully, I found TalknOut which is free and it is a perfect jabber client for Apple Ipad Talkonaut is a program also supporting both Jabber (XMPP) and GTalk2VoIP, hence supporting Google Talk and MSN/Live Messanger. It is written Java and therefore works on any device that has Java installed. Talkonaut supports the following mobile architectures:
Apple's IPhone and Ipad
Google Android Phones
Many of the Nokia Symbian's S60 3rd and 5th edition "smart" phones
Windows Mobile 5.x and 6.x
Java J2ME based phones
Installing TalkonAut is a piece of cake from Ipod's Safari you click on the Install link and it gets installed. I will not get into details on how it is configured as this also is pretty easy. Here is how it looks like on Ipad after configured and the user is logged in Jabber:
Something really unique and nice for the program is the way the chat dialogs gets ordered, the idea to place one person's sending on the left side and the replying one on right is innovative and something I've not seen in another chat client 😉
Talkonaut should also support VoIP (voice conversations), between mobile users, I'm curious if somebody used the program for VoIP and can share feedback?
r freedomYesterday silently with zero publicity, Bulgarian representatives ratified the ACTA (Trade agreement for fighting counterfeit.) The name sounds really good, but it has not much to do with what ACTA is about, when applied to digital medias and data sharing. The ACTA legislation has been ratified in Tokyo last week, where 22 of the European Union membership countries signed in favour of these "malicious" treaty.
The basic idea of ACTA looks tempting as it gives more freedoms to copyright holders, however if you look closely you will understand actually this copyright infringement clauses are not so in favour of us the users but mostly in favour of multinational corporations. For all those who have not heard about ACTA and SOPA in short this is anti freedom of speech treaty, which if put in action could lead to serious filtering of the internet. The ACTA 's controversial treaty has already raised an outcry from dozens of computer literated individuals who daily use the internet. Unfortunately, ACTA is less known among non-tech guys … and hence most people on the internet have no about its existence.
If ACTA is ratified and set to be valid as a legislation to Bulgaria, this could lead to total Internet censorship in BG (more or less like it is in china now). ACTA legislation will make sharing files via torrents and other P2P community file sharing networks a criminal activity. Another effect of ACTA is that practically free software which reads a proprietary formats like DVD becomes illegal in Europe (like it is currently in America) and I will become guilty for just reading the non-free format.. As a result of ACTA our ISP (Internet Service Providers) will be forced to log and keep all traffic flowing through their (Routering servers). Filters on a local ISP level that will be censoring free speech could also become totally lawful… Already there are plenty of ANTI-ACTA and ANTI-SOPA propaganda website which are trying to bring some more awareness to the public for the issue… Once an individual is suspected, to fraudulent activity or anything that breaks what is in ACTA is he is presumed to be guilty of crome … Just watch the two videos below and you will see how terrible the consequence could be if this legislation is integrated with todays Bulgarian government laws. If you're hearing for ACTA for a first time and you live in a country which has still not rafitied ACTA as a local country legislation, make sure you spread the word and let all your friends about the bad impact of this anti-human legislation. We have to really stand up and protest to retain our digital freedom !
The Internet can be censored if Protect IP ACT (PIPA) and Stop Online Piracy Act (SOPA) are put in action !