You are here

Planet GNOME

Subscribe to Feed Planet GNOME
Planet GNOME - https://planet.gnome.org/
Përditësimi: 2 ditë 11 orë më parë

GIMP: Interview with Nara Oliveira, Free Software Artist

Pre, 10/07/2026 - 12:00pd

GIMP is Free and Libre Open Source Software, but none of it is possible without the people who create with and contribute to it. Our project maintainer Jehan wanted to interview the volunteers who make GIMP what it is, and share their stories so you can learn more about the awesome people behind GIMP!

Early interviews from co-maintainer Michael Natterer and Michael Schumacher were published shortly after the first Wilber Week. The remaining interviews from this event, about Simon Budig and Øyvind Kolås were published years later as a revival of the series. While these interviews are a bit old and reference outdated versions and features of GIMP, we believe they still have value and show the evolution of our community.

This next interview is the first one recorded at the 2017 Libre Graphics Meeting in Rio de Janeiro, Brazil. The subject is Nara Oliveira, co-founder of Estudio Gunga. She is a Brazilian artist and advocate who uses free software exclusively to develop professional works in many fields, including design, illustration, and animation.

This interview took place over April 21 - 23, 2017. In addition to Jehan and Nara, Simon Budig, and Aryeom Han were also involved and asked questions.

Nara Oliveira, CC-BY-SA

Jehan: Hello Nara. Can you introduce yourself to the people?

Nara: My name is Nara Oliveira. I am a Brazilian designer. I am from Brasília, the capital. The city name is Taguatinga. I study design and today I work with free software. I have my own company with some partners and we work in audio, video, design, and animation.

Jehan: What is the name of your company?

Nara: Gunga. Gunga is an instrument from Capoeira. We have the berimbau with the “calabash”, I think – it’s an instrument from Capoeira.

Jehan: Okay. From what we understood, you mainly use free software

Nara: Yes.

Jehan: Mainly, or only?

Nara: Only.

Jehan: And which ones in particular?

Nara: I use GIMP, Inkscape, MyPaint, sometimes Krita – I’ve tried it – Scribus, FontForge, FontMatrix, and others like everybody uses.

Jehan: Do you use Linux?

Nara: Yes, Arch Linux.

Jehan: So full free software from start to end! Okay, and why do you do this?

Nara: When I heard about free software and Linux, I was working in a cultural space. I was working with theater and with drawing, and we already have that culture of sharing things and sharing knowledge. So when I met these guys in free software, they told me about what GNU and Linux were and the philosophy – and when I heard about it I fell in love with it. Because I already think that way, and so free software is applying what I think is right onto software and onto technology. So for me it just makes sense.

So I started to use this software. In the beginning it was difficult to make the transition, but with some time I got into it.

Jehan: So you made a transition from proprietary software?

Nara: Yes, from proprietary software to Linux.

Farid: When was this?

Nara: When? Ah, let me count…

[group laughter]

I was not finished studying then, so like around 2006 or 2007 I started. I really started to use Linux and everything for working in 2008, for everything.

Jehan: So you studied design in university?

Nara: Yes, in university.

Jehan: With proprietary software?

Nara: Yes, with proprietary software only. But my university was not so focused on software. In five years of studying, we only had one class about software. And as the class went on, everyone already knows how to use it! So it’s like a class that has to be on the curriculum, but it’s not like you have to use – it’s more like conceptual.

Estudio Gunga Presentations and Workshops, by Nara Oliveira, CC-BY-SA - 2025

Simon: Something I do a lot is that - I’m a software developer mainly, so I do a lot of my own tool development. Like I have a specific problem and I know there is an algorithm in my mind that I know would solve the problem (or might solve the problem), so I start implementing my own tools for very specific, very weird tasks, because I can’t do it with GIMP.

Nara: I would like to do that!

Simon: So this is what I wanted to ask – do you have programming experience? Do you have an idea of what it means to develop software?

Nara: No, but I think I have an idea – but I do not develop programs. I’ve studied a little, but it’s not like I can do something. I can see the code lines and know more or less what’s happening, but I can’t write lines by myself.

Jehan: You’ve told me that sometimes you will see some scripts and guess what it can be, and change the numbers…

Nara: Yeah, but more in insights and not in the programming itself.

Jehan: Since we’re doing this interview for gimp.org, what can you tell us about GIMP? How do you like it? How do you hate it? Tell us everything!

Nara: [Laughing] The first thing is, I like GIMP. I use it a lot. My work and style is more vector, but I use GIMP a lot and I like it.

When I made the transition to free software, until today one thing I didn’t like is that you don’t see the effects. You have do something, turn back, “Oh no!” - I have to change two, three points here, then I have to undo and do it again and come back. For me, it’s one of the things that makes the work not fluid.

I’m so happy to see GEGL on-canvas effects.

[Editor’s note: This feature was already implemented in the development version of GIMP 2.10, officially released about a year after this interview.]

Jehan: So, some other comments on GIMP?

Nara: Yeah, I really like it but, for example, I have some problems with my tablet. When I bought my first tablet, it simply didn’t work on GIMP. And I think it’s because of that, I use MyPaint. Because I have to work, and I have to work right now and the pressure doesn’t work, so what can I do with my tablet – so I found MyPaint, and I started to work with MyPaint, and it’s because of that I use it. Not because I think it’s more powerful than GIMP – it’s just because of that. At the time I liked it, and today I still use it.

[Editor’s note: GIMP 3.0 improved many issues with tablet support that were mentioned here.]

Jehan: So MyPaint is your main software?

Nara: For drawing, yeah. Because I am a designer, but I’m an illustrator too. So for illustration I use MyPaint, just for that. For small drawings, I use vectors in Inkscape, and so on.

I use GIMP more for photos, for editing, composing, correcting photos.

Estudio Gunga Projects and Film Fests, by Nara Oliveira, CC-BY-SA - 2025

Jehan: Yesterday when we spoke, you had this nice example of a job you did with Scribus. Like your first job with free software, I think?

Nara: No, my first book.

Jehan: Ah, your first book, not your first job with free software. Could you tell it again, now that we’re recording?

Nara: I was called on to make a big book, like three hundred pages. There was little time to do it, like three, two weeks. I am from Brasília, and they said you have to do it here with us to get it quicker. I traveled to Bahia to do it, and when I arrived there, there were two other designers. It was funny because I worked in Scribus, one worked in Corel Draw, and the other one in InDesign. So you had three designers, three different software.

Jehan: And three different operating systems.

Nara: Yeah, and three different operating systems, and we had to do one book, the same book!

So we met each other and said “Okay, let’s do it!”. We separated the book into pages, so I would do the first one to 100, the other designer would do 101 to 200, and so on. And we together figured out how the design of the book would be, and the rules to make each part feel like the same book.

So we started, and just like that, I finished first! I was worried, because I had not used Linux for too long, and if there was something wrong in the software or in the distribution, I would not know how to fix it. One of the designers had Mac and the other had Windows and I was so worried.

But it went well and I finished first – and it was very encouraging for me. It’s just a tool you know? I can do it, he can do it, she can do it – everyone can make it, so I was very happy. Because in the beginning I was worried about everything going wrong, and that there would be problems when I saved the PDF and printed it, but it was all okay.

The book was about experiences with, we call it here “apprentice to Griô”. It’s from the French language, because it came from Africa but a country that speaks French.

It’s like an old master who teaches the people around them, the community, something – knowledge about herbs, which can be medicinal herbs, or teaches about techniques about how to construct instruments, or make music, or dancing – like masters of Brazil, of all Brazil. So it’s because of that it’s a big book!

Years later, in the north of Brazil, when the waters came and filled the houses in the city – a flood. I was seeing that on the TV there was an old lady with her flooded house beside her, everything destroyed. And she had that book in her hand. She was crying because her house was destroyed, but she had the book, and she was happy she still had the book even though she didn’t have her house anymore.

So it was a meaningful project, and it was the beginning of my using Scribus.

Jehan: Are there things sometimes you feel you are not able to do with free software? You already answered this yesterday, so I’m just asking again to hear you saying it.

Nara: When I see art – art is everything, design is everywhere – I can’t see something and think about “I can’t it do with free software”. I can do it – maybe I can’t do it because of my creativity or because I don’t think about it, but technically I can do it, you know. We have the tools to do it. We have other ways, but we have the tools I think – in my area of design.

Simon: What would interest me is, you mention that you use quite a lot of different tools, like GIMP, Inkscape, Blender, Scribus -

Nara: Blender not yet, though I started animating in the timeline. In the movie that we showed, the first one that was in 2D, I animated parts of that.

Simon: But there are a lot of different tools that you and your colleagues use. When you start a project, do you pick one of the tools and stick to it, or is more like you start using one tool then transfer the result to a different tool?

Nara: Yes, it was like each tool was like a room of a house. I live in the house, there’s a lot of rooms, and sometimes I’m in the living room, other times I’m in the bed room, other times I go to the kitchen. It’s like I have a bottle, and I take the bottle here and there.

I don’t choose the software. I plan the project, I think about it, and think “How am I going to make this?” So I will start drawing in MyPaint. But I need it to be a vector, so I save it, open in Inkscape and add a vector. But ah, I need an image in the background. So I open the image in GIMP, I work with the image there, then import into Inkscape, okay. But oh, now I have to print it. So I save what I can save in vector I save in vector, and what I can’t save, I export. And I go to GIMP, transform it and edit it, and I take everything, go to Scribus, put them together, and make a PDF. More or less like this. I’m always going back and forth between the programs.

Estudio Gunga Projects and Film Fests, by Nara Oliveira, CC-BY-SA - 2025

I think it’s very complicated, but for me it’s very simple. But when I teach things like that it sounds very complicated.

Jehan: Do you have any questions, Aryeom?

Aryeom: I feel like I am in her head. I totally understand – I work the same way. Maybe later if I have any questions I’ll ask.

Nara: I learned everything by myself. So I don’t like tutorials, you know?

Aryeom: You don’t like tutorials?

Nara: Yeah, I don’t have the mind to read or watch them. I learn all by myself. I think my way of working is just my way, because I learn by myself. And sometimes I get in touch with people who use the software too, I like to watch them because people do things very different that I do, and things more easily. And sometimes I teach the software to someone, and in two weeks or three, I go to see what the people are doing. “Oh my God, I’d never think of that way!”. It’s very fun because of this.

I don’t like to do workshops because of that. I think my style of work is very crazy. But we can talk about it!

Jehan: So right now you have a big animation project. So maybe can you speak about it?

Nara: Well, Farid is the director. He writes the script. I am the art director, but I also help him with the script and doing all the storyboards. I do it in MyPaint. I was a little worried because I’ve never done a storyboard before. So I study a little, see other’s storyboards, and make it for the animation. And we are talking with people who want to work with us on the animation – and I was happy because people always say “You have a beautiful storyboard!”. I was worried about that.

I think we are, I don’t know, opening ways. Because we are not a 3D studio but we want to do 3D animation, so we have to contact on a lot of other people in Brazil and Latin America, and even in Europe. It’s been like a dream to make it. And we want to make it very fine, very good, because today if you are seeing bad 3D, then you don’t watch it. Because you have Pixar, you have Disney, you have a lot of others. I don’t think that we’ll be like Pixar, but we have to do something very good and great to be seen, you know? I think this is our goal. We want to make something very nice, very good that everyone wants to see.

We’re telling Brazilian history of Quilombo, when there was slavery. Some slaves ran away and made a tribe, a community of their own and lived there. And these communities survive until today. And some of them have a lot of different cultures. It’s like they’re isolated. And the story is about one of these communities. In Brazil the agriculture is taking the lands of these people, because they have a paper that says “We own these lands”, but actually these peoples have been there for 300, 400 years.

So we are telling the story of a girl who lived in a community like this. And they’re being pressured to go out and leave their lands. The story is a fiction, but it’s based on real facts. This is the history. It’s going to be like 10 minutes, it’s a short one, but it’s a real movie and after it’s finished, we want to continue it. Make like episodes or a long movie – it’s just like a pilot. But we need the pilot to get a bigger step.

Aryeom: I feel so moved, because our ZeMarmot project is also like this.

Nara: Here in Brazil there’s a law, I’m not quite sure, that for free television and private television, 50% of programs have to be Brazilian programs. Because it’s all foreign programs, so the government says that 50% have to be produced here in Brazil. So I have a lot of opportunities in that way for animated series.

Jehan: So you plan to distribute on TV.

Nara: Yeah.

Aryeom: Why did you choose 3D? Why not 2D?

Nara: Because we love it! We really love 3D, we’re really passionate. We started using Blender, even for 2D, but we want to go to 3D you know. We have some experiences, and we like the visuals of the movie – we actually don’t work with 3D, but we want to. A lot of people do that – I think 2D is less expensive and -

Jehan & Aryeom [in unison and laughing]: I don’t think it’s less expensive!

Nara: No? We like 3D. We want to make it – it’s so popular for the kids, for everyone. We want this movie not to go to the festivals and stay there. A lot of good films here are made this way. The very good films go to the festivals, earn their prizes, and no one’s ever seen the movie. “Oh you’ve seen that movie? No!”. It will never go to the cinemas.

We want it to have the chance to become popular, you know, a lot of people really watching it. And 3D has this affection, people really like these.

Estudio Gunga Projects and Film Fests, by Nara Oliveira, CC-BY-SA - 2025

Jehan: I know you said you also appreciate Creative Common licenses and stuff like that, so is this movie going to be under such a license?

Nara: Yes, it’s going to be an open movie! You can take the characters and make another animation by yourself. If you want to take everything, the characters, the background, everything, and animate another story, you can do this.

Jehan: Which license?

Nara: We haven’t thought about it yet, but the kind of license where you can make anything.

Simon: You said 3D. I sometimes have the impression that 3D in some way is more limited in what you can do artistically compared to 2D.

Nara: Yes, it is.

Simon: So this is not a factor for you?

Nara: No. Because in 3D, it’s like you said. If you’re doing a 2D animation, I don’t know, you can do a lot of types of techniques. Like it can be black & white, it can be color, or so many types – it’s like art in stop motion. 3D is different – you have a character, and you have the scenery, and the scenery is just the scenary. You can make some tricks with lighting and shading and colors, but it stops there. It’s an artistic limitation, I agree with that.

Aryeom: In your team, no one had any experience making 3D animations?

Nara: I animate, but I know how to take the characters and make them move. But I’m not an expert. Farid knows that too and know how to make a 2D animation in Blender. But 3D is a new challenge for us.

Jehan: I think also the question was, you are a designer so you usually work in 2D. So we would expect something who draws would want this drawing to come to life, than just doing the drawing and give it to someone else to make the actual final thing.

Nara: I have difficulties with this. I get tired of drawing very quickly. I can’t imagine myself drawing the same character more than, I don’t know, 10 times. I think I would die if I did that.

Aryeom: Haha, I’m dying!

Nara: It’s like my style. This book was difficult to me, because I had to draw the characters the same. They have to look the same every time I draw it. I don’t like that. I like to do one drawing and it’s over. They have to repeat and be the same. I like the work, but the process of doing the same thing is difficult for me.

Jehan: So you prefer to just draw something and let someone else repeat it again and again.

Nara: Yes, like the computer!

Aryeom: To make a series, an episodic drama, it’s easier to make in 3D. For long form, it’s good I think.

Jehan: Yes, for long form, but for short movies it takes longer due to preparations.

Nara: So it’s not my kind of thing.

[Nara hands out a book]

Nara: It’s by a friend of mine who wrote the story and he asked me to make the drawings. I don’t do a lot of kid stuff, but I like it. And it invites kids to draw at the end of it. It talks about what city do kids want to live in, and what city we want for ourselves. We have a lot of problems in the cities here, and I like the idea of book, to let kids dream about the city because we want that dream to come true.

Aryeom: What about Gunga’s future?

Nara: Ehh, I expect in the future that we have more people working with us. And we have more companies work with us with free software, you know. I’d like to get larger but not too larger. Because I want my life too!

Aryeom: Wise!

Nara: But I’m happy now because last year two new people joined the studio, and it’s a lot more fun to work with more people. We exchange experiences, and I think I want to grow in that way, to get a little bigger and get more partners. And work with more cinemas! It’s more difficult because it’s expensive to work with cinemas, working with animations. We like to do more for ourselves. We make a lot of productions, videos for other companies, for the government, so we’d like to do more for ourselves – like our stories, less for them, more for us.

Estudio Gunga Projects and Film Fests, by Nara Oliveira, CC-BY-SA - 2025

Jehan: Okay, maybe the last question unless someone has something. Do you have any requests for GIMP developers? Other than on-canvas preview because we already have it!

Nara: I will see the new version you talked about after this.

No, I’m okay. I think I’ve used it for such a long time that I’m so adjusted to it. In the beginning I had a lot of issues – if you gave me a paper then I would fill it with “I want this, I want that! Why do I have this? I can’t believe it!”

But today it is so natural to me that I had to think about it before coming here, because I’ll be meeting people that I want to talk about it with. And I think well, there are little things I want to change in the software. But I think that I have this because I’ve been using it for so long. People are always comparing it with propriety software, and I don’t compare it anymore because it’s been such a long time since I’ve opened something like Photoshop.

So, I’ll think about it.

Jehan: But in the end it just works!_

Nara: Yeah. I’ve written some*, but not for GIMP, for Inkscape, Scribus…

[Editor’s note: Jehan misheard the word “some” here as “song”]

Jehan: Ah! A song for everyone but us?

Nara: I used an earlier version of Inkscape which had a lot of bugs. They just changed it and so I have just bugs for Inkscape. Bugs are bugs.

Jehan: Ah, it’s bugs, not a song!

Nara: Yes, for Inkscape. For Scribus, I have some issues with development.

Aryeom: So you have bugs for them, but you have requests for us. So it’s good!

Jehan: Ah, okay. I thought you’d wrote a song.

Nara: No no – I know my letters are beautiful but it’s not a song.

And I’m happy to meet you! Very happy. I don’t go to a lot of events like here in Brazil. I don’t have a lot of time to do that. And it’s like an investment to travel here because it’s very expensive and the country is too big, haha. So my involvement with free software is like in my community. On our street where we work, a lot of people use Linux because of us. It’s like a center, you know? Time to time, someone goes there, “Oh, I bought a new notebook, I want to install Linux, let’s do it together”.

I think my part in this is more local than global – in the community. I feel better like this. Real connection, offline. I’m not so close to the development here and the other artists. And most of them, they’re just show artists. They don’t really work with design, they don’t really live from this, you know? I tend to know people who live from free software. Most of them are professionals, who are really good at one software, but they don’t put food on the table with it. It’s a little different. I learn from them, but I want to know people who have real issues.

Because when you don’t work with it, you just experiment, you make your own goals. Like “I’m going to make this girl have make-up on her face”, and then you do that. When you work, another person puts a goal on you. Like, “Make this girl have a guitar”, and you have to find a way to do that. And the process when you make a goal versus when another person makes a goal you have to achieve, it’s very different when you’re working with the software. Because you have to go somewhere you’ve never went before. And it makes you use the software in a different way.

You understand what I’m saying? Because when I see the workshops, people are very good at doing something they always do. I want to see people doing very good things they’ve never done before. These things show the real potential of the software.

Jehan: And the potential of the artist.

Nara: Yes, and the potential of the artist. Because you can show me, Inkscape or GIMP is doing this new thing. But maybe I’m not going to use it just because it’s in the software. I’m only will use it if I need it. So, there are a lot of people who are experts in the tools and what the tools can do – to make it, you have to use all the tools combined. It’s different, it’s another level.

Jehan: Well, I think that’s a good interview. Thank you Nara!

Nara: Thank you!

Estudio Gunga

Sebastian Wick: Display Next Hackfest 2026

Enj, 09/07/2026 - 3:28md

This year was the fourth year in a row that a bunch of display driver and compositor developers met for the Display Next Hackfest, to discuss, present, and tackle issues related to displays, GPUs, and compositors. Thanks to Collabora (Robert Mader and Mark Fillion specifically) for continuing this tradition!

(Check out the 2025 edition)

This time we met in Nice, France, after Embedded Recipes and right next to the PipeWire and libcamera hackfests. I took the opportunity to have a chat with the PipeWire developers about Flatpak, Portals, and the direction we would like to take in regard to video and audio access. Arun Raghavan has a nice summary if you’re interested.

That also brings me to another point: I have mostly stopped working on compositor and color-related areas. It’s not because I lost interest, but rather that I took over Flatpak and Portals maintenance. That by itself was taking a big chunk of time, but then LLMs became good at finding security vulnerabilities and now this takes more time than I have.

Before the hackfest, I sat down for one week and hacked on Mutter (the GNOME Shell compositor) to create a prototype with all the changes I wanted to do but never found the time for:

  • dropping colord
  • configuring ICC profiles and white point via the display config
  • splitting our color transformation code to provide a color pipeline
  • offloading color transforms to the KMS color pipeline
  • achieving color-accurate white point adjustment and night light

With the prototype done, I made my way to Nice, taking a sleeper train from Paris and waking up to the Côte d’Azur in the morning. Then I met with Robert in the botanic garden, where he used his deep cross-stack offloading knowledge to test a bunch of video playback scenarios.

Over the hackfest days we found some glitches in the AMD driver, which were promptly fixed by Harry Wentland. We also had some discussions on strategies to do KMS color pipeline offloading, which prompted some changes in the prototype, and now have something we can start upstreaming.

For the KMS color pipeline, we got a new fixed matrix operation for YCbCr to RGB conversion, and new named curves for important video playback cases. We talked about control over the color format on the cable (which has been merged by now), as well as control over the minimum BPC.

Another thing that we all got annoyed by was all the funky colors our in-kernel console became when our offloading worked a bit too well. We’ve wanted a reset mechanism for KMS for a few years now anyway, so we decided to prototype it and test it on Smithay. Proper patches are now on the mailing list thanks to Maxime Ripard.

Mario Limonciello managed to push out patches for backlight support via KMS before the hackfest – another thing we’ve wanted for years. We tested them on Mutter, and KWin added support for it as well.

Xaver Hugl showed that we can easily support AMD FreeSync Premium Pro, the worst name for a feature that is essentially Source-Based Tone Mapping (SBTM). We also got good news regarding SBTM on HDMI. In general, it looks like we might finally get HDR that isn’t entirely awful.

DisplayID, the replacement for EDID, is going to become much more prevalent, and we discussed how we’re going to roll out support in the kernel and in libdisplay-info.

We once again managed to put enough wayland developers in a room for a bigger protocol change to get merged. This time it was multi device dmabuf feedback which made Victoria Brekenfeld happy.

There was a lot more happening — check out Xaver’s and Louis Chauvet’s blog posts.

Even though I wasn’t as prepared as the previous times, it was very productive and there was more actual hacking this year. I also enjoyed meeting everyone again a lot, hanging out in the water while watching the 1% take off in their private jets, struggling to find an adequate Döner, and eating lots of pizza.

Until next time!

Michael Meeks: 2026-07-08 Wednesday

Mër, 08/07/2026 - 7:15md
  • Up too early, mail chew, plugged at stats generation. Encouraging scripting call with Stephan and others.
  • Sync with Gokay, Tracie, Anna & Laser, then Tobias & Thorsten, Alex & Victor, Anna & Timur then snatched lunch.
  • Published the next strip: An interview with Brigit - who wants everyone to be happy
  • COOL TC meeting, some hacking, chat with Dave, admin.

    Code of Conduct Committee: Transparency report from October 2025 to June 2026

    Mër, 08/07/2026 - 5:40md

    GNOME’s Code of Conduct is our community’s shared standard of behavior for participants in GNOME. This is the Code of Conduct Committee’s periodic summary report of its activities from October 2025 to June 2026.

    The current members of the CoC Committee are:

    • Anisa Kuci
    • Carlos Garnacho
    • Christopher Davis
    • Federico Mena Quintero
    • Michael Downey
    • Rosanna Yuen

    All the members of the CoC Committee have completed Code of Conduct Incident Response training provided by Otter Tech, and are professionally trained to handle incident reports in GNOME community events.

    The committee has an email address that can be used to send reports: conduct@gnome.org as well as a website for report submission.

    Reports

    Since October 2025, the committee has received reports on a total of 17 possible incidents. Several of these were not actionable; all the incidents listed here were resolved during the reporting period. There is currently a total of 7 incidents in process.

    • We were made aware of concerns regarding online comments made on social media by a GNOME Foundation member. Upon review, we found these comments to fall outside the scope of the Code of Conduct in this instance.
    • Report about messages sent to a Telegram channel. Contacted the reported person about the inappropriate nature of the messages.
    • Report about unfriendliness to newcomers in a localisation team. Asked the team lead to write down documentation on their procedures.
    • Question about clarification on the CoC’s text; replied suitably since the question was not actually about the CoC’s contents.
    • Tech support request; redirected to discourse.gnome.org.
    • Malicious question; closed without reply.
    • Report about homophobia; removed privileges for the reported person.
    • Report about a Mastodon post which was subsequently removed. Reminded the reported person that Mastodon posts in the context of GNOME are also under the scope of the Code of Conduct.
    • Report about two Mastodon posts which were subsequently removed. Reminded the reported people that Mastodon posts in the context of GNOME are also under the scope of the Code of Conduct.
    • Report about a TWIG submission, not actionable as there is no violation of the CoC.
    • Report unrelated to GNOME; notified the reporter and closed as non-actionable.
    • Report about an interaction in gitlab.gnome.org. Reminded the reported person about how to politely deal with disagreement.
    • Tech support request; already solved.
    • Report about suspicious activity in Matrix; not actionable other than to keep an eye out for the reported person.
    • Report about a person exhibiting bad behavior outside of the scope of the CoC. We will keep an eye on it.
    Meetings of the CoC committee

    The CoC committee has two meetings each month for general updates, and weekly ad-hoc meetings when they receive reports. There are also in-person meetings during GNOME events.

    Ways to contact the CoC committee

    The website repository, and the Code of Conduct itself and the committee’s procedures, are kept at https://gitlab.gnome.org/Teams/Conduct/gnome-code-of-conduct

    The Code of Conduct Committee is happy to receive questions about the CoC itself and its procedures, and we will gladly assist you. Please use the communications channels listed above.

    Sophie Herold: Accessibility in GNOME

    Mar, 07/07/2026 - 12:10md

    July is Disability Pride Month. I want to use the occasion to speak about my perspective on accessibility in GNOME and what I think we should do.

    For disabled people, computers are often even more important than for abled (non-disabled) people. Many areas of everyday life are currently only accessible via a computer for many disabled people. Still, accessibility is often an afterthought in software and hardware development.

    GNOME is fortunate enough to have many disabled contributors in its community. We have contributors who are visually impaired, deaf, autistic, ADHD, or who live with migraines and other chronic conditions. While we have people that care about accessibility and work on improving it, the general state is far from ideal.

    The reality of tech communities is that they are often ableist and elitist. Probably more so than the average population. If a user or contributor struggles with a tool, blame is shifted to a “skill issue,” if an interface is simplified to make it accessible to more people, it’s “dumbed down”. Assistive technologies are often developed by abled people, without involving and paying disabled people. This also leads to an attitude where contributors expect gratefulness from disabled people for providing them with the most basic needs. All these issues are also not absent from the GNOME community.

    What We Already Do

    The goal of this section isn’t to boast about GNOME’s accessibility efforts. I believe that accessibility is a fundamental right, and nothing any disabled person is obligated to praise contributors for. Instead, the goal is to capture where we stand, and give other projects ideas they can adopt. Equally, I would be very happy to learn how other FLOSS projects try to work towards better accessibility.

    Our review criteria for Core and Circle apps require checking if keyboard navigation, screen reader support, large text, and high contrast mode work. We also require sufficient contrast in apps, which we usually use the Contrast app to check against the WCAG requirements. We have shown that we are able to enforce these requirements by delaying the inclusion or replacement of apps until accessibility issues were actually fixed. That’s also an improvement GNOME has seen over the last years, since originally, no quality criteria for apps existed.

    Many of the accessibility aspects are automatically covered by using our toolkits GTK and libadwaita correctly. I witnessed that accessibility is often considered during initial design and implementation. However, we don’t have any guidelines or requirements in GNOME for the development of these libraries.

    The GNOME Foundation funded work on screen reader support in GTK 4 in 2020 and 2021. In 2023 and 2024, accessibility was also one of the larger areas the GNOME STF project worked on. That means both the GNOME Foundation, and the STF organizers were willing to allocate money for accessibility, which is a good sign.

    However, accessibility is so much more than screen reader support. I think that GNOME’s general design philosophy is very important to being more accessible to a broader audience. This includes the focus on simplicity with good defaults, trying to avoid the possibility of misconfiguring the system, and the attempt to distract less. Translations, while often overlooked as an accessibility aspect, are another huge factor that makes our software accessible to so many more people. This shows that accessibility is hardly a separate set of features. Instead, it has to be considered as part of every area in a project.

    Among the more “traditional” accessibility tools within GNOME are the screen reader, high contrast, reduced motion, always show scrollbars, sound over-amplification, input adjustments, and magnification. But equally important are the “Dark Mode” and “Do Not Disturb” mode, which are not directly labeled as accessibility.

    How We Can Improve

    Disability Pride is about being proud of who you are. But, like Queer Pride, it is also about fundamentally changing the society in which we live. Hence, for this year’s Disability Pride, I am also thinking of what we can change within GNOME.

    Create an Accessibility Team

    Except for a dedicated accessibility chat room, there is currently very little coordination for accessibility within GNOME. My goal for this month is to establish a formal Accessibility Team. My initial ideas for the team are to prioritize voices of those with lived experience, instead of having others make decisions for us. Nothing about us without us. In more practical terms, the team should help to maintain and develop guidelines and review criteria that are especially relevant for accessibility. The team should also review larger changes in the GNOME project that affect accessibility. Ideally, we could provide and user testing on accessibility features directly from the people who rely on them.

    In addition to guarding the accessibility aspects of the software we produce, the team should also advocate for accessibility in our events, workflows, and tooling.

    If you are interested in contributing, please reach out via #a11y or in our issue #1. Let us know where and how you want to contribute.

    Use This Month Yourself

    If you are disabled, and you want to share your experience in FLOSS communities or have accessibility issues in GNOME or other FLOSS software, report the issues and/or post about them on social media under #AccessibilityInFreeSoftware.

    If you are a contributor, see if you can tackle one of the roughly 450 open issues that are labeled with “Accessibility” this month. Try to broaden your horizons by reading articles from disabled people you know less about, or follow them on a social media platform. Embrace accessibility as a fundamental human right, not something disabled people have to show gratefulness for. Try to reflect on your language. Don’t use sanist language like “sane defaults,” using “good defaults” does the job. Ask yourself if you want to keep words like “idiot” in your vocabulary, knowing that “idiocy” was the first category the Nazis used to systematically kill people.

    But also, don’t be scared of disabled people. We want to and deserve to be part of the community like everyone else.

    Happy Disability Pride Month! Let’s build a desktop that is accessible to as many people as possible.

    This blog post represents my personal opinions and not those of any organization I work for.

    Hylke Bons: Icon for Demostage

    Mar, 07/07/2026 - 2:00pd
    Week 25

    This week's icon is for Val Packett's project:
    Demostage: "Perform live demos from a virtual desktop"

    Check out all weekly app icons created so far over here and follow my icon creation adventures as they happen (including sketches) on the Fediverse.

    Need icons?

    I love designing icons and am happy to contribute them free of charge when your project is Free and Open Source. Funded by community sponsors (every little helps!).

    Jakub Steiner: The Machinist

    Hën, 06/07/2026 - 2:00pd

    I couldn't remember something for weeks. It popped into my head during a run — a relief, even though the memory itself was not pleasant. This episode of my flaky mind reminded me of this movie.

    I won't give you even a hint of what the movie is about. The strength of it is not the premise, but the mood, the superb acting and Christian Bale's physical dedication to the role impressed me, alongside a cast of wonderfully weird characters and ominous presence of giant spinning machines. If you somehow missed the movie, give it a go. It's one of those that keep coming back to you.

    Michael Meeks: 2026-07-05 Sunday

    Dje, 05/07/2026 - 11:00md
    • Up early, packed variously, bid 'bye to M&D, and the American Meeks.
    • Into Cambridge for H's baptism at Christ Church; with B&C&C, Mary Rogers and several of H's friends. A lovely service & dunking - out to Browns for lunch together.
    • Bid 'bye to N., dropped M & J & Sade to the station to help move M. into her new London home.
    • Dropped Mary home, slugged a bit, prepped music for and ran the evening service - Charlee spoke well. Relaxed.

      Hylke Bons: Icon for Meshy

      Dje, 05/07/2026 - 2:00pd
      Week 24

      This week's icon is for Jiří Eischmann's project:
      Meshy: "Meshcore mesh network client"

      Check out all weekly app icons created so far over here and follow my icon creation adventures as they happen (including sketches) on the Fediverse.

      Need icons?

      I love designing icons and am happy to contribute them free of charge when your project is Free and Open Source. Funded by community sponsors (every little helps!).

      Matthew Garrett: Preventing token theft

      Enj, 02/07/2026 - 4:23pd

      When you log into a service you’re given an authentication token. Each further request to the site includes that token, allowing the server to figure out who you are and ensuring that you have access to your data. Depending on site policy, this token may either be stored in memory (and so vanish if you restart your browser) or disk. The token is the proof of your identity. As far as the site is concerned, anyone with your token is you. These tokens may be traditional browser cookies, but they may also be stored in either site local storage or (if you’re not using a browser) in some other storage location.

      In recent years we’ve seen infostealer malware (like LummaC2) gain the ability to exfiltrate user tokens, allowing attackers to gain access to the user’s data without needing to retain access to the user’s machine. This attack is viable even if the site has strong MFA requirements, so passkeys don’t help. Encrypting the tokens on disk doesn’t prevent the malware from scraping them out of the browser’s RAM or obtaining whatever key is used to encrypt them. This feels like a pretty hard problem to solve.

      But that hasn’t stopped people from trying! Dirk Balfanz wrote an IETF draft describing a mechanism for using self-signed certificates for TLS authentication. This uses the mutual authentication feature of the TLS protocol that requires both sides prove their identity to each other. In regular TLS, the remote site presents a signed certificate that tells you who it is. When performing mutual authentication, you then present a certificate to the remote site telling it who you are. These client certificates are largely unused outside enterprise environments because they’re a huge pain to deploy. It’s not so much that this has sharp edges, it’s that it’s entirely made of sharp edges. Managing certificate deployment to your devices is hard. Browsers get confused if the certificates change under them. You have one certificate and it lives forever, so sites you present it to can track your identity. Users are prompted to choose a certificate to authenticate with, and if they pick the wrong one everything breaks and is hard to recover. I’ve deployed this and I did not have a good time.

      But Balfanz’s idea was simple. Rather than require certificates to be deployed, browsers would simply generate a certificate on the fly. The goal wasn’t to prove the device or user’s identity in any global way - but it would associate a TLS session with a specific certificate. You could then, for example, include a hash of the certificate in the cookie, and if someone tried to use that cookie without presenting that certificate then the cookie could be rejected. If the browser used a hardware-backed private key for the certificate then it would be impossible for an attacker to steal it. Sure, you could still steal cookies, but you wouldn’t be able to use them.

      This was written almost 15 years ago, and seems simple, elegant, and functional. It didn’t happen. Part of the reason for that is that, well, it wasn’t quite so simple. One problem was privacy related. Cookies are only sent after the TLS session is established, so anyone monitoring the network doesn’t know anything about the user identity. A naive implementation of this approach would have meant the client certificate being sent before session establishment, and now user identity can be tracked (no longer an issue if this was implemented on top of TLS 1.3, but this was a log time ago). This was avoided by reordering the client handshake, but that meant having to modify the TLS specification and implementations would have to be updated to support this. Another was that figuring out the granularity of the certificates was difficult. You’d want to use different certificates for every site to avoid them effectively becoming tracking cookies, but you need to provide the certificate before cookies are set, and you don’t know what origin the site is going to set in its cookies. If you generate a certificate for a.example.com and a different one for b.example.com, and a.example.com sets a cookie for *.example.com and includes the certificate you used for a.example.com, that cookie isn’t going to work on b.example.com and things are broken. This meant supporting it wasn’t as straightforward as it seemed - you’d need to ensure that your cookie scope was compatible with the certificate scope. You could probably make this work well enough by aligning it with the Public Suffix List, but there was still some risk of expectations not being aligned.

      And, perhaps most importantly, TLS session resumption (replaced by pre-shared keys in TLS 1.3) somewhat defeats the purpose of the exercise - clients store state that allows them to re-establish a TLS connection without performing certificate exchange (this reduces overhead if a connection gets interrupted or you switch to a new network or anything along those lines), and anyone in a position to steal cookies could steal that state as well.

      The followup attempt was channel IDs. This simplified the implementation somewhat - rather than certificates, a raw public key would be sent, along with proof of possession of the private key in the form of a signature over a portion of the TLS handshake. This was required even in the event of session resumption, which avoided having to worry about theft of session secrets. The timing of the exchange was after the encrypted session had been established, so user identity couldn’t be leaked that way either. Cookies could then be bound to this identifier. Unfortunately it didn’t really deal with the problem of scoping keys in a way that would match cookie requirements, and the spec suggests that the right way of handling this is to scope keys to TLDs, which would enable user tracking across sites (Chrome’s implementation apparently restricted it to eTLD+1, which would match the third party cookie policy and avoid the tracking risk).

      Chrome added support for this, but it was removed in early 2018. The discussion of some of the pain points in that message is interesting, explicitly calling out problems with connection coalescing across domains and the incompatibility with zero-RTT TLS1.3. The overall consensus at the time seems to be that trying to solve this entirely at the TLS layer has too many rough edges, and a different approach should be taken.

      And so almost 7 years after the initial draft for origin bound certificates, we come to token binding. This ended up being a rather more complex endeavour, covering 3 different RFCs describing how it impacts TLS, how to incorporate it into HTTP, and how to manage all the various parties involved in the process. The short version is that it’s pretty similar to channel ID, except that there’s also a documented mechanism for allowing tokens to be bound to one party and consumed by another, avoiding any need for widely scoped keys. Token binding effectively solved all the issues in the original proposal, but at the cost of somewhat more complexity.

      The RFC was finalised in October 2018. Chrome removed its (incomplete, draft) support for token binding in November 2018. Edge carried support until late 2024. Despite getting all the way through the RFC process, it’s functionally dead.

      The process up until this point had been largely initiated by Google, with Microsoft contributing significantly to the token binding standards. The work had been focused on identifying a generic solution to the problem rather than tying it to any specific authentication flow. The next step was in a different direction - rather than trying to fix this for the entire internet, how about we try to fix it for OAuth?

      RFC 8705 is titled “OAuth 2.0 Mutual-TLS Client Authentication and Certificate-Bound Access Tokens”. This is basically the 2011 approach, but (a) with an explicit definition of how the certificate should be incorporated into issued auth cookies, and (b) with a proviso that well uh if you’re going to use tokens issued by your IdP to authenticate to someone else then well you’re going to need to use the same cert for both. This is probably fine for the company-owned-laptop case where you’re actually fine with multiple sites being able to tie identities together (that’s kind of the point here!), and also works for “I am using an app and not a browser”, but doesn’t work for more generic scenarios. It also doesn’t seem to take the session resumption case into account at all? Support for RFC8705 seems poor, as far as I can tell of the big players only Auth0 implements it. In theory it works fine with self-signed client certs but in reality that’s going to be almost as difficult to support across multiple platforms as just issuing proper client certs in the first place, so deployment is going to be kind of a pain. But the good news is it doesn’t rely on any TLS extensions or custom browser behaviour, so at the client side it works fine with any browser.

      Which brings us on to RFC 9449, “Demonstrating Proof of Possession”. This goes even further than RFC8705 in terms of reducing the burden of deployment - it works fine with existing browsers, and it doesn’t even require any certs. The client generates a keypair and provides the pubkey when requesting the cookie. The cookie contains the pubkey. Every request to the service now provides the cookie with the pubkey and also provides a signature over the URI and HTTP method. If the signature matches the pubkey in the token then clearly the signature came from the machine the token was issued to, and everything is good.

      This does come with some downsides, though. The first is that it uses browser interfaces to generate the keys (typically crypto.subtle.generatekey()) and as far as I can tell there are no browsers that guarantee that that key is going to be generated in hardware even if it’s marked non-exportable, so anyone able to steal the cookies can also steal the keys. The second is that the signature only covers the URI and HTTP method, and not the message content or any other headers, so anyone able to exfiltrate a valid signature can replay it against the same URI with different message content. The recommended way to handle this is to reject any signatures that weren’t generated within the last few seconds, which is a wonderful additional way to allow clock skew to give you a Bad Day. And the third is that every single request has to be separately signed, which is not intrinsically a problem because computers are fast and have multiple cores, but if you’re trying to solve the first problem by sticking the key in a TPM then you’re dealing with something that’s slow and single threaded and that’s maybe acceptable if you’re using client certificates (because there’s going to be one signature per session and you can use the same session for multiple requests) but probably not if you’re dealing with a user opening a browser that restores previous tabs and each of those is a webapp that fires off 100 requests in parallel.

      In case it wasn’t clear, I don’t like DPoP. It doesn’t feel like it actually solves the underlying problem that we see in the real world (malware running in a context where if it can grab the tokens it can grab the keys), it adds a massive amount of overhead, and it has baked in replay vulnerabilities. I don’t know why it exists and I’m incredibly suspicious of vendors telling me that it fixes my problems, because if they’re telling me that then I’m going to end up assuming that they either don’t understand my problems or they don’t understand their technology, and neither of those is good.

      Still. Then we get to the thing that prompted me to write this - Chrome’s announcement that they had launched device-bound session credentials. This is interesting because it’s a Chrome feature that’s explicitly intended to counter on-device malware, which was one of the things that was out of scope in 2018 when token binding was being removed. Since this is entire web level it doesn’t have to be an RFC, and so is instead defined by W3C. I’m going to handwave all the complexity and say that it’s basically a way to register a public key when a cookie is issued, and then prove possession of the private key when it’s time to renew the cookie. By making the cookies shortlived and having support for rotating them in the background, user impact is basically zero and while it’s still possible for an attacker to exfiltrate and use a cookie they’ll only be able to do so for a short window before it needs to be refreshed - something the attacker can’t do, since they don’t have the private key. This avoids the DPoP overhead because you only need to do signing once per cookie per cookie lifetime, and not on every single request. I don’t like this due to the window where exfiltrated tokens can be used, but it feels like a strict improvement over the status quo. An extension called device-bound session credentials for enterprise allows pre-enrollment of device keys, so even though the actual runtime DBCE flow doesn’t involve certificates, certificates can be used for device registration in enterprise environments and you can make sure that auth cookies only go to trusted devices. Unfortunately this is Chrome-only, and so we’re going to need to wait for it to be backported to all the random app frameworks for it to have widespread support on mobile or for almost everyone’s desktop app that’s actually three websites in an Electron wrapper. Mozilla’s current position is that they’re not in favour of it, so I guess we’ll see where Safari lands in terms of broad uptake.

      The last thing on my list is another client cert/OAuth binding, this one still in draft state at the time of writing. This one is aimed primarily at the use of agent-driven tooling, where you have something running in the background using a whole bunch of tools that are each acting on your behalf. Authenticating to all of them separately isn’t a fun time, but giving broadly scoped access tokens to a non-deterministic agent and trusting that it’ll never post them somewhere public also isn’t a fun time. The key distinction between it and RFC8705 is that it’s aimed at connections rather than sessions, which avoids the worries about session resumption. This is done with TLS Exporters, which in TLS 1.3 should be unique to the connection even over session resumption (TLS 1.2 may reuse some of the same key material for exporters over session resumption, so it’s recommended to enforce 1.3 for this). By providing a new signature alongside the cookie on every new connection, the client proves that it still has access to the private key. This is a very new spec and I haven’t had much time to work through it yet, but my naive understanding is that unlike RFC8705 this would require some additional client support to be able to regenerate the client signature on every TLS reconnection.

      This doesn’t avoid all the problems that RFC8705 has, including how to scope certificates. For the agentic use case that probably doesn’t matter - all these tools are acting on behalf of the same user, it’s fine if all the sites involved know they’re the same user. But it doesn’t solve the general purpose user use case, and right now DBSC seems like the best we have there.

      But. Part of me still wonders whether Dirk Balfanz’s approach was the right one. Yes, there’s risk associated with TLS session resumption, but in the worst case you could just switch that off for high risk setups. The cookie scope argument is real, and also in cases where it could violate privacy the site owner could already choose to broaden their cookie scope and violate your privacy, and in cases where it breaks things you could just not make use of it. The other problems are largely fixed by TLS 1.3, and then we’re just left with “Browsers handle client certificates badly” to which my answer is “Yes, and we should fix that anyway”.

      Despite having a pretty good answer to this solution over a decade ago, the closest we have to actual deployment is something that offers strictly worse security guarantees. And tokens keep getting stolen, and compromises keep occurring, and for the most part people shrug and get on with things.