Generated.

[homepage.git] / blog / index.rss

<?xml version="1.0" encoding="utf-8"?>
<rss version='2.0' xmlns:lj='http://www.livejournal.org/rss/lj/1.0/' xmlns:atom="http://www.w3.org/2005/Atom">
        <channel>
                <title>Petter Reinholdtsen</title>
                <description></description>
                <link>http://people.skolelinux.org/pere/blog/</link>
                <atom:link href="http://people.skolelinux.org/pere/blog/index.rss" rel="self" type="application/rss+xml" />
        
        <item>
                <title>How to talk with your loved ones in private</title>
                <link>http://people.skolelinux.org/pere/blog/How_to_talk_with_your_loved_ones_in_private.html</link>
                <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/How_to_talk_with_your_loved_ones_in_private.html</guid>
                <pubDate>Mon, 7 Nov 2016 10:25:00 +0100</pubDate>
                <description>&lt;p&gt;A few days ago I ran a very biased and informal survey to get an
idea about what options are being used to communicate with end to end
encryption with friends and family.  I explicitly asked people not to
list options only used in a work setting.  The background is the
uneasy feeling I get when using Signal, a feeling shared by others as
a blog post from Sander Venima about
&lt;a href=&quot;https://sandervenema.ch/2016/11/why-i-wont-recommend-signal-anymore/&quot;&gt;why
he do not recommend Signal anymore&lt;/a&gt; (with
&lt;a href=&quot;https://news.ycombinator.com/item?id=12883410&quot;&gt;feedback from
the Signal author available from ycombinator&lt;/a&gt;).  I wanted an
overview of the options being used, and hope to include those options
in a less biased survey later on.  So far I have not taken the time to
look into the individual proposed systems.  They range from text
sharing web pages, via file sharing and email to instant messaging,
VOIP and video conferencing.  For those considering which system to
use, it is also useful to have a look at
&lt;a href=&quot;https://www.eff.org/secure-messaging-scorecard&quot;&gt;the EFF Secure
messaging scorecard&lt;/a&gt; which is slightly out of date but still
provide valuable information.&lt;/p&gt;

&lt;p&gt;So, on to the list.  There were some used by many, some used by a
few, some rarely used ones and a few mentioned but without anyone
claiming to use them.  Notice the grouping is in realty quite random
given the biased self selected set of participants.  First the ones
used by many:&lt;/p&gt;

&lt;ul&gt;

&lt;li&gt;&lt;a href=&quot;https://whispersystems.org/&quot;&gt;Signal&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;Email w/&lt;a href=&quot;http://openpgp.org/&quot;&gt;OpenPGP&lt;/a&gt; (Enigmail, GPGSuite,etc)&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://www.whatsapp.com/&quot;&gt;Whatsapp&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;IRC w/&lt;a href=&quot;https://otr.cypherpunks.ca/&quot;&gt;OTR&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;XMPP w/&lt;a href=&quot;https://otr.cypherpunks.ca/&quot;&gt;OTR&lt;/a&gt;&lt;/li&gt;

&lt;/ul&gt;

&lt;p&gt;Then the ones used by a few.&lt;/p&gt;

&lt;ul&gt;

&lt;li&gt;&lt;a href=&quot;https://wiki.mumble.info/wiki/Main_Page&quot;&gt;Mumble&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;iMessage (included in iOS from Apple)&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://telegram.org/&quot;&gt;Telegram&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://jitsi.org/&quot;&gt;Jitsi&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://keybase.io/download&quot;&gt;Keybase file&lt;/a&gt;&lt;/li&gt;

&lt;/ul&gt;

&lt;p&gt;Then the ones used by even fewer people&lt;/p&gt;

&lt;ul&gt;

&lt;li&gt;&lt;a href=&quot;https://ring.cx/&quot;&gt;Ring&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://bitmessage.org/&quot;&gt;Bitmessage&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://wire.com/&quot;&gt;Wire&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;VoIP w/&lt;a href=&quot;https://en.wikipedia.org/wiki/ZRTP&quot;&gt;ZRTP&lt;/a&gt; or controlled &lt;a href=&quot;https://en.wikipedia.org/wiki/Secure_Real-time_Transport_Protocol&quot;&gt;SRTP&lt;/a&gt; (e.g using &lt;a href=&quot;https://en.wikipedia.org/wiki/CSipSimple&quot;&gt;CSipSimple&lt;/a&gt;, &lt;a href=&quot;https://en.wikipedia.org/wiki/Linphone&quot;&gt;Linphone&lt;/a&gt;)&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://matrix.org/&quot;&gt;Matrix&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://kontalk.org/&quot;&gt;Kontalk&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://0bin.net/&quot;&gt;0bin&lt;/a&gt; (encrypted pastebin)&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://appear.in&quot;&gt;Appear.in&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://riot.im/&quot;&gt;riot&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://www.wickr.com/&quot;&gt;Wickr Me&lt;/a&gt;&lt;/li&gt;

&lt;/ul&gt;

&lt;p&gt;And finally the ones mentioned by not marked as used by
anyone. This might be a mistake, perhaps the person adding the entry
forgot to flag it as used?&lt;/p&gt;

&lt;ul&gt;

&lt;li&gt;Email w/Certificates &lt;a href=&quot;https://en.wikipedia.org/wiki/S/MIME&quot;&gt;S/MIME&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://www.crypho.com/&quot;&gt;Crypho&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://cryptpad.fr/&quot;&gt;CryptPad&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href=&quot;https://github.com/ricochet-im/ricochet&quot;&gt;ricochet&lt;/a&gt;&lt;/li&gt;

&lt;/ul&gt;

&lt;p&gt;Given the network effect it seem obvious to me that we as a society
have been divided and conquered by those interested in keeping
encrypted and secure communication away from the masses.  The
finishing remarks &lt;a href=&quot;https://vimeo.com/97505679&quot;&gt;from Aral Balkan
in his talk &quot;Free is a lie&quot;&lt;/a&gt; about the usability of free software
really come into effect when you want to communicate in private with
your friends and family.  We can not expect them to allow the
usability of communication tool to block their ability to talk to
their loved ones.&lt;/p&gt;

&lt;p&gt;Note for example the option IRC w/OTR.  Most IRC clients do not
have OTR support, so in most cases OTR would not be an option, even if
you wanted to.  In my personal experience, about 1 in 20 I talk to
have a IRC client with OTR.  For private communication to really be
available, most people to talk to must have the option in their
currently used client.  I can not simply ask my family to install an
IRC client.  I need to guide them through a technical multi-step
process of adding extensions to the client to get them going.  This is
a non-starter for most.&lt;/p&gt;

&lt;p&gt;I would like to be able to do video phone calls, audio phone calls,
exchange instant messages and share files with my loved ones, without
being forced to share with people I do not know.  I do not want to
share the content of the conversations, and I do not want to share who
I communicate with or the fact that I communicate with someone.
Without all these factors in place, my private life is being more or
less invaded.&lt;/p&gt;
</description>
        </item>
        
        <item>
                <title>My own self balancing Lego Segway</title>
                <link>http://people.skolelinux.org/pere/blog/My_own_self_balancing_Lego_Segway.html</link>
                <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/My_own_self_balancing_Lego_Segway.html</guid>
                <pubDate>Fri, 4 Nov 2016 10:15:00 +0100</pubDate>
                <description>&lt;p&gt;A while back I received a Gyro sensor for the NXT
&lt;a href=&quot;mindstorms.lego.com&quot;&gt;Mindstorms&lt;/a&gt; controller as a birthday
present.  It had been on my wishlist for a while, because I wanted to
build a Segway like balancing lego robot.  I had already built
&lt;a href=&quot;http://www.nxtprograms.com/NXT2/segway/&quot;&gt;a simple balancing
robot&lt;/a&gt; with the kids, using the light/color sensor included in the
NXT kit as the balance sensor, but it was not working very well.  It
could balance for a while, but was very sensitive to the light
condition in the room and the reflective properties of the surface and
would fall over after a short while.  I wanted something more robust,
and had
&lt;a href=&quot;https://www.hitechnic.com/cgi-bin/commerce.cgi?preadd=action&amp;key=NGY1044&quot;&gt;the
gyro sensor from HiTechnic&lt;/a&gt; I believed would solve it on my
wishlist for some years before it suddenly showed up as a gift from my
loved ones. :)&lt;/p&gt;

&lt;p&gt;Unfortunately I have not had time to sit down and play with it
since then.  But that changed some days ago, when I was searching for
lego segway information and came across a recipe from HiTechnic for
building
&lt;a href=&quot;http://www.hitechnic.com/blog/gyro-sensor/htway/&quot;&gt;the
HTWay&lt;/a&gt;, a segway like balancing robot.  Build instructions and
&lt;a href=&quot;https://www.hitechnic.com/upload/786-HTWayC.nxc&quot;&gt;source
code&lt;/a&gt; was included, so it was just a question of putting it all
together.  And thanks to the great work of many Debian developers, the
compiler needed to build the source for the NXT is already included in
Debian, so I was read to go in less than an hour.  The resulting robot
do not look very impressive in its simplicity:&lt;/p&gt;

&lt;p align=&quot;center&quot;&gt;&lt;img width=&quot;70%&quot; src=&quot;http://people.skolelinux.org/pere/blog/images/2016-11-04-lego-htway-robot.jpeg&quot;&gt;&lt;/p&gt;

&lt;p&gt;Because I lack the infrared sensor used to control the robot in the
design from HiTechnic, I had to comment out the last task
(taskControl).  I simply placed /* and */ around it get the program
working without that sensor present.  Now it balances just fine until
the battery status run low:&lt;/p&gt;

&lt;p align=&quot;center&quot;&gt;&lt;video width=&quot;70%&quot; controls=&quot;true&quot;&gt;
   &lt;source src=&quot;http://people.skolelinux.org/pere/blog/images/2016-11-04-lego-htway-balancing.ogv&quot; type=&quot;video/ogg&quot;&gt;
&lt;/video&gt;&lt;/p&gt;

&lt;p&gt;Now we would like to teach it how to follow a line and take remote
control instructions using the included Bluetooth receiver in the NXT.&lt;/p&gt;

&lt;p&gt;If you, like me, love LEGO and want to make sure we find the tools
they need to work with LEGO in Debian and all our derivative
distributions like Ubuntu, check out
&lt;a href=&quot;http://wiki.debian.org/LegoDesigners&quot;&gt;the LEGO designers
project page&lt;/a&gt; and join the Debian LEGO team.  Personally I own a
RCX and NXT controller (no EV3), and would like to make sure the
Debian tools needed to program the systems I own work as they
should.&lt;/p&gt;
</description>
        </item>
        
        <item>
                <title>Aktivitetsbånd som beskytter privatsfæren</title>
                <link>http://people.skolelinux.org/pere/blog/Aktivitetsb_nd_som_beskytter_privatsf_ren.html</link>
                <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Aktivitetsb_nd_som_beskytter_privatsf_ren.html</guid>
                <pubDate>Thu, 3 Nov 2016 09:55:00 +0100</pubDate>
                <description>&lt;p&gt;Jeg ble så imponert over
&lt;a href=&quot;https://www.nrk.no/norge/forbrukerradet-mener-aktivitetsarmband-strider-mot-norsk-lov-1.13209079&quot;&gt;dagens
gladnyhet på NRK&lt;/a&gt;, om at Forbrukerrådet klager inn vilkårene for
bruk av aktivitetsbånd fra Fitbit, Garmin, Jawbone og Mio til
Datatilsynet og forbrukerombudet, at jeg sendte følgende brev til
forbrukerrådet for å uttrykke min støtte:

&lt;blockquote&gt;

&lt;p&gt;Jeg ble veldig glad over å lese at Forbrukerrådet
&lt;a href=&quot;http://www.forbrukerradet.no/siste-nytt/klager-inn-aktivitetsarmband-for-brudd-pa-norsk-lov/&quot;&gt;klager
inn flere aktivitetsbånd til Datatilsynet for dårlige vilkår&lt;/a&gt;.  Jeg
har ønsket meg et aktivitetsbånd som kan måle puls, bevegelse og
gjerne også andre helserelaterte indikatorer en stund nå.  De eneste
jeg har funnet i salg gjør, som dere også har oppdaget, graverende
inngrep i privatsfæren og sender informasjonen ut av huset til folk og
organisasjoner jeg ikke ønsker å dele aktivitets- og helseinformasjon
med.  Jeg ønsker et alternativ som &lt;em&gt;ikke&lt;/em&gt; sender informasjon til
skyen, men derimot bruker
&lt;a href=&quot;http://people.skolelinux.org/pere/blog/Fri_og__pen_standard__slik_Digistan_ser_det.html&quot;&gt;en
fritt og åpent standardisert&lt;/a&gt; protokoll (eller i det minste en
dokumentert protokoll uten patent- og opphavsrettslige
bruksbegrensinger) til å kommunisere med datautstyr jeg kontrollerer.
Er jo ikke interessert i å betale noen for å tilrøve seg
personopplysninger fra meg.  Desverre har jeg ikke funnet noe
alternativ så langt.&lt;/p&gt;

&lt;p&gt;Det holder ikke å endre på bruksvilkårene for enhetene, slik
Datatilsynet ofte legger opp til i sin behandling, når de gjør slik
f.eks. Fitbit (den jeg har sett mest på).  Fitbit krypterer
informasjonen på enheten og sender den kryptert til leverandøren.  Det
gjør det i praksis umulig både å sjekke hva slags informasjon som
sendes over, og umulig å ta imot informasjonen selv i stedet for
Fitbit.  Uansett hva slags historie som forteller i bruksvilkårene er
en jo både prisgitt leverandørens godvilje og at de ikke tvinges av
sitt lands myndigheter til å lyve til sine kunder om hvorvidt
personopplysninger spres ut over det bruksvilkårene sier.  Det er
veldokumentert hvordan f.eks. USA tvinger selskaper vha. såkalte
National security letters til å utlevere personopplysninger samtidig
som de ikke får lov til å fortelle dette til kundene sine.&lt;/p&gt;

&lt;p&gt;Stå på, jeg er veldig glade for at dere har sett på saken.  Vet
dere om aktivitetsbånd i salg i dag som ikke tvinger en til å utlevere
aktivitets- og helseopplysninger med leverandøren?&lt;/p&gt;

&lt;/blockquote&gt;

&lt;p&gt;Jeg håper en konkurrent som respekterer kundenes privatliv klarer å
nå opp i markedet, slik at det finnes et reelt alternativ for oss som
har full tillit til at skyleverandører vil prioritere egen inntjening
og myndighetspålegg langt foran kundenes rett til privatliv.  Jeg har
ingen tiltro til at Datatilsynet vil kreve noe mer enn at vilkårene
endres slik at de forklarer eksplisitt i hvor stor grad bruk av
produktene utraderer privatsfæren til kundene.  Det vil nok gjøre de
innklagede armbåndene «lovlige», men fortsatt tvinge kundene til å
dele sine personopplysninger med leverandøren.&lt;/p&gt;
</description>
        </item>
        
        <item>
                <title>Experience and updated recipe for using the Signal app without a mobile phone</title>
                <link>http://people.skolelinux.org/pere/blog/Experience_and_updated_recipe_for_using_the_Signal_app_without_a_mobile_phone.html</link>
                <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Experience_and_updated_recipe_for_using_the_Signal_app_without_a_mobile_phone.html</guid>
                <pubDate>Mon, 10 Oct 2016 11:30:00 +0200</pubDate>
                <description>&lt;p&gt;In July
&lt;a href=&quot;http://people.skolelinux.org/pere/blog/How_to_use_the_Signal_app_if_you_only_have_a_land_line__ie_no_mobile_phone_.html&quot;&gt;I
wrote how to get the Signal Chrome/Chromium app working&lt;/a&gt; without
the ability to receive SMS messages (aka without a cell phone).  It is
time to share some experiences and provide an updated setup.&lt;/p&gt;

&lt;p&gt;The Signal app have worked fine for several months now, and I use
it regularly to chat with my loved ones.  I had a major snag at the
end of my summer vacation, when the the app completely forgot my
setup, identity and keys.  The reason behind this major mess was
running out of disk space.  To avoid that ever happening again I have
started storing everything in &lt;tt&gt;userdata/&lt;/tt&gt; in git, to be able to
roll back to an earlier version if the files are wiped by mistake.  I
had to use it once after introducing the git backup.  When rolling
back to an earlier version, one need to use the &#39;reset session&#39; option
in Signal to get going, and notify the people you talk with about the
problem.  I assume there is some sequence number tracking in the
protocol to detect rollback attacks.  The git repository is rather big
(674 MiB so far), but I have not tried to figure out if some of the
content can be added to a .gitignore file due to lack of spare
time.&lt;/p&gt;

&lt;p&gt;I&#39;ve also hit the 90 days timeout blocking, and noticed that this
make it impossible to send messages using Signal.  I could still
receive them, but had to patch the code with a new timestamp to send.
I believe the timeout is added by the developers to force people to
upgrade to the latest version of the app, even when there is no
protocol changes, to reduce the version skew among the user base and
thus try to keep the number of support requests down.&lt;/p&gt;

&lt;p&gt;Since my original recipe, the Signal source code changed slightly,
making the old patch fail to apply cleanly.  Below is an updated
patch, including the shell wrapper I use to start Signal.  The
original version required a new user to locate the JavaScript console
and call a function from there.  I got help from a friend with more
JavaScript knowledge than me to modify the code to provide a GUI
button instead.  This mean that to get started you just need to run
the wrapper and click the &#39;Register without mobile phone&#39; to get going
now.  I&#39;ve also modified the timeout code to always set it to 90 days
in the future, to avoid having to patch the code regularly.&lt;/p&gt;

&lt;p&gt;So, the updated recipe for Debian Jessie:&lt;/p&gt;

&lt;ol&gt;

&lt;li&gt;First, install required packages to get the source code and the
browser you need.  Signal only work with Chrome/Chromium, as far as I
know, so you need to install it.

&lt;pre&gt;
apt install git tor chromium
git clone https://github.com/WhisperSystems/Signal-Desktop.git
&lt;/pre&gt;&lt;/li&gt;

&lt;li&gt;Modify the source code using command listed in the the patch
block below.&lt;/li&gt;

&lt;li&gt;Start Signal using the run-signal-app wrapper (for example using
&lt;tt&gt;`pwd`/run-signal-app&lt;/tt&gt;).

&lt;li&gt;Click on the &#39;Register without mobile phone&#39;, will in a phone
number you can receive calls to the next minute, receive the
verification code and enter it into the form field and press
&#39;Register&#39;.  Note, the phone number you use will be user Signal
username, ie the way others can find you on Signal.&lt;/li&gt;

&lt;li&gt;You can now use Signal to contact others.  Note, new contacts do
not show up in the contact list until you restart Signal, and there is
no way to assign names to Contacts.  There is also no way to create or
update chat groups.  I suspect this is because the web app do not have
a associated contact database.&lt;/li&gt;

&lt;/ol&gt;

&lt;p&gt;I am still a bit uneasy about using Signal, because of the way its
main author moxie0 reject federation and accept dependencies to major
corporations like Google (part of the code is fetched from Google) and
Amazon (the central coordination point is owned by Amazon).  See for
example
&lt;a href=&quot;https://github.com/LibreSignal/LibreSignal/issues/37&quot;&gt;the
LibreSignal issue tracker&lt;/a&gt; for a thread documenting the authors
view on these issues.  But the network effect is strong in this case,
and several of the people I want to communicate with already use
Signal.  Perhaps we can all move to &lt;a href=&quot;https://ring.cx/&quot;&gt;Ring&lt;/a&gt;
once it &lt;a href=&quot;https://bugs.debian.org/830265&quot;&gt;work on my
laptop&lt;/a&gt;?  It already work on Windows and Android, and is included
in &lt;a href=&quot;https://tracker.debian.org/pkg/ring&quot;&gt;Debian&lt;/a&gt; and
&lt;a href=&quot;https://launchpad.net/ubuntu/+source/ring&quot;&gt;Ubuntu&lt;/a&gt;, but not
working on Debian Stable.&lt;/p&gt;

&lt;p&gt;Anyway, this is the patch I apply to the Signal code to get it
working.  It switch to the production servers, disable to timeout,
make registration easier and add the shell wrapper:&lt;/p&gt;

&lt;pre&gt;
cd Signal-Desktop; cat &amp;lt;&amp;lt;EOF | patch -p1
diff --git a/js/background.js b/js/background.js
index 24b4c1d..579345f 100644
--- a/js/background.js
+++ b/js/background.js
@@ -33,9 +33,9 @@
         });
     });
 
-    var SERVER_URL = &#39;https://textsecure-service-staging.whispersystems.org&#39;;
+    var SERVER_URL = &#39;https://textsecure-service-ca.whispersystems.org&#39;;
     var SERVER_PORTS = [80, 4433, 8443];
-    var ATTACHMENT_SERVER_URL = &#39;https://whispersystems-textsecure-attachments-staging.s3.amazonaws.com&#39;;
+    var ATTACHMENT_SERVER_URL = &#39;https://whispersystems-textsecure-attachments.s3.amazonaws.com&#39;;
     var messageReceiver;
     window.getSocketStatus = function() {
         if (messageReceiver) {
diff --git a/js/expire.js b/js/expire.js
index 639aeae..beb91c3 100644
--- a/js/expire.js
+++ b/js/expire.js
@@ -1,6 +1,6 @@
 ;(function() {
     &#39;use strict&#39;;
-    var BUILD_EXPIRATION = 0;
+    var BUILD_EXPIRATION = Date.now() + (90 * 24 * 60 * 60 * 1000);
 
     window.extension = window.extension || {};
 
diff --git a/js/views/install_view.js b/js/views/install_view.js
index 7816f4f..1d6233b 100644
--- a/js/views/install_view.js
+++ b/js/views/install_view.js
@@ -38,7 +38,8 @@
             return {
                 &#39;click .step1&#39;: this.selectStep.bind(this, 1),
                 &#39;click .step2&#39;: this.selectStep.bind(this, 2),
-                &#39;click .step3&#39;: this.selectStep.bind(this, 3)
+                &#39;click .step3&#39;: this.selectStep.bind(this, 3),
+                &#39;click .callreg&#39;: function() { extension.install(&#39;standalone&#39;) },
             };
         },
         clearQR: function() {
diff --git a/options.html b/options.html
index dc0f28e..8d709f6 100644
--- a/options.html
+++ b/options.html
@@ -14,7 +14,10 @@
         &amp;lt;div class=&#39;nav&#39;&gt;
           &amp;lt;h1&gt;{{ installWelcome }}&amp;lt;/h1&gt;
           &amp;lt;p&gt;{{ installTagline }}&amp;lt;/p&gt;
-          &amp;lt;div&gt; &amp;lt;a class=&#39;button step2&#39;&gt;{{ installGetStartedButton }}&amp;lt;/a&gt; &amp;lt;/div&gt;
+          &amp;lt;div&gt; &amp;lt;a class=&#39;button step2&#39;&gt;{{ installGetStartedButton }}&amp;lt;/a&gt;
+           &amp;lt;br&gt; &amp;lt;a class=&quot;button callreg&quot;&gt;Register without mobile phone&amp;lt;/a&gt;
+
+         &amp;lt;/div&gt;
           &amp;lt;span class=&#39;dot step1 selected&#39;&gt;&amp;lt;/span&gt;
           &amp;lt;span class=&#39;dot step2&#39;&gt;&amp;lt;/span&gt;
           &amp;lt;span class=&#39;dot step3&#39;&gt;&amp;lt;/span&gt;
--- /dev/null   2016-10-07 09:55:13.730181472 +0200
+++ b/run-signal-app   2016-10-10 08:54:09.434172391 +0200
@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+cd $(dirname $0)
+mkdir -p userdata
+userdata=&quot;`pwd`/userdata&quot;
+if [ -d &quot;$userdata&quot; ] &amp;&amp; [ ! -d &quot;$userdata/.git&quot; ] ; then
+    (cd $userdata &amp;&amp; git init)
+fi
+(cd $userdata &amp;&amp; git add . &amp;&amp; git commit -m &quot;Current status.&quot; || true)
+exec chromium \
+  --proxy-server=&quot;socks://localhost:9050&quot; \
+  --user-data-dir=$userdata --load-and-launch-app=`pwd`
EOF
chmod a+rx run-signal-app
&lt;/pre&gt;

&lt;p&gt;As usual, if you use Bitcoin and want to show your support of my
activities, please send Bitcoin donations to my address
&lt;b&gt;&lt;a href=&quot;bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b&amp;label=PetterReinholdtsenBlog&quot;&gt;15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b&lt;/a&gt;&lt;/b&gt;.&lt;/p&gt;
</description>
        </item>
        
        <item>
                <title>NRKs kildevern når NRK-epost deles med utenlands etterretning?</title>
                <link>http://people.skolelinux.org/pere/blog/NRKs_kildevern_n_r_NRK_epost_deles_med_utenlands_etterretning_.html</link>
                <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/NRKs_kildevern_n_r_NRK_epost_deles_med_utenlands_etterretning_.html</guid>
                <pubDate>Sat, 8 Oct 2016 08:15:00 +0200</pubDate>
                <description>&lt;p&gt;NRK
&lt;a href=&quot;https://nrkbeta.no/2016/09/02/securing-whistleblowers/&quot;&gt;lanserte
for noen uker siden&lt;/a&gt; en ny
&lt;a href=&quot;https://www.nrk.no/varsle/&quot;&gt;varslerportal som bruker
SecureDrop til å ta imot tips&lt;/a&gt; der det er vesentlig at ingen
utenforstående får vite at NRK er tipset.  Det er et langt steg
fremover for NRK, og når en leser bloggposten om hva de har tenkt på
og hvordan løsningen er satt opp virker det som om de har gjort en
grundig jobb der.  Men det er ganske mye ekstra jobb å motta tips via
SecureDrop, så varslersiden skriver &quot;Nyhetstips som ikke krever denne
typen ekstra vern vil vi gjerne ha på nrk.no/03030&quot;, og 03030-siden
foreslår i tillegg til et webskjema å bruke epost, SMS, telefon,
personlig oppmøte og brevpost.  Denne artikkelen handler disse andre
metodene.&lt;/p&gt;

&lt;p&gt;Når en sender epost til en @nrk.no-adresse så vil eposten sendes ut
av landet til datamaskiner kontrollert av Microsoft.  En kan sjekke
dette selv ved å slå opp epostleveringsadresse (MX) i DNS.  For NRK er
dette i dag &quot;nrk-no.mail.protection.outlook.com&quot;.  NRK har som en ser
valgt å sette bort epostmottaket sitt til de som står bak outlook.com,
dvs. Microsoft.  En kan sjekke hvor nettverkstrafikken tar veien
gjennom Internett til epostmottaket vha. programmet
&lt;tt&gt;traceroute&lt;/tt&gt;, og finne ut hvem som eier en Internett-adresse
vha. whois-systemet.  Når en gjør dette for epost-trafikk til @nrk.no
ser en at trafikken fra Norge mot nrk-no.mail.protection.outlook.com
går via Sverige mot enten Irland eller Tyskland (det varierer fra gang
til gang og kan endre seg over tid).&lt;/p&gt;

&lt;p&gt;Vi vet fra
&lt;a href=&quot;https://no.wikipedia.org/wiki/FRA-loven&quot;&gt;introduksjonen av
FRA-loven&lt;/a&gt; at IP-trafikk som passerer grensen til Sverige avlyttes
av Försvarets radioanstalt (FRA).  Vi vet videre takket være
Snowden-bekreftelsene at trafikk som passerer grensen til
Storbritannia avlyttes av Government Communications Headquarters
(GCHQ).  I tillegg er er det nettopp lansert et forslag i Norge om at
forsvarets E-tjeneste skal få avlytte trafikk som krysser grensen til
Norge. Jeg er ikke kjent med dokumentasjon på at Irland og Tyskland
gjør det samme.  Poenget er uansett at utenlandsk etterretning har
mulighet til å snappe opp trafikken når en sender epost til @nrk.no.
I tillegg er det selvsagt tilgjengelig for Microsoft som er underlagt USAs
jurisdiksjon og
&lt;a href=&quot;https://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data&quot;&gt;samarbeider
med USAs etterretning på flere områder&lt;/a&gt;.  De som tipser NRK om
nyheter via epost kan dermed gå ut fra at det blir kjent for mange
andre enn NRK at det er gjort.&lt;/p&gt;

&lt;p&gt;Bruk av SMS og telefon registreres av blant annet telefonselskapene
og er tilgjengelig i følge lov og forskrift for blant annet Politi,
NAV og Finanstilsynet, i tillegg til IT-folkene hos telefonselskapene
og deres overordnede.  Hvis innringer eller mottaker bruker
smarttelefon vil slik kontakt også gjøres tilgjengelig for ulike
app-leverandører og de som lytter på trafikken mellom telefon og
app-leverandør, alt etter hva som er installert på telefonene som
brukes.&lt;/p&gt;

&lt;p&gt;Brevpost kan virke trygt, og jeg vet ikke hvor mye som registreres
og lagres av postens datastyrte postsorteringssentraler.  Det vil ikke
overraske meg om det lagres hvor i landet hver konvolutt kommer fra og
hvor den er adressert, i hvert fall for en kortere periode.  Jeg vet
heller ikke hvem slik informasjon gjøres tilgjengelig for.  Det kan
være nok til å ringe inn potensielle kilder når det krysses med hvem
som kjente til aktuell informasjon og hvor de befant seg (tilgjengelig
f.eks.  hvis de bærer mobiltelefon eller bor i nærheten).&lt;/p&gt;

&lt;p&gt;Personlig oppmøte hos en NRK-journalist er antagelig det tryggeste,
men en bør passe seg for å bruke NRK-kantina.  Der bryter de nemlig
&lt;a href=&quot;http://www.lovdata.no/all/hl-19850524-028.html#14&quot;&gt;Sentralbanklovens
paragraf 14&lt;/a&gt; og nekter folk å betale med kontanter.  I stedet
krever de at en varsle sin bankkortutsteder om hvor en befinner seg
ved å bruke bankkort.  Banktransaksjoner er tilgjengelig for
bankkortutsteder (det være seg VISA, Mastercard, Nets og/eller en
bank) i tillegg til politiet og i hvert fall tidligere med Se &amp; Hør
(via utro tjenere, slik det ble avslørt etter utgivelsen av boken
«Livet, det forbannede» av Ken B. Rasmussen).  Men hvor mange kjenner
en NRK-journalist personlig?  Besøk på NRK på Marienlyst krever at en
registrerer sin ankost elektronisk i besøkssystemet.  Jeg vet ikke hva
som skjer med det datasettet, men har grunn til å tro at det sendes ut
SMS til den en skal besøke med navnet som er oppgitt.  Kanskje greit å
oppgi falskt navn.&lt;/p&gt;

&lt;p&gt;Når så tipset er kommet frem til NRK skal det behandles
redaksjonelt i NRK.  Der vet jeg via ulike kilder at de fleste
journalistene bruker lokalt installert programvare, men noen bruker
Google Docs og andre skytjenester i strid med interne retningslinjer
når de skriver.  Hvordan vet en hvem det gjelder?  Ikke vet jeg, men
det kan være greit å spørre for å sjekke at journalisten har tenkt på
problemstillingen, før en gir et tips.  Og hvis tipset omtales internt
på epost, er det jo grunn til å tro at også intern eposten vil deles
med Microsoft og utenlands etterretning, slik tidligere nevnt, men det
kan hende at det holdes internt i NRKs interne MS Exchange-løsning.
Men Microsoft ønsker å få alle Exchange-kunder over &quot;i skyen&quot; (eller
andre folks datamaskiner, som det jo innebærer), så jeg vet ikke hvor
lenge det i så fall vil vare.&lt;/p&gt;

&lt;p&gt;I tillegg vet en jo at
&lt;a href=&quot;https://www.nrk.no/ytring/elektronisk-kildevern-i-nrk-1.11941196&quot;&gt;NRK
har valgt å gi nasjonal sikkerhetsmyndighet (NSM) tilgang til å se på
intern og ekstern Internett-trafikk&lt;/a&gt; hos NRK ved oppsett av såkalte
VDI-noder, på tross av
&lt;a href=&quot;https://www.nrk.no/ytring/bekymring-for-nrks-kildevern-1.11941584&quot;&gt;protester
fra NRKs journalistlag&lt;/a&gt;.  Jeg vet ikke om den vil kunne snappe opp
dokumenter som lagres på interne filtjenere eller dokumenter som lages
i de interne webbaserte publiseringssystemene, men vet at hva noden
ser etter på nettet kontrolleres av NSM og oppdateres automatisk, slik
at det ikke gir så mye mening å sjekke hva noden ser etter i dag når
det kan endres automatisk i morgen.&lt;/p&gt;

&lt;p&gt;Personlig vet jeg ikke om jeg hadde turt tipse NRK hvis jeg satt på
noe som kunne være en trussel mot den bestående makten i Norge eller
verden.  Til det virker det å være for mange åpninger for
utenforstående med andre prioriteter enn NRKs journalistiske fokus.
Og den største truslen for en varsler er jo om metainformasjon kommer
på avveie, dvs. informasjon om at en har vært i kontakt med en
journalist.  Det kan være nok til at en kommer i myndighetenes
søkelys, og de færreste har nok operasjonell sikkerhet til at vil tåle
slik flombelysning på sitt privatliv.&lt;/p&gt;
</description>
        </item>
        
        <item>
                <title>Isenkram, Appstream and udev make life as a LEGO builder easier</title>
                <link>http://people.skolelinux.org/pere/blog/Isenkram__Appstream_and_udev_make_life_as_a_LEGO_builder_easier.html</link>
                <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Isenkram__Appstream_and_udev_make_life_as_a_LEGO_builder_easier.html</guid>
                <pubDate>Fri, 7 Oct 2016 09:50:00 +0200</pubDate>
                <description>&lt;p&gt;&lt;a href=&quot;http://packages.qa.debian.org/isenkram&quot;&gt;The Isenkram
system&lt;/a&gt; provide a practical and easy way to figure out which
packages support the hardware in a given machine.  The command line
tool &lt;tt&gt;isenkram-lookup&lt;/tt&gt; and the tasksel options provide a
convenient way to list and install packages relevant for the current
hardware during system installation, both user space packages and
firmware packages. The GUI background daemon on the other hand provide
a pop-up proposing to install packages when a new dongle is inserted
while using the computer.  For example, if you plug in a smart card
reader, the system will ask if you want to install &lt;tt&gt;pcscd&lt;/tt&gt; if
that package isn&#39;t already installed, and if you plug in a USB video
camera the system will ask if you want to install &lt;tt&gt;cheese&lt;/tt&gt; if
cheese is currently missing.  This already work just fine.&lt;/p&gt;

&lt;p&gt;But Isenkram depend on a database mapping from hardware IDs to
package names.  When I started no such database existed in Debian, so
I made my own data set and included it with the isenkram package and
made isenkram fetch the latest version of this database from git using
http.  This way the isenkram users would get updated package proposals
as soon as I learned more about hardware related packages.&lt;/p&gt;

&lt;p&gt;The hardware is identified using modalias strings.  The modalias
design is from the Linux kernel where most hardware descriptors are
made available as a strings that can be matched using filename style
globbing.  It handle USB, PCI, DMI and a lot of other hardware related
identifiers.&lt;/p&gt;

&lt;p&gt;The downside to the Isenkram specific database is that there is no
information about relevant distribution / Debian version, making
isenkram propose obsolete packages too.  But along came AppStream, a
cross distribution mechanism to store and collect metadata about
software packages.  When I heard about the proposal, I contacted the
people involved and suggested to add a hardware matching rule using
modalias strings in the specification, to be able to use AppStream for
mapping hardware to packages.  This idea was accepted and AppStream is
now a great way for a package to announce the hardware it support in a
distribution neutral way.  I wrote
&lt;a href=&quot;http://people.skolelinux.org/pere/blog/Using_appstream_with_isenkram_to_install_hardware_related_packages_in_Debian.html&quot;&gt;a
recipe on how to add such meta-information&lt;/a&gt; in a blog post last
December.  If you have a hardware related package in Debian, please
announce the relevant hardware IDs using AppStream.&lt;/p&gt;

&lt;p&gt;In Debian, almost all packages that can talk to a LEGO Mindestorms
RCX or NXT unit, announce this support using AppStream.  The effect is
that when you insert such LEGO robot controller into your Debian
machine, Isenkram will propose to install the packages needed to get
it working.  The intention is that this should allow the local user to
start programming his robot controller right away without having to
guess what packages to use or which permissions to fix.&lt;/p&gt;

&lt;p&gt;But when I sat down with my son the other day to program our NXT
unit using his Debian Stretch computer, I discovered something
annoying.  The local console user (ie my son) did not get access to
the USB device for programming the unit.  This used to work, but no
longer in Jessie and Stretch.  After some investigation and asking
around on #debian-devel, I discovered that this was because udev had
changed the mechanism used to grant access to local devices.  The
ConsoleKit mechanism from &lt;tt&gt;/lib/udev/rules.d/70-udev-acl.rules&lt;/tt&gt;
no longer applied, because LDAP users no longer was added to the
plugdev group during login.  Michael Biebl told me that this method
was obsolete and the new method used ACLs instead.  This was good
news, as the plugdev mechanism is a mess when using a remote user
directory like LDAP.  Using ACLs would make sure a user lost device
access when she logged out, even if the user left behind a background
process which would retain the plugdev membership with the ConsoleKit
setup.  Armed with this knowledge I moved on to fix the access problem
for the LEGO Mindstorms related packages.&lt;/p&gt;

&lt;p&gt;The new system uses a udev tag, &#39;uaccess&#39;.  It can either be
applied directly for a device, or is applied in
/lib/udev/rules.d/70-uaccess.rules for classes of devices.  As the
LEGO Mindstorms udev rules did not have a class, I decided to add the
tag directly in the udev rules files included in the packages.  Here
is one example.  For the nqc C compiler for the RCX, the
&lt;tt&gt;/lib/udev/rules.d/60-nqc.rules&lt;/tt&gt; file now look like this:

&lt;p&gt;&lt;pre&gt;
SUBSYSTEM==&quot;usb&quot;, ACTION==&quot;add&quot;, ATTR{idVendor}==&quot;0694&quot;, ATTR{idProduct}==&quot;0001&quot;, \
    SYMLINK+=&quot;rcx-%k&quot;, TAG+=&quot;uaccess&quot;
&lt;/pre&gt;&lt;/p&gt;

&lt;p&gt;The key part is the &#39;TAG+=&quot;uaccess&quot;&#39; at the end.  I suspect all
packages using plugdev in their /lib/udev/rules.d/ files should be
changed to use this tag (either directly or indirectly via
&lt;tt&gt;70-uaccess.rules&lt;/tt&gt;).  Perhaps a lintian check should be created
to detect this?&lt;/p&gt;

&lt;p&gt;I&#39;ve been unable to find good documentation on the uaccess feature.
It is unclear to me if the uaccess tag is an internal implementation
detail like the udev-acl tag used by
&lt;tt&gt;/lib/udev/rules.d/70-udev-acl.rules&lt;/tt&gt;.  If it is, I guess the
indirect method is the preferred way.  Michael
&lt;a href=&quot;https://github.com/systemd/systemd/issues/4288&quot;&gt;asked for more
documentation from the systemd project&lt;/a&gt; and I hope it will make
this clearer.  For now I use the generic classes when they exist and
is already handled by &lt;tt&gt;70-uaccess.rules&lt;/tt&gt;, and add the tag
directly if no such class exist.&lt;/p&gt;

&lt;p&gt;To learn more about the isenkram system, please check out
&lt;a href=&quot;http://people.skolelinux.org/pere/blog/tags/isenkram/&quot;&gt;my
blog posts tagged isenkram&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;To help out making life for LEGO constructors in Debian easier,
please join us on our IRC channel
&lt;a href=&quot;irc://irc.debian.org/%23debian-lego&quot;&gt;#debian-lego&lt;/a&gt; and join
the &lt;a href=&quot;https://alioth.debian.org/projects/debian-lego/&quot;&gt;Debian
LEGO team&lt;/a&gt; in the Alioth project we created yesterday.  A mailing
list is not yet created, but we are working on it. :)&lt;/p&gt;

&lt;p&gt;As usual, if you use Bitcoin and want to show your support of my
activities, please send Bitcoin donations to my address
&lt;b&gt;&lt;a href=&quot;bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b&amp;label=PetterReinholdtsenBlog&quot;&gt;15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b&lt;/a&gt;&lt;/b&gt;.&lt;/p&gt;
</description>
        </item>
        
        <item>
                <title>Aftenposten-redaktøren med lua i hånda</title>
                <link>http://people.skolelinux.org/pere/blog/Aftenposten_redakt_ren_med_lua_i_h_nda.html</link>
                <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Aftenposten_redakt_ren_med_lua_i_h_nda.html</guid>
                <pubDate>Fri, 9 Sep 2016 11:30:00 +0200</pubDate>
                <description>&lt;p&gt;En av dagens nyheter er at Aftenpostens redaktør Espen Egil Hansen
bruker
&lt;a href=&quot;https://www.nrk.no/kultur/aftenposten-brukar-heile-forsida-pa-facebook-kritikk-1.13126918&quot;&gt;forsiden
av papiravisen på et åpent brev til Facebooks sjef Mark Zuckerberg om
Facebooks fjerning av bilder, tekster og sider de ikke liker&lt;/a&gt;.  Det
må være uvant for redaktøren i avisen Aftenposten å stå med lua i
handa og håpe på å bli hørt.  Spesielt siden Aftenposten har vært med
på å gi Facebook makten de nå demonstrerer at de har.  Ved å melde seg
inn i Facebook-samfunnet har de sagt ja til bruksvilkårene og inngått
en antagelig bindende avtale.  Kanskje de skulle lest og vurdert
vilkårene litt nærmere før de sa ja, i stedet for å klage over at
reglende de har valgt å akseptere blir fulgt?  Personlig synes jeg
vilkårene er uakseptable og det ville ikke falle meg inn å gå inn på
en avtale med slike vilkår.  I tillegg til uakseptable vilkår er det
mange andre grunner til å unngå Facebook.  Du kan finne en solid
gjennomgang av flere slike argumenter hos
&lt;a href=&quot;https://stallman.org/facebook.html&quot;&gt;Richard Stallmans side om
Facebook&lt;/a&gt;.

&lt;p&gt;Jeg håper flere norske redaktører på samme vis må stå med lua i
hånden inntil de forstår at de selv er med på å føre samfunnet på
ville veier ved å omfavne Facebook slik de gjør når de omtaler og
løfter frem saker fra Facebook, og tar i bruk Facebook som
distribusjonskanal for sine nyheter.  De bidrar til
overvåkningssamfunnet og raderer ut lesernes privatsfære når de lenker
til Facebook på sine sider, og låser seg selv inne i en omgivelse der
det er Facebook, og ikke redaktøren, som sitter med makta.&lt;/p&gt;

&lt;p&gt;Men det vil nok ta tid, i et Norge der de fleste nettredaktører
&lt;a href=&quot;http://people.skolelinux.org/pere/blog/Snurpenot_overv_kning_av_sensitiv_personinformasjon.html&quot;&gt;deler
sine leseres personopplysinger med utenlands etterretning&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;For øvrig burde varsleren Edward Snowden få politisk asyl i
Norge.&lt;/p&gt;
</description>
        </item>
        
        <item>
                <title>E-tjenesten ber om innsyn i eposten til partiene på Stortinget</title>
                <link>http://people.skolelinux.org/pere/blog/E_tjenesten_ber_om_innsyn_i_eposten_til_partiene_p__Stortinget.html</link>
                <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/E_tjenesten_ber_om_innsyn_i_eposten_til_partiene_p__Stortinget.html</guid>
                <pubDate>Tue, 6 Sep 2016 23:00:00 +0200</pubDate>
                <description>&lt;p&gt;I helga kom det et hårreisende forslag fra Lysne II-utvalget satt
ned av Forsvarsdepartementet.  Lysne II-utvalget var bedt om å vurdere
ønskelista til Forsvarets etterretningstjeneste (e-tjenesten), og har
kommet med
&lt;a href=&quot;http://www.aftenposten.no/norge/Utvalg-sier-ja-til-at-E-tjenesten-far-overvake-innholdet-i-all-internett--og-telefontrafikk-som-krysser-riksgrensen-603232b.html&quot;&gt;forslag
om at e-tjenesten skal få lov til a avlytte all Internett-trafikk&lt;/a&gt;
som passerer Norges grenser.  Få er klar over at dette innebærer at
e-tjenesten får tilgang til epost sendt til de fleste politiske
partiene på Stortinget.  Regjeringspartiet Høyre (@hoyre.no),
støttepartiene Venstre (@venstre.no) og Kristelig Folkeparti (@krf.no)
samt Sosialistisk Ventreparti (@sv.no) og Miljøpartiet de grønne
(@mdg.no) har nemlig alle valgt å ta imot eposten sin via utenlandske
tjenester.  Det betyr at hvis noen sender epost til noen med en slik
adresse vil innholdet i eposten, om dette forslaget blir vedtatt, gjøres
tilgjengelig for e-tjenesten.  Venstre, Sosialistisk Ventreparti og
Miljøpartiet De Grønne har valgt å motta sin epost hos Google,
Kristelig Folkeparti har valgt å motta sin epost hos Microsoft, og
Høyre har valgt å motta sin epost hos Comendo med mottak i Danmark og
Irland.  Kun Arbeiderpartiet og Fremskrittspartiet har valgt å motta
eposten sin i Norge, hos henholdsvis Intility AS og Telecomputing
AS.&lt;/p&gt;

&lt;p&gt;Konsekvensen er at epost inn og ut av de politiske organisasjonene,
til og fra partimedlemmer og partiets tillitsvalgte vil gjøres
tilgjengelig for e-tjenesten for analyse og sortering.  Jeg mistenker
at kunnskapen som slik blir tilgjengelig vil være nyttig hvis en
ønsker å vite hvilke argumenter som treffer publikum når en ønsker å
påvirke Stortingets representanter.&lt;/p

&lt;p&gt;Ved hjelp av MX-oppslag i DNS for epost-domene, tilhørende
whois-oppslag av IP-adressene og traceroute for å se hvorvidt
trafikken går via utlandet kan enhver få bekreftet at epost sendt til
de omtalte partiene vil gjøres tilgjengelig for forsvarets
etterretningstjeneste hvis forslaget blir vedtatt.  En kan også bruke
den kjekke nett-tjenesten &lt;a href=&quot;http://ipinfo.io/&quot;&gt;ipinfo.io&lt;/a&gt;
for å få en ide om hvor i verden en IP-adresse hører til.&lt;/p&gt;

&lt;p&gt;På den positive siden vil forslaget gjøre at enda flere blir
motivert til å ta grep for å bruke
&lt;a href=&quot;https://www.torproject.org/&quot;&gt;Tor&lt;/a&gt; og krypterte
kommunikasjonsløsninger for å kommunisere med sine kjære, for å sikre
at privatsfæren vernes.  Selv bruker jeg blant annet
&lt;a href=&quot;https://www.freedomboxfoundation.org/&quot;&gt;FreedomBox&lt;/a&gt; og
&lt;a href=&quot;https://whispersystems.org/&quot;&gt;Signal&lt;/a&gt; til slikt.  Ingen av
dem er optimale, men de fungerer ganske bra allerede og øker kostnaden
for dem som ønsker å invadere mitt privatliv.&lt;/p&gt;

&lt;p&gt;For øvrig burde varsleren Edward Snowden få politisk asyl i
Norge.&lt;/p&gt;

&lt;!--

venstre.no
  venstre.no mail is handled by 10 aspmx.l.google.com.
  venstre.no mail is handled by 20 alt1.aspmx.l.google.com.
  venstre.no mail is handled by 20 alt2.aspmx.l.google.com.
  venstre.no mail is handled by 30 aspmx2.googlemail.com.
  venstre.no mail is handled by 30 aspmx3.googlemail.com.

traceroute to aspmx.l.google.com (173.194.222.27), 30 hops max, 60 byte packets
 1  uio-gw10.uio.no (129.240.6.1)  0.411 ms  0.438 ms  0.536 ms
 2  uio-gw8.uio.no (129.240.24.229)  0.375 ms  0.452 ms  0.548 ms
 3  oslo-gw1.uninett.no (128.39.65.17)  1.940 ms  1.950 ms  1.942 ms
 4  se-tug.nordu.net (109.105.102.108)  6.910 ms  6.949 ms  7.283 ms
 5  google-gw.nordu.net (109.105.98.6)  6.975 ms  6.967 ms  6.958 ms
 6  209.85.250.192 (209.85.250.192)  7.337 ms  7.286 ms  10.890 ms
 7  209.85.254.13 (209.85.254.13)  7.394 ms 209.85.254.31 (209.85.254.31)  7.586 ms 209.85.254.33 (209.85.254.33)  7.570 ms
 8  209.85.251.255 (209.85.251.255)  15.686 ms 209.85.249.229 (209.85.249.229)  16.118 ms 209.85.251.255 (209.85.251.255)  16.073 ms
 9  74.125.37.255 (74.125.37.255)  16.794 ms 216.239.40.248 (216.239.40.248)  16.113 ms 74.125.37.44 (74.125.37.44)  16.764 ms
10  * * *

mdg.no
  mdg.no mail is handled by 1 aspmx.l.google.com.
  mdg.no mail is handled by 5 alt2.aspmx.l.google.com.
  mdg.no mail is handled by 5 alt1.aspmx.l.google.com.
  mdg.no mail is handled by 10 aspmx2.googlemail.com.
  mdg.no mail is handled by 10 aspmx3.googlemail.com.
sv.no
  sv.no mail is handled by 1 aspmx.l.google.com.
  sv.no mail is handled by 5 alt1.aspmx.l.google.com.
  sv.no mail is handled by 5 alt2.aspmx.l.google.com.
  sv.no mail is handled by 10 aspmx3.googlemail.com.
  sv.no mail is handled by 10 aspmx2.googlemail.com.
hoyre.no
  hoyre.no mail is handled by 10 hoyre-no.mx1.comendosystems.com.
  hoyre.no mail is handled by 20 hoyre-no.mx2.comendosystems.net.

traceroute to hoyre-no.mx1.comendosystems.com (89.104.206.4), 30 hops max, 60 byte packets
 1  uio-gw10.uio.no (129.240.6.1)  0.450 ms  0.510 ms  0.591 ms
 2  uio-gw8.uio.no (129.240.24.229)  0.383 ms  0.508 ms  0.596 ms
 3  oslo-gw1.uninett.no (128.39.65.17)  0.311 ms  0.315 ms  0.300 ms
 4  se-tug.nordu.net (109.105.102.108)  6.837 ms  6.842 ms  6.834 ms
 5  dk-uni.nordu.net (109.105.97.10)  26.073 ms  26.085 ms  26.076 ms
 6  dix.1000m.soeborg.ip.comendo.dk (192.38.7.22)  15.372 ms  15.046 ms  15.123 ms
 7  89.104.192.65 (89.104.192.65)  15.875 ms  15.990 ms  16.239 ms
 8  89.104.192.179 (89.104.192.179)  15.676 ms  15.674 ms  15.664 ms
 9  03dm-com.mx1.staysecuregroup.com (89.104.206.4)  15.637 ms * *

krf.no
  krf.no mail is handled by 10 krf-no.mail.protection.outlook.com.

traceroute to krf-no.mail.protection.outlook.com (213.199.154.42), 30 hops max, 60 byte packets
 1  uio-gw10.uio.no (129.240.6.1)  0.401 ms  0.438 ms  0.536 ms
 2  uio-gw8.uio.no (129.240.24.229)  11.076 ms  11.120 ms  11.204 ms
 3  oslo-gw1.uninett.no (128.39.65.17)  0.232 ms  0.234 ms  0.271 ms
 4  se-tug.nordu.net (109.105.102.108)  6.811 ms  6.820 ms  6.815 ms
 5  netnod-ix-ge-a-sth-4470.microsoft.com (195.245.240.181)  7.074 ms  7.013 ms  7.061 ms
 6  ae1-0.sto-96cbe-1b.ntwk.msn.net (104.44.225.161)  7.227 ms  7.362 ms  7.293 ms
 7  be-8-0.ibr01.ams.ntwk.msn.net (104.44.5.7)  41.993 ms  43.334 ms  41.939 ms
 8  be-1-0.ibr02.ams.ntwk.msn.net (104.44.4.214)  43.153 ms  43.507 ms  43.404 ms
 9  ae3-0.fra-96cbe-1b.ntwk.msn.net (104.44.5.17)  29.897 ms  29.831 ms  29.794 ms
10  ae10-0.vie-96cbe-1a.ntwk.msn.net (198.206.164.1)  42.309 ms  42.130 ms  41.808 ms
11  * ae8-0.vie-96cbe-1b.ntwk.msn.net (104.44.227.29)  41.425 ms *
12  * * *

arbeiderpartiet.no
  arbeiderpartiet.no mail is handled by 10 mail.intility.com.
  arbeiderpartiet.no mail is handled by 20 mail2.intility.com.

traceroute to mail.intility.com (188.95.245.87), 30 hops max, 60 byte packets
 1  uio-gw10.uio.no (129.240.6.1)  0.486 ms  0.508 ms  0.649 ms
 2  uio-gw8.uio.no (129.240.24.229)  0.416 ms  0.508 ms  0.620 ms
 3  oslo-gw1.uninett.no (128.39.65.17)  0.276 ms  0.278 ms  0.275 ms
 4  te3-1-2.br1.fn3.as2116.net (193.156.90.3)  0.374 ms  0.371 ms  0.416 ms
 5  he16-1-1.cr1.san110.as2116.net (195.0.244.234)  3.132 ms he16-1-1.cr2.oslosda310.as2116.net (195.0.244.48)  10.079 ms he16-1-1.cr1.san110.as2116.net (195.0.244.234)  3.353 ms
 6  te1-2-0.ar2.ulv89.as2116.net (195.0.243.194)  0.569 ms te5-0-0.ar2.ulv89.as2116.net (195.0.243.192)  0.661 ms  0.653 ms
 7  cD2EC45C1.static.as2116.net (193.69.236.210)  0.654 ms  0.615 ms  0.590 ms
 8  185.7.132.38 (185.7.132.38)  1.661 ms  1.808 ms  1.695 ms
 9  185.7.132.100 (185.7.132.100)  1.793 ms  1.943 ms  1.546 ms
10  * * *

frp.no
  frp.no mail is handled by 10 mx03.telecomputing.no.
  frp.no mail is handled by 20 mx01.telecomputing.no.

traceroute to mx03.telecomputing.no (95.128.105.102), 30 hops max, 60 byte packets
 1  uio-gw10.uio.no (129.240.6.1)  0.378 ms  0.402 ms  0.479 ms
 2  uio-gw8.uio.no (129.240.24.229)  0.361 ms  0.458 ms  0.548 ms
 3  oslo-gw1.uninett.no (128.39.65.17)  0.361 ms  0.352 ms  0.336 ms
 4  xe-2-2-0-0.san-peer2.osl.no.ip.tdc.net (193.156.90.16)  0.375 ms  0.366 ms  0.346 ms
 5  xe-2-0-2-0.ost-pe1.osl.no.ip.tdc.net (85.19.121.97)  0.780 ms xe-2-0-0-0.ost-pe1.osl.no.ip.tdc.net (85.19.121.101)  0.713 ms xe-2-0-2-0.ost-pe1.osl.no.ip.tdc.net (85.19.121.97)  0.759 ms
 6  cpe.xe-0-2-0-100.ost-pe1.osl.no.customer.tdc.net (85.19.26.46)  0.837 ms  0.755 ms  0.759 ms
 7  95.128.105.3 (95.128.105.3)  1.050 ms  1.288 ms  1.182 ms
 8  mx03.telecomputing.no (95.128.105.102)  0.717 ms  0.703 ms  0.692 ms

--&gt;
</description>
        </item>
        
        <item>
                <title>First draft Norwegian Bokmål edition of The Debian Administrator&#39;s Handbook now public</title>
                <link>http://people.skolelinux.org/pere/blog/First_draft_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook_now_public.html</link>
                <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/First_draft_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook_now_public.html</guid>
                <pubDate>Tue, 30 Aug 2016 10:10:00 +0200</pubDate>
                <description>&lt;p&gt;In April we
&lt;a href=&quot;http://people.skolelinux.org/pere/blog/Lets_make_a_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook.html&quot;&gt;started
to work&lt;/a&gt; on a Norwegian Bokmål edition of the &quot;open access&quot; book on
how to set up and administrate a Debian system.  Today I am happy to
report that the first draft is now publicly available.  You can find
it on &lt;a href=&quot;https://debian-handbook.info/get/&quot;&gt;get the Debian
Administrator&#39;s Handbook page&lt;/a&gt; (under Other languages).  The first
eight chapters have a first draft translation, and we are working on
proofreading the content.  If you want to help out, please start
contributing using
&lt;a href=&quot;https://hosted.weblate.org/projects/debian-handbook/&quot;&gt;the
hosted weblate project page&lt;/a&gt;, and get in touch using
&lt;a href=&quot;http://lists.alioth.debian.org/mailman/listinfo/debian-handbook-translators&quot;&gt;the
translators mailing list&lt;/a&gt;.  Please also check out
&lt;a href=&quot;https://debian-handbook.info/contribute/&quot;&gt;the instructions for
contributors&lt;/a&gt;.  A good way to contribute is to proofread the text
and update weblate if you find errors.&lt;/p&gt;

&lt;p&gt;Our goal is still to make the Norwegian book available on paper as well as
electronic form.&lt;/p&gt;
</description>
        </item>
        
        <item>
                <title>Coz can help you find bottlenecks in multi-threaded software - nice free software</title>
                <link>http://people.skolelinux.org/pere/blog/Coz_can_help_you_find_bottlenecks_in_multi_threaded_software___nice_free_software.html</link>
                <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Coz_can_help_you_find_bottlenecks_in_multi_threaded_software___nice_free_software.html</guid>
                <pubDate>Thu, 11 Aug 2016 12:00:00 +0200</pubDate>
                <description>&lt;p&gt;This summer, I read a great article
&quot;&lt;a href=&quot;https://www.usenix.org/publications/login/summer2016/curtsinger&quot;&gt;coz:
This Is the Profiler You&#39;re Looking For&lt;/a&gt;&quot; in USENIX ;login: about
how to profile multi-threaded programs.  It presented a system for
profiling software by running experiences in the running program,
testing how run time performance is affected by &quot;speeding up&quot; parts of
the code to various degrees compared to a normal run.  It does this by
slowing down parallel threads while the &quot;faster up&quot; code is running
and measure how this affect processing time.  The processing time is
measured using probes inserted into the code, either using progress
counters (COZ_PROGRESS) or as latency meters (COZ_BEGIN/COZ_END).  It
can also measure unmodified code by measuring complete the program
runtime and running the program several times instead.&lt;/p&gt;

&lt;p&gt;The project and presentation was so inspiring that I would like to
get the system into Debian.  I
&lt;a href=&quot;https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830708&quot;&gt;created
a WNPP request for it&lt;/a&gt; and contacted upstream to try to make the
system ready for Debian by sending patches.  The build process need to
be changed a bit to avoid running &#39;git clone&#39; to get dependencies, and
to include the JavaScript web page used to visualize the collected
profiling information included in the source package.
But I expect that should work out fairly soon.&lt;/p&gt;

&lt;p&gt;The way the system work is fairly simple.  To run an coz experiment
on a binary with debug symbols available, start the program like this:

&lt;p&gt;&lt;blockquote&gt;&lt;pre&gt;
coz run --- program-to-run
&lt;/pre&gt;&lt;/blockquote&gt;&lt;/p&gt;

&lt;p&gt;This will create a text file profile.coz with the instrumentation
information.  To show what part of the code affect the performance
most, use a web browser and either point it to
&lt;a href=&quot;http://plasma-umass.github.io/coz/&quot;&gt;http://plasma-umass.github.io/coz/&lt;/a&gt;
or use the copy from git (in the gh-pages branch).  Check out this web
site to have a look at several example profiling runs and get an idea what the end result from the profile runs look like.  To make the
profiling more useful you include &amp;lt;coz.h&amp;gt; and insert the
COZ_PROGRESS or COZ_BEGIN and COZ_END at appropriate places in the
code, rebuild and run the profiler.  This allow coz to do more
targeted experiments.&lt;/p&gt;

&lt;p&gt;A video published by ACM
&lt;a href=&quot;https://www.youtube.com/watch?v=jE0V-p1odPg&quot;&gt;presenting the
Coz profiler&lt;/a&gt; is available from Youtube.  There is also a paper
from the 25th Symposium on Operating Systems Principles available
titled
&lt;a href=&quot;https://www.usenix.org/conference/atc16/technical-sessions/presentation/curtsinger&quot;&gt;Coz:
finding code that counts with causal profiling&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;&lt;a href=&quot;https://github.com/plasma-umass/coz&quot;&gt;The source code&lt;/a&gt;
for Coz is available from github.  It will only build with clang
because it uses a
&lt;a href=&quot;https://gcc.gnu.org/bugzilla/show_bug.cgi?id=55606&quot;&gt;C++
feature missing in GCC&lt;/a&gt;, but I&#39;ve submitted
&lt;a href=&quot;https://github.com/plasma-umass/coz/pull/67&quot;&gt;a patch to solve
it&lt;/a&gt; and hope it will be included in the upstream source soon.&lt;/p&gt;

&lt;p&gt;Please get in touch if you, like me, would like to see this piece
of software in Debian.  I would very much like some help with the
packaging effort, as I lack the in depth knowledge on how to package
C++ libraries.&lt;/p&gt;
</description>
        </item>
        
        </channel>
</rss>