<link></link>
<atom:link href="index.rss" rel="self" type="application/rss+xml" />
+ <item>
+ <title>Kryptert harddisk - naturligvis</title>
+ <link>Kryptert_harddisk___naturligvis.html</link>
+ <guid isPermaLink="true">Kryptert_harddisk___naturligvis.html</guid>
+ <pubDate>Sat, 2 May 2009 15:30:00 +0200</pubDate>
+ <description>
+<p><a href="http://www.dagensit.no/trender/article1658676.ece">Dagens
+IT melder</a> at Intel hevder at det er dyrt å miste en datamaskin,
+når en tar tap av arbeidstid, fortrolige dokumenter,
+personopplysninger og alt annet det innebærer. Det er ingen tvil om
+at det er en kostbar affære å miste sin datamaskin, og det er årsaken
+til at jeg har kryptert harddisken på både kontormaskinen og min
+bærbare. Begge inneholder personopplysninger jeg ikke ønsker skal
+komme på avveie, den første informasjon relatert til jobben min ved
+Universitetet i Oslo, og den andre relatert til blant annet
+foreningsarbeide. Kryptering av diskene gjør at det er lite
+sannsynlig at dophoder som kan finne på å rappe maskinene får noe ut
+av dem. Maskinene låses automatisk etter noen minutter uten bruk,
+og en reboot vil gjøre at de ber om passord før de vil starte opp.
+Jeg bruker Debian på begge maskinene, og installasjonssystemet der
+gjør det trivielt å sette opp krypterte disker. Jeg har LVM på toppen
+av krypterte partisjoner, slik at alt av datapartisjoner er kryptert.
+Jeg anbefaler alle å kryptere diskene på sine bærbare. Kostnaden når
+det er gjort slik jeg gjør det er minimale, og gevinstene er
+betydelige. En bør dog passe på passordet. Hvis det går tapt, må
+maskinen reinstalleres og alt er tapt.</p>
+
+<p>Krypteringen vil ikke stoppe kompetente angripere som f.eks. kjøler
+ned minnebrikkene før maskinen rebootes med programvare for å hente ut
+krypteringsnøklene. Kostnaden med å forsvare seg mot slike angripere
+er for min del høyere enn gevinsten. Jeg tror oddsene for at
+f.eks. etterettningsorganisasjoner har glede av å titte på mine
+maskiner er minimale, og ulempene jeg ville oppnå ved å forsøke å
+gjøre det vanskeligere for angripere med kompetanse og ressurser er
+betydelige.</p>
+</description>
+ </item>
+
+ <item>
+ <title>Two projects that have improved the quality of free software a lot</title>
+ <link>Two_projects_that_have_improved_the_quality_of_free_software_a_lot.html</link>
+ <guid isPermaLink="true">Two_projects_that_have_improved_the_quality_of_free_software_a_lot.html</guid>
+ <pubDate>Sat, 2 May 2009 15:00:00 +0200</pubDate>
+ <description>
+<p>There are two software projects that have had huge influence on the
+quality of free software, and I wanted to mention both in case someone
+do not yet know them.</p>
+
+<p>The first one is <a href="http://valgrind.org/">valgrind</a>, a
+tool to detect and expose errors in the memory handling of programs.
+It is easy to use, all one need to do is to run 'valgrind program',
+and it will report any problems on stdout. It is even better if the
+program include debug information. With debug information, it is able
+to report the source file name and line number where the problem
+occurs. It can report things like 'reading past memory block in file
+X line N, the memory block was allocated in file Y, line M', and
+'using uninitialised value in control logic'. This tool has made it
+trivial to investigate reproducible crash bugs in programs, and have
+reduced the number of this kind of bugs in free software a lot.
+
+<p>The second one is
+<a href="http://en.wikipedia.org/wiki/Coverity">Coverity</a> which is
+a source code checker. It is able to process the source of a program
+and find problems in the logic without running the program. It
+started out as the Stanford Checker and became well known when it was
+used to find bugs in the Linux kernel. It is now a commercial tool
+and the company behind it is running
+<a href="http://www.scan.coverity.com/">a community service</a> for the
+free software community, where a lot of free software projects get
+their source checked for free. Several thousand defects have been
+found and fixed so far. It can find errors like 'lock L taken in file
+X line N is never released if exiting in line M', or 'the code in file
+Y lines O to P can never be executed'. The projects included in the
+community service project have managed to get rid of a lot of
+reliability problems thanks to Coverity.</p>
+
+<p>I believe tools like this, that are able to automatically find
+errors in the source, are vital to improve the quality of software and
+make sure we can get rid of the crashing and failing software we are
+surrounded by today.</p>
+</description>
+ </item>
+
+ <item>
+ <title>No patch is not better than a useless patch</title>
+ <link>No_patch_is_not_better_than_a_useless_patch.html</link>
+ <guid isPermaLink="true">No_patch_is_not_better_than_a_useless_patch.html</guid>
+ <pubDate>Tue, 28 Apr 2009 09:30:00 +0200</pubDate>
+ <description>
+<p>Julien Blache
+<a href="http://blog.technologeek.org/2009/04/12/214">claim that no
+patch is better than a useless patch</a>. I completely disagree, as a
+patch allow one to discuss a concrete and proposed solution, and also
+prove that the issue at hand is important enough for someone to spent
+time on fixing it. No patch do not provide any of these positive
+properties.</p>
+</description>
+ </item>
+
<item>
<title>EU-parlamentet raner fellesskapet for musikk</title>
<link>EU_parlamentet_raner_fellesskapet_for_musikk.html</link>
digitalt tilgjengelig fra nasjonalbiblioteket mot at Kopinor får 56
øre for hver side som legges ut. Utvalget er litt merkelig: 1790-,
1890- og 1990-tallet. Jeg synes det er absurd hvis det er slik at
-Kopinor skal ha betalt for utlegging av bøker som ikke legger er
+Kopinor skal ha betalt for utlegging av bøker som ikke lenger er
beskyttet av opphavsretten. Jeg antar her at det er mer enn 90 år
siden forfatterne av bøker som ble publisert 1790-1799 døde, slik at
disse bøkene er falt i det fri og enhver kan kopiere så mye de vil fra
</description>
</item>
- <item>
- <title>Fransk idiotlovforslag hinker gjennom parlamentet</title>
- <link>Fransk_idiotlovforslag_hinker_gjennom_parlamentet.html</link>
- <guid isPermaLink="true">Fransk_idiotlovforslag_hinker_gjennom_parlamentet.html</guid>
- <pubDate>Fri, 10 Apr 2009 00:10:00 +0200</pubDate>
- <description>
-<p><a href="http://www.dagbladet.no/2009/04/09/kultur/musikk/fildeling/tekno/5689356/">Dagbladet
-melder at det franske idiotforslaget om å kutte Internet-forbindelsen
-til alle som blir anklaget for å ha brutt opphavsretten 3 ganger</a>
-ble nedstemt i dag med 21 mot 15 stemmer. Vinklingen i Dagbladet er
-litt merkelig når en vet at det samme forslaget ble vedtatt i
-parlamentets andre kammer med 12 mot 4 stemmer, etter at det
-<a href="http://opendotdotdot.blogspot.com/2009/04/hadopi-law-passed-by-12-votes-to-4.html">overraskende
-ble foreslått å ta saken opp til votering 22:45 sist torsdag</a>,
-etter sigende i strid med vanlige rutiner i det franske parlamentet.</p>
-
-<p>Det hele blir ennå mer komisk når et vet at
-<a href="http://www.zeropaid.com/news/10034/political_hypocrisy_french_president_sued_for_copyright_infringement/">presidentens
-parti er blitt anklaget for å ha brutt opphavsretten</a>. Mon tro om
-partet skal miste internet-forbindelsen hvis de får 2 anklager til
-rettet mot seg.</p>
-</description>
- </item>
-
- <item>
- <title>Recording video from cron using VLC</title>
- <link>Recording_video_from_cron_using_VLC.html</link>
- <guid isPermaLink="true">Recording_video_from_cron_using_VLC.html</guid>
- <pubDate>Sun, 5 Apr 2009 10:00:00 +0200</pubDate>
- <description>
-<p>One think I have wanted to figure out for a along time is how to
-run vlc from cron to do recording of video streams on the net. The
-task is trivial with mplayer, but I do not really trust the security
-of mplayer (it crashes too often on strange input), and thus prefer
-vlc. I finally found a way to do it today. I spent an hour or so
-searching the web for recipes and reading the documentation. The
-hardest part was to get rid of the GUI window, but after finding the
-dummy interface, the command line finally presented itself:</p>
-
-<blockquote><pre>URL=http://www.ping.uio.no/video/rms-oslo_2009.ogg
-SAVEFILE=rms.ogg
-DISPLAY= vlc -q $URL \
- --sout="#duplicate{dst=std{access=file,url='$SAVEFILE'},dst=nodisplay}" \
- --intf=dummy</pre></blockquote>
-
-<p>The command stream the URL and store it in the SAVEFILE by
-duplicating the output stream to "nodisplay" and the file, using the
-dummy interface. The dummy interface and the nodisplay output make
-sure no X interface is needed.</p>
-
-<p>The cron job then need to start this job with the appropriate URL
-and file name to save, sleep for the duration wanted, and then kill
-the vlc process with SIGTERM. Here is a complete script
-<tt>vlc-record</tt> to use from <tt>at</tt> or <tt>cron</tt>:</p>
-
-<blockquote><pre>#!/bin/sh
-set -e
-URL="$1"
-SAVEFILE="$2"
-DURATION="$3"
-DISPLAY= vlc -q "$URL" \
- --sout="#duplicate{dst=std{access=file,url='$SAVEFILE'},dst=nodisplay}" \
- --intf=dummy < /dev/null > /dev/null 2>&1 &
-pid=$!
-sleep $DURATION
-kill $pid
-wait $pid</pre></blockquote>
-</description>
- </item>
-
- <item>
- <title>Standardize on protocols and formats, not vendors and applications</title>
- <link>Standardize_on_protocols_and_formats__not_vendors_and_applications.html</link>
- <guid isPermaLink="true">Standardize_on_protocols_and_formats__not_vendors_and_applications.html</guid>
- <pubDate>Mon, 30 Mar 2009 11:50:00 +0200</pubDate>
- <description>
-<p>Where I work at the University of Oslo, one decision stand out as a
-very good one to form a long lived computer infrastructure. It is the
-simple one, lost by many in todays computer industry: Standardize on
-open network protocols and open exchange/storage formats, not applications.
-Applications come and go, while protocols and files tend to stay, and
-thus one want to make it easy to change application and vendor, while
-avoiding conversion costs and locking users to a specific platform or
-application.</p>
-
-<p>This approach make it possible to replace the client applications
-independently of the server applications. One can even allow users to
-use several different applications as long as they handle the selected
-protocol and format. In the normal case, only one client application
-is recommended and users only get help if they choose to use this
-application, but those that want to deviate from the easy path are not
-blocked from doing so.</p>
-
-<p>It also allow us to replace the server side without forcing the
-users to replace their applications, and thus allow us to select the
-best server implementation at any moment, when scale and resouce
-requirements change.</p>
-
-<p>I strongly recommend standardizing - on open network protocols and
-open formats, but I would never recommend standardizing on a single
-application that do not use open network protocol or open formats.</p>
-</description>
- </item>
-
</channel>
</rss>
projects / homepage.git / blobdiff