- <div class="title"><a href="http://people.skolelinux.org/pere/blog/Is_Pentagon_deciding_the_Norwegian_negotiating_position_on_Internet_governance_.html">Is Pentagon deciding the Norwegian negotiating position on Internet governance?</a></div>
- <div class="date"> 3rd November 2015</div>
- <div class="body"><p>In Norway, all government offices are required by law to keep a
-list of every document or letter arriving and leaving their offices.
-Internal notes should also be documented. The document list (called a mail
-journal - "postjournal" in Norwegian) is public information and thanks
-to the Norwegian Freedom of Information Act (Offentleglova) the mail
-journal is available for everyone. Most offices even publish the mail
-journal on their web pages, as PDFs or tables in web pages. The state-level offices even have a shared web based search service (called
-<a href="https://www.oep.no/">Offentlig Elektronisk Postjournal -
-OEP</a>) to make it possible to search the entries in the list. Not
-all journal entries show up on OEP, and the search service is hard to
-use, but OEP does make it easier to find at least some interesting
-journal entries .</p>
-
-<p>In 2012 I came across a document in the mail journal for the
-Norwegian Ministry of Transport and Communications on OEP that
-piqued my interest. The title of the document was
-"<a href="https://www.oep.no/search/resultSingle.html?journalPostId=4192362">Internet
-Governance and how it affects national security</a>" (Norwegian:
-"Internet Governance og påvirkning på nasjonal sikkerhet"). The
-document date was 2012-05-22, and it was said to be sent from the
-"Permanent Mission of Norway to the United Nations". I asked for a
-copy, but my request was rejected with a reference to a legal clause said to authorize them to reject it
-(<a href="http://lovdata.no/lov/2006-05-19-16/§20">offentleglova § 20,
-letter c</a>) and an explanation that the document was exempt because
-of foreign policy interests as it contained information related to the
-Norwegian negotiating position, negotiating strategies or similar. I
-was told the information in the document related to the ongoing
-negotiation in the International Telecommunications Union (ITU). The
-explanation made sense to me in early January 2013, as a ITU
-conference in Dubay discussing Internet Governance
-(<a href="https://en.wikipedia.org/wiki/International_Telecommunication_Union#World_Conference_on_International_Telecommunications_2012_.28WCIT-12.29">World
-Conference on International Telecommunications - WCIT-12</a>) had just
-ended,
-<a href="http://www.digi.no/kommentarer/2012/12/18/tvil-om-usas-rolle-pa-teletoppmote">reportedly
-in chaos</a> when USA walked out of the negotiations and 25 countries
-including Norway refused to sign the new treaty. It seemed
-reasonable to believe talks were still going on a few weeks later.
-Norway was represented at the ITU meeting by two authorities, the
-<a href="http://www.nkom.no/">Norwegian Communications Authority</a>
-and the <a href="https://www.regjeringen.no/no/dep/sd/">Ministry of
-Transport and Communications</a>. This might be the reason the letter
-was sent to the ministry. As I was unable to find the document in the
-mail journal of any Norwegian UN mission, I asked the ministry who had
-sent the document to the ministry, and was told that it was the Deputy
-Permanent Representative with the Permanent Mission of Norway in
-Geneva.</p>
-
-<p>Three years later, I was still curious about the content of that
-document, and again asked for a copy, believing the negotiation was
-over now. This time
-<a href="https://mimesbronn.no/request/kopi_av_dokumenter_i_sak_2012914">I
-asked both the Ministry of Transport and Communications as the
-receiver</a> and
-<a href="https://mimesbronn.no/request/brev_om_internet_governance_og_p">asked
-the Permanent Mission of Norway in Geneva as the sender</a> for a
-copy, to see if they both agreed that it should be withheld from the
-public. The ministry upheld its rejection quoting the same law
-reference as before, while the permanent mission rejected it quoting a
-different clause
-(<a href="http://lovdata.no/lov/2006-05-19-16/§20">offentleglova § 20
-letter b</a>), claiming that they were required to keep the
-content of the document from the public because it contained
-information given to Norway with the expressed or implied expectation
-that the information should not be made public. I asked the permanent
-mission for an explanation, and was told that the document contained
-an account from a meeting held in the Pentagon for a limited group of NATO
-nations where the organiser of the meeting did not intend the content
-of the meeting to be publicly known. They explained that giving me a
-copy might cause Norway to not get access to similar information in
-the future and thus hurt the future foreign interests of Norway. They
-also explained that the Permanent Mission of Norway in Geneva was not
-the author of the document, they only got a copy of it, and because of
-this had not listed it in their mail journal.</p>
-
-<p>Armed with this
-knowledge I asked the Ministry to reconsider and asked who was the
-author of the document, now realising that it was not same as the
-"sender" according to Ministry of Transport and Communications. The
-ministry upheld its rejection but told me the name of the author of
-the document. According to
-<a href="https://www.regjeringen.no/no/aktuelt/unga69_rapport1/id2001204/">a
-government report</a> the author was with the Permanent Mission of
-Norway in New York a bit more than a year later (2014-09-22), so I
-guessed that might be the office responsible for writing and sending
-the report initially and
-<a href="https://www.mimesbronn.no/request/mote_2012_i_pentagon_om_itu">asked
-them for a copy</a> but I was obviously wrong as I was told that the
-document was unknown to them and that the author did not work there
-when the document was written. Next, I asked the Permanent Mission of
-Norway in Geneva and the Foreign Ministry to reconsider and at least
-tell me who sent the document to Deputy Permanent Representative with
-the Permanent Mission of Norway in Geneva. The Foreign Ministry also
-upheld its rejection, but told me that the person sending the document
-to Permanent Mission of Norway in Geneva was the defence attaché with
-the Norwegian Embassy in Washington. I do not know if this is the
-same person as the author of the document.</p>
-
-<p>If I understand the situation correctly, someone capable of
-inviting selected NATO nations to a meeting in Pentagon organised a
-meeting where someone representing the Norwegian defence attaché in
-Washington attended, and the account from this meeting is interpreted
-by the Ministry of Transport and Communications to expose Norways
-negotiating position, negotiating strategies and similar regarding the
-ITU negotiations on Internet Governance. It is truly amazing what can
-be derived from mere meta-data.</p>
-
-<p>I wonder which NATO countries besides Norway attended this meeting?
-And what exactly was said and done at the meeting? Anyone know?</p>
+ <div class="title"><a href="http://people.skolelinux.org/pere/blog/Experience_and_updated_recipe_for_using_the_Signal_app_without_a_mobile_phone.html">Experience and updated recipe for using the Signal app without a mobile phone</a></div>
+ <div class="date">10th October 2016</div>
+ <div class="body"><p>In July
+<a href="http://people.skolelinux.org/pere/blog/How_to_use_the_Signal_app_if_you_only_have_a_land_line__ie_no_mobile_phone_.html">I
+wrote how to get the Signal Chrome/Chromium app working</a> without
+the ability to receive SMS messages (aka without a cell phone). It is
+time to share some experiences and provide an updated setup.</p>
+
+<p>The Signal app have worked fine for several months now, and I use
+it regularly to chat with my loved ones. I had a major snag at the
+end of my summer vacation, when the the app completely forgot my
+setup, identity and keys. The reason behind this major mess was
+running out of disk space. To avoid that ever happening again I have
+started storing everything in <tt>userdata/</tt> in git, to be able to
+roll back to an earlier version if the files are wiped by mistake. I
+had to use it once after introducing the git backup. When rolling
+back to an earlier version, one need to use the 'reset session' option
+in Signal to get going, and notify the people you talk with about the
+problem. I assume there is some sequence number tracking in the
+protocol to detect rollback attacks. The git repository is rather big
+(674 MiB so far), but I have not tried to figure out if some of the
+content can be added to a .gitignore file due to lack of spare
+time.</p>
+
+<p>I've also hit the 90 days timeout blocking, and noticed that this
+make it impossible to send messages using Signal. I could still
+receive them, but had to patch the code with a new timestamp to send.
+I believe the timeout is added by the developers to force people to
+upgrade to the latest version of the app, even when there is no
+protocol changes, to reduce the version skew among the user base and
+thus try to keep the number of support requests down.</p>
+
+<p>Since my original recipe, the Signal source code changed slightly,
+making the old patch fail to apply cleanly. Below is an updated
+patch, including the shell wrapper I use to start Signal. The
+original version required a new user to locate the JavaScript console
+and call a function from there. I got help from a friend with more
+JavaScript knowledge than me to modify the code to provide a GUI
+button instead. This mean that to get started you just need to run
+the wrapper and click the 'Register without mobile phone' to get going
+now. I've also modified the timeout code to always set it to 90 days
+in the future, to avoid having to patch the code regularly.</p>
+
+<p>So, the updated recipe for Debian Jessie:</p>
+
+<ol>
+
+<li>First, install required packages to get the source code and the
+browser you need. Signal only work with Chrome/Chromium, as far as I
+know, so you need to install it.
+
+<pre>
+apt install git tor chromium
+git clone https://github.com/WhisperSystems/Signal-Desktop.git
+</pre></li>
+
+<li>Modify the source code using command listed in the the patch
+block below.</li>
+
+<li>Start Signal using the run-signal-app wrapper (for example using
+<tt>`pwd`/run-signal-app</tt>).
+
+<li>Click on the 'Register without mobile phone', will in a phone
+number you can receive calls to the next minute, receive the
+verification code and enter it into the form field and press
+'Register'. Note, the phone number you use will be user Signal
+username, ie the way others can find you on Signal.</li>
+
+<li>You can now use Signal to contact others. Note, new contacts do
+not show up in the contact list until you restart Signal, and there is
+no way to assign names to Contacts. There is also no way to create or
+update chat groups. I suspect this is because the web app do not have
+a associated contact database.</li>
+
+</ol>
+
+<p>I am still a bit uneasy about using Signal, because of the way its
+main author moxie0 reject federation and accept dependencies to major
+corporations like Google (part of the code is fetched from Google) and
+Amazon (the central coordination point is owned by Amazon). See for
+example
+<a href="https://github.com/LibreSignal/LibreSignal/issues/37">the
+LibreSignal issue tracker</a> for a thread documenting the authors
+view on these issues. But the network effect is strong in this case,
+and several of the people I want to communicate with already use
+Signal. Perhaps we can all move to <a href="https://ring.cx/">Ring</a>
+once it <a href="https://bugs.debian.org/830265">work on my
+laptop</a>? It already work on Windows and Android, and is included
+in <a href="https://tracker.debian.org/pkg/ring">Debian</a> and
+<a href="https://launchpad.net/ubuntu/+source/ring">Ubuntu</a>, but not
+working on Debian Stable.</p>
+
+<p>Anyway, this is the patch I apply to the Signal code to get it
+working. It switch to the production servers, disable to timeout,
+make registration easier and add the shell wrapper:</p>
+
+<pre>
+cd Signal-Desktop; cat <<EOF | patch -p1
+diff --git a/js/background.js b/js/background.js
+index 24b4c1d..579345f 100644
+--- a/js/background.js
++++ b/js/background.js
+@@ -33,9 +33,9 @@
+ });
+ });
+
+- var SERVER_URL = 'https://textsecure-service-staging.whispersystems.org';
++ var SERVER_URL = 'https://textsecure-service-ca.whispersystems.org';
+ var SERVER_PORTS = [80, 4433, 8443];
+- var ATTACHMENT_SERVER_URL = 'https://whispersystems-textsecure-attachments-staging.s3.amazonaws.com';
++ var ATTACHMENT_SERVER_URL = 'https://whispersystems-textsecure-attachments.s3.amazonaws.com';
+ var messageReceiver;
+ window.getSocketStatus = function() {
+ if (messageReceiver) {
+diff --git a/js/expire.js b/js/expire.js
+index 639aeae..beb91c3 100644
+--- a/js/expire.js
++++ b/js/expire.js
+@@ -1,6 +1,6 @@
+ ;(function() {
+ 'use strict';
+- var BUILD_EXPIRATION = 0;
++ var BUILD_EXPIRATION = Date.now() + (90 * 24 * 60 * 60 * 1000);
+
+ window.extension = window.extension || {};
+
+diff --git a/js/views/install_view.js b/js/views/install_view.js
+index 7816f4f..1d6233b 100644
+--- a/js/views/install_view.js
++++ b/js/views/install_view.js
+@@ -38,7 +38,8 @@
+ return {
+ 'click .step1': this.selectStep.bind(this, 1),
+ 'click .step2': this.selectStep.bind(this, 2),
+- 'click .step3': this.selectStep.bind(this, 3)
++ 'click .step3': this.selectStep.bind(this, 3),
++ 'click .callreg': function() { extension.install('standalone') },
+ };
+ },
+ clearQR: function() {
+diff --git a/options.html b/options.html
+index dc0f28e..8d709f6 100644
+--- a/options.html
++++ b/options.html
+@@ -14,7 +14,10 @@
+ <div class='nav'>
+ <h1>{{ installWelcome }}</h1>
+ <p>{{ installTagline }}</p>
+- <div> <a class='button step2'>{{ installGetStartedButton }}</a> </div>
++ <div> <a class='button step2'>{{ installGetStartedButton }}</a>
++ <br> <a class="button callreg">Register without mobile phone</a>
++
++ </div>
+ <span class='dot step1 selected'></span>
+ <span class='dot step2'></span>
+ <span class='dot step3'></span>
+--- /dev/null 2016-10-07 09:55:13.730181472 +0200
++++ b/run-signal-app 2016-10-10 08:54:09.434172391 +0200
+@@ -0,0 +1,12 @@
++#!/bin/sh
++set -e
++cd $(dirname $0)
++mkdir -p userdata
++userdata="`pwd`/userdata"
++if [ -d "$userdata" ] && [ ! -d "$userdata/.git" ] ; then
++ (cd $userdata && git init)
++fi
++(cd $userdata && git add . && git commit -m "Current status." || true)
++exec chromium \
++ --proxy-server="socks://localhost:9050" \
++ --user-data-dir=$userdata --load-and-launch-app=`pwd`
+EOF
+chmod a+rx run-signal-app
+</pre>
+
+<p>As usual, if you use Bitcoin and want to show your support of my
+activities, please send Bitcoin donations to my address
+<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b&label=PetterReinholdtsenBlog">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p>
projects / homepage.git / blobdiff