- <title>I want the courts to be involved before the police can hijack a news site DNS domain (#domstolkontroll)</title>
- <link>http://people.skolelinux.org/pere/blog/I_want_the_courts_to_be_involved_before_the_police_can_hijack_a_news_site_DNS_domain___domstolkontroll_.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/I_want_the_courts_to_be_involved_before_the_police_can_hijack_a_news_site_DNS_domain___domstolkontroll_.html</guid>
- <pubDate>Thu, 19 May 2016 14:00:00 +0200</pubDate>
- <description><p>I just donated to the
-<a href="http://www.nuug.no/dns-beslag-donasjon.shtml">NUUG defence
-"fond"</a> to fund the effort in Norway to get the seizure of the news
-site popcorn-time.no tested in court. I hope everyone that agree with
-me will do the same.</p>
-
-<p>Would you be worried if you knew the police in your country could
-hijack DNS domains of news sites covering free software system without
-talking to a judge first? I am. What if the free software system
-combined search engine lookups, bittorrent downloads and video playout
-and was called Popcorn Time? Would that affect your view? It still
-make me worried.</p>
-
-<p>In March 2016, the Norwegian police seized (as in forced NORID to
-change the IP address pointed to by it to one controlled by the
-police) the DNS domain popcorn-time.no, without any supervision from
-the courts. I did not know about the web site back then, and assumed
-the courts had been involved, and was very surprised when I discovered
-that the police had hijacked the DNS domain without asking a judge for
-permission first. I was even more surprised when I had a look at
-<a href="https://web.archive.org/web/*/http://popcorn-time.no">the web
-site content on the Internet Archive</A>, and only found news coverage
-about Popcorn Time, not any material published without the right
-holders permissions.</p>
-
-<p>The seizure was widely covered in the Norwegian press (see for
-example <a href="http://www.hegnar.no/Nyheter/Naeringsliv/2016/03/Popcorn-time.no-beslaglagt-av-OEkokrim">Hegnar Online</a> and
-<a href="http://itavisen.no/2016/03/08/okokrim-har-beslaglagt-popcorn-time-no/">ITavisen<a/>
-and
-<a href="http://www.nrk.no/kultur/okokrim-gar-til-aksjon-mot-popcorn-time-1.12842452">NRK</a>),
-at first due to the press release sent out by Økokrim, but then based
-on
-<a href="http://blogg.torvund.net/2016/03/09/okokrims-beslag-i-domenet-popcorn-time-no/">protests
-from the law professor Olav Torvund</a> and
-<a href="http://www.klassekampen.no/article/20160311/ARTICLE/160319995">lawyer
-Jon Wessel-Aas</a>. It even got some
-<a href="https://torrentfreak.com/norwegian-authorities-sued-over-popcorn-time-domain-seizure-160418/">coverage
-on TorrentFreak</a>.</p>
-
-<p>I
-<a href="http://people.skolelinux.org/pere/blog/NUUG_contests_Norwegian_police_DNS_seizure_of_popcorn_time_no.html">
-wrote about the case a month ago</a>, when the
-<a href="http://www.nuug.no/">Norwegian Unix User Group</a> (NUUG),
-where I am an active member, decided to ask the courts to test this seizure.
-The request was denied, but NUUG and its co-requestor EFN have not
-given up, and now they are rallying for support to get the seizure
-legally challenged. They accept both bank and Bitcoin transfer for
-those that want to support the request.</p>
-
-<p>If you as me believe news sites about free software should not be
-censored, even if the free software have both legal and illegal
-applications, and that DNS hijacking should be tested by the courts, I
-suggest you <a href="http://www.nuug.no/dns-beslag-donasjon.shtml">show
-your support by donating to NUUG</a>.</a>
+ <title>Offentlig elektronisk postjournal blokkerer tilgang for utvalgte webklienter</title>
+ <link>http://people.skolelinux.org/pere/blog/Offentlig_elektronisk_postjournal_blokkerer_tilgang_for_utvalgte_webklienter.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Offentlig_elektronisk_postjournal_blokkerer_tilgang_for_utvalgte_webklienter.html</guid>
+ <pubDate>Thu, 20 Apr 2017 13:00:00 +0200</pubDate>
+ <description><p>Jeg oppdaget i dag at <a href="https://www.oep.no/">nettstedet som
+publiserer offentlige postjournaler fra statlige etater</a>, OEP, har
+begynt å blokkerer enkelte typer webklienter fra å få tilgang. Vet
+ikke hvor mange det gjelder, men det gjelder i hvert fall libwww-perl
+og curl. For å teste selv, kjør følgende:</p>
+
+<blockquote><pre>
+% curl -v -s https://www.oep.no/pub/report.xhtml?reportId=3 2>&1 |grep '< HTTP'
+< HTTP/1.1 404 Not Found
+% curl -v -s --header 'User-Agent:Opera/12.0' https://www.oep.no/pub/report.xhtml?reportId=3 2>&1 |grep '< HTTP'
+< HTTP/1.1 200 OK
+%
+</pre></blockquote>
+
+<p>Her kan en se at tjenesten gir «404 Not Found» for curl i
+standardoppsettet, mens den gir «200 OK» hvis curl hevder å være Opera
+versjon 12.0. Offentlig elektronisk postjournal startet blokkeringen
+2017-03-02.</p>
+
+<p>Blokkeringen vil gjøre det litt vanskeligere å maskinelt hente
+informasjon fra oep.no. Kan blokkeringen være gjort for å hindre
+automatisert innsamling av informasjon fra OEP, slik Pressens
+Offentlighetsutvalg gjorde for å dokumentere hvordan departementene
+hindrer innsyn i
+<a href="http://presse.no/dette-mener-np/undergraver-offentlighetsloven/">rapporten
+«Slik hindrer departementer innsyn» som ble publiserte i januar
+2017</a>. Det virker usannsynlig, da det jo er trivielt å bytte
+User-Agent til noe nytt.</p>
+
+<p>Finnes det juridisk grunnlag for det offentlige å diskriminere
+webklienter slik det gjøres her? Der tilgang gis eller ikke alt etter
+hva klienten sier at den heter? Da OEP eies av DIFI og driftes av
+Basefarm, finnes det kanskje noen dokumenter sendt mellom disse to
+aktørene man kan be om innsyn i for å forstå hva som har skjedd. Men
+<a href="https://www.oep.no/search/result.html?period=dateRange&fromDate=01.01.2016&toDate=01.04.2017&dateType=documentDate&caseDescription=&descType=both&caseNumber=&documentNumber=&sender=basefarm&senderType=both&documentType=all&legalAuthority=&archiveCode=&list2=196&searchType=advanced&Search=Search+in+records">postjournalen
+til DIFI viser kun to dokumenter</a> det siste året mellom DIFI og
+Basefarm.
+<a href="https://www.mimesbronn.no/request/blokkering_av_tilgang_til_oep_fo">Mimes brønn neste</a>,
+tenker jeg.</p>
+</description>
+ </item>
+
+ <item>
+ <title>Free software archive system Nikita now able to store documents</title>
+ <link>http://people.skolelinux.org/pere/blog/Free_software_archive_system_Nikita_now_able_to_store_documents.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Free_software_archive_system_Nikita_now_able_to_store_documents.html</guid>
+ <pubDate>Sun, 19 Mar 2017 08:00:00 +0100</pubDate>
+ <description><p>The <a href="https://github.com/hiOA-ABI/nikita-noark5-core">Nikita
+Noark 5 core project</a> is implementing the Norwegian standard for
+keeping an electronic archive of government documents.
+<a href="http://www.arkivverket.no/arkivverket/Offentlig-forvaltning/Noark/Noark-5/English-version">The
+Noark 5 standard</a> document the requirement for data systems used by
+the archives in the Norwegian government, and the Noark 5 web interface
+specification document a REST web service for storing, searching and
+retrieving documents and metadata in such archive. I've been involved
+in the project since a few weeks before Christmas, when the Norwegian
+Unix User Group
+<a href="https://www.nuug.no/news/NOARK5_kjerne_som_fri_programvare_f_r_epostliste_hos_NUUG.shtml">announced
+it supported the project</a>. I believe this is an important project,
+and hope it can make it possible for the government archives in the
+future to use free software to keep the archives we citizens depend
+on. But as I do not hold such archive myself, personally my first use
+case is to store and analyse public mail journal metadata published
+from the government. I find it useful to have a clear use case in
+mind when developing, to make sure the system scratches one of my
+itches.</p>
+
+<p>If you would like to help make sure there is a free software
+alternatives for the archives, please join our IRC channel
+(<a href="irc://irc.freenode.net/%23nikita"">#nikita on
+irc.freenode.net</a>) and
+<a href="https://lists.nuug.no/mailman/listinfo/nikita-noark">the
+project mailing list</a>.</p>
+
+<p>When I got involved, the web service could store metadata about
+documents. But a few weeks ago, a new milestone was reached when it
+became possible to store full text documents too. Yesterday, I
+completed an implementation of a command line tool
+<tt>archive-pdf</tt> to upload a PDF file to the archive using this
+API. The tool is very simple at the moment, and find existing
+<a href="https://en.wikipedia.org/wiki/Fonds">fonds</a>, series and
+files while asking the user to select which one to use if more than
+one exist. Once a file is identified, the PDF is associated with the
+file and uploaded, using the title extracted from the PDF itself. The
+process is fairly similar to visiting the archive, opening a cabinet,
+locating a file and storing a piece of paper in the archive. Here is
+a test run directly after populating the database with test data using
+our API tester:</p>
+
+<p><blockquote><pre>
+~/src//noark5-tester$ ./archive-pdf mangelmelding/mangler.pdf
+using arkiv: Title of the test fonds created 2017-03-18T23:49:32.103446
+using arkivdel: Title of the test series created 2017-03-18T23:49:32.103446
+
+ 0 - Title of the test case file created 2017-03-18T23:49:32.103446
+ 1 - Title of the test file created 2017-03-18T23:49:32.103446
+Select which mappe you want (or search term): 0
+Uploading mangelmelding/mangler.pdf
+ PDF title: Mangler i spesifikasjonsdokumentet for NOARK 5 Tjenestegrensesnitt
+ File 2017/1: Title of the test case file created 2017-03-18T23:49:32.103446
+~/src//noark5-tester$
+</pre></blockquote></p>
+
+<p>You can see here how the fonds (arkiv) and serie (arkivdel) only had
+one option, while the user need to choose which file (mappe) to use
+among the two created by the API tester. The <tt>archive-pdf</tt>
+tool can be found in the git repository for the API tester.</p>
+
+<p>In the project, I have been mostly working on
+<a href="https://github.com/petterreinholdtsen/noark5-tester">the API
+tester</a> so far, while getting to know the code base. The API
+tester currently use
+<a href="https://en.wikipedia.org/wiki/HATEOAS">the HATEOAS links</a>
+to traverse the entire exposed service API and verify that the exposed
+operations and objects match the specification, as well as trying to
+create objects holding metadata and uploading a simple XML file to
+store. The tester has proved very useful for finding flaws in our
+implementation, as well as flaws in the reference site and the
+specification.</p>
+
+<p>The test document I uploaded is a summary of all the specification
+defects we have collected so far while implementing the web service.
+There are several unclear and conflicting parts of the specification,
+and we have
+<a href="https://github.com/petterreinholdtsen/noark5-tester/tree/master/mangelmelding">started
+writing down</a> the questions we get from implementing it. We use a
+format inspired by how <a href="http://www.opengroup.org/austin/">The
+Austin Group</a> collect defect reports for the POSIX standard with
+<a href="http://www.opengroup.org/austin/mantis.html">their
+instructions for the MANTIS defect tracker system</a>, in lack of an official way to structure defect reports for Noark 5 (our first submitted defect report was a <a href="https://github.com/petterreinholdtsen/noark5-tester/blob/master/mangelmelding/sendt/2017-03-15-mangel-prosess.md">request for a procedure for submitting defect reports</a> :).
+
+<p>The Nikita project is implemented using Java and Spring, and is
+fairly easy to get up and running using Docker containers for those
+that want to test the current code base. The API tester is
+implemented in Python.</p>
projects / homepage.git / blobdiff