<div class="entry">
- <div class="title"><a href="http://people.skolelinux.org/pere/blog/Public_Trusted_Timestamping_services_for_everyone.html">Public Trusted Timestamping services for everyone</a></div>
- <div class="date">25th March 2014</div>
- <div class="body"><p>Did you ever need to store logs or other files in a way that would
-allow it to be used as evidence in court, and needed a way to
-demonstrate without reasonable doubt that the file had not been
-changed since it was created? Or, did you ever need to document that
-a given document was received at some point in time, like some
-archived document or the answer to an exam, and not changed after it
-was received? The problem in these settings is to remove the need to
-trust yourself and your computers, while still being able to prove
-that a file is the same as it was at some given time in the past.</p>
-
-<p>A solution to these problems is to have a trusted third party
-"stamp" the document and verify that at some given time the document
-looked a given way. Such
-<a href="https://en.wikipedia.org/wiki/Notarius">notarius</a> service
-have been around for thousands of years, and its digital equivalent is
-called a
-<a href="http://en.wikipedia.org/wiki/Trusted_timestamping">trusted
-timestamping service</a>. <a href="http://www.ietf.org/">The Internet
-Engineering Task Force</a> standardised how such service could work a
-few years ago as <a href="http://tools.ietf.org/html/rfc3161">RFC
-3161</a>. The mechanism is simple. Create a hash of the file in
-question, send it to a trusted third party which add a time stamp to
-the hash and sign the result with its private key, and send back the
-signed hash + timestamp. Anyone with the document and the signature
-can then verify that the document matches the signature by creating
-their own hash and checking the signature using the trusted third
-party public key. There are several commercial services around
-providing such timestamping. A quick search for
-"<a href="https://duckduckgo.com/?q=rfc+3161+service">rfc 3161
-service</a>" pointed me to at least
-<a href="https://www.digistamp.com/technical/how-a-digital-time-stamp-works/">DigiStamp</a>,
-<a href="http://www.quovadisglobal.co.uk/CertificateServices/SigningServices/TimeStamp.aspx">Quo
-Vadis</a>,
-<a href="https://www.globalsign.com/timestamp-service/">Global Sign</a>
-and <a href="http://www.globaltrustfinder.com/TSADefault.aspx">Global
-Trust Finder</a>. The system work as long as the private key of the
-trusted third party is not compromised.</p>
-
-<p>But as far as I can tell, there are very few public trusted
-timestamp services available for everyone. I've been looking for one
-for a while now. But yesterday I found one over at
-<a href="https://www.pki.dfn.de/zeitstempeldienst/">Deutches
-Forschungsnetz</a>mentioned in
-<a href="http://www.d-mueller.de/blog/dealing-with-trusted-timestamps-in-php-rfc-3161/">a
-blog by David Müller</a>. I then found a good recipe on how to use
-over at the
-<a href="http://www.rz.uni-greifswald.de/support/dfn-pki-zertifikate/zeitstempeldienst.html">University
-of Greifswald</a>. The OpenSSL library contain both server and tools
-to use and set up your own signing service. See the ts(1SSL),
-tsget(1SSL) manual pages for more details. The following shell script
-demonstrate how to extract a signed timestamp for any file on the disk
-in a Debian environment:
-
-<p><blockquote><pre>
-#!/bin/sh
-set -e
-url="http://zeitstempel.dfn.de"
-caurl="https://pki.pca.dfn.de/global-services-ca/pub/cacert/chain.txt"
-reqfile=$(mktemp -t tmp.XXXXXXXXXX.tsq)
-resfile=$(mktemp -t tmp.XXXXXXXXXX.tsr)
-cafile=chain.txt
-if [ ! -f $cafile ] ; then
- wget -O $cafile "$caurl"
-fi
-openssl ts -query -data "$1" -cert | tee "$reqfile" \
- | /usr/lib/ssl/misc/tsget -h "$url" -o "$resfile"
-openssl ts -reply -in "$resfile" -text 1>&2
-openssl ts -verify -data "$1" -in "$resfile" -CAfile "$cafile" 1>&2
-base64 < "$resfile"
-rm "$reqfile" "$resfile"
-</pre></blockquote></p>
-
-<p>The argument to the script is the file to timestamp, and the output
-is a base64 encoded version of the signature to STDOUT and details
-about the signature to STDERR. Note that due to
-<a href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742553">a bug
-in the tsget script</a>, you might need to modify the included script
-and remove the last line. Or just write your own HTTP uploader using
-curl. :) Now you too can prove and verify that files have not been
-changed.</p>
-
-<p>But the Internet need more public trusted timestamp services.
-Perhaps something for <a href="http://www.uninett.no/">Uninett</a> or
-my work place the <a href="http://www.uio.no/">University of Oslo</a>
-to set up?</p>
+ <div class="title"><a href="http://people.skolelinux.org/pere/blog/Simpler_recipe_on_how_to_make_a_simple__7_IMSI_Catcher_using_Debian.html">Simpler recipe on how to make a simple $7 IMSI Catcher using Debian</a></div>
+ <div class="date"> 9th August 2017</div>
+ <div class="body"><p>On friday, I came across an interesting article in the Norwegian
+web based ICT news magazine digi.no on
+<a href="https://www.digi.no/artikler/sikkerhetsforsker-lagde-enkel-imsi-catcher-for-60-kroner-na-kan-mobiler-kartlegges-av-alle/398588">how
+to collect the IMSI numbers of nearby cell phones</a> using the cheap
+DVB-T software defined radios. The article refered to instructions
+and <a href="https://www.youtube.com/watch?v=UjwgNd_as30">a recipe by
+Keld Norman on Youtube on how to make a simple $7 IMSI Catcher</a>, and I decided to test them out.</p>
+
+<p>The instructions said to use Ubuntu, install pip using apt (to
+bypass apt), use pip to install pybombs (to bypass both apt and pip),
+and the ask pybombs to fetch and build everything you need from
+scratch. I wanted to see if I could do the same on the most recent
+Debian packages, but this did not work because pybombs tried to build
+stuff that no longer build with the most recent openssl library or
+some other version skew problem. While trying to get this recipe
+working, I learned that the apt->pip->pybombs route was a long detour,
+and the only piece of software dependency missing in Debian was the
+gr-gsm package. I also found out that the lead upstream developer of
+gr-gsm (the name stand for GNU Radio GSM) project already had a set of
+Debian packages provided in an Ubuntu PPA repository. All I needed to
+do was to dget the Debian source package and built it.</p>
+
+<p>The IMSI collector is a python script listening for packages on the
+loopback network device and printing to the terminal some specific GSM
+packages with IMSI numbers in them. The code is fairly short and easy
+to understand. The reason this work is because gr-gsm include a tool
+to read GSM data from a software defined radio like a DVB-T USB stick
+and other software defined radios, decode them and inject them into a
+network device on your Linux machine (using the loopback device by
+default). This proved to work just fine, and I've been testing the
+collector for a few days now.</p>
+
+<p>The updated and simpler recipe is thus to</p>
+
+<ol>
+
+<li>start with a Debian machine running Stretch or newer,</li>
+
+<li>build and install the gr-gsm package available from
+<a href="http://ppa.launchpad.net/ptrkrysik/gr-gsm/ubuntu/pool/main/g/gr-gsm/">http://ppa.launchpad.net/ptrkrysik/gr-gsm/ubuntu/pool/main/g/gr-gsm/</a>,</li>
+
+<li>clone the git repostory from <a href="https://github.com/Oros42/IMSI-catcher">https://github.com/Oros42/IMSI-catcher</a>,</li>
+
+<li>run grgsm_livemon and adjust the frequency until the terminal
+where it was started is filled with a stream of text (meaning you
+found a GSM station).</li>
+
+<li>go into the IMSI-catcher directory and run 'sudo python simple_IMSI-catcher.py' to extract the IMSI numbers.</li>
+
+</ol>
+
+<p>To make it even easier in the future to get this sniffer up and
+running, I decided to package
+<a href="https://github.com/ptrkrysik/gr-gsm/">the gr-gsm project</a>
+for Debian (<a href="https://bugs.debian.org/871055">WNPP
+#871055</a>), and the package was uploaded into the NEW queue today.
+Luckily the gnuradio maintainer has promised to help me, as I do not
+know much about gnuradio stuff yet.</p>
+
+<p>I doubt this "IMSI cacher" is anywhere near as powerfull as
+commercial tools like
+<a href="https://www.thespyphone.com/portable-imsi-imei-catcher/">The
+Spy Phone Portable IMSI / IMEI Catcher</a> or the
+<a href="https://en.wikipedia.org/wiki/Stingray_phone_tracker">Harris
+Stingray</a>, but I hope the existance of cheap alternatives can make
+more people realise how their whereabouts when carrying a cell phone
+is easily tracked. Seeing the data flow on the screen, realizing that
+I live close to a police station and knowing that the police is also
+wearing cell phones, I wonder how hard it would be for criminals to
+track the position of the police officers to discover when there are
+police near by, or for foreign military forces to track the location
+of the Norwegian military forces, or for anyone to track the location
+of government officials...</p>
+
+<p>It is worth noting that the data reported by the IMSI-catcher
+script mentioned above is only a fraction of the data broadcasted on
+the GSM network. It will only collect one frequency at the time,
+while a typical phone will be using several frequencies, and not all
+phones will be using the frequencies tracked by the grgsm_livemod
+program. Also, there is a lot of radio chatter being ignored by the
+simple_IMSI-catcher script, which would be collected by extending the
+parser code. I wonder if gr-gsm can be set up to listen to more than
+one frequency?</p>
</div>
<div class="tags">
- Tags: <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet</a>.
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern</a>, <a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance</a>.
</div>
<div class="padding"></div>
<div class="entry">
- <div class="title"><a href="http://people.skolelinux.org/pere/blog/Video_DVD_reader_library___python_dvdvideo___nice_free_software.html">Video DVD reader library / python-dvdvideo - nice free software</a></div>
- <div class="date">21st March 2014</div>
- <div class="body"><p>Keeping your DVD collection safe from scratches and curious
-children fingers while still having it available when you want to see a
-movie is not straight forward. My preferred method at the moment is
-to store a full copy of the ISO on a hard drive, and use VLC, Popcorn
-Hour or other useful players to view the resulting file. This way the
-subtitles and bonus material are still available and using the ISO is
-just like inserting the original DVD record in the DVD player.</p>
-
-<p>Earlier I used dd for taking security copies, but it do not handle
-DVDs giving read errors (which are quite a few of them). I've also
-tried using
-<a href="http://people.skolelinux.org/pere/blog/Ripping_problematic_DVDs_using_dvdbackup_and_genisoimage.html">dvdbackup
-and genisoimage</a>, but these days I use the marvellous python library
-and program
-<a href="http://bblank.thinkmo.de/blog/new-software-python-dvdvideo">python-dvdvideo</a>
-written by Bastian Blank. It is
-<a href="http://packages.qa.debian.org/p/python-dvdvideo.html">in Debian
-already</a> and the binary package name is python3-dvdvideo. Instead
-of trying to read every block from the DVD, it parses the file
-structure and figure out which block on the DVD is actually in used,
-and only read those blocks from the DVD. This work surprisingly well,
-and I have been able to almost backup my entire DVD collection using
-this method.</p> So far, python-dvdvideo have failed on between 10 and
-20 DVDs, which is a small fraction of my collection. The most common
-problem is
-<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720831">DVDs
-using UTF-16 instead of UTF-8 characters</a>, which according to
-Bastian is against the DVD specification (and seem to cause some
-players to fail too). A rarer problem is what seem to be inconsistent
-DVD structures, as the python library
-<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=723079">claim
-there is a overlap between objects</a>. An equally rare problem claim
-<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741878">some
-value is out of range</a>. No idea what is going on there. I wish I
-knew enough about the DVD format to fix these, to ensure my movie
-collection will stay with me in the future.</p>
-
-<p>So, if you need to keep your DVDs safe, back them up using
-python-dvdvideo. :)</p>
+ <div class="title"><a href="http://people.skolelinux.org/pere/blog/Norwegian_Bokm_l_edition_of_Debian_Administrator_s_Handbook_is_now_available.html">Norwegian Bokmål edition of Debian Administrator's Handbook is now available</a></div>
+ <div class="date">25th July 2017</div>
+ <div class="body"><p align="center"><img align="center" src="http://people.skolelinux.org/pere/blog/images/2017-07-25-debian-handbook-nb-testprint.png"/></p>
+
+<p>I finally received a copy of the Norwegian Bokmål edition of
+"<a href="https://debian-handbook.info/">The Debian Administrator's
+Handbook</a>". This test copy arrived in the mail a few days ago, and
+I am very happy to hold the result in my hand. We spent around one and a half year translating it. This paperbook edition
+<a href="https://debian-handbook.info/get/#norwegian">is available
+from lulu.com</a>. If you buy it quickly, you save 25% on the list
+price. The book is also available for download in electronic form as
+PDF, EPUB and Mobipocket, as can be
+<a href="https://debian-handbook.info/browse/nb-NO/stable/">read online
+as a web page</a>.</p>
+
+<p>This is the second book I publish (the first was the book
+"<a href="http://free-culture.cc/">Free Culture</a>" by Lawrence Lessig
+in
+<a href="http://www.lulu.com/shop/lawrence-lessig/free-culture/paperback/product-22440520.html">English</a>,
+<a href="http://www.lulu.com/shop/lawrence-lessig/culture-libre/paperback/product-22645082.html">French</a>
+and
+<a href="http://www.lulu.com/shop/lawrence-lessig/fri-kultur/paperback/product-22441576.html">Norwegian
+Bokmål</a>), and I am very excited to finally wrap up this
+project. I hope
+"<a href="http://www.lulu.com/shop/rapha%C3%ABl-hertzog-and-roland-mas/h%C3%A5ndbok-for-debian-administratoren/paperback/product-23262290.html">Håndbok
+for Debian-administratoren</a>" will be well received.</p>
</div>
<div class="tags">
- Tags: <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia</a>, <a href="http://people.skolelinux.org/pere/blog/tags/opphavsrett">opphavsrett</a>, <a href="http://people.skolelinux.org/pere/blog/tags/video">video</a>.
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/debian-handbook">debian-handbook</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>.
</div>
<div class="padding"></div>
<div class="entry">
- <div class="title"><a href="http://people.skolelinux.org/pere/blog/Norsk_utgave_av_Alaveteli___WhatDoTheyKnow_p__trappene.html">Norsk utgave av Alaveteli / WhatDoTheyKnow på trappene</a></div>
- <div class="date">16th March 2014</div>
- <div class="body"><p>Det offentlige Norge har mye kunnskap og informasjon. Men hvordan
-kan en få tilgang til den på en enkel måte? Takket være et lite
-knippe lover og tilhørende forskrifter, blant annet
-<a href="http://lovdata.no/dokument/NL/lov/2006-05-19-16">offentlighetsloven</a>,
-<a href="http://lovdata.no/dokument/NL/lov/2003-05-09-31">miljøinformasjonsloven</a>
-og
-<a href="http://lovdata.no/dokument/NL/lov/1967-02-10/">forvaltningsloven</a>
-har en rett til å spørre det offentlige og få svar. Men det finnes
-intet offentlig arkiv over hva andre har spurt om, og dermed risikerer en
-å måtte forstyrre myndighetene gang på gang for å få tak i samme
-informasjonen på nytt. <a href="http://www.mysociety.org/">Britiske
-mySociety</a> har laget tjenesten
-<a href="http://www.whatdotheyknow.com/">WhatDoTheyKnow</a> som gjør
-noe med dette. I Storbritannia blir WhatdoTheyKnow brukt i
-<a href="http://www.mysociety.org/2011/07/01/whatdotheyknows-share-of-central-government-foi-requests-q2-2011/">ca
-15% av alle innsynsforespørsler mot sentraladministrasjonen</a>.
-Prosjektet heter <a href="http://www.alaveteli.org/">Alaveteli</A>, og
-er takk i bruk en rekke steder etter at løsningen ble generalisert og
-gjort mulig å oversette. Den hjelper borgerne med å be om innsyn,
-rådgir ved purringer og klager og lar alle se hvilke henvendelser som
-er sendt til det offentlige og hvilke svar som er kommet inn, i et
-søkpart arkiv. Her i Norge holder vi i foreningen NUUG på å få opp en
-norsk utgave av Alaveteli, og her trenger vi din hjelp med
-oversettelsen.</p>
-
-<p>Så langt er 76 % av Alaveteli oversatt til norsk bokmål, men vi
-skulle gjerne vært oppe i 100 % før lansering. Oversettelsen gjøres
-på <a href="https://www.transifex.com/projects/p/alaveteli/">Transifex,
-der enhver som registrerer seg</a> og ber om tilgang til
-bokmålsoversettelsen får bidra. Vi har satt opp en test av tjenesten
-(som ikke sender epost til det offentlige, kun til oss som holder på å
-sette opp tjenesten) på maskinen
-<a href="http://alaveteli-dev.nuug.no/">alaveteli-dev.nuug.no</a>, der
-en kan se hvordan de oversatte meldingen blir seende ut på nettsiden.
-Når tjenesten lanseres vil den hete
-<a href="https://www.mimesbrønn.no/">Mimes brønn</a>, etter
-visdomskilden som Odin måtte gi øyet sitt for å få drikke i. Den
-nettsiden er er ennå ikke klar til bruk.</p>
-
-<p>Hvis noen vil oversette til nynorsk også, så skal vi finne ut
-hvordan vi lager en flerspråklig tjeneste. Men i første omgang er
-fokus på bokmålsoversettelsen, der vi selv har nok peiling til å ha
-fått oversatt 76%, men trenger hjelp for å komme helt i mål. :)</p>
+ <div class="title"><a href="http://people.skolelinux.org/pere/blog/_Rapporten_ser_ikke_p__informasjonssikkerhet_knyttet_til_personlig_integritet_.html">«Rapporten ser ikke på informasjonssikkerhet knyttet til personlig integritet»</a></div>
+ <div class="date">27th June 2017</div>
+ <div class="body"><p>Jeg kom over teksten
+«<a href="https://freedom-to-tinker.com/2017/06/21/killing-car-privacy-by-federal-mandate/">Killing
+car privacy by federal mandate</a>» av Leonid Reyzin på Freedom to
+Tinker i dag, og det gleder meg å se en god gjennomgang om hvorfor det
+er et urimelig inngrep i privatsfæren å la alle biler kringkaste sin
+posisjon og bevegelse via radio. Det omtalte forslaget basert på
+Dedicated Short Range Communication (DSRC) kalles Basic Safety Message
+(BSM) i USA og Cooperative Awareness Message (CAM) i Europa, og det
+norske Vegvesenet er en av de som ser ut til å kunne tenke seg å
+pålegge alle biler å fjerne nok en bit av innbyggernes privatsfære.
+Anbefaler alle å lese det som står der.
+
+<p>Mens jeg tittet litt på DSRC på biler i Norge kom jeg over et sitat
+jeg synes er illustrativt for hvordan det offentlige Norge håndterer
+problemstillinger rundt innbyggernes privatsfære i SINTEF-rapporten
+«<a href="https://www.sintef.no/publikasjoner/publikasjon/Download/?pubid=SINTEF+A23933">Informasjonssikkerhet
+i AutoPASS-brikker</a>» av Trond Foss:</p>
+
+<p><blockquote>
+«Rapporten ser ikke på informasjonssikkerhet knyttet til personlig
+ integritet.»
+</blockquote></p>
+
+<p>Så enkelt kan det tydeligvis gjøres når en vurderer
+informasjonssikkerheten. Det holder vel at folkene på toppen kan si
+at «Personvernet er ivaretatt», som jo er den populære intetsigende
+frasen som gjør at mange tror enkeltindividers integritet tas vare på.
+Sitatet fikk meg til å undres på hvor ofte samme tilnærming, å bare se
+bort fra behovet for personlig itegritet, blir valgt når en velger å
+legge til rette for nok et inngrep i privatsfæren til personer i
+Norge. Det er jo sjelden det får reaksjoner. Historien om
+reaksjonene på Helse Sør-Østs tjenesteutsetting er jo sørgelig nok et
+unntak og toppen av isfjellet, desverre. Tror jeg fortsatt takker nei
+til både AutoPASS og holder meg så langt unna det norske helsevesenet
+som jeg kan, inntil de har demonstrert og dokumentert at de verdsetter
+individets privatsfære og personlige integritet høyere enn kortsiktig
+gevist og samfunnsnytte.</p>
</div>
<div class="tags">
- Tags: <a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug</a>, <a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn</a>.
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk</a>, <a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern</a>, <a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet</a>.
</div>
<div class="padding"></div>
<div class="entry">
- <div class="title"><a href="http://people.skolelinux.org/pere/blog/Freedombox_on_Dreamplug__Raspberry_Pi_and_virtual_x86_machine.html">Freedombox on Dreamplug, Raspberry Pi and virtual x86 machine</a></div>
- <div class="date">14th March 2014</div>
- <div class="body"><p>The <a href="https://wiki.debian.org/FreedomBox">Freedombox
-project</a> is working on providing the software and hardware for
-making it easy for non-technical people to host their data and
-communication at home, and being able to communicate with their
-friends and family encrypted and away from prying eyes. It has been
-going on for a while, and is slowly progressing towards a new test
-release (0.2).</p>
-
-<p>And what day could be better than the Pi day to announce that the
-new version will provide "hard drive" / SD card / USB stick images for
-Dreamplug, Raspberry Pi and VirtualBox (or any other virtualization
-system), and can also be installed using a Debian installer preseed
-file. The Debian based Freedombox is now based on Debian Jessie,
-where most of the needed packages used are already present. Only one,
-the freedombox-setup package, is missing. To try to build your own
-boot image to test the current status, fetch the freedom-maker scripts
-and build using
-<a href="http://packages.qa.debian.org/vmdebootstrap">vmdebootstrap</a>
-with a user with sudo access to become root:
-
-<pre>
-git clone http://anonscm.debian.org/git/freedombox/freedom-maker.git \
- freedom-maker
-sudo apt-get install git vmdebootstrap mercurial python-docutils \
- mktorrent extlinux virtualbox qemu-user-static binfmt-support \
- u-boot-tools
-make -C freedom-maker dreamplug-image raspberry-image virtualbox-image
-</pre>
-
-<p>Root access is needed to run debootstrap and mount loopback
-devices. See the README for more details on the build. If you do not
-want all three images, trim the make line. But note that thanks to <a
-href="https://bugs.debian.org/741407">a race condition in
-vmdebootstrap</a>, the build might fail without the patch to the
-kpartx call.</p>
-
-<p>If you instead want to install using a Debian CD and the preseed
-method, boot a Debian Wheezy ISO and use this boot argument to load
-the preseed values:</p>
-
-<pre>
-url=<a href="http://www.reinholdtsen.name/freedombox/preseed-jessie.dat">http://www.reinholdtsen.name/freedombox/preseed-jessie.dat</a>
-</pre>
-
-<p>But note that due to <a href="https://bugs.debian.org/740673">a
-recently introduced bug in apt in Jessie</a>, the installer will
-currently hang while setting up APT sources. Killing the
-'<tt>apt-cdrom ident</tt>' process when it hang a few times during the
-installation will get the installation going. This affect all
-installations in Jessie, and I expect it will be fixed soon.</p>
-
-Give it a go and let us know how it goes on the mailing list, and help
-us get the new release published. :) Please join us on
-<a href="irc://irc.debian.org:6667/%23freedombox">IRC (#freedombox on
-irc.debian.org)</a> and
-<a href="http://lists.alioth.debian.org/mailman/listinfo/freedombox-discuss">the
-mailing list</a> if you want to help make this vision come true.</p>
+ <div class="title"><a href="http://people.skolelinux.org/pere/blog/Updated_sales_number_for_my_Free_Culture_paper_editions.html">Updated sales number for my Free Culture paper editions</a></div>
+ <div class="date">12th June 2017</div>
+ <div class="body"><p>It is pleasing to see that the work we put down in publishing new
+editions of the classic <a href="http://www.free-culture.cc/">Free
+Culture book</a> by the founder of the Creative Commons movement,
+Lawrence Lessig, is still being appreciated. I had a look at the
+latest sales numbers for the paper edition today. Not too impressive,
+but happy to see some buyers still exist. All the revenue from the
+books is sent to the <a href="https://creativecommons.org/">Creative
+Commons Corporation</a>, and they receive the largest cut if you buy
+directly from Lulu. Most books are sold via Amazon, with Ingram
+second and only a small fraction directly from Lulu. The ebook
+edition is available for free from
+<a href="https://github.com/petterreinholdtsen/free-culture-lessig">Github</a>.</p>
+
+<table border="0">
+<tr><th rowspan="2" valign="bottom">Title / language</th><th colspan="3">Quantity</th></tr>
+<tr><th>2016 jan-jun</th><th>2016 jul-dec</th><th>2017 jan-may</th></tr>
+
+<tr>
+ <td><a href="http://www.lulu.com/shop/lawrence-lessig/culture-libre/paperback/product-22645082.html">Culture Libre / French</a></td>
+ <td align="right">3</td>
+ <td align="right">6</td>
+ <td align="right">15</td>
+</tr>
+
+<tr>
+ <td><a href="http://www.lulu.com/shop/lawrence-lessig/fri-kultur/paperback/product-22441576.html">Fri kultur / Norwegian</a></td>
+ <td align="right">7</td>
+ <td align="right">1</td>
+ <td align="right">0</td>
+</tr>
+
+<tr>
+ <td><a href="http://www.lulu.com/shop/lawrence-lessig/free-culture/paperback/product-22440520.html">Free Culture / English</a></td>
+ <td align="right">14</td>
+ <td align="right">27</td>
+ <td align="right">16</td>
+</tr>
+
+<tr>
+ <td>Total</td>
+ <td align="right">24</td>
+ <td align="right">34</td>
+ <td align="right">31</td>
+</tr>
+
+</table>
+
+<p>A bit sad to see the low sales number on the Norwegian edition, and
+a bit surprising the English edition still selling so well.</p>
+
+<p>If you would like to translate and publish the book in your native
+language, I would be happy to help make it happen. Please get in
+touch.</p>
</div>
<div class="tags">
- Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox</a>, <a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet</a>, <a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance</a>, <a href="http://people.skolelinux.org/pere/blog/tags/web">web</a>.
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/docbook">docbook</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/freeculture">freeculture</a>.
</div>
<div class="padding"></div>
<div class="entry">
- <div class="title"><a href="http://people.skolelinux.org/pere/blog/How_to_add_extra_storage_servers_in_Debian_Edu___Skolelinux.html">How to add extra storage servers in Debian Edu / Skolelinux</a></div>
- <div class="date">12th March 2014</div>
- <div class="body"><p>On larger sites, it is useful to use a dedicated storage server for
-storing user home directories and data. The design for handling this
-in <a href="http://www.skolelinux.org/">Debian Edu / Skolelinux</a>, is
-to update the automount rules in LDAP and let the automount daemon on
-the clients take care of the rest. I was reminded about the need to
-document this better when one of the customers of
-<a href="http://www.slxdrift.no/">Skolelinux Drift AS</a>, where I am
-on the board of directors, asked about how to do this. The steps to
-get this working are the following:</p>
+ <div class="title"><a href="http://people.skolelinux.org/pere/blog/Release_0_1_1_of_free_software_archive_system_Nikita_announced.html">Release 0.1.1 of free software archive system Nikita announced</a></div>
+ <div class="date">10th June 2017</div>
+ <div class="body"><p>I am very happy to report that the
+<a href="https://github.com/hiOA-ABI/nikita-noark5-core">Nikita Noark 5
+core project</a> tagged its second release today. The free software
+solution is an implementation of the Norwegian archive standard Noark
+5 used by government offices in Norway. These were the changes in
+version 0.1.1 since version 0.1.0 (from NEWS.md):
-<p><ol>
+<ul>
-<li>Add new storage server in DNS. I use nas-server.intern as the
-example host here.</li>
+ <li>Continued work on the angularjs GUI, including document upload.</li>
+ <li>Implemented correspondencepartPerson, correspondencepartUnit and
+ correspondencepartInternal</li>
+ <li>Applied for coverity coverage and started submitting code on
+ regualr basis.</li>
+ <li>Started fixing bugs reported by coverity</li>
+ <li>Corrected and completed HATEOAS links to make sure entire API is
+ available via URLs in _links.</li>
+ <li>Corrected all relation URLs to use trailing slash.</li>
+ <li>Add initial support for storing data in ElasticSearch.</li>
+ <li>Now able to receive and store uploaded files in the archive.</li>
+ <li>Changed JSON output for object lists to have relations in _links.</li>
+ <li>Improve JSON output for empty object lists.</li>
+ <li>Now uses correct MIME type application/vnd.noark5-v4+json.</li>
+ <li>Added support for docker container images.</li>
+ <li>Added simple API browser implemented in JavaScript/Angular.</li>
+ <li>Started on archive client implemented in JavaScript/Angular.</li>
+ <li>Started on prototype to show the public mail journal.</li>
+ <li>Improved performance by disabling Sprint FileWatcher.</li>
+ <li>Added support for 'arkivskaper', 'saksmappe' and 'journalpost'.</li>
+ <li>Added support for some metadata codelists.</li>
+ <li>Added support for Cross-origin resource sharing (CORS).</li>
+ <li>Changed login method from Basic Auth to JSON Web Token (RFC 7519)
+ style.</li>
+ <li>Added support for GET-ing ny-* URLs.</li>
+ <li>Added support for modifying entities using PUT and eTag.</li>
+ <li>Added support for returning XML output on request.</li>
+ <li>Removed support for English field and class names, limiting ourself
+ to the official names.</li>
+ <li>...</li>
+
+</ul>
-<li>Add automoun LDAP information about this server in LDAP, to allow
-all clients to automatically mount it on reqeust.</li>
+<p>If this sound interesting to you, please contact us on IRC (#nikita
+on irc.freenode.net) or email
+(<a href="https://lists.nuug.no/mailman/listinfo/nikita-noark">nikita-noark
+mailing list).</p>
+</div>
+ <div class="tags">
+
+
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug</a>, <a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn</a>, <a href="http://people.skolelinux.org/pere/blog/tags/standard">standard</a>.
+
+
+ </div>
+ </div>
+ <div class="padding"></div>
+
+ <div class="entry">
+ <div class="title"><a href="http://people.skolelinux.org/pere/blog/Idea_for_storing_trusted_timestamps_in_a_Noark_5_archive.html">Idea for storing trusted timestamps in a Noark 5 archive</a></div>
+ <div class="date"> 7th June 2017</div>
+ <div class="body"><p><em>This is a copy of
+<a href="https://lists.nuug.no/pipermail/nikita-noark/2017-June/000297.html">an
+email I posted to the nikita-noark mailing list</a>. Please follow up
+there if you would like to discuss this topic. The background is that
+we are making a free software archive system based on the Norwegian
+<a href="https://www.arkivverket.no/forvaltning-og-utvikling/regelverk-og-standarder/noark-standarden">Noark
+5 standard</a> for government archives.</em></p>
+
+<p>I've been wondering a bit lately how trusted timestamps could be
+stored in Noark 5.
+<a href="https://en.wikipedia.org/wiki/Trusted_timestamping">Trusted
+timestamps</a> can be used to verify that some information
+(document/file/checksum/metadata) have not been changed since a
+specific time in the past. This is useful to verify the integrity of
+the documents in the archive.</p>
+
+<p>Then it occured to me, perhaps the trusted timestamps could be
+stored as dokument variants (ie dokumentobjekt referered to from
+dokumentbeskrivelse) with the filename set to the hash it is
+stamping?</p>
+
+<p>Given a "dokumentbeskrivelse" with an associated "dokumentobjekt",
+a new dokumentobjekt is associated with "dokumentbeskrivelse" with the
+same attributes as the stamped dokumentobjekt except these
+attributes:</p>
-<li>Add the relevant entries in tjener.intern:/etc/fstab, because
-tjener.intern do not use automount to avoid mounting loops.</li>
+<ul>
-</ol></p>
+<li>format -> "RFC3161"
+<li>mimeType -> "application/timestamp-reply"
+<li>formatDetaljer -> "<source URL for timestamp service>"
+<li>filenavn -> "<sjekksum>.tsr"
-<p>DNS entries are added in GOsa², and not described here. Follow the
-<a href="https://wiki.debian.org/DebianEdu/Documentation/Wheezy/GettingStarted">instructions
-in the manual</a> (Machine Management with GOsa² in section Getting
-started).</p>
+</ul>
-<p>Ensure that the NFS export points on the server are exported to the
-relevant subnets or machines:</p>
+<p>This assume a service following
+<a href="https://tools.ietf.org/html/rfc3161">IETF RFC 3161</a> is
+used, which specifiy the given MIME type for replies and the .tsr file
+ending for the content of such trusted timestamp. As far as I can
+tell from the Noark 5 specifications, it is OK to have several
+variants/renderings of a dokument attached to a given
+dokumentbeskrivelse objekt. It might be stretching it a bit to make
+some of these variants represent crypto-signatures useful for
+verifying the document integrity instead of representing the dokument
+itself.</p>
+
+<p>Using the source of the service in formatDetaljer allow several
+timestamping services to be used. This is useful to spread the risk
+of key compromise over several organisations. It would only be a
+problem to trust the timestamps if all of the organisations are
+compromised.</p>
+
+<p>The following oneliner on Linux can be used to generate the tsr
+file. $input is the path to the file to checksum, and $sha256 is the
+SHA-256 checksum of the file (ie the "<sjekksum>.tsr" value mentioned
+above).</p>
<p><blockquote><pre>
-root@tjener:~# showmount -e nas-server
-Export list for nas-server:
-/storage 10.0.0.0/8
-root@tjener:~#
+openssl ts -query -data "$inputfile" -cert -sha256 -no_nonce \
+ | curl -s -H "Content-Type: application/timestamp-query" \
+ --data-binary "@-" http://zeitstempel.dfn.de > $sha256.tsr
</pre></blockquote></p>
-<p>Here everything on the backbone network is granted access to the
-/storage export. With NFSv3 it is slightly better to limit it to
-netgroup membership or single IP addresses to have some limits on the
-NFS access.</p>
-
-<p>The next step is to update LDAP. This can not be done using GOsa²,
-because it lack a module for automount. Instead, use ldapvi and add
-the required LDAP objects using an editor.</p>
+<p>To verify the timestamp, you first need to download the public key
+of the trusted timestamp service, for example using this command:</p>
<p><blockquote><pre>
-ldapvi --ldap-conf -ZD '(cn=admin)' -b ou=automount,dc=skole,dc=skolelinux,dc=no
+wget -O ca-cert.txt \
+ https://pki.pca.dfn.de/global-services-ca/pub/cacert/chain.txt
</pre></blockquote></p>
-<p>When the editor show up, add the following LDAP objects at the
-bottom of the document. The "/&" part in the last LDAP object is a
-wild card matching everything the nas-server exports, removing the
-need to list individual mount points in LDAP.</p>
+<p>Note, the public key should be stored alongside the timestamps in
+the archive to make sure it is also available 100 years from now. It
+is probably a good idea to standardise how and were to store such
+public keys, to make it easier to find for those trying to verify
+documents 100 or 1000 years from now. :)</p>
+
+<p>The verification itself is a simple openssl command:</p>
<p><blockquote><pre>
-add cn=nas-server,ou=auto.skole,ou=automount,dc=skole,dc=skolelinux,dc=no
-objectClass: automount
-cn: nas-server
-automountInformation: -fstype=autofs --timeout=60 ldap:ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
-
-add ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
-objectClass: top
-objectClass: automountMap
-ou: auto.nas-server
-
-add cn=/,ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
-objectClass: automount
-cn: /
-automountInformation: -fstype=nfs,tcp,rsize=32768,wsize=32768,rw,intr,hard,nodev,nosuid,noatime nas-server.intern:/&
+openssl ts -verify -data $inputfile -in $sha256.tsr \
+ -CAfile ca-cert.txt -text
</pre></blockquote></p>
-<p>The last step to remember is to mount the relevant mount points in
-tjener.intern by adding them to /etc/fstab, creating the mount
-directories using mkdir and running "mount -a" to mount them.</p>
-
-<p>When this is done, your users should be able to access the files on
-the storage server directly by just visiting the
-/tjener/nas-server/storage/ directory using any application on any
-workstation, LTSP client or LTSP server.</p>
+<p>Is there any reason this approach would not work? Is it somehow against
+the Noark 5 specification?</p>
</div>
<div class="tags">
- Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap</a>.
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn</a>, <a href="http://people.skolelinux.org/pere/blog/tags/standard">standard</a>.
</div>
<div class="padding"></div>
<div class="entry">
- <div class="title"><a href="http://people.skolelinux.org/pere/blog/Hvordan_b_r_RFC_822_formattert_epost_lagres_i_en_NOARK5_database_.html">Hvordan bør RFC 822-formattert epost lagres i en NOARK5-database?</a></div>
- <div class="date"> 7th March 2014</div>
- <div class="body"><p>For noen uker siden ble NXCs fri programvarelisenserte
-NOARK5-løsning
-<a href="http://www.nuug.no/aktiviteter/20140211-noark/">presentert hos
-NUUG</a> (video
-<a href="https://www.youtube.com/watch?v=JCb_dNS3MHQ">på youtube
-foreløbig</a>), og det fikk meg til å titte litt mer på NOARK5,
-standarden for arkivhåndtering i det offentlige Norge. Jeg lurer på
-om denne kjernen kan være nyttig i et par av mine prosjekter, og for ett
-av dem er det mest aktuelt å lagre epost. Jeg klarte ikke finne noen
-anbefaling om hvordan RFC 822-formattert epost (aka Internett-epost)
-burde lagres i NOARK5, selv om jeg vet at noen arkiver tar
-PDF-utskrift av eposten med sitt epostprogram og så arkiverer PDF-en
-(eller enda værre, tar papirutskrift og lagrer bildet av eposten som
-PDF i arkivet).</p>
-
-<p>Det er ikke så mange formater som er akseptert av riksarkivet til
-langtidsoppbevaring av offentlige arkiver, og PDF og XML er de mest
-aktuelle i så måte. Det slo meg at det måtte da finnes en eller annen
-egnet XML-representasjon og at det kanskje var enighet om hvilken som
-burde brukes, så jeg tok mot til meg og spurte
-<a href="http://samdok.com/">SAMDOK</a>, en gruppe tilknyttet
-arkivverket som ser ut til å jobbe med NOARK-samhandling, om de hadde
-noen anbefalinger:
-
-<p><blockquote>
-<p>Hei.</p>
-
-<p>Usikker på om dette er riktig forum å ta opp mitt spørsmål, men jeg
-lurer på om det er definert en anbefaling om hvordan RFC
-822-formatterte epost (aka vanlig Internet-epost) bør lages håndteres
-i NOARK5, slik at en bevarer all informasjon i eposten
-(f.eks. Received-linjer). Finnes det en anbefalt XML-mapping ala den
-som beskrives på
-<URL: <a href="https://www.informit.com/articles/article.aspx?p=32074">https://www.informit.com/articles/article.aspx?p=32074</a> >? Mitt
-mål er at det skal være mulig å lagre eposten i en NOARK5-kjerne og
-kunne få ut en identisk formattert kopi av opprinnelig epost ved
-behov.</p>
-</blockquote></p>
-
-<p>Postmottaker hos SAMDOK mente spørsmålet heller burde stilles
-direkte til riksarkivet, og jeg fikk i dag svar derfra formulert av
-seniorrådgiver Geir Ivar Tungesvik:</p>
-
-<p><blockquote>
-<p>Riksarkivet har ingen anbefalinger når det gjelder konvertering fra
-e-post til XML. Det står arkivskaper fritt å eventuelt definere/bruke
-eget format. Inklusive da - som det spørres om - et format der det er
-mulig å re-etablere e-post format ut fra XML-en. XML (e-post)
-dokumenter må være referert i arkivstrukturen, og det må vedlegges et
-gyldig XML skjema (.xsd) for XML-filene. Arkivskaper står altså fritt
-til å gjøre hva de vil, bare det dokumenteres og det kan dannes et
-utrekk ved avlevering til depot.</p>
-
-<p>De obligatoriske kravene i Noark 5 standarden må altså oppfylles -
-etter dialog med Riksarkivet i forbindelse med godkjenning. For
-offentlige arkiv er det særlig viktig med filene loependeJournal.xml
-og offentligJournal.xml. Private arkiv som vil forholde seg til Noark
-5 standarden er selvsagt frie til å bruke det som er relevant for dem
-av obligatoriske krav.</p>
-</blockquote></p>
-
-<p>Det ser dermed ut for meg som om det er et lite behov for å
-standardisere XML-lagring av RFC-822-formatterte meldinger. Noen som
-vet om god spesifikasjon i så måte? I tillegg til den omtalt over,
-har jeg kommet over flere aktuelle beskrivelser (søk på "rfc 822
-xml", så finner du aktuelle alternativer).</p>
-
-<ul>
-
-<li><a href="http://www.openhealth.org/xmtp/">XML MIME Transformation
-protocol (XMTP)</a> fra OpenHealth, sist oppdatert 2001.</li>
-
-<li><a href="https://tools.ietf.org/html/draft-klyne-message-rfc822-xml-03">An
-XML format for mail and other messages</a> utkast fra IETF datert
-2001.</li>
-
-<li><a href="http://www.informit.com/articles/article.aspx?p=32074">xMail:
-E-mail as XML</a> en artikkel fra 2003 som beskriver python-modulen
-rfc822 som gir ut XML-representasjon av en RFC 822-formattert epost.</li>
-
-</ul>
-
-<p>Finnes det andre og bedre spesifikasjoner for slik lagring? Send
-meg en epost hvis du har innspill.</p>
+ <div class="title"><a href="http://people.skolelinux.org/pere/blog/N_r_nynorskoversettelsen_svikter_til_eksamen___.html">Når nynorskoversettelsen svikter til eksamen...</a></div>
+ <div class="date"> 3rd June 2017</div>
+ <div class="body"><p><a href="http://www.aftenposten.no/norge/Krever-at-elever-ma-fa-annullert-eksamen-etter-rot-med-oppgavetekster-622459b.html">Aftenposten
+melder i dag</a> om feil i eksamensoppgavene for eksamen i politikk og
+menneskerettigheter, der teksten i bokmåls og nynorskutgaven ikke var
+like. Oppgaveteksten er gjengitt i artikkelen, og jeg ble nysgjerring
+på om den fri oversetterløsningen
+<a href="https://www.apertium.org/">Apertium</a> ville gjort en bedre
+jobb enn Utdanningsdirektoratet. Det kan se slik ut.</p>
+
+<p>Her er bokmålsoppgaven fra eksamenen:</p>
+
+<blockquote>
+<p>Drøft utfordringene knyttet til nasjonalstatenes og andre aktørers
+rolle og muligheter til å håndtere internasjonale utfordringer, som
+for eksempel flykningekrisen.</p>
+
+<p>Vedlegge er eksempler på tekster som kan gi relevante perspektiver
+på temaet:</p>
+<ol>
+<li>Flykningeregnskapet 2016, UNHCR og IDMC
+<li>«Grenseløst Europa for fall» A-Magasinet, 26. november 2015
+</ol>
+
+</blockquote>
+
+<p>Dette oversetter Apertium slik:</p>
+
+<blockquote>
+<p>Drøft utfordringane knytte til nasjonalstatane sine og rolla til
+andre aktørar og høve til å handtera internasjonale utfordringar, som
+til dømes *flykningekrisen.</p>
+
+<p>Vedleggja er døme på tekster som kan gje relevante perspektiv på
+temaet:</p>
+
+<ol>
+<li>*Flykningeregnskapet 2016, *UNHCR og *IDMC</li>
+<li>«*Grenseløst Europa for fall» A-Magasinet, 26. november 2015</li>
+</ol>
+
+</blockquote>
+
+<p>Ord som ikke ble forstått er markert med stjerne (*), og trenger
+ekstra språksjekk. Men ingen ord er forsvunnet, slik det var i
+oppgaven elevene fikk presentert på eksamen. Jeg mistenker dog at
+"andre aktørers rolle og muligheter til ..." burde vært oversatt til
+"rolla til andre aktørar og deira høve til ..." eller noe slikt, men
+det er kanskje flisespikking. Det understreker vel bare at det alltid
+trengs korrekturlesning etter automatisk oversettelse.</p>
</div>
<div class="tags">
- Tags: <a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk</a>, <a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn</a>.
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk</a>, <a href="http://people.skolelinux.org/pere/blog/tags/stavekontroll">stavekontroll</a>.
</div>
<div class="padding"></div>
<div class="entry">
- <div class="title"><a href="http://people.skolelinux.org/pere/blog/Lenker_for_2014_02_28.html">Lenker for 2014-02-28</a></div>
- <div class="date">28th February 2014</div>
- <div class="body"><p>Her er noen lenker til tekster jeg har satt pris på å lese de siste
-månedene. Det er mye om varsleren Edward Snowden, som burde få all
-hjelp, støtte og beskyttelse Norge kan stille opp med for å ha satt
-totalitær overvåkning på sakskartet, men også endel annet
-tankevekkende og interessant.</p>
-
-<ul>
-
-<li>2013-12-21
-<a href="http://www.dagbladet.no/2013/12/21/nyheter/thomas_drake/nsa/overvakning/snowden/30925886/">-
-NSA tenker som Stasi</a> - Dagbladet.no</li>
-
-<li>2013-12-19 <a href="http://www.dagensit.no/article2732734.ece">-
-Staten har ikke rett til å vite alt om deg</a> - DN.no</li>
-
-<li>2013-12-21
-<a href="http://www.dagbladet.no/2013/12/21/nyheter/krig_og_konflikter/politikk/utenriks/30961126/">Nye
-mål for NSAs spionasje avslørt</a> - Dagbladet.no</li>
-
-<li>2013-12-19
-<a href="http://www.dagbladet.no/2013/12/19/nyheter/nsa/usa/politikk/barack_obama/30918684/">«NSA
-bør fjernes fra sin makt til å samle inn metadata fra amerikanske
-telefonsamtaler»</a> - Dagbladet.no</li>
-
-<li>2013-12-18
-<a href="http://www.dagbladet.no/2013/12/18/kultur/meninger/hovedkronikk/debatt/snowden/30901089/">Etterretning,
-overvåking, frihet og sikkerhet</a> - Dagbladet.no</li>
-
-<li>2013-12-17
-<a href="http://www.nrk.no/verden/snowden-vil-ha-asyl-i-brasil-1.11423444">Snowden
-angriper USA i åpent brev</a> - nrk.no</li>
-
-<li>2013-12-17
-<a href="http://www.digi.no/925820/rettslig-nederlag-for-etterretning">Rettslig
-nederlag for etterretning</a> - digi.no</li>
-
-<li>2013-12-21
-<a href="http://www.dagbladet.no/2013/12/21/kultur/meninger/hovedkommentar/kommentar/etterretning/30963284/">Truende
-nedkjøling</a> - dagbladet.no</li>
-
-<li>2013-12-20
-<a href="http://www.aftenposten.no/viten/Matematikk-og-forstaelse-7411849.html">Matematikk
-og forståelse</a> - aftenposten.no</li>
-
-<li>2013-10-20
-<a href="http://www.nrk.no/viten/ny-studie_sovn-reinser-hjernen-var-1.11306106">Vi
-søv for å reinse hjernen vår, ifølgje ny studie</a> - nrk.no</li>
-
-<li>2013-12-11
-<a href="http://www.nrk.no/buskerud/julebaksten-i-vasken-1.11410033">Rotterace
-i kloakken</a> - nrk.no</li>
-
-<li>2013-12-30
-<a href="http://www.aftenposten.no/viten/Apne-brev-og-frie-tanker-7413734.html">Åpne
-brev og frie tanker</a> - aftenposten.no</li>
-
-<li>2014-01-12
-<a href="http://www.aftenposten.no/viten/Stopp-kunnskapsapartheidet-7428229.html">Stopp dagens kunnskapsapartheid!</a> - aftenposten.no</li>
-
-<li>2014-01-09
-<a href="http://www.aftenposten.no/nyheter/uriks/EU-rapport-Britisk-og-amerikansk-overvaking-ser-ut-til-a-vare-ulovlig-7428933.html">EU-rapport:
-Britisk og amerikansk overvåking ser ut til å være ulovlig</a> -
-aftenposten.no</li>
+ <div class="title"><a href="http://people.skolelinux.org/pere/blog/Epost_inn_som_arkivformat_i_Riksarkivarens_forskrift_.html">Epost inn som arkivformat i Riksarkivarens forskrift?</a></div>
+ <div class="date">27th April 2017</div>
+ <div class="body"><p>I disse dager, med frist 1. mai, har Riksarkivaren ute en høring på
+sin forskrift. Som en kan se er det ikke mye tid igjen før fristen
+som går ut på søndag. Denne forskriften er det som lister opp hvilke
+formater det er greit å arkivere i
+<a href="http://www.arkivverket.no/arkivverket/Offentleg-forvalting/Noark/Noark-5">Noark
+5-løsninger</a> i Norge.</p>
+
+<p>Jeg fant høringsdokumentene hos
+<a href="https://www.arkivrad.no/aktuelt/riksarkivarens-forskrift-pa-horing">Norsk
+Arkivråd</a> etter å ha blitt tipset på epostlisten til
+<a href="https://github.com/hiOA-ABI/nikita-noark5-core">fri
+programvareprosjektet Nikita Noark5-Core</a>, som lager et Noark 5
+Tjenestegresesnitt. Jeg er involvert i Nikita-prosjektet og takket
+være min interesse for tjenestegrensesnittsprosjektet har jeg lest en
+god del Noark 5-relaterte dokumenter, og til min overraskelse oppdaget
+at standard epost ikke er på listen over godkjente formater som kan
+arkiveres. Høringen med frist søndag er en glimrende mulighet til å
+forsøke å gjøre noe med det. Jeg holder på med
+<a href="https://github.com/petterreinholdtsen/noark5-tester/blob/master/docs/hoering-arkivforskrift.tex">egen
+høringsuttalelse</a>, og lurer på om andre er interessert i å støtte
+forslaget om å tillate arkivering av epost som epost i arkivet.</p>
+
+<p>Er du igang med å skrive egen høringsuttalelse allerede? I så fall
+kan du jo vurdere å ta med en formulering om epost-lagring. Jeg tror
+ikke det trengs så mye. Her et kort forslag til tekst:</p>
-<li>2013-10-23 Professor Jan Arild Audestad
-<a href="http://www.digi.no/924008/advarer-mot-konspirasjonsteori">Advarer
-mot konspirasjonsteori</a> i digi.no og sier han ikke tror NSA kan
-avlytte mobiltelefoner, mens han noen måneder senere forteller:</li>
-
-<li>2014-01-09
-<a href="http://www.aftenposten.no/nyheter/iriks/--Vi-ble-presset-til-a-svekke-mobilsikkerheten-pa-80-tallet-7410467.html">-
-Vi ble presset til å svekke mobilsikkerheten på 80-tallet</a> -
-aftenposten.no</li>
-
-<li>2014-02-12
-<a href="http://tv.nrk.no/program/koid20005814/et-moete-med-edward-snowden">Et
-møte med Edward Snowden</a> - intervju sendt av nrk, tilgjengelig til
-2015-01-31</li>
+<p><blockquote>
-<li>2014-02-17
-<a href="http://politiken.dk/debat/profiler/jessteinpedersen/ECE2210356/litteraturredaktoeren-helle-thornings-tavshed-om-snowden-er-en-skandale/">Litteraturredaktøren:
-Helle Thornings tavshed om Snowden er en skandale</a> -
-politiken.dk</li>
+ <p>Viser til høring sendt ut 2017-02-17 (Riksarkivarens referanse
+ 2016/9840 HELHJO), og tillater oss å sende inn noen innspill om
+ revisjon av Forskrift om utfyllende tekniske og arkivfaglige
+ bestemmelser om behandling av offentlige arkiver (Riksarkivarens
+ forskrift).</p>
-<li>2014-02-21
-<a href="http://www.aftenposten.no/meninger/kronikker/Bra-a-ha-en-Storebror-7476734.html">Bra å ha en «Storebror»</a> - aftenposten.no</li>
+ <p>Svært mye av vår kommuikasjon foregår i dag på e-post. Vi
+ foreslår derfor at Internett-e-post, slik det er beskrevet i IETF
+ RFC 5322,
+ <a href="https://tools.ietf.org/html/rfc5322">https://tools.ietf.org/html/rfc5322</a>. bør
+ inn som godkjent dokumentformat. Vi foreslår at forskriftens
+ oversikt over godkjente dokumentformater ved innlevering i § 5-16
+ endres til å ta med Internett-e-post.</p>
-<li>2014-02-28
-<a href="http://johnchristianelden.blogg.no/1393536806_narkotikasiktet_stort.html">"Narkotikasiktet
-Stortingsmann" - Spillet bak kulissene</a> - John Christian Eldens
-blogg</li>
+</blockquote></p>
-<li>2014-02-28
-<a href="http://www.aftenposten.no/meninger/Heksejakt-pa-hasjbrukere-7486283.html">Heksejakt
-på hasjbrukere</a> - aftenposten.no</li>
+<p>Som del av arbeidet med tjenestegrensesnitt har vi testet hvordan
+epost kan lagres i en Noark 5-struktur, og holder på å skrive et
+forslag om hvordan dette kan gjøres som vil bli sendt over til
+arkivverket så snart det er ferdig. De som er interesserte kan
+<a href="https://github.com/petterreinholdtsen/noark5-tester/blob/master/docs/epostlagring.md">følge
+fremdriften på web</a>.</p>
-</ul>
+<p>Oppdatering 2017-04-28: I dag ble høringuttalelsen jeg skrev
+ <a href="https://www.nuug.no/news/NUUGs_h_ringuttalelse_til_Riksarkivarens_forskrift.shtml">sendt
+ inn av foreningen NUUG</a>.</p>
</div>
<div class="tags">
- Tags: <a href="http://people.skolelinux.org/pere/blog/tags/lenker">lenker</a>, <a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk</a>, <a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern</a>.
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk</a>, <a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn</a>, <a href="http://people.skolelinux.org/pere/blog/tags/standard">standard</a>.
</div>
<div class="padding"></div>
<div class="entry">
- <div class="title"><a href="http://people.skolelinux.org/pere/blog/New_home_and_release_1_0_for_netgroup_and_innetgr__aka_ng_utils_.html">New home and release 1.0 for netgroup and innetgr (aka ng-utils)</a></div>
- <div class="date">22nd February 2014</div>
- <div class="body"><p>Many years ago, I wrote a GPL licensed version of the netgroup and
-innetgr tools, because I needed them in
-<a href="http://www.skolelinux.org/">Skolelinux</a>. I called the project
-ng-utils, and it has served me well. I placed the project under the
-<a href="http://www.hungry.com/">Hungry Programmer</a> umbrella, and it was maintained in our CVS
-repository. But many years ago, the CVS repository was dropped (lost,
-not migrated to new hardware, not sure), and the project have lacked a
-proper home since then.</p>
-
-<p>Last summer, I had a look at the package and made a new release
-fixing a irritating crash bug, but was unable to store the changes in
-a proper source control system. I applied for a project on
-<a href="https://alioth.debian.org/">Alioth</a>, but did not have time
-to follow up on it. Until today. :)</p>
-
-<p>After many hours of cleaning and migration, the ng-utils project
-now have a new home, and a git repository with the highlight of the
-history of the project. I published all release tarballs and imported
-them into the git repository. As the project is really stable and not
-expected to gain new features any time soon, I decided to make a new
-release and call it 1.0. Visit the new project home on
-<a href="https://alioth.debian.org/projects/ng-utils/">https://alioth.debian.org/projects/ng-utils/</a>
-if you want to check it out. The new version is also uploaded into
-<a href="http://packages.qa.debian.org/n/ng-utils.html">Debian Unstable</a>.</p>
+ <div class="title"><a href="http://people.skolelinux.org/pere/blog/Offentlig_elektronisk_postjournal_blokkerer_tilgang_for_utvalgte_webklienter.html">Offentlig elektronisk postjournal blokkerer tilgang for utvalgte webklienter</a></div>
+ <div class="date">20th April 2017</div>
+ <div class="body"><p>Jeg oppdaget i dag at <a href="https://www.oep.no/">nettstedet som
+publiserer offentlige postjournaler fra statlige etater</a>, OEP, har
+begynt å blokkerer enkelte typer webklienter fra å få tilgang. Vet
+ikke hvor mange det gjelder, men det gjelder i hvert fall libwww-perl
+og curl. For å teste selv, kjør følgende:</p>
+
+<blockquote><pre>
+% curl -v -s https://www.oep.no/pub/report.xhtml?reportId=3 2>&1 |grep '< HTTP'
+< HTTP/1.1 404 Not Found
+% curl -v -s --header 'User-Agent:Opera/12.0' https://www.oep.no/pub/report.xhtml?reportId=3 2>&1 |grep '< HTTP'
+< HTTP/1.1 200 OK
+%
+</pre></blockquote>
+
+<p>Her kan en se at tjenesten gir «404 Not Found» for curl i
+standardoppsettet, mens den gir «200 OK» hvis curl hevder å være Opera
+versjon 12.0. Offentlig elektronisk postjournal startet blokkeringen
+2017-03-02.</p>
+
+<p>Blokkeringen vil gjøre det litt vanskeligere å maskinelt hente
+informasjon fra oep.no. Kan blokkeringen være gjort for å hindre
+automatisert innsamling av informasjon fra OEP, slik Pressens
+Offentlighetsutvalg gjorde for å dokumentere hvordan departementene
+hindrer innsyn i
+<a href="http://presse.no/dette-mener-np/undergraver-offentlighetsloven/">rapporten
+«Slik hindrer departementer innsyn» som ble publiserte i januar
+2017</a>. Det virker usannsynlig, da det jo er trivielt å bytte
+User-Agent til noe nytt.</p>
+
+<p>Finnes det juridisk grunnlag for det offentlige å diskriminere
+webklienter slik det gjøres her? Der tilgang gis eller ikke alt etter
+hva klienten sier at den heter? Da OEP eies av DIFI og driftes av
+Basefarm, finnes det kanskje noen dokumenter sendt mellom disse to
+aktørene man kan be om innsyn i for å forstå hva som har skjedd. Men
+<a href="https://www.oep.no/search/result.html?period=dateRange&fromDate=01.01.2016&toDate=01.04.2017&dateType=documentDate&caseDescription=&descType=both&caseNumber=&documentNumber=&sender=basefarm&senderType=both&documentType=all&legalAuthority=&archiveCode=&list2=196&searchType=advanced&Search=Search+in+records">postjournalen
+til DIFI viser kun to dokumenter</a> det siste året mellom DIFI og
+Basefarm.
+<a href="https://www.mimesbronn.no/request/blokkering_av_tilgang_til_oep_fo">Mimes brønn neste</a>,
+tenker jeg.</p>
</div>
<div class="tags">
- Tags: <a href="http://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>.
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk</a>, <a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn</a>.
</div>
<div class="padding"></div>
<div class="entry">
- <div class="title"><a href="http://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html">Testing sysvinit from experimental in Debian Hurd</a></div>
- <div class="date"> 3rd February 2014</div>
- <div class="body"><p>A few days ago I decided to try to help the Hurd people to get
-their changes into sysvinit, to allow them to use the normal sysvinit
-boot system instead of their old one. This follow up on the
-<a href="https://teythoon.cryptobitch.de//categories/gsoc.html">great
-Google Summer of Code work</a> done last summer by Justus Winter to
-get Debian on Hurd working more like Debian on Linux. To get started,
-I downloaded a prebuilt hard disk image from
-<a href="http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz">http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz</a>,
-and started it using virt-manager.</p>
-
-<p>The first think I had to do after logging in (root without any
-password) was to get the network operational. I followed
-<a href="https://www.debian.org/ports/hurd/hurd-install">the
-instructions on the Debian GNU/Hurd ports page</a> and ran these
-commands as root to get the machine to accept a IP address from the
-kvm internal DHCP server:</p>
+ <div class="title"><a href="http://people.skolelinux.org/pere/blog/Free_software_archive_system_Nikita_now_able_to_store_documents.html">Free software archive system Nikita now able to store documents</a></div>
+ <div class="date">19th March 2017</div>
+ <div class="body"><p>The <a href="https://github.com/hiOA-ABI/nikita-noark5-core">Nikita
+Noark 5 core project</a> is implementing the Norwegian standard for
+keeping an electronic archive of government documents.
+<a href="http://www.arkivverket.no/arkivverket/Offentlig-forvaltning/Noark/Noark-5/English-version">The
+Noark 5 standard</a> document the requirement for data systems used by
+the archives in the Norwegian government, and the Noark 5 web interface
+specification document a REST web service for storing, searching and
+retrieving documents and metadata in such archive. I've been involved
+in the project since a few weeks before Christmas, when the Norwegian
+Unix User Group
+<a href="https://www.nuug.no/news/NOARK5_kjerne_som_fri_programvare_f_r_epostliste_hos_NUUG.shtml">announced
+it supported the project</a>. I believe this is an important project,
+and hope it can make it possible for the government archives in the
+future to use free software to keep the archives we citizens depend
+on. But as I do not hold such archive myself, personally my first use
+case is to store and analyse public mail journal metadata published
+from the government. I find it useful to have a clear use case in
+mind when developing, to make sure the system scratches one of my
+itches.</p>
+
+<p>If you would like to help make sure there is a free software
+alternatives for the archives, please join our IRC channel
+(<a href="irc://irc.freenode.net/%23nikita"">#nikita on
+irc.freenode.net</a>) and
+<a href="https://lists.nuug.no/mailman/listinfo/nikita-noark">the
+project mailing list</a>.</p>
+
+<p>When I got involved, the web service could store metadata about
+documents. But a few weeks ago, a new milestone was reached when it
+became possible to store full text documents too. Yesterday, I
+completed an implementation of a command line tool
+<tt>archive-pdf</tt> to upload a PDF file to the archive using this
+API. The tool is very simple at the moment, and find existing
+<a href="https://en.wikipedia.org/wiki/Fonds">fonds</a>, series and
+files while asking the user to select which one to use if more than
+one exist. Once a file is identified, the PDF is associated with the
+file and uploaded, using the title extracted from the PDF itself. The
+process is fairly similar to visiting the archive, opening a cabinet,
+locating a file and storing a piece of paper in the archive. Here is
+a test run directly after populating the database with test data using
+our API tester:</p>
<p><blockquote><pre>
-settrans -fgap /dev/netdde /hurd/netdde
-kill $(ps -ef|awk '/[p]finet/ { print $2}')
-kill $(ps -ef|awk '/[d]evnode/ { print $2}')
-dhclient /dev/eth0
+~/src//noark5-tester$ ./archive-pdf mangelmelding/mangler.pdf
+using arkiv: Title of the test fonds created 2017-03-18T23:49:32.103446
+using arkivdel: Title of the test series created 2017-03-18T23:49:32.103446
+
+ 0 - Title of the test case file created 2017-03-18T23:49:32.103446
+ 1 - Title of the test file created 2017-03-18T23:49:32.103446
+Select which mappe you want (or search term): 0
+Uploading mangelmelding/mangler.pdf
+ PDF title: Mangler i spesifikasjonsdokumentet for NOARK 5 Tjenestegrensesnitt
+ File 2017/1: Title of the test case file created 2017-03-18T23:49:32.103446
+~/src//noark5-tester$
</pre></blockquote></p>
-<p>After this, the machine had internet connectivity, and I could
-upgrade it and install the sysvinit packages from experimental and
-enable it as the default boot system in Hurd.</p>
-
-<p>But before I did that, I set a password on the root user, as ssh is
-running on the machine it for ssh login to work a password need to be
-set. Also, note that a bug somewhere in openssh on Hurd block
-compression from working. Remember to turn that off on the client
-side.</p>
-
-<p>Run these commands as root to upgrade and test the new sysvinit
-stuff:</p>
-
-<p><blockquote><pre>
-cat > /etc/apt/sources.list.d/experimental.list <<EOF
-deb http://http.debian.net/debian/ experimental main
-EOF
-apt-get update
-apt-get dist-upgrade
-apt-get install -t experimental initscripts sysv-rc sysvinit \
- sysvinit-core sysvinit-utils
-update-alternatives --config runsystem
-</pre></blockquote></p>
-
-<p>To reboot after switching boot system, you have to use
-<tt>reboot-hurd</tt> instead of just <tt>reboot</tt>, as there is not
-yet a sysvinit process able to receive the signals from the normal
-'reboot' command. After switching to sysvinit as the boot system,
-upgrading every package and rebooting, the network come up with DHCP
-after boot as it should, and the settrans/pkill hack mentioned at the
-start is no longer needed. But for some strange reason, there are no
-longer any login prompt in the virtual console, so I logged in using
-ssh instead.
-
-<p>Note that there are some race conditions in Hurd making the boot
-fail some times. No idea what the cause is, but hope the Hurd porters
-figure it out. At least Justus said on IRC (#debian-hurd on
-irc.debian.org) that they are aware of the problem. A way to reduce
-the impact is to upgrade to the Hurd packages built by Justus by
-adding this repository to the machine:</p>
-
-<p><blockquote><pre>
-cat > /etc/apt/sources.list.d/hurd-ci.list <<EOF
-deb http://darnassus.sceen.net/~teythoon/hurd-ci/ sid main
-EOF
-</pre></blockquote></p>
-
-<p>At the moment the prebuilt virtual machine get some packages from
-http://ftp.debian-ports.org/debian, because some of the packages in
-unstable do not yet include the required patches that are lingering in
-BTS. This is the completely list of "unofficial" packages installed:</p>
-
-<p><blockquote><pre>
-# aptitude search '?narrow(?version(CURRENT),?origin(Debian Ports))'
-i emacs - GNU Emacs editor (metapackage)
-i gdb - GNU Debugger
-i hurd-recommended - Miscellaneous translators
-i isc-dhcp-client - ISC DHCP client
-i isc-dhcp-common - common files used by all the isc-dhcp* packages
-i libc-bin - Embedded GNU C Library: Binaries
-i libc-dev-bin - Embedded GNU C Library: Development binaries
-i libc0.3 - Embedded GNU C Library: Shared libraries
-i A libc0.3-dbg - Embedded GNU C Library: detached debugging symbols
-i libc0.3-dev - Embedded GNU C Library: Development Libraries and Hea
-i multiarch-support - Transitional package to ensure multiarch compatibilit
-i A x11-common - X Window System (X.Org) infrastructure
-i xorg - X.Org X Window System
-i A xserver-xorg - X.Org X server
-i A xserver-xorg-input-all - X.Org X server -- input driver metapackage
-#
-</pre></blockquote></p>
-
-<p>All in all, testing hurd has been an interesting experience. :)
-X.org did not work out of the box and I never took the time to follow
-the porters instructions to fix it. This time I was interested in the
-command line stuff.<p>
-</div>
- <div class="tags">
-
-
- Tags: <a href="http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem</a>, <a href="http://people.skolelinux.org/pere/blog/tags/debian">debian</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>.
-
-
- </div>
- </div>
- <div class="padding"></div>
-
- <div class="entry">
- <div class="title"><a href="http://people.skolelinux.org/pere/blog/A_fist_full_of_non_anonymous_Bitcoins.html">A fist full of non-anonymous Bitcoins</a></div>
- <div class="date">29th January 2014</div>
- <div class="body"><p>Bitcoin is a incredible use of peer to peer communication and
-encryption, allowing direct and immediate money transfer without any
-central control. It is sometimes claimed to be ideal for illegal
-activity, which I believe is quite a long way from the truth. At least
-I would not conduct illegal money transfers using a system where the
-details of every transaction are kept forever. This point is
-investigated in
-<a href="https://www.usenix.org/publications/login">USENIX ;login:</a>
-from December 2013, in the article
-"<a href="https://www.usenix.org/system/files/login/articles/03_meiklejohn-online.pdf">A
-Fistful of Bitcoins - Characterizing Payments Among Men with No
-Names</a>" by Sarah Meiklejohn, Marjori Pomarole,Grant Jordan, Kirill
-Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. They
-analyse the transaction log in the Bitcoin system, using it to find
-addresses belong to individuals and organisations and follow the flow
-of money from both Bitcoin theft and trades on Silk Road to where the
-money end up. This is how they wrap up their article:</p>
-
-<p><blockquote>
-<p>"To demonstrate the usefulness of this type of analysis, we turned
-our attention to criminal activity. In the Bitcoin economy, criminal
-activity can appear in a number of forms, such as dealing drugs on
-Silk Road or simply stealing someone else’s bitcoins. We followed the
-flow of bitcoins out of Silk Road (in particular, from one notorious
-address) and from a number of highly publicized thefts to see whether
-we could track the bitcoins to known services. Although some of the
-thieves attempted to use sophisticated mixing techniques (or possibly
-mix services) to obscure the flow of bitcoins, for the most part
-tracking the bitcoins was quite straightforward, and we ultimately saw
-large quantities of bitcoins flow to a variety of exchanges directly
-from the point of theft (or the withdrawal from Silk Road).</p>
-
-<p>As acknowledged above, following stolen bitcoins to the point at
-which they are deposited into an exchange does not in itself identify
-the thief; however, it does enable further de-anonymization in the
-case in which certain agencies can determine (through, for example,
-subpoena power) the real-world owner of the account into which the
-stolen bitcoins were deposited. Because such exchanges seem to serve
-as chokepoints into and out of the Bitcoin economy (i.e., there are
-few alternative ways to cash out), we conclude that using Bitcoin for
-money laundering or other illicit purposes does not (at least at
-present) seem to be particularly attractive."</p>
-</blockquote><p>
-
-<p>These researches are not the first to analyse the Bitcoin
-transaction log. The 2011 paper
-"<a href="http://arxiv.org/abs/1107.4524">An Analysis of Anonymity in
-the Bitcoin System</A>" by Fergal Reid and Martin Harrigan is
-summarized like this:</p>
-
-<p><blockquote>
-"Anonymity in Bitcoin, a peer-to-peer electronic currency system, is a
-complicated issue. Within the system, users are identified by
-public-keys only. An attacker wishing to de-anonymize its users will
-attempt to construct the one-to-many mapping between users and
-public-keys and associate information external to the system with the
-users. Bitcoin tries to prevent this attack by storing the mapping of
-a user to his or her public-keys on that user's node only and by
-allowing each user to generate as many public-keys as required. In
-this chapter we consider the topological structure of two networks
-derived from Bitcoin's public transaction history. We show that the
-two networks have a non-trivial topological structure, provide
-complementary views of the Bitcoin system and have implications for
-anonymity. We combine these structures with external information and
-techniques such as context discovery and flow analysis to investigate
-an alleged theft of Bitcoins, which, at the time of the theft, had a
-market value of approximately half a million U.S. dollars."
-</blockquote></p>
-
-<p>I hope these references can help kill the urban myth that Bitcoin
-is anonymous. It isn't really a good fit for illegal activites. Use
-cash if you need to stay anonymous, at least until regular DNA
-sampling of notes and coins become the norm. :)</p>
-
-<p>As usual, if you use Bitcoin and want to show your support of my
-activities, please send Bitcoin donations to my address
-<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b&label=PetterReinholdtsenBlog">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p>
+<p>You can see here how the fonds (arkiv) and serie (arkivdel) only had
+one option, while the user need to choose which file (mappe) to use
+among the two created by the API tester. The <tt>archive-pdf</tt>
+tool can be found in the git repository for the API tester.</p>
+
+<p>In the project, I have been mostly working on
+<a href="https://github.com/petterreinholdtsen/noark5-tester">the API
+tester</a> so far, while getting to know the code base. The API
+tester currently use
+<a href="https://en.wikipedia.org/wiki/HATEOAS">the HATEOAS links</a>
+to traverse the entire exposed service API and verify that the exposed
+operations and objects match the specification, as well as trying to
+create objects holding metadata and uploading a simple XML file to
+store. The tester has proved very useful for finding flaws in our
+implementation, as well as flaws in the reference site and the
+specification.</p>
+
+<p>The test document I uploaded is a summary of all the specification
+defects we have collected so far while implementing the web service.
+There are several unclear and conflicting parts of the specification,
+and we have
+<a href="https://github.com/petterreinholdtsen/noark5-tester/tree/master/mangelmelding">started
+writing down</a> the questions we get from implementing it. We use a
+format inspired by how <a href="http://www.opengroup.org/austin/">The
+Austin Group</a> collect defect reports for the POSIX standard with
+<a href="http://www.opengroup.org/austin/mantis.html">their
+instructions for the MANTIS defect tracker system</a>, in lack of an official way to structure defect reports for Noark 5 (our first submitted defect report was a <a href="https://github.com/petterreinholdtsen/noark5-tester/blob/master/mangelmelding/sendt/2017-03-15-mangel-prosess.md">request for a procedure for submitting defect reports</a> :).
+
+<p>The Nikita project is implemented using Java and Spring, and is
+fairly easy to get up and running using Docker containers for those
+that want to test the current code base. The API tester is
+implemented in Python.</p>
</div>
<div class="tags">
- Tags: <a href="http://people.skolelinux.org/pere/blog/tags/bitcoin">bitcoin</a>, <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern</a>, <a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet</a>.
+ Tags: <a href="http://people.skolelinux.org/pere/blog/tags/english">english</a>, <a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug</a>, <a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn</a>, <a href="http://people.skolelinux.org/pere/blog/tags/standard">standard</a>.
</div>
<h2>Archive</h2>
<ul>
+<li>2017
+<ul>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2017/01/">January (4)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2017/02/">February (3)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2017/03/">March (5)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2017/04/">April (2)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2017/06/">June (5)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2017/07/">July (1)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2017/08/">August (1)</a></li>
+
+</ul></li>
+
+<li>2016
+<ul>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2016/01/">January (3)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2016/02/">February (2)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2016/03/">March (3)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2016/04/">April (8)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2016/05/">May (8)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2016/06/">June (2)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2016/07/">July (2)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2016/08/">August (5)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2016/09/">September (2)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2016/10/">October (3)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2016/11/">November (8)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2016/12/">December (5)</a></li>
+
+</ul></li>
+
+<li>2015
+<ul>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/01/">January (7)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/02/">February (6)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/03/">March (1)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/04/">April (4)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/05/">May (3)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/06/">June (4)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/07/">July (6)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/08/">August (2)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/09/">September (2)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/10/">October (9)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/11/">November (6)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2015/12/">December (3)</a></li>
+
+</ul></li>
+
<li>2014
<ul>
<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/02/">February (3)</a></li>
-<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/03/">March (6)</a></li>
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/03/">March (8)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/04/">April (7)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/05/">May (1)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/06/">June (2)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/07/">July (2)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/08/">August (2)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/09/">September (5)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/10/">October (6)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/11/">November (3)</a></li>
+
+<li><a href="http://people.skolelinux.org/pere/blog/archive/2014/12/">December (5)</a></li>
</ul></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/bankid">bankid (4)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/bitcoin">bitcoin (8)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/bitcoin">bitcoin (9)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem (14)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/bootsystem">bootsystem (16)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/bsa">bsa (2)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/chrpath">chrpath (2)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/debian">debian (95)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/debian">debian (151)</a></li>
+
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (158)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/debian edu">debian edu (145)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/debian-handbook">debian-handbook (4)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/digistan">digistan (10)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/docbook">docbook (10)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/dld">dld (16)</a></li>
+
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/docbook">docbook (24)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/drivstoffpriser">drivstoffpriser (4)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/english">english (240)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/english">english (351)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (21)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/fiksgatami">fiksgatami (23)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/fildeling">fildeling (12)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/freeculture">freeculture (12)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/freeculture">freeculture (30)</a></li>
+
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox (9)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/freedombox">freedombox (6)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/frikanalen">frikanalen (18)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/frikanalen">frikanalen (11)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/h264">h264 (20)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/intervju">intervju (39)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/intervju">intervju (42)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/isenkram">isenkram (7)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/isenkram">isenkram (15)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/kart">kart (18)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/kart">kart (20)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/ldap">ldap (9)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/lenker">lenker (7)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/lenker">lenker (8)</a></li>
+
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/lsdvd">lsdvd (2)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/ltsp">ltsp (1)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/mesh network">mesh network (7)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/mesh network">mesh network (8)</a></li>
+
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia (39)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/multimedia">multimedia (26)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/nice free software">nice free software (9)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk (242)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/norsk">norsk (291)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug (162)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/nuug">nuug (189)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn (11)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/offentlig innsyn">offentlig innsyn (33)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/open311">open311 (2)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/opphavsrett">opphavsrett (46)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/opphavsrett">opphavsrett (64)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern (69)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/personvern">personvern (101)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/raid">raid (1)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/reactos">reactos (1)</a></li>
+
<li><a href="http://people.skolelinux.org/pere/blog/tags/reprap">reprap (11)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/rfid">rfid (2)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/rfid">rfid (3)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/robot">robot (9)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/robot">robot (10)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/rss">rss (1)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/ruter">ruter (4)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/ruter">ruter (5)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/scraperwiki">scraperwiki (2)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet (36)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/sikkerhet">sikkerhet (53)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/sitesummary">sitesummary (4)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/skepsis">skepsis (4)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/skepsis">skepsis (5)</a></li>
+
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/standard">standard (55)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/standard">standard (44)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/stavekontroll">stavekontroll (6)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/stavekontroll">stavekontroll (3)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/stortinget">stortinget (11)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/stortinget">stortinget (9)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance (49)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/surveillance">surveillance (22)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/sysadmin">sysadmin (3)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/sysadmin">sysadmin (1)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/usenix">usenix (2)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/valg">valg (8)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/video">video (40)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/video">video (59)</a></li>
<li><a href="http://people.skolelinux.org/pere/blog/tags/vitenskap">vitenskap (4)</a></li>
- <li><a href="http://people.skolelinux.org/pere/blog/tags/web">web (29)</a></li>
+ <li><a href="http://people.skolelinux.org/pere/blog/tags/web">web (40)</a></li>
</ul>
projects / homepage.git / blobdiff