<link>http://people.skolelinux.org/pere/blog/</link>
<atom:link href="http://people.skolelinux.org/pere/blog/index.rss" rel="self" type="application/rss+xml" />
+ <item>
+ <title>Språkkoder for POSIX locale i Norge</title>
+ <link>http://people.skolelinux.org/pere/blog/Spr_kkoder_for_POSIX_locale_i_Norge.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Spr_kkoder_for_POSIX_locale_i_Norge.html</guid>
+ <pubDate>Fri, 11 Apr 2014 21:30:00 +0200</pubDate>
+ <description><p>For 12 år siden, skrev jeg et lite notat om
+<a href="http://i18n.skolelinux.no/localekoder.txt">bruk av språkkoder
+i Norge</a>. Jeg ble nettopp minnet på dette da jeg fikk spørsmål om
+notatet fortsatt var aktuelt, og tenkte det var greit å repetere hva
+som fortsatt gjelder. Det jeg skrev da er fortsatt like aktuelt.</p>
+
+<p>Når en velger språk i programmer på unix, så velger en blant mange
+språkkoder. For språk i Norge anbefales følgende språkkoder (anbefalt
+locale i parantes):</p>
+
+<p><dl>
+<dt>nb (nb_NO)</dt><dd>Bokmål i Norge</dd>
+<dt>nn (nn_NO)</dt><dd>Nynorsk i Norge</dd>
+<dt>se (se_NO)</dt><dd>Nordsamisk i Norge</dd>
+</dl></p>
+
+<p>Alle programmer som bruker andre koder bør endres.</p>
+
+<p>Språkkoden bør brukes når .po-filer navngis og installeres. Dette
+er ikke det samme som locale-koden. For Norsk Bokmål, så bør filene
+være navngitt nb.po, mens locale (LANG) bør være nb_NO.</p>
+
+<p>Hvis vi ikke får standardisert de kodene i alle programmene med
+norske oversettelser, så er det umulig å gi LANG-variablen ett innhold
+som fungerer for alle programmer.</p>
+
+<p>Språkkodene er de offisielle kodene fra ISO 639, og bruken av dem i
+forbindelse med POSIX localer er standardisert i RFC 3066 og ISO
+15897. Denne anbefalingen er i tråd med de angitte standardene.</p>
+
+<p>Følgende koder er eller har vært i bruk som locale-verdier for
+"norske" språk. Disse bør unngås, og erstattes når de oppdages:</p>
+
+<p><table>
+<tr><td>norwegian</td><td>-> nb_NO</td></tr>
+<tr><td>bokmål </td><td>-> nb_NO</td></tr>
+<tr><td>bokmal </td><td>-> nb_NO</td></tr>
+<tr><td>nynorsk </td><td>-> nn_NO</td></tr>
+<tr><td>no </td><td>-> nb_NO</td></tr>
+<tr><td>no_NO </td><td>-> nb_NO</td></tr>
+<tr><td>no_NY </td><td>-> nn_NO</td></tr>
+<tr><td>sme_NO </td><td>-> se_NO</td></tr>
+</table></p>
+
+<p>Merk at når det gjelder de samiske språkene, at se_NO i praksis
+henviser til nordsamisk i Norge, mens f.eks. smj_NO henviser til
+lulesamisk. Dette notatet er dog ikke ment å gi råd rundt samiske
+språkkoder, der gjør
+<a href="http://www.divvun.no/">Divvun-prosjektet</a> en bedre
+jobb.</p>
+
+<p><strong>Referanser:</strong></p>
+
+<ul>
+
+ <li><a href="http://www.rfc-base.org/rfc-3066.html">RFC 3066 - Tags
+ for the Identification of Languages</a> (Erstatter RFC 1766)</li>
+
+ <li><a href="http://www.loc.gov/standards/iso639-2/langcodes.html">ISO
+ 639</a> - Codes for the Representation of Names of Languages</li>
+
+ <li><a href="http://std.dkuug.dk/jtc1/sc22/wg20/docs/n897-14652w25.pdf">ISO
+ DTR 14652</a> - locale-standard Specification method for cultural
+ conventions</li>
+
+ <li><a href="http://std.dkuug.dk/jtc1/sc22/wg20/docs/n610.pdf">ISO
+ 15897: Registration procedures for cultural elements (cultural
+ registry)</a>,
+ <a href="http://std.dkuug.dk/jtc1/sc22/wg20/docs/n849-15897wd6.pdf">(nytt
+ draft)</a></li>
+
+ <li><a href="http://std.dkuug.dk/jtc1/sc22/wg20/">ISO/IEC
+ JTC1/SC22/WG20</a> - Gruppen for i18n-standardisering i ISO</li>
+
+<ul>
+</description>
+ </item>
+
+ <item>
+ <title>S3QL, a locally mounted cloud file system - nice free software</title>
+ <link>http://people.skolelinux.org/pere/blog/S3QL__a_locally_mounted_cloud_file_system___nice_free_software.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/S3QL__a_locally_mounted_cloud_file_system___nice_free_software.html</guid>
+ <pubDate>Wed, 9 Apr 2014 11:30:00 +0200</pubDate>
+ <description><p>For a while now, I have been looking for a sensible offsite backup
+solution for use at home. My requirements are simple, it must be
+cheap and locally encrypted (in other words, I keep the encryption
+keys, the storage provider do not have access to my private files).
+One idea me and my friends had many years ago, before the cloud
+storage providers showed up, was to use Google mail as storage,
+writing a Linux block device storing blocks as emails in the mail
+service provided by Google, and thus get heaps of free space. On top
+of this one can add encryption, RAID and volume management to have
+lots of (fairly slow, I admit that) cheap and encrypted storage. But
+I never found time to implement such system. But the last few weeks I
+have looked at a system called
+<a href="https://bitbucket.org/nikratio/s3ql/">S3QL</a>, a locally
+mounted network backed file system with the features I need.</p>
+
+<p>S3QL is a fuse file system with a local cache and cloud storage,
+handling several different storage providers, any with Amazon S3,
+Google Drive or OpenStack API. There are heaps of such storage
+providers. S3QL can also use a local directory as storage, which
+combined with sshfs allow for file storage on any ssh server. S3QL
+include support for encryption, compression, de-duplication, snapshots
+and immutable file systems, allowing me to mount the remote storage as
+a local mount point, look at and use the files as if they were local,
+while the content is stored in the cloud as well. This allow me to
+have a backup that should survive fire. The file system can not be
+shared between several machines at the same time, as only one can
+mount it at the time, but any machine with the encryption key and
+access to the storage service can mount it if it is unmounted.</p>
+
+<p>It is simple to use. I'm using it on Debian Wheezy, where the
+package is included already. So to get started, run <tt>apt-get
+install s3ql</tt>. Next, pick a storage provider. I ended up picking
+Greenqloud, after reading their nice recipe on
+<a href="https://greenqloud.zendesk.com/entries/44611757-How-To-Use-S3QL-to-mount-a-StorageQloud-bucket-on-Debian-Wheezy">how
+to use S3QL with their Amazon S3 service</a>, because I trust the laws
+in Iceland more than those in USA when it come to keeping my personal
+data safe and private, and thus would rather spend money on a company
+in Iceland. Another nice recipe is available from the article
+<a href="http://www.admin-magazine.com/HPC/Articles/HPC-Cloud-Storage">S3QL
+Filesystem for HPC Storage</a> by Jeff Layton in the HPC section of
+Admin magazine. When the provider is picked, figure out how to get
+the API key needed to connect to the storage API. With Greencloud,
+the key did not show up until I had added payment details to my
+account.</p>
+
+<p>Armed with the API access details, it is time to create the file
+system. First, create a new bucket in the cloud. This bucket is the
+file system storage area. I picked a bucket name reflecting the
+machine that was going to store data there, but any name will do.
+I'll refer to it as <tt>bucket-name</tt> below. In addition, one need
+the API login and password, and a locally created password. Store it
+all in ~root/.s3ql/authinfo2 like this:
+
+<p><blockquote><pre>
+[s3c]
+storage-url: s3c://s.greenqloud.com:443/bucket-name
+backend-login: API-login
+backend-password: API-password
+fs-passphrase: local-password
+</pre></blockquote></p>
+
+<p>I create my local passphrase using <tt>pwget 50</tt> or similar,
+but any sensible way to create a fairly random password should do it.
+Armed with these details, it is now time to run mkfs, entering the API
+details and password to create it:</p>
+
+<p><blockquote><pre>
+# mkdir -m 700 /var/lib/s3ql-cache
+# mkfs.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \
+ --ssl s3c://s.greenqloud.com:443/bucket-name
+Enter backend login:
+Enter backend password:
+Before using S3QL, make sure to read the user's guide, especially
+the 'Important Rules to Avoid Loosing Data' section.
+Enter encryption password:
+Confirm encryption password:
+Generating random encryption key...
+Creating metadata tables...
+Dumping metadata...
+..objects..
+..blocks..
+..inodes..
+..inode_blocks..
+..symlink_targets..
+..names..
+..contents..
+..ext_attributes..
+Compressing and uploading metadata...
+Wrote 0.00 MB of compressed metadata.
+# </pre></blockquote></p>
+
+<p>The next step is mounting the file system to make the storage available.
+
+<p><blockquote><pre>
+# mount.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \
+ --ssl --allow-root s3c://s.greenqloud.com:443/bucket-name /s3ql
+Using 4 upload threads.
+Downloading and decompressing metadata...
+Reading metadata...
+..objects..
+..blocks..
+..inodes..
+..inode_blocks..
+..symlink_targets..
+..names..
+..contents..
+..ext_attributes..
+Mounting filesystem...
+# df -h /s3ql
+Filesystem Size Used Avail Use% Mounted on
+s3c://s.greenqloud.com:443/bucket-name 1.0T 0 1.0T 0% /s3ql
+#
+</pre></blockquote></p>
+
+<p>The file system is now ready for use. I use rsync to store my
+backups in it, and as the metadata used by rsync is downloaded at
+mount time, no network traffic (and storage cost) is triggered by
+running rsync. To unmount, one should not use the normal umount
+command, as this will not flush the cache to the cloud storage, but
+instead running the umount.s3ql command like this:
+
+<p><blockquote><pre>
+# umount.s3ql /s3ql
+#
+</pre></blockquote></p>
+
+<p>There is a fsck command available to check the file system and
+correct any problems detected. This can be used if the local server
+crashes while the file system is mounted, to reset the "already
+mounted" flag. This is what it look like when processing a working
+file system:</p>
+
+<p><blockquote><pre>
+# fsck.s3ql --force --ssl s3c://s.greenqloud.com:443/bucket-name
+Using cached metadata.
+File system seems clean, checking anyway.
+Checking DB integrity...
+Creating temporary extra indices...
+Checking lost+found...
+Checking cached objects...
+Checking names (refcounts)...
+Checking contents (names)...
+Checking contents (inodes)...
+Checking contents (parent inodes)...
+Checking objects (reference counts)...
+Checking objects (backend)...
+..processed 5000 objects so far..
+..processed 10000 objects so far..
+..processed 15000 objects so far..
+Checking objects (sizes)...
+Checking blocks (referenced objects)...
+Checking blocks (refcounts)...
+Checking inode-block mapping (blocks)...
+Checking inode-block mapping (inodes)...
+Checking inodes (refcounts)...
+Checking inodes (sizes)...
+Checking extended attributes (names)...
+Checking extended attributes (inodes)...
+Checking symlinks (inodes)...
+Checking directory reachability...
+Checking unix conventions...
+Checking referential integrity...
+Dropping temporary indices...
+Backing up old metadata...
+Dumping metadata...
+..objects..
+..blocks..
+..inodes..
+..inode_blocks..
+..symlink_targets..
+..names..
+..contents..
+..ext_attributes..
+Compressing and uploading metadata...
+Wrote 0.89 MB of compressed metadata.
+#
+</pre></blockquote></p>
+
+<p>Thanks to the cache, working on files that fit in the cache is very
+quick, about the same speed as local file access. Uploading large
+amount of data is to me limited by the bandwidth out of and into my
+house. Uploading 685 MiB with a 100 MiB cache gave me 305 kiB/s,
+which is very close to my upload speed, and downloading the same
+Debian installation ISO gave me 610 kiB/s, close to my download speed.
+Both were measured using <tt>dd</tt>. So for me, the bottleneck is my
+network, not the file system code. I do not know what a good cache
+size would be, but suspect that the cache should e larger than your
+working set.</p>
+
+<p>I mentioned that only one machine can mount the file system at the
+time. If another machine try, it is told that the file system is
+busy:</p>
+
+<p><blockquote><pre>
+# mount.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \
+ --ssl --allow-root s3c://s.greenqloud.com:443/bucket-name /s3ql
+Using 8 upload threads.
+Backend reports that fs is still mounted elsewhere, aborting.
+#
+</pre></blockquote></p>
+
+<p>The file content is uploaded when the cache is full, while the
+metadata is uploaded once every 24 hour by default. To ensure the
+file system content is flushed to the cloud, one can either umount the
+file system, or ask S3QL to flush the cache and metadata using
+s3qlctrl:
+
+<p><blockquote><pre>
+# s3qlctrl upload-meta /s3ql
+# s3qlctrl flushcache /s3ql
+#
+</pre></blockquote></p>
+
+<p>If you are curious about how much space your data uses in the
+cloud, and how much compression and deduplication cut down on the
+storage usage, you can use s3qlstat on the mounted file system to get
+a report:</p>
+
+<p><blockquote><pre>
+# s3qlstat /s3ql
+Directory entries: 9141
+Inodes: 9143
+Data blocks: 8851
+Total data size: 22049.38 MB
+After de-duplication: 21955.46 MB (99.57% of total)
+After compression: 21877.28 MB (99.22% of total, 99.64% of de-duplicated)
+Database size: 2.39 MB (uncompressed)
+(some values do not take into account not-yet-uploaded dirty blocks in cache)
+#
+</pre></blockquote></p>
+
+<p>I mentioned earlier that there are several possible suppliers of
+storage. I did not try to locate them all, but am aware of at least
+<a href="https://www.greenqloud.com/">Greenqloud</a>,
+<a href="http://drive.google.com/">Google Drive</a>,
+<a href="http://aws.amazon.com/s3/">Amazon S3 web serivces</a>,
+<a href="http://www.rackspace.com/">Rackspace</a> and
+<a href="http://crowncloud.net/">Crowncloud</A>. The latter even
+accept payment in Bitcoin. Pick one that suit your need. Some of
+them provide several GiB of free storage, but the prize models are
+quite different and you will have to figure out what suits you
+best.</p>
+
+<p>While researching this blog post, I had a look at research papers
+and posters discussing the S3QL file system. There are several, which
+told me that the file system is getting a critical check by the
+science community and increased my confidence in using it. One nice
+poster is titled
+"<a href="http://www.lanl.gov/orgs/adtsc/publications/science_highlights_2013/docs/pg68_69.pdf">An
+Innovative Parallel Cloud Storage System using OpenStack’s SwiftObject
+Store and Transformative Parallel I/O Approach</a>" by Hsing-Bung
+Chen, Benjamin McClelland, David Sherrill, Alfred Torrez, Parks Fields
+and Pamela Smith. Please have a look.</p>
+
+<p>Given my problems with different file systems earlier, I decided to
+check out the mounted S3QL file system to see if it would be usable as
+a home directory (in other word, that it provided POSIX semantics when
+it come to locking and umask handling etc). Running
+<a href="http://people.skolelinux.org/pere/blog/Testing_if_a_file_system_can_be_used_for_home_directories___.html">my
+test code to check file system semantics</a>, I was happy to discover that
+no error was found. So the file system can be used for home
+directories, if one chooses to do so.</p>
+
+<p>If you do not want a locally file system, and want something that
+work without the Linux fuse file system, I would like to mention the
+<a href="http://www.tarsnap.com/">Tarsnap service</a>, which also
+provide locally encrypted backup using a command line client. It have
+a nicer access control system, where one can split out read and write
+access, allowing some systems to write to the backup and others to
+only read from it.</p>
+
+<p>As usual, if you use Bitcoin and want to show your support of my
+activities, please send Bitcoin donations to my address
+<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b&label=PetterReinholdtsenBlog">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p>
+</description>
+ </item>
+
+ <item>
+ <title>EU-domstolen bekreftet i dag at datalagringsdirektivet er ulovlig</title>
+ <link>http://people.skolelinux.org/pere/blog/EU_domstolen_bekreftet_i_dag_at_datalagringsdirektivet_er_ulovlig.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/EU_domstolen_bekreftet_i_dag_at_datalagringsdirektivet_er_ulovlig.html</guid>
+ <pubDate>Tue, 8 Apr 2014 11:30:00 +0200</pubDate>
+ <description><p>I dag kom endelig avgjørelsen fra EU-domstolen om
+datalagringsdirektivet, som ikke overraskende ble dømt ulovlig og i
+strid med borgernes grunnleggende rettigheter. Hvis du lurer på hva
+datalagringsdirektivet er for noe, så er det
+<a href="http://tv.nrk.no/program/koid75005313/tema-dine-digitale-spor-datalagringsdirektivet">en
+flott dokumentar tilgjengelig hos NRK</a> som jeg tidligere
+<a href="http://people.skolelinux.org/pere/blog/Dokumentaren_om_Datalagringsdirektivet_sendes_endelig_p__NRK.html">har
+anbefalt</a> alle å se.</p>
+
+<p>Her er et liten knippe nyhetsoppslag om saken, og jeg regner med at
+det kommer flere ut over dagen. Flere kan finnes
+<a href="http://www.mylder.no/?drill=datalagringsdirektivet&intern=1">via
+mylder</a>.</p>
+
+<p><ul>
+
+<li><a href="http://e24.no/digital/eu-domstolen-datalagringsdirektivet-er-ugyldig/22879592">EU-domstolen:
+Datalagringsdirektivet er ugyldig</a> - e24.no 2014-04-08
+
+<li><a href="http://www.aftenposten.no/nyheter/iriks/EU-domstolen-Datalagringsdirektivet-er-ulovlig-7529032.html">EU-domstolen:
+Datalagringsdirektivet er ulovlig</a> - aftenposten.no 2014-04-08
+
+<li><a href="http://www.aftenposten.no/nyheter/iriks/politikk/Krever-DLD-stopp-i-Norge-7530086.html">Krever
+DLD-stopp i Norge</a> - aftenposten.no 2014-04-08
+
+<li><a href="http://www.p4.no/story.aspx?id=566431">Apenes: - En
+gledens dag</a> - p4.no 2014-04-08
+
+<li><a href="http://www.nrk.no/norge/_-datalagringsdirektivet-er-ugyldig-1.11655929">EU-domstolen:
+– Datalagringsdirektivet er ugyldig</a> - nrk.no 2014-04-08</li>
+
+<li><a href="http://www.vg.no/nyheter/utenriks/data-og-nett/eu-domstolen-datalagringsdirektivet-er-ugyldig/a/10130280/">EU-domstolen:
+Datalagringsdirektivet er ugyldig</a> - vg.no 2014-04-08</li>
+
+<li><a href="http://www.dagbladet.no/2014/04/08/nyheter/innenriks/datalagringsdirektivet/personvern/32711646/">-
+Vi bør skrote hele datalagringsdirektivet</a> - dagbladet.no
+2014-04-08</li>
+
+<li><a href="http://www.digi.no/928137/eu-domstolen-dld-er-ugyldig">EU-domstolen:
+DLD er ugyldig</a> - digi.no 2014-04-08</li>
+
+<li><a href="http://www.irishtimes.com/business/sectors/technology/european-court-declares-data-retention-directive-invalid-1.1754150">European
+court declares data retention directive invalid</a> - irishtimes.com
+2014-04-08</li>
+
+<li><a href="http://www.reuters.com/article/2014/04/08/us-eu-data-ruling-idUSBREA370F020140408?feedType=RSS">EU
+court rules against requirement to keep data of telecom users</a> -
+reuters.com 2014-04-08</li>
+
+</ul>
+</p>
+
+<p>Jeg synes det er veldig fint at nok en stemme slår fast at
+totalitær overvåkning av befolkningen er uakseptabelt, men det er
+fortsatt like viktig å beskytte privatsfæren som før, da de
+teknologiske mulighetene fortsatt finnes og utnyttes, og jeg tror
+innsats i prosjekter som
+<a href="https://wiki.debian.org/FreedomBox">Freedombox</a> og
+<a href="http://www.dugnadsnett.no/">Dugnadsnett</a> er viktigere enn
+noen gang.</p>
+
+<p><strong>Update 2014-04-08 12:10</strong>: Kronerullingen for å
+stoppe datalagringsdirektivet i Norge gjøres hos foreningen
+<a href="http://www.digitaltpersonvern.no/">Digitalt Personvern</a>,
+som har samlet inn 843 215,- så langt men trenger nok mye mer hvis
+
+ikke Høyre og Arbeiderpartiet bytter mening i saken. Det var
+<a href="http://www.holderdeord.no/parliament-issues/48650">kun
+partinene Høyre og Arbeiderpartiet</a> som stemte for
+Datalagringsdirektivet, og en av dem må bytte mening for at det skal
+bli flertall mot i Stortinget. Se mer om saken
+<a href="http://www.holderdeord.no/issues/69-innfore-datalagringsdirektivet">Holder
+de ord</a>.</p>
+</description>
+ </item>
+
+ <item>
+ <title>ReactOS Windows clone - nice free software</title>
+ <link>http://people.skolelinux.org/pere/blog/ReactOS_Windows_clone___nice_free_software.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/ReactOS_Windows_clone___nice_free_software.html</guid>
+ <pubDate>Tue, 1 Apr 2014 12:10:00 +0200</pubDate>
+ <description><p>Microsoft have announced that Windows XP reaches its end of life
+2014-04-08, in 7 days. But there are heaps of machines still running
+Windows XP, and depending on Windows XP to run their applications, and
+upgrading will be expensive, both when it comes to money and when it
+comes to the amount of effort needed to migrate from Windows XP to a
+new operating system. Some obvious options (buy new a Windows
+machine, buy a MacOSX machine, install Linux on the existing machine)
+are already well known and covered elsewhere. Most of them involve
+leaving the user applications installed on Windows XP behind and
+trying out replacements or updated versions. In this blog post I want
+to mention one strange bird that allow people to keep the hardware and
+the existing Windows XP applications and run them on a free software
+operating system that is Windows XP compatible.</p>
+
+<p><a href="http://www.reactos.org/">ReactOS</a> is a free software
+operating system (GNU GPL licensed) working on providing a operating
+system that is binary compatible with Windows, able to run windows
+programs directly and to use Windows drivers for hardware directly.
+The project goal is for Windows user to keep their existing machines,
+drivers and software, and gain the advantages from user a operating
+system without usage limitations caused by non-free licensing. It is
+a Windows clone running directly on the hardware, so quite different
+from the approach taken by <a href="http://www.winehq.org/">the Wine
+project</a>, which make it possible to run Windows binaries on
+Linux.</p>
+
+<p>The ReactOS project share code with the Wine project, so most
+shared libraries available on Windows are already implemented already.
+There is also a software manager like the one we are used to on Linux,
+allowing the user to install free software applications with a simple
+click directly from the Internet. Check out the
+<a href="http://www.reactos.org/screenshots">screen shots on the
+project web site</a> for an idea what it look like (it looks just like
+Windows before metro).</p>
+
+<p>I do not use ReactOS myself, preferring Linux and Unix like
+operating systems. I've tested it, and it work fine in a virt-manager
+virtual machine. The browser, minesweeper, notepad etc is working
+fine as far as I can tell. Unfortunately, my main test application
+is the software included on a CD with the Lego Mindstorms NXT, which
+seem to install just fine from CD but fail to leave any binaries on
+the disk after the installation. So no luck with that test software.
+No idea why, but hope someone else figure out and fix the problem.
+I've tried the ReactOS Live ISO on a physical machine, and it seemed
+to work just fine. If you like Windows and want to keep running your
+old Windows binaries, check it out by
+<a href="http://www.reactos.org/download">downloading</a> the
+installation CD, the live CD or the preinstalled virtual machine
+image.</p>
+</description>
+ </item>
+
+ <item>
+ <title>Debian Edu interview: Roger Marsal</title>
+ <link>http://people.skolelinux.org/pere/blog/Debian_Edu_interview__Roger_Marsal.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Debian_Edu_interview__Roger_Marsal.html</guid>
+ <pubDate>Sun, 30 Mar 2014 11:40:00 +0200</pubDate>
+ <description><p><a href="http://www.skolelinux.org/">Debian Edu / Skolelinux</a>
+keep gaining new users. Some weeks ago, a person showed up on IRC,
+<a href="irc://irc.debian.org/#debian-edu">#debian-edu</a>, with a
+wish to contribute, and I managed to get a interview with this great
+contributor Roger Marsal to learn more about his background.</p>
+
+<p><strong>Who are you, and how do you spend your days?</strong></p>
+
+<p>My name is Roger Marsal, I'm 27 years old (1986 generation) and I
+live in Barcelona, Spain. I've got a strong business background and I
+work as a patrimony manager and as a real estate agent. Additionally,
+I've co-founded a British based tech company that is nowadays on the
+last development phase of a new social networking concept.</p>
+
+<p>I'm a Linux enthusiast that started its journey with Ubuntu four years
+ago and have recently switched to Debian seeking rock solid stability
+and as a necessary step to gain expertise.</p>
+
+<p>In a nutshell, I spend my days working and learning as much as I
+can to face both my job, entrepreneur project and feed my Linux
+hunger.</p>
+
+<p><strong>How did you get in contact with the Skolelinux / Debian Edu
+project?</strong></p>
+
+<p>I discovered the <a href="http://www.ltsp.org/">LTSP</a> advantages
+with "Ubuntu 12.04 alternate install" and after a year of use I
+started looking for an alternative. Even though I highly value and
+respect the Ubuntu project, I thought it was necessary for me to
+change to a more robust and stable alternative. As far as I was using
+Debian on my personal laptop I thought it would be fine to install
+Debian and configure an LTSP server myself. Surprised, I discovered
+that the Debian project also supported a kind of Edubuntu equivalent,
+and after having some pain I obtained a Debian Edu network up and
+running. I just loved it.</p>
+
+<p><strong>What do you see as the advantages of Skolelinux / Debian
+Edu?</strong></p>
+
+<p>I found a main advantage in that, once you know "the tips and
+tricks", a new installation just works out of the box. It's the most
+complete alternative I've found to create an LTSP network. All the
+other distributions seems to be made of plastic, Debian Edu seems to
+be made of steel.</p>
+
+<p><strong>What do you see as the disadvantages of Skolelinux / Debian
+Edu?</strong></p>
+
+<p>I found two main disadvantages.</p>
+
+<p>I'm not an expert but I've got notions and I had to spent a considerable
+amount of time trying to bring up a standard network topology. I'm quite
+stubborn and I just worked until I did but I'm sure many people with few
+resources (not big schools, but academies for example) would have switched
+or dropped.</p>
+
+<p>It's amazing how such a complex system like Debian Edu has achieved
+this out-of-the-box state. Even though tweaking without breaking gets
+more difficult, as more factors have to be considered. This can
+discourage many people too.</p>
+
+<p><strong>Which free software do you use daily?</strong></p>
+
+<p>I use Debian, Firefox, Okular, Inkscape, LibreOffice and
+Virtualbox.</p>
+
+
+<p><strong>Which strategy do you believe is the right one to use to
+get schools to use free software?</strong></p>
+
+<p>I don't think there is a need for a particular strategy. The free
+attribute in both "freedom" and "no price" meanings is what will
+really bring free software to schools. In my experience I can think of
+the <a href="http://www.r-project.org/">"R" statistical language</a>; a
+few years a ago was an extremely nerd tool for university people.
+Today it's being increasingly used to teach statistics at many
+different level of studies. I believe free and open software will
+increasingly gain popularity, but I'm sure schools will be one of the
+first scenarios where this will happen.</p>
+</description>
+ </item>
+
+ <item>
+ <title>Dokumentaren om Datalagringsdirektivet sendes endelig på NRK</title>
+ <link>http://people.skolelinux.org/pere/blog/Dokumentaren_om_Datalagringsdirektivet_sendes_endelig_p__NRK.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Dokumentaren_om_Datalagringsdirektivet_sendes_endelig_p__NRK.html</guid>
+ <pubDate>Wed, 26 Mar 2014 09:50:00 +0100</pubDate>
+ <description><p><a href="http://www.nuug.no/">Foreningen NUUG</a> melder i natt at
+NRK nå har bestemt seg for
+<a href="http://www.nuug.no/news/NRK_viser_filmen_om_Datalagringsdirektivet_f_rste_gang_2014_03_31.shtml">når
+den norske dokumentarfilmen om datalagringsdirektivet skal
+sendes</a> (se <a href="http://www.imdb.com/title/tt2832844/">IMDB</a>
+for detaljer om filmen) . Første visning blir på NRK2 mandag
+2014-03-31 kl. 19:50, og deretter visninger onsdag 2014-04-02
+kl. 12:30, fredag 2014-04-04 kl. 19:40 og søndag 2014-04-06 kl. 15:10.
+Jeg har sett dokumentaren, og jeg anbefaler enhver å se den selv. Som
+oppvarming mens vi venter anbefaler jeg Bjørn Stærks kronikk i
+Aftenposten fra i går,
+<a href="http://www.aftenposten.no/meninger/kronikker/Autoritar-gjokunge-7514915.html">Autoritær
+gjøkunge</a>, der han gir en grei skisse av hvor ille det står til med
+retten til privatliv og beskyttelsen av demokrati i Norge og resten
+verden, og helt riktig slår fast at det er vi i databransjen som
+sitter med nøkkelen til å gjøre noe med dette. Jeg har involvert meg
+i prosjektene <a href="http://www.dugnadsnett.no/">dugnadsnett.no</a>
+og <a href="https://wiki.debian.org/FreedomBox">FreedomBox</a> for å
+forsøke å gjøre litt selv for å bedre situasjonen, men det er mye
+hardt arbeid fra mange flere enn meg som gjenstår før vi kan sies å ha
+gjenopprettet balansen.</p>
+
+<p>Jeg regner med at nettutgaven dukker opp på
+<a href="http://tv.nrk.no/program/koid75005313/tema-dine-digitale-spor-datalagringsdirektivet">NRKs
+side om filmen om datalagringsdirektivet</a> om fem dager. Hold et
+øye med siden, og tips venner og slekt om at de også bør se den.</p>
+</description>
+ </item>
+
+ <item>
+ <title>Public Trusted Timestamping services for everyone</title>
+ <link>http://people.skolelinux.org/pere/blog/Public_Trusted_Timestamping_services_for_everyone.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Public_Trusted_Timestamping_services_for_everyone.html</guid>
+ <pubDate>Tue, 25 Mar 2014 12:50:00 +0100</pubDate>
+ <description><p>Did you ever need to store logs or other files in a way that would
+allow it to be used as evidence in court, and needed a way to
+demonstrate without reasonable doubt that the file had not been
+changed since it was created? Or, did you ever need to document that
+a given document was received at some point in time, like some
+archived document or the answer to an exam, and not changed after it
+was received? The problem in these settings is to remove the need to
+trust yourself and your computers, while still being able to prove
+that a file is the same as it was at some given time in the past.</p>
+
+<p>A solution to these problems is to have a trusted third party
+"stamp" the document and verify that at some given time the document
+looked a given way. Such
+<a href="https://en.wikipedia.org/wiki/Notarius">notarius</a> service
+have been around for thousands of years, and its digital equivalent is
+called a
+<a href="http://en.wikipedia.org/wiki/Trusted_timestamping">trusted
+timestamping service</a>. <a href="http://www.ietf.org/">The Internet
+Engineering Task Force</a> standardised how such service could work a
+few years ago as <a href="http://tools.ietf.org/html/rfc3161">RFC
+3161</a>. The mechanism is simple. Create a hash of the file in
+question, send it to a trusted third party which add a time stamp to
+the hash and sign the result with its private key, and send back the
+signed hash + timestamp. Both email, FTP and HTTP can be used to
+request such signature, depending on what is provided by the service
+used. Anyone with the document and the signature can then verify that
+the document matches the signature by creating their own hash and
+checking the signature using the trusted third party public key.
+There are several commercial services around providing such
+timestamping. A quick search for
+"<a href="https://duckduckgo.com/?q=rfc+3161+service">rfc 3161
+service</a>" pointed me to at least
+<a href="https://www.digistamp.com/technical/how-a-digital-time-stamp-works/">DigiStamp</a>,
+<a href="http://www.quovadisglobal.co.uk/CertificateServices/SigningServices/TimeStamp.aspx">Quo
+Vadis</a>,
+<a href="https://www.globalsign.com/timestamp-service/">Global Sign</a>
+and <a href="http://www.globaltrustfinder.com/TSADefault.aspx">Global
+Trust Finder</a>. The system work as long as the private key of the
+trusted third party is not compromised.</p>
+
+<p>But as far as I can tell, there are very few public trusted
+timestamp services available for everyone. I've been looking for one
+for a while now. But yesterday I found one over at
+<a href="https://www.pki.dfn.de/zeitstempeldienst/">Deutches
+Forschungsnetz</a> mentioned in
+<a href="http://www.d-mueller.de/blog/dealing-with-trusted-timestamps-in-php-rfc-3161/">a
+blog by David Müller</a>. I then found
+<a href="http://www.rz.uni-greifswald.de/support/dfn-pki-zertifikate/zeitstempeldienst.html">a
+good recipe on how to use the service</a> over at the University of
+Greifswald.</p>
+
+<p><a href="http://www.openssl.org/">The OpenSSL library</a> contain
+both server and tools to use and set up your own signing service. See
+the ts(1SSL), tsget(1SSL) manual pages for more details. The
+following shell script demonstrate how to extract a signed timestamp
+for any file on the disk in a Debian environment:</p>
+
+<p><blockquote><pre>
+#!/bin/sh
+set -e
+url="http://zeitstempel.dfn.de"
+caurl="https://pki.pca.dfn.de/global-services-ca/pub/cacert/chain.txt"
+reqfile=$(mktemp -t tmp.XXXXXXXXXX.tsq)
+resfile=$(mktemp -t tmp.XXXXXXXXXX.tsr)
+cafile=chain.txt
+if [ ! -f $cafile ] ; then
+ wget -O $cafile "$caurl"
+fi
+openssl ts -query -data "$1" -cert | tee "$reqfile" \
+ | /usr/lib/ssl/misc/tsget -h "$url" -o "$resfile"
+openssl ts -reply -in "$resfile" -text 1>&2
+openssl ts -verify -data "$1" -in "$resfile" -CAfile "$cafile" 1>&2
+base64 < "$resfile"
+rm "$reqfile" "$resfile"
+</pre></blockquote></p>
+
+<p>The argument to the script is the file to timestamp, and the output
+is a base64 encoded version of the signature to STDOUT and details
+about the signature to STDERR. Note that due to
+<a href="http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742553">a bug
+in the tsget script</a>, you might need to modify the included script
+and remove the last line. Or just write your own HTTP uploader using
+curl. :) Now you too can prove and verify that files have not been
+changed.</p>
+
+<p>But the Internet need more public trusted timestamp services.
+Perhaps something for <a href="http://www.uninett.no/">Uninett</a> or
+my work place the <a href="http://www.uio.no/">University of Oslo</a>
+to set up?</p>
+</description>
+ </item>
+
<item>
<title>Video DVD reader library / python-dvdvideo - nice free software</title>
<link>http://people.skolelinux.org/pere/blog/Video_DVD_reader_library___python_dvdvideo___nice_free_software.html</link>
and program
<a href="http://bblank.thinkmo.de/blog/new-software-python-dvdvideo">python-dvdvideo</a>
written by Bastian Blank. It is
-<a href"http://packages.qa.debian.org/p/python-dvdvideo.html">in Debian
+<a href="http://packages.qa.debian.org/p/python-dvdvideo.html">in Debian
already</a> and the binary package name is python3-dvdvideo. Instead
of trying to read every block from the DVD, it parses the file
structure and figure out which block on the DVD is actually in used,
and only read those blocks from the DVD. This work surprisingly well,
and I have been able to almost backup my entire DVD collection using
-this method.</p> So far, python-dvdvideo have failed on between 10 and
+this method.</p>
+
+<p>So far, python-dvdvideo have failed on between 10 and
20 DVDs, which is a small fraction of my collection. The most common
problem is
<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720831">DVDs
installation will get the installation going. This affect all
installations in Jessie, and I expect it will be fixed soon.</p>
-Give it a go and let us know how it goes on the mailing list, and help
+<p>Give it a go and let us know how it goes on the mailing list, and help
us get the new release published. :) Please join us on
<a href="irc://irc.debian.org:6667/%23freedombox">IRC (#freedombox on
irc.debian.org)</a> and
</description>
</item>
- <item>
- <title>How to add extra storage servers in Debian Edu / Skolelinux</title>
- <link>http://people.skolelinux.org/pere/blog/How_to_add_extra_storage_servers_in_Debian_Edu___Skolelinux.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/How_to_add_extra_storage_servers_in_Debian_Edu___Skolelinux.html</guid>
- <pubDate>Wed, 12 Mar 2014 12:50:00 +0100</pubDate>
- <description><p>On larger sites, it is useful to use a dedicated storage server for
-storing user home directories and data. The design for handling this
-in <a href="http://www.skolelinux.org/">Debian Edu / Skolelinux</a>, is
-to update the automount rules in LDAP and let the automount daemon on
-the clients take care of the rest. I was reminded about the need to
-document this better when one of the customers of
-<a href="http://www.slxdrift.no/">Skolelinux Drift AS</a>, where I am
-on the board of directors, asked about how to do this. The steps to
-get this working are the following:</p>
-
-<p><ol>
-
-<li>Add new storage server in DNS. I use nas-server.intern as the
-example host here.</li>
-
-<li>Add automoun LDAP information about this server in LDAP, to allow
-all clients to automatically mount it on reqeust.</li>
-
-<li>Add the relevant entries in tjener.intern:/etc/fstab, because
-tjener.intern do not use automount to avoid mounting loops.</li>
-
-</ol></p>
-
-<p>DNS entries are added in GOsa², and not described here. Follow the
-<a href="https://wiki.debian.org/DebianEdu/Documentation/Wheezy/GettingStarted">instructions
-in the manual</a> (Machine Management with GOsa² in section Getting
-started).</p>
-
-<p>Ensure that the NFS export points on the server are exported to the
-relevant subnets or machines:</p>
-
-<p><blockquote><pre>
-root@tjener:~# showmount -e nas-server
-Export list for nas-server:
-/storage 10.0.0.0/8
-root@tjener:~#
-</pre></blockquote></p>
-
-<p>Here everything on the backbone network is granted access to the
-/storage export. With NFSv3 it is slightly better to limit it to
-netgroup membership or single IP addresses to have some limits on the
-NFS access.</p>
-
-<p>The next step is to update LDAP. This can not be done using GOsa²,
-because it lack a module for automount. Instead, use ldapvi and add
-the required LDAP objects using an editor.</p>
-
-<p><blockquote><pre>
-ldapvi --ldap-conf -ZD '(cn=admin)' -b ou=automount,dc=skole,dc=skolelinux,dc=no
-</pre></blockquote></p>
-
-<p>When the editor show up, add the following LDAP objects at the
-bottom of the document. The "/&" part in the last LDAP object is a
-wild card matching everything the nas-server exports, removing the
-need to list individual mount points in LDAP.</p>
-
-<p><blockquote><pre>
-add cn=nas-server,ou=auto.skole,ou=automount,dc=skole,dc=skolelinux,dc=no
-objectClass: automount
-cn: nas-server
-automountInformation: -fstype=autofs --timeout=60 ldap:ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
-
-add ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
-objectClass: top
-objectClass: automountMap
-ou: auto.nas-server
-
-add cn=/,ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
-objectClass: automount
-cn: /
-automountInformation: -fstype=nfs,tcp,rsize=32768,wsize=32768,rw,intr,hard,nodev,nosuid,noatime nas-server.intern:/&
-</pre></blockquote></p>
-
-<p>The last step to remember is to mount the relevant mount points in
-tjener.intern by adding them to /etc/fstab, creating the mount
-directories using mkdir and running "mount -a" to mount them.</p>
-
-<p>When this is done, your users should be able to access the files on
-the storage server directly by just visiting the
-/tjener/nas-server/storage/ directory using any application on any
-workstation, LTSP client or LTSP server.</p>
-</description>
- </item>
-
- <item>
- <title>Hvordan bør RFC 822-formattert epost lagres i en NOARK5-database?</title>
- <link>http://people.skolelinux.org/pere/blog/Hvordan_b_r_RFC_822_formattert_epost_lagres_i_en_NOARK5_database_.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Hvordan_b_r_RFC_822_formattert_epost_lagres_i_en_NOARK5_database_.html</guid>
- <pubDate>Fri, 7 Mar 2014 15:20:00 +0100</pubDate>
- <description><p>For noen uker siden ble NXCs fri programvarelisenserte
-NOARK5-løsning
-<a href="http://www.nuug.no/aktiviteter/20140211-noark/">presentert hos
-NUUG</a> (video
-<a href="https://www.youtube.com/watch?v=JCb_dNS3MHQ">på youtube
-foreløbig</a>), og det fikk meg til å titte litt mer på NOARK5,
-standarden for arkivhåndtering i det offentlige Norge. Jeg lurer på
-om denne kjernen kan være nyttig i et par av mine prosjekter, og for ett
-av dem er det mest aktuelt å lagre epost. Jeg klarte ikke finne noen
-anbefaling om hvordan RFC 822-formattert epost (aka Internett-epost)
-burde lagres i NOARK5, selv om jeg vet at noen arkiver tar
-PDF-utskrift av eposten med sitt epostprogram og så arkiverer PDF-en
-(eller enda værre, tar papirutskrift og lagrer bildet av eposten som
-PDF i arkivet).</p>
-
-<p>Det er ikke så mange formater som er akseptert av riksarkivet til
-langtidsoppbevaring av offentlige arkiver, og PDF og XML er de mest
-aktuelle i så måte. Det slo meg at det måtte da finnes en eller annen
-egnet XML-representasjon og at det kanskje var enighet om hvilken som
-burde brukes, så jeg tok mot til meg og spurte
-<a href="http://samdok.com/">SAMDOK</a>, en gruppe tilknyttet
-arkivverket som ser ut til å jobbe med NOARK-samhandling, om de hadde
-noen anbefalinger:
-
-<p><blockquote>
-<p>Hei.</p>
-
-<p>Usikker på om dette er riktig forum å ta opp mitt spørsmål, men jeg
-lurer på om det er definert en anbefaling om hvordan RFC
-822-formatterte epost (aka vanlig Internet-epost) bør lages håndteres
-i NOARK5, slik at en bevarer all informasjon i eposten
-(f.eks. Received-linjer). Finnes det en anbefalt XML-mapping ala den
-som beskrives på
-&lt;URL: <a href="https://www.informit.com/articles/article.aspx?p=32074">https://www.informit.com/articles/article.aspx?p=32074</a> &gt;? Mitt
-mål er at det skal være mulig å lagre eposten i en NOARK5-kjerne og
-kunne få ut en identisk formattert kopi av opprinnelig epost ved
-behov.</p>
-</blockquote></p>
-
-<p>Postmottaker hos SAMDOK mente spørsmålet heller burde stilles
-direkte til riksarkivet, og jeg fikk i dag svar derfra formulert av
-seniorrådgiver Geir Ivar Tungesvik:</p>
-
-<p><blockquote>
-<p>Riksarkivet har ingen anbefalinger når det gjelder konvertering fra
-e-post til XML. Det står arkivskaper fritt å eventuelt definere/bruke
-eget format. Inklusive da - som det spørres om - et format der det er
-mulig å re-etablere e-post format ut fra XML-en. XML (e-post)
-dokumenter må være referert i arkivstrukturen, og det må vedlegges et
-gyldig XML skjema (.xsd) for XML-filene. Arkivskaper står altså fritt
-til å gjøre hva de vil, bare det dokumenteres og det kan dannes et
-utrekk ved avlevering til depot.</p>
-
-<p>De obligatoriske kravene i Noark 5 standarden må altså oppfylles -
-etter dialog med Riksarkivet i forbindelse med godkjenning. For
-offentlige arkiv er det særlig viktig med filene loependeJournal.xml
-og offentligJournal.xml. Private arkiv som vil forholde seg til Noark
-5 standarden er selvsagt frie til å bruke det som er relevant for dem
-av obligatoriske krav.</p>
-</blockquote></p>
-
-<p>Det ser dermed ut for meg som om det er et lite behov for å
-standardisere XML-lagring av RFC-822-formatterte meldinger. Noen som
-vet om god spesifikasjon i så måte? I tillegg til den omtalt over,
-har jeg kommet over flere aktuelle beskrivelser (søk på "rfc 822
-xml", så finner du aktuelle alternativer).</p>
-
-<ul>
-
-<li><a href="http://www.openhealth.org/xmtp/">XML MIME Transformation
-protocol (XMTP)</a> fra OpenHealth, sist oppdatert 2001.</li>
-
-<li><a href="https://tools.ietf.org/html/draft-klyne-message-rfc822-xml-03">An
-XML format for mail and other messages</a> utkast fra IETF datert
-2001.</li>
-
-<li><a href="http://www.informit.com/articles/article.aspx?p=32074">xMail:
-E-mail as XML</a> en artikkel fra 2003 som beskriver python-modulen
-rfc822 som gir ut XML-representasjon av en RFC 822-formattert epost.</li>
-
-</ul>
-
-<p>Finnes det andre og bedre spesifikasjoner for slik lagring? Send
-meg en epost hvis du har innspill.</p>
-</description>
- </item>
-
- <item>
- <title>Lenker for 2014-02-28</title>
- <link>http://people.skolelinux.org/pere/blog/Lenker_for_2014_02_28.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Lenker_for_2014_02_28.html</guid>
- <pubDate>Fri, 28 Feb 2014 13:30:00 +0100</pubDate>
- <description><p>Her er noen lenker til tekster jeg har satt pris på å lese de siste
-månedene. Det er mye om varsleren Edward Snowden, som burde få all
-hjelp, støtte og beskyttelse Norge kan stille opp med for å ha satt
-totalitær overvåkning på sakskartet, men også endel annet
-tankevekkende og interessant.</p>
-
-<ul>
-
-<li>2013-12-21
-<a href="http://www.dagbladet.no/2013/12/21/nyheter/thomas_drake/nsa/overvakning/snowden/30925886/">-
-NSA tenker som Stasi</a> - Dagbladet.no</li>
-
-<li>2013-12-19 <a href="http://www.dagensit.no/article2732734.ece">-
-Staten har ikke rett til å vite alt om deg</a> - DN.no</li>
-
-<li>2013-12-21
-<a href="http://www.dagbladet.no/2013/12/21/nyheter/krig_og_konflikter/politikk/utenriks/30961126/">Nye
-mål for NSAs spionasje avslørt</a> - Dagbladet.no</li>
-
-<li>2013-12-19
-<a href="http://www.dagbladet.no/2013/12/19/nyheter/nsa/usa/politikk/barack_obama/30918684/">«NSA
-bør fjernes fra sin makt til å samle inn metadata fra amerikanske
-telefonsamtaler»</a> - Dagbladet.no</li>
-
-<li>2013-12-18
-<a href="http://www.dagbladet.no/2013/12/18/kultur/meninger/hovedkronikk/debatt/snowden/30901089/">Etterretning,
-overvåking, frihet og sikkerhet</a> - Dagbladet.no</li>
-
-<li>2013-12-17
-<a href="http://www.nrk.no/verden/snowden-vil-ha-asyl-i-brasil-1.11423444">Snowden
-angriper USA i åpent brev</a> - nrk.no</li>
-
-<li>2013-12-17
-<a href="http://www.digi.no/925820/rettslig-nederlag-for-etterretning">Rettslig
-nederlag for etterretning</a> - digi.no</li>
-
-<li>2013-12-21
-<a href="http://www.dagbladet.no/2013/12/21/kultur/meninger/hovedkommentar/kommentar/etterretning/30963284/">Truende
-nedkjøling</a> - dagbladet.no</li>
-
-<li>2013-12-20
-<a href="http://www.aftenposten.no/viten/Matematikk-og-forstaelse-7411849.html">Matematikk
-og forståelse</a> - aftenposten.no</li>
-
-<li>2013-10-20
-<a href="http://www.nrk.no/viten/ny-studie_sovn-reinser-hjernen-var-1.11306106">Vi
-søv for å reinse hjernen vår, ifølgje ny studie</a> - nrk.no</li>
-
-<li>2013-12-11
-<a href="http://www.nrk.no/buskerud/julebaksten-i-vasken-1.11410033">Rotterace
-i kloakken</a> - nrk.no</li>
-
-<li>2013-12-30
-<a href="http://www.aftenposten.no/viten/Apne-brev-og-frie-tanker-7413734.html">Åpne
-brev og frie tanker</a> - aftenposten.no</li>
-
-<li>2014-01-12
-<a href="http://www.aftenposten.no/viten/Stopp-kunnskapsapartheidet-7428229.html">Stopp dagens kunnskapsapartheid!</a> - aftenposten.no</li>
-
-<li>2014-01-09
-<a href="http://www.aftenposten.no/nyheter/uriks/EU-rapport-Britisk-og-amerikansk-overvaking-ser-ut-til-a-vare-ulovlig-7428933.html">EU-rapport:
-Britisk og amerikansk overvåking ser ut til å være ulovlig</a> -
-aftenposten.no</li>
-
-<li>2013-10-23 Professor Jan Arild Audestad
-<a href="http://www.digi.no/924008/advarer-mot-konspirasjonsteori">Advarer
-mot konspirasjonsteori</a> i digi.no og sier han ikke tror NSA kan
-avlytte mobiltelefoner, mens han noen måneder senere forteller:</li>
-
-<li>2014-01-09
-<a href="http://www.aftenposten.no/nyheter/iriks/--Vi-ble-presset-til-a-svekke-mobilsikkerheten-pa-80-tallet-7410467.html">-
-Vi ble presset til å svekke mobilsikkerheten på 80-tallet</a> -
-aftenposten.no</li>
-
-<li>2014-02-12
-<a href="http://tv.nrk.no/program/koid20005814/et-moete-med-edward-snowden">Et
-møte med Edward Snowden</a> - intervju sendt av nrk, tilgjengelig til
-2015-01-31</li>
-
-<li>2014-02-17
-<a href="http://politiken.dk/debat/profiler/jessteinpedersen/ECE2210356/litteraturredaktoeren-helle-thornings-tavshed-om-snowden-er-en-skandale/">Litteraturredaktøren:
-Helle Thornings tavshed om Snowden er en skandale</a> -
-politiken.dk</li>
-
-<li>2014-02-21
-<a href="http://www.aftenposten.no/meninger/kronikker/Bra-a-ha-en-Storebror-7476734.html">Bra å ha en «Storebror»</a> - aftenposten.no</li>
-
-<li>2014-02-28
-<a href="http://johnchristianelden.blogg.no/1393536806_narkotikasiktet_stort.html">"Narkotikasiktet
-Stortingsmann" - Spillet bak kulissene</a> - John Christian Eldens
-blogg</li>
-
-<li>2014-02-28
-<a href="http://www.aftenposten.no/meninger/Heksejakt-pa-hasjbrukere-7486283.html">Heksejakt
-på hasjbrukere</a> - aftenposten.no</li>
-
-</ul>
-</description>
- </item>
-
- <item>
- <title>New home and release 1.0 for netgroup and innetgr (aka ng-utils)</title>
- <link>http://people.skolelinux.org/pere/blog/New_home_and_release_1_0_for_netgroup_and_innetgr__aka_ng_utils_.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/New_home_and_release_1_0_for_netgroup_and_innetgr__aka_ng_utils_.html</guid>
- <pubDate>Sat, 22 Feb 2014 21:45:00 +0100</pubDate>
- <description><p>Many years ago, I wrote a GPL licensed version of the netgroup and
-innetgr tools, because I needed them in
-<a href="http://www.skolelinux.org/">Skolelinux</a>. I called the project
-ng-utils, and it has served me well. I placed the project under the
-<a href="http://www.hungry.com/">Hungry Programmer</a> umbrella, and it was maintained in our CVS
-repository. But many years ago, the CVS repository was dropped (lost,
-not migrated to new hardware, not sure), and the project have lacked a
-proper home since then.</p>
-
-<p>Last summer, I had a look at the package and made a new release
-fixing a irritating crash bug, but was unable to store the changes in
-a proper source control system. I applied for a project on
-<a href="https://alioth.debian.org/">Alioth</a>, but did not have time
-to follow up on it. Until today. :)</p>
-
-<p>After many hours of cleaning and migration, the ng-utils project
-now have a new home, and a git repository with the highlight of the
-history of the project. I published all release tarballs and imported
-them into the git repository. As the project is really stable and not
-expected to gain new features any time soon, I decided to make a new
-release and call it 1.0. Visit the new project home on
-<a href="https://alioth.debian.org/projects/ng-utils/">https://alioth.debian.org/projects/ng-utils/</a>
-if you want to check it out. The new version is also uploaded into
-<a href="http://packages.qa.debian.org/n/ng-utils.html">Debian Unstable</a>.</p>
-</description>
- </item>
-
- <item>
- <title>Testing sysvinit from experimental in Debian Hurd</title>
- <link>http://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html</guid>
- <pubDate>Mon, 3 Feb 2014 13:40:00 +0100</pubDate>
- <description><p>A few days ago I decided to try to help the Hurd people to get
-their changes into sysvinit, to allow them to use the normal sysvinit
-boot system instead of their old one. This follow up on the
-<a href="https://teythoon.cryptobitch.de//categories/gsoc.html">great
-Google Summer of Code work</a> done last summer by Justus Winter to
-get Debian on Hurd working more like Debian on Linux. To get started,
-I downloaded a prebuilt hard disk image from
-<a href="http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz">http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz</a>,
-and started it using virt-manager.</p>
-
-<p>The first think I had to do after logging in (root without any
-password) was to get the network operational. I followed
-<a href="https://www.debian.org/ports/hurd/hurd-install">the
-instructions on the Debian GNU/Hurd ports page</a> and ran these
-commands as root to get the machine to accept a IP address from the
-kvm internal DHCP server:</p>
-
-<p><blockquote><pre>
-settrans -fgap /dev/netdde /hurd/netdde
-kill $(ps -ef|awk '/[p]finet/ { print $2}')
-kill $(ps -ef|awk '/[d]evnode/ { print $2}')
-dhclient /dev/eth0
-</pre></blockquote></p>
-
-<p>After this, the machine had internet connectivity, and I could
-upgrade it and install the sysvinit packages from experimental and
-enable it as the default boot system in Hurd.</p>
-
-<p>But before I did that, I set a password on the root user, as ssh is
-running on the machine it for ssh login to work a password need to be
-set. Also, note that a bug somewhere in openssh on Hurd block
-compression from working. Remember to turn that off on the client
-side.</p>
-
-<p>Run these commands as root to upgrade and test the new sysvinit
-stuff:</p>
-
-<p><blockquote><pre>
-cat > /etc/apt/sources.list.d/experimental.list &lt;&lt;EOF
-deb http://http.debian.net/debian/ experimental main
-EOF
-apt-get update
-apt-get dist-upgrade
-apt-get install -t experimental initscripts sysv-rc sysvinit \
- sysvinit-core sysvinit-utils
-update-alternatives --config runsystem
-</pre></blockquote></p>
-
-<p>To reboot after switching boot system, you have to use
-<tt>reboot-hurd</tt> instead of just <tt>reboot</tt>, as there is not
-yet a sysvinit process able to receive the signals from the normal
-'reboot' command. After switching to sysvinit as the boot system,
-upgrading every package and rebooting, the network come up with DHCP
-after boot as it should, and the settrans/pkill hack mentioned at the
-start is no longer needed. But for some strange reason, there are no
-longer any login prompt in the virtual console, so I logged in using
-ssh instead.
-
-<p>Note that there are some race conditions in Hurd making the boot
-fail some times. No idea what the cause is, but hope the Hurd porters
-figure it out. At least Justus said on IRC (#debian-hurd on
-irc.debian.org) that they are aware of the problem. A way to reduce
-the impact is to upgrade to the Hurd packages built by Justus by
-adding this repository to the machine:</p>
-
-<p><blockquote><pre>
-cat > /etc/apt/sources.list.d/hurd-ci.list &lt;&lt;EOF
-deb http://darnassus.sceen.net/~teythoon/hurd-ci/ sid main
-EOF
-</pre></blockquote></p>
-
-<p>At the moment the prebuilt virtual machine get some packages from
-http://ftp.debian-ports.org/debian, because some of the packages in
-unstable do not yet include the required patches that are lingering in
-BTS. This is the completely list of "unofficial" packages installed:</p>
-
-<p><blockquote><pre>
-# aptitude search '?narrow(?version(CURRENT),?origin(Debian Ports))'
-i emacs - GNU Emacs editor (metapackage)
-i gdb - GNU Debugger
-i hurd-recommended - Miscellaneous translators
-i isc-dhcp-client - ISC DHCP client
-i isc-dhcp-common - common files used by all the isc-dhcp* packages
-i libc-bin - Embedded GNU C Library: Binaries
-i libc-dev-bin - Embedded GNU C Library: Development binaries
-i libc0.3 - Embedded GNU C Library: Shared libraries
-i A libc0.3-dbg - Embedded GNU C Library: detached debugging symbols
-i libc0.3-dev - Embedded GNU C Library: Development Libraries and Hea
-i multiarch-support - Transitional package to ensure multiarch compatibilit
-i A x11-common - X Window System (X.Org) infrastructure
-i xorg - X.Org X Window System
-i A xserver-xorg - X.Org X server
-i A xserver-xorg-input-all - X.Org X server -- input driver metapackage
-#
-</pre></blockquote></p>
-
-<p>All in all, testing hurd has been an interesting experience. :)
-X.org did not work out of the box and I never took the time to follow
-the porters instructions to fix it. This time I was interested in the
-command line stuff.<p>
-</description>
- </item>
-
- <item>
- <title>A fist full of non-anonymous Bitcoins</title>
- <link>http://people.skolelinux.org/pere/blog/A_fist_full_of_non_anonymous_Bitcoins.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/A_fist_full_of_non_anonymous_Bitcoins.html</guid>
- <pubDate>Wed, 29 Jan 2014 14:10:00 +0100</pubDate>
- <description><p>Bitcoin is a incredible use of peer to peer communication and
-encryption, allowing direct and immediate money transfer without any
-central control. It is sometimes claimed to be ideal for illegal
-activity, which I believe is quite a long way from the truth. At least
-I would not conduct illegal money transfers using a system where the
-details of every transaction are kept forever. This point is
-investigated in
-<a href="https://www.usenix.org/publications/login">USENIX ;login:</a>
-from December 2013, in the article
-"<a href="https://www.usenix.org/system/files/login/articles/03_meiklejohn-online.pdf">A
-Fistful of Bitcoins - Characterizing Payments Among Men with No
-Names</a>" by Sarah Meiklejohn, Marjori Pomarole,Grant Jordan, Kirill
-Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. They
-analyse the transaction log in the Bitcoin system, using it to find
-addresses belong to individuals and organisations and follow the flow
-of money from both Bitcoin theft and trades on Silk Road to where the
-money end up. This is how they wrap up their article:</p>
-
-<p><blockquote>
-<p>"To demonstrate the usefulness of this type of analysis, we turned
-our attention to criminal activity. In the Bitcoin economy, criminal
-activity can appear in a number of forms, such as dealing drugs on
-Silk Road or simply stealing someone else’s bitcoins. We followed the
-flow of bitcoins out of Silk Road (in particular, from one notorious
-address) and from a number of highly publicized thefts to see whether
-we could track the bitcoins to known services. Although some of the
-thieves attempted to use sophisticated mixing techniques (or possibly
-mix services) to obscure the flow of bitcoins, for the most part
-tracking the bitcoins was quite straightforward, and we ultimately saw
-large quantities of bitcoins flow to a variety of exchanges directly
-from the point of theft (or the withdrawal from Silk Road).</p>
-
-<p>As acknowledged above, following stolen bitcoins to the point at
-which they are deposited into an exchange does not in itself identify
-the thief; however, it does enable further de-anonymization in the
-case in which certain agencies can determine (through, for example,
-subpoena power) the real-world owner of the account into which the
-stolen bitcoins were deposited. Because such exchanges seem to serve
-as chokepoints into and out of the Bitcoin economy (i.e., there are
-few alternative ways to cash out), we conclude that using Bitcoin for
-money laundering or other illicit purposes does not (at least at
-present) seem to be particularly attractive."</p>
-</blockquote><p>
-
-<p>These researches are not the first to analyse the Bitcoin
-transaction log. The 2011 paper
-"<a href="http://arxiv.org/abs/1107.4524">An Analysis of Anonymity in
-the Bitcoin System</A>" by Fergal Reid and Martin Harrigan is
-summarized like this:</p>
-
-<p><blockquote>
-"Anonymity in Bitcoin, a peer-to-peer electronic currency system, is a
-complicated issue. Within the system, users are identified by
-public-keys only. An attacker wishing to de-anonymize its users will
-attempt to construct the one-to-many mapping between users and
-public-keys and associate information external to the system with the
-users. Bitcoin tries to prevent this attack by storing the mapping of
-a user to his or her public-keys on that user's node only and by
-allowing each user to generate as many public-keys as required. In
-this chapter we consider the topological structure of two networks
-derived from Bitcoin's public transaction history. We show that the
-two networks have a non-trivial topological structure, provide
-complementary views of the Bitcoin system and have implications for
-anonymity. We combine these structures with external information and
-techniques such as context discovery and flow analysis to investigate
-an alleged theft of Bitcoins, which, at the time of the theft, had a
-market value of approximately half a million U.S. dollars."
-</blockquote></p>
-
-<p>I hope these references can help kill the urban myth that Bitcoin
-is anonymous. It isn't really a good fit for illegal activites. Use
-cash if you need to stay anonymous, at least until regular DNA
-sampling of notes and coins become the norm. :)</p>
-
-<p>As usual, if you use Bitcoin and want to show your support of my
-activities, please send Bitcoin donations to my address
-<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b&label=PetterReinholdtsenBlog">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p>
-</description>
- </item>
-
- <item>
- <title>New chrpath release 0.16</title>
- <link>http://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html</link>
- <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html</guid>
- <pubDate>Tue, 14 Jan 2014 11:00:00 +0100</pubDate>
- <description><p><a href="http://www.coverity.com/">Coverity</a> is a nice tool to
-find problems in C, C++ and Java code using static source code
-analysis. It can detect a lot of different problems, and is very
-useful to find memory and locking bugs in the error handling part of
-the source. The company behind it provide
-<a href="https://scan.coverity.com/">check of free software projects as
-a community service</a>, and many hundred free software projects are
-already checked. A few days ago I decided to have a closer look at
-the Coverity system, and discovered that the
-<a href="http://www.gnu.org/software/gnash/">gnash</a> and
-<a href="http://sourceforge.net/projects/ipmitool/">ipmitool</a>
-projects I am involved with was already registered. But these are
-fairly big, and I would also like to have a small and easy project to
-check, and decided to <a href="http://scan.coverity.com/projects/1179">request
-checking of the chrpath project</a>. It was
-added to the checker and discovered seven potential defects. Six of
-these were real, mostly resource "leak" when the program detected an
-error. Nothing serious, as the resources would be released a fraction
-of a second later when the program exited because of the error, but it
-is nice to do it right in case the source of the program some time in
-the future end up in a library. Having fixed all defects and added
-<a href="https://lists.alioth.debian.org/mailman/listinfo/chrpath-devel">a
-mailing list for the chrpath developers</a>, I decided it was time to
-publish a new release. These are the release notes:</p>
-
-<p>New in 0.16 released 2014-01-14:</p>
-
-<ul>
-
- <li>Fixed all minor bugs discovered by Coverity.</li>
- <li>Updated config.sub and config.guess from the GNU project.</li>
- <li>Mention new project mailing list in the documentation.</li>
-
-</ul>
-
-<p>You can
-<a href="https://alioth.debian.org/frs/?group_id=31052">download the
-new version 0.16 from alioth</a>. Please let us know via the Alioth
-project if something is wrong with the new release. The test suite
-did not discover any old errors, so if you find a new one, please also
-include a test suite check.</p>
-</description>
- </item>
-
</channel>
</rss>
projects / homepage.git / blobdiff