X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/077f8315e2f15d59f26baadef824d42cc1c42935..3dcbf72b993aeaaff8ace4ad02e21378cbfe8874:/blog/index.html diff --git a/blog/index.html b/blog/index.html index 9bd911e96b..8fc1c5bb8c 100644 --- a/blog/index.html +++ b/blog/index.html @@ -20,282 +20,57 @@
-
S3QL, a locally mounted cloud file system - nice free software
-
9th April 2014
-

For a while now, I have been looking for a sensible offsite backup -solution for use at home. My requirements are simple, it must be -cheap and locally encrypted (in other words, I keep the encryption -keys, the storage provider do not have access to my private files). -One idea me and my friends had many years ago, before the cloud -storage providers showed up, was to use Google mail as storage, -writing a Linux block device storing blocks as emails in the mail -service provided by Google, and thus get heaps of free space. On top -of this one can add encryption, RAID and volume management to have -lots of (fairly slow, I admit that) cheap and encrypted storage. But -I never found time to implement such system. But the last few weeks I -have looked at a system called -S3QL, a locally -mounted network backed file system with the features I need.

- -

S3QL is a fuse file system with a local cache and cloud storage, -handling several different storage providers, any with Amazon S3, -Google Drive or OpenStack API. There are heaps of such storage -providers. S3QL can also use a local directory as storage, which -combined with sshfs allow for file storage on any ssh server. S3QL -include support for encryption, compression, de-duplication, snapshots -and immutable file systems, allowing me to mount the remote storage as -a local mount point, look at and use the files as if they were local, -while the content is stored in the cloud as well. This allow me to -have a backup that should survive fire. The file system can not be -shared between several machines at the same time, as only one can -mount it at the time, but any machine with the encryption key and -access to the storage service can mount it if it is unmounted.

- -

It is simple to use. I'm using it on Debian Wheezy, where the -package is included already. So to get started, run apt-get -install s3ql. Next, pick a storage provider. I ended up picking -Greenqloud, after reading their nice recipe on -how -to use S3QL with their Amazon S3 service, because I trust the laws -in Iceland more than those in USA when it come to keeping my personal -data safe and private, and thus would rather spend money on a company -in Iceland. Another nice recipe is available from the article -S3QL -Filesystem for HPC Storage by Jeff Layton in the HPC section of -Admin magazine. When the provider is picked, figure out how to get -the API key needed to connect to the storage API. With Greencloud, -the key did not show up until I had added payment details to my -account.

- -

Armed with the API access details, it is time to create the file -system. First, create a new bucket in the cloud. This bucket is the -file system storage area. I picked a bucket name reflecting the -machine that was going to store data there, but any name will do. -I'll refer to it as bucket-name below. In addition, one need -the API login and password, and a locally created password. Store it -all in ~root/.s3ql/authinfo2 like this: +

Good bye subkeys.pgp.net, welcome pool.sks-keyservers.net
+
10th September 2014
+

Yesterday, I had the pleasure of attending a talk with the +Norwegian Unix User Group about +the +OpenPGP keyserver pool sks-keyservers.net, and was very happy to +learn that there is a large set of publicly available key servers to +use when looking for peoples public key. So far I have used +subkeys.pgp.net, and some times wwwkeys.nl.pgp.net when the former +were misbehaving, but those days are ended. The servers I have used +up until yesterday have been slow and some times unavailable. I hope +those problems are gone now.

+ +

Behind the round robin DNS entry of the +sks-keyservers.net service +there is a pool of more than 100 keyservers which are checked every +day to ensure they are well connected and up to date. It must be +better than what I have used so far. :)

+ +

Yesterdays speaker told me that the service is the default +keyserver provided by the default configuration in GnuPG, but this do +not seem to be used in Debian. Perhaps it should?

+ +

Anyway, I've updated my ~/.gnupg/options file to now include this +line:

-[s3c]
-storage-url: s3c://s.greenqloud.com:443/bucket-name
-backend-login: API-login
-backend-password: API-password
-fs-passphrase: local-password
+keyserver pool.sks-keyservers.net

-

I create my local passphrase using pwget 50 or similar, -but any sensible way to create a fairly random password should do it. -Armed with these details, it is now time to run mkfs, entering the API -details and password to create it:

+

With GnuPG version 2 one can also locate the keyserver using SRV +entries in DNS. Just for fun, I did just that at work, so now every +user of GnuPG at the University of Oslo should find a OpenGPG +keyserver automatically should their need it:

-# mkdir -m 700 /var/lib/s3ql-cache
-# mkfs.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \
-  --ssl s3c://s.greenqloud.com:443/bucket-name
-Enter backend login: 
-Enter backend password: 
-Before using S3QL, make sure to read the user's guide, especially
-the 'Important Rules to Avoid Loosing Data' section.
-Enter encryption password: 
-Confirm encryption password: 
-Generating random encryption key...
-Creating metadata tables...
-Dumping metadata...
-..objects..
-..blocks..
-..inodes..
-..inode_blocks..
-..symlink_targets..
-..names..
-..contents..
-..ext_attributes..
-Compressing and uploading metadata...
-Wrote 0.00 MB of compressed metadata.
-#

- -

The next step is mounting the file system to make the storage available. - -

-# mount.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \
-  --ssl --allow-root s3c://s.greenqloud.com:443/bucket-name /s3ql
-Using 4 upload threads.
-Downloading and decompressing metadata...
-Reading metadata...
-..objects..
-..blocks..
-..inodes..
-..inode_blocks..
-..symlink_targets..
-..names..
-..contents..
-..ext_attributes..
-Mounting filesystem...
-# df -h /s3ql
-Filesystem                              Size  Used Avail Use% Mounted on
-s3c://s.greenqloud.com:443/bucket-name  1.0T     0  1.0T   0% /s3ql
-#
-

- -

The file system is now ready for use. I use rsync to store my -backups in it, and as the metadata used by rsync is downloaded at -mount time, no network traffic (and storage cost) is triggered by -running rsync. To unmount, one should not use the normal umount -command, as this will not flush the cache to the cloud storage, but -instead running the umount.s3ql command like this: - -

-# umount.s3ql /s3ql
-# 
-

- -

There is a fsck command available to check the file system and -correct any problems detected. This can be used if the local server -crashes while the file system is mounted, to reset the "already -mounted" flag. This is what it look like when processing a working -file system:

- -

-# fsck.s3ql --force --ssl s3c://s.greenqloud.com:443/bucket-name
-Using cached metadata.
-File system seems clean, checking anyway.
-Checking DB integrity...
-Creating temporary extra indices...
-Checking lost+found...
-Checking cached objects...
-Checking names (refcounts)...
-Checking contents (names)...
-Checking contents (inodes)...
-Checking contents (parent inodes)...
-Checking objects (reference counts)...
-Checking objects (backend)...
-..processed 5000 objects so far..
-..processed 10000 objects so far..
-..processed 15000 objects so far..
-Checking objects (sizes)...
-Checking blocks (referenced objects)...
-Checking blocks (refcounts)...
-Checking inode-block mapping (blocks)...
-Checking inode-block mapping (inodes)...
-Checking inodes (refcounts)...
-Checking inodes (sizes)...
-Checking extended attributes (names)...
-Checking extended attributes (inodes)...
-Checking symlinks (inodes)...
-Checking directory reachability...
-Checking unix conventions...
-Checking referential integrity...
-Dropping temporary indices...
-Backing up old metadata...
-Dumping metadata...
-..objects..
-..blocks..
-..inodes..
-..inode_blocks..
-..symlink_targets..
-..names..
-..contents..
-..ext_attributes..
-Compressing and uploading metadata...
-Wrote 0.89 MB of compressed metadata.
-# 
-

- -

Thanks to the cache, working on files that fit in the cache is very -quick, about the same speed as local file access. Uploading large -amount of data is to me limited by the bandwidth out of and into my -house. Uploading 685 MiB with a 100 MiB cache gave me 305 kiB/s, -which is very close to my upload speed, and downloading the same -Debian installation ISO gave me 610 kiB/s, close to my download speed. -Both were measured using dd. So for me, the bottleneck is my -network, not the file system code. I do not know what a good cache -size would be, but suspect that the cache should e larger than your -working set.

- -

I mentioned that only one machine can mount the file system at the -time. If another machine try, it is told that the file system is -busy:

- -

-# mount.s3ql --cachedir /var/lib/s3ql-cache --authfile /root/.s3ql/authinfo2 \
-  --ssl --allow-root s3c://s.greenqloud.com:443/bucket-name /s3ql
-Using 8 upload threads.
-Backend reports that fs is still mounted elsewhere, aborting.
-#
-

- -

The file content is uploaded when the cache is full, while the -metadata is uploaded once every 24 hour by default. To ensure the -file system content is flushed to the cloud, one can either umount the -file system, or ask S3QL to flush the cache and metadata using -s3qlctrl: - -

-# s3qlctrl upload-meta /s3ql
-# s3qlctrl flushcache /s3ql
-# 
-

- -

If you are curious about how much space your data uses in the -cloud, and how much compression and deduplication cut down on the -storage usage, you can use s3qlstat on the mounted file system to get -a report:

- -

-# s3qlstat /s3ql
-Directory entries:    9141
-Inodes:               9143
-Data blocks:          8851
-Total data size:      22049.38 MB
-After de-duplication: 21955.46 MB (99.57% of total)
-After compression:    21877.28 MB (99.22% of total, 99.64% of de-duplicated)
-Database size:        2.39 MB (uncompressed)
-(some values do not take into account not-yet-uploaded dirty blocks in cache)
-#
+% host -t srv _pgpkey-http._tcp.uio.no
+_pgpkey-http._tcp.uio.no has SRV record 0 100 11371 pool.sks-keyservers.net.
+%

-

I mentioned earlier that there are several possible suppliers of -storage. I did not try to locate them all, but am aware of at least -Greenqloud, -Google Drive, -Amazon S3 web serivces, -Rackspace and -Crowncloud. The latter even -accept payment in Bitcoin. Pick one that suit your need. Some of -them provide several GiB of free storage, but the prize models are -quire different and you will have to figure out what suit you -best.

- -

While researching this blog post, I had a look at research papers -and posters discussing the S3QL file system. There are several, which -told me that the file system is getting a critical check by the -science community and increased my confidence in using it. One nice -poster is titled -"An -Innovative Parallel Cloud Storage System using OpenStack’s SwiftObject -Store and Transformative Parallel I/O Approach" by Hsing-Bung -Chen, Benjamin McClelland, David Sherrill, Alfred Torrez, Parks Fields -and Pamela Smith. Please have a look.

- -

Given my problems with different file systems earlier, I decided to -check out the mounted S3QL file system to see if it would be usable as -a home directory (in other word, that it provided POSIX semantics when -it come to locking and umask handling etc). Running -my -test code to check file system semantics, I was happy to discover that -no error was found. So the file system can be used for home -directories, if one chooses to do so.

- -

If you do not want a locally file system, and want something that -work without the Linux fuse file system, I would like to mention the -Tarsnap service, which also -provide locally encrypted backup using a command line client. It have -a nicer access control system, where one can split out read and write -access, allowing some systems to write to the backup and others to -only read from it.

- -

As usual, if you use Bitcoin and want to show your support of my -activities, please send Bitcoin donations to my address -15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

+

Now if only +the +HKP lookup protocol supported finding signature paths, I would be +very happy. It can look up a given key or search for a user ID, but I +normally do not want that, but to find a trust path from my key to +another key. Given a user ID or key ID, I would like to find (and +download) the keys representing a signature path from my key to the +key in question, to be able to get a trust path between the two keys. +This is as far as I can tell not possible today. Perhaps something +for a future version of the protocol?

@@ -308,86 +83,116 @@ activities, please send Bitcoin donations to my address
-
EU-domstolen bekreftet i dag at datalagringsdirektivet er ulovlig
-
8th April 2014
-

I dag kom endelig avgjørelsen fra EU-domstolen om -datalagringsdirektivet, som ikke overraskende ble dømt ulovlig og i -strid med borgernes grunnleggende rettigheter. Hvis du lurer på hva -datalagringsdirektivet er for noe, så er det -en -flott dokumentar tilgjengelig hos NRK som jeg tidligere -har -anbefalt alle å se.

- -

Her er et liten knippe nyhetsoppslag om saken, og jeg regner med at -det kommer flere ut over dagen. Flere kan finnes -via -mylder.

- -

-

- -

Jeg synes det er veldig fint at nok en stemme slår fast at -totalitær overvåkning av befolkningen er uakseptabelt, men det er -fortsatt like viktig å beskytte privatsfæren som før, da de -teknologiske mulighetene fortsatt finnes og utnyttes, og jeg tror -innsats i prosjekter som -Freedombox og -Dugnadsnett er viktigere enn -noen gang.

- -

Update 2014-04-08 12:10: Kronerullingen for å -stoppe datalagringsdirektivet i Norge gjøres hos foreningen -Digitalt Personvern, -som har samlet inn 843 215,- så langt men trenger nok mye mer hvis - -ikke Høyre og Arbeiderpartiet bytter mening i saken. Det var -kun -partinene Høyre og Arbeiderpartiet som stemte for -Datalagringsdirektivet, og en av dem må bytte mening for at det skal -bli flertall mot i Stortinget. Se mer om saken -Holder -de ord.

+
Do you need an agreement with MPEG-LA to publish and broadcast H.264 video in Norway?
+
25th August 2014
+

Two years later, I am still not sure if it is legal here in Norway +to use or publish a video in H.264 or MPEG4 format edited by the +commercially licensed video editors, without limiting the use to +create "personal" or "non-commercial" videos or get a license +agreement with MPEG LA. If one +want to publish and broadcast video in a non-personal or commercial +setting, it might be that those tools can not be used, or that video +format can not be used, without breaking their copyright license. I +am not sure. +Back +then, I found that the copyright license terms for Adobe Premiere +and Apple Final Cut Pro both specified that one could not use the +program to produce anything else without a patent license from MPEG +LA. The issue is not limited to those two products, though. Other +much used products like those from Avid and Sorenson Media have terms +of use are similar to those from Adobe and Apple. The complicating +factor making me unsure if those terms have effect in Norway or not is +that the patents in question are not valid in Norway, but copyright +licenses are.

+ +

These are the terms for Avid Artist Suite, according to their +published +end user +license +text (converted to lower case text for easier reading):

+ +

+

18.2. MPEG-4. MPEG-4 technology may be included with the +software. MPEG LA, L.L.C. requires this notice:

+ +

This product is licensed under the MPEG-4 visual patent portfolio +license for the personal and non-commercial use of a consumer for (i) +encoding video in compliance with the MPEG-4 visual standard (“MPEG-4 +video”) and/or (ii) decoding MPEG-4 video that was encoded by a +consumer engaged in a personal and non-commercial activity and/or was +obtained from a video provider licensed by MPEG LA to provide MPEG-4 +video. No license is granted or shall be implied for any other +use. Additional information including that relating to promotional, +internal and commercial uses and licensing may be obtained from MPEG +LA, LLC. See http://www.mpegla.com. This product is licensed under +the MPEG-4 systems patent portfolio license for encoding in compliance +with the MPEG-4 systems standard, except that an additional license +and payment of royalties are necessary for encoding in connection with +(i) data stored or replicated in physical media which is paid for on a +title by title basis and/or (ii) data which is paid for on a title by +title basis and is transmitted to an end user for permanent storage +and/or use, such additional license may be obtained from MPEG LA, +LLC. See http://www.mpegla.com for additional details.

+ +

18.3. H.264/AVC. H.264/AVC technology may be included with the +software. MPEG LA, L.L.C. requires this notice:

+ +

This product is licensed under the AVC patent portfolio license for +the personal use of a consumer or other uses in which it does not +receive remuneration to (i) encode video in compliance with the AVC +standard (“AVC video”) and/or (ii) decode AVC video that was encoded +by a consumer engaged in a personal activity and/or was obtained from +a video provider licensed to provide AVC video. No license is granted +or shall be implied for any other use. Additional information may be +obtained from MPEG LA, L.L.C. See http://www.mpegla.com.

+

+ +

Note the requirement that the videos created can only be used for +personal or non-commercial purposes.

+ +

The Sorenson Media software have +similar terms:

+ +

+ +

With respect to a license from Sorenson pertaining to MPEG-4 Video +Decoders and/or Encoders: Any such product is licensed under the +MPEG-4 visual patent portfolio license for the personal and +non-commercial use of a consumer for (i) encoding video in compliance +with the MPEG-4 visual standard (“MPEG-4 video”) and/or (ii) decoding +MPEG-4 video that was encoded by a consumer engaged in a personal and +non-commercial activity and/or was obtained from a video provider +licensed by MPEG LA to provide MPEG-4 video. No license is granted or +shall be implied for any other use. Additional information including +that relating to promotional, internal and commercial uses and +licensing may be obtained from MPEG LA, LLC. See +http://www.mpegla.com.

+ +

With respect to a license from Sorenson pertaining to MPEG-4 +Consumer Recorded Data Encoder, MPEG-4 Systems Internet Data Encoder, +MPEG-4 Mobile Data Encoder, and/or MPEG-4 Unique Use Encoder: Any such +product is licensed under the MPEG-4 systems patent portfolio license +for encoding in compliance with the MPEG-4 systems standard, except +that an additional license and payment of royalties are necessary for +encoding in connection with (i) data stored or replicated in physical +media which is paid for on a title by title basis and/or (ii) data +which is paid for on a title by title basis and is transmitted to an +end user for permanent storage and/or use. Such additional license may +be obtained from MPEG LA, LLC. See http://www.mpegla.com for +additional details.

+ +

+ +

Some free software like +Handbrake and +FFMPEG uses GPL/LGPL licenses and do +not have any such terms included, so for those, there is no +requirement to limit the use to personal and non-commercial.

- Tags: norsk, personvern, sikkerhet, surveillance. + Tags: english, multimedia, opphavsrett, standard, video, web.
@@ -395,62 +200,167 @@ de ord.

-
ReactOS Windows clone - nice free software
-
1st April 2014
-

Microsoft have announced that Windows XP reaches its end of life -2014-04-08, in 7 days. But there are heaps of machines still running -Windows XP, and depending on Windows XP to run their applications, and -upgrading will be expensive, both when it comes to money and when it -comes to the amount of effort needed to migrate from Windows XP to a -new operating system. Some obvious options (buy new a Windows -machine, buy a MacOSX machine, install Linux on the existing machine) -are already well known and covered elsewhere. Most of them involve -leaving the user applications installed on Windows XP behind and -trying out replacements or updated versions. In this blog post I want -to mention one strange bird that allow people to keep the hardware and -the existing Windows XP applications and run them on a free software -operating system that is Windows XP compatible.

- -

ReactOS is a free software -operating system (GNU GPL licensed) working on providing a operating -system that is binary compatible with Windows, able to run windows -programs directly and to use Windows drivers for hardware directly. -The project goal is for Windows user to keep their existing machines, -drivers and software, and gain the advantages from user a operating -system without usage limitations caused by non-free licensing. It is -a Windows clone running directly on the hardware, so quite different -from the approach taken by the Wine -project, which make it possible to run Windows binaries on -Linux.

- -

The ReactOS project share code with the Wine project, so most -shared libraries available on Windows are already implemented already. -There is also a software manager like the one we are used to on Linux, -allowing the user to install free software applications with a simple -click directly from the Internet. Check out the -screen shots on the -project web site for an idea what it look like (it looks just like -Windows before metro).

- -

I do not use ReactOS myself, preferring Linux and Unix like -operating systems. I've tested it, and it work fine in a virt-manager -virtual machine. The browser, minesweeper, notepad etc is working -fine as far as I can tell. Unfortunately, my main test application -is the software included on a CD with the Lego Mindstorms NXT, which -seem to install just fine from CD but fail to leave any binaries on -the disk after the installation. So no luck with that test software. -No idea why, but hope someone else figure out and fix the problem. -I've tried the ReactOS Live ISO on a physical machine, and it seemed -to work just fine. If you like Windows and want to keep running your -old Windows binaries, check it out by -downloading the -installation CD, the live CD or the preinstalled virtual machine -image.

+
Lenker for 2014-08-03
+
3rd August 2014
+

Lenge siden jeg har hatt tid til å publisere lenker til skriverier +jeg har hatt glede og nytte av av å lese. Her er en liten norsk +lenkesamling.

+ +

    + +
  • Sjøslag +om fiskemilliardene (NRK Ytring 2014-03-03) - litt om hvordan de +norske felles matressurser røves fra felleskapet.
    • + +
  • Matkrisen +kan komme til Norge (Aftenposten 2014-4-01) - hvordan miljøendringene vil gjøre matproduksjonen i Norge mer sÃ¥rbar.
    • + +
  • Norge +trenger kornlager (NRK Ytring 2014-06-07) Chr. Anton Smedshaug +forteller litt om Norges sÃ¥rbare matsituasjon etter at Staten solgte +Norges kornlager.
    • + +
  • PST +vil overvÃ¥ke datatastaturer (NRK 2014-03-04) - PST ønsker retten +til Ã¥ bryte seg inn pÃ¥ private PC-er og legge inn spionprogrammer. +Hvilket nok vil gjøre Linux mer populært, men gjør at en i enda mindre +grad enn i dag kan stole pÃ¥ datamaskiner - neppe en god ide for +samfunnet totalt sett.
    • + +
  • «Ruter +fremstÃ¥r som et pøbelvelde» (OsloBy 2014-03-05) - et eksempel pÃ¥ +hvordan kollektivtransportselskapet i Oslo hÃ¥ndterer sine kunder.
    • + +
  • Clear +Channel nektet Ã¥ vise Greenpeace-reklame i Oslo (Dagbladet +2014-03-05) - forteller litt om hvordan hvilke budskap som nÃ¥r ut i +det offentlige rom kontrolleres i Norge.
    • + +
  • Svarte +ikke pÃ¥ kritikken (Dagbladet 2014-03-06) - innlegg fra Norsk +presseforbund der de nok en gang tar opp det forkastelige i at +politiet nÃ¥ har full tilgang til Ã¥ bedrive telefonkontroll av +advokater.
    • + +
  • «Putin +spiller poker, ikke sjakk. I sjakk har man regler.» (Aftenposten +2014-03-08) - sjakklegenden Kasparov forklarer litt om hvordan han ser +at Russlands politikk fungerer, blant annet i lys av started av +Ukraina-krisen.
    • + +
  • I +seng med fienden (Aftenposten 2014-03-10) - kronikk fra Eirik +H. Vinje om hvordan menn og kvinner settes opp mot hverandre i det +offentlige ordskiftet, kanskje pÃ¥ sviktende grunnlag.
    • + +
  • Fritt +frem for skulk (Aftenposten 2014-03-14) - skildring av hvordan +norske elever i dag ikke lenger har rimelig krav om oppmøte pÃ¥ +skolen.
    • + +
  • «Datalagringsdirektiv» +avslørte abort, sykdom og vÃ¥penkjøp (Aftenposten 2014-03-14) - om +hvordan forskere har dokumentert hvordan innsamling av metadata om +telefoni og Internett-bruk kan være svært avslørende.
    • + +
  • Konsentrasjonssvikt +pÃ¥ pensum (Dagbladet 2014-03-14) - Kommentar om hvordan (feil) +bruk IKT i skolen kan ødelegge mer enn det bidrar til læring.
    • + +
  • Reservasjonsrettsstaten +(blogg fra Doremus 2014-02-09) - morsom beskrivelse om hvordan +regjeringens forslag til reservasjonsrett for leger kan utvides til Ã¥ +gjelde alles samvittighet.
    • + +
  • Autoritær +gjøkunge (Aftenposten 2014-03-25) - Kronikk av Bjørn Stærk om +snurpenots-overvÃ¥kningen som varsleren Snowden dokumenterte.
    • + +
  • Leveransekrise +i Offentlig sektor – mener Mike Bracken, Executive Director of Digital +in the Cabinet Office (blogg fra Friprog-senteret 2014-03-26).
    • + +
  • Norge +mÃ¥ stanse avlyttingen (Dagbladet 2014-03-26) - leserinnlegg fra +Felix Horne der han ber om at Norge gjør en innsats for Ã¥ fÃ¥ slutt pÃ¥ +overvÃ¥kning av innbyggerne som gjøres i Norge av Etiopiske +myndigheter.
    • + +
  • Demokrati +er ingen naturlig styreform (Aftenposten 2014-04-01) - kronikk av +Stein Ringen om hvordan demokrati som styreform gÃ¥r tapt nÃ¥r +innbyggerne tar det for gitt.
    • + +
  • Ytringsansvar +ere Enhver tilladte! (NRK Ytring 2014-04-01) - innspill fra Trygve +Svensson og Helge Svare om at hver enkelt av oss har et ansvar for Ã¥ +ytre oss i den offentlige debatten.
    • + +
  • Jeg +er ingen god samfunnsborger (Aftenposten 2014-04-16), kronikk av +Simen Tveitereid om alternative mÃ¥ter Ã¥ motiveres i samfunnet, uten Ã¥ +hige etter mer penger og flere ting.
    • + +
  • DLD-dommen: +Avgjørelsen fÃ¥r umiddelbar virkning (Aftenposten 2014-04-10) - +kronikk av Høyres Michael Tetzschner, en partiutbryter i DLD-saken som +stemte nei til DLD i Stortinget i 2011.
    • + +
  • Datalagringsdirektivets +endelikt (blogg fra John Wessel-Aas 2014-04-11) - oppsummering +av hvordan direktivet ble funnet ugyldig i EU-domstolen.
    • + +
  • Kronikk: +Kapitulasjonspresidenten (VG 2014-04-22) - kronikk av Einar +Kr. Steffenak om hvordan Stortingspresidenten og regjeringen viser sin +prinsippløshet i møte med Kina.
    • + +
  • Innerst +inne er alle nordmenn (Aftenposten 2014-04-27) - kronikk fra Bjørn +Stærk om hvordan vi i Vesten i stor grad baserer oss pÃ¥ en fantasi om +at alle i verden bærer pÃ¥ en drøm om Ã¥ bli som oss.
    • + +
  • Det +italienske senatet gav seg selv 134 milliarder euro i sluttpakke +(Aftenposten 2014-06-19) - forsker Simen Gaure forteller hvordan +løgner og fantasi fra nettkilder i stor grad blir akseptert som +sannhet - antagelig ogsÃ¥ av deg og meg.
    • + +
  • Et +forsvar for brÃ¥kmakerne (Dagbladet 2014-05-30) - kronikk av Dag +Øystein Nome som beskriver hvordan dagens skole ikke fungerer sÃ¥ godt +for mange elever.
    • + +
  • Betalte +med slitt seddel - havnet i arresten (Osloby 2014-06-25)) - +dokumentasjon av Oslopolitiets angrep pÃ¥ vÃ¥r alles rett til Ã¥ ferdes +uten elektronisk sporing. Jeg bruker kontanter i sÃ¥ stor grad som +mulig da banken ikke har noe med hvor jeg er og hva jeg kjøper. Vi +som gjør dette risikerer som beskrevet overgrep som frihetsberøvelse +og registrering og lagring av fingeravtrykk og bilde i politiets +database over mistenkte.
    • + +
  • Fredsprisen +til Snowden (Aftenposten 2014-06-28) - leder som forklarer hvorfor +varsleren Snowden bør fÃ¥ fredsprisen.
    • + +
  • Strategi +for politistaten (Dagbladet 2014-08-01) - leder som advarer om +sterke krefter som bruker terrortrusselen til Ã¥ lirke Norge nærmere Ã¥ +bli en politistat.
    • + +
  • Vi +mÃ¥ tenke nytt om narkotika (NRK Ytring 2014-08-03) - Mark Lewis +forklarer hvorfor legalisering og offentlig kontroll av +narkotikamarkedet er mye bedre enn Ã¥ overlate det til kriminelle.
    • + + +

- Tags: english, reactos. + Tags: lenker, norsk, opphavsrett, personvern.
@@ -458,87 +368,89 @@ image.

-
Debian Edu interview: Roger Marsal
-
30th March 2014
-

Debian Edu / Skolelinux -keep gaining new users. Some weeks ago, a person showed up on IRC, -#debian-edu, with a -wish to contribute, and I managed to get a interview with this great -contributor Roger Marsal to learn more about his background.

+
Debian Edu interview: Bernd Zeitzen
+
31st July 2014
+

The complete and free “out of the box” software solution for +schools, Debian Edu / +Skolelinux, is used quite a lot in Germany, and one of the people +involved is Bernd Zeitzen, who show up on the project mailing lists +from time to time with interesting questions and tips on how to adjust +the setup. I managed to interview him this summer.

Who are you, and how do you spend your days?

-

My name is Roger Marsal, I'm 27 years old (1986 generation) and I -live in Barcelona, Spain. I've got a strong business background and I -work as a patrimony manager and as a real estate agent. Additionally, -I've co-founded a British based tech company that is nowadays on the -last development phase of a new social networking concept.

- -

I'm a Linux enthusiast that started its journey with Ubuntu four years -ago and have recently switched to Debian seeking rock solid stability -and as a necessary step to gain expertise.

- -

In a nutshell, I spend my days working and learning as much as I -can to face both my job, entrepreneur project and feed my Linux -hunger.

+

My name is Bernd Zeitzen and I'm married with Hedda, a self +employed physiotherapist. My former profession is tool maker, but I +haven't worked for 30 years in this job. 30 years ago I started to +support my wife and become her officeworker and a few years later the +administrator for a small computer network, today based on Ubuntu +Server (Samba, OpenVPN). For her daily work she has to use Windows +Desktops because the software she needs to organize her business only +works with Windows . :-(

+ +

In 1988 we started with one PC and DOS, then I learned to use +Windows 98, 2000, XP, …, 8, Ubuntu, MacOSX. Today we are running a +Linux server with 6 Windows clients and 10 persons (teacher of +children with special needs, speech therapist, occupational therapist, +psychologist and officeworkers) using our Samba shares via OpenVPN to +work with the documentations of our patients.

How did you get in contact with the Skolelinux / Debian Edu project?

-

I discovered the LTSP advantages -with "Ubuntu 12.04 alternate install" and after a year of use I -started looking for an alternative. Even though I highly value and -respect the Ubuntu project, I thought it was necessary for me to -change to a more robust and stable alternative. As far as I was using -Debian on my personal laptop I thought it would be fine to install -Debian and configure an LTSP server myself. Surprised, I discovered -that the Debian project also supported a kind of Edubuntu equivalent, -and after having some pain I obtained a Debian Edu network up and -running. I just loved it.

+

Two years ago a friend of mine asked me, if I want to get a job in +his school (Gymnasium +Harsewinkel). They started with Skolelinux / Debian Edu and they +were looking for people to give support to the teachers using the +software and the network and teaching the pupils increasing their +computer skills in optional lessons. I'm spending 4-6 hours a week +with this job.

What do you see as the advantages of Skolelinux / Debian Edu?

-

I found a main advantage in that, once you know "the tips and -tricks", a new installation just works out of the box. It's the most -complete alternative I've found to create an LTSP network. All the -other distributions seems to be made of plastic, Debian Edu seems to -be made of steel.

+

The independence.

-

What do you see as the disadvantages of Skolelinux / Debian -Edu?

+

First: Every person is allowed to use, share and develop the +software. Even if you are poor, you are allowed to use the software +included in Skolelinux/Debian Edu and all the other Free Software.

+ +

Second: The software runs on old machines and this gives us the +possibility to recycle computers, weeded out from offices. The +servers and desktops are running for more than two years and they are +working reliable.

-

I found two main disadvantages.

+

We have two servers (one tjener and one terminal server), 45 +workstations in three classrooms and seven laptops as a mobile +solution for all classrooms. These machines are all booting from the +terminal server. In the moment we are installing 30 laptops as mobile +workstations. Then the pupils have the possibility to work with these +machines in their classrooms. Internet access is realized by a WLAN +router, connected to the schools network. This is all done without a +dedicated system administrator or a computer science teacher.

-

I'm not an expert but I've got notions and I had to spent a considerable -amount of time trying to bring up a standard network topology. I'm quite -stubborn and I just worked until I did but I'm sure many people with few -resources (not big schools, but academies for example) would have switched -or dropped.

+

What do you see as the disadvantages of Skolelinux / Debian +Edu?

-

It's amazing how such a complex system like Debian Edu has achieved -this out-of-the-box state. Even though tweaking without breaking gets -more difficult, as more factors have to be considered. This can -discourage many people too.

+

Teachers and pupils are Windows users. <Irony on> And Linux +isn't cool. It's software for freaks using the command line. <Irony +off> They don't realize the stability of the system.

Which free software do you use daily?

-

I use Debian, Firefox, Okular, Inkscape, LibreOffice and -Virtualbox.

- +

Firefox, Thunderbird, LibreOffice, Ubuntu Server 12.04 (Samba, +Apache, MySQL, Joomla!, … and Skolelinux / Debian Edu)

Which strategy do you believe is the right one to use to get schools to use free software?

-

I don't think there is a need for a particular strategy. The free -attribute in both "freedom" and "no price" meanings is what will -really bring free software to schools. In my experience I can think of -the "R" statistical language; a -few years a ago was an extremely nerd tool for university people. -Today it's being increasingly used to teach statistics at many -different level of studies. I believe free and open software will -increasingly gain popularity, but I'm sure schools will be one of the -first scenarios where this will happen.

+

In Germany we have the situation: every school is free to decide +which software they want to use. This decision is influenced by +teachers who learned to use Windows and MS Office. They buy a PC with +Windows preinstalled and an additional testing version of MS +Office. They don't know about the possibility to use Free Software +instead. Another problem are the publisher of school books. They +develop their software, added to the school books, for Windows.

@@ -551,39 +463,39 @@ first scenarios where this will happen.

-
Dokumentaren om Datalagringsdirektivet sendes endelig på NRK
-
26th March 2014
-

Foreningen NUUG melder i natt at -NRK nå har bestemt seg for -når -den norske dokumentarfilmen om datalagringsdirektivet skal -sendes (se IMDB -for detaljer om filmen) . Første visning blir på NRK2 mandag -2014-03-31 kl. 19:50, og deretter visninger onsdag 2014-04-02 -kl. 12:30, fredag 2014-04-04 kl. 19:40 og søndag 2014-04-06 kl. 15:10. -Jeg har sett dokumentaren, og jeg anbefaler enhver å se den selv. Som -oppvarming mens vi venter anbefaler jeg Bjørn Stærks kronikk i -Aftenposten fra i går, -Autoritær -gjøkunge, der han gir en grei skisse av hvor ille det står til med -retten til privatliv og beskyttelsen av demokrati i Norge og resten -verden, og helt riktig slår fast at det er vi i databransjen som -sitter med nøkkelen til å gjøre noe med dette. Jeg har involvert meg -i prosjektene dugnadsnett.no -og FreedomBox for å -forsøke å gjøre litt selv for å bedre situasjonen, men det er mye -hardt arbeid fra mange flere enn meg som gjenstår før vi kan sies å ha -gjenopprettet balansen.

- -

Jeg regner med at nettutgaven dukker opp på -NRKs -side om filmen om datalagringsdirektivet om fem dager. Hold et -øye med siden, og tips venner og slekt om at de også bør se den.

+
98.6 percent done with the Norwegian draft translation of Free Culture
+
23rd July 2014
+

This summer I finally had time to continue working on the Norwegian +docbook version of the 2004 book +Free Culture by Lawrence Lessig, +to get a Norwegian text explaining the problems with todays copyright +law. Yesterday, I finally completed translated the book text. There +are still some foot/end notes left to translate, the colophon page +need to be rewritten, and a few words and phrases still need to be +translated, but the Norwegian text is ready for the first proof +reading. :) More spell checking is needed, and several illustrations +need to be cleaned up. The work stopped up because I had to give +priority to other projects the last year, and the progress graph of +the translation show this very well:

+ +

+ +

If you want to read the result, check out the +github +project pages and the +PDF, +EPUB +and HTML version available in the +archive +directory.

+ +

Please report typos, bugs and improvements to the github project if +you find any.

- Tags: freedombox, mesh network, norsk, personvern, sikkerhet, surveillance. + Tags: docbook, english, freeculture.
@@ -591,102 +503,111 @@ side om filmen om datalagringsdirektivet om fem dager. Hold et
-
Public Trusted Timestamping services for everyone
-
25th March 2014
-

Did you ever need to store logs or other files in a way that would -allow it to be used as evidence in court, and needed a way to -demonstrate without reasonable doubt that the file had not been -changed since it was created? Or, did you ever need to document that -a given document was received at some point in time, like some -archived document or the answer to an exam, and not changed after it -was received? The problem in these settings is to remove the need to -trust yourself and your computers, while still being able to prove -that a file is the same as it was at some given time in the past.

- -

A solution to these problems is to have a trusted third party -"stamp" the document and verify that at some given time the document -looked a given way. Such -notarius service -have been around for thousands of years, and its digital equivalent is -called a -trusted -timestamping service. The Internet -Engineering Task Force standardised how such service could work a -few years ago as RFC -3161. The mechanism is simple. Create a hash of the file in -question, send it to a trusted third party which add a time stamp to -the hash and sign the result with its private key, and send back the -signed hash + timestamp. Both email, FTP and HTTP can be used to -request such signature, depending on what is provided by the service -used. Anyone with the document and the signature can then verify that -the document matches the signature by creating their own hash and -checking the signature using the trusted third party public key. -There are several commercial services around providing such -timestamping. A quick search for -"rfc 3161 -service" pointed me to at least -DigiStamp, -Quo -Vadis, -Global Sign -and Global -Trust Finder. The system work as long as the private key of the -trusted third party is not compromised.

- -

But as far as I can tell, there are very few public trusted -timestamp services available for everyone. I've been looking for one -for a while now. But yesterday I found one over at -Deutches -Forschungsnetz mentioned in -a -blog by David Müller. I then found -a -good recipe on how to use the service over at the University of -Greifswald.

- -

The OpenSSL library contain -both server and tools to use and set up your own signing service. See -the ts(1SSL), tsget(1SSL) manual pages for more details. The -following shell script demonstrate how to extract a signed timestamp -for any file on the disk in a Debian environment:

- -

-#!/bin/sh
-set -e
-url="http://zeitstempel.dfn.de"
-caurl="https://pki.pca.dfn.de/global-services-ca/pub/cacert/chain.txt"
-reqfile=$(mktemp -t tmp.XXXXXXXXXX.tsq)
-resfile=$(mktemp -t tmp.XXXXXXXXXX.tsr)
-cafile=chain.txt
-if [ ! -f $cafile ] ; then
-    wget -O $cafile "$caurl"
-fi
-openssl ts -query -data "$1" -cert | tee "$reqfile" \
-    | /usr/lib/ssl/misc/tsget -h "$url" -o "$resfile"
-openssl ts -reply -in "$resfile" -text 1>&2
-openssl ts -verify -data "$1" -in "$resfile" -CAfile "$cafile" 1>&2
-base64 < "$resfile"
-rm "$reqfile" "$resfile"
-

- -

The argument to the script is the file to timestamp, and the output -is a base64 encoded version of the signature to STDOUT and details -about the signature to STDERR. Note that due to -a bug -in the tsget script, you might need to modify the included script -and remove the last line. Or just write your own HTTP uploader using -curl. :) Now you too can prove and verify that files have not been -changed.

- -

But the Internet need more public trusted timestamp services. -Perhaps something for Uninett or -my work place the University of Oslo -to set up?

+
From English wiki to translated PDF and epub via Docbook
+
17th June 2014
+

The Debian Edu / Skolelinux +project provide an instruction manual for teachers, system +administrators and other users that contain useful tips for setting up +and maintaining a Debian Edu installation. This text is about how the +text processing of this manual is handled in the project.

+ +

One goal of the project is to provide information in the native +language of its users, and for this we need to handle translations. +But we also want to make sure each language contain the same +information, so for this we need a good way to keep the translations +in sync. And we want it to be easy for our users to improve the +documentation, avoiding the need to learn special formats or tools to +contribute, and the obvious way to do this is to make it possible to +edit the documentation using a web browser. We also want it to be +easy for translators to keep the translation up to date, and give them +help in figuring out what need to be translated. Here is the list of +tools and the process we have found trying to reach all these +goals.

+ +

We maintain the authoritative source of our manual in the +Debian +wiki, as several wiki pages written in English. It consist of one +front page with references to the different chapters, several pages +for each chapter, and finally one "collection page" gluing all the +chapters together into one large web page (aka +the +AllInOne page). The AllInOne page is the one used for further +processing and translations. Thanks to the fact that the +MoinMoin installation on +wiki.debian.org support exporting pages in +the Docbook format, we can fetch +the list of pages to export using the raw version of the AllInOne +page, loop over each of them to generate a Docbook XML version of the +manual. This process also download images and transform image +references to use the locally downloaded images. The generated +Docbook XML files are slightly broken, so some post-processing is done +using the documentation/scripts/get_manual program, and the +result is a nice Docbook XML file (debian-edu-wheezy-manual.xml) and +a handfull of images. The XML file can now be used to generate PDF, HTML +and epub versions of the English manual. This is the basic step of +our process, making PDF (using dblatex), HTML (using xsltproc) and +epub (using dbtoepub) version from Docbook XML, and the resulting files +are placed in the debian-edu-doc-en binary package.

+ +

But English documentation is not enough for us. We want translated +documentation too, and we want to make it easy for translators to +track the English original. For this we use the +poxml package, +which allow us to transform the English Docbook XML file into a +translation file (a .pot file), usable with the normal gettext based +translation tools used by those translating free software. The pot +file is used to create and maintain translation files (several .po +files), which the translations update with the native language +translations of all titles, paragraphs and blocks of text in the +original. The next step is combining the original English Docbook XML +and the translation file (say debian-edu-wheezy-manual.nb.po), to +create a translated Docbook XML file (in this case +debian-edu-wheezy-manual.nb.xml). This translated (or partly +translated, if the translation is not complete) Docbook XML file can +then be used like the original to create a PDF, HTML and epub version +of the documentation.

+ +

The translators use different tools to edit the .po files. We +recommend using +lokalize, +while some use emacs and vi, others can use web based editors like +Poodle or +Transifex. All we care about +is where the .po file end up, in our git repository. Updated +translations can either be committed directly to git, or submitted as +bug reports +against the debian-edu-doc package.

+ +

One challenge is images, which both might need to be translated (if +they show translated user applications), and are needed in different +formats when creating PDF and HTML versions (epub is a HTML version in +this regard). For this we transform the original PNG images to the +needed density and format during build, and have a way to provide +translated images by storing translated versions in +images/$LANGUAGECODE/. I am a bit unsure about the details here. The +package maintainers know more.

+ +

If you wonder what the result look like, we provide +the content +of the documentation packages on the web. See for example the +Italian +PDF version or the +German +HTML version. We do not yet build the epub version by default, +but perhaps it will be done in the future.

+ +

To learn more, check out +the +debian-edu-doc package, +the +manual on the wiki and +the +translation instructions in the manual.

- Tags: english, sikkerhet. + Tags: debian, debian edu, docbook, english.
@@ -694,54 +615,57 @@ to set up?

-
Video DVD reader library / python-dvdvideo - nice free software
-
21st March 2014
-

Keeping your DVD collection safe from scratches and curious -children fingers while still having it available when you want to see a -movie is not straight forward. My preferred method at the moment is -to store a full copy of the ISO on a hard drive, and use VLC, Popcorn -Hour or other useful players to view the resulting file. This way the -subtitles and bonus material are still available and using the ISO is -just like inserting the original DVD record in the DVD player.

- -

Earlier I used dd for taking security copies, but it do not handle -DVDs giving read errors (which are quite a few of them). I've also -tried using -dvdbackup -and genisoimage, but these days I use the marvellous python library -and program -python-dvdvideo -written by Bastian Blank. It is -in Debian -already and the binary package name is python3-dvdvideo. Instead -of trying to read every block from the DVD, it parses the file -structure and figure out which block on the DVD is actually in used, -and only read those blocks from the DVD. This work surprisingly well, -and I have been able to almost backup my entire DVD collection using -this method.

- -

So far, python-dvdvideo have failed on between 10 and -20 DVDs, which is a small fraction of my collection. The most common -problem is -DVDs -using UTF-16 instead of UTF-8 characters, which according to -Bastian is against the DVD specification (and seem to cause some -players to fail too). A rarer problem is what seem to be inconsistent -DVD structures, as the python library -claim -there is a overlap between objects. An equally rare problem claim -some -value is out of range. No idea what is going on there. I wish I -knew enough about the DVD format to fix these, to ensure my movie -collection will stay with me in the future.

- -

So, if you need to keep your DVDs safe, back them up using -python-dvdvideo. :)

+
Hvordan enkelt laste ned filmer fra NRK med den "nye" løsningen
+
16th June 2014
+

Jeg har fortsatt behov for å kunne laste ned innslag fra NRKs +nettsted av og til for å se senere når jeg ikke er på nett, men +min +oppskrift fra 2011 sluttet å fungere da NRK byttet +avspillermetode. I dag fikk jeg endelig lett etter oppdatert løsning, +og jeg er veldig glad for å fortelle at den enkleste måten å laste ned +innslag er å bruke siste versjon 2014.06.07 av +youtube-dl. Støtten i +youtube-dl kom +inn for 23 dager siden og +versjonen i +Debian fungerer fint også som backport til Debian Wheezy. Det er +et lite problem, det håndterer kun URLer med små bokstaver, men hvis +en har en URL med store bokstaver kan en bare gjøre alle store om til +små bokstaver for å få youtube-dl til å laste ned. Rapporterte +nettopp +problemet til +utviklerne, og antar de får fikset det snart.

+ +

Dermed er alt klart til å laste ned dokumentarene om +USAs +hemmelige avlytting og +Selskapene +bak USAs avlytting, i tillegg til +intervjuet +med Edward Snowden gjort av den tyske tv-kanalen ARD. Anbefaler +alle å se disse, sammen med +foredraget +til Jacob Appelbaum på siste CCC-konferanse, for å forstå mer om +hvordan overvåkningen av borgerne brer om seg.

+ +

Takk til gode venner på foreningen NUUGs IRC-kanal +#nuug på irc.freenode.net +for tipsene som fikk meg i mål.

+ +

Oppdatering 2014-06-17: Etter at jeg publiserte +denne, ble jeg tipset om bloggposten +"Downloading +HD content from tv.nrk.no" av Ingvar Hagelund, som har alternativ +implementasjon og tips for å lage mkv-fil med undertekstene inkludert. +Kanskje den passer bedre for deg? I tillegg ble feilen i youtube-dl +ble fikset litt senere ut på dagen i går, samt at youtube-dl fikk +støtte for å laste ned undertitler. Takk til Anders Einar Hilden for +god innsats og youtube-dl-utviklerne for rask respons.

- Tags: english, multimedia, opphavsrett, video. + Tags: multimedia, norsk, video, web.
@@ -749,56 +673,59 @@ python-dvdvideo. :)

-
Norsk utgave av Alaveteli / WhatDoTheyKnow på trappene
-
16th March 2014
-

Det offentlige Norge har mye kunnskap og informasjon. Men hvordan -kan en få tilgang til den på en enkel måte? Takket være et lite -knippe lover og tilhørende forskrifter, blant annet -offentlighetsloven, -miljøinformasjonsloven -og -forvaltningsloven -har en rett til å spørre det offentlige og få svar. Men det finnes -intet offentlig arkiv over hva andre har spurt om, og dermed risikerer en -å måtte forstyrre myndighetene gang på gang for å få tak i samme -informasjonen på nytt. Britiske -mySociety har laget tjenesten -WhatDoTheyKnow som gjør -noe med dette. I Storbritannia blir WhatdoTheyKnow brukt i -ca -15% av alle innsynsforespørsler mot sentraladministrasjonen. -Prosjektet heter Alaveteli, og -er takk i bruk en rekke steder etter at løsningen ble generalisert og -gjort mulig å oversette. Den hjelper borgerne med å be om innsyn, -rådgir ved purringer og klager og lar alle se hvilke henvendelser som -er sendt til det offentlige og hvilke svar som er kommet inn, i et -søkpart arkiv. Her i Norge holder vi i foreningen NUUG på å få opp en -norsk utgave av Alaveteli, og her trenger vi din hjelp med -oversettelsen.

- -

Så langt er 76 % av Alaveteli oversatt til norsk bokmål, men vi -skulle gjerne vært oppe i 100 % før lansering. Oversettelsen gjøres -på Transifex, -der enhver som registrerer seg og ber om tilgang til -bokmålsoversettelsen får bidra. Vi har satt opp en test av tjenesten -(som ikke sender epost til det offentlige, kun til oss som holder på å -sette opp tjenesten) på maskinen -alaveteli-dev.nuug.no, der -en kan se hvordan de oversatte meldingen blir seende ut på nettsiden. -Når tjenesten lanseres vil den hete -Mimes brønn, etter -visdomskilden som Odin måtte gi øyet sitt for å få drikke i. Den -nettsiden er er ennå ikke klar til bruk.

- -

Hvis noen vil oversette til nynorsk også, så skal vi finne ut -hvordan vi lager en flerspråklig tjeneste. Men i første omgang er -fokus på bokmålsoversettelsen, der vi selv har nok peiling til å ha -fått oversatt 76%, men trenger hjelp for å komme helt i mål. :)

+
Free software car computer solution?
+
29th May 2014
+

Dear lazyweb. I'm planning to set up a small Raspberry Pi computer +in my car, connected to +a +small screen next to the rear mirror. I plan to hook it up with a +GPS and a USB wifi card too. The idea is to get my own +"Carputer". But I +wonder if someone already created a good free software solution for +such car computer.

+ +

This is my current wish list for such system:

+ +
    + +
  • Work on Raspberry Pi.
    • + +
  • Show current speed limit based on location, and warn if going too + fast (for example using color codes yellow and red on the screen, + or make a sound). This could be done either using either data from + Openstreetmap or OCR + info gathered from a dashboard camera.
    • + +
  • Track automatic toll road passes and their cost, show total spent + and make it possible to calculate toll costs for planned + route.
    • + +
  • Collect GPX tracks for use with OpenStreetMap.
    • + +
  • Automatically detect and use any wireless connection to connect + to home server. Try IP over DNS + (iodine) or ICMP + (Hans) if direct + connection do not work.
    • + +
  • Set up mesh network to talk to other cars with the same system, + or some standard car mesh protocol.
    • + +
  • Warn when approaching speed cameras and speed camera ranges + (speed calculated between two cameras).
    • + +
  • Suport dashboard/front facing camera to discover speed limits and + run OCR to track registration number of passing cars.
    • + +
+ +

If you know of any free software car computer system supporting +some or all of these features, please let me know.

- Tags: norsk, nuug, offentlig innsyn. + Tags: english.
@@ -806,70 +733,54 @@ fått oversatt 76%, men trenger hjelp for å komme helt i mål. :)

-
Freedombox on Dreamplug, Raspberry Pi and virtual x86 machine
-
14th March 2014
-

The Freedombox -project is working on providing the software and hardware for -making it easy for non-technical people to host their data and -communication at home, and being able to communicate with their -friends and family encrypted and away from prying eyes. It has been -going on for a while, and is slowly progressing towards a new test -release (0.2).

- -

And what day could be better than the Pi day to announce that the -new version will provide "hard drive" / SD card / USB stick images for -Dreamplug, Raspberry Pi and VirtualBox (or any other virtualization -system), and can also be installed using a Debian installer preseed -file. The Debian based Freedombox is now based on Debian Jessie, -where most of the needed packages used are already present. Only one, -the freedombox-setup package, is missing. To try to build your own -boot image to test the current status, fetch the freedom-maker scripts -and build using -vmdebootstrap -with a user with sudo access to become root: - -

-git clone http://anonscm.debian.org/git/freedombox/freedom-maker.git \
-  freedom-maker
-sudo apt-get install git vmdebootstrap mercurial python-docutils \
-  mktorrent extlinux virtualbox qemu-user-static binfmt-support \
-  u-boot-tools
-make -C freedom-maker dreamplug-image raspberry-image virtualbox-image
-
- -

Root access is needed to run debootstrap and mount loopback -devices. See the README for more details on the build. If you do not -want all three images, trim the make line. But note that thanks to a race condition in -vmdebootstrap, the build might fail without the patch to the -kpartx call.

- -

If you instead want to install using a Debian CD and the preseed -method, boot a Debian Wheezy ISO and use this boot argument to load -the preseed values:

- -
-url=http://www.reinholdtsen.name/freedombox/preseed-jessie.dat
-
- -

But note that due to a -recently introduced bug in apt in Jessie, the installer will -currently hang while setting up APT sources. Killing the -'apt-cdrom ident' process when it hang a few times during the -installation will get the installation going. This affect all -installations in Jessie, and I expect it will be fixed soon.

- -

Give it a go and let us know how it goes on the mailing list, and help -us get the new release published. :) Please join us on -IRC (#freedombox on -irc.debian.org) and -the -mailing list if you want to help make this vision come true.

+
Half the Coverity issues in Gnash fixed in the next release
+
29th April 2014
+

I've been following the Gnash +project for quite a while now. It is a free software +implementation of Adobe Flash, both a standalone player and a browser +plugin. Gnash implement support for the AVM1 format (and not the +newer AVM2 format - see +Lightspark for that one), +allowing several flash based sites to work. Thanks to the friendly +developers at Youtube, it also work with Youtube videos, because the +Javascript code at Youtube detect Gnash and serve a AVM1 player to +those users. :) Would be great if someone found time to implement AVM2 +support, but it has not happened yet. If you install both Lightspark +and Gnash, Lightspark will invoke Gnash if it find a AVM1 flash file, +so you can get both handled as free software. Unfortunately, +Lightspark so far only implement a small subset of AVM2, and many +sites do not work yet.

+ +

A few months ago, I started looking at +Coverity, the static source +checker used to find heaps and heaps of bugs in free software (thanks +to the donation of a scanning service to free software projects by the +company developing this non-free code checker), and Gnash was one of +the projects I decided to check out. Coverity is able to find lock +errors, memory errors, dead code and more. A few days ago they even +extended it to also be able to find the heartbleed bug in OpenSSL. +There are heaps of checks being done on the instrumented code, and the +amount of bogus warnings is quite low compared to the other static +code checkers I have tested over the years.

+ +

Since a few weeks ago, I've been working with the other Gnash +developers squashing bugs discovered by Coverity. I was quite happy +today when I checked the current status and saw that of the 777 issues +detected so far, 374 are marked as fixed. This make me confident that +the next Gnash release will be more stable and more dependable than +the previous one. Most of the reported issues were and are in the +test suite, but it also found a few in the rest of the code.

+ +

If you want to help out, you find us on +the +gnash-dev mailing list and on +the #gnash channel on +irc.freenode.net IRC server.

- Tags: debian, english, freedombox, sikkerhet, surveillance, web. + Tags: english, multimedia, video, web.
@@ -877,94 +788,94 @@ mailing list if you want to help make this vision come true.

-
How to add extra storage servers in Debian Edu / Skolelinux
-
12th March 2014
-

On larger sites, it is useful to use a dedicated storage server for -storing user home directories and data. The design for handling this -in Debian Edu / Skolelinux, is -to update the automount rules in LDAP and let the automount daemon on -the clients take care of the rest. I was reminded about the need to -document this better when one of the customers of -Skolelinux Drift AS, where I am -on the board of directors, asked about how to do this. The steps to -get this working are the following:

- -

    - -
  1. Add new storage server in DNS. I use nas-server.intern as the -example host here.
    2. - -
  2. Add automoun LDAP information about this server in LDAP, to allow -all clients to automatically mount it on reqeust.
    3. - -
  3. Add the relevant entries in tjener.intern:/etc/fstab, because -tjener.intern do not use automount to avoid mounting loops.
    4. - -

- -

DNS entries are added in GOsa², and not described here. Follow the -instructions -in the manual (Machine Management with GOsa² in section Getting -started).

- -

Ensure that the NFS export points on the server are exported to the -relevant subnets or machines:

- -

-root@tjener:~# showmount -e nas-server
-Export list for nas-server:
-/storage         10.0.0.0/8
-root@tjener:~#
-

- -

Here everything on the backbone network is granted access to the -/storage export. With NFSv3 it is slightly better to limit it to -netgroup membership or single IP addresses to have some limits on the -NFS access.

- -

The next step is to update LDAP. This can not be done using GOsa², -because it lack a module for automount. Instead, use ldapvi and add -the required LDAP objects using an editor.

+
Install hardware dependent packages using tasksel (Isenkram 0.7)
+
23rd April 2014
+

It would be nice if it was easier in Debian to get all the hardware +related packages relevant for the computer installed automatically. +So I implemented one, using +my Isenkram +package. To use it, install the tasksel and isenkram packages and +run tasksel as user root. You should be presented with a new option, +"Hardware specific packages (autodetected by isenkram)". When you +select it, tasksel will install the packages isenkram claim is fit for +the current hardware, hot pluggable or not.

+ +

The implementation is in two files, one is the tasksel menu entry +description, and the other is the script used to extract the list of +packages to install. The first part is in +/usr/share/tasksel/descs/isenkram.desc and look like +this:

-ldapvi --ldap-conf -ZD '(cn=admin)' -b ou=automount,dc=skole,dc=skolelinux,dc=no
+Task: isenkram
+Section: hardware
+Description: Hardware specific packages (autodetected by isenkram)
+ Based on the detected hardware various hardware specific packages are
+ proposed.
+Test-new-install: mark show
+Relevance: 8
+Packages: for-current-hardware

-

When the editor show up, add the following LDAP objects at the -bottom of the document. The "/&" part in the last LDAP object is a -wild card matching everything the nas-server exports, removing the -need to list individual mount points in LDAP.

+

The second part is in +/usr/lib/tasksel/packages/for-current-hardware and look like +this:

-add cn=nas-server,ou=auto.skole,ou=automount,dc=skole,dc=skolelinux,dc=no
-objectClass: automount
-cn: nas-server
-automountInformation: -fstype=autofs --timeout=60 ldap:ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
-
-add ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
-objectClass: top
-objectClass: automountMap
-ou: auto.nas-server
-
-add cn=/,ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
-objectClass: automount
-cn: /
-automountInformation: -fstype=nfs,tcp,rsize=32768,wsize=32768,rw,intr,hard,nodev,nosuid,noatime nas-server.intern:/&
+#!/bin/sh
+#
+(
+    isenkram-lookup
+    isenkram-autoinstall-firmware -l
+) | sort -u

-

The last step to remember is to mount the relevant mount points in -tjener.intern by adding them to /etc/fstab, creating the mount -directories using mkdir and running "mount -a" to mount them.

- -

When this is done, your users should be able to access the files on -the storage server directly by just visiting the -/tjener/nas-server/storage/ directory using any application on any -workstation, LTSP client or LTSP server.

+

All in all, a very short and simple implementation making it +trivial to install the hardware dependent package we all may want to +have installed on our machines. I've not been able to find a way to +get tasksel to tell you exactly which packages it plan to install +before doing the installation. So if you are curious or careful, +check the output from the isenkram-* command line tools first.

+ +

The information about which packages are handling which hardware is +fetched either from the isenkram package itself in +/usr/share/isenkram/, from git.debian.org or from the APT package +database (using the Modaliases header). The APT package database +parsing have caused a nasty resource leak in the isenkram daemon (bugs +#719837 and +#730704). The cause is in +the python-apt code (bug +#745487), but using a +workaround I was able to get rid of the file descriptor leak and +reduce the memory leak from ~30 MiB per hardware detection down to +around 2 MiB per hardware detection. It should make the desktop +daemon a lot more useful. The fix is in version 0.7 uploaded to +unstable today.

+ +

I believe the current way of mapping hardware to packages in +Isenkram is is a good draft, but in the future I expect isenkram to +use the AppStream data source for this. A proposal for getting proper +AppStream support into Debian is floating around as +DEP-11, and +GSoC +project will take place this summer to improve the situation. I +look forward to seeing the result, and welcome patches for isenkram to +start using the information when it is ready.

+ +

If you want your package to map to some specific hardware, either +add a "Xb-Modaliases" header to your control file like I did in +the pymissile +package or submit a bug report with the details to the isenkram +package. See also +all my +blog posts tagged isenkram for details on the notation. I expect +the information will be migrated to AppStream eventually, but for the +moment I got no better place to store it.

- Tags: debian edu, english, ldap. + Tags: debian, english, isenkram.
@@ -988,7 +899,17 @@ workstation, LTSP client or LTSP server.

  • March (8)
    • -
  • April (3)
    • +
  • April (7)
    • + +
  • May (1)
    • + +
  • June (2)
    • + +
  • July (2)
    • + +
  • August (2)
    • + +
  • September (1)
    • @@ -1169,45 +1090,47 @@ workstation, LTSP client or LTSP server.

  • chrpath (2)
    • -
  • debian (96)
    • +
  • debian (100)
    • -
  • debian edu (146)
    • +
  • debian edu (148)
  • digistan (10)
    • -
  • docbook (10)
    • +
  • dld (15)
    • + +
  • docbook (12)
  • drivstoffpriser (4)
    • -
  • english (243)
    • +
  • english (252)
  • fiksgatami (21)
  • fildeling (12)
    • -
  • freeculture (12)
    • +
  • freeculture (13)
    • -
  • freedombox (7)
    • +
  • freedombox (8)
  • frikanalen (11)
    • -
  • intervju (40)
    • +
  • intervju (41)
    • -
  • isenkram (7)
    • +
  • isenkram (9)
  • kart (18)
  • ldap (9)
    • -
  • lenker (7)
    • +
  • lenker (8)
  • ltsp (1)
  • mesh network (8)
    • -
  • multimedia (26)
    • +
  • multimedia (29)
    • -
  • norsk (244)
    • +
  • norsk (247)
  • nuug (162)
    • @@ -1215,9 +1138,9 @@ workstation, LTSP client or LTSP server.

  • open311 (2)
    • -
  • opphavsrett (46)
    • +
  • opphavsrett (48)
    • -
  • personvern (72)
    • +
  • personvern (74)
  • raid (1)
    • @@ -1235,29 +1158,29 @@ workstation, LTSP client or LTSP server.

  • scraperwiki (2)
    • -
  • sikkerhet (39)
    • +
  • sikkerhet (41)
  • sitesummary (4)
  • skepsis (4)
    • -
  • standard (44)
    • +
  • standard (45)
  • stavekontroll (3)
  • stortinget (9)
    • -
  • surveillance (24)
    • +
  • surveillance (25)
  • sysadmin (1)
  • valg (8)
    • -
  • video (40)
    • +
  • video (43)
  • vitenskap (4)
    • -
  • web (29)
    • +
  • web (33)