X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/33fc5a041005b7a54a30d87382f9b6155029ccfc..7a6a70a8cf586cd2021ceffa892ec8be9b897051:/blog/index.rss
diff --git a/blog/index.rss b/blog/index.rss
index b46036bac2..17ec41a7de 100644
--- a/blog/index.rss
+++ b/blog/index.rss
@@ -6,6 +6,190 @@
http://people.skolelinux.org/pere/blog/
+
+ DÃ¥rlig med sikkerhetsoppdateringer for Ruters billettautomater i Oslo?
+ http://people.skolelinux.org/pere/blog/D_rlig_med_sikkerhetsoppdateringer_for_Ruters_billettautomater_i_Oslo_.html
+ http://people.skolelinux.org/pere/blog/D_rlig_med_sikkerhetsoppdateringer_for_Ruters_billettautomater_i_Oslo_.html
+ Wed, 13 Feb 2019 10:45:00 +0100
+ <p><a href="http://people.skolelinux.org/pere/blog/Er_billettautomatene_til_kollektivtrafikken_i_Oslo_uten_sikkerhetsoppdateringer_.html">For
+syv år siden</a> oppdaget jeg at billettautomater for
+kollektivtrafikken i Oslo kjørte
+<a href="http://en.wikipedia.org/wiki/Windows_2000">Windows 2000
+Professional</a>. Operativsystemet har ikke fått sikkerhetsfikser fra
+Microsoft siden 2010-07-13 i følge dem selv. Den samme versjonen av
+operativsystemet var i bruk
+<a href="http://people.skolelinux.org/pere/blog/Fortsatt_ingen_sikkerhetsoppdateringer_for_billettautomatene_til_kollektivtrafikken_i_Oslo_.html">for
+to og et halvt år siden</a>, og jammen er det ikke også i bruk den dag
+i dag:</p>
+
+<p align="center"><a href="http://people.skolelinux.org/pere/blog/images/2019-02-13-ruter-win2000pro.jpeg"><img width="40%" src="http://people.skolelinux.org/pere/blog/images/2019-02-13-ruter-win2000pro.jpeg" alt="[Bilde av Ruters billettautomat med Windows 2000-feilmelding]"></a></p>
+
+<p>Bildet er tatt i dag av Kirill Miazine og tilgjengelig for bruk med
+bruksvilkårene til
+<a href="http://creativecommons.org/licenses/by/4.0/">Creative
+Commons Attribution 4.0 International (CC BY 4.0)</a>.</p>
+
+<p>Kanskje det hadde vært
+<a href="https://www.aftenposten.no/osloby/i/awqgO/Her-kjorer-du-gratis-trikk-og-buss">bedre
+med gratis kollektivtrafikk</A>, slik at vi slapp å stole på
+datakompetansen til Ruter for å verne våre privatliv samt holde
+personopplysninger og betalingsinformasjon unna uvedkommende. Eneste
+måten å sikre at hvor en befinner seg ikke kan hentes ut fra Ruters
+systemer er å betale enkeltbilletter med kontanter. Jeg vet at Ruter
+har en god historie om hvor personvernvennlige mobil-app og
+RFID-kortene er, men den historien er ikke mulig å uavhengig
+kontrollere uten priviligert tilgang til interne system og blir dermed
+bare nok en god historie basert på tillit til de som forteller
+historien. Det er ikke slik en sikrer privatsfæren. Det gjør en ved
+Ã¥ sikre at det ikke (kan) registreres informasjon om ens person.</p>
+
+<p>Som vanlig, hvis du bruker Bitcoin og ønsker å vise din støtte til
+det jeg driver med, setter jeg pris på om du sender Bitcoin-donasjoner
+til min adresse
+<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.
+Merk, betaling med bitcoin er ikke anonymt. :)</p>
+
+
+
+
+ Stortinget vedtar maskinlesbart register over 20% av selskapseierne i Norge
+ http://people.skolelinux.org/pere/blog/Stortinget_vedtar_maskinlesbart_register_over_20__av_selskapseierne_i_Norge.html
+ http://people.skolelinux.org/pere/blog/Stortinget_vedtar_maskinlesbart_register_over_20__av_selskapseierne_i_Norge.html
+ Thu, 7 Feb 2019 23:55:00 +0100
+ <p>Jeg registrerer med glede at Stortinget i dag har
+<a href="https://www.stortinget.no/no/Saker-og-publikasjoner/Saker/Sak/?p=72826">vedtatt
+at det skal vedlikeholdes et åpent og maskinlesbart register over
+reelle rettighetshavere i Norge</a>. Her kan en kanskje få et
+register som kan brukes til å analysere eierskap og kontroll i Norge
+maskinelt og knytte det til internasjonale databaser som
+<a href="https://opencorporates.com/">OpenCorporates</a>. Det liker
+jeg.</p>
+
+<p>Den vedtatte grense på 25 prosents eierandel fikk stor
+oppmerksomhet i debatten. Jeg ser fra enkel analyse av skatteetatens
+eierskapsregister at 80.4% av alle selskapseiere i registeret har
+mindre enn 25% eierandel, mot 73.8% som har mindre enn 5% eierandel.
+En grense på 25% vil altså utelukke 80.4% av selskapseierne fra det
+vedtatte registeret, og en grense på 5% vil skjule 73.8%. En må helt
+ned i registrering av eierandeler over circa 0.002% for å få mer enn
+halvparten av selskapseierne i Norge. Mon tro hvor langt ned en må i
+eierprosent for å få med alle eierskapene til politisk valgte
+representanter?</p>
+
+<p>Jeg biter meg også merke i at Sivert Bjørnstad fra FrP
+tilsynelatende tror at aksjonærregisteret er et eksisterende åpent
+register, på tross av at det så vidt jeg vet kun deles ved personlig
+oppmøte hos skatteetaten og ikke er tilgjengelig i maskinlesbart
+format for enhver, og dermed så langt ikke er importert inn i
+OpenCorporates. Det anser jeg ikke for et spesielt åpent register.
+Debatten ga ellers lite håp om at situasjonen bedrer seg, da
+finansministeren bare henviste til en fraværende næringsministeren og
+ikke ville uttale seg om et skikkelig aksjonærregister snart dukker
+opp.</p>
+
+<p>Som vanlig, hvis du bruker Bitcoin og ønsker å vise din støtte til
+det jeg driver med, setter jeg pris på om du sender Bitcoin-donasjoner
+til min adresse
+<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.
+Merk, betaling med bitcoin er ikke anonymt. :)</p>
+
+
+
+
+ Websocket from Kraken in Valutakrambod
+ http://people.skolelinux.org/pere/blog/Websocket_from_Kraken_in_Valutakrambod.html
+ http://people.skolelinux.org/pere/blog/Websocket_from_Kraken_in_Valutakrambod.html
+ Fri, 1 Feb 2019 22:25:00 +0100
+ <p>Yesterday, the Kraken virtual currency exchange announced
+<a href="https://blog.kraken.com/post/2019/websockets-public-api-launching-soon/">their
+Websocket service</a>, providing a stream of exchange updates to its
+clients. Getting updated rates quickly is a good idea, so I used
+their <a href="https://www.kraken.com/en-us/help/websocket-api">API
+documentation</a> and added Websocket support to the Kraken service in
+Valutakrambod today. The python library can now get updates
+from Kraken several times per second, instead of every time the
+information is polled from the REST API.</p>
+
+<p>If this sound interesting to you, the code for valutakrambod is
+available from
+<a href="http://github.com/petterreinholdtsen/valutakrambod">github</a>.
+Here is example output from the example client displaying rates in a
+curses view:</p>
+
+<p><blockquote><pre>
+ Name Pair Bid Ask Spr Ftcd Age
+ BitcoinsNorway BTCEUR 2959.2800 3021.0500 2.0% 36 nan nan
+ Bitfinex BTCEUR 3087.9000 3088.0000 0.0% 36 37 nan
+ Bitmynt BTCEUR 3001.8700 3135.4600 4.3% 36 52 nan
+ Bitpay BTCEUR 3003.8659 nan nan% 35 nan nan
+ Bitstamp BTCEUR 3008.0000 3010.2300 0.1% 0 1 1
+ Bl3p BTCEUR 3000.6700 3010.9300 0.3% 1 nan nan
+ Coinbase BTCEUR 2992.1800 3023.2500 1.0% 34 nan nan
+ Kraken+BTCEUR 3005.7000 3006.6000 0.0% 0 1 0
+ Paymium BTCEUR 2940.0100 2993.4400 1.8% 0 2688 nan
+ BitcoinsNorway BTCNOK 29000.0000 29360.7400 1.2% 36 nan nan
+ Bitmynt BTCNOK 29115.6400 29720.7500 2.0% 36 52 nan
+ Bitpay BTCNOK 29029.2512 nan nan% 36 nan nan
+ Coinbase BTCNOK 28927.6000 29218.5900 1.0% 35 nan nan
+ MiraiEx BTCNOK 29097.7000 29741.4200 2.2% 36 nan nan
+ BitcoinsNorway BTCUSD 3385.4200 3456.0900 2.0% 36 nan nan
+ Bitfinex BTCUSD 3538.5000 3538.6000 0.0% 36 45 nan
+ Bitpay BTCUSD 3443.4600 nan nan% 34 nan nan
+ Bitstamp BTCUSD 3443.0100 3445.0500 0.1% 0 2 1
+ Coinbase BTCUSD 3428.1600 3462.6300 1.0% 33 nan nan
+ Gemini BTCUSD 3445.8800 3445.8900 0.0% 36 326 nan
+ Hitbtc BTCUSD 3473.4700 3473.0700 -0.0% 0 0 0
+ Kraken+BTCUSD 3444.4000 3445.6000 0.0% 0 1 0
+ Exchangerates EURNOK 9.6685 9.6685 0.0% 36 22226 nan
+ Norgesbank EURNOK 9.6685 9.6685 0.0% 36 22226 nan
+ Bitstamp EURUSD 1.1440 1.1462 0.2% 0 1 2
+ Exchangerates EURUSD 1.1471 1.1471 0.0% 36 22226 nan
+ BitcoinsNorway LTCEUR 1.0009 22.6538 95.6% 35 nan nan
+ BitcoinsNorway LTCNOK 259.0900 264.9300 2.2% 35 nan nan
+ BitcoinsNorway LTCUSD 0.0000 29.0000 100.0% 35 nan nan
+ Norgesbank USDNOK 8.4286 8.4286 0.0% 36 22226 nan
+</pre></blockquote></p>
+
+<p>Yes, I notice the strange negative spread on Hitbtc. I've seen the
+same on Kraken. Another strange observation is that Kraken some times
+announce trade orders a fraction of a second in the future. I really
+wonder what is going on there.</p>
+
+<p>As usual, if you use Bitcoin and want to show your support of my
+activities, please send Bitcoin donations to my address
+<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p>
+
+
+
+
+ Strategispillet Unknown Horizons nå tilgjengelig på bokmål
+ http://people.skolelinux.org/pere/blog/Strategispillet_Unknown_Horizons_n__tilgjengelig_p__bokm_l.html
+ http://people.skolelinux.org/pere/blog/Strategispillet_Unknown_Horizons_n__tilgjengelig_p__bokm_l.html
+ Wed, 23 Jan 2019 07:50:00 +0100
+ <p>I høst ble jeg inspirert til å bidra til oversettelsen av
+<a href="http://unknown-horizons.org/">strategispillet Unknown
+Horizons</a>, og oversatte de nesten 200 strengene i prosjektet til
+bokmål. Deretter har jeg gått å ventet på at det kom en ny utgave som
+inneholdt disse oversettelsene. NÃ¥ er endelig ventetiden over. Den
+nye versjonen kom på nyåret, og ble
+<a href="https://tracker.debian.org/pkg/unknown-horizons">lastet opp i
+Debian</a> for noen få dager siden. I går kveld fikk jeg testet det ut, og
+må innrømme at oversettelsene fungerer fint. Fant noen få tekster som
+måtte justeres, men ikke noe alvorlig. Har oppdatert
+<a href="https://hosted.weblate.org/projects/uh/">oversettelsen på
+Weblate</a>, slik at neste utgave vil være enda bedre. :)</p>
+
+<p>Spillet er et ressursstyringsspill ala Civilization, og er morsomt
+Ã¥ spille for oss som liker slikt. :)</p>
+
+<p>Som vanlig, hvis du bruker Bitcoin og ønsker å vise din støtte til
+det jeg driver med, setter jeg pris på om du sender Bitcoin-donasjoner
+til min adresse
+<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.
+Merk, betaling med bitcoin er ikke anonymt. :)</p>
+
+
+
Debian now got everything you need to program Micro:bit
http://people.skolelinux.org/pere/blog/Debian_now_got_everything_you_need_to_program_Micro_bit.html
@@ -659,197 +843,5 @@ Merk, betaling med bitcoin er ikke anonymt. :)</p>
-
- Why is your site not using Content Security Policy / CSP?
- http://people.skolelinux.org/pere/blog/Why_is_your_site_not_using_Content_Security_Policy___CSP_.html
- http://people.skolelinux.org/pere/blog/Why_is_your_site_not_using_Content_Security_Policy___CSP_.html
- Sun, 9 Dec 2018 15:00:00 +0100
- <p>Yesterday, I had the pleasure of watching on Frikanalen the OWASP
-talk by Scott Helme titled
-"<a href="https://frikanalen.no/video/626080/">What Weâve Learned From
-Billions of Security Reports</a>". I had not heard of the
-<a href="https://en.wikipedia.org/wiki/Content_Security_Policy">Content
-Security Policy standard</a> nor its ability to "call home" when a
-browser detect a policy breach (I do not follow web page design
-development much these days), and found the talk very illuminating.</p>
-
-<p>The mechanism allow a web site owner to use HTTP headers to tell
-visitors web browser which sources (internal and external) are allowed to
-be used on the web site. Thus it become possible to enforce a "only
-local content" policy despite web designers urge to fetch programs
-from random sites on the Internet, like the one
-<a href="https://securityaffairs.co/wordpress/68966/hacking/browsealoud-plugin-hack.html">enabling
-the attack</a> reported by Scott Helme earlier this year.</p>
-
-<p>Using CSP seem like an obvious thing for a site admin to implement
-to take some control over the information leak that occur when
-external sources are used to render web pages, it is a mystery more
-sites are not using CSP? It is being
-<a href="https://www.w3.org/TR/CSP/">standardized under W3C</a> these
-days, and is supposed by most web browsers</p>
-
-<p>I managed to find <a href="https://github.com/mozilla/django-csp">a
-Django middleware for implementing CSP</a> and was happy to discover
-it was already in Debian. I plan to use it to add CSP support to the
-Frikanalen web site soon.</p>
-
-<p>As usual, if you use Bitcoin and want to show your support of my
-activities, please send Bitcoin donations to my address
-<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p>
-
-
-
-
- New and improved Frikanalen Kodi addon version 0.0.3
- http://people.skolelinux.org/pere/blog/New_and_improved_Frikanalen_Kodi_addon_version_0_0_3.html
- http://people.skolelinux.org/pere/blog/New_and_improved_Frikanalen_Kodi_addon_version_0_0_3.html
- Thu, 8 Nov 2018 10:30:00 +0100
- <p>If you read my blog regularly, you probably know I am involved in
-running and developing the <a href="https://frikanalen.no/">Norwegian
-TV channel Frikanalen</a>. It is an open channel, allowing everyone
-in Norway to publish videos on a TV channel with national coverage.
-You can think of it as Youtube for national television.
-In addition to distribution on RiksTV and Uninett, Frikanalen is also
-available as a Kodi addon. The last few days I have updated the code
-to add more features. A
-<a href="https://kodi.tv/addon/plugins-video-add-ons/frikanalen-nett-tv">new
-and improved version 0.0.3 Frikanalen addon</a> was just made
-available via the Kodi repositories. This new version include a
-option to browse videos by category, as well as free text search
-in the video archive. It will now also show the video duration in the
-video lists, which were missing earlier. A new and experimental
-link to the HD video stream currently being worked on is provided, for
-those that want to see what the <a href="https://casparcg.com/">CasparCG</a>
-output look like. The alternative is the SD video stream, generated
-using MLT. CasparCG is controlled by our
-<a href="https://github.com/Frikanalen/mltplayout/">mltplayout
-server</a> which instead of talking to mlt is giving PLAY instructions
-to the CasparCG server when it is time to start a new program.</p>
-
-<p>By now, you are probably wondering what kind of content is being
-played on the channel. These days, it is filled with technical
-presentations like those from <a href="https://www.nuug.no/">NUUG</a>,
-<a href="https://www.debconf.org/">Debconf</a>, Makercon, and TED,
-but there are also some periods with
-<a href="https://www.empo.no/">EMPT TV</a> and
-<a href="https://www.p7.no/">P7</a>.
-
-<p>As usual, if you use Bitcoin and want to show your support of my
-activities, please send Bitcoin donations to my address
-<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p>
-
-
-
-
- Time for an official MIME type for patches?
- http://people.skolelinux.org/pere/blog/Time_for_an_official_MIME_type_for_patches_.html
- http://people.skolelinux.org/pere/blog/Time_for_an_official_MIME_type_for_patches_.html
- Thu, 1 Nov 2018 08:15:00 +0100
- <p>As part of my involvement in
-<a href="https://gitlab.com/OsloMet-ABI/nikita-noark5-core">the Nikita
-archive API project</a>, I've been importing a fairly large lump of
-emails into a test instance of the archive to see how well this would
-go. I picked a subset of <a href="https://notmuchmail.org/">my
-notmuch email database</a>, all public emails sent to me via
-@lists.debian.org, giving me a set of around 216 000 emails to import.
-In the process, I had a look at the various attachments included in
-these emails, to figure out what to do with attachments, and noticed
-that one of the most common attachment formats do not have
-<a href="https://www.iana.org/assignments/media-types/media-types.xhtml">an
-official MIME type</a> registered with IANA/IETF. The output from
-diff, ie the input for patch, is on the top 10 list of formats
-included in these emails. At the moment people seem to use either
-text/x-patch or text/x-diff, but neither is officially registered. It
-would be better if one official MIME type were registered and used
-everywhere.</p>
-
-<p>To try to get one official MIME type for these files, I've brought
-up the topic on
-<a href="https://www.ietf.org/mailman/listinfo/media-types">the
-media-types mailing list</a>. If you are interested in discussion
-which MIME type to use as the official for patch files, or involved in
-making software using a MIME type for patches, perhaps you would like
-to join the discussion?</p>
-
-<p>As usual, if you use Bitcoin and want to show your support of my
-activities, please send Bitcoin donations to my address
-<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p>
-
-
-
-
- Measuring the speaker frequency response using the AUDMES free software GUI - nice free software
- http://people.skolelinux.org/pere/blog/Measuring_the_speaker_frequency_response_using_the_AUDMES_free_software_GUI___nice_free_software.html
- http://people.skolelinux.org/pere/blog/Measuring_the_speaker_frequency_response_using_the_AUDMES_free_software_GUI___nice_free_software.html
- Mon, 22 Oct 2018 08:40:00 +0200
- <p><img src="http://people.skolelinux.org/pere/blog/images/2018-10-22-audmes-measure-speakers.png" align="right" width="40%"/></p>
-
-<p>My current home stereo is a patchwork of various pieces I got on
-flee markeds over the years. It is amazing what kind of equipment
-show up there. I've been wondering for a while if it was possible to
-measure how well this equipment is working together, and decided to
-see how far I could get using free software. After trawling the web I
-came across an article from DIY Audio and Video on
-<a href="https://www.diyaudioandvideo.com/Tutorial/SpeakerResponseTesting/">Speaker
-Testing and Analysis</a> describing how to test speakers, and it listing
-several software options, among them
-<a href="https://sourceforge.net/projects/audmes/">AUDio MEasurement
-System (AUDMES)</a>. It is the only free software system I could find
-focusing on measuring speakers and audio frequency response. In the
-process I also found an interesting article from NOVO on
-<a href="http://novo.press/understanding-speaker-specifications-and-frequency-response/">Understanding
-Speaker Specifications and Frequency Response</a> and an article from
-ecoustics on
-<a href="https://www.ecoustics.com/articles/understanding-speaker-frequency-response/">Understanding
-Speaker Frequency Response</a>, with a lot of information on what to
-look for and how to interpret the graphs. Armed with this knowledge,
-I set out to measure the state of my speakers.</p>
-
-<p>The first hurdle was that AUDMES hadn't seen a commit for 10 years
-and did not build with current compilers and libraries. I got in
-touch with its author, who no longer was spending time on the program
-but gave me write access to the subversion repository on Sourceforge.
-The end result is that now the code build on Linux and is capable of
-saving and loading the collected frequency response data in CSV
-format. The application is quite nice and flexible, and I was able to
-select the input and output audio interfaces independently. This made
-it possible to use a USB mixer as the input source, while sending
-output via my laptop headphone connection. I lacked the hardware and
-cabling to figure out a different way to get independent cabling to
-speakers and microphone.</p>
-
-<p>Using this setup I could see how a large range of high frequencies
-apparently were not making it out of my speakers. The picture show
-the frequency response measurement of one of the speakers. Note the
-frequency lines seem to be slightly misaligned, compared to the CSV
-output from the program. I can not hear several of these are high
-frequencies, according to measurement from
-<a href="http://freehearingtestsoftware.com">Free Hearing Test
-Software</a>, an freeware system to measure your hearing (still
-looking for a free software alternative), so I do not know if they are
-coming out out the speakers. I thus do not quite know how to figure
-out if the missing frequencies is a problem with the microphone, the
-amplifier or the speakers, but I managed to rule out the audio card in my
-PC by measuring my Bose noise canceling headset using its own
-microphone. This setup was able to see the high frequency tones, so
-the problem with my stereo had to be in the amplifier or speakers.</p>
-
-<p>Anyway, to try to role out one factor I ended up picking up a new
-set of speakers at a flee marked, and these work a lot better than the
-old speakers, so I guess the microphone and amplifier is OK. If you
-need to measure your own speakers, check out AUDMES. If more people
-get involved, perhaps the project could become good enough to
-<a href="https://bugs.debian.org/910876">include in Debian</a>? And if
-you know of some other free software to measure speakers and amplifier
-performance, please let me know. I am aware of the freeware option
-<a href="https://www.roomeqwizard.com/">REW</a>, but I want something
-that can be developed also when the vendor looses interest.</p>
-
-<p>As usual, if you use Bitcoin and want to show your support of my
-activities, please send Bitcoin donations to my address
-<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p>
-
-
-