X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/50372b09c24d419eff4f0f0df34de44755bc24d1..457ee7608ac4fe1e500396d0c73f31b60d8660c0:/blog/index.html diff --git a/blog/index.html b/blog/index.html index eaa1323613..5977d32f15 100644 --- a/blog/index.html +++ b/blog/index.html @@ -19,6 +19,291 @@ +
+
Using appstream in Debian to locate packages with firmware and mime type support
+
4th February 2016
+

The appstream system +is taking shape in Debian, and one provided feature is a very +convenient way to tell you which package to install to make a given +firmware file available when the kernel is looking for it. This can +be done using apt-file too, but that is for someone else to blog +about. :)

+ +

Here is a small recipe to find the package with a given firmware +file, in this example I am looking for ctfw-3.2.3.0.bin, randomly +picked from the set of firmware announced using appstream in Debian +unstable. In general you would be looking for the firmware requested +by the kernel during kernel module loading. To find the package +providing the example file, do like this:

+ +
+% apt install appstream
+[...]
+% apt update
+[...]
+% appstreamcli what-provides firmware:runtime ctfw-3.2.3.0.bin | \
+  awk '/Package:/ {print $2}'
+firmware-qlogic
+%
+
+ +

See the +appstream wiki page to learn how to embed the package metadata in +a way appstream can use.

+ +

This same approach can be used to find any package supporting a +given MIME type. This is very useful when you get a file you do not +know how to handle. First find the mime type using file +--mime-type, and next look up the package providing support for +it. Lets say you got an SVG file. Its MIME type is image/svg+xml, +and you can find all packages handling this type like this:

+ +
+% apt install appstream
+[...]
+% apt update
+[...]
+% appstreamcli what-provides mimetype image/svg+xml | \
+  awk '/Package:/ {print $2}'
+bkchem
+phototonic
+inkscape
+shutter
+tetzle
+geeqie
+xia
+pinta
+gthumb
+karbon
+comix
+mirage
+viewnior
+postr
+ristretto
+kolourpaint4
+eog
+eom
+gimagereader
+midori
+%
+
+ +

I believe the MIME types are fetched from the desktop file for +packages providing appstream metadata.

+
+
+ + + Tags: debian, english. + + +
+
+
+ +
+
Creepy, visualise geotagged social media information - nice free software
+
24th January 2016
+

Most people seem not to realise that every time they walk around +with the computerised radio beacon known as a mobile phone their +position is tracked by the phone company and often stored for a long +time (like every time a SMS is received or sent). And if their +computerised radio beacon is capable of running programs (often called +mobile apps) downloaded from the Internet, these programs are often +also capable of tracking their location (if the app requested access +during installation). And when these programs send out information to +central collection points, the location is often included, unless +extra care is taken to not send the location. The provided +information is used by several entities, for good and bad (what is +good and bad, depend on your point of view). What is certain, is that +the private sphere and the right to free movement is challenged and +perhaps even eradicated for those announcing their location this way, +when they share their whereabouts with private and public +entities.

+ +

+ +

The phone company logs provide a register of locations to check out +when one want to figure out what the tracked person was doing. It is +unavailable for most of us, but provided to selected government +officials, company staff, those illegally buying information from +unfaithful servants and crackers stealing the information. But the +public information can be collected and analysed, and a free software +tool to do so is called +Creepy or Cree.py. I +discovered it when I read +an +article about Creepy in the Norwegian newspaper Aftenposten i +November 2014, and decided to check if it was available in Debian. +The python program was in Debian, but +the version in +Debian was completely broken and practically unmaintained. I +uploaded a new version which did not work quite right, but did not +have time to fix it then. This Christmas I decided to finally try to +get Creepy operational in Debian. Now a fixed version is available in +Debian unstable and testing, and almost all Debian specific patches +are now included +upstream.

+ +

The Creepy program visualises geolocation information fetched from +Twitter, Instagram, Flickr and Google+, and allow one to get a +complete picture of every social media message posted recently in a +given area, or track the movement of a given individual across all +these services. Earlier it was possible to use the search API of at +least some of these services without identifying oneself, but these +days it is impossible. This mean that to use Creepy, you need to +configure it to log in as yourself on these services, and provide +information to them about your search interests. This should be taken +into account when using Creepy, as it will also share information +about yourself with the services.

+ +

The picture above show the twitter messages sent from (or at least +geotagged with a position from) the city centre of Oslo, the capital +of Norway. One useful way to use Creepy is to first look at +information tagged with an area of interest, and next look at all the +information provided by one or more individuals who was in the area. +I tested it by checking out which celebrity provide their location in +twitter messages by checkout out who sent twitter messages near a +Norwegian TV station, and next could track their position over time, +making it possible to locate their home and work place, among other +things. A similar technique have been +used +to locate Russian soldiers in Ukraine, and it is both a powerful +tool to discover lying governments, and a useful tool to help people +understand the value of the private information they provide to the +public.

+ +

The package is not trivial to backport to Debian Stable/Jessie, as +it depend on several python modules currently missing in Jessie (at +least python-instagram, python-flickrapi and +python-requests-toolbelt).

+ +

(I have uploaded +the image to +screenshots.debian.net and licensed it under the same terms as the +Creepy program in Debian.)

+
+
+ + + Tags: debian, english, nice free software. + + +
+
+
+ +
+
Always download Debian packages using Tor - the simple recipe
+
15th January 2016
+

During his DebConf15 keynote, Jacob Appelbaum +observed +that those listening on the Internet lines would have good reason to +believe a computer have a given security hole if it download a +security fix from a Debian mirror. This is a good reason to always +use encrypted connections to the Debian mirror, to make sure those +listening do not know which IP address to attack. In August, Richard +Hartmann observed that encryption was not enough, when it was possible +to interfere download size to security patches or the fact that +download took place shortly after a security fix was released, and +proposed +to always use Tor to download packages from the Debian mirror. He +was not the first to propose this, as the +apt-transport-tor +package by Tim Retout already existed to make it easy to convince apt +to use Tor, but I was not +aware of that package when I read the blog post from Richard.

+ +

Richard discussed the idea with Peter Palfrader, one of the Debian +sysadmins, and he set up a Tor hidden service on one of the central +Debian mirrors using the address vwakviie2ienjx6t.onion, thus making +it possible to download packages directly between two tor nodes, +making sure the network traffic always were encrypted.

+ +

Here is a short recipe for enabling this on your machine, by +installing apt-transport-tor and replacing http and https +urls with tor+http and tor+https, and using the hidden service instead +of the official Debian mirror site. I recommend installing +etckeeper before you start to have a history of the changes +done in /etc/.

+ +
+apt install apt-transport-tor
+sed -i 's% http://ftp.debian.org/%tor+http://vwakviie2ienjx6t.onion/%' /etc/apt/sources.list
+sed -i 's% http% tor+http%' /etc/apt/sources.list
+
+ +

If you have more sources listed in /etc/apt/sources.list.d/, run +the sed commands for these too. The sed command is assuming your are +using the ftp.debian.org Debian mirror. Adjust the command (or just +edit the file manually) to match your mirror.

+ +

This work in Debian Jessie and later. Note that tools like +apt-file only recently started using the apt transport +system, and do not work with these tor+http URLs. For +apt-file you need the version currently in experimental, +which need a recent apt version currently only in unstable. So if you +need a working apt-file, this is not for you.

+ +

Another advantage from this change is that your machine will start +using Tor regularly and at fairly random intervals (every time you +update the package lists or upgrade or install a new package), thus +masking other Tor traffic done from the same machine. Using Tor will +become normal for the machine in question.

+ +

On Freedombox, APT +is set up by default to use apt-transport-tor when Tor is +enabled. It would be great if it was the default on any Debian +system.

+
+
+ + + Tags: debian, english, sikkerhet. + + +
+
+
+ +
+
Nedlasting fra NRK, som Matroska med undertekster
+
2nd January 2016
+

Det kommer stadig nye løsninger for å ta lagre unna innslag fra NRK +for å se på det senere. For en stund tilbake kom jeg over et script +nrkopptak laget av Ingvar Hagelund. Han fjernet riktignok sitt script +etter forespørsel fra Erik Bolstad i NRK, men noen tok heldigvis og +gjorde det tilgjengelig +via github.

+ +

Scriptet kan lagre som MPEG4 eller Matroska, og bake inn +undertekster i fila på et vis som blant annet VLC forstår. For å +bruke scriptet, kopier ned git-arkivet og kjør

+ +

+nrkopptak/bin/nrk-opptak k https://tv.nrk.no/serie/bmi-turne/MUHH45000115/sesong-1/episode-1
+

+ +

URL-eksemplet er dagens toppsak på tv.nrk.no. Argument 'k' ber +scriptet laste ned og lagre som Matroska. Det finnes en rekke andre +muligheter for valg av kvalitet og format.

+ +

Jeg foretrekker dette scriptet fremfor youtube-dl, som + +nevnt i 2014 støtter NRK og en rekke andre videokilder, på grunn +av at nrkopptak samler undertekster og video i en enkelt fil, hvilket +gjør håndtering enklere på disk.

+
+
+ + + Tags: multimedia, norsk, video, web. + + +
+
+
+
OpenALPR, find car license plates in video streams - nice free software
23rd December 2015
@@ -42,7 +327,7 @@ even the score when it comes to surveillance and sousveillance. I discovered the developer wanted to get the tool into Debian, and as I too wanted it to be in Debian, I volunteered to -help him get into into shape to get it uploaded into the Debian +help him get it into shape to get the package uploaded into the Debian archive.

Today we finally managed to get the package into shape and uploaded @@ -71,7 +356,7 @@ package show up in unstable.

- Tags: debian, english. + Tags: debian, english, nice free software.
@@ -859,333 +1144,6 @@ dager, når Sivilombudsmannen har bedt om mer informasjon.

-
-
Snurpenot-overvåkning av sensitiv personinformasjon
-
9th November 2015
-

Tenk om et norsk sykehus delte informasjon om hva som blir lest og -hvem som leser på sykehusets nettsted, med noen som samarbeider med et -fremmed lands etterretningsvesen, og at flere andre fremmede lands -etterretningstjenester kan snappe opp informasjonen.

- -

Tenk om flere sykehus, kommuner, helsestasjoner, universitet, -høyskoler, grunnskoler, Stortinget, det meste av offentlig -forvaltning, medier, adopsjonstjenester og krisesenter gjør det -samme?

- -

Tenk om de som lytter kan holde oversikt over norske borgeres -interesser, sykdommer, rusmisbruk, adopsjon, abort, barnehager, -politiske interesser og sympatier samt hvilke argumenter som har best -effekt på beslutningstagere og måter de kan påvirkes. Ville det gitt -grunn til bekymring?

- -

Høres det ut som noe tatt ut fra fantasien til George Orwell, -forfatteren av dystopien 1984? Det er virkeligheten i Norge i dag, -takket være bruken av statistikktjenester som Google Analytics.

- -

Du kan beskytte deg

- -

Men borgerne har et forsvar mot dette angrepet på privatsfæren. -Dagens nettlesere har utvidelser som støtter å blokkere slik -utlevering av informasjon. Personlig bruker jeg Privacy Badger, -Ghostery, NoScript og AdBlock, og anbefaler alle å gjøre noe -tilsvarende. Merk at noen av verktøyene lekker informasjon, i tillegg -til å gjøre en nyttig jobb, så det er lurt å bruke flere sammen. I -tillegg bør hver og en av oss sende inn protest til organisasjonene -bak nettsteder som bidrar til dette inngrepet i privatsfæren.

- -

Hvem bidrar til overvåkningen?

- -

Takket være Ghostery la jeg merke til at flere og flere norske -nettsteder begynte å la Google Analytics overvåke brukerne. Jeg ble -nysgjerrig på hvor mange det gjaldt, og gikk igjennom ca. 2700 norske -nettsteder, hovedsakelig offentlig forvaltning. Jeg laget et system -for å koble seg opp automatisk og sjekke hvor nettstedene spredte -informasjon om besøket. Jeg ble overrasket både over omfanget og hva -slags nettsteder som rapporterer besøksinformasjon ut av landet. -Omtrent 70 prosent av de 2700 sender informasjon til Google Analytics. -Noen tilfeldige eksempler er Akershus Universitetssykehus, Sykehuset -Østfold, Lommelegen, Oslo krisesenter, Stortinget, den norske -regjering, de fleste politiske partier på Stortinget, NAV, Altinn, -NRK, TV2, Helse Førde, Helse Stavanger, Oslo kommune, -Nasjonalbiblioteket, Pasientombudet, Kongehuset, Politiet, -Teknologirådet, Tollvesenet, Norsk romsenter, Forsvarsbygg og -Sivilforsvaret. Og det er mange flere.

- -

Hvordan kan det offentlige Norge omfavne en slik praksis? Det er -gode hensikter bak. Google har laget en god tjeneste for -nettstedseiere, der de uten å betale med noe annet enn en bit av de -besøkenes privatsfære får tilgang til nyttig og presis statistikk over -nettstedets bruk ved å besøke netttjenesten hos Google. De færreste -merker ulempene angrepet på privatsfæren som nettstedene og Google -utgjør.

- -

Hvordan foregår det?

- -

I nettsider kan nettsteder legge inn lenker til programkode som -skal kjøres av brukerens nettleser. De som tar i bruk Google -Analytics legger typisk inn lenke til et javascript-program hos Google -som ber nettleseren ta kontakt med Google og dele IP-adresse, side -besøkt, aktuelle cookies og endel informasjon om nettleseren med -Google Analytics. Programmet trenger ikke være det samme for alle som -henter det fra Google. Det finnes et Google Analytics-tilvalg kalt -«anonymisering» som nettstedeier kan ta i bruk. Dette instruerer det -omtalte programmet om å be Google slette deler av den oversendte -IP-adressen. Full IP-adresse sendes likevel over og er tilgjengelig -for alle som snapper opp informasjonen underveis.

- -

Takket være varsleren Edward Snowden, som bidro til uvurderlig -dokumentasjon på snurpenot-overvåkningen som nordmenn blir utsatt for, -vet vi at Google samarbeider med USAs etteretning som avlytter trafikk -sendt til Google Analytics.

- -

Men allerede før Snowden var det bekreftet at både britiske GCHQ og -USAs NSA avlytter og lagrer blant annet Internett-trafikk som er innom -et av landene, i tillegg til at FRA i Sverige avlytter og lagrer -trafikk som passerte grensa til Sverige.

- -

Og som -Datatilsynet -sa til Dagens Næringsliv i 2013 kunne de vanskelig nekte bruk av -skytjenester som Google Analytics når Norge var bundet av EUs «Safe -Harbour»-avtale med USA. De måtte derfor se bort fra -f.eks. FISAAA-loven (som lar NSA avlytte Internett-trafikk) i sine -vurderinger. Når nå EUs «Safe Harbour»-avtale er underkjent, og det -foreslås å bruke individuell avtalerett mellom selskaper som juridisk -grunnlag for å sende personopplysninger til USA, er det greit å huske -på at FISAA-loven og andre som brukes av USA som grunnlag for -masseovervåkning overstyrer slike avtaler.

- -

For øvrig burde varsleren Edward Snowden få politisk asyl i -Norge.

-
-
- - - Tags: norsk, personvern, surveillance. - - -
-
-
- -
-
TISA - nok en problematisk og hemmelig handelsavtale
-
5th November 2015
-

Norge er aktiv i Trade in Services Agreement-forhandlingene, og -regjeringen forteller at -«TISA -vil sikre norske tjenesteeksportører forutsigbar og -ikke-diskriminerende adgang til utenlandske tjenestemarkeder». -Det er mulig at det stemmer. Men den gjør mye mer enn det. Avtalen -forhandles i hemmelighet, og kun takket være -Wikileaks er -utkast og biter kjent i offentligheten. Det som er blitt kjent er -for eksempel at TISA kan -blokkere -myndigheter fra å kreve bruk av fri programvare i mange -situasjoner, hvilket vil fjerne muligheten vår til å ha kontroll -over egne datasystemer i slike tilfeller. Den kan også -blokkere -Norges mulighet til å holde kontroll med overføring av -personinformasjon ut av landet, hvilket Snowden-bekreftelsene har -dokumentert er svært problematisk. - -

Jeg ble derfor veldig glad da jeg i dag ble tipset i dag om at det -allerede finnes en aktiv organisasjon, -Folkeaksjonen mot -TISA, som jobber for å hindre at Norge signerer på TISA-avtalen. -Her må alle gode krefter jobbe sammen. Jeg skal sende dem litt -penger, og se om jeg har kapasitet til å bidra med mer.

-
-
- - - Tags: norsk, opphavsrett, personvern. - - -
-
-
- -
-
Is Pentagon deciding the Norwegian negotiating position on Internet governance?
-
3rd November 2015
-

In Norway, all government offices are required by law to keep a -list of every document or letter arriving and leaving their offices. -Internal notes should also be documented. The document list (called a mail -journal - "postjournal" in Norwegian) is public information and thanks -to the Norwegian Freedom of Information Act (Offentleglova) the mail -journal is available for everyone. Most offices even publish the mail -journal on their web pages, as PDFs or tables in web pages. The state-level offices even have a shared web based search service (called -Offentlig Elektronisk Postjournal - -OEP) to make it possible to search the entries in the list. Not -all journal entries show up on OEP, and the search service is hard to -use, but OEP does make it easier to find at least some interesting -journal entries .

- -

In 2012 I came across a document in the mail journal for the -Norwegian Ministry of Transport and Communications on OEP that -piqued my interest. The title of the document was -"Internet -Governance and how it affects national security" (Norwegian: -"Internet Governance og påvirkning på nasjonal sikkerhet"). The -document date was 2012-05-22, and it was said to be sent from the -"Permanent Mission of Norway to the United Nations". I asked for a -copy, but my request was rejected with a reference to a legal clause said to authorize them to reject it -(offentleglova § 20, -letter c) and an explanation that the document was exempt because -of foreign policy interests as it contained information related to the -Norwegian negotiating position, negotiating strategies or similar. I -was told the information in the document related to the ongoing -negotiation in the International Telecommunications Union (ITU). The -explanation made sense to me in early January 2013, as a ITU -conference in Dubay discussing Internet Governance -(World -Conference on International Telecommunications - WCIT-12) had just -ended, -reportedly -in chaos when USA walked out of the negotiations and 25 countries -including Norway refused to sign the new treaty. It seemed -reasonable to believe talks were still going on a few weeks later. -Norway was represented at the ITU meeting by two authorities, the -Norwegian Communications Authority -and the Ministry of -Transport and Communications. This might be the reason the letter -was sent to the ministry. As I was unable to find the document in the -mail journal of any Norwegian UN mission, I asked the ministry who had -sent the document to the ministry, and was told that it was the Deputy -Permanent Representative with the Permanent Mission of Norway in -Geneva.

- -

Three years later, I was still curious about the content of that -document, and again asked for a copy, believing the negotiation was -over now. This time -I -asked both the Ministry of Transport and Communications as the -receiver and -asked -the Permanent Mission of Norway in Geneva as the sender for a -copy, to see if they both agreed that it should be withheld from the -public. The ministry upheld its rejection quoting the same law -reference as before, while the permanent mission rejected it quoting a -different clause -(offentleglova § 20 -letter b), claiming that they were required to keep the -content of the document from the public because it contained -information given to Norway with the expressed or implied expectation -that the information should not be made public. I asked the permanent -mission for an explanation, and was told that the document contained -an account from a meeting held in the Pentagon for a limited group of NATO -nations where the organiser of the meeting did not intend the content -of the meeting to be publicly known. They explained that giving me a -copy might cause Norway to not get access to similar information in -the future and thus hurt the future foreign interests of Norway. They -also explained that the Permanent Mission of Norway in Geneva was not -the author of the document, they only got a copy of it, and because of -this had not listed it in their mail journal.

- -

Armed with this -knowledge I asked the Ministry to reconsider and asked who was the -author of the document, now realising that it was not same as the -"sender" according to Ministry of Transport and Communications. The -ministry upheld its rejection but told me the name of the author of -the document. According to -a -government report the author was with the Permanent Mission of -Norway in New York a bit more than a year later (2014-09-22), so I -guessed that might be the office responsible for writing and sending -the report initially and -asked -them for a copy but I was obviously wrong as I was told that the -document was unknown to them and that the author did not work there -when the document was written. Next, I asked the Permanent Mission of -Norway in Geneva and the Foreign Ministry to reconsider and at least -tell me who sent the document to Deputy Permanent Representative with -the Permanent Mission of Norway in Geneva. The Foreign Ministry also -upheld its rejection, but told me that the person sending the document -to Permanent Mission of Norway in Geneva was the defence attaché with -the Norwegian Embassy in Washington. I do not know if this is the -same person as the author of the document.

- -

If I understand the situation correctly, someone capable of -inviting selected NATO nations to a meeting in Pentagon organised a -meeting where someone representing the Norwegian defence attaché in -Washington attended, and the account from this meeting is interpreted -by the Ministry of Transport and Communications to expose Norways -negotiating position, negotiating strategies and similar regarding the -ITU negotiations on Internet Governance. It is truly amazing what can -be derived from mere meta-data.

- -

I wonder which NATO countries besides Norway attended this meeting? -And what exactly was said and done at the meeting? Anyone know?

-
-
- - - Tags: english, offentlig innsyn, opphavsrett, personvern. - - -
-
-
- -
-
New book, "Fri kultur" by @lessig, a Norwegian Bokmål translation of "Free Culture" from 2004
-
31st October 2015
-

People keep asking me where to get the various forms of the book I -published last week, the Norwegian Bokmål edition of Lawrence Lessigs -book Free Culture. It was -published on paper via lulu.com, and is also available in PDF, ePub -and MOBI format. I currently sell the paper edition for self cost -from lulu.com, but might extend the distribution to book stores like -Amazon and Barnes & Noble later. This will double the price and force -me to make a profit from selling the book. Anyway, here are links to -get the book in different formats:

- - - -

Note that the MOBI version have problems with the table of content, -at least with the viewers I have been able to test. And the ePub file -have several problems according to -epubcheck, but seem -to display fine in the viewers I have tested. All the files needed to -create the book in various forms are available from -the -github project page.

- -

The project got press coverage from the Norwegian IT news site -digi.no. Check out the article -"Vil -åpne politikernes øyne for Creative Commons". - -

I've blogged -about the project as it moved along. The blogs document the translation -progress and insights I had along the way.

-
-
- - - Tags: english, freeculture. - - -
-
-
-

RSS feed