X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/57cc3c6cf55434c30c34152ecee46fb7e16cd7bb..eb8ff3442e46d34cea37644170167d445c5cb3b4:/blog/archive/2016/01/01.rss?ds=sidebyside
diff --git a/blog/archive/2016/01/01.rss b/blog/archive/2016/01/01.rss
index a824ee4140..fadbdc828d 100644
--- a/blog/archive/2016/01/01.rss
+++ b/blog/archive/2016/01/01.rss
@@ -6,12 +6,98 @@
http://people.skolelinux.org/pere/blog/
+
+ Creepy, visualise geotagged social media information - nice free software
+ http://people.skolelinux.org/pere/blog/Creepy__visualise_geotagged_social_media_information___nice_free_software.html
+ http://people.skolelinux.org/pere/blog/Creepy__visualise_geotagged_social_media_information___nice_free_software.html
+ Sun, 24 Jan 2016 10:50:00 +0100
+ <p>Most people seem not to realise that every time they walk around
+with the computerised radio beacon known as a mobile phone their
+position is tracked by the phone company and often stored for a long
+time (like every time a SMS is received or sent). And if their
+computerised radio beacon is capable of running programs (often called
+mobile apps) downloaded from the Internet, these programs are often
+also capable of tracking their location (if the app requested access
+during installation). And when these programs send out information to
+central collection points, the location is often included, unless
+extra care is taken to not send the location. The provided
+information is used by several entities, for good and bad (what is
+good and bad, depend on your point of view). What is certain, is that
+the private sphere and the right to free movement is challenged and
+perhaps even eradicated for those announcing their location this way,
+when they share their whereabouts with private and public
+entities.</p>
+
+<p align="center"><img width="70%" src="http://people.skolelinux.org/pere/blog/images/2016-01-24-nice-creepy-desktop-window.png"></p>
+
+<p>The phone company logs provide a register of locations to check out
+when one want to figure out what the tracked person was doing. It is
+unavailable for most of us, but provided to selected government
+officials, company staff, those illegally buying information from
+unfaithful servants and crackers stealing the information. But the
+public information can be collected and analysed, and a free software
+tool to do so is called
+<a href="http://www.geocreepy.com/">Creepy or Cree.py</a>. I
+discovered it when I read
+<a href="http://www.aftenposten.no/kultur/Slik-kan-du-bli-overvaket-pa-Twitter-og-Instagram-uten-a-ane-det-7787884.html">an
+article about Creepy</a> in the Norwegian newspaper Aftenposten i
+November 2014, and decided to check if it was available in Debian.
+The python program was in Debian, but
+<a href="https://tracker.debian.org/pkg/creepy">the version in
+Debian</a> was completely broken and practically unmaintained. I
+uploaded a new version which did not work quite right, but did not
+have time to fix it then. This Christmas I decided to finally try to
+get Creepy operational in Debian. Now a fixed version is available in
+Debian unstable and testing, and almost all Debian specific patches
+are now included
+<a href="https://github.com/jkakavas/creepy">upstream</a>.</p>
+
+<p>The Creepy program visualises geolocation information fetched from
+Twitter, Instagram, Flickr and Google+, and allow one to get a
+complete picture of every social media message posted recently in a
+given area, or track the movement of a given individual across all
+these services. Earlier it was possible to use the search API of at
+least some of these services without identifying oneself, but these
+days it is impossible. This mean that to use Creepy, you need to
+configure it to log in as yourself on these services, and provide
+information to them about your search interests. This should be taken
+into account when using Creepy, as it will also share information
+about yourself with the services.</p>
+
+<p>The picture above show the twitter messages sent from (or at least
+geotagged with a position from) the city centre of Oslo, the capital
+of Norway. One useful way to use Creepy is to first look at
+information tagged with an area of interest, and next look at all the
+information provided by one or more individuals who was in the area.
+I tested it by checking out which celebrity provide their location in
+twitter messages by checkout out who sent twitter messages near a
+Norwegian TV station, and next could track their position over time,
+making it possible to locate their home and work place, among other
+things. A similar technique have been
+<a href="http://www.buzzfeed.com/maxseddon/does-this-soldiers-instagram-account-prove-russia-is-covertl">used
+to locate Russian soldiers in Ukraine</a>, and it is both a powerful
+tool to discover lying governments, and a useful tool to help people
+understand the value of the private information they provide to the
+public.</p>
+
+<p>The package is not trivial to backport to Debian Stable/Jessie, as
+it depend on several python modules currently missing in Jessie (at
+least python-instagram, python-flickrapi and
+python-requests-toolbelt).</p>
+
+<p>(I have uploaded
+<a href="https://screenshots.debian.net/package/creepy">the image to
+screenshots.debian.net</a> and licensed it under the same terms as the
+Creepy program in Debian.)</p>
+
+
+
Always download Debian packages using Tor - the simple recipe
http://people.skolelinux.org/pere/blog/Always_download_Debian_packages_using_Tor___the_simple_recipe.html
http://people.skolelinux.org/pere/blog/Always_download_Debian_packages_using_Tor___the_simple_recipe.htmlFri, 15 Jan 2016 00:30:00 +0100
- <p>During his DebConf15 keynote, Jacob Applebaum
+ <p>During his DebConf15 keynote, Jacob Appelbaum
<a href="https://summit.debconf.org/debconf15/meeting/331/what-is-to-be-done/">observed
that those listening on the Internet lines would have good reason to
believe a computer have a given security hole</a> if it download a
@@ -23,7 +109,8 @@ to interfere download size to security patches or the fact that
download took place shortly after a security fix was released, and
<a href="http://richardhartmann.de/blog/posts/2015/08/24-Tor-enabled_Debian_mirror/">proposed
to always use Tor to download packages from the Debian mirror</a>. He
-was not the first to propose this, as the <tt>apt-transport-tor</tt>
+was not the first to propose this, as the
+<tt><a href="https://tracker.debian.org/pkg/apt-transport-tor">apt-transport-tor</a></tt>
package by Tim Retout already existed to make it easy to convince apt
to use <a href="https://www.torproject.org/">Tor</a>, but I was not
aware of that package when I read the blog post from Richard.</p>
@@ -36,14 +123,14 @@ making sure the network traffic always were encrypted.</p>
<p>Here is a short recipe for enabling this on your machine, by
installing <tt>apt-transport-tor</tt> and replacing http and https
-urls with tor+http and https, and using the hidden service instead of
-the official Debian mirror site. I recommend installing
+urls with tor+http and tor+https, and using the hidden service instead
+of the official Debian mirror site. I recommend installing
<tt>etckeeper</tt> before you start to have a history of the changes
done in /etc/.</p>
<blockquote><pre>
apt install apt-transport-tor
-sed -i 's% http://ftp.debian.org/%tor+http://vwakviie2ienjx6t.onion/%' /etc/apt/sources.list
+sed -i 's% http://ftp.debian.org/% tor+http://vwakviie2ienjx6t.onion/%' /etc/apt/sources.list
sed -i 's% http% tor+http%' /etc/apt/sources.list
</pre></blockquote>