The new "best" multimedia player in Debian?

6th June 2016

When I set out a few weeks ago to figure out -which -multimedia player in Debian claimed to support most file formats / -MIME types, I was a bit surprised how varied the sets of MIME types -the various players claimed support for. The range was from 55 to 130 -MIME types. I suspect most media formats are supported by all -players, but this is not really reflected in the MimeTypes values in -their desktop files. There are probably also some bogus MIME types -listed, but it is hard to identify which one this is.

- -

Anyway, in the mean time I got in touch with upstream for some of -the players suggesting to add more MIME types to their desktop files, -and decided to spend some time myself improving the situation for my -favorite media player VLC. The fixes for VLC entered Debian unstable -yesterday. The complete list of MIME types can be seen on the -Multimedia -player MIME type support status Debian wiki page.

- -

The new "best" multimedia player in Debian? It is VLC, followed by -totem, parole, kplayer, gnome-mpv, mpv, smplayer, mplayer-gui and -kmplayer. I am sure some of the other players desktop files support -several of the formats currently listed as working only with vlc, -toten and parole.

- -

A sad observation is that only 14 MIME types are listed as -supported by all the tested multimedia players in Debian in their -desktop files: audio/mpeg, audio/vnd.rn-realaudio, audio/x-mpegurl, -audio/x-ms-wma, audio/x-scpls, audio/x-wav, video/mp4, video/mpeg, -video/quicktime, video/vnd.rn-realvideo, video/x-matroska, -video/x-ms-asf, video/x-ms-wmv and video/x-msvideo. Personally I find -it sad that video/ogg and video/webm is not supported by all the media -players in Debian. As far as I can tell, all of them can handle both -formats.

AktivitetsbÃ¥nd som beskytter privatsfÃ¦ren

3rd November 2016

Jeg ble sÃ¥ imponert over +dagens +gladnyhet pÃ¥ NRK, om at ForbrukerrÃ¥det klager inn vilkÃ¥rene for +bruk av aktivitetsbÃ¥nd fra Fitbit, Garmin, Jawbone og Mio til +Datatilsynet og forbrukerombudet, at jeg sendte fÃ¸lgende brev til +forbrukerrÃ¥det for Ã¥ uttrykke min stÃ¸tte: + +

+ +
Jeg ble veldig glad over Ã¥ lese at ForbrukerrÃ¥det +klager +inn flere aktivitetsbÃ¥nd til Datatilsynet for dÃ¥rlige vilkÃ¥r. Jeg +har Ã¸nsket meg et aktivitetsbÃ¥nd som kan mÃ¥le puls, bevegelse og +gjerne ogsÃ¥ andre helserelaterte indikatorer en stund nÃ¥. De eneste +jeg har funnet i salg gjÃ¸r, som dere ogsÃ¥ har oppdaget, graverende +inngrep i privatsfÃ¦ren og sender informasjonen ut av huset til folk og +organisasjoner jeg ikke Ã¸nsker Ã¥ dele aktivitets- og helseinformasjon +med. Jeg Ã¸nsker et alternativ som _ikke_ sender informasjon til +skyen, men derimot bruker +en +fritt og Ã¥pent standardisert protokoll (eller i det minste en +dokumentert protokoll uten patent- og opphavsrettslige +bruksbegrensinger) til Ã¥ kommunisere med datautstyr jeg kontrollerer. +Er jo ikke interessert i Ã¥ betale noen for Ã¥ tilrÃ¸ve seg +personopplysninger fra meg. Desverre har jeg ikke funnet noe +alternativ sÃ¥ langt.
+ +
Det holder ikke Ã¥ endre pÃ¥ bruksvilkÃ¥rene for enhetene, slik +Datatilsynet ofte legger opp til i sin behandling, nÃ¥r de gjÃ¸r slik +f.eks. Fitbit (den jeg har sett mest pÃ¥). Fitbit krypterer +informasjonen pÃ¥ enheten og sender den kryptert til leverandÃ¸ren. Det +gjÃ¸r det i praksis umulig bÃ¥de Ã¥ sjekke hva slags informasjon som +sendes over, og umulig Ã¥ ta imot informasjonen selv i stedet for +Fitbit. Uansett hva slags historie som forteller i bruksvilkÃ¥rene er +en jo bÃ¥de prisgitt leverandÃ¸rens godvilje og at de ikke tvinges av +sitt lands myndigheter til Ã¥ lyve til sine kunder om hvorvidt +personopplysninger spres ut over det bruksvilkÃ¥rene sier. Det er +veldokumentert hvordan f.eks. USA tvinger selskaper vha. sÃ¥kalte +National security letters til Ã¥ utlevere personopplysninger samtidig +som de ikke fÃ¥r lov til Ã¥ fortelle dette til kundene sine.
+ +
StÃ¥ pÃ¥, jeg er veldig glade for at dere har sett pÃ¥ saken. Vet +dere om aktivitetsbÃ¥nd i salg i dag som ikke tvinger en til Ã¥ utlevere +aktivitets- og helseopplysninger med leverandÃ¸ren?
+ +

+ +

Jeg hÃ¥per en konkurrent som respekterer kundenes privatliv klarer Ã¥ +nÃ¥ opp i markedet, slik at det finnes et reelt alternativ for oss som +har full tillit til at skyleverandÃ¸rer vil prioritere egen inntjening +og myndighetspÃ¥legg langt over kundenes rett til privatliv. Jeg har +ingen tiltro til at Datatilsynet vil kreve noe mer enn at vilkÃ¥rene +endres slik at de forklarer eksplisitt i hvor stor grad bruk av +produktene utraderer privatsfÃ¦ren til kundene. Det vil nok gjÃ¸re de +innklagede armbÃ¥ndene "lovlige", men fortsatt tvinge kundene til Ã¥ +dele sine personopplysninger med leverandÃ¸ren.

- Tags: debian, debian edu, english, multimedia, video. + Tags: norsk, personvern, sikkerhet, surveillance.

@@ -67,118 +90,189 @@ formats.

A program should be able to open its own files on Linux

5th June 2016

Many years ago, when koffice was fresh and with few users, I -decided to test its presentation tool when making the slides for a -talk I was giving for NUUG on Japhar, a free Java virtual machine. I -wrote the first draft of the slides, saved the result and went to bed -the day before I would give the talk. The next day I took a plane to -the location where the meeting should take place, and on the plane I -started up koffice again to polish the talk a bit, only to discover -that kpresenter refused to load its own data file. I cursed a bit and -started making the slides again from memory, to have something to -present when I arrived. I tested that the saved files could be -loaded, and the day seemed to be rescued. I continued to polish the -slides until I suddenly discovered that the saved file could no longer -be loaded into kpresenter. In the end I had to rewrite the slides -three times, condensing the content until the talk became shorter and -shorter. After the talk I was able to pinpoint the problem – -kpresenter wrote inline images in a way itself could not understand. -Eventually that bug was fixed and kpresenter ended up being a great -program to make slides. The point I'm trying to make is that we -expect a program to be able to load its own data files, and it is -embarrassing to its developers if it can't.

- -

Did you ever experience a program failing to load its own data -files from the desktop file browser? It is not a uncommon problem. A -while back I discovered that the screencast recorder -gtk-recordmydesktop would save an Ogg Theora video file the KDE file -browser would refuse to open. No video player claimed to understand -such file. I tracked down the cause being file --mime-type -returning the application/ogg MIME type, which no video player I had -installed listed as a MIME type they would understand. I asked for -file to change its -behavour and use the MIME type video/ogg instead. I also asked -several video players to add video/ogg to their desktop files, to give -the file browser an idea what to do about Ogg Theora files. After a -while, the desktop file browsers in Debian started to handle the -output from gtk-recordmydesktop properly.

- -

But history repeats itself. A few days ago I tested the music -system Rosegarden again, and I discovered that the KDE and xfce file -browsers did not know what to do with the Rosegarden project files -(*.rg). I've reported the -rosegarden problem to BTS and a fix is commited to git and will be -included in the next upload. To increase the chance of me remembering -how to fix the problem next time some program fail to load its files -from the file browser, here are some notes on how to fix it.

- -

The file browsers in Debian in general operates on MIME types. -There are two sources for the MIME type of a given file. The output from -file --mime-type mentioned above, and the content of the -shared MIME type registry (under /usr/share/mime/). The file MIME -type is mapped to programs supporting the MIME type, and this -information is collected from -the -desktop files available in /usr/share/applications/. If there is -one desktop file claiming support for the MIME type of the file, it is -activated when asking to open a given file. If there are more, one -can normally select which one to use by right-clicking on the file and -selecting the wanted one using 'Open with' or similar. In general -this work well. But it depend on each program picking a good MIME -type (preferably -a -MIME type registered with IANA), file and/or the shared MIME -registry recognizing the file and the desktop file to list the MIME -type in its list of supported MIME types.

- -

The /usr/share/mime/packages/rosegarden.xml entry for -the -Shared MIME database look like this:

- -

-<?xml version="1.0" encoding="UTF-8"?>
-<mime-info xmlns="http://www.freedesktop.org/standards/shared-mime-info">
-  <mime-type type="audio/x-rosegarden">
-    <sub-class-of type="application/x-gzip"/>
-    <comment>Rosegarden project file</comment>
-    <glob pattern="*.rg"/>
-  </mime-type>
-</mime-info>
-

- -

This states that audio/x-rosegarden is a kind of application/x-gzip -(it is a gzipped XML file). Note, it is much better to use an -official MIME type registered with IANA than it is to make up ones own -unofficial ones like the x-rosegarden type used by rosegarden.

- -

The desktop file of the rosegarden program failed to list -audio/x-rosegarden in its list of supported MIME types, causing the -file browsers to have no idea what to do with *.rg files:

- -

-% grep Mime /usr/share/applications/rosegarden.desktop
-MimeType=audio/x-rosegarden-composition;audio/x-rosegarden-device;audio/x-rosegarden-project;audio/x-rosegarden-template;audio/midi;
-X-KDE-NativeMimeType=audio/x-rosegarden-composition
-%
-

- -

The fix was to add "audio/x-rosegarden;" at the end of the -MimeType= line.

Experience and updated recipe for using the Signal app without a mobile phone

10th October 2016

In July +I +wrote how to get the Signal Chrome/Chromium app working without +the ability to receive SMS messages (aka without a cell phone). It is +time to share some experiences and provide an updated setup.

+ +

The Signal app have worked fine for several months now, and I use +it regularly to chat with my loved ones. I had a major snag at the +end of my summer vacation, when the the app completely forgot my +setup, identity and keys. The reason behind this major mess was +running out of disk space. To avoid that ever happening again I have +started storing everything in userdata/ in git, to be able to +roll back to an earlier version if the files are wiped by mistake. I +had to use it once after introducing the git backup. When rolling +back to an earlier version, one need to use the 'reset session' option +in Signal to get going, and notify the people you talk with about the +problem. I assume there is some sequence number tracking in the +protocol to detect rollback attacks. The git repository is rather big +(674 MiB so far), but I have not tried to figure out if some of the +content can be added to a .gitignore file due to lack of spare +time.

+ +

I've also hit the 90 days timeout blocking, and noticed that this +make it impossible to send messages using Signal. I could still +receive them, but had to patch the code with a new timestamp to send. +I believe the timeout is added by the developers to force people to +upgrade to the latest version of the app, even when there is no +protocol changes, to reduce the version skew among the user base and +thus try to keep the number of support requests down.

+ +

Since my original recipe, the Signal source code changed slightly, +making the old patch fail to apply cleanly. Below is an updated +patch, including the shell wrapper I use to start Signal. The +original version required a new user to locate the JavaScript console +and call a function from there. I got help from a friend with more +JavaScript knowledge than me to modify the code to provide a GUI +button instead. This mean that to get started you just need to run +the wrapper and click the 'Register without mobile phone' to get going +now. I've also modified the timeout code to always set it to 90 days +in the future, to avoid having to patch the code regularly.

+ +

So, the updated recipe for Debian Jessie:

+ +

First, install required packages to get the source code and the +browser you need. Signal only work with Chrome/Chromium, as far as I +know, so you need to install it. + +
```
+apt install git tor chromium
+git clone https://github.com/WhisperSystems/Signal-Desktop.git
+
```
Modify the source code using command listed in the the patch +block below.
Start Signal using the run-signal-app wrapper (for example using +`pwd`/run-signal-app). + +
Click on the 'Register without mobile phone', will in a phone +number you can receive calls to the next minute, receive the +verification code and enter it into the form field and press +'Register'. Note, the phone number you use will be user Signal +username, ie the way others can find you on Signal.
You can now use Signal to contact others. Note, new contacts do +not show up in the contact list until you restart Signal, and there is +no way to assign names to Contacts. There is also no way to create or +update chat groups. I suspect this is because the web app do not have +a associated contact database.

+ +

I am still a bit uneasy about using Signal, because of the way its +main author moxie0 reject federation and accept dependencies to major +corporations like Google (part of the code is fetched from Google) and +Amazon (the central coordination point is owned by Amazon). See for +example +the +LibreSignal issue tracker for a thread documenting the authors +view on these issues. But the network effect is strong in this case, +and several of the people I want to communicate with already use +Signal. Perhaps we can all move to Ring +once it work on my +laptop? It already work on Windows and Android, and is included +in Debian and +Ubuntu, but not +working on Debian Stable.

+ +

Anyway, this is the patch I apply to the Signal code to get it +working. It switch to the production servers, disable to timeout, +make registration easier and add the shell wrapper:

+ +

+cd Signal-Desktop; cat <<EOF | patch -p1
+diff --git a/js/background.js b/js/background.js
+index 24b4c1d..579345f 100644
+--- a/js/background.js
++++ b/js/background.js
+@@ -33,9 +33,9 @@
+         });
+     });
+ 
+-    var SERVER_URL = 'https://textsecure-service-staging.whispersystems.org';
++    var SERVER_URL = 'https://textsecure-service-ca.whispersystems.org';
+     var SERVER_PORTS = [80, 4433, 8443];
+-    var ATTACHMENT_SERVER_URL = 'https://whispersystems-textsecure-attachments-staging.s3.amazonaws.com';
++    var ATTACHMENT_SERVER_URL = 'https://whispersystems-textsecure-attachments.s3.amazonaws.com';
+     var messageReceiver;
+     window.getSocketStatus = function() {
+         if (messageReceiver) {
+diff --git a/js/expire.js b/js/expire.js
+index 639aeae..beb91c3 100644
+--- a/js/expire.js
++++ b/js/expire.js
+@@ -1,6 +1,6 @@
+ ;(function() {
+     'use strict';
+-    var BUILD_EXPIRATION = 0;
++    var BUILD_EXPIRATION = Date.now() + (90 * 24 * 60 * 60 * 1000);
+ 
+     window.extension = window.extension || {};
+ 
+diff --git a/js/views/install_view.js b/js/views/install_view.js
+index 7816f4f..1d6233b 100644
+--- a/js/views/install_view.js
++++ b/js/views/install_view.js
+@@ -38,7 +38,8 @@
+             return {
+                 'click .step1': this.selectStep.bind(this, 1),
+                 'click .step2': this.selectStep.bind(this, 2),
+-                'click .step3': this.selectStep.bind(this, 3)
++                'click .step3': this.selectStep.bind(this, 3),
++                'click .callreg': function() { extension.install('standalone') },
+             };
+         },
+         clearQR: function() {
+diff --git a/options.html b/options.html
+index dc0f28e..8d709f6 100644
+--- a/options.html
++++ b/options.html
+@@ -14,7 +14,10 @@
+         <div class='nav'>
+           <h1>{{ installWelcome }}</h1>
+           <p>{{ installTagline }}</p>
+-          <div> <a class='button step2'>{{ installGetStartedButton }}</a> </div>
++          <div> <a class='button step2'>{{ installGetStartedButton }}</a>
++	    <br> <a class="button callreg">Register without mobile phone</a>
++
++	  </div>
+           <span class='dot step1 selected'></span>
+           <span class='dot step2'></span>
+           <span class='dot step3'></span>
+--- /dev/null   2016-10-07 09:55:13.730181472 +0200
++++ b/run-signal-app   2016-10-10 08:54:09.434172391 +0200
+@@ -0,0 +1,12 @@
++#!/bin/sh
++set -e
++cd $(dirname $0)
++mkdir -p userdata
++userdata="`pwd`/userdata"
++if [ -d "$userdata" ] && [ ! -d "$userdata/.git" ] ; then
++    (cd $userdata && git init)
++fi
++(cd $userdata && git add . && git commit -m "Current status." || true)
++exec chromium \
++  --proxy-server="socks://localhost:9050" \
++  --user-data-dir=$userdata --load-and-launch-app=`pwd`
+EOF
+chmod a+rx run-signal-app
+

If you run into a file which fail to open the correct program when -selected from the file browser, please check out the output from -file --mime-type for the file, ensure the file ending and -MIME type is registered somewhere under /usr/share/mime/ and check -that some desktop file under /usr/share/applications/ is claiming -support for this MIME type. If not, please report a bug to have it -fixed. :)

As usual, if you use Bitcoin and want to show your support of my +activities, please send Bitcoin donations to my address +15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

- Tags: debian, english. + Tags: debian, english, sikkerhet, surveillance.

@@ -186,36 +280,129 @@ fixed. :)

Tor - from its creators mouth 11 years ago

28th May 2016

A little more than 11 years ago, one of the creators of Tor, and -the current President of the Tor -project, Roger Dingledine, gave a talk for the members of the -Norwegian Unix User group (NUUG). A -video of the talk was recorded, and today, thanks to the great help -from David Noble, I finally was able to publish the video of the talk -on Frikanalen, the Norwegian open channel TV station where NUUG -currently publishes its talks. You can -watch the live stream using a web -browser with WebM support, or check out the recording on the video -on demand page for the talk -"Tor: Anonymous -communication for the US Department of Defence...and you.".

- -

Here is the video included for those of you using browsers with -HTML video and Ogg Theora support:

- -

I guess the gist of the talk can be summarised quite simply: If you -want to help the military in USA (and everyone else), use Tor. :)

NRKs kildevern nÃ¥r NRK-epost deles med utenlands etterretning?

8th October 2016

NRK +lanserte +for noen uker siden en ny +varslerportal som bruker +SecureDrop til Ã¥ ta imot tips der det er vesentlig at ingen +utenforstÃ¥ende fÃ¥r vite at NRK er tipset. Det er et langt steg +fremover for NRK, og nÃ¥r en leser bloggposten om hva de har tenkt pÃ¥ +og hvordan lÃ¸sningen er satt opp virker det som om de har gjort en +grundig jobb der. Men det er ganske mye ekstra jobb Ã¥ motta tips via +SecureDrop, sÃ¥ varslersiden skriver "Nyhetstips som ikke krever denne +typen ekstra vern vil vi gjerne ha pÃ¥ nrk.no/03030", og 03030-siden +foreslÃ¥r i tillegg til et webskjema Ã¥ bruke epost, SMS, telefon, +personlig oppmÃ¸te og brevpost. Denne artikkelen handler disse andre +metodene.

+ +

NÃ¥r en sender epost til en @nrk.no-adresse sÃ¥ vil eposten sendes ut +av landet til datamaskiner kontrollert av Microsoft. En kan sjekke +dette selv ved Ã¥ slÃ¥ opp epostleveringsadresse (MX) i DNS. For NRK er +dette i dag "nrk-no.mail.protection.outlook.com". NRK har som en ser +valgt Ã¥ sette bort epostmottaket sitt til de som stÃ¥r bak outlook.com, +dvs. Microsoft. En kan sjekke hvor nettverkstrafikken tar veien +gjennom Internett til epostmottaket vha. programmet +traceroute, og finne ut hvem som eier en Internett-adresse +vha. whois-systemet. NÃ¥r en gjÃ¸r dette for epost-trafikk til @nrk.no +ser en at trafikken fra Norge mot nrk-no.mail.protection.outlook.com +gÃ¥r via Sverige mot enten Irland eller Tyskland (det varierer fra gang +til gang og kan endre seg over tid).

+ +

Vi vet fra +introduksjonen av +FRA-loven at IP-trafikk som passerer grensen til Sverige avlyttes +av FÃ¶rsvarets radioanstalt (FRA). Vi vet videre takket vÃ¦re +Snowden-bekreftelsene at trafikk som passerer grensen til +Storbritannia avlyttes av Government Communications Headquarters +(GCHQ). I tillegg er er det nettopp lansert et forslag i Norge om at +forsvarets E-tjeneste skal fÃ¥ avlytte trafikk som krysser grensen til +Norge. Jeg er ikke kjent med dokumentasjon pÃ¥ at Irland og Tyskland +gjÃ¸r det samme. Poenget er uansett at utenlandsk etterretning har +mulighet til Ã¥ snappe opp trafikken nÃ¥r en sender epost til @nrk.no. +I tillegg er det selvsagt tilgjengelig for Microsoft som er underlagt USAs +jurisdiksjon og +samarbeider +med USAs etterretning pÃ¥ flere omrÃ¥der. De som tipser NRK om +nyheter via epost kan dermed gÃ¥ ut fra at det blir kjent for mange +andre enn NRK at det er gjort.

+ +

Bruk av SMS og telefon registreres av blant annet telefonselskapene +og er tilgjengelig i fÃ¸lge lov og forskrift for blant annet Politi, +NAV og Finanstilsynet, i tillegg til IT-folkene hos telefonselskapene +og deres overordnede. Hvis innringer eller mottaker bruker +smarttelefon vil slik kontakt ogsÃ¥ gjÃ¸res tilgjengelig for ulike +app-leverandÃ¸rer og de som lytter pÃ¥ trafikken mellom telefon og +app-leverandÃ¸r, alt etter hva som er installert pÃ¥ telefonene som +brukes.

+ +

Brevpost kan virke trygt, og jeg vet ikke hvor mye som registreres +og lagres av postens datastyrte postsorteringssentraler. Det vil ikke +overraske meg om det lagres hvor i landet hver konvolutt kommer fra og +hvor den er adressert, i hvert fall for en kortere periode. Jeg vet +heller ikke hvem slik informasjon gjÃ¸res tilgjengelig for. Det kan +vÃ¦re nok til Ã¥ ringe inn potensielle kilder nÃ¥r det krysses med hvem +som kjente til aktuell informasjon og hvor de befant seg (tilgjengelig +f.eks. hvis de bÃ¦rer mobiltelefon eller bor i nÃ¦rheten).

+ +

Personlig oppmÃ¸te hos en NRK-journalist er antagelig det tryggeste, +men en bÃ¸r passe seg for Ã¥ bruke NRK-kantina. Der bryter de nemlig +Sentralbanklovens +paragraf 14 og nekter folk Ã¥ betale med kontanter. I stedet +krever de at en varsle sin bankkortutsteder om hvor en befinner seg +ved Ã¥ bruke bankkort. Banktransaksjoner er tilgjengelig for +bankkortutsteder (det vÃ¦re seg VISA, Mastercard, Nets og/eller en +bank) i tillegg til politiet og i hvert fall tidligere med Se & HÃ¸r +(via utro tjenere, slik det ble avslÃ¸rt etter utgivelsen av boken +Â«Livet, det forbannedeÂ» av Ken B. Rasmussen). Men hvor mange kjenner +en NRK-journalist personlig? BesÃ¸k pÃ¥ NRK pÃ¥ Marienlyst krever at en +registrerer sin ankost elektronisk i besÃ¸kssystemet. Jeg vet ikke hva +som skjer med det datasettet, men har grunn til Ã¥ tro at det sendes ut +SMS til den en skal besÃ¸ke med navnet som er oppgitt. Kanskje greit Ã¥ +oppgi falskt navn.

+ +

NÃ¥r sÃ¥ tipset er kommet frem til NRK skal det behandles +redaksjonelt i NRK. Der vet jeg via ulike kilder at de fleste +journalistene bruker lokalt installert programvare, men noen bruker +Google Docs og andre skytjenester i strid med interne retningslinjer +nÃ¥r de skriver. Hvordan vet en hvem det gjelder? Ikke vet jeg, men +det kan vÃ¦re greit Ã¥ spÃ¸rre for Ã¥ sjekke at journalisten har tenkt pÃ¥ +problemstillingen, fÃ¸r en gir et tips. Og hvis tipset omtales internt +pÃ¥ epost, er det jo grunn til Ã¥ tro at ogsÃ¥ intern eposten vil deles +med Microsoft og utenlands etterretning, slik tidligere nevnt, men det +kan hende at det holdes internt i NRKs interne MS Exchange-lÃ¸sning. +Men Microsoft Ã¸nsker Ã¥ fÃ¥ alle Exchange-kunder over "i skyen" (eller +andre folks datamaskiner, som det jo innebÃ¦rer), sÃ¥ jeg vet ikke hvor +lenge det i sÃ¥ fall vil vare.

+ +

I tillegg vet en jo at +NRK +har valgt Ã¥ gi nasjonal sikkerhetsmyndighet (NSM) tilgang til Ã¥ se pÃ¥ +intern og ekstern Internett-trafikk hos NRK ved oppsett av sÃ¥kalte +VDI-noder, pÃ¥ tross av +protester +fra NRKs journalistlag. Jeg vet ikke om den vil kunne snappe opp +dokumenter som lagres pÃ¥ interne filtjenere eller dokumenter som lages +i de interne webbaserte publiseringssystemene, men vet at hva noden +ser etter pÃ¥ nettet kontrolleres av NSM og oppdateres automatisk, slik +at det ikke gir sÃ¥ mye mening Ã¥ sjekke hva noden ser etter i dag nÃ¥r +det kan endres automatisk i morgen.

+ +

Personlig vet jeg ikke om jeg hadde turt tipse NRK hvis jeg satt pÃ¥ +noe som kunne vÃ¦re en trussel mot den bestÃ¥ende makten i Norge eller +verden. Til det virker det Ã¥ vÃ¦re for mange Ã¥pninger for +utenforstÃ¥ende med andre prioriteter enn NRKs journalistiske fokus. +Og den stÃ¸rste truslen for en varsler er jo om metainformasjon kommer +pÃ¥ avveie, dvs. informasjon om at en har vÃ¦rt i kontakt med en +journalist. Det kan vÃ¦re nok til at en kommer i myndighetenes +sÃ¸kelys, og de fÃ¦rreste har nok operasjonell sikkerhet til at vil tÃ¥le +slik flombelysning pÃ¥ sitt privatliv.

- Tags: english, frikanalen, nuug, video. + Tags: dld, norsk, personvern, sikkerhet, surveillance.

@@ -223,62 +410,120 @@ want to help the military in USA (and everyone else), use Tor. :)

Isenkram with PackageKit support - new version 0.23 available in Debian unstable

25th May 2016

The isenkram -system is a user-focused solution in Debian for handling hardware -related packages. The idea is to have a database of mappings between -hardware and packages, and pop up a dialog suggesting for the user to -install the packages to use a given hardware dongle. Some use cases -are when you insert a Yubikey, it proposes to install the software -needed to control it; when you insert a braille reader list it -proposes to install the packages needed to send text to the reader; -and when you insert a ColorHug screen calibrator it suggests to -install the driver for it. The system work well, and even have a few -command line tools to install firmware packages and packages for the -hardware already in the machine (as opposed to hotpluggable hardware).

- -

The system was initially written using aptdaemon, because I found -good documentation and example code on how to use it. But aptdaemon -is going away and is generally being replaced by -PackageKit, -so Isenkram needed a rewrite. And today, thanks to the great patch -from my college Sunil Mohan Adapa in the FreedomBox project, the -rewrite finally took place. I've just uploaded a new version of -Isenkram into Debian Unstable with the patch included, and the default -for the background daemon is now to use PackageKit. To check it out, -install the isenkram package and insert some hardware dongle -and see if it is recognised.

- -

If you want to know what kind of packages isenkram would propose for -the machine it is running on, you can check out the isenkram-lookup -program. This is what it look like on a Thinkpad X230:

Isenkram, Appstream and udev make life as a LEGO builder easier

7th October 2016

The Isenkram +system provide a practical and easy way to figure out which +packages support the hardware in a given machine. The command line +tool isenkram-lookup and the tasksel options provide a +convenient way to list and install packages relevant for the current +hardware during system installation, both user space packages and +firmware packages. The GUI background daemon on the other hand provide +a pop-up proposing to install packages when a new dongle is inserted +while using the computer. For example, if you plug in a smart card +reader, the system will ask if you want to install pcscd if +that package isn't already installed, and if you plug in a USB video +camera the system will ask if you want to install cheese if +cheese is currently missing. This already work just fine.

+ +

But Isenkram depend on a database mapping from hardware IDs to +package names. When I started no such database existed in Debian, so +I made my own data set and included it with the isenkram package and +made isenkram fetch the latest version of this database from git using +http. This way the isenkram users would get updated package proposals +as soon as I learned more about hardware related packages.

+ +

The hardware is identified using modalias strings. The modalias +design is from the Linux kernel where most hardware descriptors are +made available as a strings that can be matched using filename style +globbing. It handle USB, PCI, DMI and a lot of other hardware related +identifiers.

+ +

The downside to the Isenkram specific database is that there is no +information about relevant distribution / Debian version, making +isenkram propose obsolete packages too. But along came AppStream, a +cross distribution mechanism to store and collect metadata about +software packages. When I heard about the proposal, I contacted the +people involved and suggested to add a hardware matching rule using +modalias strings in the specification, to be able to use AppStream for +mapping hardware to packages. This idea was accepted and AppStream is +now a great way for a package to announce the hardware it support in a +distribution neutral way. I wrote +a +recipe on how to add such meta-information in a blog post last +December. If you have a hardware related package in Debian, please +announce the relevant hardware IDs using AppStream.

+ +

In Debian, almost all packages that can talk to a LEGO Mindestorms +RCX or NXT unit, announce this support using AppStream. The effect is +that when you insert such LEGO robot controller into your Debian +machine, Isenkram will propose to install the packages needed to get +it working. The intention is that this should allow the local user to +start programming his robot controller right away without having to +guess what packages to use or which permissions to fix.

+ +

But when I sat down with my son the other day to program our NXT +unit using his Debian Stretch computer, I discovered something +annoying. The local console user (ie my son) did not get access to +the USB device for programming the unit. This used to work, but no +longer in Jessie and Stretch. After some investigation and asking +around on #debian-devel, I discovered that this was because udev had +changed the mechanism used to grant access to local devices. The +ConsoleKit mechanism from /lib/udev/rules.d/70-udev-acl.rules +no longer applied, because LDAP users no longer was added to the +plugdev group during login. Michael Biebl told me that this method +was obsolete and the new method used ACLs instead. This was good +news, as the plugdev mechanism is a mess when using a remote user +directory like LDAP. Using ACLs would make sure a user lost device +access when she logged out, even if the user left behind a background +process which would retain the plugdev membership with the ConsoleKit +setup. Armed with this knowledge I moved on to fix the access problem +for the LEGO Mindstorms related packages.

+ +

The new system uses a udev tag, 'uaccess'. It can either be +applied directly for a device, or is applied in +/lib/udev/rules.d/70-uaccess.rules for classes of devices. As the +LEGO Mindstorms udev rules did not have a class, I decided to add the +tag directly in the udev rules files included in the packages. Here +is one example. For the nqc C compiler for the RCX, the +/lib/udev/rules.d/60-nqc.rules file now look like this: + +

+SUBSYSTEM=="usb", ACTION=="add", ATTR{idVendor}=="0694", ATTR{idProduct}=="0001", \
+    SYMLINK+="rcx-%k", TAG+="uaccess"
+

+ +

The key part is the 'TAG+="uaccess"' at the end. I suspect all +packages using plugdev in their /lib/udev/rules.d/ files should be +changed to use this tag (either directly or indirectly via +70-uaccess.rules). Perhaps a lintian check should be created +to detect this?

+ +

I've been unable to find good documentation on the uaccess feature. +It is unclear to me if the uaccess tag is an internal implementation +detail like the udev-acl tag used by +/lib/udev/rules.d/70-udev-acl.rules. If it is, I guess the +indirect method is the preferred way. Michael +asked for more +documentation from the systemd project and I hope it will make +this clearer. For now I use the generic classes when they exist and +is already handled by 70-uaccess.rules, and add the tag +directly if no such class exist.

+ +

To learn more about the isenkram system, please check out +my +blog posts tagged isenkram.

+ +

To help out making life for LEGO constructors in Debian easier, +please join us on our IRC channel +#debian-lego and join +the Debian +LEGO team in the Alioth project we created yesterday. A mailing +list is not yet created, but we are working on it. :)

-% isenkram-lookup 
-bluez
-cheese
-fprintd
-fprintd-demo
-gkrellm-thinkbat
-hdapsd
-libpam-fprintd
-pidgin-blinklight
-thinkfan
-tleds
-tp-smapi-dkms
-tp-smapi-source
-tpb
-%p
-

- -

The hardware mappings come from several places. The preferred way -is for packages to announce their hardware support using -the -cross distribution appstream system. -See -previous -blog posts about isenkram to learn how to do that.

As usual, if you use Bitcoin and want to show your support of my +activities, please send Bitcoin donations to my address +15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

@@ -291,62 +536,47 @@ blog posts about isenkram to learn how to do that.

Discharge rate estimate in new battery statistics collector for Debian

23rd May 2016

Yesterday I updated the -battery-stats -package in Debian with a few patches sent to me by skilled and -enterprising users. There were some nice user and visible changes. -First of all, both desktop menu entries now work. A design flaw in -one of the script made the history graph fail to show up (its PNG was -dumped in ~/.xsession-errors) if no controlling TTY was available. -The script worked when called from the command line, but not when -called from the desktop menu. I changed this to look for a DISPLAY -variable or a TTY before deciding where to draw the graph, and now the -graph window pop up as expected.

- -

The next new feature is a discharge rate estimator in one of the -graphs (the one showing the last few hours). New is also the user of -colours showing charging in blue and discharge in red. The percentages -of this graph is relative to last full charge, not battery design -capacity.

- -

The other graph show the entire history of the collected battery -statistics, comparing it to the design capacity of the battery to -visualise how the battery life time get shorter over time. The red -line in this graph is what the previous graph considers 100 percent: - -

- -

In this graph you can see that I only charge the battery to 80 -percent of last full capacity, and how the capacity of the battery is -shrinking. :(

- -

The last new feature is in the collector, which now will handle -more hardware models. On some hardware, Linux power supply -information is stored in /sys/class/power_supply/ACAD/, while the -collector previously only looked in /sys/class/power_supply/AC/. Now -both are checked to figure if there is power connected to the -machine.

- -

If you are interested in how your laptop battery is doing, please -check out the -battery-stats -in Debian unstable, or rebuild it on Jessie to get it working on -Debian stable. :) The upstream source is available from github. -Patches are very welcome.

- -

As usual, if you use Bitcoin and want to show your support of my -activities, please send Bitcoin donations to my address -15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

Aftenposten-redaktÃ¸ren med lua i hÃ¥nda

9th September 2016

En av dagens nyheter er at Aftenpostens redaktÃ¸r Espen Egil Hansen +bruker +forsiden +av papiravisen pÃ¥ et Ã¥pent brev til Facebooks sjef Mark Zuckerberg om +Facebooks fjerning av bilder, tekster og sider de ikke liker. Det +mÃ¥ vÃ¦re uvant for redaktÃ¸ren i avisen Aftenposten Ã¥ stÃ¥ med lua i +handa og hÃ¥pe pÃ¥ Ã¥ bli hÃ¸rt. Spesielt siden Aftenposten har vÃ¦rt med +pÃ¥ Ã¥ gi Facebook makten de nÃ¥ demonstrerer at de har. Ved Ã¥ melde seg +inn i Facebook-samfunnet har de sagt ja til bruksvilkÃ¥rene og inngÃ¥tt +en antagelig bindende avtale. Kanskje de skulle lest og vurdert +vilkÃ¥rene litt nÃ¦rmere fÃ¸r de sa ja, i stedet for Ã¥ klage over at +reglende de har valgt Ã¥ akseptere blir fulgt? Personlig synes jeg +vilkÃ¥rene er uakseptable og det ville ikke falle meg inn Ã¥ gÃ¥ inn pÃ¥ +en avtale med slike vilkÃ¥r. I tillegg til uakseptable vilkÃ¥r er det +mange andre grunner til Ã¥ unngÃ¥ Facebook. Du kan finne en solid +gjennomgang av flere slike argumenter hos +Richard Stallmans side om +Facebook. + +

Jeg hÃ¥per flere norske redaktÃ¸rer pÃ¥ samme vis mÃ¥ stÃ¥ med lua i +hÃ¥nden inntil de forstÃ¥r at de selv er med pÃ¥ Ã¥ fÃ¸re samfunnet pÃ¥ +ville veier ved Ã¥ omfavne Facebook slik de gjÃ¸r nÃ¥r de omtaler og +lÃ¸fter frem saker fra Facebook, og tar i bruk Facebook som +distribusjonskanal for sine nyheter. De bidrar til +overvÃ¥kningssamfunnet og raderer ut lesernes privatsfÃ¦re nÃ¥r de lenker +til Facebook pÃ¥ sine sider, og lÃ¥ser seg selv inne i en omgivelse der +det er Facebook, og ikke redaktÃ¸ren, som sitter med makta.

+ +

Men det vil nok ta tid, i et Norge der de fleste nettredaktÃ¸rer +deler +sine leseres personopplysinger med utenlands etterretning.

+ +

For Ã¸vrig burde varsleren Edward Snowden fÃ¥ politisk asyl i +Norge.

- Tags: debian, english. + Tags: norsk, surveillance.

@@ -354,34 +584,159 @@ activities, please send Bitcoin donations to my address

French edition of Lawrence Lessigs book Cultura Libre on Amazon and Barnes & Noble

21st May 2016

A few weeks ago the French paperback edition of Lawrence Lessigs -2004 book Cultura Libre was published. Today I noticed that the book -is now available from book stores. You can now buy it from -Amazon -($19.99), -Barnes -& Noble ($?) and as always from -Lulu.com -($19.99). The revenue is donated to the Creative Commons project. If -you buy from Lulu.com, they currently get $10.59, while if you buy -from one of the book stores most of the revenue go to the book store -and the Creative Commons project get much (not sure how much -less).

- -

I was a bit surprised to discover that there is a kindle edition -sold by Amazon Digital Services LLC on Amazon. Not quite sure how -that edition was created, but if you want to download a electronic -edition (PDF, EPUB, Mobi) generated from the same files used to create -the paperback edition, they are -available -from github.

E-tjenesten ber om innsyn i eposten til partiene pÃ¥ Stortinget

6th September 2016

I helga kom det et hÃ¥rreisende forslag fra Lysne II-utvalget satt +ned av Forsvarsdepartementet. Lysne II-utvalget var bedt om Ã¥ vurdere +Ã¸nskelista til Forsvarets etterretningstjeneste (e-tjenesten), og har +kommet med +forslag +om at e-tjenesten skal fÃ¥ lov til a avlytte all Internett-trafikk +som passerer Norges grenser. FÃ¥ er klar over at dette innebÃ¦rer at +e-tjenesten fÃ¥r tilgang til epost sendt til de fleste politiske +partiene pÃ¥ Stortinget. Regjeringspartiet HÃ¸yre (@hoyre.no), +stÃ¸ttepartiene Venstre (@venstre.no) og Kristelig Folkeparti (@krf.no) +samt Sosialistisk Ventreparti (@sv.no) og MiljÃ¸partiet de grÃ¸nne +(@mdg.no) har nemlig alle valgt Ã¥ ta imot eposten sin via utenlandske +tjenester. Det betyr at hvis noen sender epost til noen med en slik +adresse vil innholdet i eposten, om dette forslaget blir vedtatt, gjÃ¸res +tilgjengelig for e-tjenesten. Venstre, Sosialistisk Ventreparti og +MiljÃ¸partiet De GrÃ¸nne har valgt Ã¥ motta sin epost hos Google, +Kristelig Folkeparti har valgt Ã¥ motta sin epost hos Microsoft, og +HÃ¸yre har valgt Ã¥ motta sin epost hos Comendo med mottak i Danmark og +Irland. Kun Arbeiderpartiet og Fremskrittspartiet har valgt Ã¥ motta +eposten sin i Norge, hos henholdsvis Intility AS og Telecomputing +AS.

+ +

Konsekvensen er at epost inn og ut av de politiske organisasjonene, +til og fra partimedlemmer og partiets tillitsvalgte vil gjÃ¸res +tilgjengelig for e-tjenesten for analyse og sortering. Jeg mistenker +at kunnskapen som slik blir tilgjengelig vil vÃ¦re nyttig hvis en +Ã¸nsker Ã¥ vite hvilke argumenter som treffer publikum nÃ¥r en Ã¸nsker Ã¥ +pÃ¥virke Stortingets representanter.

Ved hjelp av MX-oppslag i DNS for epost-domene, tilhÃ¸rende +whois-oppslag av IP-adressene og traceroute for Ã¥ se hvorvidt +trafikken gÃ¥r via utlandet kan enhver fÃ¥ bekreftet at epost sendt til +de omtalte partiene vil gjÃ¸res tilgjengelig for forsvarets +etterretningstjeneste hvis forslaget blir vedtatt. En kan ogsÃ¥ bruke +den kjekke nett-tjenesten ipinfo.io +for Ã¥ fÃ¥ en ide om hvor i verden en IP-adresse hÃ¸rer til.

+ +

PÃ¥ den positive siden vil forslaget gjÃ¸re at enda flere blir +motivert til Ã¥ ta grep for Ã¥ bruke +Tor og krypterte +kommunikasjonslÃ¸sninger for Ã¥ kommunisere med sine kjÃ¦re, for Ã¥ sikre +at privatsfÃ¦ren vernes. Selv bruker jeg blant annet +FreedomBox og +Signal til slikt. Ingen av +dem er optimale, men de fungerer ganske bra allerede og Ã¸ker kostnaden +for dem som Ã¸nsker Ã¥ invadere mitt privatliv.

+ +

For Ã¸vrig burde varsleren Edward Snowden fÃ¥ politisk asyl i +Norge.

+ +

- Tags: docbook, english, freeculture. + Tags: norsk, surveillance.

@@ -389,67 +744,33 @@ from github.

I want the courts to be involved before the police can hijack a news site DNS domain (#domstolkontroll)

19th May 2016

I just donated to the -NUUG defence -"fond" to fund the effort in Norway to get the seizure of the news -site popcorn-time.no tested in court. I hope everyone that agree with -me will do the same.

- -

Would you be worried if you knew the police in your country could -hijack DNS domains of news sites covering free software system without -talking to a judge first? I am. What if the free software system -combined search engine lookups, bittorrent downloads and video playout -and was called Popcorn Time? Would that affect your view? It still -make me worried.

- -

In March 2016, the Norwegian police seized (as in forced NORID to -change the IP address pointed to by it to one controlled by the -police) the DNS domain popcorn-time.no, without any supervision from -the courts. I did not know about the web site back then, and assumed -the courts had been involved, and was very surprised when I discovered -that the police had hijacked the DNS domain without asking a judge for -permission first. I was even more surprised when I had a look at -the web -site content on the Internet Archive, and only found news coverage -about Popcorn Time, not any material published without the right -holders permissions.

- -

The seizure was widely covered in the Norwegian press (see for -example Hegnar Online and -ITavisen -and -NRK), -at first due to the press release sent out by Ãkokrim, but then based -on -protests -from the law professor Olav Torvund and -lawyer -Jon Wessel-Aas. It even got some -coverage -on TorrentFreak.

- -

I - -wrote about the case a month ago, when the -Norwegian Unix User Group (NUUG), -where I am an active member, decided to ask the courts to test this seizure. -The request was denied, but NUUG and its co-requestor EFN have not -given up, and now they are rallying for support to get the seizure -legally challenged. They accept both bank and Bitcoin transfer for -those that want to support the request.

- -

If you as me believe news sites about free software should not be -censored, even if the free software have both legal and illegal -applications, and that DNS hijacking should be tested by the courts, I -suggest you show -your support by donating to NUUG. +

First draft Norwegian BokmÃ¥l edition of The Debian Administrator's Handbook now public

30th August 2016

In April we +started +to work on a Norwegian BokmÃ¥l edition of the "open access" book on +how to set up and administrate a Debian system. Today I am happy to +report that the first draft is now publicly available. You can find +it on get the Debian +Administrator's Handbook page (under Other languages). The first +eight chapters have a first draft translation, and we are working on +proofreading the content. If you want to help out, please start +contributing using +the +hosted weblate project page, and get in touch using +the +translators mailing list. Please also check out +the instructions for +contributors. A good way to contribute is to proofread the text +and update weblate if you find errors.

+ +

Our goal is still to make the Norwegian book available on paper as well as +electronic form.

- Tags: english, nuug, offentlig innsyn, opphavsrett. + Tags: debian, english.

@@ -457,25 +778,75 @@ your support by donating to NUUG.

Debian now with ZFS on Linux included

12th May 2016

Today, after many years of hard work from many people, -ZFS for Linux finally entered -Debian. The package status can be seen on -the package tracker -for zfs-linux. and -the -team status page. If you want to help out, please join us. -The -source code is available via git on Alioth. It would also be -great if you could help out with -the dkms package, as -it is an important piece of the puzzle to get ZFS working.

Coz can help you find bottlenecks in multi-threaded software - nice free software

11th August 2016

This summer, I read a great article +"coz: +This Is the Profiler You're Looking For" in USENIX ;login: about +how to profile multi-threaded programs. It presented a system for +profiling software by running experiences in the running program, +testing how run time performance is affected by "speeding up" parts of +the code to various degrees compared to a normal run. It does this by +slowing down parallel threads while the "faster up" code is running +and measure how this affect processing time. The processing time is +measured using probes inserted into the code, either using progress +counters (COZ_PROGRESS) or as latency meters (COZ_BEGIN/COZ_END). It +can also measure unmodified code by measuring complete the program +runtime and running the program several times instead.

+ +

The project and presentation was so inspiring that I would like to +get the system into Debian. I +created +a WNPP request for it and contacted upstream to try to make the +system ready for Debian by sending patches. The build process need to +be changed a bit to avoid running 'git clone' to get dependencies, and +to include the JavaScript web page used to visualize the collected +profiling information included in the source package. +But I expect that should work out fairly soon.

+ +

The way the system work is fairly simple. To run an coz experiment +on a binary with debug symbols available, start the program like this: + +

+coz run --- program-to-run
+

+ +

This will create a text file profile.coz with the instrumentation +information. To show what part of the code affect the performance +most, use a web browser and either point it to +http://plasma-umass.github.io/coz/ +or use the copy from git (in the gh-pages branch). Check out this web +site to have a look at several example profiling runs and get an idea what the end result from the profile runs look like. To make the +profiling more useful you include <coz.h> and insert the +COZ_PROGRESS or COZ_BEGIN and COZ_END at appropriate places in the +code, rebuild and run the profiler. This allow coz to do more +targeted experiments.

+ +

A video published by ACM +presenting the +Coz profiler is available from Youtube. There is also a paper +from the 25th Symposium on Operating Systems Principles available +titled +Coz: +finding code that counts with causal profiling.

+ +

The source code +for Coz is available from github. It will only build with clang +because it uses a +C++ +feature missing in GCC, but I've submitted +a patch to solve +it and hope it will be included in the upstream source soon.

+ +

Please get in touch if you, like me, would like to see this piece +of software in Debian. I would very much like some help with the +packaging effort, as I lack the in depth knowledge on how to package +C++ libraries.

- Tags: debian, english. + Tags: debian, english, nice free software.

@@ -483,49 +854,58 @@ it is an important piece of the puzzle to get ZFS working.

What is the best multimedia player in Debian?

8th May 2016

Where I set out to figure out which multimedia player in -Debian claim support for most file formats.

- -

A few years ago, I had a look at the media support for Browser -plugins in Debian, to get an idea which plugins to include in Debian -Edu. I created a script to extract the set of supported MIME types -for each plugin, and used this to find out which multimedia browser -plugin supported most file formats / media types. -The -result can still be seen on the Debian wiki, even though it have -not been updated for a while. But browser plugins are less relevant -these days, so I thought it was time to look at standalone -players.

- -

A few days ago I was tired of VLC not being listed as a viable -player when I wanted to play videos from the Norwegian National -Broadcasting Company, and decided to investigate why. The cause is a -missing MIME type in the VLC -desktop file. In the process I wrote a script to compare the set -of MIME types announced in the desktop file and the browser plugin, -only to discover that there is quite a large difference between the -two for VLC. This discovery made me dig up the script I used to -compare browser plugins, and adjust it to compare desktop files -instead, to try to figure out which multimedia player in Debian -support most file formats.

- -

The result can be seen on the Debian Wiki, as -a -table listing all MIME types supported by one of the packages included -in the table, with the package supporting most MIME types being -listed first in the table.

- -

The best multimedia player in Debian? It is totem, followed by -parole, kplayer, mpv, vlc, smplayer mplayer-gui gnome-mpv and -kmplayer. Time for the other players to update their announced MIME -support?

Sales number for the Free Culture translation, first half of 2016

5th August 2016

As my regular readers probably remember, the last year I published +a French and Norwegian translation of the classic +Free Culture book by the +founder of the Creative Commons movement, Lawrence Lessig. A bit less +known is the fact that due to the way I created the translations, +using docbook and po4a, I also recreated the English original. And +because I already had created a new the PDF edition, I published it +too. The revenue from the books are sent to the Creative Commons +Corporation. In other words, I do not earn any money from this +project, I just earn the warm fuzzy feeling that the text is available +for a wider audience and more people can learn why the Creative +Commons is needed.

+ +

Today, just for fun, I had a look at the sales number over at +Lulu.com, which take care of payment, printing and shipping. Much to +my surprise, the English edition is selling better than both the +French and Norwegian edition, despite the fact that it has been +available in English since it was first published. In total, 24 paper +books was sold for USD $19.99 between 2016-01-01 and 2016-07-31:

+ + + + + + +

Title / language	Quantity
Culture Libre / French	3
Fri kultur / Norwegian	7
Free Culture / English	14

+ +

The books are available both from Lulu.com and from large book +stores like Amazon and Barnes&Noble. Most revenue, around $10 per +book, is sent to the Creative Commons project when the book is sold +directly by Lulu.com. The other channels give less revenue. The +summary from Lulu tell me 10 books was sold via the Amazon channel, 10 +via Ingram (what is this?) and 4 directly by Lulu. And Lulu.com tells +me that the revenue sent so far this year is USD $101.42. No idea +what kind of sales numbers to expect, so I do not know if that is a +good amount of sales for a 10 year old book or not. But it make me +happy that the buyers find the book, and I hope they enjoy reading it +as much as I did.

+ +

The ebook edition is available for free from +Github.

+ +

If you would like to translate and publish the book in your native +language, I would be happy to help make it happen. Please get in +touch.

- Tags: debian, debian edu, english, multimedia, video. + Tags: docbook, english, freeculture.

@@ -533,29 +913,40 @@ support?

The Pyra - handheld computer with Debian preinstalled

4th May 2016

A friend of mine made me aware of -The Pyra, a -handheld computer which will be delivered with Debian preinstalled. I -would love to get one of those for my birthday. :)

- -

The machine is a complete ARM-based PC with micro HDMI, SATA, USB -plugs and many others connectors, and include a full keyboard and a 5" -LCD touch screen. The 6000mAh battery is claimed to provide a whole -day of battery life time, but I have not seen any independent tests -confirming this. The vendor is still collecting preorders, and the -last I heard last night was that 22 more orders were needed before -production started.

- -

As far as I know, this is the first handheld preinstalled with -Debian. Please let me know if you know of any others. Is it the -first computer being sold with Debian preinstalled?

Vitenskapen tar som vanlig feil igjen - relativt feil

1st August 2016

For mange Ã¥r siden leste jeg en klassisk tekst som gjorde sÃ¥pass +inntrykk pÃ¥ meg at jeg husker den fortsatt, flere Ã¥r senere, og bruker +argumentene fra den stadig vekk. Teksten var Â«The Relativity of +WrongÂ» som Isaac Asimov publiserte i Skeptical Inquirer i 1989. Den +gir litt perspektiv rundt formidlingen av vitenskapelige resultater. +Jeg har hatt lyst til Ã¥ kunne dele den ogsÃ¥ med folk som ikke +behersker engelsk sÃ¥ godt, som barn og noen av mine eldre slektninger, +og har savnet Ã¥ ha den tilgjengelig pÃ¥ norsk. For to uker siden tok +jeg meg sammen og kontaktet AsbjÃ¸rn Dyrendal i foreningen Skepsis om +de var interessert i Ã¥ publisere en norsk utgave pÃ¥ bloggen sin, og da +han var positiv tok jeg kontakt med Skeptical Inquirer og spurte om +det var greit for dem. I lÃ¸pet av noen dager fikk vi tilbakemelding +fra Barry Karr hos The Skeptical Inquirer som hadde sjekket og fÃ¥tt OK +fra Robyn Asimov som representerte arvingene i Asmiov-familien og gikk +igang med oversettingen.

+ +

Resultatet, Â«Relativt +feilÂ», ble publisert pÃ¥ skepsis-bloggen for noen minutter siden. +Jeg anbefaler deg pÃ¥ det varmeste Ã¥ lese denne teksten og dele den med +dine venner.

+ +

For Ã¥ hÃ¥ndtere oversettelsen og sikre at original og oversettelse +var i sync brukte vi git, po4a, GNU make og Transifex. Det hele +fungerte utmerket og gjorde det enkelt Ã¥ dele tekstene og jobbe sammen +om finpuss pÃ¥ formuleringene. Hadde hosted.weblate.org latt meg +opprette nye prosjekter selv i stedet for Ã¥ mÃ¥tte kontakte +administratoren der, sÃ¥ hadde jeg brukt weblate i stedet.

- Tags: debian, english. + Tags: norsk, skepsis.

@@ -585,6 +976,16 @@ first computer being sold with Debian preinstalled?

+ +

+ +

+ +

+ +