X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/7741607ecee91d447bbddf0076e531ec3f52f2eb..b8cfdc4c79eda32eae7d84374df6c3660e65f93a:/blog/index.rss diff --git a/blog/index.rss b/blog/index.rss index 6b63d95f46..60979bb258 100644 --- a/blog/index.rss +++ b/blog/index.rss @@ -6,6 +6,199 @@ http://people.skolelinux.org/pere/blog/ + + Testing sysvinit from experimental in Debian Hurd + http://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html + http://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html + Mon, 3 Feb 2014 13:40:00 +0100 + <p>A few days ago I decided to try to help the Hurd people to get +their changes into sysvinit, to allow them to use the normal sysvinit +boot system instead of their old one. This follow up on the +<a href="https://teythoon.cryptobitch.de//categories/gsoc.html">great +Google Summer of Code work</a> done last summer by Justus Winter to +get Debian on Hurd working more like Debian on Linux. To get started, +I downloaded a prebuilt hard disk image from +<a href="http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz">http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz</a>, +and started it using virt-manager.</p> + +<p>The first think I had to do after logging in (root without any +password) was to get the network operational. I followed +<a href="https://www.debian.org/ports/hurd/hurd-install">the +instructions on the Debian GNU/Hurd ports page</a> and ran these +commands as root to get the machine to accept a IP address from the +kvm internal DHCP server:</p> + +<p><blockquote><pre> +settrans -fgap /dev/netdde /hurd/netdde +pkill pfinet +pkill devnode +dhclient -v /dev/eth0 +</pre></blockquote></p> + +<p>After this, the machine had internet connectivity, and I could +upgrade it and install the sysvinit packages from experimental and +enable it as the default boot system in Hurd.</p> + +<p>But before I did that, I set a password on the root user, as ssh is +running on the machine it for ssh login to work a password need to be +set. Also, note that a bug somewhere in openssh on Hurd block +compression from working. Remember to turn that off on the client +side.</p> + +<p>Run these commands as root to upgrade and test the new sysvinit +stuff:</p> + +<p><blockquote><pre> +cat > /etc/apt/sources.list.d/experimental.list &lt;&lt;EOF +deb http://http.debian.net/debian/ experimental main +EOF +apt-get update +apt-get dist-upgrade +apt-get install -t experimental initscripts sysv-rc sysvinit \ + sysvinit-core sysvinit-utils +update-alternatives --config runsystem +</pre></blockquote></p> + +<p>To reboot after switching boot system, you have to use +<tt>reboot-hurd</tt> instead of just <tt>reboot</tt>, as there is not +yet a sysvinit process able to receive the signals from the normal +'reboot' command. After switching to sysvinit as the boot system, +upgrading every package and rebooting, the network come up with DHCP +after boot as it should, and the settrans/pkill hack mentioned at the +start is no longer needed. But for some strange reason, there are no +longer any login prompt in the virtual console, so I logged in using +ssh instead. + +<p>Note that there are some race conditions in Hurd making the boot +fail some times. No idea what the cause is, but hope the Hurd porters +figure it out. At least Justus said on IRC (#debian-hurd on +irc.debian.org) that they are aware of the problem. A way to reduce +the impact is to upgrade to the Hurd packages built by Justus by +adding this repository to the machine:</p> + +<p><blockquote><pre> +cat > /etc/apt/sources.list.d/hurd-ci.list &lt;&lt;EOF +deb http://darnassus.sceen.net/~teythoon/hurd-ci/ sid main +EOF +</pre></blockquote></p> + +<p>At the moment the prebuilt virtual machine get some packages from +http://ftp.debian-ports.org/debian, because some of the packages in +unstable do not yet include the required patches that are lingering in +BTS. This is the completely list of "unofficial" packages installed:</p> + +<p><blockquote><pre> +# aptitude search '?narrow(?version(CURRENT),?origin(Debian Ports))' +i emacs - GNU Emacs editor (metapackage) +i gdb - GNU Debugger +i hurd-recommended - Miscellaneous translators +i isc-dhcp-client - ISC DHCP client +i isc-dhcp-common - common files used by all the isc-dhcp* packages +i libc-bin - Embedded GNU C Library: Binaries +i libc-dev-bin - Embedded GNU C Library: Development binaries +i libc0.3 - Embedded GNU C Library: Shared libraries +i A libc0.3-dbg - Embedded GNU C Library: detached debugging symbols +i libc0.3-dev - Embedded GNU C Library: Development Libraries and Hea +i multiarch-support - Transitional package to ensure multiarch compatibilit +i A x11-common - X Window System (X.Org) infrastructure +i xorg - X.Org X Window System +i A xserver-xorg - X.Org X server +i A xserver-xorg-input-all - X.Org X server -- input driver metapackage +# +</pre></blockquote></p> + +<p>All in all, testing hurd has been an interesting experience. :) +X.org did not work out of the box and I never took the time to follow +the porters instructions to fix it. This time I was interested in the +command line stuff.<p> + + + + + A fist full of non-anonymous Bitcoins + http://people.skolelinux.org/pere/blog/A_fist_full_of_non_anonymous_Bitcoins.html + http://people.skolelinux.org/pere/blog/A_fist_full_of_non_anonymous_Bitcoins.html + Wed, 29 Jan 2014 14:10:00 +0100 + <p>Bitcoin is a incredible use of peer to peer communication and +encryption, allowing direct and immediate money transfer without any +central control. It is sometimes claimed to be ideal for illegal +activity, which I believe is quite a long way from the truth. At least +I would not conduct illegal money transfers using a system where the +details of every transaction are kept forever. This point is +investigated in +<a href="https://www.usenix.org/publications/login">USENIX ;login:</a> +from December 2013, in the article +"<a href="https://www.usenix.org/system/files/login/articles/03_meiklejohn-online.pdf">A +Fistful of Bitcoins - Characterizing Payments Among Men with No +Names</a>" by Sarah Meiklejohn, Marjori Pomarole,Grant Jordan, Kirill +Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. They +analyse the transaction log in the Bitcoin system, using it to find +addresses belong to individuals and organisations and follow the flow +of money from both Bitcoin theft and trades on Silk Road to where the +money end up. This is how they wrap up their article:</p> + +<p><blockquote> +<p>"To demonstrate the usefulness of this type of analysis, we turned +our attention to criminal activity. In the Bitcoin economy, criminal +activity can appear in a number of forms, such as dealing drugs on +Silk Road or simply stealing someone else’s bitcoins. We followed the +flow of bitcoins out of Silk Road (in particular, from one notorious +address) and from a number of highly publicized thefts to see whether +we could track the bitcoins to known services. Although some of the +thieves attempted to use sophisticated mixing techniques (or possibly +mix services) to obscure the flow of bitcoins, for the most part +tracking the bitcoins was quite straightforward, and we ultimately saw +large quantities of bitcoins flow to a variety of exchanges directly +from the point of theft (or the withdrawal from Silk Road).</p> + +<p>As acknowledged above, following stolen bitcoins to the point at +which they are deposited into an exchange does not in itself identify +the thief; however, it does enable further de-anonymization in the +case in which certain agencies can determine (through, for example, +subpoena power) the real-world owner of the account into which the +stolen bitcoins were deposited. Because such exchanges seem to serve +as chokepoints into and out of the Bitcoin economy (i.e., there are +few alternative ways to cash out), we conclude that using Bitcoin for +money laundering or other illicit purposes does not (at least at +present) seem to be particularly attractive."</p> +</blockquote><p> + +<p>These researches are not the first to analyse the Bitcoin +transaction log. The 2011 paper +"<a href="http://arxiv.org/abs/1107.4524">An Analysis of Anonymity in +the Bitcoin System</A>" by Fergal Reid and Martin Harrigan is +summarized like this:</p> + +<p><blockquote> +"Anonymity in Bitcoin, a peer-to-peer electronic currency system, is a +complicated issue. Within the system, users are identified by +public-keys only. An attacker wishing to de-anonymize its users will +attempt to construct the one-to-many mapping between users and +public-keys and associate information external to the system with the +users. Bitcoin tries to prevent this attack by storing the mapping of +a user to his or her public-keys on that user's node only and by +allowing each user to generate as many public-keys as required. In +this chapter we consider the topological structure of two networks +derived from Bitcoin's public transaction history. We show that the +two networks have a non-trivial topological structure, provide +complementary views of the Bitcoin system and have implications for +anonymity. We combine these structures with external information and +techniques such as context discovery and flow analysis to investigate +an alleged theft of Bitcoins, which, at the time of the theft, had a +market value of approximately half a million U.S. dollars." +</blockquote></p> + +<p>I hope these references can help kill the urban myth that Bitcoin +is anonymous. It isn't really a good fit for illegal activites. Use +cash if you need to stay anonymous, at least until regular DNA +sampling of notes and coins become the norm. :)</p> + +<p>As usual, if you use Bitcoin and want to show your support of my +activities, please send Bitcoin donations to my address +<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b&label=PetterReinholdtsenBlog">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p> + + + New chrpath release 0.16 http://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html @@ -646,77 +839,5 @@ Scraperwiki for de som vil grave dypere.</p> - - All drones should be radio marked with what they do and who they belong to - http://people.skolelinux.org/pere/blog/All_drones_should_be_radio_marked_with_what_they_do_and_who_they_belong_to.html - http://people.skolelinux.org/pere/blog/All_drones_should_be_radio_marked_with_what_they_do_and_who_they_belong_to.html - Thu, 21 Nov 2013 15:40:00 +0100 - <p>Drones, flying robots, are getting more and more popular. The most -know ones are the killer drones used by some government to murder -people they do not like without giving them the chance of a fair -trial, but the technology have many good uses too, from mapping and -forest maintenance to photography and search and rescue. I am sure it -is just a question of time before "bad drones" are in the hands of -private enterprises and not only state criminals but petty criminals -too. The drone technology is very useful and very dangerous. To have -some control over the use of drones, I agree with Daniel Suarez in his -TED talk -"<a href="https://archive.org/details/DanielSuarez_2013G">The kill -decision shouldn't belong to a robot</a>", where he suggested this -little gem to keep the good while limiting the bad use of drones:</p> - -<blockquote> - -<p>Each robot and drone should have a cryptographically signed -I.D. burned in at the factory that can be used to track its movement -through public spaces. We have license plates on cars, tail numbers on -aircraft. This is no different. And every citizen should be able to -download an app that shows the population of drones and autonomous -vehicles moving through public spaces around them, both right now and -historically. And civic leaders should deploy sensors and civic drones -to detect rogue drones, and instead of sending killer drones of their -own up to shoot them down, they should notify humans to their -presence. And in certain very high-security areas, perhaps civic -drones would snare them and drag them off to a bomb disposal facility.</p> - -<p>But notice, this is more an immune system than a weapons system. It -would allow us to avail ourselves of the use of autonomous vehicles -and drones while still preserving our open, civil society.</p> - -</blockquote> - -<p>The key is that <em>every citizen</em> should be able to read the -radio beacons sent from the drones in the area, to be able to check -both the government and others use of drones. For such control to be -effective, everyone must be able to do it. What should such beacon -contain? At least formal owner, purpose, contact information and GPS -location. Probably also the origin and target position of the current -flight. And perhaps some registration number to be able to look up -the drone in a central database tracking their movement. Robots -should not have privacy. It is people who need privacy.</p> - - - - - Lets make a wireless community network in Oslo! - http://people.skolelinux.org/pere/blog/Lets_make_a_wireless_community_network_in_Oslo_.html - http://people.skolelinux.org/pere/blog/Lets_make_a_wireless_community_network_in_Oslo_.html - Wed, 13 Nov 2013 21:00:00 +0100 - <p>Today NUUG and Hackeriet announced -<a href="http://www.nuug.no/news/Bli_med___bygge_dugnadsnett_for_alle_i_Oslo.shtml">our -plans to join forces and create a wireless community network in -Oslo</a>. The workshop to help people get started will take place -Thursday 2013-11-28, but we already are collecting the geolocation of -people joining forces to make this happen. We have -<a href="https://github.com/petterreinholdtsen/meshfx-node/blob/master/oslo-nodes.geojson">9 -locations plotted on the map</a>, but we will need more before we have -a connected mesh spread across Oslo. If this sound interesting to -you, please join us at the workshop. If you are too impatient to wait -15 days, please join us on the IRC channel -<a href="irc://irc.freenode.net/%23nuug">#nuug on irc.freenode.net</a> -right away. :)</p> - - -