X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/b386543f6fb4f168c1c755b23d1be3458df7b25e..b2c75b135ddd9dc450e82036ebf37807edef2b67:/blog/index.html diff --git a/blog/index.html b/blog/index.html index c651a763bf..641430e9d4 100644 --- a/blog/index.html +++ b/blog/index.html @@ -20,56 +20,88 @@
-
New book, "Fri kultur" by @lessig, a Norwegian Bokmål translation of "Free Culture" from 2004
-
31st October 2015
-

People keep asking me where to get the various forms of the book I -published last week, the Norwegian Bokmål edition of Lawrence Lessigs -book Free Culture. It was published on paper via lulu.com, and is -also available in PDF, ePub and MOBI format. I currently sell the -paper edition for self cost from lulu.com, but might extend the -distribution to book stores like Amazon and Barnes & Noble later. -This will double the price and force me to make a profit from selling -the book. Anyway, here are links to get the book in different -formats:

- - - -

Note that the MOBI version have problems with the table of content, -at least with the viewers I have been able to test. And the ePub file -have several problems according to -epubcheck, but seem -to display fine in the viewers I have tested. All the files needed to -create the book in various forms are available from -the -github project page.

- -

The project got press coverage from the Norwegian IT news site -digi.no. Check out the article -"Vil -åpne politikernes øyne for Creative Commons". - -

I've blogged -about the project as it moved along. The blogs document the translation -progress and insights I had along the way.

+
Creating, updating and checking debian/copyright semi-automatically
+
19th February 2016
+

Making packages for Debian requires quite a lot of attention to +details. And one of the details is the content of the +debian/copyright file, which should list all relevant licenses used by +the code in the package in question, preferably in +machine +readable DEP5 format.

+ +

For large packages with lots of contributors it is hard to write +and update this file manually, and if you get some detail wrong, the +package is normally rejected by the ftpmasters. So getting it right +the first time around get the package into Debian faster, and save +both you and the ftpmasters some work.. Today, while trying to figure +out what was wrong with +the +zfsonlinux copyright file, I decided to spend some time on +figuring out the options for doing this job automatically, or at least +semi-automatically.

+ +

Lucikly, there are at least two tools available for generating the +file based on the code in the source package, +debmake +and cme. I'm +not sure which one of them came first, but both seem to be able to +create a sensible draft file. As far as I can tell, none of them can +be trusted to get the result just right, so the content need to be +polished a bit before the file is OK to upload. I found the debmake +option in +a +blog posts from 2014. + +

To generate using debmake, use the -cc option: + +

+debmake -cc > debian/copyright
+

+ +

Note there are some problems with python and non-ASCII names, so +this might not be the best option.

+ +

The cme option is based on a config parsing library, and I found +this approach in +a +blog post from 2015. To generate using cme, use the 'update +dpkg-copyright' option: + +

+cme update dpkg-copyright -quiet
+

+ +

This will create or update debian/copyright. The cme tool seem to +handle UTF-8 names better than debmake.

+ +

When the copyright file is created, I would also like some help to +check if the file is correct. For this I found two good options, +debmake -k and license-reconcile. The former seem +to focus on license types and file matching, and is able to detect +ineffective blocks in the copyright file. The latter reports missing +copyright holders and years, but was confused by inconsistent license +names (like CDDL vs. CDDL-1.0). I suspect it is good to use both and +fix all issues reported by them before uploading. But I do not know +if the tools and the ftpmasters agree on what is important to fix in a +copyright file, so the package might still be rejected.

+ +

The devscripts tool licensecheck deserve mentioning. It +will read through the source and try to find all copyright statements. +It is not comparing the result to the content of debian/copyright, but +can be useful when verifying the content of the copyright file.

+ +

Are you aware of better tools in Debian to create and update +debian/copyright file. Please let me know, or blog about it on +planet.debian.org.

+ +

As usual, if you use Bitcoin and want to show your support of my +activities, please send Bitcoin donations to my address +15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

- Tags: english, freeculture. + Tags: debian, english.
@@ -77,90 +109,81 @@ progress and insights I had along the way.

-
Gavebok overlevert Stortinget i dag
-
29th October 2015
-

Like før kl. 11 i dag leverte jeg fem esker med gaveinnpakkede -bøker til Stortinget, for utdeling til alle stortingsrepresentanter. -Det ble etterfulgt av følgende pressemelding. Stor takk til NUUG for -lån av epostliste for å sende ut pressemeldingen.

- -
- -

Er opphavsretten for streng, spør ny bok

- -

I dag kommer boken «Fri -kultur» av Lawrence Lessig ut på norsk. Boken handler om -utviklingen og utvidelsene opphavsretten har hatt de siste 40 årene. -Boken er i dag gitt i gave til alle stortingsrepresentantene. -Oversetter og utgiver Petter Reinholdtsen håper Stortinget vil tenke -seg om to ganger neste gang det er snakk om utvidelse av -opphavsretten.

- -

Boken forteller om hvordan store medieaktører ved hjelp av -opphavsretten bruker teknologi til å begrense kulturen og kontrollere -kreativiteten. Den er skrevet av stifteren av -Creative Commons, professor -Lawrence Lessig, som for tiden er med i kampen om å bli Demokratenes -presidentkandidat i USA sitt -presidentvalg i 2016. Lessig ble sist omtalt i norske medier da -NRK i høst viste dokumentaren «Kampen for et demokratisk internett» -som også er -tilgjengelig -fra The Internet Archive.

- -

Boken beskriver hvordan opphavsrettens makt i USA har blitt -betydelig utvidet etter 1974 langs fem kritiske akser: varighet (fra -32 til 95 år), omfang (fra utgivere til alle), rekkevidde (gjelder nå -enhver fremvisning via datamaskin), kontroll (avledede verk er -definert så bredt at i praksis alle nye åndsverk risikerer søksmål fra -en opphavsrettsinnehaver) og til sist maktkonsentrasjon og integrering -av mediebransjen. Den dokumenterer også hvordan medieindustrien har -lyktes med å bruke rettsvesenet til å begrense konkurranse, og i -praksis har skaffet seg vetorett over teknologiske nyvinninger. -Nedlasting av fritt, lovlig og i utgangspunktet gratis materiale -stoppes med tekniske sperrer og lobbyert lovvern av sperrene.

- -

Utvidelsene illustreres i boken med ulike eksempler. For eksempel -en demonstrasjon av at Walt Disney ville ha blitt ansett som en -opphavsrettspirat dersom han gjorde i dag det han gjorde på -1930-tallet. Boken beskriver hvordan vern av åndsverk er bra, men at -mer vern ikke nødvendigvis er bedre. - -

Petter Reinholdtsen, som sammen med flere frivillige har oversatt -boken på fritiden de siste 3 årene, håper at boken vil gjøre en -forskjell. «Når en vet hvordan opphavsrettens varighet i Norge, uten -opposisjon på Stortinget, ble utvidet nok en gang i mai i fjor, og -hvordan Norges handelspartner USA gjennom de nye handelsavtalene -Trans-Pacific Partnership og Transatlantic Trade and Investment -Partnership -ønsker -å utvide opphavsrettens makt også i andre land, håper jeg at flere -vil spørre: Er det virkelig fornuftig å gjøre de samme utvidelsene i -Norge?», spør han. «Jeg håper boken kan bidra til kunnskap og -forståelse, og kan gi Stortinget et bedre grunnlag til å ta riktige -beslutninger som ivaretar befolkningens og samfunnets interesser i -Norge.»

- -

Petter Reinholdtsen er en mangeårig fri programvareutvikler som har -vært med på å lage systemer som operativsystemet Debian, IT-løsningen -Skolelinux, borgerportalen FiksGataMi og innsynstjenesten Mimes brønn. -Han forteller han selv har opplevd problemene utvidet varighet, -omfang, rekkevidde og kontroll i opphavsretten medfører og at boken -var en oppvekker. «Jeg håper andre finner boken like interessant som -jeg gjorde. Boken kan -lastes -gratis ned fra github eller -kjøpes -på papir fra lulu.com,» avslutter Reinholdtsen.

- -
- -

Så får vi se om det har noen positiv effekt. :)

+
Using appstream in Debian to locate packages with firmware and mime type support
+
4th February 2016
+

The appstream system +is taking shape in Debian, and one provided feature is a very +convenient way to tell you which package to install to make a given +firmware file available when the kernel is looking for it. This can +be done using apt-file too, but that is for someone else to blog +about. :)

+ +

Here is a small recipe to find the package with a given firmware +file, in this example I am looking for ctfw-3.2.3.0.bin, randomly +picked from the set of firmware announced using appstream in Debian +unstable. In general you would be looking for the firmware requested +by the kernel during kernel module loading. To find the package +providing the example file, do like this:

+ +
+% apt install appstream
+[...]
+% apt update
+[...]
+% appstreamcli what-provides firmware:runtime ctfw-3.2.3.0.bin | \
+  awk '/Package:/ {print $2}'
+firmware-qlogic
+%
+
+ +

See the +appstream wiki page to learn how to embed the package metadata in +a way appstream can use.

+ +

This same approach can be used to find any package supporting a +given MIME type. This is very useful when you get a file you do not +know how to handle. First find the mime type using file +--mime-type, and next look up the package providing support for +it. Lets say you got an SVG file. Its MIME type is image/svg+xml, +and you can find all packages handling this type like this:

+ +
+% apt install appstream
+[...]
+% apt update
+[...]
+% appstreamcli what-provides mimetype image/svg+xml | \
+  awk '/Package:/ {print $2}'
+bkchem
+phototonic
+inkscape
+shutter
+tetzle
+geeqie
+xia
+pinta
+gthumb
+karbon
+comix
+mirage
+viewnior
+postr
+ristretto
+kolourpaint4
+eog
+eom
+gimagereader
+midori
+%
+
+ +

I believe the MIME types are fetched from the desktop file for +packages providing appstream metadata.

- Tags: freeculture, norsk. + Tags: debian, english.
@@ -168,65 +191,91 @@ på papir fra lulu.com,» avslutter Reinholdtsen.

-
"Fri kultur" av @lessig - norsk utgave av "Free Culture" tilgjengelig på papir, PDF og ePub
-
28th October 2015
-

Klikk her for å kjøpe boken.

- -

I 2004, mens Creative -Commons-bevegelsen vokste frem, skrev bevegelsens stifter Lawrence -Lessig boken -Free -Culture for å forklare problemene med økene åndsverksregulering og -for å foreslå noen løsninger. Jeg leste boken den gangen, og den både -inspirerte meg og endret på hvordan jeg så på opphavsrettslovigving. -Jeg skulle ønske flere folk leste denne boken. Den gir en god -gjennomgang av hvordan økende åndsverksregulering skader både -nyskapning og kulturlivet, og skisserer hvordan både lovgivere og oss -vanlige borgere kan bidra for å få slutt på dette.

- -

Derfor bestemte jeg meg sommeren 2012 for å oversette den til norsk -bokmål og gjøre den tilgjengelig for de blant mine venner og familie -som foretrekker å lese bøker på norsk. Jeg oversatte boken ved hjelp -av docbook og en gettext PO-fil, og endte opp med to utgaver, en på -norsk og en på engelsk. Den engelske publiserte jeg i forrige uke, og -den norske utgaven på papir -er -nå klar for salg. Jeg fikk heldigvis hjelp med oversetting og -korrekturlesing av den norske utgaven fra en rekke frivillige. Se -side 245 for en komplett liste. Slik ser omslaget ut: - -

- -

I tillegg til den norske og engelske utgaven holder vi på med en -fransk utgave. Den koordineres av dblatex-utvikleren Benoît Guillon, -og oversettelsen var komplett denne uka men må korrekturleses før den -kan gis ut. Flere frivillige trengs her, så ta kontakt med Benoît -hvis du vil bidra.

- -

Boken er også tilgjengelig i PDF, ePub og MOBI-format fra -min -github-prosjektside. Merk at ePub og MOBI-utgavene har noen -formatteringsproblemer som jeg tror kommer av feil i docbook-verktøyet -dbtoepub (Debian BTS-rapporter -#795842 -og -#796871), -men jeg har ikke tatt meg tid til å undersøke problemene. For de som -vil ha elektronisk kopi anbefaler jeg å bruke PDF- og ePub-utgaven i -denne omgang, da de ser ut til å hånderes bra av de fremviserne jeg -har tilgjengelig.

- -

Etter at oversettelsen til bokmål var ferdig klarte jeg å overtale -NUUG Foundation til å -sponse trykking av boken. Det er årsaken til at stiftelsens logo er -på baksiden av omslaget. Jeg er svært takknemlig for dette, og bruker -bidraget til å gi en kopi av den norske utgaven til alle -Stortingsrepresentanter og andre beslutningstakere her i Norge.

+
Creepy, visualise geotagged social media information - nice free software
+
24th January 2016
+

Most people seem not to realise that every time they walk around +with the computerised radio beacon known as a mobile phone their +position is tracked by the phone company and often stored for a long +time (like every time a SMS is received or sent). And if their +computerised radio beacon is capable of running programs (often called +mobile apps) downloaded from the Internet, these programs are often +also capable of tracking their location (if the app requested access +during installation). And when these programs send out information to +central collection points, the location is often included, unless +extra care is taken to not send the location. The provided +information is used by several entities, for good and bad (what is +good and bad, depend on your point of view). What is certain, is that +the private sphere and the right to free movement is challenged and +perhaps even eradicated for those announcing their location this way, +when they share their whereabouts with private and public +entities.

+ +

+ +

The phone company logs provide a register of locations to check out +when one want to figure out what the tracked person was doing. It is +unavailable for most of us, but provided to selected government +officials, company staff, those illegally buying information from +unfaithful servants and crackers stealing the information. But the +public information can be collected and analysed, and a free software +tool to do so is called +Creepy or Cree.py. I +discovered it when I read +an +article about Creepy in the Norwegian newspaper Aftenposten i +November 2014, and decided to check if it was available in Debian. +The python program was in Debian, but +the version in +Debian was completely broken and practically unmaintained. I +uploaded a new version which did not work quite right, but did not +have time to fix it then. This Christmas I decided to finally try to +get Creepy operational in Debian. Now a fixed version is available in +Debian unstable and testing, and almost all Debian specific patches +are now included +upstream.

+ +

The Creepy program visualises geolocation information fetched from +Twitter, Instagram, Flickr and Google+, and allow one to get a +complete picture of every social media message posted recently in a +given area, or track the movement of a given individual across all +these services. Earlier it was possible to use the search API of at +least some of these services without identifying oneself, but these +days it is impossible. This mean that to use Creepy, you need to +configure it to log in as yourself on these services, and provide +information to them about your search interests. This should be taken +into account when using Creepy, as it will also share information +about yourself with the services.

+ +

The picture above show the twitter messages sent from (or at least +geotagged with a position from) the city centre of Oslo, the capital +of Norway. One useful way to use Creepy is to first look at +information tagged with an area of interest, and next look at all the +information provided by one or more individuals who was in the area. +I tested it by checking out which celebrity provide their location in +twitter messages by checkout out who sent twitter messages near a +Norwegian TV station, and next could track their position over time, +making it possible to locate their home and work place, among other +things. A similar technique have been +used +to locate Russian soldiers in Ukraine, and it is both a powerful +tool to discover lying governments, and a useful tool to help people +understand the value of the private information they provide to the +public.

+ +

The package is not trivial to backport to Debian Stable/Jessie, as +it depend on several python modules currently missing in Jessie (at +least python-instagram, python-flickrapi and +python-requests-toolbelt).

+ +

(I have uploaded +the image to +screenshots.debian.net and licensed it under the same terms as the +Creepy program in Debian.)

- Tags: docbook, freeculture, norsk. + Tags: debian, english, nice free software.
@@ -234,65 +283,72 @@ Stortingsrepresentanter og andre beslutningstakere her i Norge.

-
"Free Culture" by @lessig - The background story for Creative Commons - new edition available
-
23rd October 2015
-

Click -here to buy the book.

- -

In 2004, as the Creative Commons -movement gained momentum, its creator Lawrence Lessig wrote the -book Free -Culture to explain the problems with increasing copyright -regulation and suggest some solutions. I read the book back then and -was very moved by it. Reading the book inspired me and changed the -way I looked on copyright law, and I would love it if more people -would read it too.

- -

Because of this, I decided in the summer of 2012 to translate it to -Norwegian Bokmål and publish it for those of my friends and family -that prefer to read books in Norwegian. I translated the book using -docbook and a gettext PO file, and a byproduct of this process is a -new edition of the English original. I've been in touch with the -author during by work, and he said it was fine with him if I also -published an English version. So I decided to do so. Today, I made -this edition -available -for sale on Lulu.com, for those interested in a paper book. This -is the cover: - -

- -

The Norwegian Bokmål version will be available for purchase in a -few days. I also plan to publish a French version in a few weeks or -months, depending on the amount of people with knowledge of French to -join the translation project. So far there is only one active -person, but the French book is almost completely translated but -need some proof reading.

- -

The book is also available in PDF, ePub and MOBI formats from -my -github project page. Note the ePub and MOBI versions have some -formatting problems I believe is due to bugs in the docbook tool -dbtoepub (Debian BTS issues -#795842 -and -#796871), -but I have not taken the time to investigate. I recommend the PDF and -ePub version for now, as they seem to show up fine in the viewers I -have available.

- -

After the translation to Norwegian Bokmål was complete, I was able -to secure some sponsoring from -the NUUG Foundation to -print the book. This is the reason their logo is located on the back -cover. I am very grateful for their contribution, and will use it to -give a copy of the Norwegian edition to members of the Norwegian -Parliament and other decision makers here in Norway.

+
Always download Debian packages using Tor - the simple recipe
+
15th January 2016
+

During his DebConf15 keynote, Jacob Appelbaum +observed +that those listening on the Internet lines would have good reason to +believe a computer have a given security hole if it download a +security fix from a Debian mirror. This is a good reason to always +use encrypted connections to the Debian mirror, to make sure those +listening do not know which IP address to attack. In August, Richard +Hartmann observed that encryption was not enough, when it was possible +to interfere download size to security patches or the fact that +download took place shortly after a security fix was released, and +proposed +to always use Tor to download packages from the Debian mirror. He +was not the first to propose this, as the +apt-transport-tor +package by Tim Retout already existed to make it easy to convince apt +to use Tor, but I was not +aware of that package when I read the blog post from Richard.

+ +

Richard discussed the idea with Peter Palfrader, one of the Debian +sysadmins, and he set up a Tor hidden service on one of the central +Debian mirrors using the address vwakviie2ienjx6t.onion, thus making +it possible to download packages directly between two tor nodes, +making sure the network traffic always were encrypted.

+ +

Here is a short recipe for enabling this on your machine, by +installing apt-transport-tor and replacing http and https +urls with tor+http and tor+https, and using the hidden service instead +of the official Debian mirror site. I recommend installing +etckeeper before you start to have a history of the changes +done in /etc/.

+ +
+apt install apt-transport-tor
+sed -i 's% http://ftp.debian.org/%tor+http://vwakviie2ienjx6t.onion/%' /etc/apt/sources.list
+sed -i 's% http% tor+http%' /etc/apt/sources.list
+
+ +

If you have more sources listed in /etc/apt/sources.list.d/, run +the sed commands for these too. The sed command is assuming your are +using the ftp.debian.org Debian mirror. Adjust the command (or just +edit the file manually) to match your mirror.

+ +

This work in Debian Jessie and later. Note that tools like +apt-file only recently started using the apt transport +system, and do not work with these tor+http URLs. For +apt-file you need the version currently in experimental, +which need a recent apt version currently only in unstable. So if you +need a working apt-file, this is not for you.

+ +

Another advantage from this change is that your machine will start +using Tor regularly and at fairly random intervals (every time you +update the package lists or upgrade or install a new package), thus +masking other Tor traffic done from the same machine. Using Tor will +become normal for the machine in question.

+ +

On Freedombox, APT +is set up by default to use apt-transport-tor when Tor is +enabled. It would be great if it was the default on any Debian +system.

- Tags: docbook, english, freeculture. + Tags: debian, english, sikkerhet.
@@ -300,35 +356,37 @@ Parliament and other decision makers here in Norway.

-
EU-domstolen konkluderer motsatt av Skatteetaten når det gjelder Bitcoin
-
22nd October 2015
-

Bitcoin er i litt vinden i Norge for tiden, med -kronikk -om bitcoin-overføringer på tvers av landegrensene hos NRK Ytring -for to dager siden og -dokumentar -om bitcoin på NRK 2 i forgårs og i går. I den sammenhengen er det -spesielt hyggelig med en gladnyhet fra EU om Bitcoin.

- -

I dag konkluderte EU-domstolen at -Bitcoin-kjøp -fra Bitcoin-børser ikke er MVA-pliktig (sak C‑264/14). Fant -nyheten -først hos Reuters, etter tips fra innehaveren av -Bitmynt. EU-domstolens avgjørelse -er stikk i strid med -annonseringen -fra Skatteetaten i 2013, der de konkluderte med at bitcoin er et -«formuesobjekter» som det skulle betales mva på ved kjøp og salg. -Dermed la Skatteetaten opp til dobbel MVA-betaling hvis en kjøpte noe -med Bitcoin fra Norge (først mva på kjøp av Bitcoin, deretter mva på -det en kjøper med Bitcoin). Jeg lurer på om denne avgjørelsen får -Skatteetaten til å bytte mening. Gleder meg til fortsettelsen.

+
Nedlasting fra NRK, som Matroska med undertekster
+
2nd January 2016
+

Det kommer stadig nye løsninger for å ta lagre unna innslag fra NRK +for å se på det senere. For en stund tilbake kom jeg over et script +nrkopptak laget av Ingvar Hagelund. Han fjernet riktignok sitt script +etter forespørsel fra Erik Bolstad i NRK, men noen tok heldigvis og +gjorde det tilgjengelig +via github.

+ +

Scriptet kan lagre som MPEG4 eller Matroska, og bake inn +undertekster i fila på et vis som blant annet VLC forstår. For å +bruke scriptet, kopier ned git-arkivet og kjør

+ +

+nrkopptak/bin/nrk-opptak k https://tv.nrk.no/serie/bmi-turne/MUHH45000115/sesong-1/episode-1
+

+ +

URL-eksemplet er dagens toppsak på tv.nrk.no. Argument 'k' ber +scriptet laste ned og lagre som Matroska. Det finnes en rekke andre +muligheter for valg av kvalitet og format.

+ +

Jeg foretrekker dette scriptet fremfor youtube-dl, som + +nevnt i 2014 støtter NRK og en rekke andre videokilder, på grunn +av at nrkopptak samler undertekster og video i en enkelt fil, hvilket +gjør håndtering enklere på disk.

- Tags: bitcoin, norsk. + Tags: multimedia, norsk, video, web.
@@ -336,34 +394,58 @@ Skatteetaten til å bytte mening. Gleder meg til fortsettelsen.

-
Lawrence Lessig interviewed Edward Snowden a year ago
-
19th October 2015
-

Last year, US president candidate -in the Democratic Party Lawrence interviewed Edward Snowden. The -one hour interview was -published by -Harvard Law School 2014-10-23 on Youtube, and the meeting took -place 2014-10-20.

- -

The questions are very good, and there is lots of useful -information to be learned and very interesting issues to think about -being raised. Please check it out.

- - - -

I find it especially interesting to hear again that Snowden did try -to bring up his reservations through the official channels without any -luck. It is in sharp contrast to the answers made 2013-11-06 by the -Norwegian prime minister Erna Solberg to the Norwegian Parliament, -claiming -Snowden is no Whistle-Blower because he should have taken up his -concerns internally and using official channels. It make me sad -that this is the political leadership we have here in Norway.

+
OpenALPR, find car license plates in video streams - nice free software
+
23rd December 2015
+

When I was a kid, we used to collect "car numbers", as we used to +call the car license plate numbers in those days. I would write the +numbers down in my little book and compare notes with the other kids +to see how many region codes we had seen and if we had seen some +exotic or special region codes and numbers. It was a fun game to pass +time, as we kids have plenty of it.

+ +

A few days I came across +the OpenALPR +project, a free software project to automatically discover and +report license plates in images and video streams, and provide the +"car numbers" in a machine readable format. I've been looking for +such system for a while now, because I believe it is a bad idea that the +automatic +number plate recognition tool only is available in the hands of +the powerful, and want it to be available also for the powerless to +even the score when it comes to surveillance and sousveillance. I +discovered the developer +wanted to get the tool into +Debian, and as I too wanted it to be in Debian, I volunteered to +help him get it into shape to get the package uploaded into the Debian +archive.

+ +

Today we finally managed to get the package into shape and uploaded +it into Debian, where it currently +waits +in the NEW queue for review by the Debian ftpmasters.

+ +

I guess you are wondering why on earth such tool would be useful +for the common folks, ie those not running a large government +surveillance system? Well, I plan to put it in a computer on my bike +and in my car, tracking the cars nearby and allowing me to be notified +when number plates on my watch list are discovered. Another use case +was suggested by a friend of mine, who wanted to set it up at his home +to open the car port automatically when it discovered the plate on his +car. When I mentioned it perhaps was a bit foolhardy to allow anyone +capable of placing his license plate number of a piece of cardboard to +open his car port, men replied that it was always unlocked anyway. I +guess for such use case it make sense. I am sure there are other use +cases too, for those with imagination and a vision.

+ +

If you want to build your own version of the Debian package, check +out the upstream git source and symlink ./distros/debian to ./debian/ +before running "debuild" to build the source. Or wait a bit until the +package show up in unstable.

- Tags: english, personvern, sikkerhet, surveillance. + Tags: debian, english, nice free software.
@@ -371,30 +453,114 @@ that this is the political leadership we have here in Norway.

-
The Story of Aaron Swartz - Let us all weep!
-
8th October 2015
-

The movie "The -Internet's Own Boy: The Story of Aaron Swartz" is both inspiring -and depressing at the same time. The work of Aaron Swartz has -inspired me in my work, and I am grateful of all the improvements he -was able to initiate or complete. I wish I am able to do as much good -in my life as he did in his. Every minute of this 1:45 long movie is -inspiring in documenting how much impact a single person can have on -improving the society and this world. And it is depressing in -documenting how the law enforcement of USA (and other countries) is -corrupted to a point where they can push a bright kid to his death for -downloading too many scientific articles. Aaron is dead. Let us all -weep.

- -

The movie is also available on -Youtube. I -wish there were Norwegian subtitles available, so I could show it to -my parents.

+
Using appstream with isenkram to install hardware related packages in Debian
+
20th December 2015
+

Around three years ago, I created +the isenkram +system to get a more practical solution in Debian for handing +hardware related packages. A GUI system in the isenkram package will +present a pop-up dialog when some hardware dongle supported by +relevant packages in Debian is inserted into the machine. The same +lookup mechanism to detect packages is available as command line +tools in the isenkram-cli package. In addition to mapping hardware, +it will also map kernel firmware files to packages and make it easy to +install needed firmware packages automatically. The key for this +system to work is a good way to map hardware to packages, in other +words, allow packages to announce what hardware they will work +with.

+ +

I started by providing data files in the isenkram source, and +adding code to download the latest version of these data files at run +time, to ensure every user had the most up to date mapping available. +I also added support for storing the mapping in the Packages file in +the apt repositories, but did not push this approach because while I +was trying to figure out how to best store hardware/package mappings, +the +appstream system was announced. I got in touch and suggested to +add the hardware mapping into that data set to be able to use +appstream as a data source, and this was accepted at least for the +Debian version of appstream.

+ +

A few days ago using appstream in Debian for this became possible, +and today I uploaded a new version 0.20 of isenkram adding support for +appstream as a data source for mapping hardware to packages. The only +package so far using appstream to announce its hardware support is my +pymissile package. I got help from Matthias Klumpp with figuring out +how do add the required +metadata +in pymissile. I added a file debian/pymissile.metainfo.xml with +this content:

+ +
+<?xml version="1.0" encoding="UTF-8"?>
+<component>
+  <id>pymissile</id>
+  <metadata_license>MIT</metadata_license>
+  <name>pymissile</name>
+  <summary>Control original Striker USB Missile Launcher</summary>
+  <description>
+    <p>
+      Pymissile provides a curses interface to control an original
+      Marks and Spencer / Striker USB Missile Launcher, as well as a
+      motion control script to allow a webcamera to control the
+      launcher.
+    </p>
+  </description>
+  <provides>
+    <modalias>usb:v1130p0202d*</modalias>
+  </provides>
+</component>
+
+ +

The key for isenkram is the component/provides/modalias value, +which is a glob style match rule for hardware specific strings +(modalias strings) provided by the Linux kernel. In this case, it +will map to all USB devices with vendor code 1130 and product code +0202.

+ +

Note, it is important that the license of all the metadata files +are compatible to have permissions to aggregate them into archive wide +appstream files. Matthias suggested to use MIT or BSD licenses for +these files. A challenge is figuring out a good id for the data, as +it is supposed to be globally unique and shared across distributions +(in other words, best to coordinate with upstream what to use). But +it can be changed later or, so we went with the package name as +upstream for this project is dormant.

+ +

To get the metadata file installed in the correct location for the +mirror update scripts to pick it up and include its content the +appstream data source, the file must be installed in the binary +package under /usr/share/appdata/. I did this by adding the following +line to debian/pymissile.install:

+ +
+debian/pymissile.metainfo.xml usr/share/appdata
+
+ +

With that in place, the command line tool isenkram-lookup will list +all packages useful on the current computer automatically, and the GUI +pop-up handler will propose to install the package not already +installed if a hardware dongle is inserted into the machine in +question.

+ +

Details of the modalias field in appstream is available from the +DEP-11 proposal.

+ +

To locate the modalias values of all hardware present in a machine, +try running this command on the command line:

+ +
+cat $(find /sys/devices/|grep modalias)
+
+ +

To learn more about the isenkram system, please check out +my +blog posts tagged isenkram.

- Tags: english, opphavsrett. + Tags: debian, english, isenkram.
@@ -402,68 +568,89 @@ my parents.

-
Alle Stortingets mobiltelefoner kontrolleres fra USA...
-
7th October 2015
-

Jeg lot meg fascinere av -en -artikkel i Aftenposten der det fortelles at «over 600 telefoner som -benyttes av stortingsrepresentanter, rådgivere og ansatte på -Stortinget, kan «fjernstyres» ved hjelp av -programvaren -Airwatch, et såkalte MDM-program (Mobile Device Managment)». Det -hele bagatelliseres av Stortingets IT-stab, men det er i hovedsak på -grunn av at journalisten ikke stiller de relevante spørsmålene. For -meg er det relevante spørsmålet hvem som har lovlig tilgang (i henhold -til lokal lovgiving, dvs. i hvert fall i Norge, Sverige, UK og USA) -til informasjon om og på telefonene, og hvor enkelt det er å skaffe -seg tilgang til hvor mobilene befinner seg og informasjon som befinner -seg på telefonene ved hjelp av utro tjenere, trusler, innbrudd og -andre ulovlige metoder.

- -

Bruken av AirWatch betyr i realiteten at USAs etteretning og -politimyndigheter har full tilgang til stortingets mobiltelefoner, -inkludert posisjon og innhold, takket være -FISAAA-loven -og -"National -Security Letters" og det enkle faktum at selskapet -AirWatch er kontrollert av et -selskap i USA. I tillegg er det kjent at flere lands -etterretningstjenester kan lytte på trafikken når den passerer -landegrensene.

- -

Jeg har bedt om mer informasjon -fra -Stortinget om bruken av AirWatch via Mimes brønn så får vi se hva -de har å fortelle om saken. Fant ingenting om 'airwatch' i -postjournalen til Stortinget, så jeg trenger hjelp før jeg kan be om -innsyn i konkrete dokumenter.

- -

Oppdatering 2015-10-07: Jeg er blitt spurt hvorfor jeg antar at -AirWatch-agenten rapporterer til USA og ikke direkte til Stortingets -egen infrastruktur. Det stemmer at det er teknisk mulig å sette -opp mobiltelefonene til å rapportere til datamaskiner som eies av -Stortinget. Jeg antar det rapporteres til AirWatch sine sentrale -tjenester basert på det jeg leste fra beskrivelsen av -Mobile -Device Management på AirWatch sine egne nettsider, koblet med at -det brukes en standard app som kan hentes fra "app-butikkene" for å få -tilgang. Enten må app-en settes opp individuelt hos Stortinget, eller -så får den beskjed fra AirWatch i USA om hvor den skal koble seg opp. -I det første tilfellet vil den ikke rapportere direkte til USA, men -til programvare utviklet av AirWatch som kjører på en maskin under -Stortingets kontroll. Det er litt bedre, men fortsatt vil det være -umulig for Stortinget å være sikker på hva programvaren som tar imot -forbindelser gjør. Jeg ser fra beskrivelsen av -Enterprice -Integration hos AirWatch at det er mulig å ha lokal installasjon, -og håper innsynsforespørsler mot Stortinget kan fortelle mer om -hvordan ting konkret fungerer der.

+
Bokhandeldistribusjon av boken Fri kultur av Lawrence Lessig
+
14th December 2015
+

Besøk +lulu.com +eller +Amazon +for å kjøpe boken på papir, eller last ned ebook som +PDF, +ePub +eller +MOBI +fra +github.

+ +

Jeg ble gledelig overrasket i dag da jeg oppdaget at boken jeg har +gitt ut +hadde +dukket opp i Amazon. Jeg hadde trodd det skulle ta lenger tid, da +jeg fikk beskjed om at det skulle ta seks til åtte uker. +Amazonoppføringen er et resultat av at jeg for noen uker siden +diskuterte prissetting og håndtering av profitt med forfatteren. Det +måtte avklares da bruksvilkårene til boken har krav om +ikke-kommersiell bruk. Vi ble enige om at overskuddet fra salg av +boken skal sendes til +Creative Commons-stiftelsen. +Med det på plass kunne jeg be +lulu.com +om å gi boken «utvidet» distribusjon. Årsaken til at +bokhandeldistribusjon var litt utfordrende er at bokhandlere krever +mulighet for profitt på bøkene de selger (selvfølgelig), og dermed +måtte de få lov til å selge til høyere pris enn lulu.com. I tillegg +er det krav om samme pris på lulu.com og i bokhandlene, dermed blir +prisen økt også hos lulu.com. Hva skulle jeg gjøre med den profitten +uten å bryte med klausulen om ikkekommersiell? Løsningen var å gi +bort profitten til CC-stiftelsen. Prisen på boken ble nesten +tredoblet, til $19.99 (ca. 160,-) pluss frakt, men synligheten øker +betraktelig når den kan finnes i katalogene til store nettbokhandlere. +Det betyr at hvis du allerede har kjøpt boken har du fått den veldig +billig, og kjøper du den nå, får du den fortsatt billig samt donerer i +tillegg noen tiere til fremme av Creative Commons.

+ +

Mens jeg var i gang med å titte etter informasjon om boken +oppdaget jeg at den også var dukket opp på +Google +Books, der en kan lese den på web. PDF-utgaven har ennå ikke +dukket opp hos Nasjonalbiblioteket, +men det regner jeg med kommer på plass i løpet av noen uker. Boken er +heller ikke dukket opp hos +Barnes & Noble ennå, men +jeg antar det bare er et tidsspørsmål før dette er på plass.

+ +

Boken er dessverre ikke tilgjengelig fra norske bokhandlere, og +kommer neppe til å bli det med det første. Årsaken er at for å få det +til måtte jeg personlig håndtere bestilling av bøker, hvilket jeg ikke +er interessert i å bruke tid på. Jeg kunne betalt ca 2000,- til +den norske bokbasen, en felles +database over bøker tilgjengelig for norske bokhandlere, for å få en +oppføring der, men da måtte jeg tatt imot bestillinger på epost og +sendt ut bøker selv. Det ville krevd at jeg var klar til å +sende ut bøker på kort varsel, dvs. holdt meg med ekstra bøker, +konvolutter og frimerker. Bokbasen har visst ikke opplegg for å be +bokhandlene bestille direkte via web, så jeg droppet oppføring der. +Jeg har spurt Haugen bok og Tronsmo direkte på epost om de er +interessert i å ta inn boken i sin bestillingskatalog, men ikke fått +svar, så jeg antar de ikke er interessert. Derimot har jeg fått en +hyggelig henvendelse fra Biblioteksentralen som fortalte at de har +lagt den inn i sin database slik at deres bibliotekskunder enkelt kan +bestille den via dem.

+ +

Boken er i følge +Bibsys/Oria +og bokdatabasen til +Deichmanske +tilgjengelig fra flere biblioteker allerede, og alle eksemplarer er +visst allerede utlånt med ventetid. Det synes jeg er veldig gledelig +å se. Jeg håper mange kommer til å lese boken. Jeg tror den er +spesielt egnet for foreldre og bekjente av oss nerder for å forklare +hva slags problemer vi ser med dagens opphavsrettsregime.

- Tags: norsk, offentlig innsyn, personvern, sikkerhet, stortinget, surveillance. + Tags: freeculture, norsk.
@@ -471,32 +658,114 @@ hvordan ting konkret fungerer der.

-
French Docbook/PDF/EPUB/MOBI edition of the Free Culture book
-
1st October 2015
-

As I wrap up the Norwegian version of -Free -Culture book by Lawrence Lessig (still waiting for my final proof -reading copy to arrive in the mail), my great -dblatex helper and -developer of the dblatex docbook processor, Benoît Guillon, decided a -to try to create a French version of the book. He started with the -French translation available from the -Wikilivres wiki -pages, and wrote a program to convert it into a PO file, allowing -the translation to be integrated into the po4a based framework I use -to create the Norwegian translation from the English edition. We meet -on the #dblatex IRC -channel to discuss the work. If you want to help create a French -edition, check out -his git -repository and join us on IRC. If the French edition look good, -we might publish it as a paper book on lulu.com. A French version of -the drawings and the cover need to be provided for this to happen.

+
The GNU General Public License is not magic pixie dust
+
30th November 2015
+

A blog post from my fellow Debian developer Paul Wise titled +"The +GPL is not magic pixie dust" explain the importance of making sure +the GPL is enforced. +I quote the blog post from Paul in full here with his permission:

+ +

+ +

Become a Software Freedom Conservancy Supporter!

+ +
+The GPL is not magic pixie dust. It does not work by itself.
+ +The first step is to choose a +copyleft license for your +code.
+ +The next step is, when someone fails to follow that copyleft license, +it must be enforced
+ +and its a simple fact of our modern society that such type of +work
+ +is incredibly expensive to do and incredibly difficult to do. +
+ +

-- Bradley Kuhn, in +FaiF +episode +0x57

+ +

As the Debian Website +used +to +imply, public domain and permissively licensed software can lead to +the production of more proprietary software as people discover useful +software, extend it and or incorporate it into their hardware or +software products. Copyleft licenses such as the GNU GPL were created +to close off this avenue to the production of proprietary software but +such licenses are not enough. With the ongoing adoption of Free +Software by individuals and groups, inevitably the community's +expectations of license compliance are violated, usually out of +ignorance of the way Free Software works, but not always. As Karen +and Bradley explained in FaiF +episode 0x57, +copyleft is nothing if no-one is willing and able to stand up in court +to protect it. The reality of today's world is that legal +representation is expensive, difficult and time consuming. With +gpl-violations.org in hiatus +until +some time in 2016, the Software +Freedom Conservancy (a tax-exempt charity) is the major defender +of the Linux project, Debian and other groups against GPL violations. +In March the SFC supported a +lawsuit +by Christoph Hellwig against VMware for refusing to +comply +with the GPL in relation to their use of parts of the Linux +kernel. Since then two of their sponsors pulled corporate funding and +conferences +blocked +or cancelled their talks. As a result they have decided to rely +less on corporate funding and more on the broad community of +individuals who support Free Software and copyleft. So the SFC has +launched +a campaign to create +a community of folks who stand up for copyleft and the GPL by +supporting their work on promoting and supporting copyleft and Free +Software.

+ +

If you support Free Software, +like +what the SFC do, agree with their +compliance +principles, are happy about their +successes in 2015, +work on a project that is an SFC +member and or +just want to stand up for copyleft, please join +Christopher +Allan Webber, +Carol +Smith, +Jono +Bacon, myself and +others in +becoming a +supporter. For the +next week your donation will be +matched +by an anonymous donor. Please also consider asking your employer to +match your donation or become a sponsor of SFC. Don't forget to +spread the word about your support for SFC via email, your blog and or +social media accounts.

+ +
+ +

I agree with Paul on this topic and just signed up as a Supporter +of Software Freedom Conservancy myself. Perhaps you should be a +supporter too?

- Tags: docbook, english, freeculture. + Tags: debian, debian edu, english, opphavsrett.
@@ -504,144 +773,42 @@ the drawings and the cover need to be provided for this to happen.

-
The life and death of a laptop battery
-
24th September 2015
-

When I get a new laptop, the battery life time at the start is OK. -But this do not last. The last few laptops gave me a feeling that -within a year, the life time is just a fraction of what it used to be, -and it slowly become painful to use the laptop without power connected -all the time. Because of this, when I got a new Thinkpad X230 laptop -about two years ago, I decided to monitor its battery state to have -more hard facts when the battery started to fail.

- - - -

First I tried to find a sensible Debian package to record the -battery status, assuming that this must be a problem already handled -by someone else. I found -battery-stats, -which collects statistics from the battery, but it was completely -broken. I sent a few suggestions to the maintainer, but decided to -write my own collector as a shell script while I waited for feedback -from him. Via -a -blog post about the battery development on a MacBook Air I also -discovered -batlog, not -available in Debian.

- -

I started my collector 2013-07-15, and it has been collecting -battery stats ever since. Now my -/var/log/hjemmenett-battery-status.log file contain around 115,000 -measurements, from the time the battery was working great until now, -when it is unable to charge above 7% of original capacity. My -collector shell script is quite simple and look like this:

+
PGP key transition statement for key EE4E02F9
+
17th November 2015
+

I've needed a new OpenPGP key for a while, but have not had time to +set it up properly. I wanted to generate it offline and have it +available on a OpenPGP +smart card for daily use, and learning how to do it and finding +time to sit down with an offline machine almost took forever. But +finally I've been able to complete the process, and have now moved +from my old GPG key to a new GPG key. See +the +full transition statement, signed with both my old and new key for +the details. This is my new key:

-#!/bin/sh
-# Inspired by
-# http://www.ifweassume.com/2013/08/the-de-evolution-of-my-laptop-battery.html
-# See also
-# http://blog.sleeplessbeastie.eu/2013/01/02/debian-how-to-monitor-battery-capacity/
-logfile=/var/log/hjemmenett-battery-status.log
-
-files="manufacturer model_name technology serial_number \
-    energy_full energy_full_design energy_now cycle_count status"
-
-if [ ! -e "$logfile" ] ; then
-    (
-	printf "timestamp,"
-	for f in $files; do
-	    printf "%s," $f
-	done
-	echo
-    ) > "$logfile"
-fi
-
-log_battery() {
-    # Print complete message in one echo call, to avoid race condition
-    # when several log processes run in parallel.
-    msg=$(printf "%s," $(date +%s); \
-	for f in $files; do \
-	    printf "%s," $(cat $f); \
-	done)
-    echo "$msg"
-}
-
-cd /sys/class/power_supply
-
-for bat in BAT*; do
-    (cd $bat && log_battery >> "$logfile")
-done
+pub   3936R/111D6B29EE4E02F9 2015-11-03 [expires: 2019-11-14]
+      Key fingerprint = 3AC7 B2E3 ACA5 DF87 78F1  D827 111D 6B29 EE4E 02F9
+uid                  Petter Reinholdtsen <pere@hungry.com>
+uid                  Petter Reinholdtsen <pere@debian.org>
+sub   4096R/87BAFB0E 2015-11-03 [expires: 2019-11-02]
+sub   4096R/F91E6DE9 2015-11-03 [expires: 2019-11-02]
+sub   4096R/A0439BAB 2015-11-03 [expires: 2019-11-02]
-

The script is called when the power management system detect a -change in the power status (power plug in or out), and when going into -and out of hibernation and suspend. In addition, it collect a value -every 10 minutes. This make it possible for me know when the battery -is discharging, charging and how the maximum charge change over time. -The code for the Debian package -is now -available on github.

- -

The collected log file look like this:

- -
-timestamp,manufacturer,model_name,technology,serial_number,energy_full,energy_full_design,energy_now,cycle_count,status,
-1376591133,LGC,45N1025,Li-ion,974,62800000,62160000,39050000,0,Discharging,
-[...]
-1443090528,LGC,45N1025,Li-ion,974,4900000,62160000,4900000,0,Full,
-1443090601,LGC,45N1025,Li-ion,974,4900000,62160000,4900000,0,Full,
-
+

The key can be downloaded from the OpenPGP key servers, signed by +my old key.

-

I wrote a small script to create a graph of the charge development -over time. This graph depicted above show the slow death of my laptop -battery.

- -

But why is this happening? Why are my laptop batteries always -dying in a year or two, while the batteries of space probes and -satellites keep working year after year. If we are to believe -Battery -University, the cause is me charging the battery whenever I have a -chance, and the fix is to not charge the Lithium-ion batteries to 100% -all the time, but to stay below 90% of full charge most of the time. -I've been told that the Tesla electric cars -limit -the charge of their batteries to 80%, with the option to charge to -100% when preparing for a longer trip (not that I would want a car -like Tesla where rights to privacy is abandoned, but that is another -story), which I guess is the option we should have for laptops on -Linux too.

- -

Is there a good and generic way with Linux to tell the battery to -stop charging at 80%, unless requested to charge to 100% once in -preparation for a longer trip? I found -one -recipe on askubuntu for Ubuntu to limit charging on Thinkpad to -80%, but could not get it to work (kernel module refused to -load).

- -

I wonder why the battery capacity was reported to be more than 100% -at the start. I also wonder why the "full capacity" increases some -times, and if it is possible to repeat the process to get the battery -back to design capacity. And I wonder if the discharge and charge -speed change over time, or if this stay the same. I did not yet try -to write a tool to calculate the derivative values of the battery -level, but suspect some interesting insights might be learned from -those.

- -

Update 2015-09-24: I got a tip to install the packages -acpi-call-dkms and tlp (unfortunately missing in Debian stable) -packages instead of the tp-smapi-dkms package I had tried to use -initially, and use 'tlp setcharge 40 80' to change when charging start -and stop. I've done so now, but expect my existing battery is toast -and need to be replaced. The proposal is unfortunately Thinkpad -specific.

+

If you signed my old key +(DB4CCC4B2A30D729), +I'd very much appreciate a signature on my new key, details and +instructions in the transition statement. I m happy to reciprocate if +you have a similarly signed transition statement to present.

- Tags: debian, english. + Tags: debian, english, sikkerhet.
@@ -656,6 +823,15 @@ specific.

Archive