X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/bcfa7524ccdedac6146786bc5eed73cd5f22cab4..2d047348b0dfe1d3bab7955e9bf9b52223e84373:/blog/index.html?ds=sidebyside diff --git a/blog/index.html b/blog/index.html index 6b92ddea3f..7ee76c94b8 100644 --- a/blog/index.html +++ b/blog/index.html @@ -20,54 +20,96 @@
-
New chrpath release 0.16
-
14th January 2014
-

Coverity is a nice tool to -find problems in C, C++ and Java code using static source code -analysis. It can detect a lot of different problems, and is very -useful to find memory and locking bugs in the error handling part of -the source. The company behind it provide -check of free software projects as -a community service, and many hundred free software projects are -already checked. A few days ago I decided to have a closer look at -the Coverity system, and discovered that the -gnash and -ipmitool -projects I am involved with was already registered. But these are -fairly big, and I would also like to have a small and easy project to -check, and decided to request -checking of the chrpath project. It was -added to the checker and discovered seven potential defects. Six of -these were real, mostly resource "leak" when the program detected an -error. Nothing serious, as the resources would be released a fraction -of a second later when the program exited because of the error, but it -is nice to do it right in case the source of the program some time in -the future end up in a library. Having fixed all defects and added -a -mailing list for the chrpath developers, I decided it was time to -publish a new release. These are the release notes:

- -

New in 0.16 released 2014-01-14:

- - - -

You can -download the -new version 0.16 from alioth. Please let us know via the Alioth -project if something is wrong with the new release. The test suite -did not discover any old errors, so if you find a new one, please also -include a test suite check.

+
Simpler recipe on how to make a simple $7 IMSI Catcher using Debian
+
9th August 2017
+

On friday, I came across an interesting article in the Norwegian +web based ICT news magazine digi.no on +how +to collect the IMSI numbers of nearby cell phones using the cheap +DVB-T software defined radios. The article refered to instructions +and a recipe by +Keld Norman on Youtube on how to make a simple $7 IMSI Catcher, and I decided to test them out.

+ +

The instructions said to use Ubuntu, install pip using apt (to +bypass apt), use pip to install pybombs (to bypass both apt and pip), +and the ask pybombs to fetch and build everything you need from +scratch. I wanted to see if I could do the same on the most recent +Debian packages, but this did not work because pybombs tried to build +stuff that no longer build with the most recent openssl library or +some other version skew problem. While trying to get this recipe +working, I learned that the apt->pip->pybombs route was a long detour, +and the only piece of software dependency missing in Debian was the +gr-gsm package. I also found out that the lead upstream developer of +gr-gsm (the name stand for GNU Radio GSM) project already had a set of +Debian packages provided in an Ubuntu PPA repository. All I needed to +do was to dget the Debian source package and built it.

+ +

The IMSI collector is a python script listening for packages on the +loopback network device and printing to the terminal some specific GSM +packages with IMSI numbers in them. The code is fairly short and easy +to understand. The reason this work is because gr-gsm include a tool +to read GSM data from a software defined radio like a DVB-T USB stick +and other software defined radios, decode them and inject them into a +network device on your Linux machine (using the loopback device by +default). This proved to work just fine, and I've been testing the +collector for a few days now.

+ +

The updated and simpler recipe is thus to

+ +
    + +
  1. start with a Debian machine running Stretch or newer,
    2. + +
  2. build and install the gr-gsm package available from +http://ppa.launchpad.net/ptrkrysik/gr-gsm/ubuntu/pool/main/g/gr-gsm/,
    3. + +
  3. clone the git repostory from https://github.com/Oros42/IMSI-catcher,
    4. + +
  4. run grgsm_livemon and adjust the frequency until the terminal +where it was started is filled with a stream of text (meaning you +found a GSM station).
    5. + +
  5. go into the IMSI-catcher directory and run 'sudo python simple_IMSI-catcher.py' to extract the IMSI numbers.
    6. + +
+ +

To make it even easier in the future to get this sniffer up and +running, I decided to package +the gr-gsm project +for Debian (WNPP +#871055), and the package was uploaded into the NEW queue today. +Luckily the gnuradio maintainer has promised to help me, as I do not +know much about gnuradio stuff yet.

+ +

I doubt this "IMSI cacher" is anywhere near as powerfull as +commercial tools like +The +Spy Phone Portable IMSI / IMEI Catcher or the +Harris +Stingray, but I hope the existance of cheap alternatives can make +more people realise how their whereabouts when carrying a cell phone +is easily tracked. Seeing the data flow on the screen, realizing that +I live close to a police station and knowing that the police is also +wearing cell phones, I wonder how hard it would be for criminals to +track the position of the police officers to discover when there are +police near by, or for foreign military forces to track the location +of the Norwegian military forces, or for anyone to track the location +of government officials...

+ +

It is worth noting that the data reported by the IMSI-catcher +script mentioned above is only a fraction of the data broadcasted on +the GSM network. It will only collect one frequency at the time, +while a typical phone will be using several frequencies, and not all +phones will be using the frequencies tracked by the grgsm_livemod +program. Also, there is a lot of radio chatter being ignored by the +simple_IMSI-catcher script, which would be collected by extending the +parser code. I wonder if gr-gsm can be set up to listen to more than +one frequency?

- Tags: chrpath, debian, english. + Tags: debian, english, personvern, surveillance.
@@ -75,216 +117,37 @@ include a test suite check.

-
Debian Edu interview: Dominik George
-
25th December 2013
-

The Debian Edu / Skolelinux -project consist of both newcomers and old timers, and this time I -was able to get an interview with a newcomer in the project who showed -up on the IRC channel a few weeks ago to let us know about his -successful installation of Debian Edu Wheezy in his School. Say hello -to Dominik -George.

- - - -

Who are you, and how do you spend your days?

- -

I am a 23 year-old student from Germany who has spent half of his -life with open source. In "real life", I am, as already mentioned, a -student in the fields of Computer Science, Electrical Engineering, -Information Technologies and Anglistics. Due to my (only partially -voluntary) huge engagement in the open source world, these things are -a bit vacant right now however.

- -

I also have been working as a project teacher at a Gymasnium -(public school) for various years now. I took up that work some time -around 2005 when still attending that school myself and have continued -it until today. I also had been running the (kind of very advanced) -network of that school together with a team of very interested and -talented students in the age of 11 to 15 years, who took the chance to -learn a lot about open source and networking before I left the school -to help building another school's informational education concept from -scratch.

- -

That said, one might see me as a kind of "glue" between school kids -and the elderly of teachers as well as between the open source -ecosystem and the (even more complex) educational ecosystem.

- -

When I am not busy with open source or education, I like Geocaching -and cycling.

- -

How did you get in contact with the Skolelinux / Debian Edu -project?

- -

I think that happened some time around 2009 when I first attended -FrOSCon and visited the project -booth. I think I wasn't too interested back then because I used to -have an attitude of disliking software that does too much stuff on its -own. Maybe I was too inexperienced to realise the upsides of an -"out-of-the-box" solution ;).

- -

The first time I actively talked to Skolelinux people was at -OpenRheinRuhr 2011 when the -BiscuIT project, a home-grewn software used by my school for various -really cool things from timetables and class contact lists to lunch -ordering, student ID card printing and project elections first got to -a stage where it could have been published. I asked the Skolelinux -guys running the booth if the project were interested in it and gave a -small demonstration, but there wasn't any real feedback and the guys -seemed rather uninterested.

- -

After I left the school where I developed the software, it got -mostly lost, but I am now reimplementing it for my new school. I have -reusability and compatibility in mind, and I hop there will be a new -basis for contributing it to the Skolelinux project ;)!

- -

What do you see as the advantages of Skolelinux / Debian -Edu?

- -

The most important advantage seems to be that it "just -works". After overcoming some minor (but still very annoying) glitches -in the installer, I got a fully functional, working school network, -without the month-long hassle I experienced when setting all that up -from scratch in earlier years. And above that, it rocked - I didn't -have any real hardware at hand, because the school was just founded -and has no money whatsoever, so I installed a combined server (main -server, terminal services and workstation) in a VM on my personal -notebook, bridging the LTSP network interface to the ethernet port, -and then PXE-booted the Windows notebooks that were lying around from -it. I could use 8 clients without any performance issues, by using a -tiny little VM on a tiny little notebook. I think that's enough to say -that it rocks!

- -

Secondly, there are marketing reasons. Life's bad, and so no -politician will ever permit a setup described as "Debian, an universal -operating system, with some really cool educational tools" while they -will be jsut fine with "Skolelinux, a single-purpose solution for your -school network", even if both turn out to be the very same thing (yes, -this is unfair towards the Skolelinux project, and must not be taken -too seriously - you get the idea, anyway).

- -

What do you see as the disadvantages of Skolelinux / Debian -Edu?

- -

I have not been involved with Skolelinux long enough to really -answer this question in a fair way. Thus, please allow me to put it in -other words: "What do you expect from Skolelinux to keep liking it?" I -can list a few points about that:

- -
    - -
  • always strive to get all things integrated into Debian upstream -
  • be open to discussion about changes and the like, even with newcomers -
  • be helpful at being helpful ;) - -
- -

I'm really sorry I cannot say much more about that :(!

- -

Which free software do you use daily?

- -

First of all, all software I use is free and open. I have abandoned -all non-free software (except for firmware on my darned phone) this -year.

- -

I run Debian GNU/Linux on all PC systems I use. On that, I mostly -run text tools. I use -mksh as shell, -jupp as very advanced -text editor (I even got the developer to help me write a script/macro -based full-featured student management software with the two), -mcabber for XMPP and -irssi for IRC. For that overly -coloured world called the WWW, I use -Iceweasel -(Firefox). Oh, and mutt for -e-mail.

- -

However, while I am personally aware of the fact that text tools -are more efficient and powerful than anything else, I also use (or at -least operate) some tools that are suitable to bring open source to -kids. One of these things is Jappix, -which I already introduced to some kids even before they got aware of -Facebook, making them see for themselves that they do not need -Facebook now ;).

- -

Which strategy do you believe is the right one to use to -get schools to use free software?

- -

Well, that's a two-sided thing. One side is what I believe, and one -side is what I have experienced.

- -

I believe that the right strategy is showing them the benefits. But -that won't work out as long as the acceptance of free alternatives -grows globally. What I mean is that if all the kids are almost forced -to use Windows, Facebook, Skype, you name it at home, they will not -see why they would want to use alternatives at school. I have seen -students take seat in front of a fully-functional, modern Debian -desktop that could do anything their Windows at home could do, and -they jsut refused to use it because "Linux sucks". It is something -that makes the council of our city spend around 600000 € to buy -software - not including hardware, mind you - for operating school -networks, and for installing a system that, as has been proved, does -not work. For those of you readers who are good at maths, have you -already found out how many lives could have been saved with that money -if we had instead used it to bring education to parts of the world -that need it? I have, and found it to be nothing less dramatic than -plain criminal.

- -

That said, the only feasible way appears to be the bottom up -method. We have to bring free software to kids and parents. I have -founded an association named -Teckids here in Germany that does -just that. We organise several events for kids and adolescents in the -area of free and open source software, for example the -FrogLabs, which share staff with -Teckids and are the youth programme of -the Free and Open Source Software -Conference (FrOSCon). We do a lot more than most other conferences -- this year, we first offered the FrogLabs as a holiday camp for kids -aged 10 to 16. It was a huge success, with approx. 30 kids taking part -and learning with and about free software through a whole weekend. All -of us had a lot of fun, and the results were really exciting.

- -

Apart from that, we are preparing a campaign that is supposed to bring -the message of free alternatives to stuff kids use every day to them and -their parents, e.g. the use of Jabber / Jappix instead of Facebook and -Skype. To make that possible, we are planning to get together a team of -clever kids who understand very well what their peers need and can bring -it across to them. So we will have a peer-driven network of adolescents -who teach each other and collect feedback from the community of minors. -We then take that feedback and our own experience to work closely with -open source projects, such as Skolelinux or Jappix, at improving their -software in a way that makes it more and more attractive for the target -group. At least I hope that we will have good cooperation with -Skolelinux in the future ;)!

- -

So in conclusion, what I believe is that, if it weren't for the world -being so bad, it should be very clear to the political decision makers -that the only way to go nowadays is free software for various reasons, -but I have learnt that the only way that seems to work is bottom up.

- - +
Norwegian Bokmål edition of Debian Administrator's Handbook is now available
+
25th July 2017
+

+ +

I finally received a copy of the Norwegian Bokmål edition of +"The Debian Administrator's +Handbook". This test copy arrived in the mail a few days ago, and +I am very happy to hold the result in my hand. We spent around one and a half year translating it. This paperbook edition +is available +from lulu.com. If you buy it quickly, you save 25% on the list +price. The book is also available for download in electronic form as +PDF, EPUB and Mobipocket, as can be +read online +as a web page.

+ +

This is the second book I publish (the first was the book +"Free Culture" by Lawrence Lessig +in +English, +French +and +Norwegian +Bokmål), and I am very excited to finally wrap up this +project. I hope +"Håndbok +for Debian-administratoren" will be well received.

- Tags: debian edu, english, intervju. + Tags: debian, debian-handbook, english.
@@ -292,44 +155,50 @@ If that is wanted, just let me know ;).
-
Dugnadsnett for alle stiller på Oslo Maker Faire i januar 2014
-
10th December 2013
-

Helga 18. og 19. januar 2014 arrangeres -Oslo Maker -Faire, og Dugnadsnett for -alle har fått plass! Planen er å ha et bord med en plakat der vi -forteller om hva Dugnadsnett for alle er for noe, og et lite verksted -der vi hjelper folk som er interessert i å få opp sin egen mesh-node. -Jeg gleder meg til å se hvordan prosjektet blir mottatt der.

- -

Målet med dugnadsnett for alle i Oslo er å få på plass et datanett -for kommunikasjon ved hjelp av radio-repeaterstasjoner (kalt -mesh-noder) som gjør at en kan direkte kommunisere med slekt, venner -og bekjente i Oslo via andre som deltar i dugnadsnettet, samt gjøre -det mulig komme ut på internett via dugnadsnettet. Første delmål er å -kunne sende SMS-meldinger vha. IP-telefoni løsningen -Serval project mellom -deltagerne i Dugnadsnett for alle i Oslo. Formålet er å ta tilbake -kontrollen over egen nett-infrastruktur og gjøre det dyrere å bedrive -massiv innsamling av informasjon om borgernes bruk av datanett.

- -

Høres dette interessant ut? Bli med på prosjektet, fortell oss -hvor du kunne tenke deg å sette opp en radio-repeater (slik at folk i -nærheten kan finne hverandre ved hjelp av -kartet over planlagte og -eksisterende radio-repeatere), bli med på epostlisten -dugnadsnett -(at) nuug.no og stikk innom -IRC-kanalen -#dugnadsnett.no. Så langt er det planlagt over 40 -radio-repeatere, med VPN-forbindelser via Internet for å la de delene -av nettet som ikke når hverandre via radio kunne snakke med hverandre -likevel.

+
«Rapporten ser ikke på informasjonssikkerhet knyttet til personlig integritet»
+
27th June 2017
+

Jeg kom over teksten +«Killing +car privacy by federal mandate» av Leonid Reyzin på Freedom to +Tinker i dag, og det gleder meg å se en god gjennomgang om hvorfor det +er et urimelig inngrep i privatsfæren å la alle biler kringkaste sin +posisjon og bevegelse via radio. Det omtalte forslaget basert på +Dedicated Short Range Communication (DSRC) kalles Basic Safety Message +(BSM) i USA og Cooperative Awareness Message (CAM) i Europa, og det +norske Vegvesenet er en av de som ser ut til å kunne tenke seg å +pålegge alle biler å fjerne nok en bit av innbyggernes privatsfære. +Anbefaler alle å lese det som står der. + +

Mens jeg tittet litt på DSRC på biler i Norge kom jeg over et sitat +jeg synes er illustrativt for hvordan det offentlige Norge håndterer +problemstillinger rundt innbyggernes privatsfære i SINTEF-rapporten +«Informasjonssikkerhet +i AutoPASS-brikker» av Trond Foss:

+ +

+«Rapporten ser ikke på informasjonssikkerhet knyttet til personlig + integritet.» +

+ +

Så enkelt kan det tydeligvis gjøres når en vurderer +informasjonssikkerheten. Det holder vel at folkene på toppen kan si +at «Personvernet er ivaretatt», som jo er den populære intetsigende +frasen som gjør at mange tror enkeltindividers integritet tas vare på. +Sitatet fikk meg til å undres på hvor ofte samme tilnærming, å bare se +bort fra behovet for personlig itegritet, blir valgt når en velger å +legge til rette for nok et inngrep i privatsfæren til personer i +Norge. Det er jo sjelden det får reaksjoner. Historien om +reaksjonene på Helse Sør-Østs tjenesteutsetting er jo sørgelig nok et +unntak og toppen av isfjellet, desverre. Tror jeg fortsatt takker nei +til både AutoPASS og holder meg så langt unna det norske helsevesenet +som jeg kan, inntil de har demonstrert og dokumentert at de verdsetter +individets privatsfære og personlige integritet høyere enn kortsiktig +gevist og samfunnsnytte.

- Tags: mesh network, norsk, nuug. + Tags: norsk, personvern, sikkerhet.
@@ -337,129 +206,66 @@ likevel.

-
Debian Edu interview: Klaus Knopper
-
6th December 2013
-

It has been a while since I managed to publish the last interview, -but the Debian Edu / -Skolelinux community is still going strong, and yesterday we even -had a new school administrator show up on -#debian-edu to share -his success story with installing Debian Edu at their school. This -time I have been able to get some helpful comments from the creator of -Knoppix, Klaus Knopper, who was involved in a Skolelinux project in -Germany a few years ago.

- -

Who are you, and how do you spend your days?

- -

I am Klaus Knopper. I have a master degree in electrical -engineering, and is currently professor in information management at -the university of applied sciences Kaiserslautern / Germany and -freelance Open Source software developer and consultant.

- -

All of this is pretty much of the work I spend my days with. Apart -from teaching, I'm also conducting some more or less experimental -projects like the Knoppix GNU/Linux live -system (Debian-based like Skolelinux), -ADRIANE -(a blind-friendly talking desktop system) and -LINBO -(Linux-based network boot console, a fast remote install and repair -system supporting various operating systems).

- -

How did you get in contact with the Skolelinux / Debian Edu -project?

- -

The credit for this have to go to Kurt Gramlich, who is the German -coordinator for Skolelinux. We were looking for an all-in-one open -source community-supported distribution for schools, and Kurt -introduced us to Skolelinux for this purpose.

- -

What do you see as the advantages of Skolelinux / Debian -Edu?

- -
    -
  • Quick installation,
    • -
  • works (almost) out of the box,
    • -
  • contains many useful software packages for teaching and learning,
    • -
  • is a purely community-based distro and not controlled by a - single company,
    • -
  • has a large number of supporters and teachers who share their - experience and problem solutions.
    • -
- -

What do you see as the disadvantages of Skolelinux / Debian -Edu?

- -
    -
  • Skolelinux is - as we had to learn - not easily upgradable to - the next version. Opposed to its genuine Debian base, upgrading to - a new version means a full new installation from scratch to get it - working again reliably. - -
  • Skolelinux is based on Debian/stable, and therefore always a - little outdated in terms of program versions compared to Edubuntu or - similar educational Linux distros, which rather use Debian/testing - as their base. - -
  • Skolelinux has some very self-opinionated and stubborn default - configuration which in my opinion adds unnecessary complexity and is - not always suitable for a schools needs, the preset network - configuration is actually a core definition feature of Skolelinux - and not easy to change, so schools sometimes have to change their - network configuration to make it "Skolelinux-compatible". - -
  • Some proposed extensions, which were made available as - contribution, like secure examination mode and lecture material - distribution and collection, were not accepted into the mainline - Skolelinux development and are now not easy to maintain in the - future because of Skolelinux somewhat undeterministic update - schemes.
    • - -
  • Skolelinux has only a very tiny number of base developers - compared to Debian.
    • - -
- -

For these reasons and experience from our project, I would now -rather consider using plain Debian for schools next time, until -Skolelinux is more closely integrated into Debian and becomes -upgradeable without reinstallation.

- -

Which free software do you use daily?

- -

GNU/Linux with LXDE desktop, bash for interactive dialog and -programming, texlive for documentation and correspondence, -occasionally LibreOffice for document format conversion. Various -programming languages for teaching.

- -

Which strategy do you believe is the right one to use to -get schools to use free software?

- -

Strong arguments are

- -
    - -
  • Knowledge is free, and so should be methods and tools for - teaching and learning.
    • - -
  • Students can learn with and use the same software at school, at - home, and at their working place without running into license or - conversion problems.
    • - -
  • Closed source or proprietary software hides knowledge rather - than exposing it, and proprietary software vendors try to bind - customers to certain products. But teachers need to teach - science, not products.
    • - -
  • If you have everything you for daily work as open source, what - would you need proprietary software for?
    • - -
+
Updated sales number for my Free Culture paper editions
+
12th June 2017
+

It is pleasing to see that the work we put down in publishing new +editions of the classic Free +Culture book by the founder of the Creative Commons movement, +Lawrence Lessig, is still being appreciated. I had a look at the +latest sales numbers for the paper edition today. Not too impressive, +but happy to see some buyers still exist. All the revenue from the +books is sent to the Creative +Commons Corporation, and they receive the largest cut if you buy +directly from Lulu. Most books are sold via Amazon, with Ingram +second and only a small fraction directly from Lulu. The ebook +edition is available for free from +Github.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Title / languageQuantity
2016 jan-jun2016 jul-dec2017 jan-may
Culture Libre / French3615
Fri kultur / Norwegian710
Free Culture / English142716
Total243431
+ +

A bit sad to see the low sales number on the Norwegian edition, and +a bit surprising the English edition still selling so well.

+ +

If you would like to translate and publish the book in your native +language, I would be happy to help make it happen. Please get in +touch.

- Tags: debian edu, english, intervju. + Tags: docbook, english, freeculture.
@@ -467,33 +273,59 @@ get schools to use free software?

-
Dugnadsnett for alle, a wireless community network in Oslo, take shape
-
30th November 2013
-

If you want the ability to electronically communicate directly with -your neighbors and friends using a network controlled by your peers in -stead of centrally controlled by a few corporations, or would like to -experiment with interesting network technology, the -Dugnasnett for alle i Oslo -might be project for you. 39 mesh nodes are currently being planned, -in the freshly started initiative from NUUG and Hackeriet to create a -wireless community network. The work is inspired by -Freifunk, -Athens Wireless Metropolitan -Network, Roofnet -and other successful mesh networks around the globe. Two days ago we -held a workshop to try to get people started on setting up their own -mesh node, and there we decided to create a new mailing list -dugnadsnett -(at) nuug.no and IRC channel -#dugnadsnett.no to -coordinate the work. See also the NUUG blog post -announcing -the mailing list and IRC channel.

+
Release 0.1.1 of free software archive system Nikita announced
+
10th June 2017
+

I am very happy to report that the +Nikita Noark 5 +core project tagged its second release today. The free software +solution is an implementation of the Norwegian archive standard Noark +5 used by government offices in Norway. These were the changes in +version 0.1.1 since version 0.1.0 (from NEWS.md): + +

    + +
  • Continued work on the angularjs GUI, including document upload.
    • +
  • Implemented correspondencepartPerson, correspondencepartUnit and + correspondencepartInternal
    • +
  • Applied for coverity coverage and started submitting code on + regualr basis.
    • +
  • Started fixing bugs reported by coverity
    • +
  • Corrected and completed HATEOAS links to make sure entire API is + available via URLs in _links.
    • +
  • Corrected all relation URLs to use trailing slash.
    • +
  • Add initial support for storing data in ElasticSearch.
    • +
  • Now able to receive and store uploaded files in the archive.
    • +
  • Changed JSON output for object lists to have relations in _links.
    • +
  • Improve JSON output for empty object lists.
    • +
  • Now uses correct MIME type application/vnd.noark5-v4+json.
    • +
  • Added support for docker container images.
    • +
  • Added simple API browser implemented in JavaScript/Angular.
    • +
  • Started on archive client implemented in JavaScript/Angular.
    • +
  • Started on prototype to show the public mail journal.
    • +
  • Improved performance by disabling Sprint FileWatcher.
    • +
  • Added support for 'arkivskaper', 'saksmappe' and 'journalpost'.
    • +
  • Added support for some metadata codelists.
    • +
  • Added support for Cross-origin resource sharing (CORS).
    • +
  • Changed login method from Basic Auth to JSON Web Token (RFC 7519) + style.
    • +
  • Added support for GET-ing ny-* URLs.
    • +
  • Added support for modifying entities using PUT and eTag.
    • +
  • Added support for returning XML output on request.
    • +
  • Removed support for English field and class names, limiting ourself + to the official names.
    • +
  • ...
    • + +
+ +

If this sound interesting to you, please contact us on IRC (#nikita +on irc.freenode.net) or email +(nikita-noark +mailing list).

- Tags: english, mesh network, nuug. + Tags: english, nuug, offentlig innsyn, standard.
@@ -501,84 +333,99 @@ the mailing list and IRC channel.

-
Hvor godt fungerer Linux-klienter mot MS Exchange?
-
26th November 2013
-

Jeg -skrev -i juni om protestene på planene til min arbeidsplass, -Universitetet i Oslo, om å gå bort fra -fri programvare- og åpne standardløsninger for å håndtere epost, -vekk fra IETF-standarden SIEVE for filtrering av epost og over til -godseide spesifikasjoner og epostsystemet Microsoft Exchange. -Protestene har fått litt ny omtale i media de siste dagene, i tillegg -til de oppslagene som kom i mai.

+
Idea for storing trusted timestamps in a Noark 5 archive
+
7th June 2017
+

This is a copy of +an +email I posted to the nikita-noark mailing list. Please follow up +there if you would like to discuss this topic. The background is that +we are making a free software archive system based on the Norwegian +Noark +5 standard for government archives.

+ +

I've been wondering a bit lately how trusted timestamps could be +stored in Noark 5. +Trusted +timestamps can be used to verify that some information +(document/file/checksum/metadata) have not been changed since a +specific time in the past. This is useful to verify the integrity of +the documents in the archive.

+ +

Then it occured to me, perhaps the trusted timestamps could be +stored as dokument variants (ie dokumentobjekt referered to from +dokumentbeskrivelse) with the filename set to the hash it is +stamping?

+ +

Given a "dokumentbeskrivelse" with an associated "dokumentobjekt", +a new dokumentobjekt is associated with "dokumentbeskrivelse" with the +same attributes as the stamped dokumentobjekt except these +attributes:

-

Prosjektledelsen har fortalt at dette skal fungere like godt for -Linux-brukere som for brukere av Microsoft Windows og Apple MacOSX, -men jeg lurer på hva slags erfaringer Linux-brukere i eksisterende -miljøer som bruker MS Exchange har gjort. Hvis du har slik erfaring -hadet det vært veldig fint om du kan send et leserbrev til -Uniforum og fortelle om hvor -greit det er å bruke Exchange i kryss-platform-miljøer? De jeg har -snakket med sier en greit får lest e-posten sin hvis Exchange har -slått på IMAP-funksjonalitet, men at kalender og møtebooking ikke -fungerer godt for Linux-klienter. Jeg har ingen personlig erfaring å -komme med, så jeg er nysgjerrig på hva andre kan dele av erfaringer -med universitetet.

- -

Mitt ankerpunkt mot å bytte ut fri programvare som fungerer godt -med godseid programvare er at en mister kontroll over egen -infrastruktur, låser seg inn i en løsning det vil bli dyrt å komme ut -av, uten at en får funksjonalitet en ikke kunne skaffet seg med fri -programvare, eventuelt videreutviklet med de pengene som brukes på -overgangen til MS Exchange. Personlig planlegger jeg å fortsette å -laste ned all eposten min til lokal maskin for indeksering og lesing -med notmuch, så jeg håper jeg -ikke blir veldig skadelidende av overgangen.

- -

Underskriftslista -for oss som er mot endringen, som omtales i artiklene, er fortsatt -åpen for de som vil signere på oppropet. Akkurat nå er det 298 -personer som har signert.

+

This assume a service following +IETF RFC 3161 is +used, which specifiy the given MIME type for replies and the .tsr file +ending for the content of such trusted timestamp. As far as I can +tell from the Noark 5 specifications, it is OK to have several +variants/renderings of a dokument attached to a given +dokumentbeskrivelse objekt. It might be stretching it a bit to make +some of these variants represent crypto-signatures useful for +verifying the document integrity instead of representing the dokument +itself.

+ +

Using the source of the service in formatDetaljer allow several +timestamping services to be used. This is useful to spread the risk +of key compromise over several organisations. It would only be a +problem to trust the timestamps if all of the organisations are +compromised.

+ +

The following oneliner on Linux can be used to generate the tsr +file. $input is the path to the file to checksum, and $sha256 is the +SHA-256 checksum of the file (ie the ".tsr" value mentioned +above).

+ +

+openssl ts -query -data "$inputfile" -cert -sha256 -no_nonce \
+  | curl -s -H "Content-Type: application/timestamp-query" \
+      --data-binary "@-" http://zeitstempel.dfn.de > $sha256.tsr
+

+ +

To verify the timestamp, you first need to download the public key +of the trusted timestamp service, for example using this command:

+ +

+wget -O ca-cert.txt \
+  https://pki.pca.dfn.de/global-services-ca/pub/cacert/chain.txt
+

+ +

Note, the public key should be stored alongside the timestamps in +the archive to make sure it is also available 100 years from now. It +is probably a good idea to standardise how and were to store such +public keys, to make it easier to find for those trying to verify +documents 100 or 1000 years from now. :)

+ +

The verification itself is a simple openssl command:

+ +

+openssl ts -verify -data $inputfile -in $sha256.tsr \
+  -CAfile ca-cert.txt -text
+

+ +

Is there any reason this approach would not work? Is it somehow against +the Noark 5 specification?

- Tags: norsk, standard. + Tags: english, offentlig innsyn, standard.
@@ -586,56 +433,61 @@ personer som har signert.

-
New chrpath release 0.15
-
24th November 2013
-

After many years break from the package and a vain hope that -development would be continued by someone else, I finally pulled my -acts together this morning and wrapped up a new release of chrpath, -the command line tool to modify the rpath and runpath of already -compiled ELF programs. The update was triggered by the persistence of -Isha Vishnoi at IBM, which needed a new config.guess file to get -support for the ppc64le architecture (powerpc 64-bit Little Endian) he -is working on. I checked the -Debian, -Ubuntu and -Fedora -packages for interesting patches (failed to find the source from -OpenSUSE and Mandriva packages), and found quite a few nice fixes. -These are the release notes:

- -

New in 0.15 released 2013-11-24:

+
NÃ¥r nynorskoversettelsen svikter til eksamen...
+
3rd June 2017
+

Aftenposten +melder i dag om feil i eksamensoppgavene for eksamen i politikk og +menneskerettigheter, der teksten i bokmåls og nynorskutgaven ikke var +like. Oppgaveteksten er gjengitt i artikkelen, og jeg ble nysgjerring +på om den fri oversetterløsningen +Apertium ville gjort en bedre +jobb enn Utdanningsdirektoratet. Det kan se slik ut.

+ +

Her er bokmålsoppgaven fra eksamenen:

-
    +
    +

    Drøft utfordringene knyttet til nasjonalstatenes og andre aktørers +rolle og muligheter til å håndtere internasjonale utfordringer, som +for eksempel flykningekrisen.

    + +

    Vedlegge er eksempler på tekster som kan gi relevante perspektiver +på temaet:

    +
      +
    1. Flykningeregnskapet 2016, UNHCR og IDMC +
    2. «Grenseløst Europa for fall» A-Magasinet, 26. november 2015 +
    -
  • Updated config.sub and config.guess from the GNU project to work - with newer architectures. Thanks to isha vishnoi for the heads - up.
    • +
    -
  • Updated README with current URLs.
    • +

    Dette oversetter Apertium slik:

    -
  • Added byteswap fix found in Ubuntu, credited Jeremy Kerr and - Matthias Klose.
    • +
    +

    Drøft utfordringane knytte til nasjonalstatane sine og rolla til +andre aktørar og høve til å handtera internasjonale utfordringar, som +til dømes *flykningekrisen.

    -
  • Added missing help for -k|--keepgoing option, using patch by - Petr Machata found in Fedora.
    • +

    Vedleggja er døme på tekster som kan gje relevante perspektiv på +temaet:

    -
  • Rewrite removal of RPATH/RUNPATH to make sure the entry in - .dynamic is a NULL terminated string. Based on patch found in - Fedora credited Axel Thimm and Christian Krause.
    • +
      +
    1. *Flykningeregnskapet 2016, *UNHCR og *IDMC
      2. +
    2. «*Grenseløst Europa for fall» A-Magasinet, 26. november 2015
      3. +
    -
+ -

You can -download the -new version 0.15 from alioth. Please let us know via the Alioth -project if something is wrong with the new release. The test suite -did not discover any old errors, so if you find a new one, please also -include a testsuite check.

+

Ord som ikke ble forstått er markert med stjerne (*), og trenger +ekstra språksjekk. Men ingen ord er forsvunnet, slik det var i +oppgaven elevene fikk presentert på eksamen. Jeg mistenker dog at +"andre aktørers rolle og muligheter til ..." burde vært oversatt til +"rolla til andre aktørar og deira høve til ..." eller noe slikt, men +det er kanskje flisespikking. Det understreker vel bare at det alltid +trengs korrekturlesning etter automatisk oversettelse.

- Tags: chrpath, debian, english. + Tags: debian, norsk, stavekontroll.
@@ -643,64 +495,67 @@ include a testsuite check.

-
RSS-kilde for fritekstsøk i offentlige anbud hos Doffin
-
22nd November 2013
-

I fjor sommer lagde jeg en -offentlig -tilgjengelig SQL-database over offentlig anbud basert på skraping -av HTML-data fra Doffin. Den har stått og gått siden da, og har nå -ca. 28000 oppføringer. Jeg oppdaget da jeg tittet innom at noen -oppføringer var ikke blitt med, antagelig på grunn av at de fikk -tildelt sekvensnummer i Doffin en godt stund før de ble publisert, -slik at min nettsideskraper som fortsatte skrapingen der den slapp -sist ikke fikk dem med seg. Jeg har fikset litt slik at skraperen nå -ser litt tilbake i tid for å se om den har gått glipp av noen -oppføringer, og har skrapet på nytt fra midten av september 2013 og -fremover. Det bør dermed bli en mer komplett database for kommende -måneder. Hvis jeg får tid skal jeg forsøke å skrape "glemte" data fra -før midten av september 2013, men tør ikke garantere at det blir -prioritert med det første.

- -

Men målet med denne bloggposten er å vise hvordan denne -Doffin-databasen kan brukes og integreres med en RSS-leser, slik at en -kan la datamaskinen holde et øye med Doffin-annonseringer etter -nøkkelord. En kan lage sitt eget søk ved å besøke -API-et -hos Scraperwiki, velge format rss2 og så legge inn noe ala dette i -"query in SQL":

- -

-select title, scrapedurl as link, abstract as description,
-       publishdate as pubDate from 'swdata'
-   where abstract like '%linux%' or title like '%linux%'
-   order by seq desc limit 20
-

- -

Dette vil søke opp alle anbud med ordet linux i oppsummering eller -tittel. En kan lage mer avanserte søk hvis en ønsker det. URL-en som -dukker opp nederst på siden kan en så gi til sin RSS-leser (jeg bruker -akregator selv), og så automatisk få beskjed hvis det dukker opp anbud -med det aktuelle nøkkelordet i teksten. Merk at kapasiteten og -ytelsen hos Scraperwiki er begrenset, så ikke be RSS-leseren hente ned -oftere enn en gang hver dag.

- -

Du lurer kanskje på hva slags informasjon en kan få ut fra denne -databasen. Her er to RSS-kilder, med søkeordet -"linux", -søkeordet -"fri -programvare" -og søkeordet -"odf". -Det er bare å søke på det en er interessert i. Kopier gjerne -datasettet og sett opp din egen tjeneste hvis du vil gjøre mer -avanserte søk. SQLite-filen med Doffin-oppføringer kan lastes med fra -Scraperwiki for de som vil grave dypere.

+
Epost inn som arkivformat i Riksarkivarens forskrift?
+
27th April 2017
+

I disse dager, med frist 1. mai, har Riksarkivaren ute en høring på +sin forskrift. Som en kan se er det ikke mye tid igjen før fristen +som går ut på søndag. Denne forskriften er det som lister opp hvilke +formater det er greit å arkivere i +Noark +5-løsninger i Norge.

+ +

Jeg fant høringsdokumentene hos +Norsk +Arkivråd etter å ha blitt tipset på epostlisten til +fri +programvareprosjektet Nikita Noark5-Core, som lager et Noark 5 +Tjenestegresesnitt. Jeg er involvert i Nikita-prosjektet og takket +være min interesse for tjenestegrensesnittsprosjektet har jeg lest en +god del Noark 5-relaterte dokumenter, og til min overraskelse oppdaget +at standard epost ikke er på listen over godkjente formater som kan +arkiveres. Høringen med frist søndag er en glimrende mulighet til å +forsøke å gjøre noe med det. Jeg holder på med +egen +høringsuttalelse, og lurer på om andre er interessert i å støtte +forslaget om å tillate arkivering av epost som epost i arkivet.

+ +

Er du igang med å skrive egen høringsuttalelse allerede? I så fall +kan du jo vurdere å ta med en formulering om epost-lagring. Jeg tror +ikke det trengs så mye. Her et kort forslag til tekst:

+ +

+ +

Viser til høring sendt ut 2017-02-17 (Riksarkivarens referanse + 2016/9840 HELHJO), og tillater oss å sende inn noen innspill om + revisjon av Forskrift om utfyllende tekniske og arkivfaglige + bestemmelser om behandling av offentlige arkiver (Riksarkivarens + forskrift).

+ +

Svært mye av vår kommuikasjon foregår i dag på e-post.  Vi + foreslår derfor at Internett-e-post, slik det er beskrevet i IETF + RFC 5322, + https://tools.ietf.org/html/rfc5322. bør + inn som godkjent dokumentformat.  Vi foreslår at forskriftens + oversikt over godkjente dokumentformater ved innlevering i § 5-16 + endres til å ta med Internett-e-post.

+ +

+ +

Som del av arbeidet med tjenestegrensesnitt har vi testet hvordan +epost kan lagres i en Noark 5-struktur, og holder på å skrive et +forslag om hvordan dette kan gjøres som vil bli sendt over til +arkivverket så snart det er ferdig. De som er interesserte kan +følge +fremdriften på web.

+ +

Oppdatering 2017-04-28: I dag ble høringuttalelsen jeg skrev + sendt + inn av foreningen NUUG.

- Tags: norsk, nuug, offentlig innsyn. + Tags: norsk, offentlig innsyn, standard.
@@ -708,56 +563,52 @@ Scraperwiki for de som vil grave dypere.

-
All drones should be radio marked with what they do and who they belong to
-
21st November 2013
-

Drones, flying robots, are getting more and more popular. The most -know ones are the killer drones used by some government to murder -people they do not like without giving them the chance of a fair -trial, but the technology have many good uses too, from mapping and -forest maintenance to photography and search and rescue. I am sure it -is just a question of time before "bad drones" are in the hands of -private enterprises and not only state criminals but petty criminals -too. The drone technology is very useful and very dangerous. To have -some control over the use of drones, I agree with Daniel Suarez in his -TED talk -"The kill -decision shouldn't belong to a robot", where he suggested this -little gem to keep the good while limiting the bad use of drones:

- -
- -

Each robot and drone should have a cryptographically signed -I.D. burned in at the factory that can be used to track its movement -through public spaces. We have license plates on cars, tail numbers on -aircraft. This is no different. And every citizen should be able to -download an app that shows the population of drones and autonomous -vehicles moving through public spaces around them, both right now and -historically. And civic leaders should deploy sensors and civic drones -to detect rogue drones, and instead of sending killer drones of their -own up to shoot them down, they should notify humans to their -presence. And in certain very high-security areas, perhaps civic -drones would snare them and drag them off to a bomb disposal facility.

- -

But notice, this is more an immune system than a weapons system. It -would allow us to avail ourselves of the use of autonomous vehicles -and drones while still preserving our open, civil society.

- -
- -

The key is that every citizen should be able to read the -radio beacons sent from the drones in the area, to be able to check -both the government and others use of drones. For such control to be -effective, everyone must be able to do it. What should such beacon -contain? At least formal owner, purpose, contact information and GPS -location. Probably also the origin and target position of the current -flight. And perhaps some registration number to be able to look up -the drone in a central database tracking their movement. Robots -should not have privacy. It is people who need privacy.

+
Offentlig elektronisk postjournal blokkerer tilgang for utvalgte webklienter
+
20th April 2017
+

Jeg oppdaget i dag at nettstedet som +publiserer offentlige postjournaler fra statlige etater, OEP, har +begynt å blokkerer enkelte typer webklienter fra å få tilgang. Vet +ikke hvor mange det gjelder, men det gjelder i hvert fall libwww-perl +og curl. For å teste selv, kjør følgende:

+ +
+% curl -v -s https://www.oep.no/pub/report.xhtml?reportId=3 2>&1 |grep '< HTTP'
+< HTTP/1.1 404 Not Found
+% curl -v -s --header 'User-Agent:Opera/12.0' https://www.oep.no/pub/report.xhtml?reportId=3 2>&1 |grep '< HTTP'
+< HTTP/1.1 200 OK
+%
+
+ +

Her kan en se at tjenesten gir «404 Not Found» for curl i +standardoppsettet, mens den gir «200 OK» hvis curl hevder å være Opera +versjon 12.0. Offentlig elektronisk postjournal startet blokkeringen +2017-03-02.

+ +

Blokkeringen vil gjøre det litt vanskeligere å maskinelt hente +informasjon fra oep.no. Kan blokkeringen være gjort for å hindre +automatisert innsamling av informasjon fra OEP, slik Pressens +Offentlighetsutvalg gjorde for å dokumentere hvordan departementene +hindrer innsyn i +rapporten +«Slik hindrer departementer innsyn» som ble publiserte i januar +2017. Det virker usannsynlig, da det jo er trivielt å bytte +User-Agent til noe nytt.

+ +

Finnes det juridisk grunnlag for det offentlige å diskriminere +webklienter slik det gjøres her? Der tilgang gis eller ikke alt etter +hva klienten sier at den heter? Da OEP eies av DIFI og driftes av +Basefarm, finnes det kanskje noen dokumenter sendt mellom disse to +aktørene man kan be om innsyn i for å forstå hva som har skjedd. Men +postjournalen +til DIFI viser kun to dokumenter det siste året mellom DIFI og +Basefarm. +Mimes brønn neste, +tenker jeg.

- Tags: english, robot, sikkerhet, surveillance. + Tags: norsk, offentlig innsyn.
@@ -765,26 +616,101 @@ should not have privacy. It is people who need privacy.

-
Lets make a wireless community network in Oslo!
-
13th November 2013
-

Today NUUG and Hackeriet announced -our -plans to join forces and create a wireless community network in -Oslo. The workshop to help people get started will take place -Thursday 2013-11-28, but we already are collecting the geolocation of -people joining forces to make this happen. We have -9 -locations plotted on the map, but we will need more before we have -a connected mesh spread across Oslo. If this sound interesting to -you, please join us at the workshop. If you are too impatient to wait -15 days, please join us on the IRC channel -#nuug on irc.freenode.net -right away. :)

+
Free software archive system Nikita now able to store documents
+
19th March 2017
+

The Nikita +Noark 5 core project is implementing the Norwegian standard for +keeping an electronic archive of government documents. +The +Noark 5 standard document the requirement for data systems used by +the archives in the Norwegian government, and the Noark 5 web interface +specification document a REST web service for storing, searching and +retrieving documents and metadata in such archive. I've been involved +in the project since a few weeks before Christmas, when the Norwegian +Unix User Group +announced +it supported the project. I believe this is an important project, +and hope it can make it possible for the government archives in the +future to use free software to keep the archives we citizens depend +on. But as I do not hold such archive myself, personally my first use +case is to store and analyse public mail journal metadata published +from the government. I find it useful to have a clear use case in +mind when developing, to make sure the system scratches one of my +itches.

+ +

If you would like to help make sure there is a free software +alternatives for the archives, please join our IRC channel +(#nikita on +irc.freenode.net) and +the +project mailing list.

+ +

When I got involved, the web service could store metadata about +documents. But a few weeks ago, a new milestone was reached when it +became possible to store full text documents too. Yesterday, I +completed an implementation of a command line tool +archive-pdf to upload a PDF file to the archive using this +API. The tool is very simple at the moment, and find existing +fonds, series and +files while asking the user to select which one to use if more than +one exist. Once a file is identified, the PDF is associated with the +file and uploaded, using the title extracted from the PDF itself. The +process is fairly similar to visiting the archive, opening a cabinet, +locating a file and storing a piece of paper in the archive. Here is +a test run directly after populating the database with test data using +our API tester:

+ +

+~/src//noark5-tester$ ./archive-pdf mangelmelding/mangler.pdf
+using arkiv: Title of the test fonds created 2017-03-18T23:49:32.103446
+using arkivdel: Title of the test series created 2017-03-18T23:49:32.103446
+
+ 0 - Title of the test case file created 2017-03-18T23:49:32.103446
+ 1 - Title of the test file created 2017-03-18T23:49:32.103446
+Select which mappe you want (or search term): 0
+Uploading mangelmelding/mangler.pdf
+  PDF title: Mangler i spesifikasjonsdokumentet for NOARK 5 Tjenestegrensesnitt
+  File 2017/1: Title of the test case file created 2017-03-18T23:49:32.103446
+~/src//noark5-tester$
+

+ +

You can see here how the fonds (arkiv) and serie (arkivdel) only had +one option, while the user need to choose which file (mappe) to use +among the two created by the API tester. The archive-pdf +tool can be found in the git repository for the API tester.

+ +

In the project, I have been mostly working on +the API +tester so far, while getting to know the code base. The API +tester currently use +the HATEOAS links +to traverse the entire exposed service API and verify that the exposed +operations and objects match the specification, as well as trying to +create objects holding metadata and uploading a simple XML file to +store. The tester has proved very useful for finding flaws in our +implementation, as well as flaws in the reference site and the +specification.

+ +

The test document I uploaded is a summary of all the specification +defects we have collected so far while implementing the web service. +There are several unclear and conflicting parts of the specification, +and we have +started +writing down the questions we get from implementing it. We use a +format inspired by how The +Austin Group collect defect reports for the POSIX standard with +their +instructions for the MANTIS defect tracker system, in lack of an official way to structure defect reports for Noark 5 (our first submitted defect report was a request for a procedure for submitting defect reports :). + +

The Nikita project is implemented using Java and Spring, and is +fairly easy to get up and running using Docker containers for those +that want to test the current code base. The API tester is +implemented in Python.

- Tags: english, mesh network, nuug. + Tags: english, nuug, offentlig innsyn, standard.
@@ -799,10 +725,109 @@ right away. :)

Archive