Good causes: Debian Outreach Program for Women, EFF documenting the spying and Open access in Norway

15th October 2013

The last few days I came across a few good causes that should get -wider attention. I recommend signing and donating to each one of -these. :)

- -

Via Debian -Project News for 2013-10-14 I came across the Outreach Program for -Women program which is a Google Summer of Code like initiative to get -more women involved in free software. One debian sponsor has offered -to match any donation done to Debian -earmarked for this initiative. I donated a few minutes ago, and -hope you will to. :)

- -

And the Electronic Frontier Foundation just announced plans to -create video documentaries about the excessive spying on every -Internet user that take place these days, and their need to fund the -work. I've already donated. Are you next?

- -

For my Norwegian audience, the organisation Studentenes og -Akademikernes Internasjonale Hjelpefond is collecting signatures for a -statement under the heading -Bloggers United for Open -Access for those of us asking for more focus on open access in the -Norwegian government. So far 499 signatures. I hope you will sign it -too.

Simpler recipe on how to make a simple $7 IMSI Catcher using Debian

9th August 2017

On friday, I came across an interesting article in the Norwegian +web based ICT news magazine digi.no on +how +to collect the IMSI numbers of nearby cell phones using the cheap +DVB-T software defined radios. The article refered to instructions +and a recipe by +Keld Norman on Youtube on how to make a simple $7 IMSI Catcher, and I decided to test them out.

+ +

The instructions said to use Ubuntu, install pip using apt (to +bypass apt), use pip to install pybombs (to bypass both apt and pip), +and the ask pybombs to fetch and build everything you need from +scratch. I wanted to see if I could do the same on the most recent +Debian packages, but this did not work because pybombs tried to build +stuff that no longer build with the most recent openssl library or +some other version skew problem. While trying to get this recipe +working, I learned that the apt->pip->pybombs route was a long detour, +and the only piece of software dependency missing in Debian was the +gr-gsm package. I also found out that the lead upstream developer of +gr-gsm (the name stand for GNU Radio GSM) project already had a set of +Debian packages provided in an Ubuntu PPA repository. All I needed to +do was to dget the Debian source package and built it.

+ +

The IMSI collector is a python script listening for packages on the +loopback network device and printing to the terminal some specific GSM +packages with IMSI numbers in them. The code is fairly short and easy +to understand. The reason this work is because gr-gsm include a tool +to read GSM data from a software defined radio like a DVB-T USB stick +and other software defined radios, decode them and inject them into a +network device on your Linux machine (using the loopback device by +default). This proved to work just fine, and I've been testing the +collector for a few days now.

+ +

The updated and simpler recipe is thus to

+ +

start with a Debian machine running Stretch or newer,
build and install the gr-gsm package available from +http://ppa.launchpad.net/ptrkrysik/gr-gsm/ubuntu/pool/main/g/gr-gsm/,
clone the git repostory from https://github.com/Oros42/IMSI-catcher,
run grgsm_livemon and adjust the frequency until the terminal +where it was started is filled with a stream of text (meaning you +found a GSM station).
go into the IMSI-catcher directory and run 'sudo python simple_IMSI-catcher.py' to extract the IMSI numbers.

+ +

To make it even easier in the future to get this sniffer up and +running, I decided to package +the gr-gsm project +for Debian (WNPP +#871055), and the package was uploaded into the NEW queue today. +Luckily the gnuradio maintainer has promised to help me, as I do not +know much about gnuradio stuff yet.

+ +

I doubt this "IMSI cacher" is anywhere near as powerfull as +commercial tools like +The +Spy Phone Portable IMSI / IMEI Catcher or the +Harris +Stingray, but I hope the existance of cheap alternatives can make +more people realise how their whereabouts when carrying a cell phone +is easily tracked. Seeing the data flow on the screen, realizing that +I live close to a police station and knowing that the police is also +wearing cell phones, I wonder how hard it would be for criminals to +track the position of the police officers to discover when there are +police near by, or for foreign military forces to track the location +of the Norwegian military forces, or for anyone to track the location +of government officials...

+ +

It is worth noting that the data reported by the IMSI-catcher +script mentioned above is only a fraction of the data broadcasted on +the GSM network. It will only collect one frequency at the time, +while a typical phone will be using several frequencies, and not all +phones will be using the frequencies tracked by the grgsm_livemod +program. Also, there is a lot of radio chatter being ignored by the +simple_IMSI-catcher script, which would be collected by extending the +parser code. I wonder if gr-gsm can be set up to listen to more than +one frequency?

- Tags: debian, english, opphavsrett, surveillance. + Tags: debian, english, personvern, surveillance.

@@ -58,142 +117,37 @@ too.

Oslo community mesh network - with NUUG and Hackeriet at Hausmania

11th October 2013

Wireless mesh networks are self organising and self healing -networks that can be used to connect computers across small and large -areas, depending on the radio technology used. Normal wifi equipment -can be used to create home made radio networks, and there are several -successful examples like -Freifunk and -Athens Wireless Metropolitan Network -(see -wikipedia -for a large list) around the globe. To give you an idea how it -work, check out the nice overview of the Kiel Freifunk community which -can be seen from their -dynamically -updated node graph and map, where one can see how the mesh nodes -automatically handle routing and recover from nodes disappearing. -There is also a small community mesh network group in Oslo, Norway, -and that is the main topic of this blog post.

- -

I've wanted to check out mesh networks for a while now, and hoped -to do it as part of my involvement with the NUUG member organisation community, and -my recent involvement in -the Freedombox project -finally lead me to give mesh networks some priority, as I suspect a -Freedombox should use mesh networks to connect neighbours and family -when possible, given that most communication between people are -between those nearby (as shown for example by research on Facebook -communication patterns). It also allow people to communicate without -any central hub to tap into for those that want to listen in on the -private communication of citizens, which have become more and more -important over the years.

- -

So far I have only been able to find one group of people in Oslo -working on community mesh networks, over at the hack space -Hackeriet at Husmania. They seem to -have started with some Freifunk based effort using OLSR, called -the Oslo -Freifunk project, but that effort is now dead and the people -behind it have moved on to a batman-adv based system called -meshfx. Unfortunately the wiki -site for the Oslo Freifunk project is no longer possible to update to -reflect this fact, so the old project page can't be updated to point to -the new project. A while back, the people at Hackeriet invited people -from the Freifunk community to Oslo to talk about mesh networks. I -came across this video where Hans JÃ¸rgen Lysglimt interview the -speakers about this talk (from -youtube):

- -

I mentioned OLSR and batman-adv, which are mesh routing protocols. -There are heaps of different protocols, and I am still struggling to -figure out which one would be "best" for some definitions of best, but -given that the community mesh group in Oslo is so small, I believe it -is best to hook up with the existing one instead of trying to create a -completely different setup, and thus I have decided to focus on -batman-adv for now. It sure help me to know that the very cool -Serval project in Australia -is using batman-adv as their meshing technology when it create a self -organizing and self healing telephony system for disaster areas and -less industrialized communities. Check out this cool video presenting -that project (from -youtube):

- -

According to the wikipedia page on -Wireless -mesh network there are around 70 competing schemes for routing -packets across mesh networks, and OLSR, B.A.T.M.A.N. and -B.A.T.M.A.N. advanced are protocols used by several free software -based community mesh networks.

- -

The batman-adv protocol is a bit special, as it provide layer 2 -(as in ethernet ) routing, allowing ipv4 and ipv6 to work on the same -network. One way to think about it is that it provide a mesh based -vlan you can bridge to or handle like any other vlan connected to your -computer. The required drivers are already in the Linux kernel at -least since Debian Wheezy, and it is fairly easy to set up. A -good -introduction is available from the Open Mesh project. These are -the key settings needed to join the Oslo meshfx network:

- -

- - - - - -
Setting Value
Protocol / kernel module batman-adv
ESSID meshfx@hackeriet
Channel / Frequency 11 / 2462
Cell ID 02:BA:00:00:00:01

Setting	Value
Protocol / kernel module	batman-adv
ESSID	meshfx@hackeriet
Channel / Frequency	11 / 2462
Cell ID	02:BA:00:00:00:01

- -

The reason for setting ad-hoc wifi Cell ID is to work around bugs -in firmware used in wifi card and wifi drivers. (See a nice post from -VillageTelco about -"Information -about cell-id splitting, stuck beacons, and failed IBSS merges! -for details.) When these settings are activated and you have some -other mesh node nearby, your computer will be connected to the mesh -network and can communicate with any mesh node that is connected to -any of the nodes in your network of nodes. :)

- -

My initial plan was to reuse my old Linksys WRT54GL as a mesh node, -but that seem to be very hard, as I have not been able to locate a -firmware supporting batman-adv. If anyone know how to use that old -wifi access point with batman-adv these days, please let me know.

- -

If you find this project interesting and want to join, please join -us on IRC, either channel -#oslohackerspace -or #nuug on -irc.freenode.net.

- -

While investigating mesh networks in Oslo, I came across an old -research paper from the university of Stavanger and Telenor Research -and Innovation called -The -reliability of wireless backhaul mesh networks and elsewhere -learned that Telenor have been experimenting with mesh networks at -GrÃ¼nerlÃ¸kka in Oslo. So mesh networks are also interesting for -commercial companies, even though Telenor discovered that it was hard -to figure out a good business plan for mesh networking and as far as I -know have closed down the experiment. Perhaps Telenor or others would -be interested in a cooperation?

- -

Update 2013-10-12: I was just -told -by the Serval project developers that they no longer use -batman-adv (but are compatible with it), but their own crypto based -mesh system.

Norwegian BokmÃ¥l edition of Debian Administrator's Handbook is now available

25th July 2017

+ +

I finally received a copy of the Norwegian BokmÃ¥l edition of +"The Debian Administrator's +Handbook". This test copy arrived in the mail a few days ago, and +I am very happy to hold the result in my hand. We spent around one and a half year translating it. This paperbook edition +is available +from lulu.com. If you buy it quickly, you save 25% on the list +price. The book is also available for download in electronic form as +PDF, EPUB and Mobipocket, as can be +read online +as a web page.

+ +

This is the second book I publish (the first was the book +"Free Culture" by Lawrence Lessig +in +English, +French +and +Norwegian +BokmÃ¥l), and I am very excited to finally wrap up this +project. I hope +"HÃ¥ndbok +for Debian-administratoren" will be well received.

- Tags: english, freedombox, nuug. + Tags: debian, debian-handbook, english.

@@ -201,37 +155,50 @@ mesh system.

Skolelinux / Debian Edu 7.1 install and overview video from Marcelo Salvador

8th October 2013

The other day I was pleased and surprised to discover that Marcelo -Salvador had published a -video on -Youtube showing how to install the standalone Debian Edu / -Skolelinux profile. This is the profile intended for use at home or -on laptops that should not be integrated into the provided network -services (no central home directory, no Kerberos / LDAP directory etc, -in other word a single user machine). The result is 11 minutes long, -and show some user applications (seem to be rather randomly picked). -Missed a few of my favorites like celestia, planets and chromium -showing the Zygote Body 3D model -of the human body, but I guess he did not know about those or find -other programs more interesting. :) And the video do not show the -advantages I believe is one of the most valuable featuers in Debian -Edu, its central school server making it possible to run hundreds of -computers without hard drives by installing one central -LTSP server.

- -

Anyway, check out the video, embedded below and linked to above:

- - - -

Are there other nice videos demonstrating Skolelinux? Please let -me know. :)

Â«Rapporten ser ikke pÃ¥ informasjonssikkerhet knyttet til personlig integritetÂ»

27th June 2017

Jeg kom over teksten +Â«Killing +car privacy by federal mandateÂ» av Leonid Reyzin pÃ¥ Freedom to +Tinker i dag, og det gleder meg Ã¥ se en god gjennomgang om hvorfor det +er et urimelig inngrep i privatsfÃ¦ren Ã¥ la alle biler kringkaste sin +posisjon og bevegelse via radio. Det omtalte forslaget basert pÃ¥ +Dedicated Short Range Communication (DSRC) kalles Basic Safety Message +(BSM) i USA og Cooperative Awareness Message (CAM) i Europa, og det +norske Vegvesenet er en av de som ser ut til Ã¥ kunne tenke seg Ã¥ +pÃ¥legge alle biler Ã¥ fjerne nok en bit av innbyggernes privatsfÃ¦re. +Anbefaler alle Ã¥ lese det som stÃ¥r der. + +

Mens jeg tittet litt pÃ¥ DSRC pÃ¥ biler i Norge kom jeg over et sitat +jeg synes er illustrativt for hvordan det offentlige Norge hÃ¥ndterer +problemstillinger rundt innbyggernes privatsfÃ¦re i SINTEF-rapporten +Â«Informasjonssikkerhet +i AutoPASS-brikkerÂ» av Trond Foss:

+ +

+Â«Rapporten ser ikke pÃ¥ informasjonssikkerhet knyttet til personlig + integritet.Â» +

+ +

SÃ¥ enkelt kan det tydeligvis gjÃ¸res nÃ¥r en vurderer +informasjonssikkerheten. Det holder vel at folkene pÃ¥ toppen kan si +at Â«Personvernet er ivaretattÂ», som jo er den populÃ¦re intetsigende +frasen som gjÃ¸r at mange tror enkeltindividers integritet tas vare pÃ¥. +Sitatet fikk meg til Ã¥ undres pÃ¥ hvor ofte samme tilnÃ¦rming, Ã¥ bare se +bort fra behovet for personlig itegritet, blir valgt nÃ¥r en velger Ã¥ +legge til rette for nok et inngrep i privatsfÃ¦ren til personer i +Norge. Det er jo sjelden det fÃ¥r reaksjoner. Historien om +reaksjonene pÃ¥ Helse SÃ¸r-Ãsts tjenesteutsetting er jo sÃ¸rgelig nok et +unntak og toppen av isfjellet, desverre. Tror jeg fortsatt takker nei +til bÃ¥de AutoPASS og holder meg sÃ¥ langt unna det norske helsevesenet +som jeg kan, inntil de har demonstrert og dokumentert at de verdsetter +individets privatsfÃ¦re og personlige integritet hÃ¸yere enn kortsiktig +gevist og samfunnsnytte.

- Tags: debian edu, english, video. + Tags: norsk, personvern, sikkerhet.

@@ -239,23 +206,66 @@ me know. :)

Finally, Debian Edu Wheezy is released today!

29th September 2013

A few hours ago, the announcement for the first stable release of -Debian Edu Wheezy went out from the Debian publicity team. The -complete announcement text can be found at -the Debian News -section, translated to several languages. Please check it out.

- -

There is one minor known problem that we will fix very soon. One -can not install a amd64 Thin Client Server using PXE, as the /var/ -partition is too small. A workaround is to extend the partition (use -lvresize + resize2fs in tty 2 while installing).

Updated sales number for my Free Culture paper editions

12th June 2017

It is pleasing to see that the work we put down in publishing new +editions of the classic Free +Culture book by the founder of the Creative Commons movement, +Lawrence Lessig, is still being appreciated. I had a look at the +latest sales numbers for the paper edition today. Not too impressive, +but happy to see some buyers still exist. All the revenue from the +books is sent to the Creative +Commons Corporation, and they receive the largest cut if you buy +directly from Lulu. Most books are sold via Amazon, with Ingram +second and only a small fraction directly from Lulu. The ebook +edition is available for free from +Github.

+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +

Title / language	Quantity
Title / language	2016 jan-jun	2016 jul-dec	2017 jan-may
Culture Libre / French	3	6	15
Fri kultur / Norwegian	7	1	0
Free Culture / English	14	27	16
Total	24	34	31

+ +

A bit sad to see the low sales number on the Norwegian edition, and +a bit surprising the English edition still selling so well.

+ +

If you would like to translate and publish the book in your native +language, I would be happy to help make it happen. Please get in +touch.

- Tags: debian edu, english. + Tags: docbook, english, freeculture.

@@ -263,72 +273,59 @@ lvresize + resize2fs in tty 2 while installing).

Videos about the Freedombox project - for inspiration and learning

27th September 2013

The Freedombox -project have been going on for a while, and have presented the -vision, ideas and solution several places. Here is a little -collection of videos of talks and presentation of the project.

Release 0.1.1 of free software archive system Nikita announced

10th June 2017

I am very happy to report that the +Nikita Noark 5 +core project tagged its second release today. The free software +solution is an implementation of the Norwegian archive standard Noark +5 used by government offices in Norway. These were the changes in +version 0.1.1 since version 0.1.0 (from NEWS.md):

FreedomBox - -2,5 minute marketing film (Youtube)
Eben Moglen -discusses the Freedombox on CBS news 2011 (Youtube)
Eben Moglen - -Freedom in the Cloud - Software Freedom, Privacy and and Security for -Web 2.0 and Cloud computing at ISOC-NY Public Meeting 2010 -(Youtube)
Fosdem 2011 -Keynote by Eben Moglen presenting the Freedombox (Youtube)
Presentation of -the Freedombox by James Vasile at Elevate in Gratz 2011 (Youtube)
Freedombox - -Discovery, Identity, and Trust by Nick Daly at Freedombox Hackfest New -York City in 2012 (Youtube)
Introduction -to the Freedombox at Freedombox Hackfest New York City in 2012 -(Youtube)
Freedom, Out -of the Box! by Bdale Garbee at linux.conf.au Ballarat, 2012 (Youtube)
Freedombox -1.0 by Eben Moglen and Bdale Garbee at Fosdem 2013 (FOSDEM)
What is the -FreedomBox today by Bdale Garbee at Debconf13 in Vaumarcus -2013 (Youtube)
Continued work on the angularjs GUI, including document upload.
Implemented correspondencepartPerson, correspondencepartUnit and + correspondencepartInternal
Applied for coverity coverage and started submitting code on + regualr basis.
Started fixing bugs reported by coverity
Corrected and completed HATEOAS links to make sure entire API is + available via URLs in _links.
Corrected all relation URLs to use trailing slash.
Add initial support for storing data in ElasticSearch.
Now able to receive and store uploaded files in the archive.
Changed JSON output for object lists to have relations in _links.
Improve JSON output for empty object lists.
Now uses correct MIME type application/vnd.noark5-v4+json.
Added support for docker container images.
Added simple API browser implemented in JavaScript/Angular.
Started on archive client implemented in JavaScript/Angular.
Started on prototype to show the public mail journal.
Improved performance by disabling Sprint FileWatcher.
Added support for 'arkivskaper', 'saksmappe' and 'journalpost'.
Added support for some metadata codelists.
Added support for Cross-origin resource sharing (CORS).
Changed login method from Basic Auth to JSON Web Token (RFC 7519) + style.
Added support for GET-ing ny-* URLs.
Added support for modifying entities using PUT and eTag.
Added support for returning XML output on request.
Removed support for English field and class names, limiting ourself + to the official names.
...

A larger list is available from -the -Freedombox Wiki.

- -

On other news, I am happy to report that Freedombox based on Debian -Jessie is coming along quite well, and soon both Owncloud and using -Tor should be available for testers of the Freedombox solution. :) In -a few weeks I hope everything needed to test it is included in Debian. -The withsqlite package is already in Debian, and the plinth package is -pending in NEW. The third and vital part of that puzzle is the -metapackage/setup framework, which is still pending an upload. Join -us on IRC -(#freedombox on irc.debian.org) and -the -mailing list if you want to help make this vision come true.

If this sound interesting to you, please contact us on IRC (#nikita +on irc.freenode.net) or email +(nikita-noark +mailing list).

- Tags: debian, english, freedombox, sikkerhet, surveillance, web. + Tags: english, nuug, offentlig innsyn, standard.

@@ -336,119 +333,99 @@ mailing list if you want to help make this vision come true.

Third and probably last beta release of Debian Edu Wheezy

16th September 2013

The third wheezy based beta release of Debian Edu was wrapped up -today. This is the release announcement from Holger Levsen:

- -

-
Hi,
- -
it is my pleasure to announce the third beta release (beta 2 for -short) of Debian Edu / -Skolelinux based on Debian Wheezy!
- -
Please test these images extensivly, if no new problems are found -we plan to do this final Debian Edu Wheezy release this coming -weekend. We are not aware of any major problems or blockers in beta2, -if you find something, please notify us immediately!
- -
(More about the remaining steps for the Edu Wheezy release in -another mail to the edu list tonight or tomorrow...)
- -
Noteworthy changes and software updates for Debian Edu 7.1+edu0~b2 -compared to beta1:
- -
- -
The KDE proxy setup has been adjusted to use the provided wpad.dat. This -also gets Chromium to use this proxy.
-
Install kdepim-groupware with KDE desktops to make sure korganizer -understand ical/dav sources.
-
Increased default maximum size of /var/spool/squid and /skole/backup on the -main server.
-
A source DVD image containing all source packages is now available as well.
-
Updates for chromium (29.0.1547.57-1~deb7u1), imagemagick -(6.7.7.10-5+deb7u2), php5 (5.4.4-14+deb7u4), libmodplug -(0.8.8.4-3+deb7u1+git20130828), tiff (4.0.2-6+deb7u2), linux-image -(3.2.0-4-486_3.2.46-1+deb7u1).
- -
- -
Where to get it:
- -
To download the multiarch netinstall CD release you can use
+
Idea for storing trusted timestamps in a Noark 5 archive
+
7th June 2017
+
This is a copy of +an +email I posted to the nikita-noark mailing list. Please follow up +there if you would like to discuss this topic. The background is that +we are making a free software archive system based on the Norwegian +Noark +5 standard for government archives.
+ +
I've been wondering a bit lately how trusted timestamps could be +stored in Noark 5. +Trusted +timestamps can be used to verify that some information +(document/file/checksum/metadata) have not been changed since a +specific time in the past. This is useful to verify the integrity of +the documents in the archive.
+ +
Then it occured to me, perhaps the trusted timestamps could be +stored as dokument variants (ie dokumentobjekt referered to from +dokumentbeskrivelse) with the filename set to the hash it is +stamping?
+ +
Given a "dokumentbeskrivelse" with an associated "dokumentobjekt", +a new dokumentobjekt is associated with "dokumentbeskrivelse" with the +same attributes as the stamped dokumentobjekt except these +attributes:

-
ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b2-CD.iso
-
http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b2-CD.iso
-
rsync -avzP ftp.skolelinux.org::skolelinux-cd/wheezy/debian-edu-7.1+edu0~b2-CD.iso .
-
-
The SHA1SUM of this image is: 3a1c89f4666df80eebcd46c5bf5fedb866f9472f
+
format -> "RFC3161" +
mimeType -> "application/timestamp-reply" +
formatDetaljer -> "<source URL for timestamp service>" +
filenavn -> "<sjekksum>.tsr" -
To download the multiarch USB stick ISO release you can use -
-
ftp://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b2-USB.iso
-
http://ftp.skolelinux.org/skolelinux-cd/wheezy/debian-edu-7.1+edu0~b2-USB.iso
-
rsync -avzP ftp.skolelinux.org::skolelinux-cd/wheezy/debian-edu-7.1+edu0~b2-USB.iso .

-
The SHA1SUM of this image is: 702d1718548f401c74bfa6df9f032cc3ee16597e
- -
The Source DVD image has the filename -debian-edu-7.1+edu0~b2-source-DVD.iso and the SHA1SUM -089eed8b3f962db47aae1f6a9685e9bb2fa30ca5 and is available the same way -as the other isos.
- -
How to report bugs
- -
For information how to report bugs please see -
http://wiki.debian.org/DebianEdu/HowTo/ReportBugs
- - -
About Debian Edu and Skolelinux
- -
Debian Edu, also known as Skolelinux, is a Linux distribution based -on Debian providing an out-of-the box environment of a completely -configured school network. Immediately after installation a school -server running all services needed for a school network is set up just -waiting for users and machines being added via GOsaÂ², a comfortable -Web-UI. A netbooting environment is prepared using PXE, so after -initial installation of the main server from CD or USB stick all other -machines can be installed via the network. The provided school server -provides LDAP database and Kerberos authentication service, -centralized home directories, DHCP server, web proxy and many other -services. The desktop contains more than 60 educational software -packages and more are available from the Debian archive, and schools -can choose between KDE, Gnome, LXDE and Xfce desktop environment.
- -
This is the seventh test release based on Debian Wheezy. Basically -this is an updated and slightly improved version compared to the -Squeeze release.
- -
Notes for upgrades from Alpha Prereleases
- -
Alpha based installations should reinstall or downgrade the -versions of gosa and libpam-mklocaluser to the ones used in this beta -release. Both alpha and beta0 based installations should reinstall or -deal with gosa.conf manually; there are two options: (1) Keep -gosa.conf and edit this file as outlined on the mailing list. (2) -Accept the new version of gosa.conf and replace both contained admin -password placeholders with the password hashes found in the old one -(backup copy!). In both cases all users need to change their password -to make sure a password is set for CIFS access to their home -directory.
- - -
cheers, -
Holger
-

This assume a service following +IETF RFC 3161 is +used, which specifiy the given MIME type for replies and the .tsr file +ending for the content of such trusted timestamp. As far as I can +tell from the Noark 5 specifications, it is OK to have several +variants/renderings of a dokument attached to a given +dokumentbeskrivelse objekt. It might be stretching it a bit to make +some of these variants represent crypto-signatures useful for +verifying the document integrity instead of representing the dokument +itself.

+ +

Using the source of the service in formatDetaljer allow several +timestamping services to be used. This is useful to spread the risk +of key compromise over several organisations. It would only be a +problem to trust the timestamps if all of the organisations are +compromised.

+ +

The following oneliner on Linux can be used to generate the tsr +file. $input is the path to the file to checksum, and $sha256 is the +SHA-256 checksum of the file (ie the ".tsr" value mentioned +above).

+ +

+openssl ts -query -data "$inputfile" -cert -sha256 -no_nonce \
+  | curl -s -H "Content-Type: application/timestamp-query" \
+      --data-binary "@-" http://zeitstempel.dfn.de > $sha256.tsr
+

+ +

To verify the timestamp, you first need to download the public key +of the trusted timestamp service, for example using this command:

+ +

+wget -O ca-cert.txt \
+  https://pki.pca.dfn.de/global-services-ca/pub/cacert/chain.txt
+

+ +

Note, the public key should be stored alongside the timestamps in +the archive to make sure it is also available 100 years from now. It +is probably a good idea to standardise how and were to store such +public keys, to make it easier to find for those trying to verify +documents 100 or 1000 years from now. :)

+ +

The verification itself is a simple openssl command:

+ +

+openssl ts -verify -data $inputfile -in $sha256.tsr \
+  -CAfile ca-cert.txt -text
+

+ +

Is there any reason this approach would not work? Is it somehow against +the Noark 5 specification?

- Tags: debian edu, english. + Tags: english, offentlig innsyn, standard.

@@ -456,135 +433,61 @@ directory.

Recipe to test the Freedombox project on amd64 or Raspberry Pi

10th September 2013

I was introduced to the -Freedombox project -in 2010, when Eben Moglen presented his vision about serving the need -of non-technical people to keep their personal information private and -within the legal protection of their own homes. The idea is to give -people back the power over their network and machines, and return -Internet back to its intended peer-to-peer architecture. Instead of -depending on a central service, the Freedombox will give everyone -control over their own basic infrastructure.

- -

I've intended to join the effort since then, but other tasks have -taken priority. But this summers nasty news about the misuse of trust -and privilege exercised by the "western" intelligence gathering -communities increased my eagerness to contribute to a point where I -actually started working on the project a while back.

- -

The initial -Debian initiative based on the vision from Eben Moglen, is to -create a simple and cheap Debian based appliance that anyone can hook -up in their home and get access to secure and private services and -communication. The initial deployment platform have been the -Dreamplug, -which is a piece of hardware I do not own. So to be able to test what -the current Freedombox setup look like, I had to come up with a way to install -it on some hardware I do have access to. I have rewritten the -freedom-maker -image build framework to use .deb packages instead of only copying -setup into the boot images, and thanks to this rewrite I am able to -set up any machine supported by Debian Wheezy as a Freedombox, using -the previously mentioned deb (and a few support debs for packages -missing in Debian).

- -

The current Freedombox setup consist of a set of bootstrapping -scripts -(freedombox-setup), -and a administrative web interface -(plinth + exmachina + -withsqlite), as well as a privacy enhancing proxy based on -privoxy -(freedombox-privoxy). There is also a web/javascript based XMPP -client (jwchat) -trying (unsuccessfully so far) to talk to the XMPP server -(ejabberd). The -web interface is pluggable, and the goal is to use it to enable OpenID -services, mesh network connectivity, use of TOR, etc, etc. Not much of -this is really working yet, see -the -project TODO for links to GIT repositories. Most of the code is -on github at the moment. The HTTP proxy is operational out of the -box, and the admin web interface can be used to add/remove plinth -users. I've not been able to do anything else with it so far, but -know there are several branches spread around github and other places -with lots of half baked features.

- -

Anyway, if you want to have a look at the current state, the -following recipes should work to give you a test machine to poke -at.

- -

Debian Wheezy amd64

NÃ¥r nynorskoversettelsen svikter til eksamen...

3rd June 2017

Aftenposten +melder i dag om feil i eksamensoppgavene for eksamen i politikk og +menneskerettigheter, der teksten i bokmÃ¥ls og nynorskutgaven ikke var +like. Oppgaveteksten er gjengitt i artikkelen, og jeg ble nysgjerring +pÃ¥ om den fri oversetterlÃ¸sningen +Apertium ville gjort en bedre +jobb enn Utdanningsdirektoratet. Det kan se slik ut.

+ +

Her er bokmÃ¥lsoppgaven fra eksamenen:

+
DrÃ¸ft utfordringene knyttet til nasjonalstatenes og andre aktÃ¸rers +rolle og muligheter til Ã¥ hÃ¥ndtere internasjonale utfordringer, som +for eksempel flykningekrisen.
-
Fetch normal Debian Wheezy installation ISO.
-
Boot from it, either as CD or USB stick.
-
Press [tab] on the boot prompt and add this as a boot argument -to the Debian installer:
-
url=http://www.reinholdtsen.name/freedombox/preseed-wheezy.dat
+
Vedlegge er eksempler pÃ¥ tekster som kan gi relevante perspektiver +pÃ¥ temaet:
+
+
Flykningeregnskapet 2016, UNHCR og IDMC +
Â«GrenselÃ¸st Europa for fallÂ» A-Magasinet, 26. november 2015 +
-
Answer the few language/region/password questions and pick disk to -install on.
+

When the installation is finished and the machine have rebooted a -few times, your Freedombox is ready for testing.

Dette oversetter Apertium slik:

+
DrÃ¸ft utfordringane knytte til nasjonalstatane sine og rolla til +andre aktÃ¸rar og hÃ¸ve til Ã¥ handtera internasjonale utfordringar, som +til dÃ¸mes *flykningekrisen.
-
Raspberry Pi Raspbian
+
Vedleggja er dÃ¸me pÃ¥ tekster som kan gje relevante perspektiv pÃ¥ +temaet:
- -
Fetch a Raspbian SD card image, create SD card.
-
Boot from SD card, extend file system to fill the card completely.
-
Log in and add this to /etc/sources.list:
-
-deb http://www.reinholdtsen.name/freedombox wheezy main
-
-
Run this as root:
-
-wget -O - http://www.reinholdtsen.name/freedombox/BE1A583D.asc | \
-   apt-key add -
-apt-get update
-apt-get install freedombox-setup
-/usr/lib/freedombox/setup
-
-
Reboot into your freshly created Freedombox.
- +
*Flykningeregnskapet 2016, *UNHCR og *IDMC
+
Â«*GrenselÃ¸st Europa for fallÂ» A-Magasinet, 26. november 2015
-
You can test it on other architectures too, but because the -freedombox-privoxy package is binary, it will only work as intended on -the architectures where I have had time to build the binary and put it -in my APT repository. But do not let this stop you. It is only a -short "apt-get source -b freedombox-privoxy" away. :)
- -
Note that by default Freedombox is a DHCP server on the -192.168.1.0/24 subnet, so if this is your subnet be careful and turn -off the DHCP server by running "update-rc.d isc-dhcp-server -disable" as root.
- -
Please let me know if this works for you, or if you have any -problems. We gather on the IRC channel -#freedombox on -irc.debian.org and the -project -mailing list.
- -
Once you get your freedombox operational, you can visit -http://your-host-name:8001/ to see the state of the plint -welcome screen (dead end - do not be surprised if you are unable to -get past it), and next visit http://your-host-name:8001/help/ -to look at the rest of plinth. The default user is 'admin' and the -default password is 'secret'.
+

+ +

Ord som ikke ble forstÃ¥tt er markert med stjerne (*), og trenger +ekstra sprÃ¥ksjekk. Men ingen ord er forsvunnet, slik det var i +oppgaven elevene fikk presentert pÃ¥ eksamen. Jeg mistenker dog at +"andre aktÃ¸rers rolle og muligheter til ..." burde vÃ¦rt oversatt til +"rolla til andre aktÃ¸rar og deira hÃ¸ve til ..." eller noe slikt, men +det er kanskje flisespikking. Det understreker vel bare at det alltid +trengs korrekturlesning etter automatisk oversettelse.

- Tags: debian, english, freedombox, sikkerhet, surveillance, web. + Tags: debian, norsk, stavekontroll.

@@ -592,470 +495,341 @@ default password is 'secret'.

Datalagringsdirektivet gjÃ¸r at Oslo HÃ¸yre og Arbeiderparti ikke fÃ¥r min stemme i Ã¥r

8th September 2013

I 2011 raderte et stortingsflertall bestÃ¥ende av HÃ¸yre og -Arbeiderpartiet vekk en betydelig del av privatsfÃ¦ren til det norske -folk. Det ble vedtatt at det skulle registreres og lagres i et halvt -Ã¥r hvor alle som bÃ¦rer pÃ¥ en mobiltelefon befinner seg, hvem de -snakker med og hvor lenge de snakket sammen. Det skal ogsÃ¥ -registreres hvem de sendte SMS-meldinger til, hvem en har sendt epost -til, og hvilke nett-tjenere en besÃ¸kte. Saken er kjent som -Datalagringsdirektivet -(DLD), og innebÃ¦rer at alle innbyggerne og andre innenfor Norges -grenser overvÃ¥kes dÃ¸gnet rundt. Det ble i praksis innfÃ¸rt brev og -besÃ¸kskontroll av hele befolkningen. Rapporter fra de landene som -allerede har innfÃ¸rt slik total lagring av borgernes -kommunikasjonsmÃ¸nstre forteller at det ikke hjelper i -kriminalitetsbekjempelsen. Den norske prislappen blir mange hundre -millioner, uten at det ser ut til Ã¥ bidra positivt til politiets -arbeide. Jeg synes flere hundre millioner i stedet burde vÃ¦rt brukt -pÃ¥ noe som kan dokumenteres Ã¥ ha effekt i kriminalitetsbekjempelsen. -Se mer pÃ¥ -Wikipedia -og Jon Wessel-Aas.

- -

Hva er problemet, tenkter du kanskje? Et Ã¥penbart problem er at -medienes kildevern i praksis blir radert ut. Den innsamlede -informasjonen gjÃ¸r det mulig Ã¥ finne ut hvem som har snakket med -journalister pÃ¥ telefon, SMS og epost, og hvem som har vÃ¦rt i nÃ¦rheten -av journalister sÃ¥ sant begge bar med seg en telefon. Et annet er at -advokatvernet blir sterkt redusert, der politiet kan finne ut hvem -som har snakket med en advokat nÃ¥r, eller vÃ¦rt i mÃ¸ter en med advokat. -Et tredje er at svÃ¦rt personlig informasjon kan avledes fra hvilke -nettsteder en har besÃ¸kt. Har en besÃ¸kt hivnorge.no, -swingersnorge.com eller andre sider som kan brukes til avlede -interesser som hÃ¸rer til privatsfÃ¦ren, vil denne informasjonen vÃ¦re -tilgjengelig takket vÃ¦re datalagringsdirektivet.

- -

De fleste partiene var mot, kun to partier stemte for. HÃ¸yre og -Arbeiderpartiet. Og bÃ¥de HÃ¸yre og Arbeiderpartiet i Oslo har -DLD-forkjempere pÃ¥ toppen av sine lister (har ikke sjekket de andre -fylkene). Det er dermed helt uaktuelt for meg Ã¥ stemme pÃ¥ disse -partiene. Her er oversikten over partienes valglister i Oslo, med -informasjon om hvem som stemte hva i fÃ¸rste DLD-votering i Stortinget, -basert pÃ¥ informasjon fra mine venner i -Holder de -Ord samt data.stortinget.no. -FÃ¸rst ut er stortingslista fra HÃ¸yre for Oslo:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

#	Navn, fÃ¸dselsÃ¥r og valgkrets	Stemme/kommentar
1.	Ine Marie Eriksen SÃ¸reide (1976), Gamle Oslo	Stemte for DLD
2.	Nikolai Astrup (1978), Frogner	Stemte mot DLD
3.	Michael Tetzschner (1954), Vestre Aker	Stemte mot DLD
4.	Kristin Vinje (1963), Nordre Aker	Ikke til stede
5.	Mudassar Hussain Kapur (1976), Nordstrand	Ikke til stede
6.	Stefan Magnus B. Heggelund (1984), GrÃ¼nerlÃ¸kka	Ikke til stede
7.	Heidi Nordby Lunde (1973), GrÃ¼nerlÃ¸kka	Ikke til stede
8.	Frode Helgerud (1950), Frogner	Ikke til stede
9.	Afshan Rafiq (1975), Stovner	Ikke til stede
10.	Astrid NÃ¸klebye Heiberg (1936), Frogner	Ikke til stede
11.	Camilla Strandskog (1984) St.Hanshaugen	Ikke til stede
12.	John Christian Elden (1967), Ullern	Ikke til stede
13.	Berit Solli (1972), Alna	Ikke til stede
14.	Ola Kvisgaard (1963), Frogner	Ikke til stede
15.	James Stove Lorentzen (1957), Vestre Aker	Ikke til stede
16.	GÃ¼lsÃ¼m Koc (1987), Stovner	Ikke til stede
17.	Jon Ole Whist (1976), GrÃ¼nerlÃ¸kka	Ikke til stede
18.	Maren Eline Malthe-SÃ¸renssen (1971), Vestre Aker	Ikke til stede
19.	StÃ¥le Hagen (1968), SÃ¸ndre Nordstrand	Ikke til stede
20.	Kjell Omdal Erichsen (1978), Sagene	Ikke til stede
21.	Saida R. Begum (1987), GrÃ¼nerlÃ¸kka	Ikke til stede
22.	Torkel Brekke (1970), Nordre Aker	Ikke til stede
23.	Sverre K. Seeberg (1950), Vestre Aker	Ikke til stede
24.	Julie Margrethe Brodtkorb (1974), Ullern	Ikke til stede
25.	Fabian Stang (1955), Frogner	Ikke til stede

- -

Deretter har vi stortingslista fra Arbeiderpartiet for Oslo:

- - - - - - - - - - - - - - - - +

Epost inn som arkivformat i Riksarkivarens forskrift?

27th April 2017

I disse dager, med frist 1. mai, har Riksarkivaren ute en hÃ¸ring pÃ¥ +sin forskrift. Som en kan se er det ikke mye tid igjen fÃ¸r fristen +som gÃ¥r ut pÃ¥ sÃ¸ndag. Denne forskriften er det som lister opp hvilke +formater det er greit Ã¥ arkivere i +Noark +5-lÃ¸sninger i Norge.

+ +

Jeg fant hÃ¸ringsdokumentene hos +Norsk +ArkivrÃ¥d etter Ã¥ ha blitt tipset pÃ¥ epostlisten til +fri +programvareprosjektet Nikita Noark5-Core, som lager et Noark 5 +Tjenestegresesnitt. Jeg er involvert i Nikita-prosjektet og takket +vÃ¦re min interesse for tjenestegrensesnittsprosjektet har jeg lest en +god del Noark 5-relaterte dokumenter, og til min overraskelse oppdaget +at standard epost ikke er pÃ¥ listen over godkjente formater som kan +arkiveres. HÃ¸ringen med frist sÃ¸ndag er en glimrende mulighet til Ã¥ +forsÃ¸ke Ã¥ gjÃ¸re noe med det. Jeg holder pÃ¥ med +egen +hÃ¸ringsuttalelse, og lurer pÃ¥ om andre er interessert i Ã¥ stÃ¸tte +forslaget om Ã¥ tillate arkivering av epost som epost i arkivet.

+ +

Er du igang med Ã¥ skrive egen hÃ¸ringsuttalelse allerede? I sÃ¥ fall +kan du jo vurdere Ã¥ ta med en formulering om epost-lagring. Jeg tror +ikke det trengs sÃ¥ mye. Her et kort forslag til tekst:

+ +

+ +
Viser til hÃ¸ring sendt ut 2017-02-17 (Riksarkivarens referanse + 2016/9840 HELHJO), og tillater oss Ã¥ sende inn noen innspill om + revisjon av Forskrift om utfyllende tekniske og arkivfaglige + bestemmelser om behandling av offentlige arkiver (Riksarkivarens + forskrift).
+ +
SvÃ¦rt mye av vÃ¥r kommuikasjon foregÃ¥r i dag pÃ¥ e-post.Â Vi + foreslÃ¥r derfor at Internett-e-post, slik det er beskrevet i IETF + RFC 5322, + https://tools.ietf.org/html/rfc5322. bÃ¸r + inn som godkjent dokumentformat.Â Vi foreslÃ¥r at forskriftens + oversikt over godkjente dokumentformater ved innlevering i Â§ 5-16 + endres til Ã¥ ta med Internett-e-post.
+ +

+ +

Som del av arbeidet med tjenestegrensesnitt har vi testet hvordan +epost kan lagres i en Noark 5-struktur, og holder pÃ¥ Ã¥ skrive et +forslag om hvordan dette kan gjÃ¸res som vil bli sendt over til +arkivverket sÃ¥ snart det er ferdig. De som er interesserte kan +fÃ¸lge +fremdriften pÃ¥ web.

+ +

Oppdatering 2017-04-28: I dag ble hÃ¸ringuttalelsen jeg skrev + sendt + inn av foreningen NUUG.

+ + + Tags: norsk, offentlig innsyn, standard. + + +

+ +

Offentlig elektronisk postjournal blokkerer tilgang for utvalgte webklienter

20th April 2017

Jeg oppdaget i dag at nettstedet som +publiserer offentlige postjournaler fra statlige etater, OEP, har +begynt Ã¥ blokkerer enkelte typer webklienter fra Ã¥ fÃ¥ tilgang. Vet +ikke hvor mange det gjelder, men det gjelder i hvert fall libwww-perl +og curl. For Ã¥ teste selv, kjÃ¸r fÃ¸lgende:

+ +

+% curl -v -s https://www.oep.no/pub/report.xhtml?reportId=3 2>&1 |grep '< HTTP'
+< HTTP/1.1 404 Not Found
+% curl -v -s --header 'User-Agent:Opera/12.0' https://www.oep.no/pub/report.xhtml?reportId=3 2>&1 |grep '< HTTP'
+< HTTP/1.1 200 OK
+%
+

+ +

Her kan en se at tjenesten gir Â«404 Not FoundÂ» for curl i +standardoppsettet, mens den gir Â«200 OKÂ» hvis curl hevder Ã¥ vÃ¦re Opera +versjon 12.0. Offentlig elektronisk postjournal startet blokkeringen +2017-03-02.

+ +

Blokkeringen vil gjÃ¸re det litt vanskeligere Ã¥ maskinelt hente +informasjon fra oep.no. Kan blokkeringen vÃ¦re gjort for Ã¥ hindre +automatisert innsamling av informasjon fra OEP, slik Pressens +Offentlighetsutvalg gjorde for Ã¥ dokumentere hvordan departementene +hindrer innsyn i +rapporten +Â«Slik hindrer departementer innsynÂ» som ble publiserte i januar +2017. Det virker usannsynlig, da det jo er trivielt Ã¥ bytte +User-Agent til noe nytt.

+ +

Finnes det juridisk grunnlag for det offentlige Ã¥ diskriminere +webklienter slik det gjÃ¸res her? Der tilgang gis eller ikke alt etter +hva klienten sier at den heter? Da OEP eies av DIFI og driftes av +Basefarm, finnes det kanskje noen dokumenter sendt mellom disse to +aktÃ¸rene man kan be om innsyn i for Ã¥ forstÃ¥ hva som har skjedd. Men +postjournalen +til DIFI viser kun to dokumenter det siste Ã¥ret mellom DIFI og +Basefarm. +Mimes brÃ¸nn neste, +tenker jeg.

+ + + Tags: norsk, offentlig innsyn. + + +

+ +

Free software archive system Nikita now able to store documents

19th March 2017

The Nikita +Noark 5 core project is implementing the Norwegian standard for +keeping an electronic archive of government documents. +The +Noark 5 standard document the requirement for data systems used by +the archives in the Norwegian government, and the Noark 5 web interface +specification document a REST web service for storing, searching and +retrieving documents and metadata in such archive. I've been involved +in the project since a few weeks before Christmas, when the Norwegian +Unix User Group +announced +it supported the project. I believe this is an important project, +and hope it can make it possible for the government archives in the +future to use free software to keep the archives we citizens depend +on. But as I do not hold such archive myself, personally my first use +case is to store and analyse public mail journal metadata published +from the government. I find it useful to have a clear use case in +mind when developing, to make sure the system scratches one of my +itches.

+ +

If you would like to help make sure there is a free software +alternatives for the archives, please join our IRC channel +(#nikita on +irc.freenode.net) and +the +project mailing list.

+ +

When I got involved, the web service could store metadata about +documents. But a few weeks ago, a new milestone was reached when it +became possible to store full text documents too. Yesterday, I +completed an implementation of a command line tool +archive-pdf to upload a PDF file to the archive using this +API. The tool is very simple at the moment, and find existing +fonds, series and +files while asking the user to select which one to use if more than +one exist. Once a file is identified, the PDF is associated with the +file and uploaded, using the title extracted from the PDF itself. The +process is fairly similar to visiting the archive, opening a cabinet, +locating a file and storing a piece of paper in the archive. Here is +a test run directly after populating the database with test data using +our API tester:

+ +

+~/src//noark5-tester$ ./archive-pdf mangelmelding/mangler.pdf
+using arkiv: Title of the test fonds created 2017-03-18T23:49:32.103446
+using arkivdel: Title of the test series created 2017-03-18T23:49:32.103446
+
+ 0 - Title of the test case file created 2017-03-18T23:49:32.103446
+ 1 - Title of the test file created 2017-03-18T23:49:32.103446
+Select which mappe you want (or search term): 0
+Uploading mangelmelding/mangler.pdf
+  PDF title: Mangler i spesifikasjonsdokumentet for NOARK 5 Tjenestegrensesnitt
+  File 2017/1: Title of the test case file created 2017-03-18T23:49:32.103446
+~/src//noark5-tester$
+

+ +

You can see here how the fonds (arkiv) and serie (arkivdel) only had +one option, while the user need to choose which file (mappe) to use +among the two created by the API tester. The archive-pdf +tool can be found in the git repository for the API tester.

+ +

In the project, I have been mostly working on +the API +tester so far, while getting to know the code base. The API +tester currently use +the HATEOAS links +to traverse the entire exposed service API and verify that the exposed +operations and objects match the specification, as well as trying to +create objects holding metadata and uploading a simple XML file to +store. The tester has proved very useful for finding flaws in our +implementation, as well as flaws in the reference site and the +specification.

+ +

The test document I uploaded is a summary of all the specification +defects we have collected so far while implementing the web service. +There are several unclear and conflicting parts of the specification, +and we have +started +writing down the questions we get from implementing it. We use a +format inspired by how The +Austin Group collect defect reports for the POSIX standard with +their +instructions for the MANTIS defect tracker system, in lack of an official way to structure defect reports for Noark 5 (our first submitted defect report was a request for a procedure for submitting defect reports :). + +

The Nikita project is implemented using Java and Spring, and is +fairly easy to get up and running using Docker containers for those +that want to test the current code base. The API tester is +implemented in Python.

+ + + Tags: english, nuug, offentlig innsyn, standard. + + +

+ +

+ - - - - - +

Archive

Archive

#	Navn, fÃ¸dselsÃ¥r og valgkrets	Stemme/kommentar
1.	Jens Stoltenberg (1959), Frogner	Ikke til stede i Stortinget, leder av regjeringen som fremmet forslaget
2.	Hadia Tajik (1983), GrÃ¼nerlÃ¸kka	Stemte for DLD
3.	Jonas Gahr StÃ¸re (1960), Vestre Aker	Ikke til stede i Stortinget, medlem av regjeringen som fremmet forslaget
4.	Marianne Marthinsen (1980), GrÃ¼nerlÃ¸kka	Stemte for DLD
5.	Jan BÃ¸hler (1952), Alna	Stemte for DLD
6.	Marit Nybakk (1947), Frogner	Stemte for DLD
7.	Truls Wickholm (1978), Sagene	Stemte for DLD
8.	Prableen Kaur (1993), Grorud	Ikke til stede
9.	Vegard GrÃ¸slie Wennesland (1983), St.Hanshaugen	Ikke til stede
10.	Inger Helene Vaaten (1975), Grorud	Ikke til stede
11.	Ivar Leveraas (1939), Alna	Ikke til stede
12.	Grete Haugdal (1971), Gamle Oslo	Ikke til stede
13.	Olav TÃ¸nsberg (1948), Alna	Ikke til stede
14.	Khamshajiny Gunaratnam (1988), Grorud	Ikke til stede
15.	Fredrik Mellem (1969), Sagene	Ikke til stede
16.	Brit Axelsen (1945), Stovner	Ikke til stede
17.	Dag Bayegan-Harlem (1977), Ullern	Ikke til stede
18.	Kristin Sandaker (1963), ÃsteinsjÃ¸	Ikke til stede
19.	Bashe Musse (1965), GrÃ¼nerlÃ¸kka	Ikke til stede
20.	Torunn Kanutte Husvik (1983), St. Hanshaugen	Ikke til stede
21.	Steinar Andersen (1947), Nordstrand	Ikke til stede
22.	Anne Cathrine Berger (1972), Sagene	Ikke til stede
23.	Khalid Mahmood (1959), ÃstensjÃ¸	Ikke til stede
24.	Munir Jaber (1990), Alna	Ikke til stede
25.	Libe Solberg Rieber-Mohn (1965), Frogner	Ikke til stede