X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/c7856f0988d8b4ea27e2e63f439c6a83e534698a..ae5db6d19f3d85fdd5e7bd4c12be28fa3f15fc43:/blog/index.html diff --git a/blog/index.html b/blog/index.html index 65db651928..96c2134fd9 100644 --- a/blog/index.html +++ b/blog/index.html @@ -20,54 +20,69 @@
-
One in two hundred Debian users using ZFS on Linux?
-
7th April 2016
-

Just for fun I had a look at the popcon number of ZFS related -packages in Debian, and was quite surprised with what I found. I use -ZFS myself at home, but did not really expect many others to do so. -But I might be wrong.

- -

According to -the popcon -results for spl-linux, there are 1019 Debian installations, or -0.53% of the population, with the package installed. As far as I know -the only use of the spl-linux package is as a support library for ZFS -on Linux, so I use it here as proxy for measuring the number of ZFS -installation on Linux in Debian. In the kFreeBSD variant of Debian -the ZFS feature is already available, and there -the popcon -results for zfsutils show 1625 Debian installations or 0.84% of -the population. So I guess I am not alone in using ZFS on Debian.

- -

But even though the Debian project leader Lucas Nussbaum -announced -in April 2015 that the legal obstacles blocking ZFS on Debian were -cleared, the package is still not in Debian. The package is again in -the NEW queue. Several uploads have been rejected so far because the -debian/copyright file was incomplete or wrong, but there is no reason -to give up. The current status can be seen on -the -team status page, and -the -source code is available on Alioth.

- -

As I want ZFS to be included in next version of Debian to make sure -my home server can function in the future using only official Debian -packages, and the current blocker is to get he debian/copyright file -accepted by the FTP masters in Debian, I decided a while back to try -to help out the team. This was the background for my blog post about -creating, -updating and checking debian/copyright semi-automatically, and I -used the techniques I explored there to try to find any errors in the -copyright file. It is not very easy to check every one of the around -2000 files in the source package, but I hope we this time got it -right. If you want to help out, check out the git source and try to -find missing entries in the debian/copyright file.

+
Aktivitetsbånd som beskytter privatsfæren
+
3rd November 2016
+

Jeg ble så imponert over +dagens +gladnyhet på NRK, om at Forbrukerrådet klager inn vilkårene for +bruk av aktivitetsbånd fra Fitbit, Garmin, Jawbone og Mio til +Datatilsynet og forbrukerombudet, at jeg sendte følgende brev til +forbrukerrådet for å uttrykke min støtte: + +

+ +

Jeg ble veldig glad over å lese at Forbrukerrådet +klager +inn flere aktivitetsbånd til Datatilsynet for dårlige vilkår. Jeg +har ønsket meg et aktivitetsbånd som kan måle puls, bevegelse og +gjerne også andre helserelaterte indikatorer en stund nå. De eneste +jeg har funnet i salg gjør, som dere også har oppdaget, graverende +inngrep i privatsfæren og sender informasjonen ut av huset til folk og +organisasjoner jeg ikke ønsker å dele aktivitets- og helseinformasjon +med. Jeg ønsker et alternativ som _ikke_ sender informasjon til +skyen, men derimot bruker +en +fritt og åpent standardisert protokoll (eller i det minste en +dokumentert protokoll uten patent- og opphavsrettslige +bruksbegrensinger) til å kommunisere med datautstyr jeg kontrollerer. +Er jo ikke interessert i å betale noen for å tilrøve seg +personopplysninger fra meg. Desverre har jeg ikke funnet noe +alternativ så langt.

+ +

Det holder ikke å endre på bruksvilkårene for enhetene, slik +Datatilsynet ofte legger opp til i sin behandling, når de gjør slik +f.eks. Fitbit (den jeg har sett mest på). Fitbit krypterer +informasjonen på enheten og sender den kryptert til leverandøren. Det +gjør det i praksis umulig både å sjekke hva slags informasjon som +sendes over, og umulig å ta imot informasjonen selv i stedet for +Fitbit. Uansett hva slags historie som forteller i bruksvilkårene er +en jo både prisgitt leverandørens godvilje og at de ikke tvinges av +sitt lands myndigheter til å lyve til sine kunder om hvorvidt +personopplysninger spres ut over det bruksvilkårene sier. Det er +veldokumentert hvordan f.eks. USA tvinger selskaper vha. såkalte +National security letters til å utlevere personopplysninger samtidig +som de ikke får lov til å fortelle dette til kundene sine.

+ +

Stå på, jeg er veldig glade for at dere har sett på saken. Vet +dere om aktivitetsbånd i salg i dag som ikke tvinger en til å utlevere +aktivitets- og helseopplysninger med leverandøren?

+ +
+ +

Jeg håper en konkurrent som respekterer kundenes privatliv klarer å +nå opp i markedet, slik at det finnes et reelt alternativ for oss som +har full tillit til at skyleverandører vil prioritere egen inntjening +og myndighetspålegg langt over kundenes rett til privatliv. Jeg har +ingen tiltro til at Datatilsynet vil kreve noe mer enn at vilkårene +endres slik at de forklarer eksplisitt i hvor stor grad bruk av +produktene utraderer privatsfæren til kundene. Det vil nok gjøre de +innklagede armbåndene "lovlige", men fortsatt tvinge kundene til å +dele sine personopplysninger med leverandøren.

- Tags: debian, english. + Tags: norsk, personvern, sikkerhet, surveillance.
@@ -75,473 +90,189 @@ find missing entries in the debian/copyright file.

-
Statlig hemmelighold, «mangler» i OEP og treg journalføring - statistikk for 2015
-
7th April 2016
-

For litt mer enn et år siden laget jeg litt statistikk for 2013 og -2014 basert på Offentlig elektronisk -postjournal (OEP). Tallene finnes i tre bloggposter, en over -hvem -som er mest hemmelighetsfulle, en annen med -hvor -mye som mangler og en om -hvor -stor andel dokumenter som journalføres mer enn 180 dager etter -dokumentdato. Jeg synes det er interessant å se hvordan det -utvikler seg over tid, så her er tallene for 2015 og 2014. 2014-tallene -bør være de samme som sist, men kan ha litt avvik på grunn av -endringer/korreksjoner gjort i OEP. Denne gangen har jeg samlet alle -tallene i samme bloggpost.

- -

Først kommer statistikken over antall dokumenter som er registrert -unntatt offentligheten i OEP. Merk at klassifiseringen i OEP er -foreløpig, slik at en kan få innsyn i dokumenter merket unntatt -offentlighet når en spør, etter nærmere vurdering. Det er dermed ikke -gitt at prosentsatsen representerer hvor mange dokumenter som ville -blitt holdt tilbake på forespørsel.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
20152014Instans
ProsentAntall u.off.TotaltProsentAntall u.off.Totalt
0.0 0 2 0.0 0 0Valgdirektoratet
0.0 0 30 0.0 0 0Innstillingsrådet for dommere
0.3 11 3303 0.2 8 3589Medietilsynet
0.6 56 8013 0.9 60 6146Utlendingsnemnda
0.9 2 206 0.0 0 0Norsk Romsenter
1.0 182 17238 3.7 764 20353Norsk Filminstitutt
1.6 483 29920 2.7 720 26364Direktoratet for byggkvalitet
1.7 30 1674 2.5 42 1649Fredskorpset
2.42815116570 2.52098 82445Landbruksdirektoratet Oslo
2.5 621 24150 2.5 689 26855Direktoratet for utviklingssamarbeid
2.6 62 234013.3 288 2164Kunst i offentlige rom
3.2 272 8391 4.9 388 7838Statens strålevern
3.7 372 9970 4.4 480 10808Petroleumstilsynet
4.4 456 10318 3.7 408 10782Forbrukerombudet
5.0 14 27811.0 22 200Kompetansesenter for distriktsutvikling
6.2 467 7486 4.8 385 7973Sysselmannen på Svalbard
6.3 294 4651 7.4 304 4078Språkrådet
6.51241 18817 6.51352 20776Riksantikvaren - Direktoratet for kulturminneforvaltning
6.85381 79048 7.95981 75393Fiskeridirektoratet
7.24201 57778 2.81542 53911Norges vassdrags- og energidirektorat
7.42028 2738510.82342 21539Kulturdepartementet
7.713994179777 7.913743171924Arbeidstilsynet
8.63256 37553 8.53203 37675Nærings- og fiskeridepartementet
9.87256 73440 8.86541 74189Statens vegvesen Region midt
10.73802 35467 7.52780 36664Forsvarsbygg
11.01157 10448 9.61148 11935Landbruks- og matdepartementet
11.11408912665211.712439105491Statens vegvesen Region vest
11.11756 15726 6.91242 17980Brønnøysundregistrene
11.23417 30277 9.32653 28291Lotteri- og stiftelsestilsynet
12.22012 1649013.02183 16736Fylkesmannen i Hedmark
12.69751 7714515.311188 72933Sjøfartsdirektoratet
12.811031 8599610.57895 74653Arkivverket
12.82112616490612.619230151541Statens vegvesen Region øst
12.9 941 724722.81687 7393Domstoladministrasjonen
13.01417010828414.015650111147Statens vegvesen Region sør
13.41394 1036417.51484 8440Direktoratet for mineralforvaltning med Bergmesteren for Svalbard
13.65297 3870711.54366 37961Statens vegvesen Vegdirektoratet
14.43001 2082013.02943 22557Samferdselsdepartementet
14.49453 6564212.77841 61425Statens vegvesen Region nord
14.66998 4767011.25179 46025Statsbygg
15.43984 2576914.63663 25010Kunnskapsdepartementet
15.66769 43139 8.53697 43364Justervesenet
15.8 178 112616.1 184 1140Landinfo
16.2 516 318324.2 919 3790Landbruksdirektoratet Alta
16.21859 1142412.01100 9120Havforskningsinstituttet
16.3 142 869 0.0 0 0Fylkesmannen i Aust-Agder (frem til 31.12.15)
16.62081 1252221.12722 12850Statens jernbanetilsyn
17.210669 6202320.911602 55388Utdanningsdirektoratet
18.411189 6057712.96743 51881Miljødirektoratet
18.52719314680349.92549 5108Norsk kulturråd
18.82499 1328120.82888 13853Olje- og energidepartementet
18.87804 4136215.05824 38769Luftfartstilsynet
19.1 479 250521.1 563 2660Norges geologiske undersøkelse
19.213777 7140920.413318 65121Utenriksdepartementet
19.83605 1819422.14177 18833Klima- og miljødepartementet
20.61736 841223.12018 8701Statens lånekasse for utdanning
20.62930 1422018.72459 13138Barne-, ungdoms- og familiedirektoratet
21.03786 1797518.43213 17452Fylkesmannen i Telemark
21.44930 2297122.54565 20202Fylkesmannen i Møre og Romsdal
22.08244 3738517.56420 36587Statens kartverk
23.02212 959323.01797 7799Norsk Akkreditering
23.06622 2877721.46142 28622Nasjonal kommunikasjonsmyndighet
23.42672 1140525.73039 11812Oljedirektoratet
23.65430 2291820.24847 23968Fylkesmannen i Oppland
23.83657 1533422.63277 14499Fylkesmannen i Aust-Agder
23.88182 3432523.77754 32598Kommunal- og moderniseringsdepartementet
24.05806 2410327.45998 21864Barne-, likestillings- og inkluderingsdepartementet
24.2 197 81431.6 196 620Statens institutt for rusmiddelforskning
24.43266 1333821.62600 11993Senter for internasjonalisering av utdanning
24.64728 1920824.44584 18715Fylkesmannen i Vest-Agder
24.83711 14933 6.4 795 12300Direktoratet for forvaltning og IKT
24.95002 2003321.63997 18424Fylkesmannen i Nord-Trøndelag
25.11246 495427.21305 4781Konkurransetilsynet
25.65674 2212820.44936 24189Helse- og omsorgsdepartementet
26.922947 8529324.321337 87572Helsedirektoratet
27.23648 1340118.51898 10234Vox, nasjonalt fagorgan for kompetansepolitikk
27.623161 8379529.722587 75973Statens legemiddelverk
27.76373 2294128.36449 22738Fylkesmannen i Sør-Trøndelag
27.9 784 2807 0.0 0 0Jernbaneverket
29.61290 435247.01401 2976Nasjonalt organ for kvalitet i utdanningen (NOKUT)
29.86990 2338830.27263 23997Fylkesmannen i Buskerud
29.92932 977832.33439 10643Statsministerens kontor
30.3 147 485 0.0 0 0Fylkesmannen i Vest-Agder (frem til 31.12.115)
31.59472 3004728.99498 32839Fylkesmannen i Rogaland
31.81627 511234.22082 6072Datatilsynet
31.91128 352832.91302 3950Statens pensjonskasse
31.913718 4291832.212887 39921Fylkesmannen i Hordaland
32.07510 2346433.07544 22837Fylkesmannen i Vestfold
32.51116 342732.41261 3883Nasjonalbiblioteket
32.81662 505348.22689 5578Direktoratet for økonomistyring
33.16811 2056728.75041 17513Fylkesmannen i Sogn og Fjordane
33.76975 2066629.16110 20994Fylkesmannen i Finnmark
33.87254 2140233.57138 21304Finansdepartementet
34.1 387 1133 0.0 0 0Tilsynsutvalget for dommere
34.510466 3026142.77416 17342Integrerings- og mangfoldsdirektoratet
36.616005 4361940.717996 44140Finanstilsynet
36.77170 1952536.67481 20434Fylkesmannen i Østfold
40.216584 4121132.712187 37237Kystverket
40.94942 1208046.35934 12802Forsvarsdepartementet
41.413295 3205041.311805 28568Fylkesmannen i Troms
43.09595 2227543.910288 23422Arbeids- og sosialdepartementet
44.69809 2196748.09627 20021Politidirektoratet
45.225158 5561143.822379 51043Justis- og beredskapsdepartementet
49.518312 3697649.613752 27719Fylkesmannen i Nordland
49.827453 5502850.024782 49473Fylkesmannen i Oslo og Akershus
50.332997 6551339.524644 62276Direktoratet for samfunnssikkerhet og beredskap
54.411213 2060649.47519 15204Utlendingsdirektoratet
54.510338 1894839.75986 15043Statistisk sentralbyrå
54.85075 925656.04781 8528Direktoratet for nødkommunikasjon
55.47765 1399846.76278 13421Nasjonalt folkehelseinstitutt
57.61690 293170.23401 4840Statens innkrevingssentral
58.07019 1210139.23671 9352Departementenes sikkerhets- og serviceorganisasjon
66.217293 2609768.118027 26463Skattedirektoratet
69.53949 567660.12576 4284Kriminalomsorgsdirektoratet
70.816713 2358170.612556 17777Statens helsetilsyn
71.11146 161076.51160 1516Statens arbeidsmiljøinstitutt
79.29343 1179174.78328 11144Toll- og avgiftsdirektoratet
83.712231714599482.2112645137034Husbanken
85.684427 9862687.082682 94950Norges forskningsråd
91.1 609 668 0.0 0 0Direktoratet for e-helse
91.410838 1185487.110278 11798Garantiinstituttet for eksportkreditt
98.917373 17563 0.0 0 0Forbrukerrådet
- -

Interessant å se hvordan Utenriksdepartementet tilsynelatende er -blitt ekstremt mer hemmelighetsfull på tre år. I 2015 var 99,8% av -71409 dokumenter merket som unntatt offentlighet, mens i 2014 var det -44,3% av 65121 og og i 2013 var det bare 12,1% av 67828. Lurer på hva -som har skjedd. (Oppdatering 13:40: Dette er en teknisk feil -i databasen, da UD har begynt å legge inn '-' der det ikke er unntak, -mens det tidligere var et tomt felt. Skal lage ny statistikk, men det -tar noen timer å lage ny tabell. Oppdatering 15:30: Ny tabell på -plass, mer forklaring nederst i teksten.)

- -

Dernest kommer statistikken over hvor mange saksnummer og -dokumenter som ikke finnes i OEP (dvs. hull i saksnummer- og -dokumentnummerserien). Se tidligere omtalte bloggpost for å forstå -hvordan slike hull kan oppstå uten at det er noe galt eller -mistenkelig med det.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
SaksnummerDokumentnummerInstans
201520142015
%Upubl. saksnr.Totalt%Upubl. saksnrTotalt%Upubl. dok.nr.Totalt
0.0 0 1 0.0 0 0 0.0 0 2Valgdirektoratet
0.0 0 85 5.2 6 116 0.0 0 450Statens institutt for rusmiddelforskning
0.5 100 2125842.49849 23215 0.6 475 85333Norsk kulturråd
0.6 80 13924 1.0 154 15663 0.2 75 41603Justervesenet
1.2 20 1622 0.4 7 1568 0.6 90 15028Statistisk sentralbyrå
1.4 67 4623 1.5 74 5066 1.5 237 15762Arbeids- og sosialdepartementet
1.4 166 11932 0.9 84 9863 1.7 510 29452Direktoratet for byggkvalitet
1.4 451 32677 1.0 276 28515 0.4 298 78470Arkivverket
1.9 11 589 3.0 27 891 0.6 14 2211Statens innkrevingssentral
1.9 41 2162 2.2 44 1973 1.1 84 7583Direktoratet for mineralforvaltning med Bergmesteren for Svalbard
2.5 68 2728 4.0 99 2488 2.1 197 9393Forbrukerombudet
2.7 47 1758 0.6 8 1282 5.1 445 8359Vox, nasjonalt fagorgan for kompetansepolitikk
2.9 157 5351 3.0 129 4326 0.7 95 12763Brønnøysundregistrene
3.2 293 9121 2.0 132 6571 6.41653 24287Statens kartverk
3.5 40 1151 3.8 51 1326 6.0 275 4271Sysselmannen på Svalbard
3.6 53 1458 2.0 30 1470 1.6 155 9331Norsk Filminstitutt
3.7 313 8449 3.2 227 7092 1.3 413 31241Lotteri- og stiftelsestilsynet
3.8 645 17136 5.5 942 17213 2.91688 57442Statens legemiddelverk
4.7 353 748212.41001 8069 2.6 662 25153Norges vassdrags- og energidirektorat
4.9 940 19148 5.0 896 17781 1.61031 63978Fiskeridirektoratet
5.1 61 1206 4.4 47 1060 3.0 134 4317Statens strålevern
5.5 95 1721 6.9 126 1813 0.1 8 8231Statsministerens kontor
5.5 720 1298514.22803 19734 1.4 641 46830Direktoratet for samfunnssikkerhet og beredskap
5.7 252 4425 4.9 228 4638 1.8 298 16197Barne-, likestillings- og inkluderingsdepartementet
5.9 207 3534 5.2 207 3997 2.3 230 9930Klima- og miljødepartementet
5.9 731 12360 6.6 976 14712 2.91174 39309Miljødirektoratet
6.2 472 7629 7.5 496 6649 2.21011 44077Utdanningsdirektoratet
6.5 434 6680 3.2 202 6250 1.5 364 23587Nasjonal kommunikasjonsmyndighet
6.6 19 287 6.9 28 408 6.5 122 1742Landbruksdirektoratet Alta
6.8 400 5867 9.0 707 7835 3.0 761 24952Kommunal- og moderniseringsdepartementet
7.5 496 658713.51324 9785 1.8 509 27790Nærings- og fiskeridepartementet
7.6 938 12297 6.6 741 11218 5.63412 57624Norges forskningsråd
8.2 122 148410.2 169 1664 6.8 680 9291Direktoratet for utviklingssamarbeid
8.2 705 8648 9.3 843 9040 3.11269 40179Justis- og beredskapsdepartementet
8.6 97 1133 5.8 78 1336 6.7 179 2511Medietilsynet
8.6 425 494113.6 510 375811.42721 21076Integrerings- og mangfoldsdirektoratet
8.7 491 5662 6.8 309 4514 7.11712 22269Luftfartstilsynet
9.0 193 2134 7.6 125 1650 9.41442 13937Statens helsetilsyn
9.3 435 4690 7.6 395 5216 1.3 188 13881Helse- og omsorgsdepartementet
9.6 142 1477 5.5 81 1486 2.0 155 7737Petroleumstilsynet
9.6 169 1760 6.9 151 2181 1.2 67 5418Landbruks- og matdepartementet
9.7 473 489011.0 594 5398 2.1 432 19704Kulturdepartementet
10.0 2 2017.4 4 2311.2 14 111Kompetansesenter for distriktsutvikling
10.1 49 485 6.1 30 49213.2 486 3187Konkurransetilsynet
10.2 133 130011.5 201 1745 5.3 168 3012Språkrådet
10.41471 14109 9.81165 11893 3.41976 55929Helsedirektoratet
10.5 267 2535 7.3 203 2787 4.1 344 8104Riksantikvaren - Direktoratet for kulturminneforvaltning
10.6 100 941 9.8 95 973 5.7 358 5875Utlendingsnemnda
10.7 58 541 9.4 51 542 1.6 22 1370Statens arbeidsmiljøinstitutt
11.0 144 1314 6.9 102 1478 9.5 466 4435Statens jernbanetilsyn
11.4 487 4281 7.0 189 2700 1.1 253 22570Samferdselsdepartementet
12.5 622 495710.1 497 4902 7.91407 16479Politidirektoratet
12.7 73 57321.1 107 50714.8 327 1877Nasjonalbiblioteket
12.7 738 5829 8.7 519 5949 2.6 414 15481Finansdepartementet
13.0 176 1352 6.7 81 1204 1.6 120 7347Oljedirektoratet
13.9 856 614510.6 679 6383 5.71112 18326Kunnskapsdepartementet
14.1 715 507310.3 609 593339.515199 23238Kystverket
14.3 240 1676 2.2 33 1478 1.9 68 3459Datatilsynet
14.3 319 222313.0 301 2309 1.1 65 5903Olje- og energidepartementet
14.5 24 166 0.0 0 017.4 59 281Norsk Romsenter
14.51945 13404 8.71096 12632 5.01962 37143Finanstilsynet
15.1 87 57821.6 94 435 2.8 66 2292Norges geologiske undersøkelse
15.2 156 102812.5 137 1097 2.7 312 11389Direktoratet for forvaltning og IKT
15.9 501 315712.7 379 2996 6.5 550 7966Nasjonalt folkehelseinstitutt
16.1 58 36013.8 48 348 8.2 653 7294Senter for internasjonalisering av utdanning
17.1 692 4040 9.2 285 3085 6.1 484 7439Forsvarsdepartementet
17.8 161 90424.9 255 1023 9.7 616 5752Direktoratet for nødkommunikasjon
17.81278 716218.71359 7269 2.0 458 21904Fylkesmannen i Troms
17.9 68 379 7.6 27 355 1.9 79 3981Norsk Akkreditering
19.3 878 455719.6 930 4737 2.9 378 12737Fylkesmannen i Sogn og Fjordane
19.61645 839421.01821 8659 6.41621 23898Fylkesmannen i Nordland
21.0 72 343 0.0 0 0 1.0 10 950Direktoratet for e-helse
21.01102 523739.62409 607930.48669 19865Forsvarsbygg
23.0 384 167127.4 544 1986 3.6 251 6633Statens lånekasse for utdanning
23.1 216 93723.5 195 829 2.6 110 4116Direktoratet for økonomistyring
23.7 274 115426.0 379 1456 2.5 206 7995Departementenes sikkerhets- og serviceorganisasjon
24.1 32 13319.8 24 121 4.4 53 1149Kunst i offentlige rom
26.014552 5606763.667940106802 7.612846155665Arbeidstilsynet
28.1 460 163527.2 401 1475 8.3 481 5348Domstoladministrasjonen
31.2 815 260834.91267 3627 4.1 598 14039Statsbygg
32.1 88 27421.6 50 232 5.3 55 974Fredskorpset
32.9 267 81233.0 232 702 8.1 239 2717Nasjonalt organ for kvalitet i utdanningen (NOKUT)
33.01665 504629.01520 5249 5.9 968 15372Fylkesmannen i Finnmark
33.3 506 152127.4 421 1538 5.7 406 6687Havforskningsinstituttet
34.024084 7077553.839567 73495 0.5 515109638Landbruksdirektoratet Oslo
37.96306 1663838.46123 15947 1.3 443 34527Fylkesmannen i Hordaland
38.03267 860039.83060 7698 4.3 738 16551Fylkesmannen i Nord-Trøndelag
40.13359 837035.93135 8744 9.51603 15300Fylkesmannen i Oppland
41.83052 729843.03285 7645 0.8 142 16847Fylkesmannen i Vestfold
42.02260 537739.42115 5365 2.3 296 12662Fylkesmannen i Telemark
42.02677 637342.22826 6700 3.5 425 11560Fylkesmannen i Vest-Agder
42.22302 546042.72283 5350 2.1 217 10030Fylkesmannen i Aust-Agder
42.33249 768842.53359 7911 3.6 602 15959Fylkesmannen i Møre og Romsdal
43.14750 1101329.01435 4944 4.7 925 18789Utlendingsdirektoratet
45.3 511 112934.1 415 121714.9 784 4468Garantiinstituttet for eksportkreditt
48.44663 962750.55064 10024 4.9 869 16950Fylkesmannen i Sør-Trøndelag
49.14160 848048.74261 8747 1.0 170 16593Fylkesmannen i Buskerud
49.98296 1661726.03844 14785 1.7 696 41263Utenriksdepartementet
51.47375 1435343.05492 12773 6.01457 22780Fylkesmannen i Rogaland
51.54432 861051.44472 8703 3.8 494 12494Fylkesmannen i Hedmark
54.34718 868952.54648 8852 3.9 567 13903Fylkesmannen i Østfold
60.26147 1021699.88133 8153 4.01010 24464Forbrukerrådet
60.945659 75035 3.5 926 26466 5.75706 94908Husbanken
62.315943 2559559.414766 24867 6.62978 42345Fylkesmannen i Oslo og Akershus
76.56354 830987.213391 1536312.31011 7202Barne-, ungdoms- og familiedirektoratet
78.820488725996369.6109962157962 2.93765128230Statens vegvesen Region øst
82.578652 9534078.554063 68912 2.41358 55810Sjøfartsdirektoratet
83.18088 973394.67535 796811.3 953 7468Jernbaneverket
85.122126525997280.9127825157956 2.22345102032Statens vegvesen Region vest
86.622504125995678.4123819157956 3.22699 81896Statens vegvesen Region sør
89.91466 163096.31381 143419.6 267 1093Tilsynsutvalget for dommere
89.92498 278095.44656 4883 1.8 18 996Landinfo
91.223718825994487.1137656157962 2.61480 55993Statens vegvesen Region midt
91.75198 567199.15201 5247 3.3 25 744Fylkesmannen i Aust-Agder (frem til 31.12.15)
93.424273525993090.7143324157956 3.81949 48772Statens vegvesen Region nord
96.06190 644699.46117 6157 1.9 7 354Fylkesmannen i Vest-Agder (frem til 31.12.115)
97.223095 2376696.923911 2466642.01746 2409Kriminalomsorgsdirektoratet
97.338602 3967998.260831 61922 3.1 83 2626Statens pensjonskasse
97.425308025976896.0151565157870 9.02294 23257Statens vegvesen Vegdirektoratet
97.884989 8686597.210145210433212.2 983 7089Toll- og avgiftsdirektoratet
98.01542 157399.1 889 897 5.7 4 66Innstillingsrådet for dommere
99.43934 395799.6 944 94852.9 37 33Barne- og likestillingsdepartementet
99.61199296120439499.4990362995873 3.5 624 17298Skattedirektoratet
- -

Til sist er statistikken over hvor stor andel av utgående, -inngående, og andre dokumenter som blir journalført mer enn 180 dager -etter dokumentets dato, dvs. hvor stor andel som blir journalført -ekstremt sent for utgående og interne dokumenter, mens det for -innkommende like gjerne kan være at det tok lang tid før de ble -mottatt.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2015Instans
UtgåendeInnkommendeAnnet
%# > 180d liggetidTotalt%# > 180d liggetidTotalt%# > 180d liggetidTotalt
0.0 0 1 0.0 0 1 0.0 0 0Valgdirektoratet
0.0 0 17 0.0 0 13 0.0 0 0Innstillingsrådet for dommere
0.0 0 20 0.7 2 258 0.0 0 0Kompetansesenter for distriktsutvikling
0.0 0 50 0.0 0 156 0.0 0 0Norsk Romsenter
0.0 0 14410 0.0 0 20625 0.0 0 1941Fylkesmannen i Nordland
0.0 0 19475 0.0 0 33158 0.0 0 2395Fylkesmannen i Oslo og Akershus
0.0 2 6513 0.0 2 8366 0.0 1 2684Forbrukerrådet
0.0 2 14848 0.0 12 13720 0.1 2 1709Lotteri- og stiftelsestilsynet
0.0 3 3242 0.1 10 6728 0.0 0 0Petroleumstilsynet
0.0 35 39417 1.8 55 3023 4.1 29 699Justervesenet
0.1 1 563 0.1 1 568 0.0 0 2Tilsynsutvalget for dommere
0.1 2 1412 0.1 2 1889 0.0 0 2Medietilsynet
0.1 3 1922 0.2 7 3032 0.0 0 0Konkurransetilsynet
0.1 3 2861 0.2 11 4625 0.0 0 0Sysselmannen på Svalbard
0.1 4 2019 0.3 10 308628.5 2 7Datatilsynet
0.1 10 6724 0.0 5 11621 0.0 0 1180Fylkesmannen i Østfold
0.1 15 7701 0.2 19 7959 3.0 2 66Brønnøysundregistrene
0.1 23 13317 0.1 33 16601 0.0 0 2Direktoratet for byggkvalitet
0.1 207106179 0.3 285 73027 1.0 6 571Arbeidstilsynet
0.2 4 1958 1.9 46 2394 0.0 0 0Nasjonalt organ for kvalitet i utdanningen (NOKUT)
0.2 6 2924 0.1 10 6854 0.0 0 0Statsministerens kontor
0.2 42 14193 0.1 46 26329 7.4 179 2396Fylkesmannen i Hordaland
0.3 11 3042 0.1 8 6898 0.2 1 378Forbrukerombudet
0.3 12 3792 0.0 5 636412.0 25 208Direktoratet for mineralforvaltning med Bergmesteren for Svalbard
0.3 13 3468 0.9 62 6883 1.4 25 1729Forsvarsdepartementet
0.3 15 4463 0.5 40 7903 1.2 2 156Statens jernbanetilsyn
0.3 19 5470 0.7 104 13525 6.5 68 1038Fylkesmannen i Nord-Trøndelag
0.3 130 36848 0.3 148 46603 7.1 183 2545Arkivverket
0.3 130 38432 1.6 691 42125 1.5 442 27727Statens vegvesen Region sør
0.4 26 6320 0.1 21 12884 0.0 0 4Fylkesmannen i Vest-Agder
0.4 29 6530 2.4 362 14872 0.0 0 0Finansdepartementet
0.4 35 7248 0.4 58 12097 2.2 30 1321Fylkesmannen i Finnmark
0.4 64 14367 0.4 128 26712 7.0 20 283Luftfartstilsynet
0.5 6 1090 1.7 25 1415 0.0 0 0Norges geologiske undersøkelse
0.5 30 5810 1.0 71 6812 1.7 14 779Vox, nasjonalt fagorgan for kompetansepolitikk
0.5 38 7595 0.6 93 1508317.4 51 293Fylkesmannen i Møre og Romsdal
0.5 321 63780 0.2 135 51738 2.0 22 1052Landbruksdirektoratet Oslo
0.6 21 3049 0.8 71 8356 0.0 0 0Oljedirektoratet
0.6 58 8800 0.6 123 20412 1.9 163 8341Nærings- og fiskeridepartementet
0.7 56 7339 1.1 90 812525.8 458 1774Norsk Filminstitutt
0.7 191 26033 0.7 307 42834 2.1 215 10181Fiskeridirektoratet
0.7 357 44844 0.5 301 52202 1.9 590 29606Statens vegvesen Region vest
0.8 2 239 0.0 0 246 0.0 0 0Fylkesmannen i Vest-Agder (frem til 31.12.115)
0.8 119 14631 0.3 39 1246512.9 217 1681Nasjonal kommunikasjonsmyndighet
0.9 36 3886 2.0 94 4505 0.0 0 0Statens strålevern
0.9 41 4128 1.5 141 9101 7.6 4 52Olje- og energidepartementet
0.9 76 7829 0.6 95 14804 4.2 35 831Fylkesmannen i Vestfold
0.9 385 41153 0.5 330 62989 0.9 404 42661Norsk kulturråd
1.0 37 3538 0.2 19 6906 0.0 0 4Landbruks- og matdepartementet
1.1 753 64926 0.6 433 67975 2.3 747 32005Statens vegvesen Region øst
1.2 33 2558 2.0 97 4643 0.0 0 46Domstoladministrasjonen
1.2 49 3849 0.4 20 4078 6.3 31 485Statens lånekasse for utdanning
1.2 91 7120 0.6 83 13700 0.0 0 0Samferdselsdepartementet
1.2 179 14775 0.5 167 28844 0.0 0 0Finanstilsynet
1.3 86 6175 0.3 39 11738 1.8 82 4362Arbeids- og sosialdepartementet
1.3 101 7741 0.8 115 14226 0.0 0 0Politidirektoratet
1.3 229 16626 0.8 264 31782 3.9 283 7203Justis- og beredskapsdepartementet
1.4 13 873 1.5 23 1467 0.0 0 0Kunst i offentlige rom
1.4 28 2000 1.0 26 2446 7.8 16 205Språkrådet
1.4 146 10001 0.6 132 19008 2.9 31 1038Fylkesmannen i Rogaland
1.4 176 12255 0.3 64 18762 9.1 95 1033Fylkesmannen i Troms
1.5 137 8801 2.2 190 857810.7 169 1569Statistisk sentralbyrå
1.5 298 19717 2.5 833 3231311.0 637 5748Norges vassdrags- og energidirektorat
1.5 376 24323 0.4 119 24404 3.5 606 16915Statens vegvesen Region nord
1.5 424 26628 0.9 268 29189 3.5 623 17623Statens vegvesen Region midt
1.7 79 4582 8.5 431 5070 6.6 142 2139Toll- og avgiftsdirektoratet
1.7 469 26133 3.0 923 3019520.51891 9185Direktoratet for samfunnssikkerhet og beredskap
1.8 23 1272 2.9 64 2155 0.0 0 0Nasjonalbiblioteket
1.9 150 7763 1.3 202 14603 4.8 50 1022Fylkesmannen i Buskerud
2.0 25 1217 1.3 21 1556 3.1 13 410Landbruksdirektoratet Alta
2.0 136 6656 1.7 97 5480 9.3 261 2797Direktoratet for forvaltning og IKT
2.0 263 12584 0.8 113 13273 3.7 484 12850Statens vegvesen Vegdirektoratet
2.1 184 8700 0.3 68 17957 1.5 117 7668Kommunal- og moderniseringsdepartementet
2.3 65 2777 1.6 71 4405 6.9 58 831Utlendingsnemnda
2.3 118 4986 0.2 30 10584 1.1 11 920Fylkesmannen i Hedmark
2.4 26 1068 1.2 21 1640 1.7 4 223Statens innkrevingssentral
2.5 101 3979 6.7 354 5219 8.6 251 2903Departementenes sikkerhets- og serviceorganisasjon
2.5 119 4698 3.0 134 443426.6 123 461Norsk Akkreditering
2.6 45 1705 0.6 15 2438 0.4 7 1533Kriminalomsorgsdirektoratet
2.6 140 5260 1.4 165 1149914.7 212 1435Klima- og miljødepartementet
2.6 172 6552 0.6 88 13413 4.0 168 4138Barne-, likestillings- og inkluderingsdepartementet
2.7 63 2292 9.3 259 2761 0.0 0 0Direktoratet for økonomistyring
2.9 22 741 1.4 13 869 0.0 0 0Statens arbeidsmiljøinstitutt
2.91766 59502 3.72457 66026 3.5 729 20466Husbanken
3.0 198 6525 0.3 36 10925 9.1 48 525Fylkesmannen i Telemark
3.2 92 2824 1.6 126 7663 8.3 114 1367Garantiinstituttet for eksportkreditt
3.2 113 3508 1.2 98 7916 0.0 0 0Havforskningsinstituttet
3.2 178 5477 0.5 48 926413.3 79 593Fylkesmannen i Aust-Agder
3.2 211 6542 2.3 178 7678 0.0 0 0Barne-, ungdoms- og familiedirektoratet
3.2 499 15144 2.2 562 24560 2.4 767 31705Utenriksdepartementet
3.3 266 7831 0.3 44 1171712.5 128 1019Fylkesmannen i Sogn og Fjordane
3.3 275 8151 2.7 323 1162916.61052 6317Skattedirektoratet
3.4 887 25797 1.6 569 34780 0.0 0 0Miljødirektoratet
3.41378 39669 1.6 847 49862 2.9 267 9095Norges forskningsråd
3.6 277 7638 0.3 26 847311.8 888 7470Statens helsetilsyn
3.6 291 8056 1.1 110 967713.7 394 2873Utlendingsdirektoratet
3.7 305 8158 2.9 366 1230012.8 475 3692Direktoratet for utviklingssamarbeid
3.7 730 19384 1.1 242 20898 5.5 52 929Kystverket
4.2 271 6327 1.3 174 12490 0.0 0 0Riksantikvaren - Direktoratet for kulturminneforvaltning
4.3 19 432 0.0 0 386 7.8 4 51Fylkesmannen i Aust-Agder (frem til 31.12.15)
4.4 458 10325 3.4 623 1814114.31003 7001Forsvarsbygg
4.6 22 47611.4 198 172215.4 94 609Jernbaneverket
4.6 774 16824 8.41329 1572315.6 756 4838Statens kartverk
5.1 85 1635 1.4 27 1892 0.0 0 1Statens pensjonskasse
5.1 339 6602 5.1 381 7396 0.0 0 0Nasjonalt folkehelseinstitutt
5.2 377 7225 0.7 112 15036 9.8 67 680Fylkesmannen i Sør-Trøndelag
5.7 376 6526 0.3 59 15602 0.0 0 0Helse- og omsorgsdepartementet
6.11645 26666 0.7 220 3101715.3 665 4340Utdanningsdirektoratet
6.2 470 7517 0.2 51 19868 0.0 0 0Kulturdepartementet
6.7 48 706 7.6 74 968 0.0 0 0Fredskorpset
6.8 19 279 4.6 20 429 4.7 5 106Statens institutt for rusmiddelforskning
6.92173 31077 3.11342 4302532.93691 11191Helsedirektoratet
7.41053 14189 6.0 764 1263832.51119 3434Integrerings- og mangfoldsdirektoratet
8.1 322 3961 7.3 271 3675 8.7 141 1620Direktoratet for nødkommunikasjon
8.6 51 590 6.8 12 17423.7 86 362Landinfo
10.81034 9557 1.4 238 16191 9.5 2 21Kunnskapsdepartementet
13.0 764 5873 5.5 417 745142.8 6 14Senter for internasjonalisering av utdanning
14.64088 27956 0.3 171 43364 6.9 402 5825Sjøfartsdirektoratet
20.24464 22016 6.63076 46377 2.3 366 15402Statens legemiddelverk
24.35085 20862 9.51486 1554538.74368 11263Statsbygg
28.01859 6637 3.2 488 1521921.6 230 1062Fylkesmannen i Oppland
32.5 41 12641.7 172 41260.0 78 130Direktoratet for e-helse
+
Experience and updated recipe for using the Signal app without a mobile phone
+
10th October 2016
+

In July +I +wrote how to get the Signal Chrome/Chromium app working without +the ability to receive SMS messages (aka without a cell phone). It is +time to share some experiences and provide an updated setup.

+ +

The Signal app have worked fine for several months now, and I use +it regularly to chat with my loved ones. I had a major snag at the +end of my summer vacation, when the the app completely forgot my +setup, identity and keys. The reason behind this major mess was +running out of disk space. To avoid that ever happening again I have +started storing everything in userdata/ in git, to be able to +roll back to an earlier version if the files are wiped by mistake. I +had to use it once after introducing the git backup. When rolling +back to an earlier version, one need to use the 'reset session' option +in Signal to get going, and notify the people you talk with about the +problem. I assume there is some sequence number tracking in the +protocol to detect rollback attacks. The git repository is rather big +(674 MiB so far), but I have not tried to figure out if some of the +content can be added to a .gitignore file due to lack of spare +time.

+ +

I've also hit the 90 days timeout blocking, and noticed that this +make it impossible to send messages using Signal. I could still +receive them, but had to patch the code with a new timestamp to send. +I believe the timeout is added by the developers to force people to +upgrade to the latest version of the app, even when there is no +protocol changes, to reduce the version skew among the user base and +thus try to keep the number of support requests down.

+ +

Since my original recipe, the Signal source code changed slightly, +making the old patch fail to apply cleanly. Below is an updated +patch, including the shell wrapper I use to start Signal. The +original version required a new user to locate the JavaScript console +and call a function from there. I got help from a friend with more +JavaScript knowledge than me to modify the code to provide a GUI +button instead. This mean that to get started you just need to run +the wrapper and click the 'Register without mobile phone' to get going +now. I've also modified the timeout code to always set it to 90 days +in the future, to avoid having to patch the code regularly.

+ +

So, the updated recipe for Debian Jessie:

+ +
    + +
  1. First, install required packages to get the source code and the +browser you need. Signal only work with Chrome/Chromium, as far as I +know, so you need to install it. + +
    +apt install git tor chromium
+git clone https://github.com/WhisperSystems/Signal-Desktop.git
+
    2. + +
  2. Modify the source code using command listed in the the patch +block below.
    3. + +
  3. Start Signal using the run-signal-app wrapper (for example using +`pwd`/run-signal-app). + +
  4. Click on the 'Register without mobile phone', will in a phone +number you can receive calls to the next minute, receive the +verification code and enter it into the form field and press +'Register'. Note, the phone number you use will be user Signal +username, ie the way others can find you on Signal.
    5. + +
  5. You can now use Signal to contact others. Note, new contacts do +not show up in the contact list until you restart Signal, and there is +no way to assign names to Contacts. There is also no way to create or +update chat groups. I suspect this is because the web app do not have +a associated contact database.
    6. + +
+ +

I am still a bit uneasy about using Signal, because of the way its +main author moxie0 reject federation and accept dependencies to major +corporations like Google (part of the code is fetched from Google) and +Amazon (the central coordination point is owned by Amazon). See for +example +the +LibreSignal issue tracker for a thread documenting the authors +view on these issues. But the network effect is strong in this case, +and several of the people I want to communicate with already use +Signal. Perhaps we can all move to Ring +once it work on my +laptop? It already work on Windows and Android, and is included +in Debian and +Ubuntu, but not +working on Debian Stable.

+ +

Anyway, this is the patch I apply to the Signal code to get it +working. It switch to the production servers, disable to timeout, +make registration easier and add the shell wrapper:

+ +
+cd Signal-Desktop; cat <<EOF | patch -p1
+diff --git a/js/background.js b/js/background.js
+index 24b4c1d..579345f 100644
+--- a/js/background.js
++++ b/js/background.js
+@@ -33,9 +33,9 @@
+         });
+     });
+ 
+-    var SERVER_URL = 'https://textsecure-service-staging.whispersystems.org';
++    var SERVER_URL = 'https://textsecure-service-ca.whispersystems.org';
+     var SERVER_PORTS = [80, 4433, 8443];
+-    var ATTACHMENT_SERVER_URL = 'https://whispersystems-textsecure-attachments-staging.s3.amazonaws.com';
++    var ATTACHMENT_SERVER_URL = 'https://whispersystems-textsecure-attachments.s3.amazonaws.com';
+     var messageReceiver;
+     window.getSocketStatus = function() {
+         if (messageReceiver) {
+diff --git a/js/expire.js b/js/expire.js
+index 639aeae..beb91c3 100644
+--- a/js/expire.js
++++ b/js/expire.js
+@@ -1,6 +1,6 @@
+ ;(function() {
+     'use strict';
+-    var BUILD_EXPIRATION = 0;
++    var BUILD_EXPIRATION = Date.now() + (90 * 24 * 60 * 60 * 1000);
+ 
+     window.extension = window.extension || {};
+ 
+diff --git a/js/views/install_view.js b/js/views/install_view.js
+index 7816f4f..1d6233b 100644
+--- a/js/views/install_view.js
++++ b/js/views/install_view.js
+@@ -38,7 +38,8 @@
+             return {
+                 'click .step1': this.selectStep.bind(this, 1),
+                 'click .step2': this.selectStep.bind(this, 2),
+-                'click .step3': this.selectStep.bind(this, 3)
++                'click .step3': this.selectStep.bind(this, 3),
++                'click .callreg': function() { extension.install('standalone') },
+             };
+         },
+         clearQR: function() {
+diff --git a/options.html b/options.html
+index dc0f28e..8d709f6 100644
+--- a/options.html
++++ b/options.html
+@@ -14,7 +14,10 @@
+         <div class='nav'>
+           <h1>{{ installWelcome }}</h1>
+           <p>{{ installTagline }}</p>
+-          <div> <a class='button step2'>{{ installGetStartedButton }}</a> </div>
++          <div> <a class='button step2'>{{ installGetStartedButton }}</a>
++	    <br> <a class="button callreg">Register without mobile phone</a>
++
++	  </div>
+           <span class='dot step1 selected'></span>
+           <span class='dot step2'></span>
+           <span class='dot step3'></span>
+--- /dev/null   2016-10-07 09:55:13.730181472 +0200
++++ b/run-signal-app   2016-10-10 08:54:09.434172391 +0200
+@@ -0,0 +1,12 @@
++#!/bin/sh
++set -e
++cd $(dirname $0)
++mkdir -p userdata
++userdata="`pwd`/userdata"
++if [ -d "$userdata" ] && [ ! -d "$userdata/.git" ] ; then
++    (cd $userdata && git init)
++fi
++(cd $userdata && git add . && git commit -m "Current status." || true)
++exec chromium \
++  --proxy-server="socks://localhost:9050" \
++  --user-data-dir=$userdata --load-and-launch-app=`pwd`
+EOF
+chmod a+rx run-signal-app
+
-

Jeg lurer virkelig på hvordan så mange i det offentlige klarer å -ikke journalføre utgående dokumenter med en gang de gjøres ferdig. Er -det manglende opplæring, vanskelige systemer, vond vilje eller noe -helt annet som er årsaken? Det hadde vært interessant å finne ut om -det var noen fellestrekk for dokumenter som ikke blir journalført før -det er gått et halvt år.

- -

Oppdatering 2016-04-07: En nærmere undersøkelse av -OEP-oppføringene til Utenriksdepartementet viste at det var en teknisk -feil måten jeg laget statistikken, der alle oppføringer med '-' i -unntakgsgrunnlagsfeltet ble talt opp som unntatt offentlighet. Det -var UD ikke alene om. Det viste seg å gjelde Barne-, likestillings- -og inkluderingsdepartementet (4), Helse- og omsorgsdepartementet -(3525), Landbruks- og matdepartementet (1753), Nærings- og -fiskeridepartementet (11780), Nærings- og handelsdepartementet (7), -Nærings- og handelsdepartementet (frem til 31.12.13) (10417) og -Utenriksdepartementet (78798) også. Antall påvirkede oppføringer står -i parentes. Jeg har fikset problemet og oppdatert tabellen for -hemmelighold over. Oppføringene for Nærings- og handelsdepartementet, -Landbruks- og matdepartementet, Utenriksdepartementet og Helse- og -omsorgsdepartementet fikk ny plassering i lista.

+

As usual, if you use Bitcoin and want to show your support of my +activities, please send Bitcoin donations to my address +15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

- Tags: norsk, nuug, offentlig innsyn. + Tags: debian, english, sikkerhet, surveillance.
@@ -549,120 +280,129 @@ omsorgsdepartementet fikk ny plassering i lista.

-
syslog-trusted-timestamp - chain of trusted timestamps for your syslog
-
2nd April 2016
-

Two years ago, I had -a -look at trusted timestamping options available, and among -other things noted a still open -bug in the tsget script -included in openssl that made it harder than necessary to use openssl -as a trusted timestamping client. A few days ago I was told -the Norwegian government office DIFI is -close to releasing their own trusted timestamp service, and in the -process I was happy to learn about a replacement for the tsget script -using only curl:

- -

-openssl ts -query -data "/etc/shells" -cert -sha256 -no_nonce \
-  | curl -s -H "Content-Type: application/timestamp-query" \
-         --data-binary "@-" http://zeitstempel.dfn.de > etc-shells.tsr
-openssl ts -reply -text -in etc-shells.tsr
-

- -

This produces a binary timestamp file (etc-shells.tsr) which can be -used to verify that the content of the file /etc/shell with the -calculated sha256 hash existed at the point in time when the request -was made. The last command extract the content of the etc-shells.tsr -in human readable form. The idea behind such timestamp is to be able -to prove using cryptography that the content of a file have not -changed since the file was stamped.

- -

To verify that the file on disk match the public key signature in -the timestamp file, run the following commands. It make sure you have -the required certificate for the trusted timestamp service available -and use it to compare the file content with the timestamp. In -production, one should of course use a better method to verify the -service certificate.

- -

-wget -O ca-cert.txt https://pki.pca.dfn.de/global-services-ca/pub/cacert/chain.txt
-openssl ts -verify -data /etc/shells -in etc-shells.tsr -CAfile ca-cert.txt -text
-

- -

Wikipedia have a lot more information about -trusted -Timestamping and -linked -timestamping, and there are several trusted timestamping services -around, both as commercial services and as free and public services. -Among the latter is -the -zeitstempel.dfn.de service mentioned above and -freetsa.org service linked to from the -wikipedia web site. I believe the DIFI service should show up on -https://tsa.difi.no, but it is not available to the public at the -moment. I hope this will change when it is into production. The -RFC 3161 trusted -timestamping protocol standard is even implemented in LibreOffice, -Microsoft Office and Adobe Acrobat, making it possible to verify when -a document was created.

- -

I would find it useful to be able to use such trusted timestamp -service to make it possible to verify that my stored syslog files have -not been tampered with. This is not a new idea. I found one example -implemented on the Endian network appliances where -the -configuration of such feature was described in 2012.

- -

But I could not find any free implementation of such feature when I -searched, so I decided to try to -build -a prototype named syslog-trusted-timestamp. My idea is to -generate a timestamp of the old log files after they are rotated, and -store the timestamp in the new log file just after rotation. This -will form a chain that would make it possible to see if any old log -files are tampered with. But syslog is bad at handling kilobytes of -binary data, so I decided to base64 encode the timestamp and add an ID -and line sequence numbers to the base64 data to make it possible to -reassemble the timestamp file again. To use it, simply run it like -this: - -

-syslog-trusted-timestamp /path/to/list-of-log-files
-

- -

This will send a timestamp from one or more timestamp services (not -yet decided nor implemented) for each listed file to the syslog using -logger(1). To verify the timestamp, the same program is used with the ---verify option:

- -

-syslog-trusted-timestamp --verify /path/to/log-file /path/to/log-with-timestamp
-

- -

The verification step is not yet well designed. The current -implementation depend on the file path being unique and unchanging, -and this is not a solid assumption. It also uses process number as -timestamp ID, and this is bound to create ID collisions. I hope to -have time to come up with a better way to handle timestamp IDs and -verification later.

- -

Please check out -the -prototype for syslog-trusted-timestamp on github and send -suggestions and improvement, or let me know if there already exist a -similar system for timestamping logs already to allow me to join -forces with others with the same interest.

- -

As usual, if you use Bitcoin and want to show your support of my -activities, please send Bitcoin donations to my address -15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

+
NRKs kildevern når NRK-epost deles med utenlands etterretning?
+
8th October 2016
+

NRK +lanserte +for noen uker siden en ny +varslerportal som bruker +SecureDrop til å ta imot tips der det er vesentlig at ingen +utenforstående får vite at NRK er tipset. Det er et langt steg +fremover for NRK, og når en leser bloggposten om hva de har tenkt på +og hvordan løsningen er satt opp virker det som om de har gjort en +grundig jobb der. Men det er ganske mye ekstra jobb å motta tips via +SecureDrop, så varslersiden skriver "Nyhetstips som ikke krever denne +typen ekstra vern vil vi gjerne ha på nrk.no/03030", og 03030-siden +foreslår i tillegg til et webskjema å bruke epost, SMS, telefon, +personlig oppmøte og brevpost. Denne artikkelen handler disse andre +metodene.

+ +

Når en sender epost til en @nrk.no-adresse så vil eposten sendes ut +av landet til datamaskiner kontrollert av Microsoft. En kan sjekke +dette selv ved å slå opp epostleveringsadresse (MX) i DNS. For NRK er +dette i dag "nrk-no.mail.protection.outlook.com". NRK har som en ser +valgt å sette bort epostmottaket sitt til de som står bak outlook.com, +dvs. Microsoft. En kan sjekke hvor nettverkstrafikken tar veien +gjennom Internett til epostmottaket vha. programmet +traceroute, og finne ut hvem som eier en Internett-adresse +vha. whois-systemet. Når en gjør dette for epost-trafikk til @nrk.no +ser en at trafikken fra Norge mot nrk-no.mail.protection.outlook.com +går via Sverige mot enten Irland eller Tyskland (det varierer fra gang +til gang og kan endre seg over tid).

+ +

Vi vet fra +introduksjonen av +FRA-loven at IP-trafikk som passerer grensen til Sverige avlyttes +av Försvarets radioanstalt (FRA). Vi vet videre takket være +Snowden-bekreftelsene at trafikk som passerer grensen til +Storbritannia avlyttes av Government Communications Headquarters +(GCHQ). I tillegg er er det nettopp lansert et forslag i Norge om at +forsvarets E-tjeneste skal få avlytte trafikk som krysser grensen til +Norge. Jeg er ikke kjent med dokumentasjon på at Irland og Tyskland +gjør det samme. Poenget er uansett at utenlandsk etterretning har +mulighet til å snappe opp trafikken når en sender epost til @nrk.no. +I tillegg er det selvsagt tilgjengelig for Microsoft som er underlagt USAs +jurisdiksjon og +samarbeider +med USAs etterretning på flere områder. De som tipser NRK om +nyheter via epost kan dermed gå ut fra at det blir kjent for mange +andre enn NRK at det er gjort.

+ +

Bruk av SMS og telefon registreres av blant annet telefonselskapene +og er tilgjengelig i følge lov og forskrift for blant annet Politi, +NAV og Finanstilsynet, i tillegg til IT-folkene hos telefonselskapene +og deres overordnede. Hvis innringer eller mottaker bruker +smarttelefon vil slik kontakt også gjøres tilgjengelig for ulike +app-leverandører og de som lytter på trafikken mellom telefon og +app-leverandør, alt etter hva som er installert på telefonene som +brukes.

+ +

Brevpost kan virke trygt, og jeg vet ikke hvor mye som registreres +og lagres av postens datastyrte postsorteringssentraler. Det vil ikke +overraske meg om det lagres hvor i landet hver konvolutt kommer fra og +hvor den er adressert, i hvert fall for en kortere periode. Jeg vet +heller ikke hvem slik informasjon gjøres tilgjengelig for. Det kan +være nok til å ringe inn potensielle kilder når det krysses med hvem +som kjente til aktuell informasjon og hvor de befant seg (tilgjengelig +f.eks. hvis de bærer mobiltelefon eller bor i nærheten).

+ +

Personlig oppmøte hos en NRK-journalist er antagelig det tryggeste, +men en bør passe seg for å bruke NRK-kantina. Der bryter de nemlig +Sentralbanklovens +paragraf 14 og nekter folk å betale med kontanter. I stedet +krever de at en varsle sin bankkortutsteder om hvor en befinner seg +ved å bruke bankkort. Banktransaksjoner er tilgjengelig for +bankkortutsteder (det være seg VISA, Mastercard, Nets og/eller en +bank) i tillegg til politiet og i hvert fall tidligere med Se & Hør +(via utro tjenere, slik det ble avslørt etter utgivelsen av boken +«Livet, det forbannede» av Ken B. Rasmussen). Men hvor mange kjenner +en NRK-journalist personlig? Besøk på NRK på Marienlyst krever at en +registrerer sin ankost elektronisk i besøkssystemet. Jeg vet ikke hva +som skjer med det datasettet, men har grunn til å tro at det sendes ut +SMS til den en skal besøke med navnet som er oppgitt. Kanskje greit å +oppgi falskt navn.

+ +

Når så tipset er kommet frem til NRK skal det behandles +redaksjonelt i NRK. Der vet jeg via ulike kilder at de fleste +journalistene bruker lokalt installert programvare, men noen bruker +Google Docs og andre skytjenester i strid med interne retningslinjer +når de skriver. Hvordan vet en hvem det gjelder? Ikke vet jeg, men +det kan være greit å spørre for å sjekke at journalisten har tenkt på +problemstillingen, før en gir et tips. Og hvis tipset omtales internt +på epost, er det jo grunn til å tro at også intern eposten vil deles +med Microsoft og utenlands etterretning, slik tidligere nevnt, men det +kan hende at det holdes internt i NRKs interne MS Exchange-løsning. +Men Microsoft ønsker å få alle Exchange-kunder over "i skyen" (eller +andre folks datamaskiner, som det jo innebærer), så jeg vet ikke hvor +lenge det i så fall vil vare.

+ +

I tillegg vet en jo at +NRK +har valgt å gi nasjonal sikkerhetsmyndighet (NSM) tilgang til å se på +intern og ekstern Internett-trafikk hos NRK ved oppsett av såkalte +VDI-noder, på tross av +protester +fra NRKs journalistlag. Jeg vet ikke om den vil kunne snappe opp +dokumenter som lagres på interne filtjenere eller dokumenter som lages +i de interne webbaserte publiseringssystemene, men vet at hva noden +ser etter på nettet kontrolleres av NSM og oppdateres automatisk, slik +at det ikke gir så mye mening å sjekke hva noden ser etter i dag når +det kan endres automatisk i morgen.

+ +

Personlig vet jeg ikke om jeg hadde turt tipse NRK hvis jeg satt på +noe som kunne være en trussel mot den bestående makten i Norge eller +verden. Til det virker det å være for mange åpninger for +utenforstående med andre prioriteter enn NRKs journalistiske fokus. +Og den største truslen for en varsler er jo om metainformasjon kommer +på avveie, dvs. informasjon om at en har vært i kontakt med en +journalist. Det kan være nok til at en kommer i myndighetenes +søkelys, og de færreste har nok operasjonell sikkerhet til at vil tåle +slik flombelysning på sitt privatliv.

- Tags: english, sikkerhet. + Tags: dld, norsk, personvern, sikkerhet, surveillance.
@@ -670,61 +410,125 @@ activities, please send Bitcoin donations to my address
-
Full battery stats collector is now available in Debian
-
23rd March 2016
-

Since this morning, the battery-stats package in Debian include an -extended collector that will collect the complete battery history for -later processing and graphing. The original collector store the -battery level as percentage of last full level, while the new -collector also record battery vendor, model, serial number, design -full level, last full level and current battery level. This make it -possible to predict the lifetime of the battery as well as visualise -the energy flow when the battery is charging or discharging.

- -

The new tools are available in /usr/share/battery-stats/ -in the version 0.5.1 package in unstable. Get the new battery level graph -and lifetime prediction by running: +

Isenkram, Appstream and udev make life as a LEGO builder easier
+
7th October 2016
+

The Isenkram +system provide a practical and easy way to figure out which +packages support the hardware in a given machine. The command line +tool isenkram-lookup and the tasksel options provide a +convenient way to list and install packages relevant for the current +hardware during system installation, both user space packages and +firmware packages. The GUI background daemon on the other hand provide +a pop-up proposing to install packages when a new dongle is inserted +while using the computer. For example, if you plug in a smart card +reader, the system will ask if you want to install pcscd if +that package isn't already installed, and if you plug in a USB video +camera the system will ask if you want to install cheese if +cheese is currently missing. This already work just fine.

+ +

But Isenkram depend on a database mapping from hardware IDs to +package names. When I started no such database existed in Debian, so +I made my own data set and included it with the isenkram package and +made isenkram fetch the latest version of this database from git using +http. This way the isenkram users would get updated package proposals +as soon as I learned more about hardware related packages.

+ +

The hardware is identified using modalias strings. The modalias +design is from the Linux kernel where most hardware descriptors are +made available as a strings that can be matched using filename style +globbing. It handle USB, PCI, DMI and a lot of other hardware related +identifiers.

+ +

The downside to the Isenkram specific database is that there is no +information about relevant distribution / Debian version, making +isenkram propose obsolete packages too. But along came AppStream, a +cross distribution mechanism to store and collect metadata about +software packages. When I heard about the proposal, I contacted the +people involved and suggested to add a hardware matching rule using +modalias strings in the specification, to be able to use AppStream for +mapping hardware to packages. This idea was accepted and AppStream is +now a great way for a package to announce the hardware it support in a +distribution neutral way. I wrote +a +recipe on how to add such meta-information in a blog post last +December. If you have a hardware related package in Debian, please +announce the relevant hardware IDs using AppStream.

+ +

In Debian, almost all packages that can talk to a LEGO Mindestorms +RCX or NXT unit, announce this support using AppStream. The effect is +that when you insert such LEGO robot controller into your Debian +machine, Isenkram will propose to install the packages needed to get +it working. The intention is that this should allow the local user to +start programming his robot controller right away without having to +guess what packages to use or which permissions to fix.

+ +

But when I sat down with my son the other day to program our NXT +unit using his Debian Stretch computer, I discovered something +annoying. The local console user (ie my son) did not get access to +the USB device for programming the unit. This used to work, but no +longer in Jessie and Stretch. After some investigation and asking +around on #debian-devel, I discovered that this was because udev had +changed the mechanism used to grant access to local devices. The +ConsoleKit mechanism from /lib/udev/rules.d/70-udev-acl.rules +no longer applied, because LDAP users no longer was added to the +plugdev group during login. Michael Biebl told me that this method +was obsolete and the new method used ACLs instead. This was good +news, as the plugdev mechanism is a mess when using a remote user +directory like LDAP. Using ACLs would make sure a user lost device +access when she logged out, even if the user left behind a background +process which would retain the plugdev membership with the ConsoleKit +setup. Armed with this knowledge I moved on to fix the access problem +for the LEGO Mindstorms related packages.

+ +

The new system uses a udev tag, 'uaccess'. It can either be +applied directly for a device, or is applied in +/lib/udev/rules.d/70-uaccess.rules for classes of devices. As the +LEGO Mindstorms udev rules did not have a class, I decided to add the +tag directly in the udev rules files included in the packages. Here +is one example. For the nqc C compiler for the RCX, the +/lib/udev/rules.d/60-nqc.rules file now look like this: 

-/usr/share/battery-stats/battery-stats-graph /var/log/battery-stats.csv
+SUBSYSTEM=="usb", ACTION=="add", ATTR{idVendor}=="0694", ATTR{idProduct}=="0001", \
+    SYMLINK+="rcx-%k", TAG+="uaccess"

-

Or select the 'Battery Level Graph' from your application menu.

- -

The flow in/out of the battery can be seen by running (no menu -entry yet):

+

The key part is the 'TAG+="uaccess"' at the end. I suspect all +packages using plugdev in their /lib/udev/rules.d/ files should be +changed to use this tag (either directly or indirectly via +70-uaccess.rules). Perhaps a lintian check should be created +to detect this?

+ +

I've been unable to find good documentation on the uaccess feature. +It is unclear to me if the uaccess tag is an internal implementation +detail like the udev-acl tag used by +/lib/udev/rules.d/70-udev-acl.rules. If it is, I guess the +indirect method is the preferred way. Michael +asked for more +documentation from the systemd project and I hope it will make +this clearer. For now I use the generic classes when they exist and +is already handled by 70-uaccess.rules, and add the tag +directly if no such class exist.

+ +

To learn more about the isenkram system, please check out +my +blog posts tagged isenkram.

+ +

To help out making life for LEGO constructors in Debian easier, +please join us on our IRC channel +#debian-lego and join +the Debian +LEGO team in the Alioth project we created yesterday. A mailing +list is not yet created, but we are working on it. :)

-

-/usr/share/battery-stats/battery-stats-graph-flow
-

- -

I'm not quite happy with the way the data is visualised, at least -when there are few data points. The graphs look a bit better with a -few years of data.

- -

A while back one important feature I use in the battery stats -collector broke in Debian. The scripts in -/usr/lib/pm-utils/power.d/ were no longer executed. I -suspect it happened when Jessie started using systemd, but I do not -know. The issue is reported as -bug #818649 against -pm-utils. I managed to work around it by adding an udev rule to call -the collector script every time the power connector is connected and -disconnected. With this fix in place it was finally time to make a -new release of the package, and get it into Debian.

- -

If you are interested in how your laptop battery is doing, please -check out the -battery-stats -in Debian unstable, or rebuild it on Jessie to get it working on -Debian stable. :) The upstream source is available from -github. -As always, patches are very welcome.

+

As usual, if you use Bitcoin and want to show your support of my +activities, please send Bitcoin donations to my address +15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

- Tags: debian, english. + Tags: debian, english, isenkram.
@@ -732,109 +536,47 @@ As always, patches are very welcome.

-
UsingQR - "Electronic" paper invoices using JSON and QR codes
-
19th March 2016
-

Back in 2013 I proposed -a -way to make paper and PDF invoices easier to process electronically by -adding a QR code with the key information about the invoice. I -suggested using vCard field definition, to get some standard format -for name and address, but any format would work. I did not do -anything about the proposal, but hoped someone one day would make -something like it. It would make it possible to efficiently send -machine readable invoices directly between seller and buyer.

- -

This was the background when I came across a proposal and -specification from the web based accounting and invoicing supplier -Visma in Sweden called -UsingQR. Their PDF invoices contain -a QR code with the key information of the invoice in JSON format. -This is the typical content of a QR code following the UsingQR -specification (based on a real world example, some numbers replaced to -get a more bogus entry). I've reformatted the JSON to make it easier -to read. Normally this is all on one long line:

- -

-{
- "vh":500.00,
- "vm":0,
- "vl":0,
- "uqr":1,
- "tp":1,
- "nme":"Din Leverandør",
- "cc":"NO",
- "cid":"997912345 MVA",
- "iref":"12300001",
- "idt":"20151022",
- "ddt":"20151105",
- "due":2500.0000,
- "cur":"NOK",
- "pt":"BBAN",
- "acc":"17202612345",
- "bc":"BIENNOK1",
- "adr":"0313 OSLO"
-}
-

- -

The interpretation of the fields can be found in the -format -specification (revision 2 from june 2014). The format seem to -have most of the information needed to handle accounting and payment -of invoices, at least the fields I have needed so far here in -Norway.

- -

Unfortunately, the site and document do not mention anything about -the patent, trademark and copyright status of the format and the -specification. Because of this, I asked the people behind it back in -November to clarify. Ann-Christine Savlid (ann-christine.savlid (at) -visma.com) replied that Visma had not applied for patent or trademark -protection for this format, and that there were no copyright based -usage limitations for the format. I urged her to make sure this was -explicitly written on the web pages and in the specification, but -unfortunately this has not happened yet. So I guess if there is -submarine patents, hidden trademarks or a will to sue for copyright -infringements, those starting to use the UsingQR format might be at -risk, but if this happen there is some legal defense in the fact that -the people behind the format claimed it was safe to do so. At least -with patents, there is always -a -chance of getting sued...

- -

I also asked if they planned to maintain the format in an -independent standard organization to give others more confidence that -they would participate in the standardization process on equal terms -with Visma, but they had no immediate plans for this. Their plan was -to work with banks to try to get more users of the format, and -evaluate the way forward if the format proved to be popular. I hope -they conclude that using an open standard organisation like -IETF is the correct place to -maintain such specification.

- -

Update 2016-03-20: Via Twitter I became aware of -some comments -about this blog post that had several useful links and references to -similar systems. In the Czech republic, the Czech Banking Association -standard #26, with short name SPAYD, uses QR codes with payment -information. More information is available from the Wikipedia page on -Short -Payment Descriptor. And in Germany, there is a system named -BezahlCode, -(specification -v1.8 2013-12-05 available as PDF), which uses QR codes with -URL-like formatting using "bank:" as the URI schema/protocol to -provide the payment information. There is also the -ZUGFeRD -file format that perhaps could be transfered using QR codes, but I am -not sure if it is done already. Last, in Bolivia there are reports -that tax information since november 2014 need to be printed in QR -format on invoices. I have not been able to track down a -specification for this format, because of my limited language skill -sets.

+
Aftenposten-redaktøren med lua i hånda
+
9th September 2016
+

En av dagens nyheter er at Aftenpostens redaktør Espen Egil Hansen +bruker +forsiden +av papiravisen på et åpent brev til Facebooks sjef Mark Zuckerberg om +Facebooks fjerning av bilder, tekster og sider de ikke liker. Det +må være uvant for redaktøren i avisen Aftenposten å stå med lua i +handa og håpe på å bli hørt. Spesielt siden Aftenposten har vært med +på å gi Facebook makten de nå demonstrerer at de har. Ved å melde seg +inn i Facebook-samfunnet har de sagt ja til bruksvilkårene og inngått +en antagelig bindende avtale. Kanskje de skulle lest og vurdert +vilkårene litt nærmere før de sa ja, i stedet for å klage over at +reglende de har valgt å akseptere blir fulgt? Personlig synes jeg +vilkårene er uakseptable og det ville ikke falle meg inn å gå inn på +en avtale med slike vilkår. I tillegg til uakseptable vilkår er det +mange andre grunner til å unngå Facebook. Du kan finne en solid +gjennomgang av flere slike argumenter hos +Richard Stallmans side om +Facebook. + +

Jeg håper flere norske redaktører på samme vis må stå med lua i +hånden inntil de forstår at de selv er med på å føre samfunnet på +ville veier ved å omfavne Facebook slik de gjør når de omtaler og +løfter frem saker fra Facebook, og tar i bruk Facebook som +distribusjonskanal for sine nyheter. De bidrar til +overvåkningssamfunnet og raderer ut lesernes privatsfære når de lenker +til Facebook på sine sider, og låser seg selv inne i en omgivelse der +det er Facebook, og ikke redaktøren, som sitter med makta.

+ +

Men det vil nok ta tid, i et Norge der de fleste nettredaktører +deler +sine leseres personopplysinger med utenlands etterretning.

+ +

For øvrig burde varsleren Edward Snowden få politisk asyl i +Norge.

- Tags: english, standard. + Tags: norsk, surveillance.
@@ -842,57 +584,159 @@ sets.

-
Making battery measurements a little easier in Debian
-
15th March 2016
-

Back in September, I blogged about -the -system I wrote to collect statistics about my laptop battery, and -how it showed the decay and death of this battery (now replaced). I -created a simple deb package to handle the collection and graphing, -but did not want to upload it to Debian as there were already -a battery-stats -package in Debian that should do the same thing, and I did not see -a point of uploading a competing package when battery-stats could be -fixed instead. I reported a few bugs about its non-function, and -hoped someone would step in and fix it. But no-one did.

- -

I got tired of waiting a few days ago, and took matters in my own -hands. The end result is that I am now the new upstream developer of -battery stats (available from github) and part of the team maintaining -battery-stats in Debian, and the package in Debian unstable is finally -able to collect battery status using the /sys/class/power_supply/ -information provided by the Linux kernel. If you install the -battery-stats package from unstable now, you will be able to get a -graph of the current battery fill level, to get some idea about the -status of the battery. The source package build and work just fine in -Debian testing and stable (and probably oldstable too, but I have not -tested). The default graph you get for that system look like this:

- -

- -

My plans for the future is to merge my old scripts into the -battery-stats package, as my old scripts collected a lot more details -about the battery. The scripts are merged into the upstream -battery-stats git repository already, but I am not convinced they work -yet, as I changed a lot of paths along the way. Will have to test a -bit more before I make a new release.

- -

I will also consider changing the file format slightly, as I -suspect the way I combine several values into one field might make it -impossible to know the type of the value when using it for processing -and graphing.

- -

If you would like I would like to keep an close eye on your laptop -battery, check out the battery-stats package in -Debian and -on -github. -I would love some help to improve the system further.

+
E-tjenesten ber om innsyn i eposten til partiene på Stortinget
+
6th September 2016
+

I helga kom det et hårreisende forslag fra Lysne II-utvalget satt +ned av Forsvarsdepartementet. Lysne II-utvalget var bedt om å vurdere +ønskelista til Forsvarets etterretningstjeneste (e-tjenesten), og har +kommet med +forslag +om at e-tjenesten skal få lov til a avlytte all Internett-trafikk +som passerer Norges grenser. Få er klar over at dette innebærer at +e-tjenesten får tilgang til epost sendt til de fleste politiske +partiene på Stortinget. Regjeringspartiet Høyre (@hoyre.no), +støttepartiene Venstre (@venstre.no) og Kristelig Folkeparti (@krf.no) +samt Sosialistisk Ventreparti (@sv.no) og Miljøpartiet de grønne +(@mdg.no) har nemlig alle valgt å ta imot eposten sin via utenlandske +tjenester. Det betyr at hvis noen sender epost til noen med en slik +adresse vil innholdet i eposten, om dette forslaget blir vedtatt, gjøres +tilgjengelig for e-tjenesten. Venstre, Sosialistisk Ventreparti og +Miljøpartiet De Grønne har valgt å motta sin epost hos Google, +Kristelig Folkeparti har valgt å motta sin epost hos Microsoft, og +Høyre har valgt å motta sin epost hos Comendo med mottak i Danmark og +Irland. Kun Arbeiderpartiet og Fremskrittspartiet har valgt å motta +eposten sin i Norge, hos henholdsvis Intility AS og Telecomputing +AS.

+ +

Konsekvensen er at epost inn og ut av de politiske organisasjonene, +til og fra partimedlemmer og partiets tillitsvalgte vil gjøres +tilgjengelig for e-tjenesten for analyse og sortering. Jeg mistenker +at kunnskapen som slik blir tilgjengelig vil være nyttig hvis en +ønsker å vite hvilke argumenter som treffer publikum når en ønsker å +påvirke Stortingets representanter.

Ved hjelp av MX-oppslag i DNS for epost-domene, tilhørende +whois-oppslag av IP-adressene og traceroute for å se hvorvidt +trafikken går via utlandet kan enhver få bekreftet at epost sendt til +de omtalte partiene vil gjøres tilgjengelig for forsvarets +etterretningstjeneste hvis forslaget blir vedtatt. En kan også bruke +den kjekke nett-tjenesten ipinfo.io +for å få en ide om hvor i verden en IP-adresse hører til.

+ +

På den positive siden vil forslaget gjøre at enda flere blir +motivert til å ta grep for å bruke +Tor og krypterte +kommunikasjonsløsninger for å kommunisere med sine kjære, for å sikre +at privatsfæren vernes. Selv bruker jeg blant annet +FreedomBox og +Signal til slikt. Ingen av +dem er optimale, men de fungerer ganske bra allerede og øker kostnaden +for dem som ønsker å invadere mitt privatliv.

+ +

For øvrig burde varsleren Edward Snowden få politisk asyl i +Norge.

+ +
- Tags: debian, english. + Tags: norsk, surveillance.
@@ -900,100 +744,28 @@ I would love some help to improve the system further.

-
Creating, updating and checking debian/copyright semi-automatically
-
19th February 2016
-

Making packages for Debian requires quite a lot of attention to -details. And one of the details is the content of the -debian/copyright file, which should list all relevant licenses used by -the code in the package in question, preferably in -machine -readable DEP5 format.

- -

For large packages with lots of contributors it is hard to write -and update this file manually, and if you get some detail wrong, the -package is normally rejected by the ftpmasters. So getting it right -the first time around get the package into Debian faster, and save -both you and the ftpmasters some work.. Today, while trying to figure -out what was wrong with -the -zfsonlinux copyright file, I decided to spend some time on -figuring out the options for doing this job automatically, or at least -semi-automatically.

- -

Lucikly, there are at least two tools available for generating the -file based on the code in the source package, -debmake -and cme. I'm -not sure which one of them came first, but both seem to be able to -create a sensible draft file. As far as I can tell, none of them can -be trusted to get the result just right, so the content need to be -polished a bit before the file is OK to upload. I found the debmake -option in -a -blog posts from 2014. - -

To generate using debmake, use the -cc option: - -

-debmake -cc > debian/copyright
-

- -

Note there are some problems with python and non-ASCII names, so -this might not be the best option.

- -

The cme option is based on a config parsing library, and I found -this approach in -a -blog post from 2015. To generate using cme, use the 'update -dpkg-copyright' option: - -

-cme update dpkg-copyright
-

- -

This will create or update debian/copyright. The cme tool seem to -handle UTF-8 names better than debmake.

- -

When the copyright file is created, I would also like some help to -check if the file is correct. For this I found two good options, -debmake -k and license-reconcile. The former seem -to focus on license types and file matching, and is able to detect -ineffective blocks in the copyright file. The latter reports missing -copyright holders and years, but was confused by inconsistent license -names (like CDDL vs. CDDL-1.0). I suspect it is good to use both and -fix all issues reported by them before uploading. But I do not know -if the tools and the ftpmasters agree on what is important to fix in a -copyright file, so the package might still be rejected.

- -

The devscripts tool licensecheck deserve mentioning. It -will read through the source and try to find all copyright statements. -It is not comparing the result to the content of debian/copyright, but -can be useful when verifying the content of the copyright file.

- -

Are you aware of better tools in Debian to create and update -debian/copyright file. Please let me know, or blog about it on -planet.debian.org.

- -

As usual, if you use Bitcoin and want to show your support of my -activities, please send Bitcoin donations to my address -15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

- -

Update 2016-02-20: I got a tip from Mike Gabriel -on how to use licensecheck and cdbs to create a draft copyright file - -

-licensecheck --copyright -r `find * -type f` | \
-  /usr/lib/cdbs/licensecheck2dep5 > debian/copyright.auto
-

- -

He mentioned that he normally check the generated file into the -version control system to make it easier to discover license and -copyright changes in the upstream source. I will try to do the same -with my packages in the future.

- -

Update 2016-02-21: The cme author recommended -against using -quiet for new users, so I removed it from the proposed -command line.

+
First draft Norwegian Bokmål edition of The Debian Administrator's Handbook now public
+
30th August 2016
+

In April we +started +to work on a Norwegian Bokmål edition of the "open access" book on +how to set up and administrate a Debian system. Today I am happy to +report that the first draft is now publicly available. You can find +it on get the Debian +Administrator's Handbook page (under Other languages). The first +eight chapters have a first draft translation, and we are working on +proofreading the content. If you want to help out, please start +contributing using +the +hosted weblate project page, and get in touch using +the +translators mailing list. Please also check out +the instructions for +contributors. A good way to contribute is to proofread the text +and update weblate if you find errors.

+ +

Our goal is still to make the Norwegian book available on paper as well as +electronic form.

@@ -1006,81 +778,75 @@ command line.

-
Using appstream in Debian to locate packages with firmware and mime type support
-
4th February 2016
-

The appstream system -is taking shape in Debian, and one provided feature is a very -convenient way to tell you which package to install to make a given -firmware file available when the kernel is looking for it. This can -be done using apt-file too, but that is for someone else to blog -about. :)

- -

Here is a small recipe to find the package with a given firmware -file, in this example I am looking for ctfw-3.2.3.0.bin, randomly -picked from the set of firmware announced using appstream in Debian -unstable. In general you would be looking for the firmware requested -by the kernel during kernel module loading. To find the package -providing the example file, do like this:

- -
-% apt install appstream
-[...]
-% apt update
-[...]
-% appstreamcli what-provides firmware:runtime ctfw-3.2.3.0.bin | \
-  awk '/Package:/ {print $2}'
-firmware-qlogic
-%
-
- -

See the -appstream wiki page to learn how to embed the package metadata in -a way appstream can use.

- -

This same approach can be used to find any package supporting a -given MIME type. This is very useful when you get a file you do not -know how to handle. First find the mime type using file ---mime-type, and next look up the package providing support for -it. Lets say you got an SVG file. Its MIME type is image/svg+xml, -and you can find all packages handling this type like this:

- -
-% apt install appstream
-[...]
-% apt update
-[...]
-% appstreamcli what-provides mimetype image/svg+xml | \
-  awk '/Package:/ {print $2}'
-bkchem
-phototonic
-inkscape
-shutter
-tetzle
-geeqie
-xia
-pinta
-gthumb
-karbon
-comix
-mirage
-viewnior
-postr
-ristretto
-kolourpaint4
-eog
-eom
-gimagereader
-midori
-%
-
- -

I believe the MIME types are fetched from the desktop file for -packages providing appstream metadata.

+
Coz can help you find bottlenecks in multi-threaded software - nice free software
+
11th August 2016
+

This summer, I read a great article +"coz: +This Is the Profiler You're Looking For" in USENIX ;login: about +how to profile multi-threaded programs. It presented a system for +profiling software by running experiences in the running program, +testing how run time performance is affected by "speeding up" parts of +the code to various degrees compared to a normal run. It does this by +slowing down parallel threads while the "faster up" code is running +and measure how this affect processing time. The processing time is +measured using probes inserted into the code, either using progress +counters (COZ_PROGRESS) or as latency meters (COZ_BEGIN/COZ_END). It +can also measure unmodified code by measuring complete the program +runtime and running the program several times instead.

+ +

The project and presentation was so inspiring that I would like to +get the system into Debian. I +created +a WNPP request for it and contacted upstream to try to make the +system ready for Debian by sending patches. The build process need to +be changed a bit to avoid running 'git clone' to get dependencies, and +to include the JavaScript web page used to visualize the collected +profiling information included in the source package. +But I expect that should work out fairly soon.

+ +

The way the system work is fairly simple. To run an coz experiment +on a binary with debug symbols available, start the program like this: + +

+coz run --- program-to-run
+

+ +

This will create a text file profile.coz with the instrumentation +information. To show what part of the code affect the performance +most, use a web browser and either point it to +http://plasma-umass.github.io/coz/ +or use the copy from git (in the gh-pages branch). Check out this web +site to have a look at several example profiling runs and get an idea what the end result from the profile runs look like. To make the +profiling more useful you include <coz.h> and insert the +COZ_PROGRESS or COZ_BEGIN and COZ_END at appropriate places in the +code, rebuild and run the profiler. This allow coz to do more +targeted experiments.

+ +

A video published by ACM +presenting the +Coz profiler is available from Youtube. There is also a paper +from the 25th Symposium on Operating Systems Principles available +titled +Coz: +finding code that counts with causal profiling.

+ +

The source code +for Coz is available from github. It will only build with clang +because it uses a +C++ +feature missing in GCC, but I've submitted +a patch to solve +it and hope it will be included in the upstream source soon.

+ +

Please get in touch if you, like me, would like to see this piece +of software in Debian. I would very much like some help with the +packaging effort, as I lack the in depth knowledge on how to package +C++ libraries.

- Tags: debian, english. + Tags: debian, english, nice free software.
@@ -1088,91 +854,58 @@ packages providing appstream metadata.

-
Creepy, visualise geotagged social media information - nice free software
-
24th January 2016
-

Most people seem not to realise that every time they walk around -with the computerised radio beacon known as a mobile phone their -position is tracked by the phone company and often stored for a long -time (like every time a SMS is received or sent). And if their -computerised radio beacon is capable of running programs (often called -mobile apps) downloaded from the Internet, these programs are often -also capable of tracking their location (if the app requested access -during installation). And when these programs send out information to -central collection points, the location is often included, unless -extra care is taken to not send the location. The provided -information is used by several entities, for good and bad (what is -good and bad, depend on your point of view). What is certain, is that -the private sphere and the right to free movement is challenged and -perhaps even eradicated for those announcing their location this way, -when they share their whereabouts with private and public -entities.

- -

- -

The phone company logs provide a register of locations to check out -when one want to figure out what the tracked person was doing. It is -unavailable for most of us, but provided to selected government -officials, company staff, those illegally buying information from -unfaithful servants and crackers stealing the information. But the -public information can be collected and analysed, and a free software -tool to do so is called -Creepy or Cree.py. I -discovered it when I read -an -article about Creepy in the Norwegian newspaper Aftenposten i -November 2014, and decided to check if it was available in Debian. -The python program was in Debian, but -the version in -Debian was completely broken and practically unmaintained. I -uploaded a new version which did not work quite right, but did not -have time to fix it then. This Christmas I decided to finally try to -get Creepy operational in Debian. Now a fixed version is available in -Debian unstable and testing, and almost all Debian specific patches -are now included -upstream.

- -

The Creepy program visualises geolocation information fetched from -Twitter, Instagram, Flickr and Google+, and allow one to get a -complete picture of every social media message posted recently in a -given area, or track the movement of a given individual across all -these services. Earlier it was possible to use the search API of at -least some of these services without identifying oneself, but these -days it is impossible. This mean that to use Creepy, you need to -configure it to log in as yourself on these services, and provide -information to them about your search interests. This should be taken -into account when using Creepy, as it will also share information -about yourself with the services.

- -

The picture above show the twitter messages sent from (or at least -geotagged with a position from) the city centre of Oslo, the capital -of Norway. One useful way to use Creepy is to first look at -information tagged with an area of interest, and next look at all the -information provided by one or more individuals who was in the area. -I tested it by checking out which celebrity provide their location in -twitter messages by checkout out who sent twitter messages near a -Norwegian TV station, and next could track their position over time, -making it possible to locate their home and work place, among other -things. A similar technique have been -used -to locate Russian soldiers in Ukraine, and it is both a powerful -tool to discover lying governments, and a useful tool to help people -understand the value of the private information they provide to the -public.

- -

The package is not trivial to backport to Debian Stable/Jessie, as -it depend on several python modules currently missing in Jessie (at -least python-instagram, python-flickrapi and -python-requests-toolbelt).

- -

(I have uploaded -the image to -screenshots.debian.net and licensed it under the same terms as the -Creepy program in Debian.)

+
Sales number for the Free Culture translation, first half of 2016
+
5th August 2016
+

As my regular readers probably remember, the last year I published +a French and Norwegian translation of the classic +Free Culture book by the +founder of the Creative Commons movement, Lawrence Lessig. A bit less +known is the fact that due to the way I created the translations, +using docbook and po4a, I also recreated the English original. And +because I already had created a new the PDF edition, I published it +too. The revenue from the books are sent to the Creative Commons +Corporation. In other words, I do not earn any money from this +project, I just earn the warm fuzzy feeling that the text is available +for a wider audience and more people can learn why the Creative +Commons is needed.

+ +

Today, just for fun, I had a look at the sales number over at +Lulu.com, which take care of payment, printing and shipping. Much to +my surprise, the English edition is selling better than both the +French and Norwegian edition, despite the fact that it has been +available in English since it was first published. In total, 24 paper +books was sold for USD $19.99 between 2016-01-01 and 2016-07-31:

+ + + + + + +
Title / languageQuantity
Culture Libre / French3
Fri kultur / Norwegian7
Free Culture / English14
+ +

The books are available both from Lulu.com and from large book +stores like Amazon and Barnes&Noble. Most revenue, around $10 per +book, is sent to the Creative Commons project when the book is sold +directly by Lulu.com. The other channels give less revenue. The +summary from Lulu tell me 10 books was sold via the Amazon channel, 10 +via Ingram (what is this?) and 4 directly by Lulu. And Lulu.com tells +me that the revenue sent so far this year is USD $101.42. No idea +what kind of sales numbers to expect, so I do not know if that is a +good amount of sales for a 10 year old book or not. But it make me +happy that the buyers find the book, and I hope they enjoy reading it +as much as I did.

+ +

The ebook edition is available for free from +Github.

+ +

If you would like to translate and publish the book in your native +language, I would be happy to help make it happen. Please get in +touch.

- Tags: debian, english, nice free software. + Tags: docbook, english, freeculture.
@@ -1180,72 +913,40 @@ Creepy program in Debian.)

-
Always download Debian packages using Tor - the simple recipe
-
15th January 2016
-

During his DebConf15 keynote, Jacob Appelbaum -observed -that those listening on the Internet lines would have good reason to -believe a computer have a given security hole if it download a -security fix from a Debian mirror. This is a good reason to always -use encrypted connections to the Debian mirror, to make sure those -listening do not know which IP address to attack. In August, Richard -Hartmann observed that encryption was not enough, when it was possible -to interfere download size to security patches or the fact that -download took place shortly after a security fix was released, and -proposed -to always use Tor to download packages from the Debian mirror. He -was not the first to propose this, as the -apt-transport-tor -package by Tim Retout already existed to make it easy to convince apt -to use Tor, but I was not -aware of that package when I read the blog post from Richard.

- -

Richard discussed the idea with Peter Palfrader, one of the Debian -sysadmins, and he set up a Tor hidden service on one of the central -Debian mirrors using the address vwakviie2ienjx6t.onion, thus making -it possible to download packages directly between two tor nodes, -making sure the network traffic always were encrypted.

- -

Here is a short recipe for enabling this on your machine, by -installing apt-transport-tor and replacing http and https -urls with tor+http and tor+https, and using the hidden service instead -of the official Debian mirror site. I recommend installing -etckeeper before you start to have a history of the changes -done in /etc/.

- -
-apt install apt-transport-tor
-sed -i 's% http://ftp.debian.org/% tor+http://vwakviie2ienjx6t.onion/%' /etc/apt/sources.list
-sed -i 's% http% tor+http%' /etc/apt/sources.list
-
- -

If you have more sources listed in /etc/apt/sources.list.d/, run -the sed commands for these too. The sed command is assuming your are -using the ftp.debian.org Debian mirror. Adjust the command (or just -edit the file manually) to match your mirror.

- -

This work in Debian Jessie and later. Note that tools like -apt-file only recently started using the apt transport -system, and do not work with these tor+http URLs. For -apt-file you need the version currently in experimental, -which need a recent apt version currently only in unstable. So if you -need a working apt-file, this is not for you.

- -

Another advantage from this change is that your machine will start -using Tor regularly and at fairly random intervals (every time you -update the package lists or upgrade or install a new package), thus -masking other Tor traffic done from the same machine. Using Tor will -become normal for the machine in question.

- -

On Freedombox, APT -is set up by default to use apt-transport-tor when Tor is -enabled. It would be great if it was the default on any Debian -system.

+
Vitenskapen tar som vanlig feil igjen - relativt feil
+
1st August 2016
+

For mange år siden leste jeg en klassisk tekst som gjorde såpass +inntrykk på meg at jeg husker den fortsatt, flere år senere, og bruker +argumentene fra den stadig vekk. Teksten var «The Relativity of +Wrong» som Isaac Asimov publiserte i Skeptical Inquirer i 1989. Den +gir litt perspektiv rundt formidlingen av vitenskapelige resultater. +Jeg har hatt lyst til å kunne dele den også med folk som ikke +behersker engelsk så godt, som barn og noen av mine eldre slektninger, +og har savnet å ha den tilgjengelig på norsk. For to uker siden tok +jeg meg sammen og kontaktet Asbjørn Dyrendal i foreningen Skepsis om +de var interessert i å publisere en norsk utgave på bloggen sin, og da +han var positiv tok jeg kontakt med Skeptical Inquirer og spurte om +det var greit for dem. I løpet av noen dager fikk vi tilbakemelding +fra Barry Karr hos The Skeptical Inquirer som hadde sjekket og fått OK +fra Robyn Asimov som representerte arvingene i Asmiov-familien og gikk +igang med oversettingen.

+ +

Resultatet, «Relativt +feil», ble publisert på skepsis-bloggen for noen minutter siden. +Jeg anbefaler deg på det varmeste å lese denne teksten og dele den med +dine venner.

+ +

For å håndtere oversettelsen og sikre at original og oversettelse +var i sync brukte vi git, po4a, GNU make og Transifex. Det hele +fungerte utmerket og gjorde det enkelt å dele tekstene og jobbe sammen +om finpuss på formuleringene. Hadde hosted.weblate.org latt meg +opprette nye prosjekter selv i stedet for å måtte kontakte +administratoren der, så hadde jeg brukt weblate i stedet.

- Tags: debian, english, sikkerhet. + Tags: norsk, skepsis.
@@ -1269,7 +970,21 @@ system.

  • March (3)
    • -
  • April (3)
    • +
  • April (8)
    • + +
  • May (8)
    • + +
  • June (2)
    • + +
  • July (2)
    • + +
  • August (5)
    • + +
  • September (2)
    • + +
  • October (3)
    • + +
  • November (1)
    • @@ -1502,41 +1217,41 @@ system.

  • bitcoin (9)
    • -
  • bootsystem (15)
    • +
  • bootsystem (16)
  • bsa (2)
  • chrpath (2)
    • -
  • debian (123)
    • +
  • debian (137)
    • -
  • debian edu (154)
    • +
  • debian edu (157)
  • digistan (10)
    • -
  • dld (15)
    • +
  • dld (16)
    • -
  • docbook (20)
    • +
  • docbook (23)
  • drivstoffpriser (4)
    • -
  • english (307)
    • +
  • english (329)
  • fiksgatami (23)
  • fildeling (12)
    • -
  • freeculture (25)
    • +
  • freeculture (28)
  • freedombox (9)
    • -
  • frikanalen (16)
    • +
  • frikanalen (18)
  • h264 (20)
  • intervju (42)
    • -
  • isenkram (11)
    • +
  • isenkram (13)
  • kart (19)
    • @@ -1550,21 +1265,21 @@ system.

  • mesh network (8)
    • -
  • multimedia (37)
    • +
  • multimedia (39)
    • -
  • nice free software (7)
    • +
  • nice free software (8)
    • -
  • norsk (274)
    • +
  • norsk (280)
    • -
  • nuug (178)
    • +
  • nuug (182)
    • -
  • offentlig innsyn (23)
    • +
  • offentlig innsyn (26)
  • open311 (2)
    • -
  • opphavsrett (58)
    • +
  • opphavsrett (61)
    • -
  • personvern (92)
    • +
  • personvern (94)
  • raid (1)
    • @@ -1582,19 +1297,19 @@ system.

  • scraperwiki (2)
    • -
  • sikkerhet (46)
    • +
  • sikkerhet (51)
  • sitesummary (4)
    • -
  • skepsis (4)
    • +
  • skepsis (5)
  • standard (49)
    • -
  • stavekontroll (3)
    • +
  • stavekontroll (4)
  • stortinget (10)
    • -
  • surveillance (36)
    • +
  • surveillance (42)
  • sysadmin (2)
    • @@ -1602,7 +1317,7 @@ system.

  • valg (8)
    • -
  • video (55)
    • +
  • video (59)
  • vitenskap (4)