A while back, I was asked by a friend how to stream the desktop to
+my projector connected to Kodi. I sadly had to admit that I had no
+idea, as it was a task I never had tried. Since then, I have been
+looking for a way to do so, preferable without much extra software to
+install on either side. Today I found a way that seem to kind of
+work. Not great, but it is a start.
+
+
I had a look at several approaches, for example
+using uPnP
+DLNA as described in 2011, but it required a uPnP server, fuse and
+local storage enough to store the stream locally. This is not going
+to work well for me, lacking enough free space, and it would
+impossible for my friend to get working.
+
+
Next, it occurred to me that perhaps I could use VLC to create a
+video stream that Kodi could play. Preferably using
+broadcast/multicast, to avoid having to change any setup on the Kodi
+side when starting such stream. Unfortunately, the only recipe I
+could find using multicast used the rtp protocol, and this protocol
+seem to not be supported by Kodi.
+
+
On the other hand, the rtsp protocol is working! Unfortunately I
+have to specify the IP address of the streaming machine in both the
+sending command and the file on the Kodi server. But it is showing my
+desktop, and thus allow us to have a shared look on the big screen at
+the programs I work on.
+
+
I did not spend much time investigating codeces. I combined the
+rtp and rtsp recipes from
+the
+VLC Streaming HowTo/Command Line Examples, and was able to get
+this working on the desktop/streaming end.
-
+
+vlc screen:// --sout \
+ '#transcode{vcodec=mp4v,acodec=mpga,vb=800,ab=128}:rtp{dst=projector.local,port=1234,sdp=rtsp://192.168.11.4:8080/test.sdp}'
+
- - Continued work on the angularjs GUI, including document upload.
- - Implemented correspondencepartPerson, correspondencepartUnit and
- correspondencepartInternal
- - Applied for coverity coverage and started submitting code on
- regualr basis.
- - Started fixing bugs reported by coverity
- - Corrected and completed HATEOAS links to make sure entire API is
- available via URLs in _links.
- - Corrected all relation URLs to use trailing slash.
- - Add initial support for storing data in ElasticSearch.
- - Now able to receive and store uploaded files in the archive.
- - Changed JSON output for object lists to have relations in _links.
- - Improve JSON output for empty object lists.
- - Now uses correct MIME type application/vnd.noark5-v4+json.
- - Added support for docker container images.
- - Added simple API browser implemented in JavaScript/Angular.
- - Started on archive client implemented in JavaScript/Angular.
- - Started on prototype to show the public mail journal.
- - Improved performance by disabling Sprint FileWatcher.
- - Added support for 'arkivskaper', 'saksmappe' and 'journalpost'.
- - Added support for some metadata codelists.
- - Added support for Cross-origin resource sharing (CORS).
- - Changed login method from Basic Auth to JSON Web Token (RFC 7519)
- style.
- - Added support for GET-ing ny-* URLs.
- - Added support for modifying entities using PUT and eTag.
- - Added support for returning XML output on request.
- - Removed support for English field and class names, limiting ourself
- to the official names.
- - ...
-
-
+
I ssh-ed into my Kodi box and created a file like this with the
+same IP address:
+
+
+echo rtsp://192.168.11.4:8080/test.sdp \
+ > /storage/videos/screenstream.m3u
+
+
+
Note the 192.168.11.4 IP address is my desktops IP address. As far
+as I can tell the IP must be hardcoded for this to work. In other
+words, if someone elses machine is going to do the steaming, you have
+to update screenstream.m3u on the Kodi machine and adjust the vlc
+recipe. To get started, locate the file in Kodi and select the m3u
+file while the VLC stream is running. The desktop then show up in my
+big screen. :)
+
+
When using the same technique to stream a video file with audio,
+the audio quality is really bad. No idea if the problem is package
+loss or bad parameters for the transcode. I do not know VLC nor Kodi
+enough to tell.
+
+
Update 2018-07-12: Johannes Schauer send me a few
+succestions and reminded me about an important step. The "screen:"
+input source is only available once the vlc-plugin-access-extra
+package is installed on Debian. Without it, you will see this error
+message: "VLC is unable to open the MRL 'screen://'. Check the log
+for details." He further found that it is possible to drop some parts
+of the VLC command line to reduce the amount of hardcoded information.
+It is also useful to consider using cvlc to avoid having the VLC
+window in the desktop view. In sum, this give us this command line on
+the source end
+
+
+cvlc screen:// --sout \
+ '#transcode{vcodec=mp4v,acodec=mpga,vb=800,ab=128}:rtp{sdp=rtsp://:8080/}'
+
+
+
and this on the Kodi end
+
+
+echo rtsp://192.168.11.4:8080/ \
+ > /storage/videos/screenstream.m3u
+
-
If this sound interesting to you, please contact us on IRC (#nikita
-on irc.freenode.net) or email
-(nikita-noark
-mailing list).
+
Still bad image quality, though. But I did discover that streaming
+a DVD using dvdsimple:///dev/dvd as the source had excellent video and
+audio quality, so I guess the issue is in the input or transcoding
+parts, not the rtsp part. I've tried to change the vb and ab
+parameters to use more bandwidth, but it did not make a
+difference.
+
+
I further received a suggestion from Einar Haraldseid to try using
+gstreamer instead of VLC, and this proved to work great! He also
+provided me with the trick to get Kodi to use a multicast stream as
+its source. By using this monstrous oneliner, I can stream my desktop
+with good video quality in reasonable framerate to the 239.255.0.1
+multicast address on port 1234:
+
+
+gst-launch-1.0 ximagesrc use-damage=0 ! video/x-raw,framerate=30/1 ! \
+ videoconvert ! queue2 ! \
+ x264enc bitrate=8000 speed-preset=superfast tune=zerolatency qp-min=30 \
+ key-int-max=15 bframes=2 ! video/x-h264,profile=high ! queue2 ! \
+ mpegtsmux alignment=7 name=mux ! rndbuffersize max=1316 min=1316 ! \
+ udpsink host=239.255.0.1 port=1234 ttl-mc=1 auto-multicast=1 sync=0 \
+ pulsesrc device=$(pactl list | grep -A2 'Source #' | \
+ grep 'Name: .*\.monitor$' | cut -d" " -f2|head -1) ! \
+ audioconvert ! queue2 ! avenc_aac ! queue2 ! mux.
+
+
+
and this on the Kodi end
+
+
+echo udp://@239.255.0.1:1234 \
+ > /storage/videos/screenstream.m3u
+
+
+
Note the trick to pick a valid pulseaudio source. It might not
+pick the one you need. This approach will of course lead to trouble
+if more than one source uses the same multicast port and address.
+Note the ttl-mc=1 setting, which limit the multicast packages to the
+local network. If the value is increased, your screen will be
+broadcasted further, one network "hop" for each increase (read up on
+multicast to learn more. :)!
+
+
Having cracked how to get Kodi to receive multicast streams, I
+could use this VLC command to stream to the same multicast address.
+The image quality is way better than the rtsp approach, but gstreamer
+seem to be doing a better job.
+
+
+cvlc screen:// --sout '#transcode{vcodec=mp4v,acodec=mpga,vb=800,ab=128}:rtp{mux=ts,dst=239.255.0.1,port=1234,sdp=sap}'
+
+
+
As usual, if you use Bitcoin and want to show your support of my
+activities, please send Bitcoin donations to my address
+15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.
-
-
7th June 2017
-
This is a copy of
-an
-email I posted to the nikita-noark mailing list. Please follow up
-there if you would like to discuss this topic. The background is that
-we are making a free software archive system based on the Norwegian
-Noark
-5 standard for government archives.
-
-
I've been wondering a bit lately how trusted timestamps could be
-stored in Noark 5.
-Trusted
-timestamps can be used to verify that some information
-(document/file/checksum/metadata) have not been changed since a
-specific time in the past. This is useful to verify the integrity of
-the documents in the archive.
-
-
Then it occured to me, perhaps the trusted timestamps could be
-stored as dokument variants (ie dokumentobjekt referered to from
-dokumentbeskrivelse) with the filename set to the hash it is
-stamping?
-
-
Given a "dokumentbeskrivelse" with an associated "dokumentobjekt",
-a new dokumentobjekt is associated with "dokumentbeskrivelse" with the
-same attributes as the stamped dokumentobjekt except these
-attributes:
+
+
9th July 2018
+
Five years ago,
+I
+measured what the most supported MIME type in Debian was, by
+analysing the desktop files in all packages in the archive. Since
+then, the DEP-11 AppStream system has been put into production, making
+the task a lot easier. This made me want to repeat the measurement,
+to see how much things changed. Here are the new numbers, for
+unstable only this time:
+
+
Debian Unstable:
+
+
+ count MIME type
+ ----- -----------------------
+ 56 image/jpeg
+ 55 image/png
+ 49 image/tiff
+ 48 image/gif
+ 39 image/bmp
+ 38 text/plain
+ 37 audio/mpeg
+ 34 application/ogg
+ 33 audio/x-flac
+ 32 audio/x-mp3
+ 30 audio/x-wav
+ 30 audio/x-vorbis+ogg
+ 29 image/x-portable-pixmap
+ 27 inode/directory
+ 27 image/x-portable-bitmap
+ 27 audio/x-mpeg
+ 26 application/x-ogg
+ 25 audio/x-mpegurl
+ 25 audio/ogg
+ 24 text/html
+
+
+
The list was created like this using a sid chroot: "cat
+/var/lib/apt/lists/*sid*_dep11_Components-amd64.yml.gz| zcat | awk '/^
+- \S+\/\S+$/ {print $2 }' | sort | uniq -c | sort -nr | head -20"
+
+
It is interesting to see how image formats have passed text/plain
+as the most announced supported MIME type. These days, thanks to the
+AppStream system, if you run into a file format you do not know, and
+want to figure out which packages support the format, you can find the
+MIME type of the file using "file --mime <filename>", and then
+look up all packages announcing support for this format in their
+AppStream metadata (XML or .desktop file) using "appstreamcli
+what-provides mimetype <mime-type>. For example if you, like
+me, want to know which packages support inode/directory, you can get a
+list like this:
-
-
-- format -> "RFC3161"
-
- mimeType -> "application/timestamp-reply"
-
- formatDetaljer -> "<source URL for timestamp service>"
-
- filenavn -> "<sjekksum>.tsr"
-
-
+
+% appstreamcli what-provides mimetype inode/directory | grep Package: | sort
+Package: anjuta
+Package: audacious
+Package: baobab
+Package: cervisia
+Package: chirp
+Package: dolphin
+Package: doublecmd-common
+Package: easytag
+Package: enlightenment
+Package: ephoto
+Package: filelight
+Package: gwenview
+Package: k4dirstat
+Package: kaffeine
+Package: kdesvn
+Package: kid3
+Package: kid3-qt
+Package: nautilus
+Package: nemo
+Package: pcmanfm
+Package: pcmanfm-qt
+Package: qweborf
+Package: ranger
+Package: sirikali
+Package: spacefm
+Package: spacefm
+Package: vifm
+%
+
-
This assume a service following
-IETF RFC 3161 is
-used, which specifiy the given MIME type for replies and the .tsr file
-ending for the content of such trusted timestamp. As far as I can
-tell from the Noark 5 specifications, it is OK to have several
-variants/renderings of a dokument attached to a given
-dokumentbeskrivelse objekt. It might be stretching it a bit to make
-some of these variants represent crypto-signatures useful for
-verifying the document integrity instead of representing the dokument
-itself.
-
-
Using the source of the service in formatDetaljer allow several
-timestamping services to be used. This is useful to spread the risk
-of key compromise over several organisations. It would only be a
-problem to trust the timestamps if all of the organisations are
-compromised.
-
-
The following oneliner on Linux can be used to generate the tsr
-file. $input is the path to the file to checksum, and $sha256 is the
-SHA-256 checksum of the file (ie the ".tsr" value mentioned
-above).
+
Using the same method, I can quickly discover that the Sketchup file
+format is not yet supported by any package in Debian:
-openssl ts -query -data "$inputfile" -cert -sha256 -no_nonce \
- | curl -s -H "Content-Type: application/timestamp-query" \
- --data-binary "@-" http://zeitstempel.dfn.de > $sha256.tsr
+% appstreamcli what-provides mimetype application/vnd.sketchup.skp
+Could not find component providing 'mimetype::application/vnd.sketchup.skp'.
+%
-
To verify the timestamp, you first need to download the public key
-of the trusted timestamp service, for example using this command:
+
Yesterday I used it to figure out which packages support the STL 3D
+format:
-wget -O ca-cert.txt \
- https://pki.pca.dfn.de/global-services-ca/pub/cacert/chain.txt
+% appstreamcli what-provides mimetype application/sla|grep Package
+Package: cura
+Package: meshlab
+Package: printrun
+%
-
Note, the public key should be stored alongside the timestamps in
-the archive to make sure it is also available 100 years from now. It
-is probably a good idea to standardise how and were to store such
-public keys, to make it easier to find for those trying to verify
-documents 100 or 1000 years from now. :)
+
PS: A new version of Cura was uploaded to Debian yesterday.
-
The verification itself is a simple openssl command:
+
As usual, if you use Bitcoin and want to show your support of my
+activities, please send Bitcoin donations to my address
+15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.
+
+
+
+
+
+
+
+
8th July 2018
+
Quite regularly, I let my Debian Sid/Unstable chroot stay untouch
+for a while, and when I need to update it there is not enough free
+space on the disk for apt to do a normal 'apt upgrade'. I normally
+would resolve the issue by doing 'apt install <somepackages>' to
+upgrade only some of the packages in one batch, until the amount of
+packages to download fall below the amount of free space available.
+Today, I had about 500 packages to upgrade, and after a while I got
+tired of trying to install chunks of packages manually. I concluded
+that I did not have the spare hours required to complete the task, and
+decided to see if I could automate it. I came up with this small
+script which I call 'apt-in-chunks':
-openssl ts -verify -data $inputfile -in $sha256.tsr \
- -CAfile ca-cert.txt -text
+#!/bin/sh
+#
+# Upgrade packages when the disk is too full to upgrade every
+# upgradable package in one lump. Fetching packages to upgrade using
+# apt, and then installing using dpkg, to avoid changing the package
+# flag for manual/automatic.
+
+set -e
+
+ignore() {
+ if [ "$1" ]; then
+ grep -v "$1"
+ else
+ cat
+ fi
+}
+
+for p in $(apt list --upgradable | ignore "$@" |cut -d/ -f1 | grep -v '^Listing...'); do
+ echo "Upgrading $p"
+ apt clean
+ apt install --download-only -y $p
+ for f in /var/cache/apt/archives/*.deb; do
+ if [ -e "$f" ]; then
+ dpkg -i /var/cache/apt/archives/*.deb
+ break
+ fi
+ done
+done
-
Is there any reason this approach would not work? Is it somehow against
-the Noark 5 specification?
+
The script will extract the list of packages to upgrade, try to
+download the packages needed to upgrade one package, install the
+downloaded packages using dpkg. The idea is to upgrade packages
+without changing the APT mark for the package (ie the one recording of
+the package was manually requested or pulled in as a dependency). To
+use it, simply run it as root from the command line. If it fail, try
+'apt install -f' to clean up the mess and run the script again. This
+might happen if the new packages conflict with one of the old
+packages. dpkg is unable to remove, while apt can do this.
+
+
It take one option, a package to ignore in the list of packages to
+upgrade. The option to ignore a package is there to be able to skip
+the packages that are simply too large to unpack. Today this was
+'ghc', but I have run into other large packages causing similar
+problems earlier (like TeX).
+
+
Update 2018-07-08: Thanks to Paul Wise, I am aware of two
+alternative ways to handle this. The "unattended-upgrades
+--minimal-upgrade-steps" option will try to calculate upgrade sets for
+each package to upgrade, and then upgrade them in order, smallest set
+first. It might be a better option than my above mentioned script.
+Also, "aptutude upgrade" can upgrade single packages, thus avoiding
+the need for using "dpkg -i" in the script above.
+
+
As usual, if you use Bitcoin and want to show your support of my
+activities, please send Bitcoin donations to my address
+15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.
@@ -247,61 +375,32 @@ the Noark 5 specification?
-
-
3rd June 2017
-
Aftenposten
-melder i dag om feil i eksamensoppgavene for eksamen i politikk og
-menneskerettigheter, der teksten i bokmåls og nynorskutgaven ikke var
-like. Oppgaveteksten er gjengitt i artikkelen, og jeg ble nysgjerring
-på om den fri oversetterløsningen
-Apertium ville gjort en bedre
-jobb enn Utdanningsdirektoratet. Det kan se slik ut.
-
-
Her er bokmålsoppgaven fra eksamenen:
-
-
-Drøft utfordringene knyttet til nasjonalstatenes og andre aktørers
-rolle og muligheter til å håndtere internasjonale utfordringer, som
-for eksempel flykningekrisen.
-
-Vedlegge er eksempler på tekster som kan gi relevante perspektiver
-på temaet:
-
-- Flykningeregnskapet 2016, UNHCR og IDMC
-
- «Grenseløst Europa for fall» A-Magasinet, 26. november 2015
-
-
-
-
-
Dette oversetter Apertium slik:
-
-
-Drøft utfordringane knytte til nasjonalstatane sine og rolla til
-andre aktørar og høve til å handtera internasjonale utfordringar, som
-til dømes *flykningekrisen.
-
-Vedleggja er døme på tekster som kan gje relevante perspektiv på
-temaet:
-
-
-- *Flykningeregnskapet 2016, *UNHCR og *IDMC
-- «*Grenseløst Europa for fall» A-Magasinet, 26. november 2015
-
-
-
-
-
Ord som ikke ble forstått er markert med stjerne (*), og trenger
-ekstra språksjekk. Men ingen ord er forsvunnet, slik det var i
-oppgaven elevene fikk presentert på eksamen. Jeg mistenker dog at
-"andre aktørers rolle og muligheter til ..." burde vært oversatt til
-"rolla til andre aktørar og deira høve til ..." eller noe slikt, men
-det er kanskje flisespikking. Det understreker vel bare at det alltid
-trengs korrekturlesning etter automatisk oversettelse.
+
+
30th June 2018
+
So far, at least hydro-electric power, coal power, wind power,
+solar power, and wood power are well known. Until a few days ago, I
+had never heard of stone power. Then I learn about a quarry in a
+mountain in
+Bremanger i
+Norway, where
+the
+Bremanger Quarry company is extracting stone and dumping the stone
+into a shaft leading to its shipping harbour. This downward movement
+in this shaft is used to produce electricity. In short, it is using
+falling rocks instead of falling water to produce electricity, and
+according to its own statements it is producing more power than it is
+using, and selling the surplus electricity to the Norwegian power
+grid. I find the concept truly amazing. Is this the worlds only
+stone power plant?
+
+
As usual, if you use Bitcoin and want to show your support of my
+activities, please send Bitcoin donations to my address
+15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.
@@ -309,67 +408,66 @@ trengs korrekturlesning etter automatisk oversettelse.
-
-
27th April 2017
-
I disse dager, med frist 1. mai, har Riksarkivaren ute en høring på
-sin forskrift. Som en kan se er det ikke mye tid igjen før fristen
-som går ut på søndag. Denne forskriften er det som lister opp hvilke
-formater det er greit å arkivere i
-Noark
-5-løsninger i Norge.
-
-
Jeg fant høringsdokumentene hos
-Norsk
-Arkivråd etter å ha blitt tipset på epostlisten til
-fri
-programvareprosjektet Nikita Noark5-Core, som lager et Noark 5
-Tjenestegresesnitt. Jeg er involvert i Nikita-prosjektet og takket
-være min interesse for tjenestegrensesnittsprosjektet har jeg lest en
-god del Noark 5-relaterte dokumenter, og til min overraskelse oppdaget
-at standard epost ikke er på listen over godkjente formater som kan
-arkiveres. Høringen med frist søndag er en glimrende mulighet til å
-forsøke å gjøre noe med det. Jeg holder på med
-egen
-høringsuttalelse, og lurer på om andre er interessert i å støtte
-forslaget om å tillate arkivering av epost som epost i arkivet.
-
-
Er du igang med å skrive egen høringsuttalelse allerede? I så fall
-kan du jo vurdere å ta med en formulering om epost-lagring. Jeg tror
-ikke det trengs så mye. Her et kort forslag til tekst:
-
-
-
- Viser til høring sendt ut 2017-02-17 (Riksarkivarens referanse
- 2016/9840 HELHJO), og tillater oss å sende inn noen innspill om
- revisjon av Forskrift om utfyllende tekniske og arkivfaglige
- bestemmelser om behandling av offentlige arkiver (Riksarkivarens
- forskrift).
-
- Svært mye av vår kommuikasjon foregår i dag på e-post. Vi
- foreslår derfor at Internett-e-post, slik det er beskrevet i IETF
- RFC 5322,
- https://tools.ietf.org/html/rfc5322. bør
- inn som godkjent dokumentformat. Vi foreslår at forskriftens
- oversikt over godkjente dokumentformater ved innlevering i § 5-16
- endres til å ta med Internett-e-post.
-
-
-
-
Som del av arbeidet med tjenestegrensesnitt har vi testet hvordan
-epost kan lagres i en Noark 5-struktur, og holder på å skrive et
-forslag om hvordan dette kan gjøres som vil bli sendt over til
-arkivverket så snart det er ferdig. De som er interesserte kan
-følge
-fremdriften på web.
-
-
Oppdatering 2017-04-28: I dag ble høringuttalelsen jeg skrev
- sendt
- inn av foreningen NUUG.
+
+
26th June 2018
+
My movie playing setup involve Kodi,
+OpenELEC (probably soon to be
+replaced with LibreELEC) and an
+Infocus IN76 video projector. My projector can be controlled via both
+a infrared remote controller, and a RS-232 serial line. The vendor of
+my projector, InFocus, had been
+sensible enough to document the serial protocol in its user manual, so
+it is easily available, and I used it some years ago to write
+a
+small script to control the projector. For a while now, I longed
+for a setup where the projector was controlled by Kodi, for example in
+such a way that when the screen saver went on, the projector was
+turned off, and when the screen saver exited, the projector was turned
+on again.
+
+
A few days ago, with very good help from parts of my family, I
+managed to find a Kodi Add-on for controlling a Epson projector, and
+got in touch with its author to see if we could join forces and make a
+Add-on with support for several projectors. To my pleasure, he was
+positive to the idea, and we set out to add InFocus support to his
+add-on, and make the add-on suitable for the official Kodi add-on
+repository.
+
+
The Add-on is now working (for me, at least), with a few minor
+adjustments. The most important change I do relative to the master
+branch in the github repository is embedding the
+pyserial module in
+the add-on. The long term solution is to make a "script" type
+pyserial module for Kodi, that can be pulled in as a dependency in
+Kodi. But until that in place, I embed it.
+
+
The add-on can be configured to turn on the projector when Kodi
+starts, off when Kodi stops as well as turn the projector off when the
+screensaver start and on when the screesaver stops. It can also be
+told to set the projector source when turning on the projector.
+
+
If this sound interesting to you, check out
+the
+project github repository. Perhaps you can send patches to
+support your projector too? As soon as we find time to wrap up the
+latest changes, it should be available for easy installation using any
+Kodi instance.
+
+
For future improvements, I would like to add projector model
+detection and the ability to adjust the brightness level of the
+projector from within Kodi. We also need to figure out how to handle
+the cooling period of the projector. My projector refuses to turn on
+for 60 seconds after it was turned off. This is not handled well by
+the add-on at the moment.
+
+
As usual, if you use Bitcoin and want to show your support of my
+activities, please send Bitcoin donations to my address
+15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.
@@ -377,52 +475,71 @@ fremdriften på web.
-
-
20th April 2017
-
Jeg oppdaget i dag at nettstedet som
-publiserer offentlige postjournaler fra statlige etater, OEP, har
-begynt å blokkerer enkelte typer webklienter fra å få tilgang. Vet
-ikke hvor mange det gjelder, men det gjelder i hvert fall libwww-perl
-og curl. For å teste selv, kjør følgende:
-
-
-% curl -v -s https://www.oep.no/pub/report.xhtml?reportId=3 2>&1 |grep '< HTTP'
-< HTTP/1.1 404 Not Found
-% curl -v -s --header 'User-Agent:Opera/12.0' https://www.oep.no/pub/report.xhtml?reportId=3 2>&1 |grep '< HTTP'
-< HTTP/1.1 200 OK
-%
-
-
-
Her kan en se at tjenesten gir «404 Not Found» for curl i
-standardoppsettet, mens den gir «200 OK» hvis curl hevder å være Opera
-versjon 12.0. Offentlig elektronisk postjournal startet blokkeringen
-2017-03-02.
-
-
Blokkeringen vil gjøre det litt vanskeligere å maskinelt hente
-informasjon fra oep.no. Kan blokkeringen være gjort for å hindre
-automatisert innsamling av informasjon fra OEP, slik Pressens
-Offentlighetsutvalg gjorde for å dokumentere hvordan departementene
-hindrer innsyn i
-rapporten
-«Slik hindrer departementer innsyn» som ble publiserte i januar
-2017. Det virker usannsynlig, da det jo er trivielt å bytte
-User-Agent til noe nytt.
-
-
Finnes det juridisk grunnlag for det offentlige å diskriminere
-webklienter slik det gjøres her? Der tilgang gis eller ikke alt etter
-hva klienten sier at den heter? Da OEP eies av DIFI og driftes av
-Basefarm, finnes det kanskje noen dokumenter sendt mellom disse to
-aktørene man kan be om innsyn i for å forstå hva som har skjedd. Men
-postjournalen
-til DIFI viser kun to dokumenter det siste året mellom DIFI og
-Basefarm.
-Mimes brønn neste,
-tenker jeg.
+
+
28th April 2018
+
I VHS-kassettenes
+tid var det rett frem å ta vare på et TV-program en ønsket å kunne se
+senere, uten å være avhengig av at programmet ble sendt på nytt.
+Kanskje ønsket en å se programmet på hytten der det ikke var
+TV-signal, eller av andre grunner ha det tilgjengelig for fremtidig
+fornøyelse. Dette er blitt vanskeligere med introduksjon av
+digital-TV og webstreaming, der opptak til harddisk er utenfor de
+flestes kontroll hvis de bruker ufri programvare og bokser kontrollert
+av andre. Men for NRK her i Norge, finnes det heldigvis flere fri
+programvare-alternativer, som jeg har
+skrevet
+om
+før.
+Så lenge kilden for nedlastingen er lovlig lagt ut på nett (hvilket
+jeg antar NRK gjør), så er slik lagring til privat bruk også lovlig i
+Norge.
+
+
Sist jeg så på saken, i 2016, nevnte jeg at
+youtube-dl ikke kunne
+bake undertekster fra NRK inn i videofilene, og at jeg derfor
+foretrakk andre alternativer. Nylig oppdaget jeg at dette har endret
+seg. Fordelen med youtube-dl er at den er tilgjengelig direkte fra
+Linux-distribusjoner som Debian
+og Ubuntu, slik at en slipper å
+finne ut selv hvordan en skal få dem til å virke.
+
+
For å laste ned et NRK-innslag med undertekster, og få den norske
+underteksten pakket inn i videofilen, så kan følgende kommando
+brukes:
+
+
+youtube-dl --write-sub --sub-format ttml \
+ --convert-subtitles srt --embed-subs \
+ https://tv.nrk.no/serie/ramm-ferdig-gaa/MUHU11000316/27-04-2018
+
+
+
URL-eksemplet er dagens toppsak på tv.nrk.no. Resultatet er en
+MP4-fil med filmen og undertekster som kan spilles av med VLC. Merk
+at VLC ikke viser frem undertekster før du aktiverer dem. For å gjøre
+det, høyreklikk med musa i fremviservinduet, velg menyvalget for
+undertekst og så norsk språk. Jeg testet også '--write-auto-sub',
+men det kommandolinjeargumentet ser ikke ut til å fungere, så jeg
+endte opp med settet med argumentlisten over, som jeg fant i en
+feilrapport i youtube-dl-prosjektets samling over feilrapporter.
+
+
Denne støtten i youtube-dl gjør det svært enkelt å lagre
+NRK-innslag, det være seg nyheter, filmer, serier eller dokumentater,
+for å ha dem tilgjengelig for fremtidig referanse og bruk, uavhengig
+av hvor lenge innslagene ligger tilgjengelig hos NRK. Så får det ikke
+hjelpe at NRKs jurister mener at det er
+vesensforskjellig
+å legge tilgjengelig for nedlasting og for streaming, når det rent
+teknisk er samme sak.
+
+
Programmet youtube-dl støtter også en rekke andre nettsteder, se
+prosjektoversikten for
+en
+komplett liste.
@@ -430,101 +547,27 @@ tenker jeg.
-
-
19th March 2017
-
The Nikita
-Noark 5 core project is implementing the Norwegian standard for
-keeping an electronic archive of government documents.
-The
-Noark 5 standard document the requirement for data systems used by
-the archives in the Norwegian government, and the Noark 5 web interface
-specification document a REST web service for storing, searching and
-retrieving documents and metadata in such archive. I've been involved
-in the project since a few weeks before Christmas, when the Norwegian
-Unix User Group
-announced
-it supported the project. I believe this is an important project,
-and hope it can make it possible for the government archives in the
-future to use free software to keep the archives we citizens depend
-on. But as I do not hold such archive myself, personally my first use
-case is to store and analyse public mail journal metadata published
-from the government. I find it useful to have a clear use case in
-mind when developing, to make sure the system scratches one of my
-itches.
-
-
If you would like to help make sure there is a free software
-alternatives for the archives, please join our IRC channel
-(#nikita on
-irc.freenode.net) and
-the
-project mailing list.
-
-
When I got involved, the web service could store metadata about
-documents. But a few weeks ago, a new milestone was reached when it
-became possible to store full text documents too. Yesterday, I
-completed an implementation of a command line tool
-archive-pdf to upload a PDF file to the archive using this
-API. The tool is very simple at the moment, and find existing
-fonds, series and
-files while asking the user to select which one to use if more than
-one exist. Once a file is identified, the PDF is associated with the
-file and uploaded, using the title extracted from the PDF itself. The
-process is fairly similar to visiting the archive, opening a cabinet,
-locating a file and storing a piece of paper in the archive. Here is
-a test run directly after populating the database with test data using
-our API tester:
-
-
-~/src//noark5-tester$ ./archive-pdf mangelmelding/mangler.pdf
-using arkiv: Title of the test fonds created 2017-03-18T23:49:32.103446
-using arkivdel: Title of the test series created 2017-03-18T23:49:32.103446
-
- 0 - Title of the test case file created 2017-03-18T23:49:32.103446
- 1 - Title of the test file created 2017-03-18T23:49:32.103446
-Select which mappe you want (or search term): 0
-Uploading mangelmelding/mangler.pdf
- PDF title: Mangler i spesifikasjonsdokumentet for NOARK 5 Tjenestegrensesnitt
- File 2017/1: Title of the test case file created 2017-03-18T23:49:32.103446
-~/src//noark5-tester$
-
-
-
You can see here how the fonds (arkiv) and serie (arkivdel) only had
-one option, while the user need to choose which file (mappe) to use
-among the two created by the API tester. The archive-pdf
-tool can be found in the git repository for the API tester.
-
-
In the project, I have been mostly working on
-the API
-tester so far, while getting to know the code base. The API
-tester currently use
-the HATEOAS links
-to traverse the entire exposed service API and verify that the exposed
-operations and objects match the specification, as well as trying to
-create objects holding metadata and uploading a simple XML file to
-store. The tester has proved very useful for finding flaws in our
-implementation, as well as flaws in the reference site and the
-specification.
-
-
The test document I uploaded is a summary of all the specification
-defects we have collected so far while implementing the web service.
-There are several unclear and conflicting parts of the specification,
-and we have
-started
-writing down the questions we get from implementing it. We use a
-format inspired by how The
-Austin Group collect defect reports for the POSIX standard with
-their
-instructions for the MANTIS defect tracker system, in lack of an official way to structure defect reports for Noark 5 (our first submitted defect report was a request for a procedure for submitting defect reports :).
-
-
The Nikita project is implemented using Java and Spring, and is
-fairly easy to get up and running using Docker containers for those
-that want to test the current code base. The API tester is
-implemented in Python.
+
+
24th April 2018
+
VG,
+Dagbladet
+og
+NRK
+melder i dag at flertallet i Familie- og kulturkomiteen på Stortinget
+har bestemt seg for å introdusere en ny sensurinfrastruktur i Norge.
+Fra før har Norge en «frivillig» sensurinfrastruktur basert på
+DNS-navn, der de største ISP-ene basert på en liste med DNS-navn
+forgifter DNS-svar og omdirigerer til et annet IP-nummer enn det som
+ligger i DNS. Nå kommer altså IP-basert omdirigering i tillegg. Når
+infrastrukturen er på plass, er sensur av IP-adresser redusert et
+spørsmål om hvilke IP-nummer som skal blokkeres. Listen over
+IP-adresser vil naturligvis endre seg etter hvert som myndighetene
+endrer seg. Det er ingen betryggende tanke.
@@ -532,114 +575,40 @@ implemented in Python.
-
-
9th March 2017
-
Over the years, administrating thousand of NFS mounting linux
-computers at the time, I often needed a way to detect if the machine
-was experiencing NFS hang. If you try to use df or look at a
-file or directory affected by the hang, the process (and possibly the
-shell) will hang too. So you want to be able to detect this without
-risking the detection process getting stuck too. It has not been
-obvious how to do this. When the hang has lasted a while, it is
-possible to find messages like these in dmesg:
-
-
-nfs: server nfsserver not responding, still trying
-
nfs: server nfsserver OK
-
-
-
It is hard to know if the hang is still going on, and it is hard to
-be sure looking in dmesg is going to work. If there are lots of other
-messages in dmesg the lines might have rotated out of site before they
-are noticed.
-
-
While reading through the nfs client implementation in linux kernel
-code, I came across some statistics that seem to give a way to detect
-it. The om_timeouts sunrpc value in the kernel will increase every
-time the above log entry is inserted into dmesg. And after digging a
-bit further, I discovered that this value show up in
-/proc/self/mountstats on Linux.
-
-
The mountstats content seem to be shared between files using the
-same file system context, so it is enough to check one of the
-mountstats files to get the state of the mount point for the machine.
-I assume this will not show lazy umounted NFS points, nor NFS mount
-points in a different process context (ie with a different filesystem
-view), but that does not worry me.
-
-
The content for a NFS mount point look similar to this:
-
-
-[...]
-device /dev/mapper/Debian-var mounted on /var with fstype ext3
-device nfsserver:/mnt/nfsserver/home0 mounted on /mnt/nfsserver/home0 with fstype nfs statvers=1.1
- opts: rw,vers=3,rsize=65536,wsize=65536,namlen=255,acregmin=3,acregmax=60,acdirmin=30,acdirmax=60,soft,nolock,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=129.240.3.145,mountvers=3,mountport=4048,mountproto=udp,local_lock=all
- age: 7863311
- caps: caps=0x3fe7,wtmult=4096,dtsize=8192,bsize=0,namlen=255
- sec: flavor=1,pseudoflavor=1
- events: 61063112 732346265 1028140 35486205 16220064 8162542 761447191 71714012 37189 3891185 45561809 110486139 4850138 420353 15449177 296502 52736725 13523379 0 52182 9016896 1231 0 0 0 0 0
- bytes: 166253035039 219519120027 0 0 40783504807 185466229638 11677877 45561809
- RPC iostats version: 1.0 p/v: 100003/3 (nfs)
- xprt: tcp 925 1 6810 0 0 111505412 111480497 109 2672418560317 0 248 53869103 22481820
- per-op statistics
- NULL: 0 0 0 0 0 0 0 0
- GETATTR: 61063106 61063108 0 9621383060 6839064400 453650 77291321 78926132
- SETATTR: 463469 463470 0 92005440 66739536 63787 603235 687943
- LOOKUP: 17021657 17021657 0 3354097764 4013442928 57216 35125459 35566511
- ACCESS: 14281703 14290009 5 2318400592 1713803640 1709282 4865144 7130140
- READLINK: 125 125 0 20472 18620 0 1112 1118
- READ: 4214236 4214237 0 715608524 41328653212 89884 22622768 22806693
- WRITE: 8479010 8494376 22 187695798568 1356087148 178264904 51506907 231671771
- CREATE: 171708 171708 0 38084748 46702272 873 1041833 1050398
- MKDIR: 3680 3680 0 773980 993920 26 23990 24245
- SYMLINK: 903 903 0 233428 245488 6 5865 5917
- MKNOD: 80 80 0 20148 21760 0 299 304
- REMOVE: 429921 429921 0 79796004 61908192 3313 2710416 2741636
- RMDIR: 3367 3367 0 645112 484848 22 5782 6002
- RENAME: 466201 466201 0 130026184 121212260 7075 5935207 5961288
- LINK: 289155 289155 0 72775556 67083960 2199 2565060 2585579
- READDIR: 2933237 2933237 0 516506204 13973833412 10385 3190199 3297917
- READDIRPLUS: 1652839 1652839 0 298640972 6895997744 84735 14307895 14448937
- FSSTAT: 6144 6144 0 1010516 1032192 51 9654 10022
- FSINFO: 2 2 0 232 328 0 1 1
- PATHCONF: 1 1 0 116 140 0 0 0
- COMMIT: 0 0 0 0 0 0 0 0
-
-device binfmt_misc mounted on /proc/sys/fs/binfmt_misc with fstype binfmt_misc
-[...]
-
-
-
The key number to look at is the third number in the per-op list.
-It is the number of NFS timeouts experiences per file system
-operation. Here 22 write timeouts and 5 access timeouts. If these
-numbers are increasing, I believe the machine is experiencing NFS
-hang. Unfortunately the timeout value do not start to increase right
-away. The NFS operations need to time out first, and this can take a
-while. The exact timeout value depend on the setup. For example the
-defaults for TCP and UDP mount points are quite different, and the
-timeout value is affected by the soft, hard, timeo and retrans NFS
-mount options.
-
-
The only way I have been able to get working on Debian and RedHat
-Enterprise Linux for getting the timeout count is to peek in /proc/.
-But according to
-Solaris
-10 System Administration Guide: Network Services, the 'nfsstat -c'
-command can be used to get these timeout values. But this do not work
-on Linux, as far as I can tell. I
-asked Debian about this,
-but have not seen any replies yet.
-
-
Is there a better way to figure out if a Linux NFS client is
-experiencing NFS hangs? Is there a way to detect which processes are
-affected? Is there a way to get the NFS mount going quickly once the
-network problem causing the NFS hang has been cleared? I would very
-much welcome some clues, as we regularly run into NFS hangs.
+
+
2nd April 2018
+
Brevpost er beskyttet av straffelovens bestemmelse som gjør det
+kriminelt å åpne andres brev. Dette følger av (ny) straffelovs
+§ 205
+(Krenkelse av retten til privat kommunikasjon), som sier at «Med
+bot eller fengsel inntil 2 år straffes den som uberettiget ... c)
+Ã¥pner brev eller annen lukket skriftlig meddelelse som er adressert
+til en annen, eller på annen måte skaffer seg uberettiget tilgang til
+innholdet.» Dette gjelder såvel postbud som alle andre som har
+befatning med brevet etter at avsender har befatning med et lukket
+brev. Tilsvarende står også tidligere utgaver av den norske
+straffeloven.
+
+
Når en registrerer seg på usikre digitale postkasseløsningene, som
+f.eks. Digipost og e-Boks, og slik tar disse i bruk, så gir en de som
+står bak løsningene tillatelse til å åpne sine brev. Dette er
+nødvendig for at innholdet i digital post skal kunne vises frem til
+mottaker via tjenestens websider. Dermed gjelder ikke straffelovens
+paragraf om forbud mot å åpne brev, da tilgangen ikke lenger er
+uberettiget. En gir altså fremmede tilgang til å lese sin
+korrespondanse. I tillegg vil bruk av slike usikre digitale
+postbokser føre til at det blir registrert når du leser brevene, hvor
+du befinner deg (vha. tilkoblingens IP-adresse), hvilket utstyr du
+bruker og en rekke annen personlig informasjon som ikke er
+tilgjengelig når papirpost brukes. Jeg foretrekker at det er
+lovmessig beskyttelse av min korrespondanse, som jo inneholder privat
+og personlig informasjon. Det bidrar til litt bedre vern av personlig
+integritet i dagens norske samfunn.
@@ -647,44 +616,34 @@ much welcome some clues, as we regularly run into NFS hangs.
-
-
8th March 2017
-
So the new president in the United States of America claim to be
-surprised to discover that he was wiretapped during the election
-before he was elected president. He even claim this must be illegal.
-Well, doh, if it is one thing the confirmations from Snowden
-documented, it is that the entire population in USA is wiretapped, one
-way or another. Of course the president candidates were wiretapped,
-alongside the senators, judges and the rest of the people in USA.
-
-
Next, the Federal Bureau of Investigation ask the Department of
-Justice to go public rejecting the claims that Donald Trump was
-wiretapped illegally. I fail to see the relevance, given that I am
-sure the surveillance industry in USA believe they have all the legal
-backing they need to conduct mass surveillance on the entire
-world.
-
-
There is even the director of the FBI stating that he never saw an
-order requesting wiretapping of Donald Trump. That is not very
-surprising, given how the FISA court work, with all its activity being
-secret. Perhaps he only heard about it?
-
-
What I find most sad in this story is how Norwegian journalists
-present it. In a news reports the other day in the radio from the
-Norwegian National broadcasting Company (NRK), I heard the journalist
-claim that 'the FBI denies any wiretapping', while the reality is that
-'the FBI denies any illegal wiretapping'. There is a fundamental and
-important difference, and it make me sad that the journalists are
-unable to grasp it.
-
-
Update 2017-03-13: Look like
-The
-Intercept report that US Senator Rand Paul confirm what I state above.
+
+
22nd March 2018
+
The leaders of the worlds have started to congratulate the
+re-elected Russian head of state, and this causes some criticism. I
+am though a little fascinated by a comment from USA senator John McCain,
+sited
+by The Hill and others:
+
+
+"An American president does not lead the Free World by
+congratulating dictators on winning sham elections."
+
+
+
While I totally agree with the senator here, the way the quote is
+phrased make me suspect that he is unaware of the simple fact that USA
+have not lead the Free World since at least before its government
+kidnapped a
+completely innocent Canadian citizen in transit on his way home to
+Canada via John F. Kennedy International Airport in September 2002 and
+sent him to be tortured in Syria for a year.
+
+
USA might be running ahead, but the path they are taking is not the
+one taken by any Free World.
@@ -692,33 +651,63 @@ Intercept report that US Senator Rand Paul confirm what I state above.
-
-
3rd March 2017
-
For almost a year now, we have been working on making a Norwegian
-Bokmål edition of The Debian
-Administrator's Handbook. Now, thanks to the tireless effort of
-Ole-Erik, Ingrid and Andreas, the initial translation is complete, and
-we are working on the proof reading to ensure consistent language and
-use of correct computer science terms. The plan is to make the book
-available on paper, as well as in electronic form. For that to
-happen, the proof reading must be completed and all the figures need
-to be translated. If you want to help out, get in touch.
-
-
A
-
-fresh PDF edition in A4 format (the final book will have smaller
-pages) of the book created every morning is available for
-proofreading. If you find any errors, please
-visit
-Weblate and correct the error. The
-state
-of the translation including figures is a useful source for those
-provide Norwegian bokmål screen shots and figures.
+
+
21st March 2018
+
So, Cambridge Analytica is getting some well deserved criticism for
+(mis)using information it got from Facebook about 50 million people,
+mostly in the USA. What I find a bit surprising, is how little
+criticism Facebook is getting for handing the information over to
+Cambridge Analytica and others in the first place. And what about the
+people handing their private and personal information to Facebook?
+And last, but not least, what about the government offices who are
+handing information about the visitors of their web pages to Facebook?
+No-one who looked at the terms of use of Facebook should be surprised
+that information about peoples interests, political views, personal
+lifes and whereabouts would be sold by Facebook.
+
+
What I find to be the real scandal is the fact that Facebook is
+selling your personal information, not that one of the buyers used it
+in a way Facebook did not approve when exposed. It is well known that
+Facebook is selling out their users privacy, but a scandal
+nevertheless. Of course the information provided to them by Facebook
+would be misused by one of the parties given access to personal
+information about the millions of Facebook users. Collected
+information will be misused sooner or later. The only way to avoid
+such misuse, is to not collect the information in the first place. If
+you do not want Facebook to hand out information about yourself for
+the use and misuse of its customers, do not give Facebook the
+information.
+
+
Personally, I would recommend to completely remove your Facebook
+account, and take back some control of your personal information.
+According
+to The Guardian, it is a bit hard to find out how to request
+account removal (and not just 'disabling'). You need to
+visit
+a specific Facebook page and click on 'let us know' on that page
+to get to the
+real account deletion screen. Perhaps something to consider? I
+would not trust the information to really be deleted (who knows,
+perhaps NSA, GCHQ and FRA already got a copy), but it might reduce the
+exposure a bit.
+
+
If you want to learn more about the capabilities of Cambridge
+Analytica, I recommend to see the video recording of the one hour talk
+Paul-Olivier Dehaye gave to NUUG last april about
+
+Data collection, psychometric profiling and their impact on
+politics.
+
+
And if you want to communicate with your friends and loved ones,
+use some end-to-end encrypted method like
+Signal or
+Ring, and stop sharing your private
+messages with strangers like Facebook and Google.
@@ -733,6 +722,23 @@ provide Norwegian bokmål screen shots and figures.
Archive
+- 2018
+
+
- 2017
@@ -996,7 +1014,7 @@ provide Norwegian bokmål screen shots and figures.
Tags
- - 3d-printer (13)
+ - 3d-printer (16)
- amiga (1)
@@ -1006,33 +1024,33 @@ provide Norwegian bokmål screen shots and figures.
- bitcoin (9)
- - bootsystem (16)
+ - bootsystem (17)
- bsa (2)
- chrpath (2)
- - debian (149)
+ - debian (159)
- debian edu (158)
- - debian-handbook (3)
+ - debian-handbook (4)
- digistan (10)
- - dld (16)
+ - dld (17)
- - docbook (24)
+ - docbook (25)
- drivstoffpriser (4)
- - english (349)
+ - english (377)
- fiksgatami (23)
- - fildeling (12)
+ - fildeling (13)
- - freeculture (30)
+ - freeculture (32)
- freedombox (9)
@@ -1042,12 +1060,14 @@ provide Norwegian bokmål screen shots and figures.
- intervju (42)
- - isenkram (15)
+ - isenkram (16)
- kart (20)
- ldap (9)
+ - lego (4)
+
- lenker (8)
- lsdvd (2)
@@ -1056,23 +1076,23 @@ provide Norwegian bokmål screen shots and figures.
- mesh network (8)
- - multimedia (39)
+ - multimedia (41)
- - nice free software (9)
+ - nice free software (10)
- - norsk (290)
+ - norsk (299)
- - nuug (189)
+ - nuug (190)
- offentlig innsyn (33)
- open311 (2)
- - opphavsrett (64)
+ - opphavsrett (71)
- - personvern (99)
+ - personvern (107)
- - raid (1)
+ - raid (2)
- reactos (1)
@@ -1084,11 +1104,11 @@ provide Norwegian bokmål screen shots and figures.
- rss (1)
- - ruter (5)
+ - ruter (6)
- scraperwiki (2)
- - sikkerhet (52)
+ - sikkerhet (54)
- sitesummary (4)
@@ -1098,21 +1118,23 @@ provide Norwegian bokmål screen shots and figures.
- stavekontroll (6)
- - stortinget (11)
+ - stortinget (12)
- - surveillance (48)
+ - surveillance (55)
- - sysadmin (3)
+ - sysadmin (4)
- usenix (2)
- - valg (8)
+ - valg (9)
+
+ - verkidetfri (11)
- - video (59)
+ - video (65)
- vitenskap (4)
- - web (40)
+ - web (41)