X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/ebfb53b51b789a038b3157fc273aaf96559b76c4..b2c75b135ddd9dc450e82036ebf37807edef2b67:/blog/index.html diff --git a/blog/index.html b/blog/index.html index 5b9b339c45..641430e9d4 100644 --- a/blog/index.html +++ b/blog/index.html @@ -20,61 +20,88 @@
-
Norwegian citizens now required by law to give their fingerprint to the police
-
10th May 2015
-

5 days ago, the Norwegian Parliament decided, unanimously, that all -citizens of Norway, no matter if they are suspected of something -criminal or not, are -required to -give fingerprints to the police (vote details from Holder de -ord). The law make it sound like it will be optional, but in a few -years there will be no option any more. The ID will be required to -vote, to get a bank account, a bank card, to change address on the -post office, to receive an electronic ID or to get a drivers license -and many other tasks required to function in Norway. The banks plan -to stop providing their own ID on the bank cards when this new -national ID is introduced, and the national road authorities plan to -change the drivers license to no longer be usable as identity cards. -In effect, to function as a citizen in Norway a national ID card will -be required, and to get it one need to provide the fingerprints to -the police.

- -

In addition to handing the fingerprint to the police (which -promised to not make a copy of the fingerprint image at that point in -time, but say nothing about doing it later), a picture of the finger -print will be stored on the RFID chip, along with a picture of the -face and other information about the person. Some of the information -will be encrypted, but the encryption will be the same system as -currently used in the passports. The codes to decrypt will be -available to a lot of government offices and their suppliers around -the globe, but for those that do now know anyone in those circles it -is good to know that -the -encryption is already broken. And they -can -be read from 70 meters away. This can be mitigated a bit by -keeping it in a Faraday cage (metal box or metal wire container), but -one will be required to take it out of there often enough to expose -ones private and personal information to a lot of people that have no -business getting access to that information.

- -

The new Norwegian national IDs are a vehicle for identity theft, -and I feel sorry for us all having politicians accepting such invasion -of privacy without any objections. So are the Norwegian passports, -but it has been possible to function in Norway without those so far. -That option is going away with the passing of the new law. In this, I -envy the Germans, because for them it is optional how much biometric -information is stored in their national ID.

- -

And if forced collection of fingerprints was not bad enough, the -information collected in the national ID card register can be handed -over to foreign intelligence services and police authorities, "when -extradition is not considered disproportionate".

+
Creating, updating and checking debian/copyright semi-automatically
+
19th February 2016
+

Making packages for Debian requires quite a lot of attention to +details. And one of the details is the content of the +debian/copyright file, which should list all relevant licenses used by +the code in the package in question, preferably in +machine +readable DEP5 format.

+ +

For large packages with lots of contributors it is hard to write +and update this file manually, and if you get some detail wrong, the +package is normally rejected by the ftpmasters. So getting it right +the first time around get the package into Debian faster, and save +both you and the ftpmasters some work.. Today, while trying to figure +out what was wrong with +the +zfsonlinux copyright file, I decided to spend some time on +figuring out the options for doing this job automatically, or at least +semi-automatically.

+ +

Lucikly, there are at least two tools available for generating the +file based on the code in the source package, +debmake +and cme. I'm +not sure which one of them came first, but both seem to be able to +create a sensible draft file. As far as I can tell, none of them can +be trusted to get the result just right, so the content need to be +polished a bit before the file is OK to upload. I found the debmake +option in +a +blog posts from 2014. + +

To generate using debmake, use the -cc option: + +

+debmake -cc > debian/copyright
+

+ +

Note there are some problems with python and non-ASCII names, so +this might not be the best option.

+ +

The cme option is based on a config parsing library, and I found +this approach in +a +blog post from 2015. To generate using cme, use the 'update +dpkg-copyright' option: + +

+cme update dpkg-copyright -quiet
+

+ +

This will create or update debian/copyright. The cme tool seem to +handle UTF-8 names better than debmake.

+ +

When the copyright file is created, I would also like some help to +check if the file is correct. For this I found two good options, +debmake -k and license-reconcile. The former seem +to focus on license types and file matching, and is able to detect +ineffective blocks in the copyright file. The latter reports missing +copyright holders and years, but was confused by inconsistent license +names (like CDDL vs. CDDL-1.0). I suspect it is good to use both and +fix all issues reported by them before uploading. But I do not know +if the tools and the ftpmasters agree on what is important to fix in a +copyright file, so the package might still be rejected.

+ +

The devscripts tool licensecheck deserve mentioning. It +will read through the source and try to find all copyright statements. +It is not comparing the result to the content of debian/copyright, but +can be useful when verifying the content of the copyright file.

+ +

Are you aware of better tools in Debian to create and update +debian/copyright file. Please let me know, or blog about it on +planet.debian.org.

+ +

As usual, if you use Bitcoin and want to show your support of my +activities, please send Bitcoin donations to my address +15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

- Tags: english, personvern, surveillance. + Tags: debian, english.
@@ -82,62 +109,81 @@ extradition is not considered disproportionate".

-
What would it cost to store all phone calls in Norway?
-
1st May 2015
-

Many years ago, a friend of mine calculated how much it would cost -to store the sound of all phone calls in Norway, and came up with the -cost of around 20 million NOK (2.4 mill EUR) for all the calls in a -year. I got curious and wondered what the same calculation would look -like today. To do so one need an idea of how much data storage is -needed for each minute of sound, how many minutes all the calls in -Norway sums up to, and the cost of data storage.

- -

The 2005 numbers are from -digi.no, -the 2012 numbers are from -a -NKOM report, and I got the 2013 numbers after asking NKOM via -email. I was told the numbers for 2014 will be presented May 20th, -and decided not to wait for those, as I doubt they will be very -different from the numbers from 2013.

- -

The amount of data storage per minute sound depend on the wanted -quality, and for phone calls it is generally believed that 8 Kbit/s is -enough. See for example a -summary -on voice quality from Cisco for some alternatives. 8 Kbit/s is 60 -Kbytes/min, and this can be multiplied with the number of call minutes -to get the storage requirements.

- -

Storage prices varies a lot, depending on speed, backup strategies, -availability requirements etc. But a simple way to calculate can be -to use the price of a TiB-disk (around 1000 NOK / 120 EUR) and double -it to take space, power and redundancy into account. It could be much -higher with high speed and good redundancy requirements.

- -

But back to the question, What would it cost to store all phone -calls in Norway? Not much. Here is a small table showing the -estimated cost, which is within the budget constraint of most medium -and large organisations:

- - - - - - -
YearCall minutesSizePrice in NOK / EUR
200524 000 000 0001.3 PiB3 mill / 358 000
201218 000 000 0001.0 PiB2.2 mill / 262 000
201317 000 000 000950 TiB2.1 mill / 250 000
- -

This is the cost of buying the storage. Maintenance need to be -taken into account too, but calculating that is left as an exercise -for the reader. But it is obvious to me from those numbers that -recording the sound of all phone calls in Norway is not going to be -stopped because it is too expensive. I wonder if someone already is -collecting the data?

+
Using appstream in Debian to locate packages with firmware and mime type support
+
4th February 2016
+

The appstream system +is taking shape in Debian, and one provided feature is a very +convenient way to tell you which package to install to make a given +firmware file available when the kernel is looking for it. This can +be done using apt-file too, but that is for someone else to blog +about. :)

+ +

Here is a small recipe to find the package with a given firmware +file, in this example I am looking for ctfw-3.2.3.0.bin, randomly +picked from the set of firmware announced using appstream in Debian +unstable. In general you would be looking for the firmware requested +by the kernel during kernel module loading. To find the package +providing the example file, do like this:

+ +
+% apt install appstream
+[...]
+% apt update
+[...]
+% appstreamcli what-provides firmware:runtime ctfw-3.2.3.0.bin | \
+  awk '/Package:/ {print $2}'
+firmware-qlogic
+%
+
+ +

See the +appstream wiki page to learn how to embed the package metadata in +a way appstream can use.

+ +

This same approach can be used to find any package supporting a +given MIME type. This is very useful when you get a file you do not +know how to handle. First find the mime type using file +--mime-type, and next look up the package providing support for +it. Lets say you got an SVG file. Its MIME type is image/svg+xml, +and you can find all packages handling this type like this:

+ +
+% apt install appstream
+[...]
+% apt update
+[...]
+% appstreamcli what-provides mimetype image/svg+xml | \
+  awk '/Package:/ {print $2}'
+bkchem
+phototonic
+inkscape
+shutter
+tetzle
+geeqie
+xia
+pinta
+gthumb
+karbon
+comix
+mirage
+viewnior
+postr
+ristretto
+kolourpaint4
+eog
+eom
+gimagereader
+midori
+%
+
+ +

I believe the MIME types are fetched from the desktop file for +packages providing appstream metadata.

- Tags: english, personvern, surveillance. + Tags: debian, english.
@@ -145,194 +191,91 @@ collecting the data?

-
First Jessie based Debian Edu beta release
-
26th April 2015
-

I am happy to report that the Debian Edu team sent out -this -announcement today:

- -
-the Debian Edu / Skolelinux project is pleased to announce the first
-*beta* release of Debian Edu "Jessie" 8.0+edu0~b1, which for the first
-time is composed entirely of packages from the current Debian stable
-release, Debian 8 "Jessie".
-
-(As most reading this will know, Debian "Jessie" hasn't actually been
-released by now. The release is still in progress but should finish
-later today ;)
-
-We expect to make a final release of Debian Edu "Jessie" in the coming
-weeks, timed with the first point release of Debian Jessie. Upgrades
-from this beta release of Debian Edu Jessie to the final release will
-be possible and encouraged!
-
-Please report feedback to debian-edu@lists.debian.org and/or submit
-bugs: http://wiki.debian.org/DebianEdu/HowTo/ReportBugs
-
-Debian Edu - sometimes also known as "Skolelinux" - is a complete
-operating system for schools, universities and other
-organisations. Through its pre- prepared installation profiles
-administrators can install servers, workstations and laptops which
-will work in harmony on the school network.  With Debian Edu, the
-teachers themselves or their technical support staff can roll out a
-complete multi-user, multi-machine study environment within hours or
-days.
-
-Debian Edu is already in use at several hundred schools all over the
-world, particularly in Germany, Spain and Norway. Installations come
-with hundreds of applications pre-installed, plus the whole Debian
-archive of thousands of compatible packages within easy reach.
-
-For those who want to give Debian Edu Jessie a try, download and
-installation instructions are available, including detailed
-instructions in the manual explaining the first steps, such as setting
-up a network or adding users.  Please note that the password for the
-user your prompted for during installation must have a length of at
-least 5 characters!
-
-== Where to download ==
-
-A multi-architecture CD / usbstick image (649 MiB) for network booting
-can be downloaded at the following locations:
-
-    http://ftp.skolelinux.org/skolelinux-cd/debian-edu-8.0+edu0~b1-CD.iso
-    rsync -avzP ftp.skolelinux.org::skolelinux-cd/debian-edu-8.0+edu0~b1-CD.iso . 
-
-The SHA1SUM of this image is: 54a524d16246cddd8d2cfd6ea52f2dd78c47ee0a
-
-Alternatively an extended DVD / usbstick image (4.9 GiB) is also
-available, with more software included (saving additional download
-time):
-
-    http://ftp.skolelinux.org/skolelinux-cd/debian-edu-8.0+edu0~b1-USB.iso
-    rsync -avzP ftp.skolelinux.org::skolelinux-cd/debian-edu-8.0+edu0~b1-USB.iso 
-
-The SHA1SUM of this image is: fb1f1504a490c077a48653898f9d6a461cb3c636
-
-Sources are available from the Debian archive, see
-http://ftp.debian.org/debian-cd/8.0.0/source/ for some download
-options.
-
-== Debian Edu Jessie manual in seven languages ==
-
-Please see https://wiki.debian.org/DebianEdu/Documentation/Jessie/ for
-the English version of the Debian Edu jessie manual.
-
-This manual has been fully translated to German, French, Italian,
-Danish, Dutch and Norwegian Bokmål. A partly translated version exists
-for Spanish.  See http://maintainer.skolelinux.org/debian-edu-doc/ for
-online version of the translated manual.
-
-More information about Debian 8 "Jessie" itself is provided in the
-release notes and the installation manual:
-- http://www.debian.org/releases/jessie/releasenotes
-- http://www.debian.org/releases/jessie/installmanual
-
-
-== Errata / known problems ==
-
-    It takes up to 15 minutes for a changed hostname to be updated via
-    DHCP (#780461).
-
-    The hostname script fails to update LTSP server hostname (#783087). 
-
-Workaround: run update-hostname-from-ip on the client to update the
-hostname immediately.
-
-Check https://wiki.debian.org/DebianEdu/Status/Jessie for a possibly
-more current and complete list.
-
-== Some more details about Debian Edu 8.0+edu0~b1 Codename Jessie released 2015-04-25 ==
-
-=== Software updates ===
-
-Everything which is new in Debian 8 Jessie, e.g.:
-
- * Linux kernel 3.16.7-ctk9; for the i386 architecture, support for
-   i486 processors has been dropped; oldest supported ones: i586 (like
-   Intel Pentium and AMD K5).
-
- * Desktop environments KDE Plasma Workspaces 4.11.13, GNOME 3.14,
-   Xfce 4.12, LXDE 0.5.6
-   * new optional desktop environment: MATE 1.8
-   * KDE Plasma Workspaces is installed by default; to choose one of
-     the others see the manual.
- * the browsers Iceweasel 31 ESR and Chromium 41
- * LibreOffice 4.3.3
- * GOsa 2.7.4
- * LTSP 5.5.4
- * CUPS print system 1.7.5
- * new boot framework: systemd
- * Educational toolbox GCompris 14.12
- * Music creator Rosegarden 14.02
- * Image editor Gimp 2.8.14
- * Virtual stargazer Stellarium 0.13.1
- * golearn 0.9
- * tuxpaint 0.9.22
- * New version of debian-installer from Debian Jessie.
- * Debian Jessie includes about 43000 packages available for installation.
- * More information about Debian 8 Jessie is provided in its release
-   notes and the installation manual, see the link above.
-
-=== Installation changes ===
-
-    Installations done via PXE now also install firmware automatically
-    for the hardware present.
-
-=== Fixed bugs ===
-
-A number of bugs have been fixed in this release; the most noticeable
-from a user perspective:
-
- * Inserting incorrect DNS information in Gosa will no longer break
-   DNS completely, but instead stop DNS updates until the incorrect
-   information is corrected (710362)
-
- * shutdown-at-night now shuts the system down if gdm3 is used (775608). 
-
-=== Sugar desktop removed ===
-
-As the Sugar desktop was removed from Debian Jessie, it is also not
-available in Debian Edu jessie.
-
-
-== About Debian Edu / Skolelinux ==
-
-Debian Edu, also known as Skolelinux, is a Linux distribution based on
-Debian providing an out-of-the box environment of a completely
-configured school network. Directly after installation a school server
-running all services needed for a school network is set up just
-waiting for users and machines being added via GOsa², a comfortable
-Web-UI. A netbooting environment is prepared using PXE, so after
-initial installation of the main server from CD or USB stick all other
-machines can be installed via the network. The provided school server
-provides LDAP database and Kerberos authentication service,
-centralized home directories, DHCP server, web proxy and many other
-services.  The desktop contains more than 60 educational software
-packages and more are available from the Debian archive, and schools
-can choose between KDE, GNOME, LXDE, Xfce and MATE desktop
-environment.
-
-== About Debian ==
-
-The Debian Project was founded in 1993 by Ian Murdock to be a truly
-free community project. Since then the project has grown to be one of
-the largest and most influential open source projects. Thousands of
-volunteers from all over the world work together to create and
-maintain Debian software. Available in 70 languages, and supporting a
-huge range of computer types, Debian calls itself the universal
-operating system.
-
-== Thanks ==
-
-Thanks to everyone making Debian and Debian Edu / Skolelinux happen!
-You rock.
-
+
Creepy, visualise geotagged social media information - nice free software
+
24th January 2016
+

Most people seem not to realise that every time they walk around +with the computerised radio beacon known as a mobile phone their +position is tracked by the phone company and often stored for a long +time (like every time a SMS is received or sent). And if their +computerised radio beacon is capable of running programs (often called +mobile apps) downloaded from the Internet, these programs are often +also capable of tracking their location (if the app requested access +during installation). And when these programs send out information to +central collection points, the location is often included, unless +extra care is taken to not send the location. The provided +information is used by several entities, for good and bad (what is +good and bad, depend on your point of view). What is certain, is that +the private sphere and the right to free movement is challenged and +perhaps even eradicated for those announcing their location this way, +when they share their whereabouts with private and public +entities.

+ +

+ +

The phone company logs provide a register of locations to check out +when one want to figure out what the tracked person was doing. It is +unavailable for most of us, but provided to selected government +officials, company staff, those illegally buying information from +unfaithful servants and crackers stealing the information. But the +public information can be collected and analysed, and a free software +tool to do so is called +Creepy or Cree.py. I +discovered it when I read +an +article about Creepy in the Norwegian newspaper Aftenposten i +November 2014, and decided to check if it was available in Debian. +The python program was in Debian, but +the version in +Debian was completely broken and practically unmaintained. I +uploaded a new version which did not work quite right, but did not +have time to fix it then. This Christmas I decided to finally try to +get Creepy operational in Debian. Now a fixed version is available in +Debian unstable and testing, and almost all Debian specific patches +are now included +upstream.

+ +

The Creepy program visualises geolocation information fetched from +Twitter, Instagram, Flickr and Google+, and allow one to get a +complete picture of every social media message posted recently in a +given area, or track the movement of a given individual across all +these services. Earlier it was possible to use the search API of at +least some of these services without identifying oneself, but these +days it is impossible. This mean that to use Creepy, you need to +configure it to log in as yourself on these services, and provide +information to them about your search interests. This should be taken +into account when using Creepy, as it will also share information +about yourself with the services.

+ +

The picture above show the twitter messages sent from (or at least +geotagged with a position from) the city centre of Oslo, the capital +of Norway. One useful way to use Creepy is to first look at +information tagged with an area of interest, and next look at all the +information provided by one or more individuals who was in the area. +I tested it by checking out which celebrity provide their location in +twitter messages by checkout out who sent twitter messages near a +Norwegian TV station, and next could track their position over time, +making it possible to locate their home and work place, among other +things. A similar technique have been +used +to locate Russian soldiers in Ukraine, and it is both a powerful +tool to discover lying governments, and a useful tool to help people +understand the value of the private information they provide to the +public.

+ +

The package is not trivial to backport to Debian Stable/Jessie, as +it depend on several python modules currently missing in Jessie (at +least python-instagram, python-flickrapi and +python-requests-toolbelt).

+ +

(I have uploaded +the image to +screenshots.debian.net and licensed it under the same terms as the +Creepy program in Debian.)

- Tags: debian edu, english. + Tags: debian, english, nice free software.
@@ -340,193 +283,72 @@ You rock.
-
Debian Edu interview: Shirish Agarwal
-
15th April 2015
-

It was a surprise to me to learn that project to create a complete -computer system for schools I've involved in, -Debian Edu / Skolelinux, was -being used in India. But apparently it is, and I managed to get an -interview with one of the friends of the project there, Shirish -Agarwal.

- -

Who are you, and how do you spend your days?

- -

My name is Shirish Agarwal. Based out of the educational and -historical city of Pune, from the western state of Maharashtra, India. -My bread comes from giving training, giving policy tips, -installations on free software to mom and pop shops in different -fields from Desktop publishing to retail shops as well as work with -few software start-ups as well.

- -

How did you get in contact with the Skolelinux / Debian Edu -project?

- -

It started innocently enough. I have been using Debian for a few -years and in one local minidebconf / debutsav I was asked if there was -anything for schools or education. I had worked / played with free -educational softwares such as Gcompris and Stellarium for my many -nieces and nephews so researched and found Debian Edu or Skolelinux as -it was known then. Since then I have started using the various -education meta-packages provided by the project.

- -

What do you see as the advantages of Skolelinux / Debian -Edu?

- -

It's closest I have seen where a package full of educational -software are packed, which are free and open (both literally and -figuratively). Even if I take the simplest software which is -gcompris, the number of activities therein are amazing. Another one of -the softwares that I have liked for a long time is stellarium. Even -pysycache is cool except for couple of issues I encountered -#781841 and -#781842.

- -

I prefer software installed on the system over web based solutions, -as a web site can disappear any time but the software on disk has the -possibility of a larger life span. Of course with both it's more a -question if it has enough users who make it fun or sustainable or both -for the developer per-se.

- -

What do you see as the disadvantages of Skolelinux / Debian -Edu?

- -

I do see that the Debian Edu team seems to be short-handed and I -think more efforts should be made to make it popular and ask and take -help from people and the larger community wherever possible.

- -

I don't see any disadvantage to use Skolelinux apart from the fact -that most apps. are generic which is good or bad how you see it. -However, saying that I do acknowledge the fact that the canvas is -pretty big and there are lot of interesting ideas that could be done -but for reasons not known not done or if done I don't know about them. -Let me share some of the ideas (these are more upstream based but -still) I have had for a long time :

- -

1. Classical maths question of two trains in opposing directions -each running @x kmph/mph at y distance, when they will meet and how -far would each travel and similar questions like these. - -

The computer is a fantastic system where questions like these can -be drawn, animated and the methodology and answers teased out in -interactive manner. While sites such as the -Ask -Dr. Math FAQ on The Two Trains problem (as an example or point of -inspiration) can be used there is lot more that can be done. I dunno -if there is a free software which does something like this. The idea -being a blend of objects + animation + interaction which does -this. The whole interaction could be gamified with points or sounds or -colourful celebration whenever the user gets even part of the question -or/and methodology right. That would help reinforce good behaviour. -This understanding could be used to share/showcase everything from how -the first wheel came to be, to evolution to how astronomy started, -psychics and everything in-between.

- -

One specific idea in the train part was having the Linux mascot on -one train and the BSD or GNU mascot on the other train and they -meeting somewhere in-between. Characters from blender movies could -also be used.

- -

2. Loads of crossword-puzzles with reference to subjects: We have -enormous data sets in Wikipedia and Wikitionary. I don't think it -should be a big job to design crossword puzzles. Using categories and -sub-categories it should be doable to have Q&A single word answers -from the existing data-sets. What would make it easy or hard could be -the length of the word + existence of many or few vowels depending on -the user's input.

- -

3. Jigsaw puzzles - We already have a great software called -palapeli with number of slicers making it pretty interesting. What -needs to be done is to download large number of public domain and -copyleft images, tease and use IPTC tags to categorise them into -nature, history etc. and let it loose. This could turn to be really -huge collection of images. One source could be taken from -commons.wikimedia.org, others could be huge collection of royalty-free -stock photos. Potential is immense.

- -

Apart from this, free software suffers in two directions, we lag -both in development (of using new features per-se) and maintenance a -lot. This is more so in educational software as these applications -need to be timely and the opportunity cost of missing deadlines is -immense. If we are able to solve issues of funding for development and -maintenance of such software I don't see any big difficulties. I know -of few start-ups in and around India who would love to develop and -maintain such software if funding issues could be solved.

- -

Which free software do you use daily?

- -

That would be huge list. Some of the softwares are obviously apt, -aptitude, debdelta, leafpad, the shell of course (zsh nowadays), -quassel for IRC. In games I use shisen-sho while card-games are evenly -between kpat and Aiselriot. In desktops it's a tie between -gnome-flashback and mate.

- -

Which strategy do you believe is the right one to use to -get schools to use free software?

- -

I think it should first start with using specific FOSS apps. in -whatever environment they are. If it's MS-Windows or Mac so be it. -Once they are habitual with the apps. and there is buy-in from the -school management then it could be installed anywhere. Most of the -people now understand the concept of a repository because of the -various online stores so it isn't hard to convince on that front.

- -

What is harder is having enough people with technical skills and -passion to service them. If you get buy-in from one or two teachers -then ideas like above could also be asked to be done as a project as -well.

- -

I think where we fall short more than anything is in marketing. For -instance, Debian has this whole range of fonts in its archive but -there isn't even a page where all those different fonts in the La -Ipsum format could be tried out for newcomers.

- -

One of the issues faced constantly in installations is with updates -and upgrades. People have this myth that each update and upgrade -means the user interface will / has to change. I have seen this -innumerable times. That perhaps is one of the reasons which browsers -like Iceweasel / Firefox change user interfaces so much, not because -it might be needed or be functional but because people believe that -changed user interfaces are better. This, can easily be pointed with -the user interfaces changed with almost every MS-Windows and Mac OS -releases.

- -

The problems with Debian Edu for deployment are many. The biggest -is the huge gap between what is taught in schools and what Debian Edu -is aimed at. - -

Me and my friends did teach on week-ends in a government school for -around 2 years, and -gathered -some experience there. Some of the things we learnt/discovered -there was :

- -
    - -
  1. Most of the teachers are very territorial about their subjects - and they do not want you to teach anything out of the - portion/syllabus given.
    2. - -
  2. They want any activity on the system in accordance to whatever - is in the syllabus.
    3. - -
  3. There are huge barriers both with the English language and at - times with objects or whatever. An example, let's say in gcompris - you have objects falling down and you have to name them and let's - say the falling object is a hat or a fedora hat, this would not be - as recognizable as say a - Puneri - Pagdi so there is need to inject local objects, words wherever - possible. Especially for word-games there are so many hindi words - which have become part of english vocabulary (for instance in - parley), those could be made into a hinglish collection or - something but that is something for upstream to do.
    4. - -
+
Always download Debian packages using Tor - the simple recipe
+
15th January 2016
+

During his DebConf15 keynote, Jacob Appelbaum +observed +that those listening on the Internet lines would have good reason to +believe a computer have a given security hole if it download a +security fix from a Debian mirror. This is a good reason to always +use encrypted connections to the Debian mirror, to make sure those +listening do not know which IP address to attack. In August, Richard +Hartmann observed that encryption was not enough, when it was possible +to interfere download size to security patches or the fact that +download took place shortly after a security fix was released, and +proposed +to always use Tor to download packages from the Debian mirror. He +was not the first to propose this, as the +apt-transport-tor +package by Tim Retout already existed to make it easy to convince apt +to use Tor, but I was not +aware of that package when I read the blog post from Richard.

+ +

Richard discussed the idea with Peter Palfrader, one of the Debian +sysadmins, and he set up a Tor hidden service on one of the central +Debian mirrors using the address vwakviie2ienjx6t.onion, thus making +it possible to download packages directly between two tor nodes, +making sure the network traffic always were encrypted.

+ +

Here is a short recipe for enabling this on your machine, by +installing apt-transport-tor and replacing http and https +urls with tor+http and tor+https, and using the hidden service instead +of the official Debian mirror site. I recommend installing +etckeeper before you start to have a history of the changes +done in /etc/.

+ +
+apt install apt-transport-tor
+sed -i 's% http://ftp.debian.org/%tor+http://vwakviie2ienjx6t.onion/%' /etc/apt/sources.list
+sed -i 's% http% tor+http%' /etc/apt/sources.list
+
+ +

If you have more sources listed in /etc/apt/sources.list.d/, run +the sed commands for these too. The sed command is assuming your are +using the ftp.debian.org Debian mirror. Adjust the command (or just +edit the file manually) to match your mirror.

+ +

This work in Debian Jessie and later. Note that tools like +apt-file only recently started using the apt transport +system, and do not work with these tor+http URLs. For +apt-file you need the version currently in experimental, +which need a recent apt version currently only in unstable. So if you +need a working apt-file, this is not for you.

+ +

Another advantage from this change is that your machine will start +using Tor regularly and at fairly random intervals (every time you +update the package lists or upgrade or install a new package), thus +masking other Tor traffic done from the same machine. Using Tor will +become normal for the machine in question.

+ +

On Freedombox, APT +is set up by default to use apt-transport-tor when Tor is +enabled. It would be great if it was the default on any Debian +system.

- Tags: debian edu, english, intervju. + Tags: debian, english, sikkerhet.
@@ -534,33 +356,37 @@ there was :

-
I'm going to the Open Source Developers' Conference Nordic 2015!
-
7th April 2015
-

I am happy to let you all know that I'm going to the Open Source Developers' -Conference Nordic 2015!

- -

It take place Friday 8th to Sunday 10th of May in Oslo next to -where I work, and I finally got around to submitting -a talk proposal for -it (dead link for most people until the talk is accepted). As -part of my involvement with the -Norwegian Unix User Group member -association I have been slightly involved in the planning of this -conference for a while now, with a focus on organising a Civic Hacking -Hackathon with our friends -over at mySociety and -Holder de ord. This part is -named the 'My Society' track in the program. There is still space for -more talks and participants. I hope to see you there.

- -

Check out the talks -submitted and accepted so far.

+
Nedlasting fra NRK, som Matroska med undertekster
+
2nd January 2016
+

Det kommer stadig nye løsninger for å ta lagre unna innslag fra NRK +for å se på det senere. For en stund tilbake kom jeg over et script +nrkopptak laget av Ingvar Hagelund. Han fjernet riktignok sitt script +etter forespørsel fra Erik Bolstad i NRK, men noen tok heldigvis og +gjorde det tilgjengelig +via github.

+ +

Scriptet kan lagre som MPEG4 eller Matroska, og bake inn +undertekster i fila på et vis som blant annet VLC forstår. For å +bruke scriptet, kopier ned git-arkivet og kjør

+ +

+nrkopptak/bin/nrk-opptak k https://tv.nrk.no/serie/bmi-turne/MUHH45000115/sesong-1/episode-1
+

+ +

URL-eksemplet er dagens toppsak på tv.nrk.no. Argument 'k' ber +scriptet laste ned og lagre som Matroska. Det finnes en rekke andre +muligheter for valg av kvalitet og format.

+ +

Jeg foretrekker dette scriptet fremfor youtube-dl, som + +nevnt i 2014 støtter NRK og en rekke andre videokilder, på grunn +av at nrkopptak samler undertekster og video i en enkelt fil, hvilket +gjør håndtering enklere på disk.

- Tags: english, fiksgatami, nuug, offentlig innsyn. + Tags: multimedia, norsk, video, web.
@@ -568,30 +394,58 @@ submitted and accepted so far.

-
Proof reading the Norwegian translation of Free Culture by Lessig
-
4th April 2015
-

During eastern I had some time to continue working on the Norwegian -docbook version of the 2004 book -Free Culture by Lawrence Lessig. -At the moment I am proof reading the finished text, looking for typos, -inconsistent wordings and sentences that do not flow as they should. -I'm more than two thirds done with the text, and welcome others to -check the text up to chapter 13. The current status is available on the -github -project pages. You can also check out the -PDF, -EPUB -and HTML version available in the -archive -directory.

- -

Please report typos, bugs and improvements to the github project if -you find any.

+
OpenALPR, find car license plates in video streams - nice free software
+
23rd December 2015
+

When I was a kid, we used to collect "car numbers", as we used to +call the car license plate numbers in those days. I would write the +numbers down in my little book and compare notes with the other kids +to see how many region codes we had seen and if we had seen some +exotic or special region codes and numbers. It was a fun game to pass +time, as we kids have plenty of it.

+ +

A few days I came across +the OpenALPR +project, a free software project to automatically discover and +report license plates in images and video streams, and provide the +"car numbers" in a machine readable format. I've been looking for +such system for a while now, because I believe it is a bad idea that the +automatic +number plate recognition tool only is available in the hands of +the powerful, and want it to be available also for the powerless to +even the score when it comes to surveillance and sousveillance. I +discovered the developer +wanted to get the tool into +Debian, and as I too wanted it to be in Debian, I volunteered to +help him get it into shape to get the package uploaded into the Debian +archive.

+ +

Today we finally managed to get the package into shape and uploaded +it into Debian, where it currently +waits +in the NEW queue for review by the Debian ftpmasters.

+ +

I guess you are wondering why on earth such tool would be useful +for the common folks, ie those not running a large government +surveillance system? Well, I plan to put it in a computer on my bike +and in my car, tracking the cars nearby and allowing me to be notified +when number plates on my watch list are discovered. Another use case +was suggested by a friend of mine, who wanted to set it up at his home +to open the car port automatically when it discovered the plate on his +car. When I mentioned it perhaps was a bit foolhardy to allow anyone +capable of placing his license plate number of a piece of cardboard to +open his car port, men replied that it was always unlocked anyway. I +guess for such use case it make sense. I am sure there are other use +cases too, for those with imagination and a vision.

+ +

If you want to build your own version of the Debian package, check +out the upstream git source and symlink ./distros/debian to ./debian/ +before running "debuild" to build the source. Or wait a bit until the +package show up in unstable.

- Tags: docbook, english, freeculture. + Tags: debian, english, nice free software.
@@ -599,61 +453,114 @@ you find any.

-
Frikanalen, Norwegian TV channel for technical topics
-
9th March 2015
-

The Norwegian Unix User Group, -where I am a member, and where people interested in free software, -open standards and UNIX like operating systems like Linux and the BSDs -come together, record our monthly technical presentations on video. -The purpose is to document the talks and spread them to a wider -audience. For this, the the Norwegian nationwide open channel -Frikanalen is a useful venue. -Since a few days ago, when I figured out the -REST API to program the -channel time schedule, -the channel has been filled with NUUG talks, related recordings and -some Creative Commons licensed TED talks (from archive.org). I fill -all "leftover bits" on the channel with content from NUUG, which at -the moment is almost 17 of 24 hours every day.

- -

The list of NUUG videos -uploaded so far -include things like a -one hour talk by John -Perry Barlow when he visited Oslo, a presentation of -Haiku, the BeOS -re-implementation, the -history of FiksGataMi, -the Norwegian version of FixMyStreet, the good old -Warriors of the net -video and many others.

- -

We have a large backlog of NUUG talks not yet uploaded to -Frikanalen, and plan to upload every useful bit to the channel to -spread the word there. I also hope to find useful recordings from the -Chaos Computer Club and Debian conferences and spread them on the -channel as well. But this require locating the videos and their meta -information (title, description, license, etc), and preparing the -recordings for broadcast, and I have not yet had the spare time to -focus on this. Perhaps you want to help. Please join us on IRC, -#nuug on irc.freenode.net -if you want to help make this happen.

- -

But as I said, already the channel is already almost exclusively -filled with technical topics, and if you want to learn something new -today, check out the Ogg Theora -web stream or use one of the other ways to get access to the -channel. Unfortunately the Ogg Theora recoding for distribution still -do not properly sync the video and sound. It is generated by recoding -a internal MPEG transport stream with MPEG4 coded video (ie H.264) to -Ogg Theora / Vorbis, and we have not been able to find a way that -produces acceptable quality. Help needed, please get in touch if you -know how to fix it using free software.

+
Using appstream with isenkram to install hardware related packages in Debian
+
20th December 2015
+

Around three years ago, I created +the isenkram +system to get a more practical solution in Debian for handing +hardware related packages. A GUI system in the isenkram package will +present a pop-up dialog when some hardware dongle supported by +relevant packages in Debian is inserted into the machine. The same +lookup mechanism to detect packages is available as command line +tools in the isenkram-cli package. In addition to mapping hardware, +it will also map kernel firmware files to packages and make it easy to +install needed firmware packages automatically. The key for this +system to work is a good way to map hardware to packages, in other +words, allow packages to announce what hardware they will work +with.

+ +

I started by providing data files in the isenkram source, and +adding code to download the latest version of these data files at run +time, to ensure every user had the most up to date mapping available. +I also added support for storing the mapping in the Packages file in +the apt repositories, but did not push this approach because while I +was trying to figure out how to best store hardware/package mappings, +the +appstream system was announced. I got in touch and suggested to +add the hardware mapping into that data set to be able to use +appstream as a data source, and this was accepted at least for the +Debian version of appstream.

+ +

A few days ago using appstream in Debian for this became possible, +and today I uploaded a new version 0.20 of isenkram adding support for +appstream as a data source for mapping hardware to packages. The only +package so far using appstream to announce its hardware support is my +pymissile package. I got help from Matthias Klumpp with figuring out +how do add the required +metadata +in pymissile. I added a file debian/pymissile.metainfo.xml with +this content:

+ +
+<?xml version="1.0" encoding="UTF-8"?>
+<component>
+  <id>pymissile</id>
+  <metadata_license>MIT</metadata_license>
+  <name>pymissile</name>
+  <summary>Control original Striker USB Missile Launcher</summary>
+  <description>
+    <p>
+      Pymissile provides a curses interface to control an original
+      Marks and Spencer / Striker USB Missile Launcher, as well as a
+      motion control script to allow a webcamera to control the
+      launcher.
+    </p>
+  </description>
+  <provides>
+    <modalias>usb:v1130p0202d*</modalias>
+  </provides>
+</component>
+
+ +

The key for isenkram is the component/provides/modalias value, +which is a glob style match rule for hardware specific strings +(modalias strings) provided by the Linux kernel. In this case, it +will map to all USB devices with vendor code 1130 and product code +0202.

+ +

Note, it is important that the license of all the metadata files +are compatible to have permissions to aggregate them into archive wide +appstream files. Matthias suggested to use MIT or BSD licenses for +these files. A challenge is figuring out a good id for the data, as +it is supposed to be globally unique and shared across distributions +(in other words, best to coordinate with upstream what to use). But +it can be changed later or, so we went with the package name as +upstream for this project is dormant.

+ +

To get the metadata file installed in the correct location for the +mirror update scripts to pick it up and include its content the +appstream data source, the file must be installed in the binary +package under /usr/share/appdata/. I did this by adding the following +line to debian/pymissile.install:

+ +
+debian/pymissile.metainfo.xml usr/share/appdata
+
+ +

With that in place, the command line tool isenkram-lookup will list +all packages useful on the current computer automatically, and the GUI +pop-up handler will propose to install the package not already +installed if a hardware dongle is inserted into the machine in +question.

+ +

Details of the modalias field in appstream is available from the +DEP-11 proposal.

+ +

To locate the modalias values of all hardware present in a machine, +try running this command on the command line:

+ +
+cat $(find /sys/devices/|grep modalias)
+
+ +

To learn more about the isenkram system, please check out +my +blog posts tagged isenkram.

- Tags: english, frikanalen, nuug, video. + Tags: debian, english, isenkram.
@@ -661,36 +568,89 @@ know how to fix it using free software.

-
The Citizenfour documentary on the Snowden confirmations to Norway
-
28th February 2015
-

Today I was happy to learn that the documentary -Citizenfour by -Laura Poitras -finally will show up in Norway. According to the magazine -Montages, a deal has finally been -made for -Cinema -distribution in Norway and the movie will have its premiere soon. -This is great news. As part of my involvement with -the Norwegian Unix User Group, me and -a friend have -tried -to get the movie to Norway ourselves, but obviously -we -were too late and Tor Fosse beat us to it. I am happy he did, as -the movie will make its way to the public and we do not have to make -it happen ourselves. -The trailer -can be seen on youtube, if you are curious what kind of film this -is.

- -

The whistle blower Edward Snowden really deserve political asylum -here in Norway, but I am afraid he would not be safe.

+
Bokhandeldistribusjon av boken Fri kultur av Lawrence Lessig
+
14th December 2015
+

Besøk +lulu.com +eller +Amazon +for å kjøpe boken på papir, eller last ned ebook som +PDF, +ePub +eller +MOBI +fra +github.

+ +

Jeg ble gledelig overrasket i dag da jeg oppdaget at boken jeg har +gitt ut +hadde +dukket opp i Amazon. Jeg hadde trodd det skulle ta lenger tid, da +jeg fikk beskjed om at det skulle ta seks til åtte uker. +Amazonoppføringen er et resultat av at jeg for noen uker siden +diskuterte prissetting og håndtering av profitt med forfatteren. Det +måtte avklares da bruksvilkårene til boken har krav om +ikke-kommersiell bruk. Vi ble enige om at overskuddet fra salg av +boken skal sendes til +Creative Commons-stiftelsen. +Med det på plass kunne jeg be +lulu.com +om å gi boken «utvidet» distribusjon. Årsaken til at +bokhandeldistribusjon var litt utfordrende er at bokhandlere krever +mulighet for profitt på bøkene de selger (selvfølgelig), og dermed +måtte de få lov til å selge til høyere pris enn lulu.com. I tillegg +er det krav om samme pris på lulu.com og i bokhandlene, dermed blir +prisen økt også hos lulu.com. Hva skulle jeg gjøre med den profitten +uten å bryte med klausulen om ikkekommersiell? Løsningen var å gi +bort profitten til CC-stiftelsen. Prisen på boken ble nesten +tredoblet, til $19.99 (ca. 160,-) pluss frakt, men synligheten øker +betraktelig når den kan finnes i katalogene til store nettbokhandlere. +Det betyr at hvis du allerede har kjøpt boken har du fått den veldig +billig, og kjøper du den nå, får du den fortsatt billig samt donerer i +tillegg noen tiere til fremme av Creative Commons.

+ +

Mens jeg var i gang med å titte etter informasjon om boken +oppdaget jeg at den også var dukket opp på +Google +Books, der en kan lese den på web. PDF-utgaven har ennå ikke +dukket opp hos Nasjonalbiblioteket, +men det regner jeg med kommer på plass i løpet av noen uker. Boken er +heller ikke dukket opp hos +Barnes & Noble ennå, men +jeg antar det bare er et tidsspørsmål før dette er på plass.

+ +

Boken er dessverre ikke tilgjengelig fra norske bokhandlere, og +kommer neppe til å bli det med det første. Årsaken er at for å få det +til måtte jeg personlig håndtere bestilling av bøker, hvilket jeg ikke +er interessert i å bruke tid på. Jeg kunne betalt ca 2000,- til +den norske bokbasen, en felles +database over bøker tilgjengelig for norske bokhandlere, for å få en +oppføring der, men da måtte jeg tatt imot bestillinger på epost og +sendt ut bøker selv. Det ville krevd at jeg var klar til å +sende ut bøker på kort varsel, dvs. holdt meg med ekstra bøker, +konvolutter og frimerker. Bokbasen har visst ikke opplegg for å be +bokhandlene bestille direkte via web, så jeg droppet oppføring der. +Jeg har spurt Haugen bok og Tronsmo direkte på epost om de er +interessert i å ta inn boken i sin bestillingskatalog, men ikke fått +svar, så jeg antar de ikke er interessert. Derimot har jeg fått en +hyggelig henvendelse fra Biblioteksentralen som fortalte at de har +lagt den inn i sin database slik at deres bibliotekskunder enkelt kan +bestille den via dem.

+ +

Boken er i følge +Bibsys/Oria +og bokdatabasen til +Deichmanske +tilgjengelig fra flere biblioteker allerede, og alle eksemplarer er +visst allerede utlånt med ventetid. Det synes jeg er veldig gledelig +å se. Jeg håper mange kommer til å lese boken. Jeg tror den er +spesielt egnet for foreldre og bekjente av oss nerder for å forklare +hva slags problemer vi ser med dagens opphavsrettsregime.

- Tags: english, nuug, personvern, surveillance. + Tags: freeculture, norsk.
@@ -698,59 +658,114 @@ here in Norway, but I am afraid he would not be safe.

-
The Norwegian open channel Frikanalen - 24x7 on the Internet
-
25th February 2015
-

The Norwegian nationwide open channel -Frikanalen is still going -strong. It allow everyone to send the video they want on national -television. It is a TV station administrated completely using a web -browser, running only Free -Software, providing a REST -api for administrators and members, and with distribution on the -national DVB-T distribution network RiksTV. But only between 12:00 -and 17:30 Norwegian time. This has finally changed, after many years -with limited distribution. A few weeks ago, we set up a Ogg Theora -stream via icecast to allow everyone with Internet access to check out -the channel the rest of the day. This is presented on -the Frikanalen web site now. And -since a few days ago, the channel is also available -via multicast on -UNINETT, available for those using IPTV TVs and set-top boxes in -the Norwegian National Research and Education network.

- -

If you want to see what is on the channel, point your media player -to one of these sources. The first should work with most players and -browsers, while as far as I know, the multicast UDP stream only work -with VLC.

- - - -

The Ogg Theora / icecast stream is not working well, as the video -and audio is slightly out of sync. We have not been able to figure -out how to fix it. It is generated by recoding a internal MPEG -transport stream with MPEG4 coded video (ie H.264) to Ogg Theora / -Vorbis, and the result is less then stellar. If you have ideas how to -fix it, please let us know on frikanalen (at) nuug.no. We currently -use this with ffmpeg2theora 0.29:

- -
-./ffmpeg2theora.linux <OBE_gemini_URL.ts> -F 25 -x 720 -y 405 \
- --deinterlace --inputfps 25 -c 1 -H 48000 --keyint 8 --buf-delay 100 \
- --nosync -V 700 -o - | oggfwd video.nuug.no 8000 <pw> /frikanalen.ogv
-
- -

If you get the multicast UDP stream working, please let me know, as -I am curious how far the multicast stream reach. It do not make it to -my home network, nor any other commercially available network in -Norway that I am aware of.

+
The GNU General Public License is not magic pixie dust
+
30th November 2015
+

A blog post from my fellow Debian developer Paul Wise titled +"The +GPL is not magic pixie dust" explain the importance of making sure +the GPL is enforced. +I quote the blog post from Paul in full here with his permission:

+ +

+ +

Become a Software Freedom Conservancy Supporter!

+ +
+The GPL is not magic pixie dust. It does not work by itself.
+ +The first step is to choose a +copyleft license for your +code.
+ +The next step is, when someone fails to follow that copyleft license, +it must be enforced
+ +and its a simple fact of our modern society that such type of +work
+ +is incredibly expensive to do and incredibly difficult to do. +
+ +

-- Bradley Kuhn, in +FaiF +episode +0x57

+ +

As the Debian Website +used +to +imply, public domain and permissively licensed software can lead to +the production of more proprietary software as people discover useful +software, extend it and or incorporate it into their hardware or +software products. Copyleft licenses such as the GNU GPL were created +to close off this avenue to the production of proprietary software but +such licenses are not enough. With the ongoing adoption of Free +Software by individuals and groups, inevitably the community's +expectations of license compliance are violated, usually out of +ignorance of the way Free Software works, but not always. As Karen +and Bradley explained in FaiF +episode 0x57, +copyleft is nothing if no-one is willing and able to stand up in court +to protect it. The reality of today's world is that legal +representation is expensive, difficult and time consuming. With +gpl-violations.org in hiatus +until +some time in 2016, the Software +Freedom Conservancy (a tax-exempt charity) is the major defender +of the Linux project, Debian and other groups against GPL violations. +In March the SFC supported a +lawsuit +by Christoph Hellwig against VMware for refusing to +comply +with the GPL in relation to their use of parts of the Linux +kernel. Since then two of their sponsors pulled corporate funding and +conferences +blocked +or cancelled their talks. As a result they have decided to rely +less on corporate funding and more on the broad community of +individuals who support Free Software and copyleft. So the SFC has +launched +a campaign to create +a community of folks who stand up for copyleft and the GPL by +supporting their work on promoting and supporting copyleft and Free +Software.

+ +

If you support Free Software, +like +what the SFC do, agree with their +compliance +principles, are happy about their +successes in 2015, +work on a project that is an SFC +member and or +just want to stand up for copyleft, please join +Christopher +Allan Webber, +Carol +Smith, +Jono +Bacon, myself and +others in +becoming a +supporter. For the +next week your donation will be +matched +by an anonymous donor. Please also consider asking your employer to +match your donation or become a sponsor of SFC. Don't forget to +spread the word about your support for SFC via email, your blog and or +social media accounts.

+ +
+ +

I agree with Paul on this topic and just signed up as a Supporter +of Software Freedom Conservancy myself. Perhaps you should be a +supporter too?

- Tags: english, frikanalen, nuug, video. + Tags: debian, debian edu, english, opphavsrett.
@@ -758,118 +773,42 @@ Norway that I am aware of.

-
En enklere Osloskolehverdag med automatisk sjekk av Fronter
-
12th February 2015
-

En stund nå har jeg vært nødt til å forholde meg til -Fronter, en nettløsning -Osloskolen bruker for kontakt mellom hjem og skole. Løsningen -imponerer ikke, og det er lagt opp til at vi foreldre skal logge inn -regelmessig for å se om noe har endret seg. Idéen om å la folk stikke -innom nettsider for å se om det har skjedd endringer er så idiotisk at -jeg har lett etter et alternativ. Fronterløsningen har en innebygget -løsning der en kan abonnere på forsiden (som viser en oppsummering av -det en har tilgang til), og få tilsendt en kopi hver natt, men det -fjerner jo bare behovet for å stikke innom, ikke den idiotiske ideen -om at folk skal huske hvordan nettsiden så ut sist og oppdage hva som -er endret.

- -

For å gjøre livet enklere har jeg derfor brukt litt tid på å lage -et program som kobler seg opp og sjekker etter endringer automatisk, -slik at jeg kan få beskjed fra datamaskinen når noe endrer seg i -stedet for å forsøke å finne ut av det selv. I går ble scriptet -brukbart, og jeg er dermed klar til å dele det med deg.

- -

Jeg startet med å skrive programmet i Python, og hadde en versjon -som logget inn og hentet ned enkeltsider fra Fronter. Men -Fronter-websidene suger golfballer gjennom en hageslange, med -uleselig HTML, flere nivåer av iframes og en struktur på innholdet som -er svært vanskelig å finne ut av, så jeg ga til slutt opp lxml-parsing -med Python og forsøkte meg med WWW::Mechanize for Perl som jeg kjente -fra før. I ettertid har jeg oppdaget at WWW:Mechanize også finnes for -Python, så jeg kunne antagelig droppet språkbyttet. Men da jeg -oppdaget det hadde jeg kommet så langt med Perl-utgaven, så jeg hoppet -ikke tilbake.

- -

For å logge inn i Fronter besøker en enten skolens websider eller -den sentrale innloggingsiden https://fronter.com/osloskoler/. -Perl-koden for å logge inn ser slik ut:

+
PGP key transition statement for key EE4E02F9
+
17th November 2015
+

I've needed a new OpenPGP key for a while, but have not had time to +set it up properly. I wanted to generate it offline and have it +available on a OpenPGP +smart card for daily use, and learning how to do it and finding +time to sit down with an offline machine almost took forever. But +finally I've been able to complete the process, and have now moved +from my old GPG key to a new GPG key. See +the +full transition statement, signed with both my old and new key for +the details. This is my new key:

-my $mech = WWW::Mechanize->new();
-$mech->get('https://fronter.com/osloskoler/');
-$mech->submit_form(fields => {
-    username => $username,
-    password => $password,
-} );
+pub   3936R/111D6B29EE4E02F9 2015-11-03 [expires: 2019-11-14]
+      Key fingerprint = 3AC7 B2E3 ACA5 DF87 78F1  D827 111D 6B29 EE4E 02F9
+uid                  Petter Reinholdtsen <pere@hungry.com>
+uid                  Petter Reinholdtsen <pere@debian.org>
+sub   4096R/87BAFB0E 2015-11-03 [expires: 2019-11-02]
+sub   4096R/F91E6DE9 2015-11-03 [expires: 2019-11-02]
+sub   4096R/A0439BAB 2015-11-03 [expires: 2019-11-02]
-

Neste steg er å få oversikt over hvilke «rom» en har tilgang til. -På vår skole er det rom for skolen, biblioteket, elevrådet, -aktivitetsskolen og klasser der en har unger, og dette vil være -forskjellig fra person til person. Etter å ha romstert rundt i -Fronter-grensesnittet endel kom jeg over en grei HTML-side med -oversikt over rommene, -https://fronter.com/osloskoler/adm/projects.phtml?mode=displayRoomchooser, -så jeg bruker denne til å hente ut romoversikt med rom-ID.

- -
-my %room;
-$mech->get('https://fronter.com/osloskoler/adm/projects.phtml?mode=displayRoomchooser');
-for my $link ($mech->links()) {
-    my $url = $link->url();
-    if ($url =~ m%/links/list_files.phtml\?edit=(\d+)$%) {
-        $room{$link->text()} = $1;
-    }
-}
-
+

The key can be downloaded from the OpenPGP key servers, signed by +my old key.

-

Når en har rom-ID kan en slå opp websiden for rommet, som starter -på -https://fronter.com/osloskoler/contentframeset.phtml?goto_prjid=$ROMID -(der $ROMID byttes ut med rom-ID-tallet). Det gir en side med -iframes, og en må tre nivåer ned i iframes før en får tak i -HTML-informasjonen som vises frem når en ser på det aktuelle rommet. -Her ga jeg opp den robuste parsingen og hardkodet endel URL-er som i -stedet bør spores opp maskinelt. HTML-informasjonen som vises lagres -i en fil etter at økt- og innloggings-nøkkel er fjernet og deretter -bruker jeg lynx --dump --nolist for å hente ut en tekstlig -utgave av websiden. Denne tekstlige utgaven sammenlignes med forrige -versjon og oversikt over endringer kan så sendes ut på egnet vis.

- -

Jeg valgte å bruke git til å holde rede på endringer, så jeg -sjekker inn HTML og tekst-utgaver i git og bruker git til å vise frem -endringene i tekstutgavene. Programvaren for å gjøre dette er testet -på Debian GNU/Linux og kan -lastes -ned fra github.

- -

For å bruke dette selv, kjør følgende kommandoer på din -Debian-maskin (forutsetter sudo-tilgang for installasjon av -programvare):

- -
-sudo apt-get install git lynx-cur libio-prompter-perl libwww-mechanize-perl \
-      libconfig-inifiles-perl
-git clone https://github.com/petterreinholdtsen/fronter-scraper-oslo
-cd fronter-scraper-oslo
-./update-git
-
- -

Det gjenstår endel, men systemet er allerede nyttig for meg. Jeg -ønsker at systemet også skal laste ned PDF-er og slikt som er lagt ut -for nedlasting på sidene, slik at f.eks. ukeplaner kommer inn i -git-arkivet mitt automatisk og jeg får automatisk beskjed når ny -ukeplan er lagt ut. Kanskje du kan bidra med å få det på plass, eller -kanskje du har andre ting du vil fikse? Jeg tar gjerne imot endringer -og forbedringer. Det er mye som kan gjøres bedre, og scriptet er ikke -veldig robust mot endringer hos nettsidene til Fronter. Jeg regner -dermed med at det vil trengs oppdateringer jevnlig etter hvert som -Fronter-løsningen endrer seg.

+

If you signed my old key +(DB4CCC4B2A30D729), +I'd very much appreciate a signature on my new key, details and +instructions in the transition statement. I m happy to reciprocate if +you have a similarly signed transition statement to present.

- Tags: norsk, web. + Tags: debian, english, sikkerhet.
@@ -884,6 +823,15 @@ Fronter-løsningen endrer seg.

Archive