X-Git-Url: http://pere.pagekite.me/gitweb/homepage.git/blobdiff_plain/f844e390d285bd5ff5b8ad3cd72899585eecc5a7..fe0fe16f8c3e50f6be016875c213887285ed4273:/blog/index.rss
diff --git a/blog/index.rss b/blog/index.rss
index f099cae730..1f70ff4d71 100644
--- a/blog/index.rss
+++ b/blog/index.rss
@@ -7,381 +7,901 @@
- I want the courts to be involved before the police can hijack a news site DNS domain (#domstolkontroll)
- http://people.skolelinux.org/pere/blog/I_want_the_courts_to_be_involved_before_the_police_can_hijack_a_news_site_DNS_domain___domstolkontroll_.html
- http://people.skolelinux.org/pere/blog/I_want_the_courts_to_be_involved_before_the_police_can_hijack_a_news_site_DNS_domain___domstolkontroll_.html
- Thu, 19 May 2016 14:00:00 +0200
- <p>I just donated to the
-<a href="http://www.nuug.no/dns-beslag-donasjon.shtml">NUUG defence
-"fond"</a> to fund the effort in Norway to get the seizure of the news
-site popcorn-time.no tested in court. I hope everyone that agree with
-me will do the same.</p>
-
-<p>Would you be worried if you knew the police in your country could
-hijack DNS domains of news sites covering free software system without
-talking to a judge first? I am. What if the free software system
-combined search engine lookups, bittorrent downloads and video playout
-and was called Popcorn Time? Would that affect your view? It still
-make me worried.</p>
-
-<p>In March 2016, the Norwegian police seized (as in forced NORID to
-change the IP address pointed to by it to one controlled by the
-police) the DNS domain popcorn-time.no, without any supervision from
-the courts. I did not know about the web site back then, and assumed
-the courts had been involved, and was very surprised when I discovered
-that the police had hijacked the DNS domain without asking a judge for
-permission first. I was even more surprised when I had a look at
-<a href="https://web.archive.org/web/*/http://popcorn-time.no">the web
-site content on the Internet Archive</A>, and only found news coverage
-about Popcorn Time, not any material published without the right
-holders permissions.</p>
-
-<p>The seizure was widely covered in the Norwegian press (see for
-example <a href="http://www.hegnar.no/Nyheter/Naeringsliv/2016/03/Popcorn-time.no-beslaglagt-av-OEkokrim">Hegnar Online</a> and
-<a href="http://itavisen.no/2016/03/08/okokrim-har-beslaglagt-popcorn-time-no/">ITavisen<a/>
-and
-<a href="http://www.nrk.no/kultur/okokrim-gar-til-aksjon-mot-popcorn-time-1.12842452">NRK</a>),
-at first due to the press release sent out by Ãkokrim, but then based
-on
-<a href="http://blogg.torvund.net/2016/03/09/okokrims-beslag-i-domenet-popcorn-time-no/">protests
-from the law professor Olav Torvund</a> and
-<a href="http://www.klassekampen.no/article/20160311/ARTICLE/160319995">lawyer
-Jon Wessel-Aas</a>. It even got some
-<a href="https://torrentfreak.com/norwegian-authorities-sued-over-popcorn-time-domain-seizure-160418/">coverage
-on TorrentFreak</a>.</p>
-
-<p>I
-<a href="http://people.skolelinux.org/pere/blog/NUUG_contests_Norwegian_police_DNS_seizure_of_popcorn_time_no.html">
-wrote about the case a month ago</a>, when the
-<a href="http://www.nuug.no/">Norwegian Unix User Group</a> (NUUG),
-where I am an active member, decided to ask the courts to test this seizure.
-The request was denied, but NUUG and its co-requestor EFN have not
-given up, and now they are rallying for support to get the seizure
-legally challenged. They accept both bank and Bitcoin transfer for
-those that want to support the request.</p>
-
-<p>If you as me believe news sites about free software should not be
-censored, even if the free software have both legal and illegal
-applications, and that DNS hijacking should be tested by the courts, I
-suggest you <a href="http://www.nuug.no/dns-beslag-donasjon.shtml">show
-your support by donating to NUUG</a>.</a>
-
-
-
-
- Debian now with ZFS on Linux included
- http://people.skolelinux.org/pere/blog/Debian_now_with_ZFS_on_Linux_included.html
- http://people.skolelinux.org/pere/blog/Debian_now_with_ZFS_on_Linux_included.html
- Thu, 12 May 2016 07:30:00 +0200
- <p>Today, after many years of hard work from many people,
-<a href="http://zfsonlinux.org/">ZFS for Linux</a> finally entered
-Debian. The package status can be seen on
-<a href="https://tracker.debian.org/pkg/zfs-linux">the package tracker
-for zfs-linux</a>. and
-<a href="https://qa.debian.org/developer.php?login=pkg-zfsonlinux-devel@lists.alioth.debian.org">the
-team status page</a>. If you want to help out, please join us.
-<a href="http://anonscm.debian.org/gitweb/?p=pkg-zfsonlinux/zfs.git">The
-source code</a> is available via git on Alioth. It would also be
-great if you could help out with
-<a href="https://tracker.debian.org/pkg/dkms">the dkms package</a>, as
-it is an important piece of the puzzle to get ZFS working.</p>
+ My own self balancing Lego Segway
+ http://people.skolelinux.org/pere/blog/My_own_self_balancing_Lego_Segway.html
+ http://people.skolelinux.org/pere/blog/My_own_self_balancing_Lego_Segway.html
+ Fri, 4 Nov 2016 10:15:00 +0100
+ <p>A while back I received a Gyro sensor for the NXT
+<a href="mindstorms.lego.com">Mindstorms</a> controller as a birthday
+present. It had been on my wishlist for a while, because I wanted to
+build a Segway like balancing lego robot. I had already built
+<a href="http://www.nxtprograms.com/NXT2/segway/">a simple balancing
+robot</a> with the kids, using the light/color sensor included in the
+NXT kit as the balance sensor, but it was not working very well. It
+could balance for a while, but was very sensitive to the light
+condition in the room and the reflective properties of the surface and
+would fall over after a short while. I wanted something more robust,
+and had
+<a href="https://www.hitechnic.com/cgi-bin/commerce.cgi?preadd=action&key=NGY1044">the
+gyro sensor from HiTechnic</a> I believed would solve it on my
+wishlist for some years before it suddenly showed up as a gift from my
+loved ones. :)</p>
+
+<p>Unfortunately I have not had time to sit down and play with it
+since then. But that changed some days ago, when I was searching for
+lego segway information and came across a recipe from HiTechnic for
+building
+<a href="http://www.hitechnic.com/blog/gyro-sensor/htway/">the
+HTWay</a>, a segway like balancing robot. Build instructions and
+<a href="https://www.hitechnic.com/upload/786-HTWayC.nxc">source
+code</a> was included, so it was just a question of putting it all
+together. And thanks to the great work of many Debian developers, the
+compiler needed to build the source for the NXT is already included in
+Debian, so I was read to go in less than an hour. The resulting robot
+do not look very impressive in its simplicity:</p>
+
+<p align="center"><img width="70%" src="http://people.skolelinux.org/pere/blog/images/2016-11-04-lego-htway-robot.jpeg"></p>
+
+<p>Because I lack the infrared sensor used to control the robot in the
+design from HiTechnic, I had to comment out the last task
+(taskControl). I simply placed /* and */ around it get the program
+working without that sensor present. Now it balances just fine until
+the battery status run low:</p>
+
+<p align="center"><video width="70%" controls="true">
+ <source src="http://people.skolelinux.org/pere/blog/images/2016-11-04-lego-htway-balancing.ogv" type="video/ogg">
+</video></p>
+
+<p>Now we would like to teach it how to follow a line and take remote
+control instructions using the included Bluetooth receiver in the NXT.</p>
+
+<p>If you, like me, love LEGO and want to make sure we find the tools
+they need to work with LEGO in Debian and all our derivative
+distributions like Ubuntu, check out
+<a href="http://wiki.debian.org/LegoDesigners">the LEGO designers
+project page</a> and join the Debian LEGO team. Personally I own a
+RCX and NXT controller (no EV3), and would like to make sure the
+Debian tools needed to program the systems I own work as they
+should.</p>
- What is the best multimedia player in Debian?
- http://people.skolelinux.org/pere/blog/What_is_the_best_multimedia_player_in_Debian_.html
- http://people.skolelinux.org/pere/blog/What_is_the_best_multimedia_player_in_Debian_.html
- Sun, 8 May 2016 09:40:00 +0200
- <p><strong>Where I set out to figure out which multimedia player in
-Debian claim support for most file formats.</strong></p>
-
-<p>A few years ago, I had a look at the media support for Browser
-plugins in Debian, to get an idea which plugins to include in Debian
-Edu. I created a script to extract the set of supported MIME types
-for each plugin, and used this to find out which multimedia browser
-plugin supported most file formats / media types.
-<a href="https://wiki.debian.org/DebianEdu/BrowserMultimedia">The
-result</a> can still be seen on the Debian wiki, even though it have
-not been updated for a while. But browser plugins are less relevant
-these days, so I thought it was time to look at standalone
-players.</p>
-
-<p>A few days ago I was tired of VLC not being listed as a viable
-player when I wanted to play videos from the Norwegian National
-Broadcasting Company, and decided to investigate why. The cause is a
-<a href="https://bugs.debian.org/822245">missing MIME type in the VLC
-desktop file</a>. In the process I wrote a script to compare the set
-of MIME types announced in the desktop file and the browser plugin,
-only to discover that there is quite a large difference between the
-two for VLC. This discovery made me dig up the script I used to
-compare browser plugins, and adjust it to compare desktop files
-instead, to try to figure out which multimedia player in Debian
-support most file formats.</p>
-
-<p>The result can be seen on the Debian Wiki, as
-<a href="https://wiki.debian.org/DebianMultimedia/PlayerSupport">a
-table listing all MIME types supported by one of the packages included
-in the table</a>, with the package supporting most MIME types being
-listed first in the table.</p>
-
-</p>The best multimedia player in Debian? It is totem, followed by
-parole, kplayer, mpv, vlc, smplayer mplayer-gui gnome-mpv and
-kmplayer. Time for the other players to update their announced MIME
-support?</p>
+ Aktivitetsbånd som beskytter privatsfæren
+ http://people.skolelinux.org/pere/blog/Aktivitetsb_nd_som_beskytter_privatsf_ren.html
+ http://people.skolelinux.org/pere/blog/Aktivitetsb_nd_som_beskytter_privatsf_ren.html
+ Thu, 3 Nov 2016 09:55:00 +0100
+ <p>Jeg ble så imponert over
+<a href="https://www.nrk.no/norge/forbrukerradet-mener-aktivitetsarmband-strider-mot-norsk-lov-1.13209079">dagens
+gladnyhet på NRK</a>, om at Forbrukerrådet klager inn vilkårene for
+bruk av aktivitetsbånd fra Fitbit, Garmin, Jawbone og Mio til
+Datatilsynet og forbrukerombudet, at jeg sendte følgende brev til
+forbrukerrådet for å uttrykke min støtte:
+
+<blockquote>
+
+<p>Jeg ble veldig glad over å lese at Forbrukerrådet
+<a href="http://www.forbrukerradet.no/siste-nytt/klager-inn-aktivitetsarmband-for-brudd-pa-norsk-lov/">klager
+inn flere aktivitetsbånd til Datatilsynet for dårlige vilkår</a>. Jeg
+har ønsket meg et aktivitetsbånd som kan måle puls, bevegelse og
+gjerne også andre helserelaterte indikatorer en stund nå. De eneste
+jeg har funnet i salg gjør, som dere også har oppdaget, graverende
+inngrep i privatsfæren og sender informasjonen ut av huset til folk og
+organisasjoner jeg ikke ønsker å dele aktivitets- og helseinformasjon
+med. Jeg ønsker et alternativ som <em>ikke</em> sender informasjon til
+skyen, men derimot bruker
+<a href="http://people.skolelinux.org/pere/blog/Fri_og__pen_standard__slik_Digistan_ser_det.html">en
+fritt og åpent standardisert</a> protokoll (eller i det minste en
+dokumentert protokoll uten patent- og opphavsrettslige
+bruksbegrensinger) til å kommunisere med datautstyr jeg kontrollerer.
+Er jo ikke interessert i å betale noen for å tilrøve seg
+personopplysninger fra meg. Desverre har jeg ikke funnet noe
+alternativ så langt.</p>
+
+<p>Det holder ikke å endre på bruksvilkårene for enhetene, slik
+Datatilsynet ofte legger opp til i sin behandling, når de gjør slik
+f.eks. Fitbit (den jeg har sett mest på). Fitbit krypterer
+informasjonen på enheten og sender den kryptert til leverandøren. Det
+gjør det i praksis umulig både å sjekke hva slags informasjon som
+sendes over, og umulig å ta imot informasjonen selv i stedet for
+Fitbit. Uansett hva slags historie som forteller i bruksvilkårene er
+en jo både prisgitt leverandørens godvilje og at de ikke tvinges av
+sitt lands myndigheter til å lyve til sine kunder om hvorvidt
+personopplysninger spres ut over det bruksvilkårene sier. Det er
+veldokumentert hvordan f.eks. USA tvinger selskaper vha. såkalte
+National security letters til å utlevere personopplysninger samtidig
+som de ikke får lov til å fortelle dette til kundene sine.</p>
+
+<p>Stå på, jeg er veldig glade for at dere har sett på saken. Vet
+dere om aktivitetsbånd i salg i dag som ikke tvinger en til å utlevere
+aktivitets- og helseopplysninger med leverandøren?</p>
+
+</blockquote>
+
+<p>Jeg håper en konkurrent som respekterer kundenes privatliv klarer å
+nå opp i markedet, slik at det finnes et reelt alternativ for oss som
+har full tillit til at skyleverandører vil prioritere egen inntjening
+og myndighetspålegg langt foran kundenes rett til privatliv. Jeg har
+ingen tiltro til at Datatilsynet vil kreve noe mer enn at vilkårene
+endres slik at de forklarer eksplisitt i hvor stor grad bruk av
+produktene utraderer privatsfæren til kundene. Det vil nok gjøre de
+innklagede armbåndene «lovlige», men fortsatt tvinge kundene til å
+dele sine personopplysninger med leverandøren.</p>
- The Pyra - handheld computer with Debian preinstalled
- http://people.skolelinux.org/pere/blog/The_Pyra___handheld_computer_with_Debian_preinstalled.html
- http://people.skolelinux.org/pere/blog/The_Pyra___handheld_computer_with_Debian_preinstalled.html
- Wed, 4 May 2016 10:00:00 +0200
- A friend of mine made me aware of
-<a href="https://pyra-handheld.com/boards/pages/pyra/">The Pyra</a>, a
-handheld computer which will be delivered with Debian preinstalled. I
-would love to get one of those for my birthday. :)</p>
-
-<p>The machine is a complete ARM-based PC with micro HDMI, SATA, USB
-plugs and many others connectors, and include a full keyboard and a 5"
-LCD touch screen. The 6000mAh battery is claimed to provide a whole
-day of battery life time, but I have not seen any independent tests
-confirming this. The vendor is still collecting preorders, and the
-last I heard last night was that 22 more orders were needed before
-production started.</p>
-
-<p>As far as I know, this is the first handheld preinstalled with
-Debian. Please let me know if you know of any others. Is it the
-first computer being sold with Debian preinstalled?</p>
+ Experience and updated recipe for using the Signal app without a mobile phone
+ http://people.skolelinux.org/pere/blog/Experience_and_updated_recipe_for_using_the_Signal_app_without_a_mobile_phone.html
+ http://people.skolelinux.org/pere/blog/Experience_and_updated_recipe_for_using_the_Signal_app_without_a_mobile_phone.html
+ Mon, 10 Oct 2016 11:30:00 +0200
+ <p>In July
+<a href="http://people.skolelinux.org/pere/blog/How_to_use_the_Signal_app_if_you_only_have_a_land_line__ie_no_mobile_phone_.html">I
+wrote how to get the Signal Chrome/Chromium app working</a> without
+the ability to receive SMS messages (aka without a cell phone). It is
+time to share some experiences and provide an updated setup.</p>
+
+<p>The Signal app have worked fine for several months now, and I use
+it regularly to chat with my loved ones. I had a major snag at the
+end of my summer vacation, when the the app completely forgot my
+setup, identity and keys. The reason behind this major mess was
+running out of disk space. To avoid that ever happening again I have
+started storing everything in <tt>userdata/</tt> in git, to be able to
+roll back to an earlier version if the files are wiped by mistake. I
+had to use it once after introducing the git backup. When rolling
+back to an earlier version, one need to use the 'reset session' option
+in Signal to get going, and notify the people you talk with about the
+problem. I assume there is some sequence number tracking in the
+protocol to detect rollback attacks. The git repository is rather big
+(674 MiB so far), but I have not tried to figure out if some of the
+content can be added to a .gitignore file due to lack of spare
+time.</p>
+
+<p>I've also hit the 90 days timeout blocking, and noticed that this
+make it impossible to send messages using Signal. I could still
+receive them, but had to patch the code with a new timestamp to send.
+I believe the timeout is added by the developers to force people to
+upgrade to the latest version of the app, even when there is no
+protocol changes, to reduce the version skew among the user base and
+thus try to keep the number of support requests down.</p>
+
+<p>Since my original recipe, the Signal source code changed slightly,
+making the old patch fail to apply cleanly. Below is an updated
+patch, including the shell wrapper I use to start Signal. The
+original version required a new user to locate the JavaScript console
+and call a function from there. I got help from a friend with more
+JavaScript knowledge than me to modify the code to provide a GUI
+button instead. This mean that to get started you just need to run
+the wrapper and click the 'Register without mobile phone' to get going
+now. I've also modified the timeout code to always set it to 90 days
+in the future, to avoid having to patch the code regularly.</p>
+
+<p>So, the updated recipe for Debian Jessie:</p>
+
+<ol>
+
+<li>First, install required packages to get the source code and the
+browser you need. Signal only work with Chrome/Chromium, as far as I
+know, so you need to install it.
+
+<pre>
+apt install git tor chromium
+git clone https://github.com/WhisperSystems/Signal-Desktop.git
+</pre></li>
+
+<li>Modify the source code using command listed in the the patch
+block below.</li>
+
+<li>Start Signal using the run-signal-app wrapper (for example using
+<tt>`pwd`/run-signal-app</tt>).
+
+<li>Click on the 'Register without mobile phone', will in a phone
+number you can receive calls to the next minute, receive the
+verification code and enter it into the form field and press
+'Register'. Note, the phone number you use will be user Signal
+username, ie the way others can find you on Signal.</li>
+
+<li>You can now use Signal to contact others. Note, new contacts do
+not show up in the contact list until you restart Signal, and there is
+no way to assign names to Contacts. There is also no way to create or
+update chat groups. I suspect this is because the web app do not have
+a associated contact database.</li>
+
+</ol>
+
+<p>I am still a bit uneasy about using Signal, because of the way its
+main author moxie0 reject federation and accept dependencies to major
+corporations like Google (part of the code is fetched from Google) and
+Amazon (the central coordination point is owned by Amazon). See for
+example
+<a href="https://github.com/LibreSignal/LibreSignal/issues/37">the
+LibreSignal issue tracker</a> for a thread documenting the authors
+view on these issues. But the network effect is strong in this case,
+and several of the people I want to communicate with already use
+Signal. Perhaps we can all move to <a href="https://ring.cx/">Ring</a>
+once it <a href="https://bugs.debian.org/830265">work on my
+laptop</a>? It already work on Windows and Android, and is included
+in <a href="https://tracker.debian.org/pkg/ring">Debian</a> and
+<a href="https://launchpad.net/ubuntu/+source/ring">Ubuntu</a>, but not
+working on Debian Stable.</p>
+
+<p>Anyway, this is the patch I apply to the Signal code to get it
+working. It switch to the production servers, disable to timeout,
+make registration easier and add the shell wrapper:</p>
+
+<pre>
+cd Signal-Desktop; cat <<EOF | patch -p1
+diff --git a/js/background.js b/js/background.js
+index 24b4c1d..579345f 100644
+--- a/js/background.js
++++ b/js/background.js
+@@ -33,9 +33,9 @@
+ });
+ });
+
+- var SERVER_URL = 'https://textsecure-service-staging.whispersystems.org';
++ var SERVER_URL = 'https://textsecure-service-ca.whispersystems.org';
+ var SERVER_PORTS = [80, 4433, 8443];
+- var ATTACHMENT_SERVER_URL = 'https://whispersystems-textsecure-attachments-staging.s3.amazonaws.com';
++ var ATTACHMENT_SERVER_URL = 'https://whispersystems-textsecure-attachments.s3.amazonaws.com';
+ var messageReceiver;
+ window.getSocketStatus = function() {
+ if (messageReceiver) {
+diff --git a/js/expire.js b/js/expire.js
+index 639aeae..beb91c3 100644
+--- a/js/expire.js
++++ b/js/expire.js
+@@ -1,6 +1,6 @@
+ ;(function() {
+ 'use strict';
+- var BUILD_EXPIRATION = 0;
++ var BUILD_EXPIRATION = Date.now() + (90 * 24 * 60 * 60 * 1000);
+
+ window.extension = window.extension || {};
+
+diff --git a/js/views/install_view.js b/js/views/install_view.js
+index 7816f4f..1d6233b 100644
+--- a/js/views/install_view.js
++++ b/js/views/install_view.js
+@@ -38,7 +38,8 @@
+ return {
+ 'click .step1': this.selectStep.bind(this, 1),
+ 'click .step2': this.selectStep.bind(this, 2),
+- 'click .step3': this.selectStep.bind(this, 3)
++ 'click .step3': this.selectStep.bind(this, 3),
++ 'click .callreg': function() { extension.install('standalone') },
+ };
+ },
+ clearQR: function() {
+diff --git a/options.html b/options.html
+index dc0f28e..8d709f6 100644
+--- a/options.html
++++ b/options.html
+@@ -14,7 +14,10 @@
+ <div class='nav'>
+ <h1>{{ installWelcome }}</h1>
+ <p>{{ installTagline }}</p>
+- <div> <a class='button step2'>{{ installGetStartedButton }}</a> </div>
++ <div> <a class='button step2'>{{ installGetStartedButton }}</a>
++ <br> <a class="button callreg">Register without mobile phone</a>
++
++ </div>
+ <span class='dot step1 selected'></span>
+ <span class='dot step2'></span>
+ <span class='dot step3'></span>
+--- /dev/null 2016-10-07 09:55:13.730181472 +0200
++++ b/run-signal-app 2016-10-10 08:54:09.434172391 +0200
+@@ -0,0 +1,12 @@
++#!/bin/sh
++set -e
++cd $(dirname $0)
++mkdir -p userdata
++userdata="`pwd`/userdata"
++if [ -d "$userdata" ] && [ ! -d "$userdata/.git" ] ; then
++ (cd $userdata && git init)
++fi
++(cd $userdata && git add . && git commit -m "Current status." || true)
++exec chromium \
++ --proxy-server="socks://localhost:9050" \
++ --user-data-dir=$userdata --load-and-launch-app=`pwd`
+EOF
+chmod a+rx run-signal-app
+</pre>
+
+<p>As usual, if you use Bitcoin and want to show your support of my
+activities, please send Bitcoin donations to my address
+<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b&label=PetterReinholdtsenBlog">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p>
- NUUG contests Norwegian police DNS seizure of popcorn-time.no
- http://people.skolelinux.org/pere/blog/NUUG_contests_Norwegian_police_DNS_seizure_of_popcorn_time_no.html
- http://people.skolelinux.org/pere/blog/NUUG_contests_Norwegian_police_DNS_seizure_of_popcorn_time_no.html
- Mon, 18 Apr 2016 10:00:00 +0200
- <p>It is days like today I am really happy to be a member of
-<a href="http://www.nuug.no/">the Norwegian Unix User group</a>, a
-member association for those of us believing in free software, open
-standards and unix-like operating systems. NUUG announced today it
-will
-<a href="http://www.nuug.no/news/Pressemelding__NUUG_og_EFN_begj_rer_rettslig_pr_ving_for_DNS_domenebeslag_av_popcorn_time_no.shtml">try
-to bring the seizure of the DNS domain popcorn-time.no as
-unlawful</a>, to stand up for the principle that writing about a
-controversial topic is not infringing copyrights, and censuring web
-pages by hijacking DNS domain should be decided by the courts, not the
-police. The DNS domain was seized by the Norwegian National Authority
-for Investigation and Prosecution of Economic and Environmental Crime
-a month ago. I hope this bring more paying members to NUUG to give
-the association the financial muscle needed to bring this case as far
-as it must go to stop this kind of DNS hijacking.</p>
+ NRKs kildevern når NRK-epost deles med utenlands etterretning?
+ http://people.skolelinux.org/pere/blog/NRKs_kildevern_n_r_NRK_epost_deles_med_utenlands_etterretning_.html
+ http://people.skolelinux.org/pere/blog/NRKs_kildevern_n_r_NRK_epost_deles_med_utenlands_etterretning_.html
+ Sat, 8 Oct 2016 08:15:00 +0200
+ <p>NRK
+<a href="https://nrkbeta.no/2016/09/02/securing-whistleblowers/">lanserte
+for noen uker siden</a> en ny
+<a href="https://www.nrk.no/varsle/">varslerportal som bruker
+SecureDrop til å ta imot tips</a> der det er vesentlig at ingen
+utenforstående får vite at NRK er tipset. Det er et langt steg
+fremover for NRK, og når en leser bloggposten om hva de har tenkt på
+og hvordan løsningen er satt opp virker det som om de har gjort en
+grundig jobb der. Men det er ganske mye ekstra jobb å motta tips via
+SecureDrop, så varslersiden skriver "Nyhetstips som ikke krever denne
+typen ekstra vern vil vi gjerne ha på nrk.no/03030", og 03030-siden
+foreslår i tillegg til et webskjema å bruke epost, SMS, telefon,
+personlig oppmøte og brevpost. Denne artikkelen handler disse andre
+metodene.</p>
+
+<p>Når en sender epost til en @nrk.no-adresse så vil eposten sendes ut
+av landet til datamaskiner kontrollert av Microsoft. En kan sjekke
+dette selv ved å slå opp epostleveringsadresse (MX) i DNS. For NRK er
+dette i dag "nrk-no.mail.protection.outlook.com". NRK har som en ser
+valgt å sette bort epostmottaket sitt til de som står bak outlook.com,
+dvs. Microsoft. En kan sjekke hvor nettverkstrafikken tar veien
+gjennom Internett til epostmottaket vha. programmet
+<tt>traceroute</tt>, og finne ut hvem som eier en Internett-adresse
+vha. whois-systemet. Når en gjør dette for epost-trafikk til @nrk.no
+ser en at trafikken fra Norge mot nrk-no.mail.protection.outlook.com
+går via Sverige mot enten Irland eller Tyskland (det varierer fra gang
+til gang og kan endre seg over tid).</p>
+
+<p>Vi vet fra
+<a href="https://no.wikipedia.org/wiki/FRA-loven">introduksjonen av
+FRA-loven</a> at IP-trafikk som passerer grensen til Sverige avlyttes
+av Försvarets radioanstalt (FRA). Vi vet videre takket være
+Snowden-bekreftelsene at trafikk som passerer grensen til
+Storbritannia avlyttes av Government Communications Headquarters
+(GCHQ). I tillegg er er det nettopp lansert et forslag i Norge om at
+forsvarets E-tjeneste skal få avlytte trafikk som krysser grensen til
+Norge. Jeg er ikke kjent med dokumentasjon på at Irland og Tyskland
+gjør det samme. Poenget er uansett at utenlandsk etterretning har
+mulighet til å snappe opp trafikken når en sender epost til @nrk.no.
+I tillegg er det selvsagt tilgjengelig for Microsoft som er underlagt USAs
+jurisdiksjon og
+<a href="https://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data">samarbeider
+med USAs etterretning på flere områder</a>. De som tipser NRK om
+nyheter via epost kan dermed gå ut fra at det blir kjent for mange
+andre enn NRK at det er gjort.</p>
+
+<p>Bruk av SMS og telefon registreres av blant annet telefonselskapene
+og er tilgjengelig i følge lov og forskrift for blant annet Politi,
+NAV og Finanstilsynet, i tillegg til IT-folkene hos telefonselskapene
+og deres overordnede. Hvis innringer eller mottaker bruker
+smarttelefon vil slik kontakt også gjøres tilgjengelig for ulike
+app-leverandører og de som lytter på trafikken mellom telefon og
+app-leverandør, alt etter hva som er installert på telefonene som
+brukes.</p>
+
+<p>Brevpost kan virke trygt, og jeg vet ikke hvor mye som registreres
+og lagres av postens datastyrte postsorteringssentraler. Det vil ikke
+overraske meg om det lagres hvor i landet hver konvolutt kommer fra og
+hvor den er adressert, i hvert fall for en kortere periode. Jeg vet
+heller ikke hvem slik informasjon gjøres tilgjengelig for. Det kan
+være nok til å ringe inn potensielle kilder når det krysses med hvem
+som kjente til aktuell informasjon og hvor de befant seg (tilgjengelig
+f.eks. hvis de bærer mobiltelefon eller bor i nærheten).</p>
+
+<p>Personlig oppmøte hos en NRK-journalist er antagelig det tryggeste,
+men en bør passe seg for å bruke NRK-kantina. Der bryter de nemlig
+<a href="http://www.lovdata.no/all/hl-19850524-028.html#14">Sentralbanklovens
+paragraf 14</a> og nekter folk å betale med kontanter. I stedet
+krever de at en varsle sin bankkortutsteder om hvor en befinner seg
+ved å bruke bankkort. Banktransaksjoner er tilgjengelig for
+bankkortutsteder (det være seg VISA, Mastercard, Nets og/eller en
+bank) i tillegg til politiet og i hvert fall tidligere med Se & Hør
+(via utro tjenere, slik det ble avslørt etter utgivelsen av boken
+«Livet, det forbannede» av Ken B. Rasmussen). Men hvor mange kjenner
+en NRK-journalist personlig? Besøk på NRK på Marienlyst krever at en
+registrerer sin ankost elektronisk i besøkssystemet. Jeg vet ikke hva
+som skjer med det datasettet, men har grunn til å tro at det sendes ut
+SMS til den en skal besøke med navnet som er oppgitt. Kanskje greit å
+oppgi falskt navn.</p>
+
+<p>Når så tipset er kommet frem til NRK skal det behandles
+redaksjonelt i NRK. Der vet jeg via ulike kilder at de fleste
+journalistene bruker lokalt installert programvare, men noen bruker
+Google Docs og andre skytjenester i strid med interne retningslinjer
+når de skriver. Hvordan vet en hvem det gjelder? Ikke vet jeg, men
+det kan være greit å spørre for å sjekke at journalisten har tenkt på
+problemstillingen, før en gir et tips. Og hvis tipset omtales internt
+på epost, er det jo grunn til å tro at også intern eposten vil deles
+med Microsoft og utenlands etterretning, slik tidligere nevnt, men det
+kan hende at det holdes internt i NRKs interne MS Exchange-løsning.
+Men Microsoft ønsker å få alle Exchange-kunder over "i skyen" (eller
+andre folks datamaskiner, som det jo innebærer), så jeg vet ikke hvor
+lenge det i så fall vil vare.</p>
+
+<p>I tillegg vet en jo at
+<a href="https://www.nrk.no/ytring/elektronisk-kildevern-i-nrk-1.11941196">NRK
+har valgt å gi nasjonal sikkerhetsmyndighet (NSM) tilgang til å se på
+intern og ekstern Internett-trafikk</a> hos NRK ved oppsett av såkalte
+VDI-noder, på tross av
+<a href="https://www.nrk.no/ytring/bekymring-for-nrks-kildevern-1.11941584">protester
+fra NRKs journalistlag</a>. Jeg vet ikke om den vil kunne snappe opp
+dokumenter som lagres på interne filtjenere eller dokumenter som lages
+i de interne webbaserte publiseringssystemene, men vet at hva noden
+ser etter på nettet kontrolleres av NSM og oppdateres automatisk, slik
+at det ikke gir så mye mening å sjekke hva noden ser etter i dag når
+det kan endres automatisk i morgen.</p>
+
+<p>Personlig vet jeg ikke om jeg hadde turt tipse NRK hvis jeg satt på
+noe som kunne være en trussel mot den bestående makten i Norge eller
+verden. Til det virker det å være for mange åpninger for
+utenforstående med andre prioriteter enn NRKs journalistiske fokus.
+Og den største truslen for en varsler er jo om metainformasjon kommer
+på avveie, dvs. informasjon om at en har vært i kontakt med en
+journalist. Det kan være nok til at en kommer i myndighetenes
+søkelys, og de færreste har nok operasjonell sikkerhet til at vil tåle
+slik flombelysning på sitt privatliv.</p>
- Ny utgave (v2.2) av den frie norske stavekontrollen gitt ut
- http://people.skolelinux.org/pere/blog/Ny_utgave__v2_2__av_den_frie_norske_stavekontrollen_gitt_ut.html
- http://people.skolelinux.org/pere/blog/Ny_utgave__v2_2__av_den_frie_norske_stavekontrollen_gitt_ut.html
- Fri, 15 Apr 2016 21:20:00 +0200
- <p>I dag tok jeg mot til meg og pakket sammen en ny versjon av den
-frie norske stavekontrollen, ca. tre og et halvt år etter forrige
-gang. Resultatet kan lastes ned fra
-<a href="http://no.speling.org/">no.speling.org-prosjeksiden</a>, både
-som kildekodepakke og som "pack"-fil som kanskje fortsatt kan brukes
-av OpenOffice.org/LibreOffice. Byggesystemet trenger oppussing, men i
-denne omgang hadde jeg bare tid til å fikse byggefeil forårsaket av
-endringer i GNU grep. De øvrige endringene var gjort tidligere i
-påvente av en ny utgave.</p>
-
-<p><strong>Her er det som er nytt (fra NEWS-fila i
-kildekodepakken):</strong></p>
-
-<p>Release 2.2 (2016-04-15)</p>
-
-<ul>
-
- <li>Rewrite how scripts/speling2words handle tripple consonants, to
- avoid importing duplicate words from no.speling.org, and getting
- rid of the existing duplicates in norsk.words.</li>
- <li>Remove duplicate entries with tripple consonants from norsk.words.</li>
- <li>Update frequency for entries in norsk.words based on
- <URL:http://helmer.aksis.uib.no/nta/ordlistf.zip> (ran 'make
- freq-update').</li>
- <li>Correct nn ispell build, avoid crash in munchlist causing lots of
- words to fall out of the database.</li>
- <li>Use grep -a to convince grep it is working on text files, to work
- with newer grep versions.</li>
-
- <li>Remove some words disputed in the no.speling.org review process:
- <ul>
- <li>apparent (nb)</li>
- <li>likke (nb)</li>
- <li>ugjest, ugjesten, ugjestens (nb)</li>
- </ul></li>
-
-</ul>
+ Isenkram, Appstream and udev make life as a LEGO builder easier
+ http://people.skolelinux.org/pere/blog/Isenkram__Appstream_and_udev_make_life_as_a_LEGO_builder_easier.html
+ http://people.skolelinux.org/pere/blog/Isenkram__Appstream_and_udev_make_life_as_a_LEGO_builder_easier.html
+ Fri, 7 Oct 2016 09:50:00 +0200
+ <p><a href="http://packages.qa.debian.org/isenkram">The Isenkram
+system</a> provide a practical and easy way to figure out which
+packages support the hardware in a given machine. The command line
+tool <tt>isenkram-lookup</tt> and the tasksel options provide a
+convenient way to list and install packages relevant for the current
+hardware during system installation, both user space packages and
+firmware packages. The GUI background daemon on the other hand provide
+a pop-up proposing to install packages when a new dongle is inserted
+while using the computer. For example, if you plug in a smart card
+reader, the system will ask if you want to install <tt>pcscd</tt> if
+that package isn't already installed, and if you plug in a USB video
+camera the system will ask if you want to install <tt>cheese</tt> if
+cheese is currently missing. This already work just fine.</p>
+
+<p>But Isenkram depend on a database mapping from hardware IDs to
+package names. When I started no such database existed in Debian, so
+I made my own data set and included it with the isenkram package and
+made isenkram fetch the latest version of this database from git using
+http. This way the isenkram users would get updated package proposals
+as soon as I learned more about hardware related packages.</p>
+
+<p>The hardware is identified using modalias strings. The modalias
+design is from the Linux kernel where most hardware descriptors are
+made available as a strings that can be matched using filename style
+globbing. It handle USB, PCI, DMI and a lot of other hardware related
+identifiers.</p>
+
+<p>The downside to the Isenkram specific database is that there is no
+information about relevant distribution / Debian version, making
+isenkram propose obsolete packages too. But along came AppStream, a
+cross distribution mechanism to store and collect metadata about
+software packages. When I heard about the proposal, I contacted the
+people involved and suggested to add a hardware matching rule using
+modalias strings in the specification, to be able to use AppStream for
+mapping hardware to packages. This idea was accepted and AppStream is
+now a great way for a package to announce the hardware it support in a
+distribution neutral way. I wrote
+<a href="http://people.skolelinux.org/pere/blog/Using_appstream_with_isenkram_to_install_hardware_related_packages_in_Debian.html">a
+recipe on how to add such meta-information</a> in a blog post last
+December. If you have a hardware related package in Debian, please
+announce the relevant hardware IDs using AppStream.</p>
+
+<p>In Debian, almost all packages that can talk to a LEGO Mindestorms
+RCX or NXT unit, announce this support using AppStream. The effect is
+that when you insert such LEGO robot controller into your Debian
+machine, Isenkram will propose to install the packages needed to get
+it working. The intention is that this should allow the local user to
+start programming his robot controller right away without having to
+guess what packages to use or which permissions to fix.</p>
+
+<p>But when I sat down with my son the other day to program our NXT
+unit using his Debian Stretch computer, I discovered something
+annoying. The local console user (ie my son) did not get access to
+the USB device for programming the unit. This used to work, but no
+longer in Jessie and Stretch. After some investigation and asking
+around on #debian-devel, I discovered that this was because udev had
+changed the mechanism used to grant access to local devices. The
+ConsoleKit mechanism from <tt>/lib/udev/rules.d/70-udev-acl.rules</tt>
+no longer applied, because LDAP users no longer was added to the
+plugdev group during login. Michael Biebl told me that this method
+was obsolete and the new method used ACLs instead. This was good
+news, as the plugdev mechanism is a mess when using a remote user
+directory like LDAP. Using ACLs would make sure a user lost device
+access when she logged out, even if the user left behind a background
+process which would retain the plugdev membership with the ConsoleKit
+setup. Armed with this knowledge I moved on to fix the access problem
+for the LEGO Mindstorms related packages.</p>
+
+<p>The new system uses a udev tag, 'uaccess'. It can either be
+applied directly for a device, or is applied in
+/lib/udev/rules.d/70-uaccess.rules for classes of devices. As the
+LEGO Mindstorms udev rules did not have a class, I decided to add the
+tag directly in the udev rules files included in the packages. Here
+is one example. For the nqc C compiler for the RCX, the
+<tt>/lib/udev/rules.d/60-nqc.rules</tt> file now look like this:
+
+<p><pre>
+SUBSYSTEM=="usb", ACTION=="add", ATTR{idVendor}=="0694", ATTR{idProduct}=="0001", \
+ SYMLINK+="rcx-%k", TAG+="uaccess"
+</pre></p>
+
+<p>The key part is the 'TAG+="uaccess"' at the end. I suspect all
+packages using plugdev in their /lib/udev/rules.d/ files should be
+changed to use this tag (either directly or indirectly via
+<tt>70-uaccess.rules</tt>). Perhaps a lintian check should be created
+to detect this?</p>
+
+<p>I've been unable to find good documentation on the uaccess feature.
+It is unclear to me if the uaccess tag is an internal implementation
+detail like the udev-acl tag used by
+<tt>/lib/udev/rules.d/70-udev-acl.rules</tt>. If it is, I guess the
+indirect method is the preferred way. Michael
+<a href="https://github.com/systemd/systemd/issues/4288">asked for more
+documentation from the systemd project</a> and I hope it will make
+this clearer. For now I use the generic classes when they exist and
+is already handled by <tt>70-uaccess.rules</tt>, and add the tag
+directly if no such class exist.</p>
+
+<p>To learn more about the isenkram system, please check out
+<a href="http://people.skolelinux.org/pere/blog/tags/isenkram/">my
+blog posts tagged isenkram</a>.</p>
+
+<p>To help out making life for LEGO constructors in Debian easier,
+please join us on our IRC channel
+<a href="irc://irc.debian.org/%23debian-lego">#debian-lego</a> and join
+the <a href="https://alioth.debian.org/projects/debian-lego/">Debian
+LEGO team</a> in the Alioth project we created yesterday. A mailing
+list is not yet created, but we are working on it. :)</p>
+
+<p>As usual, if you use Bitcoin and want to show your support of my
+activities, please send Bitcoin donations to my address
+<b><a href="bitcoin:15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b&label=PetterReinholdtsenBlog">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b</a></b>.</p>
- I.F. Stone - an inspiration for us all
- http://people.skolelinux.org/pere/blog/I_F__Stone___an_inspiration_for_us_all.html
- http://people.skolelinux.org/pere/blog/I_F__Stone___an_inspiration_for_us_all.html
- Wed, 13 Apr 2016 21:20:00 +0200
- <p>I first got to know I.F. Stone when I came across an article by Jon
-Schwarz on The Intercept
-<a href="https://theintercept.com/2015/05/07/new-documentary-legacy-f-stone/">about
-his extraordinary contribution to investigative journalism in
-USA</a>. The article is about a new documentary in two parts
-(<a href="https://vimeo.com/123974841">part one is 12 minutes</a> and
-<a href="https://vimeo.com/123974842">part two is 30 minutes</a>), and
-I found both truly fascinating. It is amazing what he was able to
-find by digging up public sources and government papers. He
-documented lots of government abuse and cover ups, and I find
-<a href="http://www.ifstone.org/weekly.php">his weekly news letters</a>
-inspiring to read even today.</p>
-
-<p><blockquote>
-All governments are run by liars and nothing they say should be believed.
-<br>- I. F. Stone
-</blockquote></p>
-
-<p>His starting point was that reporters should not assume governments
-and corporations are telling the truth, but verify all their claims as
-much as possible. I wonder how many Norwegian reporters can be said
-to follow the principles of I. F. Stone. They are definitely in short
-supply. If you, like me half a year ago, have never heard of him,
-check him out.</p>
+ Aftenposten-redaktøren med lua i hånda
+ http://people.skolelinux.org/pere/blog/Aftenposten_redakt_ren_med_lua_i_h_nda.html
+ http://people.skolelinux.org/pere/blog/Aftenposten_redakt_ren_med_lua_i_h_nda.html
+ Fri, 9 Sep 2016 11:30:00 +0200
+ <p>En av dagens nyheter er at Aftenpostens redaktør Espen Egil Hansen
+bruker
+<a href="https://www.nrk.no/kultur/aftenposten-brukar-heile-forsida-pa-facebook-kritikk-1.13126918">forsiden
+av papiravisen på et åpent brev til Facebooks sjef Mark Zuckerberg om
+Facebooks fjerning av bilder, tekster og sider de ikke liker</a>. Det
+må være uvant for redaktøren i avisen Aftenposten å stå med lua i
+handa og håpe på å bli hørt. Spesielt siden Aftenposten har vært med
+på å gi Facebook makten de nå demonstrerer at de har. Ved å melde seg
+inn i Facebook-samfunnet har de sagt ja til bruksvilkårene og inngått
+en antagelig bindende avtale. Kanskje de skulle lest og vurdert
+vilkårene litt nærmere før de sa ja, i stedet for å klage over at
+reglende de har valgt å akseptere blir fulgt? Personlig synes jeg
+vilkårene er uakseptable og det ville ikke falle meg inn å gå inn på
+en avtale med slike vilkår. I tillegg til uakseptable vilkår er det
+mange andre grunner til å unngå Facebook. Du kan finne en solid
+gjennomgang av flere slike argumenter hos
+<a href="https://stallman.org/facebook.html">Richard Stallmans side om
+Facebook</a>.
+
+<p>Jeg håper flere norske redaktører på samme vis må stå med lua i
+hånden inntil de forstår at de selv er med på å føre samfunnet på
+ville veier ved å omfavne Facebook slik de gjør når de omtaler og
+løfter frem saker fra Facebook, og tar i bruk Facebook som
+distribusjonskanal for sine nyheter. De bidrar til
+overvåkningssamfunnet og raderer ut lesernes privatsfære når de lenker
+til Facebook på sine sider, og låser seg selv inne i en omgivelse der
+det er Facebook, og ikke redaktøren, som sitter med makta.</p>
+
+<p>Men det vil nok ta tid, i et Norge der de fleste nettredaktører
+<a href="http://people.skolelinux.org/pere/blog/Snurpenot_overv_kning_av_sensitiv_personinformasjon.html">deler
+sine leseres personopplysinger med utenlands etterretning</a>.</p>
+
+<p>For øvrig burde varsleren Edward Snowden få politisk asyl i
+Norge.</p>
- A French paperback edition of the book Free Culture by Lawrence Lessig is now available
- http://people.skolelinux.org/pere/blog/A_French_paperback_edition_of_the_book_Free_Culture_by_Lawrence_Lessig_is_now_available.html
- http://people.skolelinux.org/pere/blog/A_French_paperback_edition_of_the_book_Free_Culture_by_Lawrence_Lessig_is_now_available.html
- Tue, 12 Apr 2016 10:40:00 +0200
- <p>I'm happy to report that
-<a href="http://www.lulu.com/shop/lawrence-lessig/culture-libre/paperback/product-22645082.html">the
-French paperback edition</a> of
-<a href="https://github.com/petterreinholdtsen/free-culture-lessig">my
-project to translate</a> the <a href="http://free-culture.cc/">Free
-Culture</a> book by Lawrence Lessig is now available for sale on
-Lulu.com. Once I have formally verified my proof reading copy, which
-should be in the mail, the paperback edition should be available in
-book stores like Amazon and Barnes & Noble too.</p>
-
-<p>This French edition, Culture Libre, is the work of the
-<a href="http://dblatex.sourceforge.net/">dblatex</a> developer Benoît
-Guillon, who created the PO file from the initial translation
-available from
-<a href="http://www.wikilivres.ca/wiki/Culture_libre">the Wikilivres
-wiki pages</a> and completed and corrected the translation to match
-the original docbook edition my project is using, as well as
-coordinated the proof reading of the final result. I believe the end
-result look great, but I am biased and do not read French. In
-addition to the paperback edition, the book is available in PDF, EPUB
-and Mobi format from the github project page linked to above.</p>
-
-<p>When enabling book store distribution on Lulu.com, I had to nearly
-triple the price to allow the book stores some profit. I also had to
-accept that I will get some revenue when a book is sold via Lulu.com.
-But because of the non-commercial clause in the book license
-(CC-BY-NC), this might be a problem. To bypass the problem I
-discussed how to handle the revenue with the author, and we agreed
-that the revenue for these editions go to the
-<a href="https://creativecommons.org/">Creative Commons non-profit
-Corporation</a> who handle donations to the Creative Commons project.
-So far they have earned around USD 70 on sales of the
-<a href="http://www.lulu.com/shop/lawrence-lessig/free-culture/paperback/product-22440520.html">English</a>
-and
-<a href="http://www.lulu.com/shop/lawrence-lessig/fri-kultur/paperback/product-22441576.html">Norwegian
-Bokmål</a> editions, according to Lulu.com. They will get the revenue
-for the French edition too. Their revenue is higher if you buy the
-book directly from Lulu.com instead of via a book store, so I
-recommend you buy directly from Lulu.com.</p>
-
-<p>Perhaps you would like to get the book published in your language?
-The translation is done using a web based translator service, so the
-technical bar to enter is fairly low. Get in touch if you would like
-to make this happen.</p>
+ E-tjenesten ber om innsyn i eposten til partiene på Stortinget
+ http://people.skolelinux.org/pere/blog/E_tjenesten_ber_om_innsyn_i_eposten_til_partiene_p__Stortinget.html
+ http://people.skolelinux.org/pere/blog/E_tjenesten_ber_om_innsyn_i_eposten_til_partiene_p__Stortinget.html
+ Tue, 6 Sep 2016 23:00:00 +0200
+ <p>I helga kom det et hårreisende forslag fra Lysne II-utvalget satt
+ned av Forsvarsdepartementet. Lysne II-utvalget var bedt om å vurdere
+ønskelista til Forsvarets etterretningstjeneste (e-tjenesten), og har
+kommet med
+<a href="http://www.aftenposten.no/norge/Utvalg-sier-ja-til-at-E-tjenesten-far-overvake-innholdet-i-all-internett--og-telefontrafikk-som-krysser-riksgrensen-603232b.html">forslag
+om at e-tjenesten skal få lov til a avlytte all Internett-trafikk</a>
+som passerer Norges grenser. Få er klar over at dette innebærer at
+e-tjenesten får tilgang til epost sendt til de fleste politiske
+partiene på Stortinget. Regjeringspartiet Høyre (@hoyre.no),
+støttepartiene Venstre (@venstre.no) og Kristelig Folkeparti (@krf.no)
+samt Sosialistisk Ventreparti (@sv.no) og Miljøpartiet de grønne
+(@mdg.no) har nemlig alle valgt å ta imot eposten sin via utenlandske
+tjenester. Det betyr at hvis noen sender epost til noen med en slik
+adresse vil innholdet i eposten, om dette forslaget blir vedtatt, gjøres
+tilgjengelig for e-tjenesten. Venstre, Sosialistisk Ventreparti og
+Miljøpartiet De Grønne har valgt å motta sin epost hos Google,
+Kristelig Folkeparti har valgt å motta sin epost hos Microsoft, og
+Høyre har valgt å motta sin epost hos Comendo med mottak i Danmark og
+Irland. Kun Arbeiderpartiet og Fremskrittspartiet har valgt å motta
+eposten sin i Norge, hos henholdsvis Intility AS og Telecomputing
+AS.</p>
+
+<p>Konsekvensen er at epost inn og ut av de politiske organisasjonene,
+til og fra partimedlemmer og partiets tillitsvalgte vil gjøres
+tilgjengelig for e-tjenesten for analyse og sortering. Jeg mistenker
+at kunnskapen som slik blir tilgjengelig vil være nyttig hvis en
+ønsker å vite hvilke argumenter som treffer publikum når en ønsker å
+påvirke Stortingets representanter.</p
+
+<p>Ved hjelp av MX-oppslag i DNS for epost-domene, tilhørende
+whois-oppslag av IP-adressene og traceroute for å se hvorvidt
+trafikken går via utlandet kan enhver få bekreftet at epost sendt til
+de omtalte partiene vil gjøres tilgjengelig for forsvarets
+etterretningstjeneste hvis forslaget blir vedtatt. En kan også bruke
+den kjekke nett-tjenesten <a href="http://ipinfo.io/">ipinfo.io</a>
+for å få en ide om hvor i verden en IP-adresse hører til.</p>
+
+<p>På den positive siden vil forslaget gjøre at enda flere blir
+motivert til å ta grep for å bruke
+<a href="https://www.torproject.org/">Tor</a> og krypterte
+kommunikasjonsløsninger for å kommunisere med sine kjære, for å sikre
+at privatsfæren vernes. Selv bruker jeg blant annet
+<a href="https://www.freedomboxfoundation.org/">FreedomBox</a> og
+<a href="https://whispersystems.org/">Signal</a> til slikt. Ingen av
+dem er optimale, men de fungerer ganske bra allerede og øker kostnaden
+for dem som ønsker å invadere mitt privatliv.</p>
+
+<p>For øvrig burde varsleren Edward Snowden få politisk asyl i
+Norge.</p>
+
+<!--
+
+venstre.no
+ venstre.no mail is handled by 10 aspmx.l.google.com.
+ venstre.no mail is handled by 20 alt1.aspmx.l.google.com.
+ venstre.no mail is handled by 20 alt2.aspmx.l.google.com.
+ venstre.no mail is handled by 30 aspmx2.googlemail.com.
+ venstre.no mail is handled by 30 aspmx3.googlemail.com.
+
+traceroute to aspmx.l.google.com (173.194.222.27), 30 hops max, 60 byte packets
+ 1 uio-gw10.uio.no (129.240.6.1) 0.411 ms 0.438 ms 0.536 ms
+ 2 uio-gw8.uio.no (129.240.24.229) 0.375 ms 0.452 ms 0.548 ms
+ 3 oslo-gw1.uninett.no (128.39.65.17) 1.940 ms 1.950 ms 1.942 ms
+ 4 se-tug.nordu.net (109.105.102.108) 6.910 ms 6.949 ms 7.283 ms
+ 5 google-gw.nordu.net (109.105.98.6) 6.975 ms 6.967 ms 6.958 ms
+ 6 209.85.250.192 (209.85.250.192) 7.337 ms 7.286 ms 10.890 ms
+ 7 209.85.254.13 (209.85.254.13) 7.394 ms 209.85.254.31 (209.85.254.31) 7.586 ms 209.85.254.33 (209.85.254.33) 7.570 ms
+ 8 209.85.251.255 (209.85.251.255) 15.686 ms 209.85.249.229 (209.85.249.229) 16.118 ms 209.85.251.255 (209.85.251.255) 16.073 ms
+ 9 74.125.37.255 (74.125.37.255) 16.794 ms 216.239.40.248 (216.239.40.248) 16.113 ms 74.125.37.44 (74.125.37.44) 16.764 ms
+10 * * *
+
+mdg.no
+ mdg.no mail is handled by 1 aspmx.l.google.com.
+ mdg.no mail is handled by 5 alt2.aspmx.l.google.com.
+ mdg.no mail is handled by 5 alt1.aspmx.l.google.com.
+ mdg.no mail is handled by 10 aspmx2.googlemail.com.
+ mdg.no mail is handled by 10 aspmx3.googlemail.com.
+sv.no
+ sv.no mail is handled by 1 aspmx.l.google.com.
+ sv.no mail is handled by 5 alt1.aspmx.l.google.com.
+ sv.no mail is handled by 5 alt2.aspmx.l.google.com.
+ sv.no mail is handled by 10 aspmx3.googlemail.com.
+ sv.no mail is handled by 10 aspmx2.googlemail.com.
+hoyre.no
+ hoyre.no mail is handled by 10 hoyre-no.mx1.comendosystems.com.
+ hoyre.no mail is handled by 20 hoyre-no.mx2.comendosystems.net.
+
+traceroute to hoyre-no.mx1.comendosystems.com (89.104.206.4), 30 hops max, 60 byte packets
+ 1 uio-gw10.uio.no (129.240.6.1) 0.450 ms 0.510 ms 0.591 ms
+ 2 uio-gw8.uio.no (129.240.24.229) 0.383 ms 0.508 ms 0.596 ms
+ 3 oslo-gw1.uninett.no (128.39.65.17) 0.311 ms 0.315 ms 0.300 ms
+ 4 se-tug.nordu.net (109.105.102.108) 6.837 ms 6.842 ms 6.834 ms
+ 5 dk-uni.nordu.net (109.105.97.10) 26.073 ms 26.085 ms 26.076 ms
+ 6 dix.1000m.soeborg.ip.comendo.dk (192.38.7.22) 15.372 ms 15.046 ms 15.123 ms
+ 7 89.104.192.65 (89.104.192.65) 15.875 ms 15.990 ms 16.239 ms
+ 8 89.104.192.179 (89.104.192.179) 15.676 ms 15.674 ms 15.664 ms
+ 9 03dm-com.mx1.staysecuregroup.com (89.104.206.4) 15.637 ms * *
+
+krf.no
+ krf.no mail is handled by 10 krf-no.mail.protection.outlook.com.
+
+traceroute to krf-no.mail.protection.outlook.com (213.199.154.42), 30 hops max, 60 byte packets
+ 1 uio-gw10.uio.no (129.240.6.1) 0.401 ms 0.438 ms 0.536 ms
+ 2 uio-gw8.uio.no (129.240.24.229) 11.076 ms 11.120 ms 11.204 ms
+ 3 oslo-gw1.uninett.no (128.39.65.17) 0.232 ms 0.234 ms 0.271 ms
+ 4 se-tug.nordu.net (109.105.102.108) 6.811 ms 6.820 ms 6.815 ms
+ 5 netnod-ix-ge-a-sth-4470.microsoft.com (195.245.240.181) 7.074 ms 7.013 ms 7.061 ms
+ 6 ae1-0.sto-96cbe-1b.ntwk.msn.net (104.44.225.161) 7.227 ms 7.362 ms 7.293 ms
+ 7 be-8-0.ibr01.ams.ntwk.msn.net (104.44.5.7) 41.993 ms 43.334 ms 41.939 ms
+ 8 be-1-0.ibr02.ams.ntwk.msn.net (104.44.4.214) 43.153 ms 43.507 ms 43.404 ms
+ 9 ae3-0.fra-96cbe-1b.ntwk.msn.net (104.44.5.17) 29.897 ms 29.831 ms 29.794 ms
+10 ae10-0.vie-96cbe-1a.ntwk.msn.net (198.206.164.1) 42.309 ms 42.130 ms 41.808 ms
+11 * ae8-0.vie-96cbe-1b.ntwk.msn.net (104.44.227.29) 41.425 ms *
+12 * * *
+
+arbeiderpartiet.no
+ arbeiderpartiet.no mail is handled by 10 mail.intility.com.
+ arbeiderpartiet.no mail is handled by 20 mail2.intility.com.
+
+traceroute to mail.intility.com (188.95.245.87), 30 hops max, 60 byte packets
+ 1 uio-gw10.uio.no (129.240.6.1) 0.486 ms 0.508 ms 0.649 ms
+ 2 uio-gw8.uio.no (129.240.24.229) 0.416 ms 0.508 ms 0.620 ms
+ 3 oslo-gw1.uninett.no (128.39.65.17) 0.276 ms 0.278 ms 0.275 ms
+ 4 te3-1-2.br1.fn3.as2116.net (193.156.90.3) 0.374 ms 0.371 ms 0.416 ms
+ 5 he16-1-1.cr1.san110.as2116.net (195.0.244.234) 3.132 ms he16-1-1.cr2.oslosda310.as2116.net (195.0.244.48) 10.079 ms he16-1-1.cr1.san110.as2116.net (195.0.244.234) 3.353 ms
+ 6 te1-2-0.ar2.ulv89.as2116.net (195.0.243.194) 0.569 ms te5-0-0.ar2.ulv89.as2116.net (195.0.243.192) 0.661 ms 0.653 ms
+ 7 cD2EC45C1.static.as2116.net (193.69.236.210) 0.654 ms 0.615 ms 0.590 ms
+ 8 185.7.132.38 (185.7.132.38) 1.661 ms 1.808 ms 1.695 ms
+ 9 185.7.132.100 (185.7.132.100) 1.793 ms 1.943 ms 1.546 ms
+10 * * *
+
+frp.no
+ frp.no mail is handled by 10 mx03.telecomputing.no.
+ frp.no mail is handled by 20 mx01.telecomputing.no.
+
+traceroute to mx03.telecomputing.no (95.128.105.102), 30 hops max, 60 byte packets
+ 1 uio-gw10.uio.no (129.240.6.1) 0.378 ms 0.402 ms 0.479 ms
+ 2 uio-gw8.uio.no (129.240.24.229) 0.361 ms 0.458 ms 0.548 ms
+ 3 oslo-gw1.uninett.no (128.39.65.17) 0.361 ms 0.352 ms 0.336 ms
+ 4 xe-2-2-0-0.san-peer2.osl.no.ip.tdc.net (193.156.90.16) 0.375 ms 0.366 ms 0.346 ms
+ 5 xe-2-0-2-0.ost-pe1.osl.no.ip.tdc.net (85.19.121.97) 0.780 ms xe-2-0-0-0.ost-pe1.osl.no.ip.tdc.net (85.19.121.101) 0.713 ms xe-2-0-2-0.ost-pe1.osl.no.ip.tdc.net (85.19.121.97) 0.759 ms
+ 6 cpe.xe-0-2-0-100.ost-pe1.osl.no.customer.tdc.net (85.19.26.46) 0.837 ms 0.755 ms 0.759 ms
+ 7 95.128.105.3 (95.128.105.3) 1.050 ms 1.288 ms 1.182 ms
+ 8 mx03.telecomputing.no (95.128.105.102) 0.717 ms 0.703 ms 0.692 ms
+
+-->
- Lets make a Norwegian Bokmål edition of The Debian Administrator's Handbook
- http://people.skolelinux.org/pere/blog/Lets_make_a_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook.html
- http://people.skolelinux.org/pere/blog/Lets_make_a_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook.html
- Sun, 10 Apr 2016 23:20:00 +0200
- <p>During this weekends
-<a href="http://www.nuug.no/news/Oslo__Takk_for_feilfiksingsfesten.shtml">bug
-squashing party and developer gathering</a>, we decided to do our part
-to make sure there are good books about Debian available in Norwegian
-Bokmål, and got in touch with the people behind the
-<a href="http://debian-handbook.info/">Debian Administrator's Handbook
-project</a> to get started. If you want to help out, please start
+ First draft Norwegian Bokmål edition of The Debian Administrator's Handbook now public
+ http://people.skolelinux.org/pere/blog/First_draft_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook_now_public.html
+ http://people.skolelinux.org/pere/blog/First_draft_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook_now_public.html
+ Tue, 30 Aug 2016 10:10:00 +0200
+ <p>In April we
+<a href="http://people.skolelinux.org/pere/blog/Lets_make_a_Norwegian_Bokm_l_edition_of_The_Debian_Administrator_s_Handbook.html">started
+to work</a> on a Norwegian Bokmål edition of the "open access" book on
+how to set up and administrate a Debian system. Today I am happy to
+report that the first draft is now publicly available. You can find
+it on <a href="https://debian-handbook.info/get/">get the Debian
+Administrator's Handbook page</a> (under Other languages). The first
+eight chapters have a first draft translation, and we are working on
+proofreading the content. If you want to help out, please start
contributing using
<a href="https://hosted.weblate.org/projects/debian-handbook/">the
hosted weblate project page</a>, and get in touch using
<a href="http://lists.alioth.debian.org/mailman/listinfo/debian-handbook-translators">the
translators mailing list</a>. Please also check out
<a href="https://debian-handbook.info/contribute/">the instructions for
-contributors</a>.</p>
+contributors</a>. A good way to contribute is to proofread the text
+and update weblate if you find errors.</p>
-<p>The book is already available on paper in English, French and
-Japanese, and our goal is to get it available on paper in Norwegian
-Bokmål too. In addition to the paper edition, there are also EPUB and
-Mobi versions available. And there are incomplete translations
-available for many more languages.</p>
+<p>Our goal is still to make the Norwegian book available on paper as well as
+electronic form.</p>
- One in two hundred Debian users using ZFS on Linux?
- http://people.skolelinux.org/pere/blog/One_in_two_hundred_Debian_users_using_ZFS_on_Linux_.html
- http://people.skolelinux.org/pere/blog/One_in_two_hundred_Debian_users_using_ZFS_on_Linux_.html
- Thu, 7 Apr 2016 22:30:00 +0200
- <p>Just for fun I had a look at the popcon number of ZFS related
-packages in Debian, and was quite surprised with what I found. I use
-ZFS myself at home, but did not really expect many others to do so.
-But I might be wrong.</p>
-
-<p>According to
-<a href="https://qa.debian.org/popcon.php?package=spl-linux">the popcon
-results for spl-linux</a>, there are 1019 Debian installations, or
-0.53% of the population, with the package installed. As far as I know
-the only use of the spl-linux package is as a support library for ZFS
-on Linux, so I use it here as proxy for measuring the number of ZFS
-installation on Linux in Debian. In the kFreeBSD variant of Debian
-the ZFS feature is already available, and there
-<a href="https://qa.debian.org/popcon.php?package=zfsutils">the popcon
-results for zfsutils</a> show 1625 Debian installations or 0.84% of
-the population. So I guess I am not alone in using ZFS on Debian.</p>
-
-<p>But even though the Debian project leader Lucas Nussbaum
-<a href="https://lists.debian.org/debian-devel-announce/2015/04/msg00006.html">announced
-in April 2015</a> that the legal obstacles blocking ZFS on Debian were
-cleared, the package is still not in Debian. The package is again in
-the NEW queue. Several uploads have been rejected so far because the
-debian/copyright file was incomplete or wrong, but there is no reason
-to give up. The current status can be seen on
-<a href="https://qa.debian.org/developer.php?login=pkg-zfsonlinux-devel@lists.alioth.debian.org">the
-team status page</a>, and
-<a href="http://anonscm.debian.org/gitweb/?p=pkg-zfsonlinux/zfs.git">the
-source code</a> is available on Alioth.</p>
-
-<p>As I want ZFS to be included in next version of Debian to make sure
-my home server can function in the future using only official Debian
-packages, and the current blocker is to get the debian/copyright file
-accepted by the FTP masters in Debian, I decided a while back to try
-to help out the team. This was the background for my blog post about
-<a href="http://people.skolelinux.org/pere/blog/Creating__updating_and_checking_debian_copyright_semi_automatically.html">creating,
-updating and checking debian/copyright semi-automatically</a>, and I
-used the techniques I explored there to try to find any errors in the
-copyright file. It is not very easy to check every one of the around
-2000 files in the source package, but I hope we this time got it
-right. If you want to help out, check out the git source and try to
-find missing entries in the debian/copyright file.</p>
+ Coz can help you find bottlenecks in multi-threaded software - nice free software
+ http://people.skolelinux.org/pere/blog/Coz_can_help_you_find_bottlenecks_in_multi_threaded_software___nice_free_software.html
+ http://people.skolelinux.org/pere/blog/Coz_can_help_you_find_bottlenecks_in_multi_threaded_software___nice_free_software.html
+ Thu, 11 Aug 2016 12:00:00 +0200
+ <p>This summer, I read a great article
+"<a href="https://www.usenix.org/publications/login/summer2016/curtsinger">coz:
+This Is the Profiler You're Looking For</a>" in USENIX ;login: about
+how to profile multi-threaded programs. It presented a system for
+profiling software by running experiences in the running program,
+testing how run time performance is affected by "speeding up" parts of
+the code to various degrees compared to a normal run. It does this by
+slowing down parallel threads while the "faster up" code is running
+and measure how this affect processing time. The processing time is
+measured using probes inserted into the code, either using progress
+counters (COZ_PROGRESS) or as latency meters (COZ_BEGIN/COZ_END). It
+can also measure unmodified code by measuring complete the program
+runtime and running the program several times instead.</p>
+
+<p>The project and presentation was so inspiring that I would like to
+get the system into Debian. I
+<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830708">created
+a WNPP request for it</a> and contacted upstream to try to make the
+system ready for Debian by sending patches. The build process need to
+be changed a bit to avoid running 'git clone' to get dependencies, and
+to include the JavaScript web page used to visualize the collected
+profiling information included in the source package.
+But I expect that should work out fairly soon.</p>
+
+<p>The way the system work is fairly simple. To run an coz experiment
+on a binary with debug symbols available, start the program like this:
+
+<p><blockquote><pre>
+coz run --- program-to-run
+</pre></blockquote></p>
+
+<p>This will create a text file profile.coz with the instrumentation
+information. To show what part of the code affect the performance
+most, use a web browser and either point it to
+<a href="http://plasma-umass.github.io/coz/">http://plasma-umass.github.io/coz/</a>
+or use the copy from git (in the gh-pages branch). Check out this web
+site to have a look at several example profiling runs and get an idea what the end result from the profile runs look like. To make the
+profiling more useful you include <coz.h> and insert the
+COZ_PROGRESS or COZ_BEGIN and COZ_END at appropriate places in the
+code, rebuild and run the profiler. This allow coz to do more
+targeted experiments.</p>
+
+<p>A video published by ACM
+<a href="https://www.youtube.com/watch?v=jE0V-p1odPg">presenting the
+Coz profiler</a> is available from Youtube. There is also a paper
+from the 25th Symposium on Operating Systems Principles available
+titled
+<a href="https://www.usenix.org/conference/atc16/technical-sessions/presentation/curtsinger">Coz:
+finding code that counts with causal profiling</a>.</p>
+
+<p><a href="https://github.com/plasma-umass/coz">The source code</a>
+for Coz is available from github. It will only build with clang
+because it uses a
+<a href="https://gcc.gnu.org/bugzilla/show_bug.cgi?id=55606">C++
+feature missing in GCC</a>, but I've submitted
+<a href="https://github.com/plasma-umass/coz/pull/67">a patch to solve
+it</a> and hope it will be included in the upstream source soon.</p>
+
+<p>Please get in touch if you, like me, would like to see this piece
+of software in Debian. I would very much like some help with the
+packaging effort, as I lack the in depth knowledge on how to package
+C++ libraries.</p>
+
+
+
+
+ Sales number for the Free Culture translation, first half of 2016
+ http://people.skolelinux.org/pere/blog/Sales_number_for_the_Free_Culture_translation__first_half_of_2016.html
+ http://people.skolelinux.org/pere/blog/Sales_number_for_the_Free_Culture_translation__first_half_of_2016.html
+ Fri, 5 Aug 2016 22:45:00 +0200
+ <p>As my regular readers probably remember, the last year I published
+a French and Norwegian translation of the classic
+<a href="http://www.free-culture.cc/">Free Culture book</a> by the
+founder of the Creative Commons movement, Lawrence Lessig. A bit less
+known is the fact that due to the way I created the translations,
+using docbook and po4a, I also recreated the English original. And
+because I already had created a new the PDF edition, I published it
+too. The revenue from the books are sent to the Creative Commons
+Corporation. In other words, I do not earn any money from this
+project, I just earn the warm fuzzy feeling that the text is available
+for a wider audience and more people can learn why the Creative
+Commons is needed.</p>
+
+<p>Today, just for fun, I had a look at the sales number over at
+Lulu.com, which take care of payment, printing and shipping. Much to
+my surprise, the English edition is selling better than both the
+French and Norwegian edition, despite the fact that it has been
+available in English since it was first published. In total, 24 paper
+books was sold for USD $19.99 between 2016-01-01 and 2016-07-31:</p>
+
+<table border="0">
+<tr><th>Title / language</th><th>Quantity</th></tr>
+<tr><td><a href="http://www.lulu.com/shop/lawrence-lessig/culture-libre/paperback/product-22645082.html">Culture Libre / French</a></td><td align="right">3</td></tr>
+<tr><td><a href="http://www.lulu.com/shop/lawrence-lessig/fri-kultur/paperback/product-22441576.html">Fri kultur / Norwegian</a></td><td align="right">7</td></tr>
+<tr><td><a href="http://www.lulu.com/shop/lawrence-lessig/free-culture/paperback/product-22440520.html">Free Culture / English</a></td><td align="right">14</td></tr>
+</table>
+
+<p>The books are available both from Lulu.com and from large book
+stores like Amazon and Barnes&Noble. Most revenue, around $10 per
+book, is sent to the Creative Commons project when the book is sold
+directly by Lulu.com. The other channels give less revenue. The
+summary from Lulu tell me 10 books was sold via the Amazon channel, 10
+via Ingram (what is this?) and 4 directly by Lulu. And Lulu.com tells
+me that the revenue sent so far this year is USD $101.42. No idea
+what kind of sales numbers to expect, so I do not know if that is a
+good amount of sales for a 10 year old book or not. But it make me
+happy that the buyers find the book, and I hope they enjoy reading it
+as much as I did.</p>
+
+<p>The ebook edition is available for free from
+<a href="https://github.com/petterreinholdtsen/free-culture-lessig">Github</a>.</p>
+
+<p>If you would like to translate and publish the book in your native
+language, I would be happy to help make it happen. Please get in
+touch.</p>