1 <?xml version=
"1.0" encoding=
"ISO-8859-1"?>
2 <rss version='
2.0' xmlns:lj='http://www.livejournal.org/rss/lj/
1.0/'
>
4 <title>Petter Reinholdtsen - Entries from November
2016</title>
5 <description>Entries from November
2016</description>
6 <link>http://people.skolelinux.org/pere/blog/
</link>
10 <title>Coz profiler for multi-threaded software is now in Debian
</title>
11 <link>http://people.skolelinux.org/pere/blog/Coz_profiler_for_multi_threaded_software_is_now_in_Debian.html
</link>
12 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Coz_profiler_for_multi_threaded_software_is_now_in_Debian.html
</guid>
13 <pubDate>Sun,
13 Nov
2016 12:
30:
00 +
0100</pubDate>
14 <description><p
><a href=
"http://coz-profiler.org/
">The Coz profiler
</a
>, a nice
15 profiler able to run benchmarking experiments on the instrumented
16 multi-threaded program, finally
17 <a href=
"https://tracker.debian.org/pkg/coz-profiler
">made it into
18 Debian unstable yesterday
</A
>. Lluís Vilanova and I have spent many
20 <a href=
"http://people.skolelinux.org/pere/blog/Coz_can_help_you_find_bottlenecks_in_multi_threaded_software___nice_free_software.html
">I
21 blogged about the coz tool
</a
> in August working with upstream to make
22 it suitable for Debian. There are still issues with clang
23 compatibility, inline assembly only working x86 and minimized
24 JavaScript libraries.
</p
>
26 <p
>To test it, install
'coz-profiler
' using apt and run it like this:
</p
>
28 <p
><blockquote
>
29 <tt
>coz run --- /path/to/binary-with-debug-info
</tt
>
30 </blockquote
></p
>
32 <p
>This will produce a profile.coz file in the current working
33 directory with the profiling information. This is then given to a
34 JavaScript application provided in the package and available from
35 <a href=
"http://plasma-umass.github.io/coz/
">a project web page
</a
>.
36 To start the local copy, invoke it in a browser like this:
</p
>
38 <p
><blockquote
>
39 <tt
>sensible-browser /usr/share/coz-profiler/viewer/index.htm
</tt
>
40 </blockquote
></p
>
42 <p
>See the project home page and the
43 <a href=
"https://www.usenix.org/publications/login/summer2016/curtsinger
">USENIX
44 ;login: article on Coz
</a
> for more information on how it is
50 <title>How to talk with your loved ones in private
</title>
51 <link>http://people.skolelinux.org/pere/blog/How_to_talk_with_your_loved_ones_in_private.html
</link>
52 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_talk_with_your_loved_ones_in_private.html
</guid>
53 <pubDate>Mon,
7 Nov
2016 10:
25:
00 +
0100</pubDate>
54 <description><p
>A few days ago I ran a very biased and informal survey to get an
55 idea about what options are being used to communicate with end to end
56 encryption with friends and family. I explicitly asked people not to
57 list options only used in a work setting. The background is the
58 uneasy feeling I get when using Signal, a feeling shared by others as
59 a blog post from Sander Venima about
60 <a href=
"https://sandervenema.ch/
2016/
11/why-i-wont-recommend-signal-anymore/
">why
61 he do not recommend Signal anymore
</a
> (with
62 <a href=
"https://news.ycombinator.com/item?id=
12883410">feedback from
63 the Signal author available from ycombinator
</a
>). I wanted an
64 overview of the options being used, and hope to include those options
65 in a less biased survey later on. So far I have not taken the time to
66 look into the individual proposed systems. They range from text
67 sharing web pages, via file sharing and email to instant messaging,
68 VOIP and video conferencing. For those considering which system to
69 use, it is also useful to have a look at
70 <a href=
"https://www.eff.org/secure-messaging-scorecard
">the EFF Secure
71 messaging scorecard
</a
> which is slightly out of date but still
72 provide valuable information.
</p
>
74 <p
>So, on to the list. There were some used by many, some used by a
75 few, some rarely used ones and a few mentioned but without anyone
76 claiming to use them. Notice the grouping is in reality quite random
77 given the biased self selected set of participants. First the ones
78 used by many:
</p
>
82 <li
><a href=
"https://whispersystems.org/
">Signal
</a
></li
>
83 <li
>Email w/
<a href=
"http://openpgp.org/
">OpenPGP
</a
> (Enigmail, GPGSuite,etc)
</li
>
84 <li
><a href=
"https://www.whatsapp.com/
">Whatsapp
</a
></li
>
85 <li
>IRC w/
<a href=
"https://otr.cypherpunks.ca/
">OTR
</a
></li
>
86 <li
>XMPP w/
<a href=
"https://otr.cypherpunks.ca/
">OTR
</a
></li
>
90 <p
>Then the ones used by a few.
</p
>
94 <li
><a href=
"https://wiki.mumble.info/wiki/Main_Page
">Mumble
</a
></li
>
95 <li
>iMessage (included in iOS from Apple)
</li
>
96 <li
><a href=
"https://telegram.org/
">Telegram
</a
></li
>
97 <li
><a href=
"https://jitsi.org/
">Jitsi
</a
></li
>
98 <li
><a href=
"https://keybase.io/download
">Keybase file
</a
></li
>
102 <p
>Then the ones used by even fewer people
</p
>
106 <li
><a href=
"https://ring.cx/
">Ring
</a
></li
>
107 <li
><a href=
"https://bitmessage.org/
">Bitmessage
</a
></li
>
108 <li
><a href=
"https://wire.com/
">Wire
</a
></li
>
109 <li
>VoIP w/
<a href=
"https://en.wikipedia.org/wiki/ZRTP
">ZRTP
</a
> or controlled
<a href=
"https://en.wikipedia.org/wiki/Secure_Real-time_Transport_Protocol
">SRTP
</a
> (e.g using
<a href=
"https://en.wikipedia.org/wiki/CSipSimple
">CSipSimple
</a
>,
<a href=
"https://en.wikipedia.org/wiki/Linphone
">Linphone
</a
>)
</li
>
110 <li
><a href=
"https://matrix.org/
">Matrix
</a
></li
>
111 <li
><a href=
"https://kontalk.org/
">Kontalk
</a
></li
>
112 <li
><a href=
"https://
0bin.net/
">0bin
</a
> (encrypted pastebin)
</li
>
113 <li
><a href=
"https://appear.in
">Appear.in
</a
></li
>
114 <li
><a href=
"https://riot.im/
">riot
</a
></li
>
115 <li
><a href=
"https://www.wickr.com/
">Wickr Me
</a
></li
>
119 <p
>And finally the ones mentioned by not marked as used by
120 anyone. This might be a mistake, perhaps the person adding the entry
121 forgot to flag it as used?
</p
>
125 <li
>Email w/Certificates
<a href=
"https://en.wikipedia.org/wiki/S/MIME
">S/MIME
</a
></li
>
126 <li
><a href=
"https://www.crypho.com/
">Crypho
</a
></li
>
127 <li
><a href=
"https://cryptpad.fr/
">CryptPad
</a
></li
>
128 <li
><a href=
"https://github.com/ricochet-im/ricochet
">ricochet
</a
></li
>
132 <p
>Given the network effect it seem obvious to me that we as a society
133 have been divided and conquered by those interested in keeping
134 encrypted and secure communication away from the masses. The
135 finishing remarks
<a href=
"https://vimeo.com/
97505679">from Aral Balkan
136 in his talk
"Free is a lie
"</a
> about the usability of free software
137 really come into effect when you want to communicate in private with
138 your friends and family. We can not expect them to allow the
139 usability of communication tool to block their ability to talk to
140 their loved ones.
</p
>
142 <p
>Note for example the option IRC w/OTR. Most IRC clients do not
143 have OTR support, so in most cases OTR would not be an option, even if
144 you wanted to. In my personal experience, about
1 in
20 I talk to
145 have a IRC client with OTR. For private communication to really be
146 available, most people to talk to must have the option in their
147 currently used client. I can not simply ask my family to install an
148 IRC client. I need to guide them through a technical multi-step
149 process of adding extensions to the client to get them going. This is
150 a non-starter for most.
</p
>
152 <p
>I would like to be able to do video phone calls, audio phone calls,
153 exchange instant messages and share files with my loved ones, without
154 being forced to share with people I do not know. I do not want to
155 share the content of the conversations, and I do not want to share who
156 I communicate with or the fact that I communicate with someone.
157 Without all these factors in place, my private life is being more or
158 less invaded.
</p
>
163 <title>My own self balancing Lego Segway
</title>
164 <link>http://people.skolelinux.org/pere/blog/My_own_self_balancing_Lego_Segway.html
</link>
165 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/My_own_self_balancing_Lego_Segway.html
</guid>
166 <pubDate>Fri,
4 Nov
2016 10:
15:
00 +
0100</pubDate>
167 <description><p
>A while back I received a Gyro sensor for the NXT
168 <a href=
"mindstorms.lego.com
">Mindstorms
</a
> controller as a birthday
169 present. It had been on my wishlist for a while, because I wanted to
170 build a Segway like balancing lego robot. I had already built
171 <a href=
"http://www.nxtprograms.com/NXT2/segway/
">a simple balancing
172 robot
</a
> with the kids, using the light/color sensor included in the
173 NXT kit as the balance sensor, but it was not working very well. It
174 could balance for a while, but was very sensitive to the light
175 condition in the room and the reflective properties of the surface and
176 would fall over after a short while. I wanted something more robust,
178 <a href=
"https://www.hitechnic.com/cgi-bin/commerce.cgi?preadd=action
&key=NGY1044
">the
179 gyro sensor from HiTechnic
</a
> I believed would solve it on my
180 wishlist for some years before it suddenly showed up as a gift from my
181 loved ones. :)
</p
>
183 <p
>Unfortunately I have not had time to sit down and play with it
184 since then. But that changed some days ago, when I was searching for
185 lego segway information and came across a recipe from HiTechnic for
187 <a href=
"http://www.hitechnic.com/blog/gyro-sensor/htway/
">the
188 HTWay
</a
>, a segway like balancing robot. Build instructions and
189 <a href=
"https://www.hitechnic.com/upload/
786-HTWayC.nxc
">source
190 code
</a
> was included, so it was just a question of putting it all
191 together. And thanks to the great work of many Debian developers, the
192 compiler needed to build the source for the NXT is already included in
193 Debian, so I was read to go in less than an hour. The resulting robot
194 do not look very impressive in its simplicity:
</p
>
196 <p align=
"center
"><img width=
"70%
" src=
"http://people.skolelinux.org/pere/blog/images/
2016-
11-
04-lego-htway-robot.jpeg
"></p
>
198 <p
>Because I lack the infrared sensor used to control the robot in the
199 design from HiTechnic, I had to comment out the last task
200 (taskControl). I simply placed /* and */ around it get the program
201 working without that sensor present. Now it balances just fine until
202 the battery status run low:
</p
>
204 <p align=
"center
"><video width=
"70%
" controls=
"true
">
205 <source src=
"http://people.skolelinux.org/pere/blog/images/
2016-
11-
04-lego-htway-balancing.ogv
" type=
"video/ogg
">
206 </video
></p
>
208 <p
>Now we would like to teach it how to follow a line and take remote
209 control instructions using the included Bluetooth receiver in the NXT.
</p
>
211 <p
>If you, like me, love LEGO and want to make sure we find the tools
212 they need to work with LEGO in Debian and all our derivative
213 distributions like Ubuntu, check out
214 <a href=
"http://wiki.debian.org/LegoDesigners
">the LEGO designers
215 project page
</a
> and join the Debian LEGO team. Personally I own a
216 RCX and NXT controller (no EV3), and would like to make sure the
217 Debian tools needed to program the systems I own work as they
223 <title>Aktivitetsbånd som beskytter privatsfæren
</title>
224 <link>http://people.skolelinux.org/pere/blog/Aktivitetsb_nd_som_beskytter_privatsf_ren.html
</link>
225 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Aktivitetsb_nd_som_beskytter_privatsf_ren.html
</guid>
226 <pubDate>Thu,
3 Nov
2016 09:
55:
00 +
0100</pubDate>
227 <description><p
>Jeg ble så imponert over
228 <a href=
"https://www.nrk.no/norge/forbrukerradet-mener-aktivitetsarmband-strider-mot-norsk-lov-
1.13209079">dagens
229 gladnyhet på NRK
</a
>, om at Forbrukerrådet klager inn vilkårene for
230 bruk av aktivitetsbånd fra Fitbit, Garmin, Jawbone og Mio til
231 Datatilsynet og forbrukerombudet, at jeg sendte følgende brev til
232 forbrukerrådet for å uttrykke min støtte:
236 <p
>Jeg ble veldig glad over å lese at Forbrukerrådet
237 <a href=
"http://www.forbrukerradet.no/siste-nytt/klager-inn-aktivitetsarmband-for-brudd-pa-norsk-lov/
">klager
238 inn flere aktivitetsbånd til Datatilsynet for dårlige vilkår
</a
>. Jeg
239 har ønsket meg et aktivitetsbånd som kan måle puls, bevegelse og
240 gjerne også andre helserelaterte indikatorer en stund nå. De eneste
241 jeg har funnet i salg gjør, som dere også har oppdaget, graverende
242 inngrep i privatsfæren og sender informasjonen ut av huset til folk og
243 organisasjoner jeg ikke ønsker å dele aktivitets- og helseinformasjon
244 med. Jeg ønsker et alternativ som
<em
>ikke
</em
> sender informasjon til
245 skyen, men derimot bruker
246 <a href=
"http://people.skolelinux.org/pere/blog/Fri_og__pen_standard__slik_Digistan_ser_det.html
">en
247 fritt og åpent standardisert
</a
> protokoll (eller i det minste en
248 dokumentert protokoll uten patent- og opphavsrettslige
249 bruksbegrensinger) til å kommunisere med datautstyr jeg kontrollerer.
250 Er jo ikke interessert i å betale noen for å tilrøve seg
251 personopplysninger fra meg. Desverre har jeg ikke funnet noe
252 alternativ så langt.
</p
>
254 <p
>Det holder ikke å endre på bruksvilkårene for enhetene, slik
255 Datatilsynet ofte legger opp til i sin behandling, når de gjør slik
256 f.eks. Fitbit (den jeg har sett mest på). Fitbit krypterer
257 informasjonen på enheten og sender den kryptert til leverandøren. Det
258 gjør det i praksis umulig både å sjekke hva slags informasjon som
259 sendes over, og umulig å ta imot informasjonen selv i stedet for
260 Fitbit. Uansett hva slags historie som forteller i bruksvilkårene er
261 en jo både prisgitt leverandørens godvilje og at de ikke tvinges av
262 sitt lands myndigheter til å lyve til sine kunder om hvorvidt
263 personopplysninger spres ut over det bruksvilkårene sier. Det er
264 veldokumentert hvordan f.eks. USA tvinger selskaper vha. såkalte
265 National security letters til å utlevere personopplysninger samtidig
266 som de ikke får lov til å fortelle dette til kundene sine.
</p
>
268 <p
>Stå på, jeg er veldig glade for at dere har sett på saken. Vet
269 dere om aktivitetsbånd i salg i dag som ikke tvinger en til å utlevere
270 aktivitets- og helseopplysninger med leverandøren?
</p
>
274 <p
>Jeg håper en konkurrent som respekterer kundenes privatliv klarer å
275 nå opp i markedet, slik at det finnes et reelt alternativ for oss som
276 har full tillit til at skyleverandører vil prioritere egen inntjening
277 og myndighetspålegg langt foran kundenes rett til privatliv. Jeg har
278 ingen tiltro til at Datatilsynet vil kreve noe mer enn at vilkårene
279 endres slik at de forklarer eksplisitt i hvor stor grad bruk av
280 produktene utraderer privatsfæren til kundene. Det vil nok gjøre de
281 innklagede armbåndene «lovlige», men fortsatt tvinge kundene til å
282 dele sine personopplysninger med leverandøren.
</p
>
projects / homepage.git / blob