1 <?xml version=
"1.0" encoding=
"utf-8"?>
2 <rss version='
2.0' xmlns:lj='http://www.livejournal.org/rss/lj/
1.0/' xmlns:
atom=
"http://www.w3.org/2005/Atom">
4 <title>Petter Reinholdtsen
</title>
5 <description></description>
6 <link>http://people.skolelinux.org/pere/blog/
</link>
7 <atom:link href=
"http://people.skolelinux.org/pere/blog/index.rss" rel=
"self" type=
"application/rss+xml" />
10 <title>How to add extra storage servers in Debian Edu / Skolelinux
</title>
11 <link>http://people.skolelinux.org/pere/blog/How_to_add_extra_storage_servers_in_Debian_Edu___Skolelinux.html
</link>
12 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_add_extra_storage_servers_in_Debian_Edu___Skolelinux.html
</guid>
13 <pubDate>Fri,
14 Mar
2014 12:
50:
00 +
0100</pubDate>
14 <description><p
>On larger sites, it is useful to use a dedicated storage server for
15 storing user home directories and data. The design for handling this
16 in Debian Edu / Skolelinux, is to update the automount rules in LDAP
17 and let the automount daemon on the clients take care of the rest. I
18 was reminded about the need to document this better when one of the
19 customers of
<a href=
"http://www.slxdrift.no/
">Skolelinux Drift AS
</a
>,
20 where I am on the board of directors, asked about how to do this. The
21 steps to get this working are the following:
</p
>
25 <li
>Add new storage server in DNS. I use nas-server.intern as the
26 example host here.
</li
>
28 <li
>Add automoun LDAP information about this server in LDAP, to allow
29 all clients to automatically mount it on reqeust.
</li
>
31 <li
>Add the relevant entries in tjener.intern:/etc/fstab, because
32 tjener.intern do not use automount to avoid mounting loops.
</li
>
36 <p
>DNS entries are added in GOsa², and not described here. Follow the
37 <a href=
"https://wiki.debian.org/DebianEdu/Documentation/Wheezy/GettingStarted
">instructions
38 in the manual
</a
> (Machine Management with GOsa² in section etting
41 <p
>Ensure that the NFS export points on the server are exported to the
42 relevant subnets or machines:
</p
>
44 <p
><blockquote
><pre
>
45 root@tjener:~# showmount -e nas-server
46 Export list for nas-server:
49 </pre
></blockquote
></p
>
51 <p
>Here everything on the backbone network is granted access to the
52 /storage export. With NFSv3 it is slightly better to limit it to
53 netgroup membership or single IP addresses to have some limits on the
56 <p
>The next step is to update LDAP. This can not be done using GOsa²,
57 because it lack a module for automount. Instead, use ldapvi and add
58 the required LDAP objects using an editor.
</p
>
60 <p
><blockquote
><pre
>
61 ldapvi --ldap-conf -ZD
'(cn=admin)
' -b ou=automount,dc=skole,dc=skolelinux,dc=no
62 </pre
></blockquote
></p
>
64 <p
>When the editor show up, add the following LDAP objects at the
65 bottom of the document. The
"/
&" part in the last LDAP object is a
66 wild card matching everything the nas-server exports, removing the
67 need to list individual mount points in LDAP.
</p
>
69 <p
><blockquote
><pre
>
70 add cn=nas-server,ou=auto.skole,ou=automount,dc=skole,dc=skolelinux,dc=no
71 objectClass: automount
73 automountInformation: -fstype=autofs --timeout=
60 ldap:ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
75 add ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
77 objectClass: automountMap
80 add cn=/,ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
81 objectClass: automount
83 automountInformation: -fstype=nfs,tcp,rsize=
32768,wsize=
32768,rw,intr,hard,nodev,nosuid,noatime nas-server.intern:/
&
84 </pre
></blockquote
></p
>
86 <p
>The last step to remember is to mount the relevant mount points in
87 tjener.intern by adding them to /etc/fstab, creating the mount
88 directories using mkdir and running
"mount -a
" to mount them.
</p
>
90 <p
>When this is done, your users should be able to access the files on
91 the storage server directly by just visiting the
92 /tjener/nas-server/storage/ directory using any application on any
93 workstation, LTSP client or LTSP server.
</p
>
98 <title>Hvordan bør RFC
822-formattert epost lagres i en NOARK5-database?
</title>
99 <link>http://people.skolelinux.org/pere/blog/Hvordan_b_r_RFC_822_formattert_epost_lagres_i_en_NOARK5_database_.html
</link>
100 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Hvordan_b_r_RFC_822_formattert_epost_lagres_i_en_NOARK5_database_.html
</guid>
101 <pubDate>Fri,
7 Mar
2014 15:
20:
00 +
0100</pubDate>
102 <description><p
>For noen uker siden ble NXCs fri programvarelisenserte
104 <a href=
"http://www.nuug.no/aktiviteter/
20140211-noark/
">presentert hos
105 NUUG
</a
> (video
106 <a href=
"https://www.youtube.com/watch?v=JCb_dNS3MHQ
">på youtube
107 foreløbig
</a
>), og det fikk meg til å titte litt mer på NOARK5,
108 standarden for arkivhåndtering i det offentlige Norge. Jeg lurer på
109 om denne kjernen kan være nyttig i et par av mine prosjekter, og for ett
110 av dem er det mest aktuelt å lagre epost. Jeg klarte ikke finne noen
111 anbefaling om hvordan RFC
822-formattert epost (aka Internett-epost)
112 burde lagres i NOARK5, selv om jeg vet at noen arkiver tar
113 PDF-utskrift av eposten med sitt epostprogram og så arkiverer PDF-en
114 (eller enda værre, tar papirutskrift og lagrer bildet av eposten som
115 PDF i arkivet).
</p
>
117 <p
>Det er ikke så mange formater som er akseptert av riksarkivet til
118 langtidsoppbevaring av offentlige arkiver, og PDF og XML er de mest
119 aktuelle i så måte. Det slo meg at det måtte da finnes en eller annen
120 egnet XML-representasjon og at det kanskje var enighet om hvilken som
121 burde brukes, så jeg tok mot til meg og spurte
122 <a href=
"http://samdok.com/
">SAMDOK
</a
>, en gruppe tilknyttet
123 arkivverket som ser ut til å jobbe med NOARK-samhandling, om de hadde
126 <p
><blockquote
>
127 <p
>Hei.
</p
>
129 <p
>Usikker på om dette er riktig forum å ta opp mitt spørsmål, men jeg
130 lurer på om det er definert en anbefaling om hvordan RFC
131 822-formatterte epost (aka vanlig Internet-epost) bør lages håndteres
132 i NOARK5, slik at en bevarer all informasjon i eposten
133 (f.eks. Received-linjer). Finnes det en anbefalt XML-mapping ala den
135 &lt;URL:
<a href=
"https://www.informit.com/articles/article.aspx?p=
32074">https://www.informit.com/articles/article.aspx?p=
32074</a
> &gt;? Mitt
136 mål er at det skal være mulig å lagre eposten i en NOARK5-kjerne og
137 kunne få ut en identisk formattert kopi av opprinnelig epost ved
139 </blockquote
></p
>
141 <p
>Postmottaker hos SAMDOK mente spørsmålet heller burde stilles
142 direkte til riksarkivet, og jeg fikk i dag svar derfra formulert av
143 seniorrådgiver Geir Ivar Tungesvik:
</p
>
145 <p
><blockquote
>
146 <p
>Riksarkivet har ingen anbefalinger når det gjelder konvertering fra
147 e-post til XML. Det står arkivskaper fritt å eventuelt definere/bruke
148 eget format. Inklusive da - som det spørres om - et format der det er
149 mulig å re-etablere e-post format ut fra XML-en. XML (e-post)
150 dokumenter må være referert i arkivstrukturen, og det må vedlegges et
151 gyldig XML skjema (.xsd) for XML-filene. Arkivskaper står altså fritt
152 til å gjøre hva de vil, bare det dokumenteres og det kan dannes et
153 utrekk ved avlevering til depot.
</p
>
155 <p
>De obligatoriske kravene i Noark
5 standarden må altså oppfylles -
156 etter dialog med Riksarkivet i forbindelse med godkjenning. For
157 offentlige arkiv er det særlig viktig med filene loependeJournal.xml
158 og offentligJournal.xml. Private arkiv som vil forholde seg til Noark
159 5 standarden er selvsagt frie til å bruke det som er relevant for dem
160 av obligatoriske krav.
</p
>
161 </blockquote
></p
>
163 <p
>Det ser dermed ut for meg som om det er et lite behov for å
164 standardisere XML-lagring av RFC-
822-formatterte meldinger. Noen som
165 vet om god spesifikasjon i så måte? I tillegg til den omtalt over,
166 har jeg kommet over flere aktuelle beskrivelser (søk på
"rfc
822
167 xml
", så finner du aktuelle alternativer).
</p
>
171 <li
><a href=
"http://www.openhealth.org/xmtp/
">XML MIME Transformation
172 protocol (XMTP)
</a
> fra OpenHealth, sist oppdatert
2001.
</li
>
174 <li
><a href=
"https://tools.ietf.org/html/draft-klyne-message-rfc822-xml-
03">An
175 XML format for mail and other messages
</a
> utkast fra IETF datert
178 <li
><a href=
"http://www.informit.com/articles/article.aspx?p=
32074">xMail:
179 E-mail as XML
</a
> en artikkel fra
2003 som beskriver python-modulen
180 rfc822 som gir ut XML-representasjon av en RFC
822-formattert epost.
</li
>
184 <p
>Finnes det andre og bedre spesifikasjoner for slik lagring? Send
185 meg en epost hvis du har innspill.
</p
>
190 <title>Lenker for
2014-
02-
28</title>
191 <link>http://people.skolelinux.org/pere/blog/Lenker_for_2014_02_28.html
</link>
192 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Lenker_for_2014_02_28.html
</guid>
193 <pubDate>Fri,
28 Feb
2014 13:
30:
00 +
0100</pubDate>
194 <description><p
>Her er noen lenker til tekster jeg har satt pris på å lese de siste
195 månedene. Det er mye om varsleren Edward Snowden, som burde få all
196 hjelp, støtte og beskyttelse Norge kan stille opp med for å ha satt
197 totalitær overvåkning på sakskartet, men også endel annet
198 tankevekkende og interessant.
</p
>
203 <a href=
"http://www.dagbladet.no/
2013/
12/
21/nyheter/thomas_drake/nsa/overvakning/snowden/
30925886/
">-
204 NSA tenker som Stasi
</a
> - Dagbladet.no
</li
>
206 <li
>2013-
12-
19 <a href=
"http://www.dagensit.no/article2732734.ece
">-
207 Staten har ikke rett til å vite alt om deg
</a
> - DN.no
</li
>
210 <a href=
"http://www.dagbladet.no/
2013/
12/
21/nyheter/krig_og_konflikter/politikk/utenriks/
30961126/
">Nye
211 mål for NSAs spionasje avslørt
</a
> - Dagbladet.no
</li
>
214 <a href=
"http://www.dagbladet.no/
2013/
12/
19/nyheter/nsa/usa/politikk/barack_obama/
30918684/
">«NSA
215 bør fjernes fra sin makt til å samle inn metadata fra amerikanske
216 telefonsamtaler»
</a
> - Dagbladet.no
</li
>
219 <a href=
"http://www.dagbladet.no/
2013/
12/
18/kultur/meninger/hovedkronikk/debatt/snowden/
30901089/
">Etterretning,
220 overvåking, frihet og sikkerhet
</a
> - Dagbladet.no
</li
>
223 <a href=
"http://www.nrk.no/verden/snowden-vil-ha-asyl-i-brasil-
1.11423444">Snowden
224 angriper USA i åpent brev
</a
> - nrk.no
</li
>
227 <a href=
"http://www.digi.no/
925820/rettslig-nederlag-for-etterretning
">Rettslig
228 nederlag for etterretning
</a
> - digi.no
</li
>
231 <a href=
"http://www.dagbladet.no/
2013/
12/
21/kultur/meninger/hovedkommentar/kommentar/etterretning/
30963284/
">Truende
232 nedkjøling
</a
> - dagbladet.no
</li
>
235 <a href=
"http://www.aftenposten.no/viten/Matematikk-og-forstaelse-
7411849.html
">Matematikk
236 og forståelse
</a
> - aftenposten.no
</li
>
239 <a href=
"http://www.nrk.no/viten/ny-studie_sovn-reinser-hjernen-var-
1.11306106">Vi
240 søv for å reinse hjernen vår, ifølgje ny studie
</a
> - nrk.no
</li
>
243 <a href=
"http://www.nrk.no/buskerud/julebaksten-i-vasken-
1.11410033">Rotterace
244 i kloakken
</a
> - nrk.no
</li
>
247 <a href=
"http://www.aftenposten.no/viten/Apne-brev-og-frie-tanker-
7413734.html
">Åpne
248 brev og frie tanker
</a
> - aftenposten.no
</li
>
251 <a href=
"http://www.aftenposten.no/viten/Stopp-kunnskapsapartheidet-
7428229.html
">Stopp dagens kunnskapsapartheid!
</a
> - aftenposten.no
</li
>
254 <a href=
"http://www.aftenposten.no/nyheter/uriks/EU-rapport-Britisk-og-amerikansk-overvaking-ser-ut-til-a-vare-ulovlig-
7428933.html
">EU-rapport:
255 Britisk og amerikansk overvåking ser ut til å være ulovlig
</a
> -
256 aftenposten.no
</li
>
258 <li
>2013-
10-
23 Professor Jan Arild Audestad
259 <a href=
"http://www.digi.no/
924008/advarer-mot-konspirasjonsteori
">Advarer
260 mot konspirasjonsteori
</a
> i digi.no og sier han ikke tror NSA kan
261 avlytte mobiltelefoner, mens han noen måneder senere forteller:
</li
>
264 <a href=
"http://www.aftenposten.no/nyheter/iriks/--Vi-ble-presset-til-a-svekke-mobilsikkerheten-pa-
80-tallet-
7410467.html
">-
265 Vi ble presset til å svekke mobilsikkerheten på
80-tallet
</a
> -
266 aftenposten.no
</li
>
269 <a href=
"http://tv.nrk.no/program/koid20005814/et-moete-med-edward-snowden
">Et
270 møte med Edward Snowden
</a
> - intervju sendt av nrk, tilgjengelig til
271 2015-
01-
31</li
>
274 <a href=
"http://politiken.dk/debat/profiler/jessteinpedersen/ECE2210356/litteraturredaktoeren-helle-thornings-tavshed-om-snowden-er-en-skandale/
">Litteraturredaktøren:
275 Helle Thornings tavshed om Snowden er en skandale
</a
> -
276 politiken.dk
</li
>
279 <a href=
"http://www.aftenposten.no/meninger/kronikker/Bra-a-ha-en-Storebror-
7476734.html
">Bra å ha en «Storebror»
</a
> - aftenposten.no
</li
>
282 <a href=
"http://johnchristianelden.blogg.no/
1393536806_narkotikasiktet_stort.html
">"Narkotikasiktet
283 Stortingsmann
" - Spillet bak kulissene
</a
> - John Christian Eldens
287 <a href=
"http://www.aftenposten.no/meninger/Heksejakt-pa-hasjbrukere-
7486283.html
">Heksejakt
288 på hasjbrukere
</a
> - aftenposten.no
</li
>
295 <title>New home and release
1.0 for netgroup and innetgr (aka ng-utils)
</title>
296 <link>http://people.skolelinux.org/pere/blog/New_home_and_release_1_0_for_netgroup_and_innetgr__aka_ng_utils_.html
</link>
297 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/New_home_and_release_1_0_for_netgroup_and_innetgr__aka_ng_utils_.html
</guid>
298 <pubDate>Sat,
22 Feb
2014 21:
45:
00 +
0100</pubDate>
299 <description><p
>Many years ago, I wrote a GPL licensed version of the netgroup and
300 innetgr tools, because I needed them in
301 <a href=
"http://www.skolelinux.org/
">Skolelinux
</a
>. I called the project
302 ng-utils, and it has served me well. I placed the project under the
303 <a href=
"http://www.hungry.com/
">Hungry Programmer
</a
> umbrella, and it was maintained in our CVS
304 repository. But many years ago, the CVS repository was dropped (lost,
305 not migrated to new hardware, not sure), and the project have lacked a
306 proper home since then.
</p
>
308 <p
>Last summer, I had a look at the package and made a new release
309 fixing a irritating crash bug, but was unable to store the changes in
310 a proper source control system. I applied for a project on
311 <a href=
"https://alioth.debian.org/
">Alioth
</a
>, but did not have time
312 to follow up on it. Until today. :)
</p
>
314 <p
>After many hours of cleaning and migration, the ng-utils project
315 now have a new home, and a git repository with the highlight of the
316 history of the project. I published all release tarballs and imported
317 them into the git repository. As the project is really stable and not
318 expected to gain new features any time soon, I decided to make a new
319 release and call it
1.0. Visit the new project home on
320 <a href=
"https://alioth.debian.org/projects/ng-utils/
">https://alioth.debian.org/projects/ng-utils/
</a
>
321 if you want to check it out. The new version is also uploaded into
322 <a href=
"http://packages.qa.debian.org/n/ng-utils.html
">Debian Unstable
</a
>.
</p
>
327 <title>Testing sysvinit from experimental in Debian Hurd
</title>
328 <link>http://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html
</link>
329 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html
</guid>
330 <pubDate>Mon,
3 Feb
2014 13:
40:
00 +
0100</pubDate>
331 <description><p
>A few days ago I decided to try to help the Hurd people to get
332 their changes into sysvinit, to allow them to use the normal sysvinit
333 boot system instead of their old one. This follow up on the
334 <a href=
"https://teythoon.cryptobitch.de//categories/gsoc.html
">great
335 Google Summer of Code work
</a
> done last summer by Justus Winter to
336 get Debian on Hurd working more like Debian on Linux. To get started,
337 I downloaded a prebuilt hard disk image from
338 <a href=
"http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz
">http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz
</a
>,
339 and started it using virt-manager.
</p
>
341 <p
>The first think I had to do after logging in (root without any
342 password) was to get the network operational. I followed
343 <a href=
"https://www.debian.org/ports/hurd/hurd-install
">the
344 instructions on the Debian GNU/Hurd ports page
</a
> and ran these
345 commands as root to get the machine to accept a IP address from the
346 kvm internal DHCP server:
</p
>
348 <p
><blockquote
><pre
>
349 settrans -fgap /dev/netdde /hurd/netdde
350 kill $(ps -ef|awk
'/[p]finet/ { print $
2}
')
351 kill $(ps -ef|awk
'/[d]evnode/ { print $
2}
')
353 </pre
></blockquote
></p
>
355 <p
>After this, the machine had internet connectivity, and I could
356 upgrade it and install the sysvinit packages from experimental and
357 enable it as the default boot system in Hurd.
</p
>
359 <p
>But before I did that, I set a password on the root user, as ssh is
360 running on the machine it for ssh login to work a password need to be
361 set. Also, note that a bug somewhere in openssh on Hurd block
362 compression from working. Remember to turn that off on the client
365 <p
>Run these commands as root to upgrade and test the new sysvinit
368 <p
><blockquote
><pre
>
369 cat
> /etc/apt/sources.list.d/experimental.list
&lt;
&lt;EOF
370 deb http://http.debian.net/debian/ experimental main
374 apt-get install -t experimental initscripts sysv-rc sysvinit \
375 sysvinit-core sysvinit-utils
376 update-alternatives --config runsystem
377 </pre
></blockquote
></p
>
379 <p
>To reboot after switching boot system, you have to use
380 <tt
>reboot-hurd
</tt
> instead of just
<tt
>reboot
</tt
>, as there is not
381 yet a sysvinit process able to receive the signals from the normal
382 'reboot
' command. After switching to sysvinit as the boot system,
383 upgrading every package and rebooting, the network come up with DHCP
384 after boot as it should, and the settrans/pkill hack mentioned at the
385 start is no longer needed. But for some strange reason, there are no
386 longer any login prompt in the virtual console, so I logged in using
389 <p
>Note that there are some race conditions in Hurd making the boot
390 fail some times. No idea what the cause is, but hope the Hurd porters
391 figure it out. At least Justus said on IRC (#debian-hurd on
392 irc.debian.org) that they are aware of the problem. A way to reduce
393 the impact is to upgrade to the Hurd packages built by Justus by
394 adding this repository to the machine:
</p
>
396 <p
><blockquote
><pre
>
397 cat
> /etc/apt/sources.list.d/hurd-ci.list
&lt;
&lt;EOF
398 deb http://darnassus.sceen.net/~teythoon/hurd-ci/ sid main
400 </pre
></blockquote
></p
>
402 <p
>At the moment the prebuilt virtual machine get some packages from
403 http://ftp.debian-ports.org/debian, because some of the packages in
404 unstable do not yet include the required patches that are lingering in
405 BTS. This is the completely list of
"unofficial
" packages installed:
</p
>
407 <p
><blockquote
><pre
>
408 # aptitude search
'?narrow(?version(CURRENT),?origin(Debian Ports))
'
409 i emacs - GNU Emacs editor (metapackage)
411 i hurd-recommended - Miscellaneous translators
412 i isc-dhcp-client - ISC DHCP client
413 i isc-dhcp-common - common files used by all the isc-dhcp* packages
414 i libc-bin - Embedded GNU C Library: Binaries
415 i libc-dev-bin - Embedded GNU C Library: Development binaries
416 i libc0.3 - Embedded GNU C Library: Shared libraries
417 i A libc0.3-dbg - Embedded GNU C Library: detached debugging symbols
418 i libc0.3-dev - Embedded GNU C Library: Development Libraries and Hea
419 i multiarch-support - Transitional package to ensure multiarch compatibilit
420 i A x11-common - X Window System (X.Org) infrastructure
421 i xorg - X.Org X Window System
422 i A xserver-xorg - X.Org X server
423 i A xserver-xorg-input-all - X.Org X server -- input driver metapackage
425 </pre
></blockquote
></p
>
427 <p
>All in all, testing hurd has been an interesting experience. :)
428 X.org did not work out of the box and I never took the time to follow
429 the porters instructions to fix it. This time I was interested in the
430 command line stuff.
<p
>
435 <title>A fist full of non-anonymous Bitcoins
</title>
436 <link>http://people.skolelinux.org/pere/blog/A_fist_full_of_non_anonymous_Bitcoins.html
</link>
437 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/A_fist_full_of_non_anonymous_Bitcoins.html
</guid>
438 <pubDate>Wed,
29 Jan
2014 14:
10:
00 +
0100</pubDate>
439 <description><p
>Bitcoin is a incredible use of peer to peer communication and
440 encryption, allowing direct and immediate money transfer without any
441 central control. It is sometimes claimed to be ideal for illegal
442 activity, which I believe is quite a long way from the truth. At least
443 I would not conduct illegal money transfers using a system where the
444 details of every transaction are kept forever. This point is
446 <a href=
"https://www.usenix.org/publications/login
">USENIX ;login:
</a
>
447 from December
2013, in the article
448 "<a href=
"https://www.usenix.org/system/files/login/articles/
03_meiklejohn-online.pdf
">A
449 Fistful of Bitcoins - Characterizing Payments Among Men with No
450 Names
</a
>" by Sarah Meiklejohn, Marjori Pomarole,Grant Jordan, Kirill
451 Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. They
452 analyse the transaction log in the Bitcoin system, using it to find
453 addresses belong to individuals and organisations and follow the flow
454 of money from both Bitcoin theft and trades on Silk Road to where the
455 money end up. This is how they wrap up their article:
</p
>
457 <p
><blockquote
>
458 <p
>"To demonstrate the usefulness of this type of analysis, we turned
459 our attention to criminal activity. In the Bitcoin economy, criminal
460 activity can appear in a number of forms, such as dealing drugs on
461 Silk Road or simply stealing someone else’s bitcoins. We followed the
462 flow of bitcoins out of Silk Road (in particular, from one notorious
463 address) and from a number of highly publicized thefts to see whether
464 we could track the bitcoins to known services. Although some of the
465 thieves attempted to use sophisticated mixing techniques (or possibly
466 mix services) to obscure the flow of bitcoins, for the most part
467 tracking the bitcoins was quite straightforward, and we ultimately saw
468 large quantities of bitcoins flow to a variety of exchanges directly
469 from the point of theft (or the withdrawal from Silk Road).
</p
>
471 <p
>As acknowledged above, following stolen bitcoins to the point at
472 which they are deposited into an exchange does not in itself identify
473 the thief; however, it does enable further de-anonymization in the
474 case in which certain agencies can determine (through, for example,
475 subpoena power) the real-world owner of the account into which the
476 stolen bitcoins were deposited. Because such exchanges seem to serve
477 as chokepoints into and out of the Bitcoin economy (i.e., there are
478 few alternative ways to cash out), we conclude that using Bitcoin for
479 money laundering or other illicit purposes does not (at least at
480 present) seem to be particularly attractive.
"</p
>
481 </blockquote
><p
>
483 <p
>These researches are not the first to analyse the Bitcoin
484 transaction log. The
2011 paper
485 "<a href=
"http://arxiv.org/abs/
1107.4524">An Analysis of Anonymity in
486 the Bitcoin System
</A
>" by Fergal Reid and Martin Harrigan is
487 summarized like this:
</p
>
489 <p
><blockquote
>
490 "Anonymity in Bitcoin, a peer-to-peer electronic currency system, is a
491 complicated issue. Within the system, users are identified by
492 public-keys only. An attacker wishing to de-anonymize its users will
493 attempt to construct the one-to-many mapping between users and
494 public-keys and associate information external to the system with the
495 users. Bitcoin tries to prevent this attack by storing the mapping of
496 a user to his or her public-keys on that user
's node only and by
497 allowing each user to generate as many public-keys as required. In
498 this chapter we consider the topological structure of two networks
499 derived from Bitcoin
's public transaction history. We show that the
500 two networks have a non-trivial topological structure, provide
501 complementary views of the Bitcoin system and have implications for
502 anonymity. We combine these structures with external information and
503 techniques such as context discovery and flow analysis to investigate
504 an alleged theft of Bitcoins, which, at the time of the theft, had a
505 market value of approximately half a million U.S. dollars.
"
506 </blockquote
></p
>
508 <p
>I hope these references can help kill the urban myth that Bitcoin
509 is anonymous. It isn
't really a good fit for illegal activites. Use
510 cash if you need to stay anonymous, at least until regular DNA
511 sampling of notes and coins become the norm. :)
</p
>
513 <p
>As usual, if you use Bitcoin and want to show your support of my
514 activities, please send Bitcoin donations to my address
515 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
&label=PetterReinholdtsenBlog
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
520 <title>New chrpath release
0.16</title>
521 <link>http://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html
</link>
522 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html
</guid>
523 <pubDate>Tue,
14 Jan
2014 11:
00:
00 +
0100</pubDate>
524 <description><p
><a href=
"http://www.coverity.com/
">Coverity
</a
> is a nice tool to
525 find problems in C, C++ and Java code using static source code
526 analysis. It can detect a lot of different problems, and is very
527 useful to find memory and locking bugs in the error handling part of
528 the source. The company behind it provide
529 <a href=
"https://scan.coverity.com/
">check of free software projects as
530 a community service
</a
>, and many hundred free software projects are
531 already checked. A few days ago I decided to have a closer look at
532 the Coverity system, and discovered that the
533 <a href=
"http://www.gnu.org/software/gnash/
">gnash
</a
> and
534 <a href=
"http://sourceforge.net/projects/ipmitool/
">ipmitool
</a
>
535 projects I am involved with was already registered. But these are
536 fairly big, and I would also like to have a small and easy project to
537 check, and decided to
<a href=
"http://scan.coverity.com/projects/
1179">request
538 checking of the chrpath project
</a
>. It was
539 added to the checker and discovered seven potential defects. Six of
540 these were real, mostly resource
"leak
" when the program detected an
541 error. Nothing serious, as the resources would be released a fraction
542 of a second later when the program exited because of the error, but it
543 is nice to do it right in case the source of the program some time in
544 the future end up in a library. Having fixed all defects and added
545 <a href=
"https://lists.alioth.debian.org/mailman/listinfo/chrpath-devel
">a
546 mailing list for the chrpath developers
</a
>, I decided it was time to
547 publish a new release. These are the release notes:
</p
>
549 <p
>New in
0.16 released
2014-
01-
14:
</p
>
553 <li
>Fixed all minor bugs discovered by Coverity.
</li
>
554 <li
>Updated config.sub and config.guess from the GNU project.
</li
>
555 <li
>Mention new project mailing list in the documentation.
</li
>
560 <a href=
"https://alioth.debian.org/frs/?group_id=
31052">download the
561 new version
0.16 from alioth
</a
>. Please let us know via the Alioth
562 project if something is wrong with the new release. The test suite
563 did not discover any old errors, so if you find a new one, please also
564 include a test suite check.
</p
>
569 <title>Debian Edu interview: Dominik George
</title>
570 <link>http://people.skolelinux.org/pere/blog/Debian_Edu_interview__Dominik_George.html
</link>
571 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian_Edu_interview__Dominik_George.html
</guid>
572 <pubDate>Wed,
25 Dec
2013 13:
40:
00 +
0100</pubDate>
573 <description><p
>The
<a href=
"http://www.skolelinux.org/
">Debian Edu / Skolelinux
574 project
</a
> consist of both newcomers and old timers, and this time I
575 was able to get an interview with a newcomer in the project who showed
576 up on the IRC channel a few weeks ago to let us know about his
577 successful installation of Debian Edu Wheezy in his School. Say hello
578 to
<a href=
"https://www.ohloh.net/accounts/Natureshadow
">Dominik
579 George
</a
>.
</p
>
581 <!-- http://www.dominik-george.de/images/foto.jpg --
>
583 <p
><strong
>Who are you, and how do you spend your days?
</strong
></p
>
585 <p
>I am a
23 year-old student from Germany who has spent half of his
586 life with open source. In
"real life
", I am, as already mentioned, a
587 student in the fields of Computer Science, Electrical Engineering,
588 Information Technologies and Anglistics. Due to my (only partially
589 voluntary) huge engagement in the open source world, these things are
590 a bit vacant right now however.
</p
>
592 <p
>I also have been working as a project teacher at a Gymasnium
593 (public school) for various years now. I took up that work some time
594 around
2005 when still attending that school myself and have continued
595 it until today. I also had been running the (kind of very advanced)
596 network of that school together with a team of very interested and
597 talented students in the age of
11 to
15 years, who took the chance to
598 learn a lot about open source and networking before I left the school
599 to help building another school
's informational education concept from
602 <p
>That said, one might see me as a kind of
"glue
" between school kids
603 and the elderly of teachers as well as between the open source
604 ecosystem and the (even more complex) educational ecosystem.
</p
>
606 <p
>When I am not busy with open source or education, I like Geocaching
607 and cycling.
</p
>
609 <p
><strong
>How did you get in contact with the Skolelinux / Debian Edu
610 project?
</strong
></p
>
612 <p
>I think that happened some time around
2009 when I first attended
613 <a href=
"http://www.froscon.org
">FrOSCon
</a
> and visited the project
614 booth. I think I wasn
't too interested back then because I used to
615 have an attitude of disliking software that does too much stuff on its
616 own. Maybe I was too inexperienced to realise the upsides of an
617 "out-of-the-box
" solution ;).
</p
>
619 <p
>The first time I actively talked to Skolelinux people was at
620 <a href=
"http://www.openrheinruhr.de
">OpenRheinRuhr
</a
> 2011 when the
621 BiscuIT project, a home-grewn software used by my school for various
622 really cool things from timetables and class contact lists to lunch
623 ordering, student ID card printing and project elections first got to
624 a stage where it could have been published. I asked the Skolelinux
625 guys running the booth if the project were interested in it and gave a
626 small demonstration, but there wasn
't any real feedback and the guys
627 seemed rather uninterested.
</p
>
629 <p
>After I left the school where I developed the software, it got
630 mostly lost, but I am now reimplementing it for my new school. I have
631 reusability and compatibility in mind, and I hop there will be a new
632 basis for contributing it to the Skolelinux project ;)!
</p
>
634 <p
><strong
>What do you see as the advantages of Skolelinux / Debian
635 Edu?
</strong
></p
>
637 <p
>The most important advantage seems to be that it
"just
638 works
". After overcoming some minor (but still very annoying) glitches
639 in the installer, I got a fully functional, working school network,
640 without the month-long hassle I experienced when setting all that up
641 from scratch in earlier years. And above that, it rocked - I didn
't
642 have any real hardware at hand, because the school was just founded
643 and has no money whatsoever, so I installed a combined server (main
644 server, terminal services and workstation) in a VM on my personal
645 notebook, bridging the LTSP network interface to the ethernet port,
646 and then PXE-booted the Windows notebooks that were lying around from
647 it. I could use
8 clients without any performance issues, by using a
648 tiny little VM on a tiny little notebook. I think that
's enough to say
649 that it rocks!
</p
>
651 <p
>Secondly, there are marketing reasons. Life
's bad, and so no
652 politician will ever permit a setup described as
"Debian, an universal
653 operating system, with some really cool educational tools
" while they
654 will be jsut fine with
"Skolelinux, a single-purpose solution for your
655 school network
", even if both turn out to be the very same thing (yes,
656 this is unfair towards the Skolelinux project, and must not be taken
657 too seriously - you get the idea, anyway).
</p
>
659 <p
><strong
>What do you see as the disadvantages of Skolelinux / Debian
660 Edu?
</strong
></p
>
662 <p
>I have not been involved with Skolelinux long enough to really
663 answer this question in a fair way. Thus, please allow me to put it in
664 other words:
"What do you expect from Skolelinux to keep liking it?
" I
665 can list a few points about that:
</p
>
669 <li
>always strive to get all things integrated into Debian upstream
670 <li
>be open to discussion about changes and the like, even with newcomers
671 <li
>be helpful at being helpful ;)
675 <p
>I
'm really sorry I cannot say much more about that :(!
</p
>
677 <p
><strong
>Which free software do you use daily?
</strong
></p
>
679 <p
>First of all, all software I use is free and open. I have abandoned
680 all non-free software (except for firmware on my darned phone) this
683 <p
>I run Debian GNU/Linux on all PC systems I use. On that, I mostly
684 run text tools. I use
685 <a href=
"https://www.mirbsd.org/mksh.htm
">mksh
</a
> as shell,
686 <a href=
"https://www.mirbsd.org/jupp.htm
">jupp
</a
> as very advanced
687 text editor (I even got the developer to help me write a script/macro
688 based full-featured student management software with the two),
689 <a href=
"http://mcabber.com/
">mcabber
</a
> for XMPP and
690 <a href=
"http://www.irssi.org/
">irssi
</a
> for IRC. For that overly
691 coloured world called the WWW, I use
692 <a href=
"https://www.mozilla.org/en-US/firefox/new/
">Iceweasel
693 (Firefox)
</a
>. Oh, and
<a href=
"http://www.mutt.org/
">mutt
</a
> for
696 <p
>However, while I am personally aware of the fact that text tools
697 are more efficient and powerful than anything else, I also use (or at
698 least operate) some tools that are suitable to bring open source to
699 kids. One of these things is
<a href=
"http://jappix.org/
">Jappix
</a
>,
700 which I already introduced to some kids even before they got aware of
701 Facebook, making them see for themselves that they do not need
702 Facebook now ;).
</p
>
704 <p
><strong
>Which strategy do you believe is the right one to use to
705 get schools to use free software?
</strong
></p
>
707 <p
>Well, that
's a two-sided thing. One side is what I believe, and one
708 side is what I have experienced.
</p
>
710 <p
>I believe that the right strategy is showing them the benefits. But
711 that won
't work out as long as the acceptance of free alternatives
712 grows globally. What I mean is that if all the kids are almost forced
713 to use Windows, Facebook, Skype, you name it at home, they will not
714 see why they would want to use alternatives at school. I have seen
715 students take seat in front of a fully-functional, modern Debian
716 desktop that could do anything their Windows at home could do, and
717 they jsut refused to use it because
"Linux sucks
". It is something
718 that makes the council of our city spend around
600000 € to buy
719 software - not including hardware, mind you - for operating school
720 networks, and for installing a system that, as has been proved, does
721 not work. For those of you readers who are good at maths, have you
722 already found out how many lives could have been saved with that money
723 if we had instead used it to bring education to parts of the world
724 that need it? I have, and found it to be nothing less dramatic than
725 plain criminal.
</p
>
727 <p
>That said, the only feasible way appears to be the bottom up
728 method. We have to bring free software to kids and parents. I have
729 founded an association named
730 <a href=
"https://www.teckids.org
">Teckids
</a
> here in Germany that does
731 just that. We organise several events for kids and adolescents in the
732 area of free and open source software, for example the
733 <a href=
"http://kids.froscon.org
">FrogLabs
</a
>, which share staff with
734 Teckids and are the youth programme of
735 <a href=
"http://www.froscon.org
">the Free and Open Source Software
736 Conference (FrOSCon)
</a
>. We do a lot more than most other conferences
737 - this year, we first offered the FrogLabs as a holiday camp for kids
738 aged
10 to
16. It was a huge success, with approx.
30 kids taking part
739 and learning with and about free software through a whole weekend. All
740 of us had a lot of fun, and the results were really exciting.
</p
>
742 <p
>Apart from that, we are preparing a campaign that is supposed to bring
743 the message of free alternatives to stuff kids use every day to them and
744 their parents, e.g. the use of Jabber / Jappix instead of Facebook and
745 Skype. To make that possible, we are planning to get together a team of
746 clever kids who understand very well what their peers need and can bring
747 it across to them. So we will have a peer-driven network of adolescents
748 who teach each other and collect feedback from the community of minors.
749 We then take that feedback and our own experience to work closely with
750 open source projects, such as Skolelinux or Jappix, at improving their
751 software in a way that makes it more and more attractive for the target
752 group. At least I hope that we will have good cooperation with
753 Skolelinux in the future ;)!
</p
>
755 <p
>So in conclusion, what I believe is that, if it weren
't for the world
756 being so bad, it should be very clear to the political decision makers
757 that the only way to go nowadays is free software for various reasons,
758 but I have learnt that the only way that seems to work is bottom up.
</p
>
762 > * Who should be interviewed with this questions in the future?
764 That
's probably the hardest question of them all, as I do not know the
765 community. However, I would be willing to do the following:
767 <li
>Run an interview with a German headteacher who is very open to
768 free software, and also prefers it, but cannot really use it because
769 of the decision makers above;
770 <li
>Run interviews with some kids, both with and without previous
771 knowledge about free software
773 If that is wanted, just let me know ;).
780 <title>Dugnadsnett for alle stiller på Oslo Maker Faire i januar
2014</title>
781 <link>http://people.skolelinux.org/pere/blog/Dugnadsnett_for_alle_stiller_p__Oslo_Maker_Faire_i_januar_2014.html
</link>
782 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Dugnadsnett_for_alle_stiller_p__Oslo_Maker_Faire_i_januar_2014.html
</guid>
783 <pubDate>Tue,
10 Dec
2013 19:
20:
00 +
0100</pubDate>
784 <description><p
>Helga
18. og
19. januar
2014 arrangeres
785 <a href=
"http://makerfaireoslo.no/no/program/dugnadsnett
">Oslo Maker
786 Faire
</a
>, og
<a href=
"http://www.dugnadsnett.no/
">Dugnadsnett for
787 alle
</a
> har fått plass! Planen er å ha et bord med en plakat der vi
788 forteller om hva Dugnadsnett for alle er for noe, og et lite verksted
789 der vi hjelper folk som er interessert i å få opp sin egen mesh-node.
790 Jeg gleder meg til å se hvordan prosjektet blir mottatt der.
</p
>
792 <p
>Målet med dugnadsnett for alle i Oslo er å få på plass et datanett
793 for kommunikasjon ved hjelp av radio-repeaterstasjoner (kalt
794 mesh-noder) som gjør at en kan direkte kommunisere med slekt, venner
795 og bekjente i Oslo via andre som deltar i dugnadsnettet, samt gjøre
796 det mulig komme ut på internett via dugnadsnettet. Første delmål er å
797 kunne sende SMS-meldinger vha. IP-telefoni løsningen
798 <a href=
"http://www.servalproject.org/
">Serval project
</a
> mellom
799 deltagerne i Dugnadsnett for alle i Oslo. Formålet er å ta tilbake
800 kontrollen over egen nett-infrastruktur og gjøre det dyrere å bedrive
801 massiv innsamling av informasjon om borgernes bruk av datanett.
</p
>
803 <p
>Høres dette interessant ut? Bli med på prosjektet, fortell oss
804 hvor du kunne tenke deg å sette opp en radio-repeater (slik at folk i
805 nærheten kan finne hverandre ved hjelp av
806 <a href=
"http://flynor.net/mesh/mesh.php
">kartet over planlagte og
807 eksisterende radio-repeatere
</A
>), bli med på epostlisten
808 <a href=
"http://lists.nuug.no/mailman/listinfo/dugnadsnett
">dugnadsnett
809 (at) nuug.no
</a
> og stikk innom
810 <a href=
"irc://irc.freenode.net/#dugnadsnett.no
">IRC-kanalen
811 #dugnadsnett.no
</a
>. Så langt er det planlagt over
40
812 radio-repeatere, med VPN-forbindelser via Internet for å la de delene
813 av nettet som ikke når hverandre via radio kunne snakke med hverandre
819 <title>Debian Edu interview: Klaus Knopper
</title>
820 <link>http://people.skolelinux.org/pere/blog/Debian_Edu_interview__Klaus_Knopper.html
</link>
821 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian_Edu_interview__Klaus_Knopper.html
</guid>
822 <pubDate>Fri,
6 Dec
2013 09:
50:
00 +
0100</pubDate>
823 <description><p
>It has been a while since I managed to publish the last interview,
824 but the
<a href=
"http://www.skolelinux.org/
">Debian Edu /
825 Skolelinux
</a
> community is still going strong, and yesterday we even
826 had a new school administrator show up on
827 <a href=
"irc://irc.debian.org/#debian-edu
">#debian-edu
</a
> to share
828 his success story with installing Debian Edu at their school. This
829 time I have been able to get some helpful comments from the creator of
830 Knoppix, Klaus Knopper, who was involved in a Skolelinux project in
831 Germany a few years ago.
</p
>
833 <p
><strong
>Who are you, and how do you spend your days?
</strong
></p
>
835 <p
>I am Klaus Knopper. I have a master degree in electrical
836 engineering, and is currently professor in information management at
837 the university of applied sciences Kaiserslautern / Germany and
838 freelance Open Source software developer and consultant.
</p
>
840 <p
>All of this is pretty much of the work I spend my days with. Apart
841 from teaching, I
'm also conducting some more or less experimental
842 projects like the
<a href=
"http://www.knoppix.org
">Knoppix GNU/Linux live
843 system
</a
> (Debian-based like Skolelinux),
844 <a href=
"http://www.knopper.net/knoppix-adriane/index-en.html
">ADRIANE
</a
>
845 (a blind-friendly talking desktop system) and
846 <a href=
"http://www.knopper.net/linbo/index-en.html
">LINBO
</a
>
847 (Linux-based network boot console, a fast remote install and repair
848 system supporting various operating systems).
</p
>
850 <p
><strong
>How did you get in contact with the Skolelinux / Debian Edu
851 project?
</strong
></p
>
853 <p
>The credit for this have to go to Kurt Gramlich, who is the German
854 coordinator for Skolelinux. We were looking for an all-in-one open
855 source community-supported distribution for schools, and Kurt
856 introduced us to Skolelinux for this purpose.
</p
>
858 <p
><strong
>What do you see as the advantages of Skolelinux / Debian
859 Edu?
</strong
></p
>
862 <li
>Quick installation,
</li
>
863 <li
>works (almost) out of the box,
</li
>
864 <li
>contains many useful software packages for teaching and learning,
</li
>
865 <li
>is a purely community-based distro and not controlled by a
866 single company,
</li
>
867 <li
>has a large number of supporters and teachers who share their
868 experience and problem solutions.
</li
>
871 <p
><strong
>What do you see as the disadvantages of Skolelinux / Debian
872 Edu?
</strong
></p
>
875 <li
>Skolelinux is - as we had to learn - not easily upgradable to
876 the next version. Opposed to its genuine Debian base, upgrading to
877 a new version means a full new installation from scratch to get it
878 working again reliably.
880 <li
>Skolelinux is based on Debian/stable, and therefore always a
881 little outdated in terms of program versions compared to Edubuntu or
882 similar educational Linux distros, which rather use Debian/testing
885 <li
>Skolelinux has some very self-opinionated and stubborn default
886 configuration which in my opinion adds unnecessary complexity and is
887 not always suitable for a schools needs, the preset network
888 configuration is actually a core definition feature of Skolelinux
889 and not easy to change, so schools sometimes have to change their
890 network configuration to make it
"Skolelinux-compatible
".
892 <li
>Some proposed extensions, which were made available as
893 contribution, like secure examination mode and lecture material
894 distribution and collection, were not accepted into the mainline
895 Skolelinux development and are now not easy to maintain in the
896 future because of Skolelinux somewhat undeterministic update
899 <li
>Skolelinux has only a very tiny number of base developers
900 compared to Debian.
</li
>
904 <p
>For these reasons and experience from our project, I would now
905 rather consider using plain Debian for schools next time, until
906 Skolelinux is more closely integrated into Debian and becomes
907 upgradeable without reinstallation.
</p
>
909 <p
><strong
>Which free software do you use daily?
</strong
></p
>
911 <p
>GNU/Linux with LXDE desktop, bash for interactive dialog and
912 programming, texlive for documentation and correspondence,
913 occasionally LibreOffice for document format conversion. Various
914 programming languages for teaching.
</p
>
916 <p
><strong
>Which strategy do you believe is the right one to use to
917 get schools to use free software?
</strong
></p
>
919 <p
>Strong arguments are
</p
>
923 <li
>Knowledge is free, and so should be methods and tools for
924 teaching and learning.
</li
>
926 <li
>Students can learn with and use the same software at school, at
927 home, and at their working place without running into license or
928 conversion problems.
</li
>
930 <li
>Closed source or proprietary software hides knowledge rather
931 than exposing it, and proprietary software vendors try to bind
932 customers to certain products. But teachers need to teach
933 science, not products.
</li
>
935 <li
>If you have everything you for daily work as open source, what
936 would you need proprietary software for?
</li
>
projects / homepage.git / blob