1 <?xml version=
"1.0" encoding=
"ISO-8859-1"?>
2 <rss version='
2.0' xmlns:lj='http://www.livejournal.org/rss/lj/
1.0/'
>
4 <title>Petter Reinholdtsen - Entries from October
2016</title>
5 <description>Entries from October
2016</description>
6 <link>https://www.hungry.com/~pere/blog/
</link>
10 <title>Experience and updated recipe for using the Signal app without a mobile phone
</title>
11 <link>https://www.hungry.com/~pere/blog/Experience_and_updated_recipe_for_using_the_Signal_app_without_a_mobile_phone.html
</link>
12 <guid isPermaLink=
"true">https://www.hungry.com/~pere/blog/Experience_and_updated_recipe_for_using_the_Signal_app_without_a_mobile_phone.html
</guid>
13 <pubDate>Mon,
10 Oct
2016 11:
30:
00 +
0200</pubDate>
14 <description><p
>In July
15 <a href=
"https://people.skolelinux.org/pere/blog/How_to_use_the_Signal_app_if_you_only_have_a_land_line__ie_no_mobile_phone_.html
">I
16 wrote how to get the Signal Chrome/Chromium app working
</a
> without
17 the ability to receive SMS messages (aka without a cell phone). It is
18 time to share some experiences and provide an updated setup.
</p
>
20 <p
>The Signal app have worked fine for several months now, and I use
21 it regularly to chat with my loved ones. I had a major snag at the
22 end of my summer vacation, when the the app completely forgot my
23 setup, identity and keys. The reason behind this major mess was
24 running out of disk space. To avoid that ever happening again I have
25 started storing everything in
<tt
>userdata/
</tt
> in git, to be able to
26 roll back to an earlier version if the files are wiped by mistake. I
27 had to use it once after introducing the git backup. When rolling
28 back to an earlier version, one need to use the
'reset session
' option
29 in Signal to get going, and notify the people you talk with about the
30 problem. I assume there is some sequence number tracking in the
31 protocol to detect rollback attacks. The git repository is rather big
32 (
674 MiB so far), but I have not tried to figure out if some of the
33 content can be added to a .gitignore file due to lack of spare
36 <p
>I
've also hit the
90 days timeout blocking, and noticed that this
37 make it impossible to send messages using Signal. I could still
38 receive them, but had to patch the code with a new timestamp to send.
39 I believe the timeout is added by the developers to force people to
40 upgrade to the latest version of the app, even when there is no
41 protocol changes, to reduce the version skew among the user base and
42 thus try to keep the number of support requests down.
</p
>
44 <p
>Since my original recipe, the Signal source code changed slightly,
45 making the old patch fail to apply cleanly. Below is an updated
46 patch, including the shell wrapper I use to start Signal. The
47 original version required a new user to locate the JavaScript console
48 and call a function from there. I got help from a friend with more
49 JavaScript knowledge than me to modify the code to provide a GUI
50 button instead. This mean that to get started you just need to run
51 the wrapper and click the
'Register without mobile phone
' to get going
52 now. I
've also modified the timeout code to always set it to
90 days
53 in the future, to avoid having to patch the code regularly.
</p
>
55 <p
>So, the updated recipe for Debian Jessie:
</p
>
59 <li
>First, install required packages to get the source code and the
60 browser you need. Signal only work with Chrome/Chromium, as far as I
61 know, so you need to install it.
64 apt install git tor chromium
65 git clone https://github.com/WhisperSystems/Signal-Desktop.git
66 </pre
></li
>
68 <li
>Modify the source code using command listed in the the patch
69 block below.
</li
>
71 <li
>Start Signal using the run-signal-app wrapper (for example using
72 <tt
>`pwd`/run-signal-app
</tt
>).
74 <li
>Click on the
'Register without mobile phone
', will in a phone
75 number you can receive calls to the next minute, receive the
76 verification code and enter it into the form field and press
77 'Register
'. Note, the phone number you use will be user Signal
78 username, ie the way others can find you on Signal.
</li
>
80 <li
>You can now use Signal to contact others. Note, new contacts do
81 not show up in the contact list until you restart Signal, and there is
82 no way to assign names to Contacts. There is also no way to create or
83 update chat groups. I suspect this is because the web app do not have
84 a associated contact database.
</li
>
88 <p
>I am still a bit uneasy about using Signal, because of the way its
89 main author moxie0 reject federation and accept dependencies to major
90 corporations like Google (part of the code is fetched from Google) and
91 Amazon (the central coordination point is owned by Amazon). See for
93 <a href=
"https://github.com/LibreSignal/LibreSignal/issues/
37">the
94 LibreSignal issue tracker
</a
> for a thread documenting the authors
95 view on these issues. But the network effect is strong in this case,
96 and several of the people I want to communicate with already use
97 Signal. Perhaps we can all move to
<a href=
"https://ring.cx/
">Ring
</a
>
98 once it
<a href=
"https://bugs.debian.org/
830265">work on my
99 laptop
</a
>? It already work on Windows and Android, and is included
100 in
<a href=
"https://tracker.debian.org/pkg/ring
">Debian
</a
> and
101 <a href=
"https://launchpad.net/ubuntu/+source/ring
">Ubuntu
</a
>, but not
102 working on Debian Stable.
</p
>
104 <p
>Anyway, this is the patch I apply to the Signal code to get it
105 working. It switch to the production servers, disable to timeout,
106 make registration easier and add the shell wrapper:
</p
>
109 cd Signal-Desktop; cat
&lt;
&lt;EOF | patch -p1
110 diff --git a/js/background.js b/js/background.js
111 index
24b4c1d.
.579345f
100644
112 --- a/js/background.js
113 +++ b/js/background.js
118 - var SERVER_URL =
'https://textsecure-service-staging.whispersystems.org
';
119 + var SERVER_URL =
'https://textsecure-service-ca.whispersystems.org
';
120 var SERVER_PORTS = [
80,
4433,
8443];
121 - var ATTACHMENT_SERVER_URL =
'https://whispersystems-textsecure-attachments-staging.s3.amazonaws.com
';
122 + var ATTACHMENT_SERVER_URL =
'https://whispersystems-textsecure-attachments.s3.amazonaws.com
';
124 window.getSocketStatus = function() {
125 if (messageReceiver) {
126 diff --git a/js/expire.js b/js/expire.js
127 index
639aeae..beb91c3
100644
132 'use strict
';
133 - var BUILD_EXPIRATION =
0;
134 + var BUILD_EXPIRATION = Date.now() + (
90 *
24 *
60 *
60 *
1000);
136 window.extension = window.extension || {};
138 diff --git a/js/views/install_view.js b/js/views/install_view.js
139 index
7816f4f.
.1d6233b
100644
140 --- a/js/views/install_view.js
141 +++ b/js/views/install_view.js
144 'click .step1
': this.selectStep.bind(this,
1),
145 'click .step2
': this.selectStep.bind(this,
2),
146 -
'click .step3
': this.selectStep.bind(this,
3)
147 +
'click .step3
': this.selectStep.bind(this,
3),
148 +
'click .callreg
': function() { extension.install(
'standalone
') },
151 clearQR: function() {
152 diff --git a/options.html b/options.html
153 index dc0f28e.
.8d709f6
100644
157 &lt;div class=
'nav
'>
158 &lt;h1
>{{ installWelcome }}
&lt;/h1
>
159 &lt;p
>{{ installTagline }}
&lt;/p
>
160 -
&lt;div
> &lt;a class=
'button step2
'>{{ installGetStartedButton }}
&lt;/a
> &lt;/div
>
161 +
&lt;div
> &lt;a class=
'button step2
'>{{ installGetStartedButton }}
&lt;/a
>
162 +
&lt;br
> &lt;a class=
"button callreg
">Register without mobile phone
&lt;/a
>
165 &lt;span class=
'dot step1 selected
'>&lt;/span
>
166 &lt;span class=
'dot step2
'>&lt;/span
>
167 &lt;span class=
'dot step3
'>&lt;/span
>
168 --- /dev/null
2016-
10-
07 09:
55:
13.730181472 +
0200
169 +++ b/run-signal-app
2016-
10-
10 08:
54:
09.434172391 +
0200
175 +userdata=
"`pwd`/userdata
"
176 +if [ -d
"$userdata
" ]
&& [ ! -d
"$userdata/.git
" ] ; then
177 + (cd $userdata
&& git init)
179 +(cd $userdata
&& git add .
&& git commit -m
"Current status.
" || true)
181 + --proxy-server=
"socks://localhost:
9050" \
182 + --user-data-dir=$userdata --load-and-launch-app=`pwd`
184 chmod a+rx run-signal-app
187 <p
>As usual, if you use Bitcoin and want to show your support of my
188 activities, please send Bitcoin donations to my address
189 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
194 <title>NRKs kildevern når NRK-epost deles med utenlands etterretning?
</title>
195 <link>https://www.hungry.com/~pere/blog/NRKs_kildevern_n_r_NRK_epost_deles_med_utenlands_etterretning_.html
</link>
196 <guid isPermaLink=
"true">https://www.hungry.com/~pere/blog/NRKs_kildevern_n_r_NRK_epost_deles_med_utenlands_etterretning_.html
</guid>
197 <pubDate>Sat,
8 Oct
2016 08:
15:
00 +
0200</pubDate>
198 <description><p
>NRK
199 <a href=
"https://nrkbeta.no/
2016/
09/
02/securing-whistleblowers/
">lanserte
200 for noen uker siden
</a
> en ny
201 <a href=
"https://www.nrk.no/varsle/
">varslerportal som bruker
202 SecureDrop til å ta imot tips
</a
> der det er vesentlig at ingen
203 utenforstående får vite at NRK er tipset. Det er et langt steg
204 fremover for NRK, og når en leser bloggposten om hva de har tenkt på
205 og hvordan løsningen er satt opp virker det som om de har gjort en
206 grundig jobb der. Men det er ganske mye ekstra jobb å motta tips via
207 SecureDrop, så varslersiden skriver
"Nyhetstips som ikke krever denne
208 typen ekstra vern vil vi gjerne ha på nrk.no/
03030", og
03030-siden
209 foreslår i tillegg til et webskjema å bruke epost, SMS, telefon,
210 personlig oppmøte og brevpost. Denne artikkelen handler disse andre
213 <p
>Når en sender epost til en @nrk.no-adresse så vil eposten sendes ut
214 av landet til datamaskiner kontrollert av Microsoft. En kan sjekke
215 dette selv ved å slå opp epostleveringsadresse (MX) i DNS. For NRK er
216 dette i dag
"nrk-no.mail.protection.outlook.com
". NRK har som en ser
217 valgt å sette bort epostmottaket sitt til de som står bak outlook.com,
218 dvs. Microsoft. En kan sjekke hvor nettverkstrafikken tar veien
219 gjennom Internett til epostmottaket vha. programmet
220 <tt
>traceroute
</tt
>, og finne ut hvem som eier en Internett-adresse
221 vha. whois-systemet. Når en gjør dette for epost-trafikk til @nrk.no
222 ser en at trafikken fra Norge mot nrk-no.mail.protection.outlook.com
223 går via Sverige mot enten Irland eller Tyskland (det varierer fra gang
224 til gang og kan endre seg over tid).
</p
>
227 <a href=
"https://no.wikipedia.org/wiki/FRA-loven
">introduksjonen av
228 FRA-loven
</a
> at IP-trafikk som passerer grensen til Sverige avlyttes
229 av Försvarets radioanstalt (FRA). Vi vet videre takket være
230 Snowden-bekreftelsene at trafikk som passerer grensen til
231 Storbritannia avlyttes av Government Communications Headquarters
232 (GCHQ). I tillegg er er det nettopp lansert et forslag i Norge om at
233 forsvarets E-tjeneste skal få avlytte trafikk som krysser grensen til
234 Norge. Jeg er ikke kjent med dokumentasjon på at Irland og Tyskland
235 gjør det samme. Poenget er uansett at utenlandsk etterretning har
236 mulighet til å snappe opp trafikken når en sender epost til @nrk.no.
237 I tillegg er det selvsagt tilgjengelig for Microsoft som er underlagt USAs
239 <a href=
"https://www.theguardian.com/world/
2013/jul/
11/microsoft-nsa-collaboration-user-data
">samarbeider
240 med USAs etterretning på flere områder
</a
>. De som tipser NRK om
241 nyheter via epost kan dermed gå ut fra at det blir kjent for mange
242 andre enn NRK at det er gjort.
</p
>
244 <p
>Bruk av SMS og telefon registreres av blant annet telefonselskapene
245 og er tilgjengelig i følge lov og forskrift for blant annet Politi,
246 NAV og Finanstilsynet, i tillegg til IT-folkene hos telefonselskapene
247 og deres overordnede. Hvis innringer eller mottaker bruker
248 smarttelefon vil slik kontakt også gjøres tilgjengelig for ulike
249 app-leverandører og de som lytter på trafikken mellom telefon og
250 app-leverandør, alt etter hva som er installert på telefonene som
253 <p
>Brevpost kan virke trygt, og jeg vet ikke hvor mye som registreres
254 og lagres av postens datastyrte postsorteringssentraler. Det vil ikke
255 overraske meg om det lagres hvor i landet hver konvolutt kommer fra og
256 hvor den er adressert, i hvert fall for en kortere periode. Jeg vet
257 heller ikke hvem slik informasjon gjøres tilgjengelig for. Det kan
258 være nok til å ringe inn potensielle kilder når det krysses med hvem
259 som kjente til aktuell informasjon og hvor de befant seg (tilgjengelig
260 f.eks. hvis de bærer mobiltelefon eller bor i nærheten).
</p
>
262 <p
>Personlig oppmøte hos en NRK-journalist er antagelig det tryggeste,
263 men en bør passe seg for å bruke NRK-kantina. Der bryter de nemlig
264 <a href=
"http://www.lovdata.no/all/hl-
19850524-
028.html#
14">Sentralbanklovens
265 paragraf
14</a
> og nekter folk å betale med kontanter. I stedet
266 krever de at en varsle sin bankkortutsteder om hvor en befinner seg
267 ved å bruke bankkort. Banktransaksjoner er tilgjengelig for
268 bankkortutsteder (det være seg VISA, Mastercard, Nets og/eller en
269 bank) i tillegg til politiet og i hvert fall tidligere med Se
& Hør
270 (via utro tjenere, slik det ble avslørt etter utgivelsen av boken
271 «Livet, det forbannede» av Ken B. Rasmussen). Men hvor mange kjenner
272 en NRK-journalist personlig? Besøk på NRK på Marienlyst krever at en
273 registrerer sin ankost elektronisk i besøkssystemet. Jeg vet ikke hva
274 som skjer med det datasettet, men har grunn til å tro at det sendes ut
275 SMS til den en skal besøke med navnet som er oppgitt. Kanskje greit å
276 oppgi falskt navn.
</p
>
278 <p
>Når så tipset er kommet frem til NRK skal det behandles
279 redaksjonelt i NRK. Der vet jeg via ulike kilder at de fleste
280 journalistene bruker lokalt installert programvare, men noen bruker
281 Google Docs og andre skytjenester i strid med interne retningslinjer
282 når de skriver. Hvordan vet en hvem det gjelder? Ikke vet jeg, men
283 det kan være greit å spørre for å sjekke at journalisten har tenkt på
284 problemstillingen, før en gir et tips. Og hvis tipset omtales internt
285 på epost, er det jo grunn til å tro at også intern eposten vil deles
286 med Microsoft og utenlands etterretning, slik tidligere nevnt, men det
287 kan hende at det holdes internt i NRKs interne MS Exchange-løsning.
288 Men Microsoft ønsker å få alle Exchange-kunder over
"i skyen
" (eller
289 andre folks datamaskiner, som det jo innebærer), så jeg vet ikke hvor
290 lenge det i så fall vil vare.
</p
>
292 <p
>I tillegg vet en jo at
293 <a href=
"https://www.nrk.no/ytring/elektronisk-kildevern-i-nrk-
1.11941196">NRK
294 har valgt å gi nasjonal sikkerhetsmyndighet (NSM) tilgang til å se på
295 intern og ekstern Internett-trafikk
</a
> hos NRK ved oppsett av såkalte
296 VDI-noder, på tross av
297 <a href=
"https://www.nrk.no/ytring/bekymring-for-nrks-kildevern-
1.11941584">protester
298 fra NRKs journalistlag
</a
>. Jeg vet ikke om den vil kunne snappe opp
299 dokumenter som lagres på interne filtjenere eller dokumenter som lages
300 i de interne webbaserte publiseringssystemene, men vet at hva noden
301 ser etter på nettet kontrolleres av NSM og oppdateres automatisk, slik
302 at det ikke gir så mye mening å sjekke hva noden ser etter i dag når
303 det kan endres automatisk i morgen.
</p
>
305 <p
>Personlig vet jeg ikke om jeg hadde turt tipse NRK hvis jeg satt på
306 noe som kunne være en trussel mot den bestående makten i Norge eller
307 verden. Til det virker det å være for mange åpninger for
308 utenforstående med andre prioriteter enn NRKs journalistiske fokus.
309 Og den største truslen for en varsler er jo om metainformasjon kommer
310 på avveie, dvs. informasjon om at en har vært i kontakt med en
311 journalist. Det kan være nok til at en kommer i myndighetenes
312 søkelys, og de færreste har nok operasjonell sikkerhet til at vil tåle
313 slik flombelysning på sitt privatliv.
</p
>
318 <title>Isenkram, Appstream and udev make life as a LEGO builder easier
</title>
319 <link>https://www.hungry.com/~pere/blog/Isenkram__Appstream_and_udev_make_life_as_a_LEGO_builder_easier.html
</link>
320 <guid isPermaLink=
"true">https://www.hungry.com/~pere/blog/Isenkram__Appstream_and_udev_make_life_as_a_LEGO_builder_easier.html
</guid>
321 <pubDate>Fri,
7 Oct
2016 09:
50:
00 +
0200</pubDate>
322 <description><p
><a href=
"http://packages.qa.debian.org/isenkram
">The Isenkram
323 system
</a
> provide a practical and easy way to figure out which
324 packages support the hardware in a given machine. The command line
325 tool
<tt
>isenkram-lookup
</tt
> and the tasksel options provide a
326 convenient way to list and install packages relevant for the current
327 hardware during system installation, both user space packages and
328 firmware packages. The GUI background daemon on the other hand provide
329 a pop-up proposing to install packages when a new dongle is inserted
330 while using the computer. For example, if you plug in a smart card
331 reader, the system will ask if you want to install
<tt
>pcscd
</tt
> if
332 that package isn
't already installed, and if you plug in a USB video
333 camera the system will ask if you want to install
<tt
>cheese
</tt
> if
334 cheese is currently missing. This already work just fine.
</p
>
336 <p
>But Isenkram depend on a database mapping from hardware IDs to
337 package names. When I started no such database existed in Debian, so
338 I made my own data set and included it with the isenkram package and
339 made isenkram fetch the latest version of this database from git using
340 http. This way the isenkram users would get updated package proposals
341 as soon as I learned more about hardware related packages.
</p
>
343 <p
>The hardware is identified using modalias strings. The modalias
344 design is from the Linux kernel where most hardware descriptors are
345 made available as a strings that can be matched using filename style
346 globbing. It handle USB, PCI, DMI and a lot of other hardware related
347 identifiers.
</p
>
349 <p
>The downside to the Isenkram specific database is that there is no
350 information about relevant distribution / Debian version, making
351 isenkram propose obsolete packages too. But along came AppStream, a
352 cross distribution mechanism to store and collect metadata about
353 software packages. When I heard about the proposal, I contacted the
354 people involved and suggested to add a hardware matching rule using
355 modalias strings in the specification, to be able to use AppStream for
356 mapping hardware to packages. This idea was accepted and AppStream is
357 now a great way for a package to announce the hardware it support in a
358 distribution neutral way. I wrote
359 <a href=
"https://people.skolelinux.org/pere/blog/Using_appstream_with_isenkram_to_install_hardware_related_packages_in_Debian.html
">a
360 recipe on how to add such meta-information
</a
> in a blog post last
361 December. If you have a hardware related package in Debian, please
362 announce the relevant hardware IDs using AppStream.
</p
>
364 <p
>In Debian, almost all packages that can talk to a LEGO Mindestorms
365 RCX or NXT unit, announce this support using AppStream. The effect is
366 that when you insert such LEGO robot controller into your Debian
367 machine, Isenkram will propose to install the packages needed to get
368 it working. The intention is that this should allow the local user to
369 start programming his robot controller right away without having to
370 guess what packages to use or which permissions to fix.
</p
>
372 <p
>But when I sat down with my son the other day to program our NXT
373 unit using his Debian Stretch computer, I discovered something
374 annoying. The local console user (ie my son) did not get access to
375 the USB device for programming the unit. This used to work, but no
376 longer in Jessie and Stretch. After some investigation and asking
377 around on #debian-devel, I discovered that this was because udev had
378 changed the mechanism used to grant access to local devices. The
379 ConsoleKit mechanism from
<tt
>/lib/udev/rules.d/
70-udev-acl.rules
</tt
>
380 no longer applied, because LDAP users no longer was added to the
381 plugdev group during login. Michael Biebl told me that this method
382 was obsolete and the new method used ACLs instead. This was good
383 news, as the plugdev mechanism is a mess when using a remote user
384 directory like LDAP. Using ACLs would make sure a user lost device
385 access when she logged out, even if the user left behind a background
386 process which would retain the plugdev membership with the ConsoleKit
387 setup. Armed with this knowledge I moved on to fix the access problem
388 for the LEGO Mindstorms related packages.
</p
>
390 <p
>The new system uses a udev tag,
'uaccess
'. It can either be
391 applied directly for a device, or is applied in
392 /lib/udev/rules.d/
70-uaccess.rules for classes of devices. As the
393 LEGO Mindstorms udev rules did not have a class, I decided to add the
394 tag directly in the udev rules files included in the packages. Here
395 is one example. For the nqc C compiler for the RCX, the
396 <tt
>/lib/udev/rules.d/
60-nqc.rules
</tt
> file now look like this:
399 SUBSYSTEM==
"usb
", ACTION==
"add
", ATTR{idVendor}==
"0694", ATTR{idProduct}==
"0001", \
400 SYMLINK+=
"rcx-%k
", TAG+=
"uaccess
"
401 </pre
></p
>
403 <p
>The key part is the
'TAG+=
"uaccess
"' at the end. I suspect all
404 packages using plugdev in their /lib/udev/rules.d/ files should be
405 changed to use this tag (either directly or indirectly via
406 <tt
>70-uaccess.rules
</tt
>). Perhaps a lintian check should be created
407 to detect this?
</p
>
409 <p
>I
've been unable to find good documentation on the uaccess feature.
410 It is unclear to me if the uaccess tag is an internal implementation
411 detail like the udev-acl tag used by
412 <tt
>/lib/udev/rules.d/
70-udev-acl.rules
</tt
>. If it is, I guess the
413 indirect method is the preferred way. Michael
414 <a href=
"https://github.com/systemd/systemd/issues/
4288">asked for more
415 documentation from the systemd project
</a
> and I hope it will make
416 this clearer. For now I use the generic classes when they exist and
417 is already handled by
<tt
>70-uaccess.rules
</tt
>, and add the tag
418 directly if no such class exist.
</p
>
420 <p
>To learn more about the isenkram system, please check out
421 <a href=
"https://people.skolelinux.org/pere/blog/tags/isenkram/
">my
422 blog posts tagged isenkram
</a
>.
</p
>
424 <p
>To help out making life for LEGO constructors in Debian easier,
425 please join us on our IRC channel
426 <a href=
"irc://irc.debian.org/%
23debian-lego
">#debian-lego
</a
> and join
427 the
<a href=
"https://alioth.debian.org/projects/debian-lego/
">Debian
428 LEGO team
</a
> in the Alioth project we created yesterday. A mailing
429 list is not yet created, but we are working on it. :)
</p
>
431 <p
>As usual, if you use Bitcoin and want to show your support of my
432 activities, please send Bitcoin donations to my address
433 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
projects / homepage.git / blob