1 <?xml version=
"1.0" encoding=
"utf-8"?>
2 <rss version='
2.0' xmlns:lj='http://www.livejournal.org/rss/lj/
1.0/' xmlns:
atom=
"http://www.w3.org/2005/Atom">
4 <title>Petter Reinholdtsen
</title>
5 <description></description>
6 <link>http://people.skolelinux.org/pere/blog/
</link>
7 <atom:link href=
"http://people.skolelinux.org/pere/blog/index.rss" rel=
"self" type=
"application/rss+xml" />
10 <title>How to add extra storage servers in Debian Edu / Skolelinux
</title>
11 <link>http://people.skolelinux.org/pere/blog/How_to_add_extra_storage_servers_in_Debian_Edu___Skolelinux.html
</link>
12 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/How_to_add_extra_storage_servers_in_Debian_Edu___Skolelinux.html
</guid>
13 <pubDate>Wed,
12 Mar
2014 12:
50:
00 +
0100</pubDate>
14 <description><p
>On larger sites, it is useful to use a dedicated storage server for
15 storing user home directories and data. The design for handling this
16 in
<a href=
"http://www.skolelinux.org/
">Debian Edu / Skolelinux
</a
>, is
17 to update the automount rules in LDAP and let the automount daemon on
18 the clients take care of the rest. I was reminded about the need to
19 document this better when one of the customers of
20 <a href=
"http://www.slxdrift.no/
">Skolelinux Drift AS
</a
>, where I am
21 on the board of directors, asked about how to do this. The steps to
22 get this working are the following:
</p
>
26 <li
>Add new storage server in DNS. I use nas-server.intern as the
27 example host here.
</li
>
29 <li
>Add automoun LDAP information about this server in LDAP, to allow
30 all clients to automatically mount it on reqeust.
</li
>
32 <li
>Add the relevant entries in tjener.intern:/etc/fstab, because
33 tjener.intern do not use automount to avoid mounting loops.
</li
>
37 <p
>DNS entries are added in GOsa², and not described here. Follow the
38 <a href=
"https://wiki.debian.org/DebianEdu/Documentation/Wheezy/GettingStarted
">instructions
39 in the manual
</a
> (Machine Management with GOsa² in section Getting
42 <p
>Ensure that the NFS export points on the server are exported to the
43 relevant subnets or machines:
</p
>
45 <p
><blockquote
><pre
>
46 root@tjener:~# showmount -e nas-server
47 Export list for nas-server:
50 </pre
></blockquote
></p
>
52 <p
>Here everything on the backbone network is granted access to the
53 /storage export. With NFSv3 it is slightly better to limit it to
54 netgroup membership or single IP addresses to have some limits on the
57 <p
>The next step is to update LDAP. This can not be done using GOsa²,
58 because it lack a module for automount. Instead, use ldapvi and add
59 the required LDAP objects using an editor.
</p
>
61 <p
><blockquote
><pre
>
62 ldapvi --ldap-conf -ZD
'(cn=admin)
' -b ou=automount,dc=skole,dc=skolelinux,dc=no
63 </pre
></blockquote
></p
>
65 <p
>When the editor show up, add the following LDAP objects at the
66 bottom of the document. The
"/
&" part in the last LDAP object is a
67 wild card matching everything the nas-server exports, removing the
68 need to list individual mount points in LDAP.
</p
>
70 <p
><blockquote
><pre
>
71 add cn=nas-server,ou=auto.skole,ou=automount,dc=skole,dc=skolelinux,dc=no
72 objectClass: automount
74 automountInformation: -fstype=autofs --timeout=
60 ldap:ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
76 add ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
78 objectClass: automountMap
81 add cn=/,ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
82 objectClass: automount
84 automountInformation: -fstype=nfs,tcp,rsize=
32768,wsize=
32768,rw,intr,hard,nodev,nosuid,noatime nas-server.intern:/
&
85 </pre
></blockquote
></p
>
87 <p
>The last step to remember is to mount the relevant mount points in
88 tjener.intern by adding them to /etc/fstab, creating the mount
89 directories using mkdir and running
"mount -a
" to mount them.
</p
>
91 <p
>When this is done, your users should be able to access the files on
92 the storage server directly by just visiting the
93 /tjener/nas-server/storage/ directory using any application on any
94 workstation, LTSP client or LTSP server.
</p
>
99 <title>Hvordan bør RFC
822-formattert epost lagres i en NOARK5-database?
</title>
100 <link>http://people.skolelinux.org/pere/blog/Hvordan_b_r_RFC_822_formattert_epost_lagres_i_en_NOARK5_database_.html
</link>
101 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Hvordan_b_r_RFC_822_formattert_epost_lagres_i_en_NOARK5_database_.html
</guid>
102 <pubDate>Fri,
7 Mar
2014 15:
20:
00 +
0100</pubDate>
103 <description><p
>For noen uker siden ble NXCs fri programvarelisenserte
105 <a href=
"http://www.nuug.no/aktiviteter/
20140211-noark/
">presentert hos
106 NUUG
</a
> (video
107 <a href=
"https://www.youtube.com/watch?v=JCb_dNS3MHQ
">på youtube
108 foreløbig
</a
>), og det fikk meg til å titte litt mer på NOARK5,
109 standarden for arkivhåndtering i det offentlige Norge. Jeg lurer på
110 om denne kjernen kan være nyttig i et par av mine prosjekter, og for ett
111 av dem er det mest aktuelt å lagre epost. Jeg klarte ikke finne noen
112 anbefaling om hvordan RFC
822-formattert epost (aka Internett-epost)
113 burde lagres i NOARK5, selv om jeg vet at noen arkiver tar
114 PDF-utskrift av eposten med sitt epostprogram og så arkiverer PDF-en
115 (eller enda værre, tar papirutskrift og lagrer bildet av eposten som
116 PDF i arkivet).
</p
>
118 <p
>Det er ikke så mange formater som er akseptert av riksarkivet til
119 langtidsoppbevaring av offentlige arkiver, og PDF og XML er de mest
120 aktuelle i så måte. Det slo meg at det måtte da finnes en eller annen
121 egnet XML-representasjon og at det kanskje var enighet om hvilken som
122 burde brukes, så jeg tok mot til meg og spurte
123 <a href=
"http://samdok.com/
">SAMDOK
</a
>, en gruppe tilknyttet
124 arkivverket som ser ut til å jobbe med NOARK-samhandling, om de hadde
127 <p
><blockquote
>
128 <p
>Hei.
</p
>
130 <p
>Usikker på om dette er riktig forum å ta opp mitt spørsmål, men jeg
131 lurer på om det er definert en anbefaling om hvordan RFC
132 822-formatterte epost (aka vanlig Internet-epost) bør lages håndteres
133 i NOARK5, slik at en bevarer all informasjon i eposten
134 (f.eks. Received-linjer). Finnes det en anbefalt XML-mapping ala den
136 &lt;URL:
<a href=
"https://www.informit.com/articles/article.aspx?p=
32074">https://www.informit.com/articles/article.aspx?p=
32074</a
> &gt;? Mitt
137 mål er at det skal være mulig å lagre eposten i en NOARK5-kjerne og
138 kunne få ut en identisk formattert kopi av opprinnelig epost ved
140 </blockquote
></p
>
142 <p
>Postmottaker hos SAMDOK mente spørsmålet heller burde stilles
143 direkte til riksarkivet, og jeg fikk i dag svar derfra formulert av
144 seniorrådgiver Geir Ivar Tungesvik:
</p
>
146 <p
><blockquote
>
147 <p
>Riksarkivet har ingen anbefalinger når det gjelder konvertering fra
148 e-post til XML. Det står arkivskaper fritt å eventuelt definere/bruke
149 eget format. Inklusive da - som det spørres om - et format der det er
150 mulig å re-etablere e-post format ut fra XML-en. XML (e-post)
151 dokumenter må være referert i arkivstrukturen, og det må vedlegges et
152 gyldig XML skjema (.xsd) for XML-filene. Arkivskaper står altså fritt
153 til å gjøre hva de vil, bare det dokumenteres og det kan dannes et
154 utrekk ved avlevering til depot.
</p
>
156 <p
>De obligatoriske kravene i Noark
5 standarden må altså oppfylles -
157 etter dialog med Riksarkivet i forbindelse med godkjenning. For
158 offentlige arkiv er det særlig viktig med filene loependeJournal.xml
159 og offentligJournal.xml. Private arkiv som vil forholde seg til Noark
160 5 standarden er selvsagt frie til å bruke det som er relevant for dem
161 av obligatoriske krav.
</p
>
162 </blockquote
></p
>
164 <p
>Det ser dermed ut for meg som om det er et lite behov for å
165 standardisere XML-lagring av RFC-
822-formatterte meldinger. Noen som
166 vet om god spesifikasjon i så måte? I tillegg til den omtalt over,
167 har jeg kommet over flere aktuelle beskrivelser (søk på
"rfc
822
168 xml
", så finner du aktuelle alternativer).
</p
>
172 <li
><a href=
"http://www.openhealth.org/xmtp/
">XML MIME Transformation
173 protocol (XMTP)
</a
> fra OpenHealth, sist oppdatert
2001.
</li
>
175 <li
><a href=
"https://tools.ietf.org/html/draft-klyne-message-rfc822-xml-
03">An
176 XML format for mail and other messages
</a
> utkast fra IETF datert
179 <li
><a href=
"http://www.informit.com/articles/article.aspx?p=
32074">xMail:
180 E-mail as XML
</a
> en artikkel fra
2003 som beskriver python-modulen
181 rfc822 som gir ut XML-representasjon av en RFC
822-formattert epost.
</li
>
185 <p
>Finnes det andre og bedre spesifikasjoner for slik lagring? Send
186 meg en epost hvis du har innspill.
</p
>
191 <title>Lenker for
2014-
02-
28</title>
192 <link>http://people.skolelinux.org/pere/blog/Lenker_for_2014_02_28.html
</link>
193 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Lenker_for_2014_02_28.html
</guid>
194 <pubDate>Fri,
28 Feb
2014 13:
30:
00 +
0100</pubDate>
195 <description><p
>Her er noen lenker til tekster jeg har satt pris på å lese de siste
196 månedene. Det er mye om varsleren Edward Snowden, som burde få all
197 hjelp, støtte og beskyttelse Norge kan stille opp med for å ha satt
198 totalitær overvåkning på sakskartet, men også endel annet
199 tankevekkende og interessant.
</p
>
204 <a href=
"http://www.dagbladet.no/
2013/
12/
21/nyheter/thomas_drake/nsa/overvakning/snowden/
30925886/
">-
205 NSA tenker som Stasi
</a
> - Dagbladet.no
</li
>
207 <li
>2013-
12-
19 <a href=
"http://www.dagensit.no/article2732734.ece
">-
208 Staten har ikke rett til å vite alt om deg
</a
> - DN.no
</li
>
211 <a href=
"http://www.dagbladet.no/
2013/
12/
21/nyheter/krig_og_konflikter/politikk/utenriks/
30961126/
">Nye
212 mål for NSAs spionasje avslørt
</a
> - Dagbladet.no
</li
>
215 <a href=
"http://www.dagbladet.no/
2013/
12/
19/nyheter/nsa/usa/politikk/barack_obama/
30918684/
">«NSA
216 bør fjernes fra sin makt til å samle inn metadata fra amerikanske
217 telefonsamtaler»
</a
> - Dagbladet.no
</li
>
220 <a href=
"http://www.dagbladet.no/
2013/
12/
18/kultur/meninger/hovedkronikk/debatt/snowden/
30901089/
">Etterretning,
221 overvåking, frihet og sikkerhet
</a
> - Dagbladet.no
</li
>
224 <a href=
"http://www.nrk.no/verden/snowden-vil-ha-asyl-i-brasil-
1.11423444">Snowden
225 angriper USA i åpent brev
</a
> - nrk.no
</li
>
228 <a href=
"http://www.digi.no/
925820/rettslig-nederlag-for-etterretning
">Rettslig
229 nederlag for etterretning
</a
> - digi.no
</li
>
232 <a href=
"http://www.dagbladet.no/
2013/
12/
21/kultur/meninger/hovedkommentar/kommentar/etterretning/
30963284/
">Truende
233 nedkjøling
</a
> - dagbladet.no
</li
>
236 <a href=
"http://www.aftenposten.no/viten/Matematikk-og-forstaelse-
7411849.html
">Matematikk
237 og forståelse
</a
> - aftenposten.no
</li
>
240 <a href=
"http://www.nrk.no/viten/ny-studie_sovn-reinser-hjernen-var-
1.11306106">Vi
241 søv for å reinse hjernen vår, ifølgje ny studie
</a
> - nrk.no
</li
>
244 <a href=
"http://www.nrk.no/buskerud/julebaksten-i-vasken-
1.11410033">Rotterace
245 i kloakken
</a
> - nrk.no
</li
>
248 <a href=
"http://www.aftenposten.no/viten/Apne-brev-og-frie-tanker-
7413734.html
">Åpne
249 brev og frie tanker
</a
> - aftenposten.no
</li
>
252 <a href=
"http://www.aftenposten.no/viten/Stopp-kunnskapsapartheidet-
7428229.html
">Stopp dagens kunnskapsapartheid!
</a
> - aftenposten.no
</li
>
255 <a href=
"http://www.aftenposten.no/nyheter/uriks/EU-rapport-Britisk-og-amerikansk-overvaking-ser-ut-til-a-vare-ulovlig-
7428933.html
">EU-rapport:
256 Britisk og amerikansk overvåking ser ut til å være ulovlig
</a
> -
257 aftenposten.no
</li
>
259 <li
>2013-
10-
23 Professor Jan Arild Audestad
260 <a href=
"http://www.digi.no/
924008/advarer-mot-konspirasjonsteori
">Advarer
261 mot konspirasjonsteori
</a
> i digi.no og sier han ikke tror NSA kan
262 avlytte mobiltelefoner, mens han noen måneder senere forteller:
</li
>
265 <a href=
"http://www.aftenposten.no/nyheter/iriks/--Vi-ble-presset-til-a-svekke-mobilsikkerheten-pa-
80-tallet-
7410467.html
">-
266 Vi ble presset til å svekke mobilsikkerheten på
80-tallet
</a
> -
267 aftenposten.no
</li
>
270 <a href=
"http://tv.nrk.no/program/koid20005814/et-moete-med-edward-snowden
">Et
271 møte med Edward Snowden
</a
> - intervju sendt av nrk, tilgjengelig til
272 2015-
01-
31</li
>
275 <a href=
"http://politiken.dk/debat/profiler/jessteinpedersen/ECE2210356/litteraturredaktoeren-helle-thornings-tavshed-om-snowden-er-en-skandale/
">Litteraturredaktøren:
276 Helle Thornings tavshed om Snowden er en skandale
</a
> -
277 politiken.dk
</li
>
280 <a href=
"http://www.aftenposten.no/meninger/kronikker/Bra-a-ha-en-Storebror-
7476734.html
">Bra å ha en «Storebror»
</a
> - aftenposten.no
</li
>
283 <a href=
"http://johnchristianelden.blogg.no/
1393536806_narkotikasiktet_stort.html
">"Narkotikasiktet
284 Stortingsmann
" - Spillet bak kulissene
</a
> - John Christian Eldens
288 <a href=
"http://www.aftenposten.no/meninger/Heksejakt-pa-hasjbrukere-
7486283.html
">Heksejakt
289 på hasjbrukere
</a
> - aftenposten.no
</li
>
296 <title>New home and release
1.0 for netgroup and innetgr (aka ng-utils)
</title>
297 <link>http://people.skolelinux.org/pere/blog/New_home_and_release_1_0_for_netgroup_and_innetgr__aka_ng_utils_.html
</link>
298 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/New_home_and_release_1_0_for_netgroup_and_innetgr__aka_ng_utils_.html
</guid>
299 <pubDate>Sat,
22 Feb
2014 21:
45:
00 +
0100</pubDate>
300 <description><p
>Many years ago, I wrote a GPL licensed version of the netgroup and
301 innetgr tools, because I needed them in
302 <a href=
"http://www.skolelinux.org/
">Skolelinux
</a
>. I called the project
303 ng-utils, and it has served me well. I placed the project under the
304 <a href=
"http://www.hungry.com/
">Hungry Programmer
</a
> umbrella, and it was maintained in our CVS
305 repository. But many years ago, the CVS repository was dropped (lost,
306 not migrated to new hardware, not sure), and the project have lacked a
307 proper home since then.
</p
>
309 <p
>Last summer, I had a look at the package and made a new release
310 fixing a irritating crash bug, but was unable to store the changes in
311 a proper source control system. I applied for a project on
312 <a href=
"https://alioth.debian.org/
">Alioth
</a
>, but did not have time
313 to follow up on it. Until today. :)
</p
>
315 <p
>After many hours of cleaning and migration, the ng-utils project
316 now have a new home, and a git repository with the highlight of the
317 history of the project. I published all release tarballs and imported
318 them into the git repository. As the project is really stable and not
319 expected to gain new features any time soon, I decided to make a new
320 release and call it
1.0. Visit the new project home on
321 <a href=
"https://alioth.debian.org/projects/ng-utils/
">https://alioth.debian.org/projects/ng-utils/
</a
>
322 if you want to check it out. The new version is also uploaded into
323 <a href=
"http://packages.qa.debian.org/n/ng-utils.html
">Debian Unstable
</a
>.
</p
>
328 <title>Testing sysvinit from experimental in Debian Hurd
</title>
329 <link>http://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html
</link>
330 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Testing_sysvinit_from_experimental_in_Debian_Hurd.html
</guid>
331 <pubDate>Mon,
3 Feb
2014 13:
40:
00 +
0100</pubDate>
332 <description><p
>A few days ago I decided to try to help the Hurd people to get
333 their changes into sysvinit, to allow them to use the normal sysvinit
334 boot system instead of their old one. This follow up on the
335 <a href=
"https://teythoon.cryptobitch.de//categories/gsoc.html
">great
336 Google Summer of Code work
</a
> done last summer by Justus Winter to
337 get Debian on Hurd working more like Debian on Linux. To get started,
338 I downloaded a prebuilt hard disk image from
339 <a href=
"http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz
">http://ftp.debian-ports.org/debian-cd/hurd-i386/current/debian-hurd.img.tar.gz
</a
>,
340 and started it using virt-manager.
</p
>
342 <p
>The first think I had to do after logging in (root without any
343 password) was to get the network operational. I followed
344 <a href=
"https://www.debian.org/ports/hurd/hurd-install
">the
345 instructions on the Debian GNU/Hurd ports page
</a
> and ran these
346 commands as root to get the machine to accept a IP address from the
347 kvm internal DHCP server:
</p
>
349 <p
><blockquote
><pre
>
350 settrans -fgap /dev/netdde /hurd/netdde
351 kill $(ps -ef|awk
'/[p]finet/ { print $
2}
')
352 kill $(ps -ef|awk
'/[d]evnode/ { print $
2}
')
354 </pre
></blockquote
></p
>
356 <p
>After this, the machine had internet connectivity, and I could
357 upgrade it and install the sysvinit packages from experimental and
358 enable it as the default boot system in Hurd.
</p
>
360 <p
>But before I did that, I set a password on the root user, as ssh is
361 running on the machine it for ssh login to work a password need to be
362 set. Also, note that a bug somewhere in openssh on Hurd block
363 compression from working. Remember to turn that off on the client
366 <p
>Run these commands as root to upgrade and test the new sysvinit
369 <p
><blockquote
><pre
>
370 cat
> /etc/apt/sources.list.d/experimental.list
&lt;
&lt;EOF
371 deb http://http.debian.net/debian/ experimental main
375 apt-get install -t experimental initscripts sysv-rc sysvinit \
376 sysvinit-core sysvinit-utils
377 update-alternatives --config runsystem
378 </pre
></blockquote
></p
>
380 <p
>To reboot after switching boot system, you have to use
381 <tt
>reboot-hurd
</tt
> instead of just
<tt
>reboot
</tt
>, as there is not
382 yet a sysvinit process able to receive the signals from the normal
383 'reboot
' command. After switching to sysvinit as the boot system,
384 upgrading every package and rebooting, the network come up with DHCP
385 after boot as it should, and the settrans/pkill hack mentioned at the
386 start is no longer needed. But for some strange reason, there are no
387 longer any login prompt in the virtual console, so I logged in using
390 <p
>Note that there are some race conditions in Hurd making the boot
391 fail some times. No idea what the cause is, but hope the Hurd porters
392 figure it out. At least Justus said on IRC (#debian-hurd on
393 irc.debian.org) that they are aware of the problem. A way to reduce
394 the impact is to upgrade to the Hurd packages built by Justus by
395 adding this repository to the machine:
</p
>
397 <p
><blockquote
><pre
>
398 cat
> /etc/apt/sources.list.d/hurd-ci.list
&lt;
&lt;EOF
399 deb http://darnassus.sceen.net/~teythoon/hurd-ci/ sid main
401 </pre
></blockquote
></p
>
403 <p
>At the moment the prebuilt virtual machine get some packages from
404 http://ftp.debian-ports.org/debian, because some of the packages in
405 unstable do not yet include the required patches that are lingering in
406 BTS. This is the completely list of
"unofficial
" packages installed:
</p
>
408 <p
><blockquote
><pre
>
409 # aptitude search
'?narrow(?version(CURRENT),?origin(Debian Ports))
'
410 i emacs - GNU Emacs editor (metapackage)
412 i hurd-recommended - Miscellaneous translators
413 i isc-dhcp-client - ISC DHCP client
414 i isc-dhcp-common - common files used by all the isc-dhcp* packages
415 i libc-bin - Embedded GNU C Library: Binaries
416 i libc-dev-bin - Embedded GNU C Library: Development binaries
417 i libc0.3 - Embedded GNU C Library: Shared libraries
418 i A libc0.3-dbg - Embedded GNU C Library: detached debugging symbols
419 i libc0.3-dev - Embedded GNU C Library: Development Libraries and Hea
420 i multiarch-support - Transitional package to ensure multiarch compatibilit
421 i A x11-common - X Window System (X.Org) infrastructure
422 i xorg - X.Org X Window System
423 i A xserver-xorg - X.Org X server
424 i A xserver-xorg-input-all - X.Org X server -- input driver metapackage
426 </pre
></blockquote
></p
>
428 <p
>All in all, testing hurd has been an interesting experience. :)
429 X.org did not work out of the box and I never took the time to follow
430 the porters instructions to fix it. This time I was interested in the
431 command line stuff.
<p
>
436 <title>A fist full of non-anonymous Bitcoins
</title>
437 <link>http://people.skolelinux.org/pere/blog/A_fist_full_of_non_anonymous_Bitcoins.html
</link>
438 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/A_fist_full_of_non_anonymous_Bitcoins.html
</guid>
439 <pubDate>Wed,
29 Jan
2014 14:
10:
00 +
0100</pubDate>
440 <description><p
>Bitcoin is a incredible use of peer to peer communication and
441 encryption, allowing direct and immediate money transfer without any
442 central control. It is sometimes claimed to be ideal for illegal
443 activity, which I believe is quite a long way from the truth. At least
444 I would not conduct illegal money transfers using a system where the
445 details of every transaction are kept forever. This point is
447 <a href=
"https://www.usenix.org/publications/login
">USENIX ;login:
</a
>
448 from December
2013, in the article
449 "<a href=
"https://www.usenix.org/system/files/login/articles/
03_meiklejohn-online.pdf
">A
450 Fistful of Bitcoins - Characterizing Payments Among Men with No
451 Names
</a
>" by Sarah Meiklejohn, Marjori Pomarole,Grant Jordan, Kirill
452 Levchenko, Damon McCoy, Geoffrey M. Voelker, and Stefan Savage. They
453 analyse the transaction log in the Bitcoin system, using it to find
454 addresses belong to individuals and organisations and follow the flow
455 of money from both Bitcoin theft and trades on Silk Road to where the
456 money end up. This is how they wrap up their article:
</p
>
458 <p
><blockquote
>
459 <p
>"To demonstrate the usefulness of this type of analysis, we turned
460 our attention to criminal activity. In the Bitcoin economy, criminal
461 activity can appear in a number of forms, such as dealing drugs on
462 Silk Road or simply stealing someone else’s bitcoins. We followed the
463 flow of bitcoins out of Silk Road (in particular, from one notorious
464 address) and from a number of highly publicized thefts to see whether
465 we could track the bitcoins to known services. Although some of the
466 thieves attempted to use sophisticated mixing techniques (or possibly
467 mix services) to obscure the flow of bitcoins, for the most part
468 tracking the bitcoins was quite straightforward, and we ultimately saw
469 large quantities of bitcoins flow to a variety of exchanges directly
470 from the point of theft (or the withdrawal from Silk Road).
</p
>
472 <p
>As acknowledged above, following stolen bitcoins to the point at
473 which they are deposited into an exchange does not in itself identify
474 the thief; however, it does enable further de-anonymization in the
475 case in which certain agencies can determine (through, for example,
476 subpoena power) the real-world owner of the account into which the
477 stolen bitcoins were deposited. Because such exchanges seem to serve
478 as chokepoints into and out of the Bitcoin economy (i.e., there are
479 few alternative ways to cash out), we conclude that using Bitcoin for
480 money laundering or other illicit purposes does not (at least at
481 present) seem to be particularly attractive.
"</p
>
482 </blockquote
><p
>
484 <p
>These researches are not the first to analyse the Bitcoin
485 transaction log. The
2011 paper
486 "<a href=
"http://arxiv.org/abs/
1107.4524">An Analysis of Anonymity in
487 the Bitcoin System
</A
>" by Fergal Reid and Martin Harrigan is
488 summarized like this:
</p
>
490 <p
><blockquote
>
491 "Anonymity in Bitcoin, a peer-to-peer electronic currency system, is a
492 complicated issue. Within the system, users are identified by
493 public-keys only. An attacker wishing to de-anonymize its users will
494 attempt to construct the one-to-many mapping between users and
495 public-keys and associate information external to the system with the
496 users. Bitcoin tries to prevent this attack by storing the mapping of
497 a user to his or her public-keys on that user
's node only and by
498 allowing each user to generate as many public-keys as required. In
499 this chapter we consider the topological structure of two networks
500 derived from Bitcoin
's public transaction history. We show that the
501 two networks have a non-trivial topological structure, provide
502 complementary views of the Bitcoin system and have implications for
503 anonymity. We combine these structures with external information and
504 techniques such as context discovery and flow analysis to investigate
505 an alleged theft of Bitcoins, which, at the time of the theft, had a
506 market value of approximately half a million U.S. dollars.
"
507 </blockquote
></p
>
509 <p
>I hope these references can help kill the urban myth that Bitcoin
510 is anonymous. It isn
't really a good fit for illegal activites. Use
511 cash if you need to stay anonymous, at least until regular DNA
512 sampling of notes and coins become the norm. :)
</p
>
514 <p
>As usual, if you use Bitcoin and want to show your support of my
515 activities, please send Bitcoin donations to my address
516 <b
><a href=
"bitcoin:
15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
&label=PetterReinholdtsenBlog
">15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b
</a
></b
>.
</p
>
521 <title>New chrpath release
0.16</title>
522 <link>http://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html
</link>
523 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/New_chrpath_release_0_16.html
</guid>
524 <pubDate>Tue,
14 Jan
2014 11:
00:
00 +
0100</pubDate>
525 <description><p
><a href=
"http://www.coverity.com/
">Coverity
</a
> is a nice tool to
526 find problems in C, C++ and Java code using static source code
527 analysis. It can detect a lot of different problems, and is very
528 useful to find memory and locking bugs in the error handling part of
529 the source. The company behind it provide
530 <a href=
"https://scan.coverity.com/
">check of free software projects as
531 a community service
</a
>, and many hundred free software projects are
532 already checked. A few days ago I decided to have a closer look at
533 the Coverity system, and discovered that the
534 <a href=
"http://www.gnu.org/software/gnash/
">gnash
</a
> and
535 <a href=
"http://sourceforge.net/projects/ipmitool/
">ipmitool
</a
>
536 projects I am involved with was already registered. But these are
537 fairly big, and I would also like to have a small and easy project to
538 check, and decided to
<a href=
"http://scan.coverity.com/projects/
1179">request
539 checking of the chrpath project
</a
>. It was
540 added to the checker and discovered seven potential defects. Six of
541 these were real, mostly resource
"leak
" when the program detected an
542 error. Nothing serious, as the resources would be released a fraction
543 of a second later when the program exited because of the error, but it
544 is nice to do it right in case the source of the program some time in
545 the future end up in a library. Having fixed all defects and added
546 <a href=
"https://lists.alioth.debian.org/mailman/listinfo/chrpath-devel
">a
547 mailing list for the chrpath developers
</a
>, I decided it was time to
548 publish a new release. These are the release notes:
</p
>
550 <p
>New in
0.16 released
2014-
01-
14:
</p
>
554 <li
>Fixed all minor bugs discovered by Coverity.
</li
>
555 <li
>Updated config.sub and config.guess from the GNU project.
</li
>
556 <li
>Mention new project mailing list in the documentation.
</li
>
561 <a href=
"https://alioth.debian.org/frs/?group_id=
31052">download the
562 new version
0.16 from alioth
</a
>. Please let us know via the Alioth
563 project if something is wrong with the new release. The test suite
564 did not discover any old errors, so if you find a new one, please also
565 include a test suite check.
</p
>
570 <title>Debian Edu interview: Dominik George
</title>
571 <link>http://people.skolelinux.org/pere/blog/Debian_Edu_interview__Dominik_George.html
</link>
572 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian_Edu_interview__Dominik_George.html
</guid>
573 <pubDate>Wed,
25 Dec
2013 13:
40:
00 +
0100</pubDate>
574 <description><p
>The
<a href=
"http://www.skolelinux.org/
">Debian Edu / Skolelinux
575 project
</a
> consist of both newcomers and old timers, and this time I
576 was able to get an interview with a newcomer in the project who showed
577 up on the IRC channel a few weeks ago to let us know about his
578 successful installation of Debian Edu Wheezy in his School. Say hello
579 to
<a href=
"https://www.ohloh.net/accounts/Natureshadow
">Dominik
580 George
</a
>.
</p
>
582 <!-- http://www.dominik-george.de/images/foto.jpg --
>
584 <p
><strong
>Who are you, and how do you spend your days?
</strong
></p
>
586 <p
>I am a
23 year-old student from Germany who has spent half of his
587 life with open source. In
"real life
", I am, as already mentioned, a
588 student in the fields of Computer Science, Electrical Engineering,
589 Information Technologies and Anglistics. Due to my (only partially
590 voluntary) huge engagement in the open source world, these things are
591 a bit vacant right now however.
</p
>
593 <p
>I also have been working as a project teacher at a Gymasnium
594 (public school) for various years now. I took up that work some time
595 around
2005 when still attending that school myself and have continued
596 it until today. I also had been running the (kind of very advanced)
597 network of that school together with a team of very interested and
598 talented students in the age of
11 to
15 years, who took the chance to
599 learn a lot about open source and networking before I left the school
600 to help building another school
's informational education concept from
603 <p
>That said, one might see me as a kind of
"glue
" between school kids
604 and the elderly of teachers as well as between the open source
605 ecosystem and the (even more complex) educational ecosystem.
</p
>
607 <p
>When I am not busy with open source or education, I like Geocaching
608 and cycling.
</p
>
610 <p
><strong
>How did you get in contact with the Skolelinux / Debian Edu
611 project?
</strong
></p
>
613 <p
>I think that happened some time around
2009 when I first attended
614 <a href=
"http://www.froscon.org
">FrOSCon
</a
> and visited the project
615 booth. I think I wasn
't too interested back then because I used to
616 have an attitude of disliking software that does too much stuff on its
617 own. Maybe I was too inexperienced to realise the upsides of an
618 "out-of-the-box
" solution ;).
</p
>
620 <p
>The first time I actively talked to Skolelinux people was at
621 <a href=
"http://www.openrheinruhr.de
">OpenRheinRuhr
</a
> 2011 when the
622 BiscuIT project, a home-grewn software used by my school for various
623 really cool things from timetables and class contact lists to lunch
624 ordering, student ID card printing and project elections first got to
625 a stage where it could have been published. I asked the Skolelinux
626 guys running the booth if the project were interested in it and gave a
627 small demonstration, but there wasn
't any real feedback and the guys
628 seemed rather uninterested.
</p
>
630 <p
>After I left the school where I developed the software, it got
631 mostly lost, but I am now reimplementing it for my new school. I have
632 reusability and compatibility in mind, and I hop there will be a new
633 basis for contributing it to the Skolelinux project ;)!
</p
>
635 <p
><strong
>What do you see as the advantages of Skolelinux / Debian
636 Edu?
</strong
></p
>
638 <p
>The most important advantage seems to be that it
"just
639 works
". After overcoming some minor (but still very annoying) glitches
640 in the installer, I got a fully functional, working school network,
641 without the month-long hassle I experienced when setting all that up
642 from scratch in earlier years. And above that, it rocked - I didn
't
643 have any real hardware at hand, because the school was just founded
644 and has no money whatsoever, so I installed a combined server (main
645 server, terminal services and workstation) in a VM on my personal
646 notebook, bridging the LTSP network interface to the ethernet port,
647 and then PXE-booted the Windows notebooks that were lying around from
648 it. I could use
8 clients without any performance issues, by using a
649 tiny little VM on a tiny little notebook. I think that
's enough to say
650 that it rocks!
</p
>
652 <p
>Secondly, there are marketing reasons. Life
's bad, and so no
653 politician will ever permit a setup described as
"Debian, an universal
654 operating system, with some really cool educational tools
" while they
655 will be jsut fine with
"Skolelinux, a single-purpose solution for your
656 school network
", even if both turn out to be the very same thing (yes,
657 this is unfair towards the Skolelinux project, and must not be taken
658 too seriously - you get the idea, anyway).
</p
>
660 <p
><strong
>What do you see as the disadvantages of Skolelinux / Debian
661 Edu?
</strong
></p
>
663 <p
>I have not been involved with Skolelinux long enough to really
664 answer this question in a fair way. Thus, please allow me to put it in
665 other words:
"What do you expect from Skolelinux to keep liking it?
" I
666 can list a few points about that:
</p
>
670 <li
>always strive to get all things integrated into Debian upstream
671 <li
>be open to discussion about changes and the like, even with newcomers
672 <li
>be helpful at being helpful ;)
676 <p
>I
'm really sorry I cannot say much more about that :(!
</p
>
678 <p
><strong
>Which free software do you use daily?
</strong
></p
>
680 <p
>First of all, all software I use is free and open. I have abandoned
681 all non-free software (except for firmware on my darned phone) this
684 <p
>I run Debian GNU/Linux on all PC systems I use. On that, I mostly
685 run text tools. I use
686 <a href=
"https://www.mirbsd.org/mksh.htm
">mksh
</a
> as shell,
687 <a href=
"https://www.mirbsd.org/jupp.htm
">jupp
</a
> as very advanced
688 text editor (I even got the developer to help me write a script/macro
689 based full-featured student management software with the two),
690 <a href=
"http://mcabber.com/
">mcabber
</a
> for XMPP and
691 <a href=
"http://www.irssi.org/
">irssi
</a
> for IRC. For that overly
692 coloured world called the WWW, I use
693 <a href=
"https://www.mozilla.org/en-US/firefox/new/
">Iceweasel
694 (Firefox)
</a
>. Oh, and
<a href=
"http://www.mutt.org/
">mutt
</a
> for
697 <p
>However, while I am personally aware of the fact that text tools
698 are more efficient and powerful than anything else, I also use (or at
699 least operate) some tools that are suitable to bring open source to
700 kids. One of these things is
<a href=
"http://jappix.org/
">Jappix
</a
>,
701 which I already introduced to some kids even before they got aware of
702 Facebook, making them see for themselves that they do not need
703 Facebook now ;).
</p
>
705 <p
><strong
>Which strategy do you believe is the right one to use to
706 get schools to use free software?
</strong
></p
>
708 <p
>Well, that
's a two-sided thing. One side is what I believe, and one
709 side is what I have experienced.
</p
>
711 <p
>I believe that the right strategy is showing them the benefits. But
712 that won
't work out as long as the acceptance of free alternatives
713 grows globally. What I mean is that if all the kids are almost forced
714 to use Windows, Facebook, Skype, you name it at home, they will not
715 see why they would want to use alternatives at school. I have seen
716 students take seat in front of a fully-functional, modern Debian
717 desktop that could do anything their Windows at home could do, and
718 they jsut refused to use it because
"Linux sucks
". It is something
719 that makes the council of our city spend around
600000 € to buy
720 software - not including hardware, mind you - for operating school
721 networks, and for installing a system that, as has been proved, does
722 not work. For those of you readers who are good at maths, have you
723 already found out how many lives could have been saved with that money
724 if we had instead used it to bring education to parts of the world
725 that need it? I have, and found it to be nothing less dramatic than
726 plain criminal.
</p
>
728 <p
>That said, the only feasible way appears to be the bottom up
729 method. We have to bring free software to kids and parents. I have
730 founded an association named
731 <a href=
"https://www.teckids.org
">Teckids
</a
> here in Germany that does
732 just that. We organise several events for kids and adolescents in the
733 area of free and open source software, for example the
734 <a href=
"http://kids.froscon.org
">FrogLabs
</a
>, which share staff with
735 Teckids and are the youth programme of
736 <a href=
"http://www.froscon.org
">the Free and Open Source Software
737 Conference (FrOSCon)
</a
>. We do a lot more than most other conferences
738 - this year, we first offered the FrogLabs as a holiday camp for kids
739 aged
10 to
16. It was a huge success, with approx.
30 kids taking part
740 and learning with and about free software through a whole weekend. All
741 of us had a lot of fun, and the results were really exciting.
</p
>
743 <p
>Apart from that, we are preparing a campaign that is supposed to bring
744 the message of free alternatives to stuff kids use every day to them and
745 their parents, e.g. the use of Jabber / Jappix instead of Facebook and
746 Skype. To make that possible, we are planning to get together a team of
747 clever kids who understand very well what their peers need and can bring
748 it across to them. So we will have a peer-driven network of adolescents
749 who teach each other and collect feedback from the community of minors.
750 We then take that feedback and our own experience to work closely with
751 open source projects, such as Skolelinux or Jappix, at improving their
752 software in a way that makes it more and more attractive for the target
753 group. At least I hope that we will have good cooperation with
754 Skolelinux in the future ;)!
</p
>
756 <p
>So in conclusion, what I believe is that, if it weren
't for the world
757 being so bad, it should be very clear to the political decision makers
758 that the only way to go nowadays is free software for various reasons,
759 but I have learnt that the only way that seems to work is bottom up.
</p
>
763 > * Who should be interviewed with this questions in the future?
765 That
's probably the hardest question of them all, as I do not know the
766 community. However, I would be willing to do the following:
768 <li
>Run an interview with a German headteacher who is very open to
769 free software, and also prefers it, but cannot really use it because
770 of the decision makers above;
771 <li
>Run interviews with some kids, both with and without previous
772 knowledge about free software
774 If that is wanted, just let me know ;).
781 <title>Dugnadsnett for alle stiller på Oslo Maker Faire i januar
2014</title>
782 <link>http://people.skolelinux.org/pere/blog/Dugnadsnett_for_alle_stiller_p__Oslo_Maker_Faire_i_januar_2014.html
</link>
783 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Dugnadsnett_for_alle_stiller_p__Oslo_Maker_Faire_i_januar_2014.html
</guid>
784 <pubDate>Tue,
10 Dec
2013 19:
20:
00 +
0100</pubDate>
785 <description><p
>Helga
18. og
19. januar
2014 arrangeres
786 <a href=
"http://makerfaireoslo.no/no/program/dugnadsnett
">Oslo Maker
787 Faire
</a
>, og
<a href=
"http://www.dugnadsnett.no/
">Dugnadsnett for
788 alle
</a
> har fått plass! Planen er å ha et bord med en plakat der vi
789 forteller om hva Dugnadsnett for alle er for noe, og et lite verksted
790 der vi hjelper folk som er interessert i å få opp sin egen mesh-node.
791 Jeg gleder meg til å se hvordan prosjektet blir mottatt der.
</p
>
793 <p
>Målet med dugnadsnett for alle i Oslo er å få på plass et datanett
794 for kommunikasjon ved hjelp av radio-repeaterstasjoner (kalt
795 mesh-noder) som gjør at en kan direkte kommunisere med slekt, venner
796 og bekjente i Oslo via andre som deltar i dugnadsnettet, samt gjøre
797 det mulig komme ut på internett via dugnadsnettet. Første delmål er å
798 kunne sende SMS-meldinger vha. IP-telefoni løsningen
799 <a href=
"http://www.servalproject.org/
">Serval project
</a
> mellom
800 deltagerne i Dugnadsnett for alle i Oslo. Formålet er å ta tilbake
801 kontrollen over egen nett-infrastruktur og gjøre det dyrere å bedrive
802 massiv innsamling av informasjon om borgernes bruk av datanett.
</p
>
804 <p
>Høres dette interessant ut? Bli med på prosjektet, fortell oss
805 hvor du kunne tenke deg å sette opp en radio-repeater (slik at folk i
806 nærheten kan finne hverandre ved hjelp av
807 <a href=
"http://flynor.net/mesh/mesh.php
">kartet over planlagte og
808 eksisterende radio-repeatere
</A
>), bli med på epostlisten
809 <a href=
"http://lists.nuug.no/mailman/listinfo/dugnadsnett
">dugnadsnett
810 (at) nuug.no
</a
> og stikk innom
811 <a href=
"irc://irc.freenode.net/#dugnadsnett.no
">IRC-kanalen
812 #dugnadsnett.no
</a
>. Så langt er det planlagt over
40
813 radio-repeatere, med VPN-forbindelser via Internet for å la de delene
814 av nettet som ikke når hverandre via radio kunne snakke med hverandre
820 <title>Debian Edu interview: Klaus Knopper
</title>
821 <link>http://people.skolelinux.org/pere/blog/Debian_Edu_interview__Klaus_Knopper.html
</link>
822 <guid isPermaLink=
"true">http://people.skolelinux.org/pere/blog/Debian_Edu_interview__Klaus_Knopper.html
</guid>
823 <pubDate>Fri,
6 Dec
2013 09:
50:
00 +
0100</pubDate>
824 <description><p
>It has been a while since I managed to publish the last interview,
825 but the
<a href=
"http://www.skolelinux.org/
">Debian Edu /
826 Skolelinux
</a
> community is still going strong, and yesterday we even
827 had a new school administrator show up on
828 <a href=
"irc://irc.debian.org/#debian-edu
">#debian-edu
</a
> to share
829 his success story with installing Debian Edu at their school. This
830 time I have been able to get some helpful comments from the creator of
831 Knoppix, Klaus Knopper, who was involved in a Skolelinux project in
832 Germany a few years ago.
</p
>
834 <p
><strong
>Who are you, and how do you spend your days?
</strong
></p
>
836 <p
>I am Klaus Knopper. I have a master degree in electrical
837 engineering, and is currently professor in information management at
838 the university of applied sciences Kaiserslautern / Germany and
839 freelance Open Source software developer and consultant.
</p
>
841 <p
>All of this is pretty much of the work I spend my days with. Apart
842 from teaching, I
'm also conducting some more or less experimental
843 projects like the
<a href=
"http://www.knoppix.org
">Knoppix GNU/Linux live
844 system
</a
> (Debian-based like Skolelinux),
845 <a href=
"http://www.knopper.net/knoppix-adriane/index-en.html
">ADRIANE
</a
>
846 (a blind-friendly talking desktop system) and
847 <a href=
"http://www.knopper.net/linbo/index-en.html
">LINBO
</a
>
848 (Linux-based network boot console, a fast remote install and repair
849 system supporting various operating systems).
</p
>
851 <p
><strong
>How did you get in contact with the Skolelinux / Debian Edu
852 project?
</strong
></p
>
854 <p
>The credit for this have to go to Kurt Gramlich, who is the German
855 coordinator for Skolelinux. We were looking for an all-in-one open
856 source community-supported distribution for schools, and Kurt
857 introduced us to Skolelinux for this purpose.
</p
>
859 <p
><strong
>What do you see as the advantages of Skolelinux / Debian
860 Edu?
</strong
></p
>
863 <li
>Quick installation,
</li
>
864 <li
>works (almost) out of the box,
</li
>
865 <li
>contains many useful software packages for teaching and learning,
</li
>
866 <li
>is a purely community-based distro and not controlled by a
867 single company,
</li
>
868 <li
>has a large number of supporters and teachers who share their
869 experience and problem solutions.
</li
>
872 <p
><strong
>What do you see as the disadvantages of Skolelinux / Debian
873 Edu?
</strong
></p
>
876 <li
>Skolelinux is - as we had to learn - not easily upgradable to
877 the next version. Opposed to its genuine Debian base, upgrading to
878 a new version means a full new installation from scratch to get it
879 working again reliably.
881 <li
>Skolelinux is based on Debian/stable, and therefore always a
882 little outdated in terms of program versions compared to Edubuntu or
883 similar educational Linux distros, which rather use Debian/testing
886 <li
>Skolelinux has some very self-opinionated and stubborn default
887 configuration which in my opinion adds unnecessary complexity and is
888 not always suitable for a schools needs, the preset network
889 configuration is actually a core definition feature of Skolelinux
890 and not easy to change, so schools sometimes have to change their
891 network configuration to make it
"Skolelinux-compatible
".
893 <li
>Some proposed extensions, which were made available as
894 contribution, like secure examination mode and lecture material
895 distribution and collection, were not accepted into the mainline
896 Skolelinux development and are now not easy to maintain in the
897 future because of Skolelinux somewhat undeterministic update
900 <li
>Skolelinux has only a very tiny number of base developers
901 compared to Debian.
</li
>
905 <p
>For these reasons and experience from our project, I would now
906 rather consider using plain Debian for schools next time, until
907 Skolelinux is more closely integrated into Debian and becomes
908 upgradeable without reinstallation.
</p
>
910 <p
><strong
>Which free software do you use daily?
</strong
></p
>
912 <p
>GNU/Linux with LXDE desktop, bash for interactive dialog and
913 programming, texlive for documentation and correspondence,
914 occasionally LibreOffice for document format conversion. Various
915 programming languages for teaching.
</p
>
917 <p
><strong
>Which strategy do you believe is the right one to use to
918 get schools to use free software?
</strong
></p
>
920 <p
>Strong arguments are
</p
>
924 <li
>Knowledge is free, and so should be methods and tools for
925 teaching and learning.
</li
>
927 <li
>Students can learn with and use the same software at school, at
928 home, and at their working place without running into license or
929 conversion problems.
</li
>
931 <li
>Closed source or proprietary software hides knowledge rather
932 than exposing it, and proprietary software vendors try to bind
933 customers to certain products. But teachers need to teach
934 science, not products.
</li
>
936 <li
>If you have everything you for daily work as open source, what
937 would you need proprietary software for?
</li
>
projects / homepage.git / blob