+ <item>
+ <title>Using appstream in Debian to locate packages with firmware and mime type support</title>
+ <link>http://people.skolelinux.org/pere/blog/Using_appstream_in_Debian_to_locate_packages_with_firmware_and_mime_type_support.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Using_appstream_in_Debian_to_locate_packages_with_firmware_and_mime_type_support.html</guid>
+ <pubDate>Thu, 4 Feb 2016 16:40:00 +0100</pubDate>
+ <description><p>The <a href="https://wiki.debian.org/DEP-11">appstream system</a>
+is taking shape in Debian, and one provided feature is a very
+convenient way to tell you which package to install to make a given
+firmware file available when the kernel is looking for it. This can
+be done using apt-file too, but that is for someone else to blog
+about. :)</p>
+
+<p>Here is a small recipe to find the package with a given firmware
+file, in this example I am looking for ctfw-3.2.3.0.bin, randomly
+picked from the set of firmware announced using appstream in Debian
+unstable. In general you would be looking for the firmware requested
+by the kernel during kernel module loading. To find the package
+providing the example file, do like this:</p>
+
+<blockquote><pre>
+% apt install appstream
+[...]
+% apt update
+[...]
+% appstreamcli what-provides firmware:runtime ctfw-3.2.3.0.bin | \
+ awk '/Package:/ {print $2}'
+firmware-qlogic
+%
+</pre></blockquote>
+
+<p>See <a href="https://wiki.debian.org/AppStream/Guidelines">the
+appstream wiki</a> page to learn how to embed the package metadata in
+a way appstream can use.</p>
+
+<p>This same approach can be used to find any package supporting a
+given MIME type. This is very useful when you get a file you do not
+know how to handle. First find the mime type using <tt>file
+--mime-type</tt>, and next look up the package providing support for
+it. Lets say you got an SVG file. Its MIME type is image/svg+xml,
+and you can find all packages handling this type like this:</p>
+
+<blockquote><pre>
+% apt install appstream
+[...]
+% apt update
+[...]
+% appstreamcli what-provides mimetype image/svg+xml | \
+ awk '/Package:/ {print $2}'
+bkchem
+phototonic
+inkscape
+shutter
+tetzle
+geeqie
+xia
+pinta
+gthumb
+karbon
+comix
+mirage
+viewnior
+postr
+ristretto
+kolourpaint4
+eog
+eom
+gimagereader
+midori
+%
+</pre></blockquote>
+
+<p>I believe the MIME types are fetched from the desktop file for
+packages providing appstream metadata.</p>
+</description>
+ </item>
+
+ <item>
+ <title>Creepy, visualise geotagged social media information - nice free software</title>
+ <link>http://people.skolelinux.org/pere/blog/Creepy__visualise_geotagged_social_media_information___nice_free_software.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Creepy__visualise_geotagged_social_media_information___nice_free_software.html</guid>
+ <pubDate>Sun, 24 Jan 2016 10:50:00 +0100</pubDate>
+ <description><p>Most people seem not to realise that every time they walk around
+with the computerised radio beacon known as a mobile phone their
+position is tracked by the phone company and often stored for a long
+time (like every time a SMS is received or sent). And if their
+computerised radio beacon is capable of running programs (often called
+mobile apps) downloaded from the Internet, these programs are often
+also capable of tracking their location (if the app requested access
+during installation). And when these programs send out information to
+central collection points, the location is often included, unless
+extra care is taken to not send the location. The provided
+information is used by several entities, for good and bad (what is
+good and bad, depend on your point of view). What is certain, is that
+the private sphere and the right to free movement is challenged and
+perhaps even eradicated for those announcing their location this way,
+when they share their whereabouts with private and public
+entities.</p>
+
+<p align="center"><img width="70%" src="http://people.skolelinux.org/pere/blog/images/2016-01-24-nice-creepy-desktop-window.png"></p>
+
+<p>The phone company logs provide a register of locations to check out
+when one want to figure out what the tracked person was doing. It is
+unavailable for most of us, but provided to selected government
+officials, company staff, those illegally buying information from
+unfaithful servants and crackers stealing the information. But the
+public information can be collected and analysed, and a free software
+tool to do so is called
+<a href="http://www.geocreepy.com/">Creepy or Cree.py</a>. I
+discovered it when I read
+<a href="http://www.aftenposten.no/kultur/Slik-kan-du-bli-overvaket-pa-Twitter-og-Instagram-uten-a-ane-det-7787884.html">an
+article about Creepy</a> in the Norwegian newspaper Aftenposten i
+November 2014, and decided to check if it was available in Debian.
+The python program was in Debian, but
+<a href="https://tracker.debian.org/pkg/creepy">the version in
+Debian</a> was completely broken and practically unmaintained. I
+uploaded a new version which did not work quite right, but did not
+have time to fix it then. This Christmas I decided to finally try to
+get Creepy operational in Debian. Now a fixed version is available in
+Debian unstable and testing, and almost all Debian specific patches
+are now included
+<a href="https://github.com/jkakavas/creepy">upstream</a>.</p>
+
+<p>The Creepy program visualises geolocation information fetched from
+Twitter, Instagram, Flickr and Google+, and allow one to get a
+complete picture of every social media message posted recently in a
+given area, or track the movement of a given individual across all
+these services. Earlier it was possible to use the search API of at
+least some of these services without identifying oneself, but these
+days it is impossible. This mean that to use Creepy, you need to
+configure it to log in as yourself on these services, and provide
+information to them about your search interests. This should be taken
+into account when using Creepy, as it will also share information
+about yourself with the services.</p>
+
+<p>The picture above show the twitter messages sent from (or at least
+geotagged with a position from) the city centre of Oslo, the capital
+of Norway. One useful way to use Creepy is to first look at
+information tagged with an area of interest, and next look at all the
+information provided by one or more individuals who was in the area.
+I tested it by checking out which celebrity provide their location in
+twitter messages by checkout out who sent twitter messages near a
+Norwegian TV station, and next could track their position over time,
+making it possible to locate their home and work place, among other
+things. A similar technique have been
+<a href="http://www.buzzfeed.com/maxseddon/does-this-soldiers-instagram-account-prove-russia-is-covertl">used
+to locate Russian soldiers in Ukraine</a>, and it is both a powerful
+tool to discover lying governments, and a useful tool to help people
+understand the value of the private information they provide to the
+public.</p>
+
+<p>The package is not trivial to backport to Debian Stable/Jessie, as
+it depend on several python modules currently missing in Jessie (at
+least python-instagram, python-flickrapi and
+python-requests-toolbelt).</p>
+
+<p>(I have uploaded
+<a href="https://screenshots.debian.net/package/creepy">the image to
+screenshots.debian.net</a> and licensed it under the same terms as the
+Creepy program in Debian.)</p>
+</description>
+ </item>
+
+ <item>
+ <title>Always download Debian packages using Tor - the simple recipe</title>
+ <link>http://people.skolelinux.org/pere/blog/Always_download_Debian_packages_using_Tor___the_simple_recipe.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Always_download_Debian_packages_using_Tor___the_simple_recipe.html</guid>
+ <pubDate>Fri, 15 Jan 2016 00:30:00 +0100</pubDate>
+ <description><p>During his DebConf15 keynote, Jacob Appelbaum
+<a href="https://summit.debconf.org/debconf15/meeting/331/what-is-to-be-done/">observed
+that those listening on the Internet lines would have good reason to
+believe a computer have a given security hole</a> if it download a
+security fix from a Debian mirror. This is a good reason to always
+use encrypted connections to the Debian mirror, to make sure those
+listening do not know which IP address to attack. In August, Richard
+Hartmann observed that encryption was not enough, when it was possible
+to interfere download size to security patches or the fact that
+download took place shortly after a security fix was released, and
+<a href="http://richardhartmann.de/blog/posts/2015/08/24-Tor-enabled_Debian_mirror/">proposed
+to always use Tor to download packages from the Debian mirror</a>. He
+was not the first to propose this, as the
+<tt><a href="https://tracker.debian.org/pkg/apt-transport-tor">apt-transport-tor</a></tt>
+package by Tim Retout already existed to make it easy to convince apt
+to use <a href="https://www.torproject.org/">Tor</a>, but I was not
+aware of that package when I read the blog post from Richard.</p>
+
+<p>Richard discussed the idea with Peter Palfrader, one of the Debian
+sysadmins, and he set up a Tor hidden service on one of the central
+Debian mirrors using the address vwakviie2ienjx6t.onion, thus making
+it possible to download packages directly between two tor nodes,
+making sure the network traffic always were encrypted.</p>
+
+<p>Here is a short recipe for enabling this on your machine, by
+installing <tt>apt-transport-tor</tt> and replacing http and https
+urls with tor+http and tor+https, and using the hidden service instead
+of the official Debian mirror site. I recommend installing
+<tt>etckeeper</tt> before you start to have a history of the changes
+done in /etc/.</p>
+
+<blockquote><pre>
+apt install apt-transport-tor
+sed -i 's% http://ftp.debian.org/%tor+http://vwakviie2ienjx6t.onion/%' /etc/apt/sources.list
+sed -i 's% http% tor+http%' /etc/apt/sources.list
+</pre></blockquote>
+
+<p>If you have more sources listed in /etc/apt/sources.list.d/, run
+the sed commands for these too. The sed command is assuming your are
+using the ftp.debian.org Debian mirror. Adjust the command (or just
+edit the file manually) to match your mirror.</p>
+
+<p>This work in Debian Jessie and later. Note that tools like
+<tt>apt-file</tt> only recently started using the apt transport
+system, and do not work with these tor+http URLs. For
+<tt>apt-file</tt> you need the version currently in experimental,
+which need a recent apt version currently only in unstable. So if you
+need a working <tt>apt-file</tt>, this is not for you.</p>
+
+<p>Another advantage from this change is that your machine will start
+using Tor regularly and at fairly random intervals (every time you
+update the package lists or upgrade or install a new package), thus
+masking other Tor traffic done from the same machine. Using Tor will
+become normal for the machine in question.</p>
+
+<p>On <a href="https://wiki.debian.org/FreedomBox">Freedombox</a>, APT
+is set up by default to use <tt>apt-transport-tor</tt> when Tor is
+enabled. It would be great if it was the default on any Debian
+system.</p>
+</description>
+ </item>
+
+ <item>
+ <title>OpenALPR, find car license plates in video streams - nice free software</title>
+ <link>http://people.skolelinux.org/pere/blog/OpenALPR__find_car_license_plates_in_video_streams___nice_free_software.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/OpenALPR__find_car_license_plates_in_video_streams___nice_free_software.html</guid>
+ <pubDate>Wed, 23 Dec 2015 01:00:00 +0100</pubDate>
+ <description><p>When I was a kid, we used to collect "car numbers", as we used to
+call the car license plate numbers in those days. I would write the
+numbers down in my little book and compare notes with the other kids
+to see how many region codes we had seen and if we had seen some
+exotic or special region codes and numbers. It was a fun game to pass
+time, as we kids have plenty of it.</p>
+
+<p>A few days I came across
+<a href="https://github.com/openalpr/openalpr">the OpenALPR
+project</a>, a free software project to automatically discover and
+report license plates in images and video streams, and provide the
+"car numbers" in a machine readable format. I've been looking for
+such system for a while now, because I believe it is a bad idea that the
+<a href="https://en.wikipedia.org/wiki/Automatic_number_plate_recognition">automatic
+number plate recognition</a> tool only is available in the hands of
+the powerful, and want it to be available also for the powerless to
+even the score when it comes to surveillance and sousveillance. I
+discovered the developer
+<a href="https://bugs.debian.org/747509">wanted to get the tool into
+Debian</a>, and as I too wanted it to be in Debian, I volunteered to
+help him get it into shape to get the package uploaded into the Debian
+archive.</p>
+
+<p>Today we finally managed to get the package into shape and uploaded
+it into Debian, where it currently
+<a href="https://ftp-master.debian.org//new/openalpr_2.2.1-1.html">waits
+in the NEW queue</a> for review by the Debian ftpmasters.</p>
+
+<p>I guess you are wondering why on earth such tool would be useful
+for the common folks, ie those not running a large government
+surveillance system? Well, I plan to put it in a computer on my bike
+and in my car, tracking the cars nearby and allowing me to be notified
+when number plates on my watch list are discovered. Another use case
+was suggested by a friend of mine, who wanted to set it up at his home
+to open the car port automatically when it discovered the plate on his
+car. When I mentioned it perhaps was a bit foolhardy to allow anyone
+capable of placing his license plate number of a piece of cardboard to
+open his car port, men replied that it was always unlocked anyway. I
+guess for such use case it make sense. I am sure there are other use
+cases too, for those with imagination and a vision.</p>
+
+<p>If you want to build your own version of the Debian package, check
+out the upstream git source and symlink ./distros/debian to ./debian/
+before running "debuild" to build the source. Or wait a bit until the
+package show up in unstable.</p>
+</description>
+ </item>
+
+ <item>
+ <title>Using appstream with isenkram to install hardware related packages in Debian</title>
+ <link>http://people.skolelinux.org/pere/blog/Using_appstream_with_isenkram_to_install_hardware_related_packages_in_Debian.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Using_appstream_with_isenkram_to_install_hardware_related_packages_in_Debian.html</guid>
+ <pubDate>Sun, 20 Dec 2015 12:20:00 +0100</pubDate>
+ <description><p>Around three years ago, I created
+<a href="http://packages.qa.debian.org/isenkram">the isenkram
+system</a> to get a more practical solution in Debian for handing
+hardware related packages. A GUI system in the isenkram package will
+present a pop-up dialog when some hardware dongle supported by
+relevant packages in Debian is inserted into the machine. The same
+lookup mechanism to detect packages is available as command line
+tools in the isenkram-cli package. In addition to mapping hardware,
+it will also map kernel firmware files to packages and make it easy to
+install needed firmware packages automatically. The key for this
+system to work is a good way to map hardware to packages, in other
+words, allow packages to announce what hardware they will work
+with.</p>
+
+<p>I started by providing data files in the isenkram source, and
+adding code to download the latest version of these data files at run
+time, to ensure every user had the most up to date mapping available.
+I also added support for storing the mapping in the Packages file in
+the apt repositories, but did not push this approach because while I
+was trying to figure out how to best store hardware/package mappings,
+<a href="http://www.freedesktop.org/software/appstream/docs/">the
+appstream system</a> was announced. I got in touch and suggested to
+add the hardware mapping into that data set to be able to use
+appstream as a data source, and this was accepted at least for the
+Debian version of appstream.</p>
+
+<p>A few days ago using appstream in Debian for this became possible,
+and today I uploaded a new version 0.20 of isenkram adding support for
+appstream as a data source for mapping hardware to packages. The only
+package so far using appstream to announce its hardware support is my
+pymissile package. I got help from Matthias Klumpp with figuring out
+how do add the required
+<a href="https://appstream.debian.org/html/sid/main/metainfo/pymissile.html">metadata
+in pymissile</a>. I added a file debian/pymissile.metainfo.xml with
+this content:</p>
+
+<blockquote><pre>
+&lt;?xml version="1.0" encoding="UTF-8"?&gt;
+&lt;component&gt;
+ &lt;id&gt;pymissile&lt;/id&gt;
+ &lt;metadata_license&gt;MIT&lt;/metadata_license&gt;
+ &lt;name&gt;pymissile&lt;/name&gt;
+ &lt;summary&gt;Control original Striker USB Missile Launcher&lt;/summary&gt;
+ &lt;description&gt;
+ &lt;p&gt;
+ Pymissile provides a curses interface to control an original
+ Marks and Spencer / Striker USB Missile Launcher, as well as a
+ motion control script to allow a webcamera to control the
+ launcher.
+ &lt;/p&gt;
+ &lt;/description&gt;
+ &lt;provides&gt;
+ &lt;modalias&gt;usb:v1130p0202d*&lt;/modalias&gt;
+ &lt;/provides&gt;
+&lt;/component&gt;
+</pre></blockquote>
+
+<p>The key for isenkram is the component/provides/modalias value,
+which is a glob style match rule for hardware specific strings
+(modalias strings) provided by the Linux kernel. In this case, it
+will map to all USB devices with vendor code 1130 and product code
+0202.</p>
+
+<p>Note, it is important that the license of all the metadata files
+are compatible to have permissions to aggregate them into archive wide
+appstream files. Matthias suggested to use MIT or BSD licenses for
+these files. A challenge is figuring out a good id for the data, as
+it is supposed to be globally unique and shared across distributions
+(in other words, best to coordinate with upstream what to use). But
+it can be changed later or, so we went with the package name as
+upstream for this project is dormant.</p>
+
+<p>To get the metadata file installed in the correct location for the
+mirror update scripts to pick it up and include its content the
+appstream data source, the file must be installed in the binary
+package under /usr/share/appdata/. I did this by adding the following
+line to debian/pymissile.install:</p>
+
+<blockquote><pre>
+debian/pymissile.metainfo.xml usr/share/appdata
+</pre></blockquote>
+
+<p>With that in place, the command line tool isenkram-lookup will list
+all packages useful on the current computer automatically, and the GUI
+pop-up handler will propose to install the package not already
+installed if a hardware dongle is inserted into the machine in
+question.</p>
+
+<p>Details of the modalias field in appstream is available from the
+<a href="https://wiki.debian.org/DEP-11">DEP-11</a> proposal.</p>
+
+<p>To locate the modalias values of all hardware present in a machine,
+try running this command on the command line:</p>
+
+<blockquote><pre>
+cat $(find /sys/devices/|grep modalias)
+</pre></blockquote>
+
+<p>To learn more about the isenkram system, please check out
+<a href="http://people.skolelinux.org/pere/blog/tags/isenkram/">my
+blog posts tagged isenkram</a>.</p>
+</description>
+ </item>
+
+ <item>
+ <title>The GNU General Public License is not magic pixie dust</title>
+ <link>http://people.skolelinux.org/pere/blog/The_GNU_General_Public_License_is_not_magic_pixie_dust.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/The_GNU_General_Public_License_is_not_magic_pixie_dust.html</guid>
+ <pubDate>Mon, 30 Nov 2015 09:55:00 +0100</pubDate>
+ <description><p>A blog post from my fellow Debian developer Paul Wise titled
+"<a href="http://bonedaddy.net/pabs3/log/2015/11/27/sfc-supporter/">The
+GPL is not magic pixie dust</a>" explain the importance of making sure
+the <a href="http://www.gnu.org/copyleft/gpl.html">GPL</a> is enforced.
+I quote the blog post from Paul in full here with his permission:<p>
+
+<blockquote>
+
+<p><a href="https://sfconservancy.org/supporter/"><img src="https://sfconservancy.org/img/supporter-badge.png" width="194" height="90" alt="Become a Software Freedom Conservancy Supporter!" align="right" border="0" /></a></p>
+
+<blockquote>
+The GPL is not magic pixie dust. It does not work by itself.<br/>
+
+The first step is to choose a
+<a href="https://copyleft.org/">copyleft</a> license for your
+code.<br/>
+
+The next step is, when someone fails to follow that copyleft license,
+<b>it must be enforced</b><br/>
+
+and its a simple fact of our modern society that such type of
+work<br/>
+
+is incredibly expensive to do and incredibly difficult to do.
+</blockquote>
+
+<p><small>-- <a href="http://ebb.org/bkuhn/">Bradley Kuhn</a>, in
+<a href="http://faif.us/" title="Free as in Freedom">FaiF</a>
+<a href="http://faif.us/cast/2015/nov/24/0x57/">episode
+0x57</a></small></p>
+
+<p>As the Debian Website
+<a href="https://bugs.debian.org/794116">used</a>
+<a href="https://anonscm.debian.org/viewvc/webwml/webwml/english/intro/free.wml?r1=1.24&amp;r2=1.25">to</a>
+imply, public domain and permissively licensed software can lead to
+the production of more proprietary software as people discover useful
+software, extend it and or incorporate it into their hardware or
+software products. Copyleft licenses such as the GNU GPL were created
+to close off this avenue to the production of proprietary software but
+such licenses are not enough. With the ongoing adoption of Free
+Software by individuals and groups, inevitably the community's
+expectations of license compliance are violated, usually out of
+ignorance of the way Free Software works, but not always. As Karen
+and Bradley explained in <a href="http://faif.us/" title="Free as in
+Freedom">FaiF</a>
+<a href="http://faif.us/cast/2015/nov/24/0x57/">episode 0x57</a>,
+copyleft is nothing if no-one is willing and able to stand up in court
+to protect it. The reality of today's world is that legal
+representation is expensive, difficult and time consuming. With
+<a href="http://gpl-violations.org/">gpl-violations.org</a> in hiatus
+<a href="http://gpl-violations.org/news/20151027-homepage-recovers/">until</a>
+some time in 2016, the <a href="https://sfconservancy.org/">Software
+Freedom Conservancy</a> (a tax-exempt charity) is the major defender
+of the Linux project, Debian and other groups against GPL violations.
+In March the SFC supported a
+<a href="https://sfconservancy.org/news/2015/mar/05/vmware-lawsuit/">lawsuit
+by Christoph Hellwig</a> against VMware for refusing to
+<a href="https://sfconservancy.org/linux-compliance/vmware-lawsuit-faq.html">comply
+with the GPL</a> in relation to their use of parts of the Linux
+kernel. Since then two of their sponsors pulled corporate funding and
+conferences
+<a href="https://sfconservancy.org/blog/2015/nov/24/faif-carols-fundraiser/">blocked
+or cancelled their talks</a>. As a result they have decided to rely
+less on corporate funding and more on the broad community of
+individuals who support Free Software and copyleft. So the SFC has
+<a href="https://sfconservancy.org/news/2015/nov/23/2015fundraiser/">launched</a>
+a <a href="https://sfconservancy.org/supporter/">campaign</a> to create
+a community of folks who stand up for copyleft and the GPL by
+supporting their work on promoting and supporting copyleft and Free
+Software.</p>
+
+<p>If you support Free Software,
+<a href="https://sfconservancy.org/blog/2015/nov/26/like-what-I-do/">like</a>
+what the SFC do, agree with their
+<a href="https://sfconservancy.org/linux-compliance/principles.html">compliance
+principles</a>, are happy about their
+<a href="https://sfconservancy.org/supporter/">successes</a> in 2015,
+work on a project that is an SFC
+<a href="https://sfconservancy.org/members/current/">member</a> and or
+just want to stand up for copyleft, please join
+<a href="https://identi.ca/cwebber/image/JQGPA4qbTyyp3-MY8QpvuA">Christopher
+Allan Webber</a>,
+<a href="https://sfconservancy.org/blog/2015/nov/24/faif-carols-fundraiser/">Carol
+Smith</a>,
+<a href="http://www.jonobacon.org/2015/11/25/supporting-software-freedom-conservancy/">Jono
+Bacon</a>, myself and
+<a href="https://sfconservancy.org/sponsors/#supporters">others</a> in
+becoming a
+<a href="https://sfconservancy.org/supporter/">supporter</a>. For the
+next week your donation will be
+<a href="https://sfconservancy.org/news/2015/nov/27/black-friday/">matched</a>
+by an anonymous donor. Please also consider asking your employer to
+match your donation or become a sponsor of SFC. Don't forget to
+spread the word about your support for SFC via email, your blog and or
+social media accounts.</p>
+
+</blockquote>
+
+<p>I agree with Paul on this topic and just signed up as a Supporter
+of Software Freedom Conservancy myself. Perhaps you should be a
+supporter too?</p>
+</description>
+ </item>
+
+ <item>
+ <title>PGP key transition statement for key EE4E02F9</title>
+ <link>http://people.skolelinux.org/pere/blog/PGP_key_transition_statement_for_key_EE4E02F9.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/PGP_key_transition_statement_for_key_EE4E02F9.html</guid>
+ <pubDate>Tue, 17 Nov 2015 10:50:00 +0100</pubDate>
+ <description><p>I've needed a new OpenPGP key for a while, but have not had time to
+set it up properly. I wanted to generate it offline and have it
+available on <a href="http://shop.kernelconcepts.de/#openpgp">a OpenPGP
+smart card</a> for daily use, and learning how to do it and finding
+time to sit down with an offline machine almost took forever. But
+finally I've been able to complete the process, and have now moved
+from my old GPG key to a new GPG key. See
+<a href="http://people.skolelinux.org/pere/blog/images/2015-11-17-new-gpg-key-transition.txt">the
+full transition statement, signed with both my old and new key</a> for
+the details. This is my new key:</p>
+
+<pre>
+pub 3936R/<a href="http://pgp.cs.uu.nl/stats/111D6B29EE4E02F9.html">111D6B29EE4E02F9</a> 2015-11-03 [expires: 2019-11-14]
+ Key fingerprint = 3AC7 B2E3 ACA5 DF87 78F1 D827 111D 6B29 EE4E 02F9
+uid Petter Reinholdtsen &lt;pere@hungry.com&gt;
+uid Petter Reinholdtsen &lt;pere@debian.org&gt;
+sub 4096R/87BAFB0E 2015-11-03 [expires: 2019-11-02]
+sub 4096R/F91E6DE9 2015-11-03 [expires: 2019-11-02]
+sub 4096R/A0439BAB 2015-11-03 [expires: 2019-11-02]
+</pre>
+
+<p>The key can be downloaded from the OpenPGP key servers, signed by
+my old key.</p>
+
+<p>If you signed my old key
+(<a href="http://pgp.cs.uu.nl/stats/DB4CCC4B2A30D729.html">DB4CCC4B2A30D729</a>),
+I'd very much appreciate a signature on my new key, details and
+instructions in the transition statement. I m happy to reciprocate if
+you have a similarly signed transition statement to present.</p>
+</description>
+ </item>
+
+ <item>
+ <title>Is Pentagon deciding the Norwegian negotiating position on Internet governance?</title>
+ <link>http://people.skolelinux.org/pere/blog/Is_Pentagon_deciding_the_Norwegian_negotiating_position_on_Internet_governance_.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Is_Pentagon_deciding_the_Norwegian_negotiating_position_on_Internet_governance_.html</guid>
+ <pubDate>Tue, 3 Nov 2015 13:40:00 +0100</pubDate>
+ <description><p>In Norway, all government offices are required by law to keep a
+list of every document or letter arriving and leaving their offices.
+Internal notes should also be documented. The document list (called a mail
+journal - "postjournal" in Norwegian) is public information and thanks
+to the Norwegian Freedom of Information Act (Offentleglova) the mail
+journal is available for everyone. Most offices even publish the mail
+journal on their web pages, as PDFs or tables in web pages. The state-level offices even have a shared web based search service (called
+<a href="https://www.oep.no/">Offentlig Elektronisk Postjournal -
+OEP</a>) to make it possible to search the entries in the list. Not
+all journal entries show up on OEP, and the search service is hard to
+use, but OEP does make it easier to find at least some interesting
+journal entries .</p>
+
+<p>In 2012 I came across a document in the mail journal for the
+Norwegian Ministry of Transport and Communications on OEP that
+piqued my interest. The title of the document was
+"<a href="https://www.oep.no/search/resultSingle.html?journalPostId=4192362">Internet
+Governance and how it affects national security</a>" (Norwegian:
+"Internet Governance og påvirkning på nasjonal sikkerhet"). The
+document date was 2012-05-22, and it was said to be sent from the
+"Permanent Mission of Norway to the United Nations". I asked for a
+copy, but my request was rejected with a reference to a legal clause said to authorize them to reject it
+(<a href="http://lovdata.no/lov/2006-05-19-16/§20">offentleglova § 20,
+letter c</a>) and an explanation that the document was exempt because
+of foreign policy interests as it contained information related to the
+Norwegian negotiating position, negotiating strategies or similar. I
+was told the information in the document related to the ongoing
+negotiation in the International Telecommunications Union (ITU). The
+explanation made sense to me in early January 2013, as a ITU
+conference in Dubay discussing Internet Governance
+(<a href="https://en.wikipedia.org/wiki/International_Telecommunication_Union#World_Conference_on_International_Telecommunications_2012_.28WCIT-12.29">World
+Conference on International Telecommunications - WCIT-12</a>) had just
+ended,
+<a href="http://www.digi.no/kommentarer/2012/12/18/tvil-om-usas-rolle-pa-teletoppmote">reportedly
+in chaos</a> when USA walked out of the negotiations and 25 countries
+including Norway refused to sign the new treaty. It seemed
+reasonable to believe talks were still going on a few weeks later.
+Norway was represented at the ITU meeting by two authorities, the
+<a href="http://www.nkom.no/">Norwegian Communications Authority</a>
+and the <a href="https://www.regjeringen.no/no/dep/sd/">Ministry of
+Transport and Communications</a>. This might be the reason the letter
+was sent to the ministry. As I was unable to find the document in the
+mail journal of any Norwegian UN mission, I asked the ministry who had
+sent the document to the ministry, and was told that it was the Deputy
+Permanent Representative with the Permanent Mission of Norway in
+Geneva.</p>
+
+<p>Three years later, I was still curious about the content of that
+document, and again asked for a copy, believing the negotiation was
+over now. This time
+<a href="https://mimesbronn.no/request/kopi_av_dokumenter_i_sak_2012914">I
+asked both the Ministry of Transport and Communications as the
+receiver</a> and
+<a href="https://mimesbronn.no/request/brev_om_internet_governance_og_p">asked
+the Permanent Mission of Norway in Geneva as the sender</a> for a
+copy, to see if they both agreed that it should be withheld from the
+public. The ministry upheld its rejection quoting the same law
+reference as before, while the permanent mission rejected it quoting a
+different clause
+(<a href="http://lovdata.no/lov/2006-05-19-16/§20">offentleglova § 20
+letter b</a>), claiming that they were required to keep the
+content of the document from the public because it contained
+information given to Norway with the expressed or implied expectation
+that the information should not be made public. I asked the permanent
+mission for an explanation, and was told that the document contained
+an account from a meeting held in the Pentagon for a limited group of NATO
+nations where the organiser of the meeting did not intend the content
+of the meeting to be publicly known. They explained that giving me a
+copy might cause Norway to not get access to similar information in
+the future and thus hurt the future foreign interests of Norway. They
+also explained that the Permanent Mission of Norway in Geneva was not
+the author of the document, they only got a copy of it, and because of
+this had not listed it in their mail journal.</p>
+
+<p>Armed with this
+knowledge I asked the Ministry to reconsider and asked who was the
+author of the document, now realising that it was not same as the
+"sender" according to Ministry of Transport and Communications. The
+ministry upheld its rejection but told me the name of the author of
+the document. According to
+<a href="https://www.regjeringen.no/no/aktuelt/unga69_rapport1/id2001204/">a
+government report</a> the author was with the Permanent Mission of
+Norway in New York a bit more than a year later (2014-09-22), so I
+guessed that might be the office responsible for writing and sending
+the report initially and
+<a href="https://www.mimesbronn.no/request/mote_2012_i_pentagon_om_itu">asked
+them for a copy</a> but I was obviously wrong as I was told that the
+document was unknown to them and that the author did not work there
+when the document was written. Next, I asked the Permanent Mission of
+Norway in Geneva and the Foreign Ministry to reconsider and at least
+tell me who sent the document to Deputy Permanent Representative with
+the Permanent Mission of Norway in Geneva. The Foreign Ministry also
+upheld its rejection, but told me that the person sending the document
+to Permanent Mission of Norway in Geneva was the defence attaché with
+the Norwegian Embassy in Washington. I do not know if this is the
+same person as the author of the document.</p>
+
+<p>If I understand the situation correctly, someone capable of
+inviting selected NATO nations to a meeting in Pentagon organised a
+meeting where someone representing the Norwegian defence attaché in
+Washington attended, and the account from this meeting is interpreted
+by the Ministry of Transport and Communications to expose Norways
+negotiating position, negotiating strategies and similar regarding the
+ITU negotiations on Internet Governance. It is truly amazing what can
+be derived from mere meta-data.</p>
+
+<p>I wonder which NATO countries besides Norway attended this meeting?
+And what exactly was said and done at the meeting? Anyone know?</p>
+</description>
+ </item>
+
+ <item>
+ <title>New book, "Fri kultur" by @lessig, a Norwegian Bokmål translation of "Free Culture" from 2004</title>
+ <link>http://people.skolelinux.org/pere/blog/New_book___Fri_kultur__by__lessig__a_Norwegian_Bokm_l_translation_of__Free_Culture__from_2004.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/New_book___Fri_kultur__by__lessig__a_Norwegian_Bokm_l_translation_of__Free_Culture__from_2004.html</guid>
+ <pubDate>Sat, 31 Oct 2015 09:00:00 +0100</pubDate>
+ <description><p>People keep asking me where to get the various forms of the book I
+published last week, the Norwegian Bokmål edition of Lawrence Lessigs
+book <a href="http://www.free-culture.cc/">Free Culture</a>. It was
+published on paper via lulu.com, and is also available in PDF, ePub
+and MOBI format. I currently sell the paper edition for self cost
+from lulu.com, but might extend the distribution to book stores like
+Amazon and Barnes & Noble later. This will double the price and force
+me to make a profit from selling the book. Anyway, here are links to
+get the book in different formats:</p>
+
+<ul>
+
+ <li><a href="http://www.lulu.com/shop/lawrence-lessig/fri-kultur/paperback/product-22406445.html">Buy
+ paper edition from lulu.com</a></li>
+
+ <li><a href="https://github.com/petterreinholdtsen/free-culture-lessig/raw/master/archive/freeculture.nb.pdf">Download
+ PDF, size 7.9 MiB</a> (gratis/free)</li>
+
+ <li><a href="https://github.com/petterreinholdtsen/free-culture-lessig/raw/master/archive/freeculture.nb.epub">Download
+ ePub, size 11 MiB</a> (gratis/free)</li>
+
+ <li><a href="https://github.com/petterreinholdtsen/free-culture-lessig/raw/master/archive/freeculture.nb.mobi">Download
+ MOBI, size 3.8 MiB</a> (gratis/free)</li>
+
+</ul>
+
+<p>Note that the MOBI version have problems with the table of content,
+at least with the viewers I have been able to test. And the ePub file
+have several problems according to
+<a href="https://github.com/IDPF/epubcheck">epubcheck</a>, but seem
+to display fine in the viewers I have tested. All the files needed to
+create the book in various forms are available from
+<a href="https://github.com/petterreinholdtsen/free-culture-lessig">the
+github project page</a>.</p>
+
+<p>The project got press coverage from the Norwegian IT news site
+digi.no. Check out the article
+"<a href="http://www.digi.no/juss_og_samfunn/2015/10/29/vil-apne-politikernes-oyne-for-creative-commons">Vil
+åpne politikernes øyne for Creative Commons</a>".</li>
+
+<p>I've <a href="http://people.skolelinux.org/pere/blog/tags/freeculture">blogged
+about the project</a> as it moved along. The blogs document the translation
+progress and insights I had along the way.</p>
+</description>
+ </item>
+
+ <item>
+ <title>"Free Culture" by @lessig - The background story for Creative Commons - new edition available</title>
+ <link>http://people.skolelinux.org/pere/blog/_Free_Culture__by__lessig___The_background_story_for_Creative_Commons___new_edition_available.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/_Free_Culture__by__lessig___The_background_story_for_Creative_Commons___new_edition_available.html</guid>
+ <pubDate>Fri, 23 Oct 2015 12:10:00 +0200</pubDate>
+ <description><p><a href="http://www.lulu.com/shop/lawrence-lessig/free-culture/paperback/product-22402863.html">Click
+here to buy the book</a>.</p>
+
+<p>In 2004, as the <a href="https://creativecommons.org/">Creative Commons
+movement</a> gained momentum, its creator Lawrence Lessig wrote the
+book <a href="https://en.wikipedia.org/wiki/Free_Culture_(book)">Free
+Culture</a> to explain the problems with increasing copyright
+regulation and suggest some solutions. I read the book back then and
+was very moved by it. Reading the book inspired me and changed the
+way I looked on copyright law, and I would love it if more people
+would read it too.</p>
+
+<p>Because of this, I decided in the summer of 2012 to translate it to
+Norwegian Bokmål and publish it for those of my friends and family
+that prefer to read books in Norwegian. I translated the book using
+docbook and a gettext PO file, and a byproduct of this process is a
+new edition of the English original. I've been in touch with the
+author during by work, and he said it was fine with him if I also
+published an English version. So I decided to do so. Today, I made
+this edition
+<a href="http://www.lulu.com/shop/lawrence-lessig/free-culture/paperback/product-22402863.html">available
+for sale on Lulu.com</a>, for those interested in a paper book. This
+is the cover:
+
+<p align="center"><a href="http://www.lulu.com/shop/lawrence-lessig/free-culture/paperback/product-22402863.html"><img align="center" src="http://people.skolelinux.org/pere/blog/images/2015-10-23-free-culture-english-published-cover.png"/></a></p>
+
+<p>The Norwegian Bokmål version will be available for purchase in a
+few days. I also plan to publish a French version in a few weeks or
+months, depending on the amount of people with knowledge of French to
+join the translation project. So far there is only one active
+person, but the French book is almost completely translated but
+need some proof reading.</p>
+
+<p>The book is also available in PDF, ePub and MOBI formats from
+<a href="https://github.com/petterreinholdtsen/free-culture-lessig">my
+github project page</a>. Note the ePub and MOBI versions have some
+formatting problems I believe is due to bugs in the docbook tool
+dbtoepub (Debian BTS issues
+<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=795842">#795842</a>
+and
+<a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796871">#796871</a>),
+but I have not taken the time to investigate. I recommend the PDF and
+ePub version for now, as they seem to show up fine in the viewers I
+have available.</p>
+
+<p>After the translation to Norwegian Bokmål was complete, I was able
+to secure some sponsoring from
+<a href="http://www.nuugfoundation.no/">the NUUG Foundation</a> to
+print the book. This is the reason their logo is located on the back
+cover. I am very grateful for their contribution, and will use it to
+give a copy of the Norwegian edition to members of the Norwegian
+Parliament and other decision makers here in Norway.</p>
+</description>
+ </item>
+
+ <item>
+ <title>Lawrence Lessig interviewed Edward Snowden a year ago</title>
+ <link>http://people.skolelinux.org/pere/blog/Lawrence_Lessig_interviewed_Edward_Snowden_a_year_ago.html</link>
+ <guid isPermaLink="true">http://people.skolelinux.org/pere/blog/Lawrence_Lessig_interviewed_Edward_Snowden_a_year_ago.html</guid>
+ <pubDate>Mon, 19 Oct 2015 11:50:00 +0200</pubDate>
+ <description><p>Last year, <a href="https://lessig2016.us/">US president candidate
+in the Democratic Party</a> Lawrence interviewed Edward Snowden. The
+one hour interview was
+<a href="https://www.youtube.com/watch?v=o_Sr96TFQQE">published by
+Harvard Law School 2014-10-23 on Youtube</a>, and the meeting took
+place 2014-10-20.</p>
+
+<p>The questions are very good, and there is lots of useful
+information to be learned and very interesting issues to think about
+being raised. Please check it out.</p>
+
+<iframe width="560" height="315" src="https://www.youtube.com/embed/o_Sr96TFQQE" frameborder="0" allowfullscreen></iframe>
+
+<p>I find it especially interesting to hear again that Snowden did try
+to bring up his reservations through the official channels without any
+luck. It is in sharp contrast to the answers made 2013-11-06 by the
+Norwegian prime minister Erna Solberg to the Norwegian Parliament,
+<a href="https://tale.holderdeord.no/speeches/s131106/68">claiming
+Snowden is no Whistle-Blower</a> because he should have taken up his
+concerns internally and using official channels. It make me sad
+that this is the political leadership we have here in Norway.</p>
+</description>
+ </item>
+
projects / homepage.git / blobdiff