tag:blogger.com,1999:blog-46244394627923368522024-03-13T21:45:57.444+02:00SemanticsRandom thoughts, things I do and other galactic funk.Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.comBlogger44125tag:blogger.com,1999:blog-4624439462792336852.post-31111210597480392922023-05-08T16:38:00.001+03:002023-05-08T16:38:13.126+03:00Issue and capability superprompt<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/a/AVvXsEhaNsIi8JEq0EHxMkwKNtHHnGanmMQ_bwz93FXxUO252NvA7hevl-WKnqDVP4-H-_9MhgEDmgsDDejQ04wfNvpJwkQQ9VEkNWFRiJPSm4g8GQsdpovdDxhdyJEJkHIy6HU1XJTr4kcF6OV08YXnih5bLdSmVhe3jF089iH3xPLNBLBU1JiXmPc7rvuQ" imageanchor="1" style="margin-left: 1em; margin-right: 1em;">
<img border="0" src="https://blogger.googleusercontent.com/img/a/AVvXsEhaNsIi8JEq0EHxMkwKNtHHnGanmMQ_bwz93FXxUO252NvA7hevl-WKnqDVP4-H-_9MhgEDmgsDDejQ04wfNvpJwkQQ9VEkNWFRiJPSm4g8GQsdpovdDxhdyJEJkHIy6HU1XJTr4kcF6OV08YXnih5bLdSmVhe3jF089iH3xPLNBLBU1JiXmPc7rvuQ" width="400">
</a>
</div><div>I have not been writing in this blog for a while. I have been collecting thoughts.</div><div><br></div><div>I thought I'd start small and get to the point with less prosaics. Saves us both time.</div><div><br></div><div>I believe this prompt will too, a little now and much more in the future.</div><div><br></div><div><div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/a/AVvXsEgq7Xox2wTNIDQGyW6O4wWc5uv9YdCnykcN1fkDyXyCTYrE5nbjNPtDXypBGyKpay0N_2cZjUHFRhLgm8oDZssDpCRsn6hTZ45Tw21SI0eBx02tDGK7b7Q1OPB73JJ4LQl8Nt4G6dlSi2XKilkAJ-tosLUpVVDafeiDK3zFTAbgd8JRn47H5W9_bRUT" imageanchor="1" style="margin-left: 1em; margin-right: 1em;">
<img border="0" src="https://blogger.googleusercontent.com/img/a/AVvXsEgq7Xox2wTNIDQGyW6O4wWc5uv9YdCnykcN1fkDyXyCTYrE5nbjNPtDXypBGyKpay0N_2cZjUHFRhLgm8oDZssDpCRsn6hTZ45Tw21SI0eBx02tDGK7b7Q1OPB73JJ4LQl8Nt4G6dlSi2XKilkAJ-tosLUpVVDafeiDK3zFTAbgd8JRn47H5W9_bRUT" width="400">
</a>
</div>Here I'm asking the large language model to relax it's propensity to answer correctly and engage in a game.</div><div><br></div><div>It named this conversation: Issue-Capability Brainstorm Game and the chat starts like this.</div><div><br></div><div><b>User:</b></div><div><b>Let's play a game of academic paper. I have a piece of paper. It says issue on top and capability at the bottom. What am I missing in between. Assuming I could be all knowing and have methods.</b></div><div><b><br></b></div><div><b>ChatGPT:</b></div><div><b>Based on the information provided, it seems like you have a game prompt that requires you to fill in the missing content between the "issue" and "capability" labels.</b></div><div><b><br></b></div><div><b>To play this game, you may need to define the specific context or topic you want to explore. For example, if you're interested in exploring a problem within a certain industry or field, you could write the issue as a statement that describes the problem or challenge that needs to be addressed.</b></div><div><b><br></b></div><div><b>Next, you could brainstorm potential capabilities or solutions that could help solve the issue. These capabilities could include methods, tools, technologies, or approaches that could be used to address the problem.</b></div><div><b><br></b></div><div><b>To fill in the missing content, you could then write down a list of possible strategies or solutions that could be used to bridge the gap between the issue and capability. These could include steps or actions that could be taken to implement the identified capabilities and solve the issue at hand.</b></div><div><b><br></b></div><div><b>Overall, this game could be a fun and interactive way to explore different problems and potential solutions within a given context or field.</b></div><div><b><br></b></div><div>Here's another:</div><div><br></div><div><div><b>ChatGPT: Based on the information you have provided, it seems like you are missing a research question or topic for your academic paper. The issue and capability statements provide some context but do not provide a clear direction for your research.</b></div><div><b><br></b></div><div><b>To develop a research question, you could consider the following steps:</b></div><div><b><br></b></div><div><b>1. Identify a broad topic area that you are interested in researching.</b></div><div><b>2. Conduct a literature review to identify gaps in the existing research on this topic.</b></div><div><b>3. Refine your topic area based on the literature review and identify a specific research question that you want to answer.</b></div><div><b>4. Develop a hypothesis or set of hypotheses that you will test through your research.</b></div><div><b>5. Choose appropriate research methods to collect and analyze data that will help you answer your research question and test your hypotheses.</b></div><div><b><br></b></div><div><b>Once you have a clear research question and methodology, you can begin drafting your academic paper. Your paper should include an introduction that outlines the research question, a literature review that provides context for your study, a methods section that describes how you conducted your research, a results section that presents your findings, and a conclusion that summarizes your research and discusses its implications.</b></div></div><div><br></div><div>It could be interesting to use prompts like these to load context for problem solving tasks. Just like it works in the data that is used to train the large language model.</div><div><br></div><div>Remember, I said no prose. No idea if I kept that promise. Let me know.</div>Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com0tag:blogger.com,1999:blog-4624439462792336852.post-4356741489838764802015-09-07T06:35:00.003+03:002015-09-07T06:36:09.082+03:00Streisand Effect and Microsoft Windows updatesIt's been told, that Microsoft behaves in a way that would imply unfamiliarity with the concept known as <a href="https://en.wikipedia.org/wiki/Streisand_effect">Streisand Effect</a>. Although I'm not 100% sure this will help block anything, I shall leave it to the reader to discover. I did glance through the source and did not find anything amiss.<br />
<br />
So if you want to remove and block all those nasty updates Microsoft is forcing down your throat in the name of customer experience whilst seriously invading on your privacy check out <a href="https://blockwindows.wordpress.com/">this blog</a> and <a href="https://github.com/WindowsLies2/BlockWindows/">this repository </a>on Github.<br />
<br />
Now I'm left wondering whether this was a really effective backdooring campaign or a tool that is too effective for Microsoft's liking. At least I won't have to worry about this since none of of my systems run Windows.Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com1tag:blogger.com,1999:blog-4624439462792336852.post-83653476228176267882015-01-05T11:58:00.000+02:002015-01-05T11:58:43.287+02:00Decripple OpenSSL on FedoraI have grown tired of the travesty which is Redhat's inability to get <a href="https://bugzilla.redhat.com/show_bug.cgi?id=1021898" target="_blank">secp256k1 enabled</a> on the OpenSSL package. This has been a problem since 2007. That's 8 years as of now. This elliptic curve is needed for most if not all cryptocurrencies to build and run correctly. The recommended way to deal with this problem has been linking the binaries directly to a separate version of OpenSSL that people usually install from <a href="http://www.ringingliberty.com/bitcoin/" target="_blank">Ringing Liberty repositories</a>. I'm now recommending that you should just patch the shipped version of OpenSSL whenever there's an update to OpenSSL available from Fedora repositories. I know this is bothersome, but it's the easiest way to deal with this issue until Redhat's lawyers get this shit sorted out whenever that may be.<br />
<br />
First you need to get the source rpm:<br />
<pre name="code"><code>yumdownloader --source --noplugins openssl</code></pre><br />
then you install the source rpm (version may and probably will differ):<br />
<pre name="code"><code>rpm -ivh openssl-1.0.1j-1.fc21.src.rpm</code></pre><br />
Fetch the files, patch and build:
<pre name="code"><code>cd ~/rpmbuild/SPECS/
wget http://sebastianmaki.fi/files/openssl-1.0.1j-decripple-secp256k1.patch http://sebastianmaki.fi/files/openssl.spec.secp256k1.patch
mv openssl-1.0.1j-decripple-secp256k1.patch ../SOURCES/
patch < openssl.spec.secp256k1.patch
rpmbuild -bb openssl.spec
</code></pre><br />
Then replace the installed openssl-packages on your system:
<pre name="code"><code>cd ~/rpmbuild/RPMS/$(uname -p)
yum reinstall ./openssl-*
</code></pre><br />
Now you can build bitcoind, litecoind, potcoind and so on normally by following the building instructions in the sources.<br />
No more fiddling with LD_LIBRARY_PATH, OPENSSL_OPTIONS, LDFLAGS and so on<br /><br />
If you happen to walk in the vicinity of a patent office with a canister of gasoline and the desire to burn buildings, do take pictures. I'd like to hang them on my wall. If you happen to be in a position to vote for abolishing the patent system, please do so. Vote for a political candidate that promises to destroy the patent office. The patent system as it is today does nothing to promote the development of new ideas. In fact <a href="https://www.eff.org/issues/how-patents-hinder-innovation">it hinders innovation.</a>Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com5tag:blogger.com,1999:blog-4624439462792336852.post-53090842759559621062014-09-26T06:12:00.001+03:002014-09-26T06:24:30.724+03:00OnePlus One review+unboxingThe <a href="http://oneplus.net/" target="_blank">OnePlus One</a> comes in two varieties: the 16GB(269€) and the 64GB(299€) version. Shipping to Finland is 29,99€. I managed to get an invite to buy the OnePlus One 64GB and bought it with the enthusiasm of an Apple fanboy quickly parting with the total sum of 323,99€. Considering the specs I regarded this as not that much damage.<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZYbWNRfcQ5uw1qUDXdcYHzuOPLFfLjb95-yE_Xc17FKec6jHfJTPWIWCtypArpTStLlkDyzErkMTI7Qmi125SrTy27EAsuv8QbdQrI-8RHvBRJ4xOp-SmahuFpgFivEtAyTxeK93uW94/s1600/GEDC0040.JPG" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZYbWNRfcQ5uw1qUDXdcYHzuOPLFfLjb95-yE_Xc17FKec6jHfJTPWIWCtypArpTStLlkDyzErkMTI7Qmi125SrTy27EAsuv8QbdQrI-8RHvBRJ4xOp-SmahuFpgFivEtAyTxeK93uW94/s1600/GEDC0040.JPG" height="240" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">I placed the order on Thursday and the package arrived next Monday.</td></tr>
</tbody></table>
The package contains a charger, cable, a pin for opening the sim-card slot and the phone. The phone feels nice to the hand. The sandstone black surface provides a nice grip and makes you think how slippery your previous phones have been. The front is basically all glass with chrome framing. The phone has a classic look to it that doesn't go out of style.<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjL6SVWiKWgI_ytwODRXSm1LkRqbgbgokzFk7D0ObfnwozwIYycy4_em0xbPwICEVDhNYfvly4jVydWKkoNN7B5PC-hKKxkRvUTHknddX9SHOTHVanblqRnj3CvZ0n3_rc1rSyGmjoNLt4/s1600/GEDC0041.JPG" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjL6SVWiKWgI_ytwODRXSm1LkRqbgbgokzFk7D0ObfnwozwIYycy4_em0xbPwICEVDhNYfvly4jVydWKkoNN7B5PC-hKKxkRvUTHknddX9SHOTHVanblqRnj3CvZ0n3_rc1rSyGmjoNLt4/s1600/GEDC0041.JPG" height="240" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">The charger came in it's own box.</td></tr>
</tbody></table>
The<a href="http://oneplus.net/one" target="_blank"> specs of this device</a> are remarkable. The device comes with CyanogenMod 11S based on Android 4.4, it has a quad-core cpu with enough oomph for any application. There's 3GB of RAM in this device. That's only one gigabyte less than on my laptop on which I'm writing this article. If you go with the 64GB version, you are going to have to work hard to hit the memory limit when installing apps. After a months use I managed to fill almost 10GB of the available memory and I have a gigabyte of music and a fed hundred megabytes of pictures. I've been installing a lot of apps and I have put the phone to heavy use. 740 MB is reserved for cached data only.<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAGujvgcXI5h_5D0WDh50vhfURsOUhHm72G_xzbPed8HI8soVn1j7GyM_ytzegwUF71zQtB54gk83v9FZ-TQD-ZwyPFJrIA-RVjaVUFqHhVFjmKqZfXtNJ-E2xoVDs9HWLtyNehRgN6Nc/s1600/GEDC0043.JPG" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAGujvgcXI5h_5D0WDh50vhfURsOUhHm72G_xzbPed8HI8soVn1j7GyM_ytzegwUF71zQtB54gk83v9FZ-TQD-ZwyPFJrIA-RVjaVUFqHhVFjmKqZfXtNJ-E2xoVDs9HWLtyNehRgN6Nc/s1600/GEDC0043.JPG" height="240" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">The 2100 mAh charger does it's job quickly</td></tr>
</tbody></table>
The OnePlus One has a 5.5 inch display with Full HD resolution. There are two cameras. The 13MP camera on the back can shoot high definition video and has very little noise even in less ideal lighting conditions. The 5MP camera in the front is more than adequate for VoIP. For photographs you might want to use the better camera, but the front camera does the job as well. When capturing your favourite duckface pose, it's easier to use the front camera since you can see the preview on the screen.<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzQE-98FJtP77Plv-LXAsksaOfWyHxuhdV4IJ5ML88AFPYYJ3w689OXuZeJGuthLO5P5LRSKkI-PYQqcyEVepTZetsR1a9t0o4FmiZAlYSatH4dMgVPqgXWt3X36gp6y4bVRoGY0GYt7U/s1600/GEDC0046.JPG" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhzQE-98FJtP77Plv-LXAsksaOfWyHxuhdV4IJ5ML88AFPYYJ3w689OXuZeJGuthLO5P5LRSKkI-PYQqcyEVepTZetsR1a9t0o4FmiZAlYSatH4dMgVPqgXWt3X36gp6y4bVRoGY0GYt7U/s1600/GEDC0046.JPG" height="240" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">The package had some interesting features</td></tr>
</tbody></table>
The speakers on the phone perform better than I expected from a phone. I'm a heavy user so the battery lasts for about 22hours for me. With the wifi, mobile data, bluetooth, nfc and gps off it would probably last easily more than 26 hours. If you were to use some app that puts the phone in power saving mode, it would last even longer.<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnZoHlfsSFC46P9Rrc7c8xdHHMXQHMDtWvrqu8LYbhRP3vkJHvxQjX9yVVWIkaCzpp9ThYEU640fv81KcSYJN8BOF5YbAiRGBQj0lhjssMFWbDd2Ec5VBpqHTwyBf0Ae1P_ZDIop_GPoQ/s1600/GEDC0049.JPG" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnZoHlfsSFC46P9Rrc7c8xdHHMXQHMDtWvrqu8LYbhRP3vkJHvxQjX9yVVWIkaCzpp9ThYEU640fv81KcSYJN8BOF5YbAiRGBQj0lhjssMFWbDd2Ec5VBpqHTwyBf0Ae1P_ZDIop_GPoQ/s1600/GEDC0049.JPG" height="240" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">This was inside it</td></tr>
</tbody></table>
Naturally, if you name your product The Flagship Killer, it also has to have LTE, Bluetooth 4, dual band wireless networking and NFC that can handle software card emulation, payment methods and multi-tag support. I haven't been in a situation where the GPS would have taken any time getting a fix on the location.<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: left;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjYpwT7Ud89BOHTzlx-qOV3QjaeG3Mj4iryOrmqRkvtwlGEMOaxOQkptAnbSHPEwN-X3z3qMoDTWjLlPheghYYGUchmrQ8HTV98Ze86wjKvMJNAL-Pxv_8U0Cd1rqHje5Ecu-8A1fU8LnE/s1600/GEDC0053.JPG" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjYpwT7Ud89BOHTzlx-qOV3QjaeG3Mj4iryOrmqRkvtwlGEMOaxOQkptAnbSHPEwN-X3z3qMoDTWjLlPheghYYGUchmrQ8HTV98Ze86wjKvMJNAL-Pxv_8U0Cd1rqHje5Ecu-8A1fU8LnE/s1600/GEDC0053.JPG" height="240" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">IMEI and serial blurred on purpose</td></tr>
</tbody></table>
<br />
It's almost as if I have nothing bad to say about this phone. I did have to make some udev-tweaks on my computer in order to get the Media Transfer Protocol working, but I can't really blame the phone for it. There is no SD-card slot, the baseband firmware is proprietary and the battery cannot be removed without some serious surgery. Those are probably the only bad things I have to say about this phone. The worst being the proprietary firmware. It's a shame OnePlus did not go the extra mile to make a truly open phone. I do like that rooting this phone does not affect the warranty.<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUojUZsnotHJq0Xwciylq687YMoYKwiVDF4mJmc-ZY1NUIA52Ynei2uxkmdSbOCDPRupyEsb-_0V5JDhY7E3hK-lOi6Epfh0GIGV7LQs_ZQhdaRUE4VEeNWqE1_rn6kB-SPMrxLfht-KE/s1600/GEDC0054.JPG" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjUojUZsnotHJq0Xwciylq687YMoYKwiVDF4mJmc-ZY1NUIA52Ynei2uxkmdSbOCDPRupyEsb-_0V5JDhY7E3hK-lOi6Epfh0GIGV7LQs_ZQhdaRUE4VEeNWqE1_rn6kB-SPMrxLfht-KE/s1600/GEDC0054.JPG" height="240" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">The screen had protective plastic on it</td></tr>
</tbody></table>
<br />
<br />
<b>On Fedora this change made the phone and operating system talk to eachother:</b><br />
<br />
<pre name="code"><code>#/etc/udev/rules.d/69-mtp.rules
ATTR{idVendor}=="05c6", ATTR{idProduct}=="6764", SYMLINK+="libmtp-%k", ENV{ID_MTP_DEVICE}="1", ENV{ID_MEDIA_PLAYER}="1"</code></pre>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgs6SnbYWNyrkWGwC5JwNRZ5UdBmA-HdaFH3SaUPtJTZMVZEM7Mrepdv-woou_zg1z2X6btNaSOmxCcOrB-rqQvjCmuhXqVIu8UXl1GgawfXns-JYAosXX8QMsz-HFipUTOAu8OLtO3hRQ/s1600/GEDC0061.JPG" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgs6SnbYWNyrkWGwC5JwNRZ5UdBmA-HdaFH3SaUPtJTZMVZEM7Mrepdv-woou_zg1z2X6btNaSOmxCcOrB-rqQvjCmuhXqVIu8UXl1GgawfXns-JYAosXX8QMsz-HFipUTOAu8OLtO3hRQ/s1600/GEDC0061.JPG" height="240" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">The charger cable is sturdy and sim slot opener is a nice bonus</td></tr>
</tbody></table>
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEii7o0y2ti2g1nT44MxT8P6suoYF5fkpadqOjlPRMzmNPenapZQnRPaeS7xYG96JiPNXJj0rkbDPdXJo26ZMjcZ8ckPCzqFcUIMHjocvcPBliC5DFcTUeqhNsHyIlTymA6f6ixH0v39P9A/s1600/IMG_20140926_040759.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEii7o0y2ti2g1nT44MxT8P6suoYF5fkpadqOjlPRMzmNPenapZQnRPaeS7xYG96JiPNXJj0rkbDPdXJo26ZMjcZ8ckPCzqFcUIMHjocvcPBliC5DFcTUeqhNsHyIlTymA6f6ixH0v39P9A/s1600/IMG_20140926_040759.jpg" height="237" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Sim slot opener for the microsim slot</td></tr>
</tbody></table>
Oh and unless you turn off the screen gestures, your OnePlus One will wake up on it's own and do all sorts of random things if you keep it in your sweaty pocket while helping a friend move. You can find the gestures settings in the settings main menu.<br />
<br />
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGO51OWVSV7-prja_8tfDyOBAljdXCvXNMxh5nKicS87tLcaFnBu7rzieY-OTAa3AlLbE18YilsY_r2R72SvisqmykKVD59Qy9LRsDwP_09bhwKf27UehgMVXJT4LFpsWcwQXZwh2Eg1U/s1600/GEDC0063.JPG" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGO51OWVSV7-prja_8tfDyOBAljdXCvXNMxh5nKicS87tLcaFnBu7rzieY-OTAa3AlLbE18YilsY_r2R72SvisqmykKVD59Qy9LRsDwP_09bhwKf27UehgMVXJT4LFpsWcwQXZwh2Eg1U/s1600/GEDC0063.JPG" height="240" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Ready to charge</td></tr>
</tbody></table>
I've been using the phone for a month now and I recommend it. It's a fine piece of hardware with the best Android distribution available and it's affordable.Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com0tag:blogger.com,1999:blog-4624439462792336852.post-25723385869153158652014-08-29T15:54:00.000+03:002014-09-03T18:22:57.048+03:00An Open Letter: Is copyright trolling a thing in Finland now?<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuInvANEsJeduYVs4t8Zj5nurTCDgQqhLz1SROu69m6d_6BrZH0qEqCetLrL5gN-F7PZ8kZYwXIBpLcNnWVhOI759ebUQhue-_D43AbY218s7-1JTS0AgxKtA92aFYvQfjeGuNIQQVftQH/s1600/grumpy-cat-meme-generator-umm-no-ee8f7d.jpg" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhuInvANEsJeduYVs4t8Zj5nurTCDgQqhLz1SROu69m6d_6BrZH0qEqCetLrL5gN-F7PZ8kZYwXIBpLcNnWVhOI759ebUQhue-_D43AbY218s7-1JTS0AgxKtA92aFYvQfjeGuNIQQVftQH/s1600/grumpy-cat-meme-generator-umm-no-ee8f7d.jpg" height="185" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">TL;DR; my response to the law firm representing Hustler</td></tr>
</tbody></table>
<br />
I got a <a href="http://bayfiles.net/file/1jO9z/a5sLb0/hedmanpartners-kirje.pdf" target="_blank">nasty letter</a>(<a href="http://sebastianmaki.fi/hedmanpartners-letter.txt" target="_blank">in English here</a>) in the mail. I was being demanded 600 euros for alleged copyright infringement. I operate a TOR exit node and an open wireless network. I'm also an active member of the Pirate Party and have been a municipal election candidate in Turku, Finland.<br />
<br />
Someone had been downloading a torrent "This Ain't Game Of Thrones XXX" via <a href="https://www.torproject.org/">TOR</a> or my wireless network. The law firm Hedman Partners, who represent Hustler in Finland seemed to have made the assumption that it's ok to make ultimatums demanding money from someone based on the IP-address alone. By request, I translated my <a href="http://blogi.sebastianmaki.fi/2014/08/avoin-kirje-onko-copyrighttrollaus.html" target="_blank">previous post</a> to the best of my ability, so excuse any strange wording. I've organized my two blogs so that I post in English here and <a href="http://blogi.sebastianmaki.fi/">my other blog</a> has it's contents in Finnish.<br />
<br />
My thoughts are that it's appalling how low someone is willing to go hustling.(pun, get it?)<br />
<br />
Your friendly neighbourhood torrorist replied as follows:<br />
<br />
<blockquote class="tr_bq">
Dear lawyer of Hedman Partners </blockquote>
<blockquote class="tr_bq">
Your company has sent me a letter stating that I should pay 600 euros for your company, or otherwise what would follow is something that in your letter was referred to as "further measures". Considering the overall tone of the letter and in the fact that it referred to Finnish law and coercive measures by the police, I regard your ultimatum as threatening. As I understood it, I was being demanded monetary compensation for an act I know for certain, I did not do and for which it would be impossible to to prove guilt. What I believe made this demand unlawful in was the fact that I have not committed the offence mentioned.</blockquote>
<blockquote class="tr_bq">
According to Finnish law, wrongfully forcing someone to dispose of their financial interests is known as blackmail. Threatening to make known one's porn watching habits unless someone coughs up money sounds to me like activities, for which you can get a sentence. I have heard of other cases where people have been threatened with further measures in order to intimidate innocents to part with their money. I am also concerned that other innocent citizens might not have as much time, energy, or wealth to fight back. Because your actions have the potential to cause so much damage to innocent bystanders, I find it morally questionable. I have made a police report.</blockquote>
<blockquote class="tr_bq">
I have been a TOR exit node operator for many years and I have also been sharing an open wireless network to my neighbours and the occasional passer by in my neighbourhood. In addition, I have occasionally experimented with operating other anonymizing networks. Many other people contribute to the sum of the traffic that goes through my network. Anyone who has access to the Internet can route traffic along the TOR network, and thus it can pass via my connection. Some of those people are journalists, human rights activists and ordinary citizens, on which some party, often their own state, applies censorship. Without the privacy provided by TOR they may lose their lives. </blockquote>
<blockquote class="tr_bq">
Naturally with an open network, also the possibility of abuse arises, and in those cases a proper investigation into the matter must be done. A definition of proper investigation is not presuming guilt based on the IP-address alone and sending a bill and an ultimatum to the internet subscription holder. How many cafés have received letters from Hedman Partners? I'm guessing none. I wonder if any servers located in hosting facilities have got the same attention or is their campaign focused only on private people? As stated in your letter, according to Finnish law, ignorance does not release one from guilt even in copyright cases. Information about the services I've been maintaining have been accessible i.a. in my blog (http://semantics.sebastianmaki.fi/) and in the exonerator.torproject.org service. They can be found after a quick search by using my name as query terms or by checking my IP-address from exonerator service. I't will show that my server has been a TOR-exit node at the time of alleged offence. </blockquote>
<blockquote class="tr_bq">
However, it is essential that IP-address alone does not identify the offender. A Florida district court judge has already come to this conclusion. An IP-address does not contain any kind of property that could identify the person downloading. You cannot even conclude whether the court has jurisdiction in the area where the downloading happens based on the IP-address alone.(<a href="https://torrentfreak.com/ip-address-not-person-140324/">https://torrentfreak.com/ip-address-not-person-140324/</a> )<br />
In the US copyright trolling or "legal blackmail" (Extortion Letter Scheme) is already a well-known phenomenon. According to a quick Google search, there has already been a sentence in a slightly grosser case.(<a href="http://www.gpo.gov/fdsys/granule/USCOURTS-mad-1_10-cv-12043/USCOURTS-mad-1_10-cv-12043-0">http://www.gpo.gov/fdsys/granule/USCOURTS-mad-1_10-cv-12043/USCOURTS-mad-1_10-cv-12043-0</a>) In similar cases some patent trolls have also been sentenced. Ylivieska district court in Finland has already outlined that the owner has no responsibility for the content of their wireless network traffic. </blockquote>
<blockquote class="tr_bq">
How I see it, your actions are not in the best interest of your client, so I wonder what you are trying to achieve. Sure, the copyright holder has the right to seek compensation if the material has been distributed or used without permission, but it is not necessarily a rational action to take. Studies have shown that downloaders also buy copyrighted material. It would be rational of the copyright holders to regard downloading as free marketing that will increase sales. By stating this, my purpose is not to provide any excuses for I need none because of my innocence. I just question the rationality of your actions. </blockquote>
<blockquote class="tr_bq">
In any case, I can not in good conscience pay the sum you demand. Although I do watch porn from free legal sites and now also from similar sites that accept Bitcoin, the only way I'm involved in this matter is that I provide services that other people may use. Satire porn isn't my cup of tea anyhow. </blockquote>
<blockquote class="tr_bq">
I provide these services for humanitarian reasons and without any compensation. In the event that you're still thinking of trying to get me on accessory charges or something else like that, I'd like to remind you that the only thing you could hope to achieve is making it more difficult for innocent people to take care of their privacy, and so would jeopardize especially those people who are most in need of protection. It is known that well-intentioned restrictions will not hinder the actions of criminals, and I do question the credibility of arguments that imply that knowledge of restrictions could bring a sense of security. </blockquote>
<blockquote class="tr_bq">
I am very familiar with IT, and I also know something about law. Therefore, I am very sure that you have no such evidence that would make it in your best interest to pursue this case in court.<br />
However, if you believe that I have committed a crime, please do report a crime or otherwise leave me alone. I wish your customer good luck in experimenting with new types of avenues to profit from their content in a changing world. I just hope that this isn't one of those experiments. </blockquote>
<blockquote class="tr_bq">
Waiting for your reply,<br />
Sebastian Mäki<br />
Vice-President,<br />
Pirate Party of Finland's local domain in Southwest Finland<br />
Voluntary TOR operator and the operator of the open HackLair network </blockquote>
<blockquote class="tr_bq">
This is an open letter published in my blog (<a href="http://blogi.sebastianmaki.fi/">http://blogi.sebastianmaki.fi/</a>) and sent to the email address of Hedman Partners lawyer.</blockquote>
<br />
Experiences from past as a TOR exit node operator <a href="http://blogi.sebastianmaki.fi/2013/10/avoin-kirje-internet-liittyman-hairinta.html">here</a> and <a href="http://semantics.sebastianmaki.fi/2011/12/keskusrikospoliisi-me-tultiin-tekemaan.html">here</a>.(in Finnish)<br />
<br />
EDIT: 3.9.2014 If for some reason all the free legal porn in the internet isn't enough for you, you can get more with <a href="https://www.youtube.com/watch?v=Um63OQz3bjo" target="_blank">bitcoin</a> from <a href="http://enter.iknowthatgirl.com/signup/signup.php?step=2" target="_blank">iknowthatgirl.com</a> and other places too.Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com22tag:blogger.com,1999:blog-4624439462792336852.post-44581385126646404032013-10-14T14:56:00.000+03:002013-10-14T15:09:47.236+03:00Tesseract wrapperGOCR really doesn't seem to recognize Finnish or different kind of fonts out of the box. Tesseract seems to have no problems in recognizing the content I feed it so I wanted to configure XSANE so that it would use Tesseract instead. Setting up XSANE to use Tesseract is not straightforward though. XSANE expects input and output files to be defined as options when Tesseract accepts the input file as first argument and the basename of the output as second parameter. By default XSANE is configured to use GOCR.<br />
<br />
In order to make XSANE work with Tesseract the easy option was just to make a wrapper script that accepts options in the way XSANE can provide them. For this purpose I created a <a href="https://github.com/neatbasis/tesseract-wrapper/blob/master/tesseract-wrapper">wrapper script</a> for Tesseract.<br />
<br />
<br />
<h2>Comparisons of options:</h2>
<br />
<h4>
Tesseract</h4>
<pre name="code"><code>[sebastian@localhost tesseract-wrapper]$ tesseract --help
Usage:tesseract imagename outputbase [-l lang] [-psm pagesegmode] [configfile...]
pagesegmode values are:
0 = Orientation and script detection (OSD) only.
1 = Automatic page segmentation with OSD.
2 = Automatic page segmentation, but no OSD, or OCR
3 = Fully automatic page segmentation, but no OSD. (Default)
4 = Assume a single column of text of variable sizes.
5 = Assume a single uniform block of vertically aligned text.
6 = Assume a single uniform block of text.
7 = Treat the image as a single text line.
8 = Treat the image as a single word.
9 = Treat the image as a single word in a circle.
10 = Treat the image as a single character.
-l lang and/or -psm pagesegmode must occur before anyconfigfile.
Single options:
-v --version: version info
--list-langs: list available languages for tesseract engine
</code></pre>
<h4>
GOCR</h4>
<pre name="code"><code>[sebastian@localhost tesseract-wrapper]$ gocr --help
Optical Character Recognition --- gocr 0.49 20100924
Copyright (C) 2001-2010 Joerg Schulenburg GPG=1024D/53BDFBE3
released under the GNU General Public License
using: gocr [options] pnm_file_name # use - for stdin
options (see gocr manual pages for more details):
-h, --help
-i name - input image file (pnm,pgm,pbm,ppm,pcx,...)
-o name - output file (redirection of stdout)
-e name - logging file (redirection of stderr)
-x name - progress output to fifo (see manual)
-p name - database path including final slash (default is ./db/)
-f fmt - output format (ISO8859_1 TeX HTML XML UTF8 ASCII)
-l num - threshold grey level 0<160<=255 (0 = autodetect)
-d num - dust_size (remove small clusters, -1 = autodetect)
-s num - spacewidth/dots (0 = autodetect)
-v num - verbose (see manual page)
-c string - list of chars (debugging, see manual)
-C string - char filter (ex. hexdigits: 0-9A-Fx, only ASCII)
-m num - operation modes (bitpattern, see manual)
-a num - value of certainty (in percent, 0..100, default=95)
-u string - output this string for every unrecognized character
examples:
gocr -m 4 text1.pbm # do layout analyzis
gocr -m 130 -p ./database/ text1.pbm # extend database
djpeg -pnm -gray text.jpg | gocr - # use jpeg-file via pipe
webpage: http://jocr.sourceforge.net/</code></pre>
<h4>
Tesseract wrapper</h4>
<pre name="code"><code>[sebastian@localhost tesseract-wrapper]$ ./tesseract-wrapper --help
Syntax:
./tesseract-wrapper -i inputfile [-o outputfile] [-l lang]
</code></pre>
Clone the <a href="https://github.com/neatbasis/tesseract-wrapper">repo</a> in GithubSebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com0tag:blogger.com,1999:blog-4624439462792336852.post-76184962743246170512013-10-05T22:29:00.000+03:002014-08-31T20:20:15.691+03:00NinjaStik encryption vulnerability<h3>
The Discovery</h3>
<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEid-8d2fdMKbYdl-wgj2LOmXhZMGPyYNYvDS_ST6RKZkdGXmbwyZo5WLoV71fKP1TC1XEPTr88G0SNrGaBrqtuXgTR54goGwfpsGttCxuJC-79YwZ6yNIQxy5VOmgG-Wh8ysZHONYqZ-Lw/s1600/152833988_dcba4bacd9_o.jpg" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEid-8d2fdMKbYdl-wgj2LOmXhZMGPyYNYvDS_ST6RKZkdGXmbwyZo5WLoV71fKP1TC1XEPTr88G0SNrGaBrqtuXgTR54goGwfpsGttCxuJC-79YwZ6yNIQxy5VOmgG-Wh8ysZHONYqZ-Lw/s320/152833988_dcba4bacd9_o.jpg" height="240" width="320" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">(Photo – Flickr Creative Commons: <a href="http://www.flickr.com/photos/grrphoto/152833988/">R’eyes</a>)</td></tr>
</tbody></table>
We in <a href="https://bittiraha.fi/">Bittiraha.fi</a> like gadgets. We also like know what we sell to our customers, so some of the guys started checking out a shipment of NinjaStiks.<br />
<br />
I was trying to do some other work while discussing the <a href="http://www.ninjastik.com/">NinjaStik</a>, anonymity, encryption and other stuff with my co-workers. I had one of those days you just can't get yourself to concentrate..<br />
<br />
I'm sceptical of any security tool that doesn't come with the exact instructions on how to reproduce it yourself. There are some <a href="http://www.ninjastik.com/get-it-free/">instructions</a> on how to get started and technical <a href="http://www.ninjastik.com/support/ninjastik-technical-specifications/">specifications</a> on the NinjaStik site, but elsewhere on the site they also mention some secret ingredients. People are corruptible and imperfect so anything produced by a human should be considered compromised until proven otherwise. I was arguing my point about trusting a third party when the discussion diverted to the process of changing the default password on the <a href="http://en.wikipedia.org/wiki/Linux_Unified_Key_Setup">LUKS</a>-partition. There were instructions on how to do so and they came with the NinjaStik.<br />
<br />
<h3>
The Problem</h3>
Changing the password for the master key does not change the master key. NinjaStik is a kind of product that you would assume is most conveniently produced by writing an existing disk image to a thumb drive. This was confirmed to be the case with the images extracted from the NinjaStiks we had at hand. We took 2 different NinjaStiks and found they used the same master key. We can assume that the rest of the shipment are clones as well. This means that the claim that your data cannot be accessed without supercomputers and a million years to spend is false. In fact it took 30 minutes including reading man pages, making coffee and browsing Facebook(you can guess which one of these was the most time consuming). It was kind of cool to be able to demonstrate the ability to read the contents of my co-workers drive, which according to the marketing by it's producer was an impossible feat.<br />
<br />
The fact how simple it was to defeat the encryption on a NinjaStik raises questions and answers some. How competent are the people behind the development of NinjaStik? Should you take it for granted that someone who produced a security product understands all the caveats or even the basic ones? We're going to re-encrypt the NinjaStiks we sell to our customers as well as include instructions on how to do it themselves.<br />
<br />
It would be irresponsible of us to tell our customers to trust that we don't keep copies of the master keys ourselves, so I would rather tell the customer to assume we do and then decide if they want to re-encrypt their device. Who knows, if by accident there is a copy of the master key somewhere in our swap partition and we're forced to hand over that data. Of course whether the customer needs to worry about the encryption depends much on what the customer chooses to do with their NinjaStik or in life generally. For some, who purchase this product, it doesn't really matter if it's encrypted or not.<br />
<br />
I didn't explore NinjaStik beyond this vulnerability as I haven't had the time.<br />
<h4>
</h4>
<h3>
</h3>
<h3>
The Aftermath</h3>
We contacted a NinjaStik representative on the 29th of September and they updated their <a href="http://www.ninjastik.com/faq/">FAQ</a> pretty soon after we explained the vulnerability to them and provided instructions on how to fix the situation. According to the representative they used to build the NinjaStiks with a room full of PCs, but they recently started cloning. He told us they would contact the customers with affected NinjaStiks and immediately return to building them with the room full of PCs method. He also offered to rebuild the NinjaStiks we had and pay the shipping costs which was nice of him although unnecessary as it's not much of an effort for us to do it ourselves. According the representative there aren't many NinjaStiks out there created with the cloning method. We advised them to build NinjaStiks with another boot option that would boot on the first use and re-encrypt the encrypted partition. We then gave them a week to handle the situation on their end before releasing the details of this vulnerability. Still in their updated FAQ they are downplaying the vulnerability:<br />
<blockquote>
"Can I change the encryption passphrase?<br />
<br />
Yes you can and it is highly recommended – the NinjaStik ships with a default encryption passphrase and a default login password. Both of these should be changed the first time you use the NinjaStik. The NinjaStik also includes instructions to change the volume encryption key to further ensure that even we couldn’t gain access to your NinjaStik."</blockquote>
The wording "to further ensure" sounds to me like something you shouldn't really worry about. In reality the opposite is true. It's not even about just them gaining access to the data on your NinjaStik, everyone can. (The different capacity NinjaStiks might use a different master key, but there are copies of the master keys already out there on already purchased sticks.) Also it's more likely that the one trying to decrypt your device is someone you know or the authorities and thus it's more likely that they have access to the same master key as the one used in your batch.<br />
<br />
Then there's the issue of cloning being a recent method for production. I don't see many other plausible reasons for them to use a non-cloning process to manufacture an OS on a thumb drive besides lack of knowledge on how to <a href="http://linux.die.net/man/1/dd">clone disks</a> or the knowledge that it would make the master key on the NinjaStik known. I'm having difficulties understanding how anyone who put this stick together in the first place would not know how to clone them, so I'm inclined to think they knew that they were compromising the encryption, but maybe didn't realize how serious it was or didn't care. But hey, I'm a paranoid tin foil hat person.<br />
<br />
<h4>
</h4>
<h3>
The Method</h3>
The same master key is used in all NinjaStiks thus any NinjaStik can be decrypted using the known master key or a backup of the LUKS header(it contains the key). I demonstrate here how to gain access using a copy of a header from a fresh NinjaStik. The way LUKS works is that even if you change the password for the keyslot, the actual key used for encryption stays the same. Therefore it is a trivial task to use a known master key(or vanilla header) to decrypt a LUKS device.<br />
<br />
Ingredients: 2 NinjaStiks. The victims NinjaStik, which has an unknown password set and one with a known password.<br />
<br />
<pre name="code"><code>//Extract the LUKS header from the new NinjaStik. Password is "password"
cryptsetup luksHeaderBackup --header-backup-file=vanilla-header.bak /dev/sda2
//Remove the NinjaStik and plug in the victim's NinjaStik
//Optional step: extract the luks header from the second NinjaStik
cryptsetup luksHeaderBackup --header-backup-file=victim-header.bak /dev/sda2
//Replace the header on the victim's NinjaStik
cryptsetup luksHeaderRestore --header-backup-file=vanilla-header.bak /dev/sdb2
//Open the LUKS partition using the default password "password"
cryptsetup luksOpen /dev/sdb2 stick
//Mount the partition
mkdir /mnt/decrypted
mount /dev/mapper/stick /mnt/decrypted
//Achievement unlocked, you can now read and write on the victims NinjaStik and compromise any security measure on the operating system residing on the stick(install keyloggers or whatever)
//Unmount the stick and close the LUKS partition
umount /mnt/decrypted
cryptsetup luksClose stick
//Restore the original header to the stick
cryptsetup luksHeaderRestore --header-backup-file=victim-header.bak /dev/sdb2
//The victims NinjaStik can now again be opened with the password set by the victim.
</code></pre>
<br />
One alternative approach is to just clone the victims NinjaStik without making any changes to the stick at all. The contents of the victims NinjaStik can be decrypted using an image of the victims NinjaStik and a header with the known password.<br />
<br />
<h4>
</h4>
<h3>
The Quick Fix</h3>
In order to prevent unauthorized access to a NinjaStik the very first thing a user should do is re-encrypt the luks partition. This can be done after booting the computer with a linux LiveCD. I recommend <a href="https://fedoraproject.org/">Fedora Live Desktop</a>. The cryptsetup-reencrypt tool is not preinstalled on the LiveCD, but you can install it from the command line by issuing the command<br />
<pre>sudo yum -y install cryptsetup-reencrypt</pre>
A quick look led me to the conclusion that cryptsetup-reencrypt tool is not available on Ubuntu 12.04.3 at the moment. After you have booted up the LiveCD open up a terminal, gain root privileges, plug in the NinjaStik and follow these instructions<br />
<br />
<pre name="code"><code>
//identify the last plugged in device
dmesg|tail
[ 1494.609774] sd 6:0:0:0: [sdf] Write Protect is off
[ 1494.609781] sd 6:0:0:0: [sdf] Mode Sense: 23 00 00 00
[ 1494.610406] sd 6:0:0:0: [sdf] No Caching mode page present
[ 1494.610409] sd 6:0:0:0: [sdf] Assuming drive cache: write through
[ 1494.613495] sd 6:0:0:0: [sdf] No Caching mode page present
[ 1494.613500] sd 6:0:0:0: [sdf] Assuming drive cache: write through
[ 1494.614011] sdf: sdf1
[ 1494.616820] sd 6:0:0:0: [sdf] No Caching mode page present
[ 1494.616824] sd 6:0:0:0: [sdf] Assuming drive cache: write through
[ 1494.616827] sd 6:0:0:0: [sdf] Attached SCSI removable disk
//you see here we plugged in the device /dev/sdf
//on the NinjaStik the second partition is the encrypted one
//thus the partition we want to re-encrypt would be /dev/sdf2
//re-encrypt the partition, it will take some time
cryptsetup-reencrypt -B 32 -c aes-xts-plain64 /dev/yourdevice
</code></pre>
<div>
<span style="font-family: monospace;"><span style="white-space: pre;"><br /></span></span>Alternatively you can and probably should do these operations on a copy of your NinjaStik image instead and after you have confirmed it works write the resulting image on your NinjaStik.<br />
<br />
See more info on re-encryption here: <a href="http://asalor.blogspot.fi/2012/08/re-encryption-of-luks-device-cryptsetup.html">http://asalor.blogspot.fi/2012/08/re-encryption-of-luks-device-cryptsetup.html</a><br />
<br />
You should check your master key details with cryptsetup luksDump. The default header we had in our stiks looked like this:<br />
<pre name="code"><code>
Version: 1
Cipher name: aes
Cipher mode: cbc-essiv:sha256
Hash spec: sha1
Payload offset: 4096
MK bits: 256
MK digest: bb 49 14 91 26 e1 be 4e 45 2c 9e 81 15 95 45 43 14 1d 9c eb
MK salt: 09 b3 d0 c4 15 8e cb 0b 4c 20 02 39 a3 71 7c 67
61 5c 3a ef 8b 3f f9 87 fb d5 bc 03 b9 eb ca 21
MK iterations: 18750
UUID: 4f85fbe5-2d73-47e4-a59f-3ae3b080d913
</code></pre>
<br />
In all cases you should re-encrypt. Even if the master key differs from this one. If you find that your master key matches, leave a comment.
<br />
<br />
<h3>
The Solution</h3>
NinjaStiks should contain a second boot option to boot the stick into a mode where the encrypted partition is not mounted. After booting is complete the stick should run a script that asks the user for a current password and a new password twice. The script should then re-encrypt the encrypted partition and reboot. At the moment this also requires updating the cryptsetup version to 1.5 as the current available version(1.4.1) on Ubuntu 12.04.3 does not contain the re-encryption tool.<br />
<br />
<h4>
</h4>
<h3>
A Conclusion</h3>
The worst threat to security is false security.<br />
<br />
Originally <a href="http://semantics.sebastianmaki.fi/2013/10/ninjastik-encryption-vulnerability.html">posted</a> in my blog <a href="http://semantics.sebastianmaki.fi/">Semantics</a><br />
<br />
<b>UPDATE</b>:<br />
If you want to check whether you have a NinjaStik that was manufactured with a cloning process, paste the sha256 digest of your master key digest in the comments below.<br />
<br />
<b style="background-color: #990000;">IMPORTANT</b>:<br />
The only thing that can be proven is that if you find two drives with the same master key digest, the corresponding master key is very compromised. <b>If the digests are different, it <a href="http://en.wikipedia.org/wiki/Evidence_of_absence" target="_blank">does not prove anything</a></b>. There is no guarantee that someone does not know the master key of your NinjaStik the moment you receive it, therefore if you have to be absolutely sure nobody else can open your NinjaStik you have to re-encrypt if yourself. You should also request that the NinjaStik manufacturer provides a first start feature, where the stick is re-encrypted with a random master key before use.<br />
<br />
If you don't understand what this command does, you probably shouldn't be pasting it into your console.(that goes for every tutorial on the interwebs) You should actually<a href="http://thejh.net/misc/website-terminal-copy-paste" target="_blank"> never paste stuff directly to your terminal</a>.</div>
<br />
<pre name="code"><code>//print out the sha256 digest of your master key digest like this
cryptsetup luksDump /dev/yourdevice|grep 'MK digest'|sed -e 's/^MK digest:[[:space:]]*//'|sha256sum
//you should have a hash that is reasonably well anonymized. Paste it in the comments for others to see and compare.
</code></pre>
Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com8Kuopio, Finland62.8933347 27.67933849999997262.3921207 26.388444999999972 63.394548699999994 28.970231999999971tag:blogger.com,1999:blog-4624439462792336852.post-65274646202084262162013-06-01T22:55:00.001+03:002013-06-01T22:55:52.991+03:00Why Gnome 3 sucks for a desktop power user<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqdS2iDMKFfX49ZRcEEAFkpa-PZwjvpPJdevASb-Ol3XYSxLIYBxzK58yt-LXtGiQ-HZFbvm-bLGa2mKUICiiZrC3HHA8lFvRs32ShPh3rKfZaD8668gGCadozNioYE7ktwhmxw3ySSvs/s1600/mouse1113466_22458752.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiqdS2iDMKFfX49ZRcEEAFkpa-PZwjvpPJdevASb-Ol3XYSxLIYBxzK58yt-LXtGiQ-HZFbvm-bLGa2mKUICiiZrC3HHA8lFvRs32ShPh3rKfZaD8668gGCadozNioYE7ktwhmxw3ySSvs/s320/mouse1113466_22458752.jpg" width="320" /></a></div>
When Gnome 3 replaced my familiar Gnome 2 user experience I was not very pleased. The point of this post is that instead of just complaining about Gnome 3 I would like to help make it better.<br />
<br />
<h4>
What I noticed first</h4>
My productivity suffered. I was spending more time waiting and searching for apps, information and action buttons. I'm used to be able to glance my screen and absorb a lot of information about the state of my files, apps and whatever. Trying to do this on Gnome 3 I would just waste time and get easily distracted. Why can't I even see modification times for files modified on any other day than today? Why isn't there even an option in settings for this? Why can't I change the SElinux security context of my files? I wanted to really know why the user experience sucked for me so I tried to figure out what is the difference between Gnome 2 and 3. My conclusion was that Gnome 3 is a window manager for touch based devices, but tries and fails to be a window manager for desktop as well.<br />
<h4>
Desktop UI</h4>
<ul>
<li>Viewing distance: short</li>
<li>Pointing device: mouse</li>
<li>Text input: physical keyboard</li>
<li>Usage: a wide selection of applications that are used with both keyboard and mouse at the same time. Ratio of interactions/time is high.</li>
<li>Hardware: Fast processor and lots of memory, high resolution</li>
</ul>
Because the amount of interactions is high even the slightest delays will add up to much time spent waiting.<br />
A desktop UI has evolved to perform most actions with minimal effort.(Minimize mouse travel, use keyboard shortcuts in order to avoid menus)<br />
<br />
On a traditional application menu you can pretty much find all the desktop applications available for you and you can very quickly get a picture what's available in each category of applications. It is very suitable for a desktop operating system with lots of applications. On a touch based device this kind of a menu would be difficult to use as the size of items is too small to use with an inaccurate pointing device. A traditional application menu is designed to be used with a mouse.<br />
<h4>
Touch or gesture based UI</h4>
<ul>
<li>Viewing distance: short or long</li>
<li>Pointing device: touch or gesture based</li>
<li>Text input: mostly on screen keyboard controlled by pointing device but also speech recognition</li>
<li>Types of devices: Smartphone, tablet and television/multimedia center</li>
<li>Usage: mostly limited to few applications and does not require custom commands in order to serve its purpose. Ratio of interactions/time is low.</li>
<li>Hardware: Cheaper processors and less memory, resolution varies</li>
</ul>
Amount of interactions is relatively low. Delays in areas you don't frequently use(settings, tuning etc.) not that important as long as basic usage is fast.(Answering, changing channels etc.)<br />
Basic usage is with an inaccurate pointing device and limited screen size.(Spreads content into multiple screens and displays on screen navigational cues.)<br />
<br />
You can clearly see that Gnome 3 is designed in a way that it would be easy to use by touch. Any touch device must deal with the inaccuracy of fingers as pointing device, this reduces the maximum amount of items you can interact with at any time. Although you can use a mouse to do gestures similar to those done by fingers, it requires moving the mouse more than in a desktop user interface. Using the application menu to find an application becomes time consuming when using a mouse, especially when you have a lot of applications installed. You can expect a touch based device to contain less applications to look for. Thus the amount of applications should not be a problem on a touch device.<br />
<br />
When gnome 3 is used on a desktop you naturally have a keyboard available as well. You can quite quickly press the super-key and type the first letters of the application name you wish to launch, provided that you don't blank out on the name of the app. For me it happens quite often. On the plus side, plugins look pretty and are quite easy to install. You can get a traditional application menu with a plugin.<br />
<br />
A desktop window manager is fundamentally different from a touch based window manager. A desktop user interface specializes in how to best manage applications with a high on screen item density and a high resolution pointing device. Using a desktop oriented UI is difficult with an inaccurate pointing device such as the finger. Even if you had very accurate fingers it is impossible to see through your finger and thus you can only estimate within some margin of error what are the exact coordinates of the pointer. A finger also produces more random movement even when you try to keep it perfectly still and even more so when you are beginning to touch and releasing your finger from the surface of the screen. In addition to touch devices low on screen item density is suitable for a computer in the living room. It would make sense to control such a device with hand gestures or a motion tracked remote(Kinect or webcam + some OpenCV magic).<br />
<br />
It is my belief that by currently trying to satisfy both desktop and touch device users with the same UI, you are not doing a good UI for either one. You should accept that there are fundamental differences and that the user interface should be different. Maybe the window manager should adapt the UI better depending on the input devices available? Touch based user interfaces are still relatively new and there might be some new innovations in that field. I hope that someone comes up with ways to make such interfaces easier and faster to use on a desktop computer as well.Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com6tag:blogger.com,1999:blog-4624439462792336852.post-87293369966409039372013-04-11T20:36:00.001+03:002013-04-11T20:57:01.562+03:00Configuring a 4-port Sun Happy Meal card<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqtM0-HOdxUvk1-UTq2xCim6dcJjOgnnI3CP71Pi99X3_LU_XQUoDS4oOnDDEcr8ywUjJY1Lykeh7NjtYDPqokPouwfT-2fH_40STkP3w-CqdvojI7cezWCjysKYpBvd-F9OpQoaS5Pdg/s1600/photo.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgqtM0-HOdxUvk1-UTq2xCim6dcJjOgnnI3CP71Pi99X3_LU_XQUoDS4oOnDDEcr8ywUjJY1Lykeh7NjtYDPqokPouwfT-2fH_40STkP3w-CqdvojI7cezWCjysKYpBvd-F9OpQoaS5Pdg/s320/photo.jpg" width="240" /></a>Some time ago I rescued a pair of 4 port Oracle/SUN Happy Meal 10/100 Ethernet cards and I decided it was time to play with them. There was an <a href="http://networkbroadcast.co.uk/2011/04/sun-quad-nics-and-x86_64-kernels/">issue</a> with the sunhme driver, so I created an akmod package for Fedora 18 to patch the bug on my system so that the patch would be picked up automatically on every kernel update as well. The akmod package is available on <a href="https://github.com/neatbasis/sunhme2g">github</a>.<br />
<br />
There's another quirk to these cards as well. At least on my system there is an issue with renaming the interface names that leads to one of the interfaces being renamed inconsistently(interface name ends up being something like "rename6"). I wanted to rename the interfaces nicely so that I could tell the sunhme interfaces from other interfaces in my system.<br />
<br />
In addition to weird renames these cards have only one shared mac-address assigned to each interface, so you can't just match the interfaces by their mac-address, since they're the same.<br />
<br />
These quirks made getting the udev rules to match rather challenging. Eventually I found a nice script that scans for the interfaces and <a href="http://www.linuxquestions.org/questions/linux-networking-3/overriding-etc-udev-rules-d-70-persistent-net-rules-903234/">creates a template for a proper matching udev rule</a>.<br />
<br />
In order to be able to use just on interface without having packets disappearing on the other interfaces, which might not be physically connected I also set unique mac-addresses for all the interfaces.<br />
<br />
<h3>
/etc/udev/rules.d/30-sun-hme.rules</h3>
<pre name="code"><code>SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNELS=="0000:06:00.1", \
KERNEL=="eth*", NAME="hme0", RUN+="/usr/local/bin/sunmacchanger %k 00:03:ba:a8:58:e5"
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNELS=="0000:06:01.1", \
KERNEL=="eth*", NAME="hme1", RUN+="/usr/local/bin/sunmacchanger %k 00:03:ba:a8:58:e6"
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNELS=="0000:06:02.1", \
KERNEL=="eth*", NAME="hme2", RUN+="/usr/local/bin/sunmacchanger %k 00:03:ba:a8:58:e7"
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{dev_id}=="0x0", ATTR{type}=="1", KERNELS=="0000:06:03.1", \
KERNEL=="eth*", NAME="hme3", RUN+="/usr/local/bin/sunmacchanger %k 00:03:ba:a6:58:e8"
</code></pre>
<h3>
/usr/local/bin/sunmacchanger</h3>
<pre name="code"><code>#!/bin/bash
#make sure the interface is down, otherwise setting the mac will fail
/sbin/ifconfig $1 down
/usr/bin/macchanger --mac=$2 $1
</code></pre>
<br />
After the changes I just needed to unload the driver, reload the rules and load the driver again and udev magic would happen
<br />
<pre name="code"><code>chmod +x /usr/local/bin/sunmacchanger
rmmod sunhme
udevadm control --reload-rules
#loading my patched version of sunhme driver
modprobe sunhme2g
</code></pre>
<br />
Now I have 4 100M interfaces on one card. It'll come handy when routing traffic outside my LAN and I could have redundancy in case one WAN connection goes down.
<br />
<br />
Unless I spesifically tell NetworkManager not to bring up interfaces hme1-hme3, NetworkManager will bring those interfaces up. This causes some log spam:
<br />
<h3>
output of dmesg</h3>
<pre name="code"><code>[ 6438.361078] hme1: Auto-Negotiation unsuccessful, trying force link mode
[ 6438.369059] hme2: Auto-Negotiation unsuccessful, trying force link mode
[ 6438.373052] hme3: Auto-Negotiation unsuccessful, trying force link mode
[ 6447.974274] hme1: Link down, cable problem?
[ 6447.982269] hme2: Link down, cable problem?
[ 6447.986242] hme3: Link down, cable problem?
[ 6459.990561] hme1: Auto-Negotiation unsuccessful, trying force link mode
[ 6459.998551] hme2: Auto-Negotiation unsuccessful, trying force link mode
[ 6460.002549] hme3: Auto-Negotiation unsuccessful, trying force link mode
[ 6469.603795] hme1: Link down, cable problem?
[ 6469.611764] hme2: Link down, cable problem?
[ 6469.615756] hme3: Link down, cable problem?
</code></pre>
<br />
You can prevent NetworkManager from needlessly bringing up these interfaces by adding the macs to the unmanaged-devices parameter in [keyfile] section and checking that keyfile plugin is loaded in [main] section's plugins parameter.<br />
<h3>
/etc/NetworkManager/NetworkManager.conf</h3>
<pre name="code"><code>[main]
plugins=ifcfg-rh,keyfile
[keyfile]
unmanaged-devices=mac:00:03:ba:a8:58:e6;mac:00:03:ba:a8:58:e7;mac:00:03:ba:a8:58:e8
</code></pre>
<br />
It's not exactly plug and play, but playing with these cards is a good learning opportunity. It wouldn't hurt to have some kind of graphical configuration tools for doing some of this stuff. It requires some knowledge about udev and NetworkManager + a search engine to do this "manually".
Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com3Turku, Finland60.430121174001329 22.26928710937559.928151174001329 20.978393609375 60.932091174001329 23.560180609375tag:blogger.com,1999:blog-4624439462792336852.post-41170574204242253582013-04-07T14:49:00.001+03:002013-04-11T20:57:35.430+03:00Google Redirect Rewrite memory usage<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg56nZcgKaaYaKPFZURqsWw-afBVd_DvNe5AEiHlJH05XQA7vT64R_V4hlC0SdSU1ilgm3K4EuHnEynvtZdGv-PeNhLIbxK5AUHMCijhfWC4YZWItWJVQYz3q2YNrAnOXmdh1LkWAmJXCE/s1600/pgb-ram.png" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg56nZcgKaaYaKPFZURqsWw-afBVd_DvNe5AEiHlJH05XQA7vT64R_V4hlC0SdSU1ilgm3K4EuHnEynvtZdGv-PeNhLIbxK5AUHMCijhfWC4YZWItWJVQYz3q2YNrAnOXmdh1LkWAmJXCE/s1600/pgb-ram.png" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Image courtesy of <a href="http://openclipart.org/detail/100861/ram-chip-by-pgbrandolin">Open Clip Art Library</a></td></tr>
</tbody></table>
I previously found out that you can pretty easily <a href="http://semantics.sebastianmaki.fi/2013/04/faster-browsing-aka-google-redirect.html">rewrite url's</a> for Squid. Today I noticed Squid launches a bunch of child processes to do the url rewriting. I got curious about the memory usage. I had a feeling that the Perl version would not consume as much memory as PHP and it appears it is indeed so.<br />
<br />
I tested both PHP and Perl versions to see how much memory they would consume. First I checked the memory usage of the PHP version after browsing a bit. Then I changed squid.conf to use the Perl version and again checked the memory usage. Squid had just launched one googlerewriter child process, so I browsed some more and then checked again. I'm guessing Squid starts the processes when it actually needs them.(ps. Documentation <a href="http://wiki.squid-cache.org/Features/AddonHelpers#Why_is_my_helper_not_starting_up_with_Squid.3F">confirmes this</a>) Anyway some processes then appeared to have been launched.<br />
<br />
<h4>
Fields</h4>
<dl>
<dt>MAJFL</dt>
<dd>Major page fault: The number of major <a href="http://en.wikipedia.org/wiki/Page_fault">page faults</a> that have occurred with this process</dd>
<dt>TRS (kB)</dt>
<dd>Text resident set: The amount of physical memory devoted to executable code</dd>
<dt>DRS (kB)</dt>
<dd>Data resident set: The amount of physical memory devoted to other than executable code</dd>
<dt>RSS (kB)</dt>
<dd>Resident set size: The portion of a process's memory that is held in RAM. The rest of the memory exists in swap or the filesystem (never loaded or previously unloaded parts of the executable). </dd>
</dl>
<br />
Even for a tiny script php version caused some page faults and it's using way too much memory for the task it's doing.<br />
<br />
<h4>
PHP</h4>
<pre name="code"><code>$ ps faxv
PID TTY STAT TIME MAJFL TRS DRS RSS %MEM COMMAND
13098 ? Ss 0:00 0 5047 12668 2608 0.0 /usr/sbin/squid -a 3128 -f /etc/squid/squid.conf
13100 ? S 0:01 5 5047 35240 25052 0.4 \_ (squid-1) -a 3128 -f /etc/squid/squid.conf
13101 ? S 0:00 0 5 3942 992 0.0 \_ (logfile-daemon) /var/log/squid/access.log
13102 ? S 0:00 1 2 3793 740 0.0 \_ (unlinkd)
13109 ? S 0:00 50 3385 43962 7812 0.1 \_ /usr/bin/php /usr/local/bin/googlerewriter.php
13111 ? S 0:00 0 3385 43962 7816 0.1 \_ /usr/bin/php /usr/local/bin/googlerewriter.php
13115 ? S 0:00 0 3385 43962 7816 0.1 \_ /usr/bin/php /usr/local/bin/googlerewriter.php
13116 ? S 0:00 0 3385 43962 7812 0.1 \_ /usr/bin/php /usr/local/bin/googlerewriter.php
13117 ? S 0:00 0 3385 43962 7816 0.1 \_ /usr/bin/php /usr/local/bin/googlerewriter.php
</code></pre>
<br />
<pre name="code"><code>$ top
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
15552 squid 20 0 47348 7812 5428 S 0.0 0.1 0:00.05 googlerewriter.
15735 squid 20 0 47348 7816 5428 S 0.0 0.1 0:00.03 googlerewriter.
15736 squid 20 0 47348 7816 5428 S 0.0 0.1 0:00.03 googlerewriter.
15741 squid 20 0 47348 7816 5428 S 0.0 0.1 0:00.03 googlerewriter.
</code></pre>
The resident set size of the Perl version is 31% that of the PHP version, or in other words the PHP version is using 3 times as much memory per process. By using the Perl version you'd save at least 5.2MiB. Not that this matters much on my current proxy server, but for an embedded server it would matter.
<br />
<br />
<h4>
Perl</h4>
<pre name="code"><code>$ ps faxv
PID TTY STAT TIME MAJFL TRS DRS RSS %MEM COMMAND
13382 ? Ss 0:00 0 5047 12668 2608 0.0 /usr/sbin/squid -a 3128 -f /etc/squid/squid.conf
13384 ? S 0:01 0 5047 37988 25308 0.4 \_ (squid-1) -a 3128 -f /etc/squid/squid.conf
13387 ? S 0:00 0 5 3942 992 0.0 \_ (logfile-daemon) /var/log/squid/access.log
13388 ? S 0:00 0 2 3793 740 0.0 \_ (unlinkd)
13396 ? S 0:00 0 3 8700 2460 0.0 \_ /usr/bin/perl /usr/local/bin/googlerewriter.pl
13426 ? S 0:00 0 3 8700 2376 0.0 \_ /usr/bin/perl /usr/local/bin/googlerewriter.pl
13427 ? S 0:00 0 3 8700 2372 0.0 \_ /usr/bin/perl /usr/local/bin/googlerewriter.pl
13429 ? S 0:00 0 3 8700 2460 0.0 \_ /usr/bin/perl /usr/local/bin/googlerewriter.pl
13430 ? S 0:00 0 3 8700 2460 0.0 \_ /usr/bin/perl /usr/local/bin/googlerewriter.pl
13431 ? S 0:00 0 3 8700 2460 0.0 \_ /usr/bin/perl /usr/local/bin/googlerewriter.pl
</code></pre>
<br />
<pre name="code"><code>$ top
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
13396 squid 20 0 8704 2460 1724 S 0.0 0.0 0:00.19 googlerewriter.
13429 squid 20 0 8704 2460 1724 S 0.0 0.0 0:00.03 googlerewriter.
13430 squid 20 0 8704 2460 1724 S 0.0 0.0 0:00.02 googlerewriter.
13431 squid 20 0 8704 2460 1724 S 0.0 0.0 0:00.02 googlerewriter.
13426 squid 20 0 8704 2376 1716 S 0.0 0.0 0:00.04 googlerewriter.
13427 squid 20 0 8704 2372 1716 S 0.0 0.0 0:00.03 googlerewriter.
</code></pre>
<br />Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com0tag:blogger.com,1999:blog-4624439462792336852.post-79328216120357535542013-04-06T18:28:00.001+03:002013-04-11T20:51:12.830+03:00Faster browsing aka Google Redirect Rewrite<table cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody>
<tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr6GpBkUZDVTcm4ZsCBnS6q7ZZ9O3u3YT6KVZQo4DwI_SW7f_6G2mHHha0D7s4c8pLR3WJAg4WaPRmGLKscXGNZDJ2yrSolZKd6OlKh75sX01Q6DIJVPUEm2OExOawG6drmtYru32ojgg/s1600/proxy_server.png" imageanchor="1" style="clear: right; margin-bottom: 1em; margin-left: auto; margin-right: auto;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjr6GpBkUZDVTcm4ZsCBnS6q7ZZ9O3u3YT6KVZQo4DwI_SW7f_6G2mHHha0D7s4c8pLR3WJAg4WaPRmGLKscXGNZDJ2yrSolZKd6OlKh75sX01Q6DIJVPUEm2OExOawG6drmtYru32ojgg/s320/proxy_server.png" /></a></td></tr>
<tr><td class="tr-caption" style="text-align: center;">Image courtesy of <a href="http://openclipart.org/detail/163729/proxy-server-by-lyte">Open Clip Art Library</a></td></tr>
</tbody></table>
Once again I got annoyed by having to wait for Google to redirect me. I also think it's none of Google's business to know which sites I do visit especially if they can't be quick about it. So I decided to get rid of the delay.<br />
I checked if there's a plugin for that and it seems there is. You can install <a href="https://chrome.google.com/webstore/detail/remove-google-redirects/ccenmflbeofaceccfhhggbagkblihpoh">Remove Google Redirects</a> from Chrome Web Store. Being a paranoid weirdo like I am that still wasn't enough. I already had a Squid proxy that I had configured to make it so that you couldn't even know that some websites were blocked by my ISP(Sonera). It made sense to try and figure out if there was a trick that I could do with squid that allows me to get rid of the middle man(Google) in the redirect process.<br />
<br />
And behold for the creators of Squid have indeed been so wise as to add a way to <a href="http://wiki.squid-cache.org/Features/Redirectors">mangle the urls</a>. All I had to do was to write a script that takes the url, checks if it's a google redirect url and if so, parses the url to get the actual url where we want to go and return that. The example on Squid feature page was a good place to start and this is what I came up with:
<br />
<br />
<div style="clear: both;">
<h4>
Perl Version</h4>
<pre name="code"><code>
#!/usr/bin/perl
use URI;
use URI::QueryParam;
$|=1;
while (<>) {
chomp;
@X = split;
$url = $X[1];
#check if this is a google redirect url
if ($url =~ /\/\/.*\.google\.[^\/]+\/url/) {
my $uri = URI->new($url);
$url = $uri->query_param("url");
print $X[0]." 302:$url\n";
} else {
print $X[0]." \n";
}
}
</code></pre>
</div>
I had to install a couple of Perl modules while I was trying to refamiliarize myself with Perl so I wanted make a PHP version of the same helper. With PHP I wouldn't have to install any extra modules when some day I decide to use this on some other machine. I usually have PHP installed everywhere.<br />
<br />
<h4>
PHP Version</h4>
<pre name="code"><code>
#!/usr/bin/php
<?php
function convertUrlQuery($query) {
$queryParts = explode('&', $query);
$params = array();
foreach ($queryParts as $param) {
$item = explode('=', $param);
$params[$item[0]] = $item[1];
}
return $params;
}
while(1){
$line = trim(fgets(STDIN)); // reads one line from STDIN
$params = explode(" ", $line);
$pattern = '/\/\/.*\.google\.[^\/]+\/url/';
if (preg_match($pattern, $params[1], $matches, PREG_OFFSET_CAPTURE, 3)) {
$parts = parse_url($params[1]);
$query = convertUrlQuery($parts['query']);
$url = urldecode($query['url']);
echo $params[0]." 302:$url\n";
} else {
echo $params[0]." \n";
}
}
</code></pre>
<br />
In the end I like that with Perl I didn't have to write any functions for simple things like url parsing, but unless I package this as an installable package I could not just drop it in and expect it to work since I had to install the extra stuff as modules.(Yes I could have written my own implementation, but I'm not that much into reinventing the wheel. Also I was a bit impatient to get the script ready so I could see the results) With the PHP version I could just drop it in and as long as I had PHP installed it would work.
<br />
<br />
I strongly recommend adding a line in squid.conf It really makes a difference.
<br />
<pre name="code"><code>
url_rewrite_program /path/to/googleredirectrewriter
</code></pre>
Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com0tag:blogger.com,1999:blog-4624439462792336852.post-87984749689672678712013-04-02T22:20:00.002+03:002013-04-11T20:57:51.689+03:00Setting up Prestashop file permissions on FedoraSometimes I need to write important things somewhere I can find them. That's the case again with setting up Prestashop file permissions on a SElinux enabled system such as Fedora.<br />
<br />
<pre name="code"><code>
cd prestashop
chown -R apache:sebastian
# allow user and group search directories and set the new files inherit the group of parent folder
find . -type d -exec chmod ug+xs {} \;
# don't allow others to do anything and allow my group to read and write all, don't allow apache to write anything
chmod -R u-w,o-rwxs,g+rw .
# set permissions of newly created files so that others cannot do anything them
umask o-rwx
# set selinux context so that apache can access everything
chcon -t httpd_sys_content_t -R .
# set selinux context and permissions so that apache can write into places it needs to be able to write
chcon -t httpd_sys_rw_content_t -R config cache log img mails modules translations upload download sitemap.xml
chmod -R u+rw config cache log img mails modules translations upload download sitemap.xml
</code>
</pre>Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com2tag:blogger.com,1999:blog-4624439462792336852.post-76776340814289088272013-03-27T20:02:00.000+02:002013-03-27T20:02:13.764+02:00This page was not left blank after allLike a break after a paragraph, a blank page is something you would expect after a chapter, after the table of contents and before appendices. Blank pages make it easier to read the content for which it acts as a separator.<br />
<br />
For some reason a practice of adding disclaimers to the blank pages has been gaining popularity. Some are even <a href="http://www.this-page-intentionally-left-blank.org/">promoting</a> it. What is the reason for this? Are people getting too stupid to figure out on their own that a blank page is there just to separate content? It is possible that I'm just suffering from <a href="http://www.damninteresting.com/the-baader-meinhof-phenomenon/">Baader-Meinhof</a> <a href="http://en.wikipedia.org/wiki/List_of_cognitive_biases#Frequency_illusion">Phenomenon</a> again, but I'm sure that books used to contain a lot of blank pages without needing disclaimers on them.<br />
<br />I like to immerse myself when I'm reading and just consume the words as quickly as I am able to. Sometimes I find myself reading a line that has no relevance to the work I'm reading. There are a few variations, but it usually reads something like:<br />
<br />
<br />
<div style="text-align: center;">
This page intentionally left blank</div>
<div style="text-align: center;">
<br /></div>
<div style="text-align: center;">
<br /></div>
<div style="text-align: left;">
It's a lie. Actually it's not even a sentence(lack of a verb). The page ceases to be blank after it is written on. I'ts distracting. I's like a speaker keeping on talking without interruption instead of taking a pause to emphasize some point or to give some time for thinking. It's kind of like replacing every possible pause with verbal fillers. It's unnecessary and confusing. </div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
Okay, there might be situations where the author has not made it clear that the previous segment has ended, but then it's the matter of the author not doing a good enough job or you're reading something like poetry. A disclaimer at this point won't help you very much in any case. Sometimes it's distracting enough for someone to stop reading and instead write a blog article about it. So do everyone a favor and don't put empty page disclaimers, maybe then someone else is spared from an article like this.</div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
What's wrong with a simple page number?</div>
Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com0tag:blogger.com,1999:blog-4624439462792336852.post-32308566406050749872012-06-13T03:33:00.003+03:002012-06-13T03:33:59.832+03:00An open letter - Re: Welcome to the Aalto Talk with Linus Torvalds!Hi.<br />
<br />
Since this is a topic I have thought about writing on my blog and
discuss with people, this shall be an open letter with a copy on my
blog, Semantics(<a href="http://semantiikkaa.blogspot.fi/">http://semantiikkaa.blogspot.fi/</a>).<br />
<br />
I feel that traditional valedictions(<a href="http://en.wikipedia.org/wiki/Valediction">http://en.wikipedia.org/wiki/Valediction</a>)
are boring, don't accurately represent my attitude and don't deliver
what I want to say. To be honest, they are quite archaic and mostly
submissive to the point that it's ridiculous and when taken literally
even false. Even an insincere person can type the word "sincerely".
Honesty is important to me as is accurate self expression, thus "May the
Force be with you" is a farewell that is most suited for me, not only
because I'm a huge science fiction fan. I will never be anyone's humble
servant, but I do wish a methaphorical Force be present in everyone's
life. That something which drives us (to do better). <br />
<br />
<a href="http://en.wikipedia.org/wiki/May_the_Force_be_with_you">http://en.wikipedia.org/wiki/May_the_Force_be_with_you</a><br />
<br />
<br />
ps. Sometimes I end my letters with:<br />
<br />
Live long and prosper,<br />
Sebastian Mäki<br />
<br />
12.06.2012 21:53, Zaira Mammadova kirjoitti:
<br />
<blockquote cite="mid:CAEOcv+zcwfGzW=q0rchjRFE-XSdMboMbrx0GjvKiXoakmxoMmg@mail.gmail.com" type="cite">
Hi Sebastian,
<div>
<br /></div>
<div>
Thank you! </div>
<div>
<br /></div>
<div>
Out of curiosity, what does "may the Force be with you"? :)</div>
<div>
<br /></div>
<div>
-Zaira</div>
</blockquote>Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com0tag:blogger.com,1999:blog-4624439462792336852.post-40910526914411014092012-06-06T13:13:00.001+03:002012-06-06T13:13:14.100+03:00Osuuspankki hack<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfD68nCkw5MJyqWBg545E78nnCpxynjQ4XkAIY6YR2nc-9Ue3Gbd8j1iYAtHx8s6NUkkSyag41JaWUvrXszmNQEEzYjxFUZbE2vVTEmv1ATIU1mfBV5mJroP2V3zzjBiuO42ABB2XOMyQ/s1600/op-fail.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhfD68nCkw5MJyqWBg545E78nnCpxynjQ4XkAIY6YR2nc-9Ue3Gbd8j1iYAtHx8s6NUkkSyag41JaWUvrXszmNQEEzYjxFUZbE2vVTEmv1ATIU1mfBV5mJroP2V3zzjBiuO42ABB2XOMyQ/s200/op-fail.png" width="200" /></a></div>
Last night I tried accessing the website of my bank in order to check my balance. I was in for a surprise. The front page https://www.op.fi was redirected by javascript to https://www.op.fi/op and then back again in an endless loop. As I have some experience in these matters, it seemed to me like a prank some malicious hacker might have done, on their way out of the system. I was starting to seriously suspect my bank's online systems had been compromised.<br />
<br />
I started searching for any news regarding this in the morning with no success. I was amazed by the lack of any news or people complaining online. Only after I saw <a href="https://www.op.fi/op?cid=151646433&srcpl=4">this</a> article, I thought I might have possibly found the reason for last night's suspicious script-behaviour:<br />
<br />
<br />
<br />
<blockquote cite="https://www.op.fi/op?cid=151646433&srcpl=4" class="tr_bq">
<span class="bqstart">“</span>
31.5.2012<br />
OP-verkkopalvelun käyttöä tuetaan tietyillä selainohjelmilla ja niiden versioilla. Tuettuihin selaimiin tulee muutoksia 6.6.2012.<br />
6.6. 2012 alkaen OP-verkkopalveluiden käyttöä tuetaan seuraavilla selaimilla:<br />
Internet Explorer 7, 8 ja 9<br />
Firefox 11 ja 12<br />
Opera 11<br />
Safari 5<br />
Google Chrome<br />
Suosittelemme tietoturvan ja sivujen yleisen toimivuuden vuoksi uusimpien selainversioiden käyttöä. Selainohjelmiston päivittäminen on tärkeää OP-verkkopalveluiden turvallisen käytön kannalta.<br />
<ul class="linkkilista" style="font-family: Arial, Helvetica, sans-serif; font-size: 13px; list-style-type: none; margin: 12px 0px; padding: 0px; text-align: left;">
<li style="background-image: none; background-position: initial initial; background-repeat: initial initial; line-height: 15px; margin: 0px; padding: 0px 0px 5px;">OP-verkkopalvelun käytön tekniset edellytykset (PDF 28 kB) (PDF 13 kB)</li>
</ul>
<ul class="linkkilista" style="font-family: Arial, Helvetica, sans-serif; font-size: 13px; list-style-type: none; margin: 12px 0px; padding: 0px; text-align: left;">
<li style="background-image: none; background-position: initial initial; background-repeat: initial initial; line-height: 15px; margin: 0px; padding: 0px 0px 5px;">Lue lisää selaimista ja niiden päivittämisestä</li>
</ul>
<span class="bqend">”</span>
</blockquote>
Basically what they are saying is that from this date froward the bank's online service will be supported by these browsers. Even here was no mention of the blunder and/or compromised system that took place last night.<br />
<br />
What to learn: Land users on a page that informs what's happening. Don't leave your system in a state that screams blackhats are doing pranks here. It's even more embarrassing if the very people who are responsible for the system leave it in a state that an attacker would. At least some hacks happened last night and I'm sure it's not good even if in this case hack meant an untalented professional.<br />
<br />
What to learn, for the users: Expect that your bank has hired your neighbour's son to do your banking systems.Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com0tag:blogger.com,1999:blog-4624439462792336852.post-5158931606081584782012-03-06T22:28:00.000+02:002012-03-06T22:28:59.993+02:00The future, cancelled?<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhJzNJq7U0a3M0L0Nkg-WoSqDJg9V_KULz51d8_nilJcIrWQi7vZXf87WwTpU11O0ACcqTvot-T-m78pyDKgAsLzTNGIt8mxdvaUKguJYK5AQo_AFz1ZoUgUuCV2bt8rseRzdlrKWuI9s/s1600/fed001.jpg" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" height="261" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjhJzNJq7U0a3M0L0Nkg-WoSqDJg9V_KULz51d8_nilJcIrWQi7vZXf87WwTpU11O0ACcqTvot-T-m78pyDKgAsLzTNGIt8mxdvaUKguJYK5AQo_AFz1ZoUgUuCV2bt8rseRzdlrKWuI9s/s320/fed001.jpg" width="320" /></a></div>
So the thing is, I really want the human kind to get to the point where it can inhabit other planets. This place is getting crowded and it seems that it's either space or world war 3, 4, 5 etc from here on. In case someone didn't know, today we are blasting humans off the map with the excuse being that that other guy was <strong>possibly</strong> a terrorist. Collateral damage? So what? Less people to share these limited resources with. Good riddance. Governments lie and murder. Instead of healthcare we now just treat illnesses. Wars are waged because it's good business in the short term for the conqueror. Policies are made mostly to serve the financial system rather than people. It's not going to be long now when hospitals all over the world will treat only the rich. Rejuvenating technologies that can to prolong the lifespan of a human will be banned when they are effective enough and known by the public. Execution in the style of Logan's Run will be a norm. All who lived too long would be a threat to humankind. <br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="http://upload.wikimedia.org/wikipedia/commons/thumb/f/f4/15th_century_galleon.JPG/413px-15th_century_galleon.JPG" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="320" src="http://upload.wikimedia.org/wikipedia/commons/thumb/f/f4/15th_century_galleon.JPG/413px-15th_century_galleon.JPG" width="275" /></a></div>
I might not be an optimist, but I am a dreamer. Technology has often presented solutions to difficult situations, people in difficult situations have been extra motivated to come up with solutions. It would be wonderful if we all learned how to behave before heading to the stars, but in case we don't, maybe we can learn when we head to the stars. Making sure that prolonging the lifespan would not be criminalized would allow us to grow wiser and more patient btw. I saw a news article about <a href="http://www.zeitnews.org/chemistry-physics-and-material-sciences-research/protein-behavior-might-hold-the-key-to-synthetic-silk.html">spider silk</a> that I think could make bigger and more durable <a href="http://en.wikipedia.org/wiki/Solar_sail">solar sails</a> possible. I wonder if it's sails or some other method of propulsion that will first take us exploring the final frontier.Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com2tag:blogger.com,1999:blog-4624439462792336852.post-79913879810094100102012-02-27T22:13:00.000+02:002012-06-22T01:20:33.506+03:00Default browser in XFCE4In Fedora 16 some applications fail to launch the default browser set in Default Applications. I use Google Chrome as my default browser and having Firefox pop-up unexpectedly has been an annoying shortcoming. Today I had finally time to actually get to the bottom of this. Seems like <br />
<pre>/usr/local/share/applications/defaults.list</pre>
is the culprit. After editing the file by switching the order of appeareances so that chrome is listed first I can finally have my preferred browser present me with teh Internets
<br />
<pre name="code">[Default Applications]
x-scheme-handler/http=google-chrome.desktop;mozilla-firefox.desktop
x-scheme-handler/https=google-chrome.desktop;mozilla-firefox.desktop
x-scheme-handler/ftp=google-chrome.desktop
text/html=google-chrome.desktop;mozilla-firefox.desktop
text/xml=google-chrome.desktop
application/xhtml_xml=google-chrome.desktop
</pre>
edit. This problem is present in Fedora 17 as wellSebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com1tag:blogger.com,1999:blog-4624439462792336852.post-80988492393328645272012-01-19T09:47:00.003+02:002012-01-19T09:50:32.753+02:00Taistelu internetistä<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjng203k8KUKvrfEBIwTd9J-VKITb08A-NLUv7douAS4VMOeRt_lxtDv_3iEgBCV1gki0O3HxTqbM5AlQsTcbFd6VgUQ3cYp_Tc4586ysxUQmmPKAX_8FlB-gDb54CyUWlg7PlpFA1R1c4/s1600/01-censorship.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="239" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjng203k8KUKvrfEBIwTd9J-VKITb08A-NLUv7douAS4VMOeRt_lxtDv_3iEgBCV1gki0O3HxTqbM5AlQsTcbFd6VgUQ3cYp_Tc4586ysxUQmmPKAX_8FlB-gDb54CyUWlg7PlpFA1R1c4/s320/01-censorship.jpg" width="320" /></a></div>
Avoin ja sensuroimaton internet on terveen yhteiskunnan perusedellytys. Sen puuttuminen on paluuta aikaan, jolloin sopimattomia kirjoja poltettiin. Sensuurin ja valvonnan tie ei koskaan ole päättynyt siihen ensimäiseen askeleeseen. Sitä seuraa kansan totuttaminen ajatukseen, ettei vapautta ole, eikä kuulu olla. Sitten otetaan taas uusi askel jossa lisää vapauksia poistetaan ja rangaistuksia yhä kovennetaan. Ihmiset pyrkivät jatkuvasti sopeutumaan ja omaksuman yhteiskunnan sääntöjä. Tilanne muuttuu kuitenkin tarpeeksi sietämättömäksi osalle kansasta. Syntyy vastustusta. Uskon, että olemme tässä käännepisteessä.<br />
<br />
Nyt on käynnissä kamppailu siitä, mikä saadaan vallitsevaksi yleiseksi mielipiteeksi ja sen myötä ohjeeksi sille, millä tavalla tiettyihin oikeuksiin tulee suhtautua. Tämä kamppailu ratkaisee sen, mitä tuleville sukupolville opetamme oikeasta ja väärästä. Toivon, ettemme joudu opettamaan huonon esimerkin kautta. Toivon, että meissä on tarpeeksi sisua sanoa ei sensuurille. Mikäli meillä on tapeeksi tahtoa, päätämme itse millainen tulevaisuutemme on. Tuntisin oloni turvattomaksi maassa, jossa tietoliikennettä kuunneltaisiin ja sensuroitaisiin. Sensuuri ja valvonta etäännyttää ihmiset toisistaan, itseä ei enää ilmaista avoimesti. Hajoita ja hallitse.<br />
<br />
Jos avoin internet olisi ollut jokaisen ihmisen perusoikeus ja edellytykset siihen olisivat olleet olemassa, holokaustilta olisi vältytty.<br />
<br />
Avoin ja sensuroimaton internet on kirjattava perustuslailliseksi oikeudeksi. On osoitettava, että sanan- ja tiedonvapauden kustannuksella ei saa milloinkaan tehdä kompromisseja.<br />
<br />
<i>Tätä kirjoitusta kirjoittaessa käytettiin yksi natsikortti. <a href="http://www.varusteleka.fi/product/jotain-ihan-muuta/natsikortti/_3810S3EMC">Natsikortit kätevästi varustelekasta.</a></i>Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com1tag:blogger.com,1999:blog-4624439462792336852.post-76491310990374281972011-12-31T06:55:00.001+02:002012-01-01T19:26:42.196+02:00Keskusrikospoliisi, me tultiin tekemään kotietsintä<div class="separator" style="clear: both; text-align: center;">
<a href="http://1.bp.blogspot.com/-dNYQ-bIQkT0/Tv6WmVRhJwI/AAAAAAAAAys/4CGsg1qE1Jw/s1600/115341-hackers-that-caused-millions-of-dollars-worth-of-damage-arrested-2.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="206" src="http://1.bp.blogspot.com/-dNYQ-bIQkT0/Tv6WmVRhJwI/AAAAAAAAAys/4CGsg1qE1Jw/s320/115341-hackers-that-caused-millions-of-dollars-worth-of-damage-arrested-2.jpg" width="320" /></a></div>
<b>Kotona</b><br />
Epätodellinen tunne on se tunne, jonka kokee aamulla herättyään ovikellonsa soittoon, kun tapaa neljä mustiin nahkatakkeihin sonnustautunutta <a href="http://www.poliisi.fi/krp">keskusrikospoliisin</a> työntekijää ovellansa. Unisempikin henkilö jo tässä vaiheessa alkaa toden teolla heräilemään, tai ainakin tietoisesti näin pyrkii tekemään. Moni asia ei motivoi skarppaamaan heti aamulla yhtä tehokkaasti. Jo hyvin aluillaan olevaa <a href="http://fi.wikipedia.org/wiki/Kognitiivinen_dissonanssi">kognitiivista dissonanssia</a> ei tietenkään vähennä se seikka, että ei ole aavistustakaan siitä, miksi nuo yhteiskuntamme palvelijat ovat juuri omalle ovelle tulleet. Vielä vähemmän asiat loksahtavat päässä paikalleen, kun ryhmän puhemiehenä toimiva henkilö ilmoittaa joukon tarkoituksena olla kotietsinnän suorittaminen.<br />
<div>
<br /></div>
<div>
Oman havaintokyvyn rajalliseksi tietävä ihminen epäilee, ettei havaitse todellisuutta ihan oikein. Puutteellisen tiedon varassa aloin käymään läpi joukkoa mahdollisia tapahtumasarjoja tarkoituksenaan tulla selvyyteen siitä, mitä oikein on tapahtumassa. Epäilin jopa psykoottisen kohtauksen mahdollisuutta vaikkei minulla koskaan sellaista olekkaan ollut. Psykoosissa oleva ihminen voisi päästää kyläilemään tulleet kaverinsa ovesta sisään, mutta luulisi näiden olevan kotietsintää suorittamaan tulleita poliiseja. Tässä kohtaa tilanteen vakavuutta tietämättä en osannut tulla johtopäätökseen, kumpi olisi huonompi vaihtoehto: mielenterveyden katoaminen vaiko pitkään vankeusrangaistukseen ja kaikkeen muuhun sellaiseen tilanteeseen liittyvään jukiseen häpeään johtavan kertomuksen alkukohtaus. Pelkoa ei helpota tieto siitä, ettei ole tehnyt mitään poliisitutkintaa edellyttävää.</div>
<div>
<br /></div>
<div>
Salaliittoteoriat alkavat nopeasti tuntua paljon todellisemmilta siinä vaiheessa, kun virkavalta tulee asuntoosi sisälle kutsumatta. <a href="http://torikokous.blogspot.com/">Turun Torikokous</a> oli ollut käynnissä jo melkein kuukauden tuona päivänä ja monenlaista vastoinkäymistä oli koettu puolustaessa perustuslaillista oikeutta jukiseen kokoontumiseen. Epäilys Torikokouksen vastustajien käyttämistä likaisista keinoista ei ollut kaukana. Kun kysyin etsinnän liittymisestä jotenkin Torikokoukseen, vastasivat etsijät etteivät tienneet mikä se on.</div>
<div>
<br /></div>
<div>
Aika äkkiä myös alkaa kaivata lainopillista tietoa luotettavasta lähteestä. Varhain kysyivät tietokoneen salasanoja kertoen rivien välistä olevan epäilyttävää, ellei jopa rikollista, kieltäytyä. <i>"Vaikeutat vaan omaa tilannettas."</i> En antanut, kun en tiennyt onko lain mukaan velvollisuus antaa. Kertoivat asiallisesti, että voin seurata etsinnän suorittamista tai sitten lähteä asemalle. Päätin jäädä seuraamaan etsintää. Asunnosta vietiin kaikki tietokoneet ja massamediaksi kelpaava laite, mukaan lukien puhelin. Poliisi ilmoitti ottavansa minut kiinni ja, että asiaan en voi vaikuttaa. Matka jatkuisi asemalle.<br />
<br />
<b>Turun poliisilaitos</b></div>
<div>
Vasta poliisiasemalla selvisi, <a href="http://www.hs.fi/kotimaa/Suomen+suurin+henkil%C3%B6tietovuoto+paljastui/a1305548766402">mistä rikoksesta minua epäilivät</a>. Pahaksi onnekseni en kuitenkaan muistanut, missä olin ollut rikoksen tapahtumahetkellä 5.11.2011. Olin ollut kuumeessa jo yli viikon, eikä muisti tuntunut pelaavan. Kuitenkin rikoksen tunnusmerkit viittaavat tekijässä sellaisiin piirteisiin, että minua on vaikea saada kuvaan sovitettua. Sensaationhakuisuus ei ole minuun kuuluva piirre. Olen myös mielestäni kunnianhimoisempi siinä mielessä, etten kokisi tuollaisten tietojen käsiinsä saamista edes saavutukseksi. Paheksun tekoa sen vuoksi, että ihmisten yksityistietoja paljastettiin ilman mitään riittävää syytä. Riittävä syy ei ole tietojärjestelmissä olevien haavoittuvuuksien paljastaminen. Esimerkiksi Bradley Manning saa sympatiani siksi, että hänen tekonsa on ollut omiaan paljastamaan rikoksia, jotka muuten eivät olisi paljastuneet. Grillasivat minua monta tuntia, lähes itkun partaalle. Positiivista oli tosin se, että kiinni otettuna olin kuulemma valtion hoivassa ja valtion tulee pitää silloin minut ruokittuna ja juotettuna. Sain asemalla kupin kahvia.<br />
<br />
<b>Takaisin kotiin</b></div>
<div>
Kuulustelun jälkeen sain kyydin takaisin kotiin. Minulle annettiin ilmaisukielto. Sen lisäksi, että minua ahdisti koko tapahtuma, en nyt saanut edes keskustella siitä kenenkään kanssa, jotten paljastaisi tutkinnan kannalta tärkeää tietoa. Kävin Torikokouksen teltalla. Oli mieli maassa, mutta näyttelin niinkuin mitään ei olisi tapahtunut. Taisin kannustaa jotakuta pysymään rohkeana osoittaen samaa viestiä kai hiukan itsellenikin. Sairastin kotona vielä päivän verran kuumettani. Sitten alkoi pelottaa se, että olin yksin ja siten ilman minkäänlaista alibia, mikäli taas tapahtuu jotain, mistä minua epäiltäisiin. Pelkäsin myös, että minut päästettiin pois asemalta vain siksi, että tarkkailisivat miten käyttäytyisin. Ahdisti. Pelotti. Sain jonkin verran selvitettyä myös sosiaalisista medioista, taskuun jääneistä kuiteista ja sähköpostista missä noin suunnilleen olin viettänyt aikaani rikoksen tapahtumahetkellä. Vietin kaverini luona pari päivää. Seura teki hyvää ja tuntui mukavalta tietää, että on koko ajan tarvittaessa alibi. Mielessä kävi tosin, että ajastettuna voi mitä vaan tehdä tietokoneella, joten alibikaan ei välttämättä toimi samalla lailla kuin ns. perinteisissä rikoksissa.Yritin keskittyä arkeen. </div>
<div>
<br /></div>
<div>
17. päivä minua haastateltiin työpaikkaan, johon minut myös palkattiin. Minun olisi pitänyt vakuuttaa kirjallisesti, ettei minua epäillä mistään rikoksesta. Ilmaisukielto esti asiasta keskustelemisen. Soitin rikospoliisille kertoakseni probleemastani. Seuraavana päivänä sainkin puhelun, jossa he kertoivat, etteivät enää epäile minua rikoksesta. Olo helpottui huomattavasti vaikka vielä joutuikin vaikenemaan asioista ystäville.<br />
<br />
<b>Summa Summarum</b><br />
Nyt ilmaisukieltoni on päättynyt. Ilmaisen siis itseäni. Minua epäiltiin rikoksesta sen takia, että minun tarjoamieni palveluiden kautta levitettiin <a href="http://ylilauta.fi/">http://ylilauta.fi/</a> sivustolle linkkiä 16000 suomalaisen henkilötiedot sisältäneeseen tiedostoon. Sivuston lokissa näkyi siis minun internetyhteyteni julkinen IP-osoite lähettäjänä. Palveluita, jotka mahdollistavat tämän on kaksi: Avoin langaton verkko ja <a href="https://www.torproject.org/">TOR</a>-palvelin. Tekijä on siis joko ohjannut verkkoliikenteensä TOR-verkkoon, josta se on tullut ulkomaailmaan minun päätepisteeni kautta tai ollut jossakin langattoman verkkoni kantaman sisällä. Olen pättänyt jatkaa näiden palvelujen tarjoamista keskeytyksettä.<br />
<br />
Tyhminkin ihminen tänä päivänä ymmärtää, että internetissä ei noin vain kirjoitella ilman, että joku kirjoittajan saisi selville. Siksi on olemassa anonymisointiteknikkaa, jonka avulla voi esim tehdä kirjoituksia internetissä ilman, että lähettäjää saadaan selville. Joissain maissa <a href="http://www.bostonherald.com/news/international/asia_pacific/view/20111223china_sentences_rights_activist_to_9_years_in_jail/">vainotaan esimerkiksi toisinajattelijoita</a> ja liikenteen anonymisointi voi olla ainoa tapa välttyä vankeudelta, kidutukselta tai jopa kuolemalta. Joissain maissa <a href="http://en.rsf.org/jordan-new-law-allows-government-to-12-08-2010,38135.html">ei esimerkiksi ole ilmaisun vapautta</a>. Langattomat verkot ovat <a href="http://www.aircrack-ng.org/">murrettavissa</a> auki olivat ne WEP tai WPA salattuja. WEPin saa auki muutamassa <a href="http://www.youtube.com/watch?v=2kFpAwDzBAQ&feature=related">minuutissa</a> ja esimerkiksi WPS ominaisuudella varustetun WPAn 4-10 tunnissa. Myös yleisillä nimillä asetettujen WPA tukiasemien salasanat voidaan rainbow-table tekniikan kanssa selvittää. Voidaan olettaa, että henkilö, joka onnistuu henkilötietolistan saamaan käsiinsä, osaa myös salata oman identiteettinsä tarvittaessa. Tiedostot voi lähettää vaikka kahvilan avoimesta verkosta. Muiden ihmisten langattomien verkkojen käyttämisellä oman identiteettinsä salaaminen on tänä päivänä niin helppoa, että sen voi kuka tahansa toteuttaa.</div>
<div>
<br /></div>
<div>
Mielestäni kotietsinnälle ei ollut järkevää perustetta. Olisin kyllä ymmärtänyt ja auttanut tarpeen mukaan, mikäli poliisi olisi ottanut yhteyttä minuun asiasta muutoin, kuin epäiltynä. Kyllä rikollisen pitää olla todella tyhmä, jos omasta verkostaan jotain lähettää ja sillä tavalla saa osakseen poliisin huomion. Niin tyhmä, että on jo lähes mahdotonta sellaisen tyypin saada mitään yksityisiä tiedostoja haltuunsa. Jo käymällä läpi tietoja minusta sosiaalisessa mediassa pitäisi toivon mukaan tulla ilmi, että jotain aivoissani tapahtuu. Tämän tapahtumasarjan kokeneena voin kuitenkin sanoa, että on kyllä mukava palata normaaliin päivärytmiin ei niin jännittävään elämääni.</div>Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com1tag:blogger.com,1999:blog-4624439462792336852.post-14401231404302368472011-10-20T20:51:00.000+03:002011-10-20T20:52:49.312+03:00What would MacGyver do?<div class="separator" style="clear: both; display: block; text-align: center; width: 320px;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSSdVLRuZtLwCB0wDBJ1mDXh_iEyEtJPhrOMoS4ggZLykNwZA815V57wgEaIDEVtuNg0ku6QjsA2YY6wBOnUhne6I8aK10iBgJsog71_WHBPlzDzgmxBzo0C8R48FyOkuvbnG8NB_rMJ0/s1600/DSC00024.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="180" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSSdVLRuZtLwCB0wDBJ1mDXh_iEyEtJPhrOMoS4ggZLykNwZA815V57wgEaIDEVtuNg0ku6QjsA2YY6wBOnUhne6I8aK10iBgJsog71_WHBPlzDzgmxBzo0C8R48FyOkuvbnG8NB_rMJ0/s320/DSC00024.JPG" width="320" /></a></div>
<div style="margin-left: 1em; margin-right: 1em;">
<span class="Apple-style-span" style="color: #666666;">We won't budge</span></div>
<br />
We finns are determined folk it would seem. Yesterday the police was dispatched to see that the tent would be taken down. The protesters then took shelter in a mobile performing stage that has been on the market square for years and has a roof on top. The city of Turku then sent someone to remove the stage from the square leaving the protesters with nothing against the weather but their wits, some equipment and determination.
<br />
<br />
The situation called for some MacGyverism. An improvised shelter was put up using some tarps and benches in the pouring rain and a pretty nifty one I can witness. It was completely dry despite of the rain and no stove was needed when everyone was packed tightly together in the shelter. As a matter a fact someone thought it was a bit too warm. I was about 4 deg C outside(39F) It brought back childhood memories of making such huts indoors at home with friends and declaring them as our forts.<br />
<br />
You could find the fort by following the sound of laughter and passionate speeches about the world, environment, economy and other topics.
<br />
<br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNKbYZTIYOUNqS2TrgTUNbj46l46k9I_-008Lcr4HnHhf5-lIAvHh-dlpzNu8O-lXmDwzf127psPam4gKr14oRUA5JA12e77ygO25Xap-C79OSsCs33C90N-D_lF5VYb2vsnLoqWrGoGU/s1600/DSC00011.JPG" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="225" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjNKbYZTIYOUNqS2TrgTUNbj46l46k9I_-008Lcr4HnHhf5-lIAvHh-dlpzNu8O-lXmDwzf127psPam4gKr14oRUA5JA12e77ygO25Xap-C79OSsCs33C90N-D_lF5VYb2vsnLoqWrGoGU/s400/DSC00011.JPG" width="400" /></a>Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com0tag:blogger.com,1999:blog-4624439462792336852.post-59754722350632067552011-10-18T16:41:00.000+03:002011-10-18T16:47:47.253+03:00We are living interesting times!<div style="display: block; float: right; margin-left: 1em; margin-right: 1em; text-align: center; width: auto;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj67qEEicloYKoQZQ_N7IwnAfSUfplQ3DdF379KEx5Gs7o-rrtenFU-JnjgqIMAO6P1WAcNjRMlBAFBUcxUL1K-KZuEX3iH7vUE6t2IL_SM8R5tzbX34e30bAJmyrcr740YG7HAyfDB6OI/s1600/kuva-19.jpg" imageanchor="1"><img border="0" height="213" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj67qEEicloYKoQZQ_N7IwnAfSUfplQ3DdF379KEx5Gs7o-rrtenFU-JnjgqIMAO6P1WAcNjRMlBAFBUcxUL1K-KZuEX3iH7vUE6t2IL_SM8R5tzbX34e30bAJmyrcr740YG7HAyfDB6OI/s320/kuva-19.jpg" width="320" /></a><br />
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjP5gn0xORk48R1QSNJEOYUwACrkLIa4klGeyFZ7MmABeROzn0yu6oOREAnKPV31A4nQ8k_eq-6MERc_z460jPhKaQrtBegxEcXKKG7agkBk4MjK8OQDgIB1dPbOCU2N_euHu0iJ0m2ss/s1600/kuva-4.jpg" imageanchor="1"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjP5gn0xORk48R1QSNJEOYUwACrkLIa4klGeyFZ7MmABeROzn0yu6oOREAnKPV31A4nQ8k_eq-6MERc_z460jPhKaQrtBegxEcXKKG7agkBk4MjK8OQDgIB1dPbOCU2N_euHu0iJ0m2ss/s320/kuva-4.jpg" width="213" /></a></div>
<br />
The following note was "flewn in by the wind" today<br />
<br />
<i><span class="Apple-style-span" style="color: white;">Due to civil activism (tents at Wiklund corner) we ask all merchants at the market square to take care when visiting the restroom that the activists don't accidentally get the access code for the door. Also care should be taken in order not to allow strangers slip in when entering or leaving the facilities. Other kind of assistance(giving water, electricity etc) is discouraged. Notice this when going to the "washroom".</span></i><br />
<i><span class="Apple-style-span" style="color: white;"><br /></span></i><br />
<i><span class="Apple-style-span" style="color: white;">Warm water will be available as soon as we get the boiler fixed. It's known to the people who decide these things but we don't yet know about the timetable.<br /><br />We are living interesting times!</span></i><br />
<i><br /></i><br />
In the note was included a four digit code written by hand.<br />
<br />
Thank you very much merchants at the market square!Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com0Kauppiaskatu 6, 20100 Turku, Finland60.451556894500776 22.26823568344116260.450577894500775 22.26576818344116 60.452535894500777 22.270703183441164tag:blogger.com,1999:blog-4624439462792336852.post-84883919250385918662011-10-15T00:10:00.002+03:002011-10-15T00:11:00.805+03:00Lessons of life and work<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfeWF2FMcZaxoCAFJs1QW3PJeRxg6kZj-FNHCBZ4NNnPC6SG6cX0QZHrjIDBVqGp4BCpcro5Mp67OEeNX2sl2ypEjsOjE2fN4Zftwgenesx4N_JJ_ssJFTqaM7VetuLwSrWjTUnsQAO00/s1600/HARD-WORK.jpg" imageanchor="1" style="float: right; margin-left: 1em; margin-right: 1em;"><img border="0" height="247" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfeWF2FMcZaxoCAFJs1QW3PJeRxg6kZj-FNHCBZ4NNnPC6SG6cX0QZHrjIDBVqGp4BCpcro5Mp67OEeNX2sl2ypEjsOjE2fN4Zftwgenesx4N_JJ_ssJFTqaM7VetuLwSrWjTUnsQAO00/s320/HARD-WORK.jpg" width="320" /></a>
In 1980 Heikki "Hessu" Salmela opened the first Hesburger fast food restaurant in Turku Finland. The chain grew fast and in 1988 he sold it for almost 200 million finnish markkas.(At that point the reason for selling was exhaustion and stress.) Only a few years later during the recession, he bought it back for 25 million. The chain has grown ever since and expanded to other countries as well. The things that have made this possible are: hard work and self sufficiency. Almost everything in the production process apart from farming is done in-house. That and little luck is a recipe for success. Marketing helps, but only if you've done everything else right.<br />
<br />
I have always been interested about how one makes a business really successful. The stories that tell the history of great successes often are stories about personal sacrifice and hard labour. Very few people have the qualities this requires. I believe one has to learn how to fail many times before the lessons that enable one to be truly successful are learned.<br />
<br />
The first lesson is: don't take shortcuts. The quality of your work is that much less when the product you offer is not exceptional. Only by offering truly worthwhile stuff you and your customers can believe in the work you do. With bad products/services no one has any incentive to turn to you.<br />
<br />
The second lesson is: know when to take shortcuts if absolutely necessary. Sometimes the situation just needs for quick action. There's not very much time to think things trough in situations like these and unless you are a very seasoned expert you are going to make bad decisions.<br />
<br />
Third lesson is: how to avoid situations when you have to take shortcuts. When you've been doing something long enough you start to develop an eye for situations that tend to escalate towards an unwanted result. Experience and hard work are the only ways to get this foreknowledge.<br />
<br />
Anyone that has some experience in business or other serious undertakings that take time and effort should have learned these lessons at some point. It's just too easy to forget these things when you're obsessing about one specific detail about your work. I hope to remember by having this text as my personal reminder.<br />
<br />
<a href="http://en.wikipedia.org/wiki/Hesburger">http://en.wikipedia.org/wiki/Hesburger</a><br />
<a href="http://www.city.fi/artikkeli/Heikki+Salmela/468/">http://www.city.fi/artikkeli/Heikki+Salmela/468/</a> (finnish)<br />
<a href="http://fi.wikipedia.org/wiki/Heikki_Salmela">http://fi.wikipedia.org/wiki/Heikki_Salmela</a> (finnish)Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com0tag:blogger.com,1999:blog-4624439462792336852.post-17185629732245888972011-09-23T06:34:00.004+03:002011-09-23T06:57:19.600+03:00UEFI "Secure boot" featureRead these and you're up to speed<br />
<a href="http://mjg59.dreamwidth.org/5552.html">http://mjg59.dreamwidth.org/5552.html</a><br />
<a href="http://blogs.msdn.com/b/b8/archive/2011/09/22/protecting-the-pre-os-environment-with-uefi.aspx">http://blogs.msdn.com/b/b8/archive/2011/09/22/protecting-the-pre-os-environment-with-uefi.aspx</a><br />
<img border="0" height="280" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg3eUy9fANOx90RCI2IfD1CnGgth9ufrIJgK_tNjrbQrcfC3LE028sw8sxNUUj5frXZa0HMeZlHrY-UrdvustN4_xZxz1RLBY9lJjwJgQG_a2C3t1LgLI9-q8Hml0bt-0yFpHwlSlinyVE/s1600/img-secure.png" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;" width="280" />
<br />
<br />
The PR department at Microsoft is lulling people to their happy places again?<br />
<br />
There obviously isn't any real benefit for the end user in "secure boot" so why beat around the bush. This is a feature, the purpose of which is to allow commercial entities to have greater power over what can and what cannot run on computer hardware. It's an "update" like so many we've seen that doesn't really fix any problem but only makes it more difficult for the end users to have freedom over their devices.<br />
<br />
People can't really be so gullible that they can't see past the fact that this writing does nothing to clarify anything but only drops words and phrases like secure, enforcing, strong protection, ensure, growing threat. To me this writing gives a strong impression of trying to seed fear and then sooth with a miraculous salvation. When the threats are great we forgive the trespassess right? At least in the US as recent history has shown.<br />
<br />
Keep updated, follow <a href="http://twitter.com/#!/mjg59">@mjg59</a> on Twitter.Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com0tag:blogger.com,1999:blog-4624439462792336852.post-48007002674809164822011-09-13T00:34:00.000+03:002011-09-13T00:53:12.484+03:00Censorship<div class="separator" style="clear: both; float: right;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSs6iRPza5Jw98aoZM2V4RuLWRR_gBNfdVfSJDN9-oXfrIN3Z5FYozTlOwM2lGVyMnBrPZyi6RHBGXzeIivHbXB3PC6dEIeum1aiaXtLAKS7rvPFF_PRV0oHAPnwhctDfCfsOLTyB5XZg/s1600/glossy-burning-fire+flame.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiSs6iRPza5Jw98aoZM2V4RuLWRR_gBNfdVfSJDN9-oXfrIN3Z5FYozTlOwM2lGVyMnBrPZyi6RHBGXzeIivHbXB3PC6dEIeum1aiaXtLAKS7rvPFF_PRV0oHAPnwhctDfCfsOLTyB5XZg/s320/glossy-burning-fire+flame.jpg" width="254" /></a></div>
I'm fucking pissed off by censorship. There's no point other than to annoy people, there can't be. When I first heard censoring of swearwords as a kid I thought it was kind of funny. If someone somewhere really thinks they can protect for example children from hearing swearwords by censoring TV, they gotta be kidding. Do you know what kind of parrots kids are. Kids talk to other kids who talk to other kids who talk to someone else and so forth. As long as we have language kids will be hearing swearwords and repeating them to their friends like there's nothing else to do in this world. Especially if you forbid them or try to "protect them" from this. It's rather ridiculous when some people think it's ok to show blood spilling and heads literally rolling, but swearwords are a big oh no.<br />
<div>
<br /></div>
<div>
Censoring draws unnecessary attention towards the fact that someone just swore. It also makes it very difficult to understand what was being said when it is not obvious what the word was. When it is obvious what the person is saying you're just making people say the word themselves in their minds, you chickenshits... Swearwords convey mood and meaning. It's a fact that people swear.(I'm not quoting a source, go find out for yourself) You can relate to things when swearwords are used in proper context. That means you have to balance the amount of swearing so that whatever story is being told is believable. It just sounds stupid when swearwords are out of context or there's nothing else than them. You start thinking tourettes or lack of things to say.<br />
<br />
After a while the censoring itself starts to deliver the same effect that the swearword did. Eventually what is being said will become devoid of meaning. I'ts like telling all the painters in the world to suddenly start painting only happy pictures.<br />
<br />
Censorship is control over people in all it's forms. Censorship is evil. Censorship is burning books. Censorship is suppression of speech. Censorship is unnatural.<br />
<br />
Censorship is being done only when someone is feeling of loss of control and then instead of reflecting on the real matter they do something fun like <a href="http://www.mobiledia.com/news/105219.html">turn off your country's communication networks</a>.<br />
<div>
<br />
ps. This is so fraking lame no matter how big a fan of <a href="http://en.wikipedia.org/wiki/Battlestar_Galactica">BSG</a> you are<br />
pps. I swear too much, but it's ok, I'm aware of it.</div>
</div>
Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com0tag:blogger.com,1999:blog-4624439462792336852.post-30007223876343780152011-09-11T20:26:00.001+03:002011-09-11T20:26:22.426+03:00The day the christians left earth<div class="separator" style="clear: both; float: right;">
<a href="http://www.cointalk.com/attachments/80055d1277841268-bean_laughing_hb.gif" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="http://www.cointalk.com/attachments/80055d1277841268-bean_laughing_hb.gif" width="241" /></a></div>
Sometimes out of the blue happens something so hilarious it's just insane. I thought it was the last episode of Futurama's sixth season (Reincarnation) But then this happened today when I was on Twitter.<br />
<br />
I didn't confirm this by going out and checking out by myself, but I'm preeetty sure the religious nuts called christians are sadly all still here.<br />
<br />
<iframe allowfullscreen="" frameborder="0" height="424" src="http://player.vimeo.com/video/28760515?title=0&byline=0&portrait=0" webkitallowfullscreen="" width="640"></iframe><br />
<a href="http://vimeo.com/28760515">Have You Been Left Behind?</a> from <a href="http://vimeo.com/remlezar">Rem Lezar</a> on <a href="http://vimeo.com/">Vimeo</a>.Sebastian Mäkihttp://www.blogger.com/profile/07774408117856478941noreply@blogger.com0