This is a private blog by Jens Lechtenbörger.

Jens Lechtenbörger

OpenPGP key: 0xA142FD84
(What is OpenPGP? Learn how to protect your e-mail.)

Creative Commons License
Unless explicitly stated otherwise, my posts on this blog are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Support for REUSE (SPDX) headers in emacs-reveal

About 18 months ago, I asked: Do you teach or educate?

I continue to use and develop emacs-reveal, a FLOSS bundle to create HTML presentations based on reveal.js as Open Educational Resources (OER) from Org mode source files in GNU Emacs. Last time, I mentioned license attribution for OER figures as tedious challenge, which I believe to be addressed properly in emacs-reveal.

Over the last couple of days, I added functionality that generates license information in my OER HTML presentations from SPDX headers embedded in source files. The FSFE project REUSE recommends the use of SPDX headers to indicate copyright and licensing information in free software projects, and, although OER are not software, I started to make my OER source files REUSE compliant. Thus, the following two simple header lines in an Org source file (e.g., the emacs-reveal howto)

#+SPDX-FileCopyrightText: 2017-2020 Jens Lechtenbörger <https://lechten.gitlab.io/#me>
#+SPDX-License-Identifier: CC-BY-SA-4.0

result in the following HTML licensing information (as part of the final slide in the howto) with RDFa markup for machine readability:

<div class="rdfa-license" about="https://oer.gitlab.io/emacs-reveal-howto/howto.html">
  <p>Except where otherwise noted, the work 
     “<span property="dcterms:title">How to create presentations with emacs-reveal</span>”,
     <span property="dc:rights">© 
        <span property="dcterms:dateCopyrighted">2017-2020</span>
        <a rel="cc:attributionURL dcterms:creator"
           property="cc:attributionName">Jens Lechtenbörger</a></span>, 
     is published under the 
     <a rel="license" href="https://creativecommons.org/licenses/by-sa/4.0/">
       Creative Commons license CC BY-SA 4.0</a>.</p></div>

Previously, I created the slide with license information separately, without taking copyright and license information of source files into account. Clearly, that type of redundancy was a Bad Thing, which I got rid of now. And, since license information is generated (currently in English or German based on the document’s language), you as future users of emacs-reveal do not need to know anything about RDFa (and next to nothing about HTML).

Happy New Year to all of you!

OER figures with license meta-data in emacs-reveal

Do you teach or educate? Do you use somebody else’s educational resources or share your own creations?

As described last year, I created an infrastructure called emacs-reveal to produce HTML presentations as Open Educational Resources (OER) from Org Mode text files in GNU Emacs for my own teaching. If you believe in the values of free software, I’m sure that you will find the values of OER appealing as well (despite the choice of “open” as main characteristic), whose licenses are supposed to permit 5 Rs, namely Retain, Reuse, Revise, Remix, Redistribute.

While working on my own presentations, I found myself repeatedly copying figures along with proper licensing information between presentations, which clearly indicated that my workflow was less than ideal. Indeed, most image formats do not provide any means for the inclusion of licensing information, so such annotations must be copied separately from the image file itself. To get rid of time-consuming and error-prone copying, I decided to create one separate meta-data file with license information for each image. For those meta-data files I use an ad-hoc format based on accepted terminologies (Dublin Core and Creative Commons).

In my presentations, I can now simply include the meta-data file, and proper licensing and attribution information will be displayed automatically. Moreover, licensing and attribution information is embedded as RDFa in generated HTML presentations, making it accessible on the Semantic Web. (For example, the Firefox plugin OpenLink Structured Data Sniffer can parse and display such RDFa data.)

My figures are published in this GitLab repository, and my howto for emacs-reveal (source code) includes some figure examples. As an aside, if you are interested in OER or free software or both, I’d be happy to receive feedback on what I plan to present as motivation for a course on operating systems (source code) starting in June.

HTML presentations as OER from Org mode with Emacs

This post has an exceptional topic given the main theme of my blog, but I’d like to advertise and share what I created during summer term 2017, supported by a fellowship for innovation in digital university teaching funded by the Ministry of Innovation, Science and Research of the State of North Rhine-Westphalia, Germany, and Stifterverband.

I switched my course on Operating Systems from more traditional lectures to Just-in-Time Teaching (JiTT; see here for the Wikipedia entry) as teaching and learning strategy, where students prepare class meetings at home. In a nutshell, students work through educational resources (texts, presentations, videos, etc.) on their own and submit solutions to pre-class assignments. Students’ solutions are corrected prior to class meetings to identify misunderstandings and incorrect prior beliefs. Based on those finding, class meetings are adjusted just-in-time to create a feedback loop with increased students’ learning.

As part of the course preparations, I adopted a different textbook, namely “Operating Systems and Middleware: Supporting Controlled Interaction” by Max Hailperin, whose LaTeX sources are available under a Creative Commons license on GitHub, and I decided to publish my teaching and learning material as Open Educational Resources (OER).

I briefly experimented with LaTeX with the Beamer package and LibreOffice Impress to create slides with embedded audio, but eventually I decided to go for the HTML presentation framework reveal.js. To simplify creation of such presentations, I developed my own infrastructure, whose main part, emacs-reveal, is available as free software on GitLab and satisfies the following requirements:

  • Self-contained presentations embedding audio, usable on lots of (including mobile and offline) devices with free software
  • Separation of layout and content for ease of creation and collaboration
  • Text format for diff and merge for ease of collaboration

Technically, presentations are written down in Org mode. The recommended editor to do so is, of course, GNU Emacs. In theory, you could use other editors because HTML presentations are generated from Org files, and you are free to use my infrastructure on GitLab (which, under the hood, is based on a Docker image containing Emacs and other necessary software).

You can find the source files for my presentations on Operating Systems on GitLab. The resulting presentations on Operating Systems as OER are published as GitLab Pages.

I created a Howto on GitLab explaining the use of emacs-reveal based on a simple presentation. The Org file of that Howto is translated by a so-called CI runner into an HTML presentation whenever changes are committed. The resulting presentation is then published as Howto on emacs-reveal as GitLab Page.

I hope this to be useful for somebody else’s talks or teaching as well.

Privacy Story

The EFF is “collecting stories from people about the moment digital privacy first started mattering in their lives”. They also ask to share the stories on Twitter using the hashtag #privacystory. Here is my story, even if I’m not on Twitter. Feel free to share anyways, as usual under CC BY-SA 4.0.

I insist that my wife and I have got a right to privacy for our communication. Not only do I defend that right when we are in the same room, but also when we communicate over the Internet. Actually, I even dare to suggest that all people have got that right. (This point of view probably sounds radical to some; once upon a time such thoughts were worthy enough to be embedded into the Universal Declaration of Human Rights—see Article 12 there.)

For a long time I took that right for granted and believed that we in Germany and Europe did not need to fight for it. That belief was shattered in 2006 when the European parliament passed the Data Retention Directive: Throughout Europe, so-called metadata about the electronic communication (e-mails, phone calls, texts) of every law-abiding citizen was to be stored for 6 months, without any probable cause.

In response, I became interested in cryptography and anonymity networks to defend my human rights against unconstitutional violations. I have been using and advertising tools for digital self-defense since then. At the Internet Archive’s Wayback Machine you can still access an early version (August 2006) of my German website to spread knowledge about such tools.

Briefly, I recommend that you (1) educate yourself about and then (2) use free (not necessarily gratis) software to protect your online privacy, namely the Tor Browser for Web surfing, GnuPG to encrypt your e-mail, and messengers based on XMPP such as Conversations (or alternatively Signal).

GNU Emacs under Qubes OS

A few weeks ago I installed Qubes OS on my PC at work. The project’s self-description is as follows:

Qubes is a security-oriented, free and open-source operating system for personal computers that allows you to securely compartmentalize your digital life.

Essentially, under Qubes you run different virtual machines (VMs), which are more or less isolated from each other, for different purposes. For example, you can use a so-called vault VM (that has no network connection) with Split GPG to keep your GnuPG keys in a safer place than would usually be possible on a single OS (you do encrypt your e-mails, don’t you?). Qubes also includes Whonix, a desktop OS that itself is based on virtualization to provide an environment from which all network traffic is automatically routed through the Tor anonymization network. In case you do not know Tor yet, I recommend that you invest some time to learn about that project and its role for digital self-defense.

VMs in Qubes are started from so-called templates that cannot be modified from inside the VM. So if you install software inside a VM (or some malware does so), those changes will be reverted when you close the VM.

A major feature of Qubes is the so-called disposable VM (dispVM for short) mechanism. A dispVM can be started quickly from a fresh template to host a single, potentially dangerous application such as a media player or an office tool; once the application exits, the dispVM (including potential changes from the template) is destroyed. The dispVM functionality also includes services that convert untrusted PDF or image files to a trusted format which can be viewed safely in other VMs. Finally, from inside your “normal” VMs you can also start a dispVM application on a designated file of the “normal” VM; if you change the file’s contents inside the dispVM, the changed file version replaces the original version of the “normal” VM when the dispVM is destroyed. For example, you can open and edit doc files saved from e-mail attachments (which are potentially dangerous) in LibreOffice inside a dispVM.

All of the above is pretty cool, and I use those features on a daily basis. By default, however, those feature are integrated into applications that I do not use, such as Thunderbird for e-mail or Nautilus as file manager. For my favorite work environment, namely GNU Emacs, some configuration is necessary.

For GnuPG in Emacs, you should really use EasyPG, which has been the default for some years. To make use of Split GPG in Qubes, you need to configure epg-gpg-program to invoke a wrapper program that communicates with the vault VM:

(customize-set-variable 'epg-gpg-program "/usr/bin/qubes-gpg-client-wrapper")

The above configuration is sufficient if you compiled Emacs from the Git repository (March 2017, after bug#25947 was fixed). Otherwise, you need this:

(require 'epg-config)
(customize-set-variable 'epg-gpg-program "/usr/bin/qubes-gpg-client-wrapper")
(push (cons 'OpenPGP (epg-config--make-gpg-configuration epg-gpg-program))

If you rely on signatures for Emacs’ package mechanism and if your Emacs is recent enough to have the variable package-gnupghome-dir (April 2017), you need to customize that to nil:

(setq package-gnupghome-dir nil)

Otherwise, as a temporary fix you may want to modify the script qubes-gpg-client-wrapper to ignore the unsupported option --homedir (in the template VM, similarly to how keyserver-options are removed with a comment on Torbirdy compatibility).

For an integration of dispVM functionality into Gnus and Dired, you may want to take a look at qubes.el. Briefly, that library provides functionality to browse URLs and open or convert files and e-mail attachments in various VMs, depending on user customization.

Here is my relevant snippet from ~/.emacs:

(require 'qubes)
(setq browse-url-browser-function 'qubes-browse)

;; Also allow to open PDF files in Disposable VMs.
;; Add the following line to ~/.mailcap:
;; application/*; qvm-open-in-dvm %s
(require 'mailcap)

;; Define key bindings to work on files in VMs.
(add-hook 'dired-mode-hook
	  (lambda ()
	    (define-key dired-mode-map "ö" 'jl-dired-copy-to-qvm)
	    (define-key dired-mode-map "ä" 'jl-dired-open-in-dvm)
	    (define-key dired-mode-map "ü" 'jl-dired-qvm-convert)

(add-hook 'gnus-article-mode-hook
	  (lambda ()
	    (define-key gnus-article-mode-map
	      "ä" 'jl-gnus-article-view-part-in-dvm)
	    (define-key gnus-summary-mode-map
	      "ä" 'jl-gnus-article-view-part-in-dvm)
	    (define-key gnus-mime-button-map
	      "ü" 'jl-gnus-mime-qvm-convert-and-display)
	    (define-key gnus-article-mode-map
	      "ü" 'jl-gnus-article-view-trusted-part-via-qubes)
	    (define-key gnus-summary-mode-map
	      "ü" 'jl-gnus-article-view-trusted-part-via-qubes)

I chose umlauts for key bindings as dired and Gnus seem to have assigned bindings for most keys already. Feel free to adapt.

Web-Seite zur informationellen Selbstbestimmung überarbeitet

Auf meiner Web-Seite zur informationellen Selbstbestimmung im Internet habe ich größere Änderungen in zwei nichttechnischen Abschnitten vorgenommen. Einerseits habe ich die Diskussion des faulen Arguments, Privatsphäre im Internet sei angesichts von Datenkraken und Massenüberwachung nicht möglich, besser strukturiert. Andererseits ist der Abschnitt zum Nothing-to-Hide-Argument ebenfalls neu strukturiert und erweitert. So stelle ich unter den kafkaesken Problemen des Verlusts unserer Privatsphäre nun konkretere Beispiele wie die Schwangerschaftserkennung anhand von Analysen des Kaufverhaltens, die Erstellung von Persönlichkeitsanalysen (1) anhand von Facebook Likes und (2) anhand von Sprachanalysen sowie die Manipulation von Entscheidungen durch Nudging vor.

Über Anregungen zur Erweiterung würde ich mich freuen.

You need Tor, and Tor is asking for your support

For decades, privacy and freedom of thought and expression have been valued as human rights. Please take a moment to read articles 12, 18, and 19 of ↑The Universal Declaration of Human Rights dating back to 1948.

In free, democratic countries we took those rights for granted. Even without knowing or caring about human rights, among family and friends we chatted without being overheard, we shopped anonymously and paid with cash, we walked the streets anonymously without being afraid of unknown strangers crossing our paths. In libraries we read books and newspapers while nobody spied on our interests.

That situation has changed dramatically in recent years with two noteworthy twists. First, in an article worth your time Eben Moglen explained in 2013 (predating the Snowden disclosures!) how we have ↑entangled ourselves in the Net. We surround ourselves with all kinds of “smart” devices such as phones, smart watches, smart meters, smart TVs, e-book readers, glasses, cars, all of which have eyes and ears of their own, monitor our location, our communication, our behavior most—if not all—of the time. Apps in those devices transmit what they observe into the Net, under incomprehensible privacy piracy policies. Once in the Net, that data is traded, stolen, re-purposed—beyond our control, consent, or knowledge.

Second, for reasons that I cannot comprehend, (even) democratic governments seem to assume that our human rights do not need to be respected on the Net. They demand openly and enforce covertly access to our communication, to our data, effectively—the more we entangle ourselves in the Net—to our lives.

If you believe that the human rights to privacy as well as freedom of thought and expression should also be your rights, even if you move on the Net, you must learn and practice digital self-defense. Essentially, you need to choose apps and tools that respect your freedom and privacy, which requires ↑free software based on strong cryptography. For example, to protect your e-mails you may want to use ↑GnuPG as explained in ↑this guide to e-mail self-defense. As messenger you may want to switch to ↑Signal. For Web surfing you may want to use the ↑Tor Browser.

Tor is cutting-edge anonymity research turned into easily usable free software. Briefly, Tor re-routes your network data through randomly selected relays on the Net, thus hiding who is communicating what with whom. More information on how Tor works can be found on the ↑Tor overview page and in the ↑Tor FAQ. Tor is built by a non-profit organization that is currently asking for ↑donations.

Make sure to read the ↑download warning and try the ↑Tor Browser today. It’s easy to install and run. Be warned, however, that surfing will be slower in general and that some misguided sites may refuse to load unless you solve a ↑captcha (which may or may not go away if you reload the page via “New Circuit for this site” from Tor Browser’s menu underneath the onion icon).

If you like Tor, the project is asking for your ↑donations, and you are in good company: ↑Edward Snowden and Laura Poitras use Tor. Security guru ↑Bruce Schneier recommends that you use Tor.

If you don’t like Tor, you can help to ↑improve it.

And, as a final remark, if you believe that Tor is being misused by “bad guys,” then, of course, you are right. Tor, just like about any other tool created by mankind, can be used by law-abiding citizens as well as by the scum of the earth.

Wieder wider Vorratsdatenspeicherung

Verfassungsbeschwerde bei Digitalcourage e.V. unterstützen (CC BY-SA 3.0 Digitalcourage e.V.)

Wir haben in Deutschland wieder die Vorratsdatenspeicherung (VDS), und das ist schlecht. VDS bedeutet flächendeckende, anlasslose Überwachung des Kommunikationsverhaltens der gesamten Bevölkerung, was gut zu totalitären Regimes passt, aber nicht zu demokratischen Gesellschaften.

Wer das nicht so verfolgt: Es gab in Europa schon mal die VDS, per EU-Richtlinie. Die entsprechende Umsetzung in Deutschland wurde 2010 vom Bundesverfassungsgericht für verfassungswidrig erklärt. Die gesamte Richtlinie wurde 2014 vom Europäischen Gerichtshof für ungültig erklärt, weil sie unsere Grundrechte auf Achtung des Privatlebens und auf den Schutz personenbezogener Daten verletzt. Nichtsdestotrotz haben wir jetzt wieder eine per Gesetz verordnete VDS, im Oktober vom Bundestag beschlossen, am 6. November vom Bundesrat abgesegnet.

Der Verein Digitalcourage bereitet eine Verfassungsbeschwerde vor und bittet um Unterstützung. Macht mit!

Außerdem ist es natürlich notwendig, digitale Selbstverteidigung zu lernen. Wie das mit freier Software geht, stelle ich anderswo dar.

Firefox with Tor/Orbot on Android

In my previous post, I explained three steps for more privacy on the Net, namely (1) opt out from the cloud, (2) encrypt your communication, and (3) anonymize your surfing behavior. If you attempt (3) via Tor on Android devices, you need to be careful.

I was surprised how complicated anonymized browsing is on Android with Firefox and Tor. Be warned! Some believe that Android is simply a dead end for anonymity and privacy, as phones are powerful surveillance devices, easily exploitable by third parties. An excellent post by Mike Perry explains how to harden Android devices.

Anyways, I’m using an Android phone (without Google services as explained elsewhere), and I want to use Tor for the occasional surfing while resisting mass surveillance. Note that my post is unrelated to targeted attacks and espionage.

The Tor port to Android is Orbot, which can potentially be combined with different browsers. In any case, the browser needs to be configured to use Tor/Orbot as proxy. Some browsers need to be configured manually, while others are pre-configured. At the moment, nothing works out of the box, though, as you can see in this thread on the Tor Talk mailing list.

Firefox on Android mostly works with Orbot, but downloads favicons without respecting proxy preferences, which is a known bug. In combination with Tor, this bug is critical, as the download of favicons reveals the real IP address, defeating anonymization.

Some guides for Orbot recommend Orweb, which has too many open issues to be usable. Lightning Browser is also unusable for me. Currently, Orfox is under development (a port of the Tor Browser to Android). Just as plain Firefox, though, Orfox deanonymizes Tor users by downloading favicons without respecting proxy preferences, revealing the real IP address.

The only way of which I’m aware to use Firefox or Orfox with Tor requires the following manual proxy settings, which only work over Wi-Fi.

  1. Connect to your Wi-Fi and configure the connection to use Tor as system proxy: Under the Wi-Fi settings, long-press on your connection, choose “Modify network” → “Show advanced options”. Select “Manual” proxy settings and enter localhost and port 8118 as HTTP proxy. (When you start Orbot, it provides proxy services into the Tor network at port 8118.)

  2. Configure Firefox or Orfox to use the system proxy and avoid DNS requests: Type about:config into the address bar and verify that network.proxy.type is set to 5, which should be the default and lets the browser use the system proxy (the system proxy is also used to fetch favicons). Furthermore, you must set network.proxy.socks_remote_dns to true, which is not the default. Otherwise, the browser leaks DNS requests that reveal your real IP address.

  3. Start Orbot, connect to the Tor network.

  4. Surf anonymized. At the moment you need to configure the browser’s privacy settings to clear private data on exit. Maybe you want to wait for an official Orfox release.

Three steps towards more privacy on the Net

Initially, I wanted to summarize my findings concerning Tor with Firefox on Android. Then, I decided to start with an explanation why I care about Tor at all. The summary, that I had in mind initially, then follows in a subsequent post.

I belong to a species that appears to be on the verge of extinction. My species believes in the value of privacy, also on the Net. We did not yet despair or resign in view of mass surveillance and ubiquitous, surreptitious, nontransparent data brokering. Instead, we made a deliberate decision to resist.

People around us seem to be indifferent to mass surveillance and data brokerage. Recent empirical research indicates that they resign. In consequence, they submit to the destruction of our (their’s and, what they don’t realize, also mine) privacy. I may be an optimist in believing that my species can spread by the proliferation of simple ideas. This is an infection attempt.

Step 1. Opt-out of the cloud and piracy policies.

In this post, I use the term “cloud” as placeholder for convenient, centralized services provided by data brokers from remote data centers. Such services are available for calendar synchronization, file sharing, e-mail and messaging, and I recommend to avoid those services that gain access to “your” data, turn it into their data, generously providing access rights also to you (next to their business partners as well as intelligence agencies and other criminals with access to their infrastructure).

My main advice is simple, if you are interested in privacy: Opt out of the cloud. Do not entrust your private data (e-mails, messages, photos, calendar events, browser history) to untrustworthy parties with incomprehensible terms of service and “privacy” policies. The typical goal of a “privacy” policy is to make you renounce your right to privacy and to allow companies the collection and sale of data treasures based on your data. Thus, you should really think of a “piracy policy” whenever you agree to those terms. (By the way, in German, I prefer “Datenschatzbedingungen” to “Datenschutzbedingungen” towards the same end.)

Opting out of the cloud may be inconvenient, but is necessary and possible. Building on a metaphor that I borrow from Eben Moglen, privacy is an ecological phenomenon. All of us can work jointly towards the improvement of our privacy, or we can pollute our environment, pretending that we don’t know better or that each individual has none or little influence anyways.

While your influence may be small, you are free to choose. You may choose to send e-mails via some data broker. If you make that choice, then you force your friends to send replies intended for your eyes to your data broker, reducing their privacy. Alternatively, you may choose some local, more trustworthy provider. Most likely, good alternatives are available in your country; there certainly are some in Germany such as Mailbox.org and Posteo (both were tested positively in February 2015 by Stiftung Warentest; in addition, I’m paying 1€ per month for an account at the former). Messaging is just the same. You are free to contribute to a world-wide, centralized communication monopoly, sustaining the opposite of private communication, or to choose tools and services that allow direct communication with your friends, without data brokers in between. (Or you could use e-mail instead.) Besides, you are free to use alternative search engines such as Startpage (which shows Google results in a privacy friendly manner) or meta search engines such as MetaGer or ixquick.

Step 2. Encrypt your communication.

I don’t think that there is a reason to send unencrypted communication through the Net. Clearly, encryption hinders mass surveillance and data brokering. Learn about e-mail self-defense. Learn about off-the-record (OTR) communication (sample tools at PRISM Break).

Step 3. Anonymize your surfing behavior.

I recommend Tor for anonymized Web surfing to resist mass surveillance by intelligence agencies as well as profiling by data brokers. Mass surveillance and profiling are based on bulk data collection, where it’s easy to see who communicates where and when with whom, potentially about what. It’s probably safe to say that with Tor it is not “easy” any more to see who communicates where and when with whom. Tor users do not offer this information voluntarily, they resist actively.

On desktop PCs, you can just use the Tor Browser, which includes the Tor software itself and a modified version of the Firefox browser, specifically designed to protect your privacy, in particular in view of basic and sophisticated identification techniques (such as cookies and various forms of fingerprinting).

On Android, Tor Browser does not exist, and alternatives need to be configured carefully, which is the topic for the next post.