Petter Reinholdtsen

Entries from December 2018.

Learn to program with Minetest on Debian
15th December 2018

A fun way to learn how to program Python is to follow the instructions in the book "Learn to program with Minecraft", which introduces programming in Python to people who like to play with Minecraft. The book uses a Python library to talk to a TCP/IP socket with an API accepting build instructions and providing information about the current players in a Minecraft world. The TCP/IP API was first created for the Minecraft implementation for Raspberry Pi, and has since been ported to some server versions of Minecraft. The book contain recipes for those using Windows, MacOSX and Raspian. But a little known fact is that you can follow the same recipes using the free software construction game Minetest.

There is a Minetest module implementing the same API, making it possible to use the Python programs coded to talk to Minecraft with Minetest too. I uploaded this module to Debian two weeks ago, and as soon as it clears the FTP masters NEW queue, learning to program Python with Minetest on Debian will be a simple 'apt install' away. The Debian package is maintained as part of the Debian Games team, and the packaging rules are currently located under 'unfinished' on Salsa.

You will most likely need to install several of the Minetest modules in Debian for the examples included with the library to work well, as there are several blocks used by the example scripts that are provided via modules in Minetest. Without the required blocks, a simple stone block is used instead. My initial testing with a analog clock did not get gold arms as instructed in the python library, but instead used stone arms.

I tried to find a way to add the API to the desktop version of Minecraft, but were unable to find any working recipes. The recipes I found are only working with a standalone Minecraft server setup. Are there any options to use with the normal desktop version?

As usual, if you use Bitcoin and want to show your support of my activities, please send Bitcoin donations to my address 15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

Tags: debian, english.
Non-blocking bittorrent plugin for vlc
12th December 2018

A few hours ago, a new and improved version (2.4) of the VLC bittorrent plugin was uploaded to Debian. This new version include a complete rewrite of the bittorrent related code, which seem to make the plugin non-blocking. This mean you can actually exit VLC even when the plugin seem to be unable to get the bittorrent streaming started. The new version also include support for filtering playlist by file extension using command line options, if you want to avoid processing audio, video or images. The package is currently in Debian unstable, but should be available in Debian testing in two days. To test it, simply install it like this:

apt install vlc-plugin-bittorrent

After it is installed, you can try to use it to play a file downloaded live via bittorrent like this:

vlc https://archive.org/download/Glass_201703/Glass_201703_archive.torrent

As usual, if you use Bitcoin and want to show your support of my activities, please send Bitcoin donations to my address 15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

Tags: english, verkidetfri, video.
Retten til kontant betaling er en rettighet som må brukes for å beholdes
11th December 2018

FNs menneskerettighetserklæring artikkel 13 første punkt lyder som følger:

Enhver har rett til å bevege seg fritt og til fritt å velge oppholdssted innenfor en stats grenser.

Det er altså en menneskerett å kunne bevege seg fritt i landet. For å bevege seg fritt i landet, så må en kunne bevege seg uten å bli sporet. Det vil i dagens samfunn innebære å bevege seg uten å legge igjen digitale spor og uten å være radiomerket. Hvis en vet at ens bevegelser, hvor en befinner seg når, og hvem som befinner seg i nærheten, blir samlet inn og gjort tilgjengelig for fremmede, det være seg myndighetene eller private organisasjoner, så kan en ikke lenger bevege seg fritt. Dette gjør at det er en forutsetning for å ha glede av retten til å bevege seg fritt i landet at en motstår fristelsen til å legge igjen digitale spor når en betaler for seg. Rettigheter som ikke blir brukt, blir fjernet. Den eneste måten i dag å unngå å legge igjen digitale spor når en betaler for seg, er å betale med kontanter, samt takke nei til å legge igjen navn og adresse (slik f.eks. Elkjøp ber om — jeg sier de kan legge inn «anonym anonym» når datasystemet deres trenger et navn). Personlig anbefaler jeg å konsekvent bruke kontant betaling når man beveger seg rundt, for å bidra til forsvaret av menneskerettighetene i Norge. Kanskje noe også for deg? Merk at det ikke er tilstrekkelig for å unngå sporing å betale med kontanter, men det er et lite steg i riktig retning.

Det er flere andre argumenter i tillegg til menneskerettighetsargumentet for å bruke kontanter. I går hadde Dagbladet en utmerket kommentar av sin journalist John Olav Egeland om hvilket kontantløst diktatur som venter oss hvis mange nok slutter å insistere på å betale med kontanter. Jeg anbefaler deg å lese den.

Som vanlig, hvis du bruker Bitcoin og ønsker å vise din støtte til det jeg driver med, setter jeg pris på om du sender Bitcoin-donasjoner til min adresse 15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b. Merk, betaling med bitcoin er ikke anonymt. :)

Tags: betalkontant, norsk, personvern.
Why is your site not using Content Security Policy / CSP?
9th December 2018

Yesterday, I had the pleasure of watching on Frikanalen the OWASP talk by Scott Helme titled "What We’ve Learned From Billions of Security Reports". I had not heard of the Content Security Policy standard nor its ability to "call home" when a browser detect a policy breach (I do not follow web page design development much these days), and found the talk very illuminating.

The mechanism allow a web site owner to use HTTP headers to tell visitors web browser which sources (internal and external) are allowed to be used on the web site. Thus it become possible to enforce a "only local content" policy despite web designers urge to fetch programs from random sites on the Internet, like the one enabling the attack reported by Scott Helme earlier this year.

Using CSP seem like an obvious thing for a site admin to implement to take some control over the information leak that occur when external sources are used to render web pages, it is a mystery more sites are not using CSP? It is being standardized under W3C these days, and is supposed by most web browsers

I managed to find a Django middleware for implementing CSP and was happy to discover it was already in Debian. I plan to use it to add CSP support to the Frikanalen web site soon.

As usual, if you use Bitcoin and want to show your support of my activities, please send Bitcoin donations to my address 15oWEoG9dUPovwmUL9KWAnYRtNJEkP1u1b.

Tags: english, standard, web.

RSS Feed

Created by Chronicle v4.6