Oud, maar ik kon het origineel niet zo snel vinden.
[Archive] John on Twitter: “…” / Twitter
Standaard formulier voor het oplossen van storingen
Posted by jpluimers on 2023/07/14
Posted in Awareness, Fun | Leave a Comment »
On repeat: “ask information only once”;Â Eenmalige uitvraag – NORA Online
Posted by jpluimers on 2023/07/13
Since the SVB PGB site keeps violating the [Wayback/Archive] AP12: Eenmalige uitvraag – NORA Online principle, some more emphasis on it as the usefulness of the “ask information only once” principle is not limited to government sites or commercial sites providing services for the government.
The principle “ask information only once” is valid for any site and needs to be present at all times, especially in these situations:
- when an authentication token is expired and re-authentication is needed
- when checking if authentication might have been expired and a page refresh is done during that check
I wrote about 1. in SVB PGB and DigiD security suddenly logged you out every 15 minutes despite the count down counter indicating otherwise ( wrote it in March 2021, published it in December 2021 when I thought it had been sort of solved).
That was obnoxious and took a very long time to fix (despite the mandatory aspect of the “ask information only once” principle and me pushing for a quick resolving in [Archive.is] Jeroen Wiert Pluimers on Twitter: “Omdat de @SVB_PGB site hiermee een noodzakelijk NORA archictectuur principe schendt (je raakt bij de logoff/logon de informatie die je op de pagina aan het invullen bent kwijt): kan dit een hoge prirotieit krijgen? Zie: – …”).
In February 2022, I had enough energy to submit the final PGB administration parts to the SVB PGB site. I didn’t get logged out every few minutes for the first hour or so (that only happened after being authenticated more than one hour, then repeating every 15 minutes), but I bumped into 2: loosing a lot of data in an at first unpredictable manner.
An underlying thing is that despite the NORA rules to be mandatory there is no sanction for the SVB (or any other government organisation) to fix this: users have to use the site and take the burden in order to get their payments. Ruurd Pels highlighted in these two answers to my tweets: harsh, but hitting the nail on the head:
- [Archive] Ruurd ✒️ on Twitter: “@jpluimers @BiancaPrins In dit soort gevallen moet je eigenlijk regelen dat als een instantie geen richtige heffing of richtige steun uitvoert ze er financieel nadeel van hebben. Verkeerde heffing? Helemaal terugbetalen in plaats van corrigeren. Verkeerde steun: driedubbel uitbetalen. Etcetera.” / Twitter
- [Archive] Ruurd ✒️ on Twitter: “@jpluimers @BiancaPrins Het probleem is: er is geen sprake van een prikkel. De instantie (UWV, SVB, overheid noem maar op) heeft er geen last van. Er is geen prikkel om dit te verbeteren. Het kost ze geen geld als de boel niet functioneert.” / Twitter
The problem is that every each period of 15 minutes session activity , when you submit a form (the whole flow is form based, where the amount of data per form varies: sometimes just a confirmation button, sometimes a full month of data containing the hours worked) you get an intermediate quickly flashing “Redirecting…” on your screen, then loose the data entered in that form:
- [Archive] Jeroen Wiert Pluimers on Twitter: “Het NORA principe wat @StOnSoftware een jaar geleden noemde wordt weer door het @SVB_PGB geschonden. Het duurde even om te reproduceren, maar je verliest ongeveer elke 15 minuten je ingevoerde data. 1/” / Twitter
- [Archive] Jeroen Wiert Pluimers on Twitter: “Wat je dan ziet tijdens de submit (Verder, Opslaan) is een kort “Redirecting…” scherm op een willekeurige plek in de flow …, …, … In dit voorbeeld verlies je een maand aan invulwerk en is alles weer leeg. 2/ …” / Twitter
Declaratie insturen – empty declaration showing you just lost a month of input
- [Archive] Jeroen Wiert Pluimers on Twitter: “Vorig jaar werd je nog elke 15 minuten uitgelogd en was het nog erger, zie … 3/” / Twitter
- [Archive] Jeroen Wiert Pluimers on Twitter: “en … Dat probleem zorgde er voor dat ik maar sporadisch declaraties instuurde, maar nu met een hele stapel declaraties is het probleem op een subtielere wijze nog steeds aanwezig. 4/” / Twitter
- [Archive] Jeroen Wiert Pluimers on Twitter: “Kunnen jullie dit laten fixen? Dank alvast. 5/5” / Twitter
After more than an hour, I bumped into 1 again:
- [Archive] Jeroen Wiert Pluimers on Twitter: “Oh @SVB_PGB: die bug van uitloggen na een kwartier bestaat nog steeds (zie …). Kreeg ik net in een uur tijd 3 keer. Na inloggen kom je wel weer in de flow, maar de data die je daar hebt ingevuld is dan verdwenen. A/ CC @EefvanKoos” / Twitter
- [Archive] Jeroen Wiert Pluimers on Twitter: “@SVB_PGB @EefvanKoos Ik vermoed dat beide te maken hebben met de sessie-duur van de active authenticatie van @DigiDwebcare omdat je in beide gevallen het “Redirecting…” stukje heel kort ziet verschijnen ofwel in het form of bij DigiD login beide met verlies aan data. B/B” / Twitter
[Archive] Stephan Eggermont (@StOnSoftware) / Twitter quote retweeted my initial message at [Archive] Stephan Eggermont on Twitter: “🧵 NORA heeft een aantal hele duidelijke principes om de burger niet te frustreren. Niet twee keer naar hetzelfde vragen geldt ook als je een sessie time-out. Dan moet je dus al ingevulde gegevens bewaren” / Twitter, which translated is
🧵 NORA has a number of very clear principles in order not to frustrate citizens. Not asking for the same thing twice also applies if you time out a session. Then you have to save already entered data
An introduction about NORA is at Nederlandse Overheid Referentie Architectuur – Wikipedia:
Nederlandse Overheid Referentie Architectuur of NORA is het interoperabiliteitsraamwerk voor de Nederlandse overheid en vertaalt daartoe wetgeving, beleid en standaarden naar architectuurprincipes, beschrijvingen en modellen. Het is een beschrijving van uitgangspunten voor het inrichten van de informatiehuishouding van de Nederlandse overheid. NORA is relevant voor de uitvoering van alle publieke taken door publieke en private organisaties.
[Wayback/Archive] NORA: Nederlandse Overheid Referentie Architectuur – Bluefrog has a way easier “table of contents” to the principles than the NORA online site (note that some document numbers are intentionally not used):
DE TIEN BASISPRINCIPES VAN NORA
- [Wayback/Archive] BP01: Afnemers krijgen de dienstverlening waar ze behoefte aan hebben.
- [Wayback/Archive] BP02: Afnemers kunnen de dienst eenvoudig vinden.
- [Wayback/Archive] BP03: Afnemers hebben eenvoudig toegang tot de dienst.
- [Wayback/Archive] BP04: Afnemers ervaren uniformiteit in de dienstverlening door het gebruik van standaardoplossingen.
- [Wayback/Archive] BP05: Afnemers krijgen gerelateerde diensten gebundeld aangeboden.
- [Wayback/Archive] BP06: Afnemers hebben inzage in voor hen relevante informatie.
- [Wayback/Archive] BP07: Afnemers worden niet geconfronteerd met overbodige vragen.
- [Wayback/Archive] BP08: Afnemers kunnen erop vertrouwen dat informatie niet wordt misbruikt.
- [Wayback/Archive] BP09: Afnemers kunnen erop vertrouwen dat de dienstverlenerzich aan afspraken houdt.
- [Wayback/Archive] BP10: Afnemers kunnen input leveren over de dienstverlening.
DE 38 AFGELEIDE PRINCIPES
- [Wayback/Archive] AP01: Diensten zijn herbruikbaar
- [Wayback/Archive] AP02: Ontkoppelen met diensten
- [Wayback/Archive] AP03: Diensten vullen elkaar aan
- [Wayback/Archive] AP04: Positioneer de dienst
- [Wayback/Archive] AP05: Nauwkeurige dienstbeschrijving
- [Wayback/Archive] AP06: Gebruik standaard oplossingen
- [Wayback/Archive] AP07: Gebruik de landelijke bouwstenen
- [Wayback/Archive] AP08: Gebruik open standaarden
- [Wayback/Archive] AP09: Voorkeurskanaal internet
- [Wayback/Archive] AP10: Aanvullend kanaal
- [Wayback/Archive] AP11: Gelijkwaardig resultaat ongeacht kanaal
- [Wayback/Archive] AP12: Eenmalige uitvraag
- [Wayback/Archive] AP13: Bronregistraties zijn leidend
- [Wayback/Archive] AP14: Terugmelden aan bronhouder
- [Wayback/Archive] AP15: Doelbinding (AP)
- (AP16 is intentionally missing: merged into AP17)
- [Wayback/Archive] AP17:Â Informatie-objecten systematisch beschreven
- [Wayback/Archive] AP18: Ruimtelijke informatie via locatie
- [Wayback/Archive] AP19: Perspectief gebruiker
- [Wayback/Archive] AP20: Persoonlijke benadering
- [Wayback/Archive] AP21: Bundeling van diensten
- [Wayback/Archive] AP22: No wrong door
- [Wayback/Archive] AP23: Automatische dienstverlening
- [Wayback/Archive] AP24: Proactief aanbieden
- [Wayback/Archive] AP25: Transparante dienstverlening
- [Wayback/Archive] AP26: Afnemer heeft inzage
- [Wayback/Archive] AP27: Een verantwoordelijke organisatie
- [Wayback/Archive] AP28: Afspraken vastgelegd
- [Wayback/Archive] AP29: De dienstverlener voldoet aan de norm
- [Wayback/Archive] AP30: Verantwoording dienstlevering mogelijk
- [Wayback/Archive] AP31: PDCA-cyclus in besturing kwaliteit
- [Wayback/Archive] AP32: Sturing kwaliteit op het hoogste niveau
- [Wayback/Archive] AP33: Baseline kwaliteit diensten
- [Wayback/Archive] AP34: Verantwoording besturing kwaliteit
- (AP35 is intentionally missing: superseded by AP41)
- (AP36 is intentionally missing: superseded by AP41)
- (AP37 is intentionally missing: superseded by AP43)
- (AP38 is intentionally missing: superseded by AP43 and AP42)
- (AP39 is intentionally missing: superseded by AP42)
- [Wayback/Archive] AP40: Onweerlegbaarheid (principe)
- [Wayback/Archive] AP41: Beschikbaarheid
- [Wayback/Archive] AP42: Integriteit
- [Wayback/Archive] AP43: Vertrouwelijkheid (principe)
- [Wayback/Archive] AP44: Controleerbaarheid
The missing numbers (see also [Wayback/Archive] Betrouwbaarheid – NORA Online, [Wayback/Archive] Vervangen of Vervallen elementen in NORA – NORA Online and [Wayback/Archive] Vervangen of Vervallen uitspraken in NORA – NORA Online):
- AP16 (merged into AP17) [Wayback/Archive] Identificatie informatie-objecten – NORA Online
- AP35 (superseded by AP41) [Wayback/Archive] ContinuĂŻteit van de dienst – NORA Online
- AP36 (superseded by AP41) [Wayback/Archive] Uitgangssituatie herstellen – NORA Online
- AP38 (superseded by AP43) [Wayback/Archive] Identificatie authenticatie en autorisatie – NORA Online
- AP38 (superseded by AP43 and AP42) [Wayback/Archive] Informatiebeveiliging door zonering en filtering – NORA Online
- AP38 (superseded by AP42) [Wayback/Archive] Controle op juistheid volledigheid en tijdigheid – NORA Online
For a management overview, see [Wayback/Archive] NORA (Nederlandse Overheid Referentie Architectuur) – Digitale Overheid.
–jeroen
Share this:
Posted in Authentication, Development, DigiD, Power User, Security, Software Development, Web Development | Leave a Comment »
GitHub – grossartig/vanmoof-encryption-key-exporter: Export all bike details (such as encryption key) of your VanMoof bikes.
Posted by jpluimers on 2023/07/12
Posted in Uncategorized | Leave a Comment »
Looking for maintainer(s) for fritzcap (Python project that captures calls from a Fritz!Box)
Posted by jpluimers on 2023/07/12
Given my health uncertainty, I am looking for maintainers for the fritzcap project (it captures calls from a Fritz!Box modem/router and is written in Python).
History
The fritzcap project was originally started in2007 by [Wayback/Archive] spongebob | IP Phone Forum, first as a binary fritzcap.exe Windows executable (see his first post at [Wayback/Archive] FritzBox: Tool fĂĽr Etherreal Trace und Audiodaten-Extraktion | IP Phone Forum). In 2010 it became an open source Python project at [Wayback/Archive] Google Code Archive – Long-term storage for Google Code Project Hosting.
Share this:
Posted in About, Audio, Cloud, Communications Development, Containers, Development, Docker, ffmpeg, Fritz!, Fritz!Box, fritzcap, Hardware, HTTP, Infrastructure, Internet protocol suite, Media, Network-and-equipment, Personal, Power User, Python, Scripting, Software Development, TCP | Leave a Comment »
SUSE Preserves Choice in Enterprise Linux by Forking RHEL with a $10+ Million Investment | SUSE
Posted by jpluimers on 2023/07/11
https://www.suse.com/news/SUSE-Preserves-Choice-in-Enterprise-Linux/
Via
https://twitter.com/jilles_com/status/1678814306811379739
Share this:
Posted in Uncategorized | Leave a Comment »
Figuring out the open network connections for processes ran by python
Posted by jpluimers on 2023/07/11
pidof python | tr " " "\n" | xargs -r -n 1 lsof -i -a -e /run/user/1001/gvfs -p
Breakdown:
- Getting the process IDs of any python process using pidof (most of my systems do not have
pgrepinstalled):
# pidof python 26128 12583 - Given the above list is space separated, and
xargsprefers line separated, lets replace spaces with newlines (I showed this before in Source: firewalld: show interfaces with their zone details and show zones in use):
# pidof python | tr " " "\n" 26128 12583 - By default,
xargssquashes all input on one line:
# pidof python | tr " " "\n" | xargs echo 26128 12583 - To work around that, you can either use the
-L 1or-n 1argument to keep them on separate lines:
# pidof python | tr " " "\n" | xargs -L 1 echo 26128 12583 # pidof python | tr " " "\n" | xargs -n 1 echo 26128 12583 - Now
lsofcan not only show open files, but also IP sockets (-i), and *only* those (-a), for a specific process ID (-p #). So by having the-pas last argument,xargswill append the process ID after it:
# pidof python | tr " " "\n" | xargs -n 1 lsof -i -a -p lsof: WARNING: can't stat() fuse.gvfsd-fuse file system /run/user/1001/gvfs Output information may be incomplete. lsof: WARNING: can't stat() fuse.gvfsd-fuse file system /run/user/1001/gvfs Output information may be incomplete. COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME python 12583 jeroenp 7u IPv4 8347396 0t0 TCP 192.168.124.38:54576->192.168.124.23:1012 (ESTABLISHED) python 12583 jeroenp 8u IPv4 8345460 0t0 TCP 192.168.124.38:48250->192.168.124.23:http (CLOSE_WAIT) - The
lsof: WARNING: can't stat() fuse.gvfsd-fuse file system /run/user/1001/gvfsis a warning not easy to workaround in a short manner as per [Wayback/Archive] privileges – lsof: WARNING: can’t stat() fuse.gvfsd-fuse file system – Unix & Linux Stack Exchange (thanks [Wayback/Archive] pabouk and [Wayback/Archive] jmunsch):
In your caseÂ
lsof does not need to check the GVFS file systems so you can exclude theÂstat() calls on them using theÂ-e option (or you can just ignore the waring):lsof -e /run/user/1000/gvfs(via: [Wayback/Archive] lsof: WARNING: can’t stat() fuse.gvfsd-fuse file system /run/user/1001/gvfs – Google Search)
So you get this:
# pidof python | tr " " "\n" | xargs -n 1 lsof -i -a -e /run/user/1001/gvfs -p COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME python 12583 jeroenp 7u IPv4 8347396 0t0 TCP 192.168.124.38:54576->192.168.124.23:1012 (ESTABLISHED) python 12583 jeroenp 8u IPv4 8345460 0t0 TCP 192.168.124.38:48250->192.168.124.23:http (CLOSE_WAIT) - When there are no process IDs, you do not want to run
lsof, andxargshas an argument just for that:-r, see my earlier post Source:-rargument to pipe (no argument for MacOS)- If no input is given to xargs, don’t let xargs run the utility – Unix & Linux Stack Exchange, so you get this
# pidof python | tr " " "\n" | xargs -r -n 1 lsof -i -a -e /run/user/1001/gvfs -p
Via:
- [Wayback/Archive] linux find network connections open for process – Google Search
- [Wayback/Archive] networking – Show network connections of a process – Unix & Linux Stack Exchange (thanks [Wayback/Archive] alxrem and [Wayback/Archive] á´śsᴇʀ)
–jeroen
Share this:
Posted in *nix, *nix-tools, bash, bash, Development, lsof, Power User, Scripting, Software Development, xargs | Leave a Comment »
how do I merge the tabs of two open Preview windows if I have more than two open? – Ask Different
Posted by jpluimers on 2023/07/10
That was more difficult than I anticipated: [Wayback/Archive] how do I merge the tabs of two open Preview windows if I have more than two open? – Ask Different
First of all, make sure that the “tab bar” is displayed by choosing “view”->”Show Tab Bar”. Then, you should be seeing the tab bar, which displays the file name:Then, in the other preview window, click and hold the tab bar, and drag it onto the tab bar of the target preview window. Using this method, you can merge as many tabs as you want.Tested on MacOS Catalina 10.15.4
Share this:
Posted in Apple, Mac OS X / OS X / MacOS, macOS 10.12 Sierra, macOS 10.13 High Sierra, Power User, Uncategorized | Leave a Comment »
NeverSSL – helping you get online on WiFi networks requiring authentication
Posted by jpluimers on 2023/07/07
[Wayback/Archive] NeverSSL – helping you get online.
What?
This website is for when you try to open Facebook, Google, Amazon, etc on a wifi network, and nothing happens. Type “http://neverssl.com” into your browser’s url bar, and you’ll be able to log on.How?
neverssl.com will never use SSL (also known as TLS). No encryption, no strong authentication, no HSTS, no HTTP/2.0, just plain old unencrypted HTTP and forever stuck in the dark ages of internet security.
While writing it in 2022, the site would redirect me to http://oldserenewonderousbirds.neverssl.com/online, http://beautifulgrandoldspell.neverssl.com/online and http://majesticsilveroldeclipse.neverssl.com/online, which will change probably each time to deter DNS caching, as per this message when I disabled JavaScript:
⚠️ JavaScript appears to be disabled. NeverSSL’s cache-busting works better if you enable JavaScript for
neverssl.com.
Why NeverSSL
Because NeverSSL always uses plain unencrypted HTTP traffic, any captive portal WiFi or wired network can easily sneak in or redirect to authentication.
That way you can logon, after which you can use encrypted HTTPS/SSL/TLS/HSTS traffic.
Via
- [Archive] Colm MacCárthaigh on Twitter: “Super super super super super cool to have @NeverSSL featured in one of Julia’s comics! It’s a good prompt to tweet about a few weird things that
neverssl.comdoes to collaborate with nasty Wifi capture portals …” / Twitter - [Archive] NeverSSL (@NeverSSL) / Twitter
DNS hijacking can be used too
Leading to the above was this post by b0rk: [Wayback/Archive] how airports lie to you with DNS.
Via:
- [Archive] 🔎Julia Evans🔍 on Twitter: “how airports lie to you with DNS …” / Twitter
- [Archive] 🔎Julia Evans🔍 on Twitter: “I think it’s interesting that DNS resolvers can return any responses they want — it just depends what they’re programmed to do! And you can turn this to your advantage by using an adblocking DNS resolver like pi-hole.net or something” / Twitter
- [Archive] 🔎Julia Evans🔍 on Twitter: “Also apparently there’s more than one way captive portals work, sometimes they do what’s described in this comic and sometimes they hijack HTTP instead of DNS. …” / Twitter
–jeroen
Share this:
Posted in Captive-WiFi-Portal, Power User, WiFi | Leave a Comment »
How To Use Twitter Search – Advanced Guide by @Luca – Fresh van Root
Posted by jpluimers on 2023/07/07
Need to check out which of these filters still work:
[Wayback/Archive] How To Use Twitter Search – Advanced Guide by @Luca – Fresh van Root
Operator Description since:2019-05-06 Tweets published at or after the date. (UTC +0) until:2019-05-07 Tweets published before the date. (UTC +0) from:Luca Tweets that are not marked as sensitive media. Tweets published by a specific user. to:Luca Replies and mentions for a specific user. lang:de Tweets in a specific language. Language is detected by Twitter on a Tweet basis. “und” for Tweets where Twitter was unable to determine a language. near:Berlin within:5km [unreliable] Tweets that were posted in specific locations and optionally within a certain range. min_faves:5 Tweets with at least that amount of faves. -min_faves:100 Tweets that have fewer faves than specified. min_retweets:10 Tweets that were at least retweeted that many times. -min_retweets:3 Tweets that were retweeted less than that many times min_replies:70 Tweets that got a minimum amount of replies. -min_replies:8 Tweets that got fewer replies. (max_replies does not work) filter:follows Tweets by accounts you follow. list:Luca/Science Tweets by accounts on a specified list. filter:verified Tweets by verified accounts. filter:images Tweets with an image. filter:links Tweets with an URL. filter:media Tweets with a video or a photo. filter:retweets [only works with the API or with “include:nativeretweets”] Retweets. filter:quote Tweets that contain a quoted Tweet. filter:replies Tweets that are a reply. filter:mentions Tweets that mention a user. filter:videos Tweets that contain a video. filter:native_video Tweets that contain a video, that was directly uploaded to Twitter. filter:news [unreliable] Tweets that contain a URL to a news source. filter:safe [unreliable] Tweets that do not contain sensitive material. include:nativeretweets It allows you to search through retweets as well. Especially useful in combination with from:account or filter:follows.
–jeroen
Share this:
Posted in Power User, SocialMedia, Twitter | Leave a Comment »
An unexpected turn of events when Jeff Geerling posted “I’m hosting my website on a FARM!”
Posted by jpluimers on 2023/07/06
Some links on the unexpected turn of events after [Archive] Jeff Geerling (@geerlingguy) / Twitter posted
- [Archive] I’m hosting my website on a FARM! – YouTube
- [Wayback/Archive] Hosting this website on a farm – or anywhere | Jeff Geerling
First his site got more traffic because of the post, then within an hour traffic exploded because of a DDoS overflowing both his Raspberry Pi cluster and his mobile data capacity.
Jeff will likely do blog posts on these and update the underlying GitHub repository at [Wayback/Archive] geerlingguy/turing-pi-2-cluster: Turing Pi 2 Cluster , but until then (since his Tweets were not threaded), this is what happened on 20220209 as it taught me a few bits:
Share this:
Posted in Cloud, Cloudflare, Containers, Development, Docker, Hardware Development, Infrastructure, Internet, Kubernetes (k8n), LifeHacker, OpenSpeedTest, Power User, Raspberry Pi, SpeedTest | Leave a Comment »
The Wiert Corner - irregular stream of stuff 