Sunday, January 31, 2016

opera and flash, other issues

Links: Opera flash ::

After a software update with Flash implications, pages were not displayed in the Opera browser. If I entered, say, the URL "www.google.com", normal loading statements flashed as the page loaded, but the webpage appeared as a blank white page once it completed loading. Internal to Opera, no error notices were displayed; the pages apparently loaded correctly as far as Opera's internal checks were concerned. However, to the user, nothing but white was displayed for the webpage. I found no information or similar complaints in Internet forums, etc. What was going on?

the cursor

On the blank page, all the pieces were apparently there, just not visible to me. So, I could move the cursor around the blank white page and I would see various link URL's appear at the bottom of the blank page, just as they do when one hovers over visible links on a normally displayed page. Nevertheless, the page would otherwise appear blank. I wanted to look at my Opera settings, but entering, say, opera://settings, loaded a blank page.

early progress - local html file

While this was going on, I happened to click on a local html file. For this local file, ie, loaded off the HDD, Opera opened and displayed html normally. Also, any links clicked from this local page loaded normally. Also, any bookmarks could then be used normally, from that page. But if I opened a new tab during that session, all would be blank again, and even back-buttoning to the locally stored file would turn it blank. Could the blank page problem be some sort of security setting?

progress - private mode

Thinking "security", I let a page load blank. I selected a bookmark in the bookmark bar and R clicked, then selected the option "Open in New Private Window". The page loaded and displayed normally. Perhaps the blank pages were part of a misconfigured security policy.

progress - flash

I continued to browse normally in "Private Window", looking for clues. Another abnormality: Adobe Flash seemed to need updating. Some YouTube videos would show, some would not. Could this also be affecting the regular appearance of pages?
The paths for libpepflashplayer.so should be available to Opera in its .json-coded resource file:
/usr/lib/opera/resources/pepper_flash_config.json
"Cat" the file to verify it's in there, eg, one of its lines should typically be:
"/usr/lib/PepperFlash/libpepflashplayer.so",
That's a very common place for it to have been installed, but you can verify with "find". Some others believe that the player should also be in the Mozilla plugins folder, /usr/lib/mozilla/plugins, whether or not Firefox is installed. Create another one for Opera.
# mkdir /usr/lib/opera/plugins

flash working, but still must be private

  1. clear all cache and cookies
  2. download latest libflashplayer.so
  3. $ chmod 775 libflashplayer.so
  4. # cp /home/foo/downloads/libflashplayer.so /usr/lib/opera/plugins/libflashplayer.so
  5. # cp /home/foo/downloads/libflashplayer.so /usr/lib/mozilla/plugins/libflashplayer.so
Hopefully, more will be revealed, but the problem has not been solved.

Saturday, January 30, 2016

Geolocation: always evolving toward a finer grain

I was looking at geolocation data on the laptop the other afternoon, and thinking how it is part of the data collection picture so desirable for advertisers these days and so saturated by government security programs. Both advertisers (business) and government seem important and thereby worthy of a short post on geolocation.

Advertisers can be controlled, but after 9/11, our own government transitioned into a silent and invisible 24/7 domestic data collector. How does this relate to location. Well, location privacy feels important because our location is immediate -- it's first-person and physical, not conceptual. It feels normal to occasionally want to be alone somewhere. We understand this in our personal relationships, for example. This used to be as simple as going for a walk in nature, or around the block for a smoke at midnight -- very simple actions a person takes for granted. People feel such moments are private. However, since as recently as 2012, non-exempt citizens can only guess at how comprehensively during their daily activities they fall within camera range. Citizens can likewise merely guess at what is done with the images. In other words, citizens are given no clues as to where to file an inquiry if they do not approve of some camera or want access to its images -- we don't know who's operating them or what they're used for.

facial and license plate recognition

In addition to static cameras, note that every time you see a newer police car, or parking enforcement vehicle, an ALPR or some facial recognition system is likely built-in. A police vehicle is, among other things, and depending on a department's budget, a network node continually transmitting information. The transmissions have time and geolocation stamps added to the information. For example, in the transmission of license plate numbers from a cruiser, a combination of the license plate number+geotag+time is sent. This is a nearly insignificantly small database line entry. However, the entered data is easily reassembled into patterns of travel. A lifetime collection of a person's driving and location-based facial recognition instances could easily fit on a USB stick. We'd want to hope that information of such incredible depth was being used in an entirely temporary and exculpatory manner by agencies which gathered it. Good luck.

cell/smart

Assuming a phone with a battery and a SIM registered to its owner (not a borrowed or stolen phone), the owner's location is known to at least three meter accuracy. Added to this, government offices listening-in to the content of the call, or reading its text messages, accomplish these actions easily in real time, within agencies as low as city police departments, and with or without warrants. This is just by our friendly government and business organizations; foreign governments' interests are lesser known, but can reasonably be imagined.

desktop/laptop

When we use our desktops, the public (government) sphere again sees whatever it wants; what about the private sphere? Consider your monthly ISP bill. One's home address is tied to their account, it makes no difference whether one is being served a dynamic or static IP. ISP's could sell this bundle of info to advertisers in real time. Further, physical street addresses are easily interchangeable with exact GPS coordinates -- it makes little difference if the GPS coordinates or a physical street address is sold to advertisers.

Those in law enforcement, military, and perhaps some other protected categories (judges, etc) have some protections against commercial incursions or release of their information, depending on the situation. Citizens however, have only whatever's customary for a limitation, since there are very few explicit, effective privacy laws. Customary business limitations are not black and white restrictions on the release of data, and they can easily change, as you may note at the fine print of any privacy policy you accept. For example, lawsuits might occur as a result of, say, a stalker purchasing one's street address directly from an ISP, or if ISP's made one's mailing address easily available to advertisers. But if wins in court made it possible to absolve ISP's from any responsibility for selling your information to a stalker posing as an advertiser, ISP's might start selling that information tomorrow. So ISP's don't divulge the entire package to advertisers... yet. Instead, ISP's divulge some network node/hub near your home, usually a sphere of within 10 or 12 blocks, probably in your zip code, but without your name attached. Try this site, for example. And again, these are simply business practices, not real privacy protections. They can be changed at any time.

misdirection

As just noted, public opinion or civil cases are probably the motivation for ISP's and major websites to provide some (grudgingly) small privacy protections --- for now. But even these appear to be at the lowest possible boundary of honesty. For example, with geolocation, by asking the user if they will allow geolocation, the provider only gives the user a false impression that geolocation information hasn't already been released. We've already seen from the link above that this is not the case: let's say I'm browsing in Opera and I want to listen to a radio station in Pittsburgh. I go to the radio station's website and click on some "listen now" button. Very likely I will see a window similar to this:


The impression to the user is the Pittsburgh station does not know my location and "needs" to learn it (for regional advertising, etc). But we've already seen above at iplocation. net, that the station already has a fix on my location within an accuracy of a few blocks of my device. What advertiser (or MPAA/RIAA stooge) needs more information than this? So what's really going on -- we know it can't honestly be location, so what is it? My guess is the acceptance of the attached privacy policy notice: I am accepting Google's, or Microsoft's (Silverlight), or the station's, privacy policy regarding location information. Recall that privacy policies, once accepted, can be changed in the future without the user being notified or having the opportunity to revoke it. At a later date, information about me can be added to the whatever the site is selling to other businesses. In other words, once accepted, the privacy policy locks me into whatever that company does with my information downstream, and prevents me from suing them for it. This is why I think acceptance of the privacy policy is the real goal: it's much more valuable to the organization than my location, which they already have to a couple of city blocks without asking. Follow the money.

browser

Just like other webpages, geolocation queries from webpages are cached and need to be purged, if you don't want the results read by other applications later. The Chrome browser used to have a way to "emulate", spurious GPS addresses (again, only for private concerns, not for government concerns), but even this was too much for some businesses to tolerate. It's been eliminated, probably due to advertiser, or MPAA/RIAA pressures. Essentially, if you are streaming anything, you are likely to see a window such as the Opera one above.

the future

Profit pressures and motives will likely degrade these policies until, at some future date, it seems reasonable to assume our physical address/GPS coordinates will be known in real time and possibly tied to our name. This is currently trivial for some government agencies, but I'm talking about within the private sphere also. At the point it becomes accepted for business, there will be little difference between a cell phone or a home desktop, and in fact, the desktop may be less private at such a time, since a home address is also a mailing address. Accordingly, businesses which support law enforcement and law enforcement unions have proactively lobbied for protections for their officers. These unions have two advantages citizens who pay officer salaries don't have: 1) police unions know the true scope of privacy incursions because their officers are using the tools, 2) they have the organization, financial resources, and support from legislators, to lobby for protections for their members. In reality, all citizens, or at least taxpayers -- we pay gov't agencies to surveil us -- should have protections equal to officers. Government agencies can pierce any privacy protection with ease, so there is no national security implication for extending protections to all taxpayers.

integrating

Take all of this location and identity information above, and integrate it with credit card data, browsing habits, email and text parsing, and you've got quite a case, or advertising file, on anyone. Still want to go outside for that walk or stream that radio station from Pittsburgh?

[solved] jnlp files in Arch

A lot of proprietary garbage predictably relies upon one of the most proprietary of the proprietary: Oracle. The most famous collusion is to require Java for some (putatively) secure connection. How to do this from a Unix-based platform? Iced Tea is part of the answer.

# pacman -S icedtea-web
[select the jre8 option]
Note that path information may have to be modified. Installation notice:
For the complete set of Java binaries to be available
in your PATH, you need to re-login or source /etc/profile.d/jre.sh
Please note that this package does not support forcing
JAVA_HOME as former package java-common did

when you use a non-reparenting window manager, set
_JAVA_AWT_WM_NONREPARENTING=1 in /etc/profile.d/jre.sh

Once all PATH information is set, logout, login, and run, eg:
$ javaws foo.jnlp

vaapi and vdpau api's - dvd playback

Using VLC, I recently played a commercial 2 DVD set (720P) on a reliable optical drive. One DVD chapter would not play and the disk appeared to have a small scratch. Before returning it for a refund, I thought I should try something besides VLC to rule-out those random situations where it's a software glitch. The command line version of Mplayer used to be a great equalizer, for example. However, I don't know VAAPI and VDPAU parameters, or say, XvMC. Situation seemed worthy of a trail of crumbs here.

overview

It's important to know one's hardware in this situation. To my understanding, VAAPI is a native Intel API, VDPAU is a native NVidia API.
$ lspci |grep -i vga
01:05.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] RS780MC [Mobility Radeon HD 3100]
And so of course, I get "Radeon", lol. At any rate, both VDPAU and VAAPI pass video encoding to a GPU from a CPU. Each is available to any software (scroll down), though some software is crafted with a preference. There is a lot of information out there that we don't want to use VDPAU as a wrapper, and should pick native VAAPI or VDPAU, not a wrapper accessed through the other. Then configure all software to work on that basis.

settings beyond the API

Besides the API, another playback parameter is setting cache and framedrop flags when running Mplayer. Running VLC, playback was clean, except that it paused on the scratched disc. Using Mplayer, I experienced no pauses, but had tearing or pixellation throughout, aka, a configuration issue.

troubleshoot

$ mplayer dvd:// /dev/sr0 -nosound -framedrop
[pixellation, tearing, sync errors]

$ strace mplayer dvd:// /dev/sr0 -nosound -framedrop &> vidfail.txt

$ grep -in "vidp*" vidfail.txt
3136:open("/usr/lib/vdpau/libvdpau_r600.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
3141:open("/usr/lib/libvdpau_r600.so", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
3143:write(2, "Failed to open VDPAU backend lib"..., 105Failed to open VDPAU backend libvdpau_r600.so: cannot open shared object file: No such file or directory
3145:write(2, "[vdpau] Error when calling vdp_d"..., 52[vdpau] Error when calling vdp_device_create_x11: 1

$ find -name "libvd*"
/usr/lib/libvdpau.so.1.0.0
./usr/lib/libvdpau.so
./usr/lib/libvdpau.so.1

vaapi checks

VAAPI is less desirable these days, for example according to this post. But we can check to see if it's operational, in case we had MPlayer or VLC configured to use it -- it might explain the fail.
$ vainfo
libva info: VA-API version 0.38.0
libva info: va_getDriverName() returns 0
libva info: Trying to open /usr/lib/dri/r600_drv_video.so
libva info: va_openDriver() returns -1
vaInitialize failed with error code -1 (unknown libva error),exit
In this case, we see that VAAPI is not loading VDPAU, which VAAPI can only use as a wrapper. We know this because r600 is part of VDPAU, typically loaded along with Mesa or GStreamer. It appears the order of loading ins VAAPI, then an attempt to call the VDPAU wrapper. We know this because:
$ vlc --avcodec-hw=/usr/lib/xorg/modules/dri/r600_dri.so video.mp4
VLC media player 2.2.1 Terry Pratchett (Weatherwax) (revision 2.2.1-0-ga425c42)
Failed to open VDPAU backend libvdpau_r600.so: cannot open shared object file: No such file or directory.
I'm pointing VLC directly at the r600.so lib, yet it continues not to "exist". It appears VAAPI is loading but can't find this backend lib, even with a path supplied. This will require additional investigation.

vdpau checks

$ grep -i vdpau ~/.local/share/xorg/Xorg.0.log
[ 34.798] (II) RADEON(0): [DRI2] VDPAU driver: r600
I see the r600 driver is there, and is apparently operational. Not that I care about wrappers, but the reason VAAPI cannot find VDPAU to use as a wrapper, is I probably do not have a line to export the VDPAU variable export VDPAU_DRIVER=r600 in my ~/.bashrc file. Since I know r600 is operational, I merely need to configure VLC and MPLayer to work exclusively with VDPAU, or install gallium.