Professional blog by Juho Kunsola

Now marketing my interpretation and translation services via Baabelia.fi marketing channel

Logo of Baabelia marketing service for interpreters and translators
Baabelia.fi is a Finnish marketing channel for interpreters and translators.

I’m marketing my interpretation and translation services via Baabelia.fi with billing through Asiantuntijaosuuskunta Mielekäs Co-operative.

Markkinoin tulkkaus- ja käännöspalveluitani nyt Baabelian kautta ja laskutus onnistuu Asiantuntijaosuuskunta Mielekkään kautta.

https://www.baabelia.fi/kielipalvelu/juho-kunsola/

Upgrading Debian GNU/Linux from Jessie to Stretch

The official Debian GNU/Linux logo
Debian is a very reliable OS for servers, though you can install it on desktops too.

Objective: To safely upgrade from Debian 8 (Jessie) to Debian 9 (Stretch) two servers and to keep good records of what was done to perform the upgrade.

  1. Server #1 is used just to verify and hold backups of other servers so it has no public services running.
  2. Server #2 hosts a diaspora*, a Hubzilla, a GNU social, a Friendica and a GNU Mediagoblin.

The definitive source on how to achieve the objectives

There are various tutorials with very brief instructions on how to go about the upgrade, but I decided to follow  The definitive guide to upgrading from Debian Jessie (8) to Debian Stretch (9) at Debian.org to learn how to do the upgrade very carefully.

Preparation

First off: I informed the users of the free social media instances about the upcoming upgrade and the downtime to be expected.

Make sure all the software are in their latest version

# apt update && apt upgrade

Made backups of /etc, /var/lib/dpkg, /var/lib/apt/extended_states /home/username, /var/www and the output of dpkg --get-selections "*" and stored them off-site. Additionally I took a snapshot of the system disk just in case the upgrade doesn’t go well then it is possible to revert to the pre-upgrade situation.

Next checked for non-Jessie software with

$ apt-forktracer | sort

It found some items from jessie-backports but nothing that is in use.

Checked for half-installed packages with

# dpkg --audit

Nothing of interest was found. Just one dummy package.

Check for packages on hold

# dpkg --get-selections | grep 'hold$'

None were found.

Edit the /etc/apt/sources.list

Now update the /etc/apt/sources.list changing each occurrence of ‘jessie’ with ‘stretch’. I did it with sed (Stream EDitor) but it is also possible to manually edit the file with your favourite editor.

# sed -i 's/jessie/stretch/g' /etc/apt/sources.list

Start session recording for later reference

Next start session recording with (replace step with a number. When needing to reboot then restart the session recording with an incremented number)

# script -t 2>~/upgrade-stretchstep.time -a ~/upgrade-stretchstep.script

If you have used the -t switch for script you can use the scriptreplay program to replay the whole session:

# scriptreplay ~/upgrade-stretch1.time ~/upgrade-stretch1.script

The upgrade

Update the package list with the Stretch sources in place

# apt-get update

Make sure you have enough disk space for the upgrade

# apt-get -o APT::Get::Trivial-Only=true dist-upgrade

There is ample of space so proceed with minimal upgrade (upgrading only the installed software).

# apt-get upgrade

Now time to upgrade the system. This will take a while.

# apt-get dist-upgrade

Next check if you have already installed the linux-image* meta-package

# dpkg -l "linux-image*" | grep ^ii | grep -i meta

If you do not see any output, then you will either need to install a new linux-image package by hand or install a linux-image metapackage. To see a list of available linux-image metapackages, run:

# apt-cache search linux-image- | grep -i meta | grep -v transition

If unsure which linux-image metapackage you can get longer description of the linux-image in question by running

# apt-cache show linux-image-amd64

Looks good. Let’s install it.

# apt-get install linux-image-amd64

apt-get reports that there are installed packages that are no longer needed. Remove them with

# apt-get autoremove

Now it is time to reboot for the new kernel to take effect.

# reboot

Login and check the OS version

$ lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description:    Debian GNU/Linux 9.5 (stretch)
Release:        9.5
Codename:       stretch

Verified that the services were up-and-running. Upgrade successful!


UPDATE: It seems there are 2 PostgreSQL running: Version 9.4 (the old one from Jessie) and Version 9.6, which ships with Stretch. Going to look into removing the old one safely.

Perustulon myyminen Suomen puolueille

Perustulon myyminen Suomen puolueille

Kokoomus logo
Kokoomuksen logo on suojeltu. Suomen ja Murican tekijänoikeuslait myöntävät “fair use” eli “reilu käyttö”-oikeudet. Ei harhaanjohtavuuksia, ei ongelmia. Logo of Kansallinen Kokoomus is protected by copyright and is fair use under Finnish and Murican law. No scamstery moves, no problems.

Kokoomus lienee haastavin joten käsitellään se ensimmäisenä tietenkin:

Ekonomistin kielellä asian ydin sanotaan
   "Työvoimakustannukset kasvaa ihan törkeen paljon."
mikä johtaa siihen että
"pääoman investoinnista vastineena saatavat tulovirrat laskevat jos työvoimakustannukset nousevat"
 
mutta rehti ekonomisti toteaa vielä että
"Kapitalismi kriisiytyy automaatioon menetettävän työtulon poistumisen takia."
ja näemme että se rehti ekonomisti jatkaa
"...perustulo pitkälti ratkaisee tämän."
Tässä vaiheessa paantuneimmankin Kokomuslaisen suusta livahtaa toteavalla intonaatiolla sanottu “niiiin.” ja deal is ready to close paitsi jos ten-ninety.

Red flag made with 2-D vector graphics program
“Harmaa on hyvä väri.” ~ Ismo Alanko “Niin on punainenkin.” ~ Apteekkari Jubohi Ismolle. Used under CC-BY-SA 3.0 from Wikimedia Commons. Click picture for uploader credit. Is Homie Ssolbergj

 

Seuraavaksi Kommaristit ja listaan voidaan ynnätä demarit, vasurit ja kaikki muut vasemman näkökulman oletuksena selektoivat otukset ja niiden lurkkailu ja spiikkailumestat.:

ekonomisti lisää vielä:
"...ja työväen ahdingon työllisyyden menettämisessä automaatioon."
Kommaristi ei ole tyhmä. Kommaristi kokee perustulon omaksi asiakseen ja ei tarvitse ekonomistia kertomaan sitä hänelle. Homma on niin selvä että kommaristi näkee että “lapsikin näkee tämän.”
Följande patient. Apteekkari Jubohilla ei ole koko päivää aikaa hoitaa sivupisneksiä.

Keskusta

Logo of Suomen Keskusta
Samma legalese som för Kokoomus
"Ai maaseutu piti pitää asuttuna? No perustulo ja sit jengi voi ajaa jotain Uberii tai Haxii muutaman tunnin kun kaikki landella edullisessa omakotitalossa asuvat ajokortittomat ei luota robottikutsubussiin vieläkään."

~ Apteekkari Jubohin hyllystä kohdasta “Miten perustulo myydään Keskustalle?”


Kristillisdemokraatit logo
Ja kiitämme Herran lisäksi myöskin Wikimedia Commonssin ylläpitäjiä jos kuva näkyy sekä tekijänoikeuslain säätöön osallistuneita tahoja.

Kristillisdemokraatit

 "Niin kuin te tahdotte ihmisten tekevän teille, niin tehkää te heille."

~ Jeesus (Luuk. 6:31)

 

 


RKP

Svenska folkpartiet i Finland logo
Svenska folkpartiet i Finland logo är protegerad. Finska och Muricanska lag ger “fair use”, “rejäl anvädning” rätt. Ingen scämming, ingen problem. Tackar uplådare.
"Se Samlings Parti, Kommarister, Pirater, Persut, Kristiskademokrater och Keskusta och i andan av stocknmannismen vi tillsätter lite här som finns inte i finska tekster: Villkorslös Grundinkomsten sparar pengar när man behöver inte sysselsätta Sossun altså nästan alla sossu och många FPA får spark just som dom sku få. Sossun inte går till fattigdom därför and hon/han/hen också får villkorslös grundinkomst. C'est practique, n'est pas?"

~ Apotekare Jubohi på sossun


 

Vihreät – De Gröna

Logo of the Green Party of Finland
Logo suojeltu. Reilu käyttö sallittu. Älä leikkaa sitä sademetsää.

 

"Nykymuotoinen kapitalismi on kriisi itsessään jos luonnonsuojelu otetaan tarkasteluun mukaan. Planeettoja on vain yksi mutta ahneita monta. Perustulon salliessa täysautomaatio-, itsepalveluautomaatio- ja ihmispalveluinnovaatioiden kehittämisen leppoisammalla tahdilla ja talouspaineella talous siirtyy materiaalisesta kokemuksellisempaan suuntaan. Veikkaisin että Äiti Maa arvostaisi."

Apteekkarin hyllystä kohdasta “Miten perustulo myydään Vihreille?”


Piraattipuolue

Logo of the Pirate Party of Finland
Piraattipuolueen logo piratoitu piraateilta suomen tekijänoikeuslait nullaten mennen tullen. Piratoi takasin.
"Tulevaisuuden päämäärä on täystyöttömyys jotta kaikki voivat piratoida."

~ Apteekkarin väärentämä täysin aito ja väärentämätön “Arthur C. Clarke sitaatti”. All reserves are righted.


Perussuomalaiset logo
Suojeltu logo. Reilu käyttö tekijänoikeuslain mukaisesti

Persut

"Oikeestaan kerrotaan tässä totuus ja todetaan että konsensus kansan riveissä on se että sossut ja kelan byrokraatit on ihan paskoja ammatteja ja niille pitäis antaa potkut laajassa määrin jolloin ne tipahtaisivat pehmeästi perustulopatjan päälle."

Installing a LetsEncrypt.org wildcard certificate on Linux using acme.sh and a DNS Api

Let’s Encrypt is a certificate authority (CA) that offers free SSL/TLS certificates

Objective: To acquire and install a wildcard SSL/TLS certificate from LetsEncrypt.org to a GNU/Linux system with automatic renewal enabled by using a registrar’s DNS API to prove the ownership of the domain. In this case I’m using the Gandi LiveDNS API but the instructions work with other DNS providers with APIs too that have acme.sh DNS plugins available.

Install acme.sh

sudo su
git clone https://github.com/Neilpang/acme.sh.git
cd ./acme.sh
./acme.sh --install

Get API key from Gandi

Go to https://account.gandi.net/ and click on “security” and generate an API key and store it in a safe place and export it with

export GANDI_LIVEDNS_KEY="fdmlfsdklmfdkmqsdfkthiskeyisofcoursefake"

Generate the cert

Followed the official acme.sh DNS API instructions at GitHub.

Now use the staging environment (–test) for the certificate issuing. This will save you on the issuing limits of LetsEncrypt.org production platform.

acme.sh --issue --test --log --dns dns_gandi_livedns --log -d *.domain.tld -d domain.tld

Notice that this will fail on the first run but succeed on the second one.

Once the –test finishes successfully you can switch to the production environment by deleting the /root/.acme.sh/*.domain.tld-directory (it contains the staging server’s information and will be regenerated with the production server’s info on next run)

rm -rf /root/.acme.sh/*.domain.tld

Now run the issuing command twice (it will fail on the first run) just changing –test to –force

acme.sh --issue --force --log --dns dns_gandi_livedns --log -d *.domain.tld -d domain.tld

Install the certificate in some sensible place as the directory structure of /root/.acme.sh may change in the future.

Certificate deployment instructions for Apache at acme.sh GitHub

acme.sh --install-cert -d *.domain.tld -d domain.tld \
--cert-file /etc/apache2/acme.sh/*.domain.tld/*.domain.tld.cer \
--key-file /etc/apache2/acme.sh/*.domain.tld/*.domain.tld.key \
--fullchain-file /etc/apache2/acme.sh/*.domain.tld/fullchain.cer \
--reloadcmd "service apache2 force-reload"

Edit Apache configuration to take the SSL/TLS protected site into use

Create a VirtualHost-directive for the SSL/TLS protected site

<VirtualHost *:443>
...
   SSLEngine on
 SSLCertificateFile /etc/apache2/acme.sh/*.domain.tld/*.domain.tld.cer
   SSLCertificateKeyFile /etc/apache2/acme.sh/*.domain.tld/*.domain.tld.key
  SSLCACertificateFile /etc/apache2/acme.sh/*.domain.tld/fullchain.cer
</VirtualHost>


Once you are sure that the HTTPS site works redirect requests from the http-site to the HTTPS site with URL rewriting.

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

Enable forward secrecy in your Apache configuration

Enabling forward secrecy makes users of the site more secure. Instructions by SSLLabs research here at GitHub.


That’s it. The acme.sh installation added a cronjob to run it daily and it will renew the certificate automatically when it is nearing the end of it’s validity period.


 

UPDATE 2018-07-16: If you need to use more than one API Key do as follows. This usually occurs when you are hosting sites for many different registrants.

Export the API key if this is the first time you are using that key. If you have already created certificates with this API key the acme.sh will read it from the config file from the file /root/.acme.sh/yourconfigdirectory/account.conf

acme.sh --issue --config-home /root/.acme.sh/yourconfigdirectory --log --dns dns_gandi_livedns --log -d *.domain.tld -d domain.tld

First run will fail. Run it again.

Create the target directory for certificate installation.

mkdir /etc/apache2/acme.sh/yourconfigdirectory/\*.domain.tld

Now install the certificate

./acme.sh --install-cert --config-home /root/.acme.sh/yourconfigdirectory -d *.domain.tld -d domain.tld \
--cert-file /etc/apache2/acme.sh/yourconfigdirectory/\*.domain.tld/\*.domain.tld.cer \
--key-file /etc/apache2/acme.sh/yourconfigdirectory/\*.domain.tld/\*.domain.tld.key \
--fullchain-file /etc/apache2/acme.sh/yourconfigdirectory/\*.domain.tld/fullchain.cer \
--reloadcmd "service apache2 force-reload"

Now you are ready to proceed to configure your website’s Apache configuration as described in the original instructions (scroll up).


If you have any improvement suggestions or would just like to say thanks you can use the contact form below.

Migrating a Mediawiki to a new Linux server

To get you started: Get a Linux VPS.

I chose Tavu.io, an ecohosting company with the data center deep inside the Finnish granite bedrock, a “renewable electricity only”-policy and a cloud infrastructure built on top of OpenStack.

For OS I chose latest Debian Stable which was version 9 at the time of writing.

Mediawiki's logo
Mediawiki is a wiki system of awesome quality and reliability

Tavu.io created the VPS on their OpenStack based cloud in a matter of few tens of seconds.

Then the system gave a temporary password and on login via ssh the system required a new password was set.

Login with the new password and run

sudo apt update && sudo apt upgrade

This will get the pre-installed software to their latest version numbers and may take a while.

Then I added a user name I usually use on Linux systems by entering:

sudo useradd -m -s /bin/bash <username>

Now set a password for username with

sudo passwd <username>

and add the user to /etc/sudoers (make a copy of the line that says “root” and change ‘root’ to your user name of choice) and log out and log in as the newly created user.

Now is a good time to get an firewall going so do so.

Now grab a list of installed packages with

dpkg --get-selections > packages-YYYY-MM-DD.list

This could be useful for later use.

Now install some software

sudo apt install tmux nmap apache2 lynx
  1. tmux is a shell session multiplexer
  2. nmap is a port scanner
  3. apache2 is a web server
  4. lynx is a terminal-based web browser

And some more software

sudo apt install htop atop itop iotop glances chkrootkit
  1. htop, atop, itop and glances are system monitoring (for humans)
  2. iotop is a IO (Input/Output) monitoring system for humans (requires sudo)
  3. chkrootkit is a software for checking if your system has a known rootkit installed (bad for you)

Migrating the Mediawiki

First install the dependencies as described below and only then we switch to following the moving a wiki guide. which consists of actually three operations:

  1. Making a backup of the Mediawiki on the old server
  2. Moving the backup to the new machine
  3. Restoring Mediawiki from the backup.

Installing Mediawiki’s dependencies

Now we move on to installing the dependencies of Mediawiki. For this we will follow the Mediawiki installation guide for Debian and Ubuntu (generic guide here) up-to-the-point of actually installing one.

sudo apt-get install apache2 default-mysql-server default-mysql-client php php-mysql libapache2-mod-php php-xml php-mbstring

We installed MariaDB instead of MySQL. They are binary compatible so you can choose one or the other and also interchange them afterwards. Add the database and database user of your wiki and grant all rights on the database to the database user.

Those are the mandatory components and next up are the beneficial components out of which we chose the following

sudo apt-get install php-apcu php-intl imagemagick php-cli

Move required files and the database to new machine

If possible make sure that your Mediawiki is the latest version on the old server.

Next I packed and moved

  1. The database
  2. The Mediawiki directory /var/www/mediawiki
  3. The Mediawiki logs from /var/log/sites/mediawiki
  4. site configuration from /etc/apache/sites-available

and expanded them into the right place on the new server.

A sane approach to the Mediawiki files ownership is as follows

First recursively make you the owner of all of the Mediawiki directory and its subdirectories and files with

sudo chown -R <username> /var/www/mediawiki

and then explicitly making the images/-directory, where Mediawiki stores its writables, to be posession of user www-data (www-data is the user that Apache and Mediawiki run as) by

sudo chown -R www-data /var/www/mediawiki/images

Minimize downtime

The TTL (Time To Live) of the domain at the DNS also naturally affects the length of the outage so modifying it to very short time such as 15 minutes way in advance of commencing the migration.

I temporarily modified the domain name of the Mediawiki (in /etc/apache2/sites-available and also LocalSettings.php) to a temporary subdomain to test that the Mediawiki is working on the new server before doing the DNS change of the production Mediawiki. After you have viewed that the wiki is working on the new server change the domains back to the “real” one.

Following these two practices are simple practical things to do that help to make the imminent outage of your service as short as possible.


Configure Apache2

Link the .conf files with symbolic links from /etc/apache2/sites-available to /etc/apache2/sites-enabled.

ln -s ../sites-available/example.com example.com

Enable mod_rewrite which is needed for the pretty URLs to work.

sudo a2enmod rewrite

Test your Apache2 configuration with

sudo apachectl configtest

and fix your config untill the configuration says ‘Syntax OK’

The last step is that we need to make the Apache2 reload its configuration which is accomplished with

sudo service apache2 reload

Now navigate to the temporary subdomain’s /wiki/-directory and you should see your wiki there.

Warning: The Mediawiki extensions may have dependencies that are not satisfied so also check that each extension works.


If using reCAPTCHA

Google’s reCAPTCHA stopped working (CAPTCHA shows up but when it is time to approve the human as a human I got an error message that reCAPTCHA “cannot contact server”.

This seemed to be solved by logging in to the CAPTCHA management page at Google and deleting the old keys and generating new keys and naturally changing the keys to the new ones at Mediawiki’s LocalSettings.php


Important: Enable outgoing email for Mediawiki

Now we need to put in place a way for the Mediawiki to send emails (very important).

My registrar Gandi.net provides a mailing system which enables the one to use $wgSMTP (set this in LocalSettings) to send outgoing mailing. They also have 5 mailboxes and 1000 forwards included for each domain for all registrants so I can confidently use …@consumerium.org addresses since Gandi.net is rock-solid operation with a very wide palette of TLD’s though maybe 20% higher prices than the price leader which is often buggy, slow and unreliable if they just compete with the “cheapest on planet”.

Other method to get email to go outwards is to install a MTA (Mail Transfer Agent) such as Sendmail, Postfix or Nullmailer and configure it to send the messages.

Whichever method you chose to enable email do check that it works!

Happy wikiditing! – Juho

Installing a Kubuntu 17.04 (again)

This is a blog post mainly about how to flexibly reinstall Kubuntu 17.04 GNU/Linux OS after the previous install running into troubled waters and break down.

Cycle through more than one disk in the install clean approach so get an USB-to-SATA3 casing and some hard drives. The idea is that to install the next OS you do not need to overwrite the previous OS.

  • Get FireFox sync. This way you don’t need to import your bookmarks as sync does it for you.
  • Take previous disk out of the computer and insert another disk, connect the USB installation medium (and select boot order in BIOS or UEFI) and power up.
  • Install Kubuntu.
  • Boot Kubuntu
  • Open a shell and run ‘sudo apt update && sudo apt upgrade’ to get the installed software to the latest version.
  • Install software
    • Monitoring: ‘sudo apt install htop atop iotop glances’ (glances will install python)
    • Database: ‘sudo apt install mariadb-server’
    • Graphics and video: ‘sudo apt install inkscape gimp kdenlive’
    • Audio: ‘sudo apt install linux-lowlatency audacity fluidsynth patchage’
    • Shell multiplexer: ‘sudo apt install tmux’
    • Virtual machine: ‘sudo apt install virtualbox’
  • Copy files:
    • Connect the old disk to the computer with the USB-to-SATAIII casing and mount it
    • I am trying to avoid getting broken confs from the old machine so only conf file I will take is in /media/username/UUID/username/.config/kdenlive. I used cp command in the shell to get it
    • Copy all files and directories from your old home directory to the new home directory, tick “apply to all” and select “write into” when it asks what to do with directories that exist.
    • Copy any other files you need. Unmount the external drive and remove and put in a cool and dry place.

Law draft to ban covert modeling

Law draft to ban covert modeling

covert what?!??!

Since the early 00’s it has become (nearly) impossible to determine in still or moving pictures what is an image of a human, imaged with a (movie) camera and what on the other hand is a simulation of an image of a human imaged with a simulation of  a camera.

When there is no camera and the target being imaged with a simulation looks deceptively human it is a digital look-alike.

Now the equivalent thing is happening to our voices i.e. they can be stolen to some extent with the 2016 prototypes like Adobe Voco and DeepMind WaveNet and made to say anything. When it is not possible to determine with human testing what is a recording of a real voice and what is a simulation it is a digital sound-alike.

It is time to act and ban covert modeling.

9 images showing various techniques on a model derived interactively from a single photo
Image 1 (low resolution rip)
Sculpting a morphable model to one single picture (1)
Produces 3D approximation (2)
Texture capture (4)
The 3D model is rendered back to the image with weight gain (3)
With weight loss (5)
Looking annoyed (6)
Forced to smile (7)
Image 1 by Blanz and Vettel – Copyright ACM 1999 – http://dl.acm.org/citation.cfm?
doid=311535.311556 – PPermission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page.
finding the specular and the diffuse components of the light
Image 4: Separating specular and diffuse reflected light
Normal image in dot lighting (a)
Image of the diffuse reflection which is caught by placing a vertical polarizer in front of the light source and a horizontal in the front the camera (b)
Image of the highlight specular reflection which is caught by placing both polarizers vertically (c)
Subtraction of c from b, which yields the specular component(d)
Images are scaled to seem to be the same luminosity.
Original image by Debevec et al. – Copyright ACM 2000 – http://dl.acm.org/citation.cfm?doid=311779.344855 – Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page.

 

 

 

In the cinemas we have seen digital look-alikes for over 10 years. These digital look-alikes have “clothing” (a simulation of clothing is not clothing) or “superhero costumes” and “superbaddie costumes”, but unfortunately organized criminal gangs with this weapons capability at their disposal are spreading naked digital look-alikes with unnatural “physical” interactions. These industrially produced delusions cause human suffering and societal suffering and the parts that can be outlawed should be outlawed for the protection of the citizens from the arbitrary disinformation attacks by criminal leagues.

Anecdotally we can say: “Do you think that was Hugo Weaving’s left cheekbone that Keanu Reeves punched in with his right fist?”

Brief look at laws that intersect with covert modeling concerns

Chapter 24 of the Finnish Criminal Code “on violating privacy, peace and honor” includes some laws that are touching the issue but unfortunately do not yield sufficient methods to stop crime.

  • § 6 Covert watching
  • § 7 Preparing for covert listening or watching
  • § 8 Spreading information that violates right to private life
  • § a 8 Aggravated spreading information that violates right to private life
  • § 9 Defamation
  • § 10 Aggravated defamation

 


Proposed law to ban covert modeling

§ 1 Covert modeling of appearance

Acquiring a 3D model and making a 7D bidirectional reflectance distribution function model¹ or similar but technically different model without consent i.e. covert modeling of appearance is illegal. Also possession, purchase, sale, yielding, import and export of covert models are punishable.

§ 2 Of using covert image likeness models

Animation and projection from the covert models defined in section 1 to still and animated 2D image or stereo-images² and making these available is forbidden³.

§ 3 Covert modeling of a human voice

Acquiring a model of human voice⁴ that deceptively resembles a human voice, possession, purchase, sale, yielding, import and export without the consent of the target is illegal.

§ 4 Of using covert voice models

Generating and making available audio material from a covert model of a human voice is illegal.


  1. The seven dimensions of the bidirectional reflectance distribution function are as follows: 3 cartesian X,Y,Z and 2 for the entry angle and 2 for the exit angle of the light.
  2. In movie lingo the so called “3D”. In reality it supposedly is only 2 pcs 2D planes in its dimension.
  3. Those in posession of the end product should be encouraged to seek help and not criminalized.
  4. E.g. Adobe Voco ja DeepMind WaveNet. Not yet publicly audible.

Ending words

It may be seven dimensional and we are in approximately 4 dimensions but they cannot leave the 2D projection if we don’t let it anymore. Is there any political will to do something about it?


Serious viewing on the situation


This is a document is the translation of a Finnish original from 2016 intended to be a citizens initiative.

Translation into English of my from 2007 B.Sc. thesis on capture and animation of human like figures

I did this Finnish -> English translation of my B.Sc. thesis from 2007 in 2016-2017. Get it here. Sorry for the low res still graphics and receiver strain on this information on digital look-alikes. Just read the abstract and the conclusions if not interested in the technical stuff. Pictures are understandable. Digital look-alikes are disinformation weapons in wrong hands. Disinformation weapons technology thesis? Yeah, probably that.

finding the specular and the diffuse components of the light
Image 4: Separating specular and diffuse reflected light
Normal image in dot lighting (a)
Image of the diffuse reflection which is caught by placing a vertical polarizer in front of the light source and a horizontal in the front the camera (b)
Image of the highlight specular reflection which is caught by placing both polarizers vertically (c)
Subtraction of c from b, which yields the specular component(d)
Images are scaled to seem to be the same luminosity.

 

 

 

 

 

ByJuho.fi now hosted with renewable electricity

Hosted with renewables at shellit.org in Björneborg!

Also the hosting people TransIP B.V. in Netherlands (Consumium.org Free Social Media are hosted there) run on renewables so effectively all production servers are now running on renewable electricity. I gonna ask the Esbo and the Lithuania hosting people to join in.

The hosting company uses only renewable electricity in its services
This site is proudly hosted with renewable electricity

Kansalaisaloiteluonnos: Salamallintamisen kieltäminen

Kansalaisaloiteluonnos salamallintamisen kieltämiseksi

Salamikä?!??!

00-luvun alkupuolelta lähtien on tullut (lähestulkoon) mahdottomaksi erottaa liikkuvissa ja liikkumattomissa kuvissa mikä on ihmisen kuva joka on kuvattu (elokuva)kameralla ja mikä taas on simulaatio/mallinne ihmisen kuvasta joka on kuvattu simulaatiolla kamerasta.

Kun kameraa ei ole olemassa mutta simulaatiolla kuvattava kohde näyttää erehdyttävästi ihmismuotoiselta on kyseessä digitaalinen kaksoisolento (digital look-alike).

Nyt sama on käymässä meidän äänillemme eli ne kyetään varastamaan esim. Syksyllä 2016 esitellyillä prototyypeillä Adobe Voco:lla tai DeepMind WaveNet:illä ja laittaa sanomaan mitä tahansa. Kun ihmiskokein ei pystytä enään eroittamaan mikä on ihmisen ääni ja mikä simulaatio ihmisäänestä on kyseessä digitaalinen kaksoisääni (digital sound-alike)

On siis aika toimia ja kieltää salamallinnus.

9 images showing various techniques on a model derived interactively from a single photo

Kuva : Muovattavan mallin sovittaminen yhteen ainoaan kuvaan (1) tuottaa 3-D approksiaation (2) ja tekstuurikaappauksen (4) 3-D malli renderoidaan takaisin kuvaan lihonneena (3) laihtuneena (5) ilmeensä nyrpistäneenä (6) ja pakoitettuna hymyilemään (7)
Kuva 1. Copyright ACM 1999 – http://dl.acm.org/citation.cfm?doid=311535.311566 – Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page.

Splitting reflected light to diffuse and specular components was not complicated
Original image Copyright ACM 2000 – http://dl.acm.org/citation.cfm?doid=311779.344855 – Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page.

Elokuvasaleissa olemme voineet nähdä digitaalisia kaksoisolentoja jo reilusti yli kymmenen vuotta. Näillä digitaalisilla kaksoisolennoilla on “vaatteita” (simulaatio vaatetuksesta ei ole vaatetusta) tai “supersankariasuja” sekä “superpahisasuja”, mutta valitettavasti organisoituneet rikollisliigat joilla on tämä asekyky käytössään levittävät sameassa internetissä tuhoisin seurauksin alastomia digitaalisia kaksoisolentoja ja epäluonnollisesti niiden välisiä “fyysisiä” vuorovaikutustilanteita. Nämä teollisesti tuotettavat harhat aiheuttavat inhimillistä ja yhteiskunnallista kärsimystä ja niiden kiellettävissä olevat osaset tulisi kieltää lailla kansalaisten suojelemiseksi rikollisliigojen mielivallalta.

Anekdotaalisesti voidaan todeta: “Luulet(te)ko että tuo oli Hugo Weavingin vasen poskiluu jonka Keanu Reeves löi sisään oikealla nyrkillään?” (Video linkitetty alempana, skrollatkaa)

Katsaus nykyiseen asiaa sivuavaan lainsäädäntöön

Suomen lain Rikoslain 24 luku Yksityisyyden, rauhan ja kunnian loukkaamisesta sisältää salamallintamisen tuhovaikutuksia sivuavia pykäliä muttei valitettavasti anna ongelman ratkomiseen virkavallalle tarpeellisia välineitä.

  • § 6 Salakatselu
  • § 7 Salakuuntelun ja salakatselun valmistelu
  • § 8 Yksityiselämää loukkaava tiedon levittäminen
  • § a 8 Törkeä yksityiselämää loukkaava tiedon välittäminen
  • § 9 Kunnianloukkaus
  • § 10 Törkeä kunnianloukkaus

Lakiehdotus salamallintamisen kieltämiseksi

§1 Ulkonäön salamallintaminen.

Ihmisen kolmiulotteisen mallin sekä tälläisestä muodostetun 7-ulotteisen¹ kaksisuuntaisen heijastavuusjakaumafunktiomallin tai vastaavan mutta teknisesti erilaisen mallin salaa hankkiminen eli ulkonäön salamallinnus sekä tälläisen mallin hallussapito, ostaminen, myyminen, luovuttaminen, maahantuonti ja -vienti ilman kohdeihmisen suostumusta on rangaistavaa.

§2 Salamallien projisoinnista ja näiden saataville tuottamisesta.

Pykälän yksi määrittämistä salamalleista projisointi sekä liikkumattomiksi että animoiduiksi 2-ulotteisiksi kuviksi tai stereokuviksi² sekä tälläisten saataville tuottaminen on rangaistavaa.³

§3 Ihmisäänen salamallintaminen.

Sellaisen ihmisen äänen mallin⁴, joka erehdyttävästi muistuttaa ihmisen ääntä, hankkiminen, hallussapito, ostaminen, myyminen, luovuttaminen, maahantuonti ja -vienti ilman kohdehenkilön lupaa on rangaistavaa.

§4 Ihmisäänen salamallin käytöstä.

Ihmisäänen salamallin pohjalta luodun audiomateriaalin generointi ja saataville tuottaminen on rangaistavaa.


  1. Seitsemän ulottuvuutta ovat seuraavasti: 3 karteesista X,Y,Z sekä 2 valon tulokulmalle ja 2 lähtökulmalle. Enlanniksi termi on “Bidirectional reflectance distribution function”, BRDF. Lisätietoa tutkielmassani joka linkitetty kohdassa “lisälukemista”. Kanavia on kolme R, G ja B joilla voidaan muodostaa teoriassa kaikki mahdolliset valot.
  2. Elokuvateatterikielessä ns. “3-D”. Todellisuudessa ulottuvuus lienee ilmaistava vain 2 kpl 2-ulotteisia tasoja.
  3. Hallussapitäjiä kehoitettaisiin lähinnä ottamaan apua vastaan eikä kriminalisoida.
  4. Kts. esim Adobe Voco ja DeepMind WaveNet. Ei vielä julkisesti kuunneltavana.

Pohjimmaiset saatesanat

Se saattaa olla seitsemänulotteinen ja me ollaan suunnilleen neljässä ulottuvuudessa mutta ne ei pääse siitä 2-D projektiosta ulos jos ei me päästetä sitä enään. Onko täällä kenelläkään mitään poliittista tahtoa yrittää tehdä tälle mitään?


Katseltavaa (vakavasti)

Katseltavaa (enemmän viihteellä)

Lisälukemista


Tämä blogipostaus on Heinäkuun päivitys KANSALAISALOITTEEN laatimista varten. Kun kansalaisaloite on syötetty järjestelmään ei sen sisältöä voi lain mukaan enää muokata joten aloitteen saaminen mahdollisimman hyväsisältöiseksi on elintärkeää ihmiskunnan suojelemiseksi ihmiskunnan pahuudeltaltaan ja tietämättämyydeltään. Kun aloite on jätetty on aloitteen tekijöillä (varaedustaja tarvitaan, frendit voi ilmoittautua vapaaehtoisiksi) on kuusi kuukautta aikaa kerätä ne muut 49 998 allekirjoitusta jolloin eduskunnan on PAKKO käsitellä aloitetta. Mikäli tätä määrää ei saavuteta on kuinkin aloitteentekeminen askel siihen suuntaan että tämä nykyajan teollinen saasta saadaan päivänvaloon ja yhteiskunnalliseen, sekä toivottavasti lainsäädännölliseen keskusteluun mukaan. Aktivoidu ja levitä sanaa.