Noteworthy Debian Trixie/Sid changes June 24 2023

As expected, the second week of Trixie development was a lot more quiet than the first week.

KDE Frameworks was updated from version 5.103 to 5.107. While this has little visible changes, these are libraries which lay the foundations for improvements and bug fixes in KDE applications.

KDE Gear apps Neochat (a Matrix client), Elisa (a music player), Dragon Player (a movie player), Filelight (a disk space visualizer) and Spectacle (a screenshot application) were updated to the 23.04 release. Spectacle has gotten a complete redesign of the user interface and supports screen recording on Wayland.

The QT based display manager sddm version 0.20 now has experimental Wayland support and has enabled HiDPI scaling by default.

The AV1 encoder and decoder svt-av1 was updated to version 1.6.0. This brings once again performance and quality improvements.

Other upgraded packages in sid include Homebank 5.6.5, Deluge 2.1, GNOME Music 44 and many others.

Noteworthy Debian Trixie/Sid changes week 1 (June 11 – June 17 2023)

A long time ago, I used to regularly post an overview of noteworthy changes in the Mandriva development version. For years now I am using Debian testing though. With the release of Debian 12 Bookworm, I though it could be interesting to keep track of noteworthy changes in the upcoming Debian version, Trixie.

I will be tracking sid trough the debian-devel-changes maling list. Usually about 10 days after a package entered sid, it should move to testing, at least if there are not important bugs in the package. The selection of which packages I mention here, is very personal. I will try to cover important changes for both desktop and server packages, but this list will never be complete. If you noticed an interesting change not mentioned, feel free to add a comment to this article.

I’m not sure whether I will make this kind of post regularly without interruption, but let’s see where this goes.

The first week of development, saw a huge amount of packages updated to the latest upstream versions. Some of these were already available in Experimental for some time. Let’s dive in.

Kernel, hardware support, low-level libraries

The Linux kernel was updated to the 6.3 series, coming from 6.1 in Bookworm. I refer to kernelnewbies.org for a complete overview of what’s new in Linux 6.2 and Linux 6.3, but I can mention BTRFS performance improvements in both versions (including discard=async being default on SSDs with TRIM support, performance improvements if you are using an Intel Skylake CPU and add retbleed=stuff to the kernel options and the usual driver improvements which improve hardware support, for example for the current Intel Arc GPUs. If you have an AMD processor with at least the Zen2 microarchitecture, you can enable the new amd_pstate_epp frequency scaling driver by adding the kernel option amd_pstate=active.

btrfs-progs has been updated to version 6.3.1. The major change in the 6.3 series is that block-group-tree is out of experimental mode. This will reduce the mount time of BTRFS file systems. You can enable this on an existing file system with the command

btrfstune --convert-to-block-group-tree <device>

Developers warn to be careful, because there might still be bugs.

The Mesa 3D drivers were upgraded from version 22.3.6 to 23.1.2. You will want to upgrade to this version if you are using an Intel Arc GPU because there have been many bug fixes. Also new in Mesa 23.1 is OpenCL support for AMD GPUs using rusticl.

power-profies-daemon version 0.13 entered Debian Sid. It adds support for the amd_pstate_epp driver which can be activated in Linux 6.3.

Tthe LLVM based Fortran compiler Flang is now available in Debian as the package flang-15. LLVM 16 is available in sid. Clang 16 and libc++ 16 are only available in experimental at this time and version 15 is still the default version in sid.

Server and virtualization

Samba 4.18.3 brings some performance improvements relative to version 4.17.8 in Bookworm.

Qemu was updated to 8.0.2. The 8 series brings various improvements, but maybe the most important thing to mention is that virtiofsd, a daemon which allows you to share directories on the host with guests, is not included in the qemu package any more. If you use this, you will need to install the new virtiofsd package which contains a new implementation in Rust.

Desktop

LibreOffice is now at version 7.5.4. The 7.5 series bings improved dark mode support, new application icons, nicer default table styles in Draw and Impress and other various improvements. See the release notes and the New Features in Libreoffice 7.5 video for more information.

This week we saw the first GNOME 44 packages enter sid. gnome-backgrounds 44 brings you new desktop wallpapers and evolution 3.48 brings lay-out improvements. If you don’t like the headerbar layout, you can disable it and switch back to the traditional toolbar.

New in Debian is the gdm-settings package. It lets you configure the GDM login manager and change its appearance through a user friendly user interface.

NetworkManager-openconnect 1.2.10 finally adds support for Single Sign-on implementations using SAML on the Cisco AnnyConnect and Palo Alto GlobalProtect VPNs. Unfortunately it does not seem to work for Pulse/Juniper. I have opened an issue for that, and in the meantime I use openconnect-pulse-gui.

The Transmission Bittorrent client 4 has moved from C to C++, uses less CPU and memory and has support for the Bittorrent v2 protocol, amongst other improvements.

The first KDE Gear 23.04 applications are now being uploaded to sid. Now in the repositories is the KDE Mastodon client Tokodon. Gwenview (supports pinch gestures to zoom in Wayland mode), Ghostwriter (automatic language detection for the spellchecker) and the Falkon web browser (dark colour scheme support) were updated to 23.04.

Tellico, the application which helps you to keep track of your music, movie and other collections has support for new data sources and improved support for existing data sources and has reports with an image grid.

Thhe dav1d AV1 video decoder was update d from 1.0 to version 1.2.1. This version brings many performance improvements thanks to new SIMD code. Also the svt-av1 encoder and decoder was updated to version 1.5.0, also adding some optimizations.

There are plans to remove the old SDL 1.2 packages, replacing them by SDL12-compat (Debian package libsdl1.2-compat-shim) which implements SDL 1.2 using the SDL 2. Version 1.64, which entered sid, added compatibility for some old games, such as Sid Meier’s Alpha Centauri and others.

Science, education and technical tools

GNU Octave 8.2 brings improved Matlab compatibility, the GUI has dark mode support and various other improvements.

The R statistical computing programming (package r-base) 4.3.1 (was 4.2.2 in Bookworm) brings many new features.

Labplot 2.10 comes with many new features, improvements and performance optimizations in different areas, as well as with support for new data formats and visualization types.

People who are into geographic information systems will by happy with the QGIS update. Version 3.28 introduces many improvements. Look at the changelog for more details.

The Electronics Design Automation Suite kicad has been updated to version 7. I don’t know anything of this kind of software, but the release announcement lists a large number major of improvements.

Others improvements

There are too many changes to list here in detail. I mention updated Pipewire 0.3.71, Wireplumer 0.4.14, GStreamer 1.22.3, Opus 1.4, Gajim 1.8.0, OpenJDK 20, Phosh 0.28.0 and much more.

Conclusion

The first week of Trixie development saw a huge amount of software enter Debian sid. This is of course due to the backlog of all new upstream versions which could not be submitted during the Bookworm freeze, are now all trickling in now. Some of these packages were already in Experimental.

My personal favourites are Linux 6.3 which now allows me to use the amd_state_epp driver and Evolution 3.48, which has an some improvements to the UI which I like a lot.

Now that the first flood of new packages have arrived, things will probably calm down a bit, also because of the upcoming summer and holidays in the northern hemisphere. But I guess we will see more of GNOME 44 and KDE Gear 23.04 entering sid soon.

Alternatives for the net-tools utilities

Many modern distributions, like for example the upcoming Debian 12 Bookworm, do not install the package net-tools by default. This package contains popular utilities like ifconfig, route, netstat, arp and mii-tool. In this post I give alternatives for these utilities. You can of course just install the net-tools package if you prefer to keep using these commands.

ifconfig

To see the current network configuration:

$ ip addr

To see the currrent configuration for one specific interface, for example enp25s0:

$ ip addr show enp25s0

To add a static IP address to a network interface

$ ip addr add 192.168.10.2/24 dev enp25s0

Replace add by del to remove an IP address.

route

To see the current route table:

$ ip route

To set the default gateway:

$ ip route add default via 192.168.10.1 dev enp25s0

netstat

The ss command lists all open sockets. Some interesting options:

-ashow both open and listening sockets
-lonly show listening sockets
-pshows the process using the socket
-tshow only TCP sockets
-ushow only UDP sockets
-rresolve all IP addresses

To see all open and listening sockets on the system:

$ ss -a

To see all listening TPC and UDP ports:

$ ss -plut

arp

Display the contents of the ARP table:

$ ip neigh

mii-tool

Show the status of an Ethernet interface:

$ ethtool enp25s0

The rise of Mastodon and the fall of Twitter

Since Elon Musk has taken over Twitter and has fired thousands of employees, the Mastodon social media platform has seen a huge influx of new users: more than 1 million people people joined Mastodon since Musk took over Twitter. Stephen Fry is one of the most famous people who made the move. People cite fear that Twitter will become even more toxic because of the more tolerant moderation announced by Musk. Indeed, many newcomers on Mastodon praise the more relaxed atmosphere with less attacks and controversies.

All the general media have written articles about Mastodon and the increasing popularity of it (CNN, BBC, Le Monde, Tagesschau, VRTNws,…) fueling the stream of people creating a Mastodon account even more.

For many people this is probably the first time that they realize what the risks are of one huge single commercial platform and now discover the advantages of an independent open network based on free and open-source software.

Mastodon dealing with the growth

In the meantime Mastodon server administrators are scrambling to increase the capacity of their servers. Fortunately also new administrators have stepped in and set up new servers to deal with the growth of the network. Even some organizations, like MIT, have already set up their own Mastodon server. There have been temporary slowdowns and outages of Mastodon servers, but all in all no fundamental problems. It looks like the network can deal with the huge influx and scales well on a technical level.

The question remains whether the social network will be able to prevent the problems that plagued Twitter and which at times made it an unfriendly and hostile environment where fake news and attacks were common. First of all, Mastodon has a few features which should help in preventing it in becoming a toxic environment. First of all, the timeline in Mastodon is purely chronological. Unlike Twitter, messages from people you are not following but which are liked by others, will not be pushed in your timeline by some vague algorithm. Only the people you follow, will determine what you get to see in your timeline, so you have much more control over this than on Twitter. Mastodon does not have a quote feature like Twitter. The Mastodon creator deliberately decided not to implement a quote feature, because it stimulates toxic behaviour. And Mastodon does not prominently show in the timeline how many times a toot has been boosted, marked as favourite and how many answers it got, which reduces the drive to maximize boosts, favourites and answers. By default search engines will not index your messages on Mastodon, making it much harder for people with bad intentions to search your old messages. The usage of Content Warnings is pretty common on Mastodon and helps hiding controversial content from people not interested in them.

Will this be enough to prevent trolls from dominating the platform? I dare to doubt that. Up to now, very little news media and politicians are present on Mastodon. Often messages from these accounts, trigger negative reactions and toxic behaviour. I can imagine things will become more difficult once more politicians and their fan base and news media start posting on Mastodon.

Much will depend of the instance moderators and also of the choices all people on Mastodon make themselves. First of all, every instance has its own set of rules and its up to the moderators to enforce them. For example see the rules for some Mastodon servers: Fosstodon, mastodon.social, mastodon.art, mastodon-belgium.be. Some instances have more strict rules, while others have more vague rules. I think in the future we will see some instances adapting their rules in order to deal with certain problematic situations. People joining Mastodon should properly take into account the rules when choosing an instance: if you want to minimize the risk of trolling, choose an instance which has an explicit zero-tolerance policy against such behaviour. If you are not happy with how your instance deals with annoying behaviour, you can always move to another Mastodon instance.

Then of course the question remains whether moderators will be able to enforce the policy in practice. Will there be enough moderators to do all the work and will they dare to intervene and block people? And what will they do with people who stay in the grey zone, who strictly speaking don’t break the rules but create a negative atmosphere?

Server moderators are only responsible for their own server, so trolling can still happen from other instances. However, the administrator of an instance has the option to completely block other instances. On the web pages with the server rules mentioned above, you can also see which servers are blocked by this instance and for which reason. So there’s again a big responsibility here for the instance admins: will they dare to completely block instances which have a lax policy and are too tolerant against abuse?

But the administrators and moderators will not be able to solve all problems. A huge responsibility falls also on the shoulders of the users themselves. How will people react when politicians start launching controversial ideas on Mastodon? If people start fueling controversial discussions, for example by posting screenshots of controversial ideas, together with indignant remarks, this will only spread the message to others, including to people who don’t want these messages and will only annoying them. People on Mastodon do have the tools to protect them against such annoyances: just like on Twitter, you can mute and block people, and there are also filter options which allow you to hide all posts containing certain words.

It will be up to all the people on Mastodon to use all these options wisely to prevent heated discussions, attacks and annoyances leading to a negative atmosphere like on Twitter.

The future of Twitter

In the meantime, some people on Twitter closed their account after they became active on Mastodon. Several companies decided to pause advertising on Twitter because of uncertainty and fear that Twitter would become a platform with problematic content due to Musk scaling back content moderation. Twitter Blue, a plan where anyone could get a Verified check for $8 per month, caused a dumpster fire. It lead to a flood of fake verified accounts impersonating famous people (including Musk), politicians and companies. This even has consequences outside of Twitter: the stock of the pharmaceutical company Eli Lilly and Company went down after a fake account posted on Twitter that insulin would become free and it lost 15 billion in valuation. Because of all the confusion, Twitter Blue has been suspended. Some people complain about an increase of spam on Twitter. Thousands of people have been fired and top executives responsible for security and moderation on the platform, have resigned. It is clear that Twitter is in a deep crisis. The current mess will only make companies doubt even more about spending money on the platform.

It’s hard to say how this will end. Twitter has huge problems, but in spite of this, I think that it is too big to fail. At least for now. What’s for sure is that many people now have a real choice: a proprietary platform which is ruled by someone whose impulsiveness causes havoc and which is at times unfriendly and hostile, or an open platform in hands of the community and with stricter moderation and a more friendly atmosphere. Mastodon is growing and it looks like the growth is sustainable, even though currently it is still much smaller than Twitter.

I would not be surprised that somewhere in the future Twitter would implement the ActivityPub protocol and so it would become part of the Fediverse. That way they could give companies access to people who fled to Mastodon. Many companies however have invested a lot in Twitter and use it to promote content of their own websites to the public or for customer support. For this they often use specialized software, often integrating in their own website CMS. Unless these software tools are adapted for Mastodon, it will be hard for such companies to move to Mastodon. So for big brands, Twitter definitely still has an advantage. However the question is whether companies will still have faith in Twitter.

How to follow this blog

Now that Mastodon and the Fediverse are getting a big influx of new users, I thought it would be worthwhile mentioning that you can follow this blog on the Fediverse. Just search for @frederik on your favourite Fediverse server and you should be able to follow this blog.

If you are not a fan of social media, you can subscribe to the RSS feed of this site: https://blog.frehi.be/feed/. You will need an RSS aggregator on your system, such as Thunderbird, NewsFlash (GNOME), Akregator (KDE), Feeder (Android), NetNewsWire (macOS, iOS). There are also web-based solutions available. Web-based feed aggregators which you can install on your own server are TT-RSS, Nextcloud News. Feedly is a popular proprietary web-based solution, but as usual the problem is that this limits your privacy, and makes you depend on a commercial party.

Updating HP BIOS firmware from Linux

I have an HP Elitebook 845 G8 laptop. I wanted to update the BIOS/UEFI firmware to the latest version. This is important because firmware updates include essential security fixes.

On Linux you can use the LVFS (Linux Vendor Firmware Service) to easily install firmware updates with the fwupd utility or any of its graphical front-ends (such as GNOME Software or KDE Discover). Dell and Lenovo offer firmware updates for many of their systems via LVFS, however HP only has a very small number of firmware updates available on LVFS.

Fortunately it is possible to install firmware updates without having Windows installed, but it’s a bit more manual work. Here I will explain how I managed to update my Elitebook 845 G8, but this should work for most recent HP laptops and desktops.

First you need to download the firmware update for your system. Use your favourite web search engine and search for the model name and add the word downloads to it, for example: HP Elitebook 845 G8 downloads. The first hit will probably bring you to the right page, in my case: https://support.hp.com/us-en/drivers/selfservice/hp-elitebook-845-g8-notebook-pc/38492638

If you don’t know the exact model of your system, use this command (as root):

# /usr/sbin/dmidecode | grep "Product Name"

On the HP downloads page, you will probably get a mssage that it was unable to find drivers for your product. Click on the link Choose a different OS and select any Windows 10 version. Now you will find the latest firmware for your system under BIOS-System Firmware. Click on Download. It will try to let you install a Windows Download and Install Assistant: click on No thanks, I will download and install manually to directly get the firmware file, which should have a name similar to sp138978.exe.

Once you have downloaded this file, we need to extract it. You can use 7-Zip for that. Make sure it is installed on your system:

# apt-install 7zip

Then we will make a directory and extract the firmware package in it:

$ mkdir /tmp/hpfirmware
$ cd /tmp/hpfirmware
$ 7zz x  ~/Downloads/sp138978.exe

If you don’t have the 7zz command, you can also use the 7z command instead.

You will see many files in the /tmp/hpfirmware directory, such as the History.txt file which you can read if you want to know which changes and bug fixes this update brings. The firmware itself is stored in a file with the extension .bin, in my case it’s named T82_01082000.bin.

To install this firmware, we have to copy it to a directory HP/DEVFW/firmware.bin in your EFI directory (this assumes that you are booting your system in UEFI mode and not in legacy BIOS mode). So as root run these commands from the /tmp/hpfirmware directory:

# mkdir -p /boot/efi/EFI/HP/DEVFW
# cp *.bin /boot/efi/EFI/HP/DEVFW/firmware.bin

Now reboot your system. In GRUB’s menu, choose UEFI Firmware Settings. You will get HP’s Startup Menu of which the last menu item is Update System and Supported Device Firmware. This should now automatically install the firmware update. This takes several minutes , and you screen will go blank during some time: don’t panic and let it run.

Using HTTP headers to protect your visitor’s security and privacy

Recently there has been a lot of controversy over Google starting to use Federated Learning of Cohorts (FLoC) in its Chrome browser. This new technique is used to track users without using third party cookies, but has severe privacy implications because it actually makes fingerprinting users easier and can reveal your interests to websites.

To prevent tracking by FLoC and other tracking techniques, there is only one good solution: stop using Google Chrome. The best privacy friendly browser is Firefox, especially if you set it to strict enhanced tracking protection. If you really need to use Chrome, then at least install one of the open source extensions which disable FLoC and Privacy Badger for other tracking protection.

As a website owner, you can also do something to protect your users. You can opt out your website to be included in cohort computation by sending the header Permissions-Policy: interest-cohort=()

This can be easily done for all your websites by modifying your Apache configuration. While at it, you should set some other security and privacy related headers, notably:

  • X-Frame-Options "SAMEORIGIN": this makes sure that browsers will not allow your website to be included in an iframe on another domain.
  • X-Content-Type-Options "nosniff": This will prevent the browser from trying to automatically detect the file type of a downloaded file instead of using the MIME type sent by the server. This can mitigate attacks where a hacker manages to upload a malicious file by giving it a filename which makes it look like a harmless file type which is then served to your visitors.
  • Referrer-Policy "no-referrer-when-downgrade": when a visitor clicks on a link, the browser will only send the referrer when it’s not going from a HTTPS to a HTTP connection. This is fine if your URLs don’t contain any private information. If they do, then consider using strict-origin-when-cross-origin, so that only your domain name instead of the complete URL is sent as referrer if people click on a link leading to an external website, or even same-origin, which prevents any referrer being sent to external sites. You should probably do this for an internal website, web application or wiki, webmail, etc. More information about Referrer-Policy

To set these in Apache in Debian, create a file /etc/apache2/conf-available/security-headers.conf with these contents:

<IfModule mod_headers.c>
   Header always set X-Frame-Options "SAMEORIGIN"
   Header always set X-Content-Type-Options "nosniff"
   Header always set Referrer-Policy "no-referrer-when-downgrade"
   Header always set Permissions-Policy: interest-cohort=()
</IfModule>

Then make sure the mod_headers module is loaded and this file is enabled by running these commands:

# a2enmod headers
# a2enconf security-headers
# systemctl reload apache2

Another important header to set in your SSL virtualhosts is the HSTS header: it ensures that the browser will automatically use HTTPS every time when connecting to the website in the future. Place this in your SSL enabled virtualhost:

<IfModule mod_headers.c>
   Header always set Strict-Transport-Security "max-age=63072000"
</IfModule>

Then you should also add this to your non-SSL virtualhost to redirect all visitors using HTTP to HTTPS:

<IfModule mod_rewrite.c>
   RewriteEngine on
   RewriteCond %{HTTPS} !=on
   RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
</IfModule>

Of course make sure mod_rewrite is enabled if that’s not yet the case:

# a2enmod rewrite
# systemctl reload apache2

You can check your server configuration on securityheaders.com. There you can also find more information about the headers Cross-Origin-Embedder-Policy, Cross-Origin-Opener-Policy and Cross-Origin-Resource-Policy, some other security related headers. Because they require more changes to your website to implement correctly, I’m not discussing them here.

More information

The truth about decentralized contact tracing apps like Immuni

Lees dit artikel in het Nederlands: De waarheid over gedecentraliseerde contact tracing apps zoals Coronalert

Too long to read? Skip to the conclusion.

Table of contents

Those that know me a bit, know that I think that privacy is very important. For this reason when they started talking about contact tracing apps for COVID-19 a few months ago, I thought this was an extremely bad idea. Having an app constantly tracking where you are and who you meet, is only something which you think is possible in undemocratic nations and dictatorial regimes. Something you expect in North Korea, China but not in European countries, where our privacy is supposed to be protected by the GDPR. And then what about the reliability of these apps? Bluetooth was never made for this. It would result in many false positives and negatives. No way I would ever install such an app.

That was at least my opinion a couple of months ago. Now my opinion about this matter has completely changed. Reading about decentralized solutions based on the Google and Apple Exposure Notification (GAEN) API and DP-3T, has completely changed my mind. I use the Italian contact tracing app Immuni and I am willing to use a similar decentralized app from any country where I am staying.

DP-3T

Decentralized Privacy-Preserving Proximity Tracing or DP-3T is an open protocol developed by different universities amongst others ETH and EPFL from Switzerland, KU Leuven from Belgium, Tu Delft from the Netherlands.

This comic shows a simple explanation of how it works.

Comic describing the DP-3T protocol

Technically speaking, every day a new random seed (based on the seed of the day before) is created on every user’s phone, and this daily seed is saved on the phone for 14 days. From this seed are derived ephemeral identifiers (EphIDs). These EphIDs change several times an hour.

EphIDs are exchanged with other users of the tracking app by Bluetooth Low Energy (BLE) and every phone saves the EphIDs he received locally on the phone, together with the date and the attenuation of the signal, which can be used to estimate the distance.

When a user is tested positive for COVID-19, this user can, with the help of authorized health personal, upload the seed of the first day he was contagious, to a central server. All previous daily seeds are deleted from the infected user’s phone, and a completely new random daily seed is created, so that he does not become trackable in the future.

All other app users regularly download a list of all daily seeds of all contagious users from the central server and they can derive all EphIDs from them. The app compares all these EphIDs with the list of stored EphIDs which they met recently. Based on the amount of matching EphIDs the app can calculate how long the two have seen each other and based on the stored attenuation it can estimate the distance. If they were longer than a certain time within a certain distance, a warning will be given to the user that they were exposed to a contagious user, with instructions on what to do.

More details can be found in the DP-3T white paper.

Apple/Google Exposure Notifications API

The Google/Apple Exposure Notifications API (sometimes abbreviated as GAEN) is an API created from a joint effort by Google and Apple and enables the creation of decentralized contact tracing apps. This API, which is based on the principles of the DP-3T protocol described above, can only be used by apps approved by Google and Apple (only one per country, and created by official healthcare instances). Only decentralized contact tracing apps which do not collect any location information can get approved.

Apple by default does not allow background apps to use Bluetooth, except for approved contact tracing apps using this API. This means that on Apple iPhone, this API is the only way to create a reliable contact tracing app. Apps which don’t use this API, such as the StopCovid France app, have to apply work-arounds to keep the app waking up in the background, making them potentially less reliable and draining the battery more.

The DP-3T framework has since been modified to make use of the Exposure Notifications API.

Some of the apps currently available using the Google/Apple Exposure Notifications API are SwissCovid (Switzerland), Immuni (Italy), Corona-Warn-App (Germany).

The source code of the implementation of the framework for Android and iOS of the API were published the second half of July 2020.

Frequently Asked Questions – Debunking some myths

These apps appear to be the subject of deliberate fake news campaigns or at least emotional reactions resulting from a lack of understanding of how they work. Here I will try to address some questions.

Will these apps violate my privacy? Will the authorities know who I meet and where I am, what I do?

The applications based on the Google Apple Exposure Notification API do not know any personal information about the users: they don’t know your name, your phone number, where you live, or any other personal data. They also do not collect location data, so they don’t know where you are.

The only thing these apps do, is exchanging anonymous codes with other people in your neighbourhood. These codes change multiple times a day, making it impossible to keep tracking you.

The exchanged codes are only stored on your own phone and not in a central database. So there is no way for the authorities to know how many people and who you met.

Contact tracing apps usually apply even more extensive kinds of measures to protect security and privacy: for example dummy uploads are done in order to prevent network traffic analysis revealing a positive test, CA or certificate pinning to prevent MITM attacks, etc…

This is not a mass surveillance tool or Big Brother, as some try to let you believe.

How can I be sure that the app really works as promised and really does not collect and send private information?

These apps are usually open source, which means you can check the code to see how they work and what they do exactly. Even if you personally don’t have the knowledge to check the code, rest assured that there are enough experts taking a look at this, and will shout loudly when something is wrong. It has to be said: the only ones shouting loudly about these apps are politicians and activists who clearly have never looked at the source code, nor at the documentation. For example code reviews of Coronalert and Immuni have found these apps do live up to their privacy claims.

Here are some links to the source code of the different apps and their documentation:

On the issue tracker of these apps you can report problems and ask questions.

Also the source code of the Exposure Notifications framework, used by these apps, is available:

Why should I trust Google and Apple, who have a bad track record in privacy?

Actually Google and Apple don’t even need this API to track you. If you are running a phone running iOS or Android with Google Play Services, you actually already have much larger privacy problems than these decentralized, open source contact tracing apps. The same if you are using any of Facebook, Twitter, Instagram, TikTok, NetFlix, Spotify, FaceApp, Tinder. These do know your name, your location, your interests, your friends, and this without this API. Decentralized contact tracing apps, do know much less than any of these apps. This picture compares the different permissions SwissCovid, Facebook and Whatsapp can request.

That being said, there is now a way to run these contact tracing apps without using any Google services on your phone. The microg project now includes its own completely open source implementation of the Exposure Notification API. It can be installed on an Android distribution like LineageOS. It is confirmed that SwissCovid and Immuni work with microg’s implementatoin of the API, probably other apps do too. This way you can run these applications without having to rely on any of Google’s or Apple’s proprietary binaries.

Why does this app require Location setting to be enabled on my Android phone if no location information is collected?

To scan for nearby Bluetooth devices on Android the Location setting needs to be switched on because Bluetooth scanning can in theory be used to determine your location. For example this is used by navigation apps to determine your location in underground tunnels. In reality, apps making use of the GAEN API are not allowed to request your location. It can be verified in the source code of the app that at no time it determines your location. In Settings > Location > App permission you can still disable location access to apps. In Android 11, which came out in September 2020, it is noe required any more to have Location enabled on your device in order to use contact tracing apps based on the Exposure Notification API.

Will this app give me a warning every time an infected person passes nearby, resulting in many false positives?

The apps will only give warnings when certain conditions, usually defined by the government based on epidemiological data, are satisfied. For example, the Italian Immuni app will give a warning when someone is standing within a distance for 2 metres for at least 15 minutes. The SwissCovid app requires a 15 minute contact within 1,5 metre distance. Coronalert will show you also low-risk exposures in the app, however only in case of a high-risk exposure (at least 15 minutes within 1,5 – 2 m of distance) will result in a red screen and an explicit exposure notification. Only in this case a test and quarantine is recommended.

The distance is estimated from the attenuation of the signal. Unfortunately, attenuation will depend on lots of parameters, such as the the phone model being used and the direction in which it is hold, etc. Google adds a per device correction value to the attenuation so that values should be similar between different devices. The thresholds being used are based on experiments in different environments and can be modified in the future in order to lower false positives and negatives. Immuni for example uses an attenuation threshold of 73 dBm.

So no, contact tracing apps are not going to give you a warning when anyone who shortly passed nearby, is tested positive. Only when reasonable thresholds are exceeded, you will get a warning. Nevertheless, false positive and false negatives are possible. Authorities also realize this, and view the tracing app as a support tool for tracing, but not as a complete replacement for manual contact tracing. A contact tracing app also does not replace a diagnostic test.

Are these apps useful if not everyone or at least a large part of the population downloads them?

Contact tracing apps are certainly useful, even if only a part of the population uses them.

A highly quoted article from Oxford University states that if 60% of the population installs the contact tracing app, this can completely stop the epidemic. However what is often not quoted is the next part of the phrase: “even with lower numbers of app users, we still estimate a reduction in the number of coronavirus cases and deaths.” They estimate that that one infection will be averted for every one to two users.

So even much lower numbers than 60% are useful to help flattening or crushing the curve, saving lives.

Will this drain the battery of my phone?

By using Bluetooth Low Energy, battery consumption should be limited. Bluetooth Low Energy was created specifically for low energy consumption and is also being used to connect to smartwatches and wireless headphones. Battery consumption should be less than 5% in the worst case, if you otherwise did have Bluetooth completely disabled.

Do I need to install another app when I go abroad?

With support of the European Union, a gateway service has been built that allows the exchange of keys of infected persons between European countries. The 19th of October 2020 the Italian (Immuni), German (Corona-Warn-App) and the Irish app (StopCOVID Tracker) started using this. It is planned that other decentralized contact tracing apps of the European Union will connect to this this gateway too, for example the Belgian Coronalert will add support in November.

However note that keys can never be exchanged with the StopCovid France app because this one uses a centralized system instead of the decentralized DP-3T.

What do experts say about these apps?

First it’s important to repeat that DP-3T, and hence the Google/Apple Exposure Notifications framework based on it, were designed by academics from universities in different countries. Prof. Bart Preneel (KU Leuven), cryptographer, who contributed to the DP-3T framework, says that “for once, Google and Apple are on the right side of privacy“.

The British Information Commissioner’s Office (the national data protection authority) “believes the CTF (Google/Apple’s contact tracing framework) is aligned with the principles of data protection by design and by default, including design principles around data minimisation and security.”

In a report from prof. Douglas Leith (Trinity College Dublin), analysis of network traffic of contact tracing apps was done. He concludes: “We find that the health authority client apps are generally well behaved from a privacy point of view, although the privacy of the Irish, the Polish and Latvian apps could be improved.” They criticize the closed source nature of the Google/Apple Exposure Notifications framework though and the fact that Google Play Services sends private data to Google (something which happens on any Android phone having Google Play Services installed, irrespective of the presence and usage of this framework). Update 23 July 2020: the source code of the framework itself is now available.

The biggest criticism of the framework appears to come from prof. Serge Vaudenay, cryptographer of EPFL. He complains about the closed source nature of the GAEN, and the fact that some attacks are possible. There is an answer by the DP3T team to one of his papers. Update 23 July 2020: the source code of the GAEN framework itself is now available.

Conclusion

Forget all conspiracy theories and emotional objections by privacy activists who never looked at how these apps work: open source decentralized contact tracing apps making use of the Google/Apple Exposure Notification API are not Big Brother, no mass surveillance instrument. The protocol has been developed by academics specialized in security and privacy in IT and the source code of the apps can be verified by anyone. Extensive documentation describes the working of the apps and what is being done to protect the privacy of the users. By using anonymous ephemeral IDs and not collecting any location information, these contact tracing apps know less from you than the average social network app or your phone’s OS itself, so if you are worried about privacy, you have more important things to look at.

Contact tracing apps can be very useful in combating this epidemic, also if only a small part of the population is using them. For me it’s simply a matter of responsibility installing these apps: to protect others, to protect our society and economy and in the end to get protected myself by others using the app.

Further information

History of this article

Update 23 July 2020: Added links to the source of Google and Apple Exposure Notifications framework – Added info about Belgian contact tracing app in development – Added link to picture comparing permissions requested by SwissCovid, Facebook and Whatsapp

Update 6 September 2020: Added question about Location requirement on Android phones

Update 19 September 2020: Added link to source code of Belgian Coronalert app – Added info about an Expsore Notifications API implementation in microg, enabling you to run these apps without Google services

Update 4 October: add information about EU gateway service

Update 19 October: EU federation gateway service in use by 3 apps

Teufel Connector review

Already for some time, I was thinking of buying a music streamer to connect to my hifi set in order to listen to my audio cd collection I ripped to my computer (using whipper, and tagged with Musicbrainz Picard). Because I have many mix albums, gapless playback support is important. I would prefer a very broad codec support, at least including FLAC and Ogg Vorbis but by preference also Opus. Because the proprietary applications by the music streamer vendors don’t always get very good reviews, I would like to be able to control them with a third party app like BubbleUPNP, still with gapless playback. And of course I don’t want to break the bank too much.

I recently thought I found the perfect device for that: the Teufel Connector. Because of a sale I could buy this streamer for less than 140 €.

The Teufel Connector is a little box, unfortunately not being of the same size as a standard hifi component. It does not have a remote control and it also does not have a display, so the only way to control it is via the Raumfeld app on your smartphone or tablet. You can connect it via Ethernet or wifi. It does have analog and digital optical outputs, and features also analog inputs, which allows it to stream any other audio device to other multi-room Raumfeld devices in your house.

Setup

The Raumfeld app guides you through the setup process. In contrast to some information I read on the Internet, I did not have to connect my device with an Ethernet cable to set it up: you can immediately set it up to connect to your wifi network via your smartphone. I had some trouble that when I entered the wrong wifi password, not only did I have to restart the device in order to restart the startup procedure, I also had to delete all data of the Raumfeld app in order to get back to the setup screen. Maybe there is another way, but apparently this was not very intuitive. In the end I managed to set it up and the device became available.

The Raumfeld app

Playback from UPNP/DLNA server

Adding a remote UPNP/DLNA server to the Raumfeld app can be done through the app’s settings. It should list all UPNP servers, so you just have to pick it from a list. All music will then appear in the My Music part in the application.

It properly shows the album art, even if they were not saved in the music files or directory. However a serious problem shows up: it does not properly show albums containing tracks by different artists, such as compilations. Even though the Album Artist tag is correctly set (e.g. to Various Artists for compilations) Raumfeld will not create one album which contains all tracks. Instead it will create a different album with the same name for every single different artist on the disc. Obviously this is a huge problem, because it makes it impossible to play back entire compilation albums in one go. There is a tab Directory Structure in the app, but when trying to browse the directory structure of the server, it states that browsing is not available for remote music servers. So this is not an alternative either to browse albums correctly.

Playback from SMB server

So if Raumfeld does not show albums correctly when accessing them via UPNP, does it do any better when accessing them through SMB?

Adding an SMB share happens again through the app’s settings. The app never mentions SMB but only uses the term “network sources”, so this was a bit confusing. You have to enter hostname or IP address, username and password, and then you will be able to select the share you want to use. Adding your library via SMB takesa much longer because now all files have to be indexed by the Connector itself, while with UPNP this is done server side.

The good news is that this time, the problem with the compilation albums does not occur. What I don’t like however, is that albums containing multiple disks are still shown as multiple albums, one for each disk. The first disk just has the album name, the second one the album name followed by [disc 2], and so on. This way, playing a complete album requires a manual action again to switch discs, which is a pity. I would have preferred them to be shown as one album, with a division between the different discs in the track listing. Gapless playback works fine.

Several times while playing it would all of a sudden randomly switch to another track. This seems to happen especially while it’s scanning the music on the SMB source. This is very annoying and a serious bug which needs to be fixed. When it has finished scanning, this problem does not occur any more. In the app, you can set it to scan automatically every day, or to scan only when you manually ask it do so. Anyway, scanning your library is needed when you added new music files, so this is a huge problem if your library is not static. I contacted support for this problem, and they even do not consider this to be a bug. They blame the wifi network, and tell me that it probably would not happen if I would play MP3 files instead of FLAC. This seems complete nonsense to me: while scanning the music files, there is about 120 KB/s traffic between server and Connector, and when simultaneously playing a FLAC file it would jump occasionally to less than 2 MB/s. With the server connected by UTP to the router, and the Connector being less than 5 meters away from the router in the same room, bandwidth problems cannot explain this at all.

Playback from a local USB device

The Connector has a USB port to which you can connect an external disk. The Connector automatically indexes all music files and adds them to the library. I have not extensively tested this feature.

Playback of Internet streams

Raumfeld supports playback of a number of different Internet sources, such as Spotify, TuneIn, Soundcloud, Tidal and Napster. Maybe this is not the most complete offering of streaming services (for example Google Play Music, Amazon Music and Deezer are not there), but these other services can usually by accessed by means of Chromecast. More on that later.

TuneIn

For radio streams, TuneIn is used. You can check if your favourite station is included on the TuneIn website. If it’s not available, you can always add a custom stream in the Raumfeld app, but currently you need the beta version for that.

There is no way to link Raumfeld with your TuneIn account, so it is not possible to import your TuneIn Favourites in case you used TuneIn before.

Unfortunately many radio streams use a bitrate which is a bit too low for perfect quality. Of course this is not Teufel’s nor TuneIn’s fault, but keep this in mind in case you consider replacing your FM or DAB+ tuner by a network streamer.

Spotify

The Connector supports Spotify Connect, which means you can play Spotify music on your Connector directly from the Spotify app if you have a Spotify Premium subscription. I don’ t have such a subscription at the moment so I did not test it.

Soundcloud

To use Soundcloud, you need to log in with a Soundcloud account. Then all the artists you follow, tracks you liked, etc. will appear in the Raumfeld app. For an unknown reason to me, I could not find some tracks available on the website, such as the Purified radio show.

Unfortunately it is not possible to like tracks and follow artists on Soundcloud via the Raumfeld app, so you still need to do this via the website.

Use of the Raumfeld app

The Raumfeld app contains the basic features to get your music playing, but they should definitely take a look at the Spotify app to see how things can be made much more user friendly.

The Raumfeld app has a permanent notification in your notification list, where you can see what is playing, pause playback, switch to the previous and next song, and change the output volume (at least if you are using the analog output to your amplifier). There is also a widget available if you prefer that.

Playing just random tracks from your library, but it’s not as easy as it could be. Unlike Spotify, there is no big green Shuffle button in the All tracks tab page of the app. Instead you have to start playback by choosing a random song yourself and start playback, and enable the Shuffle option in the now playing window. Actually, after a while I discovered that there is actually an easy option hidden in the Playlist section, where there is a pre-defined playlist “My Music Shuffle”. This could be easier to find.

In the Now Playing window, there there is no option to go immediately to the album of the playing track, or to the list of all tracks of that artist. This is a handy feature that can be found in Spotify and other music players.

There is no way to properly close the Raumfeld app, except for going to Android’s settings and killing the app there. I have noticed several times when going away from home, and then connecting to another wifi network, the permanent notification would still be there as if I can start playback immediately. After some time eventually, the notification will say that the player is not available, giving you the options to close the app by pressing the X in the notification. I think there really should be a way to manually quit the application at any time.

While it’s possible to add different network sources to your music library, they all get mixed up in one big library, while I would prefer them to be in two different libraries. For example, I have two different SMB shares, one for classical music, and another one for pop music. When I want to play music, I want to have the possibility of seeing only the albums from the classical music library or only albums of the pop music library. This could be done by creating subitems for every single network sources under My Music in the menu. Choosing My Music would bring you to a combined library, while tapping one of the subitems would only show the contents of that network source. Unfortunately, the app does not make that possible, and you end up with all network sources mixed up.

The Dutch translation of the Raumfeld app needs some work. For example there is a button “Verwijder bron” (= Remove source) in the sources settings. When choosing this option it asks for confirmation: “Verplaats bron?” which actually means “Move source”. When clicking on the Delete button in a playlist, the possible answers to the question whether you are sure are “Geen” (= None) and “Ja” (= Yes). And in the Playlist section, the wrong word Schuffles is used. Even if not really a great translation, at least Shuffles would more acceptable. I noticed other errors too, so they really need to do some work proofreading the Dutch translation.

Playback via BubbleUPNP

I had a disappointing experience using the Raumfeld app, when playing either from my UPNP server or my SMB server. What if I use BubbleUPNP instead?

BubbleUPNP sees the Connector in 3 different ways: one as a single Connector UPNP render, one as meta-device named after the room (this would contain all Teufel UPNP devices you have added to that room), and once as a Chromecast device.

When playing music to the Connector, the playback time is not updated in BubbleUPNP. You cannot go forward or backwards within the track and get the error: “Seek mode not support (code: 710)”. When the song is finished and it continues with the next song, BubbleUPNP does not even notice that it went to the next song. So this is not usable.

When using the virtual room device as a renderer, plaback time is updated and seeking does work. However, gapless playback is not supported at all. This is also the case when letting BubbleUPNP stream to the Chromecast device.

All in all, the Connector does not have flawless UPNP support making it BubbleUPNP not a usable alternative to the Raumfeld app.

Chromecast support

Every application which supports Google Chromecast, and many music applications in Android do, can cast their stream to the Connector. It’s as easy as pressing the cast button in the application, and then selecting your Connector. It works simple and good and allows you to listen to streaming services which are not natively supported by the Raumfeld app.

Audio quality

Hifi magazines usually spend the most time writing about this subject when reviewing audio hardware, but I have the feeling that this is purely psychological and that there is rarely any audible difference between different audio source hardware. I can only say that there is nothing wrong with the audio quality of this device, and I don’t believe a device which costs 5 or 10 times as much can sound any better.

Of course all depends of the quality of your source material. I am using FLAC files directly ripped from CD, so there is no quality loss there. When listening to lower bitrate Internet streams (and unfortunately many of them still use older codecs such as MP3 in combination with a not high enough bitrate), you will of course clearly hear that it’s far from CD quality, but that is not something your hardware can fix.

The Connector should support playback of hi-res audio files up to 24 bit 192 Khz, but I have not tested this.

Support

On the Dutch website, there is contact page mentioning e-mail and a contact form, however no e-mail address nor contact form for technical support questions can be found there. On the repair and returns page there is the address service@teufelaudio.nl. This should be easier to find.

Support has been useless to me. I contacted them regarding the problem with the compilation albums on UPNP but seemed clueless, and they blamed the problems on the automatic switching of tracks on my wifi network, denying any bug there.

Conclusion

The Teufel Connector is a versatile machine supporting many codecs (including Opus and high-res music files) and gapless playback. Thanks to the Chromecast support, you can stream many online services to the device, even though the Raumfeld app itself only supports a limited selection of sources. The price is low, as is power consumption. So in theory this should be a great device, at least if you can live without a dedicated remote control, display and control buttons on the device itself.

Unfortunately the Connector is completely let down by the buggy firmware and Raumfeld app. UPNP was totally useless to me because it does not correctly show albums containing tracks of different artists. SMB on the other hand, requires a lengthy scanning process, during which it is impossible to listen to music from your library because it randomly switches tracks the whole time. BubbleUPNP is not a usable alternative for the Connector, because the Connector’s implementation as a UPNP media renderer also appears to be incomplete and buggy.

Several times during usage I encountered hangs in the Raumfeld app, or of the Connector device itself, requiring to disconnect the power to force a hard reset. Whether I used the stable version of the app or the beta version, did not make any difference. I did not try the beta version of the firmware.

All these problems could still be fixable by firmware and app updates. But is it realistic that they still will get fixed, knowing that this device is already on the market for years, and is being superseded by the Teufel Streamer now? The Raumfeld app only gets a score of 3.0 in the Android Play Store and there are many complaints, also in combination with other Teufel Raumfeld devices.

In conclusion I cannot recommend this device if you want to use it mainly to play your local music library. If you want to use it only to listen to online streams, than you could consider it, but otherwise, look further.

It’s disappointing that in 2019 finding a good streamer is still not easy. Much more important than the hardware, is the firmware and software. If you have to choose which music streamer to buy, I strongly recommend reading the app reviews on the Play Store instead of reviews of so-called hifi and multimedia magazines. Looking at the app reviews, then Sonos with a score of 4.0 seems to be the best one, followed by Heos from Denon and Marantz (3.6). Cambridge Audio’s StreamMagic (2.9, however only 7 reviews now as it is brand new), Onkyo’s Controller (2.9), Pioneer’s Remote Control (3.0), which appears to be the same as Onkyo’s, Yamaha’s Musiccast (3.0) don’t seem to be any better than Raumfeld unfortunately.

What’s your experience with this or with other streamers, such as the Denon DNP-800NE or Marantz NA6006, the Yamaha NP-S303, or anything else? Do they support gapless playback, also when using BubbleUPNP? How stable are they and is the app user friendly? Can you create multiple, separate libraries in it?

Living in a surveillance state

Because of time constraints it has been a long time since I wrote something here. However, this is something I want to share with as many people as possible now: Mikko Hypponen’s talk titled “Living in a surveillance state”, last week at TEDxBrussels. If you think that you don’t have to fear the spying by the NSA, GCHQ and other state services because you have nothing to hide, or you are wondering what we can do against it, then you should definitely watch this. “Open source” is the key answer to the latter question by the way.

These are 20 very well spent minutes of your time.