The Meechan Case


, , ,

Sometimes, if we genuinely care about the freedom of expression, we’re called upon to defend the right to say things we find distasteful, wrong, strongly disagreeable unreasonable, etc. For example, I find Stephen Fry and Richard Dawkins’ comments on Christianity, often directed at Catholicism, often ill-informed, plain wrong and insulting, but their right to openly voice those comments is paramount and critical to a liberal society.
I’m sure most would agree that the freedom of expression couldn’t realistically be an absolute, that the the absolute freedom of expression, without consequence, is an extreme and untenable position. We’re collectively pretty vague about how that freedom should be limited. However, this freedom has gradually become more limited to what The Powers That Be deem acceptable, and our society, which we like to imagine is ‘liberal’ and ‘tolerant’ has been drifting towards an insidious kind of puritanism. Things that we used to criticise authoritarian regimes for are now coming to pass in 21st century Britain – this really isn’t an understatement when the minor details of how a Mark Meechan, also known as ‘Count Dankula’, was recently convicted become apparent.

In 2016, Meechan had trained his dog to perform a ‘Nazi salute’ whenever he said ‘sieg heil’ and ‘gas the Jews’, and published a video of this on YouTube. Yes, we could reasonably opine it was in bad taste, that it would inevitably cause offence to some, and that there might have been consequences for posting it. The video was intended to be humourous, and that was the self-evident context. It cannot be rationally interpreted as ‘far right propaganda’ or an incitement to anything.

Compare what Meechan published with the fact he was dragged through the court system for two years, convicted of a criminal offence and will very likely receive a jail sentence on 23rd April. Perhaps you’re still thinking that’s not a big deal, right? Surely there are checks and balances against the ideologically-driven misuse of the law, right? Like an actual judge upholding British values, and a jury of 12 peers who must to be convinced of Meechan’s guilt beyond reasonable doubt?
Well, no. Another very disturbing facet of Meechan’s trial was the absence of a jury. The conviction, as far as I could tell, rested on the subjective, and frankly questionable, judgement of one official, obviously interpreting the 2003 Communications Act way outside its intended scope:

[…] Sheriff Derek O’Carroll said the video was “threatening and grossly offensive. […] He found Meechan guilty of sending by “means of a public electronic communications network a message or other matter that is grossly offensive or of an indecent, obscene or menacing character”.

The problems with this are obvious. I cannot imagine how a reasonable person would deem the video threatening or grossly offensive, but a jury of 12 men and women of sound mind should have decided that. The second problem is the law itself, as quoted here (section 127 of the Communications Act), was clearly intended for extreme cases. The CPS has an advisory page confirming this.

In Chambers v DPP [2012] EWHC 2157 (Admin), the Lord Chief Justice made it clear that:

“Satirical, or iconoclastic, or rude comment, the expression of unpopular or unfashionable opinion about serious or trivial matters, banter or humour, even if distasteful to some or painful to those subjected to it should and no doubt will continue at their customary level, quite undiminished by [section 127 of the Communications Act 2003].”


Better Off With Map and Nokia


, , , , , ,

Normally Microsoft’s Map application on a Lumia device is perfect for travelling, but it turns out there isn’t an offline map available for Japan. After trying several alternatives, I figured that I could maybe create something better as a feature to my side project. I needed this to be compatible with the Edge browser, and for it to function effectively without a WiFi connection. Is this achievable using just HTML5, CSS and JavaScript? Yes, it is. Here are the results:

Creating the Offline Map Files
The first thing we need is data, in the form of map tiles, and the easiest way of getting this is by generating them using the Mobile Atlas Creator. This is straightforward to use – simply select the region to map and the zoom levels the application would display (e.g. all of them), and create the atlas .zip archive. The archive contains sets of numbered directories and files – I’ll explain why they’re structured that way and how they’re read by the application. For the data source, ‘OpenStreetMap Public Transport‘ gave the clearest tile images.

Leaflet.js API
There are multiple JavaScript APIs for rendering maps in the browser and showing the current GPS position. I went with Leaflet.js, as it’s lightweight, functional and reasonably well-documented.
This is roughly how Leaflet.js does the rendering: Leaflet.js will select the images to display according to the co-ordinates set in the code. The API will translate the co-ordinates into two five-digit numbers to select the file paths of the tiles to display. There is a third variable, which is the zoom level and layer – this determines the root directory that Leaflet.js will fetch the tiles from.

The three aforementioned factors are variables, z, x and y in the code. These correspond to the zoom level, latitude and longitude. All three are initially determined by the setview() parameters – the default zoom level and initial map frame displayed, but they’re changed by the JavaScript controls as the user scrolls and zooms in and out.

Leaflet.js includes a feature that makes use of the browser’s geolocation API. We include a button with this event trigger:

Which calls this function:

function getLocationLeaflet()
map.on('locationfound', onLocationFound);
map.on('locationerror', onLocationError);
map.locate({setView: true, maxZoom: 16});

Which, in turn, calls this function if the current location can be read from the device:

function onLocationFound(e)
var radius = e.accuracy / 2;
var location = e.latlng
L.marker(location).addTo(map), radius).addTo(map);

Of course, there’s no map in the screenshot here, as there aren’t any tiles for that location.

Location Markers
Another feature essential to my application is the ability to mark important locations on the map and display information about them. In this example, the placemark locations and popup messages are hard-coded into the JavaScript, though it should be possible to load that information from a GeoJSON file without having to use something like Node.js (I’m still working on this).

With the markers, the init() function should look something like this:

function init() {
map = new L.Map('map');
L.tileLayer('maps/kyoto-atlas/kyoto/{z}/{x}/{y}.png', { maxZoom: 15 })
map.setView(new L.LatLng(34.98852, 135.764982), 16);

L.marker([34.967169, 135.772437]).addTo(map)
.bindPopup('Fushimi Inari Shrine')

L.marker([35.016917, 135.782388]).addTo(map)
.bindPopup('Heian Shrine')

L.marker([35.008699, 135.767091]).addTo(map)
.bindPopup('Market Square')

L.marker([34.985985, 135.741648]).addTo(map)
.bindPopup('Kyoto Railway Museum')

Don’t forget there is always the CSS file included with Leaflet.js.

It shouldn’t matter whether the map files are replaced with something better from the Mobile Atlas Creator, as the co-ordinates within the JavaScript will always be mapped to the correct places.

To minimise the download size, I’ve published this example on GitHub with map tiles for only one zoom level, but it’s easy to recreate what I’ve done in the Mobile Atlas Creator.

Shield Up


, ,

Available on the market are panels that limit the viewing angle of your laptop, smartphone or other screen, which, of course, would be a very handy physical security/privacy solution if you’re working in an open space. I’ve recently bought an upscreen Spy Shield Clear, which costed just under £40. The vendor also has screens for a very large range of smartphones and laptops, which cost under £10.

One side of the screen is coated with pretty strong adhesive, much stronger than what you get with the average phone screen protector. Of course, it’s tricky to remove and refix if you get air bubbles, but it means it’s not coming off accidentally. I managed to get the screen attached properly after several attempts without damaging the screen or weakening the adhesive.
In the mounting kit, there are alignment stickers for aligning things, a microfibre cloth and alcohol wipe for making sure the surface is totally clean, and a plastic card for smoothing out bubbles as the screen’s applied.

Does the shield work? Yes, if you’re using applications with a dark colour scheme, and if the screen brightness is set very low (as mine always is), and if there’s a lot of ambient light. Basically it’s very effective in an office environment when using something like Visual Studio Code. Effectiveness varies in other cases – if the screen brightness is set to 80% – 100% in lower light conditions, the screen is still visible from even 90%. I noticed the faint lines running through the material also has the effect of making text unreadable outside an angle of about 30 degrees.

Raspberry Pi with Ubuntu MATE Installation


, , ,

I’ve only recently managed to get my hands on a Raspberry Pi, which was really popular at my university and the local hackspace. The credit card-sized board houses an ARM v8 quad-core processor, 1GB memory, a wireless interface and plenty of USB ports. More than enough to function as a desktop with a minimal Linux installation.

As you can see, the Pi has a set of GPIO pins along the side for hardware and I/O programming, though I think an Arduino board is more suitable for learning that kind of thing.

I’ve housed the Pi in a PiBow Tangerine case, which ModMyPi sells for ~£12. Since I hadn’t gotten around to completing my desktop build, I had to order a few extras from ModMyPi and Farnell Components – both pretty good suppliers.
One of these is an official power supply, as it requires a 5v adaptor capable of supplying 2.5A. ModMyPi sells these for ~£7. I wouldn’t recommend attaching anything fancy through the USB ports or attaching multiple hubs, as that could draw enough current to fry part of the board. I’ve seen that happen with laptops a couple of times.

microSD Card and Operating System
The Pi will automatically load whatever operating system is discovered on the inserted microSD card, so it’s easy to switch between them by swapping cards. Alternatives to the recommended Raspbian OS include Debian, PwnPi, Ubuntu MATE and several distributions that can turn the Pi into a media centre.
Whichever operating system is chosen, I recommend using a microSD with at least double the recommended capacity. It’s likely more space would be required for extending and customising the installation. There’ll also be personal files you’d want to keep on the same volumes as the root file system. Another potentially important factor is the data transfer rate for the microSD, as that could be a bottleneck, and therefore the operating system would ideally be installed on a microSDHC card.

If installing Ubuntu MATE, the first step is to download the version specifically for the Pi, and this will be a .xz archive from which the .img file is extracted. This image file is then ‘burned’ to the microSD card. I’ve used 7-Zip and Etcher, as recommended in the official Pi documentation,.

Since there is no swap partition on the microSD, the 1GB of physical memory won’t be extended. That would also mean the hibernation feature wouldn’t work. If the memory proves too limited for the MATE desktop, we could install XCFE and configure that as the default in the .xsession file Another option is to disable X11 using ‘raspi-config‘ – almost every desktop application has a decent command line substitute.

Well, that was my plan, but I wasn’t initially able to get this operating system running on the Pi, as it apparently couldn’t find the partition for the root file system. I kept getting the following error message:

Kernel panic-not syncing: VFS: unable to mount root fs on unknown-block(179,2)

I’ve come across this error before, when I had a multi-boot system spanning several hard drives. The kernel is attempting to create or read a file system on a non-existent volume.
I managed to pin this down (I think) to a configuration line in ‘command.txt‘, which has either an incorrect partition number or incorrect filesystem set. Multiple times I swapped the microSD between my laptop and the Pi, trying to find the correct values by trial-and-error (e.g. root=/dev/mmcblk0p2 instead of root=/dev/mmcblk0p6).

The problem was I created a partition table on the card before flashing it, not realising the Ubuntu MATE image will create the partitions on unallocated space anyway. To fix this, remove all partitions on the card using the Windows Disk Management application, so the entire 30-32GB is unallocated and flash the card again using Etcher. Disk Management should display the following partition scheme after flashing and verification:

Note, the boot partition (~5GB) is marked as primary. The third partition is unallocated, and this is where the root file system is created.

Setting Up a Linux Virtual Machine to Allow XRDP Sessions


, , , , , ,

Normally when a Linux Virtual Machine is created on Azure, we’re given just the core installation. That is, the VM is accessed through a command line over an SSH session. Here I’m going to try setting up an environment on a Linux VM that’s accessible through the Remote Desktop client.
The general principle here is that we create a standard Linux virtual machine in Azure, and on that we install the desktop manager, interface and a Remote Desktop server. Hopefully we’ll be able to connect the Remote Desktop client to this the same way we would a Windows VM.

First thing’s first: Most the configuration is done in the VM’s command line, so the local machine must have either BASH or PuTTY, or a program that enables an SSH session. Also, it helps to understand something about the architecture, dependencies and configuration files of a Linux system, but that’s not essential here.
The remote system here is an Ubuntu 16.04 Virtual Machine, and I’ve selected the cheapest and most basic pricing option.

An SSH Session
After the VM has been ceated, deployed and started, clicking the ‘Connect‘ link in the Azure Portal will show which IP address to point the SSH client to.

So, let’s try this by running PuTTY and initiating an SSH session to the VM’s IP address. After entering my username and password, and switching to the root account, I get the following:

Now we’re in business, and I can check for a package manager (ideally APT), and whether the X11, desktop manager, desktop interface and XRDP packages are available. This should be the case for any Debian-based installation. Before proceeding, run ‘#apt-get update‘ to avoid broken header problems.

Desktop Manager and Environment
Initially I was going to install the MATE desktop, but running ‘#apt-get install mate‘ indicated the components and dependencies amounted to over 1GB. I wanted something much smaller for demonstration purposes, so I chose XFCE instead, running ‘#apt-get install xfce4‘. It’s always possible to install and switch between desktop managers later, if needed.
Despite the warning messages shown during installation, the desktop components will be installed.

Setting Up the XRDP Server
The next component required is a remote desktop server. This will be provided by XRDP, which is installed with:
#apt-get install xrdp

After installation, we can use ‘#service xrdp status‘ to check whether the XRDP server is running. This is a useful command, as it enables us to stop and restart services at any point. The output should look something like this:

Every user on the system will need a .xsession configuration file in their home directories, to specify the default environmment to load when initiating an X11 session. Currently I’m logged in as root, so I need to navigate to my non-root home directory, and create this file containing the line ‘xfce4-session‘ in it. The commands are:

#cd /home/michael
#nano .xsession

And add a single line to the file:

A quicker way to do this as root from the current path would be:
#echo xfce4-session >/home/michael/.xsession

Now restart the XRDP server to load the changes.
#service xrdp restart

UPDATE: 300MB of the desktop manager and interface packages consist of dependencies common to MATE and XFCE. If you want to install the MATE desktop, run #'apt-get install mate‘ and change the line in .xsession to ‘mate-session‘.

Configuring the Azure Inbound Rule for RDP
At this point the VM should have a desktop manager and an RDP server running. Now we need to find the Remote Desktop server port, so Azure can be configured to allow connections to it.
#netstat --listen

It looks like the port we’re interested in here is 3389. In the Azure Portal, under the Network tab, add an Inbound Port Rule for ‘RDP’ – this will indeed be port 3389.

Now, the moment of truth. We’ll connect the Windows Remote Desktop client to the VM. And presto, the XFCE desktop.

And the MATE desktop over XRDP: