This Blog Is Not For Reading

A blog, just like any blog, only more so

  • Subscribe

  • Categories

  • RSS Bob Jonkman’s Microblog

    • New note by bobjonkman 22 September 2020
      In the Netherlands (which the Dutch call "Nederland") the language is called "Nederlands", so that makes sense. Perhaps English speakers couldn't differentiate between "Nederlands" and "Deutsch", which corrupted to "Dutch". And why do we call the country "Germany" and the inhabitants "Germans" when they call their country "Deutschland" and themselves "die Deutsche"?
    • Favorite 29 August 2020
      bobjonkman favorited something by eloquence: Disturbing reports that Google Play is threatening to kick out Mastodon apps. See:https://mastodon.social/@Gargron/104763960269049818https://toot.fedilab.app/@fedilab/104765191594914330App stores have a track record of acting capriciously & are also easy targets for gov't censors (including Trump). This is why alternatives like @fdroidorg are so important for user freedom.If unfamiliar: F-Droid is a free & open […]
    • bobjonkman repeated a notice by eloquence 29 August 2020
      RT @eloquence Disturbing reports that Google Play is threatening to kick out Mastodon apps. See:https://mastodon.social/@Gargron/104763960269049818https://toot.fedilab.app/@fedilab/104765191594914330App stores have a track record of acting capriciously & are also easy targets for gov't censors (including Trump). This is why alternatives like @fdroidorg are so important for user freedom.If unfamiliar: F-Droid is a free & open source app you […]
    • New note by bobjonkman 25 August 2020
      I do like the taste of onion bagels. When the other bagels in the bag acquire an onion flavour it's a poor experience at best, almost certainly leading to the purchase of a *real* onion bagel. #AOBFS #AcquiredOnionBagelFlavourSyndrome
    • bobjonkman repeated a notice by lnxw48a1 25 August 2020
      RT @lnxw48a1 @bobjonkman @blacksam Would that still be true if you actually liked onion bagels? Asking because, although I don't eat bagels at all, it seems to me that you're probably unusually sensitive to the flavor of onion ... which would likely be the case if you disliked that flavor.
    • New note by bobjonkman 24 August 2020
      If there is one onion bagel in a bag of bagels, they're *all* onion bagels...
    • bobjonkman repeated a notice by blacksam 24 August 2020
      RT @blacksam How come no matter what flavor bagel you buy from the bakery, it's always, to some extent, an onion bagel? #bagels #onions #wtf
    • Favorite 24 August 2020
      bobjonkman favorited something by blacksam: How come no matter what flavor bagel you buy from the bakery, it's always, to some extent, an onion bagel? #bagels #onions #wtf
    • Favorite 24 August 2020
      bobjonkman favorited something by lnxw48a1: #TIL: Gravity keyhole https://en.wikipedia.org/wiki/Gravitational_keyhole and Roche limit https://en.wikipedia.org/wiki/Roche_limit
    • Favorite 31 May 2020
      bobjonkman favorited something by atarifrosch: @bobjonkman: Das habe ich heute bekommen, wiederum 2 Monate später …

System Administrator Appreciation Day — #SysAdminDay Challenge!

Posted by Bob Jonkman on July 29th, 2020

Sys Admin Day (pink cupcake with a candle)Perhaps there’s no SysAdminDay Dinner for 2020, but there are still activities for SysAdmins in Waterloo Region!

Join the members of NetSquared Kitchener/Waterloo (AKA KWNPSA) in a SysAdmin Day Challenge to find the best five-word phrase that describes, in a positive way, the life of a SysAdmin or the the state of System Administration.

Join the Meetup.com event for the System Admin Appreciation Day Challenge, and leave your pithy five-word description in the comments.

As an organizer for KWNPSA I’m not eligible, but if I was, my phrase would be “System Administrators Are The Awesomest!”

Contest closes Friday, 31 July 2020 at Midnight (EDT), which is when SysAdminDay ends in our timezone.

And, although SysAdmins toil underappreciated for most of the year, there’s a prize for the best phrase!

–Bob.

Enter Contest

Tags: , , ,
Posted in Events, KWNPSA, System Administration, User Groups | Comments Off on System Administrator Appreciation Day — #SysAdminDay Challenge!

No #SysAdminDayDinner for 2020 :-(

Posted by Bob Jonkman on July 26th, 2020

SysAdminDay

SysAdminDay

A sad thing has happened: Without all the regular meetings of the local tech groups that I belong to (KWLUG, KWNPSA, KWVoIP) the entire thought of a System Administrators Appreciation Day Dinner has completely slipped my mind.

Think Ahead (illustration of a sign with the word "Ahead" broken into two lines) Of course, with the Covid pandemic still raging world-wide, and Waterloo Region still in the process of restoring access to things like meeting halls and restaurants, we wouldn’t be meeting in-person for a SysAdmin Day Dinner anyway. And while a virtual, on-line meeting isn’t quite as much fun, my lack of thinking ahead has scuttled even that for this year.

System Administrator Appreciation Day is this Friday, 31 July 2020. For all SysAdmins, please know that you’re appreciated, even if we’re not going out to dinner this year.

–Bob.

Tags: , ,
Posted in Events, System Administration | Comments Off on No #SysAdminDayDinner for 2020 :-(

#SysAdminDay Dinner, Friday 26 July 2019

Posted by Bob Jonkman on July 8th, 2019

It’s settled! See you all at Star Wok in Bridgeport Plaza, Waterloo (Ontario). Map

I’ve got to blog more. In person I’ll talk your ear off about coffee, tech, or politics, but try to get me to write just a couple of paragraphs a year, and what you get is this blog. So, here’s this year’s paragraphs:

System Administrator Appreciation Day is Friday, 26 July 2019

SysAdmin logoOn the last Friday of July people around the world appreciate their System Administrators. SysAdmins get chocolate, or cake, or ice cream, and sometimes chocolate cake with ice cream!

But in some localities, people haven’t figured out SysAdmin Appreciation Day yet, so we SysAdmins have to show them how it’s done. And since they didn’t figure it out in 2012, 2014, 2015, 2016, 2017, and 2018, we’ll have to show them again in 2019!

Inviting all SysAdmins, SysAdmin Spouses, Significant Others, Partners, Friends, Family, and even complete strangers!

We’ve been to Abe Erb a few times for SysAdminDay Dinner, but perhaps we’d like to find a new spot? Make your choice, and feel free to leave comments.

This poll is no longer accepting votes

Where should we have our SysAdminDay Dinner on Friday, 26 July 2019? Add your own answer if you have a favourite spot!
4 votes · 5 answers
VoteResults

Tags: ,
Posted in Events, System Administration | 5 Comments »

#SysAdminDay Dinner 2018 at Abe Erb in Kitchener

Posted by Bob Jonkman on July 6th, 2018

Sorry, no pictures from this year’s SysAdminDay Dinner. But you can enjoy some from the previous years’ collection in the gallery.

SysAdminDay

SysAdminDay

Every year, the last Friday in July is System Administrator Appreciation Day, or SysAdminDay for short (SysAdmins are efficient — why waste syllables?)

System Administrators manage the networks, configure the servers, and make backups for their users. On System Administrator Appreciation Day those users have the opportunity to appreciate their System Administrators by gifting them with chocolate cake and ice cream. But just in case that doesn’t happen, the SysAdmins in Waterloo Region take themselves and their spouses, friends and relations to dinner. Remember how SysAdmins make backups?

Join us at the Abe Erb Brew Pub and Restaurant again this year on Friday, 27 July 2018 from 6:00pm to 10:00pm, meet with other SysAdmins, share funny PEBKAC stories, and have some dinner and a beverage.

You don’t have to be a SysAdmin to come to the SysAdminDay Dinner — Everybody’s welcome! SysAdmins-In-Training, Retired SysAdmins, even people just curious to know what an array of SysAdmins looks like.

See you at the SysAdminDay Dinner!

What: System Administrator Appreciation Day Dinner
When: Friday, 27 July 2018 starting at 6:00pm iCal
Where: Abe Erb Restaurant at The Tannery
Location: 151 Charles Street West, Kitchener, Ontario Map

Leave a comment to let me know if you’re coming, so I can make a reservation at Abe Erb.

–Bob.

The Whole Gang (almost)

The Whole Gang (almost) — SysAdminDay Dinner, 28 July 2017

Tags: , ,
Posted in Events, System Administration | 6 Comments »

How To Create an Encrypted Drive in a File Container

Posted by Bob Jonkman on October 9th, 2017

Inspired by The Linux Experiment, I want to create an encrypted drive in a file container using only the command line.

Creating an encrypted file container

Create the container file. We’ll call it containerfile.img:


laptop:~/temp$ fallocate -l 250MB containerfile.img

laptop:~/temp$ ls -l
total 244148
-rw-rw-r-- 1 bjonkman bjonkman 250000000 Oct  8 22:45 containerfile.img

laptop:~/temp$

Create the encrypted LUKS volume. Note that creating volumes and file systems requires elevated privileges, so we use the sudo command:


laptop:~/temp$ sudo cryptsetup luksFormat containerfile.img 
[sudo] password for bjonkman: 

WARNING!
========
This will overwrite data on containerfile.img irrevocably.

Are you sure? (Type uppercase yes): YES
Enter passphrase: 
Verify passphrase: 
Command successful.

laptop:~/temp$

Of course, the passphrase doesn’t show on the screen, not even as asterisks. That would give a shouldersurfer an idea of how long the passphrase is. It is a long passphrase, right?

Open the encrypted LUKS volume, which we’ll call cryptvolume:


laptop:~/temp$ sudo cryptsetup luksOpen containerfile.img cryptvolume
Enter passphrase for containerfile.img: 

laptop:~/temp$

Let’s see if the encrypted LUKS volume exists:


laptop:~/temp$ lsblk
NAME                                          MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINT
sda                                             8:0    0 465.8G  0 disk  
├─sda1                                          8:1    0   243M  0 part  
├─sda2                                          8:2    0    14G  0 part  /
└─sda3                                          8:3    0     1K  0 part  
loop4                                           7:4    0 238.4M  0 loop  
└─cryptvolume                                 252:11   0 236.4M  0 crypt 

laptop:~/temp$

Yay!

Now we create a filesystem inside the encrypted LUKS volume. We’ll give it the label cryptdrive:


laptop:~/temp$ sudo mkfs -L cryptdrive -t ext4 /dev/mapper/cryptvolume 
mke2fs 1.42.13 (17-May-2015)
Creating filesystem with 253952 1k blocks and 63488 inodes
Filesystem UUID: 040765be-eddb-4ea6-b8d8-594b81233465
Superblock backups stored on blocks: 
	8193, 24577, 40961, 57345, 73729, 204801, 221185

Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (4096 blocks): done
Writing superblocks and filesystem accounting information: done 

laptop:~/temp$

Create a mount point, which we’ll call mountpoint, then mount the encrypted drive:


laptop:~/temp$ mkdir mountpoint

laptop:~/temp$ sudo mount /dev/mapper/cryptvolume mountpoint

laptop:~/temp$ lsblk
NAME                                          MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINT
sda                                             8:0    0 465.8G  0 disk  
├─sda1                                          8:1    0   243M  0 part  
├─sda2                                          8:2    0    14G  0 part  /
└─sda3                                          8:3    0     1K  0 part  
loop4                                           7:4    0 238.4M  0 loop  
└─cryptvolume                                 252:11   0 236.4M  0 crypt /home/bjonkman/temp/mountpoint

laptop:~/temp$ ls -l
total 244149
-rw-rw-r-- 1 bjonkman bjonkman 250000000 Oct  8 23:19 containerfile.img
drwxr-xr-x 3 root     root          1024 Oct  8 23:14 mountpoint

laptop:~/temp$

Note that the encrypted file system still belongs to root:root because we used the sudo command.

Change file ownership to bjonkman:bjonkman so I can read/write to it without elevated permissions:


laptop:~/temp$ sudo chown bjonkman: mountpoint/

laptop:~/temp$ ls -l
total 244149
-rw-rw-r-- 1 bjonkman bjonkman 250000000 Oct  8 23:19 containerfile.img
drwxr-xr-x 3 bjonkman bjonkman      1024 Oct  8 23:14 mountpoint

laptop:~/temp$

Since an encrypted container file is probably secret, it shouldn’t be visible to groups or others, so remove those file permissions:


laptop:~/temp$ chmod go-rwx containerfile.img 

laptop:~/temp$ ls -l
total 244149
-rw------- 1 bjonkman bjonkman 250000000 Oct  8 23:34 containerfile.img
drwxr-xr-x 3 bjonkman bjonkman      1024 Oct  8 23:14 mountpoint

laptop:~/temp$

Do some work in the encrypted drive:


laptop:~/temp$ echo "Hello World" > mountpoint/hello.txt

laptop:~/temp$ ls -l mountpoint/
total 13
-rw-rw-r-- 1 bjonkman bjonkman    12 Oct  8 23:53 hello.txt
drwx------ 2 root     root     12288 Oct  8 23:14 lost+found

laptop:~/temp$

And finally, unmount the encrypted filesystem and close the encrypted volume:


laptop:~/temp$ sudo umount mountpoint/

laptop:~/temp$ sudo cryptsetup luksClose cryptvolume 

laptop:~/temp$

Using an encrypted file container

Next time you want to do some work:


laptop:~/temp$ sudo cryptsetup luksOpen containerfile.img cryptvolume
Enter passphrase for containerfile.img: 

laptop:~/temp$ sudo mount /dev/mapper/cryptvolume mountpoint

laptop:~/temp$ echo "Hello again" > mountpoint/again.txt

laptop:~/temp$ ls -l mountpoint/
total 14
-rw-rw-r-- 1 bjonkman bjonkman    12 Oct  9 00:12 again.txt
-rw-rw-r-- 1 bjonkman bjonkman    12 Oct  8 23:53 hello.txt
drwx------ 2 root     root     12288 Oct  8 23:14 lost+found

laptop:~/temp$ sudo umount mountpoint/

laptop:~/temp$ sudo cryptsetup luksClose cryptvolume 

laptop:~/temp$

Using an encrypted file container from the GUI

Once the encrypted file container has been created you can open it from the graphical file manager just by double-clicking:
File manager window

Enter the passphrase to unlock the volume:
A file manager window and a password prompt window

A file manager window for the encrypted volume opens:
Two file manager windows

Note that the mountpoint is /media/bjonkman/cryptdrive/, chosen by the Gnome Disk Mounter application that runs when you doubleclick the container:


laptop:~/temp$ lsblk
NAME                                          MAJ:MIN RM   SIZE RO TYPE  MOUNTPOINT
sda                                             8:0    0 465.8G  0 disk  
├─sda1                                          8:1    0   243M  0 part  
├─sda2                                          8:2    0    14G  0 part  /
└─sda3                                          8:3    0     1K  0 part  
loop5                                           7:5    0 238.4M  1 loop  
└─luks-54f8e41b-73bf-4adf-aa29-a147733c5202   252:11   0 236.4M  1 crypt /media/bjonkman/cryptdrive

laptop:~/temp$

Also, note that the encrypted drive is mounted read-only:


laptop:~/temp$ mount | grep cryptdrive
/dev/mapper/luks-54f8e41b-73bf-4adf-aa29-a147733c5202 on /media/bjonkman/cryptdrive type ext4 (ro,nosuid,nodev,relatime,data=ordered,uhelper=udisks2)

laptop:~/temp$

Gnome Disk Mounter can be launched from the command line with a --writeable or -w parameter:
Command line window and Enter Passphrase window

Happily, this all works without elevated privileges; no sudo required. I don’t know how to open an encrypted file container using only command line tools without using sudo, nor how to launch Gnome Disk Manager in writeable mode just by doubleclicking — if you know, leave a comment or send me e-mail!

TL;DR:


fallocate -l 250MB containerfile.img

sudo cryptsetup luksFormat containerfile.img

sudo cryptsetup luksOpen containerfile.img cryptvolume

sudo mkfs -L cryptdrive -t ext4 /dev/mapper/cryptvolume

mkdir mountpoint

sudo mount /dev/mapper/cryptvolume mountpoint

sudo chown bjonkman: mountpoint/

chmod go-rwx containerfile.img

(do some work)

sudo umount mountpoint/

sudo cryptsetup luksClose cryptvolume

-----

sudo cryptsetup luksOpen containerfile.img cryptvolume
sudo mount /dev/mapper/cryptvolume mountpoint
(do some work)
sudo umount mountpoint/
sudo cryptsetup luksClose cryptvolume

Tags: , , ,
Posted in Crypto, GNU/Linux | 1 Comment »

Pictures of #SysAdminDay Dinner 2017 at @Abe_Erb

Posted by Bob Jonkman on August 4th, 2017

The last Friday in July is System Administrator Appreciation Day, and SysAdmins from Kitchener-Waterloo went to the Abe Erb Restaurant and Brewery for dinner.

Abe Erb Brewing Company

Abe Erb Brewing Company

The Whole Gang (almost)

The Whole Gang (almost)

Infinite Beer

Infinite Beer

Having a laugh

Having a laugh

Beer Valves

Beer Valves

Jean and Laurel

Jean and Laurel

Beer Console

Beer Console

Beer Admin

Beer Admin

More SysAdmins

More SysAdmins

Beer Vat

Beer Vat

Empties

Empties

Ooh, The Shiny!

Ooh, The Shiny!

Something is funny

Something is funny

Acidulated Malt

Acidulated Malt

A beer thing

A beer thing

Tech Talk

Tech Talk

Wild Goose

Wild Goose

Such shiny things!

Such shiny things!

Having dinner

Having dinner

In The Brewery

In The Brewery

Twilight

Twilight

SysAdminDay

SysAdminDay

There are more pictures in the SysAdminDay gallery.

Pictures taken at the System Administrator Appreciation Day Dinner at the Abe Erb Restaurant and Brewery on Friday, 28 July 2017.

Pictures by Laurel L. Russwurm, used under a CC-BYCC BY 4.0 license.

Tags: , , , , ,
Posted in Events, System Administration | Comments Off on Pictures of #SysAdminDay Dinner 2017 at @Abe_Erb

Planning #SysAdminDay Dinner

Posted by Bob Jonkman on June 28th, 2017

It’s a go! Reservations made for Friday, 28 July 2017 from 6:00pm to 9:00pm at Abe Erb’s at 151 Charles St, Kitchener Map.

Abe Erb’s is popular too, they’re so busy on a Friday that dinner orders are taken at 7:00pm. But I suspect they don’t mind us staying longer and enjoying their beverages…

System Administrators at the Egg Roll King Restaurant, 29 July 2016

System Administrators at the Egg Roll King Restaurant, 29 July 2016

The year is rapidly closing in on System Administrator Appreciation Day, held every year on the last Friday of July, the 28th this year. In the Kitchener-Waterloo area that means System Administrators appreciate each other with a SysAdmin Day Dinner.

Egg Roll King

Egg Roll King Restaurant

Unfortunately, my favourite restaurant Egg Roll King is doing extremely well. So well that Tony, the Egg Roll King himself, is too busy to have dine-in customers on Fridays and Saturdays.

So, unless we want to sit on the sidewalk eating take-out, we have to find a new venue.

Let’s use this poll to figure out attendance as well as venue. On Monday, 24 July 2017 at noon I’ll count the total number of responses, then make a reservation at the most popular choice. Vote early, vote often, vote for your family members and friends!

Remember, SysAdminDay Dinner is for SysAdmins, their partners, children, friends, and anyone else who appreciates SysAdmins!

This poll is no longer accepting votes

Where should we have the Systems Administrator Appreciation Day Dinner? (Fri, 28 Jul 2017, 6pm-9pm)
11 votes · 0 answers
Choose

If you add a new venue, leave a comment to say why you like that place.

Tags: , ,
Posted in System Administration | 3 Comments »

Auto-Type Keywords for KeepassX

Posted by Bob Jonkman on November 1st, 2016

KeepassX logo

KeepassX

I use KeePassX to keep track of passwords for web sites, server logins, and encrypted disks. And, at the touch of a keystroke, KeepassX can auto-type login names and passwords to those web sites, servers, and disks.

By default, KeepassX sends the sequence

{USERNAME}{TAB}{PASSWORD}{ENTER}

but if the Username field is blank then KeepassX just sends

{PASSWORD}{ENTER}

or if the Password field is blank then KeepassX only sends

{USERNAME}{ENTER}

But what other things can KeepassX send? A quick look at the AutoType.cpp source code reveals these additional keystrokes:

  • {tab}
  • {enter}
  • {up}
  • {down}
  • {left}
  • {right}
  • {insert} or {ins}
  • {delete} or {del}
  • {home}
  • {end}
  • {pgup}
  • {pgdown}
  • {backspace} or {bs} or {bksp}
  • {break}
  • {capslock}
  • {esc}
  • {help}
  • {numlock}
  • {ptrsc}
  • {scolllock}
  • {add} or {+}
  • {subtract}
  • {multiply}
  • {divide}
  • {^}
  • {%}
  • {~}
  • {(}
  • {)}
  • {{}
  • {}}
  • {f1}
  • {f2} .. {f16}

KeepassX is written by Felix Geyer and Florian Geyer with reporter Tarquin Winot, and is released under the GNU head logoGNU General Public License.

Tags: , , , ,
Posted in FLOSS, security, Software | Comments Off on Auto-Type Keywords for KeepassX

Electoral Reform — My Submission to the #ERRE Committee

Posted by Bob Jonkman on October 7th, 2016

To: Special Committee on Electoral Reform

From: Bob Jonkman
6 James Street
Elmira, Ontario
Canada N3B 1L5

Summary:

* I’m in favour of any electoral system that provides a proportional outcome.
* I’m opposed to a referendum.
* I’m opposed to mandatory voting.
* I’m opposed to online voting or using voting machines.

Submission:

I am the Co-Chair for the Fair Vote Canada Waterloo Region Chapter, and was a Green Party candidate in the 2015 Federal Election. Since the 2007 Ontario referendum on Electoral Reform I have been advocating for a proportional representation system at all levels of government by speaking with fellow citizens at local festivals, information booths, and community dialogues.

However, I submit this brief personally, as one individual citizen. Although my views have been shaped by working for advocacy groups and speaking with others, this brief represents my views alone.

The First-Past-The-Post system does not meet any of your (the Special Committee on Electoral Reform’s) principles for electoral reform:
* FPTP is not effective or legitimate: 39% of the vote should not result in a majority in Parliament.
* FPTP suppresses voter engagement: People don’t bother to vote when results aren’t effective or legitimate.
* FPTP is not inclusive: More than half of the voters are not represented by someone they voted for.
* FPTP undermines integrity: While election results are verifiable, there is little public trust that those results reflect the voters’ will.
* FPTP does not result in local representation: Anyone who did not vote for the winning candidate is not adequately represented.

Proportional Representation will fix all these problems. It does not matter much to me what kind of electoral system is chosen, as long as the outcome is proportional, that the party allocation of seats in Parliament reflect the proportion of votes cast nationally, and that all votes count equally.

There is no need for a referendum; the decision to eliminate the First-Past-The-Post voting system has already been made by the voters in the previous election.

I won’t detail the mechanics of any preferred electoral system, that is best left to an expert group which can be appointed as part of Elections Canada to implement the recommendations of this Committee. I do want to indicate my preference for multi-member districts, with votes counted by a Single Transferable Vote system.

Of course, the larger the multi-member district, the better the proportionality, but larger districts mean poorer local representation. There is no need to have all multi-member districts be the same size, or have the same number of representatives, or have the same population. A maximum district size of 10-15 current ridings in densely populated areas would ensure that even smaller parties are represented, while still having Members of Parliament accessible to all citizens. Sparsely populated areas can have larger areas with fewer members. A smaller province or territory can form an entire multi-member district.

Perhaps to better meet the Local Representation criterion a Mixed Member Proportional voting system can be used; again, densely populated districts can be made up of 10-15 current ridings. There is no need to have all districts be the same size, or have the same ratio of single-member ridings to top-up members, the better to adapt to the different populations and geographic size of different areas of Canada.

Do not create an unnecessary division of voters, as the Urban-Rural voting system proposal would do. Canada is a population of many groups, cultures, religions, and economic conditions; formalizing a divide between urban and rural areas by having one voting system for urban populations and a different voting system for rural populations violates the Inclusiveness criterion. Having different voting systems for men and women, or rich and poor, or Indigenous and Colonialists, or Muslims and Jews would not be tolerated in Canada; don’t create such a division between Urban and Rural.

I am opposed to any thresholds. It is often suggested that there be a threshold of 5%, 10% or even 15% of the popular vote in order for a party to gain any seats in a proportional system. But a threshold denies the voters for a small party their proportional representation. When a party receives 0.295% of the popular vote (that is, the equivalent of 1 seat out of 338) it shows sufficient interest by the voters that the party should receive 0.295% of the seats.

Whatever system is chosen, it must achieve proportionality of votes to seats in Parliament.

Electoral Reform is a process, not an event. Whatever system is chosen, it must be clear that future enhancements can be made to fix deficiencies that are sure to be identified in the next election. These fixes can range from changing electoral district boundaries, to changing the ratio of single-member ridings to top-up members, to increasing the number of members in Parliament.

I fear that some future government may change the electoral system back to a non-proportional system, by burying such legislation in an omnibus bill in which most of the legislation does have support of the House. To ensure the longevity of the changes being proposed by the Committee, perhaps one of the recommendations can be to have the principle of proportionality in an electoral system enshrined in the Constitution. That recommendation can be implemented after one or two elections, once Canadians have become familiar with a cooperative parliament that builds legislation by consenus.

I urge the Committee to make a recommendation that Parliament pass legislation to implement an electoral system that achieves Proportional Representation, but that the Committee’s recommendation only broadly describes an electoral system such as STV or MMP to achieve Proportional Representation, and to leave the details such as number of citizens per district, number of Members per district, ratio of single-member ridings to top-up members, etc. to a group of experts working for Elections Canada.

While it is not part of the mandate of this Committee, I would like to point out that Canadians are woefully under-represented by their Members of Parliament. Typical electoral district sizes have 100,000 citizens for one Member of Parliament; even if the MP spent eight hours a day, 365 days a year meeting with the constituents, each constituent would have less than two minutes to spend with the MP, and the MP would have no time to spend in Parliament to do any other work. While it is an unpopular opinion amongst taxpayers, I think Canadians would be well served and get better representation by having more politicians.

I am against Mandatory Voting: Candians should not be coerced into casting a ballot. There is no issue of safety (as with mandatory drivers’ licences), or social covenant (as with mandatory taxes).

Imposing penalties for not voting will unfairly and disproportionally punish those who do not vote today: The poor, the homeless, and the uneducated; those who can least afford to pay fines and spend time in court or jail.

Today there is no effective way to cast a ballot of dissent. A ballot spoiled to indicate dissatisfaction with all the candidates is indistinguishable from a ballot spoiled by someone unskilled in the art of voting.

Rather than mandatory voting, give voters the opportunity for greater expression in the marking of their ballots. Provide an option to decline to vote at the polling booth, and have a “None of the above” choice on the ballot. But when “None of the above” achieves a significant number of votes (such as a plurality in a single-member riding or reaching the quota in a multi-member district) there must be consequences, such as calling a by-election to allow fresh candidates to fill that vacancy.

I am a little bit sympathetic to the idea that with mandatory voting political parties may change their campaign strategies to appeal to that portion of the electorate that does not vote today, but there are other ways to get political parties to civilize their campaign strategies by reducing campaign spending limits and allowing small campaign contributions only from private citizens.

I am opposed to electronic voting and online voting. I am a computer consultant by profession, and nothing I see in my work shows that people’s home computers or even the computers in most businesses have the security capable of upholding the Integrity requirement, ensuring reliable and verifiable results.

The main issue with online voting is not computer security, but a fundamental incompatibility between voter identity and the secret ballot.

When voting takes place outside of a polling station it is important that voter identity is established to prevent fraud. It must be provable that the ballot filled in online was actually filled in by a registered voter, and not by someone impersonating that voter. To achieve this, voters need to be issued a ballot with a serial number or barcode to ensure that only that one ballot is filled in for that registered voter. But if every ballot cast has a serial number, then the completed ballot with the voter’s choices is identifiable with the voter’s name and registration information. The secret ballot is impossible, and the Integrity criterion cannot be met.

When voting does not take place in a polling station then it is possible that a voter will be coerced into voting according to the demands of the “head” of the household, or voting at the workplace according to the employer’s demands. Without the scrutiny of Elections Canada, voting integrity cannot be ensured.

But computer security is an issue too. People’s personal computers are constantly being attacked by computer viruses, malicious web sites, and denial of service attacks from compromised Webcams. And spam. The difficulty of ensuring online voting integrity is at least as great as is the difficulty of eliminating spam (unsolicited, unwanted e‑mail, sometimes commercial in nature, sent in bulk). If you haven’t experienced problems with spam then it is likely your E‑mail Service Provider is filtering your e‑mail for you – but how many good messages are being filtered accidentally? You’ll never know, because you’ll never see them.

There are actually very few large-scale spammers on the Internet, maybe a couple of dozen at most. But they’re responsible for almost all the unwanted e‑mail that clogs up billions of e‑mail accounts in the world. It shows how a few bad actors on the Internet can completely overwhelm an e‑mail system. Similarly, a few bad actors on the Internet can completely compromise an online voting system. If we can’t secure our mail systems to solve the spam problem, it is unlikely that we’ll be able to secure everyone’s computer to guarantee online voting integrity.

It is unfortunate that there were so few computer security experts providing witness testimony to the Committee. Almost every computer security expert who has commented on electronic voting since the U.S. “hanging chad” elections in 2000 has decried the use of voting machines, and, more recently, online voting. Voting machines are regularly compromised, are not auditable by design (they have proprietary source code), and are prone to failure when needed most. Computer security lecturers delight their audiences with tales of voting machine touch screens that dodge the target when the “wrong” vote is selected, or that play marching band music after they’ve been compromised by a prankish hacker.

Voting is very much different from buying a product from an online store. If the wrong product is delivered, the store will ship the right product the next day to ensure customer satisfaction. But if the wrong candidate is elected, there is no recourse the next day. It is unlikely that fraud will be detected until the voting machines are audited many weeks after the election, and even when fraud is detected the outcome will be hotly contested by the affected candidates. In fact, if voting machines don’t use publicly published open source code then it is likely election outcomes will be hotly contested because proving that no fraud was committed is impossible.

However, vote tabulation by machine is perfectly acceptable, although there must be a requirement that vote tabulators are also audited and their source code is made public. Ballots designed for vote tabulators (optical mark cards) can always be counted manually if the electronic tabulation is in dispute.

Thank you,
Bob Jonkman

6 James Street,
Elmira, Ontario
Canada N3B 1L5

+1-519-635-9413
bjonkman@sobac.com

Tags: , , , , , , , , , , , , , , , , , , , , , , ,
Posted in Uncategorized | Comments Off on Electoral Reform — My Submission to the #ERRE Committee

#SysAdminDay 2016 Pictures

Posted by Bob Jonkman on July 30th, 2016

For the fourth year, System Administrator Appreciation Day is celebrated by the SysAdmins of Kitchener-Waterloo going out for dinner, once again at the Egg Roll King Restaurant.

System Administrators at the Egg Roll King Restaurant, 29 July 2016

System Administrators at the Egg Roll King Restaurant, 29 July 2016

An Array of System Administrators: Bob Jonkman, Laurel Russwurm, Kiwi Ssennyonjo, Jean Smith, Jeff Smith, Brian Bentley, Leo Pepitas, Barbara Izma, Steve Izma, Sean Howard, and Marc Paré at the Egg Roll King Restaurant for System Administrator Appreciation Day Dinner on 29 July 2016.

Willem Jonkman

Willem Jonkman

Willem Jonkman, photographer of SysAdmins

Sean Howard and Marc Paré discuss SysAdmin stuff

Sean Howard and Marc Paré

Sean Howard and Marc Paré

Jeff Smith, Brian Bentley, Leo Pepitas, Barbara Izma and Steve Izma watching a demonstration by Kiwi Ssennyonjo at the Egg Roll King Restaurant for System Administrator Appreciation Day Dinner on 29 July 2016.

Jeff Smith, Brian Bentley, Leo Pepitas, Barbara Izma and Steve Izma watching a demonstration by Kiwi Ssennyonjo at the Egg Roll King Restaurant for System Administrator Appreciation Day Dinner on 29 July 2016.

Tags: , ,
Posted in Events, System Administration | Comments Off on #SysAdminDay 2016 Pictures

 
Better Tag Cloud