#qi-hardware IRC log for Sunday, 2013-09-29

qi-bot[commit] Werner Almesberger: bin/authors: only include files that still exist (master) http://qi-hw.com/p/wernermisc/a2a729300:16
whitequa1ksomeone *really* wanted to learn something about wolfgang... "/qi-hardware/search?q=wolfspraul&page=100" :)05:08
larscor only the dark secrets listed on the last pages06:58
whitequa1kit's in chronological order, not reverse chronological07:02
whitequa1kactually I should fix that, it makes zero sense07:02
whitequa1kwell, dark secrets are supposed to be old, aren't they?07:17
whitequa1kand page 100 is recent events.07:18
kyakwhat's so special on page 100 that one could learn about wolfgang?07:21
kyakwhitequa1k: the links with page numbers overlap the text that was found (in firefox)07:21
kyakif there are a lot of pages (like in this case)07:22
whitequa1kkyak: yeah I know07:22
whitequa1kbut I'm really bad with CSS07:23
whitequa1kthe channel names also don't scroll... and it looks horrible on mobile devices overall07:23
kyakthe channel list fits on my screen, luckily :)07:25
larscah, HURD 0.5 was released, so only another 30 years until 1.0 ;)18:43
viricI hope this pulls some hackers in18:45
ysionneauis it really worth it? I don't know enough about HURD18:45
ysionneauHas it a lot of developers? Why so?18:46
whitequarkI don't think so, not from a technical standpoint. It's a microkernel.18:50
larscAnd Linux is a macro kernel, because so many people are working on it?18:56
whitequarklarsc: um, wat?19:04
larsc'Has it a lot of developers?' 'No, it's a microkernel'19:04
whitequark'is it really worth it?'19:05
larscI know :)19:05
larscI just thought that would be a funny definition19:10
whitequarkperhaps from a bloat standpoint19:10
viricI don't know how much it is a projection of my hopes, but I like what I heard about Hurd19:11
viricAnd I dislike some of the linux pieces.19:12
whitequarkwhat's those hurd parts?19:12
viricfor example, how common it is in linux to run most processes as one user, with a single filesystem view;19:12
viricso any process can harm any other. Now there is USER_NS, containers, virtual machines, ...19:13
viricseccomp, apparmor, ...19:13
viricbut all that is a hell to use.19:13
larscI think android runs each app as a different user19:13
viricnot to mention, many operations are allowed only to root.19:13
whitequarkit's a question of wrapping it in a pretty gown19:14
whitequarklxc does it for you19:14
viriclarsc: I do that with sudo for the web browser and some binary programs, ... but it's uncomfortable19:14
whitequark(root) capability system exists, but it's... less than stellar. to put it mildly.19:14
whitequarkwasn't it that CAP_NET_ADMIN meant you could trivially elevate to root19:15
viricThe per-process tweaks a user can touch are little more than 'ulimit'19:15
larscI think capabilities in Linux are not the same as capabilities in the mircokernel sense19:15
viricwell, I mean the hurd microkernel + userland pieces, allow users (not only root) to narrow what processes can do and see19:16
viriclarsc: I want to limit what skype can do, or firefox. :)19:17
larscmeh, flight delayed19:17
viricany of those could "rm -Rf $HOME", in most common scenarios19:18
viricand cause harm19:18
larscor even worse19:18
viricyes, or worse19:18
viricso I don't think it's a good situation19:18
viricand I think hurd addresses some things.19:19
larscthis is why browser vendors have implemented their own sandboxing19:19
larsca capability based system of course has the sandboxing build in19:19
whitequarkchrome uses seccomp; hardly their own19:19
viricwhitequark: and USER_NS19:19
viricweb browser vendors play whatever they can in their field: the browser.19:20
viricthey play in the browser league. But a whole OS solution should be available.19:20
viricsome people run all in virtual machines :)19:20
whitequarkthat works surprisingly well. I used to do it with Xen.19:21
whitequarkI dropped it because Xen kills ACPI S3, and it kind of kills the point of having a laptop19:21
viricit is not a solved problem in Linux19:22
whitequarkalso, no hardware acceleration19:22
whitequarkok, perhaps not well at all19:22
viricstallman talked about some recent Intel northbridge having an integrated computer to load firmware to19:23
whitequarkstart with your wifi firmware19:23
whitequarkI bet it can become a pcie bus master19:23
whitequarkactually, I know it can.19:23
viricthat's a good reason to dislike blobs19:24
larscwhitequark: well seccomp-bpf was implemented by a google guy19:24
larscviric: that's the Intel active management stuff19:25
larscbasically a second processor that runs some firmware that can tap into peripherals19:25
viriche talked about some intel cpus with 3g modems integrated19:26
viriche wasn't very happy about intel19:26
whitequarkI have a notebook with this stuff, Intel Anti-Theft or something19:26
larsche is never very happy19:26
whitequarktargeted at enterprise loss prevention19:26
viricwhitequark: are you the thief?19:26
viricmh I didn't know how all this was named. thank you19:27
ysionneau21:13 < larsc> I think android runs each app as a different user < indeed19:28
viricthis way, your computer becomes something like a virtual machine with a debugger attached19:29
whitequarkit's pretty sad, because intel is not exactly known for bug-free code19:29
whitequarkthis is a trove for some hacker group to feed on19:29
ysionneau21:26 < larsc> he is never very happy < +119:30
larscmeh, the laptop battery did hardly survive one hour :/19:34
viricare you doing a virtual travel from the place where you did the virtual talk?19:40
wpwrakif rms was ever "very happy", i'd be rather concerned about the immediate collateral damage those drugs might do to his physical health20:58
wpwrakin fact, perhaps it's best to just call 911 in this case. tell them that "rms is very happy". that ought to qualify as a major emergency.20:58
wpwraklarsc: (battery) planned obolescence vs. lars, 1:0 :)21:00
larscviric: did a real travel22:30
--- Mon Sep 30 201300:00

Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!