#qi-hardware IRC log for Tuesday, 2014-04-08

wpwrakargh. bat man attacks ! 01:20
wpwrakhmm. that will get messy. the belt for raising the blinds in my office broke yesterday, so i can't just open the window to let the critter out. instead, i'll have to divert it to another room ...01:24
wpwraknow it's hiding somewhere01:25
rjeffriesPreface: haters gonna hate, as the saying goes. <smile> but this looks interesting to moi:02:32
rjeffrieshttp://arstechnica.com/information-technology/2014/04/raspberry-pi-gets-more-arduino-y-with-new-open-source-modular-hardware/02:32
paul_boddierjeffries: According to http://www.raspberrypi.org/raspberry-pi-compute-module-new-product/ it isn't pin-compatible with the usual configuration of the DDR2 SODIMM slot.08:34
paul_boddieI can't remember whether the EOMA68 stuff maintains compatibility, but the whole Compute Board thing looks like a rehash of EOMA68 in an arguably less convenient form factor. And another way to dump unwanted Broadcom parts. ;-)08:36
paul_boddieWonder what the Improv people (https://makeplaylive.com/#/open-hardware/improv) think of it.08:39
paul_boddieAh, I see it gets a mention: https://discuss.makeplaylive.com/t/progress-updates/37/3708:42
DocScrutinizer05wpwrak: huh, bat? switch off the light in room, they actually *use* their eyes too and don't fly into the dark11:46
wpwrakthe problem is that getting out wouldn't have been easy. it would have to fly into the corridor, make an immediate turn. then get out the window. they usually have a hard enough time even finding a wide open window right in the same room. i think they get very confused when caught indoors.11:52
wpwrakwell, it eventually got itself caught between window and blinds. then i could gently guide it (with a flashlight and compressed air) to a little opening where it could escape.11:54
whitequarkwpwrak: use your HCl stash12:02
wpwraki still plan to inhabit the place after the bat removal :)12:05
DocScrutinizer05why remove it first place? I'd feed and name it.15:02
DocScrutinizer05you first should clean it though. They often have parasites15:03
DocScrutinizer05just like their closest relatives, the hedgehogs15:04
wpwrakyeha, i thought of that. have my own personal anti-mosquito bodyguard. but then i suppose bats aren't easily domesticated, especially if they're already adults15:04
DocScrutinizer05hmm, domestication might be hard, but offering it a comfortable home might result in it staying with you15:05
wpwrakby the way, we have lots of bats in buenos aires. they're far from being an endangered species around here.15:05
whitequarkI don't think "domestication" even works with wild animals in general15:05
wpwrakbats make their homes in the boxes where blinds are rolled up. the problem is that they dont mind living in their own excrements ...15:07
wpwrakand i suppose their dead and such are also "buried" right there15:07
wpwraksometimes they seem to get a bit confused and bump against windows and blinds. over and over again. maybe they're mistaking the building. then i rattle the blinds a bit to make sure any that may have crept in get out again.15:11
whitequarkwait, bats are mammals O_o15:13
wpwrakyes, so if you chase them away too late, they leave their young behind to starve and rot15:14
whitequarkhmm, Argentina also has rabies-infected vampire bats15:19
wpwrakprobably, yes15:20
wpwrakDocScrutinizer05: also, these critters are quite ugly. not at all like cute kitten.15:21
DocScrutinizer05dang, what bats do you have there? I had only nice lovely little bats in my living room15:25
wpwrakback in transylvania, before the villagers got discriminatory :)15:26
DocScrutinizer05lovely ntil I turned them into com-bats15:26
DocScrutinizer05army of killer bats15:28
wpwrakhere's one about certain creatures that come out at night: http://www.pidjin.net/2012/11/27/vampires-pirates/15:28
wpwrakso you bred them. grmbl.15:28
DocScrutinizer05do they carry lazors? then they are mine17:04
wpwrakhaven't seen any beam weapons. they bump into a lot of things, though. maybe that's because they're out of the range of your brain control device.17:10
DocScrutinizer05just noticed my mouse OS had a hickup. Maybe that's why17:18
DocScrutinizer05funny how it fired an endless button-repeat that caused a lot of stuff I never knew was even possibly, by simply moving the mouse cursur over things on screen17:19
DocScrutinizer05must've been a scrollwheel-right repeat17:20
DocScrutinizer05holding ctrl or alt on kbd caused really weird effects, like zooming in pdf viewer17:21
whitequarkthat's weird?17:21
DocScrutinizer05no. not when you know what's going on. As well as constant cycling between all open windows when moving cursor over kde task manager17:22
DocScrutinizer05or instant closing of menu after you opened it with LMB-click17:23
DocScrutinizer05really weird is the logitech mouse OS, whatever it might be on that MX revolution17:24
DocScrutinizer05anyway, I'm happy a simple power cycling of MX finally solved and fixed it17:25
DocScrutinizer05which makes me wonder how to fnd out about uptime of the mouse OS17:25
whitequarkit's usually not the mouse but the OS who cycles the button17:25
whitequarkbecause it loses the mouse-up event somehow17:25
whitequarkthough, with wheel... idk17:26
DocScrutinizer05well, that can't be it since I operated all mouse buttons manually, whioch didn't fix it17:26
DocScrutinizer05I even umplugged and replugged the BT receiver, which also didn't fix it17:26
DocScrutinizer05also funny that all (other) mouse buttons worked, as much (or as little) as I been able to check it17:28
DocScrutinizer05when I started suspecting mouse button, I first checked all buttons tactile and acoustical and considered them mechanically OK17:29
DocScrutinizer05then I switched off mouse to see if the effect stopped, which it did, immediately. And hooray, it stayed like that when I switched mouse on again17:30
DocScrutinizer05since the OS (linux) doesn't even notice when I switch off the BT mouse, since the BT receiver still is up and running, I guess it can't be an effect related to linux in any way17:31
whitequarkHELL FUCKING YEAH17:32
whitequarkEU killed roaming fees: http://uk.reuters.com/article/2014/04/03/us-eu-telecomunications-parliament-idUKBREA320S52014040317:32
DocScrutinizer05umm, completely now?17:32
whitequarkseems like so17:32
DocScrutinizer05hell yeah, EU court said "Voratsdatenspeicherung" is illegal17:33
whitequarkthe fuck is that word?17:33
DocScrutinizer05vorrat...17:33
DocScrutinizer05(save all metadata of all communications for 6 months)17:33
DocScrutinizer05THAT is great!17:34
whitequarkright17:34
DocScrutinizer05since, you know, it's not like our authorities would be ANY better than NSA17:35
DocScrutinizer05(mouse) I already been afraid of collateral damage by my latest khotkeys hack to ESC away any kmail "please re-enter you username and password for this POP3 account, since last login failed" requester17:38
DocScrutinizer05would've been an intriguing task to revert or disable that hack, with a desktop going amok like this17:39
whitequarksome neighboor is cooking some kind of meat, and it smells DELICIOUS17:39
Action: whitequark looks at a pristinely empty fridge17:40
DocScrutinizer05knock. Tell something about gas leak!17:40
DocScrutinizer05I just need to look at my empty money purse17:40
Action: DocScrutinizer05 wonders whether to have last cafe latte now, or save it for tomorrow17:42
whitequarkyes. fortunately I don't have this problem right now17:42
whitequarkthere's rumors however that USD will soon be out of circulation in RU17:43
DocScrutinizer05haha17:43
whitequarkwith all the effects on economy it implies17:43
DocScrutinizer05my condolences17:43
DocScrutinizer05seems putin is wildly determined to do a time leap back to cold war, with all the nice black&white friend or foe thinking17:44
DocScrutinizer05might help for his very private ambitions, though it prolly kills russia's last 30 years of progress17:45
whitequarksomething like that17:46
Action: whitequark ponders saving some USD in cash for the possible upcoming black market17:46
DocScrutinizer05ex warshaw pact turning into a horde of cro magnon bawling "Putin! Putin! Putin!"17:47
DocScrutinizer05s/warshaw pact/USSR/17:49
DocScrutinizer05and "kill the fascists!"17:49
DocScrutinizer05of course everybody being a fascist who's not pro Putin17:49
DocScrutinizer05or, even when you shout "Putin hooray!" this won't help you becoming a fascist when your nose isn't looking the right way in Putin's eyes. Or you're gay then17:51
DocScrutinizer05take care with your laundry, wash colors *separately* !17:52
DocScrutinizer05whitequark: maybe you better use some USD to leave that nasty place17:53
DocScrutinizer05before your nose looks gay17:55
whitequarkright now my options are, basically, exchange slavery in RU to slavery to big western multinational company X or Y (you probably know and hate both X and Y.)17:56
DocScrutinizer05well, there are many shades of gray in slavery17:57
whitequarksure. in other circumstances, I would probably like a job in X or Y, even if I disagree with their business decisions17:58
DocScrutinizer05and it's more or less compulsory, depending on where you live and who thinks to own the right to you17:58
wpwrakhmm, dhl. expected a parcel the size of a book. got one about 1/2 m^3. well, sometimes people get crazy with packaging materials. then peeked inside. some cosmetic printing supplies. definitely not what i expected.17:58
DocScrutinizer05LOL17:58
DocScrutinizer05wtf is cosmetic printing?17:58
wpwrakand the true recipient put a phone number that no longer exists, so i couldn't even tell them that they don't need to worry. ah well.17:59
whitequarkDocScrutinizer05: but when the result of a layoff, no matter how it turned out that way, is compulsory return to RU within 1-2 months... I'd rather wait for a bit longer17:59
whitequarkand try to seek some better options17:59
DocScrutinizer05that#s prolly wise17:59
DocScrutinizer05otoh you soon may ask for asylum18:00
wpwrakmaybe some colors or such. it looks like printer supplies, maybe even a printer. there's even some color calibration document (according to the envelope). i only dug as deep as i had to to find a name.18:00
whitequarkasylum seekers seem to be unpopular lately. #StopTheBoats and the like18:00
whitequarkI doubt there's much goodwill that way18:00
DocScrutinizer05that depends. You're a highly qualified CS expert18:01
DocScrutinizer05we're welcoming those18:01
whitequarkmhmm18:01
whitequarkby the way, c't hacks never arrived :(18:01
DocScrutinizer05and you got some money still18:01
whitequarkneither previous issue nor the current one18:02
DocScrutinizer05write to their customer service18:02
wpwrakin argentine, foreigners live and work for many years without proper paperwork ...18:02
whitequarkbut I don't know german (yet!)...18:02
DocScrutinizer05you know english18:02
wpwrakso if russia gets too hot, there's always that option :)18:02
whitequarkDocScrutinizer05: you think that's sufficient? the website is 100% in DE, isn't it?18:03
DocScrutinizer05I know a few english men that never even tried learning German though they live here for years or even decades18:03
whitequarkah. good. I'll wait for a week more, to account for russian post18:04
whitequarkwpwrak: well, our trains (so far) don't derail regularly :p18:04
wpwrakah yes, you'd have to learn some new survival strategies, like not taking the train18:05
wpwrakit's okay to watch them from afar, though. since they're very slow (else they wouldn't even make it out of the station without derailing), they debris won't fly very far18:06
whitequark...18:07
whitequarkis it really that bad?18:07
wpwrakwell, there hasn't been a newsworthy accident in the last few months18:08
DocScrutinizer05I couldn't live with that power supplier situation18:09
DocScrutinizer05unless I got my own power plant18:09
wpwrakbut i can see the trains crawl into the station that had the last two crashes. well, if i sit very still, i can see them crawl. otherwise i'd think they're just parked on the track.18:09
DocScrutinizer0520kW would suffice. The excess I can live with occasionally not being available from national grid18:10
whitequarkDocScrutinizer05: I would think Argentina has some cheap fuel18:10
wpwrakDocScrutinizer05: no major power mishaps lately. the brutally hot december was followed by an unusually cool summer, so air conditioning use was low18:10
wpwrakwhitequark: argentina had that, yes ...18:11
DocScrutinizer05some ages ago, you mean18:11
wpwrak... then the government decided it had to apply some price controls, to make sure it stayed cheap.18:11
DocScrutinizer05ouch18:11
DocScrutinizer05the effect of such measure is the same anywhere on this globe18:11
wpwraka few years later: due to total lack of investment, argentina changed from a reasonably large exporter to a major importer. and still it.18:12
wpwrakDocScrutinizer05: yeah, it worked like a clockwork.18:12
whitequarkfacepalm.18:13
wpwrakbolivia and uruguay are very happy. bolivia can basically lean back and live off the money that's coming in for selling gas to argentina. uruguay is running all their power plants at 200% (or so) to make sure the ... argentina. nice business, too.18:14
DocScrutinizer05haha, actually a plot like honecker's plan to take over the west, by abolishing GDR18:16
DocScrutinizer05it worked, meanwhile NSA and BKA do a better job than horch&guck ever did18:17
DocScrutinizer05there's a nice satiric 'infotainment report' called "the truth about GDR" where they reveal Honeckers secret plan to take over the west18:21
wpwrak... was the DHL interrupt18:22
wpwrak... should have been s/argentina/the lights don't go out in buenos aires/18:22
wpwrakDocScrutinizer05: i think the worst that could happen to the west was "winning" the cold war18:23
DocScrutinizer05indeed18:24
Action: DocScrutinizer05 can't help but thinking about herbicides, which cause the herbs to grow to death, literally18:25
wpwrakah. perfect. the recipient of my stuff was quicker than me and rejected it upon receipt. very good.18:26
DocScrutinizer05end of cold war directly kicked us back into wild west capitalism18:26
DocScrutinizer05actually the west doesn't need to compete with anybody anymore about the better system for the people18:27
wpwrakwell, or something. maybe they just weren't there. seems that DHL uses "rejected" for any non-delivery. i see that this shipment was also "rejected" last friday.18:27
wpwrakDocScrutinizer05: exactly that is the problem18:27
wpwraknow there's no reason anymore to be "nice". screw the plebs.18:28
DocScrutinizer05yep18:28
DocScrutinizer05:-S18:28
DocScrutinizer05so maybe actually hooray Putin! X-P18:28
DocScrutinizer05did I say that?18:29
wpwrakthat is, of course, until china has fully caught up. i somehow think it won't take all that long for this to happen. maybe another decade.18:29
DocScrutinizer05or less18:29
wpwraki see nothing in putin's actions that would be in any way more reprehensible than what other major powers have done under similar circumstances18:30
DocScrutinizer05they are already on par on a considerable 2 digit percentage of the whole picture18:30
DocScrutinizer05e.g they build their own windmills18:30
DocScrutinizer05farewell Germany18:31
DocScrutinizer05soon they'll export them to us18:31
wpwrakthey still have to find a way to deal with people getting unhappy with nasty work conditions at factories, and relax a bit about communication. but then they''ve made it18:31
DocScrutinizer05unhappy? that word doesn't exist in chinese language, I guess18:32
wpwrakyeah, .cn engineering has largely caught up with the west. they're still a bit behind on creativity, but that won't last forever18:32
DocScrutinizer05problem solved18:32
wpwrakoh, it does. they're not just little robots.18:32
DocScrutinizer05and regarding communication I guess they are years ahead of us18:32
DocScrutinizer05erdogan just catching up18:33
DocScrutinizer05we can do bets who will be next. Prolly Hungary18:33
DocScrutinizer05did you ever hear of crimes committed in GDR? It simply didn't exist - except when a westerner was on visit and misbehaved. I guess same applies to the concept of "unhappy" in China18:38
DocScrutinizer05actually the only crime ever officially mentioned in GDR were those who tried to leave the country18:39
DocScrutinizer05"unhappy"? pffff!18:39
wpwraki think they'll eventually come around. i can understand why the government is very cautious about discouraging political experiments. remember "The Great Leap Forward" ?18:39
DocScrutinizer05who cares?18:39
wpwraka charismatic troublemaker is really the last thing china needs18:40
DocScrutinizer05hehe yeah18:40
wpwrakwell, at least now they have the industrial capacity to keep up with producing body bags, should it come to that ...18:40
DocScrutinizer05sozial and economical dynamics get kinda unpredictable on such scale18:40
wpwrakthe next obstacle will be when increased demands from now comparably wealthy people will hit a decrease in economical growth. the latter will inevitably happen when the "catching up" benefit ends. (or is already happening)18:42
DocScrutinizer05also china actually is a different detached universe, from common consciousness of chinese18:42
wpwrakso yes, they still have a bit of work lined up for them. but i'd say, all things considered, they could do a lot worse.18:43
DocScrutinizer05I guess they frowned at pharaohs18:43
DocScrutinizer05china considers rest of the world kinda like Rome thought about the north barbarian badlands18:44
wpwraknaw, that's the US :)18:45
DocScrutinizer05haha18:45
wpwraki don't think the chinese really feel superior yet. eventually, they might.18:47
DocScrutinizer05hte definitely feel superior, based on their history18:47
DocScrutinizer05china is the center of the world, the cradle of mankind and civilization18:48
DocScrutinizer05they*18:48
DocScrutinizer05I guess the current dynasty in china is older than the USA18:50
wpwrakwell, that's not so hard :)18:50
DocScrutinizer05nd for odd reasons that's what seems to count in a strange way for chinese souls18:51
DocScrutinizer05china and india have a strange archaic sense of community18:52
DocScrutinizer05fate, honor, heroism etc is all that counts. Personal freedom is frowned upon18:53
DocScrutinizer05history, don't forget history. and tradition18:54
DocScrutinizer05to get a bit sarcastic, I could say: basically all the things that the average american has no idea what the words meaming might be18:55
wpwrakoh, they like "modern" values well enough. just that they also keep some of the old ones, too. there are some sarcastic remarks on how changes of values in western society made things like the snowden incident even possible.19:09
DocScrutinizer05well, I can't even start to figure how the average chinese feels, sitting in his car in a traffic jam, thinking about the times 10 years back when there were only bicycles and no smog that makes you die from coughing19:15
DocScrutinizer05looking out the side window of his car directly at the seas of poison or a giant coal power plant, or some other industrial abomination19:16
wpwraknot sure things are all that visible. you have been to mainland china, haven't you ?19:17
DocScrutinizer05nope19:22
DocScrutinizer05I'm actually not sure I ever want to go there19:22
DocScrutinizer05feels like "dancing cats of minamata", though that been Japan19:23
DocScrutinizer05http://www.youtube.com/watch?v=ihFkyPv1jtU  19:29
DocScrutinizer05and about visibility: yes, you're right, the smog is so terrible you barely can see anything ;-P19:30
DocScrutinizer05http://www.usatoday.com/story/news/world/2014/03/15/china-pollution-smoggiest-city/6072605/19:32
wpwrakof course, you have to be careful with US propaganda. i mean, they can turn iraq into a superpower (which they're then morally obliged to destroy), what are a few environmental issues ? but the smog does indeed seem to be nasty.19:37
DocScrutinizer05>>Though there is increasing anger over pollution, some of which has prompted protesters to block proposed factories, many Chinese have reacted by buying face masks rather than demanding change from the government.<<19:46
DocScrutinizer05that's about to the point about what I been speaking before19:47
whitequark/r/science is really on some kind of streak now19:48
whitequark"U.S. Schoolchildren Exposed to Arsenic in Well Water Have Lower IQ Scores"19:48
DocScrutinizer05there's obviously another mentality prevalent in china, that makes the word "unhappy" sound strangely non-applicable19:48
whitequarkwell no shit!19:48
DocScrutinizer05LOL19:48
DocScrutinizer05did they also test for LD50?19:49
whitequarkhm?19:49
wpwrakso, my parcel shall reach me tomorrow. phew. a lot of work to get that little calculator ...19:49
DocScrutinizer05LD50 of arsenic to pupils19:49
DocScrutinizer05lil calculator?19:50
wpwrakwell, the device i need for e-banking. the old one is dying. that is, most of it is still fine, just the display is losing rows and colums. makes it quite a puzzle to guess the correct code.19:51
DocScrutinizer05whitequark: seems I can't really parse your >/r/science..." line19:51
DocScrutinizer05whitequark: I don't know "/r/science" and I can't makes sense of "being on a streak"19:52
DocScrutinizer05pardin my poor english19:53
DocScrutinizer05pardon even19:53
whitequarkDocScrutinizer05: /r/science is reddit's scientific subcommunity19:53
DocScrutinizer05wpwrak: ooh, token generator. Optical input from PC screen?19:53
DocScrutinizer05whitequark: :-) thanks!19:54
whitequarkit's pretty sensible, considering its size. "a streak" in this case meant that I see articles with rather obvious conclusions all the time19:54
whitequarkof course you need to conduct such research, but I'm really not sure what kind of discussion the poster wants to see19:54
whitequarkarsenic denialers? "geee no, arsenic toxicity was invented by Big Pharma"19:54
whitequarkhang on, I need to get that rumor on the 'net19:55
DocScrutinizer05to me that sounds like Mengele19:55
larscwhitequark: rather the other way around19:55
whitequarkDocScrutinizer05: they measured environmental arsenic. levels around 5ppb or so in rural areas19:55
whitequarkapparently this was never done in US before19:55
whitequarkwell, not correlated with IQ19:55
DocScrutinizer05thought as much, but headline sounds kinda scary19:55
DocScrutinizer05that's why I asked if they ran another test for determining LD5019:56
whitequarkooooooh. I just reparsed it the way you did19:56
whitequarkhaha19:56
DocScrutinizer05"US military rund LSD tests on prisoners"19:57
DocScrutinizer05runs*19:57
whitequarkon prisoners? I thought they ran it on their own employees19:58
DocScrutinizer05"500 solders exposed to radiation of atomic test explosion"19:58
DocScrutinizer05soldiers*19:59
DocScrutinizer05actually I seem to remember either military or CIA testing psychoactive gas in subway stations, on US citizens20:00
whitequarkmkultra, iirc20:01
DocScrutinizer05yep, sounds about correct20:01
whitequark" MKUltra used numerous methodologies to manipulate people's mental states and alter brain functions, including the surreptitious administration of drugs (especially LSD) and other chemicals, hypnosis, sensory deprivation, isolation, verbal and sexual abuse, as well as various forms of torture."20:01
DocScrutinizer05"U.S. Schoolchildren Exposed to Arsenic in Well Water Have Lower IQ Scores"  fits in perfectly20:04
whitequarkdefinitely20:05
wpwrakDocScrutinizer05: (optical input) yes, using a homo sapiens sensor :)20:14
whitequarkdo token generators even require input? I've never seen one20:14
wpwrakthe good ones do20:14
whitequarkusually they have an RTC and generate tokens valid for e.g. +5 minutes20:14
DocScrutinizer05whitequark: they usually do a TAN based on parameters of the transaction, plus challenge from server20:15
wpwrakmine is challenge-response. i unlock the "sim" card in the reader, enter the challenge presented by the bank, then type the answer to the bank's login form20:15
whitequarkahh yes, right, bank20:16
wpwraksome transactions also use it, yes. not as obsessively as some german banks, though :)20:16
DocScrutinizer05http://de.wikipedia.org/wiki/Indizierte_TAN-Liste#TAN-Generator20:16
wpwrakmy bank in argentina just uses a RNG token. for all i know, it may even be NSA. oops, i mean RSA20:17
whitequarklol.20:17
whitequarkthose two are practically equivalent though20:18
whitequarkit's sad that some dickheads tarnished the reputation of both a good algorithm and the very smart and nice people who invented it20:18
wpwrakit does seem that RSA weren't overly reluctant to be of service, though20:20
DocScrutinizer05hmm?20:45
wpwraksee for exmaple here: http://www.reuters.com/article/2013/12/20/us-usa-security-rsa-idUSBRE9BJ1C22013122020:49
DocScrutinizer05seems I got to do a few security updates, eh? SSL20:49
wpwrakoh, you haven't yet ? :)20:49
whitequarkDocScrutinizer05: you do realize I can point a script at your server right now and read arbitrary memory, likely containing unencrypted credentials?20:50
wpwrakwhois --crawl | grep DocScrutinizer | ./exploit -20:50
whitequarke.g. some guy just did that with yahoo mail and got logins and passwords of some random people20:50
wpwrakwhitequark: you wrote that after you did the deed, right ? :)20:50
wpwrakyahoo, resting in peace ...20:51
whitequarkwpwrak: I'm too lazy :(20:51
whitequarkactually yahoo has a very competent chief of security these days20:51
whitequarkunironically20:51
wpwrakwhitequark: most have picked the wrong sleeping hours then20:51
whitequarkI can hardly blame them. even for amazon it took hours to fix this20:52
wpwrakDocScrutinizer05: the backdoored algorithm the reuters article refers to is of course good old DUAL_EC_PRNG 20:52
whitequarkDocScrutinizer05: DUAL_EC_DRBG is not really something you need to worry about20:53
whitequarkits practical impact is near to zero, except for some very specific things (e.g. RSA BSAFE) you probably don't use20:53
whitequarkheartbleed otoh...20:53
wpwrakwhitequark: ... since nobody uses it. except for RSA.20:53
whitequarkexactly20:53
Action: whitequark has already updated every single one of his keys and certificates20:54
DocScrutinizer05hmmm21:03
DocScrutinizer05ok, DUAL_EC is not in use anymore?21:23
DocScrutinizer05whitequark: which unencrypted credentials would you read from my server?21:25
whitequarkI don't thnk DUAL_EC_DRBG was widely used. it's currently a hot topic because it's solid evidence that NSA deliberately sabotaged crypto21:25
whitequarkDocScrutinizer05: submitted form data, ssl private keys21:25
whitequarkapi tokens21:25
DocScrutinizer05I still fail to evaluate the threat from SSL21:25
whitequarksuppse you have a login form. someone puts "user / 12345" there. now I connect to your server, do $MAGIC and get "user / 12345" back.21:26
DocScrutinizer05whitequark: no ssl private keys on my server21:26
DocScrutinizer05no login forms either21:26
whitequarkof course there is, if you use ssl. the keys for the server certificate itself21:26
DocScrutinizer05umm21:26
whitequarkany ssl-capable server must load a certificate and a corresponding private key. that's how ssl works21:27
DocScrutinizer05ok, so somebody can pretend he's my server now?21:27
whitequarkyes, and decrypt any traffic they may have intercepted21:27
DocScrutinizer05hmm21:27
DocScrutinizer05I think I can live with that21:27
whitequarkdo note that there are, obviously, large-scale scans with data extraction ongoing21:28
whitequarkwhy do you use https at all then?21:28
whitequarksince you obviously do not care about any benefit it may provide21:28
DocScrutinizer05I howver guess I want to renew the server private SSL key21:28
DocScrutinizer05I don't use https21:28
whitequarkyes, that would be wise21:28
whitequarkhm?21:28
DocScrutinizer05at least not on my server21:29
DocScrutinizer05my server doesn't have any sekrit stuff available via http21:29
DocScrutinizer05actually there's basically no secret stuff on my server21:30
DocScrutinizer05except from ZNC21:30
DocScrutinizer05any hint on creating new server key?21:32
whitequark$ openssl genrsa21:32
DocScrutinizer05I'm a bit lost regarding this since so far I never cared about those21:32
whitequark$ openssl genrsa 3072 if you're really paranoid21:33
DocScrutinizer05nc where's the old server global ssl key21:33
whitequarktake a look at your config. /etc/ssl/private ?21:33
DocScrutinizer05thanks21:34
whitequarkdebian stores them there21:34
DocScrutinizer05grrr, -bash: cd: /etc/ssl/: No such file or directory21:34
wpwraksuse doesn't, apparently :)21:43
DocScrutinizer05etc/ssh/ssh_host_rsa_key ?21:43
whitequarkDocScrutinizer05: wait21:44
whitequarkSSH != SSL21:44
whitequarkin fact these two are entirely unrelated and SSH is not affected by this bug21:44
DocScrutinizer05mhm21:45
DocScrutinizer05hi dos121:46
DocScrutinizer05soooooo...21:46
DocScrutinizer05could it be I don't *have* ssl private key on my box?21:47
DocScrutinizer05The requested operation could not be completed   Connection to Server Refused   Details of the Request:   URL: https://maemo.cloud-7.de/21:48
wpwrakas a rule of thumb, you read about the SSH bugs with scientific interest and you read about the SSL bugs with trepidation.21:48
DocScrutinizer05mhm21:48
DocScrutinizer05still don't get it21:48
whitequarkDocScrutinizer05: of course, if you don't have any ssl server21:48
whitequarkand seems like you don't21:49
DocScrutinizer05yeah, why would I?21:49
DocScrutinizer05I mean, that stuff is public anyway21:49
DocScrutinizer05I got ssh21:49
whitequarkI dunno. personally I run my own mailserver. it has three ssl keys for different stuff (webmail, imap and ldap)21:49
DocScrutinizer05ooooh21:50
whitequarkalso, smtp, but that reuses the webmail key for various obscure reasons21:50
DocScrutinizer05STARTTLS21:51
DocScrutinizer05and TLS for smtp21:51
whitequarkSTARTTLS is a way for legacy protocols to "upgrade" to TLS21:52
DocScrutinizer05I know21:52
whitequarkok21:52
DocScrutinizer05what I still do not know is where's that damn key?21:52
whitequarklook at postfix config21:52
DocScrutinizer05ta21:52
whitequarkor even grep '-----BEGIN RSA PRIVATE KEY-----' /etc -r21:53
Action: DocScrutinizer05 headbangs a bit21:53
DocScrutinizer05cyrus21:53
whitequarkcyrrosis21:53
DocScrutinizer05indeed21:53
DocScrutinizer05of course no friggin /etc/cyrus21:54
DocScrutinizer05but mail/21:54
DocScrutinizer05sendmail.cf:  # Server private key     \n   O ServerKeyFile=/etc/pki/tls/certs/sendmail.pem 21:59
DocScrutinizer05hmmmmm21:59
DocScrutinizer05http://privatepaste.com/05bb510cd622:00
Action: DocScrutinizer05 scratches head22:02
DocScrutinizer05FFS http://privatepaste.com/a20d65e28922:04
DocScrutinizer05wpwrak: ((suse doesn't, apparently)) CentOS22:13
wpwrakphlargh. wd-40, helping men save face since 1953.23:10
rohwpwrak: were youre certificates stuck in the webserver?23:13
wpwraknaw, still the problem with the blinds. the tape to pull them up or down broke, so the whole thing came crashing down. today i bought stuff to cover everything on my desk, then took the critter apart. first problem: it got stuck when trying to raise the blinds. applied wd-80 everywhere. then it moved a bit more, though not all that much.23:17
wpwrakthen i found that the drum had jumped off the "passive" side (opposite of the belt roll). so i lowered everything and put it back. but then it still wouldn't move. problem was that i had put it back too far. (it's of course all rusty and dirty, so you can't see very well what you're doing)23:19
wpwrakwhen i finally had the thing at the right place, the belt attaching the blinds to the drum broke. they must have been waiting all those years just for this opportunity.23:20
wpwrak#s/belt/belts/   three of them, no less. talk about fail-safe design by redundancy23:21
wpwrakso i removed the remains of the old ones, installed new ones (luckily i had some belt material around from a previous similar mishap)23:22
wpwrakthen up went the blinds. attaching them was a bit of a challenge, too. right now they're being held by a flimsy piece of wire. let's hope tonight's storm won't be too nasty ...23:22
wpwrakfinally i tried to place the access panel, but that thing is a pain. it's long and solid enough to be heavy, yet think enough to flex a lot. a real treat. i decided that this could wait until tomorrow.23:24
wpwrakgoals accomplished: can see the outside world again.23:24
wpwrakstill to do: install new belt, close access panel, and for good measure, install lighter blinds for day to day use so that i won't have to move the heavy critter twice a day.23:26
--- Wed Apr 9 201400:00

Generated by irclog2html.py 2.9.2 by Marius Gedminas - find it at mg.pov.lt!