[04:26] *** easymac has joined #arpnetworks [04:26] *** easymac has quit IRC (Changing host) [04:26] *** easymac has joined #arpnetworks [08:20] *** djkrikke-2 has quit IRC (Ping timeout: 250 seconds) [08:28] *** djkrikke-2 has joined #arpnetworks [08:33] https://blogs.aws.amazon.com/security/post/TxCKZM94ST1S6Y/Introducing-s2n-a [08:37] tl;dr[becauseimlazy]? [08:37] s2n isn’t intended as a replacement for OpenSSL, which we remain committed to supporting through our involvement in the Linux Foundation’s Core Infrastructure Initiative. OpenSSL provides two main libraries: “libssl”, which implements TLS, and “libcrypto,” which is a general-purpose cryptography library. Think of s2n as an analogue of “libssl,” but not “libcrypto.” [08:37] there you go [08:37] and the github for the project: https://github.com/awslabs/s2n [08:38] and s2n is a nod to signal to noise, hiding stuff as "noise" via the magic of encryption [08:39] Thanks :D [08:39] I prefer libtls anyways :P [09:05] I like OpenBSD's approach of re-factoring instead of throwing everything out and starting over [09:36] libtls is rather pleasant to use, too. [09:38] It certainly is from what I've gathered watching its inclusion in the OpenBSD tree. Things like syslogd *poof* have TLS [09:39] https://github.com/meritz-burns/erltls - my girlfriend and I have been working on porting it to Erlang. [09:39] That sounds like a fun couples activity :D [09:39] That's some pair-programming I can get behind [09:40] (okay, I'm done) [09:42] Isn't syslogd UDP? TLS works over UDP? [09:42] It has tcp support too [09:43] "syslog" is UDP, sure. But syslogd(8) supports all sorts of stuff [09:59] https://blog.opendns.com/2015/06/30/cisco-announces-intent-to-acquire-opendns/ yuck [10:05] heh, always loved that wording "intent to acquire" Basically "We want you, and we're going to have you. It's basically rape." [10:06] yeah [10:06] davidu's had bad luck w/stuff he helmed being acquired and wrecked [10:07] most recent example being everydns acquired by dyn [10:08] dyn just sought to eliminate a free competitor w/a better svc level than their paid plans, promised to grandfather people on those plans then decided they'd rather make money and told them to pony up or gtfo [10:10] oh well [10:14] lol: https://honestnetworker.wordpress.com/2015/06/28/when-your-favorite-startup-is-acquired-by-cisco/ [12:44] *** easymac has quit IRC (Ping timeout: 276 seconds) [12:49] *** easymac has joined #arpnetworks [14:56] *** kellytk has left "WeeChat 1.0.1" [15:12] mike-burns: Thank you for the obligatory (but put very cordially) "patch up or shutup" response http://marc.info/?l=openbsd-tech&m=143552675031461&w=2 [15:12] openbsd-tech: "Re: [Patch] New item to the "Migrating to OpenBSD" guide" from Mike Burns @ 2015-06-28 21:24:56 [15:12] * brycec hates when misc@ leaks [15:13] brycec: thank you for noticing! [15:13] I don't follow tech@ (or any of the lists really) very closely, but the mess was brought to my attention and I recognized your name :) [15:13] Oh no; this thread is making the rounds? [15:13] Over in #devious [15:14] OK whew. At least it's not trending on Twitter. [15:14] I could make that happen with @twitter ;P [15:14] @twitter -i BryceBot0101 [15:14] BryceBot (900 N Alameda, Los Angeles, CA) Member since: Mon Aug 22 16:35:56 +0000 2011 [15:14] Followers: 18 | Following: 34 | Tweets: 4696 | Description: I'm an IRC bot acting as a conduit for an IRC channel on FreeNode. I post whatever They tell me to. [15:14] and its massive 18 followers [15:15] Wowie. [15:16] Oh good, more fodder for BryceBot's tdr quotes [15:16] @tdr [15:16] Theo de Raadt says: i ojbect two yoru splelng of achlhlocis. [15:22] @tdr [15:22] Theo de Raadt says: Yes, but the ports people are into S&M. [16:24] haha [16:24] woot, i can see. [16:24] the bot in a channel i frequent has triggers to quote jeffk [16:24] dated, but still funny [16:24] hahaha [16:24] i'm surprised online glasses came already. i thought they'd take ages. [16:24] nice [16:24] just didn't want to pay 5x as much locally [16:25] for estimated times of longer than it took hah [16:25] i bought some prescription safety glasses for shooting and they got here from china in like 8 days or so [16:25] I was unfamiliar with jeffk.... not sure if I should thank m0unds or smack him [16:25] this was friday 4 pm local time [16:25] brycec: lol [16:25] to wednesday morning delivery local time [16:25] wow, nice [16:25] so what's that, .. just under 5 days [16:25] from new york.. [16:26] i don't like them though, but i ordered from somewhere else too :) [16:26] in the hope that one would be quick. [16:26] because my old ones were really scratched suddenly [16:26] twss [16:26] Okay! twss! 'because my old ones were really scratched suddenly' [16:26] BryceBot: no [16:26] Oh, okay... I'm sorry. 'because my old ones were really scratched suddenly' [16:26] darn, too slow [16:27] hahha [16:27] in the hope that one would be quick. [16:27] twss' [16:27] fuck [16:27] i'm done [16:28] haha [16:28] later [16:28] today has been [16:28] i gave you another chance [16:28] way too long [16:28] twss [16:28] Okay! twss! 'way too long' [16:28] i know that feeling [16:28] That's what she said!! [16:28] i can't take any more [16:28] twss [16:28] Okay! twss! 'i can't take any more' [16:28] i'm hoping scratched glasses are making me tired, as i've been tired more than usual. [16:28] they can contribute to eyestrain [16:28] Could by Lyme disease. I hear it's always Lyme Disease... that's what I learned on TV anyways. [16:28] which can make you feel fatigued [16:29] yeh i'm hoping so [16:29] brycec: you mean lupus? [16:32] I was thinking of https://www.youtube.com/watch?v=ZDkrNKMVXHc [16:32] YouTube video: "Ralph Lyme disease" by Jason Abe [16:33] ahh hadn't seen that [16:33] i got kind of sick of simpsons, too many episodes! [16:33] Supposedly, https://www.simpsonsworld.com/video/302395459825/episode/288011331912 is the episode [16:33] what year is that [16:34] https://www.youtube.com/watch?v=ZDkrNKMVXHc [16:34] YouTube video: "Ralph Lyme disease" by Jason Abe [16:34] oops [16:34] tried to resize putty :/ [16:34] (or at least 90 seconds of it) [16:34] That's what she said!! [16:34] mercutio: 1991 [16:34] not available in my region [16:34] oh wow, that's early. [16:34] Season 2 yup [16:34] back then we got episodes delayed a long time [16:35] now days we get stuff so much quicker. :) [17:37] does anyone happen to know what the best vpn's (openvpn, l2tp/ipsec etc) are for china? [17:39] * jlgaddis looks around [17:40] its all good [17:40] Y2K is past us [17:40] Clock: inserting leap second 23:59:60 UTC [17:42] time.tritn.com didn't get the memo [17:44] nor did mail.wtfismyip.com [17:45] has leap second hit us already? [17:45] yeah [17:46] i didn't notice anything [17:47] that is a good thing :) [17:56] *** kellytk has joined #arpnetworks [18:00] at 10:04 (im in +10GMT) i got alerts for all of our ntp services (Infoblox) reset/got out of sync, but came good about 10 minutes later [18:08] Who do you use for alerting mjp_? [18:08] what do you mean? [18:09] we use nagios for monitoring... the guy sitting a few cubes over let me know that all our infoblox appliancs lit up [18:09] Oh [18:13] * jlgaddis mutters something about 33.5 hours notice for a planned outage [18:47] jlg: on arp? outage shouldn't be very long at least. [19:37] apparently a lot of fibre links went down with the clock thing [19:39] by apparently i mean one person posted on a mailing list saying such [19:40] That would surprise me as most most links (t1, ethernet, etc) use crystals but not RTC for sync. An extra second on the wall clock would be invisible. [19:41] you'd think [19:41] apparently there was some cisco fix necessary, which didn't fix [19:41] Always blame Cisco [19:41] i'm going to check nanog :/ [19:41] i can't see anything on there [19:41] oh [19:42] I can see how routers with those interfaces might hiccup because they might not have read the performance counters for >1s [19:42] is the leap second gmt? [19:42] or local time zone? [19:42] It happened 2.40 ago, UTC [19:42] ahh ok [19:42] so yeh gmt [19:42] Everybody at once [19:42] nothing on nanog [19:42] there was a route leak last night of ntt -> he.net [19:42] (horlogical pedantics would like you to know that GMT and UTC are not the same thing, technically) [19:43] err ntt readvertising he.net routes [19:43] then he.net did a route leak [19:43] and the he.net guy was saying about how they didn't leak routes when the ntt one happened hah [19:44] internets..how does it even work [19:44] With lots and lots of luck. [19:44] there was another route leak originating in Bangladesh [19:44] that actually triggred RPKI validation failure alerts for me [19:45] was wondering why I woke up to a bunch of those [19:45] yeh that was the ntt leaking he.net one [19:45] that was the first, there was a second after that [19:46] yeh i'm actually surprised about the stability of the internet [19:46] it works much better than i'd guess .. [19:46] you're doing rpki validation static? [19:46] my prefixes are signed, I get alerts from BGPMon [19:47] but you're not validating? [19:47] nope, I don't really need to [19:47] rpki validation hasn't really taken off [19:47] yeh actually it'd help you not at all [19:47] it's really your upstreams that need to [19:47] indeed [19:47] well for it to be of any benefit [19:59] *** mnathani_ has joined #arpnetworks [20:43] *** toeshred has quit IRC (Ping timeout: 250 seconds) [22:39] *** toeshred has joined #arpnetworks