***: jpalmer has joined #arpnetworks
mkb has quit IRC (Remote host closed the connection)
mkb has joined #arpnetworks
7F1AAAAA7 has joined #arpnetworks
7F1AAAAA7 has quit IRC (*.net *.split)
mjp_ has joined #arpnetworks pjs: 6/
oops m0unds: >:| brycec: :) m0unds: `;->~
moar freebsd vulns
tcp, openssh and bind ***: m0unds has quit IRC (Quit: bork bork bork)
m0unds has joined #arpnetworks mercutio: m0unds: yeh it's insane
there seems to be way more vulnerabilities recently
there've been a few more qemu vulnerabilities that are fine with apparmor
and quite a lot of linux vulnerabilities
the bind one is kind of scary, did you read it?
only kind of - you can crash bind even with acl's in place by sending special packets to it m0unds: ah mercutio: i'm surprised stuff like that doesn't get used more
but whenever acls are bypassed it's scary m0unds: didn't impact my system, only worried about the other two gizmoguy: http://www.cardsagainstsecurity.com/?g=ND9ULG
come join my cards against security game grody: whats scarier some of these things have been vulnerable since older versions (freebsd) ***: Seji has quit IRC (Remote host closed the connection)
KILLALLHUMANS01 has quit IRC (Remote host closed the connection)
Seji has joined #arpnetworks
RandalSchwartz1 has joined #arpnetworks RandalSchwartz1: something going on with kvr05? brycec: Nobody else has mentioned anything [yet] RandalSchwartz1: well, my system froze.
responded to soft shutdown though BryceBot: That's what she said!! RandalSchwartz1: looks like it also responded to boot request brycec: Maybe the serial cable came loose? :P RandalSchwartz1: zfs up
ok, still no password prompt, and no ssh access
Hmm. dovecot won't restart BryceBot: That's what she said!! brycec: BryceBot: no BryceBot: Oh, okay... I'm sorry. 'Hmm. dovecot won't restart' RandalSchwartz1: time just moved backward by 25199 seconds brycec: 420ish minutes? sounds like timezone fun
420 = 7 horus
*hours RandalSchwartz1: ahh, there I got it
ok, everything is looking mostly normal
I wonder why it was frozen up though
ok… going back to emacs-based IRC ***: RandalSchwartz1 has quit IRC (Quit: Leaving.)
RandalSchwartz has joined #arpnetworks RandalSchwartz: back again. brycec: woo m0unds: i'm trying to confuse spotify's "discover" algorithm for that playlist they generate each week brycec: I'm reading the credits.rtf from Windows 10 while I wait
Just passed the FreeBSD acknowledgement
And there's NetBSD too m0unds: nice
i got my windows cat ninja sticker today
it's a ninja cat riding a t-rex
https://www.stickermule.com/marketplace/6478-windows-ninja-cat-t-rex mercutio: i still don't know if i should upgrade to windows 10
you have to use msn :(
i mean to current windows 10, i am on insider brycec: No you don't?
At least on insider, you don't need a Live account mercutio: yes you do brycec: they don't make it blatantly obvious, but it's there. mercutio: to upgrade to recent builds you do
you have to login with it with the recent builds
or it won't continue updating
i'm on 10162; there's 101240 now i think brycec: Yeah 10240 has been out for weeks, it became the RTM release mercutio: yeah i should read up about it
it just feels dirty logging in with msn account rather than local account BryceBot: That's what she said!! mercutio: like you're locking your machine into the microsoft eco system. m0unds: meh mercutio: no rush at the moment, things are stable anyway m0unds: you can make a local acct
unless they took that out
didn't the last time i tried a win10 build
hadn't* rather mercutio: m0unds: that's what i did on install brycec: I guess I can't speak to *installing* and running updates without a msft account. But I was able to add a local account without problem. mercutio: you just can't update it anymore -: brycec shrugs mercutio: yeh i installed without msn mkb: it has to be in there somewhere to satisfy domain users... I hope mercutio: does it require the internet to login? brycec: Not after the first login mercutio: ahh brycec: the hashed password is stored with the account mercutio: maybe it's not too bad then m0unds: yea, if you don't have connectivity and you mis-enter a pw, it just says "use the pw you used last time you logged in online" or something mkb: they don't bill this as a way to prevent someone snooping the password then stealing a laptop from logging in I hope... m0unds: eh? brycec: I still feel really wrong looking forward to Win10 -: m0unds shrugs mkb: It's no worse than status quo but it feels wrong to have the security and threat model so complex m0unds: only for a non ad user
haven't deployed win8 or newer on a domain, but i'd imagine it's likely not as "Friendly" mercutio: brycec: a lot of people seem to like it brycec: Speaking as a Win8.1 user in an AD, it's not friendly, no. m0unds: i know it was annoying to login to win7 w/systems joined to multiple domains mercutio: tbh, for me it's much of a muchness. brycec: mercutio: I've been fairly happy with the TP staticsafe: my university is deploying Win8 to laptop images this year and those are joined to the university domain m0unds: e.g. if your user is dumb and doesn't know what domain they're on, it sucks
because you have to do domainusername mercutio: brycec: yeh same
but it's not way better than windows 2008/windows 7 to me m0unds: the jump between the last two win10 tps on mobile was insane
went from unusable to amazingly usable in the span of three weeks brycec: lol mnathani_: staticsafe: what university? staticsafe: UOIT mercutio: at least windows remembers your smb login for network shares these days
that seemed to be one of the most annoying bugs ever. brycec: According to a buddy @ MSFT, that's the par for the Windows team. They do their best work in the last 6mos. mercutio: there was a workaround, but i mean a shipping OS that can't remember credentials for a network share...
so my friend says that fcc are mandating to block openwrt on new routers
anyone heard about htis? staticsafe: that sounds unlikely brycec: Yes I did. mercutio: is it legit
the site he sent me looks iffy
http://www.cnx-software.com/2015/07/27/new-fcc-rules-may-prevent-installing-openwrt-on-wifi-routers/ brycec: Looking like it.
Yeah that's what I read earlier today mercutio: they'll just get hacked i suppose
but the signing could be a pita brycec: I expect no more than they do now, just that there's a US law telling them they should instead of the manufacturer's own desire to lock you out. mercutio: some of the new modems have shifted to signing i think
a while back
but no-one paid much attention because openwrt doesn't work properly on modems.
i myself like the idea of a dumb access point with no routing though brycec: Overall though, it sounds plausible. Ostensibly that's the reason for BIOS whitelists in laptops - the manufacturer has a specific configuration FCC licensed and cannot "allow" you to alter that. mercutio: ahh
but hp do that in non-US markets too
hmm what about using wireless cards on linux?
linux lets you force weird channels etc. brycec: (Which is why the 'custom built' models, which probably slide under the rules being not sold en-masse, don't have whitelists)
I'd assume HP just does the same thing everywhere because it's simpler and easier. mercutio: yeah
that's my concern about this FCC openwrt thing :) brycec: And yeah, not just Linux. Even some Windows drivers let you play with things. mercutio: ahh true brycec: But it comes down to what can be regulated, i.e large-scale SKUs vs "one-off" stuff mercutio: i think forcing people to comply with regulations on consumer gear is actually probably sensible
but blocking openwrt, etc is not so much
i suppose the problem is what happens when you use a wireless ap in a country it wasn't designed for
even if you force it in eeprom or such
like i bought my wireless router from amazon, so it's a US model...
but i'm still using NZ region. brycec: As I interpreted everything, it's not "blocking openwrt" per se, as just preventing consumers from fuckign with it. And there are similar regulations in other industries mercutio: can you still set country code? brycec: I didn't see any mention of that, so I can't say one way or another grody: openwrt does appear to be becoming FCC compliant.. in the later versions of CC they have been locking down the maximum EIRP
older firmware i could push wifi to 760mW EIRP (using 3dbi antenna) - now i can only get it to 96mW
dd-wrt has a "super-channel" function which allows use of channels outside of the normal band
you can still alter country codes, bt there seems to be some kind of checking going on
spotted the oddities of it with the new wireless router i got.. it had issues running on certain channels in the 5GHz band and was actually forcing a set DFS Master region: FCC, then "applying" Regulatory domain changed to country: GB - then doing DFS Master region: ETSI
im guessing it did that through NTP as i never set a region brycec: Hello from Win10
(and it's only 22:33 here) m0unds: sweet
two of my cats are fighting over who gets to stare at a flying insect on the wall brycec: sweet. m0unds: one stares at it, the other comes up, sits down, gets hissed at, half heartedly bats the other one in the face til it walks away
then sits and stares at it, then repeat
not doing anything about it, just staring at it
brycec: did your update require much interaction? brycec: Nope not much. Once I'd clicked through the EULA and "yeah, do an upgrade" prompts, 3 reboots later here I am m0unds: ok brycec: (and yes it did the rebooting on its own) m0unds: figured as much, that's how the win81 update went
was gonna let it run overnight. if it borks something on this machine...ehhh brycec: heh, cool. Though it didn't take more than a half hour or so m0unds: oh.
there it goes
was taking a bit for it to start downloading brycec: protip: Be sure to install the Win10-specific AMD drivers, or the AMD tools aren't going to work quite right. (But they will tell you to install the latest Win10 drivers) m0unds: i don't have any amd hardware
i remember hearing the rtm had an issue w/nv gpu chipset drivers, but someone else said they fixed it mercutio: it was nvidia-specific
but it's kind of disconcerting that you can't opt out of video driver updates m0unds: you can
http://www.tenforums.com/attachments/windows-updates-activation/18274d1430590254-refuse-driver-updates-windows-10-a-capture.png
screenshot from the option that allows you to opt out
allegedly
haha
cpl > system > hardware tab > device installation settings