#arpnetworks/ 2016-03-16,Wed

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)
WhoWhatWhen
***ziyourenxiang has joined #arpnetworks [06:32]
......................... (idle for 2h2mn)
YesThatTom has joined #arpnetworks
YesThatTom has left 		[08:34]
.......................................... (idle for 3h29mn)
nathaniDo the kvr hosts have hardware raid or software raid?
I know it's hotswappable drives
Just not sure about hardware or software 		[12:03]
..... (idle for 20mn)
up_the_ironshardware for sure [12:24]
.......................................................... (idle for 4h46mn)
***gizmoguy has quit IRC (Ping timeout: 250 seconds)
DaCa has quit IRC (Ping timeout: 268 seconds)
toddf has quit IRC (Ping timeout: 268 seconds)
gizmoguy has joined #arpnetworks
toddf has joined #arpnetworks
ChanServ sets mode: +o toddf
DaCa has joined #arpnetworks 		[17:10]
KDE_Perry has quit IRC (Ping timeout: 264 seconds)
mkb has quit IRC (Ping timeout: 246 seconds)
mkb has joined #arpnetworks
KDE_Perry has joined #arpnetworks 		[17:25]
mkbI wish I knew why that happened [17:27]
.... (idle for 15mn)
mercutiowhy what happened?
freenode network outages?
probably ddos.. 		[17:42]
mkbsaid ping timeout on my end [17:43]
mercutioyou weren't the only one [17:43]
mkbI just assumed it was me or something close
hmm 		[17:43]
mercutiokde_perry went out too
but looks like just you two this time :)
the other ones were earlier 		[17:44]
***ziyourenxiang has quit IRC (Quit: Leaving) [17:55]
nathanihttp://www.macrumors.com/2016/03/16/apple-icloud-google-cloud-platform/ [18:03]
mkbI hate these clouds
tcpdump no longer tells me what traffic is from what since it's practically all to AWS 		[18:04]
..... (idle for 20mn)
nathanicould you look up the tcp stack and do some packet inspection to check URLs for GET requests and such
mkb^ 		[18:25]
mkbthey encrypt it all
I mean I have root and can get past that 		[18:27]
........... (idle for 53mn)
mercutioheh i loved it when i had an adsl modem i could run tcpdump on
pity only really old ones work
it just seemed so right. i can tcpdump now, but that's with pppoe.. 		[19:20]
***JC_Denton has quit IRC (*.net *.split)
nesta has quit IRC (*.net *.split) 		[19:23]
JC_Denton has joined #arpnetworks
nesta has joined #arpnetworks 		[19:28]
shepo has joined #arpnetworks [19:38]
shepohello
holaaaaa 		[19:38]
***shepo has quit IRC (Read error: Connection reset by peer) [19:39]
brycecHello user that didn't stick around more than 2 minutes [19:42]
nathanianyone use spotify? If so - does anyone actually pay for it? [19:53]
brycecbrycec on both accounts
brycec is listening this very second, even. 		[19:53]
nathaniI would still be using iTunes - but its just so slow in comparison
on my first month trial at the moment 		[19:54]
brycecAs someone not indoctrinated in the iOS ecosystem, iTunes really offers me nothing (especially on *nix) [19:55]
nathaniI notice you had some irssi / itunes controller project in your github repo
does spotify have a *nix client? 		[19:56]
brycecI used to use OSX, ages ago. Kinda dropped off around 10.6
Spotify has a Linux binary client, and a web client (flash is required, I think.)
And as an Android, and Chromecast user - Spotify has Android clients and I can "cast" it to Chromecast devices 		[19:57]
nathanicool
nathani thinks of installing debian on my thinkpad (currently running Windows10) To try out the Linux client 		[19:59]
brycecit's nothing particularly special. You're just as well off, if not better, using the Windows client if you're on Windows. [20:01]
mercutioare there any decent music players on unix comparable to foobar2000 yet? [20:01]
brycecLinux client tends to lag a bit feature-wise. [20:01]
mercutioi never did like rhythmbox and the like [20:01]
brycecI really couldn't say since I have no experience with foobar2000 [20:02]
mercutioahh [20:02]
bryceci.e. I don't know what makes foobar2000 so great :p [20:02]
mercutiohttps://www.foobar2000.org/images/img/main-black.png
it's nice and simple, and it makes it easy to read and do stuff and play albums :)
whilst being light weight 		[20:02]
brycecLooks like it has a library manager built-in too? [20:03]
mercutiokind of
you just build the library by adding directories 		[20:03]
brycecSounds like VLC's scheme [20:03]
mercutiobut then you can exit and go back in
and it will retain that
also you can put more in there and it'll pick it up 		[20:03]
brycecYeah iirc VLC has that. It's not the default playlist view, it has a library thinger. [20:04]
mercutiohmm
heh prodigy
i remember prodigy :) 		[20:04]
brycecFor the very minimal amount I need/use a media thing in linux, I'm happy with Rhythmbox. (I just use it to sync to a USB drive for the car) [20:05]
mercutioi used to use mpg123/ogg123 [20:05]
brycecbrycec is currently watching Rhythmbox notice changes in his music directory) [20:05]
mercutioand just play albums from command line
for some reason i found rhythmbox really slow
i wonder how big my music library is
it's all over the network..
well actually over the internet :)
only 144gb
but even that is just over 8 weeks long.. 		[20:05]
brycecIt's not noticeably slow for me. Takes about 5 seconds of showing a blank library before it shows my 340GB library, 101+ days [20:07]
mercutioahh i was thinking of scanning time
i suppose i don't need to keep rescanning
maybe i should try it again sometime
i've been just using foobar2000 on windows :) 		[20:07]
brycec(And said library is on an NFS share) [20:08]
mercutio5 seconds is ok
it't not like i reboot every day :) 		[20:08]
brycecAlso, Spotify is integrated into my receiver -- or failing a fancy receiver, a PS4 -- so I can tell the client to move my music playback from my laptop/headphones/etc to the receiver while I cook, AND I can still control playback using the receiver remote, my computer, or even the Spotify app on my phone. [20:13]
mercutiothat sounds hadny
i always wanted remote room audio 		[20:13]
brycec(My receiver isn't "fancy" - I'd say it was lower-mid-range at the time I bought it 3 years ago) [20:13]
mercutioinstead of having to turn the volume up and open doors :) [20:13]
...... (idle for 29mn)
***dj_goku has joined #arpnetworks [20:42]
mjp_ has quit IRC (Remote host closed the connection)
mjp_ has joined #arpnetworks 		[20:55]
......... (idle for 42mn)
DaCa has quit IRC (Ping timeout: 268 seconds) [21:39]
........ (idle for 39mn)
mkbdoes mozilla like confusing their users
"the owner of this website has configured their website improperly. to protect you, firefox has not connected to this website."
that means the certificate didn't verify
if it's just configured improperly, why do you have to not connect? 		[22:18]
mercutiofirefox and chrome have both started getting strict with ssl certs. [22:19]
mkband if it's an actual security problem, why do you say it's configured improperly? [22:19]
mercutiothey went from warning users to not letting users through
like i think you need tls support now? 		[22:20]
mkbthe exception button still worked fortunately [22:20]
mercutioahh cool
i hit quite a few websites in google with a different domain configured 		[22:20]
mkbbut it's the text that irritates me [22:21]
mercutioso the cert will be for a different domain but still have the right content [22:21]
mkbthey know 99% of that is not a real issue
and yet they keep making it harder to get through 		[22:21]
mercutioitd epends what level of trust you need/want/desire from a site
like a bank having a misconfigured domain name would send alarm bells
some random internet forum or such not relaly 		[22:22]
mkbthis guy's blog seems to be signed with let's encrypt
which apparently doesn't actually work 		[22:22]
mercutiooh
i hit an issue with let's encrypt where it was working in chrome but not firefox
it may not be including the intermediate cert 		[22:23]
mkboh that is configured improperly... [22:23]
mercutiokind of, yeah
it's complicated
they have two legacy certs
to use to increase browser support while they're trying to get their root cert everywhere
that's my understanding
so not necessarily improperly configured
but less "openly" configured 		[22:23]
mkbmkb looks at the cert again [22:25]
mercutioyou could say it's like allowing ssl support for legacy users [22:25]
mkbCN=Let's Encrypt Authority X1/O=Let's Encrypt/C=US [22:25]
mercutioif you want the widest audience you need to, but if you are only expecting modern users it's not so bad [22:25]
mkboh no.. https://letsencrypt.org/certs/isrg-keys.png [22:25]
mercutioalthough it's a bit safer than allowing ssl users
The site just works on chrome right? 		[22:26]
mkbidk I don't have it installed [22:28]
mercutioAhh
Well it is a blog 		[22:28]
mkbmkb tries safari
https://blog.josefsson.org/2014/06/23/offline-gnupg-master-key-and-subkeys-on-yubikey-neo-smartcard/ 		[22:28]
mercutioI think you b are safe to just accept [22:28]
mkbI'm safe because I'm just reading it :) [22:29]
mercutioChrome Android bitches [22:29]
mkbit could have some sort of zero-day, but that's true of everything [22:29]
mercutioSays invalid cert authority
I get so many random b letters on my phone 		[22:29]
mkbthough I don't see why safari likes it [22:31]
mercutioit actualyl works fine on chrome on pc too
maybe he hasn't noticed
you could tell him :)
curl doesn't like it either 		[22:31]
brycecI'm okay with the message. It's not technical and it's not supposed to be - it's supposed to be as simple as possible for the typical luddite to understand. The idea is to say there's a problem and that it's not the $lusers's fault. 22:15 <mkb> "the owner of this website has configured their website improperly. to protect you, firefox has not connected to this website." [22:33]
***DaCa has joined #arpnetworks [22:33]
brycec(As someone that is technical support for their immediate family, who aren't exactly "bright" when it comes to computers...)
And frankly I'd rather a too-secure than a too-loose policy. Like mercutio said, if it's a bank or important online provider then that shit is serious. If it's Joe's Blog then maybe it's not a big deal, but I don't want my mother making that decision... 		[22:33]
mkbyes but it's supposed to happen when something is seriously wrong and it just acts like there's some minor configuration problem
SSH gives a much more urgent warning
``IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)!'' 		[22:35]
brycecBecause you don't want $luser calling the police over it...
And trust me, $lusers overreact in comical ways.
(Not making this up - personal experience) 		[22:37]
mkboh I believe you [22:38]
brycecSo the message can't be *too* alarming... [22:38]
mkbbut he'll click the exception button [22:38]
brycecNot if he can't find it [22:38]
mkbit was right there
well 		[22:38]
brycecWell the Exception button is there, but to actually add the exception isn't clear [22:38]
mkb$luser generally can't find things which are right on the screen
and I admit to having done it hundreds of times 		[22:38]
brycecAnd last I recall, the exception button was hidden under "I Understand the Risks" [22:39]
mkbit's labeled Advanced -> Add exception -> Confirm here
nothing really indicates that there's a risk
maybe ``To protect your information from being stolen''
hmm maybe this is a different message
though that's silly too... unknown issuer and fake issuer would look the same 		[22:40]
brycecbrycec hasn't really dealt with FF personally in a awhile, and I know they change things... [22:42]
mkbas far as I can tell from Google the most common reason to get that message is because you've installed an antivirus program
of course they MITM you
I really expected to find a bunch of screenshots with arrows before page two and I didn't so maybe it's not so hopeless 		[22:42]
.... (idle for 19mn)
mercutiobrycec: i'm ok with it being tight as long as it's easy to add exceptions :)
firefox to me seems better than it used to be 		[23:02]
↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)