[04:24] *** ziyourenxiang has joined #arpnetworks
[08:17] *** ziyourenxiang has quit IRC (Quit: Leaving)
[08:47] *** Lucifer333 has quit IRC (Ping timeout: 268 seconds)
[09:11] <RandalSchwartz> cloudflare seems to have had a major outage that started *precisely* at the leap second.  I wonder if SSL has "this is from the future" coding checks?
[09:12] <RandalSchwartz> I know it blew up some of the connections to ziprecruiter machines for quite a few hours
[09:14] *** awyeah has quit IRC (Ping timeout: 265 seconds)
[09:22] *** awyeah has joined #arpnetworks
[09:37] <dne> seems likely - https://github.com/golang/go/issues/12914
[09:41] <RandalSchwartz> I know internal to zip, they were seeing the upstream ntp suddenly being one second back
[09:41] <RandalSchwartz> admittedly, many of the internal ntpd could have used an upgrade in the past few years. :)
[09:42] <RandalSchwartz> I can't recall if "one second" is still within the slew range
[09:42] <RandalSchwartz> I know there's some threshold where it will basically give up.  I gotta think it's more like a minute
[11:43] <RandalSchwartz> my brother seems to recall when 7 seconds were added "all at once", but I think he's mis-remembering
[12:28] *** perlgod has quit IRC (Quit: bye)
[12:29] *** perlgod has joined #arpnetworks
[12:32] *** perlgod has quit IRC (Client Quit)
[12:32] *** perlgod has joined #arpnetworks
[12:34] *** perlgod has quit IRC (Client Quit)
[12:34] *** perlgod has joined #arpnetworks
[12:51] *** Lucifer333 has joined #arpnetworks
[13:02] <mhoran> Ugh that fucking golang thread is absurd.
[13:02] <mhoran> The community is so terrible and why is documented right there.
[13:16] <mercutio> so is that why google was doing smearing?
[13:43] <mhoran> Ha.
[14:25] <nathani> staticsafe: how are you liking the new fibe/fiber
[14:25] <staticsafe> im liking it a lot
[14:26] <nathani> still going through the Mikrotik PPPoE Client
[14:26] <nathani> or using the mikrotik strictly for Layer 2 and let the HH3000 do the NAT?
[14:35] *** Lucifer333 has quit IRC (Quit: Leaving)
[15:06] <up_the_irons> mhoran: you find the golang community terrible?  (I know nothing of it, so that's why I'm asking...)
[15:08] <mhoran> yeah. We write/maintain a lot of go at Pivotal/Cloud Foundry. I hate it.
[15:13] <nathani> up_the_irons: Happy Invoice Day / New Year / Congratulations on the new auto provisioning VMs
[15:13] <nathani> s/New/Happy New
[15:13] <BryceBot> <nathani> up_the_irons: Happy Invoice Day / Happy New Year / Congratulations on the new auto provisioning VMs
[15:16] <mercutio> nathani: did you see that bbr is in linux 4.9 now?
[15:17] <nathani> nope
[15:17] <nathani> you have a link to the release notes?
[15:17] <mercutio> it'll be on kernelnewbies probably
[15:17] <nathani> github or whatever
[15:17] <mercutio> linux doesn't have proper release notes
[15:18] <mercutio> oh it's not there yet
[15:19] <mercutio> /lib/modules/4.9.0-1-ARCH/kernel/net/ipv4/tcp_bbr.ko.gz
[15:19] <mercutio> it's in there heh :)
[15:19] <nathani> https://github.com/torvalds/linux/search?utf8=%E2%9C%93&q=bbr
[15:20] <mercutio> cool
[15:20] <nathani> The PDF if anyone is interested: https://mnathani.com/bbr/BBR-Congestion-Based%20Congestion%20Control.pdf
[15:21] <up_the_irons> nathani: thanks!!
[15:21] <up_the_irons> mhoran: ah interesting
[15:21] <mhoran> And I personally disagree with a lot of the core tenets of the language.
[15:21] <up_the_irons> mhoran: is it like OpenBSD bad, hipster bad, or...? ;)
[15:22] <up_the_irons> ah
[15:22] <mhoran> Google bad.
[15:22] <up_the_irons> aaah
[15:22] <mhoran> They don't believe in shared libraries, mostly copy and pasting code and sticking to what's in the core lib. It works for Google where they maintain all their code and have subject matter experts on everything they maintain, but doesn't work for smaller organizations that utilize open source and leverage other communities.
[15:23] <mhoran> Package/code management is terrible, and constantly changing since there's no clear direction (and Google doesn't use it so it's not maintained well.)
[15:23] <mhoran> Statically linked binaries are huge and pull in the whole world for the sake of portability (which is nice, but see shared libraries above).
[15:23] <mercutio> eww
[15:23] <mhoran> And then there's naming practices. Single letter variables all over the place, and hard to read, spaghetti code.
[15:24] <mhoran> For highly concurrent systems that are complicated and need high throughput,it's OK. But for everyday programming, I miss Ruby.
[15:24] <mercutio> are you working at google or something?
[15:24] <mhoran> https://medium.com/@octskyward/modern-garbage-collection-911ef4f8bd8e#.lktwkvmat -- here's a great article about some other FUD around GC in Go.
[15:25] <mercutio> GC is what put me off D
[15:25] <mhoran> mercutio: Pivotal, we work on Cloud Foundry which is mainly written in Go.
[15:25] <up_the_irons> mhoran: oh man that sounds terrible; i'm sorry to hear that
[15:25] <mhoran> Go has a lot of promise and then is just so disappointing.
[15:25] <up_the_irons> mhoran: i knew about the shared library thing... i mean, having a single binary that can be copied around systems, dependent-less, is kinda one of their "things"
[15:25] <mhoran> yeah.
[15:26] <mhoran> And for Google it works great! Or so I hear. But I haven't seen it work well.
[15:26] <up_the_irons> yeah
[15:37] <RandalSchwartz> ... https://blog.cloudflare.com/how-and-why-the-leap-second-affected-cloudflare-dns/
[15:48] <RandalSchwartz> Google probably has enough disk and bandwidth that they can copy the world bundled with each of their binaries without issue.
[15:49] <RandalSchwartz> I'm surprised they didn't just implement containers that bundle the world for each app... oh wait...
[15:49] *** perlgod has quit IRC (Quit: bye)
[15:55] *** perlgod has joined #arpnetworks
[17:12] <mhoran> Yep
[17:18] <mercutio> ever since amos had huge executables on amiga back in the day i've had pet grudges over executable size..
[17:18] <mercutio> it doesn't slow things down as much when you have demand paging, but it just seems so wrong
[17:26] *** chatter has joined #arpnetworks
[17:26] <chatter> hey guys
[17:27] <chatter> allah is doing
[17:27] <chatter> sun is not doing allah is doing
[17:27] <chatter> to accept Islam say that i bear witness that there is no deity worthy of worship except Allah and Muhammad peace be upon him is his slave and messenger
[17:27] <JC_Denton> oh, to have ops...
[17:30] *** chatter has quit IRC (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[17:31] *** chatter has joined #arpnetworks
[17:34] *** perlgod has quit IRC (Quit: bye)
[17:34] *** perlgod has joined #arpnetworks
[17:34] *** chatter has quit IRC (Client Quit)
[17:34] *** mhoran has left "WeeChat 1.6"
[17:34] *** mhoran has joined #arpnetworks
[17:36] *** mhoran has quit IRC (Changing host)
[17:36] *** mhoran has joined #arpnetworks
[17:36] *** ChanServ sets mode: +o mhoran
[17:36] *** mhoran sets mode: +b chatter!*@*
[18:22] *** Lucifer333 has joined #arpnetworks
[18:48] *** karstensrage has joined #arpnetworks
[18:48] *** karstensrage is now known as Guest85439
[18:49] *** perlgod has quit IRC (Quit: bye)
[19:03] *** perlgod has joined #arpnetworks
[19:05] <nathani> any one else having issues viewing ssl certificate details using chrome?
[19:05] <nathani> they seem to have removed the option completely
[19:08] *** Guest85439 is now known as karstensrage
[19:09] *** karstensrage has quit IRC (Changing host)
[19:09] *** karstensrage has joined #arpnetworks
[19:09] <mercutio> wow it is confusing
[19:09] <mercutio> i see what you mean
[19:09] <mercutio> there's probably a way ,lnot sure how yet though
[19:11] <mercutio> just press fa12
[19:11] <mercutio> f12
[19:11] <mercutio> go to security
[19:11] <mercutio> and view certificate is under there
[19:11] <nathani> cool
[19:11] <nathani> thanks
[19:11] <nathani> dont need to use firefox for that task anymore :-)
[19:11] <mercutio> i had to guess my way there
[19:12] <nathani> pretty sure it was an oversight on their part though
[19:12] <mercutio> i dunno
[19:12] <nathani> F1, F2, F3, .. F12 ?
[19:12] <mercutio> finding out site passowrds got harder before
[19:12] <mercutio> i think sometimes they just don't want to make some of these things too easy
[19:12] <mercutio> f12 is the normal debugging mode
[19:12] <mercutio> there's other cool stuff in there too
[19:12] <nathani> right
[19:19] <mike-burns> Oh rad, instant provisioning!
[19:40] <mhoran> Yeah, for some reason Chrome removed the extremely accessible cert information modal and combined it with the confusing for people who aren't web programmers inspector widget...
[19:40] <mhoran> Which seems ... really bad for security.
[19:42] <mercutio> they also say not secure when you enter a password on non encrypted site now
[19:43] <mike-burns> That's a nice feature.
[19:43] <mercutio> i always consider websites that ask for a password insecure
[19:43] <mercutio> there's been so many big leaks...
[19:44] <mike-burns> I consider it completely insecure to give my password to another person/company, including a Web site. I think we're in agreement there.
[19:44] <mike-burns> https://twitter.com/mikeburns/status/529369409941680128 - this was my prediction in 2014!
[19:44] <BryceBot> TWITTER: Browsers might as well render password fields like text fields when the form action is non-HTTPS. And even then ... (Mon Nov 03 20:27:57 +0000 2014)
[19:44] <mercutio> i think some kind of generic login that isn't associated with facebook etc would be nice
[19:45] <mercutio> preferably one that can't link back to you, so much as ensure you are legit
[19:45] <mike-burns> Right, just some simply public/private keypair thing.
[19:45] <mercutio> like if you have two sites, and use some kind of sahred login system the sites shouldn't be able to identify you as the same person
[19:45] <mike-burns> I also question "logging in" to Web sites as a general concept, but that's neither here nor there.
[19:46] <mike-burns> I don't care about SSO so much as public/private keypair. I'm fine with a new keypair for each service.
[19:46] <mercutio> i tend to just hav chrome remember passwords for me
[19:46] <mike-burns> I use a password manager.
[19:46] <mercutio> but as soon as i'm not in front of chrome i don't have any idea what my password is for most of those
[19:46] <mike-burns> Yeah a password manager helps with that.
[19:46] <mercutio> well atm there are so many not very important things that want logins
[19:47] <mercutio> like logins for online shopping basically
[19:47] <mercutio> and whenever possible i pay with paypal
[19:47] <mike-burns> And hosted email service, if you use one of those.
[19:47] <mercutio> as bad as it is
[19:47] <mercutio> at least it means i don't have to worry about sites having my credit card #
[19:47] <mike-burns> Yeah I also don't like entering my CC number into a Web site -- especially a non-CC Web site.
[19:48] <mike-burns> Like, I'd rather enter my CC # into visa.com than into, I dunno, gilt.com.
[19:48] <mercutio> yeah
[19:48] <mercutio> although i still am hesitiant about americanexpress
[19:48] <mercutio> hah
[19:48] <mercutio> i had credit card fraud on my credit card and they rung me up from a blocked phone number
[19:48] <mike-burns> If only someone made a public/private keypair for payment that wasn't also criticized as being only used by criminals.
[19:48] <mercutio> and wanted me to say my credit card # etc
[19:48] <mike-burns> That's bold.
[19:49] <mercutio> it was legit
[19:49] <mercutio> but like there was no other communication method in line with it
[19:49] <mercutio> i got a reference number from them and went through their avr
[19:49] <mercutio> but that again seems like one of those areas that needs to be improved
[19:50] <mercutio> like if a company wants to validate me, how do i validate them first?
[19:50] <mike-burns> We, as a culture of engineers, sure have built a lot of phishing-friendly products, from phones to emails and beyond.
[19:50] <mercutio> well most geeks have known about social engineering for ages.
[19:50] <mercutio> "what's your password?" :)
[19:50] <mike-burns> We just think we've above it.
[19:50] <mike-burns> Or that it's a problem that can be solved later.
[19:50] <mercutio> but lots of people are trusting
[19:51] <mike-burns> Or busy.
[19:51] <mercutio> true
[19:51] <mercutio> it was a pita going through the avr
[19:51] <mike-burns> Yeah I bet.
[19:51] <BryceBot> That's what she said!!
[19:51] <mercutio> i wish there was a way to shortcut it
[19:51] <mercutio> like you should just be able to press 0
[19:51] <mercutio> then type in a 12 digit number or something
[19:51] <mike-burns> They should have a phone number that you call them on, agreed upon ahead of time.
[19:52] <mercutio> it's on your credit card
[19:52] <mike-burns> Right.
[19:52] <mercutio> but you still have to put in heaps of details etc
[19:52] <mike-burns> Oh I see.
[19:52] <mercutio> and go through annoying avr
[19:52] <mercutio> and wait in queue
[19:52] <mike-burns> In Sweden I used a public/private keypair to auth with my bank. That was nice.
[19:52] <mercutio> wow
[19:52] <mike-burns> BankID. Unpleasant software, but a great idea.
[19:53] <mercutio> i can download my transactions in csv
[19:53] <mercutio> going back years
[19:53] <mercutio> i thought that was normal.  but apparently some banks don't make that that easy.
[19:53] <mike-burns> Lots of legacy software and arbitrary restrictions.
[19:53] <mercutio> and some will only go back two years or something
[19:54] <mercutio> banking just got improved recently here, so that you can normally transfer money between banks within an hour
[19:54] <mercutio> it used to be overnight.  now that was a legacy system...
[19:55] <mike-burns> Yeah, using tapes physically mailed to banks or something.
[19:55] <mercutio> i think they used to use isdn
[19:56] <mike-burns> http://www.npr.org/sections/money/2013/10/04/229224964/episode-489-the-invisible-plumbing-of-our-economy - this MP3 talked about it, IIRC.
[19:56] <mercutio> i wouldn't be suprised if they use the interne tnow..
[19:56] <mike-burns> I would be surprised if a US bank used any recent technology.
[19:56] <mercutio> well i'm not in the US..
[19:57] <mike-burns> Ah, right. Then maybe!
[19:57] <mercutio> ok i'm going to have to watch that
[19:57] <mercutio> err listen?
[19:57] <mike-burns> http://www.npr.org/templates/transcript/transcript.php?storyId=229224964 - here's some words.
[19:58] <mercutio> on that note, i've been searching for ages, and still have no idea what the best way to listen to music at gym is ..
[19:58] <mercutio> which could include podcasts
[19:58] <mercutio> i kind of thought stuff would have improved by now.
[19:58] <mike-burns> That'd be a great subtitle for a documentary about the year 2016.
[19:59] <mercutio> the easiest seems to be bluetooth watch with music playing with bluetooth headphones
[19:59] <mercutio> which would be fine for podcasts
[19:59] <mercutio> but not so good for music
[20:04] <RandalSchwartz> I got my friend a Bose QC20 for his gymwork
[20:04] <RandalSchwartz> he's now pretty happy with it
[20:04] <RandalSchwartz> not bluetooth... but the noise cancelling is amazing even in a gym
[20:04] <mercutio> damn they're expensive :)
[20:05] <up_the_irons> mike-burns: yeah, VMs without an OS (blank) are now instant; we're working feverishly to also get the OS part done by Feb.
[20:05] <RandalSchwartz> I think they may even exceed the classic Bose I bought (twice) ear-clamps that I had years ago
[20:05] <mercutio> i found there's this cool alternative firmware for mp3 players.
[20:05] <mercutio> i have a feeling that wires are going to be annoying
[20:05] <mercutio> but i probably should experiment with my old phone
[20:06] <mercutio> xduoo x3 is my current idea
[20:06] <mercutio> then using big clunky headphones
[20:06] <mercutio> but where to put it!
[20:06] <BryceBot> That's what she said!!
[20:08] <mercutio> there's this alternative firmware called rockbox, and that's one of the only current mp3 players it works with.. there are some older models that are hard to get now like sandisk clip which would be more convenient..
[20:21] <nathani> I use a classic iPod
[20:22] <nathani> they discontinued the product in favour of smaller flash based devices and the iPod touch
[20:22] <mercutio> classic ipod actually works with rockbox too
[20:22] <mercutio> ipods are stupidly expensive second hadn here
[20:22] <nathani> yea
[20:22] <mercutio> and the batteries are likely to die on old ones bought now
[20:22] <mercutio> it's cheaper to buy a new xduoo x3
[20:22] <nathani> @google xduoo x3
[20:22] <BryceBot> 15,800 total results returned for 'xduoo x3', here's 3
[20:22] <BryceBot> The xDuoo X3 DAP now has a fully functional Rockbox port. Here ... (https://www.reddit.com/r/headphones/comments/4c2u3a/the_xduoo_x3_dap_now_has_a_fully_functional/) Mar 26, 2016 ... Hello guys. I have been immensely enjoying my xDuoo X3 DAP and thought I  would share my experience now that the player has received a ...
[20:22] <BryceBot> XDUOO X3 HiFi Lossless Music Player MP3-92.81 Online Shopping ... (http://www.gearbest.com/mp3-mp4-players/pp_440370.html) Just US$92.81 + free shipping, buy XDUOO X3 HiFi Lossless Music Player MP3  online shopping at GearBest.com.
[20:22] <BryceBot> XDUOO® X3 Mini HI-FI Music Player JZ4760B Chip 24bit: Amazon ... (https://www.amazon.co.uk/XDUOO%C2%AE-JZ4760B-Lossless-Supports-Formats/dp/B017K9XVX6) XDUOO® X3 Mini HI-FI Music Player JZ4760B Chip 24bit/192khz HD format  Audio Player Lossless Music Player Silver Supports MP3 WMA APE FLAC WAV ...
[20:23] <nathani> @google Rockbox
[20:23] <BryceBot> 162,000 total results returned for 'Rockbox', here's 3
[20:23] <BryceBot> Rockbox - Wikipedia (https://en.wikipedia.org/wiki/Rockbox) Rockbox is a free and open-source software replacement for the OEM firmware in  various forms of digital audio players (DAPs) with an original kernel. It offers ...
[20:23] <BryceBot> Rockbox Technical Forums - Index (http://forums.rockbox.org/) Welcome to the Rockbox Technical Forums! Thank You for your continued  support and contributions! Rockbox Ports are now being developed for various  digital ...
[20:23] <BryceBot> Rock Box | Japanese style karaoke | Capitol Hill, Seattle (http://www.rockboxseattle.com/) Rock Box is a Japanese style karaoke lounge in Capitol Hill, Seattle with full bar.  Sing and drink with your friends in a private room or karaoke box!
[20:23] <mercutio> xduoo has annoying firmware
[20:23] <nathani> hmm, so I can convert my iPod to a Rockbox?
[20:23] <mercutio> yes
[20:23] <mercutio> like there's a second gap between songs
[20:23] <mercutio> rather than seemless playing from track to track
[20:23] <nathani> whats the advantage over the iPod firmware
[20:24] <mercutio> i haven't seen the ipod firmware
[20:24] <mercutio> but it has quick previous/next etc
[20:24] <mercutio> eq
[20:24] <nathani> is it stable?
[20:24] <mercutio> i'm not an expert on it though
[20:24] <mercutio> some devices can dual boot
[20:24] <mercutio> it's really old so should be
[20:25] <nathani> I have had to use iTunes with the iPod
[20:25] <nathani> which is a huge resource hog
[20:25] <mercutio> oh
[20:25] <mercutio> yeah that problem should go away :)
[20:25] <mercutio> you should be able to play flac etc too
[20:26] <mercutio> you can drag and drop songs to it
[20:26] <mercutio> it acts like a drive
[20:26] <mercutio> people keep talking about flac support when googling hah
[20:28] <nathani> how does it deal with creating / modifying playlists
[20:29] <mercutio> long press
[20:29] <mercutio> that's as much as i know
[20:29] <mercutio> i haven't tried it yet
[20:29] <mercutio> i don't have a mp3 player :)
[20:29] <nathani> https://support.apple.com/content/dam/edam/applecare/images/en_US/ipod/ipodclassic/psp-hero-ipodclassic.png
[20:29] <nathani> ahh
[20:29] <nathani> thats the iPod classic I have
[20:30] <nathani> is Spotify available in NZ ?
[20:30] <nathani> you could use your Samsung if it is
[20:30] <mercutio> i don't want to use my normal phone in gym
[20:30] <mercutio> sounds way too dangerous
[20:31] <mercutio> well i was initially
[20:31] <mercutio> but now i don't :)
[20:31] <mercutio> i have a moto g too though
[20:31] <mercutio> i'd rather use proper headphones though
[20:32] <mercutio> i hate those in ear things
[20:32] <nathani> whats the danger? drops and such?
[20:32] <mercutio> yeah
[20:32] <nathani> get a rugged case :-)
[20:32] <mercutio> well there's still the issue of it being bulky and not fitting in pockets of gym clothes that easily
[20:33] <mercutio> i was considering getting a gear fit 2
[20:33] <nathani> iPod touch sells arm bands
[20:33] <mercutio> which has music playing
[20:33] <mercutio> using bluetooth to bluetooth headphones
[20:33] <nathani> my brother just bought a fitbit charge
[20:33] <mercutio> fitbit charge doesn't have music
[20:33] <mercutio> my brother has a fitbit charge
[20:34] <mercutio> all of the herat rate things seem non ideal
[20:34] <mercutio> none of them are responsive enough to work well with HIIT
[20:34] <nathani> I used to have a watch that measured heart rate
[20:34] <mercutio> which is where heart rate is most important
[20:35] <mercutio> yeah i think it'd be fun to see what my heart rate over the day is
[20:36] <mercutio> and it'd be nice if i could get notifications from my phone
[20:36] <mercutio> not sure what range is like though
[22:30] *** Lucifer333 has quit IRC (Quit: Leaving)
[23:16] <nathani> I got an A on my new Wildcard SSL Install: https://www.ssllabs.com/ssltest/analyze.html?d=graphs.winvive.com&s=67.227.192.97&latest
[23:27] <mercutio> you may want to enable HSTS
[23:29] <mercutio> are you going to try and get A+?
[23:40] <nathani> mercutio: do you know if it can be set globally in Apache?
[23:40] <mercutio> i've never enabled it in apache
[23:40] <mercutio> so i have no idea
[23:41] <nathani> does the test give suggestions on how to improve
[23:41] <mercutio> i'd do it per site generally though
[23:41] <nathani> so I can try to get A+
[23:41] <mercutio> i'm not sure, i didn't see it..
[23:41] <mercutio> somewhere should say how to improve it
[23:41] <mercutio> so you do want to try for the A+? :)
[23:42] <nathani> probably get the folks at liquidweb to do it
[23:42] <nathani> its a managed box
[23:42] <mercutio> managed hah
[23:43] <nathani> they need to be told what to do and then they do it
[23:43] <nathani> so semi-managed I guess
[23:43] <nathani> no proactive stuff
[23:43] <mercutio> ahh
[23:43] <mercutio> https://raymii.org/s/tutorials/Strong_SSL_Security_On_Apache2.html#HTTP_Strict_Transport_Security
[23:44] <mercutio> maybe this would help you
[23:55] <nathani> thanks