[01:44] *** schmir has joined #arpnetworks
[01:56] *** schmir has quit IRC (Remote host closed the connection)
[02:25] *** schmir has joined #arpnetworks
[03:03] *** baklava has quit IRC (Disconnected by services)
[03:03] *** baklava- has joined #arpnetworks
[04:30] *** ziyourenxiang has joined #arpnetworks
[04:34] <dxtr> I can see that my dad mowed the lawn because there's mud and grass on my window
[04:45] <ziyourenxiang> it's a hint to you
[05:09] <AndrewBC> nonsense. clearly a sod monster is after you
[05:16] <cedwards> clearly.
[05:18] <bob^^> there's no other sensible explanation
[05:19] <AndrewBC> indeed
[05:20] *** heavysixer has joined #arpnetworks
[05:20] *** ChanServ sets mode: +o heavysixer
[05:39] *** baklava- is now known as baklava
[06:30] *** vtoms has joined #arpnetworks
[06:34] <RandalSchwartz> nice - the three-line change I made to the code a few weeks ago went live last night... reducing the load on 34 boxes by *half*
[06:34] <RandalSchwartz> I wonder if I get to keep the 17 boxes they won't need now :)
[06:35] <RandalSchwartz> each of those is an 8-processor with 16GB of ram
[06:37] <schmir> nice one. I'd say it depends on if you wrote the code in the first place
[06:44] <RandalSchwartz> I didn't
[06:54] <awyeah> yay got a new laptop from work.
[06:54] <bob^^> :D
[06:57] <awyeah> The laptop I'm giving back is a Centrino... it's kinda old now
[06:57] <awyeah> 2.25GHz centrino.  single core. 80gb, 5400rpm hard drive.
[06:58] <awyeah> new one is a core2 duo t9400. whatever the hell that is. Shit, I don't know anything about computers anymore.
[06:59] <awyeah> Oh, that's just the model number. ;)
[06:59] * awyeah moron.
[07:02] * dxtr whiestles
[07:02] <RandalSchwartz> so what does a nice 8-proc 16GB box sell for these days?
[07:02] <dxtr> Generating a 8192 bit rsa key
[07:02] <dxtr> \o/
[07:03] <RandalSchwartz> you must be afraid of even the NSA :)
[07:04] <awyeah> RandalSchwartz: My guess is... somewhere between $1 and $1,000,000,000
[07:04] <awyeah> it's within that range somewhere.
[07:05] <RandalSchwartz> I bet it is!
[07:05] <dxtr> RandalSchwartz: It's mostly for the lols actually :)
[07:09] <dxtr> But my server's got a 4096 bit key
[07:09] <dxtr> I think that's quite enough.. for now
[07:12] *** schmir has quit IRC (Ping timeout: 264 seconds)
[07:16] <dxtr> I spoke with someone who strongly believed the NSA could break a 256 bit RSA key in seconds :D
[07:16] <dxtr> Beat that, RandalSchwartz!
[07:20] <bob^^> i don't doubt that :/
[07:20] <RandalSchwartz> with my newly-spare 17 boxes? :)
[07:24] <dxtr> bob^^: Really? In seconds? C'mon
[07:24] <dxtr> In months? Sure. But seconds? nah.
[07:25] <dxtr> "Factoring RSA 512-bit keys is now squarely within the reach of anyone who is determined enough. As testimony to this, several 512-bit RSA keys used to sign the operating systems of Texas Instruments calculators were recently factored, reportedly within "several months""
[07:25] <dxtr> http://www.javamex.com/tutorials/cryptography/rsa_key_length.shtml
[07:25] <dxtr> So.. Say weeks
[07:27] *** vtoms has quit IRC (Quit: Leaving.)
[07:27] <dxtr> But I fear the day quantum computers becomes more available
[07:28] <bob^^> 512 is not 2x as secure as 256 remember
[07:28] <bob^^> it's many many factors less secure
[07:28] <bob^^> if i remember the maths right :/
[07:28] <dxtr> That's why I said weeks :P
[07:28] <bob^^> and don't do it in software
[07:28] <bob^^> design an ASIC
[07:28] <bob^^> or do it in your graphics card
[07:28] <bob^^> now factor in an essentially limitless budget
[07:28] <bob^^> and... :)
[07:28] <bob^^> suddenly not so unbelievable
[07:29] <dxtr> i'm still getting the feeling that this computer will be kind of... power hungry
[07:30] <dxtr> Hmm.. or was it a 512 bit key the guy said? Don't remember
[07:30] <bob^^> ASICs don't need to be that power hungry - they're designed to one task and to do it as quickly as possible
[07:30] <bob^^> calculating prime factors isn't that complex remember :)
[07:31] <bob^^> i guess it depends if you drink the coolaid and believe that the NSA have a backdoor into public key encryption anyway ;)
[07:31] <dxtr> I'm kind of realistic and believe that NSA aren't some kind god
[07:32] <dxtr> "OMG! THEY CAN DO SHIT THAT ISN'T EVEN INVENTED!"
[07:32] <bob^^> hehe
[07:32] <dxtr> It's like here when people hear that I'm heavily encrypting my stuff
[07:32] <bob^^> the limitless budget tends to have the ability to invent things you don't think are possible :P
[07:32] <bob^^> oh i heavily encrypt my stuff too - nothing to hide, but that's not the point
[07:35] <dxtr> "The police would still be able to decrypt it!" - How the hell are they going to decrypt my hard drive? 64 byte key, AES encrypted. SSH? 4096 bit rsa key
[07:36] <dxtr> It's not like they do it over breakfast
[07:36] <RandalSchwartz> in some jurisdictions, you can be compelled to reveal your key
[07:36] <bob^^> depends on your local laws
[07:36] <bob^^> you cuold be forced to reveal the key
[07:36] <bob^^> indeed ^^
[07:36] <bob^^> it's now a requirement in the UK i believe (amazingly - i do *not* agree with this)
[07:37] <RandalSchwartz> I believe truecrypt actually has a stealth mode to combat this
[07:37] <bob^^> which i guess is why truecrypt offers hidden volumes with a different key :)
[07:37] <bob^^> yeah
[07:37] <bob^^> :D
[07:37] <RandalSchwartz> heh
[07:37] <RandalSchwartz> are you sitting next to me? :)
[07:37] <RandalSchwartz> "get outta my head!"
[07:38] <bob^^> :D
[07:38] * bob^^ waves over
[07:43] *** vtoms has joined #arpnetworks
[07:44] <dxtr> Actually I don't know my key
[07:44] <dxtr> I've got a yubikey .D
[07:44] <dxtr> So they can ask and beat me how much they want
[07:44] <dxtr> I've got nothing to tell them
[08:05] <dxtr> Damn. ftp.openbsd.org doesn't have 4.7 yet :/
[08:06] <dxtr> ftp.eu.openbsd.org did
[08:06] <dxtr> !
[08:20] <cedwards> dxtr: they want you to pay for it!
[08:51] <dxtr> So... I'll upgrade my router some day
[08:52] <dxtr> Probabl this weekend
[08:52] <dxtr> probably*
[09:05] <cedwards> I'm curious what OpenBSD offers that FreeBSD does not.. besides the free tin-foil hat with each download.
[09:07] <RandalSchwartz> an ancient version of apache!
[09:07] <RandalSchwartz> a non-standard version of NTP that breaks specs!
[09:08] <RandalSchwartz> however, a version of PF that is still ahead of FreeBSD's version
[09:08] <RandalSchwartz> (but not for long)
[09:16] <dxtr> Okay guys... I've gotta two book reports until tomorrow. Do you know of any good books? :D
[09:16] <dxtr> gotta do two*
[09:16] <dxtr> (Hint: It must be novels)
[09:19] <bob^^> what sort of books do you like?
[09:26] <cedwards> dxtr: any specific genre or just "two books"
[09:26] <dxtr> cedwards: Well, no specific genre as long as they're novels
[09:26] <dxtr> bob^^: I don't like books at allk
[09:27] <bob^^> ahh hehe
[09:27] <dxtr> That's kind of the reason I haven't done it
[09:27] <cedwards> ohh, so this doesn't count: http://store.xkcd.com/xkcd/#xkcdvolume0 ;)
[09:27] <bob^^> i guess there's plenty of classics to choose from
[09:27] <cedwards> I highly recommend Stephen King, but his novels are generally long.
[09:27] <dxtr> cedwards: If it did I'd read that and "Simons cat" (Yes, my girlfriend got that book)
[09:27] <bob^^> animal farm? 1984?
[09:27] <bob^^> i've got simons cat too :)
[09:27] <dxtr> :D
[09:28] <RandalSchwartz> how novel does it have to be?
[09:29] <bob^^> something by john steinbeck? of mice and men is quite good and nie and short iirc
[09:29] <dxtr> RandalSchwartz: The thing is that I won't have time to read anything. I'm thinking I'll google up some reports on books wich I've seen the movie and then go from there
[09:29] <dxtr> Like.. Twilight and Harry Potter
[09:29] <RandalSchwartz> that can be dangerous
[09:29] <bob^^> yaeh, i wouldn't do that
[09:29] <bob^^> you can read of mice and men in a few hours
[09:29] <RandalSchwartz> the book is usually a bit (or a lot) different
[09:29] <bob^^> http://en.wikipedia.org/wiki/Of_Mice_and_Men
[09:29] <RandalSchwartz> just steal something from wikipedia :)
[09:29] <bob^^> only 107 pages
[09:29] <RandalSchwartz> nobody will figure *that* out
[09:29] <bob^^> and it's actually quite an interesting book
[09:30] <RandalSchwartz> is it the Disney story?
[09:30] <RandalSchwartz> about the beginnings of Mickey Mouse?
[09:30] <dxtr> Well, I'm averaging VG (The second highest grade on a three-grade-scale)
[09:30] <dxtr> So hopefully I can't fail with this :D
[09:30] <bob^^> this is great too: http://en.wikipedia.org/wiki/The_Thirty-Nine_Steps
[09:30] <RandalSchwartz> "if you fail to plan... you will plan to fail"
[09:30] <bob^^> i'd read those two
[09:31] <bob^^> 39 steps is a good action story too, might keep you interested
[09:31] <RandalSchwartz> "it's the memory guy!"
[09:31] <RandalSchwartz> oops.  Spoiler :)
[09:31] <dxtr> oh, actually it's four grades. IG > G > VG > MVG. And beacause I'm averaging VG in this course (English B) I'm hoping that no matter how this goes I'll get a G
[09:34] <bob^^> dxtr: you could read the 39 steps *and* of mice and men within 6 hours
[09:34] <bob^^> and understand them both quite well
[09:35] <dxtr> cool
[09:35] <dxtr> So if I start now I'll be finished after midnight? :D
[09:35] <cedwards> better get started!
[09:35] <bob^^> go go go
[09:36] <RandalSchwartz> ahh - it's the memory guy only in the Hitchcock version
[09:36] <bob^^> hehehe
[09:36] <dxtr> Then I'll have to write the report + civics course
[09:36] <dxtr> Awesome
[09:36] * cedwards puts on his drill instructor hat and lets fly the obscenities to "motivate" dxtr
[09:36] <bob^^> i've not seen the hitchcock one :(
[09:42] <dxtr> I'm hungry
[09:42] <dxtr> I'll start studying whenever my dad comes home with food
[09:42] <dxtr> :D
[09:42] <dxtr> http://en.wikipedia.org/wiki/Gyros <- Om nom nom nom
[09:46] <cedwards> procrastinator
[09:46] <dxtr> :D
[09:48] <dxtr> FFFFUUUUUU-. I might be a true procrastinator
[09:48] <dxtr> "Procrastination can be a persistent and debilitating disorder in some people, causing significant psychological disability and dysfunction. These individuals may actually be suffering from an underlying mental health problem such as depression or ADHD."
[09:49] <dxtr> My girlfriend suspects I've got ADHD
[09:49] <dxtr> But I don't want ADHD so I'm not going to a doctor
[09:49] <bob^^> heh, some swedish people i know in another channel are always going on abuot gyros :)
[09:50] <bob^^> it looks a lot like donner kebab ;)
[09:50] <dxtr> "Traditionally, procrastination has been associated with perfectionism" <- again, my girlfriend is always bashing me because I'm a perfectionist like that
[09:50] <dxtr> "Fuck everything else until this is perfect" kind of
[09:50] <dxtr> bob^^: Gyros > Kebab :)
[09:50] <dxtr> I hate kebab
[09:52] <dxtr> cedwards: I hate you for bringing tht up :P
[09:52] <dxtr> that up*
[09:52] <bob^^> :)
[09:54] <cedwards> lol
[09:54] <cedwards> go read your books
[09:55] <dxtr> hehe
[09:55] <dxtr> No, but seriously. I'm too hungry to do anything productive right now
[09:56] <bob^^> once you start reading you'll forget about being hungry
[10:37] *** ziyourenxiang has quit IRC (Quit: ziyourenxiang)
[11:24] *** schmir has joined #arpnetworks
[11:24] *** schmir has quit IRC (Remote host closed the connection)
[11:50] *** AndrewBC has quit IRC (Ping timeout: 252 seconds)
[11:51] *** schmir has joined #arpnetworks
[11:56] *** AndrewBC has joined #arpnetworks
[11:59] <jdoe> hrm, 4.7
[11:59] <jdoe> wonder how pleasant upgrading is...
[12:06] *** schmir has quit IRC (Remote host closed the connection)
[12:08] *** schmir has joined #arpnetworks
[13:13] *** schmir has quit IRC (Ping timeout: 240 seconds)
[13:40] *** schmir has joined #arpnetworks
[15:08] *** schmir has quit IRC (Remote host closed the connection)
[15:08] *** vtoms has quit IRC (Quit: Leaving.)
[15:54] <up_the_irons> cedwards: for me, OpenBSD offers basically: a community that is big enough that useful work gets done, yet small enough that things pretty much move in the same direction.  there's not 26 ways to do the same thing in OpenBSD.  There's generally one, and only one, way.  I find this make it a lot simpler for me to understand.
[15:55] <up_the_irons> cedwards: but specifically, I'm liking the idea of using OpenBSD's spamd with my new Postfix configuration, to reduce spam (of course)
[15:59] <up_the_irons> now, time to fight with apparmor and libvirt
[17:09] <dxtr> Okay...
[17:09] <dxtr> up_the_irons: You won't believe what I've just done
[17:09] <dxtr> I've written a 13 page report about my school project
[17:09] <up_the_irons> in LaTeX?
[17:09] <dxtr> Now I've got to improvise 100 hours worth of logs :P
[17:10] <dxtr> Actually, no. I took the easy road and wrote it in OOo and exporting it to a pdf
[17:10] <up_the_irons> OOo?
[17:10] <up_the_irons> i c
[17:10] *** ballen has joined #arpnetworks
[17:10] *** ballen has quit IRC (Changing host)
[17:10] *** ballen has joined #arpnetworks
[17:10] *** ChanServ sets mode: +o ballen
[17:10] <dxtr> I'm in a hurry here. Don't have the time to learn latex right now :)
[17:11] <dxtr> As I said, I've got to improvise a logbook for the 100 hours I was supposed to put into this project (In reality it took more like 2-3 hours)
[17:12] <up_the_irons> haha
[17:12] <dxtr> Okay, I've written down 36 hours so... 64 to go :P
[17:12] <dxtr> Seriously, the rules for this project was insane
[17:13] <dxtr> It couldn't take less than 100 hours and one of my teacher asked me if I couldn't make them a webserver that the first year students can use (Upload php scripts and use a shell in the linux class)
[17:13] <dxtr> "Sure" I said
[17:13] *** nbari|away has quit IRC (*.net *.split)
[17:13] *** cedwards has quit IRC (*.net *.split)
[17:13] <dxtr> Installed Apache and PHP (with SuExec and SuPHP) plus MySQL on a Debian machine
[17:13] <dxtr> "Done!"
[17:14] <dxtr> Fixed quotas and stuff too
[17:14] <dxtr> I did it as slow as possible to drag it out. And I made a side project trying to learn my friend to write a script in either bash or perl that adds users in bulk (One class at a time)
[17:15] <dxtr> But he didn't gave so I gave that up
[17:15] <dxtr> he didn't care*
[17:15] *** nbari|away has joined #arpnetworks
[17:15] *** cedwards has joined #arpnetworks
[17:16] <dxtr> But the fun part was that my mentor said that it must not take less than 100 hours but the teacher that "ordered" the webserver wanted it as fast as possible
[17:16] <dxtr> So here I am
[17:17] <dxtr> Retardedly behind schedule (With the report and log book).. And tired... and hungry
[17:17] <dxtr> And Tomorrow I've got two more courses to finish (English and civics), on Friday I got two more
[17:18] <dxtr> But then I'm done with high school
[17:18] <dxtr> After this summer I'll study some high school math, religion and swedish so I can attend university though
[17:28] * up_the_irons just discovered "netcap"
[17:28] <up_the_irons> Nice util (Linux only, however)
[17:28] <up_the_irons> Shows which capabilities your listening processes have
[17:29] *** AndrewBC has quit IRC (Ping timeout: 240 seconds)
[17:31] <dxtr> cool
[17:31] <dxtr> "This course will provide in-depth knowledge of various software and hardware. This course will also provide knowledge of other equipment and documentation in the field. This course will provide skills in installation, commissioning, maintenance and documentation of IT facilities. This course will also provide knowledge of the duties incumbent upon an IT coordinator and ...
[17:31] <dxtr> ... knowledge of reliability and data security. This course will also provide knowledge about the collection of information, advice and guidance in the field"
[17:31] <dxtr> up_the_irons: That's one of the courses I've got to do
[17:31] <dxtr> :D
[17:33] *** AndrewBC has joined #arpnetworks
[17:34] <up_the_irons> dxtr: doesn't sound too bad
[17:34] <dxtr> IT coordination \
[17:34] <dxtr> \o
[17:55] *** fink has joined #arpnetworks
[18:01] <awyeah> About to try installing BackupPC on my bsd box here at home.
[18:01] <awyeah> We'll see how well that goes ;)
[18:27] <dxtr> http://tinyurl.com/238qyp7 <- My first three logs in my log book
[18:27] <dxtr> Written six months ago
[18:28] *** fink has left 
[18:49] <infrared>  hi
[19:01] <awyeah> Well that's not going very well.
[19:02] <awyeah> It really wants to have everything run under the "backuppc" user.
[19:02] <awyeah> But Apache runs under the www user of course.
[19:10] *** fink has joined #arpnetworks
[19:11] *** nbari|away is now known as nbari
[19:11] *** nbari has quit IRC (Changing host)
[19:11] *** nbari has joined #arpnetworks
[19:20] <infrared> awyeah:   rsync > *
[19:23] <cedwards> +1
[19:32] <infrared> \o
[19:56] <awyeah> yeah
[19:56] <awyeah> I just... i want a little history
[19:56] <awyeah> like to be able to go back a few days.
[20:01] <awyeah> ooh.  http://www.nongnu.org/rdiff-backup/
[20:03] <RandalSchwartz> just posted to template toolkit mailing list about how I got rid of 17 8-way machines for $client
[20:04] <RandalSchwartz> ... http://lists.template-toolkit.org/pipermail/templates/2010-May/011317.html
[20:20] *** heavysixer has quit IRC (Quit: heavysixer)
[20:41] <ballen> RandalSchwartz: thats fun
[20:42] <RandalSchwartz> yeah
[20:45] *** RonnyBarber has joined #arpnetworks
[20:45] *** fink has quit IRC (Quit: fink)
[20:50] *** BarberRonny has quit IRC (*.net *.split)
[20:50] *** woremacx has quit IRC (*.net *.split)
[20:50] *** mtve has quit IRC (*.net *.split)
[20:56] *** awyeah has quit IRC (Ping timeout: 260 seconds)
[20:57] *** awyeah has joined #arpnetworks
[20:58] <jdoe> awyeah: either run it as backuppc or use suexec, I guess
[20:59] <ballen> or chmod everything to apache
[20:59] <ballen> run everything as apache's user
[20:59] <ballen> I wouldn't use suexec
[20:59] <ballen> mostly because you'll likely have to recompile perl
[21:00] <RandalSchwartz> I don't run suexec
[21:00] <RandalSchwartz> mostly bcause I don't run CGI :)
[21:01] <jdoe> why would you have to recompile perl to use suexec?
[21:01] <ballen> try it ;-)
[21:01] <jdoe> I already do it
[21:01] *** woremacx has joined #arpnetworks
[21:01] <jdoe> that's why I'm asking why I can't ;)
[21:01] <ballen> alright, pretty sure you can compile perl to no allow it to be suexeced
[21:02] <ballen> and thats the default in a lot of system's packages
[21:02] <RandalSchwartz> what's your real question?
[21:02] <jdoe> you're not thinking of suidperl or anything are you?
[21:02] <ballen> might be
[21:02] <RandalSchwartz> allowing perl in suexec is a problem
[21:02] <jdoe> ... how so?
[21:03] <RandalSchwartz> because perl can do anything
[21:03] <jdoe> I'm not following.
[21:04] <ballen> a perl suid executable could run anything
[21:04] <ballen> as root
[21:04] <ballen> which would be bad
[21:04] <jdoe> yeah you're not talking about the same thing I am.
[21:05] <jdoe> http://httpd.apache.org/docs/2.2/suexec.html
[21:07] *** ballen_ has joined #arpnetworks
[21:07] *** ballen_ has quit IRC (Changing host)
[21:07] *** ballen_ has joined #arpnetworks
[21:07] *** ChanServ sets mode: +o ballen_
[21:07] *** ballen has quit IRC (Disconnected by services)
[21:07] *** ballen_ is now known as ballen
[21:08] <jdoe> ballen: http://httpd.apache.org/docs/2.2/suexec.html
[21:08] <ballen> yea
[21:08] <jdoe> yeah, you're thinking of ... the general insanity of suid scripts.
[21:08] <ballen> a lot easier, and still safer to just use a single user
[21:09] <ballen> I have BackupPC setup so the apache user has a ssh key
[21:09] <ballen> use that key to deploy to clients
[21:14] <jdoe> whatever works.
[21:14] <jdoe> I don't use it at all, it was awyeah asking
[21:36] *** nbari is now known as nbari|away
[22:09] *** ballen has quit IRC (Quit: ballen)
[22:11] <awyeah> ah
[22:11] <awyeah> yeh
[22:11] <awyeah> I may try that at some point.
[22:11] <awyeah> for now I'm just going to do rsync or rdiff-backup
[22:11] <awyeah> I only have one system to back up to my server anyway ;)
[22:12] <awyeah> alright.  sleep needed.
[22:28] *** RandalSchwartz has quit IRC (Ping timeout: 245 seconds)
[22:35] <jdoe> awyeah: word. I love rdiff-backup.
[22:52] *** mtve has joined #arpnetworks
[23:00] *** nuke` has quit IRC (Ping timeout: 252 seconds)
[23:01] *** sentabi has quit IRC (Remote host closed the connection)
[23:01] *** sentabi_ has quit IRC (Read error: Connection reset by peer)
[23:08] *** sentabi has joined #arpnetworks
[23:33] *** sentabi has quit IRC (Read error: Connection timed out)
[23:34] *** sentabi has joined #arpnetworks
[23:44] *** nuke` has joined #arpnetworks