| ↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |
| Who | What | When |
|---|---|---|
| *** | tinono has joined #arpnetworks | [00:26] |
| tinono | ey
up_the_irons: please don't forget my ne2k_pci ticket, I'd be glad to have it done when I wake up in a few hours :-) | [00:26] |
| .......... (idle for 46mn) | ||
| *** | tinono has quit IRC (Quit: Page closed) | [01:13] |
| .............. (idle for 1h7mn) | ||
| cedwards has quit IRC (Ping timeout: 264 seconds)
cedwards has joined #arpnetworks | [02:20] | |
| ..... (idle for 24mn) | ||
| cedwards_ has joined #arpnetworks
cedwards has quit IRC (Read error: Connection reset by peer) heidar has quit IRC (Ping timeout: 264 seconds) heidar has joined #arpnetworks | [02:48] | |
| ..................... (idle for 1h41mn) | ||
| nesta has quit IRC (Ping timeout: 245 seconds)
nesta has joined #arpnetworks | [04:32] | |
| ......... (idle for 43mn) | ||
| RandalSchwartz has joined #arpnetworks
RandalSchwartz has quit IRC (Changing host) RandalSchwartz has joined #arpnetworks | [05:18] | |
| ......... (idle for 43mn) | ||
| cpet has joined #arpnetworks | [06:01] | |
| cpet | hello | [06:01] |
| nesta | hiya | [06:07] |
| cpet | nesta: mind if i priv msg you? | [06:08] |
| nesta | sure
go ahead | [06:08] |
| ..... (idle for 24mn) | ||
| cpet | up_the_irons: hit me up when you are around please. | [06:32] |
| ...... (idle for 27mn) | ||
| *** | cedwards_ is now known as cedwards
cedwards has quit IRC (Changing host) cedwards has joined #arpnetworks | [06:59] |
| ..... (idle for 24mn) | ||
| cpet has quit IRC (Quit: Lost terminal) | [07:23] | |
| ...... (idle for 28mn) | ||
| heavysixer has quit IRC (Quit: heavysixer) | [07:51] | |
| ............................... (idle for 2h34mn) | ||
| fink has joined #arpnetworks | [10:25] | |
| .................. (idle for 1h26mn) | ||
| heda_ has joined #arpnetworks
heda has quit IRC (Ping timeout: 240 seconds) heda_ is now known as heda heda has quit IRC (Client Quit) | [11:51] | |
| ...... (idle for 26mn) | ||
| heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer schmir has joined #arpnetworks | [12:21] | |
| schmir has quit IRC (Ping timeout: 252 seconds) | [12:38] | |
| .......... (idle for 45mn) | ||
| Sheath has quit IRC (Quit: ZNC - http://znc.sourceforge.net)
Sheath has joined #arpnetworks Sheath has quit IRC (Read error: Connection reset by peer) Sheath has joined #arpnetworks | [13:23] | |
| ..... (idle for 20mn) | ||
| blovett has quit IRC (Quit: leaving)
Sheath has quit IRC (Quit: ZNC - http://znc.sourceforge.net) Sheath has joined #arpnetworks Sheath is now known as Guest77152 jlgaddis has joined #arpnetworks islandfox has quit IRC (Ping timeout: 240 seconds) | [13:51] | |
| jlgaddis | 32 packets transmitted, 5 packets received, 84.4% packet loss
round-trip min/avg/max/stddev = 97.851/104.179/112.136/6.145 ms | [14:04] |
| nakano | any problem now?
112 packets transmitted, 23 received, 79% packet loss, time 110990ms to my host.. (from 2 places UK/Japan.. so, looks not my side problem..) | [14:04] |
| jlgaddis | =(
nakano: i started getting alerts from pingdom 44 mins ago | [14:04] |
| *** | Guest77152 has quit IRC (Read error: Connection reset by peer) | [14:05] |
| nakano | i just reported the same issue. but looks nobody here.. | [14:07] |
| sounds yours and mine are on the same place.. | [14:12] | |
| *** | islandfox has joined #arpnetworks
Husky has joined #arpnetworks | [14:14] |
| ww | http://world.ckan.net/
... oops... wrong channel | [14:19] |
| nakano | looks better now.. but still something wrong.. | [14:25] |
| ............. (idle for 1h4mn) | ||
| *** | mjp has joined #arpnetworks | [15:29] |
| ............... (idle for 1h13mn) | ||
| cedwards | ohh joy. another discussion about how *BSD ports are insecure because they don't use signing keys. | [16:42] |
| .......... (idle for 45mn) | ||
| vcs | lol | [17:27] |
| .... (idle for 18mn) | ||
| nesta | cedwards: ? | [17:45] |
| cedwards | nesta: in one of the LUG channels I lurk in someone brought up this article [http://bsdly.blogspot.com/2010/10/if-it-runs-openbsd-it-has-to-be.html] as proof GPG signing is the one true way (tm) | [17:47] |
| nesta | ahhhh
hehe thanks | [17:47] |
| *** | tinono has joined #arpnetworks | [17:53] |
| tinono | cedwards: do you think gpg signing would hurt though? | [17:55] |
| cedwards | I don't think it adds much, particularly in a ports-based environment. | [17:56] |
| jpalmer | especially when an md5 checksum is verified unless deliberately disabled. | [17:57] |
| tinono | I had the privilege of being flamed by Mr Deraadt once, because I asked why some sha256 check was failing
he told me to lower my expectations | [17:57] |
| fink | tinono: that's good advice for life | [17:58] |
| tinono | "a checksum can fail. it's ok." | [17:58] |
| jpalmer | 2 people in the community I have little respect for: TDR and RMS. | [17:58] |
| cedwards | I think the probability of someone gaining access to a GPG signing key is much higher than it is of altering both my local ports-tree and the upstream .tar.gz. | [17:58] |
| jpalmer | both fairly intelligent, but both also seem to be of the mindset that we're not intelligent enough to make decisions for ourselves. | [17:58] |
| tinono | I don't think the probability of such an attack is very high. still, it only takes one compromised makefile on the master cvs.
no need to alter any disfile | [18:00] |
| jpalmer | I think more likely, is the source code itself being maliciously edited, that a port tarball. as we've seen in the past. | [18:01] |
| tinono | yes
and once again, in most of those cases, the lack of signing was at fault. | [18:01] |
| jpalmer | tinono: using a gpg sig for a port tarball doesn't help, if the projects source code itself is compromised. (think unrealircd a few months back) | [18:02] |
| tinono | of course it doesn't | [18:03] |
| jpalmer | then you're arguing apples and oranges. | [18:03] |
| tinono | unrealircd took action, and now they sign releases. | [18:03] |
| cedwards | I'm reminded of when the Red Hat / Fedora build server was compromised and they had to generate a new key. | [18:03] |
| tinono | every step where tampering can be dangerous, signing can help | [18:03] |
| nesta | tinono: unreal got drastically owned
they kinda had to to save face but yeh.. | [18:03] |
| tinono | indeed | [18:04] |
| nesta | tis good anyway | [18:04] |
| cedwards | in any case. I've argued this with this user a dozen times. He's Debian to the bone, and I prefer the ports system. | [18:04] |
| tinono | so do i. i still think it could welcome some for of signing as an improvement :-p | [18:05] |
| cedwards | I don't know that you get better than having an independent local copy of the md5/sha to verify the upstream .tar.gz | [18:07] |
| tinono | that's the point of signing. you trust that the information contained in the port comes from where it's supposed to come. This information includes the sha/md5 for the distfile, but also the url for the distfile.
not to mention all the bad things a Makefile 'running' as root can do :-) but ey, I'm not really losing sleep over it. just saying I guess it wouldn't hurt. | [18:12] |
| jpalmer | I remain unconvinced that the extra effort would actually be beneficial. | [18:17] |
| tinono | It might very well not be warranted. Talk is cheap. Those who have to support all that make the decisions, I'm fine with that :) | [18:18] |
| .......... (idle for 47mn) | ||
| jdoe | hrm
anything I should know about updating to 4.7? | [19:05] |
| azmarco | just run -current =)
and follow src-changes. then upgrading is never really an issue | [19:06] |
| ..... (idle for 22mn) | ||
| *** | tinono has left | [19:29] |
| .... (idle for 15mn) | ||
| fink has quit IRC (Quit: fink) | [19:44] | |
| ............ (idle for 58mn) | ||
| fink has joined #arpnetworks | [20:42] | |
| ......... (idle for 41mn) | ||
| shatt_ is now known as shatt | [21:23] | |
| ..... (idle for 21mn) | ||
| schmir has joined #arpnetworks | [21:44] | |
| ......... (idle for 44mn) | ||
| fink has quit IRC (Quit: fink) | [22:28] | |
| ↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |