[06:04] *** reardencode has joined #arpnetworks [06:06] *** Hien_ has joined #arpnetworks [06:06] *** KILLALLH8MANS01 has joined #arpnetworks [06:09] *** nesta_ has joined #arpnetworks [06:09] *** RandalSchwartz has quit IRC (*.net *.split) [06:09] *** staticsafe has quit IRC (*.net *.split) [06:09] *** Hien has quit IRC (*.net *.split) [06:09] *** KILLALLH5MANS01 has quit IRC (*.net *.split) [06:09] *** nesta has quit IRC (*.net *.split) [06:09] *** neish has quit IRC (*.net *.split) [06:09] *** gizmoguy has quit IRC (*.net *.split) [06:09] *** freedomcode has quit IRC (*.net *.split) [06:12] *** neish has joined #arpnetworks [06:13] *** gizmoguy_ has joined #arpnetworks [06:20] *** freedomcode has joined #arpnetworks [06:22] *** reardencode has quit IRC (Ping timeout: 265 seconds) [06:22] *** dwarren has quit IRC (Ping timeout: 265 seconds) [06:25] *** nesta_ has quit IRC (Quit: SIGQUIT) [06:25] *** nesta has joined #arpnetworks [06:33] *** staticsafe has joined #arpnetworks [07:23] *** dwarren has joined #arpnetworks [07:43] *** RandalSchwartz has joined #arpnetworks [07:43] *** RandalSchwartz has quit IRC (Changing host) [07:43] *** RandalSchwartz has joined #arpnetworks [07:48] *** Dave-V has joined #arpnetworks [07:48] Anyone from ARP heree? [07:48] -e [07:49] *** Dave-V has left [11:34] updating my server to the final 8.4 release (p31) [11:34] rebooting... here's hoping it works well. :) [11:35] *** RandalSchwartz has quit IRC (Remote host closed the connection) [11:37] *** RandalSchwartz has joined #arpnetworks [11:38] well, that worked reasonably well [11:38] Hooray! [11:39] now I just have to wait for poudriere to finish the remaining 27 packages for freebsd 9.3, and I can try to roll over to that [11:40] I'm renting a tiny machine at DigitalOcean (for free) as my package builder. [11:40] all SSD goodness. :) [11:58] wow... just found a problem with one of my conf files... glad I'm going through all of this very carefully [12:06] 3 packages remaining [12:12] weechat users - have any of you guys ever had an issue where a specific channel buffer won't respond to filter toggle hotkeys? [12:12] alt + = works on this one, but not another. it's odd. [12:13] *** m0unds has quit IRC (Quit: weechat derp) [12:13] *** m0unds has joined #arpnetworks [12:16] heh... not enough I/O happening on my build machine to generate enough randomness to build the apache22 package. :) [12:16] so I downloaded www.google.com about 100 times :) [12:18] haha [12:19] the new package builds unique primes to prevent logjam [12:19] gotcha [12:20] i remember having to resort to weird stuff to build up entropy on netbsd running under xen [12:20] 2048 and 3072 or someting like that... big'uns [12:20] harvesting from the NIC and stuff like that [12:20] while true; do curl www.google.com >/dev/null; done [12:20] and having to use haveged on archlinux to get enough to init pacman [12:20] build is complete! all packages success. [12:20] huzzah [12:21] now I just have to wait for freebsd-update upgrade -r 9.3-RELEASE to merge my conf files, and I can then snapshot and start turning things off [12:21] zfs snapshot -r zroot@before93 [12:21] so I can roll back from the fixit shell [12:22] the whole freebsd-upgrade thing is pretty amazing [12:22] yup, good stuff [12:23] ahh, I should switch to adium so I can stay here and ask questions if something goes sideways [12:23] switching to adium [12:23] *** RandalSchwartz has quit IRC (Quit: RandalSchwartz) [12:23] *** RandalSchwartz has joined #arpnetworks [12:25] here I am [12:27] still downloading the 9.3 updates [12:32] I *am* visible, right? :) [12:35] m0unds: Never had that happen, but I also don't toggle filtering that often. Can't imagine a cause, sorry. [12:35] brycec: yeah, it's baffling [12:35] ahh, there, I see brycec [12:36] won't even let me toggle smart filter on/off, and that's the only one i have set globally [12:36] but just for that one channel/buffer [12:40] man… still downloading [12:40] well, I can imagine… 9.3 is not 8.4 :) [12:42] *** m0unds has quit IRC (Quit: WeeChat 1.1.1) [12:44] *** m0unds has joined #arpnetworks [12:44] so weird. [12:46] *** m0unds has quit IRC (Client Quit) [12:51] *** m0unds has joined #arpnetworks [12:54] managed to download 2G of files so far [12:55] I'm peeking into /var/db/freebsd-update :) [12:57] ooohhh… patches! [12:57] 1091 patches [12:57] o/~ patches I'm depending on you son… it's ALLL up to you… o/~ [12:57] fetching 8757 files [13:06] fetched! Now for the fun part… the MERGE [13:10] almost every system file needs me to merge the VERSION number… gah [13:13] I kind of miss the days when stuff on *nix would break frequently [13:13] I had fun fixing it [13:14] it's part of why i won't run linux as a primary desktop [13:14] too much time spent fixing stuff years ago. prefer stuff working without hassle now. [13:15] oh, i can't run x at anything but 640x480. guess i oughta spend hours with modesetting to at least manage 800x600 [13:15] bleck [13:17] ok, all prepped… now stopping services [13:17] good luck [13:19] emergency snapshot made [13:20] (thank you, ZFS!) [13:20] I'm gonna have to learn how to use beadms some day though [13:20] snapshots are handy [13:21] for some reason i thought you did your update yesterday [13:21] oh you built packages yesterday... [13:21] no… I was prepping for it yesterday [13:22] m0unds: svgatextmode was such a bitch for modelines.. [13:22] yep, hated it [13:22] so bad [13:22] m0unds: things are better now...much better. [13:22] things are...TOO easy in fact.. [13:22] sort of [13:22] * phlux installs LFS [13:22] i kind of miss svgatextmode :) [13:23] brb gotta install netbsd on my ecig [13:23] phlux: doesn't mean stuff doesn't still arbitrarily break and waste my time :) [13:23] it encouraged me to single focus [13:23] and my comptuer was too slow for graphics [13:23] so i didn't get distracted on the web as much [13:25] kernel done… here's the first big reboot [13:26] new Bios! [13:26] SeaBIOS [13:27] oooh…the 9.x devil head! [13:27] 9.x beastie that is [13:27] kernel loaded [13:27] new bios? [13:27] dmesg'ish output looking good [13:28] login prompt! [13:28] Very Good Sign [13:28] now can you login? :) [13:28] now installing userland [13:29] odd. "WARNING: sysctl kern.ipc.semmap does not exist" [13:29] I wonder if that's some override I put in that has now renamed [13:38] still installing userland [13:39] oops… spoke too soon [13:39] there.. now installing ports [13:40] all freshly built a few hours ago [13:41] poudriere sure makes things much easier [13:41] reinstalling perl, python, ruby, php :) [13:43] rebooting for 9.3 userland! [13:44] beastie face! [13:44] That's what she said!! [13:44] heh [13:44] 9.3-RELEASE-p13 [13:44] prompt! [13:46] postfix started fine [13:46] good sign [13:47] postgres looks intact [13:48] and my website, sadly, is up [13:48] I really need to redo my website. [13:48] shoemaker's children issue though. [13:49] But… hooray. Mission accomplished. [13:49] time to go back to my other irc client [13:51] *** RandalSchwartz has quit IRC (Quit: Leaving.) [13:51] *** RandalSchwartz has joined #arpnetworks [13:51] and I'm back [13:52] looks like I'm on freenode via ipv6 still. yeay [13:59] :) [13:59] so looking like success? [14:00] yes... I'm moving on to other tasks now [14:01] starting now what I hoped I could start at noon. :) [14:01] heh [14:20] *** m0unds has quit IRC (Quit: WeeChat 1.1.1) [14:22] *** m0unds has joined #arpnetworks [15:16] *** mike-burns has quit IRC (Read error: Connection reset by peer) [15:17] *** mhoran has quit IRC (Read error: Connection reset by peer) [15:17] *** mhoran has joined #arpnetworks [15:17] *** ChanServ sets mode: +o mhoran [15:17] *** awyeah has quit IRC (Ping timeout: 272 seconds) [15:18] *** milki has quit IRC (Read error: Connection reset by peer) [15:18] *** cahess_ has quit IRC (Read error: Connection reset by peer) [15:18] *** m0unds has quit IRC (Ping timeout: 246 seconds) [15:19] *** cahess has joined #arpnetworks [15:19] *** mike-burns has joined #arpnetworks [15:19] *** ChanServ sets mode: +o mike-burns [15:19] *** toddf_ has quit IRC (Remote host closed the connection) [15:19] *** jpalmer has quit IRC (Ping timeout: 256 seconds) [15:19] *** neish has quit IRC (Ping timeout: 265 seconds) [15:19] *** KDE_Perry has quit IRC (Ping timeout: 272 seconds) [15:20] *** toddf has joined #arpnetworks [15:20] *** m0unds has joined #arpnetworks [15:20] *** ChanServ sets mode: +o toddf [15:21] *** neish has joined #arpnetworks [15:22] *** awyeah has joined #arpnetworks [15:22] *** jpalmer has joined #arpnetworks [15:23] *** KDE_Perry has joined #arpnetworks [15:24] *** milki has joined #arpnetworks [16:03] *** m0unds has quit IRC (Quit: WeeChat 1.1.1) [16:10] *** mnathani_ has joined #arpnetworks [16:11] *** m0unds has joined #arpnetworks [16:12] I have a client whose pc has been infected by a Cryptolocker virus. Has anyone been able to brute force the private key to restore files without paying the creeps? [16:13] depends on the version [16:14] more recent versions are more "secure", and the typical suggestion is to restore from backups [16:14] assuming windows users store backups [16:15] it's nice that windows is making it a little easier to do simple backups now [16:15] plenty do [16:15] i think mnathani_ is thinking home users? [16:15] I think they have CryptoWall 3 [16:15] i don't know anyone who uses inbuilt backup stuff, but lots of people who use software to handle it [16:15] which is much more uncommon... [16:16] probably depends on who :) [16:16] doesn't matter [16:16] mnathani_: do they have backups? [16:16] no backups [16:16] yeah they either have backups or not [16:16] apart from some dropbox stuff [16:17] sell them a backup solution too then :) [16:17] most of my clients are the react to stuff after it happens rather than proactively take care of stuff [16:17] yeah ime people who do backups tend to get viruses less. [16:18] i haven't heard of any way to restore encrypted files w/recent versions of cryptolocker and variants [16:18] aside from restoring from backups [16:18] unless they've been hit before [16:18] there was a vulnerable version a couple years back, one of the earlier ones, and they stored they key locally [16:18] stored the* [16:18] * RandalSchwartz is so happy not to be anywhere near windows [16:18] is it worthwhile to keep a copy of the encrypted files to be able to restore in the future when brute forcing the private key is feasible [16:19] no idea [16:19] http://www.bleepingcomputer.com/virus-removal/cryptowall-ransomware-information#cryptowall3 fwiw [16:19] ... https://en.wikipedia.org/wiki/CryptoLocker [16:20] Error in Wikipedia's response: [16:20] ... During the operation, a security firm involved in the process obtained the database of private keys used by CryptoLocker, which was in turn used to build an online tool for recovering the keys and files without paying the ransom. [16:20] RandalSchwartz: there are incremental updates to cryptolocker [16:20] ... https://www.decryptcryptolocker.com [16:21] Ahh... too bad [16:21] still... the real WTF is windows [16:21] yea, that's why most mitigation strategies center on restoring files [16:21] * m0unds shrugs [16:21] same reason i don't care that people use stuff i don't [16:21] this is actually really scary [16:21] doesn't impact my life in any way, so i don't care [16:21] haha [16:21] i can see a valid case for just paying it for some people [16:22] yea [16:22] which will encourage them to do it more [16:22] yup [16:22] it's amusing though that there are so many good, cheap ways to do backups and people just...don't do it [16:23] well most people don't care. [16:23] until they have a problem. [16:23] they just assume they won't have to deal with it [16:23] or dont' realize that shit happens and they might have to deal with something breaking [16:23] That's what she said!! [16:23] there are certain expectations around computers [16:23] then they're taken by surprise and ask someone else to fix it [16:23] like they shoudl "just work" [16:24] this is why i don't work w/IT anymore [16:24] and anyone who's been in IT a long time has had data corruption, lost files, etc etc. [16:24] i have only got very basic backups for windows myself.. [16:24] but i don't store anything important on windows. [16:26] most people don't haave good backups of their phones too [16:26] I do a morning clone [16:26] because I'm on the road 2-4 weeks at a time [16:26] can't afford to be stopped if something breaks [16:26] when I go home, I clone the clone to my drobo [16:26] so it's now on four spindles [16:27] randal: see, you're the prudent type. you're unlikely to get viruses. [16:28] a lot of these viruses seem to come from people going to dodgy sites [16:28] and running dodgy programs. [16:28] and not updating anything, ever [16:28] like random "cleanup" programs. [16:28] oh, flash wants an update? meh. oh, java wants an update (even though i never use java for anything, ever) meh [16:28] god i wish windows would be less intrusive about updates. [16:29] i'm sure a lot of peoples problem with windows updates is that they always happen at annoying times [16:29] IE and chrome both include flash themselves so they control the updates to it directly [16:29] and you have to wait ages to shut down and to start up [16:29] w/win8 they just happen [16:29] and you eventually need to backup [16:29] err, reboot [16:29] and if you don't, it'll schedule a reboot late at night to finish [16:29] yeh [16:29] and it's inconvenient [16:29] but will prompt you to do it [16:29] windows 10 is even worse for randomly rebooting [16:29] not really inconvenient on a machine that's up with no user at it [16:30] it seems to like to schedule things overnight, then you lose everything you had open [16:30] well it is if you like to leave programs running [16:30] but i mean in this modern age, with all of their money behind them, surely they can do updates without needing to reboot [16:31] linux is acquiring kernel patching suport for running kernels.. [16:31] but a lot of the reboots in windows are for things like .net framework [16:32] IE includes flash now? That's news to me. [16:33] i didn't know that ie included flash [16:47] as of IE10 iirc [16:47] Internet Explorer 10 includes Adobe Flash as a platform feature and is available out-of-the-box for Windows 8, on both Internet Explorer and Internet Explorer for the desktop. Users can turn this feature on or off using the Manage Add-ons dialog box, while administrators can turn this feature on or off using the Group Policy setting, Turn off Adobe Flash in Internet Explorer and prevent applications from [16:47] using Internet Explorer technology to instantiate Flash objects. [17:01] *** KILLALLH8MANS01 has quit IRC (Quit: leaving) [17:23] wtf, filtering started working again [20:07] *** hazardous has quit IRC (Ping timeout: 276 seconds) [20:09] *** hazardous has joined #arpnetworks [22:55] @weather akl [22:55] Auckland International, New Zealand: Clear 50°F (10°C), Humidity: 66%, Wind: From the SE at 9 MPH -- For more details including the forecast and almanac, see http://www.wunderground.com/cgi-bin/findweather/getForecast?query=-37.00805664,174.79167175 or re-request this with: @weather -v akl [22:55] it lies [22:59] http://www.weather.com/weather/today/l/NZXX0003:1:NZ also gives the same info [23:00] As does http://forecast.io/#/f/-37.0015,174.7890 [23:00] it's probably wind chill or because it's a bit of a distance away [23:04] hmm http://www.metservice.com/towns-cities/auckland/north-shore says feels like 6c [23:04] which i think is due to the wnd being high [23:05] (and from colder locations)