***: easymac has quit IRC (Changing host)
easymac has joined #arpnetworks
djkrikke-2 has quit IRC (Ping timeout: 250 seconds)
djkrikke-2 has joined #arpnetworks m0unds: https://blogs.aws.amazon.com/security/post/TxCKZM94ST1S6Y/Introducing-s2n-a brycec: tl;dr[becauseimlazy]? m0unds: s2n isn’t intended as a replacement for OpenSSL, which we remain committed to supporting through our involvement in the Linux Foundation’s Core Infrastructure Initiative. OpenSSL provides two main libraries: “libssl”, which implements TLS, and “libcrypto,” which is a general-purpose cryptography library. Think of s2n as an analogue of “libssl,” but not “libcrypto.”
there you go
and the github for the project: https://github.com/awslabs/s2n
and s2n is a nod to signal to noise, hiding stuff as "noise" via the magic of encryption brycec: Thanks :D
I prefer libtls anyways :P mkb: I like OpenBSD's approach of re-factoring instead of throwing everything out and starting over mike-burns: libtls is rather pleasant to use, too. brycec: It certainly is from what I've gathered watching its inclusion in the OpenBSD tree. Things like syslogd *poof* have TLS mike-burns: https://github.com/meritz-burns/erltls - my girlfriend and I have been working on porting it to Erlang. brycec: That sounds like a fun couples activity :D
That's some pair-programming I can get behind
(okay, I'm done) mkb: Isn't syslogd UDP? TLS works over UDP? brycec: It has tcp support too
"syslog" is UDP, sure. But syslogd(8) supports all sorts of stuff m0unds: https://blog.opendns.com/2015/06/30/cisco-announces-intent-to-acquire-opendns/ yuck brycec: heh, always loved that wording "intent to acquire" Basically "We want you, and we're going to have you. It's basically rape." m0unds: yeah
davidu's had bad luck w/stuff he helmed being acquired and wrecked
most recent example being everydns acquired by dyn
dyn just sought to eliminate a free competitor w/a better svc level than their paid plans, promised to grandfather people on those plans then decided they'd rather make money and told them to pony up or gtfo
oh well
lol: https://honestnetworker.wordpress.com/2015/06/28/when-your-favorite-startup-is-acquired-by-cisco/ ***: easymac has quit IRC (Ping timeout: 276 seconds)
easymac has joined #arpnetworks
kellytk has left "WeeChat 1.0.1" brycec: mike-burns: Thank you for the obligatory (but put very cordially) "patch up or shutup" response http://marc.info/?l=openbsd-tech&m=143552675031461&w=2 BryceBot: openbsd-tech: "Re: [Patch] New item to the "Migrating to OpenBSD" guide" from Mike Burns <mike+openbsd () mike-burns ! com> @ 2015-06-28 21:24:56 -: brycec hates when misc@ leaks mike-burns: brycec: thank you for noticing! brycec: I don't follow tech@ (or any of the lists really) very closely, but the mess was brought to my attention and I recognized your name :) mike-burns: Oh no; this thread is making the rounds? brycec: Over in #devious mike-burns: OK whew. At least it's not trending on Twitter. brycec: I could make that happen with @twitter ;P
@twitter -i BryceBot0101 BryceBot: BryceBot (900 N Alameda, Los Angeles, CA) Member since: Mon Aug 22 16:35:56 +0000 2011
Followers: 18 | Following: 34 | Tweets: 4696 | Description: I'm an IRC bot acting as a conduit for an IRC channel on FreeNode. I post whatever They tell me to. brycec: and its massive 18 followers mike-burns: Wowie. brycec: Oh good, more fodder for BryceBot's tdr quotes
@tdr BryceBot: Theo de Raadt says: i ojbect two yoru splelng of achlhlocis. mercutio: @tdr BryceBot: Theo de Raadt says: Yes, but the ports people are into S&M. m0unds: haha mercutio: woot, i can see. m0unds: the bot in a channel i frequent has triggers to quote jeffk
dated, but still funny
hahaha mercutio: i'm surprised online glasses came already. i thought they'd take ages. m0unds: nice mercutio: just didn't want to pay 5x as much locally
for estimated times of longer than it took hah m0unds: i bought some prescription safety glasses for shooting and they got here from china in like 8 days or so brycec: I was unfamiliar with jeffk.... not sure if I should thank m0unds or smack him mercutio: this was friday 4 pm local time m0unds: brycec: lol mercutio: to wednesday morning delivery local time m0unds: wow, nice mercutio: so what's that, .. just under 5 days
from new york..
i don't like them though, but i ordered from somewhere else too :)
in the hope that one would be quick.
because my old ones were really scratched suddenly brycec: twss BryceBot: Okay! twss! 'because my old ones were really scratched suddenly' brycec: BryceBot: no BryceBot: Oh, okay... I'm sorry. 'because my old ones were really scratched suddenly' brycec: darn, too slow mercutio: hahha
in the hope that one would be quick. brycec: twss'
fuck
i'm done mercutio: haha brycec: later
today has been mercutio: i gave you another chance brycec: way too long
twss BryceBot: Okay! twss! 'way too long' mercutio: i know that feeling BryceBot: That's what she said!! brycec: i can't take any more
twss BryceBot: Okay! twss! 'i can't take any more' mercutio: i'm hoping scratched glasses are making me tired, as i've been tired more than usual. m0unds: they can contribute to eyestrain brycec: Could by Lyme disease. I hear it's always Lyme Disease... that's what I learned on TV anyways. m0unds: which can make you feel fatigued mercutio: yeh i'm hoping so
brycec: you mean lupus? brycec: I was thinking of https://www.youtube.com/watch?v=ZDkrNKMVXHc BryceBot: YouTube video: "Ralph Lyme disease" by Jason Abe mercutio: ahh hadn't seen that
i got kind of sick of simpsons, too many episodes! brycec: Supposedly, https://www.simpsonsworld.com/video/302395459825/episode/288011331912 is the episode mercutio: what year is that
https://www.youtube.com/watch?v=ZDkrNKMVXHc BryceBot: YouTube video: "Ralph Lyme disease" by Jason Abe mercutio: oops
tried to resize putty :/ brycec: (or at least 90 seconds of it) BryceBot: That's what she said!! brycec: mercutio: 1991 mercutio: not available in my region
oh wow, that's early. brycec: Season 2 yup mercutio: back then we got episodes delayed a long time
now days we get stuff so much quicker. :)
does anyone happen to know what the best vpn's (openvpn, l2tp/ipsec etc) are for china? -: jlgaddis looks around staticsafe: its all good
Y2K is past us
Clock: inserting leap second 23:59:60 UTC jlgaddis: time.tritn.com didn't get the memo
nor did mail.wtfismyip.com mercutio: has leap second hit us already? staticsafe: yeah mercutio: i didn't notice anything staticsafe: that is a good thing :) ***: kellytk has joined #arpnetworks mjp_: at 10:04 (im in +10GMT) i got alerts for all of our ntp services (Infoblox) reset/got out of sync, but came good about 10 minutes later kellytk: Who do you use for alerting mjp_? mjp_: what do you mean?
we use nagios for monitoring... the guy sitting a few cubes over let me know that all our infoblox appliancs lit up kellytk: Oh -: jlgaddis mutters something about 33.5 hours notice for a planned outage mercutio: jlg: on arp? outage shouldn't be very long at least.
apparently a lot of fibre links went down with the clock thing
by apparently i mean one person posted on a mailing list saying such brycec: That would surprise me as most most links (t1, ethernet, etc) use crystals but not RTC for sync. An extra second on the wall clock would be invisible. mercutio: you'd think
apparently there was some cisco fix necessary, which didn't fix brycec: Always blame Cisco mercutio: i'm going to check nanog :/
i can't see anything on there
oh brycec: I can see how routers with those interfaces might hiccup because they might not have read the performance counters for >1s mercutio: is the leap second gmt?
or local time zone? brycec: It happened 2.40 ago, UTC mercutio: ahh ok
so yeh gmt brycec: Everybody at once mercutio: nothing on nanog
there was a route leak last night of ntt -> he.net brycec: (horlogical pedantics would like you to know that GMT and UTC are not the same thing, technically) mercutio: err ntt readvertising he.net routes
then he.net did a route leak
and the he.net guy was saying about how they didn't leak routes when the ntt one happened hah staticsafe: internets..how does it even work brycec: With lots and lots of luck. staticsafe: there was another route leak originating in Bangladesh
that actually triggred RPKI validation failure alerts for me
was wondering why I woke up to a bunch of those mercutio: yeh that was the ntt leaking he.net one
that was the first, there was a second after that
yeh i'm actually surprised about the stability of the internet
it works much better than i'd guess ..
you're doing rpki validation static? staticsafe: my prefixes are signed, I get alerts from BGPMon mercutio: but you're not validating? staticsafe: nope, I don't really need to mercutio: rpki validation hasn't really taken off
yeh actually it'd help you not at all
it's really your upstreams that need to staticsafe: indeed mercutio: well for it to be of any benefit ***: mnathani_ has joined #arpnetworks
toeshred has quit IRC (Ping timeout: 250 seconds)
toeshred has joined #arpnetworks