[07:10] *** jpalmer_ has quit IRC (Quit: leaving)
[07:10] *** jpalmer has joined #arpnetworks
[07:26] *** mkb has quit IRC (Remote host closed the connection)
[07:28] *** mkb has joined #arpnetworks
[10:22] *** 7F1AAAAA7 has joined #arpnetworks
[10:27] *** 7F1AAAAA7 has quit IRC (*.net *.split)
[10:32] *** mjp_ has joined #arpnetworks
[10:43] <pjs> 6/
[10:43] <pjs> oops
[10:53] <m0unds> >:|
[10:57] <brycec> :)
[10:59] <m0unds> `;->~
[14:07] <m0unds> moar freebsd vulns
[14:08] <m0unds> tcp, openssh and bind
[14:08] *** m0unds has quit IRC (Quit: bork bork bork)
[14:10] *** m0unds has joined #arpnetworks
[14:15] <mercutio> m0unds: yeh it's insane
[14:15] <mercutio> there seems to be way more vulnerabilities recently
[14:15] <mercutio> there've been a few more qemu vulnerabilities that are fine with apparmor
[14:15] <mercutio> and quite a lot of linux vulnerabilities
[14:16] <mercutio> the bind one is kind of scary, did you read it?
[14:17] <mercutio> only kind of - you can crash bind even with acl's in place by sending special packets to it
[14:17] <m0unds> ah
[14:17] <mercutio> i'm surprised stuff like that doesn't get used more
[14:18] <mercutio> but whenever acls are bypassed it's scary
[14:18] <m0unds> didn't impact my system, only worried about the other two
[16:31] <gizmoguy> http://www.cardsagainstsecurity.com/?g=ND9ULG
[16:32] <gizmoguy> come join my cards against security game
[16:42] <grody> whats scarier some of these things have been vulnerable since older versions (freebsd)
[17:30] *** Seji has quit IRC (Remote host closed the connection)
[17:45] *** KILLALLHUMANS01 has quit IRC (Remote host closed the connection)
[17:56] *** Seji has joined #arpnetworks
[19:05] *** RandalSchwartz1 has joined #arpnetworks
[19:05] <RandalSchwartz1> something going on with kvr05?
[19:07] <brycec> Nobody else has mentioned anything [yet]
[19:07] <RandalSchwartz1> well, my system froze.
[19:07] <RandalSchwartz1> responded to soft shutdown though
[19:07] <BryceBot> That's what she said!!
[19:08] <RandalSchwartz1> looks like it also responded to boot request
[19:08] <brycec> Maybe the serial cable came loose? :P
[19:09] <RandalSchwartz1> zfs up
[19:10] <RandalSchwartz1> ok, still no password prompt, and no ssh access
[19:11] <RandalSchwartz1> Hmm.  dovecot won't restart
[19:11] <BryceBot> That's what she said!!
[19:12] <brycec> BryceBot: no
[19:12] <BryceBot> Oh, okay... I'm sorry. 'Hmm.  dovecot won't restart'
[19:12] <RandalSchwartz1> time just moved backward by 25199 seconds
[19:12] <brycec> 420ish minutes? sounds like timezone fun
[19:13] <brycec> 420 = 7 horus
[19:13] <brycec> *hours
[19:13] <RandalSchwartz1> ahh, there I got it
[19:15] <RandalSchwartz1> ok, everything is looking mostly normal
[19:15] <RandalSchwartz1> I wonder why it was frozen up though
[19:16] <RandalSchwartz1> ok… going back to emacs-based IRC
[19:17] *** RandalSchwartz1 has quit IRC (Quit: Leaving.)
[19:33] *** RandalSchwartz has joined #arpnetworks
[19:34] <RandalSchwartz> back again.
[19:37] <brycec> woo
[20:10] <m0unds> i'm trying to confuse spotify's "discover" algorithm for that playlist they generate each week
[20:12] <brycec> I'm reading the credits.rtf from Windows 10 while I wait
[20:12] <brycec> Just passed the FreeBSD acknowledgement
[20:12] <brycec> And there's NetBSD too
[20:12] <m0unds> nice
[20:12] <m0unds> i got my windows cat ninja sticker today
[20:12] <m0unds> it's a ninja cat riding a t-rex
[20:13] <m0unds> https://www.stickermule.com/marketplace/6478-windows-ninja-cat-t-rex
[20:32] <mercutio> i still don't know if i should upgrade to windows 10
[20:32] <mercutio> you have to use msn :(
[20:32] <mercutio> i mean to current windows 10, i am on insider
[20:32] <brycec> No you don't?
[20:33] <brycec> At least on insider, you don't need a Live account
[20:33] <mercutio> yes you do
[20:33] <brycec> they don't make it blatantly obvious, but it's there.
[20:33] <mercutio> to upgrade to recent builds you do
[20:33] <mercutio> you have to login with it with the recent builds
[20:33] <mercutio> or it won't continue updating
[20:33] <mercutio> i'm on 10162; there's 101240 now i think
[20:34] <brycec> Yeah 10240 has been out for weeks, it became the RTM release
[20:34] <mercutio> yeah i should read up about it
[20:34] <mercutio> it just feels dirty logging in with msn account rather than local account
[20:34] <BryceBot> That's what she said!!
[20:35] <mercutio> like you're locking your machine into the microsoft eco system.
[20:36] <m0unds> meh
[20:36] <mercutio> no rush at the moment, things are stable anyway
[20:36] <m0unds> you can make a local acct
[20:36] <m0unds> unless they took that out
[20:36] <m0unds> didn't the last time i tried a win10 build
[20:36] <m0unds> hadn't* rather
[20:36] <mercutio> m0unds: that's what i did on install
[20:36] <brycec> I guess I can't speak to *installing* and running updates without a msft account. But I was able to add a local account without problem.
[20:36] <mercutio> you just can't update it anymore
[20:36] * brycec shrugs
[20:36] <mercutio> yeh i installed without msn
[20:37] <mkb> it has to be in there somewhere to satisfy domain users... I hope
[20:37] <mercutio> does it require the internet to login?
[20:37] <brycec> Not after the first login
[20:37] <mercutio> ahh
[20:37] <brycec> the hashed password is stored with the account
[20:37] <mercutio> maybe it's not too bad then
[20:38] <m0unds> yea, if you don't have connectivity and you mis-enter a pw, it just says "use the pw you used last time you logged in online" or something
[20:39] <mkb> they don't bill this as a way to prevent someone snooping the password then stealing a laptop from logging in I hope...
[20:40] <m0unds> eh?
[20:40] <brycec> I still feel really wrong looking forward to Win10
[20:40] * m0unds shrugs
[20:40] <mkb> It's no worse than status quo but it feels wrong to have the security and threat model so complex
[20:40] <m0unds> only for a non ad user
[20:41] <m0unds> haven't deployed win8 or newer on a domain, but i'd imagine it's likely not as "Friendly"
[20:41] <mercutio> brycec: a lot of people seem to like it
[20:41] <brycec> Speaking as a Win8.1 user in an AD, it's not friendly, no.
[20:41] <m0unds> i know it was annoying to login to win7 w/systems joined to multiple domains
[20:41] <mercutio> tbh, for me it's much of a muchness.
[20:41] <brycec> mercutio: I've been fairly happy with the TP
[20:41] <staticsafe> my university is deploying Win8 to laptop images this year and those are joined to the university domain
[20:41] <m0unds> e.g. if your user is dumb and doesn't know what domain they're on, it sucks
[20:41] <m0unds> because you have to do domain\username
[20:41] <mercutio> brycec: yeh same
[20:41] <mercutio> but it's not way better than windows 2008/windows 7 to me
[20:42] <m0unds> the jump between the last two win10 tps on mobile was insane
[20:42] <m0unds> went from unusable to amazingly usable in the span of three weeks
[20:42] <brycec> lol
[20:42] <mnathani_> staticsafe: what university?
[20:42] <staticsafe> UOIT
[20:42] <mercutio> at least windows remembers your smb login for network shares these days
[20:42] <mercutio> that seemed to be one of the most annoying bugs ever.
[20:42] <brycec> According to a buddy @ MSFT, that's the par for the Windows team. They do their best work in the last 6mos.
[20:43] <mercutio> there was a workaround, but i mean a shipping OS that can't remember credentials for a network share...
[20:44] <mercutio> so my friend says that fcc are  mandating to block openwrt on new routers
[20:44] <mercutio> anyone heard about htis?
[20:44] <staticsafe> that sounds unlikely
[20:44] <brycec> Yes I did.
[20:45] <mercutio> is it legit
[20:45] <mercutio> the site he sent me looks iffy
[20:45] <mercutio> http://www.cnx-software.com/2015/07/27/new-fcc-rules-may-prevent-installing-openwrt-on-wifi-routers/
[20:45] <brycec> Looking like it.
[20:45] <brycec> Yeah that's what I read earlier today
[20:45] <mercutio> they'll just get hacked i suppose
[20:45] <mercutio> but the signing could be a pita
[20:46] <brycec> I expect no more than they do now, just that there's a US law telling them they should instead of the manufacturer's own desire to lock you out.
[20:47] <mercutio> some of the new modems have shifted to signing i think
[20:47] <mercutio> a while back
[20:47] <mercutio> but no-one paid much attention because openwrt doesn't work properly on modems.
[20:48] <mercutio> i myself like the idea of a dumb access point with no routing though
[20:48] <brycec> Overall though, it sounds plausible. Ostensibly that's the reason for BIOS whitelists in laptops - the manufacturer has a specific configuration FCC licensed and cannot "allow" you to alter that.
[20:48] <mercutio> ahh
[20:48] <mercutio> but hp do that in non-US markets too
[20:49] <mercutio> hmm what about using wireless cards on linux?
[20:49] <mercutio> linux lets you force weird channels etc.
[20:49] <brycec> (Which is why the 'custom built' models, which probably slide under the rules being not sold en-masse, don't have whitelists)
[20:50] <brycec> I'd assume HP just does the same thing everywhere because it's simpler and easier.
[20:50] <mercutio> yeah
[20:50] <mercutio> that's my concern about this FCC openwrt thing :)
[20:50] <brycec> And yeah, not just Linux. Even some Windows drivers let you play with things.
[20:51] <mercutio> ahh true
[20:53] <brycec> But it comes down to what can be regulated, i.e large-scale SKUs vs "one-off" stuff
[20:56] <mercutio> i think forcing people to comply with regulations on consumer gear is actually probably sensible
[20:57] <mercutio> but blocking openwrt, etc is not so much
[20:57] <mercutio> i suppose the problem is what happens when you use a wireless ap in a country it wasn't designed for
[20:57] <mercutio> even if you force it in eeprom or such
[20:58] <mercutio> like i bought my wireless router from amazon, so it's a US model...
[20:58] <mercutio> but i'm still using NZ region.
[20:59] <brycec> As I interpreted everything, it's not "blocking openwrt" per se, as just preventing consumers from fuckign with it. And there are similar regulations in other industries
[21:00] <mercutio> can you still set country code?
[21:00] <brycec> I didn't see any mention of that, so I can't say one way or another
[21:08] <grody> openwrt does appear to be becoming FCC compliant.. in the later versions of CC they have been locking down the maximum EIRP
[21:09] <grody> older firmware i could push wifi to 760mW EIRP (using 3dbi antenna) - now i can only get it to 96mW
[21:09] <grody> dd-wrt has a "super-channel" function which allows use of channels outside of the normal band
[21:10] <grody> you can still alter country codes, bt there seems to be some kind of checking going on
[21:12] <grody> spotted the oddities of it with the new wireless router i got.. it had issues running on certain channels in the 5GHz band and was actually forcing a set DFS Master region: FCC, then "applying"  Regulatory domain changed to country: GB - then doing DFS Master region: ETSI
[21:16] <grody> im guessing it did that through NTP as i never set a region
[22:35] <brycec> Hello from Win10
[22:36] <brycec> (and it's only 22:33 here)
[22:44] <m0unds> sweet
[22:48] <m0unds> two of my cats are fighting over who gets to stare at a flying insect on the wall
[22:48] <brycec> sweet.
[22:49] <m0unds> one stares at it, the other comes up, sits down, gets hissed at, half heartedly bats the other one in the face til it walks away
[22:49] <m0unds> then sits and stares at it, then repeat
[22:50] <m0unds> not doing anything about it, just staring at it
[22:53] <m0unds> brycec: did your update require much interaction?
[22:56] <brycec> Nope not much. Once I'd clicked through the EULA and "yeah, do an upgrade" prompts, 3 reboots later here I am
[22:57] <m0unds> ok
[23:00] <brycec> (and yes it did the rebooting on its own)
[23:02] <m0unds> figured as much, that's how the win81 update went
[23:02] <m0unds> was gonna let it run overnight. if it borks something on this machine...ehhh
[23:02] <brycec> heh, cool. Though it didn't take more than a half hour or so
[23:03] <m0unds> oh.
[23:05] <m0unds> there it goes
[23:05] <m0unds> was taking a bit for it to start downloading
[23:12] <brycec> protip: Be sure to install the Win10-specific AMD drivers, or the AMD tools aren't going to work quite right. (But they will tell you to install the latest Win10 drivers)
[23:15] <m0unds> i don't have any amd hardware
[23:15] <m0unds> i remember hearing the rtm had an issue w/nv gpu chipset drivers, but someone else said they fixed it
[23:19] <mercutio> it was nvidia-specific
[23:19] <mercutio> but it's kind of disconcerting that you can't opt out of video driver updates
[23:21] <m0unds> you can
[23:21] <m0unds> http://www.tenforums.com/attachments/windows-updates-activation/18274d1430590254-refuse-driver-updates-windows-10-a-capture.png
[23:21] <m0unds> screenshot from the option that allows you to opt out
[23:22] <m0unds> allegedly
[23:22] <m0unds> haha
[23:22] <m0unds> cpl > system > hardware tab > device installation settings