Cryto! 29 August 2013
00:00:16 <iceTwy> cause I'm not going to have a 350 lines long sieve config
00:00:30 <MK_FG> Hm, nah, I think it'd be more useful to have per-user sieve
00:00:49 <MK_FG> In case you'd want to have second and third etc box for e.g. junk mail
00:01:05 <MK_FG> Or for work mail, or for someone else....
00:01:29 <iceTwy> yeah
00:01:45 <MK_FG> But if you just have "spam goes to spam place" rule there, then set it for all users as in #2 indeed
00:01:57 <MK_FG> And allow per-user configs too, dovecot can do that
00:02:01 <iceTwy> I think it would go like
00:02:10 <iceTwy> /var/mail/vhosts/%d/%u
00:02:13 <MK_FG> (iirc it's some different option for all boxes)
00:02:26 <iceTwy> no actually
00:02:27 <iceTwy> /var/mail/vhosts/%d/%n
00:02:35 <MK_FG> No, that'd be per-user
00:02:41 <iceTwy> yes
00:02:42 <MK_FG> But you can add one global config to that
00:02:44 <iceTwy> that's what I want
00:02:49 <MK_FG> ...is what I meant above
00:02:49 <iceTwy> bleh
00:02:50 <iceTwy> no
00:03:59 <iceTwy> let's try
00:04:20 <iceTwy> /me approves
00:04:51 <iceTwy> thanks a bunch MK_FG <3
00:05:07 <iceTwy> your good faith made me stumble upon /etc/dovecot/90-sieve.conf
00:07:40 <MK_FG> I also vaguely recall there being some debug options in dovecot, so right way to "stumble" upon it would've probably been enabling these and seeing something like "sieve: can't find config at ..." in teh logs
00:08:24 <iceTwy> yeh
00:08:36 <iceTwy> i'll enable those options
00:09:00 <MK_FG> I also recall replacing deliver command with "strace -eopen deliver" to see what the hell it does, so maybe they're not that useful for sieve ;)
00:09:42 <MK_FG> With unix: thing, you can probably strace -f -eopen dovecot pid easily to the same effect
00:09:43 <iceTwy> loool
00:10:02 <iceTwy> MK_FG: you do crazy things, really
00:10:04 <iceTwy> but you're Russian
00:10:14 <iceTwy> so that's a pretty good reason
00:10:28 <iceTwy> I have 1€ in BTC
00:10:29 <iceTwy> leftover
00:10:35 <iceTwy> I could buy you a vodka shot :D
00:11:14 <MK_FG> Nah, strace might be a lot faster than figuring out options and easier than restarting the daemon in more-or-less production
00:11:53 <MK_FG> Lately I also use fatrace for that, which does same thing wrt seeing open files, but via fanotify
00:12:17 <MK_FG> (and there's auditd, but that requires restart, fatrace doesn't)
00:12:57 <MK_FG> 1€ is indeed just a shot, drinkable vodka costs 2-3€ I think
00:14:30 <MK_FG> And I don't have btc set up, need to download gigs there to catch up probably ;)
00:15:29 <iceTwy> heh
00:15:30 <iceTwy> no
00:15:32 <iceTwy> 1 solution:
00:15:33 <iceTwy> Electrum
00:15:57 <iceTwy> it connects to servers that already have the whole blockchain downloaded
00:16:08 <iceTwy> written in Python, so no shitty Java security flaws
00:16:09 <wh1t3r4bb1t> I've borrowed blueimp's jquery uploader to integrate into a site. I need to add the url of the uploaded file to the user's media table in the db and I can't seem to find where in this function I should call the other function that saves to the db... http://pastebin.com/q418875h
00:17:39 <MK_FG> Actually, I think there was some work on having snapshots of all unspent things in official btc client
00:18:22 <MK_FG> So that you don't need whole blockchain, only one snapshot with all the keys there, plus hash of latest block for it
00:18:41 <MK_FG> But iirc things like satoshi dice were making that rapidly inpractical....
00:18:46 <wh1t3r4bb1t> Maybe after line 25? or... maybe I have to add the call multiple times?
00:22:54 AnonO_o (AnonO_o@anonO_o) has joined #crytocc
00:22:57 <AnonO_o> hai
00:23:06 <wh1t3r4bb1t> ello
00:39:56 Jester (Jester@cryto-4C7D5518.retail.telecomitalia.it) has joined #crytocc
00:40:51 <cayce> sexy, ns2 is up
00:41:19 <cayce> I'm not actually sure why it took so long, but I'm also not actually sure what script was autorestarting the dnsd lol
00:41:34 * cayce cut that shit out with a scalpel
00:49:06 Jester has parted #crytocc (Leaving)
00:52:30 Jester (Jester@cryto-1309AB55.dfri.se) has joined #crytocc
00:53:31 <Jester> hei
00:53:50 Jester has quit (User quit: Leaving)
01:06:14 <cayce> yes hello norway
01:06:25 <cayce> or no, it was hej
01:06:26 <cayce> lol
01:21:46 <iceTwy> can anyone connect to
01:21:54 <iceTwy> https://cloud.icetwy.re/owncloud/
01:21:55 <iceTwy> ?
01:24:47 landrone has quit (Ping timeout)
01:24:54 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
01:25:08 <iceTwy> ssl_error_rx_record_too_long
01:25:09 <iceTwy> pft
01:33:30 <joepie91> iceTwy:
01:33:34 <joepie91> I'm sorry to have to inform you that your message could not
01:33:34 <joepie91> be delivered to one or more recipients. It's attached below.
01:33:40 <joepie91> [...]
01:33:40 <joepie91> <icetwy@icetwy.re>: Command died with status 255: "/usr/bin/dspam". Command
01:33:40 <joepie91> output: sh: 1: /usr/bin/sendmail: not found
01:34:01 <joepie91> broked.avi
01:34:22 <iceTwy> what?
01:34:26 <iceTwy> yes but
01:34:30 <iceTwy> that was a few hours ago
01:34:30 <iceTwy> ;)
01:34:36 <iceTwy> resend one nao joepie91
01:34:42 <iceTwy> also babes
01:34:48 <iceTwy> https://cloud.icetwy.re/owncloud/
01:35:00 landrone has quit (Input/output error)
01:35:12 landrone (Adrian@cryto-812F49C0.carolina.res.rr.com) has joined #crytocc
01:35:35 <iceTwy> seriously, tho
01:35:38 <iceTwy> I should get a StartSSL certificate
01:35:39 <iceTwy> lol
01:35:49 <joepie91> why?
01:37:14 <iceTwy> coz
01:37:15 <iceTwy> fun
01:37:56 <joepie91> applying for StartSSL is, in my experience, many things... but 'fun' is not one of them
01:37:57 <joepie91> lol
01:38:07 <iceTwy> oh
01:38:15 <iceTwy> I'd gotten to the point of actually having the whole SSL certificate
01:38:16 <iceTwy> but
01:38:16 <iceTwy> nope
01:38:18 <iceTwy> @ramhost
01:39:20 <joepie91> ?
01:43:45 landrone has quit (Input/output error)
01:44:00 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
01:53:35 landrone has quit (Input/output error)
01:54:15 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
02:02:20 <cayce> wat
02:02:25 <cayce> startssl is shit simple
02:02:35 <cayce> even if their site looks and acts like 1996 when it was written
02:03:13 <cayce> just be sure not to select the sha256 option for cert signing
02:03:49 <cayce> no version of IE supports it
02:03:56 <cayce> It's... I forget what it's called
02:04:15 <cayce> they note the NSA notice that told all "secure" govt people to start using it posthaste
02:04:23 <cayce> they call it by that name
02:04:24 <cayce> haha
02:04:41 <cayce> iirc officially it's sha2 cert signing
02:05:21 <cayce> (you bet it's the option I selected. fuck anyone using IE, for any reason)
02:05:28 <iceTwy> (^)
02:05:57 landrone has quit (Ping timeout)
02:07:35 landrone (Adrian@cryto-812F49C0.carolina.res.rr.com) has joined #crytocc
02:08:41 x (foobar@8A2E482F.4403C8C0.E124FE5.IP) has joined #crytocc
02:14:30 <cayce> I await the day someone emails me about it
02:15:07 <cayce> "Hi I got an error connecting to your website, just wanted to let you know! <error>" "Hi, you're using IE aren't you? Please change to a real web browser like chrome, opera, or firefox. Thanks!"
02:18:34 <botpie91> �04FichteFoll� made 2 commit(s) to ��03package_control_channel� on branch ��10master�: '�02Update the sublime_text value since it is working with sublime-text-3�', '�02Merge pull request #1842 from papaDoc/masterUpdate the sublime_text value since it is working with sublime-text-3�' (https://github.com/wbond/package_control_channel/compare/ac1e8e18aa...996966973e)
02:19:20 <cayce> that reminds me
02:19:34 <cayce> I have to remove firefox from the list of browsers I recommend to people, because it doesn't support tls1.2
02:19:54 <cayce> nss does, but ff doesn't ship it
02:20:16 <cayce> afaik no about:config tunables to enable it yet either
02:21:15 * cayce goes to find ciphers list for only perfect-forward-secrecy (buzzword woot!) connections
02:22:19 <cayce> everyone wants backwards support
02:22:37 <cayce> I wish someone would make a config that says "fuck all our customers. If you can get in, your shit is secure."
02:23:20 landrone has quit (Input/output error)
02:23:31 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
02:24:47 <joepie91> cayce: for once, I don't mind buzzwords
02:24:59 <joepie91> as, for once, it seems to serve increased security
02:25:09 <cayce> yes
02:25:23 <cayce> it's resulting in a very fast proliferation of better (not best) configs
02:25:26 <cayce> which is WONDERFUL
02:25:48 <cayce> not best because we're waiting on client and server implementations
02:26:14 <cayce> kinda nice to watch half the net go ssl-only
02:26:32 <joepie91> heh
02:27:05 <joepie91> (congrats NSA, you have sufficiently paranoid-ed everyone to have them turn to more secure configurations)
02:27:21 <cayce> yep
02:27:35 <cayce> lol blowback
02:28:07 <joepie91> honestly
02:28:18 <cayce> ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-RC4-SHA:DHE-RSA-AES256-SHA:RC4-SHA;
02:28:20 <joepie91> the fact that masses of non-malicious entities suddenly start caring about encrypting shit
02:28:23 <joepie91> and hiding shit from the NSA
02:28:26 <cayce> NOT BAD, BUT I SEE RC4 FOR COMPATIBILITY
02:28:30 <joepie91> and moving their shit to *other countries* to do so
02:28:44 <joepie91> should tell NSA guys something about how (not) desired their surveillance crap is
02:29:03 <cayce> I think the single thing that will actually undo all of this is that it instantly becomes a competitive disadvantage for american corps
02:29:21 <cayce> that's what will really drive against the nsa
02:29:26 <cayce> fuck civil liberties, they don't exist
02:29:29 <cayce> haven't for years
02:29:33 <cayce> but money? we still care about that.
02:29:34 landrone has quit (Input/output error)
02:30:09 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
02:30:21 * cayce fixes ciphers list
02:32:39 <cayce> icecream and ssl configs, best dinner
02:33:15 landrone has quit (Input/output error)
02:33:21 <joepie91> geek :P
02:34:27 landrone (Adrian@cryto-812F49C0.carolina.res.rr.com) has joined #crytocc
02:34:41 <cayce> sexy sexy
02:34:42 <cayce> ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA;
02:34:50 <cayce> that's my shit right there
02:35:08 <cayce> the RSA ones are for tls1.0 compat
02:35:11 * joepie91 quietly sneaks up behind cayce and adds an 'RC4' to the pile
02:35:36 <iceTwy> derp
02:35:36 * cayce beats joepie91 with a giant dildo with 'crypto' scrawled up the shaft in sharpie
02:35:45 <iceTwy> so the funny thing is
02:35:57 <iceTwy> if I use my ssl certs on Apache
02:35:59 <cayce> or maybe clue
02:36:00 <iceTwy> they don't work on me mail
02:36:01 * joepie91 actually has a mental image of that now..
02:36:05 <cayce> :3
02:36:08 <joepie91> iceTwy: mmm?
02:36:09 <cayce> joepie91:) someday.
02:36:27 <cayce> I don't understand
02:36:31 <cayce> If it's the same subdomain
02:36:41 <iceTwy> neither do I
02:36:42 <iceTwy> but
02:36:42 <iceTwy> heh
02:36:47 <joepie91> (awesome gif: http://i.imgur.com/M6ZaqwD.gif)
02:36:47 <iceTwy> too tired to understand anyway
02:36:58 <cayce> indeed
02:37:15 * cayce can't fucking wait for nginx to have per-vhost ssl settings
02:38:00 <iceTwy> doesn't it?
02:38:01 <iceTwy> apache has
02:38:03 <cayce> nope
02:38:05 <cayce> apache does, yeah
02:38:07 <iceTwy> apache does
02:38:08 <iceTwy> rather
02:38:09 <cayce> nginx does not
02:38:14 landrone has quit (Input/output error)
02:38:32 <cayce> it takes the first list of ciphers it finds when loading configs, end of story
02:39:06 <cayce> so basically we turn ssl on for vhosts, and my anal retentive nature manages ssl ciphers for the whole server
02:39:17 <cayce> :3
02:39:29 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
02:39:38 <cayce> NP: [Macklemore & Ryan Lewis - Thrift Shop [feat. Wanz]] [The Heist] [938kbps] DeaDBeeF 0.5.6-3jane�
02:39:52 <cayce> oh fuck, it's like almost 8
02:40:16 <cayce> gotta be up in 10 hours :D
02:40:36 <joepie91> sleep!
02:40:45 <cayce> not yet o.o
02:40:57 <cayce> I need precisely 8 hours of sleep
02:41:07 <cayce> not more than 20 minutes in either direction :P
02:41:24 <joepie91> fair enough :P
02:41:25 <joepie91> also
02:41:25 <joepie91> http://devopsreactions.tumblr.com/post/47690154351/trying-to-code-to-w3c-standards
02:41:29 <cayce> or 4, I can do exactly 4 equally well
02:41:38 <cayce> yep
02:41:50 <joepie91> lol
02:41:52 <joepie91> also http://devopsreactions.tumblr.com/post/47352638154/almost-ran-update-without-where
02:42:40 <iceTwy> hahaha
02:42:45 <iceTwy> I can't imagine Chromium devs
02:42:47 <joepie91> also this: http://devopsreactions.tumblr.com/post/46411768705/trying-to-work-out-a-problem-after-the-5th-hour
02:42:48 <iceTwy> or Linux kernel
02:42:49 <iceTwy> http://devopsreactions.tumblr.com/post/59279436270/build-fails-just-before-creating-the-executable
02:42:56 <joepie91> iceTwy: hahaha
02:43:47 <iceTwy> OH LOL
02:43:51 <iceTwy> Linus insulting everyone
02:43:53 <iceTwy> because he's mad
02:43:54 <joepie91> also, heh: http://devopsreactions.tumblr.com/post/45826825332/changing-production-without-backups
02:43:55 <iceTwy> hahahaha
02:44:02 <joepie91> iceTwy : what is it this time? :P
02:44:07 <iceTwy> that'rofl :p
02:45:13 <joepie91> and sadly, I recall this one: http://devopsreactions.tumblr.com/post/45101836919/pushed-code-to-production-recalled-there-was-a
02:45:32 <cayce> hmm
02:45:35 <iceTwy> looool
02:45:36 <iceTwy> http://devopsreactions.tumblr.com/post/57780524288/our-engineers-are-working-to-fix-the-problem-in-the
02:45:55 <cayce> I wonder if the ssl people will yell at me for blocking like 35% of people
02:46:03 landrone has quit (Input/output error)
02:46:50 <joepie91> rofl
02:46:52 <joepie91> iceTwy: http://devopsreactions.tumblr.com/post/44444575875/when-we-dont-write-a-test-for-that-special-corner-case
02:46:52 <cayce> https://www.ssllabs.com/ssltest/analyze.html?d=https%3A%2F%2Fexplodie.org
02:47:08 <cayce> I get very close to a perfect score
02:47:12 landrone (Adrian@cryto-812F49C0.carolina.res.rr.com) has joined #crytocc
02:47:13 <cayce> 100-95-100-90
02:47:25 <cayce> that's my current config, not even revised yet
02:47:34 <joepie91> Prefix handling Not valid for "www.explodie.org" CONFUSING
02:47:35 <joepie91> CONFUSING!
02:47:39 <cayce> yes!
02:47:55 <cayce> because fuck you I don't use www it fucks up the visual flow of the url
02:48:30 <joepie91> heh
02:48:31 <joepie91> also http://devopsreactions.tumblr.com/post/44054856083/starting-in-a-new-normal-job-vs-starting-as-sysadmin
02:48:32 <iceTwy> haha
02:49:37 <iceTwy> no DNS record for www on explodie?
02:49:39 <joepie91> also http://devopsreactions.tumblr.com/post/43636741338/complex-regexp-worked-exactly-as-expected
02:49:40 <joepie91> :p
02:49:47 <cayce> there is, yes, but it's just a redirect
02:49:53 <iceTwy> to explodie.org?
02:49:57 <cayce> yep
02:50:02 <iceTwy> funny
02:50:06 <cayce> to https:// I think
02:50:11 <iceTwy> anyway
02:50:12 <iceTwy> gotta go
02:50:13 <iceTwy> to sleep
02:50:15 <iceTwy> 5AM...
02:50:20 <iceTwy> and I'm going back to school in 5 days
02:50:23 <cayce> :>
02:50:25 <iceTwy> wtf am I thinking/doing
02:50:33 <cayce> I have school at 8am tomorrow, cause I started back this week
02:50:33 <cayce> :D
02:50:42 <iceTwy> I've got a philosophy essay to write
02:50:50 <cayce> DO IT
02:50:50 <iceTwy> gotta clock it in next tuesday
02:50:51 <cayce> who on
02:50:53 <joepie91> also, TIL
02:50:55 <joepie91> http://devopsreactions.tumblr.com/post/43391083841/how-stonith-works
02:50:55 <iceTwy> Sartre
02:50:57 landrone has quit (Input/output error)
02:50:59 <cayce> ugh I'm sorry
02:51:00 <joepie91> STONITH is a technique for NodeFencing, where the errant node which might have run amok with cluster resources is simply shot in the head. Normally, when an HA system declares a node as dead, it is merely speculating that it is dead. STONITH takes that speculation and makes it reality. "Make it so, Number One".
02:51:03 <iceTwy> xD
02:51:20 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
02:51:25 <joepie91> iceTwy: sleep!
02:51:32 <iceTwy> yes
02:51:35 <iceTwy> night!
02:51:39 <joepie91> night :P
02:51:46 iceTwy has quit (Input/output error)
02:51:47 <cayce> something funny I realized today: the reason we talk about globalization and not modernization is because of postmodernist philosophy
02:52:07 <joepie91> cayce: http://devopsreactions.tumblr.com/post/43069215541/waiting-for-a-full-mysqldump
02:52:20 <cayce> which focuses entirely on "the human condition", and thus not cause/effect/systems so much
02:52:31 <cayce> yep
02:52:34 <Tyler> That network is about criptography?
02:53:03 <cayce> my favorite was learning that bitly's mysql db has so many rows they're not allowed to COUNT because it takes the server down
02:53:07 <joepie91> Tyler: ?
02:53:15 <joepie91> cayce: rofl, what
02:53:19 <cayce> not even kidding
02:53:39 <cayce> hilary mason, their former "chief scientist" has mentioned it in several of her talks
02:53:43 <cayce> I laugh every time
02:53:56 <cayce> also mariadb is sexy
02:54:12 <cayce> like... they presented at debconf and I watched the whole thing sexy
02:54:18 <cayce> I hate db's... mariadb is sexy.
02:54:33 <cayce> it really truly is what mysql should have been
02:54:34 <joepie91> have a link to their presentation?
02:54:36 <joepie91> also, http://devopsreactions.tumblr.com/post/42013983491/when-an-aws-region-goes-down-and-you-are-not-using-aws
02:54:37 <cayce> sure sec
02:55:18 Tyler has quit (User quit: leaving)
02:55:26 <cayce> http://meetings-archive.debian.net/pub/debian-meetings/2013/debconf13/high/1073_MariaDB.ogv
02:55:29 <cayce> joepie91:) ^
02:55:40 <cayce> It's... yeah
02:55:42 <cayce> sexy
02:55:44 <cayce> that's all I've got
02:55:52 <joepie91> bookmarking, thanks :)
02:56:00 <joepie91> and see above devopsreactions link
02:56:01 <joepie91> lol
02:56:18 <cayce> so the code that sun wouldn't allow in due to licensing and being a corp? they're taking it all. And they're reimplementing all of the new closed source oracle stuff, and better
02:56:39 <joepie91> (I know, I'm using MariaDB in some places)
02:56:47 <cayce> haha
02:56:50 <cayce> yeah, we do too
02:57:00 <cayce> It's drop-in for our stuff
02:57:04 <cayce> (wordpress and shit, ha)
02:57:18 <cayce> sounds like there are advanced cases where it isn't any longer
02:57:26 <cayce> because they've done new stuff better than oracle
02:57:30 <cayce> and he'll show some graphs
02:57:34 <cayce> it's not just a little better
02:57:53 <cayce> protip: when oracle bought sun, everyone on the mysql team left
02:57:56 <cayce> every. on.
02:57:57 <cayce> one.
02:58:25 <joepie91> sooo...
02:58:30 <joepie91> Oracle shot themselves in the foot
02:58:31 <joepie91> basically
02:58:35 <joepie91> (which is what they're good at)
02:58:41 <cayce> yes
02:58:46 <cayce> they relicensed mysql too
02:58:58 <cayce> it's not open, from some slightly previous point forward
02:59:05 <cayce> and they've been removing docs and things
02:59:12 <cayce> publishing undocumented features and fixes
02:59:23 <cayce> pretty much turning mysql into a shitty version of oracledb
02:59:29 <cayce> (irony? loads)
02:59:40 <joepie91> heh
02:59:49 <joepie91> oh well
02:59:53 <joepie91> goodbye mysql, hello mariadb
02:59:56 <cayce> I give credit, oracledb is powerful if shitty
03:00:01 <cayce> but uh
03:00:08 <joepie91> also, /me will be away for a while now
03:00:12 <cayce> mariadb is grabbing all the cool shit and making it even better
03:00:14 <cayce> it's cool
03:00:15 <joepie91> dr who episode then code
03:00:18 <cayce> I'mma... I don't know
03:00:19 <cayce> lol
03:00:24 <cayce> dick with ssl configs
03:00:26 <cayce> that's what I'mma do
03:00:27 <cayce> lol
03:00:28 <joepie91> have fun :P
03:00:33 <cayce> will do
03:17:52 <cayce> okay, now I have a list I'm happy with. Let's see what supports it
03:17:55 <cayce> ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-SEED-SHA:DHE-RSA-AES256-SHA;
03:21:40 <cayce> damn
03:21:43 <cayce> not bad, actually
03:22:00 <cayce> doesn't mitigate beast, though
03:22:19 <cayce> but almost every browser that can connect gets a 256bit forward secure connection
03:25:12 landrone has quit (Input/output error)
03:27:15 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
03:30:21 landrone has quit (Input/output error)
03:30:33 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
03:35:49 landrone has quit (Input/output error)
03:36:45 <cayce> ugh, it's support OR security
03:36:48 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
03:37:12 <cayce> almost nothing supports tls1.2 ciphers, and all the tls1.0+ ciphers are vuln
03:37:32 <cayce> cbc anything and I'm not touching rc4 with a ten foot pole
03:43:56 <ElectRo`> tls 1.1 and 1.2 fixes beast attacks
03:45:46 <ElectRo`> the world said rc4 was secure to prevent attaksand required little effort to implement
03:47:00 landrone has quit (Input/output error)
03:47:49 landrone (Adrian@cryto-812F49C0.carolina.res.rr.com) has joined #crytocc
04:02:07 <cayce> I have a gut feeling which tells me rc4 is not secure
04:02:46 <cayce> my gut tells me it will be broken sufficiently in under 5 years, which means all rc4 traffic being recorded by the NSA will be feasibly decrypted in that time frame
04:02:56 <cayce> which tells me rc4 is not acceptable
04:03:19 <cayce> and that's assuming they haven't broken it already
04:03:45 <cayce> which, because it's been shown publicly to be weaker than we thought though not broken, isn't a convincing assumption
04:04:08 <joepie91> aaaaaand in a spectular misunderstanding of how TOR works, Russia Today reports that "Internet users throughout the world have signed up in droves for anonymity software"
04:04:10 <joepie91> http://rt.com/usa/tor-membership-doubled-nsa-137/
04:04:20 <joepie91> yes, it really says "membership" and "signed up"
04:05:10 landrone has quit (Input/output error)
04:05:19 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
04:06:18 <cayce> I'll show you my membership
04:07:11 <cayce> my head hurts
04:07:20 <cayce> too much tls browser support matrices
04:08:43 <cayce> cool
04:08:55 <cayce> chrome will ship aes-gcm ciphers in 30
04:08:59 <cayce> hot
04:09:18 * cayce rages that chrome29 on ubuntu doesn't do tls1.2
04:15:05 <cayce> dunno why, either e.e
04:20:31 landrone has quit (Input/output error)
04:20:44 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
04:22:10 <cayce> sexy: ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA;
04:22:15 <cayce> vuln to beast, but sexy
04:22:36 <cayce> drop the last two and you stop being vuln to beast, but you also stop using non-tls1.2 ciphers
04:22:47 * cayce tries to find 1 rc4
04:36:21 <joepie91> cayce, http://zguide.zeromq.org/page:all#Heartbeating
04:38:15 <joepie91> awesome stuffs :)
04:39:47 <cayce> :>
04:40:09 * cayce cries and adds in a tls1.2 rc4 line as well as a tls1.0 rc4 line
04:40:11 * cayce cuts arms off
04:41:26 landrone has quit (Input/output error)
04:42:22 <cayce> haha joepie91 that's awesome
04:42:39 <cayce> "so most people do it this way, which I guess is fine but it's dumb and here's what you should watch for if you do"
04:43:04 landrone (Adrian@cryto-812F49C0.carolina.res.rr.com) has joined #crytocc
04:43:17 <cayce> compromise: https://www.ssllabs.com/ssltest/analyze.html?d=explodie.org
04:43:30 <cayce> compromise is still an A
04:43:31 <cayce> :P
04:46:08 landrone has quit (Input/output error)
04:46:17 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
04:51:35 <wh1t3r4bb1t> beef tenderloin steak... mmmm filet is the best.
05:10:11 landrone has quit (Input/output error)
05:10:21 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
05:17:35 landrone has quit (Input/output error)
05:18:45 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
05:26:13 landrone has quit (Input/output error)
05:27:13 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
05:38:43 landrone has quit (Input/output error)
05:39:06 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
06:16:56 landrone has quit (Input/output error)
06:18:53 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
06:21:58 landrone has quit (Input/output error)
06:22:08 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
06:22:36 YuKy (YuKy@YuKy.users.cryto) has joined #crytocc
06:23:41 <YuKy> can some admin please fix our qwebIRC??
06:25:33 <YuKy> after reebot no longer works
06:27:49 landrone has quit (Input/output error)
06:27:58 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
06:28:22 <wh1t3r4bb1t> how can an admin fix YOUR qwebIRC?
06:30:27 <YuKy> ah,I do not know. then who can?
06:36:34 AnonO_o has quit (Input/output error)
06:39:59 landrone has quit (Input/output error)
06:40:35 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
06:45:47 <YuKy> http://irc.lc/cryto/crytocc even yours don't work.. or I'm wrong? :/
06:48:51 landrone has quit (Input/output error)
06:48:58 landrone (Adrian@cryto-812F49C0.carolina.res.rr.com) has joined #crytocc
06:53:58 <joepie91> wh1t3r4bb1t: I think he meant for their channel
06:54:08 <joepie91> YuKy: oh, derp
06:54:11 <joepie91> I restarted the web irc
06:54:13 <joepie91> but not the ircd behind it
06:54:15 * joepie91 facepalms
06:54:23 <YuKy> :)
06:54:45 <joepie91> well, that's certainly on the top of my list of stupid things in the past week
06:54:51 crytocc679 (crytocc679@cryto-3E6002EF.direct-adsl.nl) has joined #crytocc
06:54:51 lysobit (musalbas@localhost) has joined #crytocc
06:54:53 <crytocc679> works now
06:55:05 <YuKy> lol tnx joepie91
06:57:25 landrone has quit (Input/output error)
06:57:35 landrone (Adrian@cryto-812F49C0.carolina.res.rr.com) has joined #crytocc
06:58:01 crytocc679 has quit (Ping timeout)
06:58:10 YuKy has parted #crytocc (Leaving)
07:10:30 landrone has quit (Input/output error)
07:12:34 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
07:21:56 <wh1t3r4bb1t> joepie91: Ah, yes I think you're right. My derp.
07:23:09 <wh1t3r4bb1t> Tired, frustrated with jQuery file upload by blueimp.
07:24:13 <wh1t3r4bb1t> Im stuck on the stupid "Empty file upload result" error. NONE of the posted fixeis work for my case.
07:25:35 <wh1t3r4bb1t> What's even more retarded is that I changed NONE of his code. Only added a part that carries the user ID and tries to store the user media references in the database.
07:27:14 <wh1t3r4bb1t> I get the feeling that his coding is complete shit - or - he has made this plugin non-adaptable to make money on "fixing" it or "customizing" it.
07:27:41 * wh1t3r4bb1t is about to flame his github.
07:29:09 <wh1t3r4bb1t> I asked him what resides behind one of the non-accessible, non-downloadable files and he ignored me. Wouldn't let me get that code. What an asshole.
07:30:05 <wh1t3r4bb1t> So, I guess I will start from scratch and write my own jQuery file upload script.
07:42:51 mama_ (me@cryto-7FDC2D28.snydernet.net) has joined #crytocc
07:43:57 landrone has quit (Input/output error)
07:44:09 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
07:44:20 mama has quit (Ping timeout)
07:44:24 *** mama_ is now known as mama
07:55:23 <joepie91> wh1t3r4bb1t: be sure to include a flash fallback
08:02:01 <wh1t3r4bb1t> joepie91: I was thinking about that... Feel overwhelmed right now.
08:16:09 landrone has quit (Input/output error)
08:16:19 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
08:26:01 landrone has quit (Input/output error)
08:26:36 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
08:35:35 x has quit (Input/output error)
08:36:13 landrone has quit (Input/output error)
08:37:12 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
08:45:28 anonymous_bastard (anonymous_@cryto-7FDC2D28.snydernet.net) has joined #crytocc
08:48:56 anonymous_bastard has parted #crytocc (Leaving)
08:51:57 landrone has quit (Input/output error)
08:52:34 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
08:59:48 landrone has quit (Input/output error)
09:00:47 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
09:08:38 landrone has quit (Input/output error)
09:09:13 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
09:15:09 tintin has quit (Ping timeout)
09:50:47 landrone has quit (Input/output error)
09:50:57 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
10:03:40 landrone has quit (Input/output error)
10:03:52 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
10:08:15 cipollatritata (soffritto@cryto-356016C3.greenhost.nl) has joined #crytocc
10:10:23 cipollatritata has quit (User quit: Sto andando via)
10:18:09 landrone has quit (Input/output error)
10:20:09 landrone (Adrian@LapAnon.users.cryto) has joined #crytocc
10:28:12 Yolo has quit (Ping timeout)
10:28:25 loldongs (nomnomops@A0B46AEC.3E3CBD3E.5FE3EE37.IP) has joined #crytocc
10:31:23 iceTwy (quixotikal@iceTwy.users.cryto) has joined #crytocc
10:31:30 <iceTwy> there we goooooo
10:31:37 <iceTwy> SSL's working properly now
10:31:40 <iceTwy> silly certificates
10:41:31 <joepie91> lol
10:43:46 landrone has quit (Input/output error)
10:43:47 <iceTwy> yeah
10:43:59 <iceTwy> try to connect to https://vps.icetwy.re/
10:43:59 <iceTwy> it works
10:44:19 landrone (Adrian@cryto-812F49C0.carolina.res.rr.com) has joined #crytocc
10:44:47 <iceTwy> joepie91: ^
10:45:59 <joepie91> mhmm, I see
10:47:09 <iceTwy> I'm even redirecting http traffic to https
10:47:25 landrone has quit (Input/output error)
10:49:05 landrone (Adrian@cryto-812F49C0.carolina.res.rr.com) has joined #crytocc
10:50:07 <iceTwy> joepie91: to xmpp or not to xmpp
10:53:57 <joepie91> iceTwy: in what sense?
10:59:07 stanone (Adrian@LapAnon.users.cryto) has joined #crytocc
10:59:25 landrone has quit (Ping timeout)
12:00:05 Backstage (backstage@42A6C7BC.6003161D.FF5611E1.IP) has joined #crytocc
12:00:21 Backstage has quit (User quit: Colloquy for iPhone - http://colloquy.mobi)
12:01:39 <iceTwy> joepie91: set up a server or not
12:01:42 <iceTwy> but it's done anyway
12:01:51 <iceTwy> add me @ icetwy@vps.icetwy.re
12:02:04 <iceTwy> but Prosody is annoying
12:02:15 <iceTwy> you can't add a CA file to verify the certificate
12:03:02 <joepie91> why not icetwy@icetwy.re?
12:03:13 <joepie91> you can just set up a DNS record specifically for XMPP
12:03:19 <iceTwy> oh?
12:03:25 <iceTwy> holy crap
12:03:25 <iceTwy> noice
12:03:31 <joepie91> http://prosody.im/doc/dns
12:03:40 <iceTwy> and the SSL certificate won't bug then?
12:03:43 <iceTwy> I mean
12:03:45 <joepie91> depends
12:03:47 <joepie91> does it cover icetwy.re?
12:03:50 <iceTwy> yes
12:03:53 <iceTwy> icetwy.re, vps.icetwy.re
12:03:54 <joepie91> then you should be fine
12:04:00 <lysobit> iceTwy:
12:04:02 <joepie91> just set an XMPP SRV record on icetwy.re
12:04:08 <joepie91> that points at vps.icetwy.re
12:04:13 <iceTwy> kk
12:04:19 <lysobit> Do you live in Réunion?
12:04:22 <joepie91> for both client and server
12:04:32 <joepie91> then people can add you as icetwy@icetwy.re
12:04:40 <joepie91> (don't forget to update your Prosody config!)
12:05:07 <joepie91> also, iceTwy, if you're stuck with Prosody, join prosody@conference.prosody.im
12:05:09 <joepie91> (XMPP room)
12:05:12 <joepie91> they're very helpful :)
12:05:14 <iceTwy> Nope lysobit
12:05:17 <iceTwy> but I'm French
12:05:17 <iceTwy> ;)
12:05:26 <lysobit> "Since December 6, 2011, the rules for registering French domains have changed. The owner of a domain does need not to be based in France anymore. " oh, cool
12:05:31 <iceTwy> joepie91: Prosody will use icetwy.re as a vhost yeah?
12:05:37 <joepie91> iceTwy: if you tell it to, yes
12:05:37 <lysobit> (they took pwn.re away from me when I registered it)
12:05:41 <iceTwy> kk
12:05:54 <joepie91> iceTwy: note that you may need to re-register your accoun
12:05:55 <joepie91> account *
12:06:02 <joepie91> or mess around with changing the fqdn for your account
12:06:08 <joepie91> (the ease of which depends on where you store your data)
12:06:21 <iceTwy> mysql db
12:06:22 <iceTwy> so
12:06:22 <iceTwy> er
12:06:25 <iceTwy> I'll just delete it
12:06:28 <iceTwy> no big deal
12:06:31 <iceTwy> also
12:06:46 <iceTwy> prosody stores the SSL key & MySQL DB passwords in its config file
12:06:58 <iceTwy> so er
12:07:20 <joepie91> mhmm
12:07:23 <joepie91> but yeah
12:07:27 <joepie91> pop into their XMPP room
12:07:46 <iceTwy> sec
12:14:01 <lysobit> I wonder how much research they had to do for this, the use of the 'top' command to list the top 10 is just genius. http://www.youtube.com/watch?v=Il5YgeHdHxw
12:14:51 <iceTwy> joepie91: it works! :d
12:14:54 <iceTwy> :D*
12:14:58 <joepie91> lysobit: looks like someone had a fun afternoon with After Effects
12:15:31 <joepie91> iceTwy: whoop
12:15:35 <joepie91> so I can now add icetwy@icetwy.re?
12:15:36 <lysobit> joepie91: have you even seen Die Hard 4.0?
12:15:46 <joepie91> lysobit: have not
12:16:06 <iceTwy> yes you can joepie91
12:16:11 <iceTwy> isn't it amazing?
12:16:15 <joepie91> added
12:16:17 <joepie91> :)
12:16:18 <iceTwy> k
12:16:28 <joepie91> iceTwy: be happy that you're using Prosody
12:16:35 <joepie91> if you were trying to use ejabberd, you would be pulling out your hair right now
12:16:36 <joepie91> probably
12:16:37 <joepie91> :P
12:17:20 <joepie91> also, lysobit, mildly amusing how they play .mov files
12:17:44 <iceTwy> haha
12:17:52 <lysobit> ha
12:17:55 <iceTwy> I've heard good things about Prosody
12:17:56 <iceTwy> and yeah
12:18:03 <iceTwy> you've got a server running in 20 mins max
12:18:05 <MK_FG> joepie91, You're erlangist!
12:18:19 <joepie91> I mean, if you're going to go all HEY LOOK I MAKE EVERYTHING IN TERMINAL AND LINUX STYLE, then at least go for ogv
12:18:23 <joepie91> or something similarly free and obscure
12:18:36 <joepie91> iceTwy: pretty much
12:18:39 <joepie91> MK_FG: most certainly not
12:18:45 <joepie91> I have come to hate ejabberd and erlang with a passion
12:19:00 <MK_FG> See? ;)
12:19:12 <iceTwy> lol
12:19:17 <joepie91> an erlangist would be praising erlang ;)
12:19:21 <iceTwy> not what I'm aiming for :P
12:19:24 <iceTwy> also joepie91 quick PM
12:19:28 <MK_FG> Racists won't praise niggers!
12:20:13 <iceTwy> oh
12:20:17 <iceTwy> Putin won't praise gays
12:20:17 <iceTwy> yup
12:20:18 <joepie91> (actually, they very well may, but hang on)
12:20:29 <joepie91> MK_FG: 'racist' does not refer to a certain race being considered inferior
12:20:31 <MK_FG> Putin is gay though
12:20:36 <iceTwy> that he is
12:20:41 <joepie91> it refers to a certain race - usually the race that said person belongs to - being considered superior
12:20:46 <joepie91> and everything *else* being considered inferior
12:20:58 <joepie91> therefore, an erlangist would have a specific preference for erlang
12:21:01 <joepie91> and consider everything else inferior
12:21:15 <MK_FG> Hm, good point
12:21:27 <joepie91> and MK_FG, you do know that there are plenty of racists that believe 'niggers' (to use your words) are the superior race?
12:22:04 <MK_FG> Huh, nope, don't think I actually heard of these
12:22:32 <joepie91> try walking around in south africa at night as a white person, and you'll learn very quickly :)
12:23:14 <joepie91> seriously though
12:23:17 <joepie91> racism exists in all flavours
12:23:52 <MK_FG> Probably, just different quantities
12:48:45 <iceTwy> Hey
12:48:51 <iceTwy> Do you want to have a laugh
12:49:39 <iceTwy> if so
12:49:53 <iceTwy> look at the following URL (the URL itself should be enough)
12:49:53 <iceTwy> http://colocrossing.com/
12:52:24 <MK_FG> Hm, I don't get it
12:52:35 <iceTwy> colocrossing is massive lolz
12:53:13 <MK_FG> Is it one of these urban dictionary things for weir kinky bdsm stuff? ;)
12:55:06 <joepie91> oh god
12:55:07 <joepie91> colocrossing
12:55:19 * iceTwy grins
12:55:28 <iceTwy> joepie91, would you like a VPS at colocrossing?
12:55:32 <iceTwy> free of charge!
12:55:37 <joepie91> no thanks
12:55:46 <iceTwy> uptiemz 99.9%!!
12:55:55 <joepie91> oh, I'm sure
12:56:08 <joepie91> it's just a shame that that 0.1% downtime isn't in one go
12:56:14 <joepie91> but spread over single-second blips through an entire month
12:56:23 <iceTwy> rofl
12:59:43 loldongs has quit (Connection reset by peer)
12:59:52 Yolo (nomnomops@A0B46AEC.3E3CBD3E.5FE3EE37.IP) has joined #crytocc
13:05:03 fanat1ck (fanat1ck@cryto-D0EF1FE2.us-west-1.compute.amazonaws.com) has joined #crytocc
13:06:25 fanat1ck has quit (User quit: Connection closed)
13:09:17 <iceTwy> also joepie91
13:09:29 <iceTwy> do IRC servers support DNS SRV records
13:13:08 <joepie91> I don't think so
13:15:31 <cayce> minecraft does!
13:15:55 <iceTwy> lol really
13:16:11 <cayce> and bram cohen's a dork so bittorrent uses fucking txt records instead of srv
13:16:18 <cayce> yes o.o
13:17:18 <cayce> _minecraft._tcp SRV 0 0 25565 smp.explodie.org.
13:17:31 <cayce> that address doesn't respond, but it used to :)
13:18:03 <cayce> and bittorrent looks like
13:18:03 <cayce> explodie.org. TXT "BITTORRENT UDP:6969"
13:18:42 <cayce> most torrent clients support that record, too
13:18:44 <cayce> :P
13:19:54 <lysobit> I think that's because the protocol was originally designed to stop DDoS attacks against sites, by allowing sites to have "BITTORRENT DENY ALL" in their record
13:20:14 <lysobit> It was originally designed by one of TPB's founders http://bittorrent.org/beps/bep_0034.html
13:47:42 <iceTwy> ffs.
13:53:22 <joepie91> urgh... I really need more practice at writing language parsers
13:53:54 <joepie91> always missing tiny things that completely break my idea of how to write a parser
13:53:54 <joepie91> :p
13:55:08 <cayce> yes, or do as I do now which is make sure smart clients hit my udp tracker instead of http
13:55:42 <cayce> (which is what the current behavior of that line does)
13:56:17 * cayce waits for coffee to cool so whole cup can be drank
13:56:53 <cayce> I'm supposed to leave in 3.5 minutes, not gonna happen
13:56:55 <cayce> e.e
13:57:06 * joepie91 smashes keyboard
13:57:13 <cayce> but it's cool, I made it in 17 minutes last time
13:57:15 <joepie91> cayce: coffee over travel!
13:57:18 <cayce> wat
13:57:25 <cayce> on a bike up a hill? I think not!
13:57:31 <cayce> also I've never owned a portable cup
13:57:33 <cayce> >_>
13:57:57 * cayce wonders if the library circulation desk is open before 8am
13:58:06 <joepie91> I meant as in priority
13:58:06 <joepie91> :p
13:58:14 <joepie91> don't drink on a bike
13:58:17 <cayce> oh
13:58:18 <joepie91> friend of mine did that, didn't go well
13:58:21 <cayce> I took it to be a rate
13:58:25 <cayce> woops
13:58:28 <cayce> too much calculus
13:58:28 <cayce> lol
13:58:30 <joepie91> lol
13:58:44 <cayce> (one might say just the right amount of calculus, really)
13:59:14 <cayce> enough to both fail calculus and understand the proofs in trig, as they were used in calc, afterwards
13:59:23 <cayce> because I take classes backwards
13:59:24 <cayce> <3
13:59:35 <joepie91> haha
14:00:47 mama has quit (Client exited)
14:01:41 mama (me@2908E8BD.3E0E7151.46BB9CF0.IP) has joined #crytocc
14:06:27 <cayce> rageface
14:06:37 <cayce> spilled rice everywhere trying to move the cooker's bucket
14:06:41 <cayce> cause it was hot e.e
14:08:10 <cayce> NP: [Dengue Fever - Uku] [Cannibal Courtship] [927kbps] DeaDBeeF 0.5.6-3jane�
14:09:37 Yolo has quit (Connection reset by peer)
14:09:45 Yolo (nomnomops@A0B46AEC.3E3CBD3E.5FE3EE37.IP) has joined #crytocc
14:12:33 <cayce> YOLEAUX
14:13:49 <cayce> delicious coffee
14:14:05 <cayce> quickly approaching the time to ride 4 miles to school
14:14:21 <lysobit> interesting possible issue with the SSL system: if one of the 133 root certificate authorities recognised by firefox were comprosied, could you not pretend to be google.com in a mitm attack?
14:14:30 <lysobit> compromised*
14:15:14 <cayce> that's entirely correct
14:15:23 <lysobit> pretty stupid then
14:15:24 <cayce> closer to 600 CA's capable of such a thing
14:16:25 <joepie91> lysobit: which is why the SSL CA model is bullshit
14:16:30 <joepie91> it can happen
14:16:34 <joepie91> it *has* happened
14:16:36 <joepie91> and will happen again
14:16:37 <cayce> ^
14:16:44 <cayce> check your... there's a list of certs in ff
14:16:50 <cayce> listed as banned or blacklisted
14:16:56 <joepie91> I thiiiiink my parser kinda works
14:16:59 <cayce> they actually ship the certs so ff knows exactly which to block
14:16:59 <lysobit> http://mxr.mozilla.org/mozilla-central/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1
14:17:01 <joepie91> \o/
14:17:05 <lysobit> congrats
14:17:11 <cayce> woot!
14:17:33 <lysobit> So what is stopping me from registering a certificate for 'google.com' right now at one of those CAs?
14:17:34 * cayce runs
14:17:48 <cayce> they have a block on registering google.com
14:17:50 <cayce> that's it
14:17:52 <joepie91> lysobit: their identity verifications
14:17:55 <joepie91> probably
14:18:08 * cayce actually runs
14:18:32 <lysobit> http://www.startssl.com/ offers free ssl and they don't do any verification beyond email address and the domain name
14:18:43 <lysobit> actually, makes sense
14:18:51 <lysobit> (you need access to the domain name)
14:20:35 <joepie91> lysobit: basically, SSL is as strong as the weakest verification mechanism employed by any CA
14:20:53 <joepie91> (if you trust CAs that is)
14:20:56 <lysobit> hence 'web of trust'
14:21:02 <joepie91> (SSL ofc involves a lot more, and doesn't require a CA)
14:21:13 <joepie91> lysobit: http://convergence.io/?
14:21:14 <joepie91> :P
14:22:19 <joepie91> anyway
14:22:26 <joepie91> I've been writing a parser for this syntax:
14:22:28 <joepie91> (paste incoming)
14:22:46 <joepie91> http://sebsauvage.net/paste/?4f1b8cf179bf6bbb#xhz57CK8JKGxf4buxuaRv9Y9RwBkwZ2jgcG9321wT08=
14:23:00 <joepie91> the basic parser is done, still need to do the filter rule parsing
14:23:07 <joepie91> but it understands the base syntax
14:24:33 <lysobit> some sort of config file?
14:24:52 <iceTwy> wtf is wrong with ircd-hybrid
14:25:00 <iceTwy> even when you have libopenssl-dev
14:25:10 <joepie91> iceTwy: why... would you run hybrid?
14:25:15 <iceTwy> iunno
14:25:19 <iceTwy> seems to be a good irc daemon
14:25:24 <joepie91> either use unreal or, if you want a more modern daemon, go with inspircd
14:25:24 <iceTwy> got any other?
14:25:35 <joepie91> (inspircd isn't terribly easy to set up with IRC either, but at least it's somewhat decent)
14:25:40 <joepie91> (er, with SSL*)
14:25:56 <joepie91> lysobit: it's an example rulebook for the new design of my server control / task distribution / etc. thing
14:26:12 <joepie91> previous design was too conceptually complex to implement properly
14:26:15 <joepie91> or even to understand properly
14:26:25 <joepie91> so I've generalized it into a generic message routing thing
14:26:26 <iceTwy> yeah
14:26:31 <joepie91> that can be configured using a rulebook
14:26:34 <joepie91> with the above syntax
14:26:46 <joepie91> so you can basically set up arbitrarily structured clusters of servers
14:28:28 <lysobit> so you can type 'convert xyz' in a shell for example and it routes it to the right server
14:28:54 <joepie91> that.. depends
14:29:07 <joepie91> it's not fairy dust - it will only route messages that it is given
14:29:28 <joepie91> but theoretically you could make a small commandline utility that contacted the local Nexus node (Nexus is at least the working name for this)
14:29:36 <joepie91> and told it "hey, user wants to convert this"
14:29:50 <joepie91> and, given your Nexus node is set up to route conversion tasks correctly, it'll throw it at the right server
14:29:59 <joepie91> which may be local, remote, whatever
14:30:09 <joepie91> it's also intended for error logging etc
14:30:10 <joepie91> brb
14:33:24 <joepie91> right
14:33:25 <joepie91> back
14:33:36 <joepie91> lysobit: what would also, for example, be a possibility
14:33:58 <joepie91> is having $custom_php_application_you_wrote contact the Nexus node on its server if an exception occurs
14:34:00 <joepie91> and send it there
14:34:07 <joepie91> and have multiple applications do that
14:34:20 <joepie91> and just set up Nexus to route every software error message to a bunch of logging nodes
14:34:50 <joepie91> do that on every server running some kind of application
14:35:04 <joepie91> and boom, in 10 minutes you've set up centralized error logging
14:36:16 <joepie91> the idea is basically to remove the need to write code (where possible) for peddling messages back and forth
14:36:28 <joepie91> and have your entire message routing logic visible at onec
14:36:29 <joepie91> once *
14:36:32 <joepie91> in one set of routing rules
14:36:45 <joepie91> much easier to deal with conceptually, and much more consistent
14:48:16 <joepie91> http://sebsauvage.net/paste/?64d9333acd517b9e#RQeDmNSz3Dd53vjKB30AKvbPmYYxuOEil6jk8l+koFo=
14:48:20 <joepie91> almost!
15:07:00 <botpie91> �04FichteFoll� made 2 commit(s) to ��03package_control_channel� on branch ��10master�: '�02added cryz/sublime-i18n-and-l10n-helperThis is a sublime i18n/l10n plugin.�', '�02Merge pull request #1802 from cryz/patch-1added sublime i18n and l10n helper�' (https://github.com/wbond/package_control_channel/compare/996966973e...9717fe8ca4)
15:12:55 <iceTwy> joepie91: inspircd is OVERLY retarded
15:13:04 <botpie91> �04FichteFoll� made 2 commit(s) to ��03package_control_channel� on branch ��10master�: '�02Update g.jsonThe git plugin won't download for me any more. Github doesn't appear to redirect the old repository for codeload download.https://github.com/kemayo/sublime-text-2-git will redirect fine but https://codeload.github.com/kemayo/sublime-text-2-git/zip/master (which is what's used) gives a 500.�', '�02Merge pull request #1846 from petehamilto
15:13:13 <joepie91> iceTwy: hmm?
15:13:26 <joepie91> I've had my share of issues with inspircd, but wouldn't call it retarded by any stretch of the imagination
15:13:36 <iceTwy> Thu Aug 29 17:12:26 2013: Unable to initialize m_ssl_gnutls.so: Unable to load GnuTLS server private key (/etc/ssl/inspircd/ssl.key): Base64 unexpected header
15:13:37 <iceTwy> error.
15:13:39 zxcvbnm (~crack7765@zxcvbnm.users.cryto) has joined #crytocc
15:13:48 <joepie91> yeah, that was the SSL problem I was talking about
15:13:48 <joepie91> lol
15:13:52 <zxcvbnm> muhaha
15:13:53 <iceTwy> ugh
15:13:55 <joepie91> there is a fix
15:13:57 <joepie91> a Google-able fix
15:13:57 <iceTwy> HOW
15:14:00 <joepie91> I forgot what it was though
15:14:08 <joepie91> you could hop onto anonops and ask an oper there
15:14:11 * iceTwy points a laser at joepie91
15:14:12 <joepie91> they've struggled with this same issue
15:14:13 <iceTwy> you
15:14:15 <iceTwy> shall tell me
15:14:16 <iceTwy> :p
15:14:17 <iceTwy> okay
15:14:18 <joepie91> I don't know lol
15:14:19 <joepie91> iceTwy
15:14:20 <zxcvbnm> Lazer. Blazer.
15:14:22 <iceTwy> irc.anonops.org?
15:14:25 <joepie91> why do you think cryto is still running unreal
15:14:28 <joepie91> :P
15:14:31 <zxcvbnm> unreal tournament!
15:14:33 <joepie91> irc.anonops.com I think
15:14:33 <joepie91> tam
15:14:35 <joepie91> atm *
15:14:36 <botpie91> �04FichteFoll� made 2 commit(s) to ��03package_control_channel� on branch ��10master�: '�02MaxPane actually works in all versions of SublimeText�', '�02Merge pull request #1845 from jisaacks/masterMaxPane actually works in all versions of SublimeText�' (https://github.com/wbond/package_control_channel/compare/7987a7317e...dcac55a17b)
15:14:50 <zxcvbnm> look lets all just remain calm
15:14:56 <joepie91> iceTwy: I would recommend finding a network support channel
15:14:57 <joepie91> and asking there
15:15:03 <iceTwy> yeah
15:15:14 <joepie91> if you ask in #anonops, zline is virtually guaranteed
15:15:24 <zxcvbnm> how much does a zline cost
15:15:40 <joepie91> zxcvbnm: nothing, if anonops' ban rate is anything to judge by
15:15:48 <joepie91> :)
15:15:52 <zxcvbnm> which is nots
15:15:54 <joepie91> they can be a bit... triggerhappy
15:16:38 <zxcvbnm> I need some more ideas
15:16:39 tintin (tintin@tintin.users.cryto) has joined #crytocc
15:17:04 <zxcvbnm> i rooted my tablet last night, will put some standard stuff on it.. but i want to do something creative with it
15:19:22 <iceTwy> nothing on #anonops
16:07:40 <iceTwy> joepie91: yeah so
16:07:55 <iceTwy> the problem stems from StartSSL.com's OpenSSL version
16:08:07 <iceTwy> they use an old OpenSSL version to generate certs & keys
16:08:14 <joepie91> okay
16:08:15 <joepie91> so
16:08:17 <joepie91> suggestion:
16:08:18 <iceTwy> and they're pretty much incompatible with GnuTLS
16:08:28 <joepie91> afaik there's an unpack feature in openssl or gnutls
16:08:34 <joepie91> where you can decode the data
16:08:37 <joepie91> and then just pack it up again
16:08:41 <joepie91> in the current format
16:08:41 <iceTwy> hm
16:08:44 <joepie91> I vaguely recall something like that
16:08:47 <iceTwy> err
16:23:12 <iceTwy> nope..
16:23:21 <iceTwy> GnuTLS can't read this header:
16:23:22 <iceTwy> -----BEGIN RSA PRIVATE KEY-----
16:23:22 <iceTwy> Proc-Type: 4,ENCRYPTED
16:23:22 <iceTwy> DEK-Info: AES-256-CBC,B91A083A0260F158D01C982CD969C13E
16:23:30 <iceTwy> it's OpenSSL-specific
16:23:34 <iceTwy> so you need to decrypt it
16:23:35 <iceTwy> but er
16:24:57 <joepie91> iceTwy: so decrypt it with openssl
16:25:03 <iceTwy> done
16:25:04 <iceTwy> but even then
16:25:08 <iceTwy> nada
16:25:12 <iceTwy> same error
16:29:17 <joepie91> iceTwy: post on serverfault
16:30:05 <iceTwy> nah
16:30:14 <iceTwy> I'll recompile inspircd with openssl
16:32:19 <joepie91> sleep!
16:32:21 <joepie91> night all
16:35:26 <iceTwy> nigth
16:37:52 ElectRo` has quit (Input/output error)
16:50:18 dpk has quit (Ping timeout)
16:52:07 ElectRo` (x@9F666F68.552F7BAC.22FE0CCA.IP) has joined #crytocc
17:15:40 mama has quit (Ping timeout)
17:16:05 dpk (dpk@dpk.users.cryto) has joined #crytocc
17:22:35 mama (me@cryto-C4B235B.tor.leo-unglaub.net) has joined #crytocc
17:27:24 dpk has quit (Ping timeout)
17:29:02 <lysobit> server-side pgp key generation... facepalm https://www.igolder.com/pgp/generate-key/
18:09:00 dpk (dpk@dpk.users.cryto) has joined #crytocc
18:26:46 mama has quit (Ping timeout)
18:27:59 mama (me@cryto-57A5E8D5.snydernet.net) has joined #crytocc
18:36:26 iceTwy has quit (Ping timeout)
18:39:09 iceTwy (quixotikal@iceTwy.users.cryto) has joined #crytocc
18:55:05 ebola has quit (User quit: Leaving)
18:55:28 zxcvbnm has quit (Ping timeout)
19:45:18 dpk has quit (Ping timeout)
19:56:19 <lysobit> So I get an email that says "Hello, are you up for a chat? How do I contact you other than this?". I can reply, but I'm scared its going to be something lame and a waste of time.
20:00:07 <lysobit> So I think I'll encode my XMPP address through 20 different string encodings. If he can figure it out, then it might be worthwhile.
20:14:25 <lysobit> joepie91: nijaxor appears to be pointing to the wrong IP(?)
20:16:55 dpk (dpk@dpk.users.cryto) has joined #crytocc
20:23:49 mama has quit (Ping timeout)
20:25:29 mama (me@cryto-90C0E5F7.snydernet.net) has joined #crytocc
20:47:17 ElectRo` has quit (Ping timeout)
21:01:06 ElectRo` (x@cryto-9A2E8597.privacyrepublic.org) has joined #crytocc
21:01:43 <ElectRo`> stable connection is stable
21:04:01 crytoweb713 (crytoweb71@1FCF754F.CF9FBDF6.720B227C.IP) has joined #crytocc
21:04:57 crytoweb713 has quit (User quit: Page closed)
21:13:33 skill3r (skill3r@developers.developers.developers) has joined #crytocc
21:21:41 dpk has quit (Ping timeout)
21:30:14 <iceTwy> cayce: ultimate groove
21:30:14 <iceTwy> https://www.youtube.com/watch?v=7T1BPo7Yx5s
21:38:30 dpk (dpk@dpk.users.cryto) has joined #crytocc
21:49:09 <wh1t3r4bb1t> Im inserting into a postgres database... The try/catch isn't catching any exceptions but the data is NOT in the database when I look. What could be the cause of such craziness?
22:21:34 <MK_FG> wh1t3r4bb1t, Not comitting transaction?
22:23:18 <wh1t3r4bb1t> AHHHH hA!
22:24:54 <wh1t3r4bb1t> MK_FG: I kiss your face because you solve my problem, after being hung up on testing other theories for hours. Thank you, the problem is solved!
22:25:33 * wh1t3r4bb1t facepalms.
22:27:32 * iceTwy chuckles
22:27:35 <iceTwy> wh1t3r4bb1t: see
22:27:41 <iceTwy> when we all code something
22:27:43 <iceTwy> or setup something
22:27:48 <iceTwy> we always forget the last, simplest bit
22:30:17 <wh1t3r4bb1t> iceTwy: yes indeed.
22:41:36 GHOSTnew has quit (Ping timeout)
22:44:05 GHOSTnew (GHOSTnew@GHOSTnew.users.cryto) has joined #crytocc
22:56:53 <iceTwy> joepie91: well I've found charybdis to be a nice alternative
23:19:33 <iceTwy> aaaaand boom
23:19:34 <iceTwy> charybdis works
23:31:54 <cayce> iceTwy:) I wasn't here, but that's what I would have recommended
23:32:14 <cayce> I hate unreal and inspircd with a passion, but ratbox and derivitives are very nice in my experience
23:32:56 <iceTwy> they're the simplest to set up
23:33:01 <cayce> yes
23:33:06 <iceTwy> all I had to do
23:33:16 <iceTwy> was to put the location of my ssl cert & ssl key & dh.pem
23:33:24 <iceTwy> start the server
23:33:25 <iceTwy> boom
23:33:26 <iceTwy> works
23:33:31 <cayce> I've heard that ratbox has issues staying linked to other servers, but I've also heard that part of the point of charybdis was to fix such issues
23:33:39 <iceTwy> hmm
23:34:01 <cayce> If you just want to run a small net though, it's an amazing first server
23:34:11 <cayce> my ircd was always ratbox
23:34:19 <cayce> primarily /because/ it didn't come with services
23:34:52 <cayce> but ratbox's services are wierd to use so even when I had em, most didn't use em
23:35:18 <cayce> and eh, iceTwy that jam session is okay
23:35:27 <cayce> but I wouldn't listen to it of my own accord
23:36:51 iceTwy has quit (Ping timeout)
23:44:06 ElectRo` has quit (Ping timeout)
23:46:29 iceTwy (quixotikal@iceTwy.users.cryto) has joined #crytocc
23:46:35 <iceTwy> this sort of makes me want to cry
23:46:35 <iceTwy> http://irc.netsplit.de/networks/top100.php
23:46:47 <iceTwy> look at the number of users