Cryto! 12 January 2014

00:01:07 <lysobit> must... release.. kraken
00:06:04 mama has quit (User quit:  ciao ciao)
00:52:09 Cryto893 (Cryto893@8A5DD160.E9ECA7EA.B3E8AFF.IP) has joined #crytocc
00:52:32 Cryto893 has quit (User quit:  Page closed)
00:52:47 Cryto063 (Cryto063@8A5DD160.E9ECA7EA.B3E8AFF.IP) has joined #crytocc
00:53:05 hrh23 has quit (Input/output error)
00:53:22 hrh23 (trubo@hrh23.users.cryto) has joined #crytocc
00:53:35 Cryto063 has parted #crytocc ()
01:46:27 Cypher (Cypher@Cypher.users.cryto) has joined #crytocc
02:25:31 Cryto297 (Cryto297@C75C93ED.5B5FC422.5F1FD475.IP) has joined #crytocc
02:26:08 Cryto297 has quit (User quit:  Page closed)
02:46:57 joepie91 ( has joined #crytocc
02:50:26 iceTwy has quit (Input/output error)
02:59:38 <Cypher> o/ joepie91
02:59:53 <Cypher> where u been doe.
03:00:54 <Cypher> good 2 c u on. :3
03:01:02 Thor ( has joined #crytocc
03:01:09 <Cypher> c0y: joepie91 in da house.
03:01:14 <Cypher> woot.
03:07:32 Cypher has quit (User quit:  Leaving)
03:13:24 <joepie91> morning
03:13:31 <joepie91> MK_FG: so I've watched that video
03:13:33 <joepie91> and a few concerns
03:13:48 <joepie91> * it requires an e-mail address of some sort, it seems...
03:14:03 <joepie91> (which is not always desirable for for example pseudonymous accounts)
03:14:45 <joepie91> * there's a point of authentication centralization and thus a single point of failure (Mozilla handles both verification of providers that do not support the protocol, and hosts the login/auth page)
03:15:10 <joepie91> * you need to insert third-party scripting (although this will supposedly be fixed)
03:15:15 <joepie91> and the most important one
03:15:18 <joepie91> * it requires javascript.
03:18:12 <MK_FG> Yeah, it's browserid, and browser==js these days ;)
03:19:15 <MK_FG> JS with mozilla stuff should be fixable, and maybe already fixed - that video should be like year old
03:19:40 <MK_FG> I mean, it's just js to send some requests and display results
03:20:28 <MK_FG> Guess they'd very much prefer to keep it updated in one central place (mozilla), at least in the beginning where there might be many updates
03:20:58 <MK_FG> And true about email, naturally, but usually both site and openid provider need this anyway
03:23:05 <MK_FG> Don't think openid does anything like "verification of providers that do not support the protocol" at all?
03:25:32 <MK_FG> I wonder if Persona has same phishing issue as OpenID - probably not if it'll ever be part of a browser, but until then it doesn't seem to ask for any extra creds in that popup either
03:26:15 <joepie91> additionally, * what if your e-mail address changes?
03:26:50 <joepie91> <MK_FG>Yeah, it's browserid, and browser==js these days ;)
03:26:52 <joepie91> yeah, except no
03:27:23 <MK_FG> Yeah, some defined mechanism for migrating email might've been nice, haven't heard/read about one there
03:28:06 <MK_FG> Well, OAuth2 has some non-js flows, I think, but fairly sure I didn't see them used ever
03:29:03 <MK_FG> I also wonder if you move that js/popup away from Mozilla, where will it store credentials in-browser
03:29:32 <MK_FG> I mean, ideally all such "moved" instances should share them in kinda identical way then
03:29:57 <MK_FG> Might be why it'll never get moved out of mozilla
03:30:42 <MK_FG> (until/unless integrated)
03:31:31 <MK_FG> And actually integration also should fix the tracking issue which it should share with oauth/openid, implemented as it is now
03:31:52 <joepie91> <MK_FG>I also wonder if you move that js/popup away from Mozilla, where will it store credentials in-browser
03:31:52 <joepie91> <MK_FG>I mean, ideally all such "moved" instances should share them in kinda identical way then
03:31:55 <joepie91> it's in localstorage
03:31:59 <MK_FG> ...or maybe not so much, if js from mozilla gets cached
03:32:00 <joepie91> which is origin-specific
03:32:04 <MK_FG> Yeah
03:32:06 <joepie91> so you can't access it from other domains
03:32:26 <joepie91> and yes, afaik openid has non-JS flows
03:32:50 <joepie91> idk, I'm not convinced that browserid is the way to go
03:33:00 <MK_FG> Note that I was talking about oauth2 there, but I think also applies to openid
03:33:21 <MK_FG> It seem to make so much more sense as a browser feature than separate js thing
03:33:33 <MK_FG> Then all mozilla-centric concerns just go away
03:34:36 <joepie91> oh, I glossed over that and parsed it as 'openid' heh
03:34:45 <joepie91> but yeah
03:34:48 <joepie91> as a browser feature
03:34:55 <joepie91> you get the issue with browser-specificness
03:34:59 <joepie91> also
03:35:06 <joepie91> mozilla-centric concerns do -not- go away
03:35:10 <joepie91> you still have the email verification
03:35:33 <joepie91> which means there is some kind of explicitly trusted Mozilla key integrated into the thing
03:35:38 <joepie91> because otherwise that would never be possible
03:35:42 <MK_FG> Well, not all of them, sure
03:35:55 <MK_FG> My main concern though is tracking
03:36:13 <MK_FG> Like when openid provider knows everything you do with its auth
03:36:28 <MK_FG> At least that thing should go ;)
03:36:53 <joepie91> my main concerns are tracking and spoofing
03:37:01 <joepie91> the former could maaaaaybe be solved
03:37:04 <joepie91> the latter, not so
03:37:12 <joepie91> as long as they have the unsupported provider thing
03:37:40 <joepie91> unrelated: "Now there's no need to sign in to PayPal. You can complete your transaction right here on our secure site! All data is encrypted with the latest encryption technology, so you never have to worry about your card details falling into the wrong hands. We take your security seriously."
03:37:42 <MK_FG> Spoofing of what, in that case?
03:38:00 <joepie91> perhaps somebody should inform these guys that "latest encryption technology" is a bug, not a feature...
03:38:12 <joepie91> MK_FG: authentication
03:38:24 <MK_FG> Heh, that can mean "good enc tech" too!
03:38:35 <joepie91> no, it means latest enc tech
03:38:39 <joepie91> nothing beyond that
03:38:42 <joepie91> and that is usually bad
03:38:46 <joepie91> and thus not a selling point
03:38:47 <joepie91> anyway
03:38:51 <joepie91> mozilla is a central point of authority
03:38:59 <joepie91> they can sign for arbitrary providers
03:39:06 <joepie91> that's a problem.
03:40:00 <MK_FG> Nah, I don't think even such nitpicker as you always interpret "latest technology" as "latest as in developed at the most recent date"
03:40:18 <MK_FG> There's plenty of tech that is e.g. developed and not yet implemented
03:41:06 <MK_FG> So that doesn't mean "latest" doesn't apply to something that's is in line with latest tech trends (which might mean older stuff)
03:42:28 <MK_FG> US non-profit as an extra central point indeed sounds bad these days ;)
03:43:42 <MK_FG> Getting away from that would probably mean getting an mail domain that have proper support for that auth, which doesn't sound super-bad
04:11:15 <joepie91> <MK_FG>Nah, I don't think even such nitpicker as you always interpret "latest technology" as "latest as in developed at the most recent date"
04:11:17 <joepie91> that is what they say
04:11:23 <joepie91> if it's not what I mean, they should not be saying it
04:11:24 <joepie91> simple
04:11:32 <joepie91> that's how marketing buzzword bullshit comes into existence
04:11:39 <joepie91> <MK_FG>US non-profit as an extra central point indeed sounds bad these days ;)
04:11:42 <joepie91> country doesn't matter
04:11:45 <joepie91> any central point is bad
04:11:50 <joepie91> and has always been
04:12:09 <joepie91> it's just that people are only now realizing that those people shouting "NEVER HAVE A SPOF" all those years, actually had a point
04:12:26 <joepie91> but it's not as if the situation has suddenly changed or anything, besides public perspective
04:12:47 Thor has quit (User quit:  Quitte)
04:13:04 <MK_FG> SPOF still a trade-off, so one SPOF is/was/can-be worse than other
04:13:20 <MK_FG> Hence, since $events, US SPOF sounds extra bad ;)
04:13:33 <MK_FG> And i.e. SPOF in my room isn't that bad
04:14:15 <MK_FG> Also disagree with the fact that your meaning of "latest" is sane, even I use it in more fuzzy way
04:34:22 DrWhat ( has joined #crytocc
04:34:43 <DrWhat> im sexy
04:40:10 DrWhat has quit (Client exited)
04:49:12 DrWhat ( has joined #crytocc
04:49:28 DrWhat has quit (Client exited)
04:49:47 DrWhat ( has joined #crytocc
04:49:57 <DrWhat> if you fall in love
05:56:58 Charles (Charles@Charles.users.cryto) has joined #crytocc
06:05:03 tmbucky ( has joined #crytocc
06:06:25 tmbucky has quit (User quit:  Connection closed)
06:07:22 Charles has quit (Client exited)
06:27:29 Cryto018 ( has joined #crytocc
06:29:44 Cryto018 has quit (User quit:  Page closed)
06:54:59 gesichtskirmes (kirmes@gesichtskirmes.users.cryto) has joined #crytocc
07:00:37 DrWhat has quit (Client exited)
07:09:45 hrh23 has quit (Ping timeout)
07:11:41 hrh23 (trubo@hrh23.users.cryto) has joined #crytocc
07:20:51 Goochy has quit (Ping timeout)
07:23:40 Goochy ( has joined #crytocc
07:52:04 *** Ari is now known as ari|sleep
07:57:33 DrWhat ( has joined #crytocc
08:09:43 ari|sleep has quit (Connection reset by peer)
09:50:07 DrWhat has quit (Client exited)
09:58:33 amanda_s4942 has quit (Client exited)
10:14:22 <joepie91> turns out that google translate is really good at russian TOS
10:14:25 <joepie91> 7.7.1. carry through the Service propaganda or agitation instigating social, racial, national or religious hatred and strife, war propaganda, social, racial, national, religious or linguistic supremacy, as well, indicate on the Service by any means (including by posting links) on the location of materials that may contain such propaganda or agitation;
10:14:25 <joepie91> 7.7.2. use the Service to promote suicide, to download, store and disseminate information that describes methods of suicide and any incitement to commit it; information on narcotic drugs and psychotropic substances, including information about the distribution of drugs, recipes for their manufacture and use tips and power, refer to the Service by any means (including by posting links) to the location of materials
10:14:25 <joepie91> that may contain such propaganda or specified information;
10:34:14 foolex has quit (Ping timeout)
10:53:19 foolex (foolex@5D6B0912.EC145393.9A74EEF1.IP) has joined #crytocc
10:59:45 saint (saint@saint) has joined #crytocc
11:03:55 * saint e' away (..ooOOoo..)
11:05:45 saint has parted #crytocc (Textual IRC Client:
11:28:09 iceTwy (iceTwy@iceTwy.users.cryto) has joined #crytocc
11:48:36 cipolla855 ( has joined #crytocc
11:54:21 cipolla855 has quit (User quit:  Page closed)
12:25:34 <joepie91>
12:50:18 hrh23 has quit (Ping timeout)
13:00:30 ronald-v4338 ( has joined #crytocc
13:09:31 ronald-v4338 has quit (Client exited)
13:17:20 <MK_FG> joepie91, Points above are used to ban sites here since two years ago, though there should also be similar piracy thing somewhere
13:17:36 <joepie91> MK_FG: was just pointing out the quality of translation
13:17:38 <joepie91> :)
13:17:44 <joepie91> those lines were originally in Russian
13:17:46 <joepie91> and were Google-translated
13:17:59 <MK_FG> Is it storage service ToS? ;)
13:18:22 <joepie91> yup
13:18:29 clifton-u6563 ( has joined #crytocc
13:18:32 <joepie91> signed up for the 1TB
13:18:34 <joepie91> well
13:18:35 <joepie91> 100G
13:18:43 <joepie91> probably just sold my soul to the Russian mafia
13:18:46 <joepie91> but that's still better than Facebook
13:18:48 <joepie91> so, eh
13:18:58 <joepie91> :P
13:19:26 <joepie91> might install their client in a VM some time soon
13:19:30 <joepie91> to claim the 1TB
13:20:12 <MK_FG> They had quite a weird ToS at the beginning of that offer -
13:20:39 <MK_FG> That explicitly said that by uploading you transfer all rights for to use your content as it sees fit
13:21:04 <joepie91> MK_FG: oh, I actually kind of assumed that it still said that
13:21:05 <joepie91> they changed it?
13:21:24 <MK_FG> Yeah, apologized and said that it was a mistake
13:21:27 <joepie91> (when you have "here you go free 1TB" offers, that's usually the catch)
13:21:31 <joepie91> ah
13:21:31 <joepie91> right
13:21:32 <joepie91> :P
13:21:36 <joepie91> well, unexpectedly good news then!
13:21:48 <MK_FG> But yeah, in general is very slimy thing
13:21:56 <joepie91> oh, I don't doubt that
13:22:07 <joepie91> actually, MK_FG, thoughts on
13:22:09 <joepie91> idk if it still exists
13:22:17 <joepie91> but it used to be my email provider, pre-gmail
13:22:40 <joepie91> they were the only provider to offer 50MB of space :P
13:22:51 <joepie91> everybody else was still stuck at 10MB or so
13:23:11 <MK_FG> They have locally popular IM networks (ICQ, QiP client, etc) and mail, control (buy rights and hold servers here) of popular online games - Allods 2, PW, Aion, etc - AND are well-known for developing spyware in the open...
13:23:23 <joepie91>
13:23:31 <MK_FG> You can get 10G from
13:23:33 <joepie91> or pochta?
13:23:36 <MK_FG> Yeah, that was about
13:23:40 <joepie91> ah right
13:23:59 <MK_FG> Don't know much about
13:24:44 clifton-u6563 has quit (Client exited)
13:25:23 <MK_FG> Oh, also bought local "classmates" clone - odnoklasniki - so really creepy local internet silo ;)
13:25:54 <joepie91> heh
13:26:03 <joepie91> the facebook+yahoo of Russia
13:26:04 <joepie91> :)
13:26:31 <MK_FG> facebook is usually reserved for vk ;)
13:26:33 <joepie91> with a bit of malware mafia mixed in, no doubt
13:26:38 <joepie91> well yeah
13:26:41 <joepie91> but VK seems pretty isolated
13:26:45 <MK_FG> Yeah
13:26:48 <joepie91> not trying to get their paws into everything
13:26:50 <joepie91> like facebook does
13:26:57 <joepie91> just "we are VK, this is our site, that's it"
13:27:01 <MK_FG> Same actually for yandex, which is kinda local-google
13:27:33 <joepie91> I never really understood the position of Yandex
13:27:43 <joepie91> it's been around forever, but seems like a kind of 'underdog' still
13:28:03 <joepie91> yet one of the most well-known Russian internet platforms known to non-Russians
13:28:14 <MK_FG> I think it's still more popular search for russian part of the internet, yeah
13:28:27 <MK_FG> Google and others historically have been pretty bad at it
13:28:31 <joepie91> ah
13:28:45 <joepie91> so pretty much the askjeeves of Russia then :P
13:28:56 <joepie91> except not gone under
13:28:56 <MK_FG> And didn't have features like local search (i.e. "only search in your city") up until very recently
13:29:08 <joepie91> I see
13:29:11 <joepie91> weird
13:29:20 <joepie91> west-european googles have had that for years
13:30:27 <MK_FG> When they started to have competition from google in search here (far from real threat though), they also got huge contracts with a lot of local bussinesses and developed in-country services like train/bus/whatever-transport schedules,, yandex-money and such
13:31:09 <MK_FG> These are also fairly popular here and I imagine more accurate
13:32:15 geoffrey-e6925 ( has joined #crytocc
13:35:40 <joepie91> MK_FG: heh
13:35:45 <joepie91> well at least they know how2market
13:38:39 <MK_FG> Yeah
13:39:26 <MK_FG> I was actually surprised to see them in one of the DuckDuckGo sources, apparently they also know how to market to others, maybe to google as well? ;)
13:39:42 <MK_FG> ("others" meaning "not just local market")
13:49:32 <joepie91> :)
13:57:33 iceTwy has quit (Input/output error)
14:05:04 ttmbRAT ( has joined #crytocc
14:06:26 ttmbRAT has quit (User quit:  Connection closed)
14:14:47 x (foobar@C35CA8A8.589C91BA.8F6A2B14.IP) has joined #crytocc
14:30:58 multihate (root@multihate.users.cryto) has joined #crytocc
14:54:23 <joepie91> sven@linux-rfa7:~/Downloads/LightTable> ./LightTable
14:54:24 <joepie91> or not found in any of /lib /lib64 /lib/x86_64-linux-gnu /usr/lib /usr/lib/x86_64-linux-gnu.
14:54:25 * joepie91 claps
14:54:36 <joepie91> the one directory that it is in, is missing
14:54:40 <joepie91> /usr/lib64
14:54:41 <joepie91> I mean, really
14:56:58 foolex has quit (Client exited)
14:58:43 iceTwy (iceTwy@iceTwy.users.cryto) has joined #crytocc
15:01:19 foolex (foolex@5D6B0912.EC145393.9A74EEF1.IP) has joined #crytocc
15:33:15 iceTwy has quit (Input/output error)
15:37:49 foolex has quit (Client exited)
15:46:22 iceTwy (iceTwy@iceTwy.users.cryto) has joined #crytocc
15:46:27 foolex (foolex@5D6B0912.EC145393.9A74EEF1.IP) has joined #crytocc
16:03:29 <iceTwy> lol
16:03:47 <iceTwy> I'm watching this Hetzner ad on YouTube,
16:04:10 <iceTwy> the first interviewee goes like "what's pleasant at Hetzner is that you can get a soda or a coffee, free of charge!"
16:08:40 * MK_FG runs for his soda
16:09:03 <MK_FG> Oh, it's for employees, bummer
17:42:06 DrWhat ( has joined #crytocc
17:43:25 DrWhat has quit (Client exited)
17:58:37 joepie91 has quit (Ping timeout)
18:52:54 x has quit (Input/output error)
19:03:27 Moh ( has joined #crytocc
19:13:45 multihate has parted #crytocc (None)
19:28:10 mama ( has joined #crytocc
19:40:13 Cypher (Cypher@Cypher.users.cryto) has joined #crytocc
19:43:20 Zekka has quit (User quit:  Lost terminal)
19:43:30 Zekka (zekka@Zekka.users.cryto) has joined #crytocc
20:17:22 gesichtskirmes has quit (User quit:  Leaving)
21:11:35 Ari (Ari@Ari.users.cryto) has joined #crytocc
21:12:43 DrWhat ( has joined #crytocc
21:12:51 <DrWhat> gahhhhh
21:16:09 <DrWhat> hey joepie91 done any body painting latly :-)
21:23:54 monod ( has joined #crytocc
21:23:58 <monod>
21:23:59 <monod> .title
21:24:00 <botpie91> monod: Remembering Aaron | Electronic Frontier Foundation
21:33:43 <DrWhat> i had sex with aaron
22:07:18 <DrWhat> botpie91, tell joepie91 where the hell are you
22:07:19 <botpie91> DrWhat: I'll pass that on when joepie91 is around.
22:19:43 <monod> oh, hi drwhaat
22:19:54 kilo has quit (Ping timeout)
22:20:51 kilo (kilo@kilo.users.cryto) has joined #crytocc
22:21:19 botpie91 has quit (Ping timeout)
22:23:11 kilo has quit (Input/output error)
22:23:32 kilo (kilo@kilo.users.cryto) has joined #crytocc
22:33:28 iceTwy has quit (User quit:  WeeChat 0.4.2)
22:33:36 iceTwy (iceTwy@iceTwy.users.cryto) has joined #crytocc
22:39:40 Cypher has quit (User quit:  Leaving)
23:34:22 IR601 has quit (Connection reset by peer)
23:34:54 IR601 ( has joined #crytocc
23:41:17 <DrWhat> botpie died
23:41:26 <DrWhat> thats not good