--- Log opened Tue Jun 15 00:00:33 2010
00:05 -!- CRasH180_ [~CRasH180@96.5.81.157] has quit [Read error: Connection reset by peer]
02:39 -!- Peaches1984 [eleven@c-69-137-80-31.hsd1.tn.comcast.net] has quit [Quit: This computer has gone to sleep]
03:26 -!- Falun [~richard@75-37-195-222.lightspeed.lsatca.sbcglobal.net] has quit [Quit: Leaving]
08:42 -!- mode/#se2600 [+o Dolemite] by ChanServ
08:42 <@Dolemite> mr0ning, be0tches and h0ez!
08:43 -!- m0j0-j0j0 [~m0j0-j0j0@vnet503-hosoc.mcclatchyinteractive.com] has joined #se2600
08:43 -!- mode/#se2600 [+o m0j0-j0j0] by ChanServ
08:51 -!- Drag0n` [~nunya@199.180.3.25] has joined #se2600
08:51 -!- mode/#se2600 [+o Drag0n`] by ChanServ
08:54 -!- Peaches1984 [purple@c-69-137-80-31.hsd1.tn.comcast.net] has joined #se2600
09:02 <@Evilpig> W...T...F...?! http://www.geekologie.com/2010/06/batman_pregnant_with_supermans.php
10:23 <@mtown_nerd> For the security types out there:  Thoughts on the legal impact of an application gateway, like BlueCoat, that is purposefully installed to decrypt exchanges between the inside and outside networks on the wire.
10:24 <@Corydon76-dig> mtown_nerd: if you want legalities, shouldn't you be asking a lawyer?
10:24 <@mtown_nerd> No.  I don't want legalities.  I want thoughts on legalities.  :)
10:24 <@mtown_nerd> I'm just thinking out loud
10:24 <@mtown_nerd> We have plans on putting such a device in operation soon
10:25 <@mtown_nerd> and I started wondering this morning about things like plausible deniability should any HIPPA-sensitive data leak out, or anything come in and compromise a system.
10:25 <@Corydon76-dig> It's just a proxy, isn't it?
10:25 <@mtown_nerd> yep
10:25 <@Corydon76-dig> How is it decrypting?
10:26 <@mtown_nerd> I think it's a feature that's specific to this particular solution
10:26 <@Corydon76-dig> What is it decrypting?
10:26 <@mtown_nerd> Basically the interior client tunnels to it using a client cert, and then the box tunnels out using a set of certs (the origin of which I've not been made privvy), and inspects all the [decrypted] traffic going between the two tunnels
10:27 <@Corydon76-dig> Uh, you can do that with any VPN
10:27 <@mtown_nerd> one of the network guys gave me the impression that certs are manually set up between the device and any "authorized" outside parties (bank sites, 3rd party providers or partners, etc.) ...but that doesn't sound very feasible to me.
10:27 <@Corydon76-dig> It's a VPN
10:27 <@mtown_nerd> Yes, well...that's not expensive enough or difficult enough to support.  So we don't want it
10:27 <@mtown_nerd> :P
10:28 <@mtown_nerd> Honestly, teh very purpose of this device is nebulous, b/c I'm not even convinced they even have an internet or firewall policy
10:29 <@Corydon76-dig> Figure out who's getting the kickback
10:29 <@mtown_nerd> But that's irrelevant here ....   I'm simply curious about having a device singularly in line between the core network and the outside that is supposed to monitor (and possibly record?) the decrypted data exchanges between inside and outside clients.
10:30 <@mtown_nerd> Or, rather, more specifically, the legal entanglements that such a device can create for said org.
10:30 <@Corydon76-dig> It's not a bad idea, though it could be done with open tools...
10:30 <@Corydon76-dig> mtown_nerd: there aren't any.  The organization already has the right to examine all packets which flow through its network
10:30 <@mtown_nerd> Correct
10:31 <@mtown_nerd> But if that org is compromised b/c some data that was being actively decrypted and supposedly monitored gets out, or something gets in
10:31 <@mtown_nerd> does the very presence of that device not completely remove an organizations ability to claim plausible deniability in that case?
10:31 <@Corydon76-dig> Um, it's just a VPN.  Nothing more.
10:31 -!- nachoguy [~boster@nacho-tested.hrapproved.com] has quit [Quit: leaving]
10:31 <@mtown_nerd> I understand the concept of a proxy, Corydon76-dig   :P
10:32 <@Corydon76-dig> It does NOT decrypt all encrypted data, such as HTTPS connections
10:32 <@Dolemite> There are multiple legality issues at play in such a device
10:32 <@Dolemite> while you can assert that as the owner of a business you have the right to monitor and record all traffic across your wire, it's more of a moral and workplace culture issue
10:33 <@mtown_nerd> Corydon76-dig: AS I have not seen exactly how this thing works, I can't say for sure what it is or isn't doing.  That was my thought, but these guys insist it does.  *shrug*  I'm speaking strictly hypothetically.
10:33 <@Dolemite> legally, as long as you disclose to one party in the conversation (in the State of TN) you are covered
10:33 <@mtown_nerd> Dolemite: That disclosure shoudl theoretically be guaranteed by the presence of some kidn of internet usage or firewall policy, I would wager...
10:33 <@Dolemite> However, the bad side of it is that if you have such a device, and you are sued by a third party and they know that you have such a device, it can be used against you as evidence
10:33 <@mtown_nerd> (even though I'm pretty sure we have neither, lol)
10:34 <@Dolemite> e-Discovery will become the bane of your existence
10:34 <@mtown_nerd> Dolemite: You are referring to a party who sues b/c you did not inform them that they wee being recorded?  or are you talking about an unrelated suit?
10:34 <@mtown_nerd> (just clarifying..)
10:34 <@Dolemite> Any suit
10:34 <@Dolemite> You make widgets
10:34 <@Dolemite> I buy a widget
10:34 <@Dolemite> I know that you record all internetz traffic
10:34 <@Dolemite> Your widget causes me to lose a tooth
10:35 <@Dolemite> I sue you for making a defective widget
10:35 <@Dolemite> I can now subpoena your internetz recorder box to see if you had any communications stating that you knew that your widgets were likely to cause people to lose teeth
10:35 <@mtown_nerd> Right
10:35 <@mtown_nerd> Yeha...   that was my thought.
10:36 <@mtown_nerd> Data you could have otherwise said was lost simply b/c of the "nature of the beast" isn't, and is now sitting in your environment waiting to be audited and picked over
10:36 <@Dolemite> prezactly
10:36 <@mtown_nerd> Hmm
10:36 <@mtown_nerd> Interesting.  :)
10:36 <@Corydon76-dig> You could say exactly the same for an email server, though
10:37 <@Corydon76-dig> and email is much more likely to be picked over
10:37 <@mtown_nerd> Corydon76-dig: Not really, b/c the function and intent of email is pretty niversal at this point.  I'm not sure you would have exactly the same kind of problem
10:37 <@mtown_nerd> I mean.. technically ,yes...  but I'm speaking more toward the "We didn't know" factor that an internet monitoring device essentially nullifies.
10:38 <@Corydon76-dig> mtown_nerd: in fact, email is generally where subpoenas go, for e-discovery
10:38 <@Corydon76-dig> For one thing, the data is generally a lot better organized
10:39 <@Corydon76-dig> Email also nullifies the "we didn't know" factor
10:39 <@Dolemite> email does get picked over constantly
10:39 <@mtown_nerd> Hmm...    yeah....  I guess I can see that.
10:39 <@mtown_nerd> I wasn't thinking of the two in the same context, but that does make sense.
10:39 <@Dolemite> but what you've now done with this box is that you've decrypted what would normally be encrypted traffic
10:39 <@mtown_nerd> Dolemite: right
10:39 <@mtown_nerd> Dolemite: That's why I wasn't thinking of the two in the same light. lol
10:40 <@Dolemite> e-Discovery covers way more than just email - it really depends on what your likelihood of being involved in litigation is
10:40 <@Corydon76-dig> Yeah, but generally that box is how you got to the email server in the first place
10:40 <@Corydon76-dig> to safeguard against people using cleartext protocols
10:40 <@Dolemite> As a large University, we are constantly involved in various things, from intellectual property disputes to DMCA violations.  We get tons of them.
10:40 <@mtown_nerd> Dolemite: We're in healthcare.  I imagine it's more common than most people here - esp the execs - would like.
10:40 <@Dolemite> Yeah, so you're in the same boat as us, as we have a Medical Center as well
10:41 <@Corydon76-dig> The main idea on the VPN logger is to know who accessed what file from outside the network, at what time
10:41 <@Dolemite> Our General Counsel has basically stated that we should only keep what regulations require us to keep.
10:42 <@coil> lol @ hot or not congress version http://www.tomscott.com/congress/
10:43 <@Corydon76-dig> mtown_nerd: ask their sales guy to provide you with an example of the type of logs that it keeps
10:43 <@Corydon76-dig> mtown_nerd: I cannot imagine that it actually stores packet contents, other than metadata
10:44 <@Corydon76-dig> i.e. Joe sent Sally an email with the Subject of Foo at thus-and-such a date and time
10:45 <@ware> sounds like some mega boner inducing chat in here
10:45 <@ware> dont mind me
10:45 <@Corydon76-dig> Sally retrieved said email at thus-and-such a date and time.  Immediately afterwards, Sally searched Google for untraceable poisons
10:46 -!- m0j0-j0j0 [~m0j0-j0j0@vnet503-hosoc.mcclatchyinteractive.com] has quit [Quit: Leaving.]
10:46 <@coil> ware same
10:47 <@mtown_nerd> Corydon76-dig: I doubt they'd even give me that info, simply b/c I'm just a Desktop guy.  heh
10:47 <@mtown_nerd> But I would def. be curious to see the full extent of this device's capabilities.  I really wouldn't surprise me if our guys are merely misunderstanding what it does
10:47  * coil sits on mtown_nerd's desktop
10:47 <@Corydon76-dig> mtown_nerd: don't ask your people.  Ask their sales dept
10:48 <@Corydon76-dig> Presales gives out a LOT of information as to capabilities, so they can sell it
10:48 <@Corydon76-dig> What you're likely to get are screenshots, not data, but it's still worth a bit
10:51 <@ware> coil: want to slap boners?
10:53 <@Corydon76-dig> ware: only if you don a furry suit
10:53 <@coil> i dont even have a fursuit
10:53 <@coil> nor does my bf
10:54 <@coil> so im not picky
10:54 <@coil> ill slap cocks with anyone
10:54 <@ware> im naturally a bear
10:54 <@coil> no you're not
10:54 <@ware> bs
10:54 <@coil> prove it
10:54 <@ware> im a fucking BEAR
10:54 <@coil> show me your manly hairy chest
10:54 <@coil> you gotta have hair everywhere to be a bear ok
10:54 <@coil> and fat
10:54 <@ware> im fucking a BEAR
10:54 <@coil> you're more of an otter
10:54 <@ware> well im not fat ok bro
10:54 <@ware> more like a lion thnx
10:55 <@coil> a cute chubby otter
10:55 -!- Corydon76-dig changed the topic of #se2600 to: PhreakNIC 14 to be held October 15-17, 2010 | SE2600 Summer Field Trip July 31 - Ask Dolemite for details | <ware> im fucking a BEAR
10:55 <@ware> u r
10:55 <@ware> haha coil
10:55 <@coil> no im a wolf
10:55 <@ware> err Corydon76-dig
10:55 <@ware> i found a bike to borrow btw, ty for offering yorus
10:55 <@ware> yours*
10:55 <@coil> bike
10:55 <@coil> u goin ridin
10:55 <@coil> there was a horrible motorcycle accident here the other day
10:55 <@coil> idk if the guy survived
10:56 <@coil> they had i4 nb closed off
10:56 <@Corydon76-dig> ware: oddly, I think you're more of the type to fuck a whale, not a bear, but whatever works for you
10:56 <@coil> all i saw was them picking up the mangled bike from the middle of the road
10:57 <@coil> my bf wont let me get a bike because hes have a few relatives that have died from bike accidents
10:57 <@Corydon76-dig> Ware doesn't have to worry about that anymore.  He's got steel bones now
10:58 <@coil> steel boners
10:58 -!- m0j0-j0j0 [~m0j0-j0j0@rrcs-98-101-35-244.midsouth.biz.rr.com] has joined #se2600
10:58 -!- mode/#se2600 [+o m0j0-j0j0] by ChanServ
10:58 <@ware> hey i got a gf now
10:59 <@coil> whats his name
10:59 <@Corydon76-dig> and she's a BEAR
10:59 <@Corydon76-dig> apparently
10:59 <@coil> rofl
10:59 <@coil> i just caught on to that
11:00 <@ware> shes not a skinny rail at all
11:00 <@ware> but shes not a bear
11:00 <@coil> im fucking a BEAR
11:01 <@Corydon76-dig> coil: No, I'm pretty sure the bear is fucking you
11:01 <@coil> lol he wont let me call him a bear
11:02 <@Corydon76-dig> Because whatever bears and wolves do together, it's certainly not fucking
11:02 <@coil> ?
11:03 <@Corydon76-dig> More like tearing flesh from limb
11:05 <@coil> yeah hes a beast
11:05 -!- m0j0-j0j0 [~m0j0-j0j0@rrcs-98-101-35-244.midsouth.biz.rr.com] has quit [Ping timeout: 241 seconds]
11:05 <@coil> (in bed)
11:06 <@Corydon76-dig> In other news, AT&T has once again demonstrated that they have no clue as to how to plan for a launch.
11:06 <@Corydon76-dig> http://gizmodo.com/5563909/iphone-4-pre+orders-are-one-big-clusterfck
11:08 <@ware> lulz
11:10 <@coil> he tears my anus
11:11 <@Corydon76-dig> tmi
11:15 <@ware> imt
11:15 <@ware> in my tear
11:19 -!- m0j0-j0j0 [~m0j0-j0j0@vnet503-hosoc.mcclatchyinteractive.com] has joined #se2600
11:19 -!- mode/#se2600 [+o m0j0-j0j0] by ChanServ
11:21 <@sdodson> m0j0-j0j0: hi
11:21 <@m0j0-j0j0> hey you
11:24 < Todd> ahem
11:24 <@sdodson> Todd: hi
11:24 < Todd> sdodson: oh hey didn't see you there
11:35 <@sdodson> Todd: that hurts man, that really hurts
11:52 <@Dolemite> here it comes
11:52 <@Dolemite> Nintendo getting ready to announce their 3DS
11:53 <@sdodson> Dolemite: yawn
11:54 <@Dolemite> sdodson : I don't expect trolls to be interested, anyway.  kthx bai
11:54 <@sdodson> Dolemite: i'm not a troll!
12:10 -!- m0j0-j0j0 [~m0j0-j0j0@vnet503-hosoc.mcclatchyinteractive.com] has quit [Ping timeout: 240 seconds]
12:27 -!- m0j0-j0j0 [~m0j0-j0j0@rrcs-98-101-35-244.midsouth.biz.rr.com] has joined #se2600
12:27 -!- mode/#se2600 [+o m0j0-j0j0] by ChanServ
12:29 -!- epoxy [~epoxy@dialin.inttek.net] has joined #se2600
12:32 -!- m0j0-j0j0 [~m0j0-j0j0@rrcs-98-101-35-244.midsouth.biz.rr.com] has left #se2600 []
12:35 -!- warrenjon [~jwarren@66.83.201.3.nw.nuvox.net] has joined #se2600
12:41 -!- Guest34072 [stfu@mist3r-2-pt.tunnel.tserv12.mia1.ipv6.he.net] has quit [Ping timeout: 260 seconds]
12:45 -!- coil_ [stfu@mist3r-2-pt.tunnel.tserv12.mia1.ipv6.he.net] has joined #se2600
12:45 -!- coil_ is now known as Guest50153
12:54 -!- warrenjon [~jwarren@66.83.201.3.nw.nuvox.net] has quit [Read error: Connection reset by peer]
12:55 -!- epoxy [~epoxy@dialin.inttek.net] has quit [Quit: Leaving]
13:16 -!- warrenjon [~jwarren@66.83.201.3.nw.nuvox.net] has joined #se2600
13:19 -!- Guest50153 [stfu@mist3r-2-pt.tunnel.tserv12.mia1.ipv6.he.net] has quit [Ping timeout: 272 seconds]
13:20 -!- coil- [stfu@mist3r-2-pt.tunnel.tserv12.mia1.ipv6.he.net] has joined #se2600
13:38 <@rattle> Vivek Kundra, Tim O'Reilly, and Vinton Cerf - Live at my office - http://www.americanprogress.org/events/2010/06/lawgov.html/streaming.html
14:32 <@Dagmar> Damn it's been awhile since I've had to take Benadryl during the day
14:32 <@Dagmar> It's a little creepy to pretty much blink and *whoops* five hours disappear
14:41 -!- m0j0-j0j0 [~m0j0-j0j0@vnet503-hosoc.mcclatchyinteractive.com] has joined #se2600
14:42 -!- mode/#se2600 [+o m0j0-j0j0] by ChanServ
14:56 <@rattle> I ran into Vint Cerf in the lobby, shook his hand, and immediately ran off and logged into a bunch of routers to ensure I conveyed any karma resident in my hand.
15:52 -!- mtown_nerd is now known as mtown_nerd|afk
16:00 -!- m0j0-j0j01 [~m0j0-j0j0@rrcs-98-101-35-244.midsouth.biz.rr.com] has joined #se2600
16:00 -!- coil- [stfu@mist3r-2-pt.tunnel.tserv12.mia1.ipv6.he.net] has quit [Read error: Operation timed out]
16:01 -!- m0j0-j0j01 [~m0j0-j0j0@rrcs-98-101-35-244.midsouth.biz.rr.com] has quit [Client Quit]
16:03 -!- m0j0-j0j0 [~m0j0-j0j0@vnet503-hosoc.mcclatchyinteractive.com] has quit [Ping timeout: 248 seconds]
16:04 -!- coil_ [stfu@mist3r-2-pt.tunnel.tserv12.mia1.ipv6.he.net] has joined #se2600
16:04 -!- coil_ is now known as Guest21616
16:28 -!- Drag0n` [~nunya@199.180.3.25] has quit [Quit: connection reset by year, NTPDate strikes again!!!!]
16:58 -!- [1NF0]_Work [~dmcmorris@75-150-13-105-Atlanta.hfc.comcastbusiness.net] has quit [Ping timeout: 272 seconds]
17:02 <@NotLarry> help
17:02 <@NotLarry> wrong command
17:05 <@coil> rm -rf NotLarry
17:14 -!- [1NF0]_Work [~dmcmorris@75-150-13-105-Atlanta.hfc.comcastbusiness.net] has joined #se2600
17:14 -!- mode/#se2600 [+o [1NF0]_Work] by ChanServ
17:18 -!- warrenjon [~jwarren@66.83.201.3.nw.nuvox.net] has left #se2600 []
17:24 <@NotLarry> Evilpig: ping
17:37 -!- CRasH180 [~kmeldridg@pdpc/supporter/silver/CRasH180] has quit [Quit: leaving]
17:43 <@NotLarry> ok
17:43 <@NotLarry> damn, did it again
18:04 -!- epoxy [~epoxt___@71-81-9-206.dhcp.hlrg.nc.charter.com] has joined #se2600
18:14 -!- NotLarry [~NotLarry@c-76-22-176-23.hsd1.tn.comcast.net] has quit [Ping timeout: 260 seconds]
18:18 -!- epoxy [~epoxt___@71-81-9-206.dhcp.hlrg.nc.charter.com] has quit [Quit: Leaving]
18:32 < Todd> OK "south east"... how many cups of sugar per quart of iced tea/
18:36 <@[1NF0]> 42
18:40 <@[1NF0]> 1/2 to 1 cup per quart.  I believe waffle house uses 2c/gallon.  Most sweet tea recipes are black tea steeped on hot water, sugar stirred in while hot, then added to ice
18:45 -!- epoxy [~epoxt___@68-112-53-229.dhcp.hlrg.nc.charter.com] has joined #se2600
18:46 < Todd> I went for 3 cups / 3 quarts
18:46 < Todd> still pretty damn sweet
18:54 -!- epoxy [~epoxt___@68-112-53-229.dhcp.hlrg.nc.charter.com] has quit [Quit: Leaving]
19:25 <@Dagmar> Holy shit
19:25 <@Dagmar> "Government officials increased the estimate of oil flowing into the Gulf to between 35,000 and 60,000 barrels per day,"...
19:25 <@Dagmar> Crist this is what I wake up to find out?
19:34 <@sdodson> http://twitter.com/thevuvuzelahorn
20:48 -!- epoxy [~lsthree@68-112-53-229.dhcp.hlrg.nc.charter.com] has joined #se2600
20:57 -!- Guest21616 [stfu@mist3r-2-pt.tunnel.tserv12.mia1.ipv6.he.net] has quit [Read error: Connection reset by peer]
20:58 -!- coil_ [stfu@mist3r-2-pt.tunnel.tserv12.mia1.ipv6.he.net] has joined #se2600
20:58 -!- coil_ is now known as Guest55103
21:04 -!- freakn [freakn@silenceisdefeat.com] has quit [Remote host closed the connection]
21:09 -!- epoxy [~lsthree@68-112-53-229.dhcp.hlrg.nc.charter.com] has quit [Ping timeout: 264 seconds]
21:36 -!- epoxy [~lsthree@68-112-53-229.dhcp.hlrg.nc.charter.com] has joined #se2600
--- Log closed Wed Jun 16 00:00:33 2010