2013-06-17T00:00:22 Skydog probably ate him 2013-06-17T00:00:40 heh 2013-06-17T00:01:58 Tomorrow's weather... partly tornady 2013-06-17T00:02:52 zoomed out to where I can only see portals lvl3 up.. resistence player count: 62, enlightened: 26 2013-06-17T00:06:01 http://www.cbssports.com/nfl/blog/eye-on-football/22404404/nfl-implements-new-bag-policy-leave-the-purses-at-home 2013-06-17T00:06:02 Title: NFL implements new bag policy: Leave the purses at home - CBSSports.com (at www.cbssports.com) 2013-06-17T00:06:33 damn, and i just picked up new purse i wanted to take to the next game 2013-06-17T00:07:31 Shadow404: to hold your tampons? 2013-06-17T00:07:41 well, no, butt plugs 2013-06-17T00:07:56 same application, different port 2013-06-17T00:08:48 It's official. Sports makes no sense anymore http://www.cbssports.com/mlb/blog/eye-on-baseball/22444470/cardinals-distracted-doing-pushups-get-pinned-by-marlins-lose-belt 2013-06-17T00:08:49 Title: Cardinals distracted doing pushups, get pinned by Marlins, lose belt - CBSSports.com (at www.cbssports.com) 2013-06-17T00:12:33 http://i.imgur.com/xr9CIar.jpg 2013-06-17T00:13:14 my cat use to carry one of those 2013-06-17T00:13:16 kinda fun 2013-06-17T00:17:21 I remember that 2013-06-17T00:19:37 Did we finally give up on Centennial being a newbie zone? 2013-06-17T00:19:50 I did 2013-06-17T00:20:11 Well, there's number of high level resonators there placed by players who should know better, like stickman 2013-06-17T00:20:17 dunno about anyone else. The smurfs have used it as an ap farm since it's inception 2013-06-17T00:20:50 I think I'm going to start back to making it my personal bitch again 2013-06-17T00:21:21 didyou see where peter was again claiming not to be stickman 2013-06-17T00:21:48 Well, we caught him more or less red-handed as bardwell, and he doesn't strike me as the kind of guy who would dual-box 2013-06-17T00:21:53 showed his picture on linked in to a few of the E folks that had met him and they all confirmed it was him 2013-06-17T00:22:57 Man I need my bike working again 2013-06-17T00:23:14 damn, its pouring like crazy 2013-06-17T00:23:15 I caught him as stickman redhanded, he outted himself as bardwell. either way, brb gotta go fix the tv at teh back door 2013-06-17T00:23:20 when it comes to that game 2013-06-17T00:23:32 whats to stop someone from hookling their phone up in developer mode 2013-06-17T00:23:40 minulating the gps input 2013-06-17T00:23:49 been done 2013-06-17T00:23:52 I think tomorrow night after the round-table I'll just finish up my painting on the bike parts and just put the busted nose cone back on it if I get the engine working properly before the new parts come in 2013-06-17T00:23:54 and racking up points and attacking everything from their office 2013-06-17T00:24:07 Shadow404: If they detect you're spoofing GPS they just ban you 2013-06-17T00:24:24 yeah, hard to catch i would think 2013-06-17T00:24:26 I should probably sign up for that and get my 2? 3? 4? hours of overtime for coming in on my night off 2013-06-17T00:24:28 Plus, this is multiplayer. 2013-06-17T00:24:33 If you cheat at it, you're just a bitch 2013-06-17T00:24:34 unless you were super obvious 2013-06-17T00:24:49 Dagmar: thats stop people? 2013-06-17T00:24:55 Shadow404: This is a game that tracks your location while you walk around, man 2013-06-17T00:25:03 yeah, i tried it 2013-06-17T00:25:09 i know the idea 2013-06-17T00:25:13 Shadow404: you know how we are about cheaters. we catch em and disappear em 2013-06-17T00:25:20 brb 2013-06-17T00:25:29 but yeah, you could write a script to move the location like as if you were walking around 2013-06-17T00:25:55 If someone's not in superb physical shape, and I find them cheating, there's not going to be any limits to the types of ridicule I'll subject their flabby ass to 2013-06-17T00:26:55 yet another reason i avoid forums for anything 2013-06-17T00:27:02 other than quick fixes 2013-06-17T00:27:06 never been my thing 2013-06-17T00:27:12 Forums? 2013-06-17T00:27:16 lol 2013-06-17T00:27:24 guessing that would be your attack avenue 2013-06-17T00:27:24 No, I'll say this shit right to their faces. 2013-06-17T00:27:33 unless you sit and wait for them to show up at the portal 2013-06-17T00:27:34 I'm afraid of *no one8 2013-06-17T00:27:35 and find them 2013-06-17T00:27:56 Hunt 'em down, trash talk 'em on coms, and show up where they go if/when they do go out 2013-06-17T00:27:57 again, if they are cheating how you gonna know their real location 2013-06-17T00:28:21 and coms are coms and can be avoided 2013-06-17T00:28:21 I am not above stalking someone based on their game actions in order to call them names in person 2013-06-17T00:28:25 liek bullies 2013-06-17T00:28:34 ok 2013-06-17T00:28:34 ...and if they're not there, I have no problems reporting them 2013-06-17T00:28:38 These people are not smart. 2013-06-17T00:39:23 Shadow404: I've had people show up and sit outside my office now, one particular piece of shit was following my actions on comms and purposely showing up where I was 2013-06-17T00:39:58 I've got three of them right now looking to catch me breaking rules because I have been pretty vigilant about calling them out on tresspassing, and other violations 2013-06-17T00:41:07 and i'm an ass, as you all well know 2013-06-17T00:51:13 caption this: http://sphotos-d.ak.fbcdn.net/hphotos-ak-ash3/7249_283812851765558_715887549_n.jpg 2013-06-17T00:54:43 http://kotaku.com/are-these-real-answers-or-fake-questions-in-this-xbox-513600924 so i bet MS leaked this on purpose 2013-06-17T00:54:50 to try and stop all the rumors 2013-06-17T01:08:44 i don't know what to say 2013-06-17T01:09:09 mongo showed up on time but sat down and with in 30 seconds was on youtube. didn't even sterilize the desktop like usual 2013-06-17T01:09:32 http://www.businessinsider.com/bob-schieffer-edward-snowden-face-the-nation-2013-6 2013-06-17T01:09:33 Title: Bob Schieffer Rips Edward Snowden - Business Insider (at www.businessinsider.com) 2013-06-17T01:09:38 I tend to side with Bob on this one. 2013-06-17T01:10:03 If Snowden had dropped the leaks on the steps of the Lincoln Memorial or something, I would consider him a hero. 2013-06-17T01:19:39 http://www.youtube.com/watch?v=6RtSGFryKwo wow... angry joe actually pushing Major Nelson hard on the 24hr checking on XBONE 2013-06-17T01:19:40 Title: Xbox One AJ Interview w/ Major Nelson - YouTube (at www.youtube.com) 2013-06-17T01:19:49 they were NOT happy with this interview 2013-06-17T01:20:01 this computer seriously needs more ram 2013-06-17T01:20:10 I'm just beating the living shit out of it as is 2013-06-17T02:05:35 wtf. 2013-06-17T02:05:44 The Kwik-Sak was actually closed 2013-06-17T02:14:09 Wilbur: Joy! http://www.newschannel5.com/story/22605559/one-person-shot-near-downtown-nashville 2013-06-17T02:14:09 Title: One Person Shot Near Downtown Nashville - NewsChannel5.com | Nashville News, Weather & Sports (at www.newschannel5.com) 2013-06-17T02:15:01 Just on the other side of 12th. 2013-06-17T02:15:03 "The victim was struck in the groin." 2013-06-17T02:15:07 *eyepinch* 2013-06-17T02:15:21 "Those injuries were not believed to be life-threatening." 2013-06-17T02:15:23 nice... 2013-06-17T02:15:29 That's debateable. 2013-06-17T02:16:57 yeah... life not worth living... 2013-06-17T02:16:59 is that a life? 2013-06-17T02:20:06 I can't believe the damn Kwik Sak was closed 2013-06-17T02:20:39 LOL 2013-06-17T02:20:49 B/C it is sunday? 2013-06-17T02:22:25 I don't think so 2013-06-17T02:22:34 They've been open on Sunday nights before 2013-06-17T02:22:52 penis 2013-06-17T02:23:14 Bad timing. 2013-06-17T02:25:08 vagina? 2013-06-17T02:29:10 Read the link I posted. 2013-06-17T03:08:54 lol @ no remote control for the xbox one 2013-06-17T03:09:05 'you can use your voice' fuck off 2013-06-17T03:40:21 *** RangerZ has quit IRC (Quit: Leaving.) 2013-06-17T03:52:31 I just got an awful idea 2013-06-17T03:52:52 Record the sound of the men's bathroom during a football game at a stadium 2013-06-17T03:53:06 And then play the recording to video of a war 2013-06-17T04:38:01 *** RangerZ has joined #se2600 2013-06-17T04:49:51 ok 2013-06-17T04:49:51 https://www.coursera.org/signature/guidebook 2013-06-17T04:49:52 Title: Coursera.org (at www.coursera.org) 2013-06-17T04:49:58 can someone plase tell me why this is a good idea 2013-06-17T04:57:05 Silly. It's so Big Brother can track you more easily. 2013-06-17T04:57:10 What's wrong with that? 2013-06-17T04:57:17 You some kinda commie or something? 2013-06-17T04:58:33 Aaaaaand someone just ran their car into a bank across thes street from me. 2013-06-17T04:59:11 Bahhumbug: I think it's less about big brother and more coursera trying to create the impression of accredited classes to make money 2013-06-17T05:00:36 I don't see that as being possible with their organization structure. I think it's just a way to verify that someones claim of having 'passed' a course checks out via a trusted source. 2013-06-17T05:01:01 Did they hit a real bank _building_? 2013-06-17T05:01:08 Or just an enbankment? 2013-06-17T05:06:29 I'm not sure. 2013-06-17T05:06:59 By which I mean, it's definitely past the sidewalk and such 2013-06-17T05:07:09 I'm not sure if it actually broke any walls though, I can't see 2013-06-17T05:22:09 can ancan anyone tell me where mongo is? 2013-06-17T05:28:45 I know where I personally hope he is. 2013-06-17T05:47:31 you and me both. but that leaves the question on where the dumbshit is really. he's been gone an hour now 2013-06-17T05:47:41 I know he isn't off working because that's for those other people to do 2013-06-17T05:49:23 it has returned 2013-06-17T05:49:41 it came in from teh front door so I can only assume that means it went to its car to sleep for an hour 2013-06-17T05:52:04 anyone want to take bets on what it does in 10 minutes when it normally goes to 'lunch'? 2013-06-17T05:54:13 He takes his Shitty Worker pills? 2013-06-17T06:02:31 heh 2013-06-17T06:09:25 did I miss this? 2013-06-17T06:09:27 End of Product LifecycleActive development for MySQL Database Server version 5.0 has ended. Oracle offers various support offerings which may be of interest. For details and more information, see the MySQL section of the Lifetime Support Policy for Oracle Technology Products (http://www.oracle.com/us/support/lifetime-support/index.html). Please consider upgrading to a recent version. 2013-06-17T06:09:51 nm. i'm retarded 2013-06-17T06:10:02 my brain is clearly mush 2013-06-17T06:11:37 okay. this jose guy wants to use negative numbers as part of a sql index and mysql is barfing all over it and I can't find a solution 2013-06-17T06:12:12 it makes an index like field1-field2 and when either is a negative number it just shits itself 2013-06-17T06:20:23 Evilpig: you CAN use negative numbers for index 2013-06-17T06:20:52 it's the delimeter. it's a fuckin' - and I can't seem to find a way to change it so it stops shitting itself 2013-06-17T06:20:56 i'm guessing he setup some additional constraints somewhere that say that it won't be negative, or he is putting them into uint 2013-06-17T06:21:09 make sure it isn't ...u...int or some such 2013-06-17T06:21:20 < forgets what all it accepts 2013-06-17T06:21:31 ohh 2013-06-17T06:21:34 I've got the exact error. I can duplicate it easily. I'm annoyed right now 2013-06-17T06:21:47 is the index auto inc? 2013-06-17T06:21:49 the stabbing pain is back in my foot and is NOT helping things 2013-06-17T06:29:26 * Bahhumbug stabs puppet in the nuts 2013-06-17T06:30:20 Evilpig: so yeah, mysql DOES allow signed/unsigned 2013-06-17T06:30:42 i'm sure you would have caught that 2013-06-17T06:30:58 yeah. signed is default 2013-06-17T06:31:04 http://dev.mysql.com/doc/refman/5.0/en/numeric-type-overview.html 2013-06-17T06:31:05 Title: MySQL :: MySQL 5.0 Reference Manual :: 11.1.1 Numeric Type Overview (at dev.mysql.com) 2013-06-17T06:31:21 it's a problem with the delimiter being used in the index. i'm almost 100% sure of it 2013-06-17T06:33:19 I'm about to just reject this guy's idea as wtf broken and do it a way that will just work 2013-06-17T06:40:31 gotta love darpa projects 2013-06-17T06:40:36 9 to 5 that starts at 11 2013-06-17T06:40:37 lol 2013-06-17T06:41:24 *** LastChild has quit IRC (Quit: and the monkey flips the switch) 2013-06-17T07:05:07 *** RangerZ has quit IRC (Ping timeout: 260 seconds) 2013-06-17T07:29:20 *** RangerZ has joined #se2600 2013-06-17T07:38:05 *** Dolemite has joined #se2600 2013-06-17T07:38:05 *** ChanServ sets mode: +o Dolemite 2013-06-17T07:38:06 mr0ning, be0tches and h0ez! 2013-06-17T07:38:29 no 2013-06-17T07:39:12 Look on the bright side - almost time to go hmoe 2013-06-17T07:39:14 home 2013-06-17T07:39:22 yeah well :P 2013-06-17T07:39:34 might ahve to come back here tonight for a round table with the new CIO 2013-06-17T07:39:48 debating on wethernot I want the extra dough to come in on my day off 2013-06-17T07:40:06 wow... 2013-06-17T07:40:15 TrotCon 2013 2013-06-17T07:40:36 the things that need PN to show up and troll them.... wow 2013-06-17T07:40:38 * Evilpig punches RangerZ the dirty bronie 2013-06-17T07:40:56 no, one of the guys from oh2600 is 2013-06-17T07:41:48 https://fbcdn-sphotos-e-a.akamaihd.net/hphotos-ak-ash3/222410_10151641625997440_15090099_n.jpg could be a good outfit idea for notlarry 2013-06-17T07:42:09 notMrsLarry might atleast enjoy it 2013-06-17T07:42:20 that's the worst kind 2013-06-17T07:42:26 that's a furry bronie 2013-06-17T07:46:38 apparently I'm an astronaut in training http://www.cracked.com/article_18421_6-insane-coincidences-you-wont-believe-actually-happened_p2.html 2013-06-17T07:46:39 Title: 6 Insane Coincidences You Won't Believe Actually Happened | Cracked.com (at www.cracked.com) 2013-06-17T07:47:22 that just cracks me up every time i see it, lol 2013-06-17T08:26:46 i <3 today's XKCD 2013-06-17T08:27:17 http://kxcd.com/ apparently 2013-06-17T08:27:18 Title: KXCD @USD - Christian Music That Rocks! (at kxcd.com) 2013-06-17T08:27:22 is a real url 2013-06-17T08:27:27 typo :/ 2013-06-17T08:35:57 this is really impressive 2013-06-17T08:36:10 the US needs more people like this in the military: http://www.upworthy.com/boom-watch-an-angry-army-general-deliver-a-scathing-dressing-down-to-sexist-soldiers?c=bl3 2013-06-17T08:36:11 Title: BOOM: Watch An Angry Army Chief Deliver A Scathing Dressing-Down To Sexist Soldiers (at www.upworthy.com) 2013-06-17T08:44:06 That's mellow 2013-06-17T08:48:01 Not really for an Aussie. This is going to lay the fear of god in a lot of enlisted. 2013-06-17T08:48:14 I need breakfast. 2013-06-17T08:48:15 * Bahhumbug & 2013-06-17T08:48:43 fg 2013-06-17T08:58:57 aestetix: http://www.youtube.com/watch?v=MaQmyhkGNm0 wow... china wouldn't like this vid 2013-06-17T08:58:58 Title: Google+: Public Squares - YouTube (at www.youtube.com) 2013-06-17T09:03:37 fuck 2013-06-17T09:03:46 I did not miss this pain in my right foot one bit 2013-06-17T09:09:50 *** Synx|hm has joined #se2600 2013-06-17T09:11:32 Evilpig: what did you do? 2013-06-17T09:11:49 nothing this time 2013-06-17T09:12:15 it's just creeped back in the last few days to the point where it's a real issue 2013-06-17T09:12:33 i mean.. .what did you do before then? 2013-06-17T09:14:09 never figured that out. doctor was no use on figuring it out either 2013-06-17T09:24:50 It's cancer. 2013-06-17T09:24:57 At least according to webmd. 2013-06-17T09:38:55 it must be true 2013-06-17T09:39:04 I think it's a tumor 2013-06-17T09:39:51 Evilpig: have you previously hurt that foot? Might be you previously broke a bone, it healed incorrectly, and barometric pressure changes can trigger phantom pains 2013-06-17T09:40:18 Any users of FreePBX here? I'm having terrible luck with it, need to reboot it daily to keep my trunks up 2013-06-17T09:40:28 it just stops responding to all traffic randomly 2013-06-17T09:40:29 :( 2013-06-17T09:40:49 probably need to start fresh as i have to test out TCP-TLS and SRTP today 2013-06-17T09:47:01 I'd suggest upgrading the core Asterisk process, as FreePBX is really nothing more than a set of scripts for altering the configuration. 2013-06-17T09:47:18 nah, asterisk 1.2 is plenty stable 2013-06-17T09:55:06 maybe i should just ditch freepbx and configure asterisk myself? 2013-06-17T09:57:24 *** K4k has quit IRC (Quit: WeeChat 0.4.0) 2013-06-17T10:03:12 Synx|hm: I would recommend that, though I realize not everybody has the time to learn how to configure it. 2013-06-17T10:04:16 ya, right now i need a TCP-TLS / SRTP environment to test some stuff in and i need to not spend all week configuring it 2013-06-17T10:04:38 however freepbx is a mess of hacks at least thats how it seems 2013-06-17T10:11:08 That's a good way to describe it, yes 2013-06-17T10:23:55 can't wait for lunch today, smoked a pork butt this weekend 2013-06-17T10:37:51 Corydon76-work: have you ever worked with TLS or SRTP before? 2013-06-17T10:38:10 I have not 2013-06-17T10:38:18 Not in connection to SIP 2013-06-17T10:38:37 well ill still ask as im not very smart on TLS anyways 2013-06-17T10:38:49 forgive me if this is stupid 2013-06-17T10:38:55 The major problem is that the phones I have here do not support it 2013-06-17T10:39:14 I have a device that requires two things for TLS to work, a "Certificate" and a "Private Key" 2013-06-17T10:39:25 Correct 2013-06-17T10:39:35 the team i am working with on the call manager side have 0 clue what these specifically refer to or where to get them 2013-06-17T10:40:02 I assume i need the root CA from the server i am talking to and a nother key obviously 2013-06-17T10:40:10 Then almost certainly, they do not support TLS 2013-06-17T10:40:27 they do and its working with their phones 2013-06-17T10:40:49 Then you're not dealing with the actual engineers 2013-06-17T10:40:52 its just all their brand equipment so all their phones either have self signed certs already working or the system is setup to auto configure them 2013-06-17T10:41:23 Ugh, self-signed certs. That's the way to ensure that you have nearly no actual security 2013-06-17T10:41:26 ya thats probably part of the problem, nither of us are familiar with our respective equipment to putt this all together 2013-06-17T10:41:54 agreed, but i just want this working at least for now before i bring that up 2013-06-17T10:42:02 self-signed certs are trivially intercepted with a mitm attack 2013-06-17T10:42:20 So, this is bascially public private key crypto correct? 2013-06-17T10:42:27 PKI, yes 2013-06-17T10:42:57 So the "certificate" i need for my equip you think that should be the root ca? or something they generate specifically for my device on their end 2013-06-17T10:43:50 No, the certificate that you need is going to be a generated cert that is signed by a root CA. 2013-06-17T10:44:21 and then the corresponding key generated in concert with the certificate request 2013-06-17T10:45:23 So: you generate a certificate request and private key, submit that cert req to a CA, get back a signed cert, signed cert and private key are what you use 2013-06-17T10:45:32 *** Dickie has quit IRC (Ping timeout: 252 seconds) 2013-06-17T10:46:08 *** Dickie has joined #se2600 2013-06-17T10:46:08 *** ChanServ sets mode: +o Dickie 2013-06-17T10:46:54 The signed cert gets sent over the wire to the remote end, which they can then verify against the CA and use to encrypt the symmetric key to send back to you, you use the private key to decrypt the symmetric key, which is what is used to decrypt traffic 2013-06-17T10:47:41 decrypt voice traffic, that is 2013-06-17T10:49:19 I don't remember if they do signed certs on both ends with separate symmetric keys for each direction or just use one symmetric key for both directions, but I suspect that's all handled for you. 2013-06-17T10:49:24 so i understand the SRTP uses a symmetric key, but the TLS connection is also using PKI to exchange symmetric keys for that instance of communications 2013-06-17T10:49:41 ? 2013-06-17T10:50:04 That's the definition of TLS, yes. TLS is a specific implementation of PKI. 2013-06-17T10:52:07 oh perhaps im confused by 'symmetric' then, if i have your public key and you have mine why do we need to agree upon a symmetric key that can both decrypt and encrypt our traffic 2013-06-17T10:54:01 * Synx|hm shouldn't have dropped the intro to cryptography class 1 week in on coursera 2013-06-17T10:55:49 Because asymmetric cryptography has such longer bit lengths as the encryption/decryption takes a lot more CPU 2013-06-17T10:56:05 ok that makes sense 2013-06-17T10:56:12 figure that was the case 2013-06-17T10:56:32 So you use it only to exchange keys, then use the simpler encryption for the actual traffic 2013-06-17T10:57:23 Even then, because you have shorter key lengths, you also need to rekey on a regular basis, to ensure that a chosen plaintext attack doesn't compromise your symmetric keys, and TLS takes care of that, too 2013-06-17T10:57:40 which reminds me i need to register a new key with the MIT keyserver and start signing all my emails 2013-06-17T10:58:09 ahh cool i figure it would re-exchange a symmetric key on a regular basis 2013-06-17T10:59:21 Funnily enough, the initiation for a key renegotiation is where the protocol has seen a few vulnerabilities in the past 2013-06-17T10:59:56 Which is why TLS is at version 1.2 now 2013-06-17T10:59:58 how does this all differ from SSL? 2013-06-17T11:00:09 TLS is essentially SSL v3 2013-06-17T11:00:28 ahh 2013-06-17T11:02:23 ok complete side step in discussion here... was reading some of the latest leak from Snowden this morning. Something to the effect of using rogue 'inet cafe' to spy on people, but it specifically said to install keyloggers 2013-06-17T11:02:37 which got me thinking, how do you go from snooping on peoples wifi to installing keyloggers 2013-06-17T11:03:04 metasploit 2013-06-17T11:03:23 Or the easier way: physical access to their machine 2013-06-17T11:03:26 ya, but aside form actually getting in that way 2013-06-17T11:03:54 You might be surprised how many people don't lock their computers when they walk away 2013-06-17T11:03:56 im thinking man in the middle attacks, i assume its possible to get in the middle and real time inject code into downloads? 2013-06-17T11:06:36 *** x86Daddy has joined #se2600 2013-06-17T11:07:18 so for example if "they" didn't have the latest 0-day or what ever exploit it just remote in and do their bidding... 2013-06-17T11:08:43 *** Dickie has quit IRC (Ping timeout: 260 seconds) 2013-06-17T11:09:00 If downloads are done over an insecure channel, then yes, mitm is perfectly possible 2013-06-17T11:09:08 it couldn't be too difficuly to do a MitM attack (possibly even faking/re-signing SSL keys) right at someones ISP (or inet cafe in this case) and perhaps inject code real time 2013-06-17T11:09:25 either way we know its easy to re-sign SSL keys so long as the user doesn't verify 2013-06-17T11:09:53 If they're using PKI, then it becomes a great deal more difficult, because the application generally does the verification for them 2013-06-17T11:10:31 Chrome and Firefox will both put up huge warnings when you compromise a secure session 2013-06-17T11:10:41 perhaps TLS doesn't fall prey to this, but i know with SSL i can just sniff out the cert the website sends back and inject my own, companys do this all over the place 2013-06-17T11:10:44 true 2013-06-17T11:12:11 But the cert is signed, and if your replacement cert doesn't either verify for the domain or is for a different domain, the user gets a big fat warning 2013-06-17T11:12:54 well from my understanding the companys were pre-installing their own CA certs on their employees computers 2013-06-17T11:13:09 so when they got the injected cert from say "google.com" they already trusted it 2013-06-17T11:13:11 That said, almost nobody checks their root cert pool on a regular basis to ensure it hasn't been polluted, so if you can get physical access, you can add a root cert that pollutes the pool 2013-06-17T11:14:19 Right, so if you compromise a badly secured root cert, then you can do whatever you like with those client computer connections 2013-06-17T11:14:45 didn't that happen with a big root ca last year? 2013-06-17T11:15:01 Yes 2013-06-17T11:15:39 The hacker alleged that he did it with more than one, though I'm not sure if that was ever verified. 2013-06-17T11:16:01 how can we protect against this? 2013-06-17T11:16:14 we cant right, too much trust in these guys like verisign 2013-06-17T11:16:34 You could probably write something to verify all the root certs on a machine 2013-06-17T11:18:31 ya thats a good start, but what about trusting the peole who sign and distribute ala VeriSign 2013-06-17T11:19:23 You're welcome to go to their HQ and ask to audit the process by which they both secure their root CA, as well as verify certificate requests 2013-06-17T11:19:48 That assumes that their root CA really is secured, however. 2013-06-17T11:21:01 It's perfectly possible that they have their real root CA in another, insecure location, and they have infrastructure set up for the purpose of passing the audits 2013-06-17T11:23:28 i dont trust anyone anymore 2013-06-17T11:30:15 never trusted my windows installs, but im having a hard time trusting anything these days :( 2013-06-17T11:31:47 it really is a sad feeling, i was on a flight right after all the leaks hit and news, and while i alway "knew" this was going on, it really caused me to feel sad and bummed out for the world and our future, i spent the entire flight listening to depressing music and being in despare for the world 2013-06-17T11:33:25 don't trust it unless you've written it youself 2013-06-17T11:33:27 *yourself 2013-06-17T11:35:34 Corydon76-work: got another TLS question for ya 2013-06-17T11:36:50 brimstone: i think that extends to the hardware now too :( so even if i trust and only run software/os/bios ive coded myself i cant trust the physical hardware, even network hardware 2013-06-17T11:37:05 go Team Hermit! 2013-06-17T11:37:15 yup 2013-06-17T11:37:42 lets start up a new world network, but one on which we require only audited code/hardware 2013-06-17T11:37:51 and encrypt all of the traffic 2013-06-17T11:47:18 Corydon76-work: so at the begining of a TLS conversation (in regards to our previous conversation) i send you unencrypted the signed cert (basically my public key signed by you) i got from you previously, which you then verify and use to encrypt the symmetric key you want to use and send back to me 2013-06-17T11:48:33 *** K4k has joined #se2600 2013-06-17T11:52:22 *** Dickie has joined #se2600 2013-06-17T11:52:22 *** ChanServ sets mode: +o Dickie 2013-06-17T12:11:37 *** benthemeek has joined #se2600 2013-06-17T12:11:37 *** ChanServ sets mode: +o benthemeek 2013-06-17T12:27:20 * Corydon76-work is still waiting for the question 2013-06-17T12:27:21 *** x86Daddy has quit IRC (Read error: Connection reset by peer) 2013-06-17T12:27:37 *** x86Daddy has joined #se2600 2013-06-17T12:27:39 ha 2013-06-17T12:27:56 sorry, it was more of a statement, wanting to see if my understanding is correct 2013-06-17T12:28:10 Corydon76-work: so at the begining of a TLS conversation (in regards to our previous conversation) i send you unencrypted the signed cert (basically my public key signed by you) i got from you previously, which you then verify and use to encrypt the symmetric key you want to use and send back to me 2013-06-17T12:30:11 Yep, that's basically it. 2013-06-17T12:32:17 ok in that context of the phone with certs talking to a call manager i think i understand it 2013-06-17T12:32:52 but, how does this all work in the context of a web browser session... as the web browser i dont have any certs to send to you (the server) first 2013-06-17T12:35:57 The server sends its certificate, which you use to sign the public key that you generated at the time of the request 2013-06-17T12:36:42 The server can then use its private key to verify that the certificate it received was signed with the same key 2013-06-17T12:37:35 and the client knows that the public key that it received from the server was legitimately from the server, because the domain name of the server is embedded in the certificate and the certificate is signed with a known good (root) certificate 2013-06-17T12:38:19 Thereafter, all responses to the server will be secured from mitm attacks 2013-06-17T12:39:22 ahh thats logical :) 2013-06-17T12:40:22 so the basic diff is the previous dicsussed method is a way to verify the end user is trusted, and latter (web) simply just verifys the traffic is secure but we dont care who the end user is 2013-06-17T12:41:08 No, the end user is not necessarily trusted, just that the communication between the server and the requestor is secured. 2013-06-17T12:41:43 As long as the requestor makes use of the required verifications that they're talking to who they think they're talking to, the channel is secure 2013-06-17T12:42:48 then why have devices that need the key/cert pair pre-configured then? 2013-06-17T12:43:13 Most likely because they lack the requisite CPU power to generate them in a timely manner 2013-06-17T12:43:22 ahh 2013-06-17T12:43:40 Many embedded devices don't have a good source of randomness from which to generate keys 2013-06-17T12:43:44 hey thank you btw for taking the time to explain this all to me 2013-06-17T12:46:13 Peaches just let me know of an interesting trick. If you buy a Walmart gift card in the store, the Walmart gas pumps will give you $.10/gallon in additional discount. 2013-06-17T12:47:33 So basically, buy a $20 gift card, use it to put $20 in your tank, and you get more without giving Walmart any additional info about you 2013-06-17T12:48:09 great idea 2013-06-17T12:54:22 *** x86Daddy has quit IRC (Ping timeout: 256 seconds) 2013-06-17T12:55:28 Corydon76-work: Home Depot Fuel in Smyrna did that, too 2013-06-17T12:55:57 Plus if you own a home, it's hard not to spend money at Home Depot that qualified for an additional $0.10/gallon discount 2013-06-17T12:56:35 I know why they do it; they're trying to glean additional info about the purchasing decisions of people who normally pay in cash 2013-06-17T12:56:52 I know folks that buy gift cards to places they normally shop at from Krogers so they get the points for discounts at Kroger's gas stations. 2013-06-17T12:57:23 We used to double/triple dip at Home Depot. We'd buy the gift cards from the Home Depot Fuel market, using a credit card that gave 10x points for purchases at gas stations 2013-06-17T12:57:32 Then we'd pay for our gas using the gift cards 2013-06-17T12:57:40 And, of course, use our Home Depot points 2013-06-17T12:58:01 Alas, no Home Depot Fuel around here. 2013-06-17T13:09:14 *** v4mp has joined #se2600 2013-06-17T13:20:05 http://twit.tv/show/security-now/408 2013-06-17T13:20:06 Title: Security Now 408 | TWiT.TV (at twit.tv) 2013-06-17T13:20:19 Steve talking about PRISM 2013-06-17T13:21:14 i can't stand listening to steve gibson 2013-06-17T13:21:37 oh i agree he is terrible to listen to and Leo on top makes me want to pull my hair out 2013-06-17T13:21:50 but he's quite smart and i enjoy his ideas/opinions 2013-06-17T13:21:59 *** K4k has quit IRC (Quit: WeeChat 0.4.0) 2013-06-17T13:22:21 *** K4k has joined #se2600 2013-06-17T13:22:21 *** K4k has joined #se2600 2013-06-17T13:45:44 *** Dolemite has quit IRC (Quit: Page closed) 2013-06-17T13:47:20 Anyone recall the foriegn govt investigation into Echelon or what it was called? 2013-06-17T13:48:02 nope 2013-06-17T13:48:05 no such thing existed 2013-06-17T13:48:16 no NSA Echelon existed in 2005~2006 2013-06-17T13:48:31 thank you very much for your concern, citizen 2013-06-17T13:48:35 ;) 2013-06-17T13:51:44 ahh yes i believe this was it 2013-06-17T13:51:47 http://cryptome.org/echelon-ep-fin.htm 2013-06-17T13:51:48 Title: European Commission Final Report on Echelon (at cryptome.org) 2013-06-17T13:55:25 *** x86Daddy has joined #se2600 2013-06-17T14:18:11 *** v4mp has left #se2600 2013-06-17T14:56:33 Bahhumbug: just so you know 2013-06-17T14:56:39 I walked by the bank today 2013-06-17T14:56:46 the car did indeed smash part of the window 2013-06-17T15:13:04 *** Iyeman has quit IRC (Ping timeout: 252 seconds) 2013-06-17T15:15:51 *** Iyeman has joined #se2600 2013-06-17T15:15:51 *** ChanServ sets mode: +o Iyeman 2013-06-17T15:18:49 quick trivia question 2013-06-17T15:18:54 *** jonnyx has joined #se2600 2013-06-17T15:19:03 how many people have walked on the moon? 2013-06-17T15:19:26 *** jonny_X has quit IRC (Ping timeout: 252 seconds) 2013-06-17T15:19:44 Less than 10, I believe 2013-06-17T15:19:46 12, random facts brought to you by Shadow404 2013-06-17T15:20:02 and most of them are from Ohio 2013-06-17T15:20:03 LOL 2013-06-17T15:20:10 yep, thats what made me think about it 2013-06-17T15:20:13 that link you sent 2013-06-17T15:20:16 how many NSA agents have ready your email today 2013-06-17T15:20:31 John Glenn was a badass senator 2013-06-17T15:20:32 Synx|hm: did you possibly watch the hearings for that? 2013-06-17T15:20:36 the senate hearings? 2013-06-17T15:20:39 literally NO ONE could say shit to him 2013-06-17T15:20:45 lol 2013-06-17T15:20:50 RangerZ: not always a good thing 2013-06-17T15:21:04 Shadow404: i didn't, i should though 2013-06-17T15:21:13 Synx|hm: reason i say that, is yes, i think it sucks they "can" get access easily when needed 2013-06-17T15:21:22 yeah, but he was actually a good sen. and did good work, unlike our current house of lunitics 2013-06-17T15:21:25 but do you know how much legal red tape they have to complete to do so 2013-06-17T15:21:48 oh ya, im sure its completely legal at this point to do what they are doing 2013-06-17T15:22:04 yes, the one or two rogue assholes that do shit without oversight may be an issue 2013-06-17T15:22:09 and YAY... FINALLY ... DHL sucks... USPS a ...week... later has my OUYA out for deliver 2013-06-17T15:22:13 delivery* 2013-06-17T15:22:30 but but for the most part the legal process requires so much oversight its crazy 2013-06-17T15:22:49 the fact they made deals behind our back with the major social and email companies is kinda fucked up 2013-06-17T15:22:58 but the reason and the process they have to go through is pretty crazy 2013-06-17T15:22:59 well... oversight by a rubber stamp court but ya i know what ya mean 2013-06-17T15:23:10 now the security of such info banks is another thing 2013-06-17T15:23:18 Shadow404: i don't think it was 'deals' yahoo and google both sued to stop it, but they lost in "secret court" 2013-06-17T15:23:21 and the transmission of the requested data also antoher concern 2013-06-17T15:23:30 RangerZ: yep, which sucks 2013-06-17T15:23:37 glad they now have public backing 2013-06-17T15:23:38 well here's something interesting, Steve Gibson argues that they dont have access to Google, Facebook, etc aside from the already known court orders 2013-06-17T15:23:42 i think we should have voted on it 2013-06-17T15:23:45 as far as i know... MS is the only one who didn't fight back 2013-06-17T15:23:51 MS and apple 2013-06-17T15:23:52 which is odd 2013-06-17T15:23:53 of course they didnt 2013-06-17T15:24:02 oh want to know something funny 2013-06-17T15:24:02 and peoplechat, or w/e that other one was 2013-06-17T15:24:09 he argues that the very name PRISM implys what they are doing, just like Room 641A that uses fiber taps, how does one tap fiber... with a prism 2013-06-17T15:24:14 speaking of a rip on ms$ 2013-06-17T15:24:33 http://www.youtube.com/watch?v=kWSIFh8ICaA 2013-06-17T15:24:34 Title: Official PlayStation Used Game Instructional Video - YouTube (at www.youtube.com) 2013-06-17T15:24:35 so perhaps they are simply tapping googles, microsofts, facebooks providers and seeing all traffic there 2013-06-17T15:24:44 psx ripping on xbox 2013-06-17T15:24:54 Synx|hm: not quite 2013-06-17T15:25:10 they have ways to get to the data banks and do tyh searches they need to 2013-06-17T15:25:18 Synx|hm: they wouldn't see any traffic sent, for example, from Gmail to Gmail and which is read via SSL 2013-06-17T15:25:24 oh im not saying he is right or wrong, but i think its an interesting look into the name of the program 2013-06-17T15:25:39 Corydon76-work: true and he says that as well 2013-06-17T15:25:41 the likelyhood of *your* email being read is low 2013-06-17T15:25:49 unless your really under investigation 2013-06-17T15:25:59 well its being stores for future use thats for sure 2013-06-17T15:26:09 so your gay pron forums notificatio emails should be safe 2013-06-17T15:26:13 Yes, but probably for less than 2 weeks 2013-06-17T15:26:31 Corydon76-work: yes, but how many people archive their email 2013-06-17T15:26:39 for example, those 15gb google email accounts 2013-06-17T15:26:55 listen if google can store all my emails and most of my files im sure the NSA can do it too 2013-06-17T15:26:57 Incriminating shit? They'll probably delete it 2013-06-17T15:27:10 though it may stick around in the Trash for 30 days 2013-06-17T15:27:33 true, but im sure if your under investigation, and you are still doing the shit they are looking for, they are just gonna monitor live 2013-06-17T15:27:34 either way i thought it was a interesting look at how the program may have gotten its name 2013-06-17T15:27:38 and wait to see something 2013-06-17T15:27:39 Until recently, the NSA didn't have the capacity to store that much data for very long 2013-06-17T15:27:53 Remember, they're also interested in voip calls 2013-06-17T15:28:00 ya and i wonder why they are trying to get more and more capacity to store 2013-06-17T15:28:09 but the long story is for the white hat security groups 2013-06-17T15:28:14 they have to get approval 2013-06-17T15:28:25 with current day codecs voip traffic isn't all that much bw 2013-06-17T15:28:27 and they dont just do shit for no reason 2013-06-17T15:28:34 or huge searches for a large group 2013-06-17T15:28:38 its pretty specific 2013-06-17T15:28:42 Approval is so easy to get that it would border on incompetence for them not to get approval 2013-06-17T15:29:00 and once they get approval from the FISA court, it's nominally legal 2013-06-17T15:29:08 of coruse, you get corrupt power enabled fuckers 2013-06-17T15:29:12 but thats gonna be the rarity 2013-06-17T15:29:30 Corydon76-work: yep, but even then, the search boundaries are well defined 2013-06-17T15:29:45 im sure alot of stuff will be de-classified on how the parameters are filed 2013-06-17T15:30:10 not saying i agree with the way its done, but it has to be done at some level for security 2013-06-17T15:30:12 At least until now, I don't know of any cases where the NSA had someone looking into something for personal gain 2013-06-17T15:30:28 Corydon76-work: not saying personal gain persay 2013-06-17T15:30:38 Or political gain 2013-06-17T15:30:39 more so wide boundary-less searchers 2013-06-17T15:30:42 *searches 2013-06-17T15:30:57 now political gain, i worry about 2013-06-17T15:31:00 like blackmailing 2013-06-17T15:31:04 that worries me 2013-06-17T15:31:17 I don't have as great of a problem about the wide net searches, as long as the bulk of the filtering is done automatically 2013-06-17T15:31:56 That's why I keep any of my innermost secrets either within my own brain or I expose them to y'all 2013-06-17T15:32:21 If there are no secrets I am not willing to have exposed, I cannot be blackmailed 2013-06-17T15:33:24 well ive got a few i dont want anyone to know about and you could probably figure it out from my inet searches 2013-06-17T15:33:40 ... fine... its my love of butt play 2013-06-17T15:33:46 hey 2013-06-17T15:33:48 that was easy come at me NSA! 2013-06-17T15:33:49 i love butt play too 2013-06-17T15:34:02 so yeah 2013-06-17T15:34:13 i would be interested in a poly test 2013-06-17T15:34:17 Shadow404: the things I learn about you 2013-06-17T15:34:24 Shadow404: nope nope nope and nope 2013-06-17T15:34:35 just to see what would happen 2013-06-17T15:34:50 poly test? Polygraph? Or polyamorous? 2013-06-17T15:34:53 Corydon76-work: alot has changed in recent years 2013-06-17T15:35:01 well in that respect then, a susposed way to cheat a poly is be clenching your ass muscle 2013-06-17T15:35:08 Corydon76-work: polyamory is fun, but does get stressful 2013-06-17T15:35:18 im back to monogomous now 2013-06-17T15:35:21 Communication is key 2013-06-17T15:35:31 yeah, for sure, but still alot more work 2013-06-17T15:35:36 But that's true for any relationship 2013-06-17T15:35:42 communication wasnt the issue 2013-06-17T15:35:45 fwiw - ten years ago google kept all email, chat and web searches, period. As in, never deleted their copies (even if you deleted yours). Reason was, the more they "knew" about you (ie - the more data their systems had to crunch), the better they could target their adwords, & the more they could make via advertising rates. 2013-06-17T15:35:59 jonnyx: they still do 2013-06-17T15:36:16 like google searches that i did months ago, still keep coming up in adwords placements 2013-06-17T15:36:47 like why would i see plastic blowup animal ads from a search i did months ago 2013-06-17T15:36:54 maybe not years anymore 2013-06-17T15:37:17 Probably. When I worked there, I could say it with certainty. Haven't worked there in a while, though. Dunno 'bout google voice, but it wouldn't surprise me (I'd be surprised if they didn't at least keep the calling records, if not the recorded calls). 2013-06-17T15:37:19 Corydon76-work: time and relationship boundaries was teh issue 2013-06-17T15:37:46 jonnyx: hrmmm, wonder what the fcc rules are for using that data for marketing? 2013-06-17T15:37:54 my $0.02 2013-06-17T15:38:08 since that is partly their jurisdiction once it hits a pots switching center 2013-06-17T15:40:15 Google has had an ex-NSA guy as head of HWops (Hardware Ops, ie - the engineering division that does all of the hands-on work for the servers, routers & switches) since 2004. Nothing would surprise me. 2013-06-17T15:40:15 what if it never hits the PSTN 2013-06-17T15:40:42 This is why I consider google an NSA asset. 2013-06-17T15:41:04 what if google is the NSA 2013-06-17T15:41:28 and we've all opted into their collection 2013-06-17T15:41:30 FML 2013-06-17T15:41:44 Synx|hm: so like google number to google number over the google leased circuits.... 2013-06-17T15:41:48 hmmmm 2013-06-17T15:42:10 not sure, good question 2013-06-17T15:42:26 its sorta like a microsoft communicator ip voice call to antoher desk phone 2013-06-17T15:42:59 Even in 2004, google exceeded the NSA in terms of raw processing power and storage capacity; google was #1 in the world, NSA a distant #2. After ex-NSA guy took over HWops, the big data retention lawsuit between google & the US gov't was quietly settled. Connect the dots, follow the money, etc. 2013-06-17T15:43:09 ya, i guess what defines the fcc's world, circuit switched? if thats the case im guessing lots of phone traffic is not circuit switched anymore 2013-06-17T15:45:37 unless in that the last feet my voip lines moves to copper circuit switching grandfathers me into fcc rules 2013-06-17T15:46:58 LOOOL 2013-06-17T15:47:00 if thats the case im connecting all my google voice lines to my PAP3 right now 2013-06-17T15:47:28 and going file a complaint with google 2013-06-17T15:47:43 jonnyx: any idea why the "real names" policy happened? 2013-06-17T15:47:45 Despite me saying "Annoyingly, Apache doesn't log connections with no request in them" netsec has requested our logs for a specific time window on a host with 200+ vhosts 2013-06-17T15:47:53 s/PAP3/PAP2 2013-06-17T15:47:53 since it seems unorthodox to the rest of the company 2013-06-17T15:47:58 Presumably so they can tell me about hte issue I reported to them 2013-06-17T15:48:21 Now sending email containing tar.gz with over 500 gzipped access_log segments in it to a Windows user. 2013-06-17T15:49:16 Synx: good luck with that; wonder what would happen if google just starting deleting the accounts of people who complain & banning access to their services... 2013-06-17T15:49:38 my world would be ruined 2013-06-17T15:49:44 There'd be a lot less spurious bullshit from blog authors who use Google 2013-06-17T15:49:45 i use google for everything 2013-06-17T15:50:16 i ported my cell number to google years ago and use the GV integration on my sprint phone 2013-06-17T15:50:27 aestetix: nope, sorry; after my time 2013-06-17T15:50:28 use google apps to manage my domain and a few other GV numbers too 2013-06-17T15:50:33 jonnyx: I figured 2013-06-17T15:50:54 i dont think the nsa monitors real time 2013-06-17T15:50:57 jonnyx: Following the money reveals that someone other than Google also bought a fuckload of disks 2013-06-17T15:51:18 ugh i need coffee 2013-06-17T15:51:46 Synx: My favorite thing is Sprint's "Visual Voicemail" 2013-06-17T15:52:00 It's a voicemail transcription "service" which is an additional fee per month. 2013-06-17T15:52:19 Every time you reflash a Sprint image, it'll hassle you about trying their premium service for free 2013-06-17T15:52:27 aestetix: try checking with one of the (former) se2600 folks who still works there, assuming they haven't been completely absorbed by the Collective 2013-06-17T15:52:37 Apparently when I last reflashed this GS3, I must have accidentally accepted it 2013-06-17T15:52:56 A few minutes later I got an email from Google confirming moving my voicemail over to Google voic 2013-06-17T15:53:14 So basically, these fuckers charge you to turn your Google Voice mail notifications into an SMS 2013-06-17T15:53:30 jonnyx: I haven't been able to get a straight answer from anyone about it. 2013-06-17T15:53:38 Dag - that would be the NSA; right before google went public, we realized we were competing with them for some of the same hardware. 2013-06-17T15:53:50 Every response has been a piece of bullshit that can be ripped apart in about five minutes 2013-06-17T15:54:54 jonnyx: I know. As I put it to someone at Bongo the other day, "I'm pretty sure the NSA has enough disks. Looking into how many disks Google buys from Seagate and Western Digital, they would be a line-item on the quarterly reports. Yet, strangely, they're not." 2013-06-17T15:57:04 We (google) were trying to buy ~50% of the mobos and hard drives produced by a couple of vendors that quarter (Asus and Western Digital, IIRC), and were getting some pushback. Turns out the NSA was trying to buy ~33% of the quarterly volume of some of the same hardware. Vendors were reluctant to sell to both of us at the same time as it would have made their footprint in the commercial world 2013-06-17T15:57:04 extremely small for the next several months (leading into Xmas season). 2013-06-17T15:58:27 jonnyx: what did you do at google? 2013-06-17T15:58:59 Dagmar: haha i had a hunch they were using GV for their backend what a joke 2013-06-17T15:59:47 Hmm. 2013-06-17T16:00:01 I'm actually really curious now what percentage of phone users use google voice 2013-06-17T16:00:15 Since IIRC one of the terms of using google voice is that google can monitor/save all your conversations 2013-06-17T16:00:15 HWops, specifically datacenter buildout in Atlanta. I wound up playing with the big routers mostly before I left, though I also worked on their OOB serial comm stuff too (and wrote some docs that they apparently still use). 2013-06-17T16:00:54 cool, what caused to you leave? 2013-06-17T16:03:16 internal politics (somewhat literally) involving a manager with no real management experience (or people skills), and a change in the way contractors/employees-to-be were treated after they went public 2013-06-17T16:03:22 aestetix: google only uses your recordings for voice recognition training if you specifically add a transcription and recording to the set for them to use 2013-06-17T16:03:47 i use google voice a lot, and I really enjoy it, makes life so much easier , etc 2013-06-17T16:03:47 Do tell? 2013-06-17T16:03:55 How does one submit thta? 2013-06-17T16:04:21 on the website, say if a transcription was useful or not 2013-06-17T16:04:29 and then it gives you an option to submit it 2013-06-17T16:04:38 Ahh 2013-06-17T16:05:13 Lopeppeppy: This is exactly why you need to "mistakenly" sing slightly altered versions of the songs 2013-06-17T16:05:14 RangerZ: and how long do they store that data for? 2013-06-17T16:05:18 RangerZ: so nothing in the EULA about they recording and maintaining calls? 2013-06-17T16:05:21 And what happens if they get subpoenas for one? 2013-06-17T16:05:34 6 months after you delete it , via fed. retention laws 2013-06-17T16:05:35 I did get an apology from them ~6 weeks later and an offer to return (if I was willing to relocate to another facility), but declined it. Apology/offer were partially prompted by the suicide of another coworker and subsequent investigation into the Atlanta management. 2013-06-17T16:06:08 wow sorry to hear that jonnyx 2013-06-17T16:06:27 jonnyx: seems like there are a lot of managers like that 2013-06-17T16:06:32 Google wasn't used to people quiting in protest and/or blowing their brains out due to work stress, apparently. I have zero interest in finding out if things have changed since. 2013-06-17T16:06:39 they don't record calls, unless it is a voice mail, or you specifically tell it to record it (via pressing 4 during a convo) 2013-06-17T16:07:07 jonnyx: i'm pretty sure it has, i have friends at both pitt and mountainview 2013-06-17T16:07:15 but 'ehh' 2013-06-17T16:07:25 ive always been curious how the call routing works, if i make a call using my sprint cell that goes out with caller id of my GV number do i actually hit google servers 2013-06-17T16:08:36 RangerZ - I'm sure it has, due if nothing else to their growth & people who were there at the start cashing out. 2013-06-17T16:09:11 anyways 2013-06-17T16:09:17 did my 8hrs at work today already 2013-06-17T16:09:28 going home to play with OUYA that was delivered today, lol 2013-06-17T16:09:36 bbiab all 2013-06-17T16:09:40 *** RangerZ has quit IRC (Quit: Leaving.) 2013-06-17T16:12:30 Problem was, at the time I was there you could be working under someone who in 2003 was working in a team with 2 other people, managing a dozen or so racks in shared datacenter space; a year later they have 50+ people working under them (and more each month) and are co-managing a couple of datacenters that stared at 0 google servers & grew to 100k each within six months, with even faster growth 2013-06-17T16:12:30 expected in 2005. 2013-06-17T16:13:14 the number of systems operated by the likes of google and amazon blows my mind 2013-06-17T16:13:38 i cant even fathom attempting to come up with a strategy to manage that many systems 2013-06-17T16:14:21 Rigid standardization + lots of low-paid grunts to replace bad parts & move cables. 2013-06-17T16:14:50 Keep multiple copies of data in physically separate locations. 2013-06-17T16:18:01 Set things up properly the first time (hw & sw), keep as few people as possible from fucking with it, have redundant systems for everything. 2013-06-17T16:18:22 how about logon credentials at that level 2013-06-17T16:18:30 i guess its all linked to a domain of sorts 2013-06-17T16:18:33 nm 2013-06-17T16:18:38 Which level? 2013-06-17T16:19:24 i dont even know what level im talking about haha, i was just trying to think if was responsible to thousands of servers, how would i keep them secure from employee turn over and how would i make sure they are all maintained 2013-06-17T16:19:31 but any corporation has these issues 2013-06-17T16:23:23 If outside the google.com networks, ssh into the google.com domain, login + pw + one of those one-time-pad calculator thingies, then login + pw to your relevant *.google.com subdomain, iirc 2013-06-17T16:23:55 ,,,and SecOps watches all... 2013-06-17T16:24:11 so what ever happend to that BIG announcement Yubico was going to make about a partner ship with Google 2013-06-17T16:24:22 they got me all excited and then said nothing 2013-06-17T16:24:32 who/what is yubico? 2013-06-17T16:24:52 www.yubico.com 2013-06-17T16:25:07 its a OTP secure token similar to an RSA token 2013-06-17T16:25:26 except its got USB and looks like a keyboard to your computer 2013-06-17T16:25:32 "Ah," and "beats me" 2013-06-17T16:25:39 ;) 2013-06-17T16:28:36 hrm if i answer my cell too quick from a GV call i never get connected 2013-06-17T16:28:38 :( 2013-06-17T16:29:16 They're not publicly traded, either. 2013-06-17T16:29:24 _Very_ annoying, that. 2013-06-17T16:29:57 Yubi? you dont like them being so closed doors? 2013-06-17T16:35:10 *** jonny_X has joined #se2600 2013-06-17T16:36:38 *** Dickie has quit IRC (Ping timeout: 268 seconds) 2013-06-17T16:37:22 *** jonnyx has quit IRC (Ping timeout: 276 seconds) 2013-06-17T16:37:28 *** Dickie has joined #se2600 2013-06-17T16:37:28 *** ChanServ sets mode: +o Dickie 2013-06-17T16:40:31 No, I don't like that I can't throw money at them. 2013-06-17T16:41:11 They're established enough that they're a solid company, and I don't see them collapsing anytime soon, but a partnership with Google would make their stock go up considerably. 2013-06-17T16:45:37 http://www.guardian.co.uk/law/2013/jun/17/supreme-court-arizona-voter-id?guni=Network%20front:network-front%20main-3%20Main%20trailblock:Network%20front%20-%20main%20trailblock:Position1 2013-06-17T16:45:39 Title: US supreme court strikes down Arizona's voter registration law | Law | guardian.co.uk (at www.guardian.co.uk) 2013-06-17T16:45:43 This is *very* interesting 2013-06-17T16:45:53 wtf, why does google wallet now need a copy of my SSN card, my drivers license, and a utility bill dated with in 60days for me to use the wallet app on my cell 2013-06-17T16:46:11 Also, it's scary when I agree with Scalia 2013-06-17T16:46:31 Dagmar: oh ya me too id invested in them too if they went public 2013-06-17T16:46:36 cats out of the bag now though 2013-06-17T16:50:29 *** RangerZ has joined #se2600 2013-06-17T16:50:40 Synx|hm, when did this happen? 2013-06-17T16:50:45 the google wallet stuff 2013-06-17T16:51:00 mine hasn't requested that 2013-06-17T16:52:33 *** ZombieChicken has quit IRC (Read error: Operation timed out) 2013-06-17T16:53:06 i still can't get it :( 2013-06-17T16:57:14 google wallet is the new version of google checkout right? 2013-06-17T16:57:24 where they are trying to get people to send money through gchat and such 2013-06-17T16:57:32 tasting rainbows 2013-06-17T16:57:37 herding cats 2013-06-17T16:57:42 opticron: not sure i may have induced it... i had to hack my gwallet app a while back to get it to work, lately its been not working so someone told me to "validate" my account on the website, so i tried that and it first asked there for the info 2013-06-17T16:57:43 downloading the awesomesauce 2013-06-17T16:57:56 all of OUYA's patcher's notificaitons, LOL 2013-06-17T16:57:58 Synx|hm, weird 2013-06-17T16:58:17 since ive done that, i dont get a 'failed to connect' error any more on my android, i get a please provide us your validation which is ssn proof of address and license 2013-06-17T16:58:38 im going to complete whipe my cell now anyways, ill see if it comes back 2013-06-17T16:58:58 i dont really feel like giving google all those details even though they probably aready have them... i get my bills in email 2013-06-17T16:59:35 yeah because they care about the content in your email 2013-06-17T17:00:15 ok ok fine 2013-06-17T17:00:53 its the same shit mtgox pulled 2013-06-17T17:01:15 but i guess they (the federal govt) require it ? 2013-06-17T17:01:35 not for me, apparently 2013-06-17T17:01:41 I gave them credit card info and nothing else 2013-06-17T17:01:41 yeah the "know your account holder" rule 2013-06-17T17:01:54 if it's an exchange or bank account 2013-06-17T17:02:07 opticron: i did the same before and i still think i can use google checkout, ill have to test it 2013-06-17T17:02:28 the guy i called on the phone couldn't tell me what changed for them to require the info from me 2013-06-17T17:02:47 checkout is going away 2013-06-17T17:03:04 basically they aren't going to be a gateway anymore 2013-06-17T17:03:14 oh right they are going to third party processors right? 2013-06-17T17:03:29 yup, they reccomend some 2013-06-17T17:03:47 to switch to before they close checkout 2013-06-17T17:04:19 which only sucks for any e-commerce sites that use/allow google checkout 2013-06-17T17:05:38 hrm so whats going to happen to the hulu account i got for my grandparents that i dont have the slighest clue what the password is and keeps hitting my google wallet each month 2013-06-17T17:06:16 wallet still exists 2013-06-17T17:06:27 they are only getting rid of checkout 2013-06-17T17:06:40 ya isn't checkout how hulu is processing my charges? 2013-06-17T17:07:02 maybe i dont get the diff 2013-06-17T17:07:51 hey Dagmar you ever make that Sprint NSA logo? 2013-06-17T17:09:17 did you basically pay for it by logging into your google account and picking a payment method that way? 2013-06-17T17:09:29 yup 2013-06-17T17:10:47 yeah, you'll need to setup a different payment method soon 2013-06-17T17:11:10 november is when it shuts down 2013-06-17T17:11:15 so what can google wallet do without checkout? just store my NFC creds on my android? 2013-06-17T17:11:38 yup and facilitate charging 2013-06-17T17:12:06 so on normal web checkouts i wont be able to use my google account anymore? 2013-06-17T17:12:14 lol i just googled google checkout, clicked the link, it asked me to sign in, now it wants me to agree to wallet TOS 2013-06-17T17:12:16 aside from the playstore i guess 2013-06-17T17:12:23 right 2013-06-17T17:12:28 ahh 2013-06-17T17:12:57 lol i clicked agree and got a service unavailable page 2013-06-17T17:13:44 hmmm, yeah they are just redirecting checkout to wallet 2013-06-17T17:13:58 but it imported all my old checkout invoices/purchases 2013-06-17T17:14:59 wow, it doesn't use my google account info at all 2013-06-17T17:15:15 i haven't used checkout since I lived in hendersonville 2013-06-17T17:16:14 damn, it's failing to save my updated info 2013-06-17T17:16:28 i haven't seen this low of quality from google in a while 2013-06-17T17:19:21 *** jonnyx has joined #se2600 2013-06-17T17:20:17 *** jonny_X has quit IRC (Ping timeout: 252 seconds) 2013-06-17T17:22:42 got the OUYA, system UI is MUCH more responsive, etc than the first videos of it, and games are responsive too, don't have time to play with it, but i'm waiting more for XBMC than anything else 2013-06-17T17:23:17 RangerZ: i had never heard of it until you said something a few hours back 2013-06-17T17:23:20 its a game console? 2013-06-17T17:23:25 yeah 2013-06-17T17:23:32 kickstarter'd one 2013-06-17T17:23:41 pretty nice little SOC 2013-06-17T17:23:44 tegra3 2013-06-17T17:24:10 controller is blutooth and pretty nice 2013-06-17T17:24:19 hdmi? 2013-06-17T17:24:29 has a 360 esk controller with touchpad on top like new ps4 controller 2013-06-17T17:24:35 yes, HDMI and wifi and ethernet 2013-06-17T17:24:39 RangerZ: I held off on getting one because I didn't see many games 2013-06-17T17:24:39 gigabit? 2013-06-17T17:24:46 honestly don't know 2013-06-17T17:25:01 any news on that? ie did it pick up more games, make games easier to port for it, etc 2013-06-17T17:25:22 Networking and Wireless:10/100 Ethernet (8P8C)[25][29], 802.11 b/g/n, Bluetooth LE 4.0 2013-06-17T17:25:46 ahh 2013-06-17T17:26:08 http://en.wikipedia.org/wiki/Ouya 2013-06-17T17:26:09 Title: Ouya - Wikipedia, the free encyclopedia (at en.wikipedia.org) 2013-06-17T17:26:12 i really want a device with gigabit, having network performance issues getting raw bluray to stream on my boxee, (though im guessing its shitting boxee) 2013-06-17T17:26:20 but only 4.5w power usage 2013-06-17T17:26:50 and it runs android 4.1 2013-06-17T17:26:59 overall, it has pretty much everything i want 2013-06-17T17:30:44 RangerZ: cool 2013-06-17T17:30:58 i really just want a good video playback box 2013-06-17T17:31:02 and games are 'nice' 2013-06-17T17:31:11 especially for mom, friends, etc 2013-06-17T17:31:17 i got an extra controller for 30$ 2013-06-17T17:31:21 which are now 50$ 2013-06-17T17:36:27 fucking 600 meg download 2013-06-17T17:36:30 thank god for torrents 2013-06-17T17:47:10 Whazzit... the MK-303 or something 2013-06-17T17:47:45 I've got this little gumstick thing, but it's got HDMI output 2013-06-17T17:50:14 dammit 2013-06-17T17:50:26 this on and off rain is pissing me off and slowing down my house move 2013-06-17T17:50:54 *** ZombieChicken has joined #se2600 2013-06-17T17:50:55 *** ChanServ sets mode: +o ZombieChicken 2013-06-17T17:51:16 ...and just think, if you were to take bold, authoritative action and start a campaign to put an end to the abuses of weather, people would call you a madman! 2013-06-17T17:51:38 inorite? 2013-06-17T17:52:08 *** spaceB0x has joined #se2600 2013-06-17T17:52:19 like i step outside and it starts 2013-06-17T17:52:26 go in and pack more and it stops 2013-06-17T17:52:36 go to load the vehicle with more and rains again 2013-06-17T17:52:44 so now i have more packed boxes than space 2013-06-17T18:10:45 You should probably stop packing rain, then. 2013-06-17T18:28:19 *** Synx|hm has quit IRC (Quit: leaving) 2013-06-17T18:30:04 gah, i need to load the flatscreen 2013-06-17T18:30:50 do it in the rain 2013-06-17T18:30:52 protip 2013-06-17T18:37:59 *** x86Daddy has quit IRC (Ping timeout: 252 seconds) 2013-06-17T18:54:26 *** jonny_X has joined #se2600 2013-06-17T18:55:49 *** jonnyx has quit IRC (Ping timeout: 246 seconds) 2013-06-17T19:01:05 *** spaceB0x has quit IRC (Quit: leaving) 2013-06-17T19:04:37 well 2013-06-17T19:04:44 looks like I just toasted that flash drive. oops 2013-06-17T19:08:12 sales interns = 21 year old hot chicks 2013-06-17T19:08:22 and the workplace does not have an anti-dating policy 2013-06-17T19:08:45 aestetix: where do i send my resume? 2013-06-17T19:09:46 I will simply say this 2013-06-17T19:09:57 coworker dating directly contributed to some drama we had about 6 months ago 2013-06-17T19:22:46 that'll happen 2013-06-17T20:08:32 ok 2013-06-17T20:08:37 disk utility, format, etc all failed 2013-06-17T20:08:42 time for my last resort, dd 2013-06-17T20:11:55 have you tried hitting it with a hammer? 2013-06-17T20:34:24 *** ZombieChicken has left #se2600 ("WeeChat 0.4.1") 2013-06-17T20:38:27 did you check the whisper drive and reboot the matrix? 2013-06-17T20:47:24 did you invert the diagnostic array to check for quantime worm holes? 2013-06-17T20:47:51 was there any spare energy around the vortex conduit? 2013-06-17T20:53:04 *** scribbles has quit IRC (Ping timeout: 256 seconds) 2013-06-17T21:16:45 aestetix: take one of the hot interns and pack her up in a crate and ship her here. interns aren't humans so they don't have any rights to worry about. ;) 2013-06-17T21:21:51 *** ZombieChicken has joined #se2600 2013-06-17T21:21:53 aestetix: Is is showing up in syslog when you plug it in? If not, it's dead. If it is, dd'ing it with zeros will probably sort it out. 2013-06-17T21:21:54 *** ChanServ sets mode: +o ZombieChicken 2013-06-17T21:22:07 ...and stop trying to use fdisk on thumbdrives. It fucks up some of the older ones (don't ask me how) 2013-06-17T21:22:26 Evilpig: i like your suggestion 2013-06-17T21:22:52 Shadow404: just so we're clear. my idea, I get first dibs. 2013-06-17T21:22:53 but make sure you get a pre-paid return label in case shes ugly 2013-06-17T21:23:52 I trust aestetix's judgement. 2013-06-17T21:24:23 wow, really? 2013-06-17T21:24:34 i mean this is the guy that says penis at least once a day on irc 2013-06-17T21:24:59 yup. he also knows hot women 2013-06-17T21:25:03 ok 2013-06-17T21:25:07 so i got a query on that 2013-06-17T21:28:42 ok, waiting results.... 2013-06-17T21:30:18 I'm about ready to go visit my new upstairs neighbor and instruct them on how to walk 2013-06-17T21:30:52 that or I'm gonna go pick up some subs and mount them to my ceiling and start blasting the brown note at them 2013-06-17T21:31:05 lawl 2013-06-17T21:31:17 ok, so who has experience with tv wall mounts? 2013-06-17T21:31:17 You really want to wobble the center frequency between 11hz and 14hz and keep the volume relatively low 2013-06-17T21:31:37 Start at silent and then turn it up a bit until you're creeped out 2013-06-17T21:31:45 heh 2013-06-17T21:31:52 and walk away for coffee 2013-06-17T21:32:04 Get it right and you'll be able to cause a sense of unease and night terrors 2013-06-17T21:32:30 ...and nice and low like that keeps it from being discernable as coming from the floor 2013-06-17T21:32:54 Worst case scenario, people will dismiss it as distant trucks going by 2013-06-17T21:34:01 *** LastChild has joined #se2600 2013-06-17T21:34:01 *** ChanServ sets mode: +o LastChild 2013-06-17T21:34:38 Note that regardless of the reported frequency response, any 12" sub (which doesn't have a built in low-pass filter) is perfectly capable of generating 11hz-14hz tones 2013-06-17T21:39:10 I've got to confess to watching this first season of redneck island. commence mocking. 2013-06-17T21:40:27 I've also realized, I met the gay dude before he went on that show. He had come into the store ashley was working in a few years ago looking for a cowboy hat to take on that show. 2013-06-17T21:40:52 Evilpig: did you really need to see your family members that badly? 2013-06-17T21:41:27 Corydon76-work: I was looking for real rednecks they would have been funny. half of these people said they'd never fired a bow before 2013-06-17T21:41:52 Not much room for that in the trailer park 2013-06-17T21:41:55 In other words, trailer trash 2013-06-17T21:42:01 Yah 2013-06-17T21:42:11 nah, just southerners 2013-06-17T21:42:38 I grew up in Pennsylvania, and I've messed with a bow before 2013-06-17T21:42:47 one of them was from columbia, sc. just because it was in the south that doesn't make em a redneck 2013-06-17T21:43:05 Thurston Howell III 2013-06-17T21:44:24 Evilpig: There's also the issue that if they used real red necks, the producers would have decided that they needed to add subtitles. 2013-06-17T21:44:36 Which they did for that moonshiner's show. 2013-06-17T21:45:21 heh. it would have been entertaining though. I have said before I don't understand the need for teh subtitles on the moonshiners. I understand them clearly 2013-06-17T21:46:14 The 2008 election could have benefited from subtitles when Palin spoke 2013-06-17T21:49:11 "spell the word vermin" contestant: vermin? what is that? i've never heard that. 2013-06-17T21:50:43 they just asked the blonde "the current flag of the united states has 52 stars. true or false?" she doesn't know 2013-06-17T21:51:53 Ah... so they just found some stupid people who happened to be from the south and labeled them rednecks. 2013-06-17T21:52:00 ding ding ding 2013-06-17T21:52:23 they had maybe three or four real rednecks and they cracked me up. 2013-06-17T21:52:40 Only true redneck was the host 2013-06-17T21:52:57 steve austin? yeah that fits 2013-06-17T21:53:44 bobo was a redneck. he opened a beer with his teeth. not just popped the tab, but pulled the whole top of the can off. 2013-06-17T21:55:11 That'll do 2013-06-17T21:55:28 Peaches just made sweet water with 4 tea bags when he should have used 12 2013-06-17T21:56:02 Corydon76-work: you can fix that. just brew up some more really strong and mix 2013-06-17T21:56:25 The 3 quart pitcher is almost full right now 2013-06-17T21:56:55 I think i'll make some tea here in a bit as well 2013-06-17T21:57:04 So he'll have to drink some before I can do that 2013-06-17T22:29:28 Dave Chappelle is at the Ryman Sunday? 2013-06-17T22:31:27 Okay, repaired the tea. I can't wait until he tries some tomorrow 2013-06-17T22:34:05 Y'know, what I probably should do is use the mortar & pestle on a few tablets of No-Doz and dissolve them in the tea 2013-06-17T22:47:02 Corydon76-work: Do you want me to just hang on to the projector until the July meeting? 2013-06-17T22:47:25 Sure, that's fine 2013-06-17T22:49:23 cool 2013-06-17T22:58:57 *** scribbles has joined #se2600 2013-06-17T23:42:01 https://fbcdn-sphotos-h-a.akamaihd.net/hphotos-ak-frc1/393432_10150436221011840_1704210376_n.jpg 2013-06-17T23:42:17 amused me greatly 2013-06-17T23:44:08 mostly b/c he has the same beard as Evilpig, lol