--- Log opened Tue Oct 10 00:00:18 2017
00:39 -!- remoford1 [~remo_lapt@c-68-52-35-32.hsd1.tn.comcast.net] has quit [Quit: Leaving.]
02:52 -!- Dolemite [~scott@96-38-109-185.dhcp.jcsn.tn.charter.com] has quit [Ping timeout: 248 seconds]
03:50 -!- Dolemite [~scott@96-38-109-185.dhcp.jcsn.tn.charter.com] has joined #se2600
03:51 -!- mode/#se2600 [+o Dolemite] by ChanServ
05:01 -!- skiboy [~skiboy@gateway/vpn/privateinternetaccess/skiboy] has quit [Quit: Leaving]
06:26 <@Dolemite> mr0ning, be0tches and h0ez!
06:37 -!- scam [~sicsscam@24.154.71.208] has quit [Quit: Leaving]
06:39 -!- scam [~sicsscam@24.154.71.208] has joined #se2600
08:01  * aestetix hugs Dolemite 
08:02 -!- Dagmar [dagmar@unaffiliated/dagmar] has quit [Ping timeout: 264 seconds]
08:06 -!- Dagmar [dagmar@c-69-180-254-140.hsd1.tn.comcast.net] has joined #se2600
08:06 -!- Dagmar [dagmar@c-69-180-254-140.hsd1.tn.comcast.net] has quit [Changing host]
08:06 -!- Dagmar [dagmar@unaffiliated/dagmar] has joined #se2600
08:06 -!- mode/#se2600 [+o Dagmar] by ChanServ
08:12 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:7dd4:283f:579c:6c48] has quit []
08:31 -!- Corydon76 [~quassel@zett.abyt.es] has quit [Remote host closed the connection]
08:32 -!- Corydon76 [~quassel@zett.abyt.es] has joined #se2600
08:32 -!- mode/#se2600 [+o Corydon76] by ChanServ
10:20 -!- scam [~sicsscam@24.154.71.208] has quit [Quit: Leaving]
10:21 < dc0de[m]> Morning... Only three more days until the weekend!
10:35 -!- cordless [cordless@gateway/shell/insomnia247/x-hnliphtmnmoafzii] has quit [Ping timeout: 258 seconds]
10:44 -!- cordless [cordless@gateway/shell/insomnia247/x-jtpyrirtaibyboms] has joined #se2600
12:12 < aestetix> karma is the data center that hosts your servers having a major networking outage on your day off
12:25 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:b931:d8fc:e127:700c] has joined #se2600
12:30 -!- strages [uid11297@gateway/web/irccloud.com/x-dlsaobqnuxifevui] has quit [Quit: Connection closed for inactivity]
13:19 < dc0de[m]> 2017 - the year of the breach.
13:51 < k3ymkr> What year can't you say that about post 2010?
14:00 < xray> yeah but Equifax and Yahoo take the cake
14:19 < K`Tetch> yahoo was mostly pointless
14:19 < K`Tetch> there was also disqus revealed last week
14:20 < K`Tetch> disqus seemed to do well with how they handled it
14:20 < K`Tetch> this has been in a big banner on the admin panel for isntance https://blog.disqus.com/security-alert-user-info-breach?utm_source=motd_admin&amp;utm_medium=web
14:20 < PigBot> Couldn't snarf url: [Errno 1] _ssl.c:492: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure. http://tinyurl.com/y7hk6yyr
14:20 < xray> Yeah but 3 billion.  https://media.giphy.com/media/eTv3hUOWpMvG8/giphy.gif
14:20 < K`Tetch> er https://blog.disqus.com/security-alert-user-info-breach
14:20 < PigBot> Couldn't snarf url: [Errno 1] _ssl.c:492: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure. http://tinyurl.com/y9f3nk27
14:21 < K`Tetch> 3 billion, most of them old and trashy
14:21 < xray> Yes but the point is they didn't figure it out till now.
14:21 < xray> Talk about a face palm.
14:22 < dc0de[m]> Discus is a week or two old. That's what have I been p0wned sent out late last week.
14:24 < K`Tetch> disqus was last week, they were alerted on the 5th, they alerted everyone on the 6th
14:24 < aestetix> you know what would be great?
14:24 < aestetix> some kind of consequence for companies that get hacked
14:25 < K`Tetch> and some consequences for people who get robbed and women who get raped?
14:26 < K`Tetch> it's not the hacking that's the problem, it's the data handling prior, and the reaction to it afterwards that should be the subject of penalties
14:26 < aestetix> K`Tetch: so you think HIPAA is comparable to attacking a person who was robbed?
14:26 < aestetix> because that's what i was more suggesting
14:27 < K`Tetch> thats not what you said
14:27 < K`Tetch> 'that got hacked'
14:27 -!- remoford [~remo_lapt@c-68-52-35-32.hsd1.tn.comcast.net] has joined #se2600
14:27 < aestetix> ok fair enough
14:27 < K`Tetch> not 'that didn't adequately secure your information'
14:27 < xray> There is a *huge* difference
14:28 < xray> If someone is robbed they are a victim
14:28 < aestetix> yeah, that's waht I meant
14:28 < xray> If a bank says they will protect my money and they get robbed they do not cover my loss. That is different
14:29 < K`Tetch> again, from what I see, disqus did adequately secure the information - what was taken was, in the main, useless (and available to any comment moderator the affected user interacts with)
14:29 < xray> I recently read a paper that said we need to stop calling it identity theft.
14:29 < K`Tetch> but under 'got hacked' standard, they're 'liable'
14:30 < xray> If someone impersonates me and cleans out my bank account they haven't stolen my identity. The bank has failed to properly identity it's customers which resulted in bank fraud.
14:30 < xray> I think the argument has merrit.
14:30 < K`Tetch> they have stolen your identity as far as the bank is aware
14:31 < xray> The whole idea of identity and how to prove it in a digital age needs a re-thinking.
14:31 < K`Tetch> and it reminds me of late hitchhikers, with the 'identi-eeze'
14:31 < K`Tetch> (when ford steals gag halfront's card to impersonate him in the accounting mainframe)
14:32 < xray> No, I'm pretty sure I'm still me.
14:32 < K`Tetch> your person is not your identity
14:32 < xray> and the perpetrator isn't me
14:32 < K`Tetch> (shit now I'm sounding like a soverign citizen)
14:32 < xray> If you think that is true you will never work with classified data.
14:33 < xray> There was a great scifi book about this.
14:33 -!- scam [~sicsscam@24.154.71.208] has joined #se2600
14:33 < K`Tetch> 'identity' is just the way of proving that 'you are you'. I had problems when I updated my UK voter registration in fact, because I couldn't verify my identity by not remembering which company I worked for in june-october 2001
14:34 < xray> On this one world If two people fell asleep within a certain physical distance of each other they switched bodies and woke up in the other bodie.
14:34 < K`Tetch> 'freaky friday'?
14:34 < xray> So in that instance how do you prove you are you.
14:34 < xray> no
14:34 < K`Tetch> also 'big'
14:34 < xray> Part of the four lords of the diamond series
14:35 < xray> https://en.wikipedia.org/wiki/Four_Lords_of_the_Diamond
14:35 < PigBot> Title: Four Lords of the Diamond - Wikipedia (at en.wikipedia.org) http://tinyurl.com/y9jsjjuj
14:35 < K`Tetch> also Star trek TOs episode 'turnabout intruder', TNG eps 'lonely amongst us, brothers, and Power plays'
14:35 < K`Tetch> oh, and alegiences, and conspiracy
14:36 < K`Tetch> (although conspiracy was more a mind control infection, rather than mental switching or physical impersonation)
14:37 < xray> The point though is it really isn't identity theft it is a failure to properly authenticate identity.
14:38 < K`Tetch> in some ways, the show 'dark matter' is also about the difference beween 'person' and 'identity'
14:38 < xray> So you believed him when he said he was the Pope?
14:38 < xray> Well yes, he was wearing a funny hat.
14:38 < xray> Yes very much
14:39 < xray> It's also about redemption and choosing who you will be despite the circumstances
14:39 < K`Tetch> wish it hadn't been cancelled, but I've also not watched the 3rd season yet
14:40 < xray> What they don't delve into is choosing to be different even though you still remember what you used to be like. It implies we are slaves to our experiences.
14:40 < K`Tetch> 5's hair is offputting, that shade is... weird with the lighting
14:40 < xray> cancele?!?!?!?
14:40 < xray> nuts
14:41 < K`Tetch> but I also think that zoie palmer makes a better android in many ways than brent spiner
14:41 < K`Tetch> yeah, they announced it start of september - http://tvline.com/2017/09/01/dark-matter-cancelled-syfy-season-4/
14:42 < K`Tetch> they decided to go with killjoys instead
14:42 < xray> Just finished season 3 and it ended on a cliff hanger.
14:42 < xray> I agree she is awesome
14:42 < K`Tetch> very different roll from Lost Girl too
14:42 <@Mirage> that sucks.   i liked Dark Matter and hated Killjoys
14:43 < xray> Yes
14:43 < K`Tetch> role
14:43 < xray> yes about lost girl
14:43 < xray> KillJoys is OK
14:43 < K`Tetch> maybe showtime/netflix will take it over, make it a bit more 'lexx' like
14:44 < K`Tetch> whiel discovery should be cancelled
14:44 < K`Tetch> and its budget given to The Orville
14:44 < xray> If it's scifi it has to be really really bad before I dislike it
14:44 <@Mirage> ST: Discovery?
14:44 < xray> Discovery will fail because of the network
14:45 < xray> they have lost their mind
14:45 < xray> in how they are making it avaialble
14:45 < K`Tetch> its really driving people to torrents
14:45 < xray> just proves the networks are brain dead and the body just hasn't figured it out yet
14:45 <@Mirage> I hate how they reinvented the Klingons and get really tired of reading the subtitles
14:45 < K`Tetch> and they're not even speaking proper klingon
14:46 < K`Tetch> </nerd>
14:46 < xray> Orville has been fun
14:46 < xray> everyone is normal and not perfect like in Star Trek
14:46 <@Mirage> Yeah..it's serious and funny at the same time..a nice balance
14:46 < K`Tetch> thing is, it's meant to be 10 years pre TOS, yet it would fit, technilogically and thematically, around 2399 (20 years after voyager)
14:48 < xray> I will not see Discovery until it gets cancelled and Netflix streams the old episodes.
14:49 <@Mirage> xray: you won't miss much
14:49 < xray> CBS is on crack if they think they can compete with Netflix
14:49 < K`Tetch> (the 'prime' universe story continues from the hbus explosion that started the JJ-verse, through to 2410 in Star Trek Online)
14:49 < K`Tetch> maybe they're hoping for a strategic deal with netflix
14:49 < K`Tetch> they already have one with hulu on a limited basis
14:50 < xray> in the mean time I need to get back to learning python
14:50 <@Mirage> The first step in something like that shouldn't be competing with them
14:50 < xray> so I can do something rather than kibitz about what others are or are not doing
14:50 < K`Tetch> I should learn a coding language
14:51 < K`Tetch> (again)
14:51 <@Mirage> Duno about anyone else, but I see Disney trying to have their own streaming service failing miserably and just pissing people off
14:51 < K`Tetch> disney has the clout for it though
14:51 < K`Tetch> especially if they target the under10 market
14:53 <@Mirage> I don't see parents paying for a service when they can just fire up youtube on their phone/tablet/etc for free
14:53 < K`Tetch> you will when they ramp up the dmcabots
14:54 < K`Tetch> then there's autoplay 'gaming'
14:55 < K`Tetch> and fake videos (a la rickrolling) - which is already a pain when tryin to keep up with uk panel shows
14:56 < xray> I already code in multiple languages.
14:57 < xray> Need to learn Python to keep up with some of my security tools.
14:57 < xray> and all the "cool kids"
14:58 <@Mirage> i've only ever needed python for some custom Red Hat Satellite scripting
14:59 <@Mirage> Of course I've obnly ever needed Ruby for building Puppet modules
15:00 <@Mirage> I can get pretty much whatever I need done with Perl/PHP/PowerShell/Shell, depending on what I need to do and what it needs to be done on.
15:01 < K`Tetch> the last coding I did was c++ back in 99
15:02 < K`Tetch> it was required for my degree, and I hated it
15:16 <@shapr> K`Tetch: you coming to phreaknic?
15:16 <@shapr> xray: I teach Python
15:19 < xray> I'm plowing through my third python book now
15:19 <@shapr> got any questions?
15:20 <@shapr> Python has been most of my career since ~1996
15:20 < xray> Yes but I suspect that as I read more they will be answered.
15:20 <@shapr> ok
15:20 < xray> I have one.
15:20 < xray> OOP is new to me.
15:21 < xray> A function or family of functions saved to a file that you import is called a class?
15:21 <@shapr> no, there's a keyword "class" that starts a class definition.
15:22 < xray> hrm
15:22 <@shapr> I'll write a simple one
15:22 < xray> so should I create a class to store all my functions
15:22 < xray> that I use in my program
15:22 <@Corydon76> A class defines methods (functions) and properties (variables) in a collection, which is intantiated into objects
15:22 <@shapr> Python does not require that.
15:22 < xray> or keep them in the body of the program itself.
15:22 < xray> Which is what I do in Perl.
15:22 <@shapr> Java does require that all code is in a class, but Python can be used without requiring OOP
15:23 <@Corydon76> xray: not all functions, just functions related to a particular object
15:23 < xray> Ah now that makes more sense
15:23 < xray> so you can have it both ways in Python
15:23 < xray> This is similar to Perl in that respect
15:23 <@Corydon76> Yep
15:24 < xray> I was looking at a class and there were a lot of references to self
15:24 <@Corydon76> self is the current object
15:24 < xray> Not sure what the means. Is there a good reference for how to write a class
15:24 <@shapr> xray: http://lpaste.net/359118
15:24 < PigBot> Title: python simple classes :: lpaste — Lambda pastebin (at lpaste.net) http://tinyurl.com/yamdatde
15:25 < K`Tetch> shapr - I am not. Dragoncon takes up a lot of my disposable cash (what 3 teenagers doesn't)
15:25 <@shapr> ah, too bad
15:25 < K`Tetch> and this time fo year is filled up with marching band stuff
15:25 <@shapr> xray: a class definition is a blueprint, creating an instance allocates memory and creates the actual thing
15:26 <@shapr> so self means "this particular instance"
15:26 <@shapr> for example, a file object will have the contents of the file, and where the location of where it last read from the file
15:26 < xray> so this lets Python know the context
15:26 <@shapr> right
15:27 <@shapr> it lets Python call the code with the implicit state for this instance
15:27 < xray> I read PEP8 and there were a bunch of __stuff__ things they said should be included in every class.
15:27 < xray> with the double underscore
15:27 <@shapr> yup, those are usually called 'magic methods'
15:27 <@shapr> you can write them to describe how operators do stuff with that class
15:28 <@shapr> xray: that's why 'a' + 1 and 1 + 'a' give different errors
15:28 <@shapr> the magic method for the one on the left is called, and given the thing on the right
15:28 < xray> Ah
15:28 < xray> that actually makes sense
15:29 < xray> so maybe I'm not the village idiot, just his cousine
15:29 < xray> the illiterate one
15:29 <@shapr> I'd argue that programming languages are inconsistent and confusing
15:29 < xray> some times
15:29 <@shapr> I could come up with a long list of Python's inconsistencies
15:30 <@Corydon76> shapr: I dunno.  I think C is pretty consistent.
15:30 < xray> they inevitable paint themselves into a corner where their philosophy breaks down
15:30 <@shapr> yeah, in my opinion Haskell has the fewest inconsistencies, but it still has plenty.
15:30 <@Corydon76> though C is also remarkably difficult to program with
15:30 <@shapr> yeah
15:30 <@shapr> but important to know in the current programming culture
15:31 <@shapr> C is platform independent assembly
15:31 < xray> Then again we are conversing in English which is <sarcasm> so consistent </sarcasm>
15:31 <@Corydon76> shapr: I wish that were true
15:31 <@shapr> it's as close as we have :-)
15:32 <@Corydon76> If C truly was platform independent, we'd never have developed other languages
15:32 <@shapr> I do prefer C over C++ by a large amount
15:32 < xray> The further you move away from machine code the more limitations you run into
15:32 <@shapr> yeah, but limitations can be a good thing
15:32 < xray> you trade limitations for easy of coding
15:32 <@Corydon76> Abstraction is good, though
15:32 < xray> I agree
15:32 <@Corydon76> Assuming the language properly implements the abstraction
15:32 < xray> I've coded in assembly , C and Perl.
15:32 <@shapr> xray: I'll teach you some Haskell next time we're at 2600 at the same time
15:32 < xray> Much prefer Perl
15:33 <@shapr> perl has excellent consistency if you're already familiar with grep/awk/sed/unix tools
15:33 < xray> my $stuff {'key', 'value'}
15:34 < xray> sorry
15:34 < xray> my $stuff  = {'key', 'value'};
15:34 < xray> presto a hash
15:34 < xray> dictionary in Python
15:34 < xray> in C
15:34 < xray> first you have to make dirt
15:34 < xray> then you have to create life
15:34 < xray> then create a programmer
15:35 < xray> then write 8 pages to code to implement a hashing algorithm
15:35 < xray> nuts, I forgot why I needed the hash. :)
15:36 <@Corydon76> Then ensure your hash isn't overwriting random memory
15:36 < xray> what you didn't already implement malloc from scratch first.
15:36 < xray> what kind of programmer are you
15:36 < xray> and don't forget garbage collection
15:37 < xray> oops I reached the heat death of the universe and my code still isn't running
15:37 < xray> sigh
15:37 < xray> Should have coded it it Perl
15:38 <@Corydon76> If you REALLY want to have some fun, write memory handling routines that mess with the SIGSEGV signal handler
15:39 < xray> Why not just beat myself in the head with the Kernighan & Ritchie book
15:39 < xray> it would be less painful
15:39 <@Corydon76> When I was debugging a memory issue, I overrode free() so that it would instead simply memory protect that segment of memory, instead of free'ing it, so I could detect if something wrote to it after it was free'd, then see what code did that.
15:40 <@Corydon76> When you mprotect() memory, you get a SIGSEGV anytime something tries to read from or write that memory segment.
15:40 <@Corydon76> And you have to remove the protection before returning, or the signal handler will immediately fire again
15:40 < xray> but lately I have been reading were they do read after free in production cod3e
15:41 <@Corydon76> Still a no-no
15:41 < xray> My first thought was "Say What?"
15:41 <@Corydon76> Use-after-free is a known deep juju problem
15:41 <@Corydon76> Especially when something else may have been allocated using that segment of memory
15:42 < xray> I did write a program once that used undocumented OP codes to modify hierarchical registers before returning values.
15:43 < xray> So 2 + 2 might end up equaling 5 because you modified one of the registers to be 3 before =
15:43 < xray> believe it or not it was a legitimate hack to get around a system limitation
15:43 < xray> I probably could have found a better way to solve it if I had tried harder.
15:44 < xray> I think I still have the source
15:55 < xray> shapr: I created a file Foo.py
15:55 < xray> with
15:55 < xray> class Foo:
15:55 < xray>     pass
15:55 < xray> class Bar:
15:55 < xray>     def __init__(self):
15:55 < xray>         # this function runs when an instance of this class is created
15:55 < xray>         print ("created an instance of Bar")
15:55 < xray> the created test003.py with
15:56 < xray> import Foo
15:56 < xray> Foo.Bar()
15:56 < xray> It worked
15:56 <@shapr> yup
15:56 < xray> thanks
15:56 <@shapr> I can create more complex examples if you like
15:56 < xray> No need
15:56 <@shapr> though these days I'm not a fan of OOP
15:57 < xray> well not yet anyway
15:57 < xray> Why is that
15:57 < xray> Isn't everything in Python an object
15:57 <@shapr> yes, all the built-in types are objects
15:58 <@shapr> xray: you'll learn Python faster with the interactive interpreter
15:58 <@shapr> just run python
15:58 <@shapr> then help()
15:58 < xray> That is what I have been doing
15:58 <@shapr> and dir() is your friend
15:58 <@shapr> ah good
15:58 < xray> dir?
15:58 < xray> trying that now
15:58 <@shapr> so run the interpreter in the same dir with the test003.py file
15:58 <@shapr> then do dir()
15:58 <@shapr> you'll see what values are in scope
15:59 <@shapr> then do "import Foo"
15:59 <@shapr> or whatever worked before to import that file
15:59 < xray> ooooohhhh
15:59 <@shapr> and do dir() again
15:59 <@shapr> and c = Foo.Bar()
15:59 <@shapr> and then dir(Foo)
15:59 <@shapr> to see the contents of the module
15:59 <@shapr> and dir(c) to see what's attached to the instance you created
15:59 <@shapr> dir is really useful
15:59 <@shapr> there's also help()
16:00 <@shapr> Corydon76: you ever parsed 802.3 frames?
16:00 <@Corydon76> Nope
16:01 < xray> wow
16:01 <@shapr> I'm porting some code from Python to C++, using struct.Struct('>BBB'), turns out 'B' means 'unsigned int'
16:01 <@shapr> can I assume that's a 32-bit value?
16:01  * shapr wanders around google
16:02 <@Corydon76> Probably only on a 32-bit OS
16:02 <@Corydon76> If you're on a 64-bit OS, then unsigned int is most likely also 64-bit
16:02 <@shapr> I'm wondering about the size of these fields in the actual 802.3 frame
16:02 <@shapr> time to read more stuff, I guess
16:04 <@Corydon76> Which field are you attempting to decode?
16:05 <@shapr> dsap, ssap, and control
16:05 <@Corydon76> I would think that the 'B' in that context actually means an 8-bit byte, even if it's in unsigned format.  So, 0-255
16:06 <@shapr> oh, a single octet? huh
16:06 <@shapr> oh, right struct.Struct B means *unsigned char*
16:06 <@Corydon76> DSAP is a single octet
16:06 <@shapr> how'd you discover that?
16:06 <@Corydon76> https://www.savvius.com/networking-glossary/ethernet/frame_formats/frame_ethernet_iee8023/
16:06 < PigBot> Title: Frame Format IEEE 802.3 - Savvius (at www.savvius.com) http://tinyurl.com/yd9m84h6
16:07 <@shapr> oh marvelous!
16:07 <@shapr> thanks!
16:07 <@Corydon76> yw
16:09 <@Corydon76> In some ways, it's sad that programming has become an exercise in knowing how to find the answer in documentation (i.e. Google) rather than a creative process
16:10 <@Corydon76> I'm also continuously annoyed at how non-compliant Linux is with POSIX standards.
16:11 -!- skiboy [~skiboy@gateway/vpn/privateinternetaccess/skiboy] has joined #se2600
16:11 <@Corydon76> When the system isn't compliant with standards, and the documentation otherwise SUCKS, it's anybody's guess as to how a system is supposed to behave.
16:12 <@Corydon76> Which also means debugging is nigh impossible
16:12 <@shapr> this site even has the SNAP header spec, w00t!
16:13 <@shapr> perceived speed of deadline approach has decreased
16:19 <@shapr> aha, so if DSAP is 0xAA, and SSAP is 0xAA, it's a SNAP frame
17:49 -!- TheDukh [~thedukh@2607:fcc8:ac80:d900:b931:d8fc:e127:700c] has quit []
18:27 -!- strages [uid11297@gateway/web/irccloud.com/x-xcuduchvnsqlouuc] has joined #se2600
20:26 -!- n0logic [~n0logic@107.77.248.90] has joined #se2600
21:01 <@Dagmar> f**k parsing ethernet frames manually
21:01 <@Dagmar> I did some of that crap back in 2000 with those craptactual Airwave cards I had
21:01 <@Dagmar> Jesus jumping christ
21:01 <@Dagmar> The damn things basically acted like a serial port connected to an antenna
21:02 <@Dagmar> You could _see_ the raw frames
21:02 <@Dagmar> ...because the drivers didn't know a damn thing to do about them.
21:02 <@Dagmar> Might as well have been a normal card, but lobotomized and stuck in monitor mode
23:29 -!- Dolemite [~scott@96-38-109-185.dhcp.jcsn.tn.charter.com] has quit [Ping timeout: 258 seconds]
23:30 -!- Dolemite [~scott@96-38-109-185.dhcp.jcsn.tn.charter.com] has joined #se2600
23:30 -!- mode/#se2600 [+o Dolemite] by ChanServ
23:38 -!- remoford [~remo_lapt@c-68-52-35-32.hsd1.tn.comcast.net] has quit [Quit: Leaving.]
--- Log closed Wed Oct 11 00:00:20 2017