DocScrutinizer05 changed the topic of #qi-hardware to: Copyleft hardware - http://qi-hardware.com | hardware hackers join here to discuss Ben NanoNote, atben / atusb 802.15.4 wireless, and other community driven hw projects | public logging at http://en.qi-hardware.com/irclogs and http://irclog.whitequark.org/qi-hardware
nicksydney_ has joined #qi-hardware
nicksydney has quit [Ping timeout: 264 seconds]
Luke-Jr has quit [Remote host closed the connection]
Luke-Jr has joined #qi-hardware
nicksydney_ has quit [Read error: Connection reset by peer]
nicksydney has joined #qi-hardware
nicksydney_ has joined #qi-hardware
nicksydney has quit [Ping timeout: 264 seconds]
nicksydney has joined #qi-hardware
nicksydney_ has quit [Ping timeout: 264 seconds]
dos1 has quit [Ping timeout: 240 seconds]
lindi-_ has joined #qi-hardware
bartbes_ has joined #qi-hardware
freespace has quit [Ping timeout: 265 seconds]
woakas has quit [Ping timeout: 265 seconds]
bartbes has quit [Ping timeout: 265 seconds]
lindi- has quit [Ping timeout: 265 seconds]
woakas has joined #qi-hardware
freespace has joined #qi-hardware
arielenter has joined #qi-hardware
atommann has joined #qi-hardware
michael_lee has joined #qi-hardware
atommann has quit [Ping timeout: 250 seconds]
atommann has joined #qi-hardware
Luke-Jr has quit [Remote host closed the connection]
Luke-Jr has joined #qi-hardware
* whitequark has devised an interesting system for data storage
<whitequark> you know dropbox, right?
<whitequark> well, it will be sort-of dropbox clone, if you think about the interface it shows the user
<whitequark> but internally, it has all-consuming maniacal paranoia
<whitequark> it doesn't trust: 1) network, over which you connect to server 2) the server itself 3) whatever storage mechanism server uses 4) other peers
<whitequark> taking quite some inspiration from tahoe-lafs
arielenter has quit [Quit: Leaving.]
arielenter has joined #qi-hardware
Luke-Jr has quit [Remote host closed the connection]
Luke-Jr has joined #qi-hardware
Luke-Jr has quit [Remote host closed the connection]
Luke-Jr has joined #qi-hardware
Luke-Jr has quit [Remote host closed the connection]
Luke-Jr has joined #qi-hardware
Luke-Jr has quit [Remote host closed the connection]
Luke-Jr has joined #qi-hardware
Luke-Jr has quit [Remote host closed the connection]
Luke-Jr has joined #qi-hardware
arielenter has quit [Quit: Leaving.]
xiangfu has joined #qi-hardware
rta has quit [Ping timeout: 246 seconds]
kristianpaul has quit [Ping timeout: 250 seconds]
kristianpaul has joined #qi-hardware
kristianpaul has joined #qi-hardware
xiangfu has quit [Remote host closed the connection]
xiangfu has joined #qi-hardware
arielenter has joined #qi-hardware
rta has joined #qi-hardware
jekhor has joined #qi-hardware
arielenter has quit [Read error: Connection timed out]
mth has quit [Remote host closed the connection]
rz2k has joined #qi-hardware
wolfspraul has joined #qi-hardware
<wpwrak> furthermore, it shall distrust: users, the CPU hardware, cryptography, causality
nicksydney has quit [Read error: Connection reset by peer]
nicksydney has joined #qi-hardware
michael_lee has quit [Quit: Ex-Chat]
sb0 has joined #qi-hardware
xiangfu has quit [Remote host closed the connection]
rz2k has quit []
xiangfu has joined #qi-hardware
dandon_ has joined #qi-hardware
dandon has quit [Ping timeout: 240 seconds]
dandon_ is now known as dandon
atommann has quit [Quit: Leaving]
xiangfu has quit [Ping timeout: 250 seconds]
xiangfu has joined #qi-hardware
xiangfu has quit [Ping timeout: 250 seconds]
xiangfu has joined #qi-hardware
xiangfu has quit [Remote host closed the connection]
jekhor has quit [Ping timeout: 240 seconds]
<whitequark> that's not a bad idea in general, but no, not in this one :)
mth has joined #qi-hardware
bzb has joined #qi-hardware
bzb has quit [Read error: Connection reset by peer]
Luke-Jr has quit [Remote host closed the connection]
Luke-Jr has joined #qi-hardware
<wpwrak> DocScrutinizer05: you wondered about web.de passwords. here you are: http://www.heise.de/newsticker/meldung/Heartbleed-Yahoo-und-Web-de-raten-zum-Passwortwechsel-2167630.html
<wpwrak> eintopf: one issue with making at86rf23x start sending before all data is in the chip's buffer is that you have to be sure you don't get any unexpected delays between commanding the transmission and the and of the data transfer
<wpwrak> eintopf: in linux, you usually can't guarantee this yet it may still work most of the time. you should therefore be prepared to handle a frame buffer underrun (access violation)
<wpwrak> ... aka TRX_UR interrupt
<wpwrak> yeah. so you still have to decide :)
<DocScrutinizer05> I wonder if the passwords that bleeded were simple to associate to the *account data*
<wpwrak> probably yes
<wpwrak> well, the account name
<DocScrutinizer05> I mean, I can share 5 passwords here: abcde 12345 qwerty password marry
<DocScrutinizer05> those are not *my* passwords, so they are useless to you
<wpwrak> (stuff about at86rf23x) oops, wrong channel :( don't type stuff before morning caffeine ...
<wpwrak> DocScrutinizer05: the data they catch is most likely "DocScrutinizer05/IwantApony7". so they have full login information
<eintopf> wpwrak: Yes I know that, there is a irq for frame buffer underrun (access violation)
<eintopf> and the bad news
<eintopf> the irq occurs :)
<wpwrak> eintopf: reposted on the right channel :)
<DocScrutinizer05> hmmm
<DocScrutinizer05> tok me an agonizing while to get to this screen http://wstaw.org/m/2014/04/10/plasma-desktopcT1775.png
<DocScrutinizer05> took
<DocScrutinizer05> not the tiny "your password dosn't need to get changed"
<DocScrutinizer05> note
<wpwrak> do they explain what they base the recommendation on ? does it even refer to heartbleed ?
<DocScrutinizer05> no
<wpwrak> if they have mandatory periodic password changes, it could be an indicator of that
<DocScrutinizer05> it's incredibly difficult to even get to there
<DocScrutinizer05> they don't
<wpwrak> getting security right is hard. you really have to use that heavy grey mass that normally only serves to balance the head
<wpwrak> for web.de, this may be a first ;-)
<DocScrutinizer05> indeed
<DocScrutinizer05> no matter what you do, they always kick you back from https:// to http://
<DocScrutinizer05> great¡ >:-(
<DocScrutinizer05> seems they somewhat partially stopped that habit though
<wpwrak> thanks to snowden perhaps
<DocScrutinizer05> yet without JS the site is rubbish/junk
<wpwrak> and just when you thought you were safe if you didn't log in in the last few days: http://arstechnica.com/security/2014/04/heartbleed-vulnerability-may-have-been-exploited-months-before-patch/
<DocScrutinizer05> and the first time I logged in they instantly kicked me "for security reasons" and next time they complained that I didn't log out ;-P
<DocScrutinizer05> well, that's been obvious
<DocScrutinizer05> may nave been exploited since 2 years, I'd say
<DocScrutinizer05> even worse: I learned they also might have attacked *my* PC when I connected to a https:// URL
<wpwrak> naw, not obvious. we didn't know it have been independently discovered
<wpwrak> what they're saying is that evidence for heartbleed attacks have been found in honeypot going back as far as november 2013
<DocScrutinizer05> ooooh
<DocScrutinizer05> no surprise though
<DocScrutinizer05> I had taken bets
<wpwrak> seems that *someone* is reviewing that openssl code. it's just not the ones responsible ...
<DocScrutinizer05> I'm just pondering a staeful packet inspection firewall that has a list of "hot terms"
<wpwrak> some people may just record everything that goes to their honeypot. then, when something happens that makes them suspicious, they can examine the whole history of their traffic for clues
<DocScrutinizer05> of course such firewall MUST be bomb proven by itself, otherwise it might make for a really worthy target
<wpwrak> the recording in such a honeypot could be completely passive
<DocScrutinizer05> sure sure, honeypot. fine. but hardly feasible for your private PC to harden it
<wpwrak> a 1 TB disk would be enough for about a day of sustained 100 Mbps traffic. and a honeypot probably gets a lot less
<wpwrak> naw, but for security firms. 1 disk per day is peanuts if it's part of your business
<DocScrutinizer05> yep, I know a bit about how those companies work
<DocScrutinizer05> most amazing thing is: how do they get all those IPs out of alien ranges
<DocScrutinizer05> I mean, how would I set up a honeypot that has an IP that looks like it was in IBM offices India?
<DocScrutinizer05> and they probably not only want the IP but also the traceroute look plausible
<wpwrak> just put your own content there ? e.g., who really knows who is behind pics.nase-bohren.de ? :)
<DocScrutinizer05> OK, to a certain degree you can fake traceroute
<wpwrak> maybe fakebook is just one big honeypot and they record EVERYTHING ;)
<DocScrutinizer05> that's been the basic idea when they invented it
<DocScrutinizer05> but look e.g. here http://www.digitalattackmap.com/#anim=1&color=0&country=ALL&time=16104&view=map
wolfspraul has quit [Quit: leaving]
wolfspraul has joined #qi-hardware
<DocScrutinizer05> those dudes need other service contracts with internet providers than any mere mortal
<wpwrak> heh, nice one :)
viric has quit [Ping timeout: 240 seconds]
<wpwrak> malaysia has some domestic issues :)
<DocScrutinizer05> watch "the movie"!
<DocScrutinizer05> dafaq! ~dec-1. 2013
<DocScrutinizer05> and mid of January
<DocScrutinizer05> Feb 8
<DocScrutinizer05> USA nukes itself
viric has joined #qi-hardware
<DocScrutinizer05> and 5 days ago korea got pretty active
viric has quit [Ping timeout: 276 seconds]
viric has joined #qi-hardware
arielenter has joined #qi-hardware
viric has quit [Ping timeout: 252 seconds]
wej has quit [Read error: Connection reset by peer]
wej has joined #qi-hardware
viric has joined #qi-hardware
wej has quit [Read error: Connection reset by peer]
wej has joined #qi-hardware
rta has quit [Ping timeout: 252 seconds]
<sb0> roh, is there a CNC mill at RFA?
rta has joined #qi-hardware
FDCX has quit [Ping timeout: 246 seconds]
FDCX has joined #qi-hardware
pcercuei has joined #qi-hardware
dos1 has joined #qi-hardware
Web-aptosid876_ has joined #qi-hardware
<Web-aptosid876_> what other mips pocket computers are there?
<Web-aptosid876_> NN,GCW,Dingoo A320....
<zrafa> RMS ultrabook stolen
<zrafa> :)
<Web-aptosid876_> again?
arielenter has quit [Ping timeout: 240 seconds]
arielenter has joined #qi-hardware
FDCX has quit [Remote host closed the connection]
mth has quit [Remote host closed the connection]
mth has joined #qi-hardware
jekhor has joined #qi-hardware
arielenter has quit [Ping timeout: 240 seconds]
idundidit has quit [Quit: I'm off to see the wizard, the wonderful wizard your mom.]
arielenter has joined #qi-hardware
FDCX has joined #qi-hardware
<dos1> oh well...
<dos1> and someone posted this comment on facebook under that article: http://pastebin.com/1zYdCiSw
arielenter has quit [Quit: Leaving.]
arielenter1 has joined #qi-hardware
wolfspraul has quit [Quit: leaving]
pcercuei has quit [Ping timeout: 252 seconds]
<Web-aptosid876_> dos1: pastebin isn't friendly to tor users
<Web-aptosid876_> try pastebay.com
<dos1> it's pointing to http://cryptome.org/0001/nsa-ip-update14.htm and http://cryptome.org/2014/03/nsa-zologize.htm and noting that there's an entry "193.0.0.0 - 193.255.255.255 (subranges are NSA-affiliated and/or NSA fully-controlled)" which match IPs reported by EFF
<Web-aptosid876_> thanks
jekhor has quit [Ping timeout: 252 seconds]
sb0 has quit [Quit: Leaving]
arielenter1 has quit [Ping timeout: 252 seconds]
w3bspl0it has joined #qi-hardware
<w3bspl0it> hello