<rqou>
although compiling the latest master doesn't work either
<rqou>
whatever, secure boot is enabled
<rqou>
and my PK is enrolled, although it is refusing to add my KEK key
<rqou>
i don't want to have to pull out a graphics card to mess with this system interactively
<rqou>
so f*ck it
<rqou>
:P
<rqou>
although removing the PK isn't working either, which is a bit concerning
<lain>
kek.
<rqou>
lain: will your motherboard have actually f*cking working secure boot and/or tpm?
<lain>
hm
<lain>
secure boot will work yes, I wasn't planning on adding a discrete tpm but I'm pretty sure the soc has firmware tpm in the Intel ME
<rqou>
and you trust that? :P
<lain>
no more or less than I trust a closed-source, unaudited discrete tpm...
<rqou>
true enough
<lain>
I mean, I think it would be silly to assume intel are somehow malevolent, so that just leaves incompetence, which... sure maybe, but that applies everywhere
<lain>
and so far nobody has actually broken ME, so...
<rqou>
right now I'm trying to set up my NAS to have secure boot, unlock the boot volume with a TPM-sealed key, and unlock the storage volume with an external smartcard
<rqou>
unfortunately apparently zero parts of this have ever been tested
<rqou>
by anyone other than @mjg59 or something
<rqou>
secure boot barely works beyond "platform enablement" (thanks Canonical)
<rqou>
TPMs basically don't work ever
<rqou>
and same with smartcards
<lain>
lol
cr1901_modern has joined ##openfpga
* lain
kicks back, boots windows securely, yawns
<lain>
;)
<rqou>
well f*cj
<rqou>
f*ck
<rqou>
Variable KEK, length -4
<rqou>
at least i found one problem
<rqou>
some genius decided the kernel efivars should set the immutable bit on the secure boot variables
<rqou>
and didn't tell the efitools guy
<rqou>
hmm, apparently that's a red herring
<rqou>
but it causes stat to now return a file of 0 bytes even though when reading there are more than 0 bytes
<rqou>
woot, bugs all around!
<lain>
yaay
promach has quit [Ping timeout: 276 seconds]
<rqou>
"Unfortunately, this command has never worked for me; efi-updatevar reports Cannot write to db, wrong filesystem permissions, even when run as root. More disturbingly, immediately thereafter efi-readvar reports that the database is empty (although a reboot fixes that problem). Perhaps this bug will be fixed by the time you read this, though."
<rqou>
blargh, i'm ordering another crappy gpu so i can debug this more easily
<rqou>
i don't want to have to keep pulling the gpu from my current machine
<rqou>
i'm also going to need to have fun poking the FDE setup
m_w has quit [Quit: leaving]
digshadow has joined ##openfpga
DocScrutinizer05 has quit [Disconnected by services]
DocScrutinizer06 has joined ##openfpga
DocScrutinizer06 is now known as DocScrutinizer05
<rqou>
just got about five breaker trips in the last 10 minutes
<lain>
rip
<rqou>
i assume jamming the breaker is a bad idea? :P
<lain>
depends how much you enjoy the insurance company denying your claim
<rqou>
lol what insurance? :P
<lain>
D:
<lain>
man, get insurance if you don't. theft can happen to anybody
<lain>
it's happened to me, and to a friend I was staying with once (separate incidents in different states)
<lain>
friend had insurance, got compensated
<lain>
I didn't, I lost a lot of stuff
wpwrak has joined ##openfpga
<rqou>
my parents have liability insurance ("someone trips on your property and then sues you" insurance) but very little theft/disaster/etc. insurance
<rqou>
apparently they feel that the "damages your own property" risk isn't actually that high
<lain>
:/
<rqou>
most of those policies are afaik not very good anyways (high deductible and/or low limits)
<lain>
depends
<lain>
we have a pretty solid one
<lain>
I also have an all-risk floater on ours, where I pay a small fee to protect itemized valuables
<lain>
specifically, I think I pay like $1.20 per $100 value for insuring my camera equipment
<lain>
I have over $10k in camera equipment so that's pretty valuable -- the all-risk thing means it covers ANY risk, named or not
kuldeep_ has quit [Read error: Connection reset by peer]
<lain>
as in, space pirates can land in my back yard and steal all my shit, and the insurance company still pays replacement value :P
kuldeep_ has joined ##openfpga
<rqou>
until you actually try to claim it :P
<rqou>
do you do photography? why so much equipment?
<lain>
we've had some claims over the years and they've never denied any or caused any problems tbh
<lain>
and.. photography is one of those hobbies where it doesn't take much to rack up a serious bill lol
<rqou>
one summer after we had a huge clusterf*ck of subletters, we were cleaning up and discovered a small potted cactus
<rqou>
nobody knew who bought it, so we assumed one of the subletters did and left it here
<rqou>
after ~1 semester we were cleaning the apartment again
<lain>
taken with a rokinon 8mm fisheye, modified for close focus.. the dirty blade of grass-stuff smack in the middle of that image is actually touching the lens
<rqou>
and one of us noticed that the cactus was missing
<lain>
lool
<rqou>
however despite all the cleaning we never found it
<rqou>
so we don't actually know if it's dead or not :P
<lain>
god one time I busted my nose over a friend's freshly-cleaned white carpets
<lain>
like they JUST had the carpet cleaners over the day before
<rqou>
whitequark: interestingly, the US electrical code has continuously increased the mandatory minimum number of outlets in a house
<lain>
busted my nose, blood EVERYWHERE
<rqou>
to discourage the need for stupid janky extension cord hacks
<lain>
that was fun to clean
<rqou>
however, there is no requirement to bring "legacy" installations up to the new code
* lain
-> slp
<rqou>
wow, that's early :P
<lain>
I'm old now, it's time for my nap :P
<rqou>
btw whitequark idk if you saw this earlier but i discovered that connecting/disconnecting the coaxial cable from the cable modem will trip the gfci i put in
<rqou>
which means there are some weird potential differences going on
<rqou>
which is totally how it should work, right? :P
<lain>
a friend once blew a graphics card by plugging in a displayport cable. we don't know how it happened, and it wasn't repeatable. he plugged it in, there was a big spark, something popped, gpu was kill. got new gpu, cautiously plug same monitor, same cable in, no issue.
<whitequark>
rqou: uhm, yeah, ground loo
<whitequark>
loop
<lain>
in between, the suspect monitor/cable combo was tested on lots of other things, but no damage resulted :P
<rqou>
the cable modem doesn't have an earth ground connection
<lain>
rqou: wait then how does it trip gfci
<rqou>
idk, but it did
<lain>
well
<whitequark>
rqou: is it connected via usb to something
<rqou>
it's not consistently repeatable
<lain>
that's terrifying :P
<rqou>
no, only cable and ethernet
<whitequark>
... hm
<rqou>
or wait
<rqou>
maybe?
<whitequark>
how is ethernet terminated at its end
<whitequark>
if usb, then those idiots connected the shields
<lain>
ethernet should be galvanically isolated
<lain>
unless it's shielded cable
<rqou>
it's sharing a UPS with a PC and a bunch of other crap
<whitequark>
lain: should.
<rqou>
but this whole setup is on a gfci but without earth ground
<lain>
oh, are you doing that trick of attaching neutral to the ground pin of the socket?
<rqou>
no
<rqou>
ground is floating, but gfcis still work that way
<lain>
wat
<lain>
gfci can only fault on ground current, and you can't have current if it's floating??
<rqou>
gfcis detect imbalances in hot/neutral
<whitequark>
gfcis compare the current flowing in L/N
<lain>
oh shit right
<lain>
yeah, sleep time.
<rqou>
so somehow some current got pulled from / injected into the power wires via the cable
<lain>
guessing what you saw then was static charge on the cable discharging through the modem
<rqou>
possible
<rqou>
eh, everything works fine when you leave it connected, so ¯\_(ツ)_/¯
<lain>
I've heard about installations where they stapled the coax to the wall, and decided to staple the AC wiring with the same staple...
<lain>
... and wound up making the staple live
<lain>
... and did it so hard it punctured the cable shield, so the cable shield became live also
<rqou>
lool
<lain>
yeah plugging that in
<lain>
lots of sparks
<lain>
possibly blown tv / etc
<rqou>
yeah the cable here isn't even embedded in the walls
<rqou>
it's attached via more-permanent clips along the walls just like the jank wiring