IRC Logs for #crux Monday, 2017-10-16

*** abenz__ has joined #crux00:31
*** abenz_ has quit IRC00:34
*** __07IABE62D has quit IRC02:43
*** __07IABE62D has joined #crux02:44
*** brian|lfs has joined #crux04:01
*** tilman_ has joined #crux04:34
*** tilman has quit IRC04:37
*** henesy has quit IRC04:58
*** brian|lfs has quit IRC05:51
*** amonn has joined #crux05:52
*** amonn__ has quit IRC05:54
*** amonn_ has joined #crux05:54
*** brian|lfs has joined #crux05:57
*** amonn has quit IRC05:57
*** parlos has joined #crux06:26
*** john_cephalopoda has joined #crux07:18
frinnstmother fucking vendors09:25
frinnstrequires a super-complex password09:26
frinnstthen when you want to login the keymap is US09:26
joacimdid you use äöå?09:33
frinnstbut stuff like ]_ whatnot09:33
frinnstive deciphered what I need to think I should type to match the password09:34
frinnstbut that doesnt work either.. so now im starting to wonder09:34
joacimi changed the keyboard layout once, and forgot to specify -latin109:34
joacimended up with dvorak09:34
frinnstthis is an appliance.. havent had the option to specify anything yet09:35
frinnstAccount locked due to 9 failed logins09:35
*** p4cman has joined #crux10:50
dlcusaHappy Monday (not)!  Have fun (not)! WPA2 protocol flaw revealed:
*** ivladak has joined #crux11:08
*** parlos has quit IRC11:12
pedjaif you have Yubikey, this might be interesting
pedjaotoh, who knows how many smart cards and TPM modules use affected library, so12:05
pedjablog post explaining it, if you are bored :)
frinnstoh cool. infineon is used on that type of hardware too?13:16
frinnsti read a lot about lenovo and other computers that were affected13:17
frinnst looks tempting13:18
frinnstalso the signed rms print13:19
frinnst$100 :)13:20
frinnstCheckout complete13:24
frinnst(I bought the photo)13:24
pedjaLenovo and HP issues security advisories about it. 'Scope of Impact: Industry-Wide' :)13:29
pedjaWPA2 breakage is much more interesting to me, tbh13:35
frinnstwireless is shit13:40
frinnstI dont understand people that ONLY use wireless in their homes13:41
frinnstvisited my sister on friday. they stream 4k over wireless13:41
*** Kruppt has joined #crux13:48
frinnstassume so. I connected my phone and got maybe 150mbit13:48
frinnstbut when I did, their tv started to lag13:48
pedjaDoS the TV13:48
pedjaI know that my phone won't get updated, and I am pretty sure my ISP couldn't be bothered to update the router, so13:48
pedjasisters laptop is Lenovo, with TPM most likely, running Win10. this should be fun13:48
SiFuh__1408, 5832, 24, 25, 10, 11, ..., ..., ..., (what comes next?)13:52
SiFuh__My friends tell me this one is too hard.13:53
jaeger17, 1613:53
jaeger(day length on planets)13:54
SiFuh__See this is why jaeger is a legend!13:54
SiFuh__Not so hard!13:54
jaegerI had to think about it for a while, heh13:54
SiFuh__Sorry to take up your seconds jaeger :-)13:54
*** henesy has joined #crux14:03
*** g0relike has joined #crux14:03
*** parlos has joined #crux14:05
*** Kruppt has left #crux ()14:23
pedjaapparently, there are 9 planets in our solar system
pedjano information on its day length, thou :)14:38
SiFuh__Pluto is still a planet in my opinion14:39
SiFuh__ Heresy?14:50
pedjaEris is bigger than Pluto, and its not a planet, so14:50
SiFuh__Eris doesn't have a solar orbit14:51
SiFuh__It's orbit is similar to a commet and crosses other planetary orbital paths14:52
SiFuh__exactly as i said14:54
pedjawhat do you mean, 'it doesn't have a solar orbit'?14:55
pedjait does orbit the Sun, only its orbit is inclined. still counts :)14:56
SiFuh__Pluto also doesn't have a solar orbit14:57
SiFuh__fsck you retards ;-)14:57
*** ivladak has quit IRC15:04
john_cephalopodaACTION . o O ( wpa - bitbangs the wpa protocol over any antenna )15:05
darfoso now they can decrypt encrypted WPA2 packets just to find they contain encrypted data15:22
darfoor they should if the session is SSL based15:22
darfothe krackattacks article mentions apps that can have their encryption broken15:23
darfobut doesn't mention any browsers15:23
darfosounds like chicken little stuff to me15:24
darfoanybody that banks from a smartphone is too trusting even before this came out15:24
darfobut i see the trend is smartphones to overtake PCs/laptops/tablets and be15:25
darfothe only comp they have15:25
SiFuh__smarttphone + banking  haha15:26
SiFuh__Last time I did phone banking, we still had to dial the number.15:26
*** abenz_ has joined #crux15:26
darfome too15:27
SiFuh__I have an android phone, rooted, all shit erased.. Can send SMS, make Phone call, and view webrowser. Nothing else installed. Battery life is amazing.15:28
darfoAm waiting for December when law here forces unlocking by vendor for free.15:32
SiFuh__where is here?15:32
SiFuh__and if you purchase a phone from Hong Kong?15:33
*** SiFuh has quit IRC15:40
*** SiFuh has joined #crux15:40
SiFuh__oh wow that's me15:40
*** SiFuh has quit IRC15:42
SiFuh__problem solved15:42
frinnstSiFuh__: you should buy one of those super-simple nokia phones with 1 month batterylife15:49
john_cephalopodaI want a phone that has long battery life but is not locked down either.16:18
*** ivladak has joined #crux16:19
john_cephalopodaSomething like a TI-83 Plus with USB, speaker, microphone and an antenna.16:19
rmullI backed the librem5... we'll see how that goes <_<16:30
*** nogagplz has joined #crux16:30
*** nogagplz_ has quit IRC16:31
pedja'[...]40TB drives by 2025 using MAMR [...]' wow16:35
pedjawe'll see if WD delivers16:36
john_cephalopodaHow much is that librem phone?16:37
pedja600$, January 2019 :)16:38
john_cephalopodaUnfortunately there is no mention of battery stats.16:40
john_cephalopodaI don't really get why it is so hard to make phones, that are not locked down.16:42
pedja'locked down'?16:44
pedjaand they'll have to build and test it before any battery life predictions16:45
john_cephalopodaYeah, having only android support and blobs everywhere.16:45
john_cephalopodaIf I wouldn't use Matrix and Conversations that much, I'd probably just get an old Nokia dumbphone.16:46
*** onodera has joined #crux16:53
pedjarunning Crux on a phone would be cool16:53
j_vcurious to see if there will be issues using librem5 with US cellular carriers16:56
*** saptech has joined #crux16:59
pedjathat's an interesting question. is librem5 GSM-only?17:07
pedjafinal specs should be known by April next year17:08
j_vaccording to's info: Works with 2G/3G/4G, GSM, UMTS, and LTE networks17:09
j_vbut it may depend on what bands it is capable of working on17:09
jaegerAnd whether or not US carriers can say "no" to them17:10
jaegerWhich I suspect they can and will17:10
j_vright, and right... hell hp had the ms phone that verizon wouldn't accept connections from17:11
j_vbut, still, i like this concept behind the librem5...17:11
saptechhi all17:13
saptechI just did a OS restore from about 5 months ago and everything is going great17:14
jaegerglad to hear it17:15
saptechis doing a 'prt-get sysup' ok to run?17:15
saptechor something else to run also?17:15
jaegerI would also recommend: prt-get depends $(prt-get listinst) | grep "\[ \]"17:16
jaegerthat will tell you if new dependencies have been added before sysup17:16
jaegerbecause prt-get sysup won't catch them17:16
john_cephalopodajaeger: Thanks, that's a useful command.17:17
john_cephalopoda8 things missing on my system, according to that list.17:19
j_vyeah, i just saved that fragment as catch_new_deps_before_sysup.sh17:19
pedjacatchy title17:19
j_v:)... my imagination sometimes lets me down17:20
john_cephalopodaj_v: Better than calling it "" or something ;þ17:21
j_vtrue that17:22
j_vgotta go to work. later17:23
saptechI use Mageia Linux as my main distro and after restoring Crux, Mageia's grub is not picking up Crux, I also have 3 other distros installed on the hdd and they are picked up by grub17:23
saptechI had to manually include Crux to Mageia's bootloader17:24
saptechI'm not sure why it's not picking up Crux17:24
jaegerjohn_cephalopoda: welcome17:27
jaegeryou could look through the source for the grub-mkconfig bits and see if it's a naming issue or similar17:27
jaegerfor example in /etc/grub.d/10_linux on line 16917:28
jaegerI'm not sure how mageia handles that stuff, though17:29
saptechhmmm, ok17:30
*** chinarulezzz has quit IRC17:32
*** chinarulezzz has joined #crux17:32
*** parlos has quit IRC18:01
*** saptech has quit IRC18:10
*** nwe has quit IRC18:44
*** nwe_ has joined #crux18:44
*** nwe_ has quit IRC18:48
*** nwe has joined #crux18:48
darfoSiFuh__: if I buy my own phone I only save about $15/mo. Takes a long time to recoup the cost of an expensive phone. A cheap phone not so long.19:40
darfoCanada has expensive data and voice plans without many vendor choices so they can do pretty much whatever they want.19:46
*** ryu0 has quit IRC19:47
darfoThe 2yr contract on my phone ran out so now I can root it but they charge $50 to unlock it until December when a new law kicks in.19:47
darfoTo me locked phone just means anti-competition which equals expensive rates.19:48
darfoI considered buying my own phone but it was a better deal to get one under contract (locked) and wait.19:49
darfoWhich means they are overcharging those with there own phones if a CA$800 phone is paid for in 2 yrs.19:50
john_cephalopodaIf I didn't do it wrong, this command should yield a list of programs that have to be installed as new dependencies, which can be piped into prt-get depinst directly:19:50
john_cephalopodaprt-get depends $(prt-get listinst) | grep "\[ \]"  | sed -e 's/\[ \]//g'19:50
john_cephalopoda(It's jaeger's program, with a sed to remove the brackets, so it can simply be piped into prt-get depinst)19:51
john_cephalopodaI feel like prt-get could be written in bash, except maybe for some dependency resolving tools, that should be in C for performance.19:51
*** ryu0 has joined #crux19:53
frinnstjust because you can do something doesn't mean it's a good idea :)20:12
john_cephalopodaDunno, I looked at the prt-get code once, and it was so confusing and unintuitive that I let it be.20:23
frinnstrunning under mono20:37
john_cephalopodaUnix shell script isn't that bad. It can do a lot of things that need large amounts of C code.20:43
john_cephalopodaI could do prt-get info <program> with some sed, some cat and some more sed.20:44
john_cephalopodaOr maybe awk.20:44
john_cephalopodaActually even less.20:45
john_cephalopodaI only have to find the appropriate directory (simple lookups with if), then source the Pkgfile and then check $version, $name, etc.20:46
john_cephalopodaIt's a wrapper for pkgadd and the like anyway, so that would be easy to integrate.20:47
rmulljaeger: Did you say you have a C version of pkgutils or prt-get that you're working on? I don't see it on github, maybe I'm mistaken?20:49
john_cephalopodaOh, pkgadd seems to be C now.20:53
john_cephalopodaBut pkgmk  is a bash script.20:53
pedjaiirc, someone rewrote prt-get or pkgutils, can't remember which, in go20:56
jaegerrmull: I've barely started it, nothing's published yet21:00
pedjait seems that no one is bored enough to write prt-get Ansible module :)21:01
frinnstYou could probably count the potential users on one finger :)21:01
pedjatrue :)21:01
jaegerrmull: so far I'd just been playing with reading the package database into a hash map. I'm not a professional programmer so it takes me a while :)21:01
frinnstmight be fun tho21:01
pedjais Crux the only distribution that has different tools to update package db and packages themselves?21:06
frinnstno, pkgutils does all the work21:07
frinnstprt-get is just a frontend, like apt/yum/whatever21:07
pedjaports and prt-get21:07
ryu0john_cephalopoda: same logic as pacman/makepkg? pacman is C, makepkg is shell.21:07
ryu0On that note.21:07
pacmanACTION chases john_cephalopoda around, trying to eat him.21:08
frinnstah update.. yeah well the bsd syncs their trees with another command21:08
pedjaporsnap, iirc21:08
ryu0anyone know how we can mitigate KRACK for unpatchable devices (android)?21:09
frinnstdont connect to unknown ap:s?21:09
frinnstyou shouldnt be doing that anyways :)21:09
ryu0haha. home devices don't connect to unknown APs already.21:09
ryu0i'm waiting for LEDE to patch it still.21:10
ryu0they have a greater lag time.21:10
pedjait's client side, so updating the router wouldn't help much, correct?21:10
ryu0True, but it's suggested to patch *both*.21:11
frinnstno its ap side too21:11
frinnstfrom what I understand21:11
ryu0the only client devices i can't patch are those stupid android shit piles.21:11
ryu0in the process of patching the Linux PCs here.21:11
pedja'Our main attack is against the 4-way handshake, and does not exploit access points, but instead targets clients.'21:12
frinnstethernet ftw21:12
ryu0next i get to patch the windows devices.21:12
ryu0And that's the last of the devices I can patch on my network.21:13
frinnstthere are21:13
frinnstsuperflat cables for windows21:13
frinnstlike 10cm with rj45s on both sides21:13
ryu0seem 'em. what makes you say they're windows only?21:13
*** onodera has quit IRC21:14
frinnsthaha oh right21:14
frinnstsorry I am a bit drunk21:14
pedjatime to log in as root to a production server21:15
frinnstYou cant upgrade a production environment at 11pm from home without atleast a couple of beers in you21:15
frinnstthat would lead to mistakes21:15
frinnstroot? bah.. I can literally fuck up 50 servers right now21:16
frinnstno biggie tho. its just a small cluster that we use internally21:16
*** p4cman has quit IRC21:18 might be handy21:19
frinnsterlang is awesome21:20
frinnstoh not erlang21:20
frinnstDigital Rebar reduces the human resource cost of orchestrating continuous hardware redeployment, hypervisor, operating systems, and application layer software installation and management.21:20
frinnstso it replaces me? :(21:20
frinnstprobably a sound choice tho21:21
jaegerdigital frinnst21:21
pedjanah, gives you more time to do other stuff :)21:21
frinnstlike what? fixing printing issues for end users?21:22
frinnsti'd rather be unemployed :)21:22
ryu0frinnst: ever see office space? it has a scene where they beat the shit out of a chronically malfunctioning printer.21:23
jaegeroffice space is pretty much required training material for IT work21:23
frinnsta colleague changed the printing driver for a RDS customer today. broke all printing21:24
frinnstI got the call21:24
frinnstergo the need for alcohol21:24
pedjaoffice space/idiocracy go well together21:25
*** jaeger has quit IRC21:46
*** jaeger has joined #crux21:47
*** saptech has joined #crux21:53
*** john_cephalopoda has quit IRC22:01
pedja'Microsoft says the exploit is very hard to execute against Windows' 'the attacker has to be close, and the user has to have wifi enabled'.22:14
*** saptech has quit IRC22:21
*** saptech has joined #crux22:21
*** duncaen has quit IRC22:53
saptechI keep getting command not found for a perl script file22:58
saptechI'm trying to run this,
jaegerWhat does the top line of the perl script say?23:03
saptechI added the single quotes23:06
jaegerAnd what's the full error?23:07
saptechbash: obmenu-generator: command not found23:07
jaegerIs it in your path?23:08
saptechits in my /homne/saptech directory23:08
jaegerok, then run it with ./23:08
saptechit did show more error info, let me paste it23:09
jaegerthat's a perl error and it also provides the solution :)23:10
saptechI need the perl module?23:11
*** duncaen has joined #crux23:13
pedjadependencies for it are listed in that INSTALL.md23:17
pedjaand I don't see them in port db, so time to learn to package them for Crux, I guess :)23:19
saptechso far so good23:24
saptechthe static menu work but the dynamic menu doesn't23:28
saptechdynamic show, "invalid output from pipe-menu /usr/bin/perl5.22.2 /home/speden/obmenu-generator -i"23:30
saptechI can live with the static menu until I figure it out23:34
saptechthanks all23:34
saptechpedja, did you mean the obmenu-generator or the modules?23:35
saptechdoes anyone know if this should be one line?23:49
saptechhere's the full code, the first paste is line 44123:51

Generated by 2.14.0 by Marius Gedminas - find it at!