IRC Logs for #crux Friday, 2018-01-05

john_cephalopodaHeh00:06
j_vhttps://patchwork.kernel.org/patch/10143611/00:15
j_vhttps://patchwork.kernel.org/patch/10145615/00:27
*** plow has quit IRC00:28
*** vlnx has joined #crux00:38
*** abenz has quit IRC01:50
*** TheCephalopod has joined #crux02:23
*** john_cephalopoda has quit IRC02:26
*** _________mavric6 has quit IRC03:32
*** _________mavric6 has joined #crux03:33
*** tilman_ has joined #crux04:03
*** vlnx has quit IRC04:14
joacimone of my corsair sata power cables managed to sneak itself into my seasonic set05:17
ryuojoacim: and they made beautiful music together?05:17
joacimmade my psu shut itself down soon after trying to power on05:18
ryuoah, so a funeral dirge instead.05:19
joacimjust for a short while05:19
joacimworks now05:19
joacimi think i should mark all my wires. get these round coloured stickers or something05:20
*** abenz has joined #crux05:21
ryuohttps://www.humblebundle.com/books/python-by-packt-book-bundle05:21
jaegerI bought that one :)06:03
*** DeaDDooMER has joined #crux06:56
*** SovietPony has quit IRC06:58
*** SovietPony has joined #crux06:59
*** Kernel has joined #crux06:59
*** DeaDDooMER has quit IRC07:02
*** SovietPony has quit IRC07:13
marakuhow do you guys keep track of kernel security updates?07:27
marakuthe maintainers send email updates through the mailing list for packages... but what to do for the kernel?07:27
frinnstrun the latest kernel from a maintained branch07:27
frinnsthttps://www.kernel.org/ <- run either mainline or a longterm kernel07:28
marakubut what about security fixes, like the upcoming intel bug fix?07:28
frinnstyou can subscribe to the kernel.org announce list07:28
frinnsthttps://www.spinics.net/lists/announce-kernel/07:31
j_v4.14.11 has added kpti for meltdown mitigation. looks like some spectre mitigation may also be included. more mitigation made it into linux-next in recent hours.07:31
j_vmitigating meltdown looks to be fairly covered, if i'm understanding things correctly. mitigating spectre sounds like it will be ongoing for some time, but progress seems to be progress (much of it fairly beyond my comprehension).07:34
j_vsecond 'progress' should be, well, idk, progressing... hate it when i say stuff that makes it obvious how dense i am07:36
*** abenz has quit IRC07:37
*** abenz has joined #crux08:05
*** workodera has joined #crux08:11
frinnstj_v: dont worry I can beat all your stupidities08:15
frinnstalso, people here somehow expect me to know stuff because "i develop crux". fuck me thats a wrong assumption :D08:15
Anselmoha08:22
Anselmoand it sometimes sort of seems like, crux just, as far as kernel stuff goes, assumes the user can mostly handle it how they want.. .08:24
frinnstofcourse08:25
frinnstbut these young'ns dont grow up compiling their own kernel!08:26
frinnstnow get off my lawn!08:26
frinnst:>08:26
nwe:<08:30
nwe:>08:30
Anselmooha08:32
marakuthanks for the advice frinnst, i've subscribed now08:39
*** groovy2shoes has quit IRC08:44
frinnsthttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel fun fun08:45
*** heroux has quit IRC08:49
*** heroux has joined #crux08:50
*** maraku has quit IRC09:43
*** maraku has joined #crux09:45
*** abenz has quit IRC09:48
*** abenz has joined #crux10:10
*** pekka10 has joined #crux10:56
*** workodera has quit IRC11:36
*** abenz has quit IRC11:54
cruxbot[core.git/3.3]: iproute2: don't link against libelf11:55
*** g0relike has quit IRC11:57
*** g0relike has joined #crux11:59
*** workodera has joined #crux12:05
cruxbot[opt.git/3.3]: mod_php: update to 5.6.3312:13
cruxbot[opt.git/3.3]: php-sqlite3: update to 5.6.3312:13
cruxbot[opt.git/3.3]: php-sockets: update to 5.6.3312:13
cruxbot[opt.git/3.3]: php-mysql: update to 5.6.3312:13
cruxbot[opt.git/3.3]: php-gettext: update to 5.6.3312:13
cruxbot[opt.git/3.3]: php-gd: update to 5.6.3312:13
cruxbot[opt.git/3.3]: php-ftp: update to 5.6.3312:13
cruxbot[opt.git/3.3]: php-fpm: update to 5.6.3312:13
cruxbot[opt.git/3.3]: php-fcgi: update to 5.6.3312:13
cruxbot[opt.git/3.3]: [notify] php: update to 5.6.33 (security fixes)12:13
*** DeaDDooMER has joined #crux12:38
*** frinnst_ has joined #crux13:03
*** frinnst has quit IRC13:03
*** chinarulezzz has joined #crux13:03
*** chinarulezzz has quit IRC13:04
*** chinarulezzz has joined #crux13:06
*** chinarulezzz has quit IRC13:07
*** chinarulezzz has joined #crux13:10
*** chinarulezzz has quit IRC13:11
*** darfo has joined #crux13:34
*** john_cephalopoda has joined #crux13:37
*** john_cephalopoda has quit IRC13:37
*** john_cephalopoda has joined #crux13:37
*** chinarulezzz has joined #crux13:40
*** _________mavric6 has quit IRC13:49
*** nogagplz has quit IRC13:50
*** nogagplz has joined #crux13:52
*** _________mavric6 has joined #crux13:53
*** workodera has quit IRC14:42
*** workodera has joined #crux14:42
*** john_cephalopoda has quit IRC14:43
*** john_cephalopoda has joined #crux14:44
*** workodera has quit IRC14:47
*** workodera has joined #crux14:48
*** workodera has quit IRC14:49
*** workodera has joined #crux14:54
*** abenz has joined #crux16:31
*** workodera has quit IRC16:33
*** workodera has joined #crux16:46
*** admincomplex has quit IRC16:53
*** tsaop has joined #crux17:05
*** workodera has quit IRC17:21
jaegerhttps://imgur.com/xRpgQ8b <-- new caps for the TKL17:23
j_v4.14.12 has further kpti patches; 4.4.110 and 4.9.75 both have definitely gotten the kpti patches now17:40
j_vthere seem to be patches related to spectre, but i think we can expect those to be ongoing for some time17:42
j_vjaeger, are those the caps are on your new kbd?17:44
tilmanmozilla has released a firefox patch that mitigates spectre-via-javascript somewhat17:44
tilmanmy debian unstable is offering new intel-microcode right now17:45
j_vtilman: wonder if mozilla will backport the fixes to esr17:46
dbrookesome of the (upcoming) fixes also require new microcode https://newsroom.intel.com/wp-content/uploads/sites/11/2018/01/Intel-Analysis-of-Speculative-Execution-Side-Channels.pdf17:46
tilman"new upstream microcodes to partially address CVE-2017-5715"17:46
tilmanso apparently intel has released a microcode update for spectre (PARTIALLY)17:47
j_vwonder if amd will follow suite17:47
tilman"Implements IBRS and IBPB support via new MSR (Spectre variant 2 mitigation, indirect branches)"17:47
tilman"LFENCE terminates all previous instructions (Spectre variant 2 mitigation, conditional branches)."17:48
tilmanat least one of the patchsets for spectre for the kernel that i've seen is adding lfence instructions17:48
j_vthere has be a bunch of talk on lkml about the IBRS, IBPB, and lfence stuff in last few days17:49
tilmanyeah17:49
tilmani realize my last comment wasnt super helpful17:49
tilmanworth noting that to fix this shit you need to patch everything :]17:49
tilmankernel, toolchain, microcode :o17:49
j_vyeah, waiting to see when gcc/binutils etc get updated...17:50
j_vthere is work being done on those fronts, but i haven't been following that end so much17:50
tilmanmight take a while for developers agree on the best way to mitigate the problems17:50
j_vi expect fallout to last LONG time, but that i guess should be obvious17:52
tilmanars technica believes that that amd employees comment on the kpti patch ("not needed on amd") was the trigger to end the embargo early17:56
dbrookellvm have patched for retpoline and http://lists.llvm.org/pipermail/llvm-commits/Week-of-Mon-20180101/513630.html suggests they've been working on it for a month or so17:56
*** onodera has joined #crux18:13
*** admincomplex has joined #crux18:19
*** frinnst has joined #crux18:21
*** frinnst has quit IRC18:21
*** frinnst has joined #crux18:21
*** x3n has joined #crux18:37
*** jue has quit IRC18:40
*** jue has joined #crux18:43
tilman<intel> This is not a bug or a flaw in Intel products.18:50
tilmanhttps://www.intel.com/content/www/us/en/architecture-and-technology/facts-about-side-channel-analysis-and-intel-products.html18:50
*** x3n has left #crux ()18:53
ryuotilman: I think their nose just grew by a mile.18:53
tilmanare they afraid of a class action law suit?18:56
ryuoMaybe so. I can't wait for my coupon for $0.50 off my next CPU purchase.18:56
pedjatilman, version 20171117 of the Intel microcode?19:16
jaegerj_v: new caps but on one of the keyboards I had before the DIY one19:17
j_vjaeger: very smooth looking... must have cost a bit19:21
jaeger$32.7419:23
jaegerWhich is about the most I'll spend on a keycap set, heh19:24
tilmanpedja: deb pkg version is 3.20171215.119:24
tilmanso probably 20171215?19:24
*** j_v has quit IRC19:25
pedjahm. the latest one at the Intel d/l site is 2017111719:25
*** j_v has joined #crux19:27
tilmanpedja: mmmh19:27
*** tsaop has quit IRC19:48
pedjalooks like Nvidia fixed their shit, so new LTS and beta 390.x drivers build with 4.14.12 kernel.19:50
pedjaif random site on the Interwebz is to be believed, anyway :)19:51
j_vpedja: i wonder if this commit has anything to do with that issue: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=1e5476815fd7f98b888e01a0f9522b63085f96c919:52
pedjaj_v, yup :)19:53
j_vthat one hasn't gone into stable yet, but i'm guessing for 4.14.13 we'll see it19:53
j_vthe patch might apply cleanly to 4.14.12 sources19:54
pedjaapparently Nvidia fixed it on their side. I haven't updated yet, so I am not sure19:54
j_vi'19:55
j_voops19:55
frinnstI hate downloading from mozilla.org - starts fine with ~3mb/s and then drops down to ~100kb/s19:56
j_vi'm on nouvuea, so until i need extra graphics availible from proprietary driver, it's nice to not have to worry about it19:56
pedjafrinnst, welcome to my world, even for a just a bit :)19:57
j_vi'm finally using ff 57.0.4, but did binary download and local user install, keeping esr around in hopes next release will include spectre mitigations19:58
*** tsaop has joined #crux19:58
pedja58b14 here19:59
pedja'Chrome is faster then Firefox'? not on my machine20:00
frinnsthttps://i.imgur.com/VDqqJP7.gifv firefox vs chrome ?20:01
pedjaChrome's 'load all tabs at once' 'feature' is fucking annoying20:04
pedjaI am sure it works just fine in Google HQ, on multi-terabit Internet pipe20:05
j_vmust admit, newer ff is very fast20:07
frinnsthttp://www.righto.com/2018/01/xerox-alto-zero-day-cracking-disk.html :D20:13
pedjawould BTC be more or less valuable if it it was mined this way http://www.righto.com/2014/09/mining-bitcoin-with-pencil-and-paper.html ?20:22
jaegerthat alto article is kinda cool20:27
*** rawmat has joined #crux20:27
pedjareminds me of the talk of a kid that bought mainframe 'for fun'20:29
jaegeryeah, that was entertaining as well20:29
pedjait's always nice to see that not all young people are Instagram/Facebook zombies :)20:30
joacimi have a feeling mining by pen and paper is something monks would do20:31
*** rawmat has quit IRC20:31
pedjawhen they are not busy writing out the 9 billion names of God :)20:32
joacimthey wake up at 0200. they have all the time in the world20:33
pedjaanyone care to guess if 'China looking into possible RAM prices fixing' will have any effect?20:36
pedjaand if it gets serious, will manufacturers get away with just a slap on the wrist like last time?20:38
pedjacustomer reviews are priceless https://www.amazon.com/Datamancer-The-Seafarer-Keyboard/dp/B00WDKB2GG/20:43
pedjawell, 'priceless' might not be the best term. hilarious? yes, that's the one.20:45
*** rawmat has joined #crux20:45
*** pez has quit IRC20:48
*** JanC has quit IRC20:55
*** groovy2shoes has joined #crux20:55
*** JanC has joined #crux20:55
cruxbot[core.git/3.3]: hdparm: updated to 9.5320:58
*** pez has joined #crux21:01
*** groovy2shoes has quit IRC21:02
*** groovy2shoes has joined #crux21:08
rawmatquit21:20
*** rawmat has quit IRC21:20
ryuofrinnst: http://rjtech.com/shop/index.php?dispatch=categories.view&category_id=22021:52
ryuothey also have a regular web shop.21:52
ryuoheh. youtube channel too.22:00
ryuohttps://www.youtube.com/channel/UCgjeSfxWQHcYbok-QujPn3A22:00
crash_looks like nice laptops22:01
frinnsthttp://seclists.org/fulldisclosure/2018/Jan/12 lovely22:01
crash_4.9.75 built now with page_isolation22:02
john_cephalopodaWhen is the next crux release due22:11
frinnstno date set22:13
cruxbot[core.git/3.4]: gcc, glibc: initial commits for 3.4 toolchain22:19
ryuofrinnst: gcc 7 this time?22:21
cruxbot[core.git/3.4]: binutils: updated to 2.29.122:21
*** tsaop has quit IRC22:21
frinnsthttps://crux.nu/gitweb/?p=ports/core.git;a=shortlog;h=refs/heads/3.4 nice timing with the questions :-)22:21
crash_nice :)22:23
ryuothey say gcc 8 is getting a new language.22:23
ryuoOr maybe that's gcc 9.22:23
ryuoI recall hearing that GDC is finally getting merged.22:24
john_cephalopodaIn which ways can I help with crux development?22:28
ryuojohn_cephalopoda: if i had to guess? fix build errors with the new toolchain.22:29
ryuoRomster was using my server last year to find build errors for 3.322:30
frinnstyeah the toolchain builds everything that *i* have installed right now, but I probably use a lot fewer ports than many of you22:30
john_cephalopodaHmm, at the moment I only got a 3.3 laptop.22:31
frinnstits hard to test for stuff that you dont know/use22:31
frinnstbut its still very early so no need to start testing stuff yet22:31
frinnstafk22:31
john_cephalopodaACTION . o O ( CRUX CI )22:32
pedjaso the hunt for gcc7 patches begins22:32
pedjait shouldn't be *that* bad, thou, some distributions switched to gcc7 a while back, and I haven't seen that many patches for it specifically22:35
ryuopedja: may be masked by package updates.22:37
pedjaperhaps. but I *do* have 1271 packages installed, so I have to be optimistic :)22:39
*** timcowchip has joined #crux22:39
ryuoanyone been following intel compute card? i think it's promising stuff.22:40
ryuothough i don't see the point really until you start seeing alternative docks.22:40
ryuoOr, the existing docks show up in a variety of places.22:41
pedjais it vulnerable to Meltdown :) ?22:42
ryuoProbably.22:42
ryuobut then they all are right now.22:42
ryuohttps://www.newegg.com/Product/Product.aspx?Item=1B4-008A-001A922:43
ryuoUltimately though it's a rip off of this: https://www.crowdsupply.com/eoma68/micro-desktop22:44
ryuothough, intel actually delivered a product already.22:44
pedjawhat's the use case for something like that?22:45
pedjaACTION lacks imagination22:45
ryuopedja: basically it's a SOC board in a fancy case that you can take anywhere to plug into a compatible device.22:46
ryuoeoma68 imagined it as reducing ewaste.22:46
ryuoinstead of replacing the whole unit you just replace the "card".22:47
ryuoyou keep the laptop case, screen, etc. until they wear out naturally.22:47
pedjathat's an interesting idea22:48
ryuointel compute card is a working device right here and now but it still lacks 3rd party docks.22:48
ryuoat best it's just a desktop replacement right now.22:48
pedjalike cheaper NUC22:48
ryuonexdock is supposedly working on a compatible one but they have yet to release anything.22:49
*** nthwyatt has joined #crux22:49
ryuohttp://nexdock.com/22:49
ryuoi find that baffling honestly. you'd think the dock would be the easy part.22:50
ryuoit's largely stateless hardware.22:50
*** darfo has quit IRC22:52
pedjalast update on nexdock blog was a year ago.22:55
pedjait's an interesting concept, sure, but will it get any traction beyond 'cool toy for geeks'?22:59
ryuopedja: yea. that's why i never bothered. lack of practicals over laptops.23:00
ryuoonly watching for now.23:00
ryuothe main problem I saw is the lack of docks.23:00
ryuothe only dock right now is a desktop dock.23:00
ryuoi could see it being a lot more interesting if it had a laptop dock already.23:01
*** abenz has quit IRC23:03
ryuoha.23:09
ryuoGCC7 removed Java support.23:09
pedjagcj?23:09
ryuoyea.23:09
ryuothat'll leave a mark.23:09
ryuosome software was dependent on it still23:10
ryuonotably pdftk23:10
pedjathat's the least of its problems 'We have built pdftk using gcc/gcj/libgcj versions 3.4.5, 4.4.1, 4.5.0 and 4.6.3.'23:13
ryuolmao.23:14
pedjaafaict, builds with gcc6, after some light patching23:20
pedjaI have yet to build my pdf processing pipeline, in order to liberate some data from it. maybe this year :)23:23
pedjaafter I stumbled enough thru Python to being able to cobble something up23:25
pedjaI mean, write some glue code to pass the data from application to application. How hard can it be?23:27
pedjaactually, pretty hard, when you are stupid as I am23:28
pedjait's an interesting experience. the more I try to learn, the more I realise how little I actually know23:33
ryuopedja: Do you know what 2+2 is?23:34
pedjaaddition?23:34
ryuoYes, but the right answer is.23:34
ryuoWhatever you need it to be. :)23:34
pedjaheh23:34
ryuohttp://dilbert.com/strip/2008-05-0823:40
pedjato quote Adam from Mythbusters, "I reject your reality, and substitute my own'23:45
*** onodera has quit IRC23:53
jaegerFor anyone using a non-"black box" type router/firewall, what do you prefer these days? pfsense? opnsense? untangle? something else?23:54
joacimi use opnsense. never used the other options, so i dont have much of an opinion on them23:59
jaegerI've used pfsense for years and like it... but I'm trying opnsense currently and it has one small issue that's really annoying23:59
jaeger*some* of my hosts don't end up registered in the local DNS, some do23:59
jaegerand there's no common factor that I can see23:59

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!