| --- Log opened Mon Sep 15 00:00:40 2014 |
| 00:52 | | RchrdB [0x2ba22e11@Nightstar-qe9.aug.187.81.IP] has quit [[NS] Quit: Leaving] |
| 02:09 | | VirusJTG [VirusJTG@Nightstar-6i5vf7.sta.comporium.net] has quit [[NS] Quit: Program Shutting down] |
| 02:15 | | McMartin [mcmartin@Nightstar-rpcdbf.sntcca.sbcglobal.net] has quit [[NS] Quit: brb] |
| 02:16 | | McMartin [mcmartin@Nightstar-rpcdbf.sntcca.sbcglobal.net] has joined #code |
| 02:16 | | mode/#code [+ao McMartin McMartin] by ChanServ |
| 02:46 | | macdjord|Xenonauts is now known as macdjord |
| 03:41 | | Kindamoody[zZz] is now known as Kindamoody |
| 03:59 | | Checkmate [Z@Nightstar-484uip.cust.comxnet.dk] has quit [Ping timeout: 121 seconds] |
| 04:35 | | Vornicus [vorn@ServerAdministrator.Nightstar.Net] has quit [[NS] Quit: Leaving] |
| 05:06 | | Derakon is now known as Derakon[AFK] |
| 05:21 | | Turaiel[Offline] is now known as Turaiel |
| 06:25 | | celticminstrel [celticminst@Nightstar-ak6p6n.dsl.bell.ca] has quit [[NS] Quit: KABOOM! It seems that I have exploded. Please wait while I reinstall the universe.] |
| 06:31 | | Turaiel is now known as Turaiel[Offline] |
| 07:14 | | Kindamoody is now known as Kindamoody|afk |
| 08:13 | | macdjord is now known as macdjord|slep |
| 09:08 | | Orthia [orthianz@Nightstar-mvku45.callplus.net.nz] has quit [Ping timeout: 121 seconds] |
| 09:13 | | Orthia [orthianz@Nightstar-l7r.43k.224.119.IP] has joined #code |
| 09:13 | | mode/#code [+o Orthia] by ChanServ |
| 09:25 | | Syloq [Syloq@NetworkAdministrator.Nightstar.Net] has quit [Ping timeout: 121 seconds] |
| 10:08 | | Syloq [Syloq@Nightstar-mbk.c3p.254.173.IP] has joined #code |
| 10:08 | | mode/#code [+o Syloq] by ChanServ |
| 10:18 | | RchrdB [0x2ba22e11@Nightstar-952.jvr.168.194.IP] has joined #code |
| 10:18 | | mode/#code [+o RchrdB] by ChanServ |
| 11:08 | | Checkmate [Z@Nightstar-484uip.cust.comxnet.dk] has joined #code |
| 11:08 | | mode/#code [+o Checkmate] by ChanServ |
| 11:43 | | Syloq [Syloq@Nightstar-mbk.c3p.254.173.IP] has quit [Ping timeout: 121 seconds] |
| 12:11 | | Syloq [Syloq@Nightstar-mbk.c3p.254.173.IP] has joined #code |
| 12:12 | | mode/#code [+o Syloq] by ChanServ |
| 12:26 | | VirusJTG [VirusJTG@Nightstar-6i5vf7.sta.comporium.net] has joined #code |
| 12:34 | | celticminstrel [celticminst@Nightstar-ak6p6n.dsl.bell.ca] has joined #code |
| 12:34 | | mode/#code [+o celticminstrel] by ChanServ |
| 13:16 | | Attilla [uid13723@Nightstar-ed0oqj.irccloud.com] has joined #code |
| 13:53 | <@gnolam> | Nghgh |
| 13:54 | <@gnolam> | No battle plan survives contact with the user. |
| 13:55 | | Orthia [orthianz@Nightstar-l7r.43k.224.119.IP] has quit [Ping timeout: 121 seconds] |
| 14:00 | | Orthia [orthianz@Nightstar-00q.ki4.224.119.IP] has joined #code |
| 14:00 | | mode/#code [+o Orthia] by ChanServ |
| 14:25 | | Checkmate [Z@Nightstar-484uip.cust.comxnet.dk] has quit [Ping timeout: 121 seconds] |
| 14:33 | < Julius> | Don't you mean 'use case'? :P |
| 14:34 | <@Tarinaky> | Speaking of. My code baby is in the hands of its first users... Being tortured. |
| 14:34 | <@Tarinaky> | q.q |
| 14:44 | <@TheWatcher> | Egads, I actually managed to get UTF-8 posting to twitter working first time. |
| 14:44 | <@TheWatcher> | Something is wrong with the universe. |
| 14:52 | <@Tarinaky> | Oh shit, accidentally the network/internet >.< |
| 14:57 | | * Tarinaky adds it to the list of bad things about git: Getting the SysAdmin to come up to your desk asking WTF you've been downloading. |
| 15:01 | <@TheWatcher> | ... wha? |
| 15:04 | <@Tarinaky> | I'm glad I'm not the only one with that reaction :/ |
| 15:05 | <@Tarinaky> | Was trying to find a package... so I went to clone the Android sources... |
| 15:05 | <@Tarinaky> | Apparently I was using 25% of the pipe all to myself and people were complaining about slowness. |
| 15:33 | | Checkmate [Z@Nightstar-ro94ms.balk.dk] has joined #code |
| 15:33 | | mode/#code [+o Checkmate] by ChanServ |
| 15:41 | | Syloq [Syloq@Nightstar-mbk.c3p.254.173.IP] has quit [[NS] Quit: .] |
| 15:41 | | Syloq [Syloq@Nightstar-mbk.c3p.254.173.IP] has joined #code |
| 15:41 | | mode/#code [+o Syloq] by ChanServ |
| 15:43 | | Mango [www.toao.ne@Nightstar-fqtlu3.abhsia.telus.net] has joined #code |
| 15:43 | < Mango> | Hello. Hopefully someone with OAuth 2.0 experience could answer this question. |
| 15:44 | < Mango> | Scenario: a piece of hardware needs to access Google's API with an OAuth token. Currently the token is generated on the hardware manufacturer's website, then configured on to the device. |
| 15:45 | < Mango> | Would it be possible for the device itself to generate the token, or would that present some sort of security risk or technical problem? |
| 16:54 | <@Tamber> | ...OhgodAuth. |
| 16:54 | < Mango> | :) |
| 16:54 | <@Tamber> | Having only /brushed/ against it before: I'm so, so sorry for you. |
| 16:54 | <@Tamber> | :p |
| 16:55 | < Mango> | Fortunately, it's not me that is working with it. |
| 16:55 | < Mango> | I want to request a feature from some developers, but first want to make sure what I am asking for is technically possible. |
| 16:58 | <@TheWatcher> | what sort of hardware are we talking about here? the basic answer is "yes, provided that..." |
| 16:59 | <@TheWatcher> | (the longer answer will, if nothing else, need to wait for me to have a real kbd rather than my phone to hand) |
| 18:16 | < Mango> | It's a VoIP ATA. |
| 18:17 | < Mango> | Sorry, Trill didn't flash. I guess in other words I'm asking, if the firmware is sufficiently encrypted, could a user potentially access any private keys, if the ATA could generate tokens? |
| 18:17 | <@Tamber> | Considering what I've seen apparently count for "sufficiently encrypted", yes~ |
| 18:19 | <@Tarinaky> | You can't really encrypt, perfectly, an executable. |
| 18:19 | <@Tarinaky> | In order to be executed it has to be returned to a plaintext state. |
| 18:20 | <@Tamber> | for "firmware", read "data section of firmware containing keys", I suspect |
| 18:20 | <@Tarinaky> | Still needs to be converted into plaintext. |
| 18:20 | <@Tarinaky> | You can't make it mathematically secure. |
| 18:20 | <@Tarinaky> | You can only do obsfucation. |
| 18:21 | <@TheWatcher> | All you can do is make it secure against casual attacks |
| 18:21 | <@Tamber> | Oh, no, you *can* encrypt it. But it's kinda pointless against a Sufficiently Advanced and Motivated attacker. |
| 18:21 | <@TheWatcher> | But really |
| 18:21 | <@Tarinaky> | Isn't that what I just said? |
| 18:21 | <@Tamber> | (...and kinda expensive, so it ain't gonna happen unless they think they're going to lose money otherwise.) |
| 18:22 | <@TheWatcher> | Since there's a token being generate and shoved onto the hardware anyway, I'm kinda missing what the difference between 'manufacturer generates token' and 'user generates their own' is, really |
| 18:22 | <@Tamber> | Tarinaky, depends on how picky you want to be about "only obfuscation". |
| 18:23 | < Mango> | Thanks for the info! |
| 18:24 | <@Tarinaky> | Well, I think encryption is normally stuff that is, assuming a correct implementation, uncrackable within some window of time t->very large. |
| 18:25 | <@Tarinaky> | Without resorting to Quantum Computers or solving the P?=NP problem |
| 18:25 | <@Tamber> | Right. Which is also what I'm assuming. |
| 18:26 | <@Tarinaky> | Whereas in this case you can disassemble the code... somehow. |
| 18:26 | <@Tamber> | "Somehow" |
| 18:27 | <@macdjord|slep> | Tarinaky: Or a rubber hose. Never forget the nubber hose option. |
| 18:28 | <@Tamber> | Tarinaky, there are so-called Secure processors available that let you bake a key -- and, IIRC, some trusted (...dohohoho) bootloading code -- into them to use for encryption or signature checking of the contents of the EEPROM containing the rest of the firmware. |
| 18:28 | <@Tamber> | I've run into the latter option (Signature checking) for definite. |
| 18:29 | <@Tarinaky> | Is it the private key, or the algorithm that's a secret? ;) |
| 18:29 | <@Tamber> | Private key. |
| 18:29 | <@Tamber> | Unless they're /really/ stupid. |
| 18:30 | <@Tarinaky> | Fair enough then. |
| 18:30 | <@Tamber> | Since there's "no way" of retrieving the key without doing horrible things to the processor. |
| 18:32 | <@Tamber> | And the processor is apparently soldered to the board beneath -- IIRC -- the RAM. |
| 18:35 | <@Tamber> | According to the teardown, anywho. |
| 18:37 | <@RchrdB> | I've seen articles about people ripping secrets out of those and it's not easy/cheap enough to do that anyone's likely to bother unless the secret is worth LOADS of money. |
| 18:39 | <@Tamber> | Ayup. |
| 18:39 | <@Tamber> | It's possible, but nearly nobody's going to bother. |
| 18:40 | <@Tarinaky> | I have to begin questioning what's worth encrypting, but isn't worth loads of money~ |
| 18:55 | | Kindamoody|afk is now known as Kindamoody |
| 18:55 | | Checkmate [Z@Nightstar-ro94ms.balk.dk] has quit [Ping timeout: 121 seconds] |
| 18:58 | | Syka [the@Nightstar-d16r4u.vividwireless.net.au] has quit [Ping timeout: 121 seconds] |
| 19:21 | | Kindamoody is now known as Kindamoody[zZz] |
| 19:29 | | Checkmate [Z@Nightstar-484uip.cust.comxnet.dk] has joined #code |
| 19:29 | | mode/#code [+o Checkmate] by ChanServ |
| 19:40 | | RchrdB [0x2ba22e11@Nightstar-952.jvr.168.194.IP] has quit [[NS] Quit: Leaving] |
| 19:45 | | Syka [the@Nightstar-c409v3.vividwireless.net.au] has joined #code |
| 20:06 | | Syka [the@Nightstar-c409v3.vividwireless.net.au] has quit [Ping timeout: 121 seconds] |
| 20:36 | | Syka [the@Nightstar-c409v3.vividwireless.net.au] has joined #code |
| 20:38 | | Turaiel[Offline] is now known as Turaiel |
| 20:47 | <@Alek> | worth encrypting, but not worth money? uhh... plans to overthrow the government, but then again, the government can just do the decryption without paying for it. XD |
| 21:05 | <@Tarinaky> | Alek: Just because something is not easily liquifiable does not mean it can't be ascribed a financial value. |
| 21:32 | <@Azash> | If nothing else, through opportunity cost |
| 21:33 | <&McMartin> | This is a very fine proof of pwnz0rship |
| 21:33 | <&McMartin> | http://arstechnica.com/security/2014/09/hacker-exploits-printer-web-interface-to -install-run-doom/ |
| 21:34 | <@Tamber> | :printers: |
| 21:34 | | macdjord|slep is now known as macdjord |
| 21:37 | <@macdjord> | What's the Windows Command Line version of 'uptime'? |
| 21:38 | <&McMartin> | I'm not aware of one |
| 21:38 | <@macdjord> | I know the information is available; I used to have a little systray gadget that did it. |
| 21:39 | <&McMartin> | Yeah |
| 21:39 | <&McMartin> | Their support forums suggest "net statistics server" - the line "statistics since [date/time]" gives the date/time the system was started. |
| 21:40 | <&McMartin> | There is also http://uptimeexe.codeplex.com/ |
| 21:41 | <@Reiv> | I used to have a script for mIRC that told me. |
| 21:46 | <@Alek> | well, mirc has a built-in uptime clock that you can enable. but just for it, not for windows. |
| 21:46 | <@Alek> | online timer |
| 21:47 | <@Tamber> | I think Reiv's talking about one of those system-stats scripts. |
| 21:54 | <@macdjord> | ... actually... |
| 21:54 | <@macdjord> | I boot X-Chat at startup and rarely close it, except when rebooting. |
| 21:57 | | RchrdB [0x2ba22e11@Nightstar-qe9.aug.187.81.IP] has joined #code |
| 21:57 | | mode/#code [+o RchrdB] by ChanServ |
| 22:07 | <@Alek> | what mac said. |
| 22:07 | <@Alek> | mine's in the startup folder. |
| 22:21 | <@Azash> | Shit HN Says @shit_hn_says ยท Dec 28 |
| 22:21 | <@Azash> | Well, TCP is a very simple protocol |
| 22:26 | <@macdjord> | Alek: Alas, I know of no uptime command in X-Chat, either, so it doesn't help~ |
| 22:30 | | macdjord [macdjord@Nightstar-7rac1r.mc.videotron.ca] has quit [[NS] Quit: This is a thing which is shaped like itself.] |
| 22:45 | | macdjord [macdjord@Nightstar-7rac1r.mc.videotron.ca] has joined #code |
| 22:45 | | mode/#code [+o macdjord] by ChanServ |
| 22:59 | | Vornicus [vorn@ServerAdministrator.Nightstar.Net] has joined #code |
| 22:59 | | mode/#code [+qo Vornicus Vornicus] by ChanServ |
| 23:16 | | RchrdB [0x2ba22e11@Nightstar-qe9.aug.187.81.IP] has quit [[NS] Quit: Leaving] |
| 23:19 | <@TheWatcher> | Note to self: elsif doesn't work in c++ |
| 23:19 | < Mango> | :) |
| 23:30 | <&McMartin> | else if, however, does, thanks to aggressive statement binding |
| 23:35 | <@gnolam> | It's surprisingly hard to keep straight which language uses which there. |
| 23:36 | <&McMartin> | Yeah |
| 23:36 | <&McMartin> | C/C++ don't support else if as a construct "on purpose" - it's an emergent property of the fact that braces are optional |
| 23:40 | <@TheWatcher> | I'm usually pretty good at it, but I've been perling all day, so |
| 23:46 | <@Tarinaky> | McMartin: I thought that was still on purpose/by design? |
| 23:46 | <&McMartin> | By design, yeah |
| 23:46 | <&McMartin> | I'm being super-narrow about "on purpose" |
| 23:46 | <&McMartin> | More precisely: there is no "else if" grammar production the way there is with elif or elsif ones. |
| 23:47 | <@Tarinaky> | Other languages only have elsif and its variants as a work around because they don't have b races. |
| 23:47 | <&McMartin> | Or because they *do* have braces or similar and they are mandatory |
| 23:47 | <&McMartin> | Or because they bind statements with the wrong precedence so that chaining like that would group them wrong |
| 23:47 | <&McMartin> | (I don't know of any that do the latter) |
| 23:47 | <&McMartin> | (But that would be a reason to) |
| --- Log closed Tue Sep 16 00:00:55 2014 |