| --- Log opened Thu Sep 25 00:00:18 2014 |
| 00:15 | | Turaiel[Offline] is now known as Turaiel |
| 00:57 | | Derakon[AFK] is now known as Derakon |
| 01:03 | | macdjord|slep is now known as macdjord |
| 01:08 | <&ToxicFrog> | froztbyte: what software are you using? I wrote a lightweight music tagging and organizing tool a while ago that you may find helpful. |
| 01:30 | | Harlow [harlow@Nightstar-pq0497.il.comcast.net] has joined #code |
| 01:37 | | Checkmate [Z@Nightstar-484uip.cust.comxnet.dk] has quit [Ping timeout: 121 seconds] |
| 01:42 | | RchrdB [0x2ba22e11@Nightstar-qe9.aug.187.81.IP] has quit [[NS] Quit: Leaving] |
| 02:15 | <@Alek> | ТеÑ, кÑо пÑезиÑÐ°ÐµÑ Ð¿ÑогÑаммиÑÑов, пÑогÑаммиÑÑÑ Ð¿ÑезиÑаÑÑ ÑилÑнее, Ñем Ñе, кого пÑезиÑаÑÑ Ð¿ÑогÑаммиÑÑÑ, пÑезиÑаÑÑ Ð¿ÑогÑаммиÑÑов. |
| 02:16 | < Reiv> | You're speaking in tongues again Alek |
| 02:17 | | * Vornicus reads the translation, which he hopes is accurate |
| 02:17 | <@Alek> | I don't know, let's see it. |
| 02:17 | <~Vornicus> | "Those who despise programmers, programmers despise more than those who despise programmers despise programmers." |
| 02:17 | <~Vornicus> | (according to google) |
| 02:22 | <@Alek> | that's a damn good translation. |
| 02:25 | <@celticminstrel> | Though it's a slightly confusing phrasing. |
| 02:26 | <@celticminstrel> | Although I'm not sure if it can be phrased in a way that's not slightly confusing... |
| 02:26 | <~Vornicus> | THe phrasing is literal, as far as I can see |
| 02:27 | <@celticminstrel> | The best way would be to replace "those who despise programmers" with a single noun. |
| 02:27 | <~Vornicus> | like I hover translation units in order on the english version and they appear in order in the russian version |
| 02:27 | <@celticminstrel> | Then you can just say "programmers despise X more than X despise programmers". |
| 02:28 | <@celticminstrel> | Makes sense. |
| 02:31 | | Harlow [harlow@Nightstar-pq0497.il.comcast.net] has quit [[NS] Quit: sleep] |
| 02:55 | | Harlow [harlow@Nightstar-pq0497.il.comcast.net] has joined #code |
| 03:06 | | VirusJTG [VirusJTG@Nightstar-6i5vf7.sta.comporium.net] has quit [[NS] Quit: Program Shutting down] |
| 03:39 | <@iospace> | http://s3.crashworks.org.s3-website-us-east-1.amazonaws.com/if-programming-langu ages-were-vehicles/ *snerk* |
| 04:00 | | thalass [thalass@Nightstar-su58ca.bigpond.net.au] has quit [Ping timeout: 121 seconds] |
| 04:09 | | macdjord is now known as macdjord|Xenonauts |
| 04:12 | | thalass [thalass@Nightstar-i2mkj0.bigpond.net.au] has joined #code |
| 04:13 | | mode/#code [+o thalass] by ChanServ |
| 04:30 | | Kindamoody[zZz] is now known as Kindamoody |
| 04:41 | | Vornicus [vorn@ServerAdministrator.Nightstar.Net] has quit [[NS] Quit: Leaving] |
| 05:10 | | Derakon is now known as Derakon[AFK] |
| 05:16 | | Harlow [harlow@Nightstar-pq0497.il.comcast.net] has quit [Connection closed] |
| 05:16 | | Harlow [harlow@Nightstar-pq0497.il.comcast.net] has joined #code |
| 05:28 | < Harlow> | is this a rathe big deal? http://www.nbcnews.com/tech/security/new-bash-bug-could-pose-bigger-threat-heart bleed-n211006 |
| 05:28 | < Harlow> | rather* |
| 05:30 | <@Azash> | Well, it's hard to say since that article has nothing technical to go on |
| 05:30 | <@Azash> | I'm really doubtful you can just use "a line of code" (???) to exploit bash on even a majority of web servers |
| 05:30 | < Harlow> | awash http://arstechnica.com/security/2014/09/bug-in-bash-shell-creates-big-security-h ole-on-anything-with-nix-in-it/ |
| 05:30 | < Harlow> | azash* |
| 05:31 | <@Azash> | Lol, awash |
| 05:31 | < Harlow> | thats a better look at the problem |
| 05:32 | <&McMartin> | We looked at this earlier |
| 05:32 | < Harlow> | oh? |
| 05:32 | <&McMartin> | It's not as widespread as heartbleed in exploitable form, but if it is, it's scarier. |
| 05:32 | <&McMartin> | Because it's remote code execution, but only if you're the kind of machine you let peope log into in the first place. |
| 05:33 | <&McMartin> | So for a lot of people it would be "if they can log into your computer they can also run scripts on your computer" and, well, ok, sure thing, buddy |
| 05:33 | <@Azash> | Yeah it's a pretty bad bug |
| 05:33 | <@celticminstrel> | So it's not an issue if I'm the only one who can log into my computer... |
| 05:33 | <@Azash> | But NBC can go fuck themselves really, and rapid7 fearmongering as usual |
| 05:33 | <&McMartin> | Heartbleed, however, was *apocalyptic*. |
| 05:34 | <&McMartin> | I guess on a scale of cosmetic to apocalyptic it might be 'really bad' |
| 05:35 | <&McMartin> | The "easy" exploit is one if people were running a website with CGI scripts written in bash |
| 05:35 | <&McMartin> | In which case they could pwn you trivially |
| 05:35 | <&McMartin> | But why are you running a website with CGI scripts written in bash |
| 05:36 | <@Azash> | ^ |
| 05:37 | <&McMartin> | The sane person case is "I have some limited logins available that can only run specific commands" and this exploit lets them run *any* commands |
| 05:37 | <&McMartin> | That's p. bad |
| 05:37 | <&McMartin> | But you're a very specific dude if you're doing that. |
| 05:39 | <&McMartin> | Also, you will want to take the patch for this~ |
| 05:39 | <&McMartin> | (Apparently apt-get had some vulnerabilities recently disclosed, too) |
| 05:39 | <@celticminstrel> | Is it even plausible to patch bash on the Mac? I have no idea. |
| 05:40 | < Harlow> | i would like to know how to if possible |
| 05:40 | <&McMartin> | Should be pushed down as part of the OSX software updates, I'd assume |
| 05:40 | <@celticminstrel> | Hm, so it could be included in one of those security updates they keep pushing even though Lion is really old... |
| 05:41 | <&McMartin> | Yeah, apparently patches are being made available for every version of bash released in the past 15 years |
| 05:41 | <@Azash> | That is effort |
| 05:42 | | Turaiel is now known as Turaiel[Offline] |
| 05:42 | < Harlow> | McMartin how is that even possible? |
| 05:43 | <&McMartin> | I imagine that's only formal releases by the maintained distros. |
| 06:19 | | thalass [thalass@Nightstar-i2mkj0.bigpond.net.au] has quit [Ping timeout: 121 seconds] |
| 06:26 | <@Azash> | Hahaha https://www.reddit.com/r/netsec/comments/2hbxtc/cve20146271_remote_code_executio n_through_bash/ckrbqac |
| 06:59 | | Harlow [harlow@Nightstar-pq0497.il.comcast.net] has quit [[NS] Quit: sleep] |
| 08:44 | | Alek [omegaboot@Nightstar-c8t.a00.36.73.IP] has quit [Ping timeout: 121 seconds] |
| 09:05 | | Kindamoody is now known as Kindamoody|afk |
| --- Log closed Thu Sep 25 09:50:25 2014 |
| --- Log opened Thu Sep 25 09:50:48 2014 |
| 09:50 | | TheWatcher [chris@Nightstar-ksqup0.co.uk] has joined #code |
| 09:50 | | Irssi: #code: Total of 30 nicks [14 ops, 0 halfops, 0 voices, 16 normal] |
| 09:50 | | mode/#code [+o TheWatcher] by ChanServ |
| 09:51 | | Irssi: Join to #code was synced in 39 secs |
| 10:27 | | Alek [omegaboot@Nightstar-c8t.a00.36.73.IP] has joined #code |
| 10:27 | | mode/#code [+o Alek] by ChanServ |
| 10:56 | | VirusJTG [VirusJTG@Nightstar-6i5vf7.sta.comporium.net] has joined #code |
| 11:20 | <@froztbyte> | <Azash> I'm really doubtful you can just use "a line of code" (???) to exploit bash on even a majority of web servers |
| 11:20 | <@froztbyte> | actually. |
| 11:20 | <@froztbyte> | think about things like log parsers and random shell scripts and such |
| 11:21 | <@froztbyte> | I'm pretty sure this might get some really creative places to live in the next couple of months |
| 11:23 | | * TheWatcher had bash updated on his servers within minutes of the fix being released >.> |
| 11:24 | <@TheWatcher> | Now I'm going through everything checking that nobody tried anything before then (pretty sure that they hadn't, but best be sure...) |
| 11:27 | <@froztbyte> | I found an error in our unattended-updates config as a result of this |
| 11:27 | <@froztbyte> | except our day is kinda full already and we're down 33% on team capacity |
| 11:27 | <@froztbyte> | and this will auto-apply all the things by tomorrow morning if we don't molly-coddle it today |
| 11:27 | <@froztbyte> | so I'm kinda ":s" atm |
| 11:28 | <@froztbyte> | I pushed the bash update to *, but there are fun things like rabbitmq-server which need a bump |
| 11:28 | <@froztbyte> | and that can in turn break celery because celery is Supar Goods software |
| 11:29 | <@TheWatcher> | Happy fun joy >.< |
| 11:30 | <@froztbyte> | I'll probably kick it off during our team call |
| 11:30 | <@froztbyte> | and see what explodes |
| 11:31 | <@TheWatcher> | Well, good luck :/ |
| 11:33 | <@froztbyte> | eh, I've had worse |
| 11:33 | <@froztbyte> | at least in this case I know what'll want to eat my breakfast |
| 11:33 | <@froztbyte> | and all the other bits are in puppet anyway |
| 11:42 | | * Tarinaky is learning more about DSP than she ever really wanted to know :/ |
| 11:43 | | * Tarinaky throws up hamming windows all over the channel. |
| 11:43 | | * TheWatcher fills them full of Brian Blessed |
| 11:43 | <&McMartin> | You misspelled BRIAN BLESSED |
| 11:45 | <@TheWatcher> | Indeed. How silly of me. |
| 11:50 | <@Azash> | TheWatcher: The initial fix could be circumvented, btw |
| 11:51 | <@TheWatcher> | I know |
| 12:06 | | AverageJoe [evil1@Nightstar-fb1kt4.ph.cox.net] has joined #code |
| 12:08 | <@Tarinaky> | "On his visit to India's rocket port on 30 June, Prime Minister Narendra Modi said: "The [making of the] Hollywood movie Gravity cost more than our Mars mission - this is a great achievement."" |
| 12:10 | <@Azash> | https://gist.github.com/anonymous/929d622f3b36b00c0be1 |
| 12:11 | <@celticminstrel> | Is that supposed to imply that the movie was inordinately expensive or that the Mars mission was unusually cheap? |
| 12:11 | <@Azash> | The Mars mission was something like $73 million, IIRC |
| 12:16 | <@celticminstrel> | That makes it sound more like the former interpretation, though I say that without having a good concept of what's cheap and expensive in this context. |
| 12:20 | <@TheWatcher> | Each of the apollo moon missions cost around $350 to $400 million in 1970s value dollars (equivalent to about 3-4 billion a time now) |
| 12:20 | <@Tarinaky> | The Mars mission was something like 1/10th the cost of Curiosity. |
| 12:21 | <@TheWatcher> | so yeah, $73 million to get to mars is frankly nigh-unbelivably cheap |
| 12:21 | <@Tarinaky> | In fairness, they didn't land or anything. |
| 12:21 | <@Tarinaky> | It's just a Mars orbiter. |
| 12:21 | <@TheWatcher> | true |
| 12:22 | <@Tarinaky> | India's space agency is also the first country to get it right first time. |
| 12:23 | <@celticminstrel> | What about cheap vs expensive for a film? |
| 12:23 | <@Tarinaky> | Clearly they were cheating by reading the KSP forums for walkthroughs instead of learning by trial and error :P |
| 12:24 | <@celticminstrel> | KSP? |
| 12:24 | <@celticminstrel> | Oh wait. |
| 12:24 | <@celticminstrel> | Isn't that just a game? |
| 12:24 | <@Azash> | Kivi-sakset-paperi, the Finnish translation for rock paper scissors |
| 12:24 | <@Tarinaky> | It's a very good game and I think a few people have declared it a legitimate teaching tool: even if it is 'easy mode' by comparison to reality. |
| 12:24 | | * celticminstrel claims Azash as a chair. |
| 12:25 | <@celticminstrel> | I see. |
| 12:27 | <@TheWatcher> | Yeah, KSP is is simplified, and scaled down, but the general principles are pretty sound, especitally once you replace the aerodynamics model |
| 12:27 | <@Tarinaky> | And the err... plugin system make it quite easy to do thngs like that. |
| 12:28 | <@TheWatcher> | Yep. |
| 12:28 | <@celticminstrel> | So it may be a game, but it's a simulation game, and a pretty accurate one? |
| 12:28 | <@Azash> | celticminstrel: Do clarify |
| 12:28 | <@celticminstrel> | I'd love to, but I'm afraid I don't know myself. |
| 12:29 | <@Tarinaky> | Well, it's the most accurate one for sale. |
| 12:29 | <@TheWatcher> | celticminstrel: it's decent enough. You wouldn't want to try simulating a real space mission in it, but as far as learning about orbital mechanics, etc it's decent |
| 12:30 | <@Tarinaky> | The orbital mechanics are strictly Keplerian, rather than N-Body - which as I understand it is the back of the envelope approximation... |
| 12:30 | <@Tarinaky> | The aerodynamic model isn't: it's just a hack where special wing parts add lift. |
| 12:31 | <@celticminstrel> | Well, I was under the impression that N-Body is extremely impractical beyond N=3, so that's not surprising. |
| 12:31 | <@TheWatcher> | Tarinaky: Unless you use something like Ferram Aerospace, which does far more complex aerodynamic modelling, yes. |
| 12:31 | <@Tarinaky> | An N-body problem is easy to simulate. It's just difficult to find solutions. |
| 12:31 | <@Tarinaky> | TheWatcher: Talking strictly about stock KSP |
| 12:32 | <@celticminstrel> | Ah, okay. |
| 12:32 | <@TheWatcher> | Like anyone actually uses that >.> |
| 12:32 | <@Tarinaky> | But short of Matlab: it's the most accurate rockettry simulator money can buy. |
| 12:33 | <@Tarinaky> | At least at the moment. |
| 12:33 | <@TheWatcher> | And KSP's big problem is that they're using unity, which is great for many things, but gets really bandy when it comes to complex physics simulation and very large scales |
| 12:33 | <@Azash> | celticminstrel: I mean the chair thing |
| 12:34 | <@TheWatcher> | But at this point, they basically can't replace tne engine without rewriting from scratch, so they kludge around it |
| 12:34 | <@celticminstrel> | Azash, the best I can give you is that I responded to perceived silliness with more silliness. |
| 12:34 | <@Tarinaky> | They're pretty close to what they originally planned for the game anyway. |
| 12:34 | <@Azash> | Ah |
| 12:34 | <@TheWatcher> | Tarinaky: yep |
| 12:34 | <@Tarinaky> | Bring on KSP2: REVENGE OF THE KERBAL |
| 12:36 | <@Tarinaky> | But yeah. The main issue with KSP as a game is there's basically two kinds of players - people who complain about how hard it is to get enough Science to get the parts/DeltaV to get to new locations to get Science... |
| 12:37 | <@Tarinaky> | And people for whome landing on the Moon with 0 Science is a Solved Problem and Grand Tours take forever to do. |
| 12:37 | <@Tarinaky> | s/and/but/ |
| 12:37 | <@Tarinaky> | +and are boring |
| 12:39 | | RchrdB [0x2ba22e11@Nightstar-qe9.aug.187.81.IP] has joined #code |
| 12:39 | | mode/#code [+o RchrdB] by ChanServ |
| 12:52 | | AverageJoe [evil1@Nightstar-fb1kt4.ph.cox.net] has quit [[NS] Quit: Leaving] |
| 13:06 | | Checkmate [Z@Nightstar-484uip.cust.comxnet.dk] has joined #code |
| 13:06 | | mode/#code [+o Checkmate] by ChanServ |
| 13:39 | | RchrdB [0x2ba22e11@Nightstar-qe9.aug.187.81.IP] has quit [[NS] Quit: Leaving] |
| 14:04 | <@Tarinaky> | Any clue what the Ruby equiv of min is? |
| 14:05 | <@Azash> | Which min? |
| 14:05 | <@Tarinaky> | i.e. (a<b)?a:b |
| 14:05 | <@Azash> | Apparently [a,b].min |
| 14:06 | <@Tarinaky> | Ahah, naturally. |
| 14:06 | <@Tarinaky> | (WHy on earth would I expect to find it in the Math module rather than Array~) |
| 14:07 | <@Azash> | Ooh, you can also use minmax apparently |
| 14:07 | <@Tarinaky> | minmax? |
| 14:08 | <@Azash> | [2, 5, 3, 1, 7].minmax #=> [1,7] |
| 14:08 | <@Azash> | Well I mean |
| 14:08 | <@Azash> | Not for your problem but in general |
| 14:09 | <@Tarinaky> | I have to be honest. WHen you say MinMax I thought this was going to be useful for MinMax/MaxMin problems |
| 14:09 | <@Azash> | I have no idea what those are |
| 14:10 | | Harlow [harlow@Nightstar-pq0497.il.comcast.net] has joined #code |
| 14:11 | <@Tarinaky> | Azash: Game Theory |
| 14:11 | <@Azash> | Ah |
| 14:14 | <&ToxicFrog> | Tarinaky, celticminstrel, TheWatcher: Orbiter is more accurate with respect to most things, but KSP is hugely more accessible and lets you do more. |
| 14:16 | | * TheWatcher nod |
| 14:16 | <@TheWatcher> | I've eyeballed orbiter a bit, it seems to have no so much a learning curve as a learning cliff |
| 14:17 | <&ToxicFrog> | Basically, if you want an accurate recreation of real-world space program vehicles, or N-body simulation that lets you take advantage of Cunning Gravity Tricks like L1/L2 points or the ITN, Orbiter has KSP beat there. If you want to design your own vehicles, KSP is where it's at, and its physics are good enough to learn basic (2-body) orbital mechanics and suchlike. |
| 14:17 | <&ToxicFrog> | It is also something you can plausibly sit down in front of and start playing with no prior training, while Orbiter is the Falcon 4.0 of space sims. |
| 14:20 | <&ToxicFrog> | TheWatcher: yes, exactly. |
| 14:22 | <@Tarinaky> | A lot of Orbiter's difficulty is memorising the order of switches you need to toggle to launch a craft though. |
| 14:22 | <@Tarinaky> | Rather than actual orbital mechanics... |
| 14:25 | <&ToxicFrog> | Tarinaky: yes, that's exactly my point |
| 14:25 | <@Tarinaky> | I'd totally forgotten about Orbiter though. |
| 14:28 | | Harlow [harlow@Nightstar-pq0497.il.comcast.net] has quit [[NS] Quit: BED] |
| 14:43 | | macdjord|Xenonauts is now known as macdjord |
| 14:49 | | RchrdB [0x2ba22e11@Nightstar-952.jvr.168.194.IP] has joined #code |
| 14:49 | | mode/#code [+o RchrdB] by ChanServ |
| 15:20 | | thalass [thalass@Nightstar-481nhl.bigpond.net.au] has joined #code |
| 15:20 | | mode/#code [+o thalass] by ChanServ |
| 15:25 | | macdjord is now known as macdjord|nap |
| 15:29 | | thalass is now known as Thalass|QUADCOPTERWHEE |
| 16:07 | | celticminstrel [celticminst@Nightstar-ak6p6n.dsl.bell.ca] has quit [[NS] Quit: KABOOM! It seems that I have exploded. Please wait while I reinstall the universe.] |
| 16:48 | | celticminstrel [celticminst@Nightstar-ak6p6n.dsl.bell.ca] has joined #code |
| 16:48 | | mode/#code [+o celticminstrel] by ChanServ |
| 19:07 | | Kindamoody|afk is now known as Kindamoody |
| 19:49 | | RchrdB [0x2ba22e11@Nightstar-952.jvr.168.194.IP] has quit [[NS] Quit: Leaving] |
| 20:36 | | Kindamoody is now known as Kindamoody[zZz] |
| 21:12 | | Turaiel[Offline] is now known as Turaiel |
| 21:51 | | Turaiel is now known as Turaiel[Offline] |
| 22:14 | <@froztbyte> | welp |
| 22:14 | <@froztbyte> | pycon(za) talk accepted |
| 22:15 | <@froztbyte> | and I have ~1 week to turn it from "random people in the office" level into "technical talk" |
| 22:15 | <@froztbyte> | guess I'll have to do that over the weekend |
| 22:16 | <@froztbyte> | would any of you be keen on checking it btw? |
| 22:56 | < Reiv> | I'd be willing to look over the drafts for ya, sure |
| 22:56 | < Reiv> | Though cadence can be as crucial as the content |
| 23:08 | <@TheWatcher> | I might be able to, although python... |
| 23:53 | | Turaiel[Offline] is now known as Turaiel |
| --- Log closed Fri Sep 26 00:00:49 2014 |