| --- Log opened Tue Sep 12 00:00:54 2017 |
| 00:18 | | Jessikat [Jessikat@Nightstar-bt5k4h.81.in-addr.arpa] has quit [[NS] Quit: Leaving] |
| 00:24 | | Derakon[AFK] is now known as Derakon |
| 00:27 | | Jessikat` is now known as Jessikat |
| 00:30 | | Jessikat` [Jessikat@Nightstar-j7o.bmi.132.82.IP] has joined #code |
| 00:33 | | Jessikat [Jessikat@Nightstar-giapeh.dab.02.net] has quit [Ping timeout: 121 seconds] |
| 00:38 | | Jessikat` is now known as Jessikat |
| 00:48 | | celticminstrel [celticminst@Nightstar-ce0j0u.dsl.bell.ca] has joined #code |
| 00:48 | | mode/#code [+o celticminstrel] by ChanServ |
| 00:54 | | himi [sjjf@Nightstar-dm0.2ni.203.150.IP] has joined #code |
| 00:54 | | mode/#code [+o himi] by ChanServ |
| 01:04 | | Azash [Azash@static.35.123.4.46.clients.your-server.de] has joined #code |
| 01:09 | | Azash [Azash@static.35.123.4.46.clients.your-server.de] has quit [Connection closed] |
| 01:50 | <&[R]> | https://twitter.com/marcosbl/status/641110424193232897 |
| 02:08 | | macdjord is now known as macdjord|slep |
| 04:22 | | ion_ [Owner@Nightstar-ke59qj.eng.wind.ca] has joined #code |
| 04:29 | <@Reiv> | ... what |
| 04:31 | | ion_ [Owner@Nightstar-ke59qj.eng.wind.ca] has quit [Ping timeout: 121 seconds] |
| 04:36 | <@Alek> | what happens if the number is actually imaginary? :P |
| 04:44 | <@celticminstrel> | It won't be. :P |
| 04:47 | <&[R]> | OMFG |
| 04:47 | <&[R]> | I think I found my wifi issue |
| 04:48 | <&[R]> | Some stupid box is doing a network map with ARPs |
| 04:48 | <&[R]> | On a 10/8 network |
| 04:48 | < Mahal> | .................. |
| 04:48 | < Mahal> | well yeah, that would be a problem |
| 04:48 | < Mahal> | however |
| 04:48 | < Mahal> | why do you have a 10/8 network in the first place |
| 04:49 | < Mahal> | cos that just SCREAMS #baddesigndecisions |
| 04:49 | <&[R]> | Because it's easier to type the IPs (also VMs) |
| 04:49 | <&[R]> | I had subnets earlier, but they didn't really provide any benefit |
| 04:49 | < Mahal> | I... waht |
| 04:49 | <&[R]> | It's a SOHO network |
| 04:50 | < Mahal> | OK, you know what, my sysadmin brain doesn't actually belong here |
| 04:50 | < Mahal> | (No, it's a YOLO network :P, or specifically notwork.) |
| 04:50 | <&[R]> | 9.9k ARPs in ~2 seconds |
| 04:51 | <&[R]> | ARP requests specifically |
| 04:51 | <&[R]> | All from the same box |
| 04:52 | < Mahal> | so /why/ is that box doing it? |
| 04:52 | < Mahal> | and definitely, stop it doing it |
| 04:52 | <&[R]> | No fucking clue |
| 04:52 | <&[R]> | I have two routes out (for various reasons) |
| 04:52 | <&[R]> | I own the Shaw out, my dad owns the Telus out. |
| 04:53 | <&[R]> | The Telus gateway box (that they gave us) is the culprit |
| 04:53 | <&[R]> | I have zero clue why it's doing this |
| 04:55 | <&[R]> | Since it's evidently doing the entire network (and not just IPs that have at one point been used) |
| 05:00 | <&[R]> | That'd explain why it's so irregular too |
| 05:01 | < Mahal> | Your answer here is basically "learn how to operate a network", I'm afraid. |
| 05:01 | <&[R]> | Because it's doing it as a batch or something. |
| 05:01 | <&[R]> | What have I done horribly wrong here? |
| 05:01 | <&[R]> | (I'll be called Telus to see if they can do anything about their equipment) |
| 05:02 | <@Reiv> | I, uh, trust that you are not in fact actually a network admin, right? |
| 05:02 | < Mahal> | For a start you're running a /9 |
| 05:02 | < Mahal> | /8, typo |
| 05:03 | < Mahal> | at most you want to be running a /24 at home. |
| 05:03 | < Mahal> | or hell, a /16 if you must, which is what most home routers etc run by default (192.168.0.0/16) |
| 05:05 | < Mahal> | It's the difference between 65534 available addresses and 16777214. |
| 05:15 | <&[R]> | Alright, thanks |
| 05:16 | <&[R]> | I'll fix things up in the morning |
| 05:30 | | Derakon is now known as Derakon[AFK] |
| 05:43 | | celticminstrel [celticminst@Nightstar-ce0j0u.dsl.bell.ca] has quit [[NS] Quit: And lo! The computer falls into a deep sleep, to awake again some other day!] |
| 06:02 | | himi [sjjf@Nightstar-dm0.2ni.203.150.IP] has quit [Ping timeout: 121 seconds] |
| 06:14 | | ion [Owner@Nightstar-gmbj85.vs.shawcable.net] has quit [[NS] Quit: lost host] |
| 06:16 | | ion [Owner@Nightstar-gmbj85.vs.shawcable.net] has joined #code |
| 07:00 | | Jessikat` [Jessikat@Nightstar-2oenla.dab.02.net] has joined #code |
| 07:02 | | Jessikat [Jessikat@Nightstar-j7o.bmi.132.82.IP] has quit [Ping timeout: 121 seconds] |
| 07:36 | | Jessikat` is now known as Jessikat |
| 07:36 | | Degi [Degi@Nightstar-54lck0.dyn.telefonica.de] has joined #code |
| 08:19 | | himi [sjjf@Nightstar-v37cpe.internode.on.net] has joined #code |
| 08:19 | | mode/#code [+o himi] by ChanServ |
| 08:42 | | macdjord [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has joined #code |
| 08:42 | | mode/#code [+o macdjord] by ChanServ |
| 08:44 | | macdjord|slep [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has quit [Ping timeout: 121 seconds] |
| 10:26 | | Degi [Degi@Nightstar-54lck0.dyn.telefonica.de] has quit [Connection reset by peer] |
| 10:26 | | You're now known as TheWatcher[d00m] |
| 10:27 | | mac [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has joined #code |
| 10:27 | | mode/#code [+o mac] by ChanServ |
| 10:29 | | macdjord [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has quit [Ping timeout: 121 seconds] |
| 10:50 | | You're now known as TheWatcher |
| 11:25 | | Jessikat [Jessikat@Nightstar-2oenla.dab.02.net] has quit [[NS] Quit: Bye] |
| 15:35 | <&[R]> | "Yes, those machines run a no longer up to date copy of windows XP, which is not my choice but because of local law." WTF |
| 15:35 | <&[R]> | What kind of fucked up law...? |
| 15:35 | <&[R]> | From: https://www.reddit.com/r/talesfromtechsupport/comments/6ovy0h/how_the_coffeemach ine_took_down_a_factories/ |
| 15:36 | | macdjord [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has joined #code |
| 15:36 | | mode/#code [+o macdjord] by ChanServ |
| 15:37 | <&[R]> | Apparently auditing hell |
| 15:38 | | mac [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has quit [Operation timed out] |
| 15:43 | | * TheWatcher eyes that |
| 15:43 | <@TheWatcher> | Aaah, internet of shit. |
| 15:43 | <@TheWatcher> | I mean, seriously, in what sort of world is it actually sane to have the words "the coffee machines are supposed to be connected to their own isolated WiFi network" |
| 16:10 | | Jessikat [Jessikat@Nightstar-7m35tf.dab.02.net] has joined #code |
| 16:19 | | Degi [Degi@Nightstar-54lck0.dyn.telefonica.de] has joined #code |
| 17:57 | <@Tamber> | But how else are they to make sure the DRM on the coffee machines is kept up to date~? |
| 19:36 | < Degi> | Wait till they put a Government™ in place and to vote you need a 100000$ software license for the voting software. |
| 20:00 | | Jessikat` [Jessikat@Nightstar-fhj9ad.dab.02.net] has joined #code |
| 20:02 | < Mahal> | It's so the coffee machines can go VENDOR I NEED CLEANING and smilar without humans requiring involvement |
| 20:02 | < Mahal> | same as printers |
| 20:03 | | Jessikat [Jessikat@Nightstar-7m35tf.dab.02.net] has quit [Ping timeout: 121 seconds] |
| 20:15 | <~Vornicus> | why the fuck is a coffeemachine running windows |
| 20:17 | <&ToxicFrog> | Mahal: huh, most home routers here do 192.168.N.0/8, where the N is usually 1 |
| 20:18 | < Mahal> | TF: if they're doing 192.168.x.0 it's a /24 |
| 20:18 | < Mahal> | generally |
| 20:18 | <&ToxicFrog> | Er |
| 20:18 | <&ToxicFrog> | yes |
| 20:18 | < Mahal> | an /8 is where the network is e.g. 10.x.x.x |
| 20:18 | <&ToxicFrog> | I had a brain |
| 20:18 | < Mahal> | :D |
| 20:18 | < Mahal> | It depends, I see a mix of /16 and /24 |
| 20:19 | < ion> | I think it's actually the control/monitoring software that was running windows XP and the coffee machine just happened to be misconnected to what was supposed to be an airgapped network of XP machines |
| 20:19 | < Mahal> | 24 is certainly the /smart/ option. |
| 20:19 | < ion> | At least that's what I managed to understand from that reddit post |
| 20:20 | < Mahal> | Yes, that's correct |
| 20:21 | < Mahal> | it looks like the installer wired it into the control network (why was there no port-security on the switches preventing this? access only to the vlan by approved mac address?) |
| 20:21 | < Mahal> | and wireless into the insecure wifi as well. |
| 20:21 | | * Mahal mutters at the security of the network team |
| 20:22 | <@Tamber> | Yeah, installer fucked up. Network team fucked up even more in order to allow that fuckup to happen. |
| 20:24 | < ion> | Yeah, I'm no professional or even very strong with networking but I know the value of whitelisting the likes of a C&C center |
| 20:25 | < Mahal> | hell, I'd have considered keeping it on an isolated /switch/ if necessary. |
| 20:25 | < Mahal> | so you couldn't accidentally mispatch to the wrong VLAN. |
| 20:25 | < Mahal> | (and I'd STILL have port security.) |
| 20:26 | < Mahal> | Yes, it would be a dick to manage, but... |
| 20:26 | < ion> | At least they're booting the machines off of imaged disks for the airgapped network, that's smart at least |
| 20:26 | <@Tamber> | security < || > convenience |
| 20:26 | < ion> | I'm mildly curious whether the coffee machine was automagically bridging it's ethernet/wifi networks, or if that crept through via some malware |
| 20:27 | <&ToxicFrog> | ion: my guess would be that the machines got infected via the wifi link to the outside world |
| 20:27 | <&ToxicFrog> | And once infected, the malware then started looking for more targets on all active interfaces |
| 20:27 | <&ToxicFrog> | Which included the one connected to the supposedly-airgapped monitoring systems |
| 20:27 | < ion> | ToxicFrog: Yeah, I'm leaning towards the malware probably being the part that bridged the networks |
| 20:28 | <&ToxicFrog> | So it wasn't "networks were bridged", it was "malware infected a machine connected to both networks" |
| 20:33 | | mac [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has joined #code |
| 20:34 | | mode/#code [+o mac] by ChanServ |
| 20:36 | | macdjord [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has quit [Ping timeout: 121 seconds] |
| 20:38 | < Mahal> | Yep, the malware will have gone hunting. |
| 20:38 | < Mahal> | if I had to guess it was WannaCry shooting off over smbv1 |
| 20:46 | | Degi_ [Degi@Nightstar-p095bp.dyn.telefonica.de] has joined #code |
| 20:49 | | Degi [Degi@Nightstar-54lck0.dyn.telefonica.de] has quit [Ping timeout: 121 seconds] |
| 20:57 | | HTTP__GK_1WM_SU [wreyw@Nightstar-19m.v95.144.198.IP] has joined #code |
| 20:58 | | HTTP__GK_1WM_SU [wreyw@Nightstar-19m.v95.144.198.IP] has left #code [""] |
| 21:07 | <&McMartin> | http://patshaughnessy.net/2012/1/4/never-create-ruby-strings-longer-than-23-char acters |
| 21:07 | <&McMartin> | std::string would blow this guy's mind~ |
| 22:14 | | macdjord|slep [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has joined #code |
| 22:14 | | mode/#code [+o macdjord|slep] by ChanServ |
| 22:17 | | mac [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has quit [Ping timeout: 121 seconds] |
| 22:49 | | Jessikat` [Jessikat@Nightstar-fhj9ad.dab.02.net] has quit [[NS] Quit: Bye] |
| 22:54 | < ErikMesoy> | [R]: Another one comes to mind that I think I saw on twitter once, but I forget both the exact source and format. It was something like: |
| 22:55 | < ErikMesoy> | "Once I was young and thought the new Shadowrun edition was stupid for making everything wireless and hackable. Now I am old and I have seen the Internet of Things." |
| 23:01 | <@Alek> | :P |
| 23:02 | <@Alek> | tbh, I'm pretty sure that edition came out /after/ the IoT took root. |
| 23:06 | | Degi_ [Degi@Nightstar-p095bp.dyn.telefonica.de] has quit [Connection closed] |
| 23:11 | <&McMartin> | Heh |
| 23:11 | <&McMartin> | I've been saying "dudes, cyberpunk dystopias were not instruction manuals" for a while now |
| 23:12 | | * Mahal chuckls |
| 23:12 | < Mahal> | IoT is short for Internet of Things that SHouldn't Be on the Internet |
| 23:13 | < Mahal> | also: The S in IoT stands for Security |
| 23:29 | | RchrdB [RchrdB@Nightstar-qe9.aug.187.81.IP] has joined #code |
| 23:34 | | * McMartin reads the warnings on his new mouse. |
| 23:34 | <&McMartin> | "Warning! Laser Radiation. Viewing the laser output with magnifying optical instruments within a 100mm distance may pose an eye hazard." |
| 23:35 | < RchrdB> | that sounds like a perfectly reasonable safety margin |
| 23:36 | <@Tamber> | I... for some reason mentally connected "new mouse" with "Internet of Things", and came up with a wireless mouse. That is, a mouse that connects via wifi, and communicates mouse movements/button-clicks/malware via a service running on the receiving PC, via The Cloud™. |
| 23:36 | <&McMartin> | Nope |
| 23:36 | <&McMartin> | My desktop of eight years no longer boots, so I was moving my nice keyboard and decent mouse over to a different computer |
| 23:36 | <&McMartin> | This was complicated by the mouse being a PS/2 mouse |
| 23:36 | <&McMartin> | It's cheaper to just get a new wired mouse than dick around with adapters. |
| 23:37 | <@Tamber> | yeah. |
| 23:37 | < RchrdB> | Indeed it is. |
| 23:37 | <@Tamber> | (I still buy motherboards with a PS/2 port, though, for the keyboard. Stuck in my ways, I am.) |
| 23:37 | <&McMartin> | (My mechanical keyboard has plugs for both, so I no longer have opinions about that.) |
| 23:37 | <&McMartin> | (6-key rollover is sufficient for my single-player games.) |
| 23:39 | <@Tamber> | I don't even care about games & umteen-key rollover... I like my clicky keyboard, and I get a little ticked off at how whenever I use a keyboard plugged into USB, I have to reapply my Xmodmap after every resume from suspend. |
| 23:39 | <@Tamber> | ...which I could, y'know, add to the tail end of the script I use for dealing with going into suspend; but eh |
| 23:40 | <&McMartin> | Ah. My clicky keyboard has DIP switches to handle the mapping I need :D |
| 23:40 | <@Tamber> | Does it have a DIP switch to move things like parens around~? |
| 23:41 | <&McMartin> | No, but I don't need that behavior; I only need to modify the extended shift modes~ |
| 23:41 | <~Vornicus> | dip da dip da dip |
| 23:41 | <&McMartin> | (Specifically, I need to swap Alt and Logo on Macs) |
| 23:42 | < RchrdB> | that reminds me, one of these days i should really try learning Plover |
| 23:43 | <@Tamber> | I'm one of those people who has their environment set up in particular ways for odd little things (that I don't necessarily do any more, but I've gotten used to how things are...); and gets grumpy when it's mysteriously not like that any more for some reason. |
| 23:43 | < RchrdB> | it's like the one non-game application for which 6 key rollover is useful |
| 23:43 | <@Tamber> | ...IOW, I've become Old, I think. |
| 23:43 | < RchrdB> | Tamber, so, like… everyone? :) |
| 23:43 | <@Tamber> | :) |
| 23:46 | <@Tamber> | I should probably try more lisp again, that way my paren relocation actually has a purpose again. |
| 23:48 | <&McMartin> | My parens get relocated when I use the positional keyboard mapping in VICE, but I'm touch-typing that stuff. |
| 23:52 | <~Vornicus> | (mac has the ability to swap those without a pin) |
| 23:53 | <~Vornicus> | (dip. whatever. it's a thing in the system preferences) |
| 23:53 | <&McMartin> | Right, but then I have to re-swap off the dock |
| 23:53 | <~Vornicus> | ah point |
| 23:54 | <&McMartin> | "complies with IEC/EN 60825-1:2007 Class 1M Laser Product, except for deviations pursuant to Laser Notice No. 50" |
| 23:55 | <&McMartin> | "deviations pursuant to Laser Notice No. 50" is a more wonderful phrase than it should be. |
| 23:55 | <@Tamber> | pew pew |
| 23:56 | | * McMartin also checks his local copies of stuff and makes new copies of the stuff that isn't In The Cloud, out of pre-emptive paranoia that probably isn't justified. |
| 23:56 | | * McMartin notices in the process that there is an SVN repo in it |
| 23:56 | <&McMartin> | Checking its contents, I don't think I need this~ |
| 23:57 | < RchrdB> | SVN makes a comparatively acceptable DVCS apparently, you just have to use 'svnadmin dump' and 'svnadmin load' rather than trying all that 'svn checkout' shit. ;) |
| 23:58 | <&McMartin> | It only had one project in it that has its own bare repo in the cousin gitroot directory. |
| 23:58 | < RchrdB> | (Not *really* what I'd call acceptable, but I remember reading about a bunch of BSD people having a written up workflow that looked like that because they didn't want to jump ship while all the DVCSes were still immature.) |
| 23:58 | | * McMartin treats git as if it were SVN for the most part, with bare repos off elsewhere and everything else using it as upstream) |
| --- Log closed Wed Sep 13 00:00:56 2017 |