| --- Log opened Thu Nov 09 00:00:05 2017 |
| 00:04 | | Kindamoody is now known as Kindamoody[zZz] |
| 00:19 | | Jessikat` [Jessikat@Nightstar-bt5k4h.81.in-addr.arpa] has quit [Connection closed] |
| 00:20 | | Jessikat [Jessikat@Nightstar-k7shfo.dab.02.net] has joined #code |
| 00:20 | | Jessikat [Jessikat@Nightstar-k7shfo.dab.02.net] has quit [The TLS connection was non-properly terminated.] |
| 00:39 | | Alek [Alek@Nightstar-7or629.il.comcast.net] has quit [Ping timeout: 121 seconds] |
| 00:44 | | Alek [Alek@Nightstar-7or629.il.comcast.net] has joined #code |
| 00:44 | | mode/#code [+o Alek] by ChanServ |
| 00:46 | | celticminstrel [celticminst@Nightstar-krthmd.dsl.bell.ca] has joined #code |
| 00:46 | | mode/#code [+o celticminstrel] by ChanServ |
| 00:50 | <&[R]> | <pedja> https://twitter.com/h0t_max/status/928269320064450560 Oh, Intel. |
| 00:53 | < Mahal> | can you ELI5? |
| 00:53 | <&[R]> | ? |
| 00:54 | < Mahal> | Can you explain what I'm looking at, as though I'm five, because I do not find the image self-explanatory. |
| 00:54 | <&[R]> | I have no fucking clue either. Seems like a hack on a CPU via the USB bus |
| 00:55 | <&[R]> | Which would be amazingly impressive. |
| 01:16 | <&ToxicFrog> | [R], Mahal: specifically it's access to Intel Management Engine, the hardware rootkit built into all modern intel processors |
| 01:16 | < Mahal> | I thought that was a well-known problem? |
| 01:17 | < Mahal> | I am either missing something really obvious or not understanding what I'm looking at |
| 01:19 | <&ToxicFrog> | Yeah, I'm not sure |
| 01:19 | <&ToxicFrog> | The guy tweeting is a member of the team that originally reported JTAG access to IME at CCC earlier this year |
| 01:19 | <&ToxicFrog> | So presumably the exciting part is that they now have easier or more complete access? |
| 01:26 | <&[R]> | USB is mentioned |
| 01:27 | <&[R]> | Access to the IME via USB opens some crazy parking lot attacks |
| 01:28 | <&ToxicFrog> | USB DCI was the vector for the attack mentioned at CCC last spring, though |
| 01:28 | <&ToxicFrog> | So what's new here? |
| 01:28 | <&[R]> | Ah |
| 01:28 | | * [R] doesn't follow that guy personally |
| 01:29 | <&[R]> | So I was unaware of that context |
| 01:29 | <&ToxicFrog> | Neither do I, just did some quick googling |
| 01:29 | | * [R] shared it because I had assumed someone here knew enough hardware to find that thing interesting |
| 01:30 | <&ToxicFrog> | Someone probably does, but that someone is not me |
| 01:31 | <&ToxicFrog> | Absent further context, I'm going to interpret this as "IME is even more broken than it was already, security is even more of a fading dream than it was already, fuck intel" |
| 01:34 | <&Derakon> | https://i.redd.it/hozy87al9swz.jpg |
| 01:36 | <@himi> | That reminds me of my first attempt to do something with ed . . . |
| 01:45 | | Kindamoody[zZz] [Kindamoody@Nightstar-eubaqc.tbcn.telia.com] has quit [Connection closed] |
| 02:00 | | VirusJTG [VirusJTG@Nightstar-257k14.sta.comporium.net] has joined #code |
| 02:00 | | mode/#code [+ao VirusJTG VirusJTG] by ChanServ |
| 02:14 | | Kindamoody|autojoin [Kindamoody@Nightstar-eubaqc.tbcn.telia.com] has joined #code |
| 02:14 | | mode/#code [+o Kindamoody|autojoin] by ChanServ |
| 02:15 | | Vornicus [Vorn@Nightstar-1l3nul.res.rr.com] has joined #code |
| 02:16 | | mode/#code [+qo Vornicus Vornicus] by ChanServ |
| 03:08 | | VirusJTG [VirusJTG@Nightstar-257k14.sta.comporium.net] has quit [Connection closed] |
| 03:14 | | Vornlicious [Vorn@Nightstar-ffejvm.sub-70-211-140.myvzw.com] has joined #code |
| 03:17 | | Vorntastic [Vorn@Nightstar-1l3nul.res.rr.com] has quit [Ping timeout: 121 seconds] |
| 03:41 | | Kindamoody|autojoin [Kindamoody@Nightstar-eubaqc.tbcn.telia.com] has quit [Connection reset by peer] |
| 04:13 | | Kindamoody|autojoin [Kindamoody@Nightstar-eubaqc.tbcn.telia.com] has joined #code |
| 04:13 | | mode/#code [+o Kindamoody|autojoin] by ChanServ |
| 04:55 | | Vornlicious [Vorn@Nightstar-ffejvm.sub-70-211-140.myvzw.com] has quit [[NS] Quit: Bye] |
| 04:55 | | Vorntastic [Vorn@Nightstar-1l3nul.res.rr.com] has joined #code |
| 05:10 | | Kindamoody|autojoin [Kindamoody@Nightstar-eubaqc.tbcn.telia.com] has quit [Connection closed] |
| 05:12 | | Derakon is now known as Derakon[AFK] |
| 05:14 | | Kindamoody|autojoin [Kindamoody@Nightstar-eubaqc.tbcn.telia.com] has joined #code |
| 05:14 | | mode/#code [+o Kindamoody|autojoin] by ChanServ |
| 05:19 | | celticminstrel [celticminst@Nightstar-krthmd.dsl.bell.ca] has quit [[NS] Quit: KABOOM! It seems that I have exploded. Please wait while I reinstall the universe.] |
| 05:20 | | Vorntastic [Vorn@Nightstar-1l3nul.res.rr.com] has quit [The TLS connection was non-properly terminated.] |
| 05:34 | <&McMartin> | I'm finding myself deeply skeptical of a lot of this even in the presence of demonstrated attacks because the writeups of it have been both incredibly breathless and hilariously inaccurate or frothingly paranoid in the wrong ways |
| 05:36 | <&McMartin> | i.e. "This logic can be successfully attacked despite the fact that it is not connected to any pins or any other internal logic" |
| 05:36 | <&McMartin> | I will require additional argument to accept the thesis that this doesn't mean you owned a completely different machine that wasn't otherwise doing anything, assuming it's even true, but it's mostly phrased as appeals to incredulity |
| 05:45 | <&McMartin> | They also reported last year that MS was totally goign to abandon Intel and start running Windows on ARM instead |
| 05:45 | <&McMartin> | Which is almost true if you ignore "abandon Intel", "instead" and have an extremely expansive definition of what counts as "Windows" |
| 05:49 | <&McMartin> | But assuming that screenshot is what they say it is... |
| 05:50 | <&McMartin> | "There is a separate CPU core inside modern Intel chips that independently handles network and system management. It's supposed to be invisible and part of the general I/O interface in the CPU/motherboard combination, but they've found away to get at the standard chip-debugging interface via USB." |
| 05:51 | <&McMartin> | That doesn't look like a parking lot attack to me, though; it looks like an unusually insidious form of physical compromise. |
| 06:12 | < Mahal> | Thank you McMartin ~~ |
| 06:12 | < Mahal> | that is EXACTLY the sort of translation I needed (and in line with what I thought I was looking at) |
| 06:14 | | Kizor [moryok@Nightstar-e0a4sm.utu.fi] has left #code [] |
| 06:17 | <&McMartin> | Reading some of the PDFs they've created, there also appears to be "and USB2 is much harder to attack in this way, probably requiring the machine to be disassembled" |
| 06:23 | <&McMartin> | As for "which chips are vulnerable" I have seen claims ranging from "literally every chip Intel has manufactured in the past ten years" through "server/enterprise targeted chips from 3rd generation on" through "Skylake on" |
| 06:24 | | macdjord [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has quit [[NS] Quit: Wenn ist das Nunstück git und Slotermeyer? Ja! Beiherhund das Oder die Flipperwaldt gersput!] |
| 06:24 | <&McMartin> | This has included assumptions like "attack will work through blown fuses" which has rendered me extremely skeptical of the claims and the researchers |
| 06:28 | <&McMartin> | Digging *that* up, though, the thing that had come up before was this: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languagei d=en-fr |
| 06:35 | | macdjord [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has joined #code |
| 06:35 | | mode/#code [+o macdjord] by ChanServ |
| 06:51 | | Vornicus [Vorn@Nightstar-1l3nul.res.rr.com] has quit [Ping timeout: 121 seconds] |
| 06:52 | | Vorntastic [Vorn@Nightstar-olp8cg.sub-70-211-131.myvzw.com] has joined #code |
| 07:17 | <&McMartin> | The Opus Magnum leaderboards have been reset |
| 07:17 | <&McMartin> | At least for the moment, I hold the world record in all three categories for Waterproof Sealant. |
| 07:49 | | mac [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has joined #code |
| 07:49 | | mode/#code [+o mac] by ChanServ |
| 07:52 | | macdjord [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has quit [Ping timeout: 121 seconds] |
| 08:26 | < Vorntastic> | Man |
| 08:26 | <&McMartin> | Also Refined Gold and Hair Product~ |
| 08:28 | | macdjord [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has joined #code |
| 08:28 | | mode/#code [+o macdjord] by ChanServ |
| 08:31 | | mac [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has quit [Ping timeout: 121 seconds] |
| 08:49 | | * McMartin then matches the record for Cost on Armor Filament but that requires doing two things he totally thinks shouldn't be valid solutions. |
| 08:53 | | McMartin [mcmartin@Nightstar-rpcdbf.sntcca.sbcglobal.net] has quit [[NS] Quit: brb] |
| 08:56 | | McMartin [mcmartin@Nightstar-rpcdbf.sntcca.sbcglobal.net] has joined #code |
| 08:56 | | mode/#code [+ao McMartin McMartin] by ChanServ |
| 09:05 | | McMartin [mcmartin@Nightstar-rpcdbf.sntcca.sbcglobal.net] has quit [Connection closed] |
| 09:43 | | Kizor [moryok@Nightstar-e0a4sm.utu.fi] has joined #code |
| 10:03 | | macdjord is now known as macdjord|slep |
| 10:05 | | Jessikat [Jessikat@Nightstar-vbf.159.132.82.IP] has joined #code |
| 10:12 | <&[R]> | <McMartin> That doesn't look like a parking lot attack to me, though; it looks like an unusually insidious form of physical compromise. <-- By parking lot attack, I mean specifically the "distribute USB sticks around the target's parking lot" variant |
| 10:13 | | Alek [Alek@Nightstar-7or629.il.comcast.net] has quit [Ping timeout: 121 seconds] |
| 10:17 | | Alek [Alek@Nightstar-7or629.il.comcast.net] has joined #code |
| 10:17 | | mode/#code [+o Alek] by ChanServ |
| 11:25 | | Emmy [Emmy@Nightstar-9p7hb1.direct-adsl.nl] has joined #code |
| 12:43 | | Degi [Degi@Nightstar-v1038d.dyn.telefonica.de] has joined #code |
| 12:46 | | Degi [Degi@Nightstar-v1038d.dyn.telefonica.de] has quit [The TLS connection was non-properly terminated.] |
| 12:56 | | Degi [Degi@Nightstar-v1038d.dyn.telefonica.de] has joined #code |
| 13:02 | | Degi [Degi@Nightstar-v1038d.dyn.telefonica.de] has quit [The TLS connection was non-properly terminated.] |
| 13:33 | | Kindamoody|autojoin is now known as Kindamoody |
| 13:34 | | Kindamoody [Kindamoody@Nightstar-eubaqc.tbcn.telia.com] has quit [Connection reset by peer] |
| 13:37 | | Kindamoody|autojoin [Kindamoody@Nightstar-eubaqc.tbcn.telia.com] has joined #code |
| 13:37 | | mode/#code [+o Kindamoody|autojoin] by ChanServ |
| 13:39 | | Kindamoody|autojoin is now known as Kindamoody |
| 13:56 | | Degi [Degi@Nightstar-8jctgl.dyn.telefonica.de] has joined #code |
| 14:12 | | VirusJTG [VirusJTG@Nightstar-42s.jso.104.208.IP] has joined #code |
| 14:12 | | mode/#code [+ao VirusJTG VirusJTG] by ChanServ |
| 14:37 | | Degi [Degi@Nightstar-8jctgl.dyn.telefonica.de] has quit [Connection reset by peer] |
| 15:21 | <&jeroud> | McMartin: Why are only some of your solutions submitted? |
| 15:21 | <&jeroud> | Did you not hit the reverify button or something? |
| 15:23 | <&jeroud> | It's foiling my plan to equal or better your scores everywhere.~ |
| 15:23 | | bowlich [bowlich@Nightstar-su4ao3.kynda.net] has quit [Connection closed] |
| 15:23 | <@TheWatcher> | snrk |
| 15:28 | | bowlich [bowlich@Nightstar-su4ao3.kynda.net] has joined #code |
| 15:30 | | Vorntastic [Vorn@Nightstar-olp8cg.sub-70-211-131.myvzw.com] has quit [Connection closed] |
| 15:30 | | Vorntastic [Vorn@Nightstar-1l3nul.res.rr.com] has joined #code |
| 16:31 | | Jessikat` [Jessikat@Nightstar-qspdla.dab.02.net] has joined #code |
| 16:33 | | Jessikat [Jessikat@Nightstar-vbf.159.132.82.IP] has quit [Ping timeout: 121 seconds] |
| 17:34 | < Jessikat`> | tfw you are watching a talk on common pitfalls in a C++ standard library structure and you already know what the guy is going to say because you spent a couple weeks struggling to write tests that catch that specific thing |
| 17:34 | < Jessikat`> | Whilst implementing it |
| 17:59 | <&jerith> | \o/ |
| 18:00 | <&jerith> | Jessikat`: How does it feel to be a proper expert in something? :-) |
| 18:10 | | Alek [Alek@Nightstar-7or629.il.comcast.net] has quit [Operation timed out] |
| 18:11 | | gnolam [quassel@Nightstar-hsn6u0.cust.bahnhof.se] has joined #code |
| 18:11 | | mode/#code [+o gnolam] by ChanServ |
| 18:14 | | Alek [Alek@Nightstar-7or629.il.comcast.net] has joined #code |
| 18:14 | | mode/#code [+o Alek] by ChanServ |
| 18:56 | | Degi [Degi@Nightstar-8jctgl.dyn.telefonica.de] has joined #code |
| 18:58 | | mac [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has joined #code |
| 18:58 | | mode/#code [+o mac] by ChanServ |
| 19:01 | | macdjord|slep [macdjord@Nightstar-a1fj2k.mc.videotron.ca] has quit [Ping timeout: 121 seconds] |
| 19:34 | < Jessikat`> | jerith: I suppose I'm running out of ways to think I'm not xD |
| 19:38 | <&jerith> | Oh, there are plenty of things you're not an expert in.~ |
| 19:39 | <&jerith> | But nobody can be an expert in everything. |
| 19:39 | <&jerith> | Not even me. :-( |
| 19:59 | | McMartin [mcmartin@Nightstar-rpcdbf.sntcca.sbcglobal.net] has joined #code |
| 19:59 | | mode/#code [+ao McMartin McMartin] by ChanServ |
| 20:31 | < ErikMesoy> | I had a Python program with a bunch of global methods. I attempted to refactor these out into a separate file of methods, and put "from misc_methods import *" in the main file. Methods defined in misc_methods now throw NameError trying to refer to objects defined in main file. What am I doing wrong and how should I be doing it? |
| 20:32 | < ErikMesoy> | Pass object to these methods explicitly so they can refer to it by argument? Do the import differently? |
| 20:41 | | Jessikat [Jessikat@Nightstar-bt5k4h.81.in-addr.arpa] has joined #code |
| 20:42 | < ErikMesoy> | Or to generalize: how do I make/let an importee know about the importer? |
| 20:44 | | Jessikat` [Jessikat@Nightstar-qspdla.dab.02.net] has quit [Ping timeout: 121 seconds] |
| 21:08 | <&[R]> | This is one of the things that annoyed me about python D: IIRC you don't even have the option to make a proper global variable. |
| 21:09 | <&ToxicFrog> | ErikMesoy: declare them in the file and import them as well, or pass them explicitly |
| 21:10 | < ErikMesoy> | ToxicFrog: declare which "them" ? |
| 21:10 | <&ToxicFrog> | The globals. |
| 21:10 | <&[R]> | I think he's saying declare the variables to be imported from the module |
| 21:10 | <&ToxicFrog> | s/the file/the separate file of methods/ |
| 21:11 | | Jessikat [Jessikat@Nightstar-bt5k4h.81.in-addr.arpa] has quit [Ping timeout: 121 seconds] |
| 21:11 | <&ToxicFrog> | Like, if those methods need the globals and main.py doesn't, put them in the same file as the methods that need them. If they both need them, you need to either put them in the thing that's getting imported or rethink what lines you're slicing up the code along. |
| 21:13 | < ErikMesoy> | Definitely rethink, because the methods I was going to refactor out are misc utilities for touching a great deal of things in the base program, and if I move all those out I've moved almost everything. |
| 21:14 | <&ToxicFrog> | This sounds like your program has an awful lot of global mutable state used all over the place |
| 21:16 | < ErikMesoy> | The state is contained in objects. The global methods in question were something like debug-tools that fiddled with the state of those objects. I was planning to move them out so the main file would contain objects, state, primary interaction logic, and the extra file would contain optional secondary pokes. |
| 21:17 | <&ToxicFrog> | Make them take the objects as explicit arguments, then? |
| 21:21 | < ErikMesoy> | Hnnnh. I can, but that's going to be messy. |
| 21:22 | < ErikMesoy> | Maybe if I refactor the *objects* into their own file of "these should be accessible everywhere", and then import *that* file to make it visible as an importee to everything else... |
| 21:29 | <@himi> | Lots of global state is always messy |
| 21:29 | <&McMartin> | You can end up with "god objects" pretty easily, which are either almost as bad or exactly the solution you need depending on the precise scope of your problem |
| 21:30 | | * McMartin meanwhile is struggling with Gradle and Android build systems generally, is surrounded by an aura made of both fire and swords |
| 21:31 | <@himi> | You'd normally put the global methods in a separate module that would be imported in the various places you wanted to use them, with the __main__ code just doing setup and calling the useful functions |
| 21:32 | <@himi> | It's not exactly /elegant/, but it's not too bad |
| 21:33 | | * himi sees it a lot with configuration functions in OpenStack code |
| 21:42 | | gnolam [quassel@Nightstar-hsn6u0.cust.bahnhof.se] has quit [[NS] Quit: Z?] |
| 22:31 | | VirusJTG [VirusJTG@Nightstar-42s.jso.104.208.IP] has quit [Connection closed] |
| 22:31 | | Vornicus [Vorn@Nightstar-1l3nul.res.rr.com] has joined #code |
| 22:31 | | mode/#code [+qo Vornicus Vornicus] by ChanServ |
| 22:34 | | Degi [Degi@Nightstar-8jctgl.dyn.telefonica.de] has quit [[NS] Quit: Leaving] |
| 23:02 | | VirusJTG [VirusJTG@Nightstar-42s.jso.104.208.IP] has joined #code |
| 23:02 | | mode/#code [+ao VirusJTG VirusJTG] by ChanServ |
| 23:07 | | Kindamoody [Kindamoody@Nightstar-eubaqc.tbcn.telia.com] has quit [Connection closed] |
| 23:08 | | Emmy [Emmy@Nightstar-9p7hb1.direct-adsl.nl] has quit [Connection closed] |
| 23:09 | | Kindamoody|autojoin [Kindamoody@Nightstar-eubaqc.tbcn.telia.com] has joined #code |
| 23:09 | | mode/#code [+o Kindamoody|autojoin] by ChanServ |
| 23:18 | | [R] [rstamer@genoce.org] has quit [Ping timeout: 121 seconds] |
| 23:20 | | [R] [rstamer@Nightstar-d7h8ki.org] has joined #code |
| 23:20 | | mode/#code [+ao [R] [R]] by ChanServ |
| 23:43 | | Kindamoody|autojoin [Kindamoody@Nightstar-eubaqc.tbcn.telia.com] has quit [Connection reset by peer] |
| 23:48 | | Kindamoody|autojoin [Kindamoody@Nightstar-eubaqc.tbcn.telia.com] has joined #code |
| 23:48 | | mode/#code [+o Kindamoody|autojoin] by ChanServ |
| --- Log closed Fri Nov 10 00:00:07 2017 |