620 lines
31 KiB
HTML
620 lines
31 KiB
HTML
{% extends "_layout.html" %}
|
|
{% block title %}I2P Development Meeting 12{% endblock %}
|
|
{% block content %}
|
|
<h3>I2P (invisiblenet) Development Meeting 12</h3>
|
|
<div class="irclog">
|
|
Courtesy of <a href="http://www.archive.org/">the wayback machine</a>.
|
|
<p>
|
|
<p>--- Log opened Wed Sep 25 00:57:27 2002
|
|
<p>00:57 -!- Topic for #iip-dev: IIP meeting | logs: http://mids.student.utwente.nl/~mids/iip/
|
|
<p>00:57 [Users #iip-dev]
|
|
<p>00:57 [@mids] [ Dag] [ logger] [ nemesis] [ nop] [ Zwolly]
|
|
<p>00:57 -!- Irssi: #iip-dev: Total of 6 nicks [1 ops, 0 halfops, 0 voices, 5 normal]
|
|
<p>00:57 -!- Irssi: Join to #iip-dev was synced in 1 secs
|
|
<p>00:58 -!- mode/#iip-dev [+v logger] by mids
|
|
<p>01:00 <@mids> Tue Sep 24 23:00:38 UTC 2002
|
|
<p>01:00 <@mids> welcome et all
|
|
<p>01:00 <@mids> the 12th meeting just started
|
|
<p>01:01 <@mids> agenda:
|
|
<p>01:01 <@mids> 1) website
|
|
<p>01:01 <@mids> 2) nop's messages
|
|
<p>01:01 <@mids> 3) question round
|
|
<p>01:01 <@mids> website:
|
|
<p>01:01 <@mids> new invisibleNET site online - http://www.invisiblenet.net/ - new IIP site online - http://www.invisiblenet.net/iip/
|
|
<p>01:02 <@mids> for those who just joined:
|
|
<p>01:02 <@mids> new invisibleNET site online - http://www.invisiblenet.net/ - new IIP site online - http://www.invisiblenet.net/iip/
|
|
<p>01:02 <@mids> geeh
|
|
<p>01:02 <@mids> I keep busy
|
|
<p>01:02 < nop> ok
|
|
<p>01:02 < nop> pause a sec
|
|
<p>01:02 <@mids> for those who just joined:
|
|
<p>01:02 <@mids> hehe
|
|
<p>01:02 < nop> just add it to topic
|
|
<p>01:03 < nop> ok
|
|
<p>01:03 < nop> go
|
|
<p>01:03 < nop> ;(
|
|
<p>01:03 -!- mids changed the topic of #iip-dev to: IIP meeting | logs: http://mids.student.utwente.nl/~mids/iip/ | new invisibleNET site online - http://www.invisiblenet.net/ - new IIP site online - http://www.invisiblenet.net/iip/
|
|
<p>01:03 < nop> ;)
|
|
<p>01:03 <@mids> .
|
|
<p>01:04 -!- mode/#iip-dev [+o nop] by mids
|
|
<p>01:05 <@mids> any questions about this topic? otherwise we'll go to #2
|
|
<p>01:06 <@nop> ok
|
|
<p>01:06 <@nop> thanks to ellison
|
|
<p>01:07 <@nop> and the distributedcity crew
|
|
<p>01:07 <@nop> for helping out
|
|
<p>01:07 <@nop> with the website
|
|
<p>01:07 <@nop> we owe them a lot now ;)
|
|
<p>01:07 <@nop> ok
|
|
<p>01:07 <@nop> rc2 is coming out tomorrow
|
|
<p>01:07 <@nop> we're just packaging it up
|
|
<p>01:07 <@nop> and getting it ready for release
|
|
<p>01:07 <@nop> new features
|
|
<p>01:07 <@nop> are Forward Security
|
|
<p>01:08 <@nop> Close Delay protocol for killed connections
|
|
<p>01:08 <@nop> some bug fixes
|
|
<p>01:08 <@nop> and upgrade features for future versions
|
|
<p>01:08 <@nop> I think that's about it
|
|
<p>01:08 <@nop> thank you all you users
|
|
<p>01:08 <@nop> that use IIP
|
|
<p>01:08 <@nop> without you
|
|
<p>01:08 <@nop> the project would be a waste
|
|
<p>01:08 <@nop> ;)
|
|
<p>01:09 <@nop> so thank all of you for your loyalty and support by using the software
|
|
<p>01:09 <@nop> I think that's it for my daily comments ;)
|
|
<p>01:09 <@nop> oh
|
|
<p>01:09 <@nop> wait
|
|
<p>01:09 <@nop> thank you mids
|
|
<p>01:09 <@nop> for assisting me with the website setup
|
|
<p>01:09 <@nop> and for being patient with me
|
|
<p>01:09 <@nop> thank you codeshark
|
|
<p>01:09 <@nop> for setting up the software
|
|
<p>01:09 <@mids> your welcome :)
|
|
<p>01:09 <@nop> and handling inform
|
|
<p>01:09 <@nop> thank you userx wherever you ar
|
|
<p>01:10 <@nop> are
|
|
<p>01:10 <@nop> for your hard work on core development
|
|
<p>01:10 <@nop> and putting up with my ranting ;)
|
|
<p>01:10 <@nop> thanks to chocolate
|
|
<p>01:10 <@nop> for the informity and scripts that are needed
|
|
<p>01:10 <@nop> thanks to cohesion even though long gone, for documentation in the past
|
|
<p>01:10 <@nop> umm, like to thank the academy ... j/k
|
|
<p>01:11 <@nop> everyone who has contributed thank you all
|
|
<p>01:11 <@nop> .
|
|
<p>01:11 <@mids> 3 hurrays for nop
|
|
<p>01:11 <@mids> hurray
|
|
<p>01:11 < Zwolly> hurray
|
|
<p>01:11 < thecrypto> huzzah
|
|
<p>01:11 <@nop> haha
|
|
<p>01:11 < athena> that's 2 hurrays and 1 huzzah
|
|
<p>01:11 <@nop> oh and DC people have been whispering in my ear to thank the Lord
|
|
<p>01:11 <@nop> ;)
|
|
<p>01:12 < Neo> lol
|
|
<p>01:12 <@nop> well, on a side note, thank life for it is a neat thing ;) <-- no comments
|
|
<p>01:12 <@nop> .
|
|
<p>01:13 <@nop> any questions
|
|
<p>01:13 <@nop> suggestions
|
|
<p>01:13 <@nop> review
|
|
<p>01:13 <@nop> ideas
|
|
<p>01:13 <@nop> etc
|
|
<p>01:13 < Neo> congratulations on the new site, looks great.
|
|
<p>01:13 <@nop> ?
|
|
<p>01:13 <@nop> thnx
|
|
<p>01:13 <@mids> what is forward security?
|
|
<p>01:13 <@nop> encryption can only be decrypted at time of session
|
|
<p>01:13 <@nop> aka, you can't replay the messages
|
|
<p>01:13 <@nop> and decrypt them
|
|
<p>01:14 <@nop> as that key and signature doesn't exist anymore
|
|
<p>01:14 <@nop> and will not be useful
|
|
<p>01:14 <@nop> this is designed against log and replay attacks
|
|
<p>01:14 <@nop> .
|
|
<p>01:14 <@mids> thx
|
|
<p>01:14 < athena> will you require public proxies to support these new protocol additions? (methinks all proxies should be forced to upgrade)
|
|
<p>01:14 <@nop> athena
|
|
<p>01:14 <@nop> it's a mandatory upgrade
|
|
<p>01:14 <@nop> all relay holders
|
|
<p>01:14 <@nop> will need to upgrade
|
|
<p>01:15 <@nop> to rc2 relay
|
|
<p>01:15 <@nop> and re-announce
|
|
<p>01:15 < athena> ok, thanks
|
|
<p>01:16 < sferic> I guess I cam ein late and missed something, but do you mean that we can't log anymore?
|
|
<p>01:16 <@nop> no
|
|
<p>01:16 <@nop> you can log
|
|
<p>01:16 <@nop> what I'm saying
|
|
<p>01:16 <@nop> is
|
|
<p>01:16 <@nop> if you were a gov't agent
|
|
<p>01:16 <@nop> spying on a relay
|
|
<p>01:16 <@nop> and you were logging the encrypted traffic
|
|
<p>01:16 <@nop> you couldn't then come and seize the ircd end node
|
|
<p>01:16 <@nop> and use the network secret key
|
|
<p>01:16 <@nop> to replay the traffic
|
|
<p>01:16 <@nop> and decrypt it
|
|
<p>01:17 < sferic> Ahh, thanks
|
|
<p>01:17 <@nop> it eliminates the importance of the network secret key
|
|
<p>01:17 <@nop> it's useless
|
|
<p>01:17 <@nop> all it does is authenticate
|
|
<p>01:17 <@nop> nothing more
|
|
<p>01:17 <@nop> doesn't actually encrypt
|
|
<p>01:17 <@nop> this covers two things
|
|
<p>01:17 <@nop> man in the middle attack protection
|
|
<p>01:17 <@nop> and log and relay protection
|
|
<p>01:17 <@nop> aka forward security
|
|
<p>01:17 <@nop> ;)
|
|
<p>01:17 < Zwolly> is it now without central server.
|
|
<p>01:18 <@nop> not yet
|
|
<p>01:18 <@nop> that's 1.22
|
|
<p>01:18 <@nop> 1.2
|
|
<p>01:18 <@nop> correction
|
|
<p>01:18 <@nop> 1.2.0 to be exact
|
|
<p>01:18 <@nop> ;)
|
|
<p>01:18 <@nop> after 1.1 basically is finished
|
|
<p>01:18 <@mids> (I'd say that decentralization is 2.0)
|
|
<p>01:19 < Zwolly> how about system resources memory cpu and bandwith
|
|
<p>01:19 <@nop> well, 2.0 is a more perfect form of decentralization
|
|
<p>01:19 <@nop> 1.2 we will attempt decentralization
|
|
<p>01:20 < Tanthrix> how does true p2p work, you can't exactly scan IP blocks until you find someone? isn't some sort of a central server neccessary for initial connection?
|
|
<p>01:20 <@nop> bootstrap is needed
|
|
<p>01:20 <@nop> but once connected
|
|
<p>01:20 <@nop> you have your own peer routes
|
|
<p>01:20 <@nop> so we include a small node.ref
|
|
<p>01:20 <@nop> which connects you in
|
|
<p>01:20 <@nop> then from that point
|
|
<p>01:20 < athena> thanthrix: find some friends you trust and trade node.refs :)
|
|
<p>01:20 <@nop> you are dynamically updated from the network
|
|
<p>01:21 <@nop> yes
|
|
<p>01:21 <@nop> that's the idea
|
|
<p>01:21 <@nop> in a nice world
|
|
<p>01:21 <@nop> ;)
|
|
<p>01:21 < Tanthrix> hehehe
|
|
<p>01:21 <@mids> what if you dont have friends?
|
|
<p>01:21 <@nop> then try to trust the signature on our software ;)
|
|
<p>01:21 <@nop> haha
|
|
<p>01:21 <@nop> yeah right, digital trust is rarely possible
|
|
<p>01:22 < Dag> trust no one
|
|
<p>01:22 < Dag> heh
|
|
<p>01:22 < athena> awww...i'll be your friends, mids!
|
|
<p>01:22 <@mids> hurray
|
|
<p>01:22 < athena> huzzah
|
|
<p>01:22 < Tanthrix> and grey-eyed athena comes to the rescue..
|
|
<p>01:22 <@nop> hehe
|
|
<p>01:22 <@nop> this website kicks ass
|
|
<p>01:22 <@nop> far difference then the previous one
|
|
<p>01:23 <@mids> kinda :)
|
|
<p>01:23 <@nop> umm
|
|
<p>01:23 <@nop> yeah
|
|
<p>01:23 <@nop> that nice little under construction site sucked ass
|
|
<p>01:24 < Tanthrix> heh..the new invisiblenet site looks like a page for some web-based corporation
|
|
<p>01:25 <@mids> thanks... I guess :)
|
|
<p>01:25 * mids points at ellison ... he is the one to blame; he gets all fame
|
|
<p>01:25 < Tanthrix> hehehe
|
|
<p>01:25 * ellison hides under some eye candy in the corner
|
|
<p>01:26 < Zwolly> what is the gues about how stable it will be
|
|
<p>01:26 <@mids> Zwolly: Trent is running on a rc2 relay for 2 days now
|
|
<p>01:26 <@mids> without trouble
|
|
<p>01:27 < Zwolly> ok.
|
|
<p>01:27 <@mids> trent is the irc client/service with the heaviest traffic
|
|
<p>01:27 <@mids> so... I think it is okay
|
|
<p>01:27 < Zwolly> we will see
|
|
<p>01:27 <@nop> the reason
|
|
<p>01:27 < Zwolly> is it tomorrow already? hehe
|
|
<p>01:28 <@nop> for the middle of the road
|
|
<p>01:28 <@nop> corporate looking site
|
|
<p>01:28 <@nop> is called steganography
|
|
<p>01:28 <@nop> ;)
|
|
<p>01:28 <@nop> our evil black hat activities
|
|
<p>01:28 <@nop> wouldn't be good
|
|
<p>01:28 <@nop> if it's obvious
|
|
<p>01:28 <@nop> we're evil
|
|
<p>01:28 <@nop> now would it
|
|
<p>01:29 <@nop> so we blend in with the other evil
|
|
<p>01:29 <@nop> and they won't notice us
|
|
<p>01:29 <@nop> ;)
|
|
<p>01:29 <@nop> honestly though
|
|
<p>01:29 <@nop> it's just for attracting all audiences
|
|
<p>01:29 <@mids> in 2 month there will be an invisibleNET sponsored golf tournament
|
|
<p>01:29 <@nop> hahaha
|
|
<p>01:30 <@nop> oh and the palladium efforts
|
|
<p>01:30 <@nop> we bought it out
|
|
<p>01:30 <@nop> ;)
|
|
<p>01:31 <@nop> if you've noticed
|
|
<p>01:31 <@nop> we own www.invisiblenet.net, www.invisiblenet.com, and www.invisiblenet.org
|
|
<p>01:31 <@nop> we're evil
|
|
<p>01:31 <@nop> ;)
|
|
<p>01:31 <@nop> we've monopolized the market
|
|
<p>01:31 <@nop> we're bastards
|
|
<p>01:31 < Dag> what about getting one of those signs on the highway for cleaning up the roadside?
|
|
<p>01:31 <@nop> yeah
|
|
<p>01:31 <@nop> that's in the works
|
|
<p>01:31 <@nop> as well as OEM'ing with Microsucks, and Intel
|
|
<p>01:32 <@nop> haha
|
|
<p>01:32 <@mids> euh
|
|
<p>01:32 <@mids> you okay nop? :)
|
|
<p>01:32 < Zwolly> ok other question what to do if there are warez channels and some big stupid country lets say america for example want this network doun can it run on its own from the european nodes
|
|
<p>01:32 <@nop> yeah
|
|
<p>01:32 <@nop> yes
|
|
<p>01:32 <@nop> it will be possible to do that
|
|
<p>01:33 <@nop> plus
|
|
<p>01:33 <@nop> I advise for all warez activity
|
|
<p>01:33 < Dag> I thought there was no /dcc
|
|
<p>01:33 < Dag> in here
|
|
<p>01:33 <@nop> to use a !anonymous mode channel
|
|
<p>01:33 <@nop> doesn't mean you can't trade ftp sites
|
|
<p>01:33 < Dag> well
|
|
<p>01:33 <@nop> then for anyone monitoring
|
|
<p>01:33 <@nop> who is saying what
|
|
<p>01:33 < Dag> google trades warez ftp sites
|
|
<p>01:33 <@nop> is a bit more tricky
|
|
<p>01:33 <@nop> ;)
|
|
<p>01:33 <@nop> exactly
|
|
<p>01:33 < Dag> so does the newsgroups
|
|
<p>01:33 <@nop> I doubt that we're a threat to that
|
|
<p>01:33 < Dag> er do
|
|
<p>01:33 <@nop> our main concern is #pedophilia public channels
|
|
<p>01:34 < Dag> I did a /list one day
|
|
<p>01:34 <@nop> as they would be a concerned threat to the existance of IIP as a whole
|
|
<p>01:34 < Dag> and saw that channel in the list
|
|
<p>01:34 <@mids> nah
|
|
<p>01:34 < Dag> was a month or so ago
|
|
<p>01:34 <@mids> I wouldnt be too affraid about that
|
|
<p>01:34 <@nop> I like as little trouble as possible while were developing
|
|
<p>01:34 <@mids> this is pure text based
|
|
<p>01:34 <@nop> true
|
|
<p>01:34 < nemesis> k
|
|
<p>01:34 < nemesis> brb
|
|
<p>01:35 * nemesis decides to go out and tar the way to the loung ()ŻŻŻŻ)ŻŻŻŻŻŻŻŻŻŻŻŻŻŻ)))~~~~
|
|
<p>01:35 < Dag> freenet has been overwhelmed with that crap
|
|
<p>01:35 < Dag> at least last time I used frost
|
|
<p>01:35 < Dag> it was a VERY high percentage of that crap on there
|
|
<p>01:35 < athena> comes with the territory
|
|
<p>01:35 < Dag> I think it would be good for people to spam freenet with random non porn images and media files
|
|
<p>01:36 <@nop> yeah
|
|
<p>01:36 <@nop> it's unfortunate
|
|
<p>01:36 < Dag> just to make the percentage of crap go down
|
|
<p>01:36 <@mids> I am using freenet for 3 or 4 years now and I have never seen any pedo crap...
|
|
<p>01:36 <@nop> I accidentally downloaded trash on my hardrive because of their shit
|
|
<p>01:36 <@nop> sickening
|
|
<p>01:36 <@nop> I found one
|
|
<p>01:36 <@mids> if you dont look for it, I dont think you will run into much
|
|
<p>01:36 <@nop> by accident
|
|
<p>01:36 <@nop> not true
|
|
<p>01:36 <@nop> stuff gets renamed stuf
|
|
<p>01:37 < Dag> mids I just had frost list all the files available
|
|
<p>01:37 < Dag> as there are not many
|
|
<p>01:37 < Dag> maybe a few hundred files max
|
|
<p>01:37 < Dag> its not like gnutella
|
|
<p>01:37 <@mids> well, if you view each of them.. you will probably run into stuff
|
|
<p>01:37 < Dag> I didnt download anything
|
|
<p>01:37 <@mids> but I have no reason to view a msc0001a.jpg
|
|
<p>01:38 < Dag> I just saw the listings
|
|
<p>01:38 < ellison> you guys seen www.bitzi.com?
|
|
<p>01:38 < Dag> no
|
|
<p>01:38 < Dag> isnt that some spyware
|
|
<p>01:38 < ellison> it is a database of tons of files on p2p networks
|
|
<p>01:38 < athena> no
|
|
<p>01:38 <@nop> mids
|
|
<p>01:38 < athena> the fingerprint mp3s
|
|
<p>01:38 <@nop> check iip-dev
|
|
<p>01:38 < ellison> you can enter a filename and size, and it'll tell you what it is
|
|
<p>01:38 <@nop> this can't be true
|
|
<p>01:38 <@nop> we have a few debian users
|
|
<p>01:38 <@mids> nop: iip-dev email?
|
|
<p>01:38 <@nop> yes
|
|
<p>01:38 < Dag> ellison who is funding it?
|
|
<p>01:39 < ellison> dag: dunno
|
|
<p>01:40 < Dag> ellison I would bet its the riaa
|
|
<p>01:40 < ellison> "Bitzi is a privately-held metadata publishing company based in San Francisco."
|
|
<p>01:40 < Dag> or some such org
|
|
<p>01:40 < Dag> ellision who pays the bills
|
|
<p>01:40 < Dag> follow the $$$$$
|
|
<p>01:40 < ellison> doubt it, I think you can use their service to differentiate between valid media files and the fake stuff uploaded by RIAA
|
|
<p>01:41 < ellison> the founder posted on a RIAA thread and mentioned this use of the system
|
|
<p>01:41 < Dag> find out who funds it
|
|
<p>01:41 < ellison> i brought up their site because it seems to be a good way of avoiding nasty re-named stuff
|
|
<p>01:41 < athena> bitzi is cool... their stuff is opensource
|
|
<p>01:41 < Dag> one thing is certain in this day and age
|
|
<p>01:41 < ellison> there's no reason you couldn't submit freenet files to the service
|
|
<p>01:42 < ellison> dag: there would be concern if there was any evidence that they are funded by the RIAA, but it doesn't look like it to me
|
|
<p>01:42 < Dag> ellison a md5->file content database
|
|
<p>01:42 < Dag> would maybe work
|
|
<p>01:42 < Dag> but can be abused as well
|
|
<p>01:42 < Dag> its all about who controlls the data
|
|
<p>01:43 * athena controls the data
|
|
<p>01:43 < Dag> mallicous people can change the file slightly anyhow
|
|
<p>01:43 < ellison> if course there is an issue of trust, but if you don't trust anyone then it'll be difficult to take part in a service-based economy...
|
|
<p>01:43 < ellison> then the signature would change
|
|
<p>01:44 < Dag> yes
|
|
<p>01:44 < Dag> I am addressing your wanting to avoid known bad files
|
|
<p>01:44 < ellison> if lots of people use bitzi, then all it takes is one person downloading and reporting a bad file
|
|
<p>01:45 < Dag> I could write a gnutella server to on the fly randomly tag on some byte
|
|
<p>01:45 < Dag> to a file
|
|
<p>01:45 < ellison> and bitzi will be a more and more valuable service as the RIAA begins seeding P2P networks w/ crap...
|
|
<p>01:45 < Dag> and change the file sig each time
|
|
<p>01:45 < athena> bitzi is being integrated into limewire
|
|
<p>01:45 < ellison> people could go to bitzi and find out which files are the good ones, and only download those
|
|
<p>01:45 < Dag> I think that the riaa would find the service more usefull than not
|
|
<p>01:46 < Dag> they are doing the riaas job for them
|
|
<p>01:46 < ellison> it's also about finding the good ones - avoiding the bad ones is just 1/2 of the process
|
|
<p>01:46 < Dag> finding keys to stuff they own
|
|
<p>01:46 <@mids> hey aum
|
|
<p>01:46 < aum> hi mids
|
|
<p>01:47 <@nop> aum
|
|
<p>01:47 <@nop> it's most likely
|
|
<p>01:47 <@nop> the dh key exchange
|
|
<p>01:47 <@nop> maybe handshaking with a bad or out of date node, or so
|
|
<p>01:47 < aum> the max-out doesn't happen when i run iip as root
|
|
<p>01:47 < aum> only when i run as user
|
|
<p>01:47 <@nop> interesting
|
|
<p>01:47 < athena> huh?
|
|
<p>01:47 <@nop> have you checked your file descriptors for users
|
|
<p>01:47 <@nop> how many are allowed and such?
|
|
<p>01:48 < aum> well, all the files are owned by the same user as is running the daemno
|
|
<p>01:48 < aum> it's a severe max-out when i run as user - a 1.5GHz box grinds to a halt - even the mouse can barely move
|
|
<p>01:49 < Zwolly> people i need to go now it was fun and will install the new IIP as soon as possible (working at 7.00)
|
|
<p>01:49 < aum> compliments on the new website nop
|
|
<p>01:49 <@nop> thnx, thank ellison
|
|
<p>01:50 <@nop> he did it
|
|
<p>01:50 <@nop> ;)
|
|
<p>01:50 < aum> it looks so professional that one could expect to go to the download page, and see a link saying 'download 30-day demo'
|
|
<p>01:50 < aum> free software websites are rarely designed so professionally
|
|
<p>01:50 <@mids> :)
|
|
<p>01:50 <@nop> nor are they documented so well either
|
|
<p>01:51 <@mids> nor do they have such cool irc channels
|
|
<p>01:51 <@nop> we have kind of put the profesionallism back into open source ;)
|
|
<p>01:51 <@nop> I spelled that badly
|
|
<p>01:51 <@nop> haha
|
|
<p>01:51 < aum> the word 'free' needs to appear on the front page IMO
|
|
<p>01:51 <@nop> Professionalism
|
|
<p>01:51 <@nop> it says open
|
|
<p>01:51 <@nop> and available
|
|
<p>01:51 <@nop> etc
|
|
<p>01:51 < aum> the word 'open' is being used more and more with commercial software
|
|
<p>01:51 <@nop> well, if people don't read
|
|
<p>01:51 <@nop> they can't be educated
|
|
<p>01:52 <@nop> and they shouldn't be running IIP anyway
|
|
<p>01:52 < ellison> :-)
|
|
<p>01:53 < aum> i saw a freaky film the other night - 'fight club'
|
|
<p>01:53 <@nop> finally?
|
|
<p>01:53 <@nop> haha
|
|
<p>01:53 <@nop> read the book
|
|
<p>01:53 <@nop> it's worse
|
|
<p>01:53 < aum> wow!
|
|
<p>01:53 <@mids> night all
|
|
<p>01:53 < aum> good concept - taking down the credit card databases
|
|
<p>01:53 < aum> night mids
|
|
<p>01:53 < ellison> night mids
|
|
<p>01:54 <@nop> night mids
|
|
<p>01:54 <@nop> thnx again
|
|
<p>01:54 <@nop> for your help
|
|
<p>01:54 < nemesis> gn8 mids
|
|
<p>01:54 * aum wonders if iip can take advantage of palladium features
|
|
<p>01:55 * nop wonders what aum means by that
|
|
<p>01:55 < aum> palladium could be a huge boon for p2p
|
|
<p>01:55 <@nop> yes
|
|
<p>01:55 <@nop> did you get my ip stego app?
|
|
<p>01:55 < aum> palladium creates a private task space that not even root can access
|
|
<p>01:55 < aum> back in 5...
|
|
<p>01:55 <@nop> k
|
|
<p>02:02 <@nop> ok
|
|
<p>02:02 < aum> back
|
|
<p>02:02 <@nop> wb
|
|
<p>02:03 < aum> palladium can help piracy
|
|
<p>02:03 < Dag> anyone here run vmware?
|
|
<p>02:03 <@nop> I'm not convinced that palladium will be secure against the security researchers of the world
|
|
<p>02:03 < aum> yes
|
|
<p>02:03 <@nop> I do
|
|
<p>02:03 <@nop> I run it
|
|
<p>02:03 < aum> ditto
|
|
<p>02:03 < Dag> how good a sandbox is it?
|
|
<p>02:03 <@nop> great
|
|
<p>02:03 < aum> brilliant
|
|
<p>02:03 <@nop> I use it for my windows stuff
|
|
<p>02:03 < Dag> that is my only real interest for it
|
|
<p>02:03 <@nop> while running linux as the main one
|
|
<p>02:03 <@nop> oh yeah
|
|
<p>02:03 < Dag> is a sandbox potentia;
|
|
<p>02:04 <@nop> yes
|
|
<p>02:04 <@nop> it's great
|
|
<p>02:04 <@nop> easy to set up too
|
|
<p>02:04 < aum> beautiful thing about vmware is that you can choose to discard all disk changes
|
|
<p>02:04 < Dag> well
|
|
<p>02:04 < Dag> i imagine it leaks data to the swap
|
|
<p>02:04 < aum> so if you install some windows fuckware, it's easy to get rid of it without having to hunt through c:\windows and registry etc
|
|
<p>02:04 < Dag> well yes
|
|
<p>02:05 < Dag> just delete the install
|
|
<p>02:05 < Dag> I keep a good install file
|
|
<p>02:05 < Dag> that has nothing on it
|
|
<p>02:05 < aum> i like how vers 3 does usb
|
|
<p>02:06 < Dag> its an amazing little app
|
|
<p>02:06 < Dag> wish it was open sourced
|
|
<p>02:06 < Dag> I looked at some open source attemps
|
|
<p>02:06 < Dag> at the same thing
|
|
<p>02:07 < Dag> and seemed to be stagnating
|
|
<p>02:07 < Dag> bochs and the like
|
|
<p>02:07 < aum> bochs is a nightmare
|
|
<p>02:07 < nemesis> AS/400 are better than vmware ;p
|
|
<p>02:08 < Dag> plex86 was another one I think
|
|
<p>02:08 < Dag> I have run vmware and ran some tools like filemon and regmon
|
|
<p>02:08 < Dag> etc
|
|
<p>02:09 < Dag> and they seem to show that its a decent sandbox
|
|
<p>02:09 < Dag> its not writting or reading to anything unusual
|
|
<p>02:09 < Dag> from waht I saw
|
|
<p>02:09 < Dag> winternals software rules
|
|
<p>02:09 < Dag> sysinternals/winternals that is
|
|
<p>02:10 < Dag> tcpview pro is another of their tools I like
|
|
<p>02:10 < Dag> erd commander is another
|
|
<p>02:11 < Dag> I am hoping someday soon that linux/bsd can have better ntfs support
|
|
<p>02:12 < Dag> read only access (stable) is pretty limiting
|
|
<p>02:14 <@nop> I'm so excited
|
|
<p>02:14 <@nop> this toorcon speech might get me killed ;)
|
|
<p>02:14 < nemesis> hrhr
|
|
<p>02:14 < nemesis> nooo nooo
|
|
<p>02:15 < nemesis> i linke the read only
|
|
<p>02:15 <@nop> sorry
|
|
<p>02:15 <@nop> I'm all interrupting
|
|
<p>02:15 <@nop> ;)
|
|
<p>02:15 < nemesis> because i stored some files in a ntfs5.1 part
|
|
<p>02:15 < nemesis> ;)
|
|
<p>02:15 < aum> nop - you better have a fast car out the back, and deliver the speech in a ski mask
|
|
<p>02:16 <@nop> did you read what I'm talking about
|
|
<p>02:16 <@nop> www.toorcon.org
|
|
<p>02:16 < aum> actually, a ski mask would be a good gimmick - that, and a throat-mike wired up to a harmoniser box to change your voice
|
|
<p>02:16 <@nop> and no I don't care if people know who I am, it's a risk I have to take for starting IIP anyway
|
|
<p>02:17 <@nop> haha
|
|
<p>02:17 <@nop> I have a friend who's an expert in make-up and disguise
|
|
<p>02:17 <@nop> could do that too
|
|
<p>02:17 < Dag> nop is it tammy faye"?
|
|
<p>02:17 < Dag> katherine harris?
|
|
<p>02:17 < aum> room will be fulla spooks
|
|
<p>02:18 <@nop> http://www.toorcon.org/speakers/james.html
|
|
<p>02:20 <@nop> making gov't irrelevant is the underlying tone
|
|
<p>02:21 <@nop> I contradict the keynote speaker
|
|
<p>02:21 <@nop> who works for nasa
|
|
<p>02:23 < Dag> nasa is evil
|
|
<p>02:23 < Dag> richard hoagland says so
|
|
<p>02:23 < Dag> they are withholding proof aliens exist
|
|
<p>02:24 <@nop> hehe
|
|
<p>02:24 < Dag> they bombed the face on mars
|
|
<p>02:24 <@nop> aum is quiet
|
|
<p>02:24 <@nop> hehe
|
|
<p>02:24 < Dag> to cover up that it really looked like a face
|
|
<p>02:24 < Dag> even in high res scans
|
|
<p>02:25 < Dag> if it were not for nasa, we would each have our own starship cruisers
|
|
<p>02:25 < Dag> and vacation planets as we speak
|
|
<p>02:25 < Dag> hell they even wont let that backstreet boy
|
|
<p>02:25 < Dag> on their stupid space station
|
|
<p>02:25 <@nop> haha
|
|
<p>02:25 <@nop> nsync but yeah
|
|
<p>02:26 < Dag> they dont want him to see who their real masters are
|
|
<p>02:26 <@nop> haha
|
|
<p>02:26 < Dag> and I dont mean the american taxpayer
|
|
<p>02:26 <@nop> yep
|
|
<p>02:27 < Dag> the government is not run by the taxpayer
|
|
<p>02:27 <@nop> you know what I notice
|
|
<p>02:27 <@nop> every corporate position in a company
|
|
<p>02:27 < Dag> I think the fairest govt would be one were the number of votes you have is in line with the taxes you pay
|
|
<p>02:27 <@nop> is desired by a selfish person
|
|
<p>02:27 <@nop> right
|
|
<p>02:27 < Dag> maybe 1 vote for each 5k in taxes you pay
|
|
<p>02:28 < Dag> the government is run on theft
|
|
<p>02:28 < Dag> steal steal steal
|
|
<p>02:29 < Dag> rms is a commie too
|
|
<p>02:29 < Dag> did you know that
|
|
<p>02:29 <@nop> that's why they punish drug dealers
|
|
<p>02:29 <@nop> because the gov't is stealing the money they make
|
|
<p>02:29 <@nop> you notice
|
|
<p>02:29 <@nop> they always wait
|
|
<p>02:29 <@nop> till the dealer
|
|
<p>02:29 <@nop> is making big money
|
|
<p>02:29 <@nop> to get their bust
|
|
<p>02:29 <@nop> they don't care about the lowly pot dealer
|
|
<p>02:29 <@nop> they always like to let it continue
|
|
<p>02:29 <@nop> till they know
|
|
<p>02:29 < Dag> the us govt is the biggest drug dealer out there
|
|
<p>02:29 <@nop> there is serious money coming in
|
|
<p>02:30 <@nop> then bam
|
|
<p>02:30 <@nop> robbin' from the dealer
|
|
<p>02:30 < Dag> bo gritz says so
|
|
<p>02:30 < Dag> harry brown for president
|
|
<p>02:30 < Dag> enuf said
|
|
<p>02:30 <@nop> hehe
|
|
<p>02:30 <@nop> charlie brown for president
|
|
<p>02:31 < Dag> what about snoopy
|
|
<p>02:31 <@nop> he's cool
|
|
<p>02:31 <@nop> he doesn't say much
|
|
<p>02:31 <@nop> so yeah
|
|
<p>02:31 < Dag> he always seemed level headed
|
|
<p>02:31 < Dag> cept he hung out with that bird a little to much
|
|
<p>02:31 < Dag> charlie brown was easily duped
|
|
<p>02:32 < Dag> how many times he try to kick that damn football?
|
|
<p>02:33 * aum is back
|
|
<p>02:33 < Dag> how big is a freenet install?
|
|
<p>02:33 <@nop> not big, 200 megs
|
|
<p>02:33 <@nop> for datastore
|
|
<p>02:33 <@nop> ;)
|
|
<p>02:33 < aum> default freenet datastore is 1GB these days
|
|
<p>02:34 < Dag> yikes
|
|
<p>02:34 <@nop> what?
|
|
<p>02:34 < aum> on another subject, i uninstalled gentoo last night and went back to debian => bliss
|
|
<p>02:34 <@nop> really?
|
|
<p>02:34 < aum> the source-based distros are too flaky just now
|
|
<p>02:34 < Dag> go back to freebsd
|
|
<p>02:35 < Dag> er forward
|
|
<p>02:35 < Dag> heh
|
|
<p>02:35 < aum> debian 4 me - huge catalog of software, ready to urn
|
|
<p>02:35 < aum> s/urn/run/
|
|
<p>02:35 < Dag> well you running it as a server or desktop?
|
|
<p>02:35 < aum> debian stuff works wight out of the box - no need to read megs of manuals and grope through scripts
|
|
<p>02:36 < Dag> I always compile my servers
|
|
<p>02:36 < aum> i've had debian woody on my server for over a year - switched desktop from windows back in feb
|
|
<p>02:37 < aum> my desktop went windoes -> mandrake -> debian -> sourcemage -> gentoo -> debian
|
|
<p>02:37 < Dag> you ever try knoppix?
|
|
<p>02:37 < aum> what's that?
|
|
<p>02:37 < aum> a distro?
|
|
<p>02:37 < Dag> is a livefilesystem linux distro
|
|
<p>02:37 < Dag> based off debian
|
|
<p>02:37 < aum> huh?
|
|
<p>02:37 < aum> what does 'livefilesystem' mean?
|
|
<p>02:37 < Dag> the whole thing runs in ram and cd
|
|
<p>02:38 < Dag> boot off the cd
|
|
<p>02:38 < Dag> and away you go
|
|
<p>02:39 < Dag> its pretty good about hw detection
|
|
<p>02:39 < Dag> runs kde and even has openoffice
|
|
<p>02:39 < Dag> heh
|
|
<p>02:39 < Dag> I dont run any linux servers anymore
|
|
<p>02:39 < Dag> but its fun to have around
|
|
<p>02:39 < aum> Dag: freeBSD?
|
|
<p>02:40 < Dag> free/openbsd
|
|
<p>02:40 < Dag> solaris
|
|
<p>02:40 < aum> what's the big advantage?
|
|
<p>02:40 < Dag> depending on HW
|
|
<p>02:40 < Dag> openbsd has a good security audit
|
|
<p>02:40 < Dag> of anything they release
|
|
<p>02:40 < Dag> no distro of linux even comes close
|
|
<p>02:41 < aum> but linux 'ploits get fixed within 24 hours
|
|
<p>02:41 <@nop> true
|
|
<p>02:41 < Dag> do you check for exploits and patch every day?
|
|
<p>02:41 <@nop> I do
|
|
<p>02:41 < Dag> well
|
|
<p>02:41 < Dag> come now
|
|
<p>02:41 < Dag> heh
|
|
<p>02:41 <@nop> I'm on bugtraq
|
|
<p>02:41 <@nop> and I sometimes post
|
|
<p>02:41 <@nop> so I keep my eye out
|
|
<p>02:42 < Dag> openbsd has had ONE remote exploit in 6 years
|
|
<p>02:42 <@nop> it's my daytime job
|
|
<p>02:42 <@nop> openBSD is very conscious
|
|
<p>02:42 <@nop> which is good
|
|
<p>02:42 <@nop> proves
|
|
<p>02:42 <@nop> that all it takes
|
|
<p>02:42 <@nop> is more conscious coders
|
|
<p>02:42 <@nop> and a conscious framework
|
|
<p>02:43 < Dag> if you install redhat without patches
|
|
<p>02:43 < Dag> its a guarantee you will be hacked
|
|
<p>02:43 < Dag> I use to work in a NOC
|
|
<p>02:43 < Dag> it would piss me off when other lazy coworkers would install rh 6.2 etc
|
|
<p>02:43 < Dag> for a client
|
|
<p>02:44 < Dag> and never put any patches on
|
|
<p>02:44 < Dag> one guy worked there 3 years and his idea of rebooting a box was to hit the power switch
|
|
<p>02:46 < aum> power switch? did he think it was windows?
|
|
<p>02:46 < nemesis> lol
|
|
<p>02:46 * aum sometimes sees the linux BSOD screensaver
|
|
<p>02:47 < Dag> there was a time like 4 years back that anyone could get a tech job
|
|
<p>02:47 < Dag> now people who have a brain and experience
|
|
<p>02:47 < Dag> cant find sh*t
|
|
<p>02:47 < aum> an open source advocate here in new zealand wrote to the Minister for Information Technology expressing concerns about windows security vulnerabilities - Minister wrote back saying "we don't have a security problem - we use firewalls"
|
|
<p>02:48 < Dag> you hear the latest with XP and their help center allowing you to delete files by visiting a url
|
|
<p>02:48 < Dag> heh
|
|
<p>02:48 < Dag> there is a story at the register uk about it
|
|
<p>02:49 < Dag> there is even a link to have the exploit remove the help center from your machine
|
|
<p>02:49 < Dag> and in doing so removes the ablity to be exploited
|
|
<p>02:50 < Dag> Win-XP Help Center request wipes your HD
|
|
<p>02:50 < Dag> http://www.theregister.co.uk/content/4/27074.html
|
|
<p>03:03 < nemesis> erm, sorry
|
|
<p>03:03 < nemesis> question
|
|
<p>03:03 < nemesis> can i ban an port with bind to an nic?
|
|
<p>04:14 < nemesis> cu@all für genau 50 mins ins bett legen dann duschen und in arbeit fahren *grummel*
|
|
<p>08:05 < nop> sheesh
|
|
<p>08:05 < nop> still here
|
|
<p>--- Log closed Wed Sep 25 10:20:49 2002
|
|
</div>
|
|
{% endblock %}
|