superfly | morning everyone ;-) | 04:46 |
---|---|---|
superfly | cocooncrash: this sounds a little FUDy to me... http://codahale.com/how-to-safely-store-a-password/ | 05:37 |
sakhi | morning superfly | 06:15 |
superfly | morning sakhi! | 06:36 |
superfly | inetpro: that blog post is more FUD than fact... sure it takes longer, but that doesn't make it any safer | 06:46 |
superfly | just longer to crach | 06:46 |
superfly | *crack | 06:46 |
* inetpro that were my thoughts as well | 06:47 | |
inetpro | superfly: its interesting nevertheless | 06:48 |
cocooncrash | superfly: It's true | 07:16 |
cocooncrash | Password hashing should be slow. | 07:16 |
cocooncrash | (Nimbula uses bcrypt ;-) ) | 07:17 |
cocooncrash | Maaz: 62**8 | 07:20 |
Maaz | cocooncrash: 218340105584896 | 07:20 |
cocooncrash | Maaz: 218340105584896/700000000/3600 | 07:20 |
Maaz | cocooncrash: 86.6428990416 | 07:20 |
cocooncrash | Just over 3 days to bruteforce an 8 character alphunumeric password hashed with MD5 using 4 GPUs. | 07:22 |
cocooncrash | s/MD5/SHA1/ | 07:42 |
cocooncrash | (See also scrypt, which is designed to protect against hardware attacks by forcing more memory to be used.) | 07:43 |
cocooncrash | http://www.tarsnap.com/scrypt.html | 07:43 |
superfly | cocooncrash: but it doesn't make it more difficult to hack, just slower | 07:46 |
cocooncrash | http://chargen.matasano.com/chargen/2007/9/7/enough-with-the-rainbow-tables-what-you-need-to-know-about-s.html | 07:46 |
cocooncrash | superfly: Which is the whole point | 07:46 |
cocooncrash | Days is feasible, centuries is not. | 07:46 |
cocooncrash | Maaz: 86.6428990416 * 1000 / 24 | 07:50 |
Maaz | cocooncrash: 3610.1207934 | 07:50 |
cocooncrash | If you use a hash function 1000 times slower than SHA1, then it'll take abotu 10 years to bruteforce an 8 character password. | 07:50 |
superfly | cocooncrash: like I said, slower doesn't mean safer... it's a side effect that the person will probably give up, but I wouldn't call that "safe" | 07:52 |
cocooncrash | But if you change your password once a year, it becomes highly unlikely that it'll be bruteforce if the expected time is 5 years | 07:53 |
cocooncrash | If the expected time is a day or two it becomes very possible | 07:54 |
cocooncrash | superfly: All cryptography is based on the premise that it is not feasible to bruteforce | 07:55 |
tumbleweed | it's also pretty safe to say anything you encrypt today can be trivially decrypted in the future | 07:56 |
cocooncrash | If you use bcrypt with a 100ms hashing time, the expected time becomes centuries. | 07:56 |
cocooncrash | Maaz: 218340105584896 / 10 / 50000 / 4 / 3600 / 24 | 07:57 |
Maaz | cocooncrash: 1263.54227769 | 07:57 |
cocooncrash | 3 years to bruteforce an 8 character password with 100ms bcrypt hashing using the whole of EC2. | 07:59 |
Tonberry | damn | 07:59 |
cocooncrash | Maaz: 62**10 / 10 / 50000 / 4 / 3600 / 24 / 365 | 07:59 |
Maaz | cocooncrash: 13307.0041519 | 07:59 |
cocooncrash | 13 centuries for a 10 character passsword. | 08:00 |
* drubin likes this conversation | 08:32 | |
drubin | superfly: Where did that link just randomly come from? | 08:33 |
superfly | drubin: you mean where did I find it? | 08:57 |
drubin | superfly: Well you kinda popped out of the blue and pasted that link to cocooncrash | 08:58 |
drubin | jut wanted to know context (although it was interesting0 | 08:58 |
superfly | drubin: just that I tihnk cocooncrash has recommended bcrypt to be before | 08:59 |
tumbleweed | marcog: your xdg-open bug got accepted into maverick-proposed. Care to test it? | 08:59 |
marcog | tumbleweed: i've starred it, will test | 08:59 |
queery | Ubuntu hour Sunday 12pm Gino's, Stellenbosch | 10:33 |
queery | http://loco.ubuntu.com/events/team/666/detail/ | 10:46 |
inetpro | drubin: I tweeted it but seriously, don't ask me where I got it, I can't remember | 11:19 |
drubin | inetpro: tweeted what? | 11:29 |
inetpro | 02/02 10:33:06 <drubin> superfly: Where did that link just randomly come from? | 11:29 |
drubin | inetpro: Ah hehe | 11:31 |
tumbleweed | marcog: nice, someone else dealt with it | 11:58 |
marcog | tumbleweed: i assume that means i don't have to do anything? | 11:59 |
tumbleweed | indeed | 11:59 |
marcog | obviously it was quite the me too bug | 12:00 |
tumbleweed | marcog: I suffered that bug for ages :) | 12:00 |
marcog | with chrome? | 12:01 |
tumbleweed | chromium | 12:01 |
marcog | same thing :P | 12:01 |
tumbleweed | not at all | 12:01 |
marcog | same thing | 12:01 |
tumbleweed | nobody even knows what's in chrome | 12:01 |
froztbyte | Maaz: reverse karmaladder | 12:03 |
Maaz | froztbyte: 0: ubuntuforums (-3), 1: tomtom (-2), 2: empathy (-2), 3: hal (-1), 4: virtualbox (-1), 5: KnightRider (-1), 6: car services (-1), 7: kde (-1), 8: ucf (-1), 9: virtualenv (-1), 10: drl (-1), 11: wordpress (-1), 12: Nokia (-1), 13: opendns (-1), 14: digests (-1), 15: kspread (-1), 16: --. --- --- -.. -- --- .-. -. .. -. (-1), 17: Nepomuk (-1), 18: Virtuoso (-1), 19: Strigi (-1), 20: KDE's Desktop Search (-1), 21: sars (0), 22: w | 12:03 |
tumbleweed | seems like we are rather positive around here | 12:03 |
froztbyte | Maaz: karmaladder | 12:03 |
Maaz | froztbyte: 0: superfly (20), 1: cocooncrash (18), 2: maiatoday (11), 3: drubin (10), 4: tumbleweed (10), 5: Vhata (8), 6: morgs (7), 7: confluency (6), 8: highvoltage (6), 9: Kilos (6), 10: ubuntu-za (2), 11: nuvolari (2), 12: russell (2), 13: Symmetria (2), 14: |3o|3 (2), 15: yusuf (2), 16: youtube-dl (1), 17: ScorpKing (1), 18: Web Africa (1), 19: Lenovo (1), 20: fnb (1), 21: ibid devs (1), 22: Hodgestar (1), 23: Android (1), 24: doghouse | 12:03 |
linuxboy | Maaz: morsecode --. --- --- -.. -- --- .-. -. .. -. | 12:04 |
Maaz | linuxboy: Encodes as -.-. --- -.. . -....- -....- .-.-.- -....- -....- -....- -....- -....- -....- -....- .-.-.- .-.-.- -....- -....- -....- -....- -....- .-.-.- -....- .-.-.- -....- .-.-.- .-.-.- .-.-.- -....- .-.-.- | 12:04 |
tumbleweed | Maaz: morse --. --- --- -.. -- --- .-. -. .. -. | 12:04 |
Maaz | tumbleweed: Decodes as GOOD MORNIN | 12:04 |
superfly | how did I get up there? | 12:06 |
tumbleweed | Maaz: superfly ftw [[ clearly ]] | 12:07 |
queery | bye | 15:07 |
superfly | cocooncrash: that grub error i'm getting is actually "out of disk" | 15:54 |
cocooncrash | superfly: Hrm | 15:54 |
cocooncrash | return grub_error (GRUB_ERR_OUT_OF_RANGE, "%s out of disk", disk->name); | 15:55 |
cocooncrash | superfly: Looks like a geometry issue actually | 15:56 |
superfly | nope, no disk name, just "error: out of disk." | 15:56 |
cocooncrash | Oh | 15:56 |
cocooncrash | So that seems to happen if it's got a sector number that lies outside the disk | 15:57 |
superfly | I booted into a live cd and did a grub-install, so now I get "GRUB loading." and then "error: out of disk.", and then the grub rescue prompt | 15:57 |
cocooncrash | Only thing I can think of is that the partition table has a partition extending past the last sector | 15:57 |
nuvolari | ooh :> I have karma :D | 16:00 |
nuvolari | ok, home time | 16:00 |
cocooncrash | gtg | 16:00 |
Kilos | evening superfly and every one else | 16:04 |
Kilos | we got data again yoohoo | 16:04 |
Kilos | used gumtree for the first time | 16:05 |
Kilos | lo bmg505 how do you do | 16:06 |
superfly | Kilos: I got ADSL, uncapped, no more data worries for me | 16:06 |
Kilos | hehe that so lekker superfly | 16:06 |
Kilos | is it darem faster | 16:06 |
superfly | I already downloaded like 9 or 10 gigs last night | 16:07 |
superfly | Kilos: no, it's about the same speed as my HSDPA | 16:07 |
Kilos | aw | 16:07 |
Kilos | mind you with ians modem here on hsdpa it was fast at times | 16:07 |
Kilos | much better than a cell | 16:08 |
superfly | Kilos: ja, I had the super fast modem | 16:08 |
Kilos | oh well, at least you rid of the data cap hassle | 16:09 |
Kilos | and the costs of course | 16:09 |
superfly | when I get that sorted out, yes | 16:09 |
superfly | for this month (and probably next) I'm paying double :-( | 16:09 |
Kilos | eish | 16:10 |
Kilos | at least now I can do a clean install here and get rid of that bug | 16:11 |
superfly | ah, cocooncrash... "19457 cylinders" ... "19267 - 19458" | 16:12 |
superfly | that doesn't look quite right | 16:12 |
cocooncrash | That looks a bit dubious | 16:22 |
cocooncrash | Try to work in sectors though, fdisk should set CHS sensibly | 16:22 |
cocooncrash | fdisk -u | 16:23 |
superfly | yeah, i've done that - still getting that error | 16:43 |
neil__ | hey all nlsthzn here *waves*... how to upgrade from Kubuntu 10.10 to 11.04... ubuntu is easy, I am finding Kubuntu a bitt less so | 16:44 |
superfly | neil__: how are you doing it? via alternate CD or via apt-get and friends? | 16:45 |
neil__ | want to use apt-get or what ever means to do it via the net... ubuntu I would just run update-manager -d -c but in Kubuntu I am stumped :/ | 16:46 |
bmg505 | 10 months and 23 days to xmas :) | 16:48 |
bmg505 | hello south africa | 16:48 |
neil__ | so long to wait for x-mas QQ | 16:49 |
neil__ | just run do-release-upgrade and added a -d and something is happening... cheers | 16:52 |
Kilos | hi neil__ bmg505 | 16:52 |
Kilos | bmg505, where are you | 16:52 |
neil__ | Kilos: hey uncle :) | 16:53 |
Kilos | hehe | 16:53 |
neil__ | thanks... IRC server going down for maintenance... catch u guys later | 16:55 |
Kilos | cheers neil__ | 16:55 |
superfly | cocooncrash: I just did a complete reinstall, and I still get that stupid error | 17:31 |
superfly | recreated the partitions, everything | 17:31 |
Morganvd | hey folks | 17:46 |
superfly | ohi | 17:50 |
* superfly restarts to experience KDE 4.6 | 17:50 | |
Morganvd | lol | 18:00 |
Morganvd | superfly: you having issues | 18:01 |
* Symmetria contemplates doing remote medical procedures over south african internet | 18:02 | |
* Symmetria is scared at the very thought | 18:02 | |
Symmetria | "Sorry about the 3 dead people, the internet went down" | 18:03 |
Kilos | hehe | 18:03 |
Symmetria | "Please do nawt be fishing the med today, if you cut SEMEWE people gonna dieeeee" | 18:03 |
Kilos | night all. sleep tight | 19:22 |
cocooncrash | superfly: Oh bleh | 19:34 |
superfly | indeed | 19:34 |
cocooncrash | Try using grub-legacy? | 19:36 |
cocooncrash | fp | 22:00 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!