charlie-tca | alpha3 fails for accessibility install; orca starts and quits immediately when you get to the live desktop | 00:32 |
---|---|---|
Pendulum | :( | 00:33 |
charlie-tca | I think there is too much crashing to make it usable by orca | 00:33 |
hajour | hai Pendulum and charlie-tca | 00:37 |
=== jono_ is now known as jono | ||
hajour | we just discovered undifined was hacked today .and the hacker comes root straight away | 00:38 |
hajour | he use the owner his name | 00:38 |
hajour | to do things under the ownders name | 00:38 |
hajour | what seams to have happen to by jacky possible | 00:39 |
hajour | we now let all teammembers from speechcontrol and wintermute check there pc s | 00:40 |
hajour | he was in 5 attempts true ssh | 00:40 |
hajour | in amazingly fast way | 00:40 |
Pendulum | :( | 00:40 |
hajour | undi will give logs from it to help irc | 00:41 |
hajour | undi said i never have this fast way hacking | 00:41 |
hajour | he camre true ssh | 00:41 |
hajour | and undi have worked by government and by europese license office | 00:42 |
charlie-tca | If a hacker got in through ssh, can he tell who it was? | 00:42 |
hajour | so he know from security | 00:42 |
hajour | its a a ip from a turkish server | 00:42 |
hajour | 212.58.4.188 | 00:43 |
Pendulum | yeah, but IP doesn't mean that much. Anyone can buy a server somewhere | 00:43 |
hajour | Doruk.net | 00:43 |
hajour | server in Istanbul - TURKEY | 00:43 |
hajour | AlanBell, had checked it | 00:44 |
Pendulum | (or if it's a really good hacker, they could be using a machine they've hacked into to then hack into more machines | 00:44 |
Pendulum | ) | 00:44 |
maco | you're not a bank, and you're not a government. the authorities won't care that someone tried to crack your system | 00:44 |
hajour | its means security needs to be improved | 00:44 |
Pendulum | they'll care if they stole identity and start using your credit cards, but that's about it | 00:44 |
hajour | i care when wintermute things and speechcontrol things are gone | 00:45 |
hajour | they even have used it to come on wiki | 00:45 |
hajour | what explaned why the links from the wiki where linking to empty pages | 00:46 |
hajour | that happened on 18 february | 00:46 |
hajour | i don't think linux like to be hacked | 00:46 |
hajour | well just do with the info you all want | 00:47 |
hajour | just don't say i have not warned for it | 00:47 |
hajour | the hacker use the owners name | 00:47 |
hajour | you only can see it on the ip adress | 00:47 |
hajour | i have say jacky to warn everone from wintermute and speechcontrol that all team members need to check there pc | 00:49 |
hajour | till later i am very busy at the moment not meant to be rude just want to inform you thats all | 00:50 |
hajour | for info undifined have logs to proof it and to let see how the hacker works | 00:51 |
hajour | http://paste.ubuntu.com/574729/ its all on here | 00:52 |
TheMuso | charlie-tca: Hrm let me try the alpha 3 candidate and see if I can reproduce what you found with Orca. | 00:58 |
TheMuso | If ssh is involved, IMO key authentication is the only way to do. | 00:59 |
TheMuso | s/do/go/ | 00:59 |
hajour | paultag is already busy with it | 01:07 |
hajour | i think he know that things TheMuso ?or need i to tell him | 01:07 |
TheMuso | hajour: He likely knows. | 01:14 |
charlie-tca | TheMuso: thanks. | 01:14 |
charlie-tca | Mine was a hardware installation here | 01:14 |
hajour | ok thank you TheMuso :) | 01:14 |
charlie-tca | I will probably try it again tomorrow, and file all the crash reports, but I am too tired today to file them all | 01:15 |
hajour | good night charlie-tca :) | 01:16 |
charlie-tca | good night, hajour | 01:16 |
hajour | its 2:16 here in night | 01:16 |
hajour | undi is still awake | 01:16 |
charlie-tca | get some rest, morning comes too fast | 01:16 |
hajour | he don't want to go sleeping before this is resolved | 01:16 |
hajour | and he have to be awake again at 6:00 | 01:17 |
TheMuso | That pastebin does not show how the hack was successful... | 01:18 |
TheMuso | Unless I missed something. | 01:18 |
TheMuso | All I see are invalid attempts, then, stuff to do with a session close for root. | 01:18 |
hajour | i just have said to undi what you said TheMuso | 01:19 |
hajour | he comes later tomorrow again and will explain it then | 01:20 |
hajour | i am not a IT person | 01:21 |
hajour | i only have give true what undifined said | 01:21 |
TheMuso | hajour: No problem, just not sure if I've missed something. | 01:22 |
hajour | he says it have no use to do true me he better tell it himself | 01:22 |
* TheMuso is now checking his gateway box ssh related activity, since he has an open ssh port for when he is on the road. | 01:22 | |
hajour | but now he really need to sleep he only have 4 hours left to sleep | 01:22 |
charlie-tca | TheMuso, hajour : I see nothing in that pastebin either, except failed attempts. | 01:22 |
* TheMuso usuallyd oes check, but check again after the above discovery. | 01:23 | |
hajour | charlie-tca, undifined will tel tomorrow | 01:23 |
hajour | he need to sleep | 01:23 |
charlie-tca | I will to. so far, my firewall has held up well. I will go look in the logs tonight though and make sure | 01:23 |
hajour | ok charlie-tca and TheMuso :) | 01:24 |
hajour | i also need to go to sleep | 01:24 |
hajour | i have 5 hours left then the kids need to wake up | 01:24 |
TheMuso | Goodnight | 01:24 |
hajour | goodnight TheMuso and charlie-tca | 01:25 |
hajour | and everyone else | 01:25 |
* hajour yawns | 01:25 | |
TheMuso | charlie-tca: For me, the minimum requirements for ssh are key authenticatino only, and only allowing specific users with the AllowUser directive. | 01:25 |
TheMuso | my logs are absolutely full of root ssh attempts, which is blocked. | 01:25 |
charlie-tca | yup, I get hits constantly on my firewall. I use key authentication, but also specific ip's allowed in only | 01:26 |
charlie-tca | I set iptables up to only allow my local ip addresses in | 01:27 |
TheMuso | Yeah thats ok if you know where you are connecting from, but when on the road/over seas, I never know. | 01:27 |
charlie-tca | that's true | 01:27 |
charlie-tca | I can not even connect myself when not at home | 01:27 |
TheMuso | Thats fair enough if you are willing to live with that. | 01:28 |
TheMuso | Wow, a lot of attempts with oracle as the username. | 01:28 |
charlie-tca | I am not smart enough to know how to set it safely for other uses | 01:30 |
TheMuso | Fair enough. | 01:31 |
Cheri703 | I have fail2ban set up on mine | 01:31 |
charlie-tca | never quite figured that out either | 01:31 |
Cheri703 | I just install it and leave it at default :) | 01:31 |
Cheri703 | locks you out after 3 failed attempts | 01:31 |
* Cheri703 tried it successfully then had to wait for it to clear -_- | 01:31 | |
Cheri703 | *tried to get it to block er | 01:32 |
Cheri703 | *her | 01:32 |
TheMuso | Cheri703: How long does it take to clear? | 01:32 |
Cheri703 | 15 or so minutes? maybe? | 01:32 |
Cheri703 | I think that's one of the things you can change, but I haven't bothered | 01:32 |
Cheri703 | but it may be long enough to get whoever is poking at it to move on | 01:33 |
Cheri703 | dunno | 01:33 |
TheMuso | fair enough. | 01:33 |
Cheri703 | 3 failed attempts and that ip isn't allowed access | 01:33 |
Cheri703 | just a small protection piece | 01:33 |
Cheri703 | I dunno, maybe I'm too lax with mine | 01:33 |
TheMuso | Yeah, I think keys do a large part of securing SSH, you just have to be careful with the keys themselves. | 01:33 |
=== jasono_ is now known as jasono | ||
TheMuso | charlie-tca: Whilst booting into the desktop with accessibility/orca enabled works for me, I suspect I might know what caused it for you, and I think its a race. WIll upload a fix for it post alpha 3. | 02:45 |
charlie-tca | Thanks | 02:45 |
=== API is now known as Guest80757 | ||
fregl | hi, would anyone be interested in packaging the Qt at-spi bridge some time? | 17:25 |
AlanBell | fregl: probably | 17:43 |
AlanBell | fregl: where is the code? | 17:43 |
fregl | AlanBell: it needs at-spi2 to work, other than that it is a single .so plugin. feedback welcome http://gitorious.org/qt-at-spi | 17:45 |
AlanBell | maco: ^^ | 17:45 |
maco | will give it a look this weekend | 17:46 |
fregl | thanks | 17:47 |
AlanBell | maco: I am interested in helping, but you are the Qt guru | 17:58 |
maco | not a guru | 17:58 |
maco | just someone with a teensy bit of qt programming knowledge | 17:59 |
AlanBell | everything is relative | 17:59 |
darkdevil666 | Hey hi! | 18:48 |
darkdevil666 | is there any team working on voice recognition? | 18:49 |
Pendulum | darkdevil666: it's kinda complicated, but you probably want to talk to hajour and UndiFineD about speechcontrol | 18:50 |
Pendulum | it's an upstream project that was started by them | 18:51 |
Pendulum | bascially, voice recognition is something that linux and open source in general is waaay behind on | 18:51 |
Pendulum | but hopefully speechcontrol will improve some of it for Ubuntu | 18:52 |
Pendulum | I think it's really mainly meant for commands right now | 18:52 |
Pendulum | (but they're also still a very new project) | 18:52 |
darkdevil666 | that's wonderful | 18:52 |
Pendulum | things that aren't so closely ubuntu related you might also want to look at are julius and CMUSphinx and simon listens | 18:53 |
UndiFineD | Thanks pen | 18:53 |
Pendulum | you're welcome :) | 18:53 |
Pendulum | (I'm head of the ubuntu accessibility team so it's kinda what I do to know this stuff ;-) ) | 18:54 |
Pendulum | (especially since I'm not a developer) | 18:54 |
darkdevil666 | thnks a lot pendulum | 18:54 |
Pendulum | UndiFineD: sorry, I missed that you said that. but I'm happy to send people your way who are interested :) | 18:54 |
Pendulum | darkdevil666: you're welcome :) | 18:55 |
=== zkriesse_ is now known as zkriesse | ||
=== popey_ is now known as popey |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!