[00:32] <charlie-tca> alpha3 fails for accessibility install; orca starts and quits immediately when you get to the live desktop
[00:33] <Pendulum> :(
[00:33] <charlie-tca> I think there is too much crashing to make it usable by orca
[00:37] <hajour> hai Pendulum  and charlie-tca 
=== jono_ is now known as jono
[00:38] <hajour> we just discovered undifined was hacked today .and the hacker comes root straight away
[00:38] <hajour> he use the owner his name
[00:38] <hajour> to do things under the ownders name
[00:39] <hajour> what seams to have happen to by jacky possible
[00:40] <hajour> we now let all teammembers from speechcontrol and wintermute check there pc s
[00:40] <hajour> he was in 5 attempts true ssh
[00:40] <hajour> in amazingly fast way
[00:40] <Pendulum> :(
[00:41] <hajour> undi will give logs from it to help irc
[00:41] <hajour> undi said i never have this fast way hacking
[00:41] <hajour> he camre true ssh
[00:42] <hajour> and undi have worked by government and by europese license office
[00:42] <charlie-tca> If a hacker got in through ssh, can he tell who it was?
[00:42] <hajour> so he know from security
[00:42] <hajour> its a a ip from a turkish server
[00:43] <hajour> 212.58.4.188
[00:43] <Pendulum> yeah, but IP doesn't mean that much. Anyone can buy a server somewhere
[00:43] <hajour> Doruk.net 
[00:43] <hajour>  server in Istanbul - TURKEY
[00:44] <hajour> AlanBell, had checked it
[00:44] <Pendulum> (or if it's a really good hacker, they could be using a machine they've hacked into to then hack into more machines
[00:44] <Pendulum> )
[00:44] <maco> you're not a bank, and you're not a government. the authorities won't care that someone tried to crack your system
[00:44] <hajour> its means security needs to be improved
[00:44] <Pendulum> they'll care if they stole identity and start using your credit cards, but that's about it
[00:45] <hajour> i care when wintermute things and speechcontrol things are gone
[00:45] <hajour> they even have used it to come on wiki
[00:46] <hajour> what explaned why the links from the wiki where linking to empty pages
[00:46] <hajour> that happened on 18 february
[00:46] <hajour> i don't think linux like to be hacked 
[00:47] <hajour> well just do with the info you all want
[00:47] <hajour> just don't say i have not warned for it
[00:47] <hajour> the hacker use the owners name
[00:47] <hajour> you only can see it on the ip adress
[00:49] <hajour> i have say jacky to warn everone from wintermute and speechcontrol that all team members need to check there  pc
[00:50] <hajour> till later i am very busy at the moment not meant to be rude just want to inform you thats all
[00:51] <hajour> for info undifined have logs to proof it and to let see how the hacker works
[00:52] <hajour> http://paste.ubuntu.com/574729/   its all on here
[00:58] <TheMuso> charlie-tca: Hrm let me try the alpha 3 candidate and see if I can reproduce what you found with Orca.
[00:59] <TheMuso> If ssh is involved, IMO key authentication is the only way to do.
[00:59] <TheMuso> s/do/go/
[01:07] <hajour> paultag is already busy with it
[01:07] <hajour> i think he know that things TheMuso ?or need i to tell him
[01:14] <TheMuso> hajour: He likely knows.
[01:14] <charlie-tca> TheMuso: thanks. 
[01:14] <charlie-tca> Mine was a hardware installation here
[01:14] <hajour> ok thank you TheMuso :)
[01:15] <charlie-tca> I will probably try it again tomorrow, and file all the crash reports, but I am too tired today to file them all
[01:16] <hajour> good night charlie-tca :)
[01:16] <charlie-tca> good night, hajour 
[01:16] <hajour> its 2:16 here in night
[01:16] <hajour> undi is still awake
[01:16] <charlie-tca> get some rest, morning comes too fast
[01:16] <hajour> he don't want to go sleeping before this is resolved
[01:17] <hajour> and he have to be awake again at 6:00
[01:18] <TheMuso> That pastebin does not show how the hack was successful...
[01:18] <TheMuso> Unless I missed something.
[01:18] <TheMuso> All I see are invalid attempts, then, stuff to do with a session close for root.
[01:19] <hajour> i just have said to undi what you said TheMuso 
[01:20] <hajour> he comes later tomorrow again and will explain it then
[01:21] <hajour> i am not a IT person
[01:21] <hajour> i only have give true what undifined said
[01:22] <TheMuso> hajour: No problem, just not sure if I've missed something.
[01:22] <hajour> he says it have no use to do true me he better tell it himself
[01:22]  * TheMuso is now checking his gateway box ssh related activity, since he has an open ssh port for when he is on the road.
[01:22] <hajour> but now he really need to sleep he only have 4 hours left to sleep
[01:22] <charlie-tca> TheMuso, hajour : I see nothing in that pastebin either, except failed attempts.
[01:23]  * TheMuso usuallyd oes check, but check again after the above discovery.
[01:23] <hajour> charlie-tca,  undifined will tel tomorrow
[01:23] <hajour> he need to sleep
[01:23] <charlie-tca> I will to. so far, my firewall has held up well. I will go look in the logs tonight though and make sure
[01:24] <hajour> ok charlie-tca  and TheMuso :)
[01:24] <hajour> i also need to go to sleep
[01:24] <hajour> i have 5 hours left then the kids need to wake up
[01:24] <TheMuso> Goodnight
[01:25] <hajour> goodnight TheMuso  and charlie-tca 
[01:25] <hajour> and everyone else 
[01:25]  * hajour yawns
[01:25] <TheMuso> charlie-tca: For me, the minimum requirements for ssh are key authenticatino only, and only allowing specific users with the AllowUser directive.
[01:25] <TheMuso> my logs are absolutely full of root ssh attempts, which is blocked.
[01:26] <charlie-tca> yup, I get hits constantly on my firewall. I use key authentication, but also specific ip's allowed in only
[01:27] <charlie-tca> I set iptables up to only allow my local ip addresses in
[01:27] <TheMuso> Yeah thats ok if you know where you are connecting from, but when on the road/over seas, I never know.
[01:27] <charlie-tca> that's true
[01:27] <charlie-tca> I can not even connect myself when not at home
[01:28] <TheMuso> Thats fair enough if you are willing to live with that.
[01:28] <TheMuso> Wow, a lot of attempts with oracle as the username.
[01:30] <charlie-tca> I am not smart enough to know how to set it safely for other uses
[01:31] <TheMuso> Fair enough.
[01:31] <Cheri703> I have fail2ban set up on mine
[01:31] <charlie-tca> never quite figured that out either
[01:31] <Cheri703> I just install it and leave it at default :)
[01:31] <Cheri703> locks you out after 3 failed attempts
[01:31]  * Cheri703 tried it successfully then had to wait for it to clear -_-
[01:32] <Cheri703> *tried to get it to block er
[01:32] <Cheri703> *her
[01:32] <TheMuso> Cheri703: How long does it take to clear?
[01:32] <Cheri703> 15 or so minutes? maybe?
[01:32] <Cheri703> I think that's one of the things you can change, but I haven't bothered
[01:33] <Cheri703> but it may be long enough to get whoever is poking at it to move on
[01:33] <Cheri703> dunno
[01:33] <TheMuso> fair enough.
[01:33] <Cheri703> 3 failed attempts and that ip isn't allowed access
[01:33] <Cheri703> just a small protection piece
[01:33] <Cheri703> I dunno, maybe I'm too lax with mine
[01:33] <TheMuso> Yeah, I think keys do a large part of securing SSH, you just have to be careful with the keys themselves.
=== jasono_ is now known as jasono
[02:45] <TheMuso> charlie-tca: Whilst booting into the desktop with accessibility/orca enabled works for me, I suspect I might know what caused it for you, and I think its a race. WIll upload a fix for it post alpha 3.
[02:45] <charlie-tca> Thanks
=== API is now known as Guest80757
[17:25] <fregl> hi, would anyone be interested in packaging the Qt at-spi bridge some time?
[17:43] <AlanBell> fregl: probably
[17:43] <AlanBell> fregl: where is the code?
[17:45] <fregl> AlanBell: it needs at-spi2 to work, other than that it is a single .so plugin. feedback welcome http://gitorious.org/qt-at-spi
[17:45] <AlanBell> maco: ^^
[17:46] <maco> will give it a look this weekend
[17:47] <fregl> thanks
[17:58] <AlanBell> maco: I am interested in helping, but you are the Qt guru
[17:58] <maco> not a guru
[17:59] <maco> just someone with a teensy bit of qt programming knowledge
[17:59] <AlanBell> everything is relative
[18:48] <darkdevil666> Hey hi!
[18:49] <darkdevil666> is there any team working on voice recognition?
[18:50] <Pendulum> darkdevil666: it's kinda complicated, but you probably want to talk to hajour and UndiFineD about speechcontrol
[18:51] <Pendulum> it's an upstream project that was started by them
[18:51] <Pendulum> bascially, voice recognition is something that linux and open source in general is waaay behind on
[18:52] <Pendulum> but hopefully speechcontrol will improve some of it for Ubuntu
[18:52] <Pendulum> I think it's really mainly meant for commands right now
[18:52] <Pendulum> (but they're also still a very new project)
[18:52] <darkdevil666> that's wonderful
[18:53] <Pendulum> things that aren't so closely ubuntu related you might also want to look at are julius and CMUSphinx and simon listens
[18:53] <UndiFineD> Thanks pen
[18:53] <Pendulum> you're welcome :)
[18:54] <Pendulum> (I'm head of the ubuntu accessibility team so it's kinda what I do to know this stuff ;-) )
[18:54] <Pendulum> (especially since I'm not a developer)
[18:54] <darkdevil666> thnks a lot pendulum
[18:54] <Pendulum> UndiFineD: sorry, I missed that you said that. but I'm happy to send people your way who are interested :)
[18:55] <Pendulum> darkdevil666: you're welcome :)
=== zkriesse_ is now known as zkriesse
=== popey_ is now known as popey