=== JonathanS is now known as JonathanD [00:27] I'm chuckling listening to Mac Break Weekly [00:27] they're asking for a "pro switch" to pull off the consumer crap [00:28] and make the OS more what they had before. [00:29] heh [00:30] yea, I've definitely lost much of any desire to try out a a mac again [00:46] speaking of apple fanboys [00:47] brousch: give the bookie mobile another go and let me know what you htink [00:47] make sure ot wipe the cache [00:49] chrome starts zoomed out :( gah [00:50] might have to test out that remote debugging stuff sooner than I thought [00:50] but seems to do ok on the original browser [00:59] snap-l: what do you mean pro switch pull off consumer crap? [01:11] jrwren: Basically keep things like filesystems and such. [01:13] i don't get it. [01:13] do they mean the app store standbox? [01:24] Among other things [11:59] morning [12:24] Good morning [12:24] How goes the day? [12:26] ugh, sleepy [12:28] Yeah, same mere. [12:28] so sleepy that I make typo [12:33] rick_h: i tried the mobile bookie. i think it's actually too big now [12:41] :P [13:19] so, letting your ec2 ebs volume run out of disk space is bad mmmkay? [13:25] i thought they could grow infinitely [13:27] they can, but they're defined to size X [13:27] and if X fills up, oops [13:27] you have to shut down, expand it, boot up, resize it [13:42] dangit unity [13:43] i updated the ubuntu 10.10 on my nook color. it literally took 2 days. i go to login with gnome and get the "your hardware ain't good enough" message [13:43] there is no login screen to select gnome classic on this [13:48] heh, cmdline ftw? How can you ctrl-alt-f2? [13:50] i'll dig into it when i have time [13:50] can probably muck with his vnc server and startup script to get something going [13:55] but yeah, i have a command line i can use [13:56] brousch: That's pretty cool [13:57] i think i can remove lubuntu and gnome and unity and install kubuntu into it [13:57] maybe xubuntu [13:57] brousch: I would like to point out that thinking you could get UNity 3D running on a nook was a little ambitious. :) [13:58] i just did a do-release-upgrade [13:58] i forgot that unity replaced regular gnome in 11.04 [13:58] brousch: How could you forget something like that? [13:58] It's literally marked on my calendar [13:58] 11.04. Never forget. [13:58] i took that pill for forgetting traumatic events [14:00] Precise Beta freeze 1 is coming up later today. [14:14] "I recently got pygame working on my Kobo Touch, an ereader running Linux. [14:14] I think I just felt something tingle in my bathing-suit area. [14:15] lol [14:15] and productivity plummets [14:15] funny enough, I did while I was writing that. Got two twitter replies. :) [14:18] ug, this thing is a mess [14:30] vnc to a linux server seems more practical [14:30] brousch: Yes [14:31] It may have more power than a 486, but the interfaces on tablet devices don't lend themselves to Linux. [14:36] nah, the problem is that this is bundled into a .img file i haven't been able to dig into [14:36] and it's 3.5GB so even moving it around is annoying [15:44] I swear, this recruiting company is dysfunctional [15:44] Third person, third call [15:44] Please to be updating your records [15:46] "I specialize in IT recruiting" <- No, you specialize in keyword searches. [15:49] currently installing ubuntu 10.04 on the NookColor using http://goo.gl/ubawW [15:50] same sort of thing as the other one, but you can pick ubuntu LTS or debian [15:52] also, 10.04 with gnome2 is the best ubuntu evar [15:55] lol. [15:55] i disagree. [15:55] current ubuntu is always the best ubuntu ever. [15:56] no [16:07] Fiesty Fawn FTW [16:07] LTS FTW [16:09] my current home PC came with this: http://origin.arstechnica.com/journals/linux.media/350/dell_ubuntu_cd.jpg [16:12] 12.04 won't fit on a single cd? :( [16:13] I think this is the first release that won't fit on a CD. [16:18] i like this linux on android installer. it is actually installing instead of just moving a big .img file [16:22] 12.04 scroll bars are an improvement on the 11.04-11.10 versions [16:23] ug, the unity scroll bars. don't remind me [16:23] ug unity, don't remind me [16:44] what is this news about single CD? [16:44] was it announced? [16:44] or is it just a nightly that doesn't? [16:44] * jrwren testdrive updates. [16:44] I saw it on wikipedia [16:44] bah [16:44] lies. [16:44] probably ubuntu haters :p [16:45] I'd love to know why this SAX parser is seasoning my data with '\n ' [16:53] its 709MB right now, that will probably fit in an ISO [16:53] err, fit on a CD [17:01] oh man, you can pick pretty much any version of debian or ubuntu with that android installer. it just defaults to 10.04 for ubuntu [17:01] up through natty [17:10] brousch: are you using the $2.49 Ubuntu Installer from the marketplace? [18:01] Chrysler sucks. Blocking all my http-to-irc sites. [18:02] How's things? [18:04] rick_h_, (or anyone)... [18:04] http://pythonadventures.wordpress.com/tag/ipdb/ [18:04] 'import ipdb as pdb' [18:04] how would i do that on ubuntu? [18:05] i'm hoping i can without easyinstall [18:07] smoser: heh, if it's not packaged the easiest way is with easyinstall/pip [18:08] else you could download/extract/setup.py [18:08] as long as you had all the deps [18:08] i just dont like /usr/local [18:08] smoser: if you don't need ipdb you can just pdb since it's built in [18:08] right. [18:08] smoser: you bootstrapping an app in a venv or something? [18:09] smoser: http://stackoverflow.com/questions/7465445/how-to-install-python-modules-without-root-access [18:09] if you can play with the python path for what you need [18:10] rick_h_, thanks. it seems as easy as [18:10] * git clone https://github.com/gotcha/ipdb.git [18:10] * PYTHONPATH=$PWD/ipdb ... [18:11] smoser: as long as the setup.py doesn't have deps/is pretty bare yea [18:17] thanks rick_h_ [18:18] that seems good enough for ipdb. [18:18] i'll package that next cycle. [18:46] ok, I laughed on the inside http://www.reddit.com/r/programming/comments/q2oly/sourceforge_doing_it_wrong_%E0%B2%A0_%E0%B2%A0/ [18:48] That's so stupid [18:51] Machine Learning for Hackers--New from O'Reilly Media [18:51] k? [18:52] Hah, already bought it [18:52] I'm suck a loser. [18:52] s/suck/such/ [18:53] O'Reilly sent an e-mail [18:53] ah, gotcha [18:53] yea, we bought it when the had the half off dela on it [18:54] http://shop.oreilly.com/product/9781934356791.do?imm_mid=07f51a&cmp=em-orm-pr-pb-developers-code [18:54] DOes this book seem pretty stupid to anyone else? [18:56] Seems a bit of a waste of a book [18:56] no way. it has 50 nuggets. that's more than you can get at mcdonald's [18:56] Wolfger: ssh home, use irssi. chrysler can't suck that bad :p [18:57] jrwren: Chrysler sucks that bad [18:58] Seriously, they have the worst nanny-filtration I've ever seen at a company [18:59] At least at Ford you could get access to Telnet if your manager was so inclined. [18:59] snap-l: in a couple of weeks, prepare to meet your doom [19:00] ColonelPanic001: I know I still have an IGS account [19:00] not sure about KGS [19:00] (really hope they're just the same thing rebranded) [19:00] I haven't used IGS, I don't think, but I can make one. I'm not that picky [19:00] OK [19:00] Reason I use IGS is all of the clients support it [19:00] KSG is just what I'm used to, but I don't really care much [19:00] run SSH listening on 443 ;] connect. #win. [19:00] yeah, works for me [19:01] gets through pretty much every rediculous nanny-filteration system [19:01] jrwren: hope they don't do deep packet inspection #win [19:02] how can you deep inspect SSL? [19:02] oh you can't! [19:03] Bruce Scheier does deep packet inspection of SSL. In his head. [19:03] http://www.terranpro.org/Tunnel%20SSH%20over%20SSL%20or%20HTTPS.html [19:04] unless its a corproate owned machine and they install a trusted cert on it. [19:05] snap-l: you realize that is what I suggested, just documented :p [19:05] jrwren: Yes [19:05] and OVERLy documented. [19:05] you really don't need to make it that cmoplex. [19:05] thought you just meant putting SSH on port 443, not tunneling SSH over SSL [19:06] and frankly it might be better to just find another company to work at than deal with this. :) [19:06] ssh on 443 on your home server sounds reasonable to me [19:06] yes, I mean run ssh on 443, so that you can get OUT, once you can get an ssh connection out, you can get any tcp connection out, we know this :) [19:07] sudo /sbin/iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 22 #see how easy that was. Now connect to "myhouse:443" WIHT YOUR SSH CLIENT :) [19:07] I only know this shit because I did the same thing to get out of GM. [19:08] GM/Chrysler/Ford... :) [19:08] Chrysler's nanny-wall has become much worse since I was there [19:08] even still, its not likely they are intercepting SSL. [19:08] I'd be surprised if they even let 443 connections work. :) [19:08] O_O [19:08] well that would be a tough one then. [19:09] why bohter with web at all tehn. [19:09] "EVERYTHING SHOULD BE IN THE CLEAR. YOU SHOULDN'T NEED ANY SITE YOU CAN LOG INTO" [19:10] Too bad it's not Daimler Chrysler, or I'd start singing "VERBOTENLAND" by Hanzel und Gretyl. [19:11] snap-l: you could go through DNS [19:11] it's painful but doable [19:11] nullspace: How so? [19:12] OzymanDNS [19:13] it's tunnel ssh over dns [19:13] That's messed up [19:13] yeah it's slow too [19:13] I'll bet. [19:14] but they could log dns and they might flag unusal amount of traffic [19:14] I'm sure no network admin in the world would question a flood of UDP packets coming from your machine. [19:14] bah. no one will notice him streaming HD pr0n through dns [19:15] brousch: you'd be surprised [19:15] brousch: Hell, doesn't need to be HD pr0n. Just negotiating keys would be significant. [19:15] people have to read logs for them to be of any use [19:16] nullspace: All of the network guys I've dealt with would notice something like this [19:16] so many companies keep logs but do little to anything unless sirens start blaring [19:16] Uriah Welcome would smell the traffic spike [19:17] He's my go-to image of the omniscient network admin [19:17] ok next idea. Use your phone [19:18] nullspace: Chrysler has the perfect natural defense for that too: lead glass. [19:18] It's like they thought of everything. [19:18] ;) [19:19] snap-l: ok new idea, write a malcious pdf that gives you a reverse shell, and route all your traffic through their box [19:20] I meant your bosses computer [19:20] sorry I have a headache and I'm skipping through my thoughts as I write [19:21] nullspace: Just get hired into the corporate security, and bypass all of the nanny-state bullshit [19:21] Seriously, I think they do more to make their employees want to act badly by restricting everything [19:21] or compromise corporate security... [19:22] snap-l: that is actually an idea forming in infosec [19:22] Would definitely get you out of the firewall. ;) [19:23] Well, seriously, if you treat your employees like children, they're likely to do even more childish things [19:23] also filters tend to break teh CIA trianlge thus they break security [19:23] punish the bad eggs, and save yourself $$$$ on filtering software costs. [19:24] snap-l: you know the bad eggs from their sulfer smell [19:25] nullspace: and you (and jrwren) hit it on the head: there are creative ways around any firewall. [19:26] All of which put strain on otherwise normal services (DNS, web-based traffic), and are inefficient. [19:26] SSH via UDP is clever, but it's not even remotely efficient. [19:29] jrwren: Hanzel und Gretyl - Ich Bin Uber Alles [19:30] snap-l: i only like the 2 first albums. [19:30] snap-l: that one makes me :( [19:30] Really? Why? [19:31] cuz first two were great IMO [19:31] the rest were nazi metal AFAICT [19:34] nullspace: gm/ford have SIEM solutions they would (if they deployed correctly) absolutely notice ssh via UDP. [19:34] Considering I'm more likely to listen to "The Land Of Rape And Honey" onward, over "Twitch" and prior, I don't see a problem with this. ;) [19:34] but yes employment in infosec is the best bypass :) [19:46] snap-l: ++ I've observed first hand over zealous security's negative impact on an environment. [19:46] kids breaking computers (physically in schools) as policies locked them down too far. Back the security off a bit to let them change wallpaper and repair rates dropped. [19:48] does anyone know if apt.conf's Acquire::http::proxy has always been there or was it added at some version? [19:51] ah, i got ubuntu natty command line running on android. now to see if i can get a gui [19:52] and i just noticed Scott_firebeta asked what i was using: http://goo.gl/WM4nc [19:53] my decive was not supported, but i was able to download and install the APK from their web site [19:53] device [19:55] sideloading ftw, I haven't had time to mess with the thing yet. I'm very interested though. [19:56] hm, looks like the version on the website is a few months older than the current one in the market. oh well. it works [19:59] krondor: it's easy. just pick your distro and version, click some buttons in the order it tells you to. it downloads a barebones version of that distro and installs it. you ccess the command line on it via chroot [20:00] if everything goes right, i'll install kubuntu-desktop and x11vnc. this will give me a deskop i can access on localhost via vnc [20:22] http://tatiyants.com/devops-is-ruining-my-craft/ jcastro you need to pull that into a talk sometime [20:22] yep [20:24] http://shop.oreilly.com/category/deals/core-javascript.do [20:24] * rick_h_ hides so no one sees he has all three of those [20:24] hard to turn down any oreilly book for $4 [20:33] jcastro: but what about the craftsmanship! The thrill of troubleshooting! [20:34] learning your kernel was compiled without 1 Gbps ethernet support when you swap a NIC, or Apache was built with -Oinfinity -fomit-neededThing [20:34] git is so good sometimes I want to make sweet love to it. [20:34] he's turning linux servers into windows desktops! a system isn't working, shut it down and redeploy it [20:36] every third server was deployed with deadlineI/O while the rest had BFQ [20:36] how else can you find out who your good troubleshooters are if they don't have to wade through every sysctl setting [20:43] lol [20:43] * snap-l feels like a punter because he doesn't use customer kernels [20:44] last time I used custom kernels was on a machine that was ill-suited to compile them. [20:53] http://www.jorgecastro.org/2012/02/23/how-ubuntu-michigan-runs-jams/ [20:57] snap-l++ [21:04] http://decafbad.net/2012/02/23/how-to-jam-like-a-michiganian/ [21:05] oooh, this is snap-l's first ubuntu event as dictator isn't it [21:06] release part back for 11.10? [21:06] party [21:08] Yeah, I've been dictator for some time. :) [21:09] at least 4 months now [21:11] that doesn't count. only events that i attend count ;) [21:40] https://www.eff.org/press/releases/eff-wins-protection-time-zone-database [21:49] snap-l: thank the lord [21:49] that was a stupid effing case [21:49] I'm glad they decided that it was better to drop it [21:52] though, it would have been a nice precedent [21:52] Other than the "facts aren't copyrightable" precedents? :) [21:54] well, the more cases where they try to argue "selection and arrangement" and other shit that get shot down the better [22:36] I tried setting my network settings with http_proxy=http://..... [22:36] but that didn't seem to do it. Is it because the computer isn't part of the domain of the proxy? [22:38] I can ping computers on the network, just nothing outside the network [23:54] * snap-l just got the Basketball version of Tennis Football Basketball from Carnaval [23:55] Got big ol' CC logos on the disc and the back cover [23:55] water going in the tank, wheeee [23:55] rick_h_: Awesome. :) [23:56] Also listening to the Squeezbox classic in the living room [23:56] which means one thing............. [23:56] I HAVE TWO SQUEEZEBOXEN