=== slank is now known as slank_away [00:10] am I losing my mind or is grub-probe really broken? with -d you give it a linux device, i.e. /dev/sda, but without it you give it a grub device don't you, i.e. (hd0)? [00:12] it says path [00:12] so I'd assume /boot [00:13] yep, it seems to like that [00:26] oh yea... hrm... I could have sworn there was a way to do the reverse of -d /dev/whatever -> (hdx) translation... hrm.. [00:29] you mean without grepping the device.map :-) [00:31] In general there should be no need to resolve (hd*) from the OS; it should only matter that the mapping between OS devices and GRUB devices is consistent, not what it is [00:31] In rare cases you can use grub-mkdevicemap and map from that, but it's best avoided if you can [00:33] is the script that builds the mainline-kernel builds available somewhere? I'm just trying to replicate a build and wanted to make sure I had it exactly the same === cpg is now known as cpg|away === cpg|away is now known as cpg === sraue_ is now known as sraue === tkamppeter_ is now known as tkamppeter === glebihan_ is now known as glebihan === cpg is now known as cpg|away === Ursinha-afk is now known as Ursinha [14:52] now here's an idea [14:53] a system service that waits for a user to ask it for a task, upon which it forks and drops privileges, creates a Unix socket in /tmp/, and accepts commands to download files [14:54] system download service, like on Android. Runs as the user, the download task listens for commands (like initiate new download or cancel download) while creating a separate download thread for each running download (maximize download speed), etc. [15:11] I'm not seeing any clear benefit to that over traditional use of in-process library code === cpg|away is now known as cpg === cpg is now known as Guest5182 [16:04] Bluefoxicy: I think what you are looking for is called "dbus" [16:05] maxb: it doesn't die when the browser etc crashes or needs to be restarted because an automatic security update ran and it no longer functions. [16:05] Bluefoxicy: a dbus method call that downloads files to specified locations would indeed be a nice feature for backgrounding downloads, and it could of course notify users of their completion [16:06] SpamapS: yes, or be queried for progress etc, told to relocate the file mid-download [16:06] pause and resume [16:06] Bluefoxicy: your browser shouldn't be crashing btw. :) [16:06] Chromium purports to pause and resume [16:06] except if you pause, wait 30 seconds, continue, it just goes "DONE!" with a half-finished file [16:06] then when you re-download it starts over. [16:06] Bluefoxicy: and downloads longer than 24 hours are rare, so the restart problem isn't really interesting [16:06] Firefox did the same back in the day for me [16:06] don't know if they ever made any web browser actually work [16:07] chrome/chromium rarely crash. Its their reason for existence. [16:07] I've downloaded DVD ISOs [16:07] Google saw the browser as the most important piece of software on the machine and saw Firefox's model as too crash prone. [16:08] Bluefoxicy: me too.. and on crappy connections too. Still doesn't take > 24 hours. So delay your browser restart for 24 hours. [16:08] Bluefoxicy: I'm not disagreeing, just pointing out that there aren't many actual use cases for refactoring everything around this. [16:08] also Chromium acts weird if you update it while it's running. Sometimes a DE update for KDE or Unity or Gnome comes in and some stupid thing crashes your desktop out. Still rare. [16:09] (Chromium acts weird in that it continues to work, but suddenly render processes insist on crashing every time something AJAXy or HTML5y happens, until you restart it--partial functionality) [16:09] SpamapS: the biggest argument is probably that it would get everything related to a task (downloading files) in one place (except for torrents). [16:09] And there's no need to refactor everything [16:10] Making the feature available and letting everyone else decide if they're gonna use it is good enough [16:10] like I said, my model was Android. You can glance at the status screen in Android and it shows all the downloads that are happening, from all applications, and you can cancel any of them or open the file when it's done [16:11] android apps have network access and media access, and could easily download files themselves in the same way. Just nobody does it because the system supplies an API for that. [16:12] anyway [16:12] The argument's been made, no use haggling over it. [16:14] Bluefoxicy: Sounds like something for the brain storm site [16:14] there's a brainstorm site? [16:15] http://brainstorm.ubuntu.com/ [16:16] ahh [16:43] "A lot of users are dissatisfied with the integration of the Amazon shopping lens in Ubuntu due to its many disadvantages such as the privacy issues or the use of the internet connection." [16:43] sigh 'privacy' in this day and age [16:43] 1) If there's no internet connection, I presume it fetches everything else and goes, "... ??? .... eh, oh well" and just doesn't do that and the user doesn't see it [16:44] 2) What 'privacy issues' are there with an amazon search? [16:44] Seriously people go, "But, the data, it touched... a web site! They might know who I am because they have, like, an IP in a database!" [16:45] they have your IP in (gasp) an IP packet! ... and apache logs. Quit whining. [16:46] Bluefoxicy: It's appropriate to understand peoples concerns rather than trash them [16:47] Bluefoxicy: I'm careful to not leak search queries to external sources [16:47] penguin42: no, sometimes there's such a thing as a dead-end concern and it's appropriate to point it out. [16:48] Bluefoxicy: It's not a dead end to those of us who work with very confidential stuff, and the worry frankly is that the problem isn't understood [16:48] okay I'll grant you that, with caveat. [16:49] Why oh why are you working with confidential stuff on a leaky system? [16:49] Like, why would you work with that stuff on Internet-connected Windows? [16:49] Bluefoxicy: It depends what's confidential about it - like I work with prerelease hardware or software not medical records [16:50] ah [16:50] Bluefoxicy: So on my desktop where I do my normal work with other colleagues also working on stuff I need mail, web browsers etc [16:51] and so if you search for and it sends the search to Amazon, Amazon will sell it to AMD and they will get a leg up on the next big nVidia chipset [16:51] Bluefoxicy: But hey why should it be leaky - I run Luks encrypted disk, full firewall, heck on my work machine i have to run an annoying AV system; so I take all normal precautions [16:52] encrypted disk doesn't do anything when the disk is mounted. [16:52] correct [16:52] Bluefoxicy: Right but people need to do dev on a system where they have the normal tools [16:52] k so we'll skip over all discussion of that. The state-of-the-art industry seems to think encrypted disk is a version of a firewall :| [16:52] yeh [16:53] I'm still trying to wrap my head around how exactly anything useful is going to leak here [16:53] Bluefoxicy: My problem is that what I search for is sent in clear text for starters, then if someone wanted to then the data is there for analysis [16:54] you don't send clear-text e-mails I take it [16:54] Bluefoxicy: Not for conf stuff, it's encrypted [16:54] also Google makes their search history available for analysis, granted in aggregated form [16:55] Bluefoxicy: With encrypted IM, and for some stuff with smtp servers insisting that the other end was using crypt [16:55] Bluefoxicy: So your example of the meaningless project name is interesting; what's useful there is to tie that up with anything else that can give you an idea as to what the project name [16:56] i.e. searching for relationships between "whistler" and anything else [16:56] nod [16:56] that was hilariously stupid [16:56] "WHISTLER: MICROSOFT'S CODENAME FOR A NEW OS!" again and again. And then Longhorn. [16:56] Microsoft is making a new version of Windows? You don't say! [16:57] Bluefoxicy: For example a project I used to work on the fact that the company was working with a certain multinational was the secret because then it would have been obvious what they were doing [16:57] anyway, point is I don't generally understand how any significant amount of CI can be leaked in a keyword or two [16:57] if your stuff is that obvious, it's probably not a secret to anybody [16:57] aha [16:57] relationship graphs are larger than they appear. Single contexted keywords can reveal a key relationship I guess. [16:58] yep, especially if you had all the search data from an entire company coming from a single IP [16:59] man I never get to work anywhere interesting. I've worked for best buy, for SSA, for a broadcasting company... [16:59] Bluefoxicy: I mean it's the only time I worked on something that hairy; but we actually had someone post on a site about us 'They're at this address, this is the version of all their software on their external sites...not that we'd suggest anyone was to do anything' - and this wasn't military or anything, this was just a normal software dev project with a big company [16:59] the most advantageous confidential data I could leak ever would be our new acquisitions of several stations [16:59] which gives our competitors just about zero advantage [16:59] the SEC might get mad about the leak because whoever is eavesdropping can use it to play the stock market. [17:00] Bluefoxicy: And it's your companys responsibility to be careful with it - so it's your company who has got to worry about leaks [17:00] yes but understand the scope in my case [17:00] if someone like, say, you got a hold of that and made a million dollars [17:01] okay, you have probably $50k in savings tops, you might make $50k on a good tip [17:01] nobody is going to care. [17:01] YOU might get arrested [17:01] I mean, I've never worked on anytihng that was that interesting :| [17:01] Bluefoxicy: Right, now lets go down a notch - what if it was your doctors receptionists desktop? [17:02] probably boring searches for "file on Jones, Smith" [17:02] nobody is going to search for "Jones, Smith, HIV" [17:02] Bluefoxicy: The point is it's not just the guy who makes the $50k who gets arrested, it's the IT guy and director at the firm that leaked it for not taking care [17:02] (in the US, HIV is a big deal--for a while it was illegal for doctors to make note in medical record that a patient had HIV because it was considered 'too confidential') [17:04] Bluefoxicy: I don't have a problem with their being a tie in with someone like Amazon, or even it being done in Unity, I just think the 'obvious' thing should be reasonably secure; normal people shouldn't have to think about basic security [17:04] that is a lot of stuff in one sentence. [17:04] yeh, sorry [17:05] Reasonable default security yes, I can agree with that. "Privacy" issue versus "Confidentiality" [17:05] yeh it's tricky, and my point is if it's tricky then the right thing is to lean towards secure [17:05] people are not whining in general about losing top secret clearance information; they're whining about "privacy" buzzword crap [17:05] you bring up some interesting concerns though. [17:05] But [17:05] "normal people shouldn't have to think about basic security" [17:05] this is laughable. [17:06] Bluefoxicy: Why? [17:06] this is like hiring doctors to stop STDs, and not giving normal people any explanation of the threat [17:06] Bluefoxicy: Right, but how much does your normal doctor know about computers? [17:06] What do we do, routinely test everyone for computer viruses and user stupidity and execute the ones that are too dumb to use a computer safely? That's the only real way you're going to get computer security without end user awareness. [17:06] Bluefoxicy: No my point is the opposite! [17:07] Bluefoxicy: My point is what we do is to make the normal GUIs they deal with doing everything as safely as possible so they don't have to worry about it [17:07] MY point is that you may as well give up the battle entirely if you want a brainless end user to use anything more capable than an NES without explaining basic security to them. [17:07] not e-mailing your credit card information to some random Nigerian Prince that wants to give you $25 million is "basic security" [17:08] Bell LaPadula, firewall configuration, network topology, and IDS is not "basic security" [17:08] Bluefoxicy: Right, that's fair [17:08] Bluefoxicy: But they wouldn't expect everything they type in their search box to be floating over their wifi [17:08] "Sending information out to the Internet and knowing where it's going" is basic security [17:08] yeah [17:09] though if something gave me Amazon search results, I would have a hard time explaining how that stuff didn't just go to Amazon [17:09] Bluefoxicy: So when the user thinks 'internet' they should think 'security' - but are they thinking 'internet' when they hit search? [17:09] they are on Android [17:09] probably not on a desktop. [17:10] heh [17:10] that's changing though. [17:10] Bluefoxicy: So as long as you can explain to your users to take care 'on the internet' and not send stuff over the internet when they're not expecting it then I'm happy [17:10] The most popular browsers ALL send everything you type in the URL bar out in real time [17:10] real-time DNS look-up and auto-complete, Google searches, Bing searches [17:12] Bluefoxicy: I guess having just had to deal with that type of stuff I like to know where my data is going; as long as I know what's going public and expect it then I'm reasonably happy [17:12] Immunology suggests that when an infection becomes so wide-spread, the general biosphere must adapt by becoming tolerant rather than immune--cats and primates are not harmed by their respective variants of some viruses that KILL humans, the only difference being the viruses for those animals can infect those animals' cells [17:12] penguin42: yeah, I guess I can understand that [17:12] at the same time, I think it's going to turn into a losing battle, regardless of merit [17:14] penguin42: it's like how you need to answer a simple math problem to get an account on Ubuntu QA [17:14] why who are they paying to answer those now? [17:15] This is a thing we've accepted. 35% of the adults in my city can't add 5 + 7 [17:15] (my city's high school graduation rate is below 60%) [17:15] youch [17:16] To be fair, those people can't read or write either, so I don't think we should worry about disenfranchising anyone :P [17:16] that's what I need [17:16] I need a job in education. [17:17] I need to fix the school system here. We have budget problems, in both directions--not enough money, but $13,000 per student per year and the facilities are falling apart and books are 40 years old and shared between students. [17:19] it's been a long time since I contributed anything to society--I worked at the US Social Security administration for a while, and now I work for a company that broadcasts network news media === yofel_ is now known as yofel === Quintasan_ is now known as Quintasan === Tonio_ is now known as Tonio_aw === Guest5182 is now known as cpg === rsalveti_ is now known as rsalveti === Ursinha is now known as Ursinha-afk === Ursinha-afk is now known as Ursinha