ubottuIn #ubuntu, bekks said: ubottu: libboost is working fine - smc is missing a file.15:51
ubottuLjL called the ops in #ubuntu (NTFS83 seems like this is the usual person)17:22
ubottuNTFS83 called the ops in #ubuntu (ljl spammer)17:23
NTFS83!ops | ljl spammer17:23
ubottuljl spammer: Help! Channel emergency! (ONLY use this trigger in emergencies) -  Tm_T, tritium, elky, Nalioth, tonyyarusso, imbrandon, PriceChild, Madpilot, Myrtti, mneptok, Pici, tsimpson, gnomefreak, jussi, topyli, or nhandler!17:23
ubottuNTFS83 called the ops in #ubuntu-ops (ljl spammer)17:23
NTFS83!ops | ljl spammer17:24
ubottuNTFS83 called the ops in #kubuntu (ljl spammer)17:24
emHi there.17:36
IdleOneHello em17:41
bazhangnever figured lj l for a spammer17:51
* LjL hides17:55
emIdleOne: Hi there. Id like an update on how long I have been banned in #ubuntu, who banned me from #ubuntu and the stated reason.18:09
IdleOnelooks like your last ban was set  by ikonia in #ubuntu on Feb 04 201218:12
IdleOneand it seems it was because at the time you were inviting people to ##club-ubuntu18:12
=== Guest28208 is now known as Tm_Tr
IdleOneem: Was there anything else I could help with?18:16
emThat should be, "ikonia wondered if I was inviting people to ##club-ubuntu". When I asked him about it he demanded I come here, which I am not really thrilled about. I think he was power tripping.18:17
IdleOneWell I guess that is one interpretation of how it happened. All I can tell you is what we have as info.18:18
IdleOneand I did.18:19
emYes. Id like the ban lifted in #ubuntu since it was set in February of 2012 and isn't based on any actual problems.18:19
IdleOneem: I'm sure you have been told before that you can appeal the ban in #ubuntu and any other ubuntu channels with the Ubuntu IRC Council, do you need me to have the bot give you that info again?18:20
IdleOneSeeing how you have such a long history with the Ubuntu ops team and a great number of bans. I am not going to be removing any bans today.18:20
IdleOne!appeals | em just in case you needed that info again.18:22
ubottuem just in case you needed that info again.: If you disagree with a decision by an operator, please first pay #ubuntu-ops a visit. If you are still unhappy, please see https://wiki.ubuntu.com/IRC/AppealProcess for the steps you should take. If you feel the need to discuss the channel rules, please contact the ops on IRC or via the email address on the aforementioned page.18:22
IdleOneAnything else?18:25
emOkay well ikonia and people like him are destroying your community. Not me. I hope others will not be banned on the basis of one of his notorious whims and then asked to go through all the trouble of cleaning it up. If I go to the Ubuntu IRC council it will be to ask that he is no longer allowed to be an operator.18:27
LjLPricey: moons?18:29
PriceyIs it anything more than a grudge at this point?18:29
LjLPricey: who even knows18:30
LjLspeaking as a coward, i'm glad this came at a time when i no longer have a +o flag in #ubuntu :P18:31
IdleOnePricey: sometimes i wonder that myself18:31
PriceyLjL: Can we help you?18:32
IdleOneLjL: you're a coward?18:32
LjLIdleOne: my motto is "nobody can break me if i have no spine"18:32
LjLPricey: oh i'm still an op in other places, no reason to kick me just yet!18:32
PriceyIdleOne: So I think this is probably related to the email/discussion earlier in the week.18:32
IdleOnePricey: right, but I am not sure I saw anyone say or imply that LjL was a coward18:33
LjLi did18:33
IdleOnein that case it must be true18:33
PriceyMy line to Ljl was passive-aggressive, "you're not an op here? gtfo" sarcasm.18:34
PriceyMy lines to you IdleOne are completely unrelated.18:34
LjLi'm not accusing anyone of anything (for a change), i'm just calling myself a coward because i'm glad i "can't" deal with emma's ban even if i wanted to.18:34
IdleOneLjL: You don't need to be an op in the channel to help out with resolving it.18:34
PriceyIt's be good to see some resolution.18:36
IdleOneAt this point I think it really needs to be an IRCC decision18:37
LjLIdleOne: that's true, i don't18:37
bazhangsarcasm is allowed here now?18:37
LjL(which might be why i'm in a query with emma?)18:37
IdleOnePricey: but you are welcome to remove any bans you like if you feel that is warranted18:38
PriceyIdleOne: It's tempting.18:38
* AlanBell is sad that em once again didn't help herself19:13
LjL"help herself"?19:55
AlanBellshe is plenty clever enough to know that she could get the ban lifted if she wanted to20:07
reisiowoooo and muy_duro spammin'20:18
LjL#ubuntu i assume20:20
LjLseems a likely story, since the ident is "ircap" and the nickname isn't really encouraging20:20
AlanBellthey haven't said anything there20:20
LjLi'll cycle20:20
LjLi assume private20:20
LjLi didn't get spammed on join either20:21
LjLhe's also in #debian now, will look if there's any reports there20:21
IdleOnethey have gotten pretty smart about msg'ing on join and who is in the ops list/part of the ops team.20:22
LjLIdleOne: i know, yeah, but i'm not +o so... although they could avoid spamming cyclers20:23
jpdsHe's gone.20:25
jpdsSpammed me.20:25
IdleOnenot so smart after all20:25
LjLthird's the lucky one!20:26
jpdsSame IP.20:26
PriceyAlanBell: What does she need to do?20:27
AlanBellagree to use the channel according to the guidelines, agree not to make unsolicited contact with people met in the channel for the purposes of inviting them elsewhere (leaving aside any question about whether or not she may or may not have done in the past)20:29
jpdsAlanBell: I could show you what muy_doro (which means very hard in Spanish) sent me, but it's in Spanish too.20:30
AlanBellI don't know much Spanish. (apart from "Swiper no swiping!")20:31
IdleOneI actually snorted from that20:32
IdleOneprobably a link to some not family friendly site20:32
LjLjpds, i'm sure we can imagine it20:32
jpdsAnd now for some spanish culture: https://www.youtube.com/watch?v=YbYRSvvRS9Y20:35
IdleOneAlanBell: any reason why #ubuntu-beginners-dev has a channel limit?20:36
IdleOneor has it been closed and not forwarded anywhere?20:36
AlanBellclosed I think20:37
AlanBelljose probably knows about that20:37
=== bazhang_ is now known as bazhang
AlanBellMode lock  : +lf 1 #ubuntu20:39
AlanBellso forwarded to #ubuntu, but you are already there I guess20:39
IdleOneShould remove the +l so people don't get the limit reached message20:40
LjLthat's an interesting way to make a channel invite only...20:42
bazhang"install unity"?20:42
AlanBellshould be fixed now IdleOne20:44
IdleOneYou are so amazing and awesome and want you to know you are appreciated and loved by all.20:45
ubottuWow! You're such a great helper, you deserve a cookie!20:45
ubottuUm thanks... We *really* did not need to know that...20:45
jpdsMeanwhile, in #ubuntu-ops.20:45
=== Pricey is now known as emil
=== emil is now known as Pricey
LjLwilee-nilee makes no sense to me :\21:45
LjLalso, while it may be true #ubuntu doesn't know much about UEFI (i know i don't), i'm not really sure we want to advertize as much, or redirect to forums postings i can understand even less than i can understand wilee-nilee...21:46
bazhangdoes !uefi not cover that?21:46
ikoniaLjL: no linux distribution has a real solid implementation on EFI partly because of the unique design of EFI some vendors are doing21:46
ikoniafind me one that can deal with it out of the box more times than not....21:47
ikoniaor find me a stable better solution than grub to use efi nativly,21:47
ikoniaat the moment, it's just not there21:47
LjLbazhang: possibly. i just don't know, have no UEFI machine and have not researched it, but wilee-nilee seems to be saying the links he has are better than what the bot provides, but that's about the only thing i can make sense of among all he's saying (i can't make much sense of what the user asking for help is wanting, either, to be fair)21:48
LjLurgh, and i shouldn't look up these things about UEFI secure boot either, they make me sick21:53
ikoniaLjL: it's a complex situation due to the different vendors, rather than a technical blocker (apart from secure boot)21:54
LjLyes secure boot is the part that makes me sick21:54
LjLa BIOS replacement in and of itself is fine, i guess21:55
ikoniathe EFI part isn't great, again not because it's bad, but because of how different vendors have done it21:55
LjLwell, i much prefer something that's limiting because the implementation messed it up, than something that's limiting because they skillfully built it to limit me21:56
ikoniato be honest, you'll be just as blocked/frustrated by both situations,21:56
ikoniasecure boot is also a 1 second bios option change to disable, as opposed to the great blocker, where as the EFI implementation, doesn't change with a bios setting21:57
LjLwell once i get a kernel booted in "insecure" mode *somehow*, i'm pretty sure i can do what i want. if i'm going to use Fedora's (don't know about Ubuntu's, haven't read about it yet) signed kernels, on the other hand, those are going to prevent me from installing unsigned modules, or modifying memory from userland21:57
LjLikonia: it's also just slightly longer than 1 second for the vendors/lobbies to stop making it disable-able21:58
LjLmeanwhile, Linux distros are playing the game, by getting their kernels signed21:58
ikoniaLjL: ture, but at the moment, that's not happening21:58
LjLonce they're all signed, the big lobbies can say "what's the problem? Linux can run anyway, it's all signed! no monopoly!"21:58
ikoniaI'd be interested in how you get on with the signed kernels, there have been a reasonable set of problems with them21:59
LjLikonia: well, already i'm reading, that on some systems at least, if secure boot is disabled, Windows will *not* boot, and that already seems like a huge chore for dual booting21:59
AlanBellexcept for ARM21:59
LjLAlanBell: and that, yeah21:59
ikoniaok, accepted, arm is a different game21:59
LjLAlanBell: but about ARM, people will more often than not say "well? you didn't even have computers with ARM before, so, what are you complaining about?"21:59
AlanBellon ARM, if you are unfortunate enough to have windows, then secure boot is on, required, not disableable22:00
LjLor, "tablets and phones have always been locked!"22:00
LjL(they've only existed for, like, 4 years, but the word "always" has strange meanings for some people)22:00
ikoniayes, x86 is the only one you can disable, but they are the majority, and being realistic, disabling secure boot is an easy 1 second fix22:00
LjLikonia: i'm not really sure they'll stay the majority for very long, if nothing else, because "tablet"-like things are getting so popular for home users22:02
ikoniaLjL: sure, I can agree arm will gain ground in some big markets, but I'm not panicing where we are now at this present moment22:02
LjLikonia: also, i was talking to ryaxnb about something similar yesterday (specifically, Chromebook's "secure boot" thing), and he was also saying, well you can disable it. but they show a huge scary warning telling you your system is UNSAFE, and then you have to press Ctrl+D to boot, because Space or Enter will get you into recovery22:02
ikoniathats new as thats certainly not the case on my test chromebook22:03
LjLikonia: now, UEFI secure boot isn't quite like that, but don't you see? by calling secure mode "user mode", for instance, they're trying to pass the message that anything else is "developer mode", "scary mode", "unsafe mode" or what you want to call it22:03
ikonia(well it's not mine but I use it)22:03
LjLikonia: i don't know, i got the info from here http://www.chromium.org/chromium-os/chromiumos-design-docs/developer-mode#_Toc248215938_3369763251394033_763673471286892922:04
LjLanyway my point, aside from the specifics of various implementation, is the constant attempt to send the subtle message that only what's signed is "okay"22:05
LjLi'm not really panicking either anyway, my computer still works, but i'm complaining and i feel i'm not even doing that loudly enough22:06
ikoniaI don't disagree, I was only referencing it from a technical solution as opposed to an end to end solution22:07
LjLbesides, if disabling UEFI is just a 1 second solution without any "undertones" or scare-offs, then why did Ubuntu or Fedora feel the need to go the signed kernel routes (basically approving this system of signing)? that's where i feel there may not have been enough complaining. Linux vendors should not go around making themselves dependant on Microsoft signing their kernels.22:08
AlanBellit was a sucky situation22:09
ikoniaefi isn't a 1 second change on all tin22:09
ikoniasecure boot is, efi isn't22:09
ikoniasome of them don't have a legacy mode22:09
LjLikonia: okay but signed kernels are about secure boot, not EFI22:09
AlanBellevery option sucked, they picked what looked like probably the least sucky of the options22:09
ikoniaLjL: I know, I only responded as you said uefi, so I thought you where talking about efi not secure boot22:10
ikoniathere needs to be a long term solution for secure boot, which is why they appear to be pushing forward with it22:10
LjLAlanBell: well, the thing that depressed me the most right now was the Fedora doc saying "Other distributions have chosen to not require signed kernel modules in their Secure Boot implementation. Fedora believes that to fully support Secure Boot this is required. We are working to limit the impacts of this while ensuring that untrusted module code is not allowed to execute."22:10
ikoniabut I'm more worried about the lack of efi complience and mess of working with grub with it22:10
LjLAlanBell: i read that as basically saying, "We recognize that agreeing to Secure Boot eventually means giving up our - and our users' - ability to run the software they want after they've booted their OS, but we're doing that anyway."22:11
Jordan_ULjL: For the record, no distribution is getting their kernels signed by Microsoft, nor do I ever expect them to. Fedora is signing their own kernel and modules with their own signatures only.22:11
ikoniaJordan_U: this was my understanding only22:12
ikoniathere was no route to use microsoft to sign them at the moment22:12
ikoniathe fact that one company with an OS for sale is the cerfiticate authority is more of a concern22:12
LjLJordan_U: okay, i think "shim" is the part that's Microsoft signed, still.22:13
Jordan_UIt doesn't make sense for Microsoft to sign the kernels. All that Microsoft needs to sign is the very beginning of the chain, the shim which does nothing but load an image of Grub which is signed by Ubuntu's/Fedora's/whoever's keys.22:13
ikoniabut shim doens't appear to be a solid boot loader setup for efi any more than grub22:14
LjLJordan_U: as i understand it, the system is basically saying "the main CA signs the initial bootloader, or whatever you want to boot your OS with, with the initial key, then you're responsible for your entire OS actually respecting Secure Boot requirements, and if it doesn't, then your initial key can be revoked"22:14
AlanBellshim is the not signed by microsoft solution, it is the linux foundation thing that is signed by microsoft22:14
AlanBellthis http://blog.hansenpartnership.com/linux-foundation-secure-boot-system-released/22:14
LjLuh... https://wiki.ubuntu.com/SecurityTeam/SecureBoot#Shim_bootloader_signed_with_Microsoft_key ?22:15
ikoniaAlanBell: I thought it was shim directly22:15
Jordan_UAlanBell: No, the linux foundation's thing is different. Ubuntu and fedora use Matthew Gerret's shim.22:15
LjLand the Fedora docs say "Shim: This is signed by the UEFI signing service. We do not have control over this key. The shim contains the Fedora Boot CA public key."22:16
LjLnote do NOT have control over this key22:16
AlanBellah, I misinterpreted this then http://mjg59.dreamwidth.org/20303.html "this is intended for distributions that want to support secure boot but don't want to deal with Microsoft."22:16
Jordan_UAlanBell: Which does not include Ubuntu, Fedora, or any distro that wants a solution where supporting secure boot doesn't require an explicit extra step by the user at install time.22:18
ikoniaJordan_U: what's the extra step ?22:19
LjLAlanBell: well, that's still signed by Microsoft though, as i understand it - just, the *shim only* is signed by Microsoft, and then it allows you to boot any self-signed kernel (apparently, under the understanding that as long as shim shows a "warning" about it, it's respecting the secure boot specs)22:21
LjLbasically it's "breaking" the chain of trust in a seemingly allowed way, by saying "instead of creating a chain of trust down to the kernel modules and userland interface, i'm asking the user in case they don't care"22:21
LjLwhich is good, but still vulnerable to the EFI alliance or whatever to change their minds about that being allowed22:21
Jordan_Uikonia: At first boot, being asked to browse through the files on any fat32 partitions on your system and select a keyfile to add to your local database of trusted keys.22:23
ikoniaJordan_U: ok, so the step is the selecting of the key that signed it,22:24
ikoniathat makes sense22:24
LjLJordan_U: would it be against the secure boot specs to have something that just selects the needed key automatically (from metadata contained in the kernel package or whatever)? then, just a warning would need to be shown22:25
ikoniaLjL: how would you work out what key signed what ?22:26
ikoniatrial and error ?22:26
LjLikonia, i said, from metadata. the kernel package itself would tell the bootloader where to find the right key. what am i missing here?22:26
ikoniano, that's fine, I see what you mean22:26
ikoniaI didn't grasp that you where suggesting22:26
Jordan_ULjL: There is no specific specification about user interfaces for these types of things. The thought is that just requiring the user to click "OK, continue already" would be something a malicious person could convince a user to do without them realizing the consequences, and thus could be used to propogate malware.22:27
LjLsomehow i have a little trouble imagining malware being spread more easily by convincing people to reboot into malicious kernels than by just exploiting stuff in userland... but maybe it's just me22:28
ikoniait's certainly a risk, certainly is the less professional maintained distros and packages such as PPA's22:29
LjLmaybe if we were at the point where kernels were actually mathematically proven correct, or anything of the sort - which we really aren't - then that would become more relevant. but right now, this seems to be pushing a different agenda to me22:29
ikoniaif you look at it as an end to end problem, it's pretty messed up22:30
LjLikonia: right, which makes me suspect (perhaps because i'm a paranoid person) that this insistence from "secure boot" entities to tackle one end only... has a different agenda22:31
ikoniaI have no idea if you're right/wrong on that, but it still remains a total mess22:31
ikoniaI hope you're wrong and it's just a poor attmpt to solve some basic security problems22:31
LjLespecially when we already have things like smartphones, already implementing much stricter versions of these "secure boot" ideas, that end up being quasi-illegal to "jailbreak" thanks to the deadly combination of locks and intellectual rights, paving the way for "anti-circumvention measures"22:32
ikoniathe phones thing, is less of a concern to me, as they make it pretty clear up front the rules22:32
ikoniaeg: apple - jailbrake your iphone and you get no support and we'll brick it22:32
LjLevery three years, or however often it is, there needs to be fight in the US about users still being able to boot what they decide to boot on their iPhone, because under a strict reading of the DMCA, maybe they can't, and so the Library of Congress needs to keep granting an exemption... you tell me whether this is sane22:33
ikoniaif you want an open platform...don't buy it22:33
LjLwhat if there's no longer any open platform left, after they do away with old BIOS-based PCs and all we have is that stuff?22:33
ikoniathat's the vendors choice, and you can only change it by voting with your feet22:33
LjLit's not like Android phones, most any of them (aside from rare exeptions), esplicitly allow free booting22:33
ikoniapeople are not making open platforms....why22:34
LjLikonia, if all the vendors make a cartel, then i can only choose to stop using computers22:34
ikoniawe've had the same problems with performance video cards and linux for a long time22:34
LjLwhich isn't really all that realistic22:34
ikoniano you can only use the software they choose,22:34
LjLikonia: so say... if i don't like secure boot - let's say even though, for now, it's optional, i still would like to "vote" against it - what do i buy instead of a PC? a Mac? wait, those are even more "secure". an Amiga? i wish, but those are long gone by now. oh i know! a RISC PC! oh but i'm not in the UK... well - time to get my C64 from the drawer then22:36
LjL(can't, it's broken)(22:36
ikoniasorry just on th ephone22:37
ikonianot ignoring22:37
ikoniasorry, phone done22:45
ikoniaok, I see what you are saying, I don't see macs as more secure,22:45
ikoniabut I know what you mean22:45
LjLikonia: that was a bit of sarcasm, i mean "secure" as in having more secure boot-like things22:48
MangaKaDenzaUnquiet me.22:48
ikoniaLjL: I know what you whre trying to say though,22:48
LjLMangaKaDenza: where from?22:48
LjLi can't unmute you there, but anyway, it seems like you basically admitted to be trolling in there, or do i have it wrong?22:50
MangaKaDenzawhat... no22:51
ikoniawell, he's parted #ubuntu and started using #kubuntu again, so seems to grasp the basics22:53
ikoniaI'll dump the +q in #ubuntu anyway22:53
ikonialooks like it was just punctuation flooding in both22:54
LjLwell, not entirely sure because when someone in #ubuntu asked whether he was "trolling the good people of #ubuntu", he said "ssshhh" like he meant, don't tell anyone22:54
LjLbut we'll see22:55
ikoniahis other questions don't look that way, looks like he just really doens't understand what he's doing22:55
ikonia(from the kubuntu logs)22:55
ikoniadoesn't grasp that kde is split out into mulitple packages22:55
LjLwait, is it? you mean i could have done without compiling it from the kde.org sources? 'cause that took a couple of days22:56
IdleOneyou should use more emoticons22:56
ikoniayoure sarcasm upsets me22:56
LjLgood thing then it's only upsetting you and not some user coming here for appeals!22:57

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!