[17:23] <NTFS83> !ops | ljl spammer
[17:24] <NTFS83> !ops | ljl spammer
[17:24] <LjL> sigh
[17:26] <IdleOne> klined
[17:30] <Mamarok> good
[17:36] <em> Hi there.
[17:41] <IdleOne> Hello em
[17:51] <bazhang> never figured lj l for a spammer
[17:55]  * LjL hides
[18:09] <em> IdleOne: Hi there. Id like an update on how long I have been banned in #ubuntu, who banned me from #ubuntu and the stated reason.
[18:12] <IdleOne> looks like your last ban was set  by ikonia in #ubuntu on Feb 04 2012
[18:12] <IdleOne> and it seems it was because at the time you were inviting people to ##club-ubuntu
[18:16] <IdleOne> em: Was there anything else I could help with?
[18:17] <em> That should be, "ikonia wondered if I was inviting people to ##club-ubuntu". When I asked him about it he demanded I come here, which I am not really thrilled about. I think he was power tripping.
[18:18] <IdleOne> Well I guess that is one interpretation of how it happened. All I can tell you is what we have as info.
[18:19] <IdleOne> and I did.
[18:19] <em> Yes. Id like the ban lifted in #ubuntu since it was set in February of 2012 and isn't based on any actual problems.
[18:20] <IdleOne> em: I'm sure you have been told before that you can appeal the ban in #ubuntu and any other ubuntu channels with the Ubuntu IRC Council, do you need me to have the bot give you that info again?
[18:20] <IdleOne> Seeing how you have such a long history with the Ubuntu ops team and a great number of bans. I am not going to be removing any bans today.
[18:22] <IdleOne> !appeals | em just in case you needed that info again.
[18:25] <IdleOne> Anything else?
[18:27] <em> Okay well ikonia and people like him are destroying your community. Not me. I hope others will not be banned on the basis of one of his notorious whims and then asked to go through all the trouble of cleaning it up. If I go to the Ubuntu IRC council it will be to ask that he is no longer allowed to be an operator.
[18:27] <em> Farewell.
[18:28] <Pricey> years...
[18:29] <LjL> Pricey: moons?
[18:29] <Pricey> Is it anything more than a grudge at this point?
[18:30] <LjL> Pricey: who even knows
[18:31] <LjL> speaking as a coward, i'm glad this came at a time when i no longer have a +o flag in #ubuntu :P
[18:31] <IdleOne> Pricey: sometimes i wonder that myself
[18:32] <Pricey> LjL: Can we help you?
[18:32] <IdleOne> LjL: you're a coward?
[18:32] <LjL> IdleOne: my motto is "nobody can break me if i have no spine"
[18:32] <LjL> Pricey: oh i'm still an op in other places, no reason to kick me just yet!
[18:32] <IdleOne> hah
[18:32] <Pricey> IdleOne: So I think this is probably related to the email/discussion earlier in the week.
[18:33] <IdleOne> Pricey: right, but I am not sure I saw anyone say or imply that LjL was a coward
[18:33] <LjL> i did
[18:33] <IdleOne> in that case it must be true
[18:33] <Pricey> Missunderstanding.
[18:34] <Pricey> My line to Ljl was passive-aggressive, "you're not an op here? gtfo" sarcasm.
[18:34] <bazhang> Mississippi
[18:34] <Pricey> My lines to you IdleOne are completely unrelated.
[18:34] <LjL> i'm not accusing anyone of anything (for a change), i'm just calling myself a coward because i'm glad i "can't" deal with emma's ban even if i wanted to.
[18:34] <IdleOne> LjL: You don't need to be an op in the channel to help out with resolving it.
[18:36] <Pricey> It's be good to see some resolution.
[18:37] <IdleOne> At this point I think it really needs to be an IRCC decision
[18:37] <LjL> IdleOne: that's true, i don't
[18:37] <bazhang> sarcasm is allowed here now?
[18:37] <LjL> (which might be why i'm in a query with emma?)
[18:38] <IdleOne> Pricey: but you are welcome to remove any bans you like if you feel that is warranted
[18:38] <Pricey> IdleOne: It's tempting.
[19:13]  * AlanBell is sad that em once again didn't help herself
[19:55] <LjL> "help herself"?
[20:07] <AlanBell> she is plenty clever enough to know that she could get the ban lifted if she wanted to
[20:18] <reisio> woooo and muy_duro spammin'
[20:19] <bazhang> where?
[20:20] <LjL> #ubuntu i assume
[20:20] <LjL> seems a likely story, since the ident is "ircap" and the nickname isn't really encouraging
[20:20] <AlanBell> they haven't said anything there
[20:20] <LjL> i'll cycle
[20:20] <LjL> i assume private
[20:21] <LjL> i didn't get spammed on join either
[20:21] <LjL> he's also in #debian now, will look if there's any reports there
[20:22] <IdleOne> they have gotten pretty smart about msg'ing on join and who is in the ops list/part of the ops team.
[20:23] <LjL> IdleOne: i know, yeah, but i'm not +o so... although they could avoid spamming cyclers
[20:25] <jpds> He's gone.
[20:25] <jpds> Spammed me.
[20:25] <IdleOne> not so smart after all
[20:25] <LjL> heh
[20:26] <LjL> third's the lucky one!
[20:26] <jpds> Same IP.
[20:27] <Pricey> AlanBell: What does she need to do?
[20:29] <AlanBell> agree to use the channel according to the guidelines, agree not to make unsolicited contact with people met in the channel for the purposes of inviting them elsewhere (leaving aside any question about whether or not she may or may not have done in the past)
[20:30] <jpds> AlanBell: I could show you what muy_doro (which means very hard in Spanish) sent me, but it's in Spanish too.
[20:31] <AlanBell> I don't know much Spanish. (apart from "Swiper no swiping!")
[20:31] <IdleOne> lol
[20:31] <IdleOne> hahahahahah
[20:32] <IdleOne> I actually snorted from that
[20:32] <IdleOne> probably a link to some not family friendly site
[20:32] <LjL> jpds, i'm sure we can imagine it
[20:35] <jpds> And now for some spanish culture: https://www.youtube.com/watch?v=YbYRSvvRS9Y
[20:36] <IdleOne> AlanBell: any reason why #ubuntu-beginners-dev has a channel limit?
[20:36] <IdleOne> or has it been closed and not forwarded anywhere?
[20:37] <AlanBell> closed I think
[20:37] <AlanBell> jose probably knows about that
[20:39] <AlanBell> Mode lock  : +lf 1 #ubuntu
[20:39] <AlanBell> so forwarded to #ubuntu, but you are already there I guess
[20:40] <IdleOne> yup
[20:40] <IdleOne> Should remove the +l so people don't get the limit reached message
[20:42] <LjL> that's an interesting way to make a channel invite only...
[20:42] <bazhang> "install unity"?
[20:44] <AlanBell> should be fixed now IdleOne
[20:45] <IdleOne> You are so amazing and awesome and want you to know you are appreciated and loved by all.
[20:45] <IdleOne> err
[20:45] <IdleOne> !cookie
[20:45] <bazhang> !overshare
[20:45] <jpds> Meanwhile, in #ubuntu-ops.
[21:45] <LjL> wilee-nilee makes no sense to me :\
[21:46] <LjL> also, while it may be true #ubuntu doesn't know much about UEFI (i know i don't), i'm not really sure we want to advertize as much, or redirect to forums postings i can understand even less than i can understand wilee-nilee...
[21:46] <bazhang> does !uefi not cover that?
[21:46] <ikonia> LjL: no linux distribution has a real solid implementation on EFI partly because of the unique design of EFI some vendors are doing
[21:47] <ikonia> find me one that can deal with it out of the box more times than not....
[21:47] <ikonia> or find me a stable better solution than grub to use efi nativly,
[21:47] <ikonia> at the moment, it's just not there
[21:48] <LjL> bazhang: possibly. i just don't know, have no UEFI machine and have not researched it, but wilee-nilee seems to be saying the links he has are better than what the bot provides, but that's about the only thing i can make sense of among all he's saying (i can't make much sense of what the user asking for help is wanting, either, to be fair)
[21:53] <LjL> urgh, and i shouldn't look up these things about UEFI secure boot either, they make me sick
[21:54] <ikonia> LjL: it's a complex situation due to the different vendors, rather than a technical blocker (apart from secure boot)
[21:54] <LjL> yes secure boot is the part that makes me sick
[21:55] <LjL> a BIOS replacement in and of itself is fine, i guess
[21:55] <ikonia> the EFI part isn't great, again not because it's bad, but because of how different vendors have done it
[21:56] <LjL> well, i much prefer something that's limiting because the implementation messed it up, than something that's limiting because they skillfully built it to limit me
[21:56] <ikonia> to be honest, you'll be just as blocked/frustrated by both situations,
[21:57] <ikonia> secure boot is also a 1 second bios option change to disable, as opposed to the great blocker, where as the EFI implementation, doesn't change with a bios setting
[21:57] <LjL> well once i get a kernel booted in "insecure" mode *somehow*, i'm pretty sure i can do what i want. if i'm going to use Fedora's (don't know about Ubuntu's, haven't read about it yet) signed kernels, on the other hand, those are going to prevent me from installing unsigned modules, or modifying memory from userland
[21:58] <LjL> ikonia: it's also just slightly longer than 1 second for the vendors/lobbies to stop making it disable-able
[21:58] <LjL> meanwhile, Linux distros are playing the game, by getting their kernels signed
[21:58] <ikonia> LjL: ture, but at the moment, that's not happening
[21:58] <LjL> once they're all signed, the big lobbies can say "what's the problem? Linux can run anyway, it's all signed! no monopoly!"
[21:59] <ikonia> I'd be interested in how you get on with the signed kernels, there have been a reasonable set of problems with them
[21:59] <LjL> ikonia: well, already i'm reading, that on some systems at least, if secure boot is disabled, Windows will *not* boot, and that already seems like a huge chore for dual booting
[21:59] <AlanBell> except for ARM
[21:59] <LjL> AlanBell: and that, yeah
[21:59] <ikonia> ok, accepted, arm is a different game
[21:59] <LjL> AlanBell: but about ARM, people will more often than not say "well? you didn't even have computers with ARM before, so, what are you complaining about?"
[22:00] <AlanBell> on ARM, if you are unfortunate enough to have windows, then secure boot is on, required, not disableable
[22:00] <LjL> or, "tablets and phones have always been locked!"
[22:00] <LjL> (they've only existed for, like, 4 years, but the word "always" has strange meanings for some people)
[22:00] <ikonia> yes, x86 is the only one you can disable, but they are the majority, and being realistic, disabling secure boot is an easy 1 second fix
[22:02] <LjL> ikonia: i'm not really sure they'll stay the majority for very long, if nothing else, because "tablet"-like things are getting so popular for home users
[22:02] <ikonia> LjL: sure, I can agree arm will gain ground in some big markets, but I'm not panicing where we are now at this present moment
[22:02] <LjL> ikonia: also, i was talking to ryaxnb about something similar yesterday (specifically, Chromebook's "secure boot" thing), and he was also saying, well you can disable it. but they show a huge scary warning telling you your system is UNSAFE, and then you have to press Ctrl+D to boot, because Space or Enter will get you into recovery
[22:03] <ikonia> thats new as thats certainly not the case on my test chromebook
[22:03] <LjL> ikonia: now, UEFI secure boot isn't quite like that, but don't you see? by calling secure mode "user mode", for instance, they're trying to pass the message that anything else is "developer mode", "scary mode", "unsafe mode" or what you want to call it
[22:03] <ikonia> (well it's not mine but I use it)
[22:04] <LjL> ikonia: i don't know, i got the info from here http://www.chromium.org/chromium-os/chromiumos-design-docs/developer-mode#_Toc248215938_3369763251394033_7636734712868929
[22:05] <LjL> anyway my point, aside from the specifics of various implementation, is the constant attempt to send the subtle message that only what's signed is "okay"
[22:06] <LjL> i'm not really panicking either anyway, my computer still works, but i'm complaining and i feel i'm not even doing that loudly enough
[22:07] <ikonia> I don't disagree, I was only referencing it from a technical solution as opposed to an end to end solution
[22:08] <LjL> besides, if disabling UEFI is just a 1 second solution without any "undertones" or scare-offs, then why did Ubuntu or Fedora feel the need to go the signed kernel routes (basically approving this system of signing)? that's where i feel there may not have been enough complaining. Linux vendors should not go around making themselves dependant on Microsoft signing their kernels.
[22:09] <AlanBell> it was a sucky situation
[22:09] <ikonia> efi isn't a 1 second change on all tin
[22:09] <ikonia> secure boot is, efi isn't
[22:09] <ikonia> some of them don't have a legacy mode
[22:09] <LjL> ikonia: okay but signed kernels are about secure boot, not EFI
[22:09] <AlanBell> every option sucked, they picked what looked like probably the least sucky of the options
[22:10] <ikonia> LjL: I know, I only responded as you said uefi, so I thought you where talking about efi not secure boot
[22:10] <ikonia> there needs to be a long term solution for secure boot, which is why they appear to be pushing forward with it
[22:10] <LjL> AlanBell: well, the thing that depressed me the most right now was the Fedora doc saying "Other distributions have chosen to not require signed kernel modules in their Secure Boot implementation. Fedora believes that to fully support Secure Boot this is required. We are working to limit the impacts of this while ensuring that untrusted module code is not allowed to execute."
[22:10] <ikonia> but I'm more worried about the lack of efi complience and mess of working with grub with it
[22:11] <LjL> AlanBell: i read that as basically saying, "We recognize that agreeing to Secure Boot eventually means giving up our - and our users' - ability to run the software they want after they've booted their OS, but we're doing that anyway."
[22:11] <Jordan_U> LjL: For the record, no distribution is getting their kernels signed by Microsoft, nor do I ever expect them to. Fedora is signing their own kernel and modules with their own signatures only.
[22:12] <ikonia> Jordan_U: this was my understanding only
[22:12] <ikonia> too
[22:12] <ikonia> there was no route to use microsoft to sign them at the moment
[22:12] <ikonia> the fact that one company with an OS for sale is the cerfiticate authority is more of a concern
[22:13] <LjL> Jordan_U: okay, i think "shim" is the part that's Microsoft signed, still.
[22:13] <Jordan_U> It doesn't make sense for Microsoft to sign the kernels. All that Microsoft needs to sign is the very beginning of the chain, the shim which does nothing but load an image of Grub which is signed by Ubuntu's/Fedora's/whoever's keys.
[22:14] <ikonia> but shim doens't appear to be a solid boot loader setup for efi any more than grub
[22:14] <LjL> Jordan_U: as i understand it, the system is basically saying "the main CA signs the initial bootloader, or whatever you want to boot your OS with, with the initial key, then you're responsible for your entire OS actually respecting Secure Boot requirements, and if it doesn't, then your initial key can be revoked"
[22:14] <AlanBell> shim is the not signed by microsoft solution, it is the linux foundation thing that is signed by microsoft
[22:14] <AlanBell> this http://blog.hansenpartnership.com/linux-foundation-secure-boot-system-released/
[22:15] <LjL> uh... https://wiki.ubuntu.com/SecurityTeam/SecureBoot#Shim_bootloader_signed_with_Microsoft_key ?
[22:15] <ikonia> AlanBell: I thought it was shim directly
[22:15] <Jordan_U> AlanBell: No, the linux foundation's thing is different. Ubuntu and fedora use Matthew Gerret's shim.
[22:16] <LjL> and the Fedora docs say "Shim: This is signed by the UEFI signing service. We do not have control over this key. The shim contains the Fedora Boot CA public key."
[22:16] <LjL> note do NOT have control over this key
[22:16] <AlanBell> ah, I misinterpreted this then http://mjg59.dreamwidth.org/20303.html "this is intended for distributions that want to support secure boot but don't want to deal with Microsoft."
[22:18] <Jordan_U> AlanBell: Which does not include Ubuntu, Fedora, or any distro that wants a solution where supporting secure boot doesn't require an explicit extra step by the user at install time.
[22:19] <ikonia> Jordan_U: what's the extra step ?
[22:21] <LjL> AlanBell: well, that's still signed by Microsoft though, as i understand it - just, the *shim only* is signed by Microsoft, and then it allows you to boot any self-signed kernel (apparently, under the understanding that as long as shim shows a "warning" about it, it's respecting the secure boot specs)
[22:21] <LjL> basically it's "breaking" the chain of trust in a seemingly allowed way, by saying "instead of creating a chain of trust down to the kernel modules and userland interface, i'm asking the user in case they don't care"
[22:21] <LjL> which is good, but still vulnerable to the EFI alliance or whatever to change their minds about that being allowed
[22:23] <Jordan_U> ikonia: At first boot, being asked to browse through the files on any fat32 partitions on your system and select a keyfile to add to your local database of trusted keys.
[22:24] <ikonia> Jordan_U: ok, so the step is the selecting of the key that signed it,
[22:24] <ikonia> that makes sense
[22:25] <LjL> Jordan_U: would it be against the secure boot specs to have something that just selects the needed key automatically (from metadata contained in the kernel package or whatever)? then, just a warning would need to be shown
[22:26] <ikonia> LjL: how would you work out what key signed what ?
[22:26] <ikonia> trial and error ?
[22:26] <LjL> ikonia, i said, from metadata. the kernel package itself would tell the bootloader where to find the right key. what am i missing here?
[22:26] <ikonia> no, that's fine, I see what you mean
[22:26] <ikonia> I didn't grasp that you where suggesting
[22:27] <Jordan_U> LjL: There is no specific specification about user interfaces for these types of things. The thought is that just requiring the user to click "OK, continue already" would be something a malicious person could convince a user to do without them realizing the consequences, and thus could be used to propogate malware.
[22:28] <LjL> somehow i have a little trouble imagining malware being spread more easily by convincing people to reboot into malicious kernels than by just exploiting stuff in userland... but maybe it's just me
[22:29] <ikonia> it's certainly a risk, certainly is the less professional maintained distros and packages such as PPA's
[22:29] <LjL> maybe if we were at the point where kernels were actually mathematically proven correct, or anything of the sort - which we really aren't - then that would become more relevant. but right now, this seems to be pushing a different agenda to me
[22:30] <ikonia> if you look at it as an end to end problem, it's pretty messed up
[22:31] <LjL> ikonia: right, which makes me suspect (perhaps because i'm a paranoid person) that this insistence from "secure boot" entities to tackle one end only... has a different agenda
[22:31] <ikonia> I have no idea if you're right/wrong on that, but it still remains a total mess
[22:31] <ikonia> I hope you're wrong and it's just a poor attmpt to solve some basic security problems
[22:32] <LjL> especially when we already have things like smartphones, already implementing much stricter versions of these "secure boot" ideas, that end up being quasi-illegal to "jailbreak" thanks to the deadly combination of locks and intellectual rights, paving the way for "anti-circumvention measures"
[22:32] <ikonia> the phones thing, is less of a concern to me, as they make it pretty clear up front the rules
[22:32] <ikonia> eg: apple - jailbrake your iphone and you get no support and we'll brick it
[22:33] <LjL> every three years, or however often it is, there needs to be fight in the US about users still being able to boot what they decide to boot on their iPhone, because under a strict reading of the DMCA, maybe they can't, and so the Library of Congress needs to keep granting an exemption... you tell me whether this is sane
[22:33] <ikonia> if you want an open platform...don't buy it
[22:33] <LjL> what if there's no longer any open platform left, after they do away with old BIOS-based PCs and all we have is that stuff?
[22:33] <ikonia> that's the vendors choice, and you can only change it by voting with your feet
[22:33] <LjL> it's not like Android phones, most any of them (aside from rare exeptions), esplicitly allow free booting
[22:34] <ikonia> people are not making open platforms....why
[22:34] <LjL> ikonia, if all the vendors make a cartel, then i can only choose to stop using computers
[22:34] <ikonia> we've had the same problems with performance video cards and linux for a long time
[22:34] <LjL> which isn't really all that realistic
[22:34] <ikonia> no you can only use the software they choose,
[22:36] <LjL> ikonia: so say... if i don't like secure boot - let's say even though, for now, it's optional, i still would like to "vote" against it - what do i buy instead of a PC? a Mac? wait, those are even more "secure". an Amiga? i wish, but those are long gone by now. oh i know! a RISC PC! oh but i'm not in the UK... well - time to get my C64 from the drawer then
[22:36] <LjL> (can't, it's broken)(
[22:37] <ikonia> sorry just on th ephone
[22:37] <ikonia> not ignoring
[22:39] <LjL> alright
[22:45] <ikonia> sorry, phone done
[22:45] <ikonia> ok, I see what you are saying, I don't see macs as more secure,
[22:45] <ikonia> but I know what you mean
[22:48] <LjL> ikonia: that was a bit of sarcasm, i mean "secure" as in having more secure boot-like things
[22:48] <MangaKaDenza> Unquiet me.
[22:48] <ikonia> LjL: I know what you whre trying to say though,
[22:48] <LjL> MangaKaDenza: where from?
[22:49] <MangaKaDenza> #ubuntu
[22:50] <LjL> i can't unmute you there, but anyway, it seems like you basically admitted to be trolling in there, or do i have it wrong?
[22:51] <MangaKaDenza> what... no
[22:51] <MangaKaDenza> idk
[22:51] <LjL> ooooo
[22:51] <LjL> kay
[22:53] <ikonia> well, he's parted #ubuntu and started using #kubuntu again, so seems to grasp the basics
[22:53] <ikonia> I'll dump the +q in #ubuntu anyway
[22:54] <LjL> okay
[22:54] <ikonia> looks like it was just punctuation flooding in both
[22:54] <LjL> well, not entirely sure because when someone in #ubuntu asked whether he was "trolling the good people of #ubuntu", he said "ssshhh" like he meant, don't tell anyone
[22:55] <LjL> but we'll see
[22:55] <ikonia> his other questions don't look that way, looks like he just really doens't understand what he's doing
[22:55] <ikonia> (from the kubuntu logs)
[22:55] <ikonia> doesn't grasp that kde is split out into mulitple packages
[22:56] <LjL> wait, is it? you mean i could have done without compiling it from the kde.org sources? 'cause that took a couple of days
[22:56] <IdleOne> you should use more emoticons
[22:56] <ikonia> youre sarcasm upsets me
[22:57] <LjL> good thing then it's only upsetting you and not some user coming here for appeals!