[08:36] <dwatkins_> morning all
[10:06] <sam___> hi
[10:34] <dwatkins> lo
[10:37] <brobostigon> good morning everyone.
[11:40] <popey> pip pip
[11:41] <bigcalm> Howdy
[12:03] <TwistedLucidity> gordonjcp shauno: Got the PC audio -> mobile thing working two ways. 1) Rygel & PulseAudio/DLNA; 2) VLC. There a short (2 sec delay) but it works.
[12:04] <gordonjcp> TwistedLucidity: cool
[13:34] <x98server-admin> Hi i was wondering if ubuntu was secure, but it is not from a thief as he could go into recovery mode and drop into a root shell
[13:35] <MartijnVdS> x98server-admin: that won't help the thief if you encrypted the system (you can select that as an option during installation)
[13:35] <dwatkins> if someone has physical access to your PC, consider it compromised
[13:35] <MartijnVdS> and that
[13:36] <MartijnVdS> If Ubuntu didn't have recovery mode, booting the machine from an USB stick would give him full access to all files *anyway* (unless encrypted, again)
[13:36] <x98server-admin> But is there a way of preventing unfriendly access
[13:36] <dwatkins> if the disk is encrypted, it's feasible someone with enough [super]computing power at their fingertips could decrypt it, but I don't consider myself "important" enough to warrant that kind of attention.
[13:37] <dwatkins> x98server-admin: what kind of access, physical or via the network or via the internet?
[13:37] <MartijnVdS> x98server-admin: Encrypt the machine, lock the BIOS (boot order), and don't let people near it when you can't see it
[13:37] <MartijnVdS> dwatkins: AES256 is feasible now?
[13:37] <dwatkins> MartijnVdS: no idea, 1024-bit keys are considered "alien-level encryption" but that doesn't mean they're impossible to break given enough time and power.
[13:38] <dwatkins> For the curious, see http://distributed.net/ ;)
[13:38] <MartijnVdS> dwatkins: every cipher has its own "recommended" key length, and asymmetric encryption tends to need longer keys than symmetric crypto
[13:39] <x98server-admin> But if my drive is encrypted he/it could still drop into a root shell right?
[13:39] <MartijnVdS> x98server-admin: not without rebooting (or unless you left it open ;))
[13:39] <MartijnVdS> x98server-admin: and with a reboot, you need to re-enter the encryption key
[13:39] <x98server-admin> kk
[13:40] <MartijnVdS> x98server-admin: there's an attack where they freeze the machine in liquid nitrogen before shutting down (or something) so they can recover the key from desoldered RAM chips.. but you'd notice that.
[13:40] <dwatkins> so we're talking about someone having physical access to a desktop PC?
[13:40] <MartijnVdS> also, are you *that* important a target? :)
[13:40] <dwatkins> or a laptop which is left powered up when stolen, perhaps
[13:41] <dwatkins> I lock my screen when I walk away from my desk at work, despite trusting my colleagues.
[13:41] <x98server-admin> Ethier one
[13:41] <dwatkins> It's not just about someone taking the PC away, they might simply write something using your Facebook account.
[13:41] <x98server-admin> No
[13:41] <dwatkins> If your browser stores your login/cookie, and you don't need to enter your password every time etc.
[13:41] <dwatkins> No to which part, x98server-admin?
[13:41] <MartijnVdS> x98server-admin: let's take a step back: what do you want to do, and what do you want to prevent? :)
[13:42] <x98server-admin> About taking valued data
[13:42] <x98server-admin> Afk
[14:11] <MartijnVdS> http://i.imgur.com/auzrtP5.jpg
[14:13] <TwistedLucidity> Well, encrypting the drives is easy and that implies encrypted swap and tmp as well. Which mean no hibernate unless to "fix" the swap crypt passphrase and that means two passwords to log in (the first, for swap, must be known to all machine users).
[14:15] <TwistedLucidity> If you want to control just some files, then you need to worry about managing keys/passpharses and I am in no way qualified to talk about that, not having done it beyond something simple like a TrueCrypt volume for personal use.
[14:16] <MartijnVdS> I have encrypted my /home only, using ecryptfs
[14:17] <MartijnVdS> just make sure to not store sensitive data *outside* of /home :)
[14:17] <TwistedLucidity> I store all my sensitive data in the cloud. That's safe, right? :-)
[14:18] <MartijnVdS> 8-)
[14:18] <TwistedLucidity> I just wish there was some clever way to get around needing to enter the crypt passphrase on boot...if stolen, I *want* someone to be able to boot my laptop.
[14:29] <popey> ditto
[14:29] <popey> which is why i only encrypt home
[14:29] <MartijnVdS> it breaks the nfs exports vagrant uses though
[14:30] <TwistedLucidity> popey: So you don't encrypt swap?
[14:31] <nigelb> well, what happens when you change the password?
[14:31] <popey> i do
[14:31] <popey> by "only" I meant "I don't encrypt /"
[14:31] <nigelb> or rather, does changing user password, automatically change ecryptfs password?
[14:32] <TwistedLucidity> popey: Nor do I, but for hibernate to work you have to be able to decrypt swap - when means having a "pre-boot" password so swap can mount
[14:32] <popey> i dont hibernate
[14:32] <TwistedLucidity> By default the password grabbed from dev/random will be lost and swap can no longer be mounted
[14:32] <popey> ever
[14:32] <TwistedLucidity> popey: Ah. I see. Thought I was going to learn some cunning trick.
[14:33] <popey> i dont see the point in hibernate, it takes too long to wake
[14:36] <TwistedLucidity> Don't notice any real issue with it myself. I mostly set it up to learn, then discovered how "awkward" Linux hibernation is.
[14:36] <NET||abuse> hi folks,,, i'm in a fun position today, choosing a laptop to buy out of my own money :P for going on as a contractor developer rather than full time.
[14:37] <NET||abuse> I've seen the new xps15 after having a look through the new linux xps13, but that step up is 450 more :( but so nice... want
[14:37] <TwistedLucidity> Avoid the Lenovo T540.
[14:37] <NET||abuse> yet, the M3800 has similar specs i think.
[14:37] <popey> I like the look of the xps13
[14:37] <popey> especially the screen, it's a very nice device
[14:38] <popey> a few friends have bought them
[14:38] <NET||abuse> and both have touch 3800x1800 screens
[14:38] <NET||abuse> the xps 13 only has fhd, 1080p :(
[14:39] <NET||abuse> the m3800 and new xps15 are the big resolution ones, i think they both have the nvidia geforece gtx 564M
[14:39] <NET||abuse> umm, 565M not 564
[14:39] <NET||abuse> i dont think that exists.
[14:41] <NET||abuse> no, the 3800 uses the quadro K1100M,, no idea how that shapes up against the gtx 565M
[14:41] <TwistedLucidity> Remember to consider support. You will be relying on this laptop, so you will probably want next day on-site repairs.
[14:42] <NET||abuse> hmm, true
[14:42] <TwistedLucidity> There's various sites where you can look-up GPU performance. For coding though, a Quadro should be fine.
[14:43] <NET||abuse> :) I wouldn't mind being able to play a bit of TF2 or Dota on teh QHD+ screen resolutoin though :)
[14:44] <NET||abuse> but yeh, i just love the idea of having full height half screen editor and two browser windows stacked on theother half of hte screen and have it all right there eon the laptop .. amazing really
[14:45] <popey> 3800x1080?
[14:46] <MartijnVdS> x1800
[14:46] <NET||abuse> yes
[14:46] <NET||abuse> high resolutoin
[14:47] <MartijnVdS> "4k"
[14:47] <NET||abuse> :)
[14:47] <NET||abuse> i'm on a 1366x900 right now,, amazing how that feels constricted
[14:47] <popey> heh
[14:48] <MartijnVdS> yeah, I have that on my own laptop as well
[14:48] <popey> yeah, me too
[14:48] <NET||abuse> I was on a 1660x1080 up till a month ago, it was alot better
[14:48] <MartijnVdS> work laptop is 1080
[14:48] <MartijnVdS> + a 1920x1200 screen.
[14:49] <MartijnVdS> At home I have 2560x1080
[14:49] <MartijnVdS> you get used to that ultra-wide screen as well.. I miss it at work :)
[14:49] <NET||abuse> yeh, those 27" dell monitors are 2560x1080
[14:49] <popey> I've yet to outgrow 1080p
[14:50] <popey> although if I had a higher res screen I surely would ☻
[14:50] <MartijnVdS> popey: I didn't think that much width would be useful, but (surprisingly) it is :)
[14:58] <popey> heh
[14:58] <popey> I cant see myself changing my displays anytime soon, my philps 234el's are fine
[14:58] <popey> I'm not due a work laptop refresh until november
[15:06] <popey> http://www.engadget.com/2013/12/29/hackers-reverse-engineer-wii-u-gamepad is fascinating to watch
[15:09] <MartijnVdS> popey: Radio hacking as well: http://media.ccc.de/browse/congress/2013/30C3_-_5588_-_en_-_saal_g_-_201312281600_-_my_journey_into_fm-rds_-_oona_raisanen.html
[15:09] <xnox> TwistedLucidity: encrypted hybernate works, out of the box on Ubuntu. As long as one doesn't change swap partition UUID. It wakes up, you type a passwords once and it all resumes just fine.
[15:10] <xnox> popey: MartijnVdS: ^
[15:10] <popey> nice
[15:10] <xnox> with home folder only or with full disk encryption.
[15:10] <TwistedLucidity> xnox: Not for me it didn't; it could never mount the saved swap
[15:11] <TwistedLucidity> To I had to move the swap to a fixed password to make it work
[15:11] <xnox> TwistedLucidity: please file a bug report with details and logs on launchpad against ecryptfs-tool and I can look into it.
[15:11] <TwistedLucidity> xnox: From everything I read, I simply understood that "That's how it is". There's loads of blog posts about the problem.
[15:11] <xnox> TwistedLucidity: well, duh, one can't use random swap =) the key is destroyed & is unknown before going to sleep.....
[15:12] <TwistedLucidity> xnox: Exaclty, which is what Ubuntu uses by default
[15:12] <xnox> TwistedLucidity: it does not =)
[15:12] <xnox> not, in the full disk encryption case.
[15:12] <TwistedLucidity> xnox: It does, it's what it did for me when I told it to encrypt home
[15:12] <xnox> if ramdon swap is used with ecryptfs-home, that needs fixing.
[15:13] <xnox> TwistedLucidity: can you file a bug against ecryptfstools then and point me to it?
[15:13] <xnox> i'll get in touch with ecryptfs upstream to discuss this.
[15:13] <TwistedLucidity> For full disc encryption require the entry of a "pre-boot" password?
[15:14] <TwistedLucidity> I guess it would
[15:21] <TwistedLucidity> xnox: Are you 100% sure this should be filed as a bug? Fixing the swap password is part of of the offical Ubuntu docs. https://help.ubuntu.com/community/EnableHibernateWithEncryptedSwap
[15:56] <x98server-admin> Which needs more resources win 7 or ubuntu 12.04 & should i get 13.10
[15:58] <x98server-admin> Also what is the alternate for webmin
[16:08] <gordonjcp> x98server-admin: is this for desktop or serveR?
[16:08] <x98server-admin> Server
[16:08] <gordonjcp> x98server-admin: for a server, I'd go for 12.04, for desktop it's 50/50
[16:08] <gordonjcp> there's no alternate for webmin
[16:08] <gordonjcp> x98server-admin: instead of using webmin, post the IP address of the server and your username and password on reddit
[16:09] <gordonjcp> you'll get 0wned *far* quicker
[16:09] <x98server-admin> Why post my ip ?
[16:09] <dwatkins> I think gordonjcp is joking, x98server-admin
[16:09] <gordonjcp> so that people who want to log in as you know what to log into
[16:14] <gordonjcp> ... and that's what happens when you use webmin
[16:14] <TwistedLucidity> gordonjcp: LOL
[16:15] <TwistedLucidity> Surely it only happens if the site is visible on the public t'tinernet?
[16:18] <gordonjcp> no idea
[16:18] <gordonjcp> I wouldn't touch webmin with a stolen ten-foot shitty stick, and if I find machines with it installed I just assume they're 0wned
[16:18] <dwatkins> I assume webmin runs (ran) on a different standard port to a normal apache installation, I hope so.
[16:18] <dwatkins> Indeed, it was canned for reasons.
[16:28] <mapps> gonna have to take my pesky old dell laptop apart =[
[16:28] <mapps> the noise is just too loud to ignore
[16:39] <diddledan> I don't think webmin is as bad as you give it credit
[16:39]  * TwistedLucidity offers mapps a hammer
[16:39] <mapps> :D
[16:39] <diddledan> hulk smash
[16:40] <TwistedLucidity> I periodically give the PCs a blast of compressed air and a going over with the vacuum. The filth that comes out of the filters and fans....yowzah.
[16:40] <diddledan> I need to invest in a can of air
[16:41] <mapps> ya i usedthat stuff once
[16:41] <mapps> got it from staples
[16:41] <TwistedLucidity> Cheap(ish) on Amazon. Other web-based tat vendors are available.
[17:21] <Myrtti> Stanstead has changed a lot in six months, didn't believe my eyes this morning
[17:21] <Myrtti> and for typos I blame my tiredness
[17:21] <popey> Welcome back
[17:21] <Myrtti> wrong way around :-(
[17:21] <popey> or.. welcome uh to there
[17:22] <popey> ☹
[17:22] <Myrtti> yeah... it's quite gloomy here
[17:22] <Myrtti> even worse than UK
[17:22] <Myrtti> it might not have rained as much, atleast the soil isn't totally waterlogged here
[17:23] <Myrtti> but darkness and no snow isn't good combination
[17:23] <Myrtti> anywhoo
[17:23] <popey> when are you back to work?
[17:23] <Myrtti> I suppose I could start tomorrow to tinker with stuff
[17:23] <popey> I've been avoiding my work mailbox
[17:24] <Myrtti> we have a two day all hands in a ski resort on Thursday
[17:24] <Myrtti> with no snow.
[17:24] <popey> hah
[17:25] <Myrtti> I flew in today because my sister has a x5th birthday tomorrow, and thought that she might want me there, but apparently no. Well, I can sit on their Christmas presents few more days more
[17:25] <Myrtti> could've flewn on the 1st instead had I known
[18:04] <mapps> wow
[18:04] <mapps> you're next was good
[18:06] <daftykins> a film?
[18:06] <mapps> yea
[18:06] <mapps> 2013 horror
[18:06] <DJones> I wish somebody had told me about 'autoawesome' pictures on google earlier, you get some brilliant results
[18:07] <mapps> autoawesome?
[18:08] <DJones> mapps: https://support.google.com/plus/answer/3113884?hl=en-GB Basically, if you take 1/2 dozen photo's quickly, it automatically turns them into an animated gif
[18:10] <DJones> Ended up with a brilliant one of two cousins 4 month old babies lying next to each other but the gif shows them both flinging their arms & legs around
[18:13] <DJones> mapps: https://plus.google.com/u/0/photos/112215944099951911045/albums/5961778849013809473/5961778846584980338
[18:13] <mapps> nice will check in bit..gotta gpo to next
[18:13] <mapps> before they close
[18:14] <mapps> need some new jeans for tomorrow ..all my jeans have managed to get holes in the pockets and ahem worse than that the crotch area
[18:15] <mapps> http://www.imdb.com/title/tt1853739/?ref_=fn_al_tt_5
[18:15] <mapps> says 2011 but didnt get released till 2013 hm
[18:17]  * penguin42 has the same problem in his trousers pockets - but I won't even guess about how you get the other problems
[18:18] <mapps> lol
[18:18] <mapps> must be how i sit
[18:18] <mapps> i wore them wiith holes in the crotch few times but then it ends up getting worse lol
[18:20] <mapps> sick of only having 6mbot
[18:20] <mapps> *6mbit
[18:20] <mapps> i want faster;/
[18:21] <penguin42> yeh it's a hard life, either new trousers or faster broadband
[18:21] <mapps> i cant get faster where i am
[18:21] <mapps> but it irritates me i had faster 7years ago when i was in portsmouth
[18:21] <penguin42> yeh I know others in that mess, I moved to cable a few months ago because I couldn't get more than about 7.5 DSL
[18:22] <mapps> ya i can get cable 5mins down the road but not here
[18:23] <mapps> in portsmouth had 20mbit cable years and years back when i wasnt on resnet
[18:23] <mapps> and back at my dads he has like 75mbit FTC from bt and 100mbit from vm
[18:23] <mapps> and im stuck with no choice at all;/ FTC just says 'coming soon'
[18:23] <penguin42> you need to find someone 5 mins away who you can pay for a wireless access point
[18:24] <penguin42> FTTC here they've said our cabinet isn't getting it because there aren't enough people on the cab, even though the exchange has it
[18:24] <mapps> ah that sucks
[18:24] <mapps> for me it says 'accepting orders' but that means from isps
[18:24] <mapps> so its not ready for customers to be setup yet
[18:24] <popey> foobarry: saw this and thought of you https://plus.google.com/u/0/103092123223427025792/posts/j2nwM3Xpxwp
[18:25] <mapps> cables decent enough for the price though
[18:25] <mapps> got a leaflet today too about virgin mobile 15quid/month with unlimited 3g - which seems decent..I pay something like 50/month with ee for unlimited everything - mainly concerned about unlimited 3g:)
[19:41] <mapps> hm
[19:41] <mapps> american hustle sounds good from imdb
[19:45] <BigRedS> does nautilus now not show previews of files intentionally or have I somehow configured it to not?
[19:47] <DJones> From memory, I thought the file preview facility had been removed a couple of releases ago
[19:48] <BigRedS> yeah it sounds like the sort of damaging feature that needed purging
[19:49] <DJones> Looks like it was an upstream decision
[19:49] <ali1234> what is "preview"?
[19:49] <ali1234> thumbnails?
[19:49] <BigRedS> yeah, part of the reason I switched to Ubuntu was to get away from gnome 3's relentless removal of features
[19:49] <BigRedS> when you click on an image a pane is created on the right showing the image in reduced-but-not-as-small-as-thumbnail size
[19:49] <DJones> I can see comments saying the change affected Debian & Fedora as well
[19:50] <BigRedS> it's mostly useful in the Open file dialog when uploading photos
[19:50] <BigRedS> DJones: yeah - I understood that *some* of this was going to be shielded from me by Canonical :)
[19:50] <BigRedS> and I hoped this would be
[19:51] <ali1234> canonical basically don't have the resources to fight against gnome
[19:51] <BigRedS> yeah, I was afraid of that
[19:51] <ali1234> plus they've their own brand of crazy
[19:52] <BigRedS> I'd find the current state of the modern linux desktop amusing if I didn't have to use it...
[19:54] <ali1234> nobody has to use linux
[19:55] <ali1234> it's not like there's some killer piece of software you can't get anywhere else
[19:56] <ali1234> i was looking at fedora the other day. is it right they don't have a multiarch system?
[19:57] <BigRedS> well, it's sort-of mandated by work
[19:57] <BigRedS> They were definitely working on multiarch some time ago; I'd assume they had it by now
[19:59] <ali1234> the most up to date information i can find that meant compiling an ia32-libs style package
[20:01] <BigRedS> oh right
[20:04] <ali1234> i kind of want to try a systemd distro, but i need one that actually cares about security
[20:04] <ali1234> and also has proper multiarch
[20:04] <ali1234> seems like opensuse is my only option here
[20:05] <ali1234> but then i have to deal with yast
[20:06] <foobarry> popey: thanks :) i was planning on making a trip to tottenham aldi as i heard they were selling off kits for £2.50 and £3.50
[20:13] <BigRedS> well, at least you've discovered that suse apparently does have a plus-side
[20:15] <gordonjcp> thought recent Ubuntus were systemd

[20:16] <gordonjcp> and who on earth bothers with multiarch these days
[20:16] <penguin42> gordonjcp: multiarch is still useful in a lot of corporate messes
[20:18] <Laney> people who use skype
[20:18] <ali1234> anyone who uses steam
[20:18] <penguin42> there are some interesting cases on ARM
[20:19] <ali1234> ubuntu is just about the only holdout against systemd... debian is still undecided
[20:19] <penguin42> ali1234: Thing is it seems to work
[20:19] <ali1234> what does?
[20:19] <penguin42> systemd
[20:19] <ali1234> well i haven't tried it but it seems that way
[20:20] <ali1234> trouble is if i want to try it then i have to go to an RPM distro, or a distro run by kids with no regard for security
[20:20] <ali1234> neither is an appealing choice
[20:20] <gordonjcp> I don't get why people are so obsessed with getting Skype working
[20:21] <penguin42> ali1234: Yeh I've used it on Arch (kids), OpenSUSE, Fedora (RPM)
[20:21] <gordonjcp> #ubuntu is full of them
[20:21] <penguin42> gordonjcp: Because they need to talk to family
[20:21] <gordonjcp> penguin42: use a phone?
[20:21] <penguin42> gordonjcp: Some people don't have them, they don't need to - they've got skype
[20:21] <penguin42> gordonjcp: And it costs a lot less
[20:21] <gordonjcp> less than what?
[20:21] <penguin42> gordonjcp: International phone calls
[20:21] <ali1234> less than 1p
[20:22] <gordonjcp> oh, who pays for those?
[20:22] <ali1234> ie nothing
[20:22] <gordonjcp> people with crappy phone packages, presumably
[20:22] <penguin42> gordonjcp: Well there's no good reason they're currently expensive
[20:22] <ali1234> you know who doesn't pay for them? me
[20:22] <BigRedS> penguin42: that's not really the same as them being free
[20:22] <penguin42> BigRedS: Well you're paying your ISP for the data
[20:23] <BigRedS> I don't pay per-byte
[20:23] <penguin42> BigRedS: Me neither, but in the end that's where the cost has disappeared to
[20:23] <penguin42> oh, and the NSA probably paying to make it cheap for stuff to go through things they can monitor
[20:23] <BigRedS> yeah, so rather than paying extortionate per-minute costs I pay low per-month costs and use what the buys to send voice data across the world
[20:23] <ali1234> not really, there isn't much difference between an ISP contract and a phone contract, except for the additional per-minute fees on the phone contract
[20:25] <BigRedS> and I can't walk into a cafe and use the phone for the cost of a double espreso
[20:25] <penguin42> BigRedS: Although double espressos are somewhat more expensive than most phone calls
[20:25] <MartijnVdS> penguin42: depends on your provider
[20:25] <MartijnVdS> (of either)
[20:25] <BigRedS>  most phone calls don't include a coffee
[20:25] <BigRedS> I've no idea how much international calls cost any more, I've not made one for years
[20:26] <MartijnVdS> BigRedS: "Hey, you gave me your number last night, want to get some coffee?"
[20:26] <MartijnVdS> BigRedS: Those calls? ;)
[20:26] <penguin42> BigRedS: Me neither, but the cost of coffee in coffee shops these days....
[20:26] <BigRedS> MartijnVdS: :)
[20:41] <MartijnVdS> brilliant video from Computerphile: http://www.youtube.com/watch?v=-5wpm-gesOY
[20:47] <Laney> is he building up to talking about tzdata?
[20:48] <MartijnVdS> Laney: maybe :)
[20:48] <penguin42> MartijnVdS: Yeh one of my other G+ contacts forwarded that to me as well
[20:51] <MartijnVdS> penguin42: you should also watch http://www.youtube.com/watch?v=IlRTcIK1aGo :)
[20:51] <penguin42> MartijnVdS: Time in VMs is even hardware
[20:52] <MartijnVdS> hardware? :)
[20:52] <penguin42> harder!
[20:52]  * penguin42 recalibratesfingers
[20:53] <penguin42> MartijnVdS: KVM/QEMU/VMWare etc all have to emulate the timers in the guests, and that's tricky
[20:53] <MartijnVdS> yeah.. and then you have ntpds running in guests who want to tickle the timers as well
[20:54] <penguin42> MartijnVdS: and then you migrate them to another host with a slightly different clock rate
[20:54] <MartijnVdS> ooooh :)
[21:29] <ali1234> what do you call it when someone offers you a gift that turns out not to be a gift? ie someone buy you a lawn mower and then 6 months later starts casually dropping hints that their grass is really long
[21:29] <ali1234> there is a name for this and i can't remember it
[21:30] <DJones> Indian giver (I think)
[21:30] <ali1234> i think your right
[21:30] <ali1234> that sounds kinda racist
[21:30] <DJones> http://en.wikipedia.org/wiki/Indian_giver
[21:33] <DJones> It probably does get heard as racist, I'd never thought of it like that, but now you mention it, I can see why
[22:06] <brobostigon> digged something great out of my dvds, pink floyd live at pompeii.
[22:16] <Constaaa> how do i update my video player for chromium ? its being real funny with me.