[14:13] <cyberanger> http://richardhartmann.de/blog/posts/2015/08/24-Tor-enabled_Debian_mirror/
[14:43] <bwmaker> I wonder how long it an apt-get upgrade would take over Tor.
[16:14] <cyberanger> depends how much there is to upgrade
[16:30] <bwmaker> True, but I was thinking relatively. :) a 2 min upgrade could turn into a 4 min upgrade. May not be much, but installing large packages could be tedious if one is already on a slower connection. It's a great option if you need it though. I don't mean to diminish the significance of the contribution.
[16:50] <cyberanger> bwmaker: also, running it as a two step at night wouldn't hurt
[16:50] <cyberanger> sudo apt-get update;sudo apt-get -d dist-upgrade
[16:50] <cyberanger> then come back in the am, run part two
[16:50] <cyberanger> sudo apt-get dist-upgrade
[16:51] <cyberanger> that'll make it feel faster, you'll be asleep on the download
[16:53] <cyberanger> I do see your point, but if you need every extra inch of security, couldn't hurt
[16:54] <cyberanger> personally I was using an https mirror over tor (keep in mind, the whole setup already is secured with gpg too, so it was triple secure)
[16:54] <bwmaker> Yeah, I don't know that I need to go that far. But then, I didn't think FDE was really necessary 2+ years ago.
[16:54] <cyberanger> I don't think it is for me, but I also try to keep my attack surfaces low
[16:55] <cyberanger> as much as I like absolutes, nothing is ever 100%
[16:57] <cyberanger> I see a benift when the hotspot doesn't know who I am, who I'm talking to, the services don't know who they're talking to
[16:57] <bwmaker> I agree. The effectiveness of FDE is purely contextual, as are many of the precautions. At least, that's my own perception. I've been wrong before. :)
[16:57] <cyberanger> they're talking securely with my gear, so nobody can easedrop
[16:58] <cyberanger> and nobody knows what's installed on my systems
[16:58] <bwmaker> Yeah, that's a really good point.
[16:59] <cyberanger> problem with FDE is, is it truely full disk
[17:00] <cyberanger> can I modify your boot code, snatch your password, upload it later in the boot process to somewhere and come back and use it
[17:01] <cyberanger> Can I migitate that attack, sure, I can two ways, never leave my laptop around, away from me
[17:02] <cyberanger> and never put my unencrypted /boot on the hard drive, use a flash drive and install there (also, make sure the MBR code goes to the flash drive too)
[17:02]  * cyberanger isn't paranoid, it's just that....well.... you see....everybody is out to get me....that's all
[17:03] <cyberanger> bwmaker: ^
[18:03] <bwmaker> :-) I'm paranoid. I'll admit that. But  I think it's reasonably so, if there is such a thing as a reasonable amount of paranoia.
[18:07] <bwmaker> But I do believe it's a mistake to believe one's digital life and belongings are completely secure. There's always a flaw in the system.
[20:16] <cyberanger> Indeed
[20:54] <bwmaker> https://firstlook.org/theintercept/2015/08/26/way-gchq-obliterated-guardians-laptops-revealed-intended/
[22:57] <Unit193> http://arstechnica.com/tech-policy/2015/08/uk-surveillance-worse-than-1984-says-new-un-privacy-chief/
[23:34] <aeden__d> I hear a lot of people talking about tunneling certain programs thru ssh. I've read up on this but I'm not sure of the benefits. what are the benefits to installing openssh-server?