[04:59] <lotuspsychje> good morning to all
[05:00] <Bashing-om> lotuspsychje: It is still here . But tis a slow Sunday .
[05:00] <lotuspsychje> hey mate
[05:00] <lotuspsychje> what you guys think of this?
[05:00] <lotuspsychje> http://arstechnica.com/security/2016/12/fedora-and-ubuntu-0days-show-that-hacking-desktop-linux-is-now-a-thing/
[05:01] <lotuspsychje> the guy says linux is vunrable as windows and macs these days
[05:05] <Bashing-om> lotuspsychje: There is a discussion thread on the forum . Th forun is slow right now in "seraching" . Soon as I can I find the thread.
[05:05] <lotuspsychje> oh cool, let me know
[05:06] <Bashing-om> lotuspsychje: Got it : https://ubuntuforums.org/showthread.php?t=2346560&highlight=0-days .
[05:07] <lotuspsychje> lemme check
[05:08] <lotuspsychje> seems like updated systems are patched as always
[05:10] <Bashing-om> Yeah .. I tend to have a high degree of trust in mc4man .
[05:11] <Bashing-om> One thing about the ubuntu security team .. when an expoit is discovered .. they are some kind of quick .
[05:11] <lotuspsychje> still scary to know, 0days reaching the regular ubuntu desktops lately
[05:12] <lotuspsychje> it means the attackers targetting the avarage desktop user that doesnt update daily
[05:17] <Bashing-om> yes, that is true ! Keep updated . And Chris Evans is to be applauded for his efforts .
[05:18] <lotuspsychje> yeah i also think this must be taken real serious
[05:19] <Bashing-om> Chris was not hellering wolf !
[05:33] <lotuspsychje> morning dax
[05:36] <dax> hi
[05:45] <lotuspsychje> dax: you missed out morning security talk: http://arstechnica.com/security/2016/12/fedora-and-ubuntu-0days-show-that-hacking-desktop-linux-is-now-a-thing/
[05:45] <lotuspsychje> what you think of this?
[05:49] <dax> I hope it's a warning for the sort of Linux fan who likes to go on about Windows having security vulnerabilities as though Linux doesn't. Past all that sort of thing... Linux desktop really needs more sandboxing.
[05:50] <dax> We have this bizarre thought process where we protect the stuff that can be gotten back by reinstalling, but everything in $HOME is free game for random browser exploits.
[05:52] <lotuspsychje> yeah
[05:52] <lotuspsychje> doesnt apparmor takes care of this stuff?
[05:52] <dax> More specifically-related to this particular issue... the attack surface presented by gstreamer in Firefox is clearly ridiculously over-large if it includes a SNES emulator.
[05:53] <dax> lotuspsychje: last I looked a few years ago there was an apparmor profile for firefox that was disabled by default
[05:53] <lotuspsychje> i see..
[05:53] <dax> but yes, selinux or apparmor are the sorts of things we need more of
[05:53] <dax> but they're *really* hard to do in a way that doesn't compromise usability
[05:54] <dax> see for example fedora users and their tendency to just turn selinux off the first time it stops something they want to do
[05:55] <lotuspsychje> i guess it will be alway a cat n mouse game with 0days
[05:55] <lotuspsychje> exploiting peoples bad habbits
[05:55] <lotuspsychje> even on a more secure Os
[05:56] <dax> indeed
[05:56] <lotuspsychje> wasnt there like a sort of sandbox package already?
[05:57] <lotuspsychje> !info firejail
[05:57] <ubot5`> firejail (source: firejail): sandbox to restrict the application environment. In component universe, is optional. Version 0.9.38-1 (xenial), package size 138 kB, installed size 491 kB (Only available for linux-any)
[05:57] <lotuspsychje> but i dont see the avarge john doe using that
[06:01] <Bashing-om> A pause for the cause - gotta sleep somtimes, and my sometime has arrived . G nite
[06:02] <lotuspsychje> yeah sometimes :p
[06:47] <lotuspsychje> bbl
[07:53] <ducasse> morning all
[13:31] <BluesKaj> Hiyas all
[13:32] <ducasse> greetings and salutations, BluesKaj :)
[13:34] <BluesKaj> Hi ducasse, how's it going?
[13:35] <ducasse> just about to wrap my christmas gifts
[13:37]  * BluesKaj nods
[14:50] <ducasse> BluesKaj: have you heard anything about whether there will be a new pi next year?
[14:52] <BluesKaj> ducasse, no, but I haven't researched that possibility either
[14:53] <ducasse> i read somewhere that new models have typically  been released in february, so i'm just curious.
[14:55] <ducasse> guess i'll just get another rpi3 now, and wait and see. it's not like it's a big investment :)
[17:06] <daftykins> ducasse: christmas kittens in 4K! https://www.dropbox.com/s/50xmsuxadlinsy7/VID_20161219_133034.mp4?dl=0
[17:06] <daftykins> :)
[17:08] <OerHeks> njummie
[17:09] <nicomachus> youngins
[17:11] <ducasse> that squeak really woke up my cat - she's now looking sceptically around to find out where it came from :)
[17:11] <ducasse> i'm going to play it again >:-)
[17:11] <nicomachus> film it
[17:11] <nicomachus> then I'll show that film to my cat
[17:12] <ducasse> lol
[17:13] <OerHeks> Drabber would be terrified, finding those 2 in house
[17:13] <ducasse> daftykins: are these yours?
[17:13] <OerHeks> the only chihuahua i know that is affraid of cats :-D
[17:14] <daftykins> ducasse: nah my clients wife picked them up to add to their house of crazy!
[17:15] <ducasse> some day i'll start collecting kittens, then i'll be the mad cat guy in the neighborhood.
[17:17] <daftykins> :>