[02:32] <lotuspsychje> good morning to all
[02:34] <Bashing-om> lotuspsychje: Maybe take another cup of motivation .. getting nuts in main :)
[02:35] <lotuspsychje> lol
[02:35] <lotuspsychje> Bashing-om: trolls or crowdy?
[02:37] <Bashing-om> lotuspsychje: Naww just off the wall stuff non procedural responses .
[02:38] <lotuspsychje> lol
[02:38] <lotuspsychje> lets c
[02:41] <Ben64> bazhang has too much patience
[02:41] <Ben64> i'd have ban hammered immediately lol
[02:42] <Bashing-om> bazhang been around here a while .. seen most of all I guess .
 since when do you run [junk] here
[02:43] <Ben64> /mode +b jas Since about 2007
[02:43] <Ben64> would have been my response
[02:44] <Bashing-om> That one is scating on thin ice presently .
[02:44] <Ben64> yeah who uses emoji in irc
[03:06] <lotuspsychje> isnt that guy a regular volunteer? his nick sounds daily?
[03:12] <lotuspsychje> oh its about jas nvm
[04:14] <lotuspsychje> welcome
[05:01] <lotuspsychje> lol oerheks
[05:01] <oerheks> really, so obvious ..
[06:11] <lordievader> Good morning
[06:18] <ducasse> good morning all
[06:23] <lordievader> Hey ducasse
[06:23] <lordievader> How are you doing?
[06:25] <ducasse> up and about, trying to plan out the day. sun is shining and it seems not-freezing :) how about you?
[06:26] <lordievader> Doing good here
[06:27] <lordievader> Trying to wake up with coffee
[06:28] <ducasse> just keep chugging it down, it's bound to work soon :)
[06:49] <lordievader> Hahaha
[06:49]  * lordievader bounce bounce
[08:03] <EriC^^> !ping
[12:03] <BluesKaj> Howdy all
[13:04] <BluesKaj> HI EriC^^
[13:05] <EriC^^> hi BluesKaj
[13:06] <oerheks> :-)
[13:06] <BluesKaj> hey oerheks
[13:06] <oerheks> hey guys, are you all on wifi ?
[13:06] <oerheks> :-D
[13:07] <BluesKaj> not atm, my laptop is in suspend
[13:08] <oerheks> this wpa2 crack makes more waves than kim jung ill & trump tweets together
[13:08] <EriC^^> what wpa2 crack
[13:08] <EriC^^> wpa2 isn't secure anymore?
[13:08] <ducasse>  https://arstechnica.com/information-technology/2017/10/severe-flaw-in-wpa2-protocol-leaves-wi-fi-traffic-open-to-eavesdropping/
[13:09] <oerheks> jups, and https://www.krackattacks.com/
[13:10] <oerheks> German dude http://papers.mathyvanhoef.com/ccs2017.pdf
[13:10] <oerheks> but the attacker must be in your neighbourhood, and you must click something to reuse the key
[13:12] <EriC^^> wow
[13:13] <BluesKaj> heh, some of my neighbours don't know enough to use wpa2,  one didn't even use a wifi pw
[13:14] <daftykins> it's all about 64-bit WEP keys
[13:14] <daftykins> ;D
[13:15] <BluesKaj> turns out he was using ethenet and didn't know his laptop was broadcasting wide open
[13:56] <BluesKaj> thought ethernet auto-killed laptop wifi, unless it was a misconfigged router
[13:57] <daftykins> nah both carry on at once always
[14:01] <BluesKaj> Hi daftykins, ok, makes sense then
[14:02] <daftykins> surely it wasn't the laptop sharing out a network though, that'd be odd
[14:03] <BluesKaj> guess I was mistaken, must have been the router
[14:07] <BluesKaj> don't think anyone around here would have realized there was no pw needed except me when I logged on to their wifi, but i let them know so not much piggy backing went on.
[14:07] <daftykins> :D
[14:07] <BluesKaj> local cable guy set it up ...moron
[14:08] <daftykins> hmm, usually they're not allowed to touch consumer gear
[14:09] <BluesKaj> it was the cable comapny's router
[14:09] <BluesKaj> cable tv/internet bundle
[14:10] <daftykins> ah everything ISP supplied always has default keys ime
[14:10] <lordievader> The lovely thing about those company routers is that they usually have a backdoor. That way they can see everything which goes on in your network.
[14:12] <BluesKaj> he neglected to setup a pw...she told me the installer didn't show them how to set up the wifi pw etc
[14:16] <ducasse> i always thought they handed out those routers to give to children to practice soldering on
[14:17] <BluesKaj> i have my own router , a TP-Link-TL WDR3600 and a TP-Link modem as well, which was suggested by my ISP as a compatible brand
[14:17] <lordievader> Those things can be evil on ipv6
[14:18] <lordievader> IIRC spamming dhcpv6 request at a rate of 300Hz while the network uses SLAAC
[14:18] <BluesKaj> lordievader, what things?
[14:18] <lordievader> TP-links
[14:18] <BluesKaj> my ISP is strictly IPv4 afaik
[15:50] <nicomachus> so how is the KRACK vuln fixed? Can kernel upgrades do it, or is the protocol itself broken?
[15:51] <ducasse> the protocol, aiui
[15:51] <nicomachus> aiui?
[15:51] <daftykins> as he understands it
[15:52] <nicomachus> oh
[15:52] <daftykins> yeah so firmware all over the show
[15:52] <nicomachus> so we need a new protocol then.
[15:52] <daftykins> most likely gonna mean a lot of devices turn into crap
[15:52] <daftykins> nah it's fixable
[15:52] <ducasse> for linux, a patch to wpa_supplicant, i think
[15:53]  * nicomachus sets a check for updates every hour on the hour
[15:53] <ducasse> supposed to be made available later today european time
[15:53] <nicomachus> ah, well that's timely. Good to know.
[15:55] <nicomachus> unrelated, but --progress really should be a default option on rsync
[15:56] <daftykins> anytime i've tried to use rsync i've found it prohibitively slow :<
[15:58] <nicomachus> what's the alternative?
[15:58] <nicomachus> for transferring files over SSH, anyway
[16:01] <daftykins> depends on the scenario really
[16:01] <nicomachus> "Notably, our attack is exceptionally devastating against Android 6.0:
[16:01] <nicomachus> it forces the client into using a predictable all-zero encryption key."
[16:07] <nicomachus> that sounds like a serious problem for Android
[16:08] <ducasse> tons of fun for the gazillion devices that get no more updates
[16:09] <nicomachus> I wonder what the market share is for 6.0 nowadays
[16:10] <nicomachus> I'm on 8, but last I heard 4.4 was still the most common
[16:10] <daftykins> it's definitely a shit-show
[16:10] <daftykins> did i tell you mine made me download and install 8.0 on top of itself? o0
[16:10] <freakyy> does anyone find hosting rocket.chat myself would be worth it? ;D
[16:11] <daftykins> what's that and how does it relate to ubuntu?
[16:11] <nicomachus> daftykins: what do you mean?
[16:11] <daftykins> nicomachus: i'd put on 8.0 myself manually, then it prompted me to update to 8.0 :D thing downloaded it quite rapidly, then installed rapidly as well
[16:11] <nicomachus> I tried texting my dad a few questions about this whole deal because he's in netsec for some gov contractor and all he replied was "busy"
[16:12] <daftykins> build didn't change or anything
[16:12] <nicomachus> oh, yea, mine did that too but I assumed it was something slightly different. Didn't check the build number. I had the 8.0 beta installed and it made me download and install the first 8.0 release.
[16:40] <nicomachus> Looks like patches may be public now: https://twitter.com/vanhoefm/status/919853110700531712
[16:40] <nicomachus> hostapd and wpa_supplicant
[16:43] <TJ-> The patches were released just after midnight
[16:44] <TJ-> Ubuntu published updated packages about an hour ago, just waiting for the release team to push them to the archives
[16:44] <nicomachus> debian fix: https://lists.debian.org/debian-security-announce/2017/msg00261.html
[16:45] <TJ-> LineageOS (previously Cyanognemod) has the patches in review now, so should get merged later on
[16:46] <nicomachus> Just got a wpasupplicant update on my Ubuntu 16.04 laptop
[16:46] <daftykins> seen a few defections to Lineage for OnePlus owners annoyed with the privacy woes that was a story in the last week
[16:47] <nicomachus> Looks like Android itself won't get an update until the November 6 normal security release
[16:48] <daftykins> yeah
[16:48] <TJ-> unless someone releases an active exploit then Google/device-makers may move faster
[16:48] <TJ-> it's not a difficult set of patches to apply after all
[16:48] <nicomachus> rpi got the wpasupplicant update too.
[16:48] <nicomachus> and HTPC. So I'm all up to date except for my phone. :/
[16:49] <nicomachus> TJ-: I was hoping for something sooner just because Google is my carrier, manufacturer, and OS maintainer. Lol
[16:50] <TJ-> nicomachus: I know, I was suprised they said they're leaving it so long. I can only guess they weren't one of the manufacturers notified during the 5-month embargo window since the exploit was discovered
[16:50] <daftykins> probably down to how faceless Google is so you can't find anyone to contact :<
[16:50] <TJ-> otherwise I'd have expected them to have access to the wpa_supplicant patches early and apply them and get an update out. Same as Microsoft have done with Windows
[16:51] <TJ-> Ubuntu security devs didn't know about it until I told them at midday UTC
[16:51] <TJ-> so they've done fabulously to turn around the updates so quickly
[16:55] <nicomachus> You would think the researchers would have notified Google since one of the strongest attack vectors was on Android 6.0....
[16:55] <TJ-> Yes. As I said, it's my guess based on Google's reaction. I may be wrong.
[16:56] <TJ-> You'd think with the way their Project Zero operates they'd have been ready and have a fix out before the embargo ended though
[16:56] <TJ-> You know what's neat about this exploit though?
[16:56] <nicomachus> They have a decent reporting department don't they? I thought they were one of the best for responding to bounties, etc
[16:56] <nicomachus> TJ-: please do tell
[16:58] <TJ-> The researcher -  Mathy Vanhoef - found this because he was reading the source-code of wpa_supplicant whilst avoiding finishing writing up another paper he was working on, and noticed a function call ic_set_key(), and wondered what would happen if it were called twice. Made a note, went back to it some time later and discovered this issue
[16:58] <TJ-> So ... more eyeballs on code do sometimes make bugs shallow
[16:59] <nicomachus> +1 for FOSS?
[16:59] <TJ-> and as this is a protocol bug too, not implementation, that's even more impressive
[16:59] <TJ-> I'd say so yes.
[16:59] <TJ-> If he'd not been prevaricating from his other work he may not have discovered it.
[16:59] <nicomachus> +1 for procrastination
[17:00] <TJ-> There's some indication someone spotted this potential before him too, but no indication they ever followed up on their doubts on it
[17:00] <nicomachus> but honestly, who procrastinates by reading the source code of wpa_supplicant?
[17:00] <daftykins> XD
[17:00] <daftykins> true smarticles
[17:01] <TJ-> so, this could be out in use as an exploit because I would assume anyone in places like GCHQ/NSA tasked with reviewing source code for vulnerabilities would easily come to the same conclusion
[17:01] <TJ-> It's the kind of question I ask myself as I'm scanning source-code all the time. I think most hackers operate in that way too
[17:02] <TJ-> hackers in the sense of code-hackers, not crackers
[17:02] <nicomachus> In the words of Elon Musk: Nerd.
[17:02] <TJ-> That was just the Whiskey talking  :)
[17:03] <TJ-> daftykins: are you getting blown about by the storm?
[17:03] <TJ-> oh, in case you need to pass it on to others asking, this is the USN https://usn.ubuntu.com/usn/usn-3455-1/
[17:03] <daftykins> nah just saw the yellowy skies this morning and really low light
[17:06] <nicomachus> daftykins: I figured out an alternative to rsync
[17:07] <nicomachus> instead of transferring all the episodes of this series I wanted to watch from my HTPC to laptop, I just symlinked ~/Videos in /var/www/html/. :D
[17:08] <daftykins> haha
[17:09] <daftykins> in London at the weekend i was tethering to a spare phone to get online... mooched a small TV episode from home :>
[17:13] <nicomachus> hmm... pihole is blocking my access to the page for some reason.
[17:13] <nicomachus> and when I try to whitelist it says "not a valid domain". bugger.
[17:19] <nicomachus> oh I see now. nvm.
[18:59] <nacc> oerheks: maybe i missed it, did ricmm say why they wanted to know about vivid?
[19:00] <oerheks> nope..