[00:28]  * tomreyn just learnt that ubuntu should actually mount /boot/efi (and any vfat FS) with the 'discard' option if this is on a storage which supports TRIM. that's because vfat supports TRIM only in this immediate way, and (the weekly cron job which runs) fstrim -a will not handle vfat at all.
[00:29] <tomreyn> https://askubuntu.com/questions/391101/does-trim-work-with-fat32
[00:35] <oerheks> .. and HFS+ .. amazing ..
[00:43] <tomreyn> i dont see discard / trim listed at https://www.kernel.org/doc/Documentation/filesystems/hfsplus.txt
[00:45] <oerheks> yes, amazing
[00:45] <oerheks> :_D
[00:45] <tomreyn> oh, ok :)
[00:46] <tomreyn> ntfs doesn't mention discard / trim either
[00:46] <oerheks> i am not sure fat32 is a good idea, as it can contain that special UEFI part
[00:47] <tomreyn> how do you mean "that special uefi part"?
[00:48] <oerheks> an UEFI partition to enable secure boot, on newer systems
[00:49] <tomreyn> i think you're referring to the ESP
[00:50] <Menzador> Yeah, the ESP (EFI System Partition)
[00:51] <oerheks> jups, and that would be fat32
[00:51] <Menzador> tomreyn, actually that's a good tip as my next machine will have an SSD, thanks
[00:51] <tomreyn> it's just a fat file system, which uefi supposedly reads in a similar way as linux
[00:51] <tomreyn> the ESP is usually tiny and doesn't get a lot of writes, so it's not too important. but still nice to have.
[00:53] <Menzador> I mean the recommended size is a quarter of a gig
[01:08] <tomreyn> > nothing
[01:09] <tomreyn> on a side note, i just ran into /usr/share/doc/util-linux/examples/fstrim.{timer,service}
[01:09] <tomreyn> debian lacks the weekly fstrim cron job, so i enabled it there.
[02:50] <nicomachus> Bashing-om: rutorrent is a torrent website, not a program.
[02:53] <Bashing-om> nicomachus: Well, thanks .. brenster23 is not to knowledgeable, and I sure did not know :)
[02:54] <nicomachus> np :)
[03:47] <lotuspsychje> good morning to all
[03:52] <Bashing-om> lotuspsychje: is back ! Hide all the women :D
[03:54] <lotuspsychje> lol hey Bashing-om
[03:57] <Bashing-om> lotuspsychje: Been too long - I sleep while you are on ?
[04:20] <lotuspsychje> been on weekend Bashing-om
[04:21] <Bashing-om> lotuspsychje: weekends are good things :)
[06:03] <ducasse> good morning
[06:06] <lordievader> Good morning
[06:14] <ducasse> hi lordievader - how are you today?
[06:15] <lordievader> Hey ducasse , doing good here. How are you?
[06:18] <ducasse> all good so far, thanks
[06:21] <lordievader> 😁
[08:04] <lotuspsychje> hey ducasse lordievader
[08:04] <lordievader> Hey lotuspsychje
[08:05] <lordievader> How are you doing?
[08:05] <lotuspsychje> fine tnx lordievader and you?
[08:05] <lordievader> Doing okay here
[08:18]  * oerheks feels sad, just ran out of coffee-creamer
[08:19] <lotuspsychje> :p
[08:20] <lotuspsychje> something broken, lotus computers repairs
[08:30] <oerheks> yay
[08:30] <oerheks> broken
[08:31] <oerheks> https://www.eff.org/deeplinks/2018/05/attention-pgp-users-new-vulnerabilities-require-you-take-action-now
[08:31] <oerheks> https://twitter.com/seecurity/status/995906576170053633
[08:31] <oerheks> LoLz, some have knowledge of this for abot 4 years, i guess
[08:32] <lordievader> From a different channel: https://lists.gnupg.org/pipermail/gnupg-users/2018-May/060315.html
[10:40] <BluesKaj> Howdy folks
[10:42] <oerheks> heya BluesKaj
[10:43] <BluesKaj> Hey oerheks
[10:49] <JimBuntu> Good morning my fellow non-bots.
[10:50] <oerheks> bliep
[10:52] <BluesKaj> 'Morning JimBuntu....grok
[10:52] <oerheks> more about gpg.. https://efail.de/efail-attack-paper.pdf
[10:58] <oerheks> fddasdf-dude ignores the wiki, so i have warned him 3 times..
[10:58] <BluesKaj> he's an idiot
[10:59] <oerheks> good ol' apt
[10:59] <oerheks> noooo... i think he is blind
[10:59] <lordievader> About the gpg flaw, if your client doesn't actively do things with the html (load images, for example) you should be fine.
[11:01] <BluesKaj> seems there's no more access to akonadi-server in kubuntu to change settings for the file indexer baloo
[11:01] <BluesKaj> file indexer/search
[11:06] <BluesKaj> users complained about akonadi's bugs and now that they are solved access to GUI settings is no longer available. How does that make sense?
[13:20] <leftyfb> jmgb4: and by "get around" , that would imply they are actively ON the same local network and have access to all services services on that network
[13:21] <leftyfb> services/served
[13:21] <jmgb4> Its not that hard... It depends on how you footprint and scan with nmap (or whatever tools you use)
[13:22] <leftyfb> footprint? scan with nmap?
[13:22] <leftyfb> please explain
[13:22] <jmgb4> So how experienced are you?
[13:22] <jmgb4> If you dont know what footprinting and nmap is I am not sure where to go to even begin
[13:23] <leftyfb> sysadmin/devops for over 20 years, built multiple datacenters from the ground up and had to manage over 3000 servers running Debian/Ubuntu 24/7 for the largest shared hosting company in the world
[13:24] <leftyfb> I am well aware of nmap. Never heard of it being used to "get around" NAT, nor am I familiar with the term footprinting
[13:25] <jmgb4> It is just doing a thorough scan. Seeing where they are going, whats coming to it, what protocols are being used, what ports..
[13:25] <leftyfb> yup, I just read about it ... I get a basic understanding
[13:25] <leftyfb> you're building a profile of security measures in use
[13:27] <jmgb4> How well you can footprint will usually give you an idea of what their internal network looks like. How well you can read that traffic and set metasploit packages to each and every port / protocol you think is going on is what will eventually leak their internal network ip / range / cidr / whatever
[13:27] <leftyfb> lets say you've got a typical home network with a ISP's modem in bridge mode and an off the shelf router using NAT. No ports are open/forwarding. No UPNP. No DMZ. How does a script kiddie go about "getting around" the NAT. How does that script kiddie get onto the local network and are now able to browse Windows share for instance.
[13:28] <jmgb4> Theres always something open.
[13:28] <leftyfb> negative
[13:29] <leftyfb> And even so, just because someone has SSH or a VPN port open, does not make it easy for a script kiddie to get onto the local network
[13:29] <jmgb4> Lets back up one more step here. Do I know a network lives at X ip or am I scanning randomly
[13:30] <leftyfb> you're targeting a public IP
[13:30] <jmgb4> That I know exists?
[13:30] <leftyfb> no ports are open, get around NAT
[13:30] <jmgb4> You wait. A port will open
[13:30] <leftyfb> UPNP is off. Grandma doesn't know how to open ports
[13:32] <jmgb4> There will be a session up eventually. If you konw the network you will know the natted ip. All you have to do is wait for a session to open and hijack it
[13:32] <leftyfb> If your assumption is that some port is always going to be open/forwarding and you have an exploit for the protocol listening on that port that allows you root/local control, then to say that NAT is inherently insecure by itself is false.
[13:32] <JimBuntu> if there is a service listening on an open port (on the target) and you have a metasploit vuln, and you use it... you didn't get in due to some issue with NAT, you got in due to the sploit/vuln.
[13:33] <jmgb4> Its all about the footpting. I have yet to see a network (still learning here) that doesnt leak or give hints at if it is behind a nat or not
[13:33] <JimBuntu> Again, how does the use of NAT add to the vulnerability?
[13:33] <leftyfb> that does alone not open the door for script kiddies
[13:34] <leftyfb> boy, bad English there ... just woke up :)
[13:34] <JimBuntu> jmgb4, I don't want you to feal like you are being attacked or jumped, but this is an interesting discussion and I simply don't see any real danger coming from the use of NAT itself.
[13:35] <jmgb4> It doesnt "add" to a vulnerability. I said before its like closing your blinds and pretending you are not there. There will be signs you are.
[13:36] <JimBuntu> Oh, I thought you said something like "closing the blinds and now we are safe"
[13:36] <leftyfb> jmgb4: I encourage your path to knowledge and understanding, especially around infoSEC, as long as it's for the greater good. But to post in a public support channel that NAT as a security method is insecure and easily circumvented is just plain false and can cause undo confusion and concern.
[13:37] <leftyfb> jmgb4: It would have been better to say NAT can be easily circumvented if you are forwarding ports to protocols that are easily exploited.
[13:37] <jmgb4> leftyfb, So you are saying a  nat is all yo uneed?
[13:38] <JimBuntu> Are there people who use NAT (alone) for security?
[13:38] <leftyfb> jmgb4: If you are grandma with nothing but an ISP's modem, off the shelf router with NAT an UPNP disabled and tablet or chromebook then yes, that's all she needs to not have to worry about a script kiddies "getting around" NAT.
[13:39] <jmgb4> JimBuntu Yes. There are still people that hook up modems directly to the internet with no security enabled.
[13:41] <leftyfb> most modems from ISP's these days have a router using NAT built in
[13:42] <jmgb4> My modem had NAT and forwarding enabled. I was able to scan myself and figure out my internal / external ips.
[13:43] <leftyfb> ok?
[13:43] <leftyfb> That is not "getting around" NAT
[13:43] <leftyfb> knowing a local ip does very little
[13:45] <leftyfb> jmgb4: Also, I assume you did this scan from an external location. Not scanning your public ip from within the network for traffic
[13:45] <JimBuntu> jmgb4, What forwarding was enabled? Were they basically putting your machine in the DMZ?
[13:46] <jmgb4> leftyfb, Yes... I scanned from outside the network.
[13:46] <jmgb4> JimBuntu Yes
[13:46] <leftyfb> jmgb4: using what tool?
[13:46] <leftyfb> oh, it's a DMZ.
[13:47] <JimBuntu> jmgb4, that's hilarious. I presume this was a situation where you were only allowed to have a single NIC/computer connected.
[13:47] <leftyfb> DMZ != NAT (not in the security sense)
[13:47] <leftyfb> you basically turned off NAT
[13:47] <jmgb4> I didnt touch it. Thats the way it come "out of the box"
[13:47] <JimBuntu> In this case, again, the use of NAT didn't contribute anything to the security issue... it was actually being used the way it was originally intended... IP translation and nothing else.
[13:48] <daftykins> most browsers give up the internal subnet via most website queries btw, so it's not a surprise
[13:48] <daftykins> also hi all \o
[13:49] <JimBuntu> I remember ISPs that told us we could only connect one computer to the modem... and it had to be our computer, no routing. Internet Connection Sharing (TM) became very popular for a while.
[13:49] <daftykins> heh many moons ago back in Uni we were only allowed the one, too - they explicitly banned routers and WAPs
[13:49] <leftyfb> jmgb4: if you had DMZ turned on by default, that completely nullifies any benfits of NAT.
[13:50] <leftyfb> again, to say NAT is insecure is false .... in all cases discussed so far
[13:50] <daftykins> i highly doubt that it would've been
[13:50] <leftyfb> ^
[13:51] <leftyfb> jmgb4: I encourage route path to knowledge though. Keep going.
[13:51] <jmgb4> This is the way the modem was out of the box.
[13:51] <leftyfb> er
[13:51] <leftyfb> route/your
[13:51] <JimBuntu> perhaps it was a previously used modem, or some major fail in mass-configuration
[13:51] <daftykins> a 'modem' doesn't have such settings :>
[13:51] <jmgb4> It was an all in one I should say. Not a "modem".
[13:52] <leftyfb> daftykins: The ones with routers built in do ... which these days is most of the ones provided by ISP's
[13:52] <jmgb4> ^
[13:53] <jmgb4> If one was given to me, you cant say there arent others out there but we also got off the discussion of NAT and why I thought / think its not a very good defense but I guess I was proven wrong.
[13:53] <daftykins> yes i know that leftyfb - i'm pointing out using the wrong term for the device, is all
[13:53] <daftykins> in fact i'm pretty sure 'modem' in general is one of those words that's been hung onto for far too long, think they're really transceivers that we use over here where both send and receive are on the same chip/board :)
[13:54] <daftykins> (but we likely use a different technology here to what you guys use to get online)
[13:54] <jmgb4> daftykins, What would you rather it be called? An all in one? Router / modem combo?
[13:54] <leftyfb> yep
[13:54] <leftyfb> ISP provided router
[13:54] <daftykins> is it cable? 'cable modem/router' would explain it well in lieu of a make and model
[13:55] <jmgb4> I have no idea what make and model it was. I no longer use it.
[13:55] <leftyfb> jmgb4: it was a productive discussion
[13:57] <daftykins> oh so we're talking about the past as well? bit pointless
[13:57] <daftykins> marginally worse than the support seeking folks who come online and say "i'm at work now, but can you tell me what to do to solve x?" :D
[13:57] <leftyfb> it’s ok. It was a productive discussion.
[14:00] <jmgb4> How is it pointless? daftykins, thats kind of like saying devices on the internet are upgraded as soon as a new model is released. I am trying to find that website that looks for old devices now.
[14:00] <jmgb4> I cant think of the name
[14:01] <JimBuntu> looks for old devices? Not exactly the same, but I like Shodan
[14:02] <daftykins> jmgb4: just that you can't confirm anything or speak of the model etc, is what i mean
[14:02] <daftykins> i'm sure you had some interesting chat regardless, i just think it a bit odd when folk are like "i had this thing once, it was bad"
[14:03] <daftykins> anyway, nevermind
[14:20] <leftyfb> you upset him :)
[14:20] <leftyfb> It was ok daftykins, that was one of the good ones. They learned a thing.
[14:21] <daftykins> leftyfb: this is still conversation, there's no need to act like the police in here, it's kind of annoying
[14:22] <leftyfb> huh?
[14:22] <daftykins> i'm just saying there's no conflict here :)
[14:23] <leftyfb> You were being a bit hostile toward him. And I'm just trying to say, no need for the hostility, he learned a thing and didn't keep on about it. That's productive and exactly what discussions should be like.
[14:24] <daftykins> well since we're going to keep beating a dead horse, i didn't mean to invalidate the entire conversation - i just think it's dumb bringing up a device that's no longer owned
[14:25] <daftykins> i do have a tendency to be short that people see as hostility, but it's never intended as such - try to bear that in mind
[14:25] <daftykins> unless it's a troll :P
[14:26] <leftyfb> I can verymuch be the same ... but this one was open to learning so I try to help them along as much as I can
[14:40] <BluesKaj> heh, nertworking is an arcane subject from the get go...I find it to be so..tried a an online course (coursera) and the presenter just crammed waaay too much info into each session for these old brain cells to absorb properly , and his high squeaky voice did not help matters any
[14:40] <JimBuntu> but, come on, any script kiddie can get around NAT ( if by that you mean a wide-open machine in the DMZ of a router)
[14:40] <leftyfb> :)
[14:41] <daftykins> i still laugh thinking of the days over here when our broadband first came out - routers weren't a thing yet, so it was just these nasty USB ADSL transceivers
[14:42] <daftykins> then the msblast flaw in Windows XP came out - and no joke you could be online without a firewall (as one wasn't added to XP until SP1 or SP2?) for 14 seconds before you'd get hit by it - and a forced reboot dialogue came up
[14:42] <daftykins> i tested it one day for fun, to come up with that time :)
[14:42] <pragmaticenigma> SP2 enabled the firewall by default
[14:43] <pragmaticenigma> and blaster is still rampant on the open web
[14:43] <daftykins> mmhmm, i was leaning more that way but i'm happy to purge my memory of all XP related things now
[14:43] <daftykins> i highly doubt they're scanning for it as regularly as that, as at a later point i tried the same and nothing happened overnight
[14:43] <daftykins> er, *as regularly as then
[14:44] <pragmaticenigma> No one really is scanning for it... it's all the dummy machines that never got fixed that still spew it out
[14:44] <pragmaticenigma> I still get Code RED hitting my apache server
[14:44] <daftykins> hmm that name doesn't ring a bell
[14:45] <pragmaticenigma> Code Red was a worm that infected IIS web servers
[14:45] <pragmaticenigma> https://en.wikipedia.org/wiki/Code_Red_worm
[14:45] <daftykins> ah, i'd almost say i feel sorry for someone using IIS - but i don't :D
[14:45] <BluesKaj> my W7 to W10 upgrade a few yrs ago was a total loss for me, the cheapest W10 version is as fugly as it gets ...yuk
[14:46] <BluesKaj> no more windows for this guy
[14:47] <pragmaticenigma> I still have windows for a few select applications that just run better in their windows home land. (and I get tired of Wine with the circular references in symbolic link littering up my home directory)
[14:48] <BluesKaj> I've managed to live without Windows for a while now..really don't miss anything windows at all
[14:49] <daftykins> works for me :)
[14:49] <daftykins> a lot of my clients willingly choose to be stuck with Microsoft products for no good reason, can't really help them from that
[14:49] <BluesKaj> I don't hate windows, it just doesn't do anything that i need anymore
[14:50] <pragmaticenigma> I just wish customizations of any OS were a lot easier than having to either install a theme pack (which often hides criticle features) or hack away at stuff in hopes of achieve the desired effect.
[14:51] <pragmaticenigma> I strongly dislike the default font sizes, they're always way to big for me
[14:51] <pragmaticenigma> that's all I want to change, yet my options are to hunt down a theme, build my own, or hack
[14:52] <daftykins> which desktop is that with?
[14:52] <pragmaticenigma> I run defaults, so right now I'm on Unity + Ubuntu 16.04
[14:52] <pragmaticenigma> Even windows 10 the fonts are stupid huge... I don't personally need size 12 fonts for window titles
[14:53] <daftykins> guess it depends on the display, on my laptop which is a 1920x1080 LCD... 10's default is to enable scaling, whereas i prefer 1:1 or '100%'
[14:53] <daftykins> if you go too small you start seeing the subpixel rendered edges that are a bit offputting imo
[14:54] <BluesKaj> daftykins, some people don't understand the concept of an "operating system". It's just a computer to them, press this, click that and that's all hey worry or think about
[14:54] <pragmaticenigma> I'm not referring to scaling
[14:54] <daftykins> no but i have...
[14:55] <daftykins> hmm does 16.04 unity still have the keyboard shortcut underlines to the alt+space menu? 18.04 ditched those and i find it a mistake
[14:55] <daftykins> not that i use it
[14:55] <pragmaticenigma> that's a rather strong generalization there BluesKaj
[14:55] <JimBuntu> daftykins, 16.04, yes.
[14:55] <BluesKaj> I always have to increase fonts on this setup no matter which OS I use
[14:56] <daftykins> JimBuntu: amazing they dropped it, what a foolish move
[14:56] <daftykins> dumbing down the desktop to the mouse bandits :)
[14:56] <BluesKaj> pragmaticenigma, the qualifier in my comment was "some people" :-)
[14:57] <JimBuntu> daftykins, I know, I don't understand it either... things like from within Terminal, you can't ALT+F to bring up the file menu/etc. I like those underscore-shortcuts, especially if I have to do the same few things to a bunch of files/etc.
[14:58] <daftykins> reminds me, i was gonna snag an 18.04 xu to see if it's still there, don't see why it wouldn't be
[15:01] <pragmaticenigma> BluesKaj: Exactly
[15:02] <pragmaticenigma> I think the loss of the underlines is a design decision in Gnome-Shell than Ubuntu
[15:09] <daftykins> yep there they are, still in xu :>
[15:09] <pragmaticenigma> Is Xubuntu any easier to customize now? I remember my struggle was getting apps added to the app drawer
[15:11] <daftykins> i'm not the right person to ask, i don't use desktop
[15:12] <daftykins> last i tried it (on a laptop) i fell over laughing at desktop Linux in general for the fact that if i had firefox playing a youtube video fullscreen on battery, it STILL blanked the screen in the middle of said video
[15:12] <daftykins> talk about foolish defaults
[15:13] <pragmaticenigma> I don't think it still does that... but then again, might be a good thing the webbrowser can't disable system functions?
[15:14] <daftykins> that was probably 14.04 yeah, so no idea of the current state - and whilst i can see what you're saying, i don't think it's a very practical concern
[15:14] <pragmaticenigma> I do most my media watching via LibreElec, Nexus Player, or Roku
[15:14] <pragmaticenigma> no powersaving shinanigans there
[15:15] <daftykins> well Kodi does have a screensaver that dims by default :) so i might marginally challenge that
[15:15] <daftykins> but yeah it's not gonna turn off the display mid video xD
[15:16] <pragmaticenigma> Kodi is smart enough to do that only when not active playback of video. Unless you pause said video, it does dim
[15:16] <pragmaticenigma> Though I don't know if Kodi talks to a desktop to prevent it's screensaver/power saving functions
[15:17] <daftykins> you really need to dial back on the explanations :) i've used it since the original xbox days
[15:18] <pragmaticenigma> I wish I were able to telepathically see what's in your head, but I can't (and probably don't want to) so I have no idea your experience with the application or it's history
[15:19] <daftykins> i get the sarcasm :) but you don't see how annoying it is to keep explaining stuff like it's everyone elses first day? :)
[15:19] <daftykins> i think a lot of 'normal' users are likely to play videos in youtube in the browser, as originally mentioned anyway
[15:20]  * pragmaticenigma changes room the #ubuntu-explainations
[15:20] <daftykins> maybe minus the typo
[15:20] <pragmaticenigma> nah...
[15:20] <daftykins> pragmaticenigma: something the matter today? you seem to be trying awfully hard to disagree with everyone on everything!
[15:21] <pragmaticenigma> I'm really worried about the PGP vulnerability :-)
[15:21] <pragmaticenigma> https://efail.de/
[15:22] <daftykins> from what i skim-read it sounded like it's fine if you don't send and receive in HTML
[15:23] <daftykins> which i always thought was something most tech folk did who didn't want all kinds of rubbish enabled
[15:23] <BluesKaj> some are looking for a debate ...seen it many times ...I don't bother wasting my energy when I know I'm right :-)
[15:23] <pragmaticenigma> oh? haven't gotten that far in the article... only gleaned as much to see that plugins that autodecrypt were the primary target
[15:24] <SlidingHorn> It's SO funny how hard this guy was trying to make this his 15 minutes of fame
[15:25] <daftykins> what a time to be alive, everything folks use to be safe in open source land seems to have been blown open this year so far
[15:25] <SlidingHorn> ??  It's not a GPG vulnerability.
[15:25] <pragmaticenigma> This one looks pretty benign... and yeah... mislabeled... it's the tool kits, not the actual algorithm
[15:25] <JimBuntu> SlidingHorn, not to my understaning, it's a failure of mail programs/etc in (pre)processing the HTML in the emails.
[15:26] <pragmaticenigma> it also seems to be really elaborate
[15:26] <SlidingHorn> and this guy has been prepping and hyping it to make it his "big moment"
[15:26] <SlidingHorn> he's still patting himself on the back on Twitter and trying to pass it off as something it's not
[15:28] <JimBuntu> The community will likely shun him, he didn't even send the details to GPG/etc first.
[15:29] <SlidingHorn> they should (in my opinion)
[15:29] <daftykins> i heard some German rag leaked it early
[15:29] <EriC^^> a new vulnerability?
[15:29] <daftykins> kinda
[15:29] <EriC^^> what are they calling it?
[15:30] <daftykins> no fancy name yet afaik xD
[15:30] <EriC^^> the names are always fun :D
[15:30] <SlidingHorn> trying to essentially blindside GPG for fame...went through the trouble of creating a website, hashtag, and logo though... :/
[15:30] <SlidingHorn> "eFail"
[15:30] <JimBuntu> EriC^^, This just in, mail clients and tools using GPG (some of them anyway) will obey the user and (pre)process HTML
[15:30] <daftykins> oh yeah, there was i just have a sieve-like memory :>
[15:33] <EriC^^> !ping
[15:35] <daftykins> JimBuntu: so even still not everything gets a shortcut key assignment - http://i.imgur.com/BuJmg9f.png
[15:36] <JimBuntu> daftykins, That one might be due to the developers. When I was making GUIs, I had to assign the latters manually.
[15:36] <JimBuntu> s/latters/letters
[15:37] <BluesKaj> I see those "root action" services in the file manager/dolphin no longer work or at least they don't appear in the context menu when righjt clicking in dirs owned by root
[15:38] <BluesKaj> it was a handy feature that i started using when kdesudo was no longer working
[15:38] <daftykins> root action? as in stuff to do as root? maybe due to the death of gksudo? (at least i think i heard that)
[15:39] <BluesKaj> daftykins,  yup
[15:41] <BluesKaj> well, stuff to do for an hr or 2 ...bbl
[15:41] <daftykins> think i tend to just go straight to a terminal :)
[15:42] <daftykins> oh this might amuse someone besides myself, i offered to fix up the PCs of a friends girlfriends kids... but she mentioned that they don't get much use out of them, instead preferring to use the various Apple products...
[15:42] <daftykins> i can just imagine what a conversation might go like there, "hey kid, why don't you run x?" - "huh? is that on the app store? how much does it cost?" - "no, it's free!"
[15:43] <daftykins> generations hamstrung by the decision to use walled garden ecosystem devices that don't foster huge possibility
[15:43] <daftykins> madness! :)
[15:45] <daftykins> at least i subscribe to the thinking that use of such devices stops them exploring and learning as much as they could, does anyone else feel the same way?
[15:46] <JimBuntu> Yeah, somewhat. On the tablets, my kids don't have access to a browser or YouTube/etc... they do have a laptop with no restrictions on it (Ubuntu), but they have to use it in the living room.
[15:47] <daftykins> interesting, what's blocking the browser on the tablet?
[15:47] <daftykins> +s
[15:47] <JimBuntu> They get to see both worlds play out. I think that between the drastic improvements with CPU/etc of mobile devices, and the fact they are so mobile... has led to people going to them first.
[15:47] <JimBuntu> daftykins, We use Amazon KidTime
[15:48] <JimBuntu> Basically, we pick what apps work under their profile and can do all kinds of time-based controls/etc.
[15:48] <JimBuntu> At 5 years old, one of them had found a way to break out, but it seems to have been patched as they can't do it any more.
[15:50] <daftykins> JimBuntu: ah we got one of those amazon Kindle Fire tablets for a clients son, i saw all the rubbish about setting up a childrens account, then the ability to choose content they could run but it looked like too much work, so they just use it under the mums account
[15:50] <daftykins> then saw that when they go on holiday to Spain, amazon content mostly doesn't work down there - and it kept wanting to be online to authorise the DRM - so it was nigh-on useless
[15:51] <JimBuntu> daftykins, it's really not that bad. There are oddities we have encountered where a kids program basically wasn't compatible if you had started the program from the adult account first, that's about it. What's really nice is that it's all auto-backed up too... so, when we had to replace one of their devices, all we had to do was sign in, then sign them in and it downloaded everything.
[15:52] <JimBuntu> yeah, Amazon services can be tricky outside the country of origin. For example, eBooks from you area wont work when you try to use them in the U.S.A. and vice-versa. I know someone who has a U.S. registered Kindle exactly for this reason.
[15:52] <daftykins> hmm maybe it has grown up since i last saw it, their son is about 4.5 now so i'm not sure how much time he gets with the thing
[15:53] <daftykins> mmm i know all that fun all too well, typically this island is geoIP detected as being 'other' and not applicable for most online services
[15:53] <daftykins> Google and Microsoft even refuse to sell devices to us typically :)
[15:53] <JimBuntu> wow, that's ridiculous, imho
[15:54] <daftykins> it's because we don't have tax on goods and they won't do the paperwork to sell to us, so they just blanket refuse instead
[15:55] <JimBuntu> Still seems silly to me, but... if they only care about the bottom line... that's on them.
[16:03] <daftykins> hrmm i should be working on my 18.04 VPS with digitalocean to move off the old 14.04 one
[16:03] <pragmaticenigma> why not 16.04 :-P
[16:03] <daftykins> 'cause it's already old
[16:04] <daftykins> those folks are great, i mentioned the tax status we have and they developed a new feature to subtract it so the lowest tier at $5/mo is about $4.xx/mo for me i think o0
[16:07] <pragmaticenigma> island of misfit toys?
[16:08] <daftykins> given the fact i often get brought computers that aren't working right, that may be quite fitting :D
[16:09] <pragmaticenigma> hehe
[16:10] <daftykins> but yeah if i'm gonna take the time to move all my servers to a newer release, i would rather make the bigger step to current - even if 18.04 sounds many alarm bells for me
[16:10] <pragmaticenigma> true that
[16:10] <pragmaticenigma> running server edition should be more stable than the desktops... no?
[16:11] <daftykins> EriC^^: did you get on top of your data usage problem?
[16:11] <daftykins> pragmaticenigma: you'd hope, i cringed when i saw the default image they have for 18.04 still installed 3GB though...
[16:11] <daftykins> and removing some stuff somehow made it increase o0
[16:12] <pragmaticenigma> what about the minimal install?
[16:12] <daftykins> that's not how VPSs work, you don't install the OS yourself
[16:13] <pragmaticenigma> oh
[16:13] <daftykins> they have sort of one click templates that get spun up once you click through the choices, then you get sent login credentials
[16:14] <daftykins> or you import an SSH key to use, yada yada
[16:19] <pragmaticenigma> cool... I learned something new :-)
[16:22] <daftykins> if you ever have need of running services online for folks, they're really neat - paying that little to keep a simple little machine going works out really nicely, i host 3 or so websites these days along with an OpenVPN endpoint so i can tunnel to safety if i'm out on some nasty public connection
[16:22] <daftykins> even for the bottom tier which i use - https://www.digitalocean.com/pricing/
[16:48] <EriC^^> daftykins: yeah, it turned out to be windows updating, making d: very small solved it
[16:48] <daftykins> heh or broke it intentionally ;D i suppose that beats constantly updating to the new builds manually though
[16:49] <EriC^^> yeah those pc's are what i'd like to sit and work on, i just want them running and barely ever have to fix anything
[16:50] <EriC^^> especially now in summer, it's a sona in that room
[16:50] <EriC^^> *aren't what i'd
[16:50] <daftykins> hehe i'll bet
[16:51] <daftykins> kinda surprised Windows is the choice for the mining stuff, seems like the worst OS choice for uptime
[16:51] <EriC^^> i'm loving it for the mining tbh, drivers come out immediately and there's a lot of support for hardware stuff
[16:52] <EriC^^> i also loved the tasksch thing it's pretty much window's cron
[16:52] <EriC^^> i'm using it to run a sync command every 1 minute to avoid fs failures on the constant powercuts we have :D it's held pretty steady
[16:53] <EriC^^> also all the clocking software and bios modding stuff is in windows
[16:53] <daftykins> that's true, though i wouldn't touch any of that :>
[16:53] <daftykins> spotted them in your pics ^_^
[16:54] <daftykins> i doubt newer driver releases really change mining speeds much though?
[16:55] <EriC^^> sometimes they do a little, but i've had to use a new 'block chain driver' because the 'dag' became larger and that caused the miners to drop like 9mh/s each
[16:56] <daftykins> ah har
[16:56] <EriC^^> amd actually released a blockchain specific driver that optimizes mining, it was released beta and they were like this is it, there wont be any official release later
[16:56] <EriC^^> they are kinda supporting the miners i guess, it's a good profit for them $$ %%
[17:44] <lotuspsychje> good evening to all
[17:52] <lotuspsychje> hey krytarik
[17:53] <lotuspsychje> hey pragmaticenigma
[17:53] <krytarik> Howdy.
[17:53] <daftykins> \o
[17:53] <pragmaticenigma> alo
[17:57] <lotuspsychje> !info chromium-browser bionic
[17:58] <lotuspsychje> seems im up to date
[18:02] <pragmaticenigma> oh boy... here we go in main chat
[18:03] <SlidingHorn> upcoming troll in main
[18:03] <leftyfb> saw that coming
[18:03]  * daftykins raises an eyebrow
[18:03] <SlidingHorn> same
[18:04] <pragmaticenigma> do we tell them and encourage more yammering... or blindly let them stay as to not draw more attention
[18:04] <leftyfb> they'll bring it upon themselves
[18:04] <leftyfb> just wait
[18:04] <lotuspsychje> im not an ignore fan myself
[18:05] <lotuspsychje> thats like sticking head in the sand :p
[18:05] <daftykins> i didn't used to be, but damn is it good (:
[18:05] <leftyfb> neither am I, but the ops have strict requirements before any action is taken, if ever
[18:05] <SlidingHorn> I assume an op will have them change the nick or (hopefully) see that this is a troll waiting to happen & kick
[18:09] <lotuspsychje> freenode policy url is dead on !guidelines
[18:10] <lotuspsychje> https://wiki.ubuntu.com/IRC/Guidelines
[18:10] <SlidingHorn> they still haven't kicked that guy?
[18:10] <pragmaticenigma> That's the ubuntu guidelines lotuspsychje ... freenode are on their site
[18:11] <pragmaticenigma> https://freenode.net/policies
[18:11] <lotuspsychje> pragmaticenigma: i know, but there is a section mentioning freenode policy on tab language & subject
[18:11] <pragmaticenigma> sometimes the best course of action isn't to give anymore attention than what is already been given. that's what they want, and they'll keep doing it so long as it keep sworking
[18:12] <pragmaticenigma> I did ask ops about the /remove instead of /kick... I was satisfied with their answer, though I don't feel it's very effective
[18:12] <pragmaticenigma> I think they know what they're doing, and best let them figure it out
[18:13] <leftyfb> heh
[18:13] <lotuspsychje> leftyfb: didnt you apply for ops?
[18:13] <lotuspsychje> i hear they need some
[18:13] <leftyfb> yep
[18:14] <leftyfb> I assume they won't take me though. I actually plan to do things about trolls. Looks like that goes against their unwritten policies :)
[18:14] <lotuspsychje> lol
[18:15] <daftykins> nooo, that's just doing 'anything'
[18:15] <daftykins> :)
[18:16] <SlidingHorn> wish there was a way to ignore parts unless they're kicks
[18:16] <SlidingHorn> lol
[18:18] <daftykins> they're still useful if you're giving advice and the person leaves, you know how patient most helpees are :)
[18:18] <pragmaticenigma> haha... looks like op just missed the window... ping timeout
[18:27] <pragmaticenigma> always amazes me how someone can cuss so much
[18:28] <lotuspsychje> like in the movies pragmaticenigma :p
[18:28]  * SlidingHorn curses like a sailor, but I keep it cool in chat
[18:28] <lotuspsychje> lol
[18:29] <pragmaticenigma> I rarely cuss, so when I do, people know I'm very disturbed/upset/angry/in pain about something
[18:30] <SlidingHorn> I rarely finish a sentence *without* cussing :P
[18:30] <lotuspsychje> tv time here guys
[18:30] <lotuspsychje> cya tomorrows
[18:30] <daftykins> o/
[18:31] <lotuspsychje> gonna watch some cursing lol
[18:31] <lotuspsychje> cheers
[18:31] <JimBuntu> lotuspsychje, have fun
[18:31] <lotuspsychje> tnx
[18:50] <leftyfb> https://pastebin.ubuntu.com/p/DVD7DRCqN2/
[18:50] <leftyfb> it's the same troll
[18:50] <leftyfb> el: ^
[18:50] <leftyfb> he's not actually looking for help
[18:53] <pragmaticenigma> send a note to the ops with that information
[18:54] <el> apparently humoring them rather than confronting them gets them to go away
[18:55] <leftyfb> el: they play the long game
[18:56] <leftyfb> they are only looking for fill the chat with their offensive nicks and pointless banter
[18:56] <leftyfb> for/to
[18:56] <leftyfb> they'll be back
[18:56] <el> they'll be back even if i ban that vpn node too. they just have to refresh the app
[18:58] <leftyfb> it's an ADSL, I doubt it's a VPN endpoint
[18:58] <el> vpngate is all consumer internet
[18:59] <leftyfb> where you do see vpngate?
[18:59] <el> a lot
[18:59] <leftyfb> https://pastebin.ubuntu.com/p/D8VwpSNTXz/
[19:00] <leftyfb> the ip is coming from an ADSL account with "superonline.net" / Tellcom Ankara ADSL Pool
[19:00] <leftyfb> I see nothing about a VPN
[19:00] <el> it's not going to be listing "vpngate" in their whois
[19:00] <leftyfb> how do you know it's vpngate?
[19:01] <leftyfb> Not that I doubt you, I'm genuinely curious to know if there's some identifying tool I should be using going forward that I'm not aware of
[19:02] <el> i cannot know with any guarantee, but vpngate.net is commonly used by these kinds of trolls and frequently doesn't list all their current in use addresses
[19:02] <leftyfb> he's back
[19:02] <leftyfb> different ip
[19:02] <leftyfb> oh wait, nevermind
[19:02] <leftyfb> flipping windows too quickly :)
[19:03] <leftyfb> ok, so you're making an assumption on the ip origin
[19:03] <el> and the behaviour
[19:03] <el> an educated assumption.
[19:04] <el> which also tells me he'll be back no matter what i do with bans and it's better to make him bored of us
[19:05] <leftyfb> I see the past joins that backs up your assumptions
[19:14] <pragmaticenigma> and luck talking with the ops leftyfb