[00:09] <guiverc> Is a MUA/mail-client good for handling gmail, and what would anyone recommend   (I did it years ago, but stopped as it felt slow, I'm sick of browser now though)
[00:11] <sarnold> with gmail I think their imap implementation is going to be the weak part
[00:12] <sarnold> I don't think gmail maps onto imap great
[00:12] <sarnold> mutt's the only mua I've used in the last twenty years, and funny enough never tried it with my gmail account; I only ever do gmail on my android phone, and that's read-mostly
[00:12] <pragmaticenigma> sorry to come in midconversation, but I see Gmail + Imap... what's the discussion?
[00:12] <sarnold> Thu 05 00:09:56 < guiverc> Is a MUA/mail-client good for handling gmail, and what would anyone recommend   (I did it years ago, but stopped as it felt slow, I'm sick of browser now though)
[00:13] <Bashing-om> guiverc: Sylpheed works well for me with Google.
[00:14] <pragmaticenigma> I use IMAP for accessing my Gmail, been doing so for years. Never had any issues. Gmail labels become folders
[00:15] <guiverc> Thanks sarnold, Bashing-om, I've not used mutt but have wanted to try for years, so to prevent me never getting there, I'll likely try sylpheed first (it's most launchpad mail), what client do you use pragmaticenigma
[00:16] <pragmaticenigma> Thunderbird
[00:16] <pragmaticenigma> I've also used 9mail on my android before
[00:17] <guiverc> thanks, nah I hate my phone so won't touch that (I want a real keyboard; mechanical too)
[00:18] <jeremy31> like an old typewriter?
[00:18] <pragmaticenigma> IBM Model-M for life!
[00:18] <sarnold> which is why gmail on my phone is read-mostly :)
[00:19] <guiverc> (mutt would be the best choice I bet, but I'm used to gui)... yeah like the old ibm selectric ... never minded that noise in the background (maybe a different response if I was close)
[00:20] <guiverc> :)  with Model M - my keyboard too
[00:30] <Bashing-om> Old Compaq mechanical keyboard here - goes clitty clack - wife knows I am still awake :P
[00:31] <daftykins> or the cat is about? ;)
[00:31] <sarnold> "are you okay honey? your keyboard has been silent for four minutes and I got worried"
[00:33] <Bashing-om> sarnold: :D - Yeah I hear that too :P
[00:33] <sarnold> hehe
[01:23] <hggdh> I remember the old IBM selectric keyboard (yes, it was a real typewriter was well). The end-of-line bell was used to wake op the computer operators (we would submit a program to be run late at night and, in an intermediate step we would force a bell)
[01:32]  * pragmaticenigma puts the bell character in my programs for kicks and giggles
[03:05] <guiverc> :) I was thinking of selectric typewriters (I didn't work in DP operations, and all the early keyboards I used on 3270/5250/etc terms I used I don't remember, fell in love with Model M, and gleefully was allowed to keep a number when they were replaced)
[07:10] <lordievader>  Good morning
[07:15] <ducasse> good morning
[10:26] <lotuspsychje> good morning
[11:46] <oerheks> popey, great vid ! https://www.youtube.com/watch?v=gVZOBgTDJWc
[15:12] <oerheks> Intel CPU bug patched last year is worse than previously thought
[15:12] <oerheks> - Bug is CVE-2019-0090- Researchers say the bug can allow attackers to retrieve the Chipset Key, the root of trust of the entire CPU - Researchers recommend replacing CPUs
[15:15] <marcoagpinto> oerheks: what?!
[15:15] <lotuspsychje> sure, if they refund our buys
[15:16] <oerheks> https://www.zdnet.com/article/intel-csme-bug-is-worse-than-previously-thought/
[15:16] <marcoagpinto> will it affect 9th generation?
[15:16] <oerheks> all with CSME, so yes?
[15:16] <marcoagpinto> i don't know what a CSME is
[15:17] <oerheks> the 9th was already broken i guess
[15:17] <oerheks> it is a trust root thingy, for UEFI.
[15:17] <marcoagpinto> Buaaaaaaaaaaaaaaaaaaaaa
[15:19] <marcoagpinto> oerheks: am I safe in my VM with Tor?
[15:19] <marcoagpinto> :)
[15:19] <oerheks> no, TOR is not safe at all :-D
[15:19] <marcoagpinto> what?
[15:20]  * pizzaiolo stares at his new 9th-gen intel laptop
[15:20] <pizzaiolo> guess i need a new laptop with 10th gen *shrug*
[15:20] <marcoagpinto> pizzaiolo: yes, at 1 GHz
[15:26] <daftykins> a VM isn't safe if the virt tech it runs on is exploited xD
[15:26] <oerheks> cool
=== kostkon__ is now known as kostkon
[18:15] <oerheks> cool
[18:25] <marcoagpinto> what?
[18:25] <marcoagpinto> oerheks?
[18:25] <oerheks> cool man
[18:25]  * oerheks turns up the heater
[20:56] <TJ-> This new Intel CSME vulnerabilty looks like a death shot for them. trust keys revealed for millions of CPUs/chipsets at some point soon
[20:59] <daftykins> ruh roh
[21:00] <TJ-> AMD, here we (all) come !
[21:00] <TJ-> I've just ordered 6 Ryzen 2 Lenovo E495s
[21:02] <daftykins> for now they're saying physical access is needed still for all this one, hmm
[21:02] <daftykins> i've gained a new client recently where the whole place needs redoing, firmware updates are high on the list
[21:04] <TJ-> no, it isn't
[21:05] <daftykins> well there's zdnet for you ;D
[21:05] <TJ-> the problem with this one is million's of CPUs are affected, but only *one* has to be attacked (one the attacker owns) to get the master keys. Those apply to millions of CPUs, burned into the CSME boot ROMs (the silicon). Then all the attacker needs is to plant malware on a target system to use those keys to decrypt data
[21:06] <daftykins> fair enough, hadn't found the time to read a piece yet
[21:06] <TJ-> the problem here is, once the keys are extracted (at some point in the future) and if they are made public (as they will) then every similar system with same CPU series is exposed
[21:07] <ducasse> time for a class action against intel?
[21:07] <TJ-> I was talking to some collegues (CIOs/CTOs) this afternoon and they're already worried about the data protection liabilities this causes
[21:07] <daftykins> ah they didn't get it wrong, i just didn't read enough
[21:08] <TJ-> it's now predictable that systems using the TPM on Intel will, at some point soon, be compromised
[21:08] <TJ-> it's rather like the original Firewire vulnerability, but at the CSME level
[21:08] <daftykins> kinda funny that i was just buying systems with TPMs for this client :D
[21:09] <daftykins> i'm not really sure what a sensible course of action is in light of this
[21:12] <TJ-> daftykins: wait for others to decide and copy them!
[21:12] <TJ-> I'm sure there's going to be some statements from the big cloud providers for example
[21:12] <daftykins> yeah
[21:13] <daftykins> TJ-: new client is in finance so i was going down the route of BitLocker on all their desktops etc, Synology NASs though with (i think ecryptfs) encrypted volumes
[21:14] <TJ-> daftykins: could you use external hardware modules (yubikey maybe?)
[21:14] <daftykins> never looked into those
[21:14] <TJ-> I would strongly advise against ecryptfs - very deprecated. File-systems are growing native encryption support via a generic kernel layer now
[21:15] <daftykins> well if the synology doesn't offer it, then it's not an option
[21:18] <TJ-> https://www.kernel.org/doc/html/latest/filesystems/fscrypt.html
[21:19] <ducasse> TJ-: is ext4 encryption ready for usage?
[21:30] <TJ-> Well, it's what is used in Android on rather a lot of devices
[21:31] <JanC> I wonder if various DRM companies will now blacklist all Intel hardware...  ;-)
[21:32] <TJ-> JanC: oh that'd be Karma!
[21:33] <TJ-> hmmm, HDMI HDCP ?
[21:33] <ducasse> no netflix for intel owners!
[21:35] <JanC> obviously that would be commercial suicide for Netflix (& similar)
[21:35] <TJ-> It must be terrible being an Intel CPU engineer/support bod recently
[21:36] <TJ-> Reeling from AMD's Zen/2 rollout, the constant faults in Intel kit around SMT, and now this
[21:39] <ducasse> might be time to save up for power9 kit
[21:40] <daftykins> some really good ones might be telling management "i told you so"