From chsnyder at gmail.com  Fri Nov  1 10:03:03 2013
From: chsnyder at gmail.com (Chris Snyder)
Date: Fri, 1 Nov 2013 10:03:03 -0400
Subject: [nycbug-talk] Happy Halloween, here is some wacky Horror story
In-Reply-To: <CAMXt9NayzyZx3xiNCEs6nB4HWax-iyoX3G93pppxkLuDLdfSrw@mail.gmail.com>
References: <CAMXt9NayzyZx3xiNCEs6nB4HWax-iyoX3G93pppxkLuDLdfSrw@mail.gmail.com>
Message-ID: <CAPKKYS3+JR8vTfgG0F-vj34y1heoiMHwuWDCVa-iM-VyOhtOPw@mail.gmail.com>

On Thu, Oct 31, 2013 at 2:45 PM, Mark Saad <mark.saad at ymail.com> wrote:


> Here is the entire story.
>
>
> http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/
>
>
> So beware OpenBSD user , unplug your Mic and Speakers and never use USB !!!
>


Okay, sure, great Halloween FUD, ha ha ha.

But all of the attacks, separately, are plausible, no? Even the crazy
ultrasonic networking between infected laptops -- I'm a little surprised
they didn't include passing QR codes by line-of-sight with the built-in
webcam, but maybe that's in the next version.

Why shouldn't we be genuinely concerned about the upgradeable software
resident in the bare metal of a server or locked-down workstation? Do our
drivers provide sufficient protection against flaws in the proprietary
subsystems they talk to? Or are those subsystems generally considered
immune to attack?

If I wanted to exercise some paranoia, are there standard tools for
discovering and checksumming the firmware on a system, to detect if it is
tampered with over time?

Chris Snyder
http://chxor.chxo.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20131101/6e1d5371/attachment.htm>

From mark.saad at ymail.com  Fri Nov  1 11:10:14 2013
From: mark.saad at ymail.com (Mark Saad)
Date: Fri, 1 Nov 2013 11:10:14 -0400
Subject: [nycbug-talk] Happy Halloween, here is some wacky Horror story
In-Reply-To: <CAPKKYS3+JR8vTfgG0F-vj34y1heoiMHwuWDCVa-iM-VyOhtOPw@mail.gmail.com>
References: <CAMXt9NayzyZx3xiNCEs6nB4HWax-iyoX3G93pppxkLuDLdfSrw@mail.gmail.com>
 <CAPKKYS3+JR8vTfgG0F-vj34y1heoiMHwuWDCVa-iM-VyOhtOPw@mail.gmail.com>
Message-ID: <CAMXt9Nb6g+Aa7n0Ufd9Bv2DmnPBFuUJ=VmGM=1oWi7M2f5J3+Q@mail.gmail.com>

On Fri, Nov 1, 2013 at 10:03 AM, Chris Snyder <chsnyder at gmail.com> wrote:

> On Thu, Oct 31, 2013 at 2:45 PM, Mark Saad <mark.saad at ymail.com> wrote:
>
>
>> Here is the entire story.
>>
>>
>> http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/
>>
>>
>> So beware OpenBSD user , unplug your Mic and Speakers and never use USB
>> !!!
>>
>
>
> Okay, sure, great Halloween FUD, ha ha ha.
>
> But all of the attacks, separately, are plausible, no? Even the crazy
> ultrasonic networking between infected laptops -- I'm a little surprised
> they didn't include passing QR codes by line-of-sight with the built-in
> webcam, but maybe that's in the next version.
>
> Why shouldn't we be genuinely concerned about the upgradeable software
> resident in the bare metal of a server or locked-down workstation? Do our
> drivers provide sufficient protection against flaws in the proprietary
> subsystems they talk to? Or are those subsystems generally considered
> immune to attack?
>
> If I wanted to exercise some paranoia, are there standard tools for
> discovering and checksumming the firmware on a system, to detect if it is
> tampered with over time?
>
> Chris Snyder
> http://chxor.chxo.com/
>



I like the idea for "passing QR codes by line-of-sight with the built-in
webcam"  If you like qr codes and fun with debugging check this out

https://www.haiku-os.org/blog/mmlr/2012-07-01_qr_encode_your_kdl_output  .
The Haiku OS kernel debugger can print a qr code on the screen so someone
can look up exactly what the issue was when the box crashed. So they say .
It sounds very interesting and I am amazed that Android or iOS do not have
this yet.

As for your question about checksumming firmware, you could take a look at
flashrom http://flashrom.org/Flashrom . This super useful tool can dump the
roms from a number of devices including system bios, network cards etc.
>From there you could checksum the output and track it.

Back to Ike's Gem of a story, the more I think about it the more this
sounds real. I would not doubt that a 3GO has done this sort of hack , and
why not who would look there.  I am thinking we , NYCBUG, should start a
company that makes LED lights that screw into normal sockets that contain a
small arm or mips system . Spooks would love this crap. We'd  make a
fortune. :)

To Ed's point its not the java language that's bad; its the people who what
to say the solution for your business problem is another language  .  Sure
this can be a real issue, say your companies products are all coded in some
obscure dialect of pascal, your head programer quits, and no one is capable
of handing his work. This would be a good reason to think about recoding it
in another language that your staff has better skills with.  However, your
company is not making enough money , you should use
java/.net/cobol/php/ruby/BF/python/voodu/blackmagic is a bad idea. Its all
the same to me its the means to make the product its not the product.
Unless you are Sun, Oracle or IBM.


-- 

Mark Saad | mark.saad at ymail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20131101/a6cc5f2a/attachment.htm>

From edlinuxguru at gmail.com  Fri Nov  1 11:53:04 2013
From: edlinuxguru at gmail.com (Edward Capriolo)
Date: Fri, 1 Nov 2013 11:53:04 -0400
Subject: [nycbug-talk] Happy Halloween, here is some wacky Horror story
In-Reply-To: <CAPKKYS3+JR8vTfgG0F-vj34y1heoiMHwuWDCVa-iM-VyOhtOPw@mail.gmail.com>
References: <CAMXt9NayzyZx3xiNCEs6nB4HWax-iyoX3G93pppxkLuDLdfSrw@mail.gmail.com>
 <CAPKKYS3+JR8vTfgG0F-vj34y1heoiMHwuWDCVa-iM-VyOhtOPw@mail.gmail.com>
Message-ID: <CAENxBwxRda2+Z33zjgLsEvNBFS5OXffpDUt_RLdtVFyBjm9tHQ@mail.gmail.com>

"are there standard tools for discovering and checksumming the firmware".
That is what I was wondering. I understand the case of a motherboard BIOS,
if something could re-write the firmware. I think that is very possible
because now many vendor tools re-write the firmware without requiring you
to boot from a CD. This is one thing that makes the story questionable to
me.

In the case of a USB stick, it would seem pretty easy to purchase two usb
sticks, stick one into your "corrupted" network and then compare the
firmware on the two units to see if an actual change happened. In the BIOS
case, couldn't one use VMware? After all VMWare emulates a BIOS start an
image see if the image changes in a substantial way. The mame community
somehow manages to extract (BIOS) information from hundreds of arcade
machines....




On Fri, Nov 1, 2013 at 10:03 AM, Chris Snyder <chsnyder at gmail.com> wrote:

> On Thu, Oct 31, 2013 at 2:45 PM, Mark Saad <mark.saad at ymail.com> wrote:
>
>
>> Here is the entire story.
>>
>>
>> http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/
>>
>>
>> So beware OpenBSD user , unplug your Mic and Speakers and never use USB
>> !!!
>>
>
>
> Okay, sure, great Halloween FUD, ha ha ha.
>
> But all of the attacks, separately, are plausible, no? Even the crazy
> ultrasonic networking between infected laptops -- I'm a little surprised
> they didn't include passing QR codes by line-of-sight with the built-in
> webcam, but maybe that's in the next version.
>
> Why shouldn't we be genuinely concerned about the upgradeable software
> resident in the bare metal of a server or locked-down workstation? Do our
> drivers provide sufficient protection against flaws in the proprietary
> subsystems they talk to? Or are those subsystems generally considered
> immune to attack?
>
> If I wanted to exercise some paranoia, are there standard tools for
> discovering and checksumming the firmware on a system, to detect if it is
> tampered with over time?
>
> Chris Snyder
> http://chxor.chxo.com/
>
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://www.nycbug.org/mailman/listinfo/talk
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20131101/4c9788e6/attachment.htm>

From nikolai at fetissov.org  Sat Nov  2 09:40:08 2013
From: nikolai at fetissov.org (Nikolai Fetissov)
Date: Sat, 2 Nov 2013 09:40:08 -0400
Subject: [nycbug-talk] Happy Halloween, here is some wacky Horror story
In-Reply-To: <201310312015.r9VKFEkd030115@rs103.luxsci.com>
References: <201310312015.r9VKFEkd030115@rs103.luxsci.com>
Message-ID: <C3D711C4-2A03-470B-B3F7-C357C9442582@fetissov.org>



> On Oct 31, 2013, at 4:15 PM, "Isaac (.ike) Levy" <ike at blackskyresearch.net> wrote:
> 
> 
>> On October 31, 2013 03:26:01 PM EDT, Charles Sprickman <spork at bway.net> wrote:
>>> On Oct 31, 2013, at 3:13 PM, Mark Saad wrote:
>>> On Thu, Oct 31, 2013 at 3:09 PM, Brian Coca <briancoca+nycbug at gmail.com> wrote:
>>> Does this mean that I MUST blast death metal at max volume over the whole office for security reasons?
> 
> Here's a different horror story, which a russian developer in our office showed us:
> 
> http://www.vz.ru/news/2013/10/26/656816.html
> 
> (I'd love for someone here who speaks/knows Russian, to validate this source isn't some sort of Russian version of The Onion or something...)

People in the clip sound like they don't know what they are talking about.
Most comments after the article discount this as a complete bs.


> --
> Rough Translation (using Google translate):
> 
> "Media: China has put in irons Russian spy-spammers"
> 
> Petersburg sellers of electronics in a hurry terminated contracts with Chinese suppliers after the discovery of the party "spyware" - irons, kettles and phones that can send out viruses and spam Wi-Fi.
> 
> All electronics have been equipped with a small chip, which, when you turn the device into the grid could easily be connected by over Wi-Fi to any unprotected computers within a radius of 200 meters.
> 
> According to the director of the importing company Innocent Fedorov such a surprise from his colleagues from China, he did not expect, "This place is already proven, and it is strange that such a thing happened. This happened recently, something has to happen suddenly, and we began to understand, to find out what it was. "
> 
> Discover the "spy" fake entrepreneurs helped the brokerage firm, transfer "Vesti.Ru" .
> 
> Prior to sending equipment from China Russian experts confused weight of packages, which a few grams differ materially from those in the documents. Party stopped at the border, experts engaged in the study of electronics.
> 
> It turned out that the embedded chips designed to send unwanted spam and computer viruses.
> 
> CTO and Customs broker Gleb Pavlov explains: "You do not even notice that it sends something. Neither the system administrator will not notice the attack, because it did not occur outside of the enterprise, and not through the Web, but from within. "
> 
> About 30 irons, kettles, phones and video recorders from a trial lot still had time to go back to their chain stores of St. Petersburg, and the question of how many of these electronics products to spyware chip, it is difficult to answer.
> 
> It is also unknown whether the leak could multifunction machines in other regions of Russia.
> --
> 
> 
> Rocket-
> .ike
> 
> 
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://www.nycbug.org/mailman/listinfo/talk



From jkeen at verizon.net  Sun Nov  3 09:32:08 2013
From: jkeen at verizon.net (James E Keenan)
Date: Sun, 03 Nov 2013 09:32:08 -0500
Subject: [nycbug-talk] A Question in Advance of the November Meeting on
	Regexes
Message-ID: <52765E68.8080108@verizon.net>

On the announce list I read:

"November 6 2013
Regular Expressions Fundamentals, Moe Nasser
...
This meeting will cover regex basics, and based on audience
participation, it may go well beyond."

So let me pose this question to Moe in advance:

I principally write software in Perl, so I am very familiar with regular 
expressions themselves.  Very occasionally, however, I have written 
command-line programs which pipe a string to 'sed' for pattern matching, 
and I've even used (or maintained) 'system' commands within Perl 
programs that involve piping to 'sed' or 'awk' for pattern matching.

Do you have any guidelines or rules of thumb for when you would use one 
language's regexes versus another's?

(There was one point several years ago when I benchmarked a use of Perl 
regexes versus sed regexes, but I don't think the results were conclusive.)

Thank you very much.
Jim Keenan


From ike at blackskyresearch.net  Sun Nov  3 12:54:00 2013
From: ike at blackskyresearch.net (Isaac (.ike) Levy)
Date: Sun, 3 Nov 2013 12:54:00 -0500
Subject: [nycbug-talk] Free Firewire Stuff
Message-ID: <1383501242-1838493.15671695.frA3Hs0sC015546@rs149.luxsci.com>

Hi All,

I retired my last firewire device some time ago, and I have a grab-bag of Firewire stuff available, give me a shout off-list if you want it.

I can bring it to the next NYC*BUG meeting, the bag includes:

- A nice, powered 6 port Firewire Switch (not hub)
- A 15" firewire extension cable
- a couple dozen firewire cables of various common lengths, various flavors, (fw 800/400 etc?)

--
For anyone who does kernel debugging via firewire/gdb, there could be some cables in there you'd want!

Best,
.ike





From george at ceetonetechnology.com  Sun Nov  3 13:13:55 2013
From: george at ceetonetechnology.com (George Rosamond)
Date: Sun, 03 Nov 2013 13:13:55 -0500
Subject: [nycbug-talk] A Question in Advance of the November Meeting on
 Regexes
In-Reply-To: <52765E68.8080108@verizon.net>
References: <52765E68.8080108@verizon.net>
Message-ID: <52769263.90607@ceetonetechnology.com>

James E Keenan:
> On the announce list I read:
> 
> "November 6 2013
> Regular Expressions Fundamentals, Moe Nasser
> ...
> This meeting will cover regex basics, and based on audience
> participation, it may go well beyond."
> 
> So let me pose this question to Moe in advance:
> 
> I principally write software in Perl, so I am very familiar with regular
> expressions themselves.  Very occasionally, however, I have written
> command-line programs which pipe a string to 'sed' for pattern matching,
> and I've even used (or maintained) 'system' commands within Perl
> programs that involve piping to 'sed' or 'awk' for pattern matching.
> 
> Do you have any guidelines or rules of thumb for when you would use one
> language's regexes versus another's?
> 
> (There was one point several years ago when I benchmarked a use of Perl
> regexes versus sed regexes, but I don't think the results were conclusive.)
> 
> Thank you very much.
> Jim Keenan

Ike:

Make sure Moe gets this.

And thanks James... we need more pre-meeting discussion in general.

g



From ike at blackskyresearch.net  Wed Nov  6 08:47:04 2013
From: ike at blackskyresearch.net (Isaac (.ike) Levy)
Date: Wed, 06 Nov 2013 13:47:04 +0000
Subject: [nycbug-talk] Tonight's meeting need: Apple Display VGA adapter
Message-ID: <201311061347.rA6Dl4Ah019552@rs102.luxsci.com>


Hi All,

Sorry to bother- I'm wondering if someone could please bring an Apple 
VGA display adapter?

See yall' there!

Best,
.ike




From raulcuza at gmail.com  Wed Nov  6 09:39:28 2013
From: raulcuza at gmail.com (Raul Cuza)
Date: Wed, 6 Nov 2013 09:39:28 -0500
Subject: [nycbug-talk] Tonight's meeting need: Apple Display VGA adapter
In-Reply-To: <201311061347.rA6Dl4Ah019552@rs102.luxsci.com>
References: <201311061347.rA6Dl4Ah019552@rs102.luxsci.com>
Message-ID: <CAOnfn2xeGc6dhCGTX-G+9tJAjPzX4HSFaYUWMmQGqqEwvPbMKw@mail.gmail.com>

I threw one in my bag. It is the thunderbolt/MiniDP connection on the Mac end.

http://www.conrad.com/medias/global/ce/9000_9999/9700/9740/9749/974946_BB_00_FB.EPS_1000.jpg

If you are using an older model let me know, I might have an adapter
to fit (my junk drawer is too big).

r.

On Wed, Nov 6, 2013 at 8:47 AM, Isaac (.ike) Levy
<ike at blackskyresearch.net> wrote:
>
> Hi All,
>
> Sorry to bother- I'm wondering if someone could please bring an Apple VGA
> display adapter?
>
> See yall' there!
>
> Best,
> .ike
>
>
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://www.nycbug.org/mailman/listinfo/talk


From ike at blackskyresearch.net  Wed Nov  6 10:09:24 2013
From: ike at blackskyresearch.net (Isaac (.ike) Levy)
Date: Wed, 06 Nov 2013 15:09:24 +0000
Subject: [nycbug-talk] Tonight's meeting need: Apple Display VGA adapter
Message-ID: <201311061509.rA6F9OgL008626@rs101.luxsci.com>


On November 6, 2013 09:39:28 AM EST, Raul Cuza <raulcuza at gmail.com> wrote:

> I threw one in my bag. It is the thunderbolt/MiniDP connection on the 
> Mac end.
>
> http://www.conrad.com/medias/global/ce/9000_9999/9700/9740/9749/974946_BB_00_FB.EPS_1000.jpg
>
> If you are using an older model let me know, I might have an adapter
> to fit (my junk drawer is too big).
>
> r.

The Thunderbolt/MiniDP adapter is the one!  Thanks Raul, see you tonight!

Best,
.ike



>
> On Wed, Nov 6, 2013 at 8:47 AM, Isaac (.ike) Levy
> <ike at blackskyresearch.net> wrote:
>>
>> Hi All,
>>
>> Sorry to bother- I'm wondering if someone could please bring an Apple VGA
>> display adapter?
>>
>> See yall' there!
>>
>> Best,
>> .ike
>>
>>
>> _______________________________________________
>> talk mailing list
>> talk at lists.nycbug.org
>> http://www.nycbug.org/mailman/listinfo/talk
>




From jkeen at verizon.net  Wed Nov  6 21:33:46 2013
From: jkeen at verizon.net (James E Keenan)
Date: Wed, 06 Nov 2013 21:33:46 -0500
Subject: [nycbug-talk] Follow-up on grep -P
Message-ID: <527AFC0A.2050607@verizon.net>

Thanks to Moe Nasser's presentation tonight, I was inspired to
RTFM for grep.  In particular: grep -P.  I tried this on three different 
machines: an older Mac OSX laptop, an older Debian Linux server 
(Linode), and a more up-to-date Debian Linux server.  I maintain (so to 
speak) the first two boxes; professional sysadmins maintain the latter. 
  On the two machines I maintain, I use whatever 'grep' came with the 
machine.  And on these two machines, the '-P' option, though documented 
in the manpages, did not work, as those greps had not been compiled with 
that option.

Darwin:  grep (GNU grep) 2.5.1
$ echo "abacus babble b a ba ab cabriolet" | grep -P '(?=a)b'
grep: The -P option is not supported

Linux (mine):  $ grep -V
GNU grep 2.5.3

$ echo "abacus babble b a ba ab cabriolet" | grep -P '(?=a)b'
grep: Support for the -P option is not compiled into this 
--disable-perl-regexp binary

Linux (not mine): $ grep -V
GNU grep 2.6.3

$ echo "abacus babble b a ba ab cabriolet xenacb" | grep -P --color 
'(?<=b)a'
abacus babble b a ba ab cabriolet xenacb


So, your results with 'grep -P' will depend on how the version of grep 
you're using was compiled.  YMMV.

Thank you very much.
Jim Keenan


From jkeen at verizon.net  Fri Nov  8 19:13:00 2013
From: jkeen at verizon.net (James E Keenan)
Date: Fri, 08 Nov 2013 19:13:00 -0500
Subject: [nycbug-talk] Follow-up on grep -P
In-Reply-To: <527AFC0A.2050607@verizon.net>
References: <527AFC0A.2050607@verizon.net>
Message-ID: <527D7E0C.7070205@verizon.net>

On 11/6/13 9:33 PM, James E Keenan wrote:

>
>
> So, your results with 'grep -P' will depend on how the version of grep
> you're using was compiled. YMMV.
>

However, if you want the power of 'grep -P' but don't have control over 
the way 'grep' is compiled for your environment, you can check out the 
program 'ack' -- "a tool like grep, optimized for programmers".  'ack' 
was written by veteran Perl hacker Andy Lester*.  You can read all about 
it here:

http://beyondgrep.com/

Thank you very much.
Jim Keenan


*And others, including yours truly, who made some small contributions to 
ack's test suite at a hackathon in Chicago seven years ago this month.


From ericshane at eradman.com  Sat Nov  9 20:41:27 2013
From: ericshane at eradman.com (Eric Radman)
Date: Sat, 9 Nov 2013 20:41:27 -0500
Subject: [nycbug-talk] Reducing password fatigue on OpenBSD (or any BSD)
Message-ID: <20131110014127.GA18293@vm.eradman.com>

This week I moved /home to a softraid(4) crypto device on my laptop so
that I would no longer need to spend time worrying about about the
consequences of it being lost or stolen. Works great; I just have to
"unlock" the volume on boot

Passphrase: ****************

And log in

login: myself
Password: ****************

And activate my SSH keypairs

$ eval `ssh-agent`
$ ssh-add
Enter passphrase for /home/myself/.ssh/id_XXX: ****************

And I haven't even typed kinit yet.

Are there any well-respected practices for keying off of data stored on
a USB stick? How might one collapse two of these steps in a reasonably
secure way?

Thought it would be worth asking before I wander off and invent a flawed
or brittle shortcut!

-- 
Eric Radman


From raulcuza at gmail.com  Mon Nov 11 12:19:34 2013
From: raulcuza at gmail.com (Raul Cuza)
Date: Mon, 11 Nov 2013 12:19:34 -0500
Subject: [nycbug-talk] Reducing password fatigue on OpenBSD (or any BSD)
In-Reply-To: <20131110014127.GA18293@vm.eradman.com>
References: <20131110014127.GA18293@vm.eradman.com>
Message-ID: <CAOnfn2x_4qWbLWwiChV_yepuWqhZfZwCFU6wZGs7ddc+x+ZrRw@mail.gmail.com>

On Sat, Nov 9, 2013 at 8:41 PM, Eric Radman <ericshane at eradman.com> wrote:
> This week I moved /home to a softraid(4) crypto device on my laptop so
> that I would no longer need to spend time worrying about about the
> consequences of it being lost or stolen. Works great; I just have to
> "unlock" the volume on boot
>
> Passphrase: ****************
>
> And log in
>
> login: myself
> Password: ****************
>
> And activate my SSH keypairs
>
> $ eval `ssh-agent`
> $ ssh-add
> Enter passphrase for /home/myself/.ssh/id_XXX: ****************
>
> And I haven't even typed kinit yet.
>
> Are there any well-respected practices for keying off of data stored on
> a USB stick? How might one collapse two of these steps in a reasonably
> secure way?
>
> Thought it would be worth asking before I wander off and invent a flawed
> or brittle shortcut!
>
> --
> Eric Radman


Probably should not reply as I don't have any well-respected practices
to offer, but nature abhors a vacuum.

It seems like any automation between the volume decryption and getting
s*$+ done would leave you vulnerable in some way. It is not like a
unique code can be generated on the output of one step that can be
part of the input of the next step.

What about something like the Yubi key? It means you have to have a
USB port (which you do not seem to be opposed to) and you don't have
to type your passphrase(s) over and over. See
http://geekyschmidt.com/2010/12/27/yubikey-and-my-desire-to-beat-the-feds-to-hspd12-compliance
for a post about it. I've not used it with OpenBSD, but I've used OTP
at a couple of sites with a warm sense of safety (but that might of
just been the heat generated by the NSA using my CPU to decrypt
hashes).

Ra?l

p.s. I love that my $work filters geekyschmidt.com as a
Proxy/Anonymizer. "Bad website, bad website. Sit. Play dead. Good
website, good website."



From ericshane at eradman.com  Mon Nov 11 13:34:11 2013
From: ericshane at eradman.com (Eric Radman)
Date: Mon, 11 Nov 2013 13:34:11 -0500
Subject: [nycbug-talk] Reducing password fatigue on OpenBSD (or any BSD)
In-Reply-To: <CAOnfn2x_4qWbLWwiChV_yepuWqhZfZwCFU6wZGs7ddc+x+ZrRw@mail.gmail.com>
References: <20131110014127.GA18293@vm.eradman.com>
 <CAOnfn2x_4qWbLWwiChV_yepuWqhZfZwCFU6wZGs7ddc+x+ZrRw@mail.gmail.com>
Message-ID: <20131111183411.GA3643@vm.eradman.com>

On Mon, Nov 11, 2013 at 12:19:34PM -0500, Raul Cuza wrote:
> On Sat, Nov 9, 2013 at 8:41 PM, Eric Radman <ericshane at eradman.com> wrote:
> >
> > Are there any well-respected practices for keying off of data stored on
> > a USB stick? How might one collapse two of these steps in a reasonably
> > secure way?
> 
> It seems like any automation between the volume decryption and getting
> s*$+ done would leave you vulnerable in some way. It is not like a
> unique code can be generated on the output of one step that can be
> part of the input of the next step.

I agree, but isn't this basically what single sign-on systems do?
 
> What about something like the Yubi key? It means you have to have a
> USB port (which you do not seem to be opposed to) and you don't have
> to type your passphrase(s) over and over. See
> http://geekyschmidt.com/2010/12/27/yubikey-and-my-desire-to-beat-the-feds-to-hspd12-compliance
> for a post about it.

Thanks, this is exactly what I was looking for. <bcallah> also suggested
this on IRC. YubiKey is brilliant because generating one-time keys can
be used as a replacement for passwords OR as an inexpensive way to set
up two-factor authentication.
(http://undeadly.org/cgi?action=article&sid=20130616112437)

Eric


From zippy1981 at gmail.com  Thu Nov 14 22:43:01 2013
From: zippy1981 at gmail.com (Justin Dearing)
Date: Thu, 14 Nov 2013 22:43:01 -0500
Subject: [nycbug-talk] Fwd: New IEE Organizationally Unique Identifier:
	FreeBSD foundation
In-Reply-To: <CABsCM1NHOmEnnMftdT=Cow95fjQxc8M9erzo+rQm3k999Q7AXA@mail.gmail.com>
References: <CABsCM1NHOmEnnMftdT=Cow95fjQxc8M9erzo+rQm3k999Q7AXA@mail.gmail.com>
Message-ID: <CABsCM1OVDhqZzbn0EjberwYdrr13KS8Ra-EcYFnPRQt2kozFCA@mail.gmail.com>

bhve and other freebsd projcects now have a proper block of Mac addresses.
Who else besides nmap needs to update things?

Justin

---------- Forwarded message ----------
From: Justin Dearing <zippy1981 at gmail.com>
Date: Thu, Nov 14, 2013 at 10:41 PM
Subject: New IEE Organizationally Unique Identifier: FreeBSD foundation
To: dev at nmap.org


The FreeBSD foundation has its own block of mac addresses now. These will
be used by bhyve. I'm not sure where nmap gets its MAC address database, so
let me know if this needs to get forwarded somewhere else.

http://svnweb.freebsd.org/base?view=revision&revision=258141
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20131114/b6c505d5/attachment.htm>

From george at ceetonetechnology.com  Thu Nov 14 22:54:13 2013
From: george at ceetonetechnology.com (George Rosamond)
Date: Thu, 14 Nov 2013 22:54:13 -0500
Subject: [nycbug-talk] Fwd: New IEE Organizationally Unique Identifier:
 FreeBSD foundation
In-Reply-To: <CABsCM1OVDhqZzbn0EjberwYdrr13KS8Ra-EcYFnPRQt2kozFCA@mail.gmail.com>
References: <CABsCM1NHOmEnnMftdT=Cow95fjQxc8M9erzo+rQm3k999Q7AXA@mail.gmail.com>
 <CABsCM1OVDhqZzbn0EjberwYdrr13KS8Ra-EcYFnPRQt2kozFCA@mail.gmail.com>
Message-ID: <52859AE5.6000105@ceetonetechnology.com>

Justin Dearing:
> bhve and other freebsd projcects now have a proper block of Mac addresses.
> Who else besides nmap needs to update things?
> 

how about different arp related utilities... net/arpwatch?

g

> Justin
> 
> ---------- Forwarded message ----------
> From: Justin Dearing <zippy1981 at gmail.com>
> Date: Thu, Nov 14, 2013 at 10:41 PM
> Subject: New IEE Organizationally Unique Identifier: FreeBSD foundation
> To: dev at nmap.org
> 
> 
> The FreeBSD foundation has its own block of mac addresses now. These will
> be used by bhyve. I'm not sure where nmap gets its MAC address database, so
> let me know if this needs to get forwarded somewhere else.
> 
> http://svnweb.freebsd.org/base?view=revision&revision=258141
> 
> 
> 
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://www.nycbug.org/mailman/listinfo/talk
> 



From jpb at jimby.name  Fri Nov 15 10:02:01 2013
From: jpb at jimby.name (Jim B.)
Date: Fri, 15 Nov 2013 10:02:01 -0500
Subject: [nycbug-talk] Fwd: New IEE Organizationally Unique Identifier:
 FreeBSD foundation
In-Reply-To: <CABsCM1OVDhqZzbn0EjberwYdrr13KS8Ra-EcYFnPRQt2kozFCA@mail.gmail.com>
References: <CABsCM1NHOmEnnMftdT=Cow95fjQxc8M9erzo+rQm3k999Q7AXA@mail.gmail.com>
 <CABsCM1OVDhqZzbn0EjberwYdrr13KS8Ra-EcYFnPRQt2kozFCA@mail.gmail.com>
Message-ID: <20131115150201.GA25206@jimby.name>

* Justin Dearing <zippy1981 at gmail.com> [2013-11-14 23:10]:
> bhve and other freebsd projcects now have a proper block of Mac addresses.
> Who else besides nmap needs to update things?
> 
> Justin
> 
> ---------- Forwarded message ----------
> From: Justin Dearing <zippy1981 at gmail.com>
> Date: Thu, Nov 14, 2013 at 10:41 PM
> Subject: New IEE Organizationally Unique Identifier: FreeBSD foundation
> To: dev at nmap.org
> 
> 
> The FreeBSD foundation has its own block of mac addresses now. These will
> be used by bhyve. I'm not sure where nmap gets its MAC address database, so
> let me know if this needs to get forwarded somewhere else.
> 
> http://svnweb.freebsd.org/base?view=revision&revision=258141


I think Wireshark displays organization name.  Not sure where they get
their database.

Jim B.


From george at ceetonetechnology.com  Fri Nov 15 09:44:01 2013
From: george at ceetonetechnology.com (George Rosamond)
Date: Fri, 15 Nov 2013 09:44:01 -0500
Subject: [nycbug-talk] Fwd: New IEE Organizationally Unique Identifier:
 FreeBSD foundation
In-Reply-To: <20131115150201.GA25206@jimby.name>
References: <CABsCM1NHOmEnnMftdT=Cow95fjQxc8M9erzo+rQm3k999Q7AXA@mail.gmail.com>
 <CABsCM1OVDhqZzbn0EjberwYdrr13KS8Ra-EcYFnPRQt2kozFCA@mail.gmail.com>
 <20131115150201.GA25206@jimby.name>
Message-ID: <52863331.8060507@ceetonetechnology.com>

Jim B.:
> * Justin Dearing <zippy1981 at gmail.com> [2013-11-14 23:10]:
>> bhve and other freebsd projcects now have a proper block of Mac addresses.
>> Who else besides nmap needs to update things?
>>
>> Justin
>>
>> ---------- Forwarded message ----------
>> From: Justin Dearing <zippy1981 at gmail.com>
>> Date: Thu, Nov 14, 2013 at 10:41 PM
>> Subject: New IEE Organizationally Unique Identifier: FreeBSD foundation
>> To: dev at nmap.org
>>
>>
>> The FreeBSD foundation has its own block of mac addresses now. These will
>> be used by bhyve. I'm not sure where nmap gets its MAC address database, so
>> let me know if this needs to get forwarded somewhere else.
>>
>> http://svnweb.freebsd.org/base?view=revision&revision=258141
> 
> 
> I think Wireshark displays organization name.  Not sure where they get
> their database.

I think it's safe to say that Wireshark, etc., all use the same database

https://en.wikipedia.org/wiki/Organizationally_Unique_Identifier

g



From george at ceetonetechnology.com  Fri Nov 15 10:47:46 2013
From: george at ceetonetechnology.com (George Rosamond)
Date: Fri, 15 Nov 2013 10:47:46 -0500
Subject: [nycbug-talk] elliptic curve crypto article
Message-ID: <52864222.30006@ceetonetechnology.com>

I assume others saw this, but thought I'd toss out due to previous
discussions:

http://arstechnica.com/security/2013/10/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/


From jkeen at verizon.net  Fri Nov 15 19:18:16 2013
From: jkeen at verizon.net (James E Keenan)
Date: Fri, 15 Nov 2013 19:18:16 -0500
Subject: [nycbug-talk] elliptic curve crypto article
In-Reply-To: <52864222.30006@ceetonetechnology.com>
References: <52864222.30006@ceetonetechnology.com>
Message-ID: <5286B9C8.4040302@verizon.net>

On 11/15/13 10:47 AM, George Rosamond wrote:
> I assume others saw this, but thought I'd toss out due to previous
> discussions:
>
> http://arstechnica.com/security/2013/10/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/

I had not previously seen it.  But it was a very interesting article.  I 
almost understood it.



From nikolai at fetissov.org  Wed Nov 20 17:04:25 2013
From: nikolai at fetissov.org (Nikolai Fetissov)
Date: Wed, 20 Nov 2013 17:04:25 -0500
Subject: [nycbug-talk] GPS hardware for OpenNTPd
Message-ID: <D52D2CAE-FF71-4F8B-8690-B2A943BA7552@fetissov.org>

Hey folks,

Can anybody share any experiences with GPS receivers under OpenBSD/OpenNTPd?
I'm having hard time figuring out what  hardware to look for.

Cheers,
--
 Nikolai


From george at ceetonetechnology.com  Wed Nov 20 18:35:50 2013
From: george at ceetonetechnology.com (George Rosamond)
Date: Wed, 20 Nov 2013 18:35:50 -0500
Subject: [nycbug-talk] GPS hardware for OpenNTPd
In-Reply-To: <D52D2CAE-FF71-4F8B-8690-B2A943BA7552@fetissov.org>
References: <D52D2CAE-FF71-4F8B-8690-B2A943BA7552@fetissov.org>
Message-ID: <528D4756.2030902@ceetonetechnology.com>

Nikolai Fetissov:
> Hey folks,
> 
> Can anybody share any experiences with GPS receivers under OpenBSD/OpenNTPd?
> I'm having hard time figuring out what  hardware to look for.

Not to distract, but . . .

I'm a bit confused by the idea of OpenNTPD with a GPS receiver.

I thought OpenNTPD wasn't concerned with precision as much as security
and simplicity.

g



From pete at nomadlogic.org  Wed Nov 20 18:44:41 2013
From: pete at nomadlogic.org (Pete Wright)
Date: Wed, 20 Nov 2013 15:44:41 -0800
Subject: [nycbug-talk] GPS hardware for OpenNTPd
In-Reply-To: <528D4756.2030902@ceetonetechnology.com>
References: <D52D2CAE-FF71-4F8B-8690-B2A943BA7552@fetissov.org>
 <528D4756.2030902@ceetonetechnology.com>
Message-ID: <528D4969.8060903@nomadlogic.org>



On 11/20/13 15:35, George Rosamond wrote:
> Nikolai Fetissov:
>> Hey folks,
>>
>> Can anybody share any experiences with GPS receivers under OpenBSD/OpenNTPd?
>> I'm having hard time figuring out what  hardware to look for.
> 
> Not to distract, but . . .
> 
> I'm a bit confused by the idea of OpenNTPD with a GPS receiver.
> 
> I thought OpenNTPD wasn't concerned with precision as much as security
> and simplicity.
> 

I could still see a usecase for a system requiring a GPS receiver as a
source for timing info - systems that can't trust external NTPD's as a
timing source...which would trust military satellites...ow..my head hurts...

still think it is a valid question though :)

-p


-- 
Pete Wright
pete at nomadlogic.org
twitter => @nomadlogicLA



From okan at demirmen.com  Wed Nov 20 19:48:09 2013
From: okan at demirmen.com (Okan Demirmen)
Date: Wed, 20 Nov 2013 19:48:09 -0500
Subject: [nycbug-talk] GPS hardware for OpenNTPd
In-Reply-To: <528D4756.2030902@ceetonetechnology.com>
References: <D52D2CAE-FF71-4F8B-8690-B2A943BA7552@fetissov.org>
 <528D4756.2030902@ceetonetechnology.com>
Message-ID: <CACs0eVQKfjEhr99zgnw4LdWHnO0Nd-o=LJMhRK8siGaL_gEUgg@mail.gmail.com>

On Wed, Nov 20, 2013 at 6:35 PM, George Rosamond
<george at ceetonetechnology.com> wrote:
> Nikolai Fetissov:
>> Hey folks,
>>
>> Can anybody share any experiences with GPS receivers under OpenBSD/OpenNTPd?
>> I'm having hard time figuring out what  hardware to look for.

nmea(4), mtms(4), endrun(4) ...

> Not to distract, but . . .
>
> I'm a bit confused by the idea of OpenNTPD with a GPS receiver.
>
> I thought OpenNTPD wasn't concerned with precision as much as security
> and simplicity.

Simple doesn't mean lack of features :)  timedelta sensors have been
supported for quite some time.


From george at ceetonetechnology.com  Wed Nov 20 19:52:23 2013
From: george at ceetonetechnology.com (George Rosamond)
Date: Wed, 20 Nov 2013 19:52:23 -0500
Subject: [nycbug-talk] GPS hardware for OpenNTPd
In-Reply-To: <CACs0eVQKfjEhr99zgnw4LdWHnO0Nd-o=LJMhRK8siGaL_gEUgg@mail.gmail.com>
References: <D52D2CAE-FF71-4F8B-8690-B2A943BA7552@fetissov.org>	<528D4756.2030902@ceetonetechnology.com>
 <CACs0eVQKfjEhr99zgnw4LdWHnO0Nd-o=LJMhRK8siGaL_gEUgg@mail.gmail.com>
Message-ID: <528D5947.2010903@ceetonetechnology.com>

Okan Demirmen:
> On Wed, Nov 20, 2013 at 6:35 PM, George Rosamond
> <george at ceetonetechnology.com> wrote:
>> Nikolai Fetissov:
>>> Hey folks,
>>>
>>> Can anybody share any experiences with GPS receivers under OpenBSD/OpenNTPd?
>>> I'm having hard time figuring out what  hardware to look for.
> 
> nmea(4), mtms(4), endrun(4) ...
> 
>> Not to distract, but . . .
>>
>> I'm a bit confused by the idea of OpenNTPD with a GPS receiver.
>>
>> I thought OpenNTPD wasn't concerned with precision as much as security
>> and simplicity.
> 
> Simple doesn't mean lack of features :)  timedelta sensors have been
> supported for quite some time.
> 

I'm sure the features are there and the hardware support.

But if the hardware is there for serious accuracy, and openntpd isn't,
then explain why they make sense as a duo.

You're not getting the latency crap over the internet, but I don't
understand why you'd then slack when it comes to the daemon then.

g


From mark.saad at ymail.com  Wed Nov 20 19:59:02 2013
From: mark.saad at ymail.com (Mark Saad)
Date: Wed, 20 Nov 2013 16:59:02 -0800 (PST)
Subject: [nycbug-talk] GPS hardware for OpenNTPd
In-Reply-To: <528D5947.2010903@ceetonetechnology.com>
Message-ID: <1384995542.51789.YahooMailIosMobile@web140101.mail.bf1.yahoo.com>

<br/><br/>Okan<br/>  But does it support random(4) . Seriously has anyone on the list setup this combo in open or another BSD ? <br/><br/>---<br/>Mark 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20131120/104d7c7b/attachment.htm>

From okan at demirmen.com  Wed Nov 20 20:16:28 2013
From: okan at demirmen.com (Okan Demirmen)
Date: Wed, 20 Nov 2013 20:16:28 -0500
Subject: [nycbug-talk] GPS hardware for OpenNTPd
In-Reply-To: <528D5947.2010903@ceetonetechnology.com>
References: <D52D2CAE-FF71-4F8B-8690-B2A943BA7552@fetissov.org>
 <528D4756.2030902@ceetonetechnology.com>
 <CACs0eVQKfjEhr99zgnw4LdWHnO0Nd-o=LJMhRK8siGaL_gEUgg@mail.gmail.com>
 <528D5947.2010903@ceetonetechnology.com>
Message-ID: <CACs0eVR6u6Ams3p5OB578tD7XvtoScS3J+aqGrsnQtcWWuRLhQ@mail.gmail.com>

On Wed, Nov 20, 2013 at 7:52 PM, George Rosamond
<george at ceetonetechnology.com> wrote:
> Okan Demirmen:
>> On Wed, Nov 20, 2013 at 6:35 PM, George Rosamond
>> <george at ceetonetechnology.com> wrote:
>>> Nikolai Fetissov:
>>>> Hey folks,
>>>>
>>>> Can anybody share any experiences with GPS receivers under OpenBSD/OpenNTPd?
>>>> I'm having hard time figuring out what  hardware to look for.
>>
>> nmea(4), mtms(4), endrun(4) ...
>>
>>> Not to distract, but . . .
>>>
>>> I'm a bit confused by the idea of OpenNTPD with a GPS receiver.
>>>
>>> I thought OpenNTPD wasn't concerned with precision as much as security
>>> and simplicity.
>>
>> Simple doesn't mean lack of features :)  timedelta sensors have been
>> supported for quite some time.
>>
>
> I'm sure the features are there and the hardware support.
>
> But if the hardware is there for serious accuracy, and openntpd isn't,
> then explain why they make sense as a duo.
>
> You're not getting the latency crap over the internet, but I don't
> understand why you'd then slack when it comes to the daemon then.

I don't understand what you're asking.... read ntpd.conf, noteable of
the below configuration:

sensor device [correction microseconds] [weight weight-value] [refid
string] [stratum stratum-value]

What openntpd might be missing are the features that like a tiny tiny
fraction of people need/use.  The ntp source might be this great GPS
device, but now one has an ntpd server servicing requests from some
random network...go hog wild on the gps side, but one can lose how
much of it once it "on the network"...?


From bonsaime at gmail.com  Wed Nov 20 20:48:23 2013
From: bonsaime at gmail.com (Jesse Callaway)
Date: Wed, 20 Nov 2013 20:48:23 -0500
Subject: [nycbug-talk] GPS hardware for OpenNTPd
In-Reply-To: <D52D2CAE-FF71-4F8B-8690-B2A943BA7552@fetissov.org>
References: <D52D2CAE-FF71-4F8B-8690-B2A943BA7552@fetissov.org>
Message-ID: <CAJU5ZBMcZR=o6kwJJ7eXdEyQDSd1L4NxqGgzNMGkk2Hgb=V7Mg@mail.gmail.com>

On Nov 20, 2013 5:08 PM, "Nikolai Fetissov" <nikolai at fetissov.org> wrote:
>
> Hey folks,
>
> Can anybody share any experiences with GPS receivers under
OpenBSD/OpenNTPd?
> I'm having hard time figuring out what  hardware to look for.
>
> Cheers,
> --
>  Nikolai
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://www.nycbug.org/mailman/listinfo/talk

Serial devices are easy enough to use. They dont need any special drivers.
Just write a small program in whatever. I wrote one in VB a long time ago
and the device output from the device was easily parsable strings. Maybe
you'd have similar luck. GPS hasnt changed I dont think since then.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20131120/075e6b53/attachment.htm>

From nikolai at fetissov.org  Thu Nov 21 08:50:48 2013
From: nikolai at fetissov.org (Nikolai Fetissov)
Date: Thu, 21 Nov 2013 08:50:48 -0500
Subject: [nycbug-talk] GPS hardware for OpenNTPd
In-Reply-To: <CACs0eVQKfjEhr99zgnw4LdWHnO0Nd-o=LJMhRK8siGaL_gEUgg@mail.gmail.com>
References: <D52D2CAE-FF71-4F8B-8690-B2A943BA7552@fetissov.org>
 <528D4756.2030902@ceetonetechnology.com>
 <CACs0eVQKfjEhr99zgnw4LdWHnO0Nd-o=LJMhRK8siGaL_gEUgg@mail.gmail.com>
Message-ID: <24B385DD-8775-42A3-BBF7-39E8105EFEEF@fetissov.org>


> On Nov 20, 2013, at 7:48 PM, Okan Demirmen <okan at demirmen.com> wrote:
> 
> On Wed, Nov 20, 2013 at 6:35 PM, George Rosamond
> <george at ceetonetechnology.com> wrote:
>> Nikolai Fetissov:
>>> Hey folks,
>>> 
>>> Can anybody share any experiences with GPS receivers under OpenBSD/OpenNTPd?
>>> I'm having hard time figuring out what  hardware to look for.
> 
> nmea(4), mtms(4), endrun(4) ...

Okan, thanks, man pages are great, though I was looking for more of a story with actual hardware ...

> 
>> Not to distract, but . . .
>> 
>> I'm a bit confused by the idea of OpenNTPD with a GPS receiver.
>> 
>> I thought OpenNTPD wasn't concerned with precision as much as security
>> and simplicity.
> 
> Simple doesn't mean lack of features :)  timedelta sensors have been
> supported for quite some time.
> _______________________________________________
> talk mailing list
> talk at lists.nycbug.org
> http://www.nycbug.org/mailman/listinfo/talk



From ike at blackskyresearch.net  Thu Nov 21 09:43:34 2013
From: ike at blackskyresearch.net (Isaac (.ike) Levy)
Date: Thu, 21 Nov 2013 14:43:34 +0000
Subject: [nycbug-talk] GPS hardware for OpenNTPd
Message-ID: <201311211443.rALEhYDu032030@rs101.luxsci.com>


On November 21, 2013 08:50:48 AM EST, Nikolai Fetissov 
<nikolai at fetissov.org> wrote:
>> On Nov 20, 2013, at 7:48 PM, Okan Demirmen <okan at demirmen.com> wrote:
>>
>> On Wed, Nov 20, 2013 at 6:35 PM, George Rosamond
>> <george at ceetonetechnology.com> wrote:
>>> Nikolai Fetissov:
>>>> Hey folks,
>>>>
>>>> Can anybody share any experiences with GPS receivers under 
>>>> OpenBSD/OpenNTPd?
>>>> I'm having hard time figuring out what  hardware to look for.
>>
>> nmea(4), mtms(4), endrun(4) ...
>
> Okan, thanks, man pages are great, though I was looking for more of a 
> story with actual hardware ...

I was just thinking about similar setups last week- not sure if these 
help, but here's some urls:

OpenBSD GPS NTP Server on the cheap:
http://0x9900.com/blog/2012/08/26/build-you-own-stratum-1-ntp-server-for-less-than-$100/

FreeBSD Oldies but Goodies,
http://www.febo.com/time-freq/ntp/soekris/
http://www.askbjoernhansen.com/2005/03/23/soekris.html
http://phk.freebsd.dk/soekris-pps/

Best,
.ike




From zippy1981 at gmail.com  Thu Nov 21 14:57:24 2013
From: zippy1981 at gmail.com (Justin Dearing)
Date: Thu, 21 Nov 2013 14:57:24 -0500
Subject: [nycbug-talk] Fwd: New IEE Organizationally Unique Identifier:
	FreeBSD foundation
In-Reply-To: <CAJjO9MmxdVHcqRANe7R3mXCZkLUOE+Gv18PksuFqUWi8P9taVg@mail.gmail.com>
References: <CABsCM1NHOmEnnMftdT=Cow95fjQxc8M9erzo+rQm3k999Q7AXA@mail.gmail.com>
 <CAJjO9MmxdVHcqRANe7R3mXCZkLUOE+Gv18PksuFqUWi8P9taVg@mail.gmail.com>
Message-ID: <CABsCM1PYjX9n-FobxmCjgo26Wj_yFvX6YmJE_EWkM8OnGUgepQ@mail.gmail.com>

FYI

---------- Forwarded message ----------
From: Fyodor <fyodor at nmap.org>
Date: Thu, Nov 21, 2013 at 2:40 PM
Subject: Re: New IEE Organizationally Unique Identifier: FreeBSD foundation
To: Justin Dearing <zippy1981 at gmail.com>
Cc: Nmap Development List <dev at nmap.org>


On Thu, Nov 14, 2013 at 7:41 PM, Justin Dearing <zippy1981 at gmail.com> wrote:

> The FreeBSD foundation has its own block of mac addresses now. These will
> be used by bhyve. I'm not sure where nmap gets its MAC address database, so
> let me know if this needs to get forwarded somewhere else.
>

Thanks, I just updated the file with the latest IEEE data (
http://standards.ieee.org/develop/regauth/oui/oui.txt) which includes
FreeBSD and about 800 other new assignments.

Cheers,
Fyodor
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.nycbug.org:8443/pipermail/talk/attachments/20131121/33274d13/attachment.htm>

From bcallah at devio.us  Sun Nov 24 19:56:13 2013
From: bcallah at devio.us (Brian Callahan)
Date: Sun, 24 Nov 2013 19:56:13 -0500
Subject: [nycbug-talk] NYC*BUG IRC channel has moved! #nycbug on freenode
Message-ID: <5292A02D.5060403@devio.us>

Hi talk --

As the topic says, we have moved our IRC channel to freenode; please 
join us over there: #nycbug on irc.freenode.net

We have a good core group over there and get good conversations going 
that you won't find on talk@

So come by and chat :)

~Brian