From scottro at nyc.rr.com Sun Feb 1 10:06:26 2015 From: scottro at nyc.rr.com (Scott Robbins) Date: Sun, 1 Feb 2015 10:06:26 -0500 Subject: [talk] Ike's OpenBSD laptop meeting In-Reply-To: <20150131220423.GA4508@scott1.scottro.net> References: <54CD4967.8000102@ceetonetechnology.com> <20150131213403.22A9D17FDAA@rebar.astron.com> <20150131220423.GA4508@scott1.scottro.net> Message-ID: <20150201150626.GA14320@scott1.scottro.net> On Sat, Jan 31, 2015 at 05:04:23PM -0500, Scott Robbins wrote: > On Sat, Jan 31, 2015 at 04:34:03PM -0500, Christos Zoulas wrote: > > On Jan 31, 4:30pm, george at ceetonetechnology.com (George Rosamond) wrote: > > -- Subject: [talk] Ike's OpenBSD laptop meeting > > > > | For those who don't have a laptop to test out OpenBSD on and don't have > > | an extra disk to install it on, I recommend hitting Ebay for a Thinkpad, > > | even an ancient one. An x120e works nicely, and believe it or not, an > > | x60/61 is sufficient also. Don't pay a lot for either, and you'll > > | probably need to buy a new battery. > > | > > | Note that the meeting is on February 10th, the SECOND TUESDAY of the month. > > For what it's worth, while not sure if this would run with OpenBSD, NewEgg > is selling some refurbished Lenovo L420's, with 4GB of RAM and i5 > processors, for around $260 through Think Green PC. Well, I tested this this morning with OpenBSD,and unfortunately, upon booting from an install USB it stopped with an error a few lines after booting. It's not something I'm going to investigate, as my time is limited and I can easily run OpenBSD on two other laptops that I have. I didn't do any testing outside of creating the USB and trying to boot the laptop. Anyway, judging from this one, not at all investigated experience, the laptop I mentioned last night might not be the best choice for ann OpenBSD laptop--or, it may be some slightly off hardware on my USB or the laptop that I have, and not affect anyone but me. -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 From mark.saad at ymail.com Sun Feb 1 17:01:31 2015 From: mark.saad at ymail.com (Mark Saad) Date: Sun, 1 Feb 2015 17:01:31 -0500 Subject: [talk] Optimum provided home router madness Message-ID: All So I am at a souperbowl party and they have a optimum Internet and a vendor provided home router . The strangest thing with its setup is the wireless network ( configured by optimum ) hands out ip's in 24.0/13 net block ! Anyone have a idea why they would do this ? --- Mark saad | mark.saad at ymail.com From george at ceetonetechnology.com Sun Feb 1 17:22:36 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Sun, 01 Feb 2015 17:22:36 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: References: Message-ID: <54CEA72C.5040506@ceetonetechnology.com> Mark Saad: > All So I am at a souperbowl party and they have a optimum Internet > and a vendor provided home router . The strangest thing with its > setup is the wireless network ( configured by optimum ) hands out > ip's in 24.0/13 net block ! Anyone have a idea why they would do this > ? I bet it has something to do with data mining... triple nat'g while their wireless device sniffs the wlan's MAC addresses. There is probably an update to RFC 1918 designating that block for third parties to watch your Facebook posts. When do we do a meeting on "iPhone Spelling Auto-Correction and the Decline of Decipherable Plain Text Communications in the 21st Century"? g From mwlucas at blackhelicopters.org Sun Feb 1 17:30:18 2015 From: mwlucas at blackhelicopters.org (Michael W. Lucas) Date: Sun, 1 Feb 2015 17:30:18 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: <54CEA72C.5040506@ceetonetechnology.com> References: <54CEA72C.5040506@ceetonetechnology.com> Message-ID: <20150201223018.GA24259@mail.michaelwlucas.com> On Sun, Feb 01, 2015 at 05:22:36PM -0500, George Rosamond wrote: > Mark Saad: > > All So I am at a souperbowl party and they have a optimum Internet > > and a vendor provided home router . The strangest thing with its > > setup is the wireless network ( configured by optimum ) hands out > > ip's in 24.0/13 net block ! Anyone have a idea why they would do this > > ? > > I bet it has something to do with data mining... triple nat'g while > their wireless device sniffs the wlan's MAC addresses. There is > probably an update to RFC 1918 designating that block for third parties > to watch your Facebook posts. That block is assigned to Comcast NJ. Any chance Optimum is part of Comcast? It's possible (barely) that you're getting actual IP addresses. Unlikely, but you have me curious. -- Michael W. Lucas - mwlucas at michaelwlucas.com, Twitter @mwlauthor http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/ From mark.saad at ymail.com Sun Feb 1 18:55:14 2015 From: mark.saad at ymail.com (Mark Saad) Date: Sun, 1 Feb 2015 18:55:14 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: <20150201223018.GA24259@mail.michaelwlucas.com> References: <54CEA72C.5040506@ceetonetechnology.com> <20150201223018.GA24259@mail.michaelwlucas.com> Message-ID: <55E5D6D6-5683-4A0B-94B9-850278A86A74@ymail.com> > On Feb 1, 2015, at 5:30 PM, Michael W. Lucas wrote: > >> On Sun, Feb 01, 2015 at 05:22:36PM -0500, George Rosamond wrote: >> Mark Saad: >>> All So I am at a souperbowl party and they have a optimum Internet >>> and a vendor provided home router . The strangest thing with its >>> setup is the wireless network ( configured by optimum ) hands out >>> ip's in 24.0/13 net block ! Anyone have a idea why they would do this >>> ? >> >> I bet it has something to do with data mining... triple nat'g while >> their wireless device sniffs the wlan's MAC addresses. There is >> probably an update to RFC 1918 designating that block for third parties >> to watch your Facebook posts. > This sounds like a quote from the upcoming movie "black hat" http://imdb.com/title/tt2717822/ > That block is assigned to Comcast NJ. Any chance Optimum is part of > Comcast? > No this is cablevision country in ny; which is equally strange . > It's possible (barely) that you're getting actual IP > addresses. Unlikely, but you have me curious. > I want to start exploring but I don't want to be hogging their computer . > -- > Michael W. Lucas - mwlucas at michaelwlucas.com, Twitter @mwlauthor > http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/ > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk From ike at blackskyresearch.net Sun Feb 1 18:56:56 2015 From: ike at blackskyresearch.net (Isaac Levy) Date: Sun, 1 Feb 2015 18:56:56 -0500 Subject: [talk] Ike's OpenBSD laptop meeting In-Reply-To: <20150201150626.GA14320@scott1.scottro.net> References: <54CD4967.8000102@ceetonetechnology.com> <20150131213403.22A9D17FDAA@rebar.astron.com> <20150131220423.GA4508@scott1.scottro.net> <20150201150626.GA14320@scott1.scottro.net> Message-ID: <1422835022-2833118.96656408.ft11NuvJ1021866@rs149.luxsci.com> Maybe..., > On Feb 1, 2015, at 10:06 AM, Scott Robbins wrote: > >> On Sat, Jan 31, 2015 at 05:04:23PM -0500, Scott Robbins wrote: >>> On Sat, Jan 31, 2015 at 04:34:03PM -0500, Christos Zoulas wrote: >>> On Jan 31, 4:30pm, george at ceetonetechnology.com (George Rosamond) wrote: >>> -- Subject: [talk] Ike's OpenBSD laptop meeting >>> >>> | For those who don't have a laptop to test out OpenBSD on and don't have >>> | an extra disk to install it on, I recommend hitting Ebay for a Thinkpad, >>> | even an ancient one. An x120e works nicely, and believe it or not, an >>> | x60/61 is sufficient also. Don't pay a lot for either, and you'll >>> | probably need to buy a new battery. >>> | >>> | Note that the meeting is on February 10th, the SECOND TUESDAY of the month. >> >> For what it's worth, while not sure if this would run with OpenBSD, NewEgg >> is selling some refurbished Lenovo L420's, with 4GB of RAM and i5 >> processors, for around $260 through Think Green PC. > > Well, I tested this this morning with OpenBSD,and unfortunately, upon > booting from an install USB it stopped with an error a few lines after > booting. This *might* be the USB ports themselves, as the kernel takes over, OpenBSD doesn't currently support usb 3.0- which is all over on Lenovo kit. Typically, the inner fin on a usb3 port is blue. On my x220, two workarounds: - install from usb2 port if you have it, x220 rh side usb is 2.0 only. - disable usb3 in bios, x220 I did this for all ports anyhow to make them all working USB 2.0. This trade off, and others, covered in the talk. Best, .ike > It's not something I'm going to investigate, as my time is > limited and I can easily run OpenBSD on two other laptops that I have. I > didn't do any testing outside of creating the USB and trying to boot the > laptop. Anyway, judging from this one, not at all investigated experience, > the laptop I mentioned last night might not be the best choice for ann > OpenBSD laptop--or, it may be some slightly off hardware on my USB or the > laptop that I have, and not affect anyone but me. > > -- > Scott Robbins > PGP keyID EB3467D6 > ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) > gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > From scottro at nyc.rr.com Sun Feb 1 19:06:11 2015 From: scottro at nyc.rr.com (Scott Robbins) Date: Sun, 1 Feb 2015 19:06:11 -0500 Subject: [talk] Ike's OpenBSD laptop meeting In-Reply-To: <1422835022-2833118.96656408.ft11NuvJ1021866@rs149.luxsci.com> References: <54CD4967.8000102@ceetonetechnology.com> <20150131213403.22A9D17FDAA@rebar.astron.com> <20150131220423.GA4508@scott1.scottro.net> <20150201150626.GA14320@scott1.scottro.net> <1422835022-2833118.96656408.ft11NuvJ1021866@rs149.luxsci.com> Message-ID: <20150202000611.GA3509@scott1.scottro.net> On Sun, Feb 01, 2015 at 06:56:56PM -0500, Isaac Levy wrote: > Maybe..., > > > On Feb 1, 2015, at 10:06 AM, Scott Robbins wrote: > > > >> > >> For what it's worth, while not sure if this would run with OpenBSD, NewEgg > >> is selling some refurbished Lenovo L420's, with 4GB of RAM and i5 > >> processors, for around $260 through Think Green PC. > > > > Well, I tested this this morning with OpenBSD,and unfortunately, upon > > booting from an install USB it stopped with an error a few lines after > > booting. > > This *might* be the USB ports themselves, as the kernel takes over, OpenBSD doesn't currently support usb 3.0- which is all over on Lenovo kit. Typically, the inner fin on a usb3 port is blue. > > On my x220, two workarounds: > - install from usb2 port if you have it, x220 rh side usb is 2.0 only. > - disable usb3 in bios, x220 I did this for all ports anyhow to make them all working USB 2.0. > I can try it with the other ports. This is a relatively old laptop, so it's actually pre USB3. -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 From spork at bway.net Sun Feb 1 19:17:43 2015 From: spork at bway.net (Charles Sprickman) Date: Sun, 1 Feb 2015 19:17:43 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: <55E5D6D6-5683-4A0B-94B9-850278A86A74@ymail.com> References: <54CEA72C.5040506@ceetonetechnology.com> <20150201223018.GA24259@mail.michaelwlucas.com> <55E5D6D6-5683-4A0B-94B9-850278A86A74@ymail.com> Message-ID: <4C048F36-3721-45BA-970E-3EBA73E5223D@bway.net> On Feb 1, 2015, at 6:55 PM, Mark Saad wrote: > > >> On Feb 1, 2015, at 5:30 PM, Michael W. Lucas wrote: >> >>> On Sun, Feb 01, 2015 at 05:22:36PM -0500, George Rosamond wrote: >>> Mark Saad: >>>> All So I am at a souperbowl party and they have a optimum Internet >>>> and a vendor provided home router . The strangest thing with its >>>> setup is the wireless network ( configured by optimum ) hands out >>>> ip's in 24.0/13 net block ! Anyone have a idea why they would do this >>>> ? >>> >>> I bet it has something to do with data mining... triple nat'g while >>> their wireless device sniffs the wlan's MAC addresses. There is >>> probably an update to RFC 1918 designating that block for third parties >>> to watch your Facebook posts. >> > > This sounds like a quote from the upcoming movie "black hat" > > http://imdb.com/title/tt2717822/ > >> That block is assigned to Comcast NJ. Any chance Optimum is part of >> Comcast? >> > > No this is cablevision country in ny; which is equally strange . Not really, I think back in the old days of @Home cable service (remember that?) there was some consortium of cable providers and they were all numbering out of 24.0.0.0/8. Most now seem to have block there as well: http://bgp.he.net/AS6128#_prefixes http://bgp.he.net/AS7922#_prefixes (they have other ASes as well, this is just one) http://bgp.he.net/AS7843#_prefixes (same deal) Personally, I wouldn?t complain about getting a real IP. :) Cablevision, in general, is one of the least sucky options. Who else is going to sell me 80/25 with a /29 for under $90/month? As for security, I?m all for giving the non-tech people a managed solution for visitors to use their network. The other option is a horrible wifi password. The current deal seems to be that if you agree to share your network, they send you a free D-Link 802.11ac router. Supposedly this does not impact your main connection. This is slightly different than the public wifi they provide to subscribers (the one with an optimum, comcast and twc SSID) - that?s from nifty little APs that hang off the cable plant (and are line-powered, like the inline amps). Charles > >> It's possible (barely) that you're getting actual IP >> addresses. Unlikely, but you have me curious. >> > > I want to start exploring but I don't want to be hogging their computer . > > >> -- >> Michael W. Lucas - mwlucas at michaelwlucas.com, Twitter @mwlauthor >> http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/ >> _______________________________________________ >> talk mailing list >> talk at lists.nycbug.org >> http://lists.nycbug.org/mailman/listinfo/talk > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk From justin at shiningsilence.com Sun Feb 1 19:34:51 2015 From: justin at shiningsilence.com (Justin Sherrill) Date: Sun, 1 Feb 2015 19:34:51 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: <4C048F36-3721-45BA-970E-3EBA73E5223D@bway.net> References: <54CEA72C.5040506@ceetonetechnology.com> <20150201223018.GA24259@mail.michaelwlucas.com> <55E5D6D6-5683-4A0B-94B9-850278A86A74@ymail.com> <4C048F36-3721-45BA-970E-3EBA73E5223D@bway.net> Message-ID: On Sun, Feb 1, 2015 at 7:17 PM, Charles Sprickman wrote: > Not really, I think back in the old days of @Home cable service (remember that?) > there was some consortium of cable providers and they were all numbering out > of 24.0.0.0/8. Most now seem to have block there as well: Time Warner through NY state is using 24.0.0.0/8, also. When I worked for them years ago, all our Rochester servers were in 24.93.x.x, and Syracuse was 24.92.x.x, etc. My current Time Warner fiber link at my workplace is 24.39.x.x. > Cablevision, in general, is one of the least sucky options. Who else is going to sell > me 80/25 with a /29 for under $90/month? Oh, I wish I could get that. From mark.saad at ymail.com Sun Feb 1 19:55:18 2015 From: mark.saad at ymail.com (Mark Saad) Date: Sun, 1 Feb 2015 19:55:18 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: References: <54CEA72C.5040506@ceetonetechnology.com> <20150201223018.GA24259@mail.michaelwlucas.com> <55E5D6D6-5683-4A0B-94B9-850278A86A74@ymail.com> <4C048F36-3721-45BA-970E-3EBA73E5223D@bway.net> Message-ID: <153B76D0-66C0-48A2-8AA4-891E6B4B237C@ymail.com> > On Feb 1, 2015, at 7:34 PM, Justin Sherrill wrote: > >> On Sun, Feb 1, 2015 at 7:17 PM, Charles Sprickman wrote: >> Not really, I think back in the old days of @Home cable service (remember that?) >> there was some consortium of cable providers and they were all numbering out >> of 24.0.0.0/8. Most now seem to have block there as well: > > Time Warner through NY state is using 24.0.0.0/8, also. When I worked > for them years ago, all our Rochester servers were in 24.93.x.x, and > Syracuse was 24.92.x.x, etc. My current Time Warner fiber link at my > workplace is 24.39.x.x. I have to check at home , but iirc I have either a 64.x.x.x or a 66.x.x.x on optimum. > >> Cablevision, in general, is one of the least sucky options. Who else is going to sell >> me 80/25 with a /29 for under $90/month? > > Oh, I wish I could get that. Likewise , I am also a optimum customer but I am on a 25/5 for $60/mo . What's are magic words I have to say on the phone to get that plan ? -- Mark saad | mark.saad at ymail.com From christos at zoulas.com Sun Feb 1 20:09:23 2015 From: christos at zoulas.com (Christos Zoulas) Date: Sun, 1 Feb 2015 20:09:23 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: <153B76D0-66C0-48A2-8AA4-891E6B4B237C@ymail.com> from Mark Saad (Feb 1, 7:55pm) Message-ID: <20150202010923.2229F17FDAA@rebar.astron.com> On Feb 1, 7:55pm, mark.saad at ymail.com (Mark Saad) wrote: -- Subject: Re: [talk] Optimum provided home router madness | > Time Warner through NY state is using 24.0.0.0/8, also. When I worked | > for them years ago, all our Rochester servers were in 24.93.x.x, and | > Syracuse was 24.92.x.x, etc. My current Time Warner fiber link at my | > workplace is 24.39.x.x. Time Warner at home gives me this: sk0: flags=8843 mtu 1500 ec_capabilities=5 ec_enabled=0 address: 00:0d:88:6e:5b:1c media: Ethernet autoselect (1000baseT full-duplex,flowcontrol,rxpause,txpause) status: active inet 74.66.238.183 netmask 0xfffffe00 broadcast 255.255.255.255 inet6 fe80::20d:88ff:fe6e:5b1c%sk0 prefixlen 64 scopeid 0x1 inet6 2604:2000:efc0:5:88d7:2b93:f214:ef50 prefixlen 128 bge0: flags=8843 mtu 1500 capabilities=3f00 capabilities=3f00 enabled=0 ec_capabilities=3 ec_enabled=0 address: 00:1e:4f:c0:0c:44 media: Ethernet autoselect (1000baseT full-duplex) status: active inet 192.168.2.4 netmask 0xffffff00 broadcast 192.168.2.255 inet6 fe80::21e:4fff:fec0:c44%bge0 prefixlen 64 scopeid 0x2 inet6 2604:2000:1481:6177::1 prefixlen 64 This is 74.66.x.y, and it also gives me a /64 in IPv6... christos From mark.saad at ymail.com Sun Feb 1 20:12:39 2015 From: mark.saad at ymail.com (Mark Saad) Date: Mon, 2 Feb 2015 01:12:39 +0000 (UTC) Subject: [talk] Optimum provided home router madness In-Reply-To: <153B76D0-66C0-48A2-8AA4-891E6B4B237C@ymail.com> References: <153B76D0-66C0-48A2-8AA4-891E6B4B237C@ymail.com> Message-ID: <1339998695.638326.1422839559399.JavaMail.yahoo@mail.yahoo.com> From: Mark Saad To: "talk at lists.nycbug.org" Sent: Sunday, February 1, 2015 7:55 PM Subject: Re: [talk] Optimum provided home router madness > On Feb 1, 2015, at 7:34 PM, Justin Sherrill wrote: > >> On Sun, Feb 1, 2015 at 7:17 PM, Charles Sprickman wrote: >> Not really, I think back in the old days of @Home cable service (remember that?) >> there was some consortium of cable providers and they were all numbering out >> of 24.0.0.0/8.? Most now seem to have block there as well: > > Time Warner through NY state is using 24.0.0.0/8, also.? When I worked > for them years ago, all our Rochester servers were in 24.93.x.x, and > Syracuse was 24.92.x.x, etc.? My current Time Warner fiber link at my > workplace is 24.39.x.x. I have to check at home , but iirc I have either a 64.x.x.x or a 66.x.x.x on optimum. > >> Cablevision, in general, is one of the least sucky options.? Who else is going to sell >> me 80/25 with a /29 for under $90/month? > > Oh, I wish I could get that. Likewise , I am also a optimum customer but I am on a 25/5 for $60/mo .? What's are magic words I have to say on the phone to get that plan ?? -- Mark saad | mark.saad at ymail.com _______________________________________________ talk mailing list talk at lists.nycbug.org http://lists.nycbug.org/mailman/listinfo/talk Ok so I was able to check this out on a desktop and its even weirder. So my cell phone is getting an external ip of 107.188.23.xxx while the wired desktop is claiming 68.197.163.xxx . The wireless is clearly natting using 25.248.180.xxx/13 for the internal side of the nat which is strange; While the wired is using a 192.168.0.x/24 .?? So why do I think I am on the same gear ? I unplugged the router and both the wireless, I was on , and the wired went down. Well either way Optimum is doing some strange stuff here. ? -- Mark Saad mark.saad at ymail.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From spork at bway.net Sun Feb 1 22:31:17 2015 From: spork at bway.net (Charles Sprickman) Date: Sun, 1 Feb 2015 22:31:17 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: <1339998695.638326.1422839559399.JavaMail.yahoo@mail.yahoo.com> References: <153B76D0-66C0-48A2-8AA4-891E6B4B237C@ymail.com> <1339998695.638326.1422839559399.JavaMail.yahoo@mail.yahoo.com> Message-ID: On Feb 1, 2015, at 8:12 PM, Mark Saad wrote: > > From: Mark Saad > To: "talk at lists.nycbug.org" > Sent: Sunday, February 1, 2015 7:55 PM > Subject: Re: [talk] Optimum provided home router madness > > > > > On Feb 1, 2015, at 7:34 PM, Justin Sherrill wrote: > > > >> On Sun, Feb 1, 2015 at 7:17 PM, Charles Sprickman wrote: > >> Not really, I think back in the old days of @Home cable service (remember that?) > >> there was some consortium of cable providers and they were all numbering out > >> of 24.0.0.0/8. Most now seem to have block there as well: > > > > Time Warner through NY state is using 24.0.0.0/8, also. When I worked > > for them years ago, all our Rochester servers were in 24.93.x.x, and > > Syracuse was 24.92.x.x, etc. My current Time Warner fiber link at my > > workplace is 24.39.x.x. > > I have to check at home , but iirc I have either a 64.x.x.x or a 66.x.x.x on optimum. > > > > > > > >> Cablevision, in general, is one of the least sucky options. Who else is going to sell > >> me 80/25 with a /29 for under $90/month? > > > > Oh, I wish I could get that. > > > Likewise , I am also a optimum customer but I am on a 25/5 for $60/mo . What's are magic words I have to say on the phone to get that plan ? > > > -- > > Mark saad | mark.saad at ymail.com > > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > > > > > Ok so I was able to check this out on a desktop and its even weirder. So my cell phone is getting an external ip of 107.188.23.xxx while the wired desktop is claiming 68.197.163.xxx . The wireless is clearly natting using 25.248.180.xxx/13 for the internal side of the nat which is strange; While the wired is using a 192.168.0.x/24 . So why do I think I am on the same gear ? I unplugged the router and both the wireless, I was on , and the wired went down. Well either way Optimum is doing some strange stuff here. Two SSIDs - one for the homeowner, one for the guest (?optimumwifi? should be the SSID for the guest access). They should be separate networks - meaning your guests should not be able to reach your internal hosts behind the router (wired or wireless). Also the homeowner?s network is secured with WPA2, whereas the guest network has no wifi security enabled. The two network layout also means that if a guest comes over and starts doing ?bad things?, the onus is not on the network?s owner (in theory at least, no idea what the supboena process would look like). If I remember the details correctly, the router also remembers hosts that connected to the private wifi and then blocks them from connecting to the open guest network based on MAC address. Charles > > -- > Mark Saad > mark.saad at ymail.com > > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk From thornton.richard at gmail.com Mon Feb 2 01:17:27 2015 From: thornton.richard at gmail.com (thornton.richard at gmail.com) Date: Mon, 02 Feb 2015 01:17:27 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: References: <153B76D0-66C0-48A2-8AA4-891E6B4B237C@ymail.com> <1339998695.638326.1422839559399.JavaMail.yahoo@mail.yahoo.com> Message-ID: <20150202061727.6013073.25805.22601@gmail.com> You guys got too much time on your hands... Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network. ? Original Message ? From: Charles Sprickman Sent: Sunday, February 1, 2015 10:33 PM To: Mark Saad Cc: talk at lists.nycbug.org Subject: Re: [talk] Optimum provided home router madness On Feb 1, 2015, at 8:12 PM, Mark Saad wrote: > > From: Mark Saad > To: "talk at lists.nycbug.org" > Sent: Sunday, February 1, 2015 7:55 PM > Subject: Re: [talk] Optimum provided home router madness > > > > > On Feb 1, 2015, at 7:34 PM, Justin Sherrill wrote: > > > >> On Sun, Feb 1, 2015 at 7:17 PM, Charles Sprickman wrote: > >> Not really, I think back in the old days of @Home cable service (remember that?) > >> there was some consortium of cable providers and they were all numbering out > >> of 24.0.0.0/8. Most now seem to have block there as well: > > > > Time Warner through NY state is using 24.0.0.0/8, also. When I worked > > for them years ago, all our Rochester servers were in 24.93.x.x, and > > Syracuse was 24.92.x.x, etc. My current Time Warner fiber link at my > > workplace is 24.39.x.x. > > I have to check at home , but iirc I have either a 64.x.x.x or a 66.x.x.x on optimum. > > > > > > > >> Cablevision, in general, is one of the least sucky options. Who else is going to sell > >> me 80/25 with a /29 for under $90/month? > > > > Oh, I wish I could get that. > > > Likewise , I am also a optimum customer but I am on a 25/5 for $60/mo . What's are magic words I have to say on the phone to get that plan ? > > > -- > > Mark saad | mark.saad at ymail.com > > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > > > > > Ok so I was able to check this out on a desktop and its even weirder. So my cell phone is getting an external ip of 107.188.23.xxx while the wired desktop is claiming 68.197.163.xxx . The wireless is clearly natting using 25.248.180.xxx/13 for the internal side of the nat which is strange; While the wired is using a 192.168.0.x/24 . So why do I think I am on the same gear ? I unplugged the router and both the wireless, I was on , and the wired went down. Well either way Optimum is doing some strange stuff here. Two SSIDs - one for the homeowner, one for the guest (?optimumwifi? should be the SSID for the guest access). They should be separate networks - meaning your guests should not be able to reach your internal hosts behind the router (wired or wireless). Also the homeowner?s network is secured with WPA2, whereas the guest network has no wifi security enabled. The two network layout also means that if a guest comes over and starts doing ?bad things?, the onus is not on the network?s owner (in theory at least, no idea what the supboena process would look like). If I remember the details correctly, the router also remembers hosts that connected to the private wifi and then blocks them from connecting to the open guest network based on MAC address. Charles > > -- > Mark Saad > mark.saad at ymail.com > > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk _______________________________________________ talk mailing list talk at lists.nycbug.org http://lists.nycbug.org/mailman/listinfo/talk From scottro at nyc.rr.com Mon Feb 2 07:41:25 2015 From: scottro at nyc.rr.com (Scott Robbins) Date: Mon, 2 Feb 2015 07:41:25 -0500 Subject: [talk] Ike's OpenBSD laptop meeting In-Reply-To: <20150202000611.GA3509@scott1.scottro.net> References: <54CD4967.8000102@ceetonetechnology.com> <20150131213403.22A9D17FDAA@rebar.astron.com> <20150131220423.GA4508@scott1.scottro.net> <20150201150626.GA14320@scott1.scottro.net> <1422835022-2833118.96656408.ft11NuvJ1021866@rs149.luxsci.com> <20150202000611.GA3509@scott1.scottro.net> Message-ID: <20150202124125.GA4946@scott1.scottro.net> On Sun, Feb 01, 2015 at 07:06:11PM -0500, Scott Robbins wrote: > On Sun, Feb 01, 2015 at 06:56:56PM -0500, Isaac Levy wrote: > > Maybe..., > > > > > On Feb 1, 2015, at 10:06 AM, Scott Robbins wrote: > > > > > >> > > >> For what it's worth, while not sure if this would run with OpenBSD, NewEgg > > >> is selling some refurbished Lenovo L420's, with 4GB of RAM and i5 > > >> processors, for around $260 through Think Green PC. > > > > > > Well, I tested this this morning with OpenBSD,and unfortunately, upon > > > booting from an install USB it stopped with an error a few lines after > > > booting. > > > > This *might* be the USB ports themselves, as the kernel takes over, OpenBSD doesn't currently support usb 3.0- which is all over on Lenovo kit. Typically, the inner fin on a usb3 port is blue. > > Yup, that's what it was. Changing ports fixed the problem. (There were no USB3.0 ports, but the port that I'd used didn't work with OpenBSD. Next step is to play with the wireless, either the builtin or the Edimax 7811UN. That will probably have to wait, but at least I know it works with OpenBSD. Thanks Ike! -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 From scottro at nyc.rr.com Mon Feb 2 07:45:13 2015 From: scottro at nyc.rr.com (Scott Robbins) Date: Mon, 2 Feb 2015 07:45:13 -0500 Subject: [talk] Ike's OpenBSD laptop meeting In-Reply-To: <20150202124125.GA4946@scott1.scottro.net> References: <54CD4967.8000102@ceetonetechnology.com> <20150131213403.22A9D17FDAA@rebar.astron.com> <20150131220423.GA4508@scott1.scottro.net> <20150201150626.GA14320@scott1.scottro.net> <1422835022-2833118.96656408.ft11NuvJ1021866@rs149.luxsci.com> <20150202000611.GA3509@scott1.scottro.net> <20150202124125.GA4946@scott1.scottro.net> Message-ID: <20150202124513.GB4946@scott1.scottro.net> On Mon, Feb 02, 2015 at 07:41:25AM -0500, Scott Robbins wrote: > On Sun, Feb 01, 2015 at 07:06:11PM -0500, Scott Robbins wrote: > > On Sun, Feb 01, 2015 at 06:56:56PM -0500, Isaac Levy wrote: > > > Maybe..., > > > > > > > On Feb 1, 2015, at 10:06 AM, Scott Robbins wrote: > > > > > > > >> > > > > > > This *might* be the USB ports themselves, as the kernel takes over, OpenBSD doesn't currently support usb 3.0- which is all over on Lenovo kit. Typically, the inner fin on a usb3 port is blue. > > > > > Yup, that's what it was. Changing ports fixed the problem. > (There were no USB3.0 ports, but the port that I'd used didn't work with > OpenBSD. Next step is to play with the wireless, either the builtin or the > Edimax 7811UN. That will probably have to wait, but at least I know it > works with OpenBSD. > > Thanks Ike! Bah, sent to soon. (After the install but before the first reboot) Upon reboot, it fails. Probably slightly flakey hardware. At this point I don't have time to do further troubleshooting, I may do so further down the road. -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 From nick at hackermonkey.com Mon Feb 2 09:05:21 2015 From: nick at hackermonkey.com (Nick Danger) Date: Mon, 02 Feb 2015 09:05:21 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: References: <153B76D0-66C0-48A2-8AA4-891E6B4B237C@ymail.com> <1339998695.638326.1422839559399.JavaMail.yahoo@mail.yahoo.com> Message-ID: <54CF8421.6090208@hackermonkey.com> One of the WiFi's is layer 2 back to "HQ" so they can let everyone on the same company/brand surf the modem at your house without knowing your wifi username and password. On 02/01/2015 10:31 PM, Charles Sprickman wrote: > On Feb 1, 2015, at 8:12 PM, Mark Saad wrote: > >> >> From: Mark Saad >> To: "talk at lists.nycbug.org" >> Sent: Sunday, February 1, 2015 7:55 PM >> Subject: Re: [talk] Optimum provided home router madness >> >> >> >>> On Feb 1, 2015, at 7:34 PM, Justin Sherrill wrote: >>> >>>> On Sun, Feb 1, 2015 at 7:17 PM, Charles Sprickman wrote: >>>> Not really, I think back in the old days of @Home cable service (remember that?) >>>> there was some consortium of cable providers and they were all numbering out >>>> of 24.0.0.0/8. Most now seem to have block there as well: >>> >>> Time Warner through NY state is using 24.0.0.0/8, also. When I worked >>> for them years ago, all our Rochester servers were in 24.93.x.x, and >>> Syracuse was 24.92.x.x, etc. My current Time Warner fiber link at my >>> workplace is 24.39.x.x. >> >> I have to check at home , but iirc I have either a 64.x.x.x or a 66.x.x.x on optimum. >> >> >> >> >>> >>>> Cablevision, in general, is one of the least sucky options. Who else is going to sell >>>> me 80/25 with a /29 for under $90/month? >>> >>> Oh, I wish I could get that. >> >> >> Likewise , I am also a optimum customer but I am on a 25/5 for $60/mo . What's are magic words I have to say on the phone to get that plan ? >> >> >> -- >> >> Mark saad | mark.saad at ymail.com >> >> >> _______________________________________________ >> talk mailing list >> talk at lists.nycbug.org >> http://lists.nycbug.org/mailman/listinfo/talk >> >> >> >> >> Ok so I was able to check this out on a desktop and its even weirder. So my cell phone is getting an external ip of 107.188.23.xxx while the wired desktop is claiming 68.197.163.xxx . The wireless is clearly natting using 25.248.180.xxx/13 for the internal side of the nat which is strange; While the wired is using a 192.168.0.x/24 . So why do I think I am on the same gear ? I unplugged the router and both the wireless, I was on , and the wired went down. Well either way Optimum is doing some strange stuff here. > > Two SSIDs - one for the homeowner, one for the guest (?optimumwifi? should be the SSID for the guest access). They should be separate networks - meaning your guests should not be able to reach your internal hosts behind the router (wired or wireless). Also the homeowner?s network is secured with WPA2, whereas the guest network has no wifi security enabled. The two network layout also means that if a guest comes over and starts doing ?bad things?, the onus is not on the network?s owner (in theory at least, no idea what the supboena process would look like). > > If I remember the details correctly, the router also remembers hosts that connected to the private wifi and then blocks them from connecting to the open guest network based on MAC address. > > Charles > >> >> -- >> Mark Saad >> mark.saad at ymail.com >> >> >> _______________________________________________ >> talk mailing list >> talk at lists.nycbug.org >> http://lists.nycbug.org/mailman/listinfo/talk > > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > From george at ceetonetechnology.com Mon Feb 2 09:25:50 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Mon, 02 Feb 2015 09:25:50 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: <54CF8421.6090208@hackermonkey.com> References: <153B76D0-66C0-48A2-8AA4-891E6B4B237C@ymail.com> <1339998695.638326.1422839559399.JavaMail.yahoo@mail.yahoo.com> <54CF8421.6090208@hackermonkey.com> Message-ID: <54CF88EE.8000308@ceetonetechnology.com> Nick Danger: > One of the WiFi's is layer 2 back to "HQ" so they can let everyone on > the same company/brand surf the modem at your house without knowing your > wifi username and password. > (top-posting is bad http://www.nycbug.org/index.cgi?action=lists) Ha. I was under the impression that Comcast and TWC got rid of residential users providing free wifi to their customers. Wasn't that some /. story a while back? It's sort of a funny issue. On the one hand, residential users are powering the cable company's wifi for their other customers with no compensation. On the other hand, a lot of their customers using others wifi are likely to come under the sights of the RIAA/MPAA and their racketeering cohorts. No? g From mark.saad at ymail.com Mon Feb 2 09:38:41 2015 From: mark.saad at ymail.com (Mark Saad) Date: Mon, 2 Feb 2015 09:38:41 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: <54CF88EE.8000308@ceetonetechnology.com> References: <153B76D0-66C0-48A2-8AA4-891E6B4B237C@ymail.com> <1339998695.638326.1422839559399.JavaMail.yahoo@mail.yahoo.com> <54CF8421.6090208@hackermonkey.com> <54CF88EE.8000308@ceetonetechnology.com> Message-ID: > On Feb 2, 2015, at 9:25 AM, George Rosamond wrote: > > Nick Danger: >> One of the WiFi's is layer 2 back to "HQ" so they can let everyone on >> the same company/brand surf the modem at your house without knowing your >> wifi username and password. >> > > (top-posting is bad http://www.nycbug.org/index.cgi?action=lists) > > Ha. > > I was under the impression that Comcast and TWC got rid of residential > users providing free wifi to their customers. Wasn't that some /. story > a while back? > I remember this , it was like 6months ago . I can't find any references . > It's sort of a funny issue. On the one hand, residential users are > powering the cable company's wifi for their other customers with no > compensation. I don't event think customer knows it's enabled nor what the impact is . > On the other hand, a lot of their customers using others > wifi are likely to come under the sights of the RIAA/MPAA and their > racketeering cohorts. No? So as a optimum wifi user ( while waiting in my lirr station for the train to leave ) I noticed they do two thinks . 1 they inject a bit of JavaScript into your browser to show you a floating html element that has you monthly wifi usage. 2 they don't really keep good tabs on what devices are on this network . I forked it a while back and found hp wireless printers , and random wifi desktops ,lots of crud . I would think they scrape everything they can for advertising purposes and they make to much money from that to even care about mpaa issues . Mark saad | mark.saad at ymail.com > > g > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk From scottro at nyc.rr.com Mon Feb 2 09:52:05 2015 From: scottro at nyc.rr.com (Scott Robbins) Date: Mon, 2 Feb 2015 09:52:05 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: References: <153B76D0-66C0-48A2-8AA4-891E6B4B237C@ymail.com> <1339998695.638326.1422839559399.JavaMail.yahoo@mail.yahoo.com> <54CF8421.6090208@hackermonkey.com> <54CF88EE.8000308@ceetonetechnology.com> Message-ID: <20150202145205.GA7461@scott1.scottro.net> On Mon, Feb 02, 2015 at 09:38:41AM -0500, Mark Saad wrote: > > > > On Feb 2, 2015, at 9:25 AM, George Rosamond wrote: > > > > > > I was under the impression that Comcast and TWC got rid of residential > > users providing free wifi to their customers. Wasn't that some /. story > > a while back? I remember reading about it with Comcast, but not with TWC. (Doesn't mean it didn't happen, just that I don't remember reading about them.) As I recall, it wasn't discontinued, it was something they were going to do that you had to opt out of. -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 From nick at hackermonkey.com Mon Feb 2 10:06:50 2015 From: nick at hackermonkey.com (Nick Danger) Date: Mon, 02 Feb 2015 10:06:50 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: <54CF88EE.8000308@ceetonetechnology.com> References: <153B76D0-66C0-48A2-8AA4-891E6B4B237C@ymail.com> <1339998695.638326.1422839559399.JavaMail.yahoo@mail.yahoo.com> <54CF8421.6090208@hackermonkey.com> <54CF88EE.8000308@ceetonetechnology.com> Message-ID: <54CF928A.8060603@hackermonkey.com> On 02/02/2015 09:25 AM, George Rosamond wrote: > Nick Danger: >> One of the WiFi's is layer 2 back to "HQ" so they can let everyone on >> the same company/brand surf the modem at your house without knowing your >> wifi username and password. >> > > (top-posting is bad http://www.nycbug.org/index.cgi?action=lists) I read that link and thought "Who the hell still uses PINE, or Mutt" and then remembered I just had to install Mutt on a new server I built for someone that has been at the school for almost 30 years now. *sigh* I'll try to keep my 10-second-coffee-in-one-hand reply inline instead of top post. > I was under the impression that Comcast and TWC got rid of residential > users providing free wifi to their customers. Wasn't that some /. story > a while back? No, its still there. I think they made it "opt in" now. The claim is that by offering a small bit of your bandwidth to other customers, that wont impact your overall speed promises from the ISP. There is some lawsuit going on about it, but I suspect it won't get anywhere. Comcast and TWC aren't the only ones. ATT does it, Verizon does it, I wouldn't be surprised if someday your cell phone ends up boosting signal for people standing around you with crappy phone signals. Mesh is the future. "My old StarTac didn't work very well so I stand next to this guy with a iPhone 7 and POOF, 3 bars of signal!" ;-) http://blog.chron.com/techblog/2014/06/comcast-is-turning-your-xfinity-router-into-a-public-wi-fi-hotspot/#24139101=0 I have the new Comcast modem sitting on my floor. I don't want to replace the one I have now with it because I don't want the built in WiFi. One of these days I'll scrape together some hardware and build a pfSense box and replace the whole current messy setup I have. > It's sort of a funny issue. On the one hand, residential users are > powering the cable company's wifi for their other customers with no > compensation. On the other hand, a lot of their customers using others > wifi are likely to come under the sights of the RIAA/MPAA and their > racketeering cohorts. No? On the second point, since its layer 2, whoever uses the "open" wireless at your house isn't really on your house network. MPAA and RIAA would get the ISP in their information about who is downloading Spiderman3 and the ISP could track it back to your username/password pair. The homeowner in the middle wouldn't figure into the whole play. Although oddly I have seen MUCH less RIAA/MPAA letters of late. Sure they shit down PirateBay and other sites, but I don't see so much "sue the end down loader" going on anymore. Then again, my current job doesn't expose me as much to that side so maybe I am just missing it. Nick From ahpook at verizon.net Mon Feb 2 10:12:17 2015 From: ahpook at verizon.net (Ah Pook) Date: Mon, 02 Feb 2015 10:12:17 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: <54CF88EE.8000308@ceetonetechnology.com> References: <153B76D0-66C0-48A2-8AA4-891E6B4B237C@ymail.com> <1339998695.638326.1422839559399.JavaMail.yahoo@mail.yahoo.com> <54CF8421.6090208@hackermonkey.com> <54CF88EE.8000308@ceetonetechnology.com> Message-ID: <54CF93D1.1050603@verizon.net> On 02/02/2015 09:25 AM, George Rosamond wrote: > Nick Danger: >> One of the WiFi's is layer 2 back to "HQ" so they can let everyone on >> the same company/brand surf the modem at your house without knowing your >> wifi username and password. >> > > I was under the impression that Comcast and TWC got rid of residential > users providing free wifi to their customers. Wasn't that some /. story > a while back? This thing? http://www.sfgate.com/business/article/Comcast-sued-for-turning-home-Wi-Fi-routers-into-5943750.php (link wraps) They wanted to basically piggyback on having market share. It's a lovely idea from a technical perspective... maybe no so much from a "wait, I'm giving you guys 80 bucks a month and you're eating my bandwidth?" one. > It's sort of a funny issue. On the one hand, residential users are > powering the cable company's wifi for their other customers with no > compensation. On the other hand, a lot of their customers using others > wifi are likely to come under the sights of the RIAA/MPAA and their > racketeering cohorts. No? Sort of reminds me of Sony - one division sells you blank CDs, and the other sues you for using them. From justin at shiningsilence.com Mon Feb 2 10:17:22 2015 From: justin at shiningsilence.com (Justin Sherrill) Date: Mon, 2 Feb 2015 10:17:22 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: <20150202010923.2229F17FDAA@rebar.astron.com> References: <153B76D0-66C0-48A2-8AA4-891E6B4B237C@ymail.com> <20150202010923.2229F17FDAA@rebar.astron.com> Message-ID: On Sun, Feb 1, 2015 at 8:09 PM, Christos Zoulas wrote: > This is 74.66.x.y, and it also gives me a /64 in IPv6... I didn't mean to imply 24.0.0.0/8 was the *only* range Time Warner used - just that it was the first, and still in use. From scottro at nyc.rr.com Mon Feb 2 10:19:34 2015 From: scottro at nyc.rr.com (Scott Robbins) Date: Mon, 2 Feb 2015 10:19:34 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: <54CF928A.8060603@hackermonkey.com> References: <153B76D0-66C0-48A2-8AA4-891E6B4B237C@ymail.com> <1339998695.638326.1422839559399.JavaMail.yahoo@mail.yahoo.com> <54CF8421.6090208@hackermonkey.com> <54CF88EE.8000308@ceetonetechnology.com> <54CF928A.8060603@hackermonkey.com> Message-ID: <20150202151934.GA14347@scott1.scottro.net> On Mon, Feb 02, 2015 at 10:06:50AM -0500, Nick Danger wrote: > On 02/02/2015 09:25 AM, George Rosamond wrote: > > Nick Danger: > > I read that link and thought "Who the hell still uses PINE, or Mutt" and > then remembered I just had to install Mutt on a new server I built for > someone that has been at the school for almost 30 years now. *sigh* Writing from mutt.... > > > > I was under the impression that Comcast and TWC got rid of residential > > users providing free wifi to their customers. Wasn't that some /. story > > a while back? > > No, its still there. I think they made it "opt in" now. The claim is > that by offering a small bit of your bandwidth to other customers, that > wont impact your overall speed promises from the ISP. > > I have the new Comcast modem sitting on my floor. I don't want to > replace the one I have now with it because I don't want the built in > WiFi. One of these days I'll scrape together some hardware and build a > pfSense box and replace the whole current messy setup I have. At some point, when changing my TWC modem, it wound up breaking my network--there was a wifi router which I didn't want and it took a few hours on the phone with them to get it to turn off. > -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 From mikel.king at gmail.com Mon Feb 2 11:11:47 2015 From: mikel.king at gmail.com (Mikel King) Date: Mon, 2 Feb 2015 11:11:47 -0500 Subject: [talk] Optimum provided home router madness In-Reply-To: <54CF93D1.1050603@verizon.net> References: <153B76D0-66C0-48A2-8AA4-891E6B4B237C@ymail.com> <1339998695.638326.1422839559399.JavaMail.yahoo@mail.yahoo.com> <54CF8421.6090208@hackermonkey.com> <54CF88EE.8000308@ceetonetechnology.com> <54CF93D1.1050603@verizon.net> Message-ID: I have Optimum Biz for my company, and is a completely ?Opt-In? solution. What they do to entice you to offer the public WiFi is they will give you a bandwidth boost and also limit the amount of bandwidth to the freeloaders. Regards, Mikel > On Feb 2, 2015, at 10:12 AM, Ah Pook wrote: > > On 02/02/2015 09:25 AM, George Rosamond wrote: >> Nick Danger: >>> One of the WiFi's is layer 2 back to "HQ" so they can let everyone on >>> the same company/brand surf the modem at your house without knowing your >>> wifi username and password. >>> >> >> I was under the impression that Comcast and TWC got rid of residential >> users providing free wifi to their customers. Wasn't that some /. story >> a while back? > > This thing? > http://www.sfgate.com/business/article/Comcast-sued-for-turning-home-Wi-Fi-routers-into-5943750.php > (link wraps) > > They wanted to basically piggyback on having market share. It's a lovely idea from a technical perspective... maybe no so much from a "wait, I'm giving you guys 80 bucks a month and you're eating my bandwidth?" one. > >> It's sort of a funny issue. On the one hand, residential users are >> powering the cable company's wifi for their other customers with no >> compensation. On the other hand, a lot of their customers using others >> wifi are likely to come under the sights of the RIAA/MPAA and their >> racketeering cohorts. No? > > Sort of reminds me of Sony - one division sells you blank CDs, and the other sues you for using them. > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk From assaf at eml.cc Tue Feb 3 17:12:50 2015 From: assaf at eml.cc (assaf rutenberg) Date: Tue, 03 Feb 2015 17:12:50 -0500 Subject: [talk] MIPS boards available for anyone on list Message-ID: <1423001570.3912482.222716557.2C7A2A41@webmail.messagingengine.com> Hey all, I just recieved a bunch of Imagination Technologies MIPS development boards (http://community.imgtec.com/developers/creator-ci20/?utm_source=imgtec&utm_medium=shorturl&utm_campaign=CreatorLandingPage). If anyone would like one to play with, let me know and I get on to you, either at a meeting or by mail. There was a thread about these several months ago and i popped for 4 of them with intention of giving 3 away to anyone who wanted to play with them. I'm headed to Ecuador in two weeks for a couple of months so if you are interested, let me know sooner rather than later. -- assaf rutenberg assaf at eml.cc From witchdoctor.mdf at gmail.com Tue Feb 3 20:58:06 2015 From: witchdoctor.mdf at gmail.com (R0B_ROD) Date: Tue, 03 Feb 2015 20:58:06 -0500 Subject: [talk] Intro Message-ID: <54D17CAE.5070900@gmail.com> Hello to all. I am slowly learning about the UNIX culture and I am feeling closer to home each day. I am currently building ports in 10.1-STABLE. I am a complete *BSD newbie, my little experience is with Linux as a end-user. I have done some basic administration for my own amd64 laptop or i686 P4 but I want to really be useful to the world. Just looking for a place to call 'my hood'. I was born in NYC in 1984. Raised in Puerto Rico. Thanks for reading. -- > Roberto > ^ > /"\ / 33.2947? N, 82.2006? W > \ / ASCII REBEL CAMPAIGN / (1) 4044743997 > -X- AGAINST HTML EMAIL / witchdoctor.mdf at gmail.COM > / \ AND POSTINGS / http://mdf0.blogspot.com > \_/ From george at ceetonetechnology.com Tue Feb 3 22:39:42 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Tue, 03 Feb 2015 22:39:42 -0500 Subject: [talk] Intro In-Reply-To: <54D17CAE.5070900@gmail.com> References: <54D17CAE.5070900@gmail.com> Message-ID: <54D1947E.101@ceetonetechnology.com> R0B_ROD: > Hello to all. I am slowly learning about the UNIX culture > and I am feeling closer to home each day. I am currently building > ports in 10.1-STABLE. I am a complete *BSD newbie, my little > experience is with Linux as a end-user. I have done some basic > administration for my own amd64 laptop or i686 P4 but I want to > really be useful to the world. Just looking for a place to call > 'my hood'. I was born in NYC in 1984. Raised in Puerto Rico. > Thanks for reading. Welcome aboard Roberto. Feel free to use this list if you have any questions. None of us started from anything other than 0. I'd recommend checking out the meeting next Tuesday also. g From witchdoctor.mdf at gmail.com Wed Feb 4 08:01:54 2015 From: witchdoctor.mdf at gmail.com (R0B_ROD) Date: Wed, 04 Feb 2015 08:01:54 -0500 Subject: [talk] Intro In-Reply-To: <54D1947E.101@ceetonetechnology.com> References: <54D17CAE.5070900@gmail.com> <54D1947E.101@ceetonetechnology.com> Message-ID: <54D21842.50208@gmail.com> On 02/03/2015 10:39 PM, George Rosamond wrote: > Welcome aboard Roberto. > > Feel free to use this list if you have any questions. None of us started > from anything other than 0. > > I'd recommend checking out the meeting next Tuesday also. > > g > I wish I could make the meeting but I live in Georgia. Thanks for replying and the invite. -- > Roberto > ^ > /"\ / 33.2947? N, 82.2006? W > \ / ASCII REBEL CAMPAIGN / (1) 4044743997 > -X- AGAINST HTML EMAIL / witchdoctor.mdf at gmail.COM > / \ AND POSTINGS / http://mdf0.blogspot.com > \_/ From george at ceetonetechnology.com Wed Feb 4 09:09:22 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Wed, 04 Feb 2015 09:09:22 -0500 Subject: [talk] Fwd: [announce] NYC*BUG Upcoming Message-ID: <54D22812.6000504@ceetonetechnology.com> Forwarding for those *not* on the announce@ list... although you should be. There is no meeting tonight. Rather, the February meeting is next Tuesday, Feb 10. -------- Forwarded Message -------- Subject: [announce] NYC*BUG Upcoming Date: Wed, 04 Feb 2015 09:06:40 -0500 From: NYC*BUG Announcements REMINDER: There is NO NYC*BUG meeting tonight, even though it's the first Wednesday of the month. The February meeting will be next Tuesday, the 10th. ****** Tuesday, Feb 10, 645 PM Life with an OpenBSD Laptop, Issac ".ike" Levy Stone Creek Bar & Lounge 140 E 27th Street east of Lexington Avenue Have you ever been OpenBSD-curious? "OpenBSD is thought of by many security professionals as the most secure UNIX-like operating system, as the result of a never-ending comprehensive source code security audit." Yet, whether OpenBSD is right for you is a question that only you can answer. I'll share my practical experiences transitioning from Mac life to OpenBSD- the good, bad, and the ugly. For over 15 years, Mac OSX was "the computer I physically touch". I build infrastructure, and the computers I care about most, I rarely physically touch- servers on the internet. These servers provide me the leading edge of computer security, networking, cryptography, filesystems- all from Open and auditable codebases... I decided I'd had enough with my laptop being the ironic weakest link in my digital ecosystem. Forget religious debates about Operating Systems- I simply set out to build an Open Source, Stable, Securable, and full-featured laptop. And I was delighted that id doesn't suck to use! Speaker Bio Isaac (.ike) Levy is a crusty UNIX Hacker. A long-time community contributor to the *BSD's,ike is obsessed with high-availability and redundant networked servers systems, mostly because he likes to sleep at night. Standing on the shoulders of giants, his background includes partnering to run a Virtual Server ISP before anyone called it a cloud, as well as having a long history building internet-facing infrastructure with UNIX systems. .ike has been a part of NYC*BUG since it was first launched in January 2004. He was a long-time member of the Lower East Side Mac Unix User Group, and is still in denial that this group no longer exists. He has spoken frequently on a number of UNIX and internet security topics at various venues, particularly on the topic of FreeBSD's jail(8). ******* Wednesday, March 4, 645 PM The Design and Implementation of the FreeBSD Operating System, George Neville-Neil Stone Creek Bar & Lounge 140 E 27th Street east of Lexington Avenue Book Release Event for "The Design and Implementation of the FreeBSD Operating System" with George Neville-Neil The March meeting will be a special launch meeting for the recent release of "The Design and Implementation of the FreeBSD Operating System." George Neville-Neil, one of the three authors, will be speaking on DTrace, which is covered in the book. Copies of the book will be for sale and giveaway. Prentice Hall, the publisher, will be sponsoring hors d'oeuvres. DTrace is the tool of choice for debugging and performance tuning systems running on FreeBSD. Originally developed for the Solaris operating system, DTrace was ported to FreeBSD and has been developed and enhanced within FreeBSD ever since. Used by both systems administrators and developers, this talk will discuss both how DTrace works, as described in the latest edition of "The Design and Implementation of the FreeBSD Operating System" as well as how to effectively use the system to monitor systems and diagnose problems. Speaker Bio George Neville-Neil works on networking and operating system code for fun and profit. He also teaches various courses on subjects related to computer programming. His professional areas of interest include code spelunking, operating systems, networking, time and security. He is the co-author with Marshall Kirk McKusick and Robert Watson of The Design and Implementation of the FreeBSD Operating System and is the columnist behind ACM Queue's "Kode Vicious." He serves as a Director of the non-profit, FreeBSD Foundation. He earned his bachelor's degree in computer science at Northeastern University in Boston, Massachusetts, and is a member of the ACM, the USENIX Association and the IEEE. He is an avid bicyclist and traveler who currently resides in New York City. ***** AsiaBSDCon is March 12-15 in Tokyo, Japan BSDCan is June 12-13 in Ottawa, Canada. Registration opens in early March. Start making your plans now. _______________________________________________ announce mailing list announce at lists.nycbug.org http://lists.nycbug.org/mailman/listinfo/announce From witchdoctor.mdf at gmail.com Wed Feb 4 21:47:44 2015 From: witchdoctor.mdf at gmail.com (R0B_ROD) Date: Wed, 04 Feb 2015 21:47:44 -0500 Subject: [talk] "Grounding to nil" Message-ID: <54D2D9D0.1010404@gmail.com> The following is an idea that came about during meditation. The learning curve is steep and everyday is another chance. I think that life gives me little outlets for expression. Some folks have a major public scene but I am just a series of bytes on a screen. Feel free to reply as you wish. Good day! PS: A sense of humor is hoped for while reading the following. I do not wish to push, promote or advertise any "religion", "cult" or "yoga" "system". I am simply sharing information. Like I said before looking for a 'hood' and friends to chill and hang out with. Besides I do not mean anything racist or derogatory to anyone. I come in peace and with love to all people. --------------------------------------------------- @unix-clone:~ $ irssi -c irc.freenode.net > /whois R0B_ROD > /j #freebsd #################################################<3 LOGO: http://goo.gl/HmkSFo Artwork of Taino Culture. A Behique or Witchdoctor (Shaman). This artifact is a finger painting found on rocks found by archaeologists in Puerto Rico. DISCLAIMER: This is for educational purposes only. This is a cause, its intangible. I will cooperate with all techs and any business entity founded on helping the human race in some way or fashion. I simply want to learn. I am not trying to take your customers. Science cannot be privatized nor commercialized. I am not seeking wealth nor recognition but knowledge. NON-DISCRIMINATION! NON-VIOLENCE! STOP WAR! MAKE LOVE! HACK THE PLANET! I truly do not wish to offend anyone but if you are, sorry. #################################################<3 First of all, I will be totally liable if I damage your box. I promise that you can sue me and throw me in jail. I promise to keep your data private and not look at your data either. I promise I don't work for any law/military agency nor will report you to any such agency. I will be completely confidential. I am a scientist in pursuit of digital_artifacts that cause harm. These are some interesting programs to say the least but its not my job to know the author's motive. Someone needs to analyze them now so the future has better defense because its only getting worse. I want to dissect the Malicious software (viruses, worms, trojan horse, root-kits, etc). Please allow me to explore your system and see if I can find and remove the malicious program and infected files in order to further my cause. You see, I love computers and I want to help all computers in any way I can. I am naturally heroic and this is my mission on Earth. It$ not about money or your satisfaction, even though that is one important goal of our Contact, I truly do it as a sport for my friends, the machines. I promise to do my very best and make you happy with my service. The best hackers on the planet have little to no formal education. I don't "need" accredited education even though I would love a formal education so my modus operandi is by trial and error(heuristics). I assure you that I have plenty of hands-on experience(18 years therefore I will cautiously investigate the unit(s). (I hope). I'm not an "expert" in Malware but I must acquire samples and start my part of the fight against digital_diseases. Any kind of donation accepted. Thank you very much! #gift.conf hardware, computers(any condition), software, knowledge, ideas, food (no meat, eggs or fish), cash/check/paypal/bitCoin, could you refer me? or any gift you want. I am deeply grateful for any gifts received however even if you give me nothing the service is forever FREE. Your satisfaction is enough for me. The Pleasure Exercise is my preferred method of concentration training. I am not related to any Cult, Society or Sect. I don't even believe in the mantra, I just enjoy the process of doing it.Beware that it does not matter if you believe in its effectiveness, simply by reading the words of the mantra will cause effects for you. Pretty cool huh? Have a great day! > Roberto > ^ > /"\ / 33.2947? N, 82.2006? W > \ / ASCII REBEL CAMPAIGN / (1) 4044743997 > -X- AGAINST HTML EMAIL / witchdoctor.mdf at gmail.COM > / \ AND POSTINGS / http://mdf0.blogspot.com > \_/ From witchdoctor.mdf at gmail.com Thu Feb 5 00:06:36 2015 From: witchdoctor.mdf at gmail.com (R0B_ROD) Date: Thu, 05 Feb 2015 00:06:36 -0500 Subject: [talk] AUG*BSD Message-ID: <54D2FA5C.7060702@gmail.com> I live in Blythe but Augusta is very close. I want some comments and suggestions for making something similar to you. I want to host augbug.org on my amd64 FreeBSD 10.1-Stable, Custom kernel :) (also a nice wordplay) [a ug b ug] So excited about life right now. -- > Roberto > ^ > /"\ / 33.2947? N, 82.2006? W > \ / ASCII REBEL CAMPAIGN / (1) 4044743997 > -X- AGAINST HTML EMAIL / witchdoctor.mdf at gmail.COM > / \ AND POSTINGS / http://mdf0.blogspot.com > \_/ From george at ceetonetechnology.com Thu Feb 5 09:27:32 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Thu, 05 Feb 2015 09:27:32 -0500 Subject: [talk] AUG*BSD In-Reply-To: <54D2FA5C.7060702@gmail.com> References: <54D2FA5C.7060702@gmail.com> Message-ID: <54D37DD4.7090606@ceetonetechnology.com> R0B_ROD: > I live in Blythe but Augusta is very close. > I want some comments and suggestions for > making something similar to you. > I want to host augbug.org on my > amd64 FreeBSD 10.1-Stable, Custom kernel > :) (also a nice wordplay) [a ug b ug] > So excited about life right now. This is a frequent question we get. My recommendation is to start small and light. Don't attempt to replicate other user groups in scale. Start with a mailing list, and get the word out locally. Let it grow as it gains recognition. Once you have a few regulars around, get together informally, but keep the stakes low. Don't set high expectations Don't build out some crazy infrastructure, you're not Netflix Don't build out some top-heavy organizational structures, you're not there. And keep it fun. g From witchdoctor.mdf at gmail.com Thu Feb 5 09:30:41 2015 From: witchdoctor.mdf at gmail.com (R0B_ROD) Date: Thu, 05 Feb 2015 09:30:41 -0500 Subject: [talk] AUG*BSD In-Reply-To: <54D37DD4.7090606@ceetonetechnology.com> References: <54D2FA5C.7060702@gmail.com> <54D37DD4.7090606@ceetonetechnology.com> Message-ID: <54D37E91.2010101@gmail.com> On 02/05/2015 09:27 AM, George Rosamond wrote: > R0B_ROD: >> I live in Blythe but Augusta is very close. >> I want some comments and suggestions for >> making something similar to you. >> I want to host augbug.org on my >> amd64 FreeBSD 10.1-Stable, Custom kernel >> :) (also a nice wordplay) [a ug b ug] >> So excited about life right now. > > This is a frequent question we get. > > My recommendation is to start small and light. Don't attempt to > replicate other user groups in scale. > > Start with a mailing list, and get the word out locally. Let it grow as > it gains recognition. Once you have a few regulars around, get together > informally, but keep the stakes low. > > Don't set high expectations > > Don't build out some crazy infrastructure, you're not Netflix > > Don't build out some top-heavy organizational structures, you're not there. > > And keep it fun. > > g > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > Very excellent. I will take these suggestions. Thank you very much! :) -- > Roberto > ^ > /"\ / 33.2947? N, 82.2006? W > \ / ASCII REBEL CAMPAIGN / (1) 4044743997 > -X- AGAINST HTML EMAIL / witchdoctor.mdf at gmail.COM > / \ AND POSTINGS / http://mdf0.blogspot.com > \_/ From george at ceetonetechnology.com Thu Feb 5 12:03:17 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Thu, 05 Feb 2015 12:03:17 -0500 Subject: [talk] laptop donations Message-ID: <54D3A255.8070501@ceetonetechnology.com> Greetings. I'm looking for a laptop donation for a public school in NYC. The Title I elementary school is looking to conduct afternoon classes in Scratch (scratch.mit.edu). The specs don't have to be crazy. Quad core would be overkill. I'm guessing that they will run PCBSD on them or something similarly lightweight. Hit me offlist if you want to connect on this. Looking for up to ten or so. g From skreuzer at exit2shell.com Sat Feb 7 13:03:02 2015 From: skreuzer at exit2shell.com (Steven Kreuzer) Date: Sat, 7 Feb 2015 13:03:02 -0500 Subject: [talk] Cross Pollination Message-ID: I thought you guys might enjoy this commit: http://mail-index.netbsd.org/source-changes/2015/02/07/msg062979.html "This is probably the world's first Canadian cross device driver: it was created for OpenBSD by writing and porting a NetBSD driver which was developed in a rump kernel in Linux userspace." -------------- next part -------------- An HTML attachment was scrubbed... URL: From mcevoy.pat at gmail.com Mon Feb 9 18:47:29 2015 From: mcevoy.pat at gmail.com (Patrick McEvoy) Date: Mon, 09 Feb 2015 18:47:29 -0500 Subject: [talk] new space for our meetings Message-ID: <54D94711.5090004@gmail.com> During the last meeting @ Stone Creek Bar & Lounge: 140 E 27th St did anyone use the internet? I just called the bar and they say they have wireless just wanted to see what you guys thought. P From john at netpurgatory.com Mon Feb 9 18:56:12 2015 From: john at netpurgatory.com (John C. Vernaleo) Date: Mon, 9 Feb 2015 18:56:12 -0500 (EST) Subject: [talk] new space for our meetings In-Reply-To: <54D94711.5090004@gmail.com> References: <54D94711.5090004@gmail.com> Message-ID: On Mon, 9 Feb 2015, Patrick McEvoy wrote: > During the last meeting @ Stone Creek Bar & Lounge: 140 E 27th St did > anyone use the internet? I just called the bar and they say they have > wireless just wanted to see what you guys thought. > P It looks like I used it on my phone and I don't remember having a problem. Didn't have my laptop with me though so no data there. John From george at ceetonetechnology.com Mon Feb 9 19:21:42 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Mon, 09 Feb 2015 19:21:42 -0500 Subject: [talk] new space for our meetings In-Reply-To: References: <54D94711.5090004@gmail.com> Message-ID: <54D94F16.8090204@ceetonetechnology.com> John C. Vernaleo: > On Mon, 9 Feb 2015, Patrick McEvoy wrote: > >> During the last meeting @ Stone Creek Bar & Lounge: 140 E 27th St did >> anyone use the internet? I just called the bar and they say they have >> wireless just wanted to see what you guys thought. >> P > > It looks like I used it on my phone and I don't remember having a > problem. Didn't have my laptop with me though so no data there. Yes... they have wireless, but no idea if it's adequate to stream with, or even what bandwidth/latency you'd require to stream the meetings with. Best bet is to come prepared to stream, test it out, but have a backup record-only plan. g From george at ceetonetechnology.com Mon Feb 9 20:58:40 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Mon, 09 Feb 2015 20:58:40 -0500 Subject: [talk] new space for our meetings In-Reply-To: <596CA5F2-75F5-4FCB-8ADA-1D0BAAA8C53A@me.com> References: <54D94711.5090004@gmail.com> <54D94F16.8090204@ceetonetechnology.com> <596CA5F2-75F5-4FCB-8ADA-1D0BAAA8C53A@me.com> Message-ID: <54D965D0.6080803@ceetonetechnology.com> Siobhan Lynch: > We watched the Doctor Who 50th there - it was a bit cramped but fun. > No idea if the bandwidth is good - but ... It's a decent place for > meetings . > Cool. We have a good spot right now, but we should be on the lookout for other places just in case. A bunch of crazy real estate changes happened before my eyes over the past few days that is giving me headaches. Anyone notice that Eisenberg's on 5th just below 23rd street is closed? g From assaf at eml.cc Mon Feb 9 21:07:38 2015 From: assaf at eml.cc (Assaf Rutenberg) Date: Mon, 09 Feb 2015 21:07:38 -0500 Subject: [talk] new space for our meetings In-Reply-To: <54D965D0.6080803@ceetonetechnology.com> References: <54D94711.5090004@gmail.com> <54D94F16.8090204@ceetonetechnology.com> <596CA5F2-75F5-4FCB-8ADA-1D0BAAA8C53A@me.com> <54D965D0.6080803@ceetonetechnology.com> Message-ID: Oh damn. That's awful. They had such a great tuna sandwich. One of the few places with counter service and real character. Even after they'd been sold a few years back. (Sorry to wax poetic, and so off topic, but Eisenbergs was one of my "New York Places".) Anyone (even off list) remember McHales on 46th and 8th? On February 9, 2015 8:58:40 PM EST, George Rosamond wrote: >Siobhan Lynch: >> We watched the Doctor Who 50th there - it was a bit cramped but fun. >> No idea if the bandwidth is good - but ... It's a decent place for >> meetings . >> > >Cool. We have a good spot right now, but we should be on the lookout >for other places just in case. > >A bunch of crazy real estate changes happened before my eyes over the >past few days that is giving me headaches. > >Anyone notice that Eisenberg's on 5th just below 23rd street is closed? > >g >_______________________________________________ >talk mailing list >talk at lists.nycbug.org >http://lists.nycbug.org/mailman/listinfo/talk -- Sent from my Android device with K-9 Mail. Please excuse my brevity. -------------- next part -------------- An HTML attachment was scrubbed... URL: From slynch2112 at me.com Mon Feb 9 19:31:21 2015 From: slynch2112 at me.com (Siobhan Lynch) Date: Mon, 09 Feb 2015 19:31:21 -0500 Subject: [talk] new space for our meetings In-Reply-To: <54D94F16.8090204@ceetonetechnology.com> References: <54D94711.5090004@gmail.com> <54D94F16.8090204@ceetonetechnology.com> Message-ID: <596CA5F2-75F5-4FCB-8ADA-1D0BAAA8C53A@me.com> We watched the Doctor Who 50th there - it was a bit cramped but fun. No idea if the bandwidth is good - but ... It's a decent place for meetings . Sent from my iPhone > On Feb 9, 2015, at 7:21 PM, George Rosamond wrote: > > John C. Vernaleo: >>> On Mon, 9 Feb 2015, Patrick McEvoy wrote: >>> >>> During the last meeting @ Stone Creek Bar & Lounge: 140 E 27th St did >>> anyone use the internet? I just called the bar and they say they have >>> wireless just wanted to see what you guys thought. >>> P >> >> It looks like I used it on my phone and I don't remember having a >> problem. Didn't have my laptop with me though so no data there. > > Yes... they have wireless, but no idea if it's adequate to stream with, > or even what bandwidth/latency you'd require to stream the meetings with. > > Best bet is to come prepared to stream, test it out, but have a backup > record-only plan. > > g > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk From mark.saad at ymail.com Wed Feb 11 10:16:04 2015 From: mark.saad at ymail.com (Mark Saad) Date: Wed, 11 Feb 2015 10:16:04 -0500 Subject: [talk] Thinkpad Message-ID: <54DB7234.7060102@ymail.com> All On Woot today, the t420 for $279 http://computers.woot.com/?ref=cnt_sb_cp_2 -- Mark saad | mark.saad at ymail.com From george at ceetonetechnology.com Wed Feb 11 10:46:41 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Wed, 11 Feb 2015 10:46:41 -0500 Subject: [talk] Thinkpad In-Reply-To: <54DB7234.7060102@ymail.com> References: <54DB7234.7060102@ymail.com> Message-ID: <54DB7961.7060500@ceetonetechnology.com> Mark Saad: > All > On Woot today, the t420 for $279 > > http://computers.woot.com/?ref=cnt_sb_cp_2 > hey, it's one of those 16G of RAM laptops mentioned last night. And it comes in at a whopping 4.9 lbs. I'd go X series and squint over slipping a disk. This is the closet model AFAIK in dmesgd, the T400. http://www.nycbug.org/index.cgi?action=dmesgd&do=view&id=2588 And i know this guy is on IRC pretty regularly. g From george at ceetonetechnology.com Wed Feb 11 13:18:05 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Wed, 11 Feb 2015 13:18:05 -0500 Subject: [talk] apmd issue last night Message-ID: <54DB9CDD.4040008@ceetonetechnology.com> Just a quick fyi/cya note here. If you look at OpenBSD apmd(8), you won't see -C listed. It was deprecated at some point IIRC. The correct flag to have in /etc/rc.conf.local is: apmd_flags="-A" This will autoadjust the sysctl knob hw.setperf depending on how the laptop is powered. But then again, this is in current, and Ike is using the release IIRC. The other relevant sysctl is machdep.lidsuspend=1, which can now be set during the install. Therefore, I have no idea why Ike's laptop didn't resume! g From bcallah at devio.us Wed Feb 11 13:21:33 2015 From: bcallah at devio.us (Brian Callahan) Date: Wed, 11 Feb 2015 13:21:33 -0500 Subject: [talk] apmd issue last night In-Reply-To: <54DB9CDD.4040008@ceetonetechnology.com> References: <54DB9CDD.4040008@ceetonetechnology.com> Message-ID: <54DB9DAD.9090104@devio.us> On 02/11/15 13:18, George Rosamond wrote: > Just a quick fyi/cya note here. > > If you look at OpenBSD apmd(8), you won't see -C listed. It was > deprecated at some point IIRC. The correct flag to have in > /etc/rc.conf.local is: > > apmd_flags="-A" > > This will autoadjust the sysctl knob hw.setperf depending on how the > laptop is powered. > > But then again, this is in current, and Ike is using the release IIRC. > > The other relevant sysctl is machdep.lidsuspend=1, which can now be set > during the install. The lidsuspend question is no longer asked in the installer. You now get it by default. This will be how it works starting with 5.7 (in -current now): http://marc.info/?l=openbsd-cvs&m=142108042300724&w=2 ~Brian From mark.saad at ymail.com Thu Feb 12 10:08:55 2015 From: mark.saad at ymail.com (Mark Saad) Date: Thu, 12 Feb 2015 10:08:55 -0500 Subject: [talk] Thinkpad In-Reply-To: <54DB7961.7060500@ceetonetechnology.com> References: <54DB7234.7060102@ymail.com> <54DB7961.7060500@ceetonetechnology.com> Message-ID: <54DCC207.9050207@ymail.com> Woot has another today the t410 http://www.woot.com/?ref=gh_w_1 On 02/11/15 10:46, George Rosamond wrote: > Mark Saad: >> All >> On Woot today, the t420 for $279 >> >> http://computers.woot.com/?ref=cnt_sb_cp_2 >> > > hey, it's one of those 16G of RAM laptops mentioned last night. And it > comes in at a whopping 4.9 lbs. I'd go X series and squint over > slipping a disk. > > This is the closet model AFAIK in dmesgd, the T400. > > http://www.nycbug.org/index.cgi?action=dmesgd&do=view&id=2588 > > And i know this guy is on IRC pretty regularly. > > g > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > -- Mark saad | mark.saad at ymail.com From mspitzer at gmail.com Thu Feb 12 13:54:24 2015 From: mspitzer at gmail.com (Marc Spitzer) Date: Thu, 12 Feb 2015 13:54:24 -0500 Subject: [talk] apmd issue last night In-Reply-To: <54DB9CDD.4040008@ceetonetechnology.com> References: <54DB9CDD.4040008@ceetonetechnology.com> Message-ID: because he changed something after it worked and before the demo, it is the way of the world Marc On Wed, Feb 11, 2015 at 1:18 PM, George Rosamond < george at ceetonetechnology.com> wrote: > Just a quick fyi/cya note here. > > If you look at OpenBSD apmd(8), you won't see -C listed. It was > deprecated at some point IIRC. The correct flag to have in > /etc/rc.conf.local is: > > apmd_flags="-A" > > This will autoadjust the sysctl knob hw.setperf depending on how the > laptop is powered. > > But then again, this is in current, and Ike is using the release IIRC. > > The other relevant sysctl is machdep.lidsuspend=1, which can now be set > during the install. > > Therefore, I have no idea why Ike's laptop didn't resume! > > g > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > -- Freedom is nothing but a chance to be better. --Albert Camus The inherent vice of capitalism is the unequal sharing of blessings; the inherent virtue of socialism is the equal sharing of miseries. -- Winston Churchill Do the arithmetic or be doomed to talk nonsense. --John McCarthy -------------- next part -------------- An HTML attachment was scrubbed... URL: From mspitzer at gmail.com Thu Feb 12 13:57:28 2015 From: mspitzer at gmail.com (Marc Spitzer) Date: Thu, 12 Feb 2015 13:57:28 -0500 Subject: [talk] AUG*BSD In-Reply-To: <54D37DD4.7090606@ceetonetechnology.com> References: <54D2FA5C.7060702@gmail.com> <54D37DD4.7090606@ceetonetechnology.com> Message-ID: One other thing, from starting a different user group, pick a day and if nothing else meet for beers once a month. people have a good time and get used to showing up. Marc On Thu, Feb 5, 2015 at 9:27 AM, George Rosamond < george at ceetonetechnology.com> wrote: > R0B_ROD: > > I live in Blythe but Augusta is very close. > > I want some comments and suggestions for > > making something similar to you. > > I want to host augbug.org on my > > amd64 FreeBSD 10.1-Stable, Custom kernel > > :) (also a nice wordplay) [a ug b ug] > > So excited about life right now. > > This is a frequent question we get. > > My recommendation is to start small and light. Don't attempt to > replicate other user groups in scale. > > Start with a mailing list, and get the word out locally. Let it grow as > it gains recognition. Once you have a few regulars around, get together > informally, but keep the stakes low. > > Don't set high expectations > > Don't build out some crazy infrastructure, you're not Netflix > > Don't build out some top-heavy organizational structures, you're not there. > > And keep it fun. > > g > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > -- Freedom is nothing but a chance to be better. --Albert Camus The inherent vice of capitalism is the unequal sharing of blessings; the inherent virtue of socialism is the equal sharing of miseries. -- Winston Churchill Do the arithmetic or be doomed to talk nonsense. --John McCarthy -------------- next part -------------- An HTML attachment was scrubbed... URL: From brett at coiloptic.org Thu Feb 12 16:07:47 2015 From: brett at coiloptic.org (Brett Mahar) Date: Fri, 13 Feb 2015 08:07:47 +1100 Subject: [talk] apmd issue last night In-Reply-To: References: Message-ID: <20150213080747.8da769c2cd90049d831314ff@coiloptic.org> | | If you look at OpenBSD apmd(8), you won't see -C listed. It was | deprecated at some point IIRC. The correct flag to have in | /etc/rc.conf.local is: | | apmd_flags="-A" | | This will autoadjust the sysctl knob hw.setperf depending on how the | laptop is powered. | In current, you can now set hw.setperf (via sysctl or /etc/sysctl.conf) to -1. This will run your computer at hw.setperf=0, and raise it to 100 when the machine is under load. This is better than using apmd in many cases. Cheers, Brett. From george at ceetonetechnology.com Thu Feb 12 16:41:39 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Thu, 12 Feb 2015 16:41:39 -0500 Subject: [talk] apmd issue last night In-Reply-To: <20150213080747.8da769c2cd90049d831314ff@coiloptic.org> References: <20150213080747.8da769c2cd90049d831314ff@coiloptic.org> Message-ID: <54DD1E13.2060206@ceetonetechnology.com> Brett Mahar: > > | | If you look at OpenBSD apmd(8), you won't see -C listed. It was > | deprecated at some point IIRC. The correct flag to have in | > /etc/rc.conf.local is: | | apmd_flags="-A" | | This will autoadjust > the sysctl knob hw.setperf depending on how the | laptop is powered. > | > > In current, you can now set hw.setperf (via sysctl or > /etc/sysctl.conf) to -1. This will run your computer at hw.setperf=0, > and raise it to 100 when the machine is under load. This is better > than using apmd in many cases. Ok. But then you still need apmd running, right? With any flags? g From slynch2112 at me.com Thu Feb 12 20:00:20 2015 From: slynch2112 at me.com (Siobhan Lynch) Date: Thu, 12 Feb 2015 20:00:20 -0500 Subject: [talk] Its been a while, but wow... (and a call for devs?) Message-ID: So I took a year and a half off to go to school? and didn?t work on much on *BSD for a while? but I have to say? I am quite impressed with some of the new stuff and how pkgng has turned out. I was a bit confused that cvsup was deprecated, but subversion works fine. I?m really enjoying getting back to this, it?s like seeing an old friend. Also, the guy I am working on a contract for is looking for developers (php/java, but some strength in erlang and python would be nice too) - I can get a job description, but if anyone is interested, they are in Williiamsburg - and you?ll be working with me :) Also, some knowledge of amqp and celery as well as nosql dbs, and mysql would be nice. I am doing the general architecture, so things are subject to change based on developer input. We are using nginx and the Phalcon framework on the front end. Most development can be done on local VMs and I am building vagrant boxes for the devs. So knowledge of any of that is a plus. I pushed them to use FreeBSD on the server side (partly because I can get things up and running faster, and I have always had better luck with Java on FreeBSD performance-wise - funny that. Anyway, great to be back, maybe I?ll get out to a meeting again soon! -Trish From brett at coiloptic.org Fri Feb 13 16:18:59 2015 From: brett at coiloptic.org (Brett Mahar) Date: Sat, 14 Feb 2015 08:18:59 +1100 Subject: [talk] apmd issue last night In-Reply-To: References: Message-ID: <20150214081859.25e77af5a5f42db637009b82@coiloptic.org> | > | > | | If you look at OpenBSD apmd(8), you won't see -C listed. It was | > | deprecated at some point IIRC. The correct flag to have in | | > /etc/rc.conf.local is: | | apmd_flags="-A" | | This will autoadjust | > the sysctl knob hw.setperf depending on how the | laptop is powered. | > | | > | > In current, you can now set hw.setperf (via sysctl or | > /etc/sysctl.conf) to -1. This will run your computer at hw.setperf=0, | > and raise it to 100 when the machine is under load. This is better | > than using apmd in many cases. | | Ok. | | But then you still need apmd running, right? With any flags? Hi George, No need for ampd at all then. Brett. From skreuzer at exit2shell.com Sat Feb 14 16:35:29 2015 From: skreuzer at exit2shell.com (Steven Kreuzer) Date: Sat, 14 Feb 2015 16:35:29 -0500 Subject: [talk] Thinkpad In-Reply-To: <54DB7961.7060500@ceetonetechnology.com> References: <54DB7234.7060102@ymail.com> <54DB7961.7060500@ceetonetechnology.com> Message-ID: <6A41AFAF-92F2-43FD-99D9-C367D55D4024@exit2shell.com> > On Feb 11, 2015, at 10:46 AM, George Rosamond wrote: > > Mark Saad: >> All >> On Woot today, the t420 for $279 >> >> http://computers.woot.com/?ref=cnt_sb_cp_2 >> > > hey, it's one of those 16G of RAM laptops mentioned last night. And it > comes in at a whopping 4.9 lbs. I'd go X series and squint over > slipping a disk. > > This is the closet model AFAIK in dmesgd, the T400. > > http://www.nycbug.org/index.cgi?action=dmesgd&do=view&id=2588 My T420 just arrived today and the longest part of the install process was the amount of time it took to write the memstick image to a usb thumb drive. All the hardware was detected and it even suspends and resumes without issue. It also looks like you can bump this laptop up to 16GB of RAM for about 130 bucks, which isn?t too bad I just submitted my dmesg.boot to dmesgd -------------- next part -------------- An HTML attachment was scrubbed... URL: From george at ceetonetechnology.com Sat Feb 14 16:41:52 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Sat, 14 Feb 2015 16:41:52 -0500 Subject: [talk] Thinkpad In-Reply-To: <6A41AFAF-92F2-43FD-99D9-C367D55D4024@exit2shell.com> References: <54DB7234.7060102@ymail.com> <54DB7961.7060500@ceetonetechnology.com> <6A41AFAF-92F2-43FD-99D9-C367D55D4024@exit2shell.com> Message-ID: <54DFC120.808@ceetonetechnology.com> Steven Kreuzer: > >> On Feb 11, 2015, at 10:46 AM, George Rosamond wrote: >> >> Mark Saad: >>> All >>> On Woot today, the t420 for $279 >>> >>> http://computers.woot.com/?ref=cnt_sb_cp_2 >>> >> >> hey, it's one of those 16G of RAM laptops mentioned last night. And it >> comes in at a whopping 4.9 lbs. I'd go X series and squint over >> slipping a disk. >> >> This is the closet model AFAIK in dmesgd, the T400. >> >> http://www.nycbug.org/index.cgi?action=dmesgd&do=view&id=2588 > > My T420 just arrived today and the longest part of the install process was the amount of time it took > to write the memstick image to a usb thumb drive. All the hardware was detected and it even suspends > and resumes without issue. > > It also looks like you can bump this laptop up to 16GB of RAM for about 130 bucks, which isn?t too bad > > I just submitted my dmesg.boot to dmesgd Remarkable that a new laptop today, especially a T-series Thinkpad, could have a mere 4G of RAM in it. how is the iwn(4)? g From skreuzer at exit2shell.com Sat Feb 14 19:24:59 2015 From: skreuzer at exit2shell.com (Steven Kreuzer) Date: Sat, 14 Feb 2015 19:24:59 -0500 Subject: [talk] Thinkpad In-Reply-To: <54DFC120.808@ceetonetechnology.com> References: <54DB7234.7060102@ymail.com> <54DB7961.7060500@ceetonetechnology.com> <6A41AFAF-92F2-43FD-99D9-C367D55D4024@exit2shell.com> <54DFC120.808@ceetonetechnology.com> Message-ID: <43BEA866-B937-4613-BEEF-2F32FBBEB4D9@exit2shell.com> > On Feb 14, 2015, at 4:41 PM, George Rosamond wrote: > > Steven Kreuzer: >> >>> On Feb 11, 2015, at 10:46 AM, George Rosamond wrote: >>> >>> Mark Saad: >>>> All >>>> On Woot today, the t420 for $279 >>>> >>>> http://computers.woot.com/?ref=cnt_sb_cp_2 >>>> >>> >>> hey, it's one of those 16G of RAM laptops mentioned last night. And it >>> comes in at a whopping 4.9 lbs. I'd go X series and squint over >>> slipping a disk. >>> >>> This is the closet model AFAIK in dmesgd, the T400. >>> >>> http://www.nycbug.org/index.cgi?action=dmesgd&do=view&id=2588 >> >> My T420 just arrived today and the longest part of the install process was the amount of time it took >> to write the memstick image to a usb thumb drive. All the hardware was detected and it even suspends >> and resumes without issue. >> >> It also looks like you can bump this laptop up to 16GB of RAM for about 130 bucks, which isn?t too bad >> >> I just submitted my dmesg.boot to dmesgd > > Remarkable that a new laptop today, especially a T-series Thinkpad, > could have a mere 4G of RAM in it. > > how is the iwn(4)? So far, so good. When I was installing this machine, bsdinstaller found my access point and after I associated with it I was up and running. From george at ceetonetechnology.com Sun Feb 15 11:13:27 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Sun, 15 Feb 2015 11:13:27 -0500 Subject: [talk] m0n0wall project ending Message-ID: <54E0C5A7.3070307@ceetonetechnology.com> Mark S. noted this: http://m0n0.ch/wall/end_announcement.php The end of m0n0wall... g From spork at bway.net Sun Feb 15 14:16:22 2015 From: spork at bway.net (Charles Sprickman) Date: Sun, 15 Feb 2015 14:16:22 -0500 Subject: [talk] m0n0wall project ending In-Reply-To: <54E0C5A7.3070307@ceetonetechnology.com> References: <54E0C5A7.3070307@ceetonetechnology.com> Message-ID: On Feb 15, 2015, at 11:13 AM, George Rosamond wrote: > Mark S. noted this: > > http://m0n0.ch/wall/end_announcement.php > > The end of m0n0wall? The most interesting thing I found there was this: https://opnsense.org Never heard of it until today. It is a pfsense fork? I?ve had good luck with Dutch software so far (hi, PowerDNS, OpenVPN-NL), this should be interesting to watch. Charles > > g > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk From bcallah at devio.us Sun Feb 15 14:19:47 2015 From: bcallah at devio.us (Brian Callahan) Date: Sun, 15 Feb 2015 14:19:47 -0500 Subject: [talk] m0n0wall project ending In-Reply-To: References: <54E0C5A7.3070307@ceetonetechnology.com> Message-ID: <54E0F153.6090702@devio.us> On 02/15/15 14:16, Charles Sprickman wrote: > On Feb 15, 2015, at 11:13 AM, George Rosamond wrote: > >> Mark S. noted this: >> >> http://m0n0.ch/wall/end_announcement.php >> >> The end of m0n0wall? > The most interesting thing I found there was this: > > https://opnsense.org > > Never heard of it until today. It is a pfsense fork? > > I?ve had good luck with Dutch software so far (hi, PowerDNS, OpenVPN-NL), this should be interesting to watch. > BSD Now has had some coverage of OPNsense recently. I think they interviewed one of the project members. Worth checking out if you have some time. ~Brian From spork at bway.net Sun Feb 15 14:26:30 2015 From: spork at bway.net (Charles Sprickman) Date: Sun, 15 Feb 2015 14:26:30 -0500 Subject: [talk] m0n0wall project ending In-Reply-To: <54E0F153.6090702@devio.us> References: <54E0C5A7.3070307@ceetonetechnology.com> <54E0F153.6090702@devio.us> Message-ID: <2E1117DC-129D-4BEB-BC30-F019701D922B@bway.net> On Feb 15, 2015, at 2:19 PM, Brian Callahan wrote: > > On 02/15/15 14:16, Charles Sprickman wrote: >> On Feb 15, 2015, at 11:13 AM, George Rosamond wrote: >> >>> Mark S. noted this: >>> >>> http://m0n0.ch/wall/end_announcement.php >>> >>> The end of m0n0wall? >> The most interesting thing I found there was this: >> >> https://opnsense.org >> >> Never heard of it until today. It is a pfsense fork? >> >> I?ve had good luck with Dutch software so far (hi, PowerDNS, OpenVPN-NL), this should be interesting to watch. >> > > BSD Now has had some coverage of OPNsense recently. I think they > interviewed one of the project members. Worth checking out if you have > some time. I also should have included this: https://wiki.opnsense.org/index.php/OPNsense:So_why_did_we_fork%3F Seems like a bunch of valid points. Ethically, I?d say if the company sponsoring this fork did contribute time and money to the pfsense project as they claim, then this is quite fair. I do wonder why they would go to the trouble of rewriting the front end to not require php running as root yet continue to use php. :) Charles > ~Brian From okan at demirmen.com Sun Feb 15 14:44:20 2015 From: okan at demirmen.com (Okan Demirmen) Date: Sun, 15 Feb 2015 14:44:20 -0500 Subject: [talk] m0n0wall project ending In-Reply-To: <2E1117DC-129D-4BEB-BC30-F019701D922B@bway.net> References: <54E0C5A7.3070307@ceetonetechnology.com> <54E0F153.6090702@devio.us> <2E1117DC-129D-4BEB-BC30-F019701D922B@bway.net> Message-ID: On Sun, Feb 15, 2015 at 2:26 PM, Charles Sprickman wrote: > On Feb 15, 2015, at 2:19 PM, Brian Callahan wrote: > >> >> On 02/15/15 14:16, Charles Sprickman wrote: >>> On Feb 15, 2015, at 11:13 AM, George Rosamond wrote: >>> >>>> Mark S. noted this: >>>> >>>> http://m0n0.ch/wall/end_announcement.php >>>> >>>> The end of m0n0wall? >>> The most interesting thing I found there was this: >>> >>> https://opnsense.org >>> >>> Never heard of it until today. It is a pfsense fork? >>> >>> I?ve had good luck with Dutch software so far (hi, PowerDNS, OpenVPN-NL), this should be interesting to watch. >>> >> >> BSD Now has had some coverage of OPNsense recently. I think they >> interviewed one of the project members. Worth checking out if you have >> some time. > > I also should have included this: > > https://wiki.opnsense.org/index.php/OPNsense:So_why_did_we_fork%3F > > Seems like a bunch of valid points. Ethically, I?d say if the company sponsoring this fork did contribute time and money to the pfsense project as they claim, then this is quite fair. > > I do wonder why they would go to the trouble of rewriting the front end to not require php running as root yet continue to use php. :) Well, one of the biggest criticisms is the fact that one is controlling a security device via a web interface, running an application directly as root; basically webmin on the security device. Web accessibility tends to be more important; odd for security device management, but meh, ymmv. Sure, use something other than php; that doesn't address the issue. There's a reason why privilege separation has existed for umpteen years - it's time to starting using such a thing, no?? From bcallah at devio.us Sun Feb 15 14:47:26 2015 From: bcallah at devio.us (Brian Callahan) Date: Sun, 15 Feb 2015 14:47:26 -0500 Subject: [talk] m0n0wall project ending In-Reply-To: References: <54E0C5A7.3070307@ceetonetechnology.com> <54E0F153.6090702@devio.us> <2E1117DC-129D-4BEB-BC30-F019701D922B@bway.net> Message-ID: <54E0F7CE.5050608@devio.us> On 02/15/15 14:44, Okan Demirmen wrote: > On Sun, Feb 15, 2015 at 2:26 PM, Charles Sprickman wrote: >> On Feb 15, 2015, at 2:19 PM, Brian Callahan wrote: >> >>> On 02/15/15 14:16, Charles Sprickman wrote: >>>> On Feb 15, 2015, at 11:13 AM, George Rosamond wrote: >>>> >>>>> Mark S. noted this: >>>>> >>>>> http://m0n0.ch/wall/end_announcement.php >>>>> >>>>> The end of m0n0wall? >>>> The most interesting thing I found there was this: >>>> >>>> https://opnsense.org >>>> >>>> Never heard of it until today. It is a pfsense fork? >>>> >>>> I?ve had good luck with Dutch software so far (hi, PowerDNS, OpenVPN-NL), this should be interesting to watch. >>>> >>> BSD Now has had some coverage of OPNsense recently. I think they >>> interviewed one of the project members. Worth checking out if you have >>> some time. >> I also should have included this: >> >> https://wiki.opnsense.org/index.php/OPNsense:So_why_did_we_fork%3F >> >> Seems like a bunch of valid points. Ethically, I?d say if the company sponsoring this fork did contribute time and money to the pfsense project as they claim, then this is quite fair. >> >> I do wonder why they would go to the trouble of rewriting the front end to not require php running as root yet continue to use php. :) > Well, one of the biggest criticisms is the fact that one is > controlling a security device via a web interface, running an > application directly as root; basically webmin on the security device. > Web accessibility tends to be more important; odd for security device > management, but meh, ymmv. > > Sure, use something other than php; that doesn't address the issue. > There's a reason why privilege separation has existed for umpteen > years - it's time to starting using such a thing, no?? If we really cared about security, we'd join the OpenBSD project. Oh wait... :) (This post meant in jest because it's me and Okan. Don't read into it.) From spork at bway.net Sun Feb 15 14:54:29 2015 From: spork at bway.net (Charles Sprickman) Date: Sun, 15 Feb 2015 14:54:29 -0500 Subject: [talk] m0n0wall project ending In-Reply-To: References: <54E0C5A7.3070307@ceetonetechnology.com> <54E0F153.6090702@devio.us> <2E1117DC-129D-4BEB-BC30-F019701D922B@bway.net> Message-ID: On Feb 15, 2015, at 2:44 PM, Okan Demirmen wrote: > On Sun, Feb 15, 2015 at 2:26 PM, Charles Sprickman wrote: >> On Feb 15, 2015, at 2:19 PM, Brian Callahan wrote: >> >>> >>> On 02/15/15 14:16, Charles Sprickman wrote: >>>> On Feb 15, 2015, at 11:13 AM, George Rosamond wrote: >>>> >>>>> Mark S. noted this: >>>>> >>>>> http://m0n0.ch/wall/end_announcement.php >>>>> >>>>> The end of m0n0wall? >>>> The most interesting thing I found there was this: >>>> >>>> https://opnsense.org >>>> >>>> Never heard of it until today. It is a pfsense fork? >>>> >>>> I?ve had good luck with Dutch software so far (hi, PowerDNS, OpenVPN-NL), this should be interesting to watch. >>>> >>> >>> BSD Now has had some coverage of OPNsense recently. I think they >>> interviewed one of the project members. Worth checking out if you have >>> some time. >> >> I also should have included this: >> >> https://wiki.opnsense.org/index.php/OPNsense:So_why_did_we_fork%3F >> >> Seems like a bunch of valid points. Ethically, I?d say if the company sponsoring this fork did contribute time and money to the pfsense project as they claim, then this is quite fair. >> >> I do wonder why they would go to the trouble of rewriting the front end to not require php running as root yet continue to use php. :) > > Well, one of the biggest criticisms is the fact that one is > controlling a security device via a web interface, running an > application directly as root; basically webmin on the security device. > Web accessibility tends to be more important; odd for security device > management, but meh, ymmv. > > Sure, use something other than php; that doesn't address the issue. > There's a reason why privilege separation has existed for umpteen > years - it's time to starting using such a thing, no?? Well, the scary part is that pretty much every home router that runs Linux is running everything as root. And meaningful security updates for $40 hardware? Yeah, not going too happen too often. And it seems like some of the newer botnets are now leveraging home routers rather than PCs. Such a pool of exploitable hardware thats rarely touched by its owners? As for opnsense, to be clear, they are no longer running the web admin as root. Also I was poking around, and the daemon that waits for commands from the web UI is python and not php. Not sure how much better this is, but it?s likely not worse than pfsense: https://github.com/opnsense/core/blob/master/src/opnsense/service/modules/processhandler.py Charles From mark.saad at ymail.com Sun Feb 15 15:28:34 2015 From: mark.saad at ymail.com (Mark Saad) Date: Sun, 15 Feb 2015 15:28:34 -0500 Subject: [talk] m0n0wall project ending In-Reply-To: References: <54E0C5A7.3070307@ceetonetechnology.com> <54E0F153.6090702@devio.us> <2E1117DC-129D-4BEB-BC30-F019701D922B@bway.net> Message-ID: <8348A834-BFFA-4E92-8A04-B1FEA906E601@ymail.com> > On Feb 15, 2015, at 2:54 PM, Charles Sprickman wrote: > >> On Feb 15, 2015, at 2:44 PM, Okan Demirmen wrote: >> >>> On Sun, Feb 15, 2015 at 2:26 PM, Charles Sprickman wrote: >>>> On Feb 15, 2015, at 2:19 PM, Brian Callahan wrote: >>>> >>>> >>>>> On 02/15/15 14:16, Charles Sprickman wrote: >>>>>> On Feb 15, 2015, at 11:13 AM, George Rosamond wrote: >>>>>> >>>>>> Mark S. noted this: >>>>>> >>>>>> http://m0n0.ch/wall/end_announcement.php >>>>>> Back to m0n0 for a second . For. Home router m0n0 was appealing due to is minimal requirements and small install size . It works on 16m of storage and 16 m of ram . Pfsense added ton of features and requirements; it always seamed so bloated compared To mono but pf and newer FreeBSD as a base won out . I would Iike to preserve the sources for m0n0 on our mirror . I think there is value in revising its tiny install size and minimal requirements. If i had the time would like to explore m0n0 . >>>>>> The end of m0n0wall? >>>>> The most interesting thing I found there was this: >>>>> >>>>> https://opnsense.org >>>>> >>>>> Never heard of it until today. It is a pfsense fork? >>>>> >>>>> I?ve had good luck with Dutch software so far (hi, PowerDNS, OpenVPN-NL), this should be interesting to watch. >>>> >>>> BSD Now has had some coverage of OPNsense recently. I think they >>>> interviewed one of the project members. Worth checking out if you have >>>> some time. >>> >>> I also should have included this: >>> >>> https://wiki.opnsense.org/index.php/OPNsense:So_why_did_we_fork%3F >>> >>> Seems like a bunch of valid points. Ethically, I?d say if the company sponsoring this fork did contribute time and money to the pfsense project as they claim, then this is quite fair. >>> >>> I do wonder why they would go to the trouble of rewriting the front end to not require php running as root yet continue to use php. :) It has to do with the historic m0n0 base . They removed most of the shell scripts in favor of using PHP for cli stuff . >> >> Well, one of the biggest criticisms is the fact that one is >> controlling a security device via a web interface, running an >> application directly as root; basically webmin on the security device. >> Web accessibility tends to be more important; odd for security device >> management, but meh, ymmv. >> >> Sure, use something other than php; that doesn't address the issue. >> There's a reason why privilege separation has existed for umpteen >> years - it's time to starting using such a thing, no?? > > Well, the scary part is that pretty much every home router that runs > Linux is running everything as root. And meaningful security > updates for $40 hardware? Yeah, not going too happen too often. > And it seems like some of the newer botnets are now leveraging home > routers rather than PCs. Such a pool of exploitable hardware thats > rarely touched by its owners? > > As for opnsense, to be clear, they are no longer running the web admin as root. > > Also I was poking around, and the daemon that waits for commands from the web UI is python and not php. Not sure how much better this is, but it?s likely not worse than pfsense: > > https://github.com/opnsense/core/blob/master/src/opnsense/service/modules/processhandler.py > > Charles > > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk Mark saad | mark.saad at ymail.com From ike at blackskyresearch.net Sun Feb 15 17:03:10 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Sun, 15 Feb 2015 17:03:10 -0500 Subject: [talk] m0n0wall project ending In-Reply-To: <54E0C5A7.3070307@ceetonetechnology.com> References: <54E0C5A7.3070307@ceetonetechnology.com> Message-ID: <1424037841-7169858.73981712.ft1FM3gP4020549@rs149.luxsci.com> On 02/15/15 11:13, George Rosamond wrote: > Mark S. noted this: > > http://m0n0.ch/wall/end_announcement.php > > The end of m0n0wall... > > g Wow. I'm sad and excited and blown away by the graceful words in closing the m0n0wall project. Back in 2006, anyone remember the 'm0n0wall and PFSense' NYC*BUG talk back when we were welcome guests at the soho apple store? Wow a lot has changed since then :) (For one thing, nearly every serious piece of commercial network gear has moved to http as the common form of appliance UI.) My hat's off to Manuel Kasper for his work, approach, and broad impact to UNIX-based appliance projects. Regardless of what folks feel about the fundamental tech, it's truly remarkable to see a *BSD project start, live, and end, so clean and honest. A bit of nostalgia, I just powered on a small, forgotten m0n0wall / soekris box on my shelf, still ready to route the same small subnet it used to for me- though I stripped the wireless card from that box years ago... -- Now, I grope to find my words as I grok the news of opnsense.org... Rocket- .ike From ike at blackskyresearch.net Sun Feb 15 19:02:00 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Sun, 15 Feb 2015 19:02:00 -0500 Subject: [talk] apmd issue last night In-Reply-To: <54DD1E13.2060206@ceetonetechnology.com> References: <20150213080747.8da769c2cd90049d831314ff@coiloptic.org> <54DD1E13.2060206@ceetonetechnology.com> Message-ID: <1424044982-6275680.50252286.ft1G02aML021192@rs149.luxsci.com> On 02/12/15 16:41, George Rosamond wrote: > Brett Mahar: >> >> | | If you look at OpenBSD apmd(8), you won't see -C listed. It was >> | deprecated at some point IIRC. The correct flag to have in | >> /etc/rc.conf.local is: | | apmd_flags="-A" | | This will autoadjust >> the sysctl knob hw.setperf depending on how the | laptop is powered. >> | >> >> In current, you can now set hw.setperf (via sysctl or >> /etc/sysctl.conf) to -1. This will run your computer at hw.setperf=0, >> and raise it to 100 when the machine is under load. This is better >> than using apmd in many cases. > > Ok. > > But then you still need apmd running, right? With any flags? > > g So for my use, I'm *pretty* sure I want apmd running, so I can get the screen locking behavior I want. Is there a way I can get xlock (or alternatively xscreensaver) to run on suspend, without apmd (and /etc/apm/suspend)? Preferably, I'd like to do this outside of X too, I was hacking on a way to kill and clear my login tty, if I didn't have x/xlock running as well, (perhaps later to hook tmux to save current session, etc., a million fun ways this can be hooked to make life easy- since it's all just shell). Best, .ike From jkeen at verizon.net Sun Feb 15 20:52:12 2015 From: jkeen at verizon.net (James E Keenan) Date: Sun, 15 Feb 2015 20:52:12 -0500 Subject: [talk] m0n0wall project ending In-Reply-To: <1424037841-7169858.73981712.ft1FM3gP4020549@rs149.luxsci.com> References: <54E0C5A7.3070307@ceetonetechnology.com> <1424037841-7169858.73981712.ft1FM3gP4020549@rs149.luxsci.com> Message-ID: <54E14D4C.5000609@verizon.net> On 02/15/2015 05:03 PM, Isaac (.ike) Levy wrote: > On 02/15/15 11:13, George Rosamond wrote: > > Wow. I'm sad and excited and blown away by the graceful words in > closing the m0n0wall project. > [snip] > > My hat's off to Manuel Kasper for his work, approach, and broad impact > to UNIX-based appliance projects. Regardless of what folks feel about > the fundamental tech, it's truly remarkable to see a *BSD project start, > live, and end, so clean and honest. > I know nothing of this particular project, but I, too, was impressed by the forthright approach he took to closing the book on an OS project that must have been his baby. jimk From ericshane at eradman.com Mon Feb 16 11:00:50 2015 From: ericshane at eradman.com (Eric Radman) Date: Mon, 16 Feb 2015 11:00:50 -0500 Subject: [talk] apmd issue last night In-Reply-To: <1424044982-6275680.50252286.ft1G02aML021192@rs149.luxsci.com> References: <20150213080747.8da769c2cd90049d831314ff@coiloptic.org> <54DD1E13.2060206@ceetonetechnology.com> <1424044982-6275680.50252286.ft1G02aML021192@rs149.luxsci.com> Message-ID: <20150216160050.GA2685@vm.eradman.com> On Sun, Feb 15, 2015 at 07:02:00PM -0500, Isaac (.ike) Levy wrote: > > So for my use, I'm *pretty* sure I want apmd running, so I can get the > screen locking behavior I want. > > Is there a way I can get xlock (or alternatively xscreensaver) to run on > suspend, without apmd (and /etc/apm/suspend)? This is a good question and a surprisingly error-prone task. Mailing list archives sometimes recommend xautolock, but even without suspend/resume it has not worked _reliably_ for me. There is a section in the man page that suggests that it will run the lock program whenever the clock jumps: -detectsleep Instructs xautolock to detect that computer has been put to sleep. This is done by detecting that time has jumped by more than 3 seconds. When this occurs, the lock timer is reset and locker program is not launched even if primary timeout has been reached. This option is typically used to avoid locker program to be launched when awaking a laptop computer. But does xautolock promise to run? - Eric From ike at blackskyresearch.net Mon Feb 16 11:25:21 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Mon, 16 Feb 2015 11:25:21 -0500 Subject: [talk] apmd issue last night In-Reply-To: <20150216160050.GA2685@vm.eradman.com> References: <20150213080747.8da769c2cd90049d831314ff@coiloptic.org> <54DD1E13.2060206@ceetonetechnology.com> <1424044982-6275680.50252286.ft1G02aML021192@rs149.luxsci.com> <20150216160050.GA2685@vm.eradman.com> Message-ID: <1424103962-5680350.85595888.ft1GGPwtI014454@rs149.luxsci.com> On 02/16/15 11:00, Eric Radman wrote: > On Sun, Feb 15, 2015 at 07:02:00PM -0500, Isaac (.ike) Levy wrote: >> >> So for my use, I'm *pretty* sure I want apmd running, so I can get the >> screen locking behavior I want. >> >> Is there a way I can get xlock (or alternatively xscreensaver) to run on >> suspend, without apmd (and /etc/apm/suspend)? > > This is a good question and a surprisingly error-prone task. No kidding :) > Mailing > list archives sometimes recommend xautolock, but even without > suspend/resume it has not worked _reliably_ for me. There is a section > in the man page that suggests that it will run the lock program whenever > the clock jumps: > > -detectsleep Instructs xautolock to detect that computer has been > put to sleep. This is done by detecting that time has > jumped by more than 3 seconds. When this occurs, the > lock timer is reset and locker program is not launched > even if primary timeout has been reached. This option > is typically used to avoid locker program to be > launched when awaking a laptop computer. > > But does xautolock promise to run? > > - Eric Ahh- Ok- I may install and hack around with xautolock... but I'm trying to keep this to tools in the base- so xlock(1) for me for now. There was also some interesting arguements on lists about the subtle security virtues of xscreensaver(1) over xlock(1). For today, here's the setup I arrived at, (a simplification of what I had running during the failed presentation fun): #### Starting xidle(1) in my xinit, I can lock the screen quite easily on timeout, and also gave myself a "hot corner" like I had on my Mac: ~/.xinitrc -- xidle -sw -area 8 -delay 2 -timeout 300 \ -program "/usr/X11R6/bin/xlock -mode blank" & exec ssh-agent startxfce4 -- Next, just make sure apmd is running on boot, -- /etc/rc.conf.local apmd_flags="-A" -- Finally, xidle accepts a USR1 signal to trigger locking, so from /etc/apm/suspend: /etc/apm/suspend -- #!/bin/sh pkill -USR1 xidle -- #### Now, future fun: I prefer to start x from startx, (not the graphical login), so I'd love to build up that suspend script so that if no xlock is running, it kills any interactive tty processes- so a lid close performs the same function weather X is running or not. That'll be a bit more work to get solid... :) Heck, this should work even if there's no grraphical login, via xdm(1) or otherwise. Best, .ike From pete at nomadlogic.org Tue Feb 17 12:28:30 2015 From: pete at nomadlogic.org (Pete Wright) Date: Tue, 17 Feb 2015 09:28:30 -0800 Subject: [talk] m0n0wall project ending In-Reply-To: <1424037841-7169858.73981712.ft1FM3gP4020549@rs149.luxsci.com> References: <54E0C5A7.3070307@ceetonetechnology.com> <1424037841-7169858.73981712.ft1FM3gP4020549@rs149.luxsci.com> Message-ID: <54E37A3E.9030209@nomadlogic.org> On 02/15/15 14:03, Isaac (.ike) Levy wrote: > On 02/15/15 11:13, George Rosamond wrote: >> Mark S. noted this: >> >> http://m0n0.ch/wall/end_announcement.php >> >> The end of m0n0wall... >> >> g > > Wow. I'm sad and excited and blown away by the graceful words in > closing the m0n0wall project. > > Back in 2006, anyone remember the 'm0n0wall and PFSense' NYC*BUG talk > back when we were welcome guests at the soho apple store? Wow a lot has > changed since then :) (For one thing, nearly every serious piece of > commercial network gear has moved to http as the common form of > appliance UI.) wow - taking it back! thanks for the memories .ike! -pete -- Pete Wright pete at nomadlogic.org twitter => @nomadlogicLA From pete at nomadlogic.org Tue Feb 17 12:34:24 2015 From: pete at nomadlogic.org (Pete Wright) Date: Tue, 17 Feb 2015 09:34:24 -0800 Subject: [talk] m0n0wall project ending In-Reply-To: <2E1117DC-129D-4BEB-BC30-F019701D922B@bway.net> References: <54E0C5A7.3070307@ceetonetechnology.com> <54E0F153.6090702@devio.us> <2E1117DC-129D-4BEB-BC30-F019701D922B@bway.net> Message-ID: <54E37BA0.40101@nomadlogic.org> On 02/15/15 11:26, Charles Sprickman wrote: > On Feb 15, 2015, at 2:19 PM, Brian Callahan wrote: > >> >> On 02/15/15 14:16, Charles Sprickman wrote: >>> On Feb 15, 2015, at 11:13 AM, George Rosamond wrote: >>> >>>> Mark S. noted this: >>>> >>>> http://m0n0.ch/wall/end_announcement.php >>>> >>>> The end of m0n0wall? >>> The most interesting thing I found there was this: >>> >>> https://opnsense.org >>> >>> Never heard of it until today. It is a pfsense fork? >>> >>> I?ve had good luck with Dutch software so far (hi, PowerDNS, OpenVPN-NL), this should be interesting to watch. >>> >> >> BSD Now has had some coverage of OPNsense recently. I think they >> interviewed one of the project members. Worth checking out if you have >> some time. > > I also should have included this: > > https://wiki.opnsense.org/index.php/OPNsense:So_why_did_we_fork%3F > > Seems like a bunch of valid points. Ethically, I?d say if the company sponsoring this fork did contribute time and money to the pfsense project as they claim, then this is quite fair. > i can agree with a lot of their points here. we've already touched on the security implications of using php, and running it as root, so i won't go there. one thing that has gotten me concerned lately with pfsense is when the "gold support" menu item was added. that's a super slippery slope i reckon, and considering how poor the docs are for pfsense makes we seriously consider its long term viability. i think we can all agree on the importance of quality, correct, documentation for security. hopefully my assumption that they are going to put that stuff behind a paywall is incorrect, but it did make me *not* use pfsense for several routers i have deployed. -pete -- Pete Wright pete at nomadlogic.org twitter => @nomadlogicLA From george at ceetonetechnology.com Tue Feb 17 12:35:52 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Tue, 17 Feb 2015 12:35:52 -0500 Subject: [talk] m0n0wall project ending In-Reply-To: <54E37A3E.9030209@nomadlogic.org> References: <54E0C5A7.3070307@ceetonetechnology.com> <1424037841-7169858.73981712.ft1FM3gP4020549@rs149.luxsci.com> <54E37A3E.9030209@nomadlogic.org> Message-ID: <54E37BF8.1010606@ceetonetechnology.com> Pete Wright: > > > On 02/15/15 14:03, Isaac (.ike) Levy wrote: >> On 02/15/15 11:13, George Rosamond wrote: >>> Mark S. noted this: >>> >>> http://m0n0.ch/wall/end_announcement.php >>> >>> The end of m0n0wall... >>> >>> g >> >> Wow. I'm sad and excited and blown away by the graceful words in >> closing the m0n0wall project. >> >> Back in 2006, anyone remember the 'm0n0wall and PFSense' NYC*BUG talk >> back when we were welcome guests at the soho apple store? Wow a lot has >> changed since then :) (For one thing, nearly every serious piece of >> commercial network gear has moved to http as the common form of >> appliance UI.) Yes... more admins think ios is an Apple thing, and nothing else. And I don't miss meeting at the Apple store > > wow - taking it back! thanks for the memories .ike! Oh, we also all met Chris B when he launched stuff in 2004 at BSDCan... you both were there for that. g From bcallah at devio.us Tue Feb 17 13:28:57 2015 From: bcallah at devio.us (Brian Callahan) Date: Tue, 17 Feb 2015 13:28:57 -0500 Subject: [talk] FreeBSD RNG issue on -current only Message-ID: <54E38869.8010204@devio.us> Just in case anyone is running a recent FreeBSD -current: https://lists.freebsd.org/pipermail/freebsd-current/2015-February/054581.html From mark.saad at ymail.com Tue Feb 17 14:05:59 2015 From: mark.saad at ymail.com (Mark Saad) Date: Tue, 17 Feb 2015 14:05:59 -0500 Subject: [talk] FreeBSD RNG issue on -current only In-Reply-To: <54E38869.8010204@devio.us> References: <54E38869.8010204@devio.us> Message-ID: <54E39117.7080404@ymail.com> On 02/17/15 13:28, Brian Callahan wrote: > Just in case anyone is running a recent FreeBSD -current: > https://lists.freebsd.org/pipermail/freebsd-current/2015-February/054581.html They also had to create keys in that said version. This also doesn't not effect any release. > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > -- Mark saad | mark.saad at ymail.com From george at ceetonetechnology.com Tue Feb 17 15:02:56 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Tue, 17 Feb 2015 15:02:56 -0500 Subject: [talk] FreeBSD RNG issue on -current only In-Reply-To: <54E39117.7080404@ymail.com> References: <54E38869.8010204@devio.us> <54E39117.7080404@ymail.com> Message-ID: <54E39E70.4090901@ceetonetechnology.com> Mark Saad: > > > On 02/17/15 13:28, Brian Callahan wrote: >> Just in case anyone is running a recent FreeBSD -current: >> https://lists.freebsd.org/pipermail/freebsd-current/2015-February/054581.html > > They also had to create keys in that said version. This also doesn't not > effect any release. Yes, it's current and all, and that should be made clear, but nevertheless it's disturbing. Isn't there some automated way to check and recheck entropy from output, instead of solely relying on the code? Obviously, it couldn't find highly unlikely collisions, etc., but at least discover the most ugly instances? Yes.. probably would require a lot of CPU... g From pete at nomadlogic.org Tue Feb 17 15:46:10 2015 From: pete at nomadlogic.org (Pete Wright) Date: Tue, 17 Feb 2015 12:46:10 -0800 Subject: [talk] New pkgin binaries available Message-ID: <54E3A892.4020908@nomadlogic.org> saw this on twitter yesterday: http://mail-index.netbsd.org/pkgsrc-users/2015/02/11/msg021047.html I've been using pkgin on my OSX systems for quite a while and have zero issues with it. esp. when compared to the alternatives that have gone south on my rather quick (macports, brew etc.). i've actually been impressed enough that i'm seriously considering using pkgin on my linux nodes as it will give us a nice exit strategy from linux once systemd and all those shenanigans take full effect in penguin land. -pete -- Pete Wright pete at nomadlogic.org twitter => @nomadlogicLA From ike at blackskyresearch.net Tue Feb 17 17:55:07 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Tue, 17 Feb 2015 22:55:07 +0000 Subject: [talk] FreeBSD RNG issue on -current only Message-ID: <201502172255.t1HMt7sT016852@rs101.luxsci.com> On February 17, 2015 03:12:24 pm EST, "George Rosamond" wrote: > Mark Saad: >> >> >> On 02/17/15 13:28, Brian Callahan wrote: >>> Just in case anyone is running a recent FreeBSD -current: >>> https://lists.freebsd.org/pipermail/freebsd-current/2015-February/054581.html >> >> They also had to create keys in that said version. This also doesn't not >> effect any release. > > Yes, it's current and all, and that should be made clear, but > nevertheless it's disturbing. > > Isn't there some automated way to check and recheck entropy from output, > instead of solely relying on the code? Obviously, it couldn't find > highly unlikely collisions, etc., but at least discover the most ugly > instances? Yes.. probably would require a lot of CPU... > > g I'm by no means an authority- but wouldn't testing using a tool like ent(8) do the job, crudely even? http://www.fourmilab.ch/random/ Best, .ike From bcallah at devio.us Tue Feb 17 18:21:22 2015 From: bcallah at devio.us (Brian Callahan) Date: Tue, 17 Feb 2015 18:21:22 -0500 Subject: [talk] FreeBSD RNG issue on -current only In-Reply-To: <54E39E70.4090901@ceetonetechnology.com> References: <54E38869.8010204@devio.us> <54E39117.7080404@ymail.com> <54E39E70.4090901@ceetonetechnology.com> Message-ID: <54E3CCF2.104@devio.us> On 02/17/15 15:02, George Rosamond wrote: > Mark Saad: >> >> On 02/17/15 13:28, Brian Callahan wrote: >>> Just in case anyone is running a recent FreeBSD -current: >>> https://lists.freebsd.org/pipermail/freebsd-current/2015-February/054581.html >> They also had to create keys in that said version. This also doesn't not >> effect any release. > Yes, it's current and all, and that should be made clear, but > nevertheless it's disturbing. But it's not theoretical either. The HardenedBSD project had to revoke their SSL and GPG certs because of it: https://twitter.com/HardenedBSD/status/567746189089464320 ~Brian > Isn't there some automated way to check and recheck entropy from output, > instead of solely relying on the code? Obviously, it couldn't find > highly unlikely collisions, etc., but at least discover the most ugly > instances? Yes.. probably would require a lot of CPU... > > From george at ceetonetechnology.com Tue Feb 17 21:00:31 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Tue, 17 Feb 2015 21:00:31 -0500 Subject: [talk] FreeBSD RNG issue on -current only In-Reply-To: <201502172255.t1HMt7sT016852@rs101.luxsci.com> References: <201502172255.t1HMt7sT016852@rs101.luxsci.com> Message-ID: <54E3F23F.1060904@ceetonetechnology.com> Isaac (.ike) Levy: > > On February 17, 2015 03:12:24 pm EST, "George Rosamond" > wrote: > >> Mark Saad: >>> >>> >>> On 02/17/15 13:28, Brian Callahan wrote: >>>> Just in case anyone is running a recent FreeBSD -current: >>>> https://lists.freebsd.org/pipermail/freebsd-current/2015-February/054581.html >>>> >>> >>> They also had to create keys in that said version. This also doesn't not >>> effect any release. >> >> Yes, it's current and all, and that should be made clear, but >> nevertheless it's disturbing. >> >> Isn't there some automated way to check and recheck entropy from output, >> instead of solely relying on the code? Obviously, it couldn't find >> highly unlikely collisions, etc., but at least discover the most ugly >> instances? Yes.. probably would require a lot of CPU... >> >> g > > I'm by no means an authority- but wouldn't testing using a tool like > ent(8) do the job, crudely even? > > http://www.fourmilab.ch/random/ That's a cool tool... don't know why I hadn't seen it before. Anyone use it before? Seems useful for testing password entropy, at least. g From ike at blackskyresearch.net Tue Feb 17 21:42:53 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Tue, 17 Feb 2015 21:42:53 -0500 Subject: [talk] FreeBSD RNG issue on -current only In-Reply-To: <54E3F23F.1060904@ceetonetechnology.com> References: <201502172255.t1HMt7sT016852@rs101.luxsci.com> <54E3F23F.1060904@ceetonetechnology.com> Message-ID: <1424227444-5233352.46513074.ft1I2hU4r027191@rs149.luxsci.com> On 02/17/15 21:00, George Rosamond wrote: > Isaac (.ike) Levy: >> >> On February 17, 2015 03:12:24 pm EST, "George Rosamond" >> wrote: >> >>> Mark Saad: >>>> >>>> >>>> On 02/17/15 13:28, Brian Callahan wrote: >>>>> Just in case anyone is running a recent FreeBSD -current: >>>>> https://lists.freebsd.org/pipermail/freebsd-current/2015-February/054581.html >>>>> >>>> >>>> They also had to create keys in that said version. This also doesn't not >>>> effect any release. >>> >>> Yes, it's current and all, and that should be made clear, but >>> nevertheless it's disturbing. >>> >>> Isn't there some automated way to check and recheck entropy from output, >>> instead of solely relying on the code? Obviously, it couldn't find >>> highly unlikely collisions, etc., but at least discover the most ugly >>> instances? Yes.. probably would require a lot of CPU... >>> >>> g >> >> I'm by no means an authority- but wouldn't testing using a tool like >> ent(8) do the job, crudely even? >> >> http://www.fourmilab.ch/random/ > > That's a cool tool... don't know why I hadn't seen it before. > > Anyone use it before? > > Seems useful for testing password entropy, at least. > > g I first found it in a Calomel article, https://calomel.org/entropy_random_number_generators.html (I hear Bcallah loves these guys? ;) Anyhow, fun article- but I'm no authority, and RNG is obviously a serious topic- so I don't want to pretend to suggest this as though it's an authoritative resource. Best, .ike From ike at blackskyresearch.net Tue Feb 17 22:01:51 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Tue, 17 Feb 2015 22:01:51 -0500 Subject: [talk] m0n0wall project ending In-Reply-To: <54E0F153.6090702@devio.us> References: <54E0C5A7.3070307@ceetonetechnology.com> <54E0F153.6090702@devio.us> Message-ID: <1424228582-7683094.01674695.ft1I32Tdc015020@rs149.luxsci.com> On 02/15/15 14:19, Brian Callahan wrote: > BSD Now has had some coverage of OPNsense recently. I think they > interviewed one of the project members. Worth checking out if you have > some time. Interesting, watched the video with one of the core developers, Ad Schellevis, - Their background is not *BSD, they were building/selling Linux appliances ( http://www.deciso.com/ ) - Their company built various appliances based on FreeNAS et. al. - They want this project to start, and continue, completely Openly. TECH OBJECTIVES: - Plans to leverage pkg installs from FreeBSD pkg(1) - Working hard to decouple- stated aim appears to be tracking FreeBSD closer (10.1 is target, pfSense specific bits prevent this right now) - No opposition to porting the work to OpenBSD, (but they won't probably be doing that themselves) - Re-factoring the code completely, feature by feature - built new framework under the front end to manage actual bits PROJECT FLAVOR: - Looking for involvement- documentation, testing, etc... - Forum, email lists, github - Doing Ubuntu "funny naming" for releases - "Version numbers say nothing to clients" When asked "What's the future of the project?" "Lets see what happens in 6 months, to see if we're still here with a functioning project :)" At the least, a very interesting start. Best, .ike From ike at blackskyresearch.net Tue Feb 17 22:03:53 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Tue, 17 Feb 2015 22:03:53 -0500 Subject: [talk] m0n0wall project ending In-Reply-To: <54E37BF8.1010606@ceetonetechnology.com> References: <54E0C5A7.3070307@ceetonetechnology.com> <1424037841-7169858.73981712.ft1FM3gP4020549@rs149.luxsci.com> <54E37A3E.9030209@nomadlogic.org> <54E37BF8.1010606@ceetonetechnology.com> Message-ID: <1424228702-8356910.96834354.ft1I34VvE016843@rs149.luxsci.com> On 02/17/15 12:35, George Rosamond wrote: >> wow - taking it back! thanks for the memories .ike! > Oh, we also all met Chris B when he launched stuff in 2004 at BSDCan... > you both were there for that. Wow- memory lane. Pizza in Ottawa. Best, .ike From ike at blackskyresearch.net Tue Feb 17 22:06:58 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Tue, 17 Feb 2015 22:06:58 -0500 Subject: [talk] m0n0wall project ending In-Reply-To: <1424228582-7683094.01674695.ft1I32Tdc015020@rs149.luxsci.com> References: <54E0C5A7.3070307@ceetonetechnology.com> <54E0F153.6090702@devio.us> <1424228582-7683094.01674695.ft1I32Tdc015020@rs149.luxsci.com> Message-ID: <1424228882-4103987.92969899.ft1I37ZNU019320@rs149.luxsci.com> On 02/17/15 22:01, Isaac (.ike) Levy wrote: > Interesting, watched the video with one of the core developers, Ad > Schellevis, Got it wrong- I meant Jos Schellevis, (brothers?) Best, .ike From bcallah at devio.us Tue Feb 17 22:08:24 2015 From: bcallah at devio.us (Brian Callahan) Date: Tue, 17 Feb 2015 22:08:24 -0500 Subject: [talk] m0n0wall project ending In-Reply-To: <1424228582-7683094.01674695.ft1I32Tdc015020@rs149.luxsci.com> References: <54E0C5A7.3070307@ceetonetechnology.com> <54E0F153.6090702@devio.us> <1424228582-7683094.01674695.ft1I32Tdc015020@rs149.luxsci.com> Message-ID: <54E40228.7010605@devio.us> On 02/17/15 22:01, Isaac (.ike) Levy wrote: > On 02/15/15 14:19, Brian Callahan wrote: >> BSD Now has had some coverage of OPNsense recently. I think they >> interviewed one of the project members. Worth checking out if you have >> some time. > > Interesting, watched the video with one of the core developers, Ad > Schellevis, > > - Their background is not *BSD, they were building/selling Linux > appliances ( http://www.deciso.com/ ) Franco Fichtner, a DFly dev, is on the OPNsense team. > - Their company built various appliances based on FreeNAS et. al. > > - They want this project to start, and continue, completely Openly. > > TECH OBJECTIVES: > - Plans to leverage pkg installs from FreeBSD pkg(1) > - Working hard to decouple- stated aim appears to be tracking FreeBSD > closer (10.1 is target, pfSense specific bits prevent this right now) > - No opposition to porting the work to OpenBSD, (but they won't > probably be doing that themselves) > - Re-factoring the code completely, feature by feature > - built new framework under the front end to manage actual bits > > PROJECT FLAVOR: > - Looking for involvement- documentation, testing, etc... > - Forum, email lists, github > > - Doing Ubuntu "funny naming" for releases > - "Version numbers say nothing to clients" > > When asked "What's the future of the project?" > "Lets see what happens in 6 months, to see if we're still here with a > functioning project :)" > > At the least, a very interesting start. From george at ceetonetechnology.com Tue Feb 17 22:26:19 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Tue, 17 Feb 2015 22:26:19 -0500 Subject: [talk] FreeBSD RNG issue on -current only In-Reply-To: <1424227444-5233352.46513074.ft1I2hU4r027191@rs149.luxsci.com> References: <201502172255.t1HMt7sT016852@rs101.luxsci.com> <54E3F23F.1060904@ceetonetechnology.com> <1424227444-5233352.46513074.ft1I2hU4r027191@rs149.luxsci.com> Message-ID: <54E4065B.2070906@ceetonetechnology.com> Isaac (.ike) Levy: > On 02/17/15 21:00, George Rosamond wrote: >> Isaac (.ike) Levy: >>> >>> On February 17, 2015 03:12:24 pm EST, "George Rosamond" >>> wrote: >>> >>>> Mark Saad: >>>>> >>>>> >>>>> On 02/17/15 13:28, Brian Callahan wrote: >>>>>> Just in case anyone is running a recent FreeBSD -current: >>>>>> https://lists.freebsd.org/pipermail/freebsd-current/2015-February/054581.html >>>>>> >>>>>> >>>>> >>>>> They also had to create keys in that said version. This also >>>>> doesn't not >>>>> effect any release. >>>> >>>> Yes, it's current and all, and that should be made clear, but >>>> nevertheless it's disturbing. >>>> >>>> Isn't there some automated way to check and recheck entropy from >>>> output, >>>> instead of solely relying on the code? Obviously, it couldn't find >>>> highly unlikely collisions, etc., but at least discover the most ugly >>>> instances? Yes.. probably would require a lot of CPU... >>>> >>>> g >>> >>> I'm by no means an authority- but wouldn't testing using a tool like >>> ent(8) do the job, crudely even? >>> >>> http://www.fourmilab.ch/random/ >> >> That's a cool tool... don't know why I hadn't seen it before. >> >> Anyone use it before? >> >> Seems useful for testing password entropy, at least. >> >> g > > I first found it in a Calomel article, > > https://calomel.org/entropy_random_number_generators.html > > (I hear Bcallah loves these guys? ;) > > Anyhow, fun article- but I'm no authority, and RNG is obviously a > serious topic- so I don't want to pretend to suggest this as though it's > an authoritative resource. diehard and dieharder are both in FreeBSD ports. OpenBSD has the ent package. I'm playing with them now... anyone have previous experience with them? Outside of testing RNG output, I can see using these to really test the entropy of passwds, as opposed to relying on those wonderfully useless online passwd tests. g From ike at blackskyresearch.net Sat Feb 21 19:47:23 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Sat, 21 Feb 2015 19:47:23 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG Message-ID: <1424566141-3481460.96770867.ft1M0m4Nf006858@rs149.luxsci.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi All, So I'm sure many of us have seen bits and pieces of the recent monitary shot in the arm the GPG project has received, http://www.propublica.org/article/the-worlds-email-encryption-software-relies-on-one-guy-who-is-going-broke > Update, Feb. 5, 2015, 8:10 p.m.: After this article appeared, > Werner Koch informed us that last week he was awarded a one-time > grant of $60,000 from Linux Foundation's Core Infrastructure > Initiative. Werner told us he only received permission to disclose > it after our article published. Meanwhile, since our story was > posted, donations flooded Werner's website donation page and he > reached his funding goal of $137,000. In addition, Facebook and the > online payment processor Stripe each pledged to donate $50,000 a > year to Koch?s project. http://arstechnica.com/security/2015/02/once-starving-gnupg-crypto-project-gets-a-windfall-but-can-it-be-saved/ https://www.schneier.com/blog/archives/2015/02/gpg_financial_d.html - -- To me, this whole thing begs some very serious and important questions: - - Who really trusts GPG these days? As the article states, it's written by one guy. Werner's work is obviously a classic- I don't want to rip on his implementation, nor do I want to dive into tinfoil hat bits- but it's really serious when one human being is the sole contributor to a tool with such relative security/crypto importance. - - Are there any viable PGP spec implementations in the world that are under more active development? (There are literally dozens of really great starts- and half-implementations, I'm looking for something that is outright on-par with gpg, but with more active development and review of the codebase.) - -- And, my last question- the *BSD world is filled with so many impacting cryptographers, and some of the most prolific security-minded programmers in the world. Why are we all still OK with this gnu-pg stuff, and all this RMS-ware? Best, .ike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJU6ScbAAoJEF3x9fylaZ851lQP/0gMJFeOBN9LByHUHsdt6ZY4 JuDYZTWf6XQWYNowT06DmkWx6eY+VUPHmIg/RjiK1fvLYerW2WM4i+quAAW+dP0s ntCxGG1WWhqGy86winttNGa4MA8yaQh4IIEc52oRbO3dOd7UFc/kQUwME5ksDJ1U Z6W4ff5VMRwzBVGMIQS22hbsq6inky0RazeR4kjDbj+IwcWt74G2OG2w94g4Q9q5 WCChUEpkEOY91sgG7b3y7I5a6y2NjyCmk/1typeC2a6z6Jaqc+iblyMz+PZYOqem Piv1QhGXBP2llXMU/MbcW0omj1gQICZR2r8ytACVge1mYVBZ/LT7aYrwYi92pAS/ Gwm1klf09uJtLqVKF1HwZJVCaM10+HjSqS+AJBxM22AQSCPo5rS9xkHTTysVl2Go 9AvwlXO3su0RwvgrhQvbf1XFoU/KqO1hwFguc1gajDFmX5O5ONQe853UfMPbe5wx m7Q1bM8lISWfzIvTOvPnkFInZ6vbCAYQvzA+LBQYt9dHu9JGTczrenxBhf3seKrZ 8pV2Do8nklY0+fZh9tiRbGb9SiAtk4WeQYXF6nBC7qGvWeo9umaqyDuLv11490Os XeuA7+azSwLKiWsRXBHRwGE294FW5PxhZ3XnYFNDzVYbJOiyLPbuxC6UgUK8LRiz WtSLJ9J6eE2ZO45+rTIK =gthD -----END PGP SIGNATURE----- From christos at zoulas.com Sat Feb 21 19:56:05 2015 From: christos at zoulas.com (Christos Zoulas) Date: Sat, 21 Feb 2015 19:56:05 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <1424566141-3481460.96770867.ft1M0m4Nf006858@rs149.luxsci.com> from "Isaac (.ike) Levy" (Feb 21, 7:47pm) Message-ID: <20150222005605.DB21117FDAA@rebar.astron.com> On Feb 21, 7:47pm, ike at blackskyresearch.net ("Isaac (.ike) Levy") wrote: -- Subject: [talk] How I stopped worrying, and learned to love GPG NetBSD has netgpg... christos From bcallah at devio.us Sat Feb 21 20:02:33 2015 From: bcallah at devio.us (Brian Callahan) Date: Sat, 21 Feb 2015 20:02:33 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <1424566141-3481460.96770867.ft1M0m4Nf006858@rs149.luxsci.com> References: <1424566141-3481460.96770867.ft1M0m4Nf006858@rs149.luxsci.com> Message-ID: <54E92AA9.6070800@devio.us> Hi Ike -- For reasons I can't figure out, Thunderbird has totally mangled your email so I'll reproduce the relevant parts here and reply. > Who really trusts GPG these days? I guess I do, by way of the fact that I keep myself running the latest GPG-modern (2.1.2 as of now). I'll be excited when more make it over to this side of the fence and I can start using my EC keys for real. > And, my last question- the *BSD world is filled with so many impacting > cryptographers, and some of the most prolific security-minded > programmers in the world. Why are we all still OK with this gnu-pg > stuff, and all this RMS-ware? tedu@ has a "simple, semi-modern wannabe PGP clone" called reop. I think it's in FreeBSD's ports tree. Code is here: https://github.com/tedu/reop Post about it: http://www.tedunangst.com/flak/post/reop With that said, I only know about it. Not used it. Would be interested in hearing Ted's thoughts on the current version of the code and future directions (but no idea if he's on this list or reads it). ~Brian -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From ike at blackskyresearch.net Sat Feb 21 20:06:04 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Sat, 21 Feb 2015 20:06:04 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <20150222005605.DB21117FDAA@rebar.astron.com> References: <20150222005605.DB21117FDAA@rebar.astron.com> Message-ID: <1424567222-6729493.7427084.ft1M16jRh019904@rs149.luxsci.com> On 02/21/15 19:56, Christos Zoulas wrote: > On Feb 21, 7:47pm, ike at blackskyresearch.net ("Isaac (.ike) Levy") wrote: > -- Subject: [talk] How I stopped worrying, and learned to love GPG > > NetBSD has netgpg... > > christos > Thanks Christos, that's the awesomeness I wanted to hear about :) How viable is it as a functional gpg replacement? The current NetBSD developers pgp page encourages and explains gnu-pg use, http://www.netbsd.org/developers/pgp.html Best, .ike From george at ceetonetechnology.com Sat Feb 21 20:08:24 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Sat, 21 Feb 2015 20:08:24 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <20150222005605.DB21117FDAA@rebar.astron.com> References: <20150222005605.DB21117FDAA@rebar.astron.com> Message-ID: <54E92C08.3040801@ceetonetechnology.com> Christos Zoulas: > On Feb 21, 7:47pm, ike at blackskyresearch.net ("Isaac (.ike) Levy") wrote: > -- Subject: [talk] How I stopped worrying, and learned to love GPG > > NetBSD has netgpg... Yes, they do. And we'd love a meeting on that too! The main buzz around PGP before that plea that was rectified, has always been about usage and UX. Usage is restricted by an inability to work with (most) mailing lists, sending emails to multiple people in which one not having valid public keys undermines for everyone, and then of course, client security. A compromised desktop makes encrypted email useless. The UX issue is odd in some ways, since PGP has been around in something of the same form for 20-something years. That should allow sufficient time for some decent UX work, I would imagine. But then so much of it revolves around the users' MUAs. Integrate GPG/PGP for Pine for students at some university and Eudora in 1995 and Gmail... it's a harder question than one imagines, but UX is also a significant obstacle to larger adoption. There is an author on this list who gave a great try in popularizing PGP for a more general audience, and maybe due to the books title, maybe due to it being in the pre-Snowden era, it didn't sell in any significant quantities. He started from the reality that a few people encrypting email contradicts its function, as if only few emails on the internet is encrypted, it's by default suspicious, unlike, say, SSL/TLS web traffic. There is that (forgot the name) tool for Google that makes GPG easy, which is a good thing in some ways. But I think a few ounces of UX work would go a long way, but the Snowden effect probably has increased the usage of GPG/PGP beyond what any UX work could do in such a short period of time. My $0.02. g From christos at zoulas.com Sat Feb 21 20:12:54 2015 From: christos at zoulas.com (Christos Zoulas) Date: Sat, 21 Feb 2015 20:12:54 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <1424567222-6729493.7427084.ft1M16jRh019904@rs149.luxsci.com> from "Isaac (.ike) Levy" (Feb 21, 8:06pm) Message-ID: <20150222011254.8B3C417FDAA@rebar.astron.com> On Feb 21, 8:06pm, ike at blackskyresearch.net ("Isaac (.ike) Levy") wrote: -- Subject: Re: [talk] How I stopped worrying, and learned to love GPG | On 02/21/15 19:56, Christos Zoulas wrote: | > On Feb 21, 7:47pm, ike at blackskyresearch.net ("Isaac (.ike) Levy") wrote: | > -- Subject: [talk] How I stopped worrying, and learned to love GPG | > | > NetBSD has netgpg... | > | > christos | > | | Thanks Christos, that's the awesomeness I wanted to hear about :) | | How viable is it as a functional gpg replacement? The current NetBSD | developers pgp page encourages and explains gnu-pg use, | | http://www.netbsd.org/developers/pgp.html That's probably old. netpgp and netpgpkeys (there are two separate binaries; the second one does the key management part) is a full gpg replacement suite... agc at netbsd.org maintains it and he can answer more questions in detail, or https://en.wikipedia.org/wiki/Netpgp christos From ike at blackskyresearch.net Sat Feb 21 20:23:13 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Sat, 21 Feb 2015 20:23:13 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <54E92AA9.6070800@devio.us> References: <1424566141-3481460.96770867.ft1M0m4Nf006858@rs149.luxsci.com> <54E92AA9.6070800@devio.us> Message-ID: <1424568241-6432949.33222118.ft1M1NsEY032751@rs149.luxsci.com> On 02/21/15 20:02, Brian Callahan wrote: > Hi Ike -- > > For reasons I can't figure out, Thunderbird has totally mangled > your email so I'll reproduce the relevant parts here and reply. I couldn't post about GPG without signing it, and enigmal/thunderbird mangling it for you :) > >> Who really trusts GPG these days? > > I guess I do, by way of the fact that I keep myself running the > latest GPG-modern (2.1.2 as of now). I'll be excited when more make > it over to this side of the fence and I can start using my EC keys > for real. EC. Rad. The future. > >> And, my last question- the *BSD world is filled with so many >> impacting cryptographers, and some of the most prolific >> security-minded programmers in the world. Why are we all still >> OK with this gnu-pg stuff, and all this RMS-ware? > > tedu@ has a "simple, semi-modern wannabe PGP clone" called reop. I > think it's in FreeBSD's ports tree. Code is here: > https://github.com/tedu/reop Post about it: > http://www.tedunangst.com/flak/post/reop With that said, I only > know about it. Not used it. Would be interested in hearing Ted's > thoughts on the current version of the code and future directions > (but no idea if he's on this list or reads it). > > ~Brian I'd be very interested in hearing about users practical experiences with 'reop'! Yet, this OpenBSD key, http://www.openbsd.org/advisories/pgpkey.txt Appears to be created using, http://www.pa.msu.edu/reference/pgp-readme-1st.html "PGP 2.6.3i is not an official PGP version. It is based on the source code for MIT PGP 2.6.2 (the latest official version of PGP) and has been modified for international use." Finding MIT PGP, appears to be a dead end, http://web.mit.edu/network/pgp.html Hrmph. Best, .ike From mwlucas at blackhelicopters.org Sat Feb 21 20:28:03 2015 From: mwlucas at blackhelicopters.org (Michael W. Lucas) Date: Sat, 21 Feb 2015 20:28:03 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <54E92C08.3040801@ceetonetechnology.com> References: <20150222005605.DB21117FDAA@rebar.astron.com> <54E92C08.3040801@ceetonetechnology.com> Message-ID: <20150222012803.GB43868@mail.michaelwlucas.com> On Sat, Feb 21, 2015 at 08:08:24PM -0500, George Rosamond wrote: > There is an author on this list who gave a great try in popularizing PGP > for a more general audience, and maybe due to the books title, maybe due > to it being in the pre-Snowden era, it didn't sell in any significant > quantities. He started from the reality that a few people encrypting > email contradicts its function, as if only few emails on the internet is > encrypted, it's by default suspicious, unlike, say, SSL/TLS web traffic. Even Snowden didn't resuscitate sales of that book. Those people who care, care deeply. Snowden made them care even more deeply. But the pool of people who care is tiny. Snowden did not expand the pool of people willing to use PGP. ==ml -- Michael W. Lucas - mwlucas at michaelwlucas.com, Twitter @mwlauthor http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/ From bcallah at devio.us Sat Feb 21 20:33:21 2015 From: bcallah at devio.us (Brian Callahan) Date: Sat, 21 Feb 2015 20:33:21 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <1424568241-6432949.33222118.ft1M1NsEY032751@rs149.luxsci.com> References: <1424566141-3481460.96770867.ft1M0m4Nf006858@rs149.luxsci.com> <54E92AA9.6070800@devio.us> <1424568241-6432949.33222118.ft1M1NsEY032751@rs149.luxsci.com> Message-ID: <54E931E1.4000802@devio.us> On 02/21/15 20:23, Isaac (.ike) Levy wrote: > On 02/21/15 20:02, Brian Callahan wrote: >> Hi Ike -- >> >> For reasons I can't figure out, Thunderbird has totally mangled >> your email so I'll reproduce the relevant parts here and reply. > I couldn't post about GPG without signing it, and enigmal/thunderbird > mangling it for you :) > >>> Who really trusts GPG these days? >> I guess I do, by way of the fact that I keep myself running the >> latest GPG-modern (2.1.2 as of now). I'll be excited when more make >> it over to this side of the fence and I can start using my EC keys >> for real. > EC. Rad. The future. > >>> And, my last question- the *BSD world is filled with so many >>> impacting cryptographers, and some of the most prolific >>> security-minded programmers in the world. Why are we all still >>> OK with this gnu-pg stuff, and all this RMS-ware? >> tedu@ has a "simple, semi-modern wannabe PGP clone" called reop. I >> think it's in FreeBSD's ports tree. Code is here: >> https://github.com/tedu/reop Post about it: >> http://www.tedunangst.com/flak/post/reop With that said, I only >> know about it. Not used it. Would be interested in hearing Ted's >> thoughts on the current version of the code and future directions >> (but no idea if he's on this list or reads it). >> >> ~Brian > I'd be very interested in hearing about users practical experiences > with 'reop'! > > Yet, this OpenBSD key, > http://www.openbsd.org/advisories/pgpkey.txt > > Appears to be created using, > http://www.pa.msu.edu/reference/pgp-readme-1st.html > "PGP 2.6.3i is not an official PGP version. It is based on the source > code for MIT PGP 2.6.2 (the latest official version of PGP) and has > been modified for international use." That key was generated in 1997 :-) The newest item in that directory dates from mid-2002. I don't think that key is still in use. These days, we sign everything with our signify tool (also written by tedu@) http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/signify.1 ~Brian From george at ceetonetechnology.com Sat Feb 21 20:33:26 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Sat, 21 Feb 2015 20:33:26 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <20150222012803.GB43868@mail.michaelwlucas.com> References: <20150222005605.DB21117FDAA@rebar.astron.com> <54E92C08.3040801@ceetonetechnology.com> <20150222012803.GB43868@mail.michaelwlucas.com> Message-ID: <54E931E6.2000702@ceetonetechnology.com> Michael W. Lucas: > On Sat, Feb 21, 2015 at 08:08:24PM -0500, George Rosamond wrote: >> There is an author on this list who gave a great try in popularizing PGP >> for a more general audience, and maybe due to the books title, maybe due >> to it being in the pre-Snowden era, it didn't sell in any significant >> quantities. He started from the reality that a few people encrypting >> email contradicts its function, as if only few emails on the internet is >> encrypted, it's by default suspicious, unlike, say, SSL/TLS web traffic. > > Even Snowden didn't resuscitate sales of that book. > Maybe not, but when the 'effect' hit journalists in particular, the book was pretty dated. > Those people who care, care deeply. Snowden made them care even more > deeply. But the pool of people who care is tiny. > > Snowden did not expand the pool of people willing to use PGP. I disagree strongly, at least to the significant anecdotal stuff I know directly and indirectly. Greenwald, in particular, has made a strong case. He started working with Snowden a month later than he should have since he didn't have his keys setup, nor OTR, Tor, etc. I don't just want to dwell on journalists, but that's where I've witnessed it closely. There are now regular conferences and events, not to mention online how-tos, focused on PGP use. For a significant layer of journalists today, there is a recognition that not having keys publicly available may mean you could lose the next significant whistleblower knocking at your door. Look at the usage of Secure Drop for a bunch of periodicals. Wikipedia it if you don't know it. There is a shift, and unfortunately, it's *our* scene that is last to recognize it. g From ike at blackskyresearch.net Sat Feb 21 20:40:28 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Sat, 21 Feb 2015 20:40:28 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <20150222012803.GB43868@mail.michaelwlucas.com> References: <20150222005605.DB21117FDAA@rebar.astron.com> <54E92C08.3040801@ceetonetechnology.com> <20150222012803.GB43868@mail.michaelwlucas.com> Message-ID: <1424569324-5533600.88896513.ft1M1f9cT012081@rs149.luxsci.com> On 02/21/15 20:28, Michael W. Lucas wrote: > On Sat, Feb 21, 2015 at 08:08:24PM -0500, George Rosamond wrote: >> There is an author on this list who gave a great try in popularizing PGP >> for a more general audience, and maybe due to the books title, maybe due >> to it being in the pre-Snowden era, it didn't sell in any significant >> quantities. He started from the reality that a few people encrypting >> email contradicts its function, as if only few emails on the internet is >> encrypted, it's by default suspicious, unlike, say, SSL/TLS web traffic. > > Even Snowden didn't resuscitate sales of that book. > > Those people who care, care deeply. Snowden made them care even more > deeply. But the pool of people who care is tiny. > > Snowden did not expand the pool of people willing to use PGP. > > ==ml I dunno ML, I'm using it again after many years of abandonment. (Perhaps that proves your point, perhaps disproves it :) Best, .ike From ike at blackskyresearch.net Sat Feb 21 20:45:27 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Sat, 21 Feb 2015 20:45:27 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <54E931E1.4000802@devio.us> References: <1424566141-3481460.96770867.ft1M0m4Nf006858@rs149.luxsci.com> <54E92AA9.6070800@devio.us> <1424568241-6432949.33222118.ft1M1NsEY032751@rs149.luxsci.com> <54E931E1.4000802@devio.us> Message-ID: <1424569622-1875547.15395534.ft1M1k8UC019949@rs149.luxsci.com> On 02/21/15 20:33, Brian Callahan wrote: > > On 02/21/15 20:23, Isaac (.ike) Levy wrote: >> On 02/21/15 20:02, Brian Callahan wrote: >>> Hi Ike -- >>> >>> For reasons I can't figure out, Thunderbird has totally mangled >>> your email so I'll reproduce the relevant parts here and reply. >> I couldn't post about GPG without signing it, and enigmal/thunderbird >> mangling it for you :) >> >>>> Who really trusts GPG these days? >>> I guess I do, by way of the fact that I keep myself running the >>> latest GPG-modern (2.1.2 as of now). I'll be excited when more make >>> it over to this side of the fence and I can start using my EC keys >>> for real. >> EC. Rad. The future. >> >>>> And, my last question- the *BSD world is filled with so many >>>> impacting cryptographers, and some of the most prolific >>>> security-minded programmers in the world. Why are we all still >>>> OK with this gnu-pg stuff, and all this RMS-ware? >>> tedu@ has a "simple, semi-modern wannabe PGP clone" called reop. I >>> think it's in FreeBSD's ports tree. Code is here: >>> https://github.com/tedu/reop Post about it: >>> http://www.tedunangst.com/flak/post/reop With that said, I only >>> know about it. Not used it. Would be interested in hearing Ted's >>> thoughts on the current version of the code and future directions >>> (but no idea if he's on this list or reads it). >>> >>> ~Brian >> I'd be very interested in hearing about users practical experiences >> with 'reop'! >> >> Yet, this OpenBSD key, >> http://www.openbsd.org/advisories/pgpkey.txt >> >> Appears to be created using, >> http://www.pa.msu.edu/reference/pgp-readme-1st.html >> "PGP 2.6.3i is not an official PGP version. It is based on the source >> code for MIT PGP 2.6.2 (the latest official version of PGP) and has >> been modified for international use." > > That key was generated in 1997 :-) > The newest item in that directory dates from mid-2002. I don't think > that key is still in use. Shall I use it to send a bug report and ask for it to be removed? I'm not kidding :) > > These days, we sign everything with our signify tool (also written by tedu@) > http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/signify.1 Pretty darned nifty, for what it's designed to do, I must say. Best, .ike > > ~Brian From george at ceetonetechnology.com Sat Feb 21 20:53:15 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Sat, 21 Feb 2015 20:53:15 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <1424569622-1875547.15395534.ft1M1k8UC019949@rs149.luxsci.com> References: <1424566141-3481460.96770867.ft1M0m4Nf006858@rs149.luxsci.com> <54E92AA9.6070800@devio.us> <1424568241-6432949.33222118.ft1M1NsEY032751@rs149.luxsci.com> <54E931E1.4000802@devio.us> <1424569622-1875547.15395534.ft1M1k8UC019949@rs149.luxsci.com> Message-ID: <54E9368B.1000508@ceetonetechnology.com> Isaac (.ike) Levy: > On 02/21/15 20:33, Brian Callahan wrote: >> >> On 02/21/15 20:23, Isaac (.ike) Levy wrote: >>> On 02/21/15 20:02, Brian Callahan wrote: >>>> Hi Ike -- >>>> >>>> For reasons I can't figure out, Thunderbird has totally mangled >>>> your email so I'll reproduce the relevant parts here and reply. >>> I couldn't post about GPG without signing it, and enigmal/thunderbird >>> mangling it for you :) >>> >>>>> Who really trusts GPG these days? >>>> I guess I do, by way of the fact that I keep myself running the >>>> latest GPG-modern (2.1.2 as of now). I'll be excited when more make >>>> it over to this side of the fence and I can start using my EC keys >>>> for real. >>> EC. Rad. The future. >>> >>>>> And, my last question- the *BSD world is filled with so many >>>>> impacting cryptographers, and some of the most prolific >>>>> security-minded programmers in the world. Why are we all still >>>>> OK with this gnu-pg stuff, and all this RMS-ware? >>>> tedu@ has a "simple, semi-modern wannabe PGP clone" called reop. I >>>> think it's in FreeBSD's ports tree. Code is here: >>>> https://github.com/tedu/reop Post about it: >>>> http://www.tedunangst.com/flak/post/reop With that said, I only >>>> know about it. Not used it. Would be interested in hearing Ted's >>>> thoughts on the current version of the code and future directions >>>> (but no idea if he's on this list or reads it). >>>> >>>> ~Brian >>> I'd be very interested in hearing about users practical experiences >>> with 'reop'! >>> >>> Yet, this OpenBSD key, >>> http://www.openbsd.org/advisories/pgpkey.txt >>> >>> Appears to be created using, >>> http://www.pa.msu.edu/reference/pgp-readme-1st.html >>> "PGP 2.6.3i is not an official PGP version. It is based on the source >>> code for MIT PGP 2.6.2 (the latest official version of PGP) and has >>> been modified for international use." >> >> That key was generated in 1997 :-) >> The newest item in that directory dates from mid-2002. I don't think >> that key is still in use. > > Shall I use it to send a bug report and ask for it to be removed? > > I'm not kidding :) +1 Ike. But revoking keys is one of those design issues never addressed in the pgp ecosystem AFAIK > >> >> These days, we sign everything with our signify tool (also written by tedu@) >> http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/signify.1 > > Pretty darned nifty, for what it's designed to do, I must say. The one thing well principle lives. And it will get mass adoption in the Linux systems once it incorporates an ability to mount msdos slices and conduct its own random number generation. g From ike at blackskyresearch.net Sat Feb 21 20:57:08 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Sat, 21 Feb 2015 20:57:08 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <54E931E6.2000702@ceetonetechnology.com> References: <20150222005605.DB21117FDAA@rebar.astron.com> <54E92C08.3040801@ceetonetechnology.com> <20150222012803.GB43868@mail.michaelwlucas.com> <54E931E6.2000702@ceetonetechnology.com> Message-ID: <1424570282-6240970.17650701.ft1M1vnfT029242@rs149.luxsci.com> On 02/21/15 20:33, George Rosamond wrote: > > > Michael W. Lucas: >> On Sat, Feb 21, 2015 at 08:08:24PM -0500, George Rosamond wrote: >>> There is an author on this list who gave a great try in popularizing PGP >>> for a more general audience, and maybe due to the books title, maybe due >>> to it being in the pre-Snowden era, it didn't sell in any significant >>> quantities. He started from the reality that a few people encrypting >>> email contradicts its function, as if only few emails on the internet is >>> encrypted, it's by default suspicious, unlike, say, SSL/TLS web traffic. >> >> Even Snowden didn't resuscitate sales of that book. >> > > Maybe not, but when the 'effect' hit journalists in particular, the book > was pretty dated. > >> Those people who care, care deeply. Snowden made them care even more >> deeply. But the pool of people who care is tiny. >> >> Snowden did not expand the pool of people willing to use PGP. > > I disagree strongly, at least to the significant anecdotal stuff I know > directly and indirectly. > > Greenwald, in particular, has made a strong case. He started working > with Snowden a month later than he should have since he didn't have his > keys setup, nor OTR, Tor, etc. I don't just want to dwell on > journalists, but that's where I've witnessed it closely. There are now > regular conferences and events, not to mention online how-tos, focused > on PGP use. For a significant layer of journalists today, there is a > recognition that not having keys publicly available may mean you could > lose the next significant whistleblower knocking at your door. > > Look at the usage of Secure Drop for a bunch of periodicals. Wikipedia > it if you don't know it. There is a shift, and unfortunately, it's > *our* scene that is last to recognize it. I agree with a number of George's points here, and would add, I think it's delightful that this entire discourse has moved swiftly into broader places- even if the popularization has led to a bastardization of important bits. I don *not* think "our scene" really needs to fixate on expanding the pool of users, in the world at large, as an end goal. I believe "our scene" needs to continue doing what it does well- keep focused on writing, improving, and above all- enjoying using the software! Best, .ike > > g > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > From ike at blackskyresearch.net Sat Feb 21 20:59:11 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Sat, 21 Feb 2015 20:59:11 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <54E9368B.1000508@ceetonetechnology.com> References: <1424566141-3481460.96770867.ft1M0m4Nf006858@rs149.luxsci.com> <54E92AA9.6070800@devio.us> <1424568241-6432949.33222118.ft1M1NsEY032751@rs149.luxsci.com> <54E931E1.4000802@devio.us> <1424569622-1875547.15395534.ft1M1k8UC019949@rs149.luxsci.com> <54E9368B.1000508@ceetonetechnology.com> Message-ID: <1424570402-5528649.39890532.ft1M1xqEn030085@rs149.luxsci.com> On 02/21/15 20:53, George Rosamond wrote: > > > Isaac (.ike) Levy: >> On 02/21/15 20:33, Brian Callahan wrote: >>> >>> On 02/21/15 20:23, Isaac (.ike) Levy wrote: >>>> On 02/21/15 20:02, Brian Callahan wrote: >>>>> Hi Ike -- >>>>> >>>>> For reasons I can't figure out, Thunderbird has totally mangled >>>>> your email so I'll reproduce the relevant parts here and reply. >>>> I couldn't post about GPG without signing it, and enigmal/thunderbird >>>> mangling it for you :) >>>> >>>>>> Who really trusts GPG these days? >>>>> I guess I do, by way of the fact that I keep myself running the >>>>> latest GPG-modern (2.1.2 as of now). I'll be excited when more make >>>>> it over to this side of the fence and I can start using my EC keys >>>>> for real. >>>> EC. Rad. The future. >>>> >>>>>> And, my last question- the *BSD world is filled with so many >>>>>> impacting cryptographers, and some of the most prolific >>>>>> security-minded programmers in the world. Why are we all still >>>>>> OK with this gnu-pg stuff, and all this RMS-ware? >>>>> tedu@ has a "simple, semi-modern wannabe PGP clone" called reop. I >>>>> think it's in FreeBSD's ports tree. Code is here: >>>>> https://github.com/tedu/reop Post about it: >>>>> http://www.tedunangst.com/flak/post/reop With that said, I only >>>>> know about it. Not used it. Would be interested in hearing Ted's >>>>> thoughts on the current version of the code and future directions >>>>> (but no idea if he's on this list or reads it). >>>>> >>>>> ~Brian >>>> I'd be very interested in hearing about users practical experiences >>>> with 'reop'! >>>> >>>> Yet, this OpenBSD key, >>>> http://www.openbsd.org/advisories/pgpkey.txt >>>> >>>> Appears to be created using, >>>> http://www.pa.msu.edu/reference/pgp-readme-1st.html >>>> "PGP 2.6.3i is not an official PGP version. It is based on the source >>>> code for MIT PGP 2.6.2 (the latest official version of PGP) and has >>>> been modified for international use." >>> >>> That key was generated in 1997 :-) >>> The newest item in that directory dates from mid-2002. I don't think >>> that key is still in use. >> >> Shall I use it to send a bug report and ask for it to be removed? >> >> I'm not kidding :) > > +1 Ike. But revoking keys is one of those design issues never addressed > in the pgp ecosystem AFAIK Sure, but if it's no longer used, they could take down the link and the key on the site :) Best, .ike > >> >>> >>> These days, we sign everything with our signify tool (also written by tedu@) >>> http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/signify.1 >> >> Pretty darned nifty, for what it's designed to do, I must say. > > The one thing well principle lives. > > And it will get mass adoption in the Linux systems once it incorporates > an ability to mount msdos slices and conduct its own random number > generation. > > g From jschauma at netmeister.org Sat Feb 21 21:03:07 2015 From: jschauma at netmeister.org (Jan Schaumann) Date: Sat, 21 Feb 2015 21:03:07 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <1424566141-3481460.96770867.ft1M0m4Nf006858@rs149.luxsci.com> References: <1424566141-3481460.96770867.ft1M0m4Nf006858@rs149.luxsci.com> Message-ID: <20150222020307.GE25938@netmeister.org> "Isaac (.ike) Levy" wrote: > Why are we all still OK with this gnu-pg stuff, and all this RMS-ware? Total self-promotional tangent, but fwiw, I wrote a tool a while ago to allow people to share secrets using their (presumed to be well-known) ssh keys: https://github.com/jschauma/jass That is, I completely outsourced the problem of key authenticity to the user (or, preferably, your already trusted (LDAP) infrastructure), allowing users to be able to encrypt/decrypt data with a little bit more ease. This worked well enough for at least one fairly large engineering organization. Not the same use-cases as PGP by far, but I figured it's at least somewhat related. ;-) -Jan -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 478 bytes Desc: not available URL: From mwlucas at blackhelicopters.org Sat Feb 21 21:04:19 2015 From: mwlucas at blackhelicopters.org (Michael W. Lucas) Date: Sat, 21 Feb 2015 21:04:19 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <54E931E6.2000702@ceetonetechnology.com> References: <20150222005605.DB21117FDAA@rebar.astron.com> <54E92C08.3040801@ceetonetechnology.com> <20150222012803.GB43868@mail.michaelwlucas.com> <54E931E6.2000702@ceetonetechnology.com> Message-ID: <20150222020419.GA44070@mail.michaelwlucas.com> On Sat, Feb 21, 2015 at 08:33:26PM -0500, George Rosamond wrote: > Maybe not, but when the 'effect' hit journalists in particular, the book > was pretty dated. Certainly. I would declare the book obsolete, except it still sells that 1 copy a month. And what would we do with the 3000 unsold copies? > I disagree strongly, at least to the significant anecdotal stuff I know > directly and indirectly. I'm delighted to hear that. ==ml -- Michael W. Lucas - mwlucas at michaelwlucas.com, Twitter @mwlauthor http://www.MichaelWLucas.com/, http://blather.MichaelWLucas.com/ From spork at bway.net Sat Feb 21 22:39:24 2015 From: spork at bway.net (Charles Sprickman) Date: Sat, 21 Feb 2015 22:39:24 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <1424566141-3481460.96770867.ft1M0m4Nf006858@rs149.luxsci.com> References: <1424566141-3481460.96770867.ft1M0m4Nf006858@rs149.luxsci.com> Message-ID: <92D97D57-EC5A-46F8-9A93-4C0ACF04BCC3@bway.net> On Feb 21, 2015, at 7:47 PM, Isaac (.ike) Levy wrote: > Signed PGP part > ... > -- > To me, this whole thing begs some very serious and important questions: > > - Who really trusts GPG these days? > As the article states, it's written by one guy. Werner's work is > obviously a classic- I don't want to rip on his implementation, nor do > I want to dive into tinfoil hat bits- but it's really serious when one > human being is the sole contributor to a tool with such relative > security/crypto importance. > > - Are there any viable PGP spec implementations in the world that are > under more active development? (There are literally dozens of really > great starts- and half-implementations, I'm looking for something that > is outright on-par with gpg, but with more active development and > review of the codebase.) > > -- > And, my last question- the *BSD world is filled with so many impacting > cryptographers, and some of the most prolific security-minded > programmers in the world. Why are we all still OK with this gnu-pg > stuff, and all this RMS-ware? OpenSSL was an eye-opener (well, even worse, many eyes were open and damning the code for years), and I?m sure one day GnuPG will have some similar bugs of horror revealed and everyone will freak out and wonder why we have only one piece of software for this task but Linux has a dozen sound subsystems. And so the wheel turns. I dont have anything to contribute, but following one of the links for one of the other projects landed me here, and it?s a great read: http://research.microsoft.com/en-us/people/mickens/thisworldofours.pdf I have no idea who this man is, but the writing is entertaining, so I will share one paragraph: "The Mossad/not-Mossad duality is just one of the truths that security researchers try to hide from you. The security community employs a variety of misdirections and soothing words to obscure the ultimate nature of reality; in this regard, they resemble used car salesmen and Girl Scouts (whose cookie sales are merely shell companies for the Yakuza). When you read a security paper, there?s often a sentence near the beginning that says 'assume that a public key cryptosystem exists'. The authors intend for you to read this sentence in a breezy, carefree way, as if establishing a scalable key infrastructure is a weekend project, akin to organizing a walk-in closet or taming a chinchilla. Given such a public key infrastructure, the authors propose all kinds of entertaining, Ferris Bueller-like things that you can do, like taking hashes of keys, and arranging keys into fanciful tree-like structures, and determining which users are bad so that their keys can be destroyed, or revoked, or mixed with concrete and rendered inert.? [Back to my words, which I?m stating in case this is all mangled] Oh, and shall we talk about Enigmail and how it might turn normal people off to the idea of encrypting their email? Or about what strange mangling some will experience when trying to read this Mail.app/MacGPG monstrosity has stitched together because I chose to sign this email? Or that when some of you look up my key you?ll find two and wonder if one is the result of some earlier NSA kidnapping stunt? Charles > > Best, > .ike > > > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 495 bytes Desc: Message signed with OpenPGP using GPGMail URL: From mirimir at riseup.net Sun Feb 22 00:06:56 2015 From: mirimir at riseup.net (Mirimir) Date: Sat, 21 Feb 2015 22:06:56 -0700 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <92D97D57-EC5A-46F8-9A93-4C0ACF04BCC3@bway.net> References: <1424566141-3481460.96770867.ft1M0m4Nf006858@rs149.luxsci.com> <92D97D57-EC5A-46F8-9A93-4C0ACF04BCC3@bway.net> Message-ID: <54E963F0.4030105@riseup.net> On 02/21/2015 08:39 PM, Charles Sprickman wrote: > I dont have anything to contribute, but following one of the links > for one of the other projects landed me here, and it?s a great read: > > http://research.microsoft.com/en-us/people/mickens/thisworldofours.pdf It's an amusing article, but largely beside the point. For me anyway. I may read someone's stuff in a public forum, and want to converse in private. So I find their public key, and I email them. And by "them", I mean whomever controls the email address that they seem to be using. Maybe they're actually Yakuza. But then, maybe I'm Triad ;) > [Back to my words, which I?m stating in case this is all mangled] > > Oh, and shall we talk about Enigmail and how it might turn normal > people off to the idea of encrypting their email? Or about what > strange mangling some will experience when trying to read this > Mail.app/MacGPG monstrosity has stitched together because I chose to > sign this email? I'm currently using Thunderbird+Enigmail in Ubuntu, and see nothing odd about your message. Perhaps others might share about "mangling". > Or that when some of you look up my key you?ll find > two and wonder if one is the result of some earlier NSA > kidnapping stunt? Getting your public key was entirely transparent. Initially, I saw "Unverified signature; click on 'Details' button for more information". Clicking on "Details", I selected "Import Public Key" and used the default . That yielded a key with fingerprint "09BC 2152 0D23 9583 CAE5 068A 8995 219C FE86 A4F6". Is that correct? But perhaps you have other keys, on other keyservers. And maybe one of them has been compromised, and you can't revoke it. That's why I like . You could link your current public key to blogs, online accounts, etc. So I would know which one to use. > Charles > >> >> Best, >> .ike >> >> >> >> _______________________________________________ >> talk mailing list >> talk at lists.nycbug.org >> http://lists.nycbug.org/mailman/listinfo/talk > > > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > From justin at shiningsilence.com Sun Feb 22 11:06:06 2015 From: justin at shiningsilence.com (Justin Sherrill) Date: Sun, 22 Feb 2015 11:06:06 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <92D97D57-EC5A-46F8-9A93-4C0ACF04BCC3@bway.net> References: <1424566141-3481460.96770867.ft1M0m4Nf006858@rs149.luxsci.com> <92D97D57-EC5A-46F8-9A93-4C0ACF04BCC3@bway.net> Message-ID: On Sat, Feb 21, 2015 at 10:39 PM, Charles Sprickman wrote: > I dont have anything to contribute, but following one of the links > for one of the other projects landed me here, and it?s a great read: > > http://research.microsoft.com/en-us/people/mickens/thisworldofours.pdf > > I have no idea who this man is, but the writing is entertaining, so > I will share one paragraph: Wandering farther off topic: Mickens is great, and his page at Microsoft Research has links to his scholarly work and his humor: http://research.microsoft.com/en-us/people/mickens/ Wandering back on topic, I end up using GPG for tagging each DragonFly release when I build it; it gives me the most trouble, usually, because of the interface. So, a better implementation would benefit everyone. From george at ceetonetechnology.com Sun Feb 22 13:00:29 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Sun, 22 Feb 2015 13:00:29 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <20150222020419.GA44070@mail.michaelwlucas.com> References: <20150222005605.DB21117FDAA@rebar.astron.com> <54E92C08.3040801@ceetonetechnology.com> <20150222012803.GB43868@mail.michaelwlucas.com> <54E931E6.2000702@ceetonetechnology.com> <20150222020419.GA44070@mail.michaelwlucas.com> Message-ID: <54EA193D.4010304@ceetonetechnology.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Michael W. Lucas: > On Sat, Feb 21, 2015 at 08:33:26PM -0500, George Rosamond wrote: >> Maybe not, but when the 'effect' hit journalists in particular, >> the book was pretty dated. > > Certainly. I would declare the book obsolete, except it still > sells that 1 copy a month. And what would we do with the 3000 > unsold copies? I know. But I regularly meet people who are excited to hear that there was an attempt to popularize it, way ahead of the curve. > >> I disagree strongly, at least to the significant anecdotal stuff >> I know directly and indirectly. > > I'm delighted to hear that. MWL: you were ahead of the curve. You saw the need for email encryption, and more importantly, in making it easier to get into other peoples' hands. If encryption is used, it need to have widespread usage, or it becomes a suspicious anomaly. We've discussed many times before. The issue was less about details around the book as much as larger objective things. You can make it easier to encrypt emails and files with GPG/PGP, but you can't shift public opinion on any scale to use it regularly. Mr. Snowden did that for you, and journalists, dissidents, etc., are the first ones to grasp it. If you're a lawyer who read about how "Five Eyes" surveillance broke "client-attorney privilege" as a Chicago-based law firm was enlisted by the Indonesian government against a tobacco company, using PGP doesn't sound like less of an insurmountable mountain to climb. And that government level surveillance was used for industrial espionage also. If that book was republished today with an overhaul of content, I know the sales would be significantly larger. MWL: you're like the Tesla of teaching GPG! We were always the one UG in NYC without key signings... maybe it's time? g -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJU6hk9AAoJEDWHyurqDVf+8doQAKKkdoH+jyPMkNd8PyvIKf/2 x1tywMzlack6bo5B64TYqdRl8DK9IgsuNuFHBiOHX8wwz0u1AgLtxduB6QCiT8Jl T8dpd6jpe67anLgi5Y1WjcTOW10EOgJgqlYtSU2dz3YKgVbF/ulwVwHMfEIhzgW4 D2wMJQp45C0iumuZFN9NbzIds5Id7QNyt6z3sZgBzCPtDGWYeNNevvM8iId5YhVv Op4dK0E7Rifk/NbAQWfa+QTwq+8U4urNfpppP0clBCWPVfszXxhuKjDsFCgWVx5n Vpbop8AqjV/5rydkWRyriPdm9xHIlHpE9I1Ph4hsVIgcVEg1azC0DEkMQqTON4e2 jcxXLVP6KhVJahPXa0JiHQ7dklVksVEYxt9ikt6GnE0XxgeTbG0MdfInyo/T6/WQ rjNXnqjxwUfXA5ZiSHV/zcyd1Rr7h1B40QHpc46UVIEIs1pbBRUL9yOp9VgNZYEc ZSPSQ4nEAk6k4K9TArwxMymtoENiqyKPjttlYZtXYF/pNHaBP0akoi9TsX2MSJtv j/zZPm9pznW3HPlhOhmHKSZFbNwvU0dFLmwFXNR9cE1d0z9FiUMRBZ49XSQAKluV 0nihg4uyxlP+rHmLA9Xd+pBS7nez/LMboVrvD51wfT9mGqpvpKr4NsF2UMd3lxHw 1Juvb7/5j6VPBb5Xzxo3 =RVBy -----END PGP SIGNATURE----- From gnn at neville-neil.com Sun Feb 22 13:13:05 2015 From: gnn at neville-neil.com (George Neville-Neil) Date: Sun, 22 Feb 2015 10:13:05 -0800 Subject: [talk] Odd query about modeling... Message-ID: A photographer friend of Kaz's (my husband) got ahold of him for this: "Do you know any tech / IT friends in NYC who may do a model for this? http://www.azcasting.com/videos/2014/12/14/dice-geek-models" And he passed it along to me. Anyone of you geeks interested in modeling? Do I win the prize for strangest query on talk@ now? Later, George From ike at blackskyresearch.net Sun Feb 22 14:42:54 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Sun, 22 Feb 2015 14:42:54 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <54EA193D.4010304@ceetonetechnology.com> References: <20150222005605.DB21117FDAA@rebar.astron.com> <54E92C08.3040801@ceetonetechnology.com> <20150222012803.GB43868@mail.michaelwlucas.com> <54E931E6.2000702@ceetonetechnology.com> <20150222020419.GA44070@mail.michaelwlucas.com> <54EA193D.4010304@ceetonetechnology.com> Message-ID: <1424634242-423125.196749948.ft1MJhaSX027478@rs149.luxsci.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 02/22/15 13:00, George Rosamond wrote: > We were always the one UG in NYC without key signings... maybe it's > time? Just needs one person to wrangle people, and provide *the simplest* advance instructions. I suggest someone hit talk@ a few days before next meeting if they want to do key signing. Best time IMHO? Just after a speaker is done, at a regular meeitng, (any/every regular meeting). Not so simple instructions, http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html Best, .ike -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJU6jE+AAoJEF3x9fylaZ85cWsP+gIfLC05xl2WvTlhBisoNIgh RrM9CHKybdkJB2snA577L9/zgayLt8Fn6q/WgBk4B6GSiiropBBsg9k+GOcG7PjR 6cFkN1AU+iu/LlTGHsJRU4pSXf03sjJYd0xWmQzYWT/WV+5+CuTtOfqpGLLNFDCK e9OMGUWIGF+BzNbKyz1nQT4AJyVgZB6uzcX9KpLH8jQKALIa4LrmbHEuwx5rSDLY nhvrU9wAfibcxc3W2o3i2RwszMzGg8IsE1t1VapS8dZQHVbiAuaECFYvqB7exAKo nwMQDbIaj8B+KbaO5ZVS9oYZIZ3nkpGqcXY/j6vRJhZu9TVfZijqIMU3M6hVQEle 2frIwLZ2q8KF9H34hxdRbHYZl0JYA21TaFaQPkmi9VC3/8MmCC2RAKRDYi5x+uj6 Zwk8xj96Lnp9t08MDuj4PVcU5iZpdkiOuh5DINTNCTAXQmK6WWB5qHCodJQs6Ob3 f0PUqwpjpIsPO2iqE3ed41oye4RLrTq5C5LhWNwrVNrapZfjWsBRacy5s5KrJr3j Yfjw7h9h5Mw6kJm5HqN2W180EwARI9SCbf8fNeKJKxbOxEa3gsmFeu1Hl1vBH6iv EKAc7DPhE23slRcTF0x64DtINGejHaUapobX1BWQliNSkS4aBzeP1B+qwaLXVXMZ qMg3QigV9h4B6n2XrhPa =byUe -----END PGP SIGNATURE----- From ike at blackskyresearch.net Sun Feb 22 14:59:31 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Sun, 22 Feb 2015 14:59:31 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: References: <1424566141-3481460.96770867.ft1M0m4Nf006858@rs149.luxsci.com> <92D97D57-EC5A-46F8-9A93-4C0ACF04BCC3@bway.net> Message-ID: <1424635262-3135504.00715243.ft1MK0CuJ008753@rs149.luxsci.com> On 02/22/15 11:06, Justin Sherrill wrote: > On Sat, Feb 21, 2015 at 10:39 PM, Charles Sprickman wrote: >> I dont have anything to contribute, but following one of the links >> for one of the other projects landed me here, and it?s a great read: >> >> http://research.microsoft.com/en-us/people/mickens/thisworldofours.pdf This is possibly the most entertaining read of my year. >> >> I have no idea who this man is, but the writing is entertaining, so >> I will share one paragraph: > > Wandering farther off topic: Mickens is great, and his page at > Microsoft Research has links to his scholarly work and his humor: > > http://research.microsoft.com/en-us/people/mickens/ !!! thanks for osting Justin. > > Wandering back on topic, I end up using GPG for tagging each DragonFly > release when I build it; it gives me the most trouble, usually, > because of the interface. So, a better implementation would benefit > everyone. I agree. The base model isn't the problem, like most things, the shortcomings are in the implementation. With that, did anyone dive deeper into the netgpg / netbsd bit yet? Best, .ike From jschauma at netmeister.org Sun Feb 22 15:59:32 2015 From: jschauma at netmeister.org (Jan Schaumann) Date: Sun, 22 Feb 2015 15:59:32 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <54EA193D.4010304@ceetonetechnology.com> References: <20150222005605.DB21117FDAA@rebar.astron.com> <54E92C08.3040801@ceetonetechnology.com> <20150222012803.GB43868@mail.michaelwlucas.com> <54E931E6.2000702@ceetonetechnology.com> <20150222020419.GA44070@mail.michaelwlucas.com> <54EA193D.4010304@ceetonetechnology.com> Message-ID: <20150222205931.GH25938@netmeister.org> George Rosamond wrote: > We were always the one UG in NYC without key signings... maybe it's > time? You don't need to hold official keysigning "parties". Just set 5 minutes aside each meeting and say "oh, and whoever wants to sign PGP keys, get together after the talk". Ie, make it a regular, normal part, not a special "only for security geeks" thing. -Jan -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 478 bytes Desc: not available URL: From george at ceetonetechnology.com Sun Feb 22 17:39:02 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Sun, 22 Feb 2015 17:39:02 -0500 Subject: [talk] Odd query about modeling... In-Reply-To: References: Message-ID: <54EA5A86.6000806@ceetonetechnology.com> George Neville-Neil: > A photographer friend of Kaz's (my husband) got ahold of him for this: > > "Do you know any tech / IT friends in NYC who may do a model for this? > http://www.azcasting.com/videos/2014/12/14/dice-geek-models" > > And he passed it along to me. Anyone of you geeks interested in modeling? > > Do I win the prize for strangest query on talk@ now? It will take a lot to top this post in 2015, even though it's only Feb 22! Thanks GNN! g From george at ceetonetechnology.com Sun Feb 22 17:40:26 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Sun, 22 Feb 2015 17:40:26 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <20150222205931.GH25938@netmeister.org> References: <20150222005605.DB21117FDAA@rebar.astron.com> <54E92C08.3040801@ceetonetechnology.com> <20150222012803.GB43868@mail.michaelwlucas.com> <54E931E6.2000702@ceetonetechnology.com> <20150222020419.GA44070@mail.michaelwlucas.com> <54EA193D.4010304@ceetonetechnology.com> <20150222205931.GH25938@netmeister.org> Message-ID: <54EA5ADA.4010806@ceetonetechnology.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Jan Schaumann: > George Rosamond wrote: > >> We were always the one UG in NYC without key signings... maybe >> it's time? > > You don't need to hold official keysigning "parties". Just set 5 > minutes aside each meeting and say "oh, and whoever wants to sign > PGP keys, get together after the talk". > > Ie, make it a regular, normal part, not a special "only for > security geeks" thing. Yes, of course. Maybe we need to prep the necessary resources for those unfamiliar with the procedure, but we can certainly start doing regularly. g -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJU6lraAAoJEDWHyurqDVf+rpAP/2M5VxEDOiAHw6H0sK9tnXWk pbqtW4jkfb1UylebZEgsIfEkputUjHwfsW3cyF+3ctCnRYYM5q7jQP0c80lFcU5g R6vPnukes19JKv+HCFAqISg4xlOkzOvBoJYmQlCLbStdd6URhZAT/aKMl6NuKIWX YgLF8EfCpxABzD8CGmLAL4PcnSirGEqXRTywVDTH5FY9ao3jrHWaqY3Mm3CJPwbW IwRAiPC7AwfqEKfe5b7rg+dgiBF0E1IDdANjcaWpkQ0U1xFilwuy55FeLIgTKhOb t2D9/gbYWhdi/6x5zUs7KqDc68aEM7/idE4KUP750xO3QBt+p2ufXbwUasjHjCBD jEgVh3drK9K2An/o4Inh3CinVTtgOVedpu1lvVti1js8xciYzS0oi4FHVQo+Dhi7 Ud9OFj9wPBOITyEJrb7xAi5rTH1sfvdhuOwXU4Yc7iKqt7zrhXBCiNo47e701AKD ImSdYnYHqTl/+R5WsC3cCxoPShUBZhKeqTsBrCEaFEc198tsgmyTcOwm2xiPWtxG 3dVoBrpJ8Ez2i3u+cToxYYxjw6f45PEPD7Li4fTOw0s6Af0riDydbxZf/TNPFdgH N4BWwiAYTMkcUGcNH1wz4449ru8tx6CYPeEcnjVgR9nHWTFCacsW9sOke29qP1xv ZRJbhdV+11g9AQOEKN21 =qd/0 -----END PGP SIGNATURE----- From ike at blackskyresearch.net Sun Feb 22 19:10:10 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Sun, 22 Feb 2015 19:10:10 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <54EA5ADA.4010806@ceetonetechnology.com> References: <20150222005605.DB21117FDAA@rebar.astron.com> <54E92C08.3040801@ceetonetechnology.com> <20150222012803.GB43868@mail.michaelwlucas.com> <54E931E6.2000702@ceetonetechnology.com> <20150222020419.GA44070@mail.michaelwlucas.com> <54EA193D.4010304@ceetonetechnology.com> <20150222205931.GH25938@netmeister.org> <54EA5ADA.4010806@ceetonetechnology.com> Message-ID: <1424650262-3471091.17849335.ft1N0Areo008504@rs149.luxsci.com> On 02/22/15 17:40, George Rosamond wrote: >>> Ie, make it a regular, normal part, not a special "only for >>> security geeks" thing. Couldn't agree more. > Yes, of course. > > Maybe we need to prep the necessary resources for those unfamiliar > with the procedure, but we can certainly start doing regularly. Also, this was my point- yes. Some short shout to talk@ saying "Hey, bring X to the next meeting if you want to do signed keys". Best, .ike From george at ceetonetechnology.com Sun Feb 22 19:22:05 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Sun, 22 Feb 2015 19:22:05 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <1424650262-3471091.17849335.ft1N0Areo008504@rs149.luxsci.com> References: <20150222005605.DB21117FDAA@rebar.astron.com> <54E92C08.3040801@ceetonetechnology.com> <20150222012803.GB43868@mail.michaelwlucas.com> <54E931E6.2000702@ceetonetechnology.com> <20150222020419.GA44070@mail.michaelwlucas.com> <54EA193D.4010304@ceetonetechnology.com> <20150222205931.GH25938@netmeister.org> <54EA5ADA.4010806@ceetonetechnology.com> <1424650262-3471091.17849335.ft1N0Areo008504@rs149.luxsci.com> Message-ID: <54EA72AD.8050405@ceetonetechnology.com> Isaac (.ike) Levy: > On 02/22/15 17:40, George Rosamond wrote: >>>> Ie, make it a regular, normal part, not a special "only for >>>> security geeks" thing. > > Couldn't agree more. > >> Yes, of course. >> >> Maybe we need to prep the necessary resources for those unfamiliar >> with the procedure, but we can certainly start doing regularly. > > Also, this was my point- yes. Some short shout to talk@ saying "Hey, > bring X to the next meeting if you want to do signed keys". > Strange. The announce just went out, and somehow that was in it. g From george at ceetonetechnology.com Sun Feb 22 19:24:05 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Sun, 22 Feb 2015 19:24:05 -0500 Subject: [talk] Fwd: [announce] NYC*BUG Upcoming Message-ID: <54EA7325.60708@ceetonetechnology.com> Since there are a lot of people on talk@, but not announce@, forwarding here. That shouldn't stop you from subscribing to announce at . -------- Forwarded Message -------- Subject: [announce] NYC*BUG Upcoming Date: Sun, 22 Feb 2015 19:21:02 -0500 From: NYC*BUG Announcements We are putting the finishing touches on the next SEVEN meetings. This is likely the best stretch of meetings we've assembled since we officially launched in 2004. Note that we are in the process of overhauling how we manage the web site. Web site updates and details for some meetings are in the pipeline. Additionally, there are two BSD Cons upcoming: AsiaBSDCon 2015, March 12-15 in Tokyo, Japan BSDCan 2015, June 12-13 in Ottawa, Canada The quick list of upcoming meetings. All meetings will be in Stone Creek's backroom at 6:45 PM at this point, but NOT all on the first Wednesday of the month. March 4: George Neville-Neil on the "DTrace", based on the new release of "The Design and Implementation of the FreeBSD Operating System." Introductory comments from the books editor. Hors d'oeuvres will be provided, in addition to copies of the book. April 8: Christos Zoulas "Blacklist'd" May 6: We are waiting on details, but we likely have a remote speaker coming in. Stay tuned. June 3: John Baldwin "FreeBSD's NUMA" July 1: Steve Kreuzer "PTP: Precision Time Protocol" August 2: Brian Callahan "What's New with OpenBSD?" September 6: John C. Vernaleo "Bitrig" As mentioned on talk@, we will start using NYC*BUG meetings to get PGP/GPG key signings done! We will provide some how-to documentation for those unfamiliar. _______________________________________________ announce mailing list announce at lists.nycbug.org http://lists.nycbug.org/mailman/listinfo/announce From ike at blackskyresearch.net Sun Feb 22 23:04:04 2015 From: ike at blackskyresearch.net (Isaac Levy) Date: Sun, 22 Feb 2015 23:04:04 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <1424569324-5533600.88896513.ft1M1f9cT012081@rs149.luxsci.com> References: <20150222005605.DB21117FDAA@rebar.astron.com> <54E92C08.3040801@ceetonetechnology.com> <20150222012803.GB43868@mail.michaelwlucas.com> <1424569324-5533600.88896513.ft1M1f9cT012081@rs149.luxsci.com> Message-ID: <1424664302-538859.95933015.ft1N445Rk024574@rs149.luxsci.com> On Feb 21, 2015, at 8:40 PM, Isaac (.ike) Levy wrote: >> Those people who care, care deeply. Snowden made them care even more >> deeply. But the pool of people who care is tiny. >> >> Snowden did not expand the pool of people willing to use PGP. >> >> ==ml > > I dunno ML, I'm using it again after many years of abandonment. > > (Perhaps that proves your point, perhaps disproves it :) I know we're not all pop media junkies around here, so I thought I'd post this followup: Laura Poitras just accepted an Oscar at the Academy Awards for her Citizenfour. Hack the planet- .ike From ike at blackskyresearch.net Mon Feb 23 00:50:04 2015 From: ike at blackskyresearch.net (Isaac (.ike) Levy) Date: Mon, 23 Feb 2015 00:50:04 -0500 Subject: [talk] Odd query about modeling... In-Reply-To: References: Message-ID: <1424670663-6687448.38639943.ft1N5omTg011778@rs149.luxsci.com> On 02/22/15 13:13, George Neville-Neil wrote: > A photographer friend of Kaz's (my husband) got ahold of him for this: > > "Do you know any tech / IT friends in NYC who may do a model for this? > http://www.azcasting.com/videos/2014/12/14/dice-geek-models" > > And he passed it along to me. Anyone of you geeks interested in modeling? > > Do I win the prize for strangest query on talk@ now? I think you easily have one of strangest non-sequitors talk@ has seen, at the very least. Best, .ike From mark.saad at ymail.com Mon Feb 23 09:50:24 2015 From: mark.saad at ymail.com (Mark Saad) Date: Mon, 23 Feb 2015 09:50:24 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <1424664302-538859.95933015.ft1N445Rk024574@rs149.luxsci.com> References: <20150222005605.DB21117FDAA@rebar.astron.com> <54E92C08.3040801@ceetonetechnology.com> <20150222012803.GB43868@mail.michaelwlucas.com> <1424569324-5533600.88896513.ft1M1f9cT012081@rs149.luxsci.com> <1424664302-538859.95933015.ft1N445Rk024574@rs149.luxsci.com> Message-ID: > On Feb 22, 2015, at 11:04 PM, Isaac Levy wrote: > > On Feb 21, 2015, at 8:40 PM, Isaac (.ike) Levy wrote: > >>> Those people who care, care deeply. Snowden made them care even more >>> deeply. But the pool of people who care is tiny. >>> >>> Snowden did not expand the pool of people willing to use PGP. >>> >>> ==ml >> >> I dunno ML, I'm using it again after many years of abandonment. >> >> (Perhaps that proves your point, perhaps disproves it :) > > I know we're not all pop media junkies around here, so I thought I'd post this followup: > > Laura Poitras just accepted an Oscar at the Academy Awards for her Citizenfour. > Who or what was that ? > Hack the planet- > .ike > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk Mark saad | mark.saad at ymail.com From mspitzer at gmail.com Mon Feb 23 12:25:36 2015 From: mspitzer at gmail.com (Marc Spitzer) Date: Mon, 23 Feb 2015 12:25:36 -0500 Subject: [talk] Odd query about modeling... In-Reply-To: References: Message-ID: there is no coulda about it you are a contender Marc On Sun, Feb 22, 2015 at 1:13 PM, George Neville-Neil wrote: > A photographer friend of Kaz's (my husband) got ahold of him for this: > > "Do you know any tech / IT friends in NYC who may do a model for this? > http://www.azcasting.com/videos/2014/12/14/dice-geek-models" > > And he passed it along to me. Anyone of you geeks interested in modeling? > > Do I win the prize for strangest query on talk@ now? > > Later, > George > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > -- Freedom is nothing but a chance to be better. --Albert Camus The inherent vice of capitalism is the unequal sharing of blessings; the inherent virtue of socialism is the equal sharing of miseries. -- Winston Churchill Do the arithmetic or be doomed to talk nonsense. --John McCarthy -------------- next part -------------- An HTML attachment was scrubbed... URL: From ahpook at verizon.net Mon Feb 23 17:04:19 2015 From: ahpook at verizon.net (Ah Pook) Date: Mon, 23 Feb 2015 17:04:19 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: References: <20150222005605.DB21117FDAA@rebar.astron.com> <54E92C08.3040801@ceetonetechnology.com> <20150222012803.GB43868@mail.michaelwlucas.com> <1424569324-5533600.88896513.ft1M1f9cT012081@rs149.luxsci.com> <1424664302-538859.95933015.ft1N445Rk024574@rs149.luxsci.com> Message-ID: <54EBA3E3.2070308@verizon.net> On 02/23/2015 09:50 AM, Mark Saad wrote: > > >> On Feb 22, 2015, at 11:04 PM, Isaac Levy wrote: >> >> On Feb 21, 2015, at 8:40 PM, Isaac (.ike) Levy wrote: >> >>>> Those people who care, care deeply. Snowden made them care even more >>>> deeply. But the pool of people who care is tiny. >>>> >>>> Snowden did not expand the pool of people willing to use PGP. >>>> >>>> ==ml >>> >>> I dunno ML, I'm using it again after many years of abandonment. >>> >>> (Perhaps that proves your point, perhaps disproves it :) >> >> I know we're not all pop media junkies around here, so I thought I'd post this followup: >> >> Laura Poitras just accepted an Oscar at the Academy Awards for her Citizenfour. >> > > Who or what was that ? http://www.reddit.com/r/IAmA/comments/2wwdep/we_are_edward_snowden_laura_poitras_and_glenn/ From george at ceetonetechnology.com Mon Feb 23 19:01:54 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Mon, 23 Feb 2015 19:01:54 -0500 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <54EBA3E3.2070308@verizon.net> References: <20150222005605.DB21117FDAA@rebar.astron.com> <54E92C08.3040801@ceetonetechnology.com> <20150222012803.GB43868@mail.michaelwlucas.com> <1424569324-5533600.88896513.ft1M1f9cT012081@rs149.luxsci.com> <1424664302-538859.95933015.ft1N445Rk024574@rs149.luxsci.com> <54EBA3E3.2070308@verizon.net> Message-ID: <54EBBF72.90101@ceetonetechnology.com> Ah Pook: > On 02/23/2015 09:50 AM, Mark Saad wrote: >> >> >>> On Feb 22, 2015, at 11:04 PM, Isaac Levy >>> wrote: >>> >>> On Feb 21, 2015, at 8:40 PM, Isaac (.ike) Levy >>> wrote: >>> >>>>> Those people who care, care deeply. Snowden made them care even more >>>>> deeply. But the pool of people who care is tiny. >>>>> >>>>> Snowden did not expand the pool of people willing to use PGP. >>>>> >>>>> ==ml >>>> >>>> I dunno ML, I'm using it again after many years of abandonment. >>>> >>>> (Perhaps that proves your point, perhaps disproves it :) >>> >>> I know we're not all pop media junkies around here, so I thought I'd >>> post this followup: >>> >>> Laura Poitras just accepted an Oscar at the Academy Awards for her >>> Citizenfour. >>> >> >> Who or what was that ? > > http://www.reddit.com/r/IAmA/comments/2wwdep/we_are_edward_snowden_laura_poitras_and_glenn/ http://search.about.com/r.htm?q=Snowden ;P g From mirimir at riseup.net Mon Feb 23 19:33:27 2015 From: mirimir at riseup.net (Mirimir) Date: Mon, 23 Feb 2015 17:33:27 -0700 Subject: [talk] How I stopped worrying, and learned to love GPG In-Reply-To: <54EBBF72.90101@ceetonetechnology.com> References: <20150222005605.DB21117FDAA@rebar.astron.com> <54E92C08.3040801@ceetonetechnology.com> <20150222012803.GB43868@mail.michaelwlucas.com> <1424569324-5533600.88896513.ft1M1f9cT012081@rs149.luxsci.com> <1424664302-538859.95933015.ft1N445Rk024574@rs149.luxsci.com> <54EBA3E3.2070308@verizon.net> <54EBBF72.90101@ceetonetechnology.com> Message-ID: <54EBC6D7.9070002@riseup.net> On 02/23/2015 05:01 PM, George Rosamond wrote: > Ah Pook: >> On 02/23/2015 09:50 AM, Mark Saad wrote: >>> >>> >>>> On Feb 22, 2015, at 11:04 PM, Isaac Levy >>>> wrote: >>>> >>>> On Feb 21, 2015, at 8:40 PM, Isaac (.ike) Levy >>>> wrote: >>>> >>>>>> Those people who care, care deeply. Snowden made them care even more >>>>>> deeply. But the pool of people who care is tiny. >>>>>> >>>>>> Snowden did not expand the pool of people willing to use PGP. >>>>>> >>>>>> ==ml >>>>> >>>>> I dunno ML, I'm using it again after many years of abandonment. >>>>> >>>>> (Perhaps that proves your point, perhaps disproves it :) >>>> >>>> I know we're not all pop media junkies around here, so I thought I'd >>>> post this followup: >>>> >>>> Laura Poitras just accepted an Oscar at the Academy Awards for her >>>> Citizenfour. >>>> >>> >>> Who or what was that ? >> >> http://www.reddit.com/r/IAmA/comments/2wwdep/we_are_edward_snowden_laura_poitras_and_glenn/ > > http://search.about.com/r.htm?q=Snowden Also https://firstlook.org/theintercept/ founded with Glenn Greenwald. > ;P > > g > > _______________________________________________ > talk mailing list > talk at lists.nycbug.org > http://lists.nycbug.org/mailman/listinfo/talk > From george at ceetonetechnology.com Tue Feb 24 23:22:07 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Tue, 24 Feb 2015 23:22:07 -0500 Subject: [talk] Moxie on GPG Message-ID: <54ED4DEF.50101@ceetonetechnology.com> "GPG and Me" www.thoughtcrime.org/blog/gpg-and-me/ Wonderfully realistic assessment, with the depressing aspects and all. "Looking forward, however, I think of GPG as a glorious experiment that has run its course." g From george at ceetonetechnology.com Wed Feb 25 10:30:29 2015 From: george at ceetonetechnology.com (George Rosamond) Date: Wed, 25 Feb 2015 10:30:29 -0500 Subject: [talk] perl script to submit to dmesgd Message-ID: <54EDEA95.3090500@ceetonetechnology.com> >From AFresh1... post_dmesg_to_nycbug.pl https://gist.github.com/afresh1/99cdd481184147f0e8c0 g From pete at nomadlogic.org Wed Feb 25 12:49:05 2015 From: pete at nomadlogic.org (Pete Wright) Date: Wed, 25 Feb 2015 09:49:05 -0800 Subject: [talk] perl script to submit to dmesgd In-Reply-To: <54EDEA95.3090500@ceetonetechnology.com> References: <54EDEA95.3090500@ceetonetechnology.com> Message-ID: <54EE0B11.8050702@nomadlogic.org> On 02/25/15 07:30, George Rosamond wrote: > From AFresh1... > > post_dmesg_to_nycbug.pl > > https://gist.github.com/afresh1/99cdd481184147f0e8c0 > nice - although i'm not sure if it qualifies as "real perl" since i can actually read the code and understand whats going on... /me puts on fire proof suit for ensuing flame fest -p -- Pete Wright pete at nomadlogic.org twitter => @nomadlogicLA