freenode/#devuan/ Monday, 2019-04-01

Venker'Green hats' is too obvious, unless this was planified to seem a joke instead of a real attack00:02
tuxd3v Yes to obvious00:04
tuxd3vbut who, exactly?00:05
tuxd3vthat's the problem..00:05
VenkerFear, uncertainty and doubt00:06
tuxd3vOVH should habe ips of conections made to the site, when it was takn off00:06
tuxd3vhabe -->have00:06
tuxd3valso they can block ssh trafic to the servers..00:07
tuxd3vAnd why devuan..00:15
tuxd3vIts a free software organization, with lots of cultural  values..00:16
_abc_Because red hats are considered more free and better organized?00:18
Venkerfor being unruly to Hydra mainlines00:18
watchcatspoze this was a real pwnjob. you'd have a topic change. you have a guy here assuring everyone it's being worked on. in fact, it even would have been fixed by now. conclusion: lirpa loof did it.00:20
KatolaZwatchcat: we have said several times we are working on it00:21
KatolaZwe have got contact with the customer service of the provider00:22
KatolaZwe are trying to get back access to the consoles00:22
KatolaZI just sent an update on DNG00:23
VenkerThe last tweets from the official Devuan account are legit?00:29
KatolaZVenker: which tweets?00:34
targzKatolaZ: 3 in the last hour00:36
Venker"[...] we'll have a fresh campfire and time to plan next moves, hopefully aligned with the #GreenHat hackers, who are now our new overlords."00:36
Venkerthose texts, in somewhat way, admit defeat00:38
redrickVenker:  I don't speak for Devuan Project in any way, but it seems to me those tweets reflect a sense of humour while waiting for the hosting provider to help with access to regain control.00:40
KatolaZVenker: what can you go against Green Hat Hackers?00:40
KatolaZit's even on shashdot!00:40
Venkerredrick: it could be00:41
KatolaZif anybody can help finding a clue00:44
KatolaZthey asked us to focus on the last line of the pwned page00:44
KatolaZ"BOTH 7779847 AND 1554080659 ARE PRIME NUMBERS"00:44
VenkerI'm looking for help00:45
KatolaZplease Venker00:45
KatolaZthanks for your support00:45
Venkeryou are welcome  ;-)00:45
meandrainhi, guys can you tell me (and point me to some direction) how you deal with packages that require systemd? Do you have some kind of wrapper or you use older versions of those packages?00:46
KatolaZmeandrain: packages that require systemd are banned00:47
KatolaZthose which require libsystemd or libpam-systemd still work00:47
meandrainthank you! I'll start from there00:47
VenkerKatolaZ: a user suggests it could be refering to p and q in RSA cypher00:48
KatolaZwe tried that but no success00:48
KatolaZthey are too small as p and q00:48
redrickKatolaZ:  They may have asked you to concentrate on that question, but as an SA I'd concentrate on the traditional ones:  How was entry and compromise accomplished, how to rebuild/restore, how to prevent recurrence.00:49
KatolaZredrick: they really insisted on that line though00:50
redrickSometimes you cannot determine answer to the first question in reasonable time, so you attend to basics, issue new credentials, study and tighten as you can.00:50
VenkerDid you find any cyphered message or file?00:50
KatolaZso there must be something in those two numbers00:50
roo^yMind your Ps and Qs is an English language expression meaning "mind your manners", "mind your language", "be on your best behaviour", "watch what you're doing" or similar -Wikipedia00:50
redrickKatolaZ:  Sure, but do you-plural really care?  If it were my site, I wouldn't.00:51
DonkeyHoteialso, what roo^y said00:51
redrickIn 2005, I had defacement of my site front page because I'd stupidly had index.html writable by www-data and a bug in Apache2 got exploited.  I overreaced and assumed root compromise in error, and rebuilt.  Figured that part out later.
redrick(That was back before I said 'Screw PHP; I'm not going to expose it at all to public netwworks any more.')00:55
tuxd3vredrick, agree00:56
KatolaZredrick: some of the comments on /. actually suggest a way through00:56
zeph1ro@KatolaZ, what do u mean too small? the example at seems to be giving back a valid public/private key... that might be used to ssh into the system00:57
redrickI still run /usr/bin/php5 from some cron jobs to generate static HTML, though.  It turned out, lazy coders including yr. humble servant had treated page sets as dynamic when they didn't need to be.00:57
redrickKatolaZ:  Having a look at /.00:58
tuxd3vroot@desktop0:~# date -d @155408065900:58
tuxd3vMon  1 Apr 02:04:19 WEST 201900:58
tuxd3vits a timestamp..00:58
KatolaZoh really!?!00:58
KatolaZand what about the other one?00:58
snookiex*pretends to be shocked*00:59
zeph1rogms@roger:~$ date -d @777984700:59
zeph1romer  1 apr 1970, 02.04.07, CET00:59
zeph1rodude... good night, i gotta work tomorrow00:59
KatolaZthat was the first April's fool in the Unix Era!00:59
* KatolaZ hides away00:59
KatolaZactually, i guess they work better in UTC01:00
redrickI'm trying to find the /. comments in question, but, seriously, if the host is (or is probably) root-compromised, then best practices is to rebuild.01:00
KatolaZ70/4/1 1:4:0701:00
KatolaZ19/4/1 1:4:1901:00
KatolaZredrick: date -d @777984701:01
KatolaZdate -d @155408065901:01
DonkeyHotei$ date -ud @777984701:01
DonkeyHoteiWed Apr  1 01:04:07 UTC 197001:01
DonkeyHotei$ date -ud @155408065901:01
DonkeyHoteiMon Apr  1 01:04:19 UTC 201901:01
tuxd3vbut why 12 minutes diference?01:02
tuxd3vthanks yes that is..01:02
KatolaZ01:02 < KatolaZ> 70/4/1 1:4:0701:03
KatolaZ01:02 < KatolaZ> 19/4/1 1:4:1901:03
va7lnxstack exchange is having April Fools day fun:
Venkerif you substract both numbers, the resulting timestamp is01:04
Venker$ date -ud @154630081201:04
Venkermar ene  1 00:00:12 UTC 201901:04
KatolaZgood job Venker01:05
DonkeyHotei49 years and 12 seconds01:05
KatolaZbad maths roo^y01:06
Venkerbut why the 1st of january...?01:06
Venker(I'm just trying combinations)01:06
DonkeyHoteiapril, not jan01:06
KatolaZVenker: april01:06
Venkerene = jan01:07
DonkeyHoteibecause you subtracted, so it ceased to be a date01:07
VenkerI tried ^_^U01:08
tuxd3vit was when time started to be counted on unix systems01:08
tuxd3vroot@desktop0:~# date -ud @001:08
tuxd3vThu  1 Jan 00:00:00 UTC 197001:08
tuxd3vbut the 12 seconds..don't get it..01:08
DonkeyHoteiVenker: if you take the unix time of today and subtract the unix time of a year ago today, then convert that to a date, guess what month it'll be01:09
KatolaZtuxd3v: not all numbers are prime numbers...01:09
Venker1554080659-7779847=1546300812. Which is Tue Jan  1 00:00:12 UTC 201901:14
Venkernot April01:14
Venkerand still the same 12 seconds01:14
DonkeyHoteiVenker: if you take the unix time of today and subtract the unix time of a year ago today, then convert that to a date, guess what month it'll be01:14
tuxd3vroot@desktop0:~# date -ud @$(bc<<<'1554080659-1554080659')01:18
tuxd3vThu  1 Jan 00:00:00 UTC 197001:18
tuxd3vthey are limits01:18
tuxd3vthis gives the exact timestamp '0'(zero)01:19
tuxd3vno more 12 seconds01:19
tuxd3vI messed it up01:19
KatolaZtuxd3v: :D01:19
desperekthese are unix timestamps01:19
desperek1 apr 1:04 today gmt and in 197001:19
tuxd3vloolroot@desktop0:~# date -ud @$(bc<<<'1554080659-7779847')01:20
tuxd3vTue  1 Jan 00:00:12 UTC 201901:20
desperekyou are doing it wrong01:20
desperekthe numbers alone01:21
abcabc__one hopes that NO keys or pwds were shared by any of the devuan devs between main site and repo/other hosts. Right KatolaZ ?01:22
KatolaZabcabc__: have you had a look at those numbers?01:23
abcabc__no. Why?01:23
desperekisnt the answer 7 or 49?01:24
KatolaZthe key is there01:24
KatolaZdesperek: much easier01:24
abcabc__They're primes, no? And nix dates.01:24
desperekits today 1:04 gmt01:24
desperekand in 197001:24
KatolaZ01:05 <KatolaZ> date -d @777984701:24
KatolaZ01:05 <KatolaZ> date -d @155408065901:24
desperekthe difference is 49 years01:24
desperekand 7 is sqrt of 4901:25
abcabc__i saw that.01:25
desperek7 is also a prime number01:25
KatolaZit's today01:25
desperekalso the port to gopher is 7001:26
tuxd3vPort 7001:26
desperekdifference between the dates is exactly 49 years01:27
KatolaZtoday abcabc__01:27
KatolaZyes desperek01:27
despereksqrt of 49 is 7 and 70 is the gopher port01:27
KatolaZ'cause this year unix turns 50...01:27
Venkerany of your devs is 49 or 50?01:28
abcabc__gopher is a cool name, go far.01:28
* abcabc__ is 51 i think01:28
DonkeyHoteiif you take the difference of Oct 9 2011 and Oct 9 2010, then convert it to a date, it will be Jan 1 too01:29
desperekALSO 1:04 is 1st of April01:30
desperekcus april is the 4th month01:30
DonkeyHoteibecause the difference between two dates is not itself a date01:30
KatolaZ70/4/1 1:04:0701:30
KatolaZ19/4/1 1:04:1901:30
desperekit makes more sense in a normal date format01:30
DonkeyHoteithey are palidromes01:30
DonkeyHoteithey are palindromes*01:31
desperekoh yeah then yes01:31
tuxd3v19 + 0701:31
desperekwell, not exactly palindromes i would argue01:31
desperekmaybe the answer is 2000?01:32
desperekok nvm that01:32
tuxd3v1970/04/01 1:04 - 19:0701:33
KatolaZdesperek: the answer is today01:34
despereklike the word today?01:34
KatolaZno today like today01:34
tuxd3vbetween 1:04 and 19_07?01:35
desperekwell, go for it then maybe? idk01:35
desperekor unix01:35
desperekor april fools01:35
desperekor unix april fools :D01:35
* KatolaZ looks at desperek and thinks "I like this chap..."01:36
desperekyea this truly is a magical date tbh01:36
desperek:p i've got to go to sleep soon though :D01:37
despereki was also thinking of doing and on sole numbers but i dont think this would be the answer01:39
KatolaZdesperek: you are done01:39
KatolaZthe answer is today01:39
desperekjust that the binary form of it is kinda palindrome01:39
desperekKatolaZ, no, but is it really like the answer that's accepted and all or not :e01:40
desperekwell, anyways, good night01:40
tuxd3vany way how to we know that the answer is correct?01:40
redrick'Good night, Westley.  I'll probably kill you in the morning.'01:41
KatolaZthanks redrick01:42
KatolaZ12 hours is a whole lot of time ;)01:42
redrickPrincess Bridge quotations while you wait.01:42
redrickEr, Bride.01:42
redrickDammit, where's that coffee?01:43
VenkerI'm gonna leave, too01:44
VenkerForza, admins!01:44
redrickBuona notte!01:45
redrickA domani, even.01:45
KatolaZSYL redrick01:46
KatolaZbeware of green hats...01:46
tuxd3vright now they are blue hats01:47
redrickpå gjensyn.01:47
mns`by this time, i hope the devuan domain have been pointed to another server ...02:19
KatolaZmns`: have a look at /.02:19
KatolaZand at the calendar02:19
mns`Is it a april fools joke?02:22
KatolaZmns`: date -d @155408065902:23
mns`because I'm not laughing02:23
mns`i saw that02:23
opalglad to see devuan has switched to gopher Kappa02:25
golinuxmns`: I'm not laughing either02:31
bluemarlinyou sure those two primes aren't a hint - like you should construct private key from them and access the servers?02:38
KatolaZbluemarlin: date -d @155408065902:39
se7enSo is this or is this not a joke by devuan02:50
se7enOr is it by a malicious hacker for april fools day02:50
KatolaZse7en: wazzup?02:51
se7enis this a joke by Devuan or is it by a malicious actor for april fools day02:51
se7enI know of hacking groups hacking websites for april fools day02:52
KatolaZ$ date -d @155408065902:52
se7enYeah, I know02:52
KatolaZse7en: do you have any contact with green hat hackers?02:52
se7enI have never heard the term befoee02:52
KatolaZI see02:52
se7enI am just unsure if this is a joke by Devuan or if it is by another party02:52
KatolaZ$ date -d @155408065902:52
bluemarlini would expect them to operate from underground irish pub though02:52
se7enKatolaZ: yeah I know02:53
se7en[17:51 se7en@lappy ~] > date -d @155408065902:53
se7enSun Mar 31 18:04:19 PDT 201902:53
se7enApril Fools Day02:53
se7enI know02:53
se7enBut is it by you02:53
KatolaZbluemarlin: you never know, it could be from a lagune02:53
mns`by now, i guess its a 'inside job' joke02:53
se7enor is it by a hacker02:53
KatolaZse7en: the pwned page says "Green Hat Hackers"02:53
KatolaZso it must be form some hacker of sort02:54
KatolaZbluemarlin: if anybody asks, just tell them `date -d @1554080659`02:57
se7enKatolaZ: you need to add a -u to that03:00
KatolaZse7en: I just need a good sleep ;P03:00
Tazygood jolly, even set up a gopher server.03:02
bluemarlinKatolaZ: enjoy sleep, you got a twisted sense of humor :)03:04
roo^ysorry to spam, but it was working fine before i ruined it with -u (or where exactly does the -u go)03:08
roo^ydate -d @777984703:08
roo^yWed Apr  1 11:04:07 AEST 197003:08
roo^ydate -d -u @777984703:08
roo^ydate: the argument ‘@7779847’ lacks a leading '+';03:08
roo^ywhen using an option to specify date(s), any non-option03:08
roo^yargument must be a format string beginning with '+'03:08
roo^yTry 'date --help' for more information.03:08
Tazytoo bad only the main site is accessible ;)03:09
roo^yi got a flooding warning, so i'm not sure if my 7 lines posted. i'll leave it at that03:09
redrickroo^y: Your seven lines of wisdom were transmitted.03:12
roo^ythx :)03:13
redrick-u is for UTC.  (I for one welcome our Greenwich overlords.)03:15
redrickNot that there's anything wrong with AEST.03:16
redrickThough in many ways, truth is longitude-dependent, you may perceive.03:17
Jjp137roo^y, try: date -ud @777984703:18
redrickI mean, if I observed AEST, at teatime it'd be the previous night, and that would never do.03:19
roo^yok. we go back to AEST in a week. currently at the end of AEDT, after summer03:20
roo^ydate -ud @777984703:20
roo^yWed Apr  1 01:04:07 UTC 197003:20
roo^ythis works!03:20
redrickWelcome to Greenwich.  There's a pedestrian tunnel to the Docklands for your convenience.03:21
redrickroo^y:  The AEST -> AEDT changeover date was presumbly earlier in 1970, FWIW.  Date calculations are a special kind of hell for coders.03:23
roo^yi wrote these 6 lines to answer repeated questions03:25
roo^yIt was worked out as typing the following into the terminal, populates april fools days03:25
roo^ydate -ud @155408065903:25
roo^yMon Apr  1 12:04:19 UTC 201903:25
roo^ydate -ud @777984703:25
roo^yWed Apr  1 11:04:07 UTC 197003:25
roo^y*note: the 4mins can represent Apr, & 19secs represent year. 70secs can't be populated, so 7secs is the next best thing03:25
redrickEt voila.03:25
watchcat.oO(green wich... green hat... another clue...)03:26
redrickΕύρηκα!  So to speak.03:26
redrickI was hoping it'd be questions like 'What is the airspeed of an unladen swallow?'03:27
watchcati propose that hencforth, the gopher should be the official devuan mascot.03:30
redrickAnd Minnesota the official Devuan Place to Not Go on Holiday.03:30
redrick(The protocol was named for the U. of Minnesota's mascot, in case the joke was too obscure.)03:31
Dsbeerfso those iso can be compromised ?03:32
roo^yDsbeerf: the ISOs are safe (unlike the incident that happened to linux mint several yrs ago03:34
Dsbeerfroo^y, ok that what i was refering to03:34
redrickDsbeerf:  It's worth learning how to check gpg signatures on ISO checksums, then you wouldn't need to ask.03:35
mns`golinux: :|03:35
Dsbeerfredrick, i admit03:35
redrick(URL illustrating how.)03:36
Dsbeerfredrick, thanks03:36
redrickSeriously, worth picking up the knack.03:36
redrickThe one bit of humbug in that transcript is where I skip over how I found the signing key.03:38
redrickI Web-searched around and found references to that key, chose to believe conditionally that the mentions weren't fraudulent, and fetched it from a keyserver.  More ideally, one would be able to verifying key authenticity using gpg web of trust, but I evidently need to attend more keysignings for that.03:46
redrickBack in the 1990s, when the Linux community was small, we used to joke about keysignings letting us play 'Six degrees of Ted T'so.'03:47
redrickAnyway, even if signing key verification's a weak point, it's IMO always worth trying to vet ISO checksums.03:48
Dsbeerfyeah well is more that nothing04:14
redrickWell, it'd require a heck of a plan to get away with having a bogus key in the public keyservers for e-mail address, especially for significantly long.04:21
redrickHuh, just checked my verification transcript, and saw that the SHA256SUM file was signed with KatolaZ's key, not the Primary Devuan signing key.04:24
redrickBut, anyway, as you say, a lot better than nothing.04:25
RyushinAre the Devuan servers that got hacked VMs or physical hardware?04:35
benjikunis this a meme04:38
furrywolfis your question nonsensical?04:39
benjikunseems like a brash april fools joke04:40
xrogaanIt is.04:40
benjikunalright, thanks lol04:40
Leanderthis 1st april thing has to die04:41
RyushinFrom the Devuan team or the hacker group?  Not so sure about it being from the Devuan team.04:41
xrogaanAt least they're not going political:
xrogaanRyushin: there is no green hat.04:41
opalthanks for trolling me04:43
opalim gullible v.v04:43
RyushinWell, reading on #devuan-dev, they don't seem to be impressed.04:43
benjikuntime to actually start using gopher again :^)04:43
RyushinLets go back to 300 baud BBS.04:44
opalgopher doesnt strike me as well-engineered; imo we just need a slimmed-down http04:44
plasma41opal: like HTTP/0.9?04:46
opalnot sure. i definitely think http/2 and beyond are too geared toward webapps, hacks upon hacks, to be any good04:47
opala lot of http/1.1+ headers for security can probably be easier managed with saner browser defaults, idk04:48
furrywolfI've been really tempted to write a news article about Trump and Pelosi's surprise marriage announcement for tomorrow.04:48
opali think content security policies are their own brand of complexity that could cause as many issues as the things theyre trying to prevent04:48
opali think anyone would agree that information such as useragent and referer are entirely arbitrary to keep in the protocol04:49
plasma41I like that both Gopher and HTTP/0.9 are stateless protocols. No cookies04:49
opalcookies/auth is a good point04:49
opaldo you think all of http should be authless and stateless04:49
opalim trying to move my stateful stuff off of the web browser. i use mail in its own client, irc obviously, xmpp04:49
plasma41auth: yes. all other forms of state: no04:50
Beerbaron23The website is now a GopherH0le!!06:55
DocScrutinizer05  yeah! ;-P08:25
guido_gglad you mentioned it, noone else did in the last 24h08:38
DocScrutinizer05indeed, I'm really fast today ;:-)08:46
watchcatyay. it just seemed to be too funny and benign to be real. :)09:12
ralpheeeelost me as an end user ...good luck !09:26
DocScrutinizer05@ ralpheeeeee09:27
DocScrutinizer05KatolaZ: excellently pitched and designed. And good "PR noise"09:28
MinceRwell played09:29
DocScrutinizer05KatolaZ: one thing that gave it away for me (after I bothered to really investigate) was the rewrite, no hacker would go to such length to establish a defacing09:33
detha All I can say is 'not funny'09:43
watchcathey but can we really adopt the caddyshack gopher as devuan mascot now?09:56
guido_gstupidity at it's best09:57
GoatAvengeris/was the Devuan crack legitimate?09:59
GoatAvengerOr was/is it an april fools joke?09:59
GoatAvengerApril fooolsss...10:06
ruenoakI do like the ascii art10:07
watchcatsomebody needs to make ascii art of a gopher wearing a green hat.10:12
DocScrutinizer05it should wear a red hat, just because...10:19
ruenoakDoes anyone if the Devuan Conference will be recorded at all? I would love to go but sadly I live at the bottom of the globe and it's a bit far.10:26
KatolaZruenoak: it will be streamed and recorded10:35
sauvinCan anybody comment on Has it really been pwned?10:58
Unit193sauvin: You might want to look at the date,
mssis the current state of the a joke or did the site really get pwned?12:05
mssi see.12:06
_abc_So, is everything back to non green hat normal?12:25
DocScrutinizer05>> It all works, but it limits Linux processes to a mere 512GB of virtual address space. Such limits are irksome to the kernel developers when the hardware can do more, and, besides, somebody is likely to release a web browser or office suite which runs into that limit in the near future.<<12:30
DocScrutinizer05   Posted Oct 14, 200412:31
djphwait, what12:40
djph512GB (Virtual) Address Space is a limit ?12:41
_abc_KatolaZ: poisonne` en Avril...12:41 makes me puke. I hope this is an april's fool12:44
DocScrutinizer05mousepointer throwing candy for sure is12:44
rafalcppit seriously lacks animated background12:50
_abc_Everyone pulled out all stops for April's fool day. Why? Halloween was meh.12:52
UlrarCongrats on the new site, I like it13:48
UlrarI wonder how many people will get it13:48
premobosshello, i have problem with date. i am located in italy, now it is 14:39 but the clock report +2 hours, I try to select the location with tzselect, but no way. also try to use command "date" to set the clock, but no way. what am i doing wrong?14:42
rrqI always have to go to "man tzselect" to remember it, you should do: dpkg-reconfigure tzdata14:45
nailyk is that true ?14:46
buZznailyk: read -all- the emails14:46
buZzspecifically ;
nailykso it was a time stamp problem :p14:47
premobossrrq, i done, but:14:47
buZznailyk: just read the link14:47
premobossCurrent default time zone: 'Europe/Rome'14:48
premobossLocal time is now:      Mon Apr  1 16:44:55 CEST 2019.14:48
premobossUniversal Time is now:  Mon Apr  1 14:44:55 UTC 2019.14:48
premobossso, the time is still +2 hours.14:48
nailykthks buZz ;)14:48
rrqpremoboss: yes, CEST is +2 right now .. according to my tzdata as well14:48
buZzpremoboss: apt install ntpdate; ntpdate ntp.xs4all.nl14:48
buZzor something14:48
premobossok, but now, in itali, is 14:4614:49
premobossnot 16:4614:49
premobossso, or italy dont follow CEST time rule ot tzdata os wrong about italy.14:49
premobossbuzz i do.14:49
buZzpremoboss: you have your system on UTC, and in the wrong time14:50
buZzyou configured the UTC of your system to the correct time in italy14:50
premobossbuZz, how to set my tine the right one?14:50
buZzntpdate with correct TZ selected should already fix it14:50
premobossBANG! gone ok. thanks.14:51
premobosson otyer side, to be 1 hour ahead gave me always on time at meetings:)))14:52
Y_Plentynhm. is it still possible to register for the devuan conference? and how?15:15
JookiaWho did the april fool's joke?15:16
buZzJookia: someone with bad taste15:18
Jookia says a 4/5 consensus is required for major decisions15:19
Evilhamnot the case I'm afraid15:20
Jookiaso katolaz did this on their own?15:21
tuxd3vI am a bit sad, it went so far..15:21
tuxd3vAt least they could have done something like15:22
tuxd3vStackOverFlow did15:22
EvilhamJookia: I didn't say that15:23
JookiaEvilham: no, i'm just assuming based on the circumstances15:23
Jookiawill we ever know who did it15:23
buZzwell, KatolaZ was first to deny it was a april fools15:24
buZzand the only one i've seen defending it15:24
Jookiabut then they also said it was an april fools joke15:25
Jookiain the email15:25
buZzKatolaZ: was there really 4/5 concensus for this joke?15:27
buZzalready numerous ppl that moved away from devuan over it :)15:28
gnarfacei think anyone who didn't realize it was a joke as soon as there was no javascript in that html and wasn't willing to wait until after april fool's to jump ship probably is dangerously irrational anyway15:29
KatolaZwow, so faithful devuan users we have...15:29
gnarfacei mean gopher, really?15:29
KatolaZanyway, it's all explained in the email15:29
buZzgnarface: well, ppl that administrate many servers dont usually kid around with such security issues15:29
Jookiagnarface: the devuan infrastructure admins were saying they were hacked and denying it was an april fools joke15:29
gnarfacewell, i'm not one of them, but i did say that might not be taken well15:30
buZzadmin* , i havent seen anyone 'back' the joke at all, beside KatolaZ15:30
Jookiai don't think it's fair to say they're dangerously irrational for believing it15:30
gnarfacei was silent about it when i should not have been15:30
buZzeven 1 hour of actually hacked could mean millions of backdoored systems15:30
Jookiakatolaz apologized and that's about all that can be done15:31
Jookiabut its just kinda weird to me that one person can make such huge modifications to a trusted server like that15:31
gnarfacereal villains would definitely have put tracking scripts on that page15:31
desperekKatolaZ, aaaaaa!15:32
buZzits just beyond bad taste, imho15:32
Jookialike if someone stole katolaz's ssh keys could they actually hack the site15:32
desperekyou also need a password for ssh Jookia15:32
Jookiassh session then15:33
despereki dont think you can stole ssh session15:33
Jookiait's a little bit scary to think that there's not a barrier with oversight for the entire website15:33
Jookianot just the contents but also the infrastructure itself15:33
Jookiausually with tech projects you see websites in github with merge requests handling changes15:34
buZzwell, infrastructure wasnt affected, all pkg mirrors etc were still up15:34
Jookiai guess it is here:
Jookiabut they changed the website without going through that review? idk15:35
Jookiaalso does devuan use debian's repos with its own packages on top? or its own entire mirrors15:39
debdogY_Plentyn: do not know myslef but all you need to know should be in this thread:
debdogKatolaZ: sorry, I do not understand?15:42
gnarfaceJookia: mostly redirects from debian mirrors (because most packages so far are not changed)15:43
JookiaIs there a list of changed packages?15:44
gnarfaceuh.. yea somewhere...15:45
gnarfaceno that's the banned packages15:45
debdogoh, assumed they were basically the same15:46
gnarfaceno those are ones that need to be forked still to just work15:46
gnarfaceso they're currently excluded15:46
gnarfacethere is somewhere in the gitlab you should be able to get the list, but also if you just search for "devuan" in, all the forked packages have devuan* in the version string15:47
gnarfaceKatolaZ: well, you made the front page on Slashdot, so mission accomplished, i guess15:50
buZzcould have done that with actual news15:54
buZzlike 'devuan moving to gopher servers'15:54
buZzinstead of causing panic for the yolo15:55
gnarfacei think this is KatolaZ's way of protesting being left in charge of the web servers during the conference15:55
buZzto ignore the 4/5 consensus needed for webpage changes?15:56
_abc_Do you see polkitd taking load up to 0.6-0.7 for no reason?15:58
* gnarface isn't using it15:58
buZzthat package isnt in devuan15:58
_abc_Ahh. systemd fun, without systemd this time.15:59
_abc_The package is in wheezy. I am trying to port linuxcnc user land to devuan ascii.15:59
buZzyou dont need policykit15:59
_abc_No success so far, missing packages which do not exist in devuan repos?15:59
_abc_Will be back about this.16:00
_abc_[not polkitd]16:00
gnarfacestuff has been renamed since wheezy16:00
_abc_I know.16:00
_abc_Made a stick with refracta2usb testing it now with persistence, using live linuxcnc wheezy 2.7 iso as source16:02
DocScrutinizer05 TIL, quite interesting16:20
Y_Plentyndebdog: thank you16:21
buZzi wonder when Klipper will get 'random ass CNC' support16:23
buZzit makes a lot more sense to me than LinuxCNC16:23
Y_Plentyn... but that not contain recent information - for example if and how it is possible after early registration16:23
Y_Plentyn... to register16:23
debdogY_Plentyn: maybe there: or contact conference@devuan.org16:32
Y_Plentyndebdog: i know the first...16:32
Y_Plentynand justr mailed the second ;)16:35
zeph1ro@KatolaZ, zuzurellone... got the time to tag and release d1h? i need the fix u made 7mo ago... ;)16:37
unixmanKatolaZ, I thought the joke was funny. I presumed it was a joke from the start. I love the fact that gopher actually works. :D16:40
desperekyea leave it like thatr16:40
Y_PlentynI liked the joke, too, and I like gopher ;)16:40
* unixman had to install a gopher client to check and was pleasantly surprised :)16:41
unixmanJust finished reading scrollback. Some folk need to get a sense of humor. Good grief. :P16:49
dethaOther folks haven't spent 3 months getting use of devuan approved by corporate security in a windows-centric company. Know what the knee-jerk reaction of ITSec types to this sort of stunt is?  :P17:02
silverwillowmeh. IPSec peeps have no sense of humour. They don't count :P17:11
buZzdetha: yeah i've seen many ppl not respond nicely17:11
buZzway more then expected by the 'prankster' i bet17:11
dethasilverwillow: count or not, they control their firewalls. And if they say 'no', you either comply or can the project.17:12
_abc_<almost systemd bashing>while looking for solutions for my current project, I found two nice links
_abc_detha: itsec suits get alarmed by an amber light on a junos box (local management ethernet down usually), jokes like the website put them into hyperventilation state, need ER.17:21
premobossKatolaZ, i read you did a minimal devuan CLI version. how to get it?17:24
KatolaZ <- premoboss17:24
premobossKatolaZ, thanks.17:25
KatolaZpremoboss: yw17:25
furrywolfI too was impressed that at least www. had working gopher.  checked last night.  :)17:40
m68000the port 70 revolution17:41
_abc_368MB for a cli only minimal edition is huuge :) But it's not your fault. Thanks for that KatolaZ.17:47
KatolaZ_abc_: it's not "just a minimal image"17:52
KatolaZit has a lot of stuff in there17:52
KatolaZbut still boots in a quite small footprint17:52
KatolaZand gives you a fully functional system :)17:52
KatolaZI agree it's not as minimal as "tomsrtbt" though ;)17:53
gnarfaceit's as small as you can reasonably expect a debian-compatible derivative to get though17:57
KatolaZwell, it could be really made slimmer, by removing some stuff17:58
KatolaZanyway, it should be pretty straightfoward to customise it using live-sdk17:58
KatolaZ_abc_: shout if you need help with that17:59
xrogaanApparently IBM is to start a non-free version of RHEL. They had enough of not being able to properly use xkbcomp with wayland.17:59
unixmanIIRC there is already a "non-free" version of RHEL. Try getting patches for an unregistered, or unpaid, or expired, RHEL subscription.18:05
furrywolfI want un-RH linux.18:05
buZzwe all do18:07
buZzxrogaan: weird18:31
buZzthere was no support for 'desktop notifications' from webpages in the 90s18:31
buZzis the joke that the cartoonist wasnt on internet in the 90s? :P18:32
buZzoh, -remove- , nmind18:32
DocScrutinizer05xrogaan: depressingly true18:33
buZzmissed <marquee> though18:33
xrogaananyhow, after today, I realize that the best way for a cracker to fuck around is to take over during the 1st of April.20:40
_abc_re: RH slime: I posted a link above some time ago about this. [relevant]21:03
_abc_ repost21:03
xrogaan_abc_: I have no idea about how to read that website21:11
_abc_scroll down until your eyes no longer hurt.21:16
_abc_At "Abstract"21:16
armin ;)21:37
_abc_With persistence on live images: is persistence-label= only supported in later (than wheezy level) distributions? It seems to not be treated in /bin/live-persistence at all.23:21
_abc_I wasted half a day trying to make it work23:21
_abc_Normally if "persistence" is on the kernel cli then something in the init scripts should call /bin/live-persistence, no?23:22

Generated by 2.17.0 by Marius Gedminas - find it at!