freenode/#devuan/ Sunday, 2019-04-07

redrickKatolaZ:  Notice that domain registration for Internet domains dyne.org and devuan.org currently use 'private WHOIS', which I vaguely recall was not the case before (but could be wrong).  Is the concealing of WHOIS data our project's decision, or something the registrars have done?  https://pastebin.com/9E3d5xrv  I ask in part because I've observed registrars making that change on GDPR grounds without consulting the Registrant.01:50
DonkeyHotei(and sometimes they charge a fee for doing so, also without asking)01:51
redrickMy own domains linuxmafia.com and unixmercenary.net suddenly went 'private', because I use an NZ registrar who's a reseller of 1API Gmbh in Germany, and the latter did that to all customers including me to my surprise.01:51
tuxd3vI also noticed that01:52
tuxd3von devuan01:52
redrickI keep my domains as much as possible out of the reach of the crazier governments of this world, as much as I can as a Californian.  ;->01:52
* redrick waves at aicra01:53
watchcat.onion addresses, on the other hand, are free, anonymous, and active immediately.02:02
redrickAnd sought-after anonymity is wonderful.  The accidental, unsought kind can be problematic.02:03
redrickAs it happened, when the gopher prank was launched a week ago, although I was busy with visiting houseguests, as per habit I did some basic checks starting with seeing if the devuan.org domain had expired or been hijacked.02:05
redrickThe WHOIS returned then, as now, doesn't include usable names/addresses/e-mail/telephone numbers for the usual public contacts.02:06
redrickAlthough admittedly Views Differ[tm] on this, my own policy is that real name, addresses, e-mail, phone data in WHOIS is essential, including diversity among them to avert SPoF, and including out-of-band routing of mail, so you don't miss crucial communication including renewal notices, and so you can reliably get 'Dude, there's a problem with your domain' mails.02:09
watchcati see your point.02:11
redrickSo, e.g., my Registrant contact for my domains uses a monitored mailbox on my wife's domain and server, so 'dude, your server is down' mails reach me if my server is down, and 'dude, your domain is broken' mails reach me if my domain is broken.02:12
redrickAnd, for the record, I really liked the prank, too.04:46
redrickEh, wrong window.04:47
watchcatheh05:00
redrickwatchcat:  It was a comment directly to KatolaZ, actually.  Although my view has shades of grey, to be honest.  I've long worried about a major open source project being taken down by security exploit on or just before April 1, as that would be one of the times sysadmin response would be impaired, along with New Year's Eve, etc.06:23
redrickThis isn't even the first open source project claiming such a security breach.  I've always responded with good security advice in case it's real but on a fake-seeming occasion.06:24
redrickAlthough in this case, the notion of intruders converting the compromised site to gopher was an adequate tip-off to anyone who stopped to thing.  Not a credible real-world outcome, ergo, nicely done on balance.06:25
redrickthink, not thing.06:26
redrickSo, on the one hand, I have sympathy to those who say it's uncool to do a prank about security breaches.  OTOH, a total site conversion to gopher on 70/tcp?  Really?06:27
furrywolfif something is worth doing...  :P06:28
redrickIt really almost qualifies as a moby hack.  Huge points for style, in my view.06:29
redrickIMO, the perfect April Fools prank is one that's presented in a completely, consistently deadpan fashion, but if you stop to think is ludicrous.  BBC set the benchmark for that in 1957, in its report about the traditional speghetti harvet in Switzerland.  https://www.youtube.com/watch?v=tVo_wkxH9dU  Callers to Auntie Beeb who asked for advice about how to grow their own spaghetti trees were told 'place a sprig of spaghetti in a tin of tomato sauce and hope fo06:40
redrickThat clip is IMO worth the time of anyone who hasn't yet seen it.  62 years, and still hilarious.06:43
furrywolfI've seen it.  :)06:51
xrogaannext presentation soon: presentations are going on16:29
* xrogaan sight16:29
xrogaannext presentation soon: https://www.youtube.com/watch?v=_ULy7jBnXdo16:29
xrogaan"How to sell dev1 to your organisation"16:29
Akuliif i have a devuan with xfce desktop, how do i switch to mate? i tried installing task-mate-desktop, but mate-session doesn't run automatically on login after installing that19:22
Akulinevermind, seems like i just needed to remove all the xfce stuff and update-alternatives started using mate-session correctly19:27
xrogaanthe dyne.org youtube channel is still reported as "live"20:06
Hypertableswhy do I keep getting hash sum mismatch: https://paste.ee/p/vFsEO23:43
gnarfacei'd like to help but i'm not clicking there, too paranoid23:45
gnarfacedid you download the image with https?23:45
gnarfaceit may or may not matter23:45
Hypertableshttps://paste.debian.net/1076607/23:46
HypertablesI installed with debootstrap, not iso image23:46
gnarfacehmmm, looks like a problem, for sure, though i do note you have some non-devuan sources in there.23:47
gnarfacethey may have caused this problem indirectly, with stuff you installed from there previously23:47
gnarfaceor it maybe could just be that you got unlucky and hit a repo in the round-robin that is currently updating... does it happen on this same file every time?23:48
Hypertableswell it happens every time23:48
Hypertablesyes I just got the same error23:49
gnarfaceand that command is just "apt-get update" ?23:49
Hypertablesyes23:49
gnarfacelemme test here, stand by23:50
Hypertablesmaybe I have a bad sources.list23:50
Hypertableshttps://paste.debian.net/1076609/ <-- my sources.list23:51
gnarfacetry it with just deb.devuan.org or pkgmaster.devuan.org to see if that makes a difference.  comment out that node.js thing for now too23:54
gnarfacehttp://paste.debian.net/1076610/23:55
gnarfacethis is working for me right now23:56
gnarfaceit suggests the problem is either with your dns resolution or something you installed from one of those 3rd party repos23:56
xrogaanyou might be getting a bad mirror, KatolaZ might help you in that case.23:56
Jjp137for the record, us.deb.devuan.org works for me currently (I know it doesn't do anything special right now), but yea just simplify your sources.list for now23:57
Hypertableswell I tried pkgmaster and now the difference between latest modification time and release file created is narrower but I still get the errors23:58
xrogaanyou shouldn't use us.deb nor pkgmaster23:58
xrogaanuse deb.devuan.org23:58

Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!