libera/#devuan/ Monday, 2019-04-01

Venker	'Green hats' is too obvious, unless this was planified to seem a joke instead of a real attack	00:02
tuxd3v	Yes to obvious	00:04
tuxd3v	but who, exactly?	00:05
tuxd3v	that's the problem..	00:05
Venker	Fear, uncertainty and doubt	00:06
tuxd3v	OVH should habe ips of conections made to the site, when it was takn off	00:06
tuxd3v	habe -->have	00:06
tuxd3v	also they can block ssh trafic to the servers..	00:07
tuxd3v	And why devuan..	00:15
tuxd3v	Its a free software organization, with lots of cultural values..	00:16
_abc_	Because red hats are considered more free and better organized?	00:18
Venker	for being unruly to Hydra mainlines	00:18
watchcat	spoze this was a real pwnjob. you'd have a topic change. you have a guy here assuring everyone it's being worked on. in fact, it even would have been fixed by now. conclusion: lirpa loof did it.	00:20
KatolaZ	watchcat: we have said several times we are working on it	00:21
KatolaZ	:\	00:21
KatolaZ	we have got contact with the customer service of the provider	00:22
KatolaZ	we are trying to get back access to the consoles	00:22
KatolaZ	I just sent an update on DNG	00:23
Venker	The last tweets from the official Devuan account are legit?	00:29
KatolaZ	Venker: which tweets?	00:34
targz	KatolaZ: 3 in the last hour	00:36
Venker	"[...] we'll have a fresh campfire and time to plan next moves, hopefully aligned with the #GreenHat hackers, who are now our new overlords."	00:36
Venker	https://twitter.com/DevuanOrg/status/1112476085244096513	00:37
Venker	those texts, in somewhat way, admit defeat	00:38
redrick	Venker: I don't speak for Devuan Project in any way, but it seems to me those tweets reflect a sense of humour while waiting for the hosting provider to help with access to regain control.	00:40
KatolaZ	Venker: what can you go against Green Hat Hackers?	00:40
KatolaZ	https://idle.slashdot.org/story/19/03/31/212227/devuanorg-now-points-to-pwned-page-with-gopher-urls	00:40
KatolaZ	it's even on shashdot!	00:40
Venker	redrick: it could be	00:41
KatolaZ	if anybody can help finding a clue	00:44
KatolaZ	they asked us to focus on the last line of the pwned page	00:44
KatolaZ	"BOTH 7779847 AND 1554080659 ARE PRIME NUMBERS"	00:44
KatolaZ	o_O	00:45
Venker	I'm looking for help	00:45
KatolaZ	please Venker	00:45
KatolaZ	thanks for your support	00:45
Venker	you are welcome ;-)	00:45
meandrain	hi, guys can you tell me (and point me to some direction) how you deal with packages that require systemd? Do you have some kind of wrapper or you use older versions of those packages?	00:46
KatolaZ	meandrain: packages that require systemd are banned	00:47
KatolaZ	those which require libsystemd or libpam-systemd still work	00:47
DonkeyHotei	https://pkgmaster.devuan.org/bannedpackages.txt	00:47
meandrain	thank you! I'll start from there	00:47
Venker	KatolaZ: a user suggests it could be refering to p and q in RSA cypher	00:48
KatolaZ	we tried that but no success	00:48
KatolaZ	they are too small as p and q	00:48
redrick	KatolaZ: They may have asked you to concentrate on that question, but as an SA I'd concentrate on the traditional ones: How was entry and compromise accomplished, how to rebuild/restore, how to prevent recurrence.	00:49
KatolaZ	redrick: they really insisted on that line though	00:50
redrick	Sometimes you cannot determine answer to the first question in reasonable time, so you attend to basics, issue new credentials, study and tighten as you can.	00:50
Venker	Did you find any cyphered message or file?	00:50
KatolaZ	so there must be something in those two numbers	00:50
roo^y	Mind your Ps and Qs is an English language expression meaning "mind your manners", "mind your language", "be on your best behaviour", "watch what you're doing" or similar -Wikipedia	00:50
redrick	KatolaZ: Sure, but do you-plural really care? If it were my site, I wouldn't.	00:51
DonkeyHotei	also, what roo^y said	00:51
redrick	In 2005, I had defacement of my site front page because I'd stupidly had index.html writable by www-data and a bug in Apache2 got exploited. I overreaced and assumed root compromise in error, and rebuilt. Figured that part out later. http://linuxmafia.com/news.html	00:54
redrick	(That was back before I said 'Screw PHP; I'm not going to expose it at all to public netwworks any more.')	00:55
tuxd3v	redrick, agree	00:56
KatolaZ	redrick: some of the comments on /. actually suggest a way through	00:56
zeph1ro	@KatolaZ, what do u mean too small? the example at https://en.wikipedia.org/wiki/RSA_(cryptosystem) seems to be giving back a valid public/private key... that might be used to ssh into the system	00:57
zeph1ro	no?	00:57
redrick	I still run /usr/bin/php5 from some cron jobs to generate static HTML, though. It turned out, lazy coders including yr. humble servant had treated page sets as dynamic when they didn't need to be.	00:57
redrick	KatolaZ: Having a look at /.	00:58
tuxd3v	KatolaZ,	00:58
tuxd3v	root@desktop0:~# date -d @1554080659	00:58
tuxd3v	Mon 1 Apr 02:04:19 WEST 2019	00:58
tuxd3v	its a timestamp..	00:58
KatolaZ	oh really!?!	00:58
KatolaZ	and what about the other one?	00:58
snookiex	pretends to be shocked	00:59
zeph1ro	gms@roger:~$ date -d @7779847	00:59
zeph1ro	mer 1 apr 1970, 02.04.07, CET	00:59
zeph1ro	same...	00:59
zeph1ro	xD	00:59
KatolaZ	:D	00:59
zeph1ro	dude... good night, i gotta work tomorrow	00:59
zeph1ro	:D	00:59
KatolaZ	that was the first April's fool in the Unix Era!	00:59
KatolaZ	OMG!	00:59
zeph1ro	ROTFL	00:59
* KatolaZ hides away		00:59
Venker	O_o	01:00
KatolaZ	actually, i guess they work better in UTC	01:00
redrick	I'm trying to find the /. comments in question, but, seriously, if the host is (or is probably) root-compromised, then best practices is to rebuild.	01:00
KatolaZ	70/4/1 1:4:07	01:00
KatolaZ	19/4/1 1:4:19	01:00
KatolaZ	redrick: date -d @7779847	01:01
KatolaZ	date -d @1554080659	01:01
DonkeyHotei	$ date -ud @7779847	01:01
DonkeyHotei	Wed Apr 1 01:04:07 UTC 1970	01:01
DonkeyHotei	$ date -ud @1554080659	01:01
DonkeyHotei	Mon Apr 1 01:04:19 UTC 2019	01:01
tuxd3v	but why 12 minutes diference?	01:02
DonkeyHotei	seconds	01:02
tuxd3v	thanks yes that is..	01:02
KatolaZ	01:02 < KatolaZ> 70/4/1 1:4:07	01:03
KatolaZ	01:02 < KatolaZ> 19/4/1 1:4:19	01:03
va7lnx	stack exchange is having April Fools day fun: https://superuser.com/questions/346958/can-the-telnet-or-netcat-clients-communicate-over-ssl	01:04
Venker	if you substract both numbers, the resulting timestamp is	01:04
Venker	$ date -ud @1546300812	01:04
Venker	mar ene 1 00:00:12 UTC 2019	01:04
KatolaZ	good job Venker	01:05
DonkeyHotei	49 years and 12 seconds	01:05
roo^y	59	01:05
KatolaZ	bad maths roo^y	01:06
Venker	but why the 1st of january...?	01:06
Venker	(I'm just trying combinations)	01:06
DonkeyHotei	april, not jan	01:06
KatolaZ	Venker: april	01:06
Venker	ene = jan	01:07
DonkeyHotei	because you subtracted, so it ceased to be a date	01:07
Venker	I tried ^_^U	01:08
tuxd3v	it was when time started to be counted on unix systems	01:08
tuxd3v	root@desktop0:~# date -ud @0	01:08
tuxd3v	Thu 1 Jan 00:00:00 UTC 1970	01:08
tuxd3v	but the 12 seconds..don't get it..	01:08
DonkeyHotei	Venker: if you take the unix time of today and subtract the unix time of a year ago today, then convert that to a date, guess what month it'll be	01:09
KatolaZ	tuxd3v: not all numbers are prime numbers...	01:09
Venker	1554080659-7779847=1546300812. Which is Tue Jan 1 00:00:12 UTC 2019	01:14
Venker	not April	01:14
tuxd3v	January	01:14
KatolaZ	-_-	01:14
Venker	and still the same 12 seconds	01:14
DonkeyHotei	Venker: if you take the unix time of today and subtract the unix time of a year ago today, then convert that to a date, guess what month it'll be	01:14
tuxd3v	root@desktop0:~# date -ud @$(bc<<<'1554080659-1554080659')	01:18
tuxd3v	Thu 1 Jan 00:00:00 UTC 1970	01:18
tuxd3v	they are limits	01:18
KatolaZ	o_O	01:18
tuxd3v	this gives the exact timestamp '0'(zero)	01:19
tuxd3v	no more 12 seconds	01:19
tuxd3v	wait	01:19
tuxd3v	I messed it up	01:19
tuxd3v	lool	01:19
KatolaZ	tuxd3v: :D	01:19
desperek	these are unix timestamps	01:19
desperek	1 apr 1:04 today gmt and in 1970	01:19
tuxd3v	loolroot@desktop0:~# date -ud @$(bc<<<'1554080659-7779847')	01:20
tuxd3v	Tue 1 Jan 00:00:12 UTC 2019	01:20
desperek	you are doing it wrong	01:20
desperek	the numbers alone	01:21
abcabc__	one hopes that NO keys or pwds were shared by any of the devuan devs between main site and repo/other hosts. Right KatolaZ ?	01:22
KatolaZ	abcabc__: have you had a look at those numbers?	01:23
abcabc__	no. Why?	01:23
desperek	isnt the answer 7 or 49?	01:24
KatolaZ	the key is there	01:24
KatolaZ	desperek: much easier	01:24
abcabc__	They're primes, no? And nix dates.	01:24
desperek	yes	01:24
desperek	its today 1:04 gmt	01:24
desperek	and in 1970	01:24
KatolaZ	01:05 <KatolaZ> date -d @7779847	01:24
KatolaZ	01:05 <KatolaZ> date -d @1554080659	01:24
KatolaZ	yep	01:24
KatolaZ	EOT	01:24
desperek	the difference is 49 years	01:24
desperek	and 7 is sqrt of 49	01:25
abcabc__	i saw that.	01:25
desperek	7 is also a prime number	01:25
KatolaZ	it's today	01:25
KatolaZ	yes	01:25
KatolaZ	today	01:25
abcabc__	numerology?	01:25
desperek	also the port to gopher is 70	01:26
tuxd3v	Port 70	01:26
tuxd3v	1970	01:26
abcabc__	and?	01:27
desperek	difference between the dates is exactly 49 years	01:27
KatolaZ	today abcabc__	01:27
KatolaZ	yes desperek	01:27
desperek	sqrt of 49 is 7 and 70 is the gopher port	01:27
KatolaZ	'cause this year unix turns 50...	01:27
KatolaZ	:)	01:27
Venker	any of your devs is 49 or 50?	01:28
abcabc__	gopher is a cool name, go far.	01:28
* abcabc__ is 51 i think		01:28
tuxd3v	:;D	01:29
DonkeyHotei	if you take the difference of Oct 9 2011 and Oct 9 2010, then convert it to a date, it will be Jan 1 too	01:29
desperek	ALSO 1:04 is 1st of April	01:30
desperek	cus april is the 4th month	01:30
KatolaZ	oh!	01:30
DonkeyHotei	because the difference between two dates is not itself a date	01:30
KatolaZ	70/4/1 1:04:07	01:30
KatolaZ	19/4/1 1:04:19	01:30
desperek	it makes more sense in a normal date format	01:30
KatolaZ	OMG	01:30
DonkeyHotei	they are palidromes	01:30
tuxd3v	ies	01:31
DonkeyHotei	they are palindromes*	01:31
tuxd3v	1970	01:31
desperek	oh yeah then yes	01:31
tuxd3v	19 + 07	01:31
desperek	well, not exactly palindromes i would argue	01:31
tuxd3v	1970	01:31
tuxd3v	1970/04/01	01:31
desperek	maybe the answer is 2000?	01:32
desperek	ok nvm that	01:32
tuxd3v	:D	01:32
tuxd3v	1970/04/01 1:04 - 19:07	01:33
KatolaZ	desperek: the answer is today	01:34
desperek	like the word today?	01:34
KatolaZ	no today like today	01:34
tuxd3v	between 1:04 and 19_07?	01:35
tuxd3v	hours	01:35
KatolaZ	-_-	01:35
desperek	hm	01:35
tuxd3v	humm	01:35
desperek	well, go for it then maybe? idk	01:35
desperek	or unix	01:35
desperek	or april fools	01:35
desperek	or unix april fools :D	01:35
* KatolaZ looks at desperek and thinks "I like this chap..."		01:36
desperek	yea this truly is a magical date tbh	01:36
desperek	:p i've got to go to sleep soon though :D	01:37
desperek	i was also thinking of doing and on sole numbers but i dont think this would be the answer	01:39
KatolaZ	desperek: you are done	01:39
KatolaZ	the answer is today	01:39
desperek	just that the binary form of it is kinda palindrome	01:39
desperek	KatolaZ, no, but is it really like the answer that's accepted and all or not :e	01:40
desperek	well, anyways, good night	01:40
tuxd3v	any way how to we know that the answer is correct?	01:40
redrick	'Good night, Westley. I'll probably kill you in the morning.'	01:41
KatolaZ	thanks redrick	01:42
KatolaZ	12 hours is a whole lot of time ;)	01:42
redrick	Princess Bridge quotations while you wait.	01:42
redrick	Er, Bride.	01:42
KatolaZ	o_O	01:42
redrick	Dammit, where's that coffee?	01:43
KatolaZ	hehehehe	01:43
Venker	I'm gonna leave, too	01:44
Venker	Forza, admins!	01:44
redrick	Buona notte!	01:45
tuxd3v	Ciao	01:45
redrick	A domani, even.	01:45
KatolaZ	SYL redrick	01:46
redrick	Ta-ta.	01:46
KatolaZ	beware of green hats...	01:46
tuxd3v	zumba	01:46
tuxd3v	right now they are blue hats	01:47
tuxd3v	:)	01:47
redrick	på gjensyn.	01:47
mns`	by this time, i hope the devuan domain have been pointed to another server ...	02:19
KatolaZ	mns`: have a look at /.	02:19
mns`	ok	02:19
KatolaZ	and at the calendar	02:19
mns`	Is it a april fools joke?	02:22
KatolaZ	mns`: date -d @1554080659	02:23
mns`	because I'm not laughing	02:23
mns`	i saw that	02:23
opal	lol	02:24
opal	glad to see devuan has switched to gopher Kappa	02:25
golinux	mns`: I'm not laughing either	02:31
bluemarlin	you sure those two primes aren't a hint - like you should construct private key from them and access the servers?	02:38
KatolaZ	bluemarlin: date -d @1554080659	02:39
KatolaZ	:)	02:39
bluemarlin	ah	02:39
se7en	So is this or is this not a joke by devuan	02:50
se7en	Or is it by a malicious hacker for april fools day	02:50
se7en	KatolaZ:	02:51
KatolaZ	se7en: wazzup?	02:51
se7en	is this a joke by Devuan or is it by a malicious actor for april fools day	02:51
se7en	I know of hacking groups hacking websites for april fools day	02:52
KatolaZ	$ date -d @1554080659	02:52
se7en	Yeah, I know	02:52
KatolaZ	se7en: do you have any contact with green hat hackers?	02:52
se7en	no	02:52
se7en	I have never heard the term befoee	02:52
KatolaZ	I see	02:52
se7en	I am just unsure if this is a joke by Devuan or if it is by another party	02:52
KatolaZ	$ date -d @1554080659	02:52
bluemarlin	i would expect them to operate from underground irish pub though	02:52
se7en	KatolaZ: yeah I know	02:53
se7en	[17:51 se7en@lappy ~] > date -d @1554080659	02:53
se7en	Sun Mar 31 18:04:19 PDT 2019	02:53
se7en	April Fools Day	02:53
se7en	I know	02:53
se7en	But is it by you	02:53
KatolaZ	bluemarlin: you never know, it could be from a lagune	02:53
mns`	by now, i guess its a 'inside job' joke	02:53
se7en	or is it by a hacker	02:53
KatolaZ	se7en: the pwned page says "Green Hat Hackers"	02:53
KatolaZ	so it must be form some hacker of sort	02:54
se7en		02:54
KatolaZ	bluemarlin: if anybody asks, just tell them `date -d @1554080659`	02:57
KatolaZ	o/	02:57
se7en	KatolaZ: you need to add a -u to that	03:00
KatolaZ	se7en: I just need a good sleep ;P	03:00
Tazy	good jolly, even set up a gopher server.	03:02
bluemarlin	KatolaZ: enjoy sleep, you got a twisted sense of humor :)	03:04
roo^y	sorry to spam, but it was working fine before i ruined it with -u (or where exactly does the -u go)	03:08
roo^y	date -d @7779847	03:08
roo^y	Wed Apr 1 11:04:07 AEST 1970	03:08
roo^y	date -d -u @7779847	03:08
roo^y	date: the argument ‘@7779847’ lacks a leading '+';	03:08
roo^y	when using an option to specify date(s), any non-option	03:08
roo^y	argument must be a format string beginning with '+'	03:08
roo^y	Try 'date --help' for more information.	03:08
Tazy	too bad only the main site is accessible ;)	03:09
roo^y	i got a flooding warning, so i'm not sure if my 7 lines posted. i'll leave it at that	03:09
redrick	roo^y: Your seven lines of wisdom were transmitted.	03:12
roo^y	thx :)	03:13
redrick	-u is for UTC. (I for one welcome our Greenwich overlords.)	03:15
redrick	Not that there's anything wrong with AEST.	03:16
redrick	Though in many ways, truth is longitude-dependent, you may perceive.	03:17
Jjp137	roo^y, try: date -ud @7779847	03:18
redrick	I mean, if I observed AEST, at teatime it'd be the previous night, and that would never do.	03:19
roo^y	ok. we go back to AEST in a week. currently at the end of AEDT, after summer	03:20
roo^y	date -ud @7779847	03:20
roo^y	Wed Apr 1 01:04:07 UTC 1970	03:20
roo^y	this works!	03:20
redrick	Welcome to Greenwich. There's a pedestrian tunnel to the Docklands for your convenience.	03:21
roo^y	niiiiiiiice	03:21
redrick	https://en.wikipedia.org/wiki/Greenwich_foot_tunnel	03:22
redrick	roo^y: The AEST -> AEDT changeover date was presumbly earlier in 1970, FWIW. Date calculations are a special kind of hell for coders.	03:23
roo^y	i wrote these 6 lines to answer repeated questions	03:25
roo^y	It was worked out as typing the following into the terminal, populates april fools days	03:25
roo^y	date -ud @1554080659	03:25
roo^y	Mon Apr 1 12:04:19 UTC 2019	03:25
roo^y	date -ud @7779847	03:25
roo^y	Wed Apr 1 11:04:07 UTC 1970	03:25
roo^y	*note: the 4mins can represent Apr, & 19secs represent year. 70secs can't be populated, so 7secs is the next best thing	03:25
redrick	Et voila.	03:25
watchcat	.oO(green wich... green hat... another clue...)	03:26
redrick	Εύρηκα! So to speak.	03:26
redrick	I was hoping it'd be questions like 'What is the airspeed of an unladen swallow?'	03:27
watchcat	i propose that hencforth, the gopher should be the official devuan mascot.	03:30
redrick	And Minnesota the official Devuan Place to Not Go on Holiday.	03:30
redrick	(The protocol was named for the U. of Minnesota's mascot, in case the joke was too obscure.)	03:31
Dsbeerf	so those iso can be compromised ?	03:32
roo^y	Dsbeerf: the ISOs are safe (unlike the incident that happened to linux mint several yrs ago	03:34
Dsbeerf	roo^y, ok that what i was refering to	03:34
redrick	Dsbeerf: It's worth learning how to check gpg signatures on ISO checksums, then you wouldn't need to ask.	03:35
mns`	golinux: :\|	03:35
watchcat	http://www.bakingdom.com/wp-content/uploads/2010/09/caddyshack-gopher.jpg	03:35
Dsbeerf	redrick, i admit	03:35
redrick	https://pastebin.com/1dX5XG7W	03:35
redrick	(URL illustrating how.)	03:36
Dsbeerf	redrick, thanks	03:36
redrick	Seriously, worth picking up the knack.	03:36
redrick	The one bit of humbug in that transcript is where I skip over how I found the signing key.	03:38
Dsbeerf	ok	03:42
redrick	I Web-searched around and found references to that key, chose to believe conditionally that the mentions weren't fraudulent, and fetched it from a keyserver. More ideally, one would be able to verifying key authenticity using gpg web of trust, but I evidently need to attend more keysignings for that.	03:46
redrick	Back in the 1990s, when the Linux community was small, we used to joke about keysignings letting us play 'Six degrees of Ted T'so.'	03:47
redrick	Anyway, even if signing key verification's a weak point, it's IMO always worth trying to vet ISO checksums.	03:48
Dsbeerf	yeah well is more that nothing	04:14
redrick	Well, it'd require a heck of a plan to get away with having a bogus key in the public keyservers for e-mail address repository@devuan.org, especially for significantly long.	04:21
redrick	Huh, just checked my verification transcript, and saw that the SHA256SUM file was signed with KatolaZ's key, not the Primary Devuan signing key.	04:24
redrick	But, anyway, as you say, a lot better than nothing.	04:25
Ryushin	Are the Devuan servers that got hacked VMs or physical hardware?	04:35
benjikun	is this a meme	04:38
benjikun	???	04:38
furrywolf	is your question nonsensical?	04:39
benjikun	seems like a brash april fools joke	04:40
xrogaan	It is.	04:40
benjikun	alright, thanks lol	04:40
Leander	this 1st april thing has to die	04:41
Ryushin	From the Devuan team or the hacker group? Not so sure about it being from the Devuan team.	04:41
xrogaan	At least they're not going political: https://www.tuxfamily.org/en/news/2019040100	04:41
xrogaan	Ryushin: there is no green hat.	04:41
opal	thanks for trolling me	04:43
opal	im gullible v.v	04:43
Ryushin	Well, reading on #devuan-dev, they don't seem to be impressed.	04:43
benjikun	time to actually start using gopher again :^)	04:43
Ryushin	Lets go back to 300 baud BBS.	04:44
opal	gopher doesnt strike me as well-engineered; imo we just need a slimmed-down http	04:44
plasma41	opal: like HTTP/0.9?	04:46
opal	not sure. i definitely think http/2 and beyond are too geared toward webapps, hacks upon hacks, to be any good	04:47
opal	a lot of http/1.1+ headers for security can probably be easier managed with saner browser defaults, idk	04:48
furrywolf	I've been really tempted to write a news article about Trump and Pelosi's surprise marriage announcement for tomorrow.	04:48
opal	i think content security policies are their own brand of complexity that could cause as many issues as the things theyre trying to prevent	04:48
opal	i think anyone would agree that information such as useragent and referer are entirely arbitrary to keep in the protocol	04:49
plasma41	I like that both Gopher and HTTP/0.9 are stateless protocols. No cookies	04:49
opal	cookies/auth is a good point	04:49
opal	do you think all of http should be authless and stateless	04:49
opal	im trying to move my stateful stuff off of the web browser. i use mail in its own client, irc obviously, xmpp	04:49
plasma41	auth: yes. all other forms of state: no	04:50
opal	hm	04:50
Beerbaron23	The website is now a GopherH0le!!	06:55
DocScrutinizer05	https://www.devuan.org/pwned.html yeah! ;-P	08:25
guido_g	glad you mentioned it, noone else did in the last 24h	08:38
DocScrutinizer05	indeed, I'm really fast today ;:-)	08:46
KatolaZ	https://lists.dyne.org/lurker/message/20190401.070222.844cb081.en.html	09:07
watchcat	yay. it just seemed to be too funny and benign to be real. :)	09:12
ralpheeee	lost me as an end user ...good luck !	09:26
DocScrutinizer05	LOL	09:27
DocScrutinizer05	@ ralpheeeeee	09:27
DocScrutinizer05	KatolaZ: excellently pitched and designed. And good "PR noise"	09:28
MinceR	rotfl	09:29
MinceR	well played	09:29
KatolaZ	https://lists.dyne.org/lurker/message/20190401.070222.844cb081.en.html	09:29
DocScrutinizer05	KatolaZ: one thing that gave it away for me (after I bothered to really investigate) was the rewrite, no hacker would go to such length to establish a defacing	09:33
detha	All I can say is 'not funny'	09:43
watchcat	hey but can we really adopt the caddyshack gopher as devuan mascot now?	09:56
guido_g	stupidity at it's best	09:57
GoatAvenger	is/was the Devuan crack legitimate?	09:59
GoatAvenger	Or was/is it an april fools joke?	09:59
watchcat	https://lists.dyne.org/lurker/message/20190401.070222.844cb081.en.html	10:01
GoatAvenger	April fooolsss...	10:06
GoatAvenger	:)	10:06
ruenoak	I do like the ascii art	10:07
watchcat	somebody needs to make ascii art of a gopher wearing a green hat.	10:12
DocScrutinizer05	it should wear a red hat, just because...	10:19
ruenoak	Does anyone if the Devuan Conference will be recorded at all? I would love to go but sadly I live at the bottom of the globe and it's a bit far.	10:26
KatolaZ	ruenoak: it will be streamed and recorded	10:35
ruenoak	Fantastic!	10:39
sauvin	Can anybody comment on https://www.devuan.org? Has it really been pwned?	10:58
Unit193	sauvin: You might want to look at the date, https://lists.dyne.org/lurker/message/20190401.070222.844cb081.en.html	11:00
mss	is the current state of the devuan.org a joke or did the site really get pwned?	12:05
mss	got*	12:05
KatolaZ	https://lists.dyne.org/lurker/message/20190401.070222.844cb081.en.html	12:05
mss	i see.	12:06
_abc_	So, is everything back to non green hat normal?	12:25
KatolaZ	_abc_: https://lists.dyne.org/lurker/message/20190401.070222.844cb081.en.html	12:28
DocScrutinizer05	>> It all works, but it limits Linux processes to a mere 512GB of virtual address space. Such limits are irksome to the kernel developers when the hardware can do more, and, besides, somebody is likely to release a web browser or office suite which runs into that limit in the near future.<<	12:30
DocScrutinizer05	https://lwn.net/Articles/106177/ Posted Oct 14, 2004	12:31
djph	wait, what	12:40
djph	512GB (Virtual) Address Space is a limit ?	12:41
_abc_	KatolaZ: poisonne` en Avril...	12:41
DocScrutinizer05	stackoverflow.com makes me puke. I hope this is an april's fool	12:44
DocScrutinizer05	mousepointer throwing candy for sure is	12:44
rafalcpp	it seriously lacks animated background	12:50
_abc_	Everyone pulled out all stops for April's fool day. Why? Halloween was meh.	12:52
Ulrar	Congrats on the new site, I like it	13:48
Ulrar	I wonder how many people will get it	13:48
premoboss	hello, i have problem with date. i am located in italy, now it is 14:39 but the clock report +2 hours, I try to select the location with tzselect, but no way. also try to use command "date" to set the clock, but no way. what am i doing wrong?	14:42
rrq	I always have to go to "man tzselect" to remember it, you should do: dpkg-reconfigure tzdata	14:45
nailyk	https://lists.dyne.org/lurker/message/20190331.191104.169aaf9a.en.html is that true ?	14:46
buZz	nailyk: read -all- the emails	14:46
buZz	specifically ; https://lists.dyne.org/lurker/message/20190401.070222.844cb081.en.html	14:47
nailyk	so it was a time stamp problem :p	14:47
premoboss	rrq, i done, but:	14:47
buZz	nailyk: just read the link	14:47
premoboss	Current default time zone: 'Europe/Rome'	14:48
premoboss	Local time is now: Mon Apr 1 16:44:55 CEST 2019.	14:48
premoboss	Universal Time is now: Mon Apr 1 14:44:55 UTC 2019.	14:48
premoboss	so, the time is still +2 hours.	14:48
nailyk	thks buZz ;)	14:48
rrq	premoboss: yes, CEST is +2 right now .. according to my tzdata as well	14:48
buZz	premoboss: apt install ntpdate; ntpdate ntp.xs4all.nl	14:48
buZz	or something	14:48
premoboss	ok, but now, in itali, is 14:46	14:49
premoboss	not 16:46	14:49
premoboss	so, or italy dont follow CEST time rule ot tzdata os wrong about italy.	14:49
premoboss	buzz i do.	14:49
buZz	premoboss: you have your system on UTC, and in the wrong time	14:50
buZz	you configured the UTC of your system to the correct time in italy	14:50
premoboss	buZz, how to set my tine the right one?	14:50
buZz	ntpdate with correct TZ selected should already fix it	14:50
premoboss	ok	14:50
premoboss	BANG! gone ok. thanks.	14:51
buZz	:)	14:51
premoboss	on otyer side, to be 1 hour ahead gave me always on time at meetings:)))	14:52
buZz	:P	14:55
Y_Plentyn	hm. is it still possible to register for the devuan conference? and how?	15:15
Jookia	Who did the april fool's joke?	15:16
buZz	Jookia: someone with bad taste	15:18
Jookia	https://devuan.org/os/team/ says a 4/5 consensus is required for major decisions	15:19
Evilham	not the case I'm afraid	15:20
Jookia	so katolaz did this on their own?	15:21
tuxd3v	I am a bit sad, it went so far..	15:21
tuxd3v	At least they could have done something like	15:22
tuxd3v	StackOverFlow did	15:22
tuxd3v	https://stackoverflow.com/questions/3817750/how-to-convert-date-to-unix-timestamp-in-shell-script-on-macos	15:22
Evilham	Jookia: I didn't say that	15:23
Jookia	Evilham: no, i'm just assuming based on the circumstances	15:23
Jookia	will we ever know who did it	15:23
buZz	well, KatolaZ was first to deny it was a april fools	15:24
buZz	and the only one i've seen defending it	15:24
Jookia	but then they also said it was an april fools joke	15:25
Jookia	in the email	15:25
KatolaZ	https://lists.dyne.org/lurker/message/20190401.132526.1a220dc3.en.html	15:26
buZz	KatolaZ: was there really 4/5 concensus for this joke?	15:27
buZz	consensus*	15:27
buZz	already numerous ppl that moved away from devuan over it :)	15:28
desperek	hmm	15:28
desperek	hi	15:28
gnarface	i think anyone who didn't realize it was a joke as soon as there was no javascript in that html and wasn't willing to wait until after april fool's to jump ship probably is dangerously irrational anyway	15:29
KatolaZ	wow, so faithful devuan users we have...	15:29
gnarface	i mean gopher, really?	15:29
KatolaZ	anyway, it's all explained in the email	15:29
KatolaZ	https://lists.dyne.org/lurker/message/20190401.132526.1a220dc3.en.html	15:29
KatolaZ	bbl	15:29
buZz	gnarface: well, ppl that administrate many servers dont usually kid around with such security issues	15:29
Jookia	gnarface: the devuan infrastructure admins were saying they were hacked and denying it was an april fools joke	15:29
gnarface	well, i'm not one of them, but i did say that might not be taken well	15:30
buZz	admin* , i havent seen anyone 'back' the joke at all, beside KatolaZ	15:30
Jookia	i don't think it's fair to say they're dangerously irrational for believing it	15:30
gnarface	i was silent about it when i should not have been	15:30
buZz	even 1 hour of actually hacked could mean millions of backdoored systems	15:30
Jookia	katolaz apologized and that's about all that can be done	15:31
Jookia	but its just kinda weird to me that one person can make such huge modifications to a trusted server like that	15:31
gnarface	real villains would definitely have put tracking scripts on that page	15:31
desperek	KatolaZ, aaaaaa!	15:32
buZz	its just beyond bad taste, imho	15:32
Jookia	like if someone stole katolaz's ssh keys could they actually hack the site	15:32
desperek	you also need a password for ssh Jookia	15:32
Jookia	ssh session then	15:33
desperek	i dont think you can stole ssh session	15:33
Jookia	it's a little bit scary to think that there's not a barrier with oversight for the entire website	15:33
desperek	?	15:33
Jookia	not just the contents but also the infrastructure itself	15:33
Jookia	usually with tech projects you see websites in github with merge requests handling changes	15:34
buZz	well, infrastructure wasnt affected, all pkg mirrors etc were still up	15:34
Jookia	i guess it is here: https://git.devuan.org/devuan-editors/devuan-www	15:35
Jookia	but they changed the website without going through that review? idk	15:35
Jookia	also does devuan use debian's repos with its own packages on top? or its own entire mirrors	15:39
Evilham	former	15:40
debdog	Y_Plentyn: do not know myslef but all you need to know should be in this thread: https://lists.dyne.org/lurker/thread/20181126.195746.a575f370.en.html	15:41
KatolaZ	debdog: https://lists.dyne.org/lurker/message/20190401.132526.1a220dc3.en.html	15:41
debdog	KatolaZ: sorry, I do not understand?	15:42
gnarface	Jookia: mostly redirects from debian mirrors (because most packages so far are not changed)	15:43
Jookia	Is there a list of changed packages?	15:44
gnarface	uh.. yea somewhere...	15:45
debdog	Jookia: https://pkgmaster.devuan.org/bannedpackages.txt	15:45
gnarface	no that's the banned packages	15:45
debdog	oh, assumed they were basically the same	15:46
gnarface	no those are ones that need to be forked still to just work	15:46
gnarface	so they're currently excluded	15:46
gnarface	there is somewhere in the gitlab you should be able to get the list, but also if you just search for "devuan" in pkginfo.devuan.org, all the forked packages have devuan* in the version string	15:47
gnarface	KatolaZ: well, you made the front page on Slashdot, so mission accomplished, i guess	15:50
buZz	could have done that with actual news	15:54
buZz	like 'devuan moving to gopher servers'	15:54
buZz	instead of causing panic for the yolo	15:55
gnarface	i think this is KatolaZ's way of protesting being left in charge of the web servers during the conference	15:55
buZz	to ignore the 4/5 consensus needed for webpage changes?	15:56
MinceR	lol	15:56
_abc_	Do you see polkitd taking load up to 0.6-0.7 for no reason?	15:58
* gnarface isn't using it		15:58
buZz	that package isnt in devuan	15:58
_abc_	Ahh. systemd fun, without systemd this time.	15:59
_abc_	The package is in wheezy. I am trying to port linuxcnc user land to devuan ascii.	15:59
buZz	you dont need policykit	15:59
_abc_	No success so far, missing packages which do not exist in devuan repos?	15:59
_abc_	Will be back about this.	16:00
buZz	ciao	16:00
_abc_	[not polkitd]	16:00
gnarface	stuff has been renamed since wheezy	16:00
_abc_	I know.	16:00
_abc_	Made a stick with refracta2usb testing it now with persistence, using live linuxcnc wheezy 2.7 iso as source	16:02
DocScrutinizer05	https://www.cons.org/cracauer/sigint.html TIL, quite interesting	16:20
Y_Plentyn	debdog: thank you	16:21
buZz	i wonder when Klipper will get 'random ass CNC' support	16:23
buZz	it makes a lot more sense to me than LinuxCNC	16:23
Y_Plentyn	... but that not contain recent information - for example if and how it is possible after early registration	16:23
Y_Plentyn	... to register	16:23
debdog	Y_Plentyn: maybe there: https://events.eventzilla.net/e/welcome-to-the-first-devuan-conference-d1conf-2019-2138704309 or contact conference@devuan.org	16:32
Y_Plentyn	debdog: i know the first...	16:32
Y_Plentyn	and justr mailed the second ;)	16:35
zeph1ro	@KatolaZ, zuzurellone... got the time to tag and release d1h? i need the fix u made 7mo ago... ;)	16:37
unixman	KatolaZ, I thought the joke was funny. I presumed it was a joke from the start. I love the fact that gopher actually works. :D	16:40
desperek	yea leave it like thatr	16:40
Y_Plentyn	I liked the joke, too, and I like gopher ;)	16:40
* unixman had to install a gopher client to check and was pleasantly surprised :)		16:41
unixman	Just finished reading scrollback. Some folk need to get a sense of humor. Good grief. :P	16:49
MinceR	indeed	16:49
detha	Other folks haven't spent 3 months getting use of devuan approved by corporate security in a windows-centric company. Know what the knee-jerk reaction of ITSec types to this sort of stunt is? :P	17:02
silverwillow	meh. IPSec peeps have no sense of humour. They don't count :P	17:11
buZz	detha: yeah i've seen many ppl not respond nicely	17:11
buZz	way more then expected by the 'prankster' i bet	17:11
detha	silverwillow: count or not, they control their firewalls. And if they say 'no', you either comply or can the project.	17:12
_abc_	<almost systemd bashing>while looking for solutions for my current project, I found two nice links http://www.softpanorama.org/Commercial_linuxes/RHEL/index.shtml https://www.reddit.com/r/linux/comments/2hfvm0/so_after_4_hours_of_debugging_systemd_and/	17:20
_abc_	detha: itsec suits get alarmed by an amber light on a junos box (local management ethernet down usually), jokes like the website put them into hyperventilation state, need ER.	17:21
premoboss	KatolaZ, i read you did a minimal devuan CLI version. how to get it?	17:24
KatolaZ	https://files.devuan.org/devuan_ascii/minimal-live/ <- premoboss	17:24
premoboss	KatolaZ, thanks.	17:25
KatolaZ	premoboss: yw	17:25
furrywolf	I too was impressed that at least www. had working gopher. checked last night. :)	17:40
m68000	the port 70 revolution	17:41
m68000	:P	17:41
_abc_	368MB for a cli only minimal edition is huuge :) But it's not your fault. Thanks for that KatolaZ.	17:47
KatolaZ	_abc_: it's not "just a minimal image"	17:52
KatolaZ	:)	17:52
KatolaZ	it has a lot of stuff in there	17:52
KatolaZ	but still boots in a quite small footprint	17:52
KatolaZ	and gives you a fully functional system :)	17:52
KatolaZ	I agree it's not as minimal as "tomsrtbt" though ;)	17:53
gnarface	it's as small as you can reasonably expect a debian-compatible derivative to get though	17:57
KatolaZ	well, it could be really made slimmer, by removing some stuff	17:58
KatolaZ	anyway, it should be pretty straightfoward to customise it using live-sdk	17:58
KatolaZ	_abc_: shout if you need help with that	17:59
xrogaan	Apparently IBM is to start a non-free version of RHEL. They had enough of not being able to properly use xkbcomp with wayland.	17:59
buZz	lol	17:59
unixman	IIRC there is already a "non-free" version of RHEL. Try getting patches for an unregistered, or unpaid, or expired, RHEL subscription.	18:05
furrywolf	I want un-RH linux.	18:05
buZz	we all do	18:07
xrogaan	https://www.commitstrip.com/en/2019/04/01/back-to-how-it-should-be/	18:26
buZz	xrogaan: weird	18:31
buZz	there was no support for 'desktop notifications' from webpages in the 90s	18:31
buZz	is the joke that the cartoonist wasnt on internet in the 90s? :P	18:32
buZz	oh, -remove- , nmind	18:32
DocScrutinizer05	xrogaan: depressingly true	18:33
buZz	missed <marquee> though	18:33
xrogaan	anyhow, after today, I realize that the best way for a cracker to fuck around is to take over during the 1st of April.	20:40
_abc_	re: RH slime: I posted a link above some time ago about this. [relevant]	21:03
_abc_	http://www.softpanorama.org/Commercial_linuxes/RHEL/index.shtml repost	21:03
xrogaan	_abc_: I have no idea about how to read that website	21:11
_abc_	scroll down until your eyes no longer hurt.	21:16
_abc_	At "Abstract"	21:16
armin	https://www.devuan.org/pwned.html ;)	21:37
_abc_	With persistence on live images: is persistence-label= only supported in later (than wheezy level) distributions? It seems to not be treated in /bin/live-persistence at all.	23:21
_abc_	I wasted half a day trying to make it work	23:21
_abc_	Normally if "persistence" is on the kernel cli then something in the init scripts should call /bin/live-persistence, no?	23:22
_abc_	??	23:24

Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!