| javispedro | someone get me the MEIF specification =) | 00:00 |
|---|---|---|
| javispedro | the gps chip on the n950 seemingly supports DGPS | 00:00 |
| DocScrutinizer | WTF?! | 00:01 |
| DocScrutinizer | differential GPS? No shit? | 00:01 |
| javispedro | well, wide-area DGPS at least | 00:01 |
| DocScrutinizer | ~wtf dgps | 00:01 |
| infobot | Gee... I don't know what dgps means... | 00:01 |
| javispedro | yeah, differential. | 00:01 |
| javispedro | http://investor.broadcom.com/common/mobile/mobiledetail.cfm?ReleaseID=443754&CompanyID=BRCM&MobileID= | 00:02 |
| DocScrutinizer | wow, that's... amazing | 00:02 |
| javispedro | SBAS mentioned there | 00:02 |
| virtuald | :) | 00:02 |
| itsnotabigtruck | so it would be possible to pick up waas signals and get higher accuracy? | 00:02 |
| itsnotabigtruck | what about n9? | 00:02 |
| SpeedEvil | WAAS is not dgps | 00:02 |
| SpeedEvil | Not really in the normal sense | 00:02 |
| itsnotabigtruck | oh, hrm | 00:02 |
| SpeedEvil | it's regional corrections, and gets you to a couple of meters or so accuracy | 00:03 |
| javispedro | SpeedEvil: but I think they mean WAAS and not DGPS | 00:03 |
| SpeedEvil | you need a fairly nearby source to get to a few centimeters. | 00:03 |
| itsnotabigtruck | what about NDGPS then | 00:03 |
| javispedro | SpeedEvil: what do you make out of "wide-area DGPS"? Sounds like a marketish way of saying WAAS? | 00:04 |
| virtuald | have you seen gsmmap.org? | 00:04 |
| itsnotabigtruck | apparently WAAS is not DGPS but only technically, according to the wiki DGPS = any kind of gps augmentation based on ground transmitters | 00:04 |
| SpeedEvil | javispedro: yes | 00:04 |
| SpeedEvil | It technically is DGPS | 00:04 |
| itsnotabigtruck | but waas is ground based too | 00:04 |
| SpeedEvil | but it's not DGPS in the sense of 'almost no error compared to normal GPS' | 00:04 |
| itsnotabigtruck | Instead, the FAA (and others) started studies for broadcasting the signals across the entire hemisphere from communications satellites in geostationary orbit. This has led to the Wide Area Augmentation System (WAAS) and similar systems, although these are generally not referred to as DGPS, or alternatively, "wide-area DGPS". WAAS offers accuracy similar to the USCG's ground-based DGPS networks, and there | 00:05 |
| itsnotabigtruck | has been some argument that the latter will be turned off as WAAS becomes fully operational. | 00:05 |
| javispedro | itsnotabigtruck: waas is satellite based | 00:05 |
| itsnotabigtruck | sorry for uber-paste | 00:05 |
| itsnotabigtruck | javispedro: you're right, it is | 00:05 |
| itsnotabigtruck | mis-read the wiki article | 00:05 |
| SpeedEvil | I'm awaiting a GPS dev board that'll let me do ~10cm accuracies. | 00:05 |
| itsnotabigtruck | saw something about ground stations, but the ground stations feed into satellite broadcasts | 00:05 |
| mgedmin | "WAAS uses a network of ground-based reference stations" | 00:05 |
| mgedmin | you need both sats and ground stations for it | 00:05 |
| itsnotabigtruck | mgedmin: but the signals come from satellites and that's where the distinction is | 00:06 |
| mgedmin | the stations provide reference points, AFAIU, so you can calibrate the GPS error for a particular location | 00:06 |
| SpeedEvil | That's how it works, yes. | 00:06 |
| mgedmin | ah, the data distribution is satellite-based too! | 00:06 |
| mgedmin | I didn't realize that | 00:06 |
| SpeedEvil | The closer the ground station to you, the better your error. | 00:07 |
| mgedmin | as a European I'm not particularly interested in WAAS, let's see what the wiki says about EGNOS | 00:07 |
| SpeedEvil | IT's the same. | 00:08 |
| SpeedEvil | Just different continent | 00:08 |
| javispedro | and as a European you're not very much interested in EGNOS ;P | 00:08 |
| javispedro | well depends on where are you | 00:08 |
| javispedro | here at least signal is very very weak | 00:08 |
| mgedmin | " ESA released in 2002 SISNeT,[5][6] an Internet service designed for continuous delivery of EGNOS signals to ground users." | 00:09 |
| mgedmin | interesting | 00:09 |
| *** pinheiro has joined #harmattan | 00:09 | |
| itsnotabigtruck | just found that too | 00:09 |
| javispedro | SpeedEvil: seemingly on the N950 re gps we have a similar situation to the n810, gps speaking a "binary" protocol with a large blob over what is basically a serial link | 00:10 |
| javispedro | SpeedEvil: but unlike N810 protocol on N950 seems to be "Nokia standard" MEIF | 00:10 |
| javispedro | (under NDA wall though :( ) | 00:10 |
| javispedro | the blob on N950 is "nped" | 00:10 |
| DocScrutinizer | WAAS is about transmitting correction info for the 5*5km area (or somesuch) derived from stationary GPS references, via geostationary SV | 00:10 |
| DocScrutinizer | it's not what you usually think of when you use the term DGPS | 00:11 |
| SpeedEvil | Umm - I don't recall seeing large CPU activity. | 00:11 |
| SpeedEvil | When n950 GPS is active | 00:12 |
| SpeedEvil | So it's very different from the 810, where it was to some degree a soft-gps | 00:12 |
| javispedro | no idea about the internals sadly | 00:12 |
| javispedro | but nped definitely appears on top | 00:12 |
| DocScrutinizer | I might figue WAAS gets done in AP | 00:13 |
| DocScrutinizer | i.e. on "CPU" | 00:13 |
| javispedro | with some constant 0.3-0.5% CPU at 600Mhz | 00:13 |
| javispedro | and the ME comes from "Measurement Engine", so it sounds kinda soft :) | 00:14 |
| DocScrutinizer | also see: | 00:14 |
| DocScrutinizer | ~gsm-agps | 00:14 |
| infobot | hmm... rrlp is the Radio Resource LCS (Location Service) Protocol as specified first in GSM TS 04.31, or http://security.osmocom.org/trac/wiki/RRLP | 00:14 |
| javispedro | nearly 1% CPU at 300Mhz | 00:14 |
| DocScrutinizer | that's "control and user plane" AGPS mentioned in that broadcom paper | 00:15 |
| javispedro | hm | 00:16 |
| javispedro | the iphone and quite a lot of android phones use this chip | 00:17 |
| itsnotabigtruck | looks like nokia's a-gps is SUPL | 00:19 |
| itsnotabigtruck | any idea how much data is sent to the server with that | 00:19 |
| DocScrutinizer | I think ST-E DB7400 LTE modem has a GPS on chip | 00:19 |
| itsnotabigtruck | i didn't know about this RRLP business...sounds very dangerous | 00:19 |
| DocScrutinizer | RRLP is what they do in Navy CIS et al, when they "locate the phone" | 00:20 |
| itsnotabigtruck | yeah...i thought that was limited to radio triangulation but with rrlp they can get a precise fix | 00:21 |
| itsnotabigtruck | which would be leagues "better" | 00:21 |
| DocScrutinizer | there's no easy way to do triangulation with normal BTS | 00:23 |
| DocScrutinizer | as the mobile is known only to servicing station | 00:24 |
| DocScrutinizer | and neither GSM nor UMTS have a means to force a mobile to reselect to another BTS | 00:25 |
| SpeedEvil | handovers give you position | 00:26 |
| DocScrutinizer | so you can know about distance of mobile only to one point on earth that's the servicing BTS, and you dunno much about bearing of mobile from BTS | 00:26 |
| DocScrutinizer | handovers give you position, but as explained one post above, there is no means to force such handover | 00:26 |
| DocScrutinizer | it even might be impossible in most situations (when the 'alternative' neighbour BTS is simply too far away to connect to it) | 00:27 |
| SpeedEvil | I mean when moving | 00:28 |
| DocScrutinizer | and TA is not one of the persistent parameters that get logged in BTS and could get queries after minutes or hours | 00:28 |
| SpeedEvil | If you get a handover, you knwo the location | 00:28 |
| DocScrutinizer | sure, you can advice the gangsta you eavesdrop, that he should move a few hundred meters to trigger a handover event ;-D | 00:29 |
| DocScrutinizer | even then you have at least 2 theoretical positions, as there are two solutions to the equation. In RL there are even more than 2 | 00:30 |
| itsnotabigtruck | DocScrutinizer: but if you've been tracking the gangsta all along, you'll get a handover sooner or later | 00:31 |
| itsnotabigtruck | and usually sooner, not later | 00:31 |
| SpeedEvil | If you've been tracking it since the last handover, one is clearly bogus | 00:31 |
| virtuald | or you might use an https://en.wikipedia.org/wiki/IMSI-catcher | 00:31 |
| DocScrutinizer | sure sure | 00:31 |
| SpeedEvil | pointless if you've got a cellphone network | 00:31 |
| DocScrutinizer | all not any valid solution to "McGee, locate the phone!" | 00:31 |
| * SpeedEvil ponders again submitting a data protection request for all data held by his telco. | 00:32 | |
| SpeedEvil | Including location records and any stored data of any form. | 00:32 |
| DocScrutinizer | location records have no TA, they usually not even have the sector of the BTS you're in | 00:33 |
| DocScrutinizer | (usual BTS have 3 sectors, some have 4) | 00:33 |
| javispedro | ... McGee proceeds to use any of the multiple android remote holes to enable GPS on the criminal's smartphone | 00:33 |
| SpeedEvil | It would be interesting to get teh actual answer though. | 00:33 |
| javispedro | and also make the phone say with spooky voice "please turn yourself over at the nearest NYC Police Department" | 00:33 |
| DocScrutinizer | javispedro: nope, McGee is using RRLP | 00:33 |
| javispedro | McGee needs no stinking RRLP | 00:34 |
| javispedro | (note: never seen the series) | 00:34 |
| virtuald | who's mcgee? | 00:34 |
| DocScrutinizer | (the hole by design in all recent smartphones that comply US regulations) | 00:35 |
| DocScrutinizer | ~wiki Timothy_McGee | 00:36 |
| infobot | At http://en.wikipedia.org/wiki/Timothy_McGee (URL), Wikipedia explains: "{{Other people}} {{Original research|article|date=October 2009}} {{In universe|date=March 2011}} {{Infobox character | color = #95ABBD | occupation = Special agent, Major Case Response Team Field Agent, NCIS (Seasons 2-Present), Norfolk Case Agent and Major Case Response Team TAD Field Agent, NCIS (Season 1) | image = | caption = Sean Murray as Tim McGee in a promotional photo ... | 00:37 |
| *** hardaker2 has quit IRC | 00:37 | |
| *** hardaker has joined #harmattan | 00:41 | |
| * itsnotabigtruck is a little disturbed by this, not because the man can track your phone (knew that already), but because the phone itself is doing the tracking | 00:41 | |
| *** zx2c4 has left #harmattan | 00:48 | |
| *** piggz has quit IRC | 00:55 | |
| *** risca has joined #harmattan | 00:57 | |
| virtuald | watch out for silent text messages :) | 00:59 |
| virtuald | and silent phone calls | 00:59 |
| virtuald | if you're on the run haha | 00:59 |
| virtuald | and maybe try out the osmocom catchercatcher | 01:01 |
| *** diorahman has joined #harmattan | 01:05 | |
| *** cvaldemar has quit IRC | 01:08 | |
| DocScrutinizer | HAH | 01:16 |
| DocScrutinizer | imsi catchers are sooo out | 01:16 |
| DocScrutinizer | nowadays all services have their own encrypted administrative and surveillance/tapping interface to all networks | 01:17 |
| itsnotabigtruck | DocScrutinizer: i thought imsi catching was a protocol exploit, can't fix it without fixing the protocol | 01:18 |
| itsnotabigtruck | and it's too late to do that | 01:18 |
| DocScrutinizer | it'S indeed not even an exploit, it's simply a not-so-standard regular implementation of a valid BTS | 01:19 |
| virtuald | um yeah a feature | 01:19 |
| DocScrutinizer | the only 'exploit' in that might be the fact that BTS have no obligation or even method to authenticate to mobiles | 01:20 |
| itsnotabigtruck | DocScrutinizer: well, still counts as an exploit (a mitm), there's all sorts of ways they could have put authentication in | 01:20 |
| itsnotabigtruck | but why are you saying it's 'sooo out' then | 01:21 |
| DocScrutinizer | but why set up a 'fake' BTS when you can tap and control the real one? | 01:21 |
| itsnotabigtruck | DocScrutinizer: the encrypted part? unless you're the mob or something the technical solution is probably easier | 01:22 |
| *** risca has quit IRC | 01:23 | |
| virtuald | docscrutinizer: everyone doesn't know how to do that | 01:24 |
| DocScrutinizer | the mob? | 01:24 |
| itsnotabigtruck | DocScrutinizer: you know, organized crime | 01:24 |
| itsnotabigtruck | the mafia | 01:24 |
| DocScrutinizer | >>Das D1-Netz ist das Mobilfunksystem der Deutschen Telekom (vorherige Namen: T-Mobile; DeTeMobil), das nach Aussage des Betreibers „nahezu abhörsicher“ ist. Das ist der Grund, weshalb die Betreiber der digitalen D-Netze von der Bundesregierung gezwungen wurden, eine Abhörschnittstelle für die „Dienste“ zu programmieren.<< http://de.wikipedia.org/wiki/D-Netz | 01:24 |
| DocScrutinizer | nowadays the services tap your phone via internet | 01:25 |
| DocScrutinizer | imsi catchers are definitely outdated | 01:26 |
| *** NIN101 has quit IRC | 01:26 | |
| itsnotabigtruck | DocScrutinizer: they're outdated if you're the police, and have been for a long time, i assumed this was about non-police-entities pwning your communications | 01:26 |
| DocScrutinizer | (btw this taping interface been invented and standardized - and exported to the world - here in Germany, much like GSM once been) | 01:27 |
| itsnotabigtruck | the police/feds being able to tap your phone is about as old as old news gets :p | 01:28 |
| DocScrutinizer | I'm sooo proud of being a German :-S | 01:28 |
| DocScrutinizer | who else would use a 10k imsi catcher? and for what? | 01:28 |
| DocScrutinizer | where 10k probably is EUR, for a used one | 01:29 |
| itsnotabigtruck | the mafia? competing corporations? foreign spies? | 01:30 |
| itsnotabigtruck | hackers using a DIY imsi catcher? | 01:30 |
| DocScrutinizer | for sure McGee never used an IMSI catcher ;-) | 01:30 |
| itsnotabigtruck | at one of the recent DEFCONs i think someone deployed one | 01:30 |
| DocScrutinizer | well, if there'd be any info on GSM that is worth spying it by the mafia, then the one that gets spied is really an idiot asshat | 01:31 |
| itsnotabigtruck | lol | 01:32 |
| DocScrutinizer | as taping phones for espionage is even older than police doing that | 01:32 |
| DocScrutinizer | so I think the various advices about what you shouldn't tell on a phonecall are from the early 20s of last century | 01:33 |
| RST38h | Ah, Doc, stop ranting, go get some sleep =) | 01:34 |
| DocScrutinizer | meh | 01:34 |
| DocScrutinizer | anyway nowadays both mob and feds are most concerned about skype - and you could skype from your phone as well, if that'S news to you ;-) | 01:37 |
| DocScrutinizer | unlike tapping interface, only very few services have the credentials to use the secret skype backdoor | 01:38 |
| DocScrutinizer | though this might have changed a bit lately | 01:39 |
| DocScrutinizer | with skype now being a M$ project | 01:39 |
| DocScrutinizer | M$ always implemented backdoors to all their "security" stuff, and was very cooperative to officials | 01:40 |
| *** psycho_oreos has joined #harmattan | 01:42 | |
| DocScrutinizer | which got rewarded by 99% M$ products in all institutions | 01:42 |
| itsnotabigtruck | DocScrutinizer: erm, skype aside, which MS security-related products have backdoors | 01:45 |
| itsnotabigtruck | let me guess, you're going to bring up the NSAKEY red herring | 01:45 |
| itsnotabigtruck | it does seem like bitlocker's lack of password or crypto device authentication could be beneficial to police | 01:46 |
| itsnotabigtruck | (it supports TPM and USB drive keyfiles only - keyfiles aren't password protected) | 01:47 |
| itsnotabigtruck | though that isn't a backdoor per se, just non-ideal security choices | 01:47 |
| *** diorahman has quit IRC | 01:54 | |
| *** diorahman has joined #harmattan | 01:55 | |
| DocScrutinizer | OT factoid about McGee: his sister is actually his stepsister in RL. Miss Bellisario. Nice family cronyism | 02:06 |
| * DocScrutinizer idly wonders if producer Mr Bellisario has some special appearances like Hitchcock | 02:08 | |
| *** Natunen has quit IRC | 02:10 | |
| *** FACEFOX has joined #harmattan | 02:22 | |
| *** acidjunkie has quit IRC | 02:23 | |
| *** acidjunkie has joined #harmattan | 02:25 | |
| *** risca has joined #harmattan | 02:28 | |
| beford | :| | 02:29 |
| beford | help itsnotabigtruck | 02:31 |
| beford | I forgot the lock code damn XD | 02:31 |
| *** Necrosporus has quit IRC | 02:40 | |
| *** M4rtinK has quit IRC | 02:46 | |
| DocScrutinizer | or you are using open mode which causes lockcode to go invalid | 02:48 |
| DocScrutinizer | actually it's allegedly causing CAL aka config mtd partition to become read-only, which somehow renders all lockcode access attempts to err out | 02:49 |
| *** AndrewX192 has quit IRC | 02:49 | |
| *** AndrewX192 has joined #harmattan | 02:50 | |
| *** AndrewX192 has quit IRC | 02:50 | |
| *** AndrewX192 has joined #harmattan | 02:50 | |
| beford | no .. I was changing it | 02:50 |
| beford | but I do not remember finishing to change it | 02:50 |
| beford | like I was on the 'change lock code' screen | 02:50 |
| beford | and went to do something else and it locked it self .. now the old password is not working, and I cant remember if I set something new :/ | 02:51 |
| beford | :| | 02:53 |
| beford | woah. I remembered it | 02:53 |
| beford | now I will need to get some memory pills or something. jesus. | 02:53 |
| *** diorahman has quit IRC | 02:54 | |
| *** deimos has quit IRC | 03:25 | |
| *** javispedro has quit IRC | 03:38 | |
| *** arcean has quit IRC | 03:42 | |
| *** n9appscom has quit IRC | 03:50 | |
| *** n9appscom has joined #harmattan | 03:51 | |
| *** diorahman has joined #harmattan | 03:52 | |
| *** n9appscom has quit IRC | 03:55 | |
| itsnotabigtruck | beford: hey, still there? | 03:57 |
| itsnotabigtruck | oh, you got it sorted | 03:57 |
| itsnotabigtruck | DocScrutinizer: well, have you tested that read-only thing? | 03:58 |
| itsnotabigtruck | i believe i mentioned before, that the cal thing is second-hand info from rainisto - if you want to be sure, test it | 03:58 |
| itsnotabigtruck | the lock code is probably erroring out due to unrelated reasons, namely the whole omap security being deactivated thing | 03:59 |
| *** trx has quit IRC | 04:02 | |
| *** delphi has joined #harmattan | 04:02 | |
| *** diorahman_ has joined #harmattan | 04:05 | |
| *** diorahman has quit IRC | 04:06 | |
| *** diorahman_ is now known as diorahman | 04:06 | |
| *** vLassi has joined #harmattan | 04:13 | |
| beford | hey ieatlint | 04:17 |
| beford | er | 04:17 |
| beford | itsnotabigtruck | 04:17 |
| itsnotabigtruck | beford: for reference if you forget it again, you reset it by zeroizing | 04:29 |
| itsnotabigtruck | hopefully not too many thieves will pick up on that, though the sort of people who steal phones are mostly morans anyway | 04:30 |
| itsnotabigtruck | petteri: i think your n9-apps.com entry for pinkit's missing a description | 04:30 |
| beford | itsnotabigtruck, like using WinFlasher? | 04:33 |
| *** vLassi has quit IRC | 04:33 | |
| itsnotabigtruck | beford: yeah | 04:35 |
| *** risca has quit IRC | 04:35 | |
| itsnotabigtruck | 'zeroize' is the word i used in my guide, because it's awesome | 04:35 |
| itsnotabigtruck | https://en.wikipedia.org/wiki/Zeroisation | 04:35 |
| beford | ah right, erase user data | 04:35 |
| beford | thanks itsnotabigtruck I'll try to not forget my lock code again anyway xD | 05:16 |
| *** diorahman has quit IRC | 05:20 | |
| *** oberling has joined #harmattan | 05:58 | |
| *** oberling_ has quit IRC | 06:02 | |
| *** hiemanshu has quit IRC | 06:02 | |
| *** hiemanshu has joined #harmattan | 06:06 | |
| *** vincent87 has joined #harmattan | 06:22 | |
| *** vincent87 has quit IRC | 06:24 | |
| *** diorahman has joined #harmattan | 06:33 | |
| *** sigmaorion has joined #harmattan | 07:07 | |
| sigmaorion | hi there!! | 07:07 |
| *** sigmaorion has quit IRC | 07:15 | |
| *** Natunen has joined #harmattan | 07:20 | |
| *** diorahman has quit IRC | 07:22 | |
| *** dymaxion has joined #harmattan | 07:37 | |
| *** niqt has joined #harmattan | 07:55 | |
| *** beford has quit IRC | 08:00 | |
| *** hardaker has quit IRC | 08:03 | |
| *** delphi has quit IRC | 08:55 | |
| *** vLassi has joined #harmattan | 09:39 | |
| petteri | itsnotabigtruck: i think you are right. I'll add one :) | 09:53 |
| *** niqt has quit IRC | 10:08 | |
| *** diverse_izzue has quit IRC | 10:47 | |
| *** NIN101 has joined #harmattan | 10:51 | |
| *** karbas_ has quit IRC | 11:03 | |
| *** blueslee has joined #harmattan | 11:31 | |
| *** cvaldemar has joined #harmattan | 11:32 | |
| *** rlinfati has joined #harmattan | 11:34 | |
| blueslee | DocScrutinizer: ping | 11:39 |
| *** M4rtinK has joined #harmattan | 11:41 | |
| *** trx has joined #harmattan | 11:51 | |
| *** heymaste_ has quit IRC | 11:54 | |
| *** adlan has quit IRC | 12:02 | |
| auenf | honeycomb takes too many downloads to root | 12:02 |
| *** Saviq_ has joined #harmattan | 12:03 | |
| *** Saviq_ has quit IRC | 12:05 | |
| *** auenf has quit IRC | 12:07 | |
| *** ZogG_laptop has quit IRC | 12:09 | |
| *** auenf has joined #harmattan | 12:09 | |
| *** rlinfati has quit IRC | 12:18 | |
| *** DocScrutinizer has quit IRC | 12:39 | |
| *** DocScrutinizer has joined #harmattan | 12:41 | |
| *** heymaster has joined #harmattan | 12:42 | |
| *** blueslee has quit IRC | 12:53 | |
| *** Guest92708 is now known as Termana | 13:06 | |
| *** heeeegua has quit IRC | 13:10 | |
| *** djszapi has joined #harmattan | 13:39 | |
| *** Anssi138 has quit IRC | 13:46 | |
| *** diorahman has joined #harmattan | 13:55 | |
| diorahman | helllo!!!! | 13:56 |
| *** djszapi has left #harmattan | 13:56 | |
| *** Anssi138 has joined #harmattan | 13:59 | |
| macmaN | sup peeps | 14:07 |
| macmaN | how to turn off the massively annoying "switch internet connection on" prompt? | 14:07 |
| macmaN | i'd like to *never* see it again | 14:07 |
| macmaN | i have PSM forced on, doesnt help | 14:07 |
| macmaN | i have internet switch off, doesnt help | 14:08 |
| macmaN | internet apps should not be able to constantly annoy me with a full screen modal dialog, wtf | 14:08 |
| *** Anssi138 has quit IRC | 14:14 | |
| *** djszapiN9 has joined #harmattan | 14:24 | |
| Velmont | macmaN: Agree. I want it to always be 3G connected. | 14:32 |
| macmaN | hm | 14:33 |
| Velmont | I think I had that working before, -- but then I had to disconnect once,and now it's constantly nagging me for internet :-) | 14:33 |
| macmaN | isnt that possible? | 14:33 |
| Velmont | Yes, -- but not very obvious at least. I've made it once, but can't find out how to do it again. | 14:33 |
| macmaN | i think you have to go to Edit Networks | 14:33 |
| macmaN | and allow your 3G to be auto-used | 14:33 |
| macmaN | i think 3G is set to no-auto by default | 14:33 |
| Velmont | Ah, -- found it. | 14:34 |
| *** sp3001 has joined #harmattan | 14:34 | |
| macmaN | well im living internet off. dont want to charge battery every 2 hours. | 14:35 |
| macmaN | but "no" definitely doesnt mean "no" to nokia developers | 14:35 |
| macmaN | it acts more like a horny boyfriend | 14:36 |
| *** djszapiN9 has left #harmattan | 14:40 | |
| rZr | Sazpaimon: pong | 14:42 |
| *** djszapiN9 has joined #harmattan | 14:45 | |
| djszapiN9 | is there a ctrl+f-like search functionality in grob for finding a dedicated content on a webpage ? | 14:45 |
| rZr | not i am aware of | 14:50 |
| djszapiN9 | bad grob :p | 14:55 |
| *** GeneralAntilles1 has joined #harmattan | 15:11 | |
| *** gareth___ has joined #harmattan | 15:12 | |
| *** juergbi` has joined #harmattan | 15:13 | |
| *** tsenyk_ has joined #harmattan | 15:13 | |
| *** sp3002 has joined #harmattan | 15:14 | |
| *** denism1 has joined #harmattan | 15:14 | |
| *** rzr` has joined #harmattan | 15:17 | |
| *** sp3001 has quit IRC | 15:19 | |
| *** infobot has quit IRC | 15:19 | |
| *** eman` has quit IRC | 15:19 | |
| *** GeneralAntilles has quit IRC | 15:19 | |
| *** denism has quit IRC | 15:19 | |
| *** rZr has quit IRC | 15:19 | |
| *** tsenyk has quit IRC | 15:19 | |
| *** damaltor has quit IRC | 15:19 | |
| *** juergbi has quit IRC | 15:19 | |
| *** gareth__ has quit IRC | 15:19 | |
| *** infobot has joined #harmattan | 15:20 | |
| *** ChanServ sets mode: +v infobot | 15:20 | |
| *** eman has joined #harmattan | 15:20 | |
| *** FACEFOX has quit IRC | 15:21 | |
| *** damaltor has joined #harmattan | 15:21 | |
| *** FACEFOX has joined #harmattan | 15:28 | |
| djszapiN9 | interesting why a link does not work for clicking in grob, but works fine if i type it out in the url bar. | 15:32 |
| *** Sazpaimon has quit IRC | 15:35 | |
| *** Sazpaimon has joined #harmattan | 15:35 | |
| *** NIN101 has quit IRC | 15:54 | |
| *** diorahman_ has joined #harmattan | 16:04 | |
| *** piggz has joined #harmattan | 16:07 | |
| *** diorahman has quit IRC | 16:07 | |
| *** diorahman_ is now known as diorahman | 16:08 | |
| *** blueslee has joined #harmattan | 16:10 | |
| *** GeneralAntilles1 is now known as GeneralAntilles | 16:12 | |
| *** GeneralAntilles has joined #harmattan | 16:12 | |
| blueslee | can someone tell me if the openmode for n9/pr1.2 is full working. what are the (dis)advantages of openmode compared to inception | 16:14 |
| *** piggz has quit IRC | 16:15 | |
| *** arcean has joined #harmattan | 16:16 | |
| blueslee | openmode is running harmattan without aegis, right? who build the corresponding kernel? i will see a warning when booting and i can install packages from harmattan devel repo via apt-get not running into signature issues, right? | 16:16 |
| *** divan has quit IRC | 16:16 | |
| *** divan has joined #harmattan | 16:18 | |
| blueslee | and what will happen when pr.1.3 arrives? do i need to reflash everything? | 16:18 |
| *** kakashi__ has joined #harmattan | 16:20 | |
| *** n9appscom has joined #harmattan | 16:20 | |
| Tronic | blueslee: Depends on how Nokia responds. Quite possibly you can simply uninstall inception, do the upgrade and then reinstall (new version of) inception. | 16:23 |
| Tronic | The right thing for Nokia to do would be not to patch the inception hole at all or even provide such functionality by default in PR1.3. It is not like any content providers actually cared about Harmattan at this point. | 16:24 |
| blueslee | Tronic: okay, thats about inception. i am tending to enter the openmode but i am not sure about it, the kernel for pr1.2 is there for one week or so | 16:27 |
| blueslee | Tronic: its sounds simpler to install just the inception package but the repository/signature issue will stay or not? | 16:28 |
| *** koe has left #harmattan | 16:36 | |
| hiemanshu | Tronic: not patching a hole in aegis that can be expoilted by malcious software? LOL, right | 16:44 |
| hiemanshu | malicious** | 16:44 |
| Tronic | hiemanshu: OMGWTF | 16:44 |
| Tronic | N900 *never* had any sort of platsec. | 16:45 |
| qronic | woohoo, seeing malicious software for hamattan would be so exciting. another new software for n9, wow! | 16:45 |
| Tronic | Exactly how many malware apps did you ever see for Maemo (inlc. Harmattan)? | 16:45 |
| Tronic | Linux/Maemo - security by platform obscurity. | 16:46 |
| *** decibyte has quit IRC | 16:46 | |
| *** djszapiN9 has left #harmattan | 16:46 | |
| *** sp3002 has quit IRC | 16:46 | |
| *** Saviq_ has joined #harmattan | 16:48 | |
| *** Saviq_ has quit IRC | 16:48 | |
| hiemanshu | Tronic: they are going to do the obvious thing and fix the hole, and its not about how many, its about the idea of being able to do it that scares most people away | 16:48 |
| Tronic | Btw, is disk encryption already available for Harmattan? | 16:49 |
| Tronic | I would like to have some security for my personal information in case the phone is stolen or examined by border control or whatnot. | 16:50 |
| Tronic | hiemanshu: I am not exactly sure what you mean by people (content providers or users) but for starters, regular users mostly have no idea what platsec even is and most of those who do prefer not to have it. | 16:51 |
| *** decibyte has joined #harmattan | 16:52 | |
| Tronic | It does not protect the user against malware because it doesn't actually provide useful access control (e.g. against recording audio and phone calls and streaming them to the eavesdropper). | 16:52 |
| Tronic | The only reason why it is there is to "protect" some content providers who still think that DRM is a must-have. | 16:53 |
| hiemanshu | sure, but nokia isnt going to leave it open just like that | 16:53 |
| *** blueslee has quit IRC | 16:53 | |
| Tronic | You are probably right. | 16:54 |
| Tronic | However, Nokia has been firing Harmattan developers and moving them to new tasks (Windows Phone) at such rate that I must wonder how much maintenance they are going to be doing anymore. | 16:54 |
| jonni | Tronic: thats what lock code is for, so your data wont leak if your phone is stolen, as they need to do erase-user-data=secure in order to use it. | 16:55 |
| Tronic | jonni: Not quite as secure as I'd prefer (because it relies on the platform being secure) but maybe it is good enough. | 16:56 |
| jonni | it relies that you dont use 12345 as a lock code | 16:57 |
| Tronic | jonni: Considering that I don't give out the code to the TSA agent, I wonder whether he can or will bother to (a) use a government-enforced built-in backdoor, (b) circumvent the security system in some other way (e.g. read directly from the flash chip). | 16:58 |
| jonni | a no, b yes if some goverment has flash chip readers. If you want to secure some of your data, then you can make an application that uses aegisfs to secure it really. | 17:00 |
| Tronic | Fortunately I don't have secrets of such level stored on my device to warrant all the effort. | 17:00 |
| *** javispedro has joined #harmattan | 17:01 | |
| Tronic | jonni: Why no to a? I would think that this is the most straight-forward way to go. | 17:01 |
| Tronic | Well, Harmattan is not officially sold in the US, so possibly they don't have that backdoor, but I wouldn't count on it. | 17:02 |
| jonni | there is no back door, we dont live in america | 17:02 |
| jonni | kernel is open source so you can hunt your backdoor in there. :) | 17:05 |
| Corsac | jonni: btw it's a bit sad the whole stuff is not encrypted, but eh :) | 17:08 |
| jonni | Corsac: well then bootup time to start the device would be 15+ minutes, and imho that is a bit slow :) | 17:09 |
| jonni | if you are really an internation spy agent, then there is no phone secure enough for you, and you should use some laptop that you encrypt the stuff yourself :) | 17:12 |
| Tronic | jonni: The backdoor could be in many other places than the kernel, and also we cannot really verify that the binaries provided by Nokia actually come from that source code. | 17:13 |
| Tronic | (have fun trying to replicate the exact same binary even when your source code is exactly the same) | 17:13 |
| Corsac | jonni: what are you talking about? | 17:15 |
| Tronic | But yes, you are right, cannot really trust such specialized hardware in any case, if the security really matters. | 17:15 |
| *** kakashi___ has joined #harmattan | 17:16 | |
| *** kakashi___ has joined #harmattan | 17:16 | |
| *** liar has joined #harmattan | 17:16 | |
| jonni | well you can compile the sources, and do diff to files, and you can also disassemble with ida pro to see that its really that source which matches. As only difference there is the timestamps. | 17:16 |
| *** kakashi__ has quit IRC | 17:17 | |
| Corsac | jonni: where exactly did you get the impression that encrypting stuff would result in 15m boot time? | 17:19 |
| Tronic | aegisfs does a full-fs verification on boot? | 17:20 |
| *** NIN101 has joined #harmattan | 17:20 | |
| *** hardaker has joined #harmattan | 17:21 | |
| SpeedEvil | No. | 17:24 |
| SpeedEvil | It verifies signatures at load-time only | 17:24 |
| jonni | SpeedEvil: and you are sure that you are not mixing aegis refhaslist to aegisFS? :). Well anyways aegisFS use FUSE and its notoriously slow on each syscall. But if you are app developer make an app which stored data you want to be secure, you can always write your data to /home/user/private/ http://harmattan-dev.nokia. | 17:37 |
| jonni | com/docs/library/html/guide/html/Developer_Library_Developing_for_Harmattan_Harmattan_security_Security_guide_Using_Harmattan_security_features.html#Protecting_the_server.27s_data_by_storing_it_in_.2Fhome.2Fuser.2Fprivate | 17:37 |
| *** NIN101 has quit IRC | 17:40 | |
| *** NIN101 has joined #harmattan | 17:40 | |
| *** liar has quit IRC | 17:48 | |
| *** liar has joined #harmattan | 17:49 | |
| *** bradfo_ has joined #harmattan | 17:50 | |
| *** bradfo_ has quit IRC | 17:52 | |
| *** FACEFOX has quit IRC | 17:53 | |
| *** FACEFOX has joined #harmattan | 17:54 | |
| SpeedEvil | Ok - yes, I knew that - just different context | 17:58 |
| *** franz2k has joined #harmattan | 18:12 | |
| *** diorahman has quit IRC | 18:12 | |
| *** franz2k has left #harmattan | 18:13 | |
| *** jaywink has joined #harmattan | 18:26 | |
| javispedro | grrrr https://meego.gitorious.org/meegotouch/meegotouch-applauncherd/blobs/master/src/launcherlib/daemon.cpp#line961 | 18:29 |
| itsnotabigtruck | Tronic Corsac: i don't know about a backdoor, but none of the secure storage facilities provided with the os are secure | 18:34 |
| itsnotabigtruck | maybe if you set up a password-based full-flash encryption arrangement | 18:34 |
| *** admiral0 has joined #harmattan | 18:36 | |
| admiral0 | hello | 18:36 |
| itsnotabigtruck | hey admiral0 | 18:36 |
| admiral0 | itsnotabigtruck: hey dude | 18:36 |
| admiral0 | how are you? | 18:36 |
| *** piggz has joined #harmattan | 18:37 | |
| itsnotabigtruck | alright | 18:37 |
| admiral0 | i need help with qml maps... | 18:38 |
| admiral0 | is there an easy way to populate with mapobjects with coordinates i supply from C++? | 18:38 |
| admiral0 | i mean without going through "My mind is full of fuck and Models" | 18:39 |
| admiral0 | as i saw i can't even implement landmarkmodel in C++ | 18:40 |
| admiral0 | ... | 18:40 |
| admiral0 | ~update | 18:41 |
| infobot | it has been said that update is http://www.developer.nokia.com/Community/Blogs/blog/n9-developer/2012/01/25/harmattan-1.2-beta-now-available-as-ocf-for-nokia-n950 | 18:41 |
| admiral0 | ~aegis-no-thanks | 18:41 |
| infobot | hmm... aegis-no-thanks is http://maemo.cloud-7.de/HARM/N9/openmode_kernel_PR1.1/ | 18:41 |
| M4rtinK | admiral0: no idea about the default maps, I'm using AGTL's PinchMap instead | 18:42 |
| M4rtinK | it's quite usable | 18:42 |
| *** Free-MG has joined #harmattan | 18:43 | |
| admiral0 | AGTL? | 18:43 |
| admiral0 | link? | 18:43 |
| admiral0 | come on guys, it'll be a free app for all of you | 18:43 |
| admiral0 | :D | 18:43 |
| admiral0 | (yes, it will be _Free_ in the store) | 18:44 |
| M4rtinK | https://github.com/webhamster/advancedcaching/blob/master/files/advancedcaching/qml/PinchMap.qml | 18:44 |
| itsnotabigtruck | admiral0: publish it to appsformeego | 18:44 |
| itsnotabigtruck | in fact you should publish lps2 there too | 18:45 |
| M4rtinK | just gut out some of the AGTL/geocaching specific things and you are good to go | 18:45 |
| itsnotabigtruck | M4rtinK: why not use the stock maps? | 18:45 |
| admiral0 | oh, lps2... i have to work on that | 18:46 |
| admiral0 | it's quite reaady | 18:46 |
| Free-MG | how can i connect to WLAN / 3G from command line? | 18:46 |
| M4rtinK | I wan't a more low-level access to it | 18:46 |
| M4rtinK | didn't really study the default one though :) | 18:47 |
| admiral0 | Free-MG: explore dbus with qdbus | 18:47 |
| itsnotabigtruck | admiral0: make sure to run it by me before releasing so i can package-nazi it :p | 18:47 |
| admiral0 | itsnotabigtruck: package-nazi? | 18:48 |
| admiral0 | it should be in system bux | 18:48 |
| *** adlan_ has joined #harmattan | 18:48 | |
| admiral0 | ah, you are the human version of namcap in archlinux | 18:48 |
| admiral0 | i see | 18:48 |
| itsnotabigtruck | lol | 18:48 |
| itsnotabigtruck | hm, i guess namcap is like lintian on debian | 18:48 |
| admiral0 | yea | 18:48 |
| admiral0 | or perl_critic for perl | 18:49 |
| itsnotabigtruck | anyway, i'm just worried about things like the handling of the css patching/unpatching | 18:50 |
| itsnotabigtruck | need to make sure it won't asplode when users upgrade to 1.3 | 18:50 |
| admiral0 | i imagine those thingies with this face http://www.talyarkoni.org/blog/wp-content/uploads/2011/02/y_u_no_report.jpg | 18:50 |
| admiral0 | trololololo | 18:50 |
| admiral0 | :D | 18:50 |
| itsnotabigtruck | http://fc05.deviantart.net/fs71/f/2010/290/9/5/your_head_a_splode_by_yourheadasplodeplz-d30yz29.png | 18:51 |
| admiral0 | also i have quite an idea of replacing meteo widget with a secondary part for lpsmagic | 18:51 |
| admiral0 | who needs *current* weather? captain obvious? | 18:52 |
| admiral0 | i find this more useful and entertaining: http://www.dyrmdaily.com/wp-content/themes/lcp_blu/images/garys-weather-stone-dyrmdaily-pic-of-the-day-570x426.jpg | 18:53 |
| *** piggz has quit IRC | 18:55 | |
| Tronic | Current weather is useful for not having to open the curtains and actually look outside, or even worse, opening the window to find out how warm it is. | 18:56 |
| admiral0 | use gary's forecasting stone you dummy | 18:57 |
| *** admiral0 has quit IRC | 18:59 | |
| *** niqt has joined #harmattan | 19:02 | |
| *** TNZ has joined #harmattan | 19:02 | |
| itsnotabigtruck | it would be nice if meecast would get with the program and use the right fonts | 19:03 |
| Corsac | itsnotabigtruck: I didn't really look at how the secure storage facilities worked, but what makes you say that? | 19:03 |
| itsnotabigtruck | typography matters, sheesh :p | 19:03 |
| itsnotabigtruck | Corsac: well, one of a zillion ways to get into your locked phone would be: | 19:04 |
| itsnotabigtruck | connect to the flash chips, put a payload in and get it to run during the boot sequence | 19:04 |
| itsnotabigtruck | disconnect and boot it up | 19:05 |
| itsnotabigtruck | and then use your payload to siphon off all the data | 19:05 |
| itsnotabigtruck | and that's just the naive way, there's no doubt simpler solutions | 19:05 |
| DocScrutinizer | meh, when you already have access to raw storage, then why not simply dump it to the in circuit debugger right away? | 19:06 |
| *** psycho_oreos has quit IRC | 19:06 | |
| itsnotabigtruck | DocScrutinizer: i think the assumption is that the data is in aegisfs | 19:06 |
| itsnotabigtruck | so the phone has to be online and pwned to get the data | 19:06 |
| DocScrutinizer | meh | 19:06 |
| itsnotabigtruck | but if you can get a shell on the phone, you can get into any aegisfs, so yeah | 19:06 |
| DocScrutinizer | ok | 19:06 |
| DocScrutinizer | the concept of "secure" storage that'S not unlocked by a password you have to enter each boot is broken by design | 19:07 |
| DocScrutinizer | the aegisfs idea of "secure" storage is just the augmentation of credentials per process to storage and files | 19:09 |
| SpeedEvil | It has some usages, if your attacker does not have root, and if your system is secure. | 19:09 |
| SpeedEvil | And your attacker can't do advanced ICD | 19:10 |
| DocScrutinizer | exactly, and that's about the only usage I could figure | 19:10 |
| DocScrutinizer | however this would be a simple matter of proper setting of permissions and ACLs in a regular aegis-free linux^Wunix | 19:11 |
| *** TNZ has quit IRC | 19:11 | |
| DocScrutinizer | so aegis is 99% about reinventing the wheel, to cope with problems we wouldn'T have without aegis | 19:12 |
| SpeedEvil | I suspect it may have been more interesting if finished. | 19:14 |
| SpeedEvil | For example - protected storage appears under a known per-app directory | 19:15 |
| SpeedEvil | they just have to treat it like normal files | 19:15 |
| virtuald | <3<3<3<3<3<3<3<3<3<3<3<3<3<3<3<3<3<3<3<3<3<3 | 19:28 |
| *** rlinfati has joined #harmattan | 19:33 | |
| DocScrutinizer | s/99/100/ | 19:33 |
| *** djszapiN9 has joined #harmattan | 19:33 | |
| DocScrutinizer | there's not a single evidence or instance where we missed aegis on fremantle | 19:34 |
| DocScrutinizer | so all it implements is for made up scenarios invented by platsec | 19:34 |
| DocScrutinizer | even the core reasoning which got conceniently quoted in | 19:35 |
| DocScrutinizer | ~aegis | 19:35 |
| infobot | http://www.developer.nokia.com/Community/Wiki/Harmattan:Developer_Library/Developing_for_Harmattan/Harmattan_security/Security_guide , or "The purpose of this framework is: ... to make sure that the platform meets the requirements set by third party software that requires a safe execution environment.", or http://en.wikipedia.org/wiki/Trusted_Computing#Criticism, or http://en.qi-hardware.com/w/images/1/10/ME_382_LockedUpTechnology2.gif | 19:35 |
| DocScrutinizer | is never really happening | 19:36 |
| DocScrutinizer | as there simply is no such 3rd party app, and never will be | 19:36 |
| DocScrutinizer | nota bene "safe execution environment" simply means "user got no means to run gdb or strace or whatever against the process, to crack any secret CSS keys or whatever" | 19:38 |
| *** vLassi_ has joined #harmattan | 19:41 | |
| *** dymaxion has quit IRC | 19:42 | |
| DocScrutinizer | security as defined by aegis never been about *your* security, it's always been about security of apps *from* you messing with them | 19:43 |
| DocScrutinizer | it's really brilliant how TrustedComouting apologetics and proponents managed to suggest to joe average user that it's not like that | 19:45 |
| DocScrutinizer | even 75% of platsec folks themselves believe in that lie | 19:45 |
| Corsac | DocScrutinizer: well, some people /do/ care about trusted computing for other stuff than drm | 19:47 |
| Corsac | DocScrutinizer: including people at TCF | 19:47 |
| Corsac | TCG* | 19:47 |
| DocScrutinizer | TC by design is at least not needed for anything except DRM in a broader sense | 19:48 |
| *** adlan_ has quit IRC | 19:48 | |
| DocScrutinizer | usually it's even useless for anything but exactly DRM and "ensuring safe environment" | 19:48 |
| DocScrutinizer | there have been working security solutions for all the supposed other usecases of TC since ages | 19:49 |
| DocScrutinizer | so it's fair to say TC got invented and is useful for DRM only | 19:50 |
| *** cvaldemar has quit IRC | 19:51 | |
| MohammadAG | why the fuck does the dorm table fuck the iPhone's and N950's screens | 19:51 |
| *** gabriel9 has joined #harmattan | 19:52 | |
| DocScrutinizer | MohammadAG: ??? | 19:53 |
| MohammadAG | DocScrutinizer, double tapping the N950 doesn't work | 19:54 |
| MohammadAG | and the sliding gesture sometimes fails midway | 19:55 |
| DocScrutinizer | seen here as well | 19:55 |
| MohammadAG | till I ground the device | 19:55 |
| DocScrutinizer | I always thought it's caused by RF interference from nearby LCD screens, PSUs etc | 19:55 |
| MohammadAG | ah, removing the iPhone from the metallic charger case fixes it | 19:55 |
| javispedro | the problem is clearly that you are holding them wrong | 19:56 |
| DocScrutinizer | and yes, I also could fix the issue by "grounding" the device by holding it with my other hand | 19:56 |
| DocScrutinizer | javispedro: exactly ;-D | 19:56 |
| DocScrutinizer | the electric design of the touchpanel controler/sensor is meant for a "touching object" that is connected to controller's GND | 19:57 |
| DocScrutinizer | random arbitrary isolatedobjects tend to not work correctly when tuching the screen | 19:58 |
| itsnotabigtruck | imo aegis would have been useful if it implemented role based access control | 19:59 |
| itsnotabigtruck | but there's existing rbac systems for linux that could have been used instead of setting up this new system | 19:59 |
| itsnotabigtruck | ones that are more proven security-wise | 19:59 |
| itsnotabigtruck | in a functioning security arrangement, methods of elevating privilege are kept to an absolute minimum | 20:00 |
| SpeedEvil | The autogeneration of credentials is in principle interesting. | 20:00 |
| itsnotabigtruck | e.g. only a tiny number of security-aware binaries are made setuid root on a normal linux system | 20:00 |
| SpeedEvil | If combined with a fine enough grained permission architecture, and sane permission review. | 20:00 |
| itsnotabigtruck | so in order to be secure, aegis should have been based around restricting credentials from those already there | 20:00 |
| itsnotabigtruck | instead of granting credentials out of thin air | 20:01 |
| itsnotabigtruck | which is just asking for insecurity | 20:01 |
| itsnotabigtruck | almost everything on harmattan is a p/e hole of some sort | 20:01 |
| SpeedEvil | I do not ever want a calculator program to be able to access the internet. It can have a small sandbox for storage - and that's it. | 20:01 |
| itsnotabigtruck | the package based policy generation is a cool idea, that no other distribution has picked up afaik | 20:01 |
| itsnotabigtruck | it's why selinux is so difficult to deal with, because you have to deal with this gigantic monolithic policy that's not integrated with anything and isn't very complete | 20:02 |
| MohammadAG | android does it best tbh | 20:03 |
| MohammadAG | iOS comes next when talking about location | 20:03 |
| DocScrutinizer | itsnotabigtruck: well that are implementation details simple to solve with a subdir structure like seen in /etc/*.d/* | 20:03 |
| MohammadAG | Apple knowing your location doesn't count | 20:03 |
| MohammadAG | but they failed with contacts | 20:04 |
| MohammadAG | Path and Twitter were both copying contacts server side with no prompt | 20:04 |
| MohammadAG | and Apple approved them | 20:04 |
| itsnotabigtruck | nice | 20:04 |
| MohammadAG | Apple's approval process is there for a reason, protecting Apple, not the user | 20:05 |
| DocScrutinizer | itsnotabigtruck: sudo had same issues until they came up with /etc/sudoers.d/$randomfilename | 20:05 |
| itsnotabigtruck | with something like selinux, the contacts data could be labeled contacts_t and the data could only go where the policy says the data can go | 20:05 |
| itsnotabigtruck | aegis completely ignores protecting the filesystem | 20:05 |
| DocScrutinizer | that's why they need aegisfs | 20:06 |
| itsnotabigtruck | and on a system like linux that is all about the filesystem | 20:06 |
| itsnotabigtruck | that's a grave mistake | 20:06 |
| MohammadAG | itsnotabigtruck, with android you get a list of what the app does | 20:06 |
| itsnotabigtruck | but aegisfs is only used for few and small things | 20:06 |
| DocScrutinizer | like tracker ;-P | 20:06 |
| * djszapiN9 rotlf-ing at the many security experts from out of the thin air | 20:06 | |
| MohammadAG | with iOS (for location and soon contacts), you get a prompt saying "App would like to use your location" | 20:06 |
| DocScrutinizer | tracker as well is about abandoning unix fs hierarchy | 20:06 |
| MohammadAG | djszapiN9, clearly Aegis's devs weren't one of them | 20:07 |
| javispedro | MohammadAG: IOS has the least granularity of all (same as webos) | 20:07 |
| MohammadAG | itsnotabigtruck, http://www.theverge.com/2012/2/7/2782947/path-ios-app-user-information-collected-privacy | 20:07 |
| MohammadAG | iOS* | 20:07 |
| MohammadAG | in any way | 20:07 |
| javispedro | basically the same security than on any average desktop | 20:07 |
| MohammadAG | this should be implemented API wise | 20:07 |
| MohammadAG | not with a lame security system | 20:07 |
| djszapiN9 | MohammadAG, android, meego etc replicated aegis in a way or other | 20:08 |
| javispedro | tbh | 20:08 |
| MohammadAG | if app uses location_get_current_location(), prompt the user, block the code | 20:08 |
| MohammadAG | djszapiN9, android replicated aegis? | 20:08 |
| djszapiN9 | so it does not seem too bad. | 20:08 |
| djszapiN9 | yes | 20:08 |
| javispedro | tbh I feel that if I had to "build" a security system with the same goals as aegis, I'd end up replicating aegis. | 20:08 |
| * javispedro wins most obvious sentence of the day award | 20:09 | |
| MohammadAG | javispedro, aegis's roles are? | 20:09 |
| DocScrutinizer | meh, and aegis replicated what? UNIX of 1948? Dang I have to tweak my ignore list | 20:09 |
| MohammadAG | I don't see android having the same crap as Aegis | 20:09 |
| javispedro | MohammadAG: minimal intrusiveness to existing apps, for example | 20:09 |
| MohammadAG | NoLED allows you to light up the screen, control brightness etc | 20:10 |
| javispedro | hmpf | 20:10 |
| MohammadAG | it's in the android market, tokens aren't denied | 20:10 |
| javispedro | policy, policy... | 20:10 |
| MohammadAG | whereas Aegis decides lighting up the LED blows up the user | 20:10 |
| itsnotabigtruck | imo just replicating the capability setups in android, symbian, whatever isn't good enough | 20:10 |
| MohammadAG | well yeah, Nokia's Aegis policy | 20:10 |
| itsnotabigtruck | i want to control exactly has access to what data | 20:10 |
| itsnotabigtruck | that means filesystem labeling | 20:10 |
| MohammadAG | javispedro, Apple has a sandbox | 20:10 |
| MohammadAG | you can't access contacts outside the Apple API | 20:10 |
| javispedro | (and webos, fwiw) | 20:11 |
| MohammadAG | not without using private headers I guess | 20:11 |
| itsnotabigtruck | that means not what android/harmattan/iphone/symbian/anything else have | 20:11 |
| javispedro | but what use is a sandbox if dialing numbers is public API | 20:11 |
| MohammadAG | javispedro, well, on iOS, not modifying filesystem files | 20:11 |
| djszapiN9 | itsnotabigtruck, wrong, we did such a thing in meego | 20:11 |
| MohammadAG | javispedro, on iOS you can't dial number unless you use openURL or whatever the method's called | 20:11 |
| javispedro | so you can =) | 20:12 |
| MohammadAG | and that opens the UI | 20:12 |
| MohammadAG | there's no way the user can't know | 20:12 |
| itsnotabigtruck | djszapiN9: in meego = in mssf2? | 20:12 |
| itsnotabigtruck | i haven't looked into mssf2 | 20:12 |
| djszapiN9 | no | 20:12 |
| javispedro | MohammadAG: not modifying system files sounds to me like usual root vs user separation, not sandboxing. Not modifying other app's files might be. | 20:12 |
| itsnotabigtruck | mssf2 uses smack and smack has labeling, right? | 20:12 |
| djszapiN9 | meego is upstream linux | 20:12 |
| MohammadAG | javispedro, no, iOS is like Symbian | 20:12 |
| DocScrutinizer | ACL | 20:12 |
| MohammadAG | every app has its private folder to write in, it can't access anything outside that | 20:12 |
| MohammadAG | whether it's another app's folder, or the filesystem itself | 20:13 |
| MohammadAG | javispedro, ^ | 20:13 |
| DocScrutinizer | lrn2ACL | 20:13 |
| DocScrutinizer | !!! | 20:13 |
| javispedro | so, not modifying each other app's files. | 20:13 |
| itsnotabigtruck | DocScrutinizer: linux ACLs aren't exactly a winning strategy | 20:13 |
| javispedro | in webos, they do this by basically just chroot apps | 20:13 |
| javispedro | *chrooting | 20:13 |
| MohammadAG | javispedro, not sure how Apple does | 20:13 |
| MohammadAG | it | 20:13 |
| MohammadAG | but basically, jailbreaking is breaking the sandbox | 20:13 |
| itsnotabigtruck | i guess you could build a system based around linux ACLs but as it stands hardly anything is ACL-aware | 20:13 |
| MohammadAG | and running unsigned code | 20:14 |
| DocScrutinizer | ooh but everything is aegis aware, right? | 20:14 |
| MohammadAG | sandboxed apps are still sanboxed though | 20:14 |
| djszapiN9 | DocScrutinizer, architecture wise, yes. | 20:14 |
| DocScrutinizer | why would I need to sign my code? | 20:14 |
| DocScrutinizer | damn, where are those ignore lists in this client? | 20:15 |
| DocScrutinizer | hope this "*" fixed the issue | 20:16 |
| itsnotabigtruck | DocScrutinizer: well, since aegis doesn't have any kind of file permission scheme, things generally don't need to be aegis-aware | 20:17 |
| itsnotabigtruck | aegis doesn't have that problem because it doesn't address that part of security | 20:17 |
| itsnotabigtruck | well, it sort of does, through regular unix permissions, but that doesn't count | 20:17 |
| *** piggz has joined #harmattan | 20:19 | |
| * djszapiN9 is proud of the aegis team's work. | 20:19 | |
| DocScrutinizer | apps in OVI store are under Nokia control, no need to sign them. If I don't install any app from outside OVI, I have no potentially dangerous apps on my system. When all apps are properly installed under root-only-writable perms, no rogue app can alter code of installed apps... I really fail to see the whole purpose, for anything except "3rd party software that needs a 'secure evironment' to run" - read things like MP3 players that don' | 20:19 |
| DocScrutinizer | t allow to copy or re-record your music you paid for | 20:19 |
| itsnotabigtruck | aegis would have been a lot more useful if a) it provided more comprehensive protection, b) everything was comprehensively audited, c) it was used for things beyond just keeping 3rd party apps from doing certain things | 20:20 |
| itsnotabigtruck | it's not a bad concept, but i don't think it turned out the way it could have | 20:21 |
| SpeedEvil | Iut was planned for a billion phones. | 20:21 |
| djszapiN9 | interesting that certain person(s) have the same lack of understanding as one year ago. | 20:22 |
| itsnotabigtruck | DocScrutinizer: well, *in theory* it allows ovi qa to assume that an app is only capable of doing things in a bounded set | 20:23 |
| itsnotabigtruck | so if the program doesn't declare it can send text messages, it can't send text messages | 20:23 |
| DocScrutinizer | so what? | 20:23 |
| itsnotabigtruck | which means there isn't a risk of a logic bomb that goes and sends premium text messages to russia or whatever | 20:23 |
| itsnotabigtruck | but really, this is a problem with auditing programs without the source code | 20:23 |
| DocScrutinizer | this is done by madde or whatever now, and could be done as well on ovi store evaluation | 20:24 |
| DocScrutinizer | no friggin need to sign anything | 20:24 |
| itsnotabigtruck | but i'd bet most commercial developers wouldn't be too happy with sending all teh source to ovi to have it audited and built on their side | 20:24 |
| itsnotabigtruck | but if you're dead serious about screening apps that's what would have been needed | 20:24 |
| djszapiN9 | *rotfl* | 20:24 |
| DocScrutinizer | itsnotabigtruck: that's about proper dropping of posix credentials | 20:25 |
| DocScrutinizer | not about an idiotic signing scheme | 20:25 |
| djszapiN9 | yes sure, commercial companies like rovio gives out their value for fun.... | 20:25 |
| itsnotabigtruck | DocScrutinizer: posix capabilities don't do anything about tasks like text messages | 20:25 |
| DocScrutinizer | oopsa capas, yes | 20:25 |
| javispedro | no | 20:26 |
| javispedro | I mean | 20:26 |
| javispedro | Doc is right | 20:26 |
| itsnotabigtruck | djszapiN9: well, i did just say that i doubt many commercial outfits would go along with it :p | 20:26 |
| javispedro | if by "posix credentials" you mean gids, etc. | 20:26 |
| *** piggz has quit IRC | 20:27 | |
| *** gabriel9 has quit IRC | 20:27 | |
| javispedro | hrmpf, left the N950 GPS for a 10 minutes, in stable position, got ~500 points, bounding box area around 0.3 square frigging _KM_ | 20:28 |
| DocScrutinizer | well, maybe posix capas are not as finegrained as you'd wnat them to be. So what? Go improve / augment them. You don't need any signing of pkgs to do so | 20:28 |
| itsnotabigtruck | DocScrutinizer: the thing is that posix capabilities are exclusively about administrative tasks | 20:29 |
| SpeedEvil | javispedro: Extreme solutions happen. | 20:29 |
| djszapiN9 | why wouldn't you ? | 20:29 |
| itsnotabigtruck | if you're not root, you normally don't have any capabilities, and that's how it should be | 20:29 |
| itsnotabigtruck | it should be extremely rare for a user app to assert posix capabilities | 20:29 |
| javispedro | itsnotabigtruck: DocScrutinizer: that's why I said that Doc was right in saying "credentials", not capas | 20:29 |
| javispedro | itsnotabigtruck: DocScrutinizer: credentials include pid, uid, gids, etc. | 20:29 |
| DocScrutinizer | :nod: so I was right :-) | 20:30 |
| SpeedEvil | javispedro: http://wiki.maemo.org/N900_Hardware_GPS - 100m errors occurred about every 2000th sample on average. | 20:30 |
| djszapiN9 | no he was wrong | 20:30 |
| DocScrutinizer | we'd not need a restok and other shit to get there | 20:30 |
| javispedro | SpeedEvil: I am trying to deduce if sw is filtering or not | 20:31 |
| djszapiN9 | actually quite wrong | 20:31 |
| DocScrutinizer | and for sure we'd not need any hashes | 20:31 |
| DocScrutinizer | and signatures | 20:31 |
| djszapiN9 | please note that it is called capabilities.h, and not just for fun | 20:31 |
| *** piggz has joined #harmattan | 20:32 | |
| djszapiN9 | anyway, i so not see the point in this discussion | 20:32 |
| djszapiN9 | i do not see any fruit of it just randomly training minds. | 20:32 |
| *** MohammadAG has quit IRC | 20:32 | |
| *** MohammadAG has joined #harmattan | 20:32 | |
| djszapiN9 | feel free to send me the architecture from a-z for a full replacement. | 20:33 |
| itsnotabigtruck | yeah...the last thing we need is another endless back and forth about aegis | 20:33 |
| djszapiN9 | that would be fruitful. | 20:33 |
| itsnotabigtruck | djszapiN9: well, the problem isn't coming up with one, it's pulling it off | 20:34 |
| djszapiN9 | ... | 20:34 |
| itsnotabigtruck | since aegis is part of everything it's not like it's easy to swap something else in | 20:34 |
| djszapiN9 | nah, you do not listen | 20:34 |
| djszapiN9 | come up with an architecture which would be sensible. | 20:35 |
| djszapiN9 | and try to make it work on mer eg. | 20:35 |
| djszapiN9 | wr have heard enough guys saying "the big things" | 20:36 |
| djszapiN9 | i would like to see an architecture proposal. | 20:36 |
| djszapiN9 | swearing randomly is possible any architecture and implementation. | 20:37 |
| itsnotabigtruck | djszapiN9: well, one approach would be to use selinux, and implement something like aegis-install that produces policy at install time | 20:38 |
| djszapiN9 | about*, let us make it fruitful and get a proposal with an overthought architecture. | 20:38 |
| itsnotabigtruck | the problem is that selinux is complicated and that means defining policy is complicated | 20:38 |
| djszapiN9 | hahahaha | 20:38 |
| itsnotabigtruck | but the complication could be simplified from the pov of app packagers | 20:39 |
| javispedro | so, what does selinux have that aegis doesn't? | 20:39 |
| djszapiN9 | you seem to be a new guy in security altogether | 20:39 |
| itsnotabigtruck | javispedro: file labeling | 20:39 |
| itsnotabigtruck | roles | 20:39 |
| DocScrutinizer | credibility | 20:39 |
| itsnotabigtruck | right, it's well analyzed | 20:39 |
| djszapiN9 | javispedro, overcomplexity | 20:39 |
| itsnotabigtruck | djszapiN9: a lot of the complexity is due to the "reference policy" | 20:39 |
| itsnotabigtruck | this would be something different | 20:39 |
| djszapiN9 | turning into useless category just as linus torvalds and others wrote.... | 20:40 |
| * javispedro is yet to see a "security paradigm" that cannot be implemented by traditional users and groups | 20:40 | |
| DocScrutinizer | exactly | 20:40 |
| DocScrutinizer | except DRM signing TC shit | 20:40 |
| djszapiN9 | javispedro, no security system is implemented luke that for obvious reasons | 20:41 |
| djszapiN9 | especially for mobile. | 20:41 |
| itsnotabigtruck | here's the problem: aegis could be the best shit ever, and you guys would still complain about it endlessly because it's not what you're used to (classic linux permissions) | 20:41 |
| DocScrutinizer | no | 20:41 |
| javispedro | itsnotabigtruck: no | 20:42 |
| *** arcean_ has joined #harmattan | 20:42 | |
| djszapiN9 | ...and this swearing i do not need about our job. | 20:42 |
| javispedro | If classic unix users and groups were to be used to lock me out of my device, I would still complain. | 20:42 |
| DocScrutinizer | I would ask why the fsck we *need* it first instance | 20:42 |
| djszapiN9 | good luck with swearing guys | 20:42 |
| djszapiN9 | and with the time wasting :d | 20:42 |
| itsnotabigtruck | DocScrutinizer: because classic linux users and groups are extremely difficult to use for anything more than simple access control | 20:43 |
| DocScrutinizer | as elaborated above there's nothing in aegis that can't be done (better) in any of the already known concepts like SElinux etc - except that deprivation of root rights from user | 20:43 |
| itsnotabigtruck | like keeping users separate, and only letting root change the system | 20:43 |
| *** arcean has quit IRC | 20:44 | |
| itsnotabigtruck | but the goal here is to allow applications to be confined to precisely what the user is comfortable with allowing and absolutely no more | 20:44 |
| itsnotabigtruck | and to prevent applications from wreaking havok if they get exploited | 20:44 |
| itsnotabigtruck | for example, the web browser should be extremely confined | 20:44 |
| DocScrutinizer | sigh yeah, it never worked for the last 40 years, we needed aegis to finally come up with a solution to this age old problem :-P | 20:44 |
| *** djszapi has joined #harmattan | 20:45 | |
| djszapi | kernel.org was hacked recently. | 20:45 |
| djszapi | how does it work ? | 20:45 |
| itsnotabigtruck | DocScrutinizer: you're being facetious but - you're right, it did never work for the last 40 years | 20:45 |
| DocScrutinizer | BWAHAHA | 20:45 |
| javispedro | djszapi: one could argue that aegis has been cracked numerous times. I'm not counting implementation bugs towards the quality of the design of a security software. | 20:45 |
| itsnotabigtruck | it worked for what it's for, but it doesn't work for the level of sandboxing i'm describing | 20:45 |
| itsnotabigtruck | that's precisely why mandatory access control exists | 20:45 |
| djszapi | javispedro: you propose that once I get the root password I can do anything on your system ? | 20:46 |
| itsnotabigtruck | javispedro: the problem is that aegis has a security model that lends itself to being cracked, because almost everything that requires permissions has to be trusted to be perfectly secure | 20:46 |
| DocScrutinizer | we're spinning in circles here, I'm off | 20:46 |
| djszapi | seriously, kernel.org -> yay linux security \o/ | 20:46 |
| djszapi | very proven.... | 20:48 |
| itsnotabigtruck | djszapi: well...that was just due to not following good server security practices | 20:48 |
| djszapi | hahahaha | 20:48 |
| *** niqt has quit IRC | 20:49 | |
| djszapi | surely, the kernel.org server was maintained by graduated students having zero knowledge. | 20:49 |
| javispedro | itsnotabigtruck: "almost everything that requires permissions has to be trusted to be perfectly secure" I fail to understand how any security system in the world could fix this. | 20:49 |
| djszapi | nothing can fix that, obviously. | 20:49 |
| itsnotabigtruck | javispedro: but the thing is that aegis centers around granting privileges to processes when they're launched from something unprivileged | 20:50 |
| * djszapi is amazed this time the kernel.org server maintainers made a crappy job according to itsnotabigtruck | 20:50 | |
| itsnotabigtruck | it's like a system where half of everything is setuid root | 20:50 |
| djszapi | funny to hear everybody is getting crappy, quite funny really :) | 20:51 |
| itsnotabigtruck | djszapi: i think you're taking what i said the wrong way... | 20:51 |
| itsnotabigtruck | i mean obviously we all have the benefit of hindsight | 20:51 |
| itsnotabigtruck | if somebody got hacked, then they were doing something wrong | 20:51 |
| djszapi | no, you always call everybody crappy | 20:51 |
| djszapi | last time our job about the standard... | 20:51 |
| djszapi | I am quite tired of it... | 20:51 |
| Tronic | Seriously, everything of interest will get hacked, sooner or later. | 20:52 |
| itsnotabigtruck | sure, it's bloody hard to anticipate exactly what you could be doing wrong until something bad happens | 20:52 |
| itsnotabigtruck | i didn't say locking things down was easy | 20:52 |
| djszapi | but also the json guysmaking the official page etc, they did not know what they wrote about etc | 20:52 |
| itsnotabigtruck | djszapi: that isn't what i said, you keep twisting my words and turning everything into a black and white matter | 20:52 |
| djszapi | cannot take comments too seriously after "everybody is making wrong" :) | 20:52 |
| itsnotabigtruck | there is no such thing as black or white | 20:52 |
| Tronic | They have hacked aircraft carriers, FBI and plenty of other very safety-critical systems already. | 20:52 |
| dm8tbr | could you just stop trolling each other? KTX | 20:53 |
| Tronic | kernel.org is obviously a high-profile target and it is astonishing that they managed to hold it that far. | 20:53 |
| itsnotabigtruck | Tronic: safety critical usually = hesitant to apply security updates | 20:54 |
| djszapi | exactly, especially with the Linux stuff | 20:54 |
| itsnotabigtruck | and no one wants to touch it | 20:54 |
| djszapi | though, "hold it that far" is not quite right since it was not the first. | 20:54 |
| itsnotabigtruck | but yeah, if you want something to be secure, airgap it | 20:54 |
| itsnotabigtruck | or better yet, encase it in concrete and drop it in the ocean ;) | 20:54 |
| djszapi | quite frankly, I listen to this conversation, and I do not see outcome. | 20:55 |
| djszapi | no any fruit. | 20:55 |
| djszapi | random ideas around without anybody making an architecture documentation and at least draft. | 20:55 |
| djszapi | so that we could study the "big things". | 20:56 |
| *** Anssi138 has joined #harmattan | 21:00 | |
| djszapi | it is not accident nobody used ACL out of the known linux mobile distributions. | 21:00 |
| djszapi | I know, Google, Nokia, Intel etc sucked as the usual saying here... :) | 21:00 |
| itsnotabigtruck | djszapi: well, it's not like anyone sets out to make something that doesn't work...everybody's talking about everything with the benefit of hindsight | 21:01 |
| djszapi | benefit of what ? | 21:02 |
| itsnotabigtruck | it's not like any of these things that "sucked" (your turn of phrase, not mine) were built by idiots | 21:02 |
| djszapi | you did not listen to others | 21:02 |
| djszapi | Doc* said many times we were idiots | 21:02 |
| itsnotabigtruck | hindsight, as in, looking back at how something turned out, with the lessons learned since | 21:02 |
| djszapi | retarded idiots or something like that | 21:02 |
| djszapi | it is /not/ my turn | 21:02 |
| djszapi | I have been told word by word that way. | 21:03 |
| djszapi | many times. | 21:03 |
| *** hhartz has joined #harmattan | 21:03 | |
| itsnotabigtruck | how something is intended to be, and how it ends up being, are very different things, and it's easy to criticize after the fact | 21:03 |
| djszapi | I see zero technical critizising. | 21:03 |
| itsnotabigtruck | but criticism is still important since that's how you avoid the same problems again | 21:03 |
| djszapi | since I have not still received a better architecture idea | 21:04 |
| djszapi | or implementation. | 21:04 |
| itsnotabigtruck | well, i made my fair share of technical criticisms just now | 21:04 |
| itsnotabigtruck | well, 15 mins ago | 21:04 |
| djszapi | where is the architecture documentation ? | 21:04 |
| djszapi | from A-Z ? | 21:04 |
| *** ChanServ sets mode: +o dm8tbr | 21:05 | |
| itsnotabigtruck | that's a rather ridiculous demand | 21:05 |
| itsnotabigtruck | love aegis, or write a zillion page manual about an alternative? | 21:05 |
| djszapi | itsnotabigtruck: no, you can copy the same architecture and fix up parts. | 21:05 |
| *** dm8tbr sets mode: +q djszapi!*@* | 21:05 | |
| *** dm8tbr sets mode: +q itsnotabigtruck!*@* | 21:05 | |
| dm8tbr | I asked kindly | 21:05 |
| javispedro | can I talk about my stupid GPS things no one is interested in now? :D KTHXBYE! | 21:06 |
| dm8tbr | javispedro: you've got a GPS thingy? is that contagious? ;) | 21:08 |
| *** dm8tbr sets mode: -qq djszapi!*@* itsnotabigtruck!*@* | 21:09 | |
| itsnotabigtruck | heh | 21:09 |
| itsnotabigtruck | javispedro: gps things? like the waas business from the other day? | 21:10 |
| javispedro | nah, just kidding, still doing accuracy tests | 21:10 |
| dm8tbr | just GPS or against the whole positioning thing in harmattan? | 21:11 |
| javispedro | just GPS, although I have to let the data go through positioningd because I don't know how to speak the raw GPS proto | 21:12 |
| javispedro | and I suspect it is doing Kalman or similar filtering | 21:12 |
| dm8tbr | ic | 21:12 |
| djszapi | dm8tbr: please write into the topic, if security cannot be discussed. I would be the happiest. | 21:13 |
| *** teleshoes has joined #harmattan | 21:13 | |
| djszapi | there was no "trolling", at least I did not get itsnotabigtruck that way. | 21:13 |
| djszapi | not sure what he thinks. | 21:13 |
| dm8tbr | djszapi: at least he got the clue, you apparently didn't. now be a good boy and shut up. | 21:14 |
| itsnotabigtruck | well, i don't think it was trolling, but i can see why everyone's tired of more aegis back-and-forths | 21:14 |
| javispedro | /join #harmattan-security :D | 21:14 |
| djszapi | itsnotabigtruck: exactly, that is why I suggested the topic extension. | 21:14 |
| itsnotabigtruck | djszapi: but banning security talk would be strange, for one this is the main place people ask for help from with aegis | 21:14 |
| djszapi | it was way unhealthy topic many times already last summer. | 21:14 |
| itsnotabigtruck | bbiaf | 21:15 |
| itsnotabigtruck | aww, no one there @javispedro | 21:15 |
| djszapi | help is okay, but not arguing and calling others' job shit or retarded itiots. | 21:15 |
| djszapi | idiots* | 21:15 |
| dm8tbr | djszapi: you already have your special bit especially for you in the topic. one per person, sorry. | 21:15 |
| *** dm8tbr sets mode: +q djszapi!*@* | 21:15 | |
| dm8tbr | I can also make you shut up if I have to... | 21:15 |
| *** gabriel9 has joined #harmattan | 21:15 | |
| dm8tbr | and apparently I do have to :( | 21:16 |
| *** vLassi_ has quit IRC | 21:27 | |
| *** djszapiN9 has quit IRC | 21:31 | |
| *** risca has joined #harmattan | 21:33 | |
| Anssi138 | damn i missed good old fashioned security discussion. | 21:33 |
| itsnotabigtruck | lol | 21:33 |
| * matrixx just got some popcorn but the show was already over :( | 21:33 | |
| Anssi138 | <- likes aegis. | 21:35 |
| javispedro | ~lart Anssi138 | 21:36 |
| * infobot DoSes Anssi138 | 21:36 | |
| *** liar has quit IRC | 21:36 | |
| itsnotabigtruck | lol | 21:36 |
| matrixx | :D | 21:36 |
| javispedro | dm8tbr: unmute djszapi already, the discussion can continue on #harmattan-security | 21:37 |
| *** djszapi has left #harmattan | 21:37 | |
| *** dm8tbr sets mode: -q djszapi!*@* | 21:38 | |
| dm8tbr | javispedro: the guy sadly doesn't get a clue, even if it comes as a 2x4 | 21:39 |
| javispedro | .oO(doh) | 21:39 |
| Anssi138 | 8 ? | 21:39 |
| Anssi138 | but yep. | 21:39 |
| SpeedEvil | javispedro: ?Has someone suggested that it might be cell-positions ? | 21:40 |
| javispedro | SpeedEvil: technically I've tried to configure it to avoid cell positions; also, cell positioning would be more accurate | 21:40 |
| javispedro | than the readings I'm getting | 21:40 |
| javispedro | in any case it seems like it does not like this place | 21:40 |
| * javispedro curses that the qt-sdk updater umask seems to be 0077 | 21:41 | |
| *** teleshoes has quit IRC | 21:48 | |
| *** piggz has quit IRC | 21:49 | |
| MohammadAG | oooh, my hard drive clicked again | 21:54 |
| gabriel9 | i just buyed xbox 360 | 21:58 |
| gabriel9 | and now i don't know what to do with it :/ | 21:58 |
| gabriel9 | i can't install Linux on it | 21:58 |
| DocScrutinizer | MohammadAG: clicking HDD shouldn't concern you | 21:58 |
| DocScrutinizer | hdparm -S $yourdrive will cause that | 21:58 |
| mgedmin | MohammadAG, because you have up-to-date backups, right? ;) | 21:58 |
| javispedro | gabriel9: you can pair it with lumia | 21:58 |
| javispedro | gabriel9: though garbage+garbage is still garbage ;P | 21:59 |
| gabriel9 | i don't want to do that :D | 21:59 |
| MohammadAG | mgedmin, because I have no backups | 21:59 |
| MohammadAG | or a place to backup to | 21:59 |
| DocScrutinizer | clicking is caused by heads parking | 21:59 |
| MohammadAG | DocScrutinizer, that's normal clicking | 21:59 |
| MohammadAG | this is the clicking you hear when the power's out in a spinning disk | 21:59 |
| javispedro | you can also check SMART | 22:00 |
| MohammadAG | that can check my ass | 22:00 |
| DocScrutinizer | yu should check smart indeed | 22:00 |
| MohammadAG | only time it worked was when it was too late | 22:00 |
| MohammadAG | for me at least | 22:00 |
| *** gabriel9 has quit IRC | 22:00 | |
| javispedro | not saying that it will say "YOUR HDD WILL DIE IN 3 WEEKS, 1 DAY, 4 HOURS AND 57 MINUTES" but at least it will tell if it is the head parking or what | 22:01 |
| DocScrutinizer | well, any unusual clicking would mean heads running into a stopper, which implies positioning error that shall get noticed by smart | 22:01 |
| SpeedEvil | Or simply the head parking. | 22:02 |
| DocScrutinizer | I already mentioned that, yes | 22:02 |
| DocScrutinizer | [2012-03-18 20:59:48] <MohammadAG> DocScrutinizer, that's normal clicking | 22:02 |
| DocScrutinizer | which implies for me the clicking was not normal | 22:03 |
| MohammadAG | DocScrutinizer, javispedro SMART tests passed | 22:08 |
| javispedro | not the tests | 22:09 |
| javispedro | check the counters | 22:09 |
| javispedro | and compare after a few days | 22:09 |
| javispedro | specially after hearing one such click | 22:09 |
| RST38h | Meanwhile: Downloading music, movies, e-books and Apps could soon cost Connecticut residents more as lawmakers consider a tax on digital downloads. The bill, proposed by the General Assembly's Finance, Review and Bonding Committee, would have consumers pay the 6.35% sales tax on any electronic transfer. | 22:21 |
| RST38h | Moo, javispedro | 22:21 |
| itsnotabigtruck | MohammadAG: check the SMART statistics | 22:22 |
| itsnotabigtruck | oh, you already did | 22:22 |
| itsnotabigtruck | looks like i missed gabriel9, but...he could play games with it >_> | 22:23 |
| DocScrutinizer | RST38h: how much costs one byte? | 22:24 |
| RST38h | Doc: You can ask CT legislature | 22:24 |
| RST38h | But I suggest you ask them what "byte" is first. | 22:25 |
| itsnotabigtruck | i just realized why people are getting this "package syntax invalid" message | 22:26 |
| itsnotabigtruck | they're trying to wget my example url | 22:26 |
| itsnotabigtruck | http://awesome.tld/awesomeapp/install.deb | 22:26 |
| itsnotabigtruck | lol | 22:26 |
| itsnotabigtruck | which is producing a bogus file, which they then try to install with incept | 22:26 |
| RST38h | bad idea to create such urls | 22:26 |
| itsnotabigtruck | RST38h: but it's not even a valid domain name! | 22:27 |
| javispedro | why is it producing a bogusfail? | 22:27 |
| javispedro | *file | 22:27 |
| itsnotabigtruck | javispedro: i think wget sometimes writes error messages to the output file | 22:28 |
| javispedro | that's impossible | 22:28 |
| javispedro | unless .... | 22:28 |
| itsnotabigtruck | javispedro: nm, i was thinking of curl | 22:28 |
| itsnotabigtruck | it creates an empty file | 22:28 |
| itsnotabigtruck | *it = wget | 22:28 |
| javispedro | you are with one of those ISPs that hide NXDOMAIN failures and return a spam page | 22:28 |
| itsnotabigtruck | nah, it's not that | 22:28 |
| itsnotabigtruck | it's that wget opens the output file before trying to connect | 22:29 |
| itsnotabigtruck | curl actually does write error messages to the output file unless you tell it you want to actually fail on errors | 22:29 |
| itsnotabigtruck | so you'll end up with a file containing "file not found" or something | 22:29 |
| * RST38h found that Android users are unable to input series of numbers into their phones. Found it the hard way. | 22:31 | |
| *** piggz has joined #harmattan | 22:31 | |
| RST38h | Which by the way created an interesting intellectual problem: how do you create UI for people who cannot folllow repeatedly given instructions. I am feeling like Steve Jobs tonight. | 22:37 |
| Piru | users are idiots | 22:45 |
| *** ajalkane has joined #harmattan | 22:52 | |
| *** liar has joined #harmattan | 23:05 | |
| *** niqt has joined #harmattan | 23:07 | |
| *** hardaker has quit IRC | 23:08 | |
| *** hhartz has quit IRC | 23:11 | |
| *** jaywink has quit IRC | 23:11 | |
| ajalkane | anyone know what I have to select from QtCreator's update tool, to get the harmattan APIs like "gconfitem" ? | 23:13 |
| ajalkane | There's in the Update tool "Harmattan development environment", which is installed, but also one in the "Experimental" section | 23:13 |
| *** zk8 has joined #harmattan | 23:14 | |
| *** kakashi__ has joined #harmattan | 23:15 | |
| *** kakashi__ has joined #harmattan | 23:15 | |
| *** javispedro has quit IRC | 23:15 | |
| *** kakashi___ has quit IRC | 23:16 | |
| *** tgalal has joined #harmattan | 23:18 | |
| tgalal | on scratchbox if I try to use the accounts API, as soon as I create a Manager instance I get "Manager could not be created. DB is locked". any idea ? | 23:19 |
| Anssi138 | is there manager already created? | 23:22 |
| tgalal | Anssi138: nope, not by me. It's very similar to this issue: http://www.developer.nokia.com/Community/Discussion/showthread.php?231594-Unable-to-use-accounts-qt-framework-in-scratchbox.-Accounts-DB-locked | 23:23 |
| Anssi138 | if you find the db, the "fuser" shows who is using it. | 23:23 |
| Anssi138 | oukkidoukki | 23:24 |
| tgalal | fuser is usable from scratchbox ? | 23:24 |
| *** deimos has joined #harmattan | 23:25 | |
| tgalal | Anssi138: nm, went through from outside and killed the process that was using .accounts/accounts.db, but the same error displays and nothing is using that db file | 23:27 |
| tgalal | I suppose that means there is another db | 23:27 |
| liar | does anybody of you develop for the nokia n9 on a x86_64 arch linux (or similar) system? | 23:28 |
| tgalal | liar: yeah me | 23:29 |
| liar | tgalal: can you help me setting it up? i've got a problem with qemu i think | 23:29 |
| Anssi138 | tgalal: maybe there is just something else then. | 23:29 |
| tgalal | liar: I couldn't run qemu, I'm using scratchbox. | 23:29 |
| liar | isnt scratchbox using qemu? | 23:30 |
| liar | i do get "Error -8 while loading /usr/bin/apt-get"... | 23:30 |
| tgalal | liar: I don't know lol. probably. | 23:32 |
| tgalal | not sure what that error means though | 23:32 |
| liar | i suppose its comming from qemu-armeb-sb and means "Exec format error" | 23:33 |
| *** zk8 has quit IRC | 23:35 | |
| liar | ah.. apparently i was using the wrong cpu-transparency method | 23:36 |
| *** gabriel9 has joined #harmattan | 23:48 | |
| *** ajalkane has quit IRC | 23:55 | |
Generated by irclog2html.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!
