IRC log of #maemo for Tuesday, 2017-09-12

« Monday, 2017-09-11 Index Wednesday, 2017-09-13 »
*** atk has quit IRC00:16
*** atk has joined #maemo00:16
*** atk is now known as t-00:17
*** t- is now known as Arch-TK00:21
*** Arch-TK is now known as t-00:21
*** t- is now known as atk00:29
*** luke-jr has quit IRC00:33
*** err0r3o3_ has quit IRC00:56
*** err0r3o3 has joined #maemo00:59
*** xy2_ has quit IRC01:03
*** Pali has quit IRC01:24
*** florian has quit IRC01:45
*** xorly has quit IRC02:01
*** jrayhawk has quit IRC02:20
*** jrayhawk has joined #maemo02:20
*** Kabouik_ has quit IRC02:22
*** Kabouik_ has joined #maemo02:26
*** pagurus has quit IRC02:27
*** pagurus has joined #maemo02:28
*** luke-jr has joined #maemo02:46
*** Kabouik_ has quit IRC03:46
*** Kabouik_ has joined #maemo03:46
*** LauRoman has quit IRC03:49
*** luke-jr has quit IRC03:57
*** frals has quit IRC04:04
*** yosafbridge has quit IRC04:14
*** yosafbridge has joined #maemo04:15
*** frals has joined #maemo04:22
*** frals has joined #maemo04:22
*** Kabouik_ has quit IRC04:24
*** dafox has quit IRC04:36
*** DocScrutinizer05 has quit IRC04:56
*** DocScrutinizer06 has joined #maemo04:56
*** DocScrutinizer06 is now known as DocScrutinizer0504:56
*** DocScrutinizer05 has quit IRC04:58
*** DocScrutinizer05 has joined #maemo04:59
*** luke-jr has joined #maemo05:24
*** mva has quit IRC06:16
*** mva_ has joined #maemo06:16
*** luke-jr has quit IRC06:43
*** LauRoman has joined #maemo07:02
*** Kilroo has quit IRC07:26
*** spiiroin has quit IRC07:42
*** Kilroo has joined #maemo07:51
*** Milhouse has quit IRC08:37
*** xy2_ has joined #maemo08:46
*** Milhouse has joined #maemo08:51
*** spiiroin has joined #maemo08:53
*** Milhouse has quit IRC09:12
*** xy2_ has quit IRC09:17
*** xorly has joined #maemo09:18
*** Milhouse has joined #maemo09:26
*** dmth|intevation has joined #maemo09:35
*** rhn_mk1 has joined #maemo09:40
*** rhn_mk1 has joined #maemo09:40
*** FalconSpy_ has joined #maemo09:45
*** FalconSpy_ has quit IRC09:45
*** FalconSpy has quit IRC09:46
*** florian has joined #maemo09:56
*** HTTP_____GK1wmSU has joined #maemo10:07
*** HTTP_____GK1wmSU has left #maemo10:10
*** HTTP_____GK1wmSU has joined #maemo10:24
*** HTTP_____GK1wmSU has left #maemo10:26
*** freemangordon_ has joined #maemo10:32
*** geaaru has joined #maemo10:38
*** FalconSpy has joined #maemo10:51
*** eMHa has quit IRC11:00
*** xorly has quit IRC11:30
*** eMHa has joined #maemo11:34
*** xray256 has quit IRC11:38
*** wnd has quit IRC11:40
*** wnd has joined #maemo11:40
freemangordon_merlin1991: ping11:43
*** xray256 has joined #maemo11:51
*** deepa is now known as deepy11:52
DocScrutinizer05moin11:56
*** cyteen has quit IRC11:58
*** freemangordon_ has quit IRC12:14
*** Kabouik_ has joined #maemo12:28
*** mva_ is now known as mva12:34
*** spiiroin has quit IRC12:47
*** buZz is now known as buZz212:51
*** buZz2 is now known as buZz12:51
*** spiiroin has joined #maemo13:15
*** jonwil has joined #maemo13:54
jonwilhi13:55
*** cyteen has joined #maemo14:05
*** err0r3o3 has quit IRC14:06
*** err0r3o3 has joined #maemo14:13
*** freemangordon_ has joined #maemo14:16
*** wnd has quit IRC14:19
*** wnd has joined #maemo14:19
*** ketar has joined #maemo14:32
DocScrutinizer05freemangordon: ping14:33
DocScrutinizer05>>To use AES on N900 you need to flash special boot loader.<<14:36
*** err0r3o3 has quit IRC14:43
freemangordon_DocScrutinizer05: pong14:44
DocScrutinizer05you know this crypto NOLO?14:44
*** err0r3o3 has joined #maemo14:45
freemangordon_yes14:45
DocScrutinizer05good :-)14:45
*** xray256 has quit IRC14:45
DocScrutinizer05should CSSU... ?14:45
freemangordon_it enables AES IP in the L2 firewall, iirc14:45
DocScrutinizer05yep14:45
DocScrutinizer05http://susepaste.org/2506217514:46
freemangordon_re cssu - there is not much use of that AES, it is slower than doing it on MPU14:46
DocScrutinizer05duh!14:47
freemangordon_it makes sense if we do some mobile payments or such, which we don't :)14:47
DocScrutinizer05but it's a coproc, right? so it could run concurrently to "normal" tasks, e.g. for disk encryption14:48
freemangordon_iirc somebody tried it, and there is no gain, on the contrary14:48
DocScrutinizer05dang14:48
freemangordon_yes, it is coproc14:48
freemangordon_but you do supervisor call, iirc, with all the nasty contexts switches etc14:49
DocScrutinizer05I see14:49
freemangordon_there should be a thread on TMO with the results14:50
DocScrutinizer05does the NOLO itself reveal something, at least. EG when comparing it to default xloader/nolo?14:50
DocScrutinizer05I mean, maybe we got a second signature, cracking would be more than twice as fast with two than with just one signature - in theory ;-D14:52
DocScrutinizer05and maybe this is BS I pulled right outa my read14:52
DocScrutinizer05rear even14:53
freemangordon_you mean 2^127 years instead of 2^128? :p14:53
DocScrutinizer05yes, this sort of thing ;-P14:53
DocScrutinizer05I'm still totally unclear about signatires of xloader in GP SoC14:54
DocScrutinizer05does GP also have a L2 FW?14:55
DocScrutinizer05I'd assume they build the very same chip, incl all IP, and just change the xloader and signature14:56
DocScrutinizer05resp L2 config14:56
DocScrutinizer05a mere guess14:56
freemangordon_iirc, yes, there is L2 firewall on gp devices14:57
DocScrutinizer05and the L2 config is completely done in xloader, or would GP and HS have different ROMBL (apart from obviously different signatures/keys)?14:58
*** xray256 has joined #maemo14:58
DocScrutinizer05iirc the omapedia about bootloader said you need to sign xloader for GP too (they don't even cover HS devices there)14:59
DocScrutinizer05~listvalues omapedia15:00
infobotFactoid search of 'omapedia' by value returned no results.15:00
freemangordon_sure GP xloader needs to be signed15:01
DocScrutinizer05~listvalues omappedia15:01
infobotFactoid search of 'omappedia' by value returned no results.15:01
freemangordon_but it is not a problem as the keys are known15:01
freemangordon_though I don;t remember signing xloader for BB back then15:02
freemangordon_though it could be that I just forgot15:03
DocScrutinizer05http://omappedia.org/wiki/Bootloader_Project15:03
DocScrutinizer05>>Note: If you are using an HS (High Security) OMAP device, an extra step is required. First, build x-load.bin using the steps above. Then, download the MShield signing tool and use the commands below. Contact your TI representative to get access to this tool.<<  o.O15:04
DocScrutinizer05now who's at home in darknet? ;-) find that tool15:06
DocScrutinizer05though... prolly Nokia had their own keys15:06
DocScrutinizer05~#maemo boot is http://omappedia.org/wiki/Bootloader_Project15:08
infobotokay, DocScrutinizer0515:08
*** luke-jr has joined #maemo15:16
*** err0r3o3 has quit IRC15:21
*** rysiekpl is now known as rysiek|pl15:21
bencohxloader is signed on n900?15:27
*** luke-jr has quit IRC15:33
DocScrutinizer05I *think* yes15:36
DocScrutinizer05the question rather is if it *needs* to be signed, or if a HS device would behave exactly like a GP device when yiu use a GP (unsigend) xloader15:37
DocScrutinizer05this basically boils down to the question if GP and HS SoCs share same ROMBL (or if the ROMBL maybe has a check if there's a HS key or not and acts differently when there is)15:40
*** dafox has joined #maemo15:51
*** luke-jr has joined #maemo15:57
DocScrutinizer05>>It's also worth noting the TI did not technically disable TrustZone. Instead, the bootrom code transitions the processor into the Normal world prior to switching execution to U-boot. So it's actually using TrustZone to move to the Normal world, but then doesn't provide a mechanism for moving back to the Secure world<<  https://stackoverflow.com/questions/7955982/arm-trustzone-development15:58
*** err0r3o3 has joined #maemo15:58
DocScrutinizer05>>Yes, things have changed considerable to the positive after 5 years :) << 2017-06-2916:01
DocScrutinizer05hmmm https://github.com/OP-TEE/optee_os16:06
DocScrutinizer05~trust16:06
infobotrumour has it, trust is safe, or http://www.youtube.com/watch?v=0cbS_lDJuJg16:06
DocScrutinizer05?16:06
DocScrutinizer05this whole trustzone stuff is as intangible as... No docs at all16:11
DocScrutinizer05and I still don't buy it that there's any benefit from it for end users that couldn't get achieved as well (and actually always been) by mere decent implementation of classical OS-based permission handling16:13
DocScrutinizer05as soon as you hand the signing tools to unwashed public, there's no visible benefit from trusted computing at all16:15
*** chfoo[m] has quit IRC16:18
*** xy2_ has joined #maemo16:21
*** chfoo[m] has joined #maemo16:25
*** err0r3o3 has quit IRC16:28
*** ntinos has quit IRC16:36
*** dmth|intevation has quit IRC16:40
*** dmth|intevation has joined #maemo16:42
*** luke-jr has quit IRC16:53
DocScrutinizer05a completely different topic: FSF RYF16:54
*** luke-jr has joined #maemo16:54
DocScrutinizer05from dng@lists.dyne.org  "From:"Taiidan@gmx.com" <Taiidan@gmx.com> Re: [DNG] Purism Librem and disabling Intel ME: it can be done [ Re: TALOS 2 - The Libre Owner Controlled POWER9 Workstation/Server ]  2017-09-08 Fri 06:22"16:55
DocScrutinizer05>> Full documentation and HDL's will be available for all components besides the onboard broadcom nics which currently require a firmware blob as there are no open source non-intel gigabit NIC's - but the FSF says that this minor detail doesn't prevent it from receiving RYF certification as they are behind the POWER-IOMMU and as such are not capable of doing anything malicious.<<16:56
*** dmth|intevation has quit IRC16:56
DocScrutinizer05I wonder how they can do this for that hardware, but then consider Neo900 doing basically same as sufficient reason to deny RYF16:57
*** err0r3o3 has joined #maemo16:58
DocScrutinizer05we also have no open source WLAN/BT solution available and whatever that IOMMU it's not better than a mere SDIO hw interface16:59
DocScrutinizer05and I don't think I want to even start about our modem sandbox solution that's definitely way beyond anything IOMMU17:01
DocScrutinizer05anybody FSF around to comment?17:01
*** freemangordon_ has quit IRC17:04
*** err0r3o3 has quit IRC17:07
*** err0r3o3 has joined #maemo17:16
*** jonwil has quit IRC18:22
*** Pali has joined #maemo18:31
*** phlixi has quit IRC18:42
Pali~deb2dsc18:43
infobothmm... deb2dsc is on http://pastebin.com/ZPuYnZPr18:43
Palifreemangordon ↑↑↑18:43
Wizzupjesus. only on pastebin? :D18:44
freemangordonPali: thanks18:45
bencoh:D18:46
*** ntinos has joined #maemo18:47
*** florian has quit IRC18:53
freemangordonPali: (and the others) how it sounds "Oroshi" as a codename for that maemo-devuan frankenstein?18:58
WizzupOroshi?19:00
Wizzupwe had some codenames, but not project names19:00
Wizzupe.g. 'kawai'19:00
freemangordonWizzup: nokia used to name releases after winds19:00
Wizzupok. I am going to be afk for a bit.19:00
KotCzarnyis there a name for 'wind of change' ?19:01
Wizzupneed food19:01
freemangordonKotCzarny: no idea19:01
*** geaaru has quit IRC19:01
KotCzarnyor wind of hope19:01
freemangordonKotCzarny: I found ^^^ at wikipedia, feel free to suggest another one if you need symbolics. I coose it because it sounds pretty much ok and simple19:02
freemangordon*choose19:02
freemangordonKotCzarny: https://en.wikipedia.org/wiki/List_of_local_winds19:03
freemangordonKona and Leste sound ok as well19:04
KotCzarnyyeah, it should come after 'h'19:04
freemangordonmhm19:05
KotCzarnyChinook, Diablo, Fremantle, Harmattan19:05
freemangordonMeltemi ;)19:05
KotCzarnyBora before chinook19:05
freemangordonnad Bora19:05
KotCzarnyLoo ? ;)19:05
freemangordonhmm, maybe Kona is better19:05
KotCzarnyKhamsin isnt bad either19:06
freemangordonno, Loo doesn;t sound tasty :D19:06
KotCzarnyanyway, all winds starting with K on that page sound cool19:06
freemangordonI like Kona more, it is shorter but still sounds good19:07
freemangordonok, if no objections in the next couple of hours, then it will be Lona :)19:07
freemangordon*Kona19:08
KotCzarnyhttp://mentalfloss.com/article/56382/21-wonderful-words-wind19:08
KotCzarnymore names19:08
KotCzarnywilly-willy ?19:08
freemangordonhehe19:08
drathirLuna mmm....19:31
drathirKira19:31
drathirignore that... ^^19:34
*** eMHa has quit IRC19:35
*** qwazix has quit IRC19:40
*** qwazix has joined #maemo19:43
*** mickname_ is now known as mickname19:45
* sixwheeledbeast is getting deja-vu19:53
sixwheeledbeasthttp://mg.pov.lt/maemo-irclog/%23maemo.2017-02-03.log.html19:53
sixwheeledbeastI recall liking "Ostria" A warm southerly wind on the Bulgarian coast :)19:54
*** Kabouik_ has quit IRC19:56
*** err0r3o3_ has joined #maemo20:04
*** phlixi has joined #maemo20:05
*** err0r3o3 has quit IRC20:08
*** eMHa has joined #maemo20:13
*** heroux has joined #maemo20:25
*** err0r3o3_ has quit IRC20:37
*** err0r3o3_ has joined #maemo20:53
*** xy2_ has quit IRC20:53
*** luke-jr has quit IRC20:56
DocScrutinizer05https://www.armis.com/blueborne20:57
*** phlixi has quit IRC21:05
*** xy2_ has joined #maemo21:11
freemangordonsixwheeledbeast: ah, I remember I told you there is no such word in Bulgarian, back then :)21:12
DocScrutinizer05freemangordon: ^^^21:13
DocScrutinizer05please rate severety for maemo21:14
freemangordonDocScrutinizer05: I'm reading through it21:14
DocScrutinizer05ta21:14
DocScrutinizer05stack overflow in bluetooth.ko?21:14
DocScrutinizer05they pitched it well for maximum publicity with minimum help for experts to actually investigate21:20
DocScrutinizer05at least a few random CVE are mentioned21:20
freemangordonDocScrutinizer05: All Linux devices from version 3.3-rc1 (released in October 2011) are  affected by the remote code execution vulnerability (CVE-2017-1000251).21:21
freemangordonso this does not affect n90021:22
freemangordonthe other one affects us, I guess21:22
DocScrutinizer05:-) at least21:22
freemangordonAll Linux devices running BlueZ are affected by the information leak vulnerability (CVE-2017-1000250).21:22
DocScrutinizer05please share URLs to genuine CVE database21:23
DocScrutinizer05I have a hard time finding it right now21:23
*** FalconSpy_ has joined #maemo21:23
freemangordonI don't have urls for those, I read what is on Armis Labs page21:24
DocScrutinizer05ooh21:24
freemangordongoogling leadds to some fedora and redhat pages21:24
DocScrutinizer05I fvrown at the latter one21:24
freemangordon*leads21:24
DocScrutinizer05there are multiple massively different Bluez implementations21:24
freemangordonhttps://bugzilla.redhat.com/show_bug.cgi?id=149091121:25
freemangordonwhere is bluez upstream?21:25
DocScrutinizer05nfc21:25
DocScrutinizer05next to PA?21:26
*** phlixi has joined #maemo21:26
freemangordonhttps://git.kernel.org/pub/scm/bluetooth/bluez.git21:26
*** FalconSpy has quit IRC21:27
sixwheeledbeasthttps://nvd.nist.gov/vuln/detail/CVE-2017-100025021:32
*** luke-jr has joined #maemo21:34
DocScrutinizer05sixwheeledbeast: ta21:35
sixwheeledbeastnp21:36
DocScrutinizer05https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9445  I guess was the one I looked for21:36
DocScrutinizer05err, or nearby, anyway MITRE21:37
DocScrutinizer05https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-100025021:38
*** luke-jr has quit IRC21:43
*** Kabouik_ has joined #maemo21:58
DocScrutinizer05cf  https://bugzilla.redhat.com/show_bug.cgi?id=149091121:58
DocScrutinizer05iips sorry21:58
*** LauRoman has quit IRC22:24
*** LauRoman has joined #maemo22:33
*** florian has joined #maemo23:01
*** jkepler has quit IRC23:23
*** jkepler has joined #maemo23:27
*** rhn_mk1 has quit IRC23:41
*** xorly has joined #maemo23:49
*** rhn_mk1 has joined #maemo23:56
« Monday, 2017-09-11 Index Wednesday, 2017-09-13 »

Generated by irclog2html.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!