<<Prev
Next>>
Scroll to Bottom
Stuff goes here
L1[00:07:25] ⇦
Quits: darsie (~darsie@84-113-55-200.cable.dynamic.surfer.at) (Ping
timeout: 192 seconds)
L2[00:16:43] ⇨
Joins: Wastl4
(~Wastl2@dynamic-089-012-138-022.89.12.pool.telefonica.de)
L3[00:18:30] ⇦
Quits: flayer (~flayer@2001:1c01:4012:c400:16da:e9ff:fe04:1768)
(Quit: Leaving)
L4[00:18:47] ⇦
Quits: Wastl2
(~Wastl2@dynamic-077-011-159-175.77.11.pool.telefonica.de) (Ping
timeout: 189 seconds)
L5[00:55:32] <UmbralRaptop> Yay, metal
bands
L6[01:01:22] ⇨
Joins: raptop
(~Newpa_Has@ip98-169-16-17.dc.dc.cox.net)
L7[01:01:22]
ChanServ sets mode: +o on raptop
L8[01:48:26] ⇨
Joins: Alanonzander (~J@172.58.121.237)
L9[01:49:28] ⇦
Quits: Azander (~J@172.58.120.236) (Ping timeout: 189
seconds)
L10[02:15:09] ⇦
Quits: Alanonzander (~J@172.58.121.237) (Ping timeout: 189
seconds)
L11[02:15:19] ⇨
Joins: Azander (~J@172.58.121.45)
L12[03:04:38] ⇨
Joins: Ezriilc_ (~Ezriilc@194.35.233.98)
L13[03:06:32] ⇦
Quits: Ezriilc (~Ezriilc@96.59.122.65) (Ping timeout: 189
seconds)
L14[03:06:39] ***
Ezriilc_ is now known as Ezriilc
L15[03:09:46] ⇨
Joins: Ezriilc_ (~Ezriilc@96.59.122.65)
L16[03:10:26] ⇨
Joins: Ezriilc__ (~Ezriilc@194.35.233.93)
L17[03:11:58] ⇦
Quits: Ezriilc (~Ezriilc@194.35.233.98) (Ping timeout: 189
seconds)
L18[03:11:58] ***
Ezriilc__ is now known as Ezriilc
L19[03:13:27] ⇦
Quits: Ezriilc_ (~Ezriilc@96.59.122.65) (Ping timeout: 189
seconds)
L21[04:56:06] ⇨
Joins: Althego (~Althego@185.161.73.152)
L22[04:56:07]
ChanServ sets mode: +o on Althego
L23[05:05:53] ⇦
Quits: Tank2333 (~Tank2333@p5ddaa31a.dip0.t-ipconnect.de) (Remote
host closed the connection)
L24[05:26:14] ⇦
Quits: Ezriilc (~Ezriilc@194.35.233.93) (Ping timeout: 189
seconds)
L25[06:18:54] ⇦
Quits: sasamj (uid193032@id-193032.ilkley.irccloud.com) (Quit:
Connection closed for inactivity)
L26[07:20:06] ⇨
Joins: flayer
(~flayer@2001:1c01:4012:c400:16da:e9ff:fe04:1768)
L27[07:31:29] ⇨
Joins: immibis (~hexchat@62.156.144.218)
L28[07:31:46] ⇨
Joins: prefixcactus (~quassel@185.68.147.27)
L29[07:57:02] ⇨
Joins: darsie
(~darsie@84-113-55-200.cable.dynamic.surfer.at)
L30[09:03:49] ⇨
Joins: sandbox
(~sandbox@host-84-13-145-106.opaltelecom.net)
L31[09:14:47] ⇨
Joins: sasamj
(uid193032@id-193032.ilkley.irccloud.com)
L32[10:36:02] ⇦
Quits: _whitelogger (~whitelogg@uruz.whitequark.org) (Remote host
closed the connection)
L33[10:36:17] ⇨
Joins: _whitelogger (~whitelogg@uruz.whitequark.org)
L34[11:22:19] ⇦
Quits: Dazzyp (~Daz@host-95-192-48-169.mobileonline.telia.com)
(Ping timeout: 192 seconds)
L35[11:44:07] ⇨
Joins: Tank2333
(~Tank2333@p5ddaa31a.dip0.t-ipconnect.de)
L36[11:44:49] ⇨
Joins: Pytagoras
(~Pytagoras@ti0037a400-0407.bb.online.no)
L37[11:45:13] ⇨
Joins: erio
(~Christine@cpe-66-108-18-122.nyc.res.rr.com)
L38[11:45:13]
ChanServ sets mode: +v on erio
L39[11:45:30] ⇦
Quits: Pyta (~Pytagoras@ti0037a400-0407.bb.online.no) (Ping
timeout: 189 seconds)
L40[11:45:31] ⇦
Quits: estorado (~estorado@5.45.108.144) (Ping timeout: 189
seconds)
L41[11:45:45] ⇨
Joins: estorado (~estorado@5.45.108.144)
L42[11:45:45] ⇦
Quits: Rhys (Rhys@help.lux.melted.me) (Quit: R.I.P)
L43[11:46:03] ⇦
Quits: dnsmcbr (uid136206@id-136206.uxbridge.irccloud.com) (Ping
timeout: 189 seconds)
L44[11:46:04] ⇦
Quits: Kevin (~kevin@rrcs-98-100-162-234.central.biz.rr.com) (Ping
timeout: 189 seconds)
L45[11:46:07] ⇨
Joins: Rhys (Rhys@help.lux.melted.me)
L46[11:46:09] ⇨
Joins: Kevin
(~kevin@rrcs-98-100-162-234.central.biz.rr.com)
L47[11:47:09] ⇦
Quits: eriophora (~Christine@cpe-66-108-18-122.nyc.res.rr.com)
(Ping timeout: 189 seconds)
L48[11:48:12] ⇨
Joins: dnsmcbr
(uid136206@id-136206.uxbridge.irccloud.com)
L49[12:12:24] ⇦
Quits: Tank2333 (~Tank2333@p5ddaa31a.dip0.t-ipconnect.de) (Remote
host closed the connection)
L50[13:15:37] <Mat2ch> oh, y'all got news
about the twitch hack? Go reset your twitch password, if you
haven't done so yet
L51[13:19:22] <umaxtu> was just popping on
here to say that
L52[13:35:56] ⇦
Quits: Althego (~Althego@185.161.73.152) (Quit:
Leaving)
L53[13:39:02] ⇦
Quits: prefixcactus (~quassel@185.68.147.27) (Ping timeout: 189
seconds)
L55[13:44:04] ⇦
Quits: LunchBot (hacks@flherne.uk) (Remote host closed the
connection)
L56[13:44:08] ⇨
Joins: LunchBot (hacks@flherne.uk)
L57[13:49:22] <raptop> hrm
L58[13:49:49] *
raptop is going to end up with firefox saving tons of passwords
because memorizing them all is impractical
L59[13:54:59] <kubi> unless you have some
logic that compiles in the site itself to the password
L60[13:55:17] <kubi> and of course update
all the passwords at the highest frequesncy required by the
sites
L61[13:56:11] <kubi> ... and get annoyed
with stupid limitations on passwords (capital, number etc) that are
actually decreasing the potential password pool instead of making
it more secure
L62[13:56:13] <flayer> i'm really annoyed
at my current password situation
L63[13:56:42] <flayer> all of my regular
passwords have been compromised, and i can't be bothered to learn
new ones, so now i need to find a tool that i can trust to manage
passwords for me
L64[13:57:05] <kubi>
L0reMiP5umTw1tt3r
L65[13:57:23] <raptop> obviously hunter2
-> hunter3
L66[13:57:30] <kubi> your passwrm must
contain at least 3 non alnum characters, but cannot be longer than
8 chars
L67[13:57:51] <flayer> yeah, so annoying
all the specific and varied requirements they put on passwords
nowadays
L68[13:58:09] <kubi> only requirement
should be is a minimum length
L69[13:58:17] <kubi> maybe not even
that
L70[13:58:33] <kubi> anything else is just
limiting the pool of potential passwords
L71[13:58:55] <kubi> if it MUST contain a
number, then ther WILL be a number
L72[13:59:55] <raptop> Min length makes
sense. Max length can be justified, but basically no place with an
explicit maximium has a reasonable one
L73[14:00:12] <kubi> so, instead of
[a-zA-Z0-9][a-zA-Z0-9] it will be [a-zA-Z][0-9] or
[0-9][a-zA-Z]
L74[14:00:19] <kubi> that is a much smaller
pool
L75[14:01:53] <flayer> "but you can't
trust people to make a good password without being forced into
certain choices
L77[14:02:58] <raptop> Also, there's the
whole "special character silliness"
L79[14:03:25] <kubi> it should be
enabled
L80[14:03:35] <kubi> no limitation on the
actual characters
L81[14:03:35] <raptop> hrm, s/
silliness"/" silliness/
L82[14:03:47] <kubi> even unicode
L83[14:04:03] <raptop> yeah
L84[14:04:43] <kubi> actually, professional
system with customers in China or Japan have this req
L85[14:05:08] <raptop> I can understand
showing a non-blocking warning for non-ascii chracters, but
outright rejecting is bad
L86[14:05:30] <raptop> (the warning being
"please make sure you can actually enter this password
consistently")
L87[14:12:01] ⇦
Quits: Pyrus (~pyrus@coffee-break.at) (Quit: ZNC - http://znc.in)
L88[14:12:11] <kubi> exactly
L89[14:12:39] ⇨
Joins: Pyrus (~pyrus@coffee-break.at)
L90[14:12:42] <kubi> having a minimum
length is OK
L91[14:13:50] <kubi> it dow not limit the
pool too much as each length step brings 10++ times more
L92[14:14:19] <FLHerne> kubi: I think
character-set enforcement is probably reasonable
L93[14:14:26] <kubi> why?
L94[14:14:37] <FLHerne> If someone's using
a long and random password, the impact is pretty much nil
L95[14:14:53] <raptop> Is your site going
to break if someone's password includes a space or a #?
L96[14:15:06] <FLHerne> (because if they're
using a wide character set, it's statistically almost certain to
contain one of each type anyway)
L97[14:15:08] <kubi> character set is a
requirement usually in non-latin countries
L98[14:15:28] <kubi> ppl tend to think that
we have only latin or even worse, the english alphabet
L99[14:15:32] <FLHerne> and it makes the
90% of users who'd otherwise use some short one-or-two-word
dictionary password somewhat less brute-forceable
L100[14:16:05] <kubi> and most of the
population lives on that side of the globe...
L101[14:16:22] <FLHerne> kubi: Sorry, I
meant enforcing using digits, punctuation etc.
L102[14:16:38] <FLHerne> other alphabets
should definitely be allowed
L103[14:16:46] <raptop> I'd be worried
about charset reqs being a surprise break so you can't use eg: wide
latin characters
L104[14:17:03] <raptop> (among other
things)
L105[14:18:13] <kubi> do not enforce any
digits
L106[14:18:30] <kubi> any character level
enforcement is limiting the variety of passwords
L107[14:18:40] <kubi> make it as wide as
possible
L108[14:19:00] <Mat2ch> kubi: we could
have Zero knowledge proof as method to sign into web sites. But
apparently passwords are soooooo much better
L109[14:19:07] <Mat2ch> and nobody at
Firefox cares about innovation anymore.
L110[14:19:08] <kubi> you can limit on
simple patterns, like do not use your login name, or
1234556789
L111[14:20:28] <FLHerne> kubi: for a long
random password, the "limiting" is totally
negligible
L112[14:20:50] <kubi> yes
L113[14:20:58] <kubi> and no
L114[14:21:12] <kubi> because what we were
taling about the beginnin
L115[14:22:36] <kubi> having different
sites limiting you in different ways would make you using password
managers (from postit notes to whatever else tools)
L116[14:22:38]
⇨ Joins: Baumfaust
(~Baumfaust@2a02:8071:2c0:5600:d250:99ff:fe01:8f12)
L117[14:22:44] ⇦
Quits: Baumfaust
(~Baumfaust@2a02:8071:2c0:5600:d250:99ff:fe01:8f12) (Remote host
closed the connection)
L118[14:22:47] <FLHerne> For a
15-character password, the probability of *not* containing at least
one digit if you use A-Za-z0-9 and a bit of punctuation is about
2%
L119[14:23:02] <kubi> yeah
L120[14:23:08] <kubi> but one site says no
punctuation
L121[14:23:29] <FLHerne> that's pretty
much no reduction in password space, for a dramatic increase in
security of the 90% of passwords that people don't construct
properly
L122[14:23:30] <kubi> other says max 12
characters, 3rd says no kanji
L123[14:23:36] <kubi> it is not the
space
L124[14:23:44] <kubi> not only
L125[14:24:02] <kubi> that is the basic
thing you need to worry about in relation to one site
L126[14:24:02] <FLHerne> I'm sure password
managers can handle this
L127[14:24:14] <kubi> until you keep them
safe
L128[14:24:24] <FLHerne> If anything, it
discourages users from reusing the same "random" password
for multiple sites
L129[14:24:38] <FLHerne> (which I'm aware
of people doing)
L130[14:24:41] <kubi> yes
L131[14:24:53] <kubi> never underestimate
ppl
L132[14:25:41] <kubi> the best when I get
from the site that your password can\t be the same as any of the 5
last and can't differ by only one character from them
L133[14:26:07] <kubi> now, tell me, how th
they know if it is only one character without storing the clear
text?!
L134[14:27:05] <kubi> then using the same
"random" for multiple sites would just make sure that the
operator of site A can reach all of the others
L135[14:27:12] <FLHerne> In principle,
they could store hashes of all one-character variations
L136[14:27:37] <kubi> but random people
are not prepared for this
L137[14:27:43] <FLHerne> would be an awful
lot of hashing though
L138[14:28:10] <kubi> actually, an
unhashed character sequence should not even leave my computer
L139[14:28:23] <FLHerne> Indeed
L140[14:28:41] <kubi> if I\m more
paranoid, then not even my keyboard:)
L141[14:28:48] <FLHerne> They *could* hash
all one-character variations in JS in the browser
L142[14:28:53] <FLHerne> but it would take
a while
L143[14:29:00] <kubi> yeah
L144[14:29:11] <FLHerne> and the number of
hashes sent would leak the password length unless there was
padding
L145[14:30:00] <FLHerne> I can't think of
a reasonable way to do it
L146[14:30:05] <FLHerne> but maybe there
is one
L147[14:30:06] <kubi> so, anyway
L148[14:30:32] <kubi> whomever had the
same pass for FB and anything else nowadays, go and refresh
L149[14:40:15] <packbart> kubi: if you're
sending out hashed passwords, the server needs to store plaintext
passwords
L150[14:41:20] <kubi> I was not
precise
L151[14:41:37] <packbart> or use a
challenge-response login thing with nonces
L152[14:41:53] <packbart> but nobody seems
to like those
L153[14:43:13] <packbart> (for a website,
that would probably require JS to login. I can live with
that)
L154[14:44:19] <kubi> yes
L155[14:45:27] <kubi> public-private
keypairs etc. is far better than this password things
L156[14:45:48] <kubi> if you have a secure
channel and you trust the server then a password is OK
L157[14:45:51] <packbart> the plain
password would still leave your keyboard
L158[14:45:58] <kubi> no other
circumstances
L159[14:46:11] <kubi> unless you have a
proper keyboard :)
L160[14:46:18] <kubi> but then it leaves
your fingers...
L161[14:47:19]
⇨ Joins: betelgeuse
(~betelgeus@94-225-47-8.access.telenet.be)
L162[14:47:48] <packbart> ID card
authentication + fresh blood sampler
L163[14:48:38] <kubi> what you have and
what you know is normally needed, but makes the system
complex
L164[14:48:57] <kubi> I like the bankID in
Sweden
L165[14:49:36]
⇨ Joins: MrTikku
(~hude@85-76-21-75-nat.elisa-mobile.fi)
L166[14:49:38] <packbart> I used to use a
Yubikey. it was a pain to recover accounts when it broke ;)
L167[14:50:18] <kubi> recovery must be
difficult or else anyone can recover
L168[14:50:31] <kubi> you should not
optimize for the easiness os it
L169[14:51:54] <umaxtu> I still have my
Yubi neo. don't use it much these days
L170[14:54:10]
⇨ Joins: Lyneira
(~konversat@2001:984:484e:1:9c4e:4132:956f:4057)
L171[14:54:29] <raptop> Anyway, I'm
getting through some mandatory security training that is talking
about the importance of defending against phishing
L172[14:54:46] <packbart> kubi: for one
account, I had to receive and return a form by (snail) mail. for
other, I had to e-mail photographs of me holding my ID card and a
note
L173[14:54:54] <kubi> yes
L174[14:55:00] <kubi> or even in person
auth
L175[14:55:45] <packbart> I wouldn't think
that to be useful
L176[14:56:09] <kubi> bank ID SW
certificate recovery requires you to go to the bank (that is the
proxy of the authority, i.e., the state) or use a bank card reader
to make it easy
L177[14:56:18] <packbart> it's not much
different from a photograph of me, ID and note saying "$date,
$service, please reset my 2FA"
L178[14:56:52] <packbart> I had to redo
one of them because they need to see my arm holding the
things
L179[14:56:59] <kubi> yes
L180[14:57:00] <packbart> so you couldn't
shop it
L181[14:57:02] <kubi> that is good
L182[14:57:21] <kubi> so, making the
recovery painful is not an issue
L183[14:57:40] <kubi> if it is painful you
do not make a mistake again
L184[14:58:20] <packbart> or else it gets
the hose again
L185[14:59:32] <kubi> actually, all the
smart card auth things are good
L186[14:59:44] <kubi> like most ID card
nowadays
L187[15:00:09] <kubi> the stupid thing is
that there is no world wide infrastructure and standard to make it
ubiquitus
L188[15:00:54] <packbart> and no good
software, either
L189[15:01:19] <packbart> trying to get
the internal smartcard reader on a laptop to work was no fun
L190[15:01:30] <packbart> (stupid me,
using Linux, I know)
L191[15:02:40] <kubi> that is why there
need to be proper standards
L192[15:02:51] <kubi> and a standard, by
definition is accessible to everyone
L193[15:02:58] <kubi> not patented and
stuff
L194[15:04:23] <packbart> well, there's
often a fee
L195[15:08:18] <raptop> kubi:
interestingly, this means that ISO doesn't publish standards
L196[15:10:40] <raptop> Consider eg: ISO
8601. It's in 2 parts that cost 158 CHF and 178 CHF
respectively
L197[15:10:49] ⇦
Quits: XXCoder (~XXCoder@174-21-124-242.tukw.qwest.net) (Ping
timeout: 189 seconds)
L199[15:12:59] <packbart> an argument can
be made that offering those for free would require sponsorships by
states or corps
L200[15:20:11]
⇨ Joins: Ezriilc (~Ezriilc@96.59.122.65)
L201[15:41:30] ⇦
Quits: Eddi|zuHause (~johekr@p5b12eb93.dip0.t-ipconnect.de)
()
L202[15:47:24]
⇨ Joins: jazzkutya
(~jazzkutya@catv-89-134-72-143.catv.broadband.hu)
L203[15:52:59]
⇨ Joins: Eddi|zuHause
(~johekr@p5b12eb93.dip0.t-ipconnect.de)
L204[16:01:25] <packbart> (leaked)
"Every other property that Twitch owns including IGDB and
CurseForge" - hm. that might be relevant to KSP modders
L205[16:04:09] <packbart> I usually quote
sources but I guess the piratebay-Link/bittorrent-hash to the
leaked archive is not interesting to anyone here? :>
L206[16:16:02] <raptop> hrm
L207[16:34:55] ⇦
Quits: m4v (~znc@186.57.148.245) (Ping timeout: 198
seconds)
L208[16:37:06] ⇦
Quits: flayer (~flayer@2001:1c01:4012:c400:16da:e9ff:fe04:1768)
(Quit: Leaving)
L209[16:40:18]
⇨ Joins: flayer
(~flayer@2001:1c01:4012:c400:16da:e9ff:fe04:1768)
L210[16:40:56]
⇨ Joins: m4v (~znc@186.57.147.255)
L211[17:21:34] <kubi> some $ is not an
issue
L212[17:22:25] <kubi> for an individual it
can be a lot
L213[17:22:43] <kubi> but if even a small
company can afford these easily
L214[17:22:59] <kubi> the problem comes
with lock-ins and so
L215[17:23:25] <kubi> also, of course the
bigest cost is if you want to connect your service to any of these
platforma
L216[17:23:30] <kubi> like payments
L217[17:23:38] <kubi> security platforms
are the same
L218[17:31:04] <darsie> Connor Kerman was
stranded on Minmus. A drone whizzed by him sending a message that
he should get home alone. He jetpacked to orbit, then to Kerbin,
aerobraked, refuelled his jetpack in the space station and did a
jetpack deorbit. Because his parachute didn't work, he splashed
down near the KSC. Hmm, I could have tried updating his status in
the space station.
L219[17:47:08] <sandbox> there can be only
one
L220[19:10:10] ⇦
Quits: mrBlaQ (~mrBlaQ@liquidhotdog.com) (Ping timeout: 198
seconds)
L221[19:39:21]
⇨ Joins: mrBlaQ (~mrBlaQ@liquidhotdog.com)
L222[20:12:13] ⇦
Quits: mueslo (~quassel@x8d1e1e97.agdsn.tu-dresden.de) (Quit:
http://quassel-irc.org - Chat comfortably.
Anywhere.)
L223[20:14:07]
⇨ Joins: jazzkutya_
(~jazzkutya@catv-89-134-72-143.catv.broadband.hu)
L224[20:14:17] ⇦
Quits: jazzkutya_ (~jazzkutya@catv-89-134-72-143.catv.broadband.hu)
(Client Quit)
L225[20:36:15] ⇦
Quits: TGS (~theghosts@enigma.theghostbox.com) (Ping timeout: 189
seconds)
L226[20:36:48] ⇦
Quits: G4Virus_aka_pa1983
(~patrik@h-81-170-178-14.A216.priv.bahnhof.se) (Ping timeout: 189
seconds)
L227[20:37:07]
⇨ Joins: G4Virus_aka_pa1983
(~patrik@h-81-170-178-14.A216.priv.bahnhof.se)
L228[20:37:55]
⇨ Joins: TGS (~theghosts@enigma.theghostbox.com)
L229[21:10:09]
⇨ Joins: a_flayer (~flayer@31.161.138.119)
L230[21:11:41] ⇦
Quits: flayer (~flayer@2001:1c01:4012:c400:16da:e9ff:fe04:1768)
(Ping timeout: 189 seconds)
L231[21:22:10] <Mat2ch> SpaceX is lifting
the catch arm mount right now
L232[21:22:17] <Mat2ch> finally something
big is happening!
L233[21:38:01] ⇦
Quits: raptop (~Newpa_Has@ip98-169-16-17.dc.dc.cox.net) (Ping
timeout: 189 seconds)
L234[21:40:45]
⇨ Joins: raptop
(~Newpa_Has@ip98-169-16-17.dc.dc.cox.net)
L235[21:40:45]
ChanServ sets mode: +o on raptop
L236[21:42:13] ⇦
Quits: Lyneira (~konversat@2001:984:484e:1:9c4e:4132:956f:4057)
(Quit: Bye)
L237[21:57:20]
⇨ Joins: XXCoder (~XXCoder@71.212.196.80)
L238[21:58:07] ⇦
Quits: XXCoder (~XXCoder@71.212.196.80) (Remote host closed the
connection)
L239[21:58:25]
⇨ Joins: XXCoder (~XXCoder@71.212.196.80)
L240[22:13:50] ⇦
Quits: sandbox (~sandbox@host-84-13-145-106.opaltelecom.net) (Quit:
Leaving)
L241[22:16:56]
⇨ Joins: flayer
(~flayer@2001:1c01:4012:c400:16da:e9ff:fe04:1768)
L242[22:18:14] ⇦
Quits: a_flayer (~flayer@31.161.138.119) (Ping timeout: 189
seconds)
L243[22:56:53]
⇨ Joins: Tank2333
(~Tank2333@p5ddaa31a.dip0.t-ipconnect.de)
L244[23:55:55] ⇦
Quits: darsie (~darsie@84-113-55-200.cable.dynamic.surfer.at) (Ping
timeout: 198 seconds)