Time Nick Message 01:37 GitHub84 [crimsonfu.github.com] pdurbin pushed 1 new commit to master: https://github.com/crimsonfu/crimsonfu.github.com/commit/f2b4572bc98dc8e9a04c1a1d57d1b8617ca58cd0 01:37 GitHub84 [crimsonfu.github.com/master] grabbed latest irc logs - Philip Durbin 01:39 pdurbin hmm, an SSL exploit coming: http://security.stackexchange.com/questions/19911/crime-how-to-beat-the-beast-successor/19914#19914 12:44 pdurbin in vim, ctrl-k >> for » ( http://en.wikipedia.org/wiki/%C2%BB ) from RIGHT-POINTING DOUBLE ANGLE QUOTATION MARK at http://vimdoc.sourceforge.net/htmldoc/digraph.html#digraph-table . see also http://vimdoc.sourceforge.net/htmldoc/digraph.html#digraphs-use 12:49 pdurbin ironcamel: i'm listening to http://perl.org.il/presentations/larry-wall-present-continuous-future-perfect/transcript.html via http://irclog.perlgeek.de/crimsonfu/2012-09-06#i_5968555 12:50 pdurbin '[Question from the audience: "How do you type it?"] How do you type it? With your keyboard? Do you use vi or Emacs? In vi it's Ctrl+K >>. You can also write it with two regular greater-than's (">>"). We're getting to the age of Unicode, and we want to make Unicode programming possible, so we're trying to shove people a little bit in that direction.' 12:57 semiosis https://twitter.com/fhemberger/status/243338303464685568 - UTF-8 is twenty years old this week. Finally �mlauts work everywhere. 14:32 pdurbin semiosis: heh. yep. saw that :) 15:38 pdurbin the slides from the talk i attended yesterday: ABCD WWW » Faras Sadek, Gitorious - http://harvardwww.com/2012/07/faras-sadek-gitorious/ 15:43 larsks harvardwww.com? Ow, my brain hurts. 17:21 Pax morning 17:21 Pax -ish 17:53 semiosis in case anyone's interested... this is the screening checklist i'm going to use on linux sysadmin/devops applicants: http://dpaste.org/g2Kob/ 17:54 semiosis if anyone cares to give me feedback i'd really appreciate it :) 17:56 semiosis also fwiw if anyone's interesting in a sweet devops gig in miami pm me :D 17:56 semiosis s/interesting/interested/ 18:26 pdurbin semiosis: seems reasonable from a glance 18:35 pdurbin "Vyatta is open source router software based on linux that takes advantages of modern processing power to control your data movement" -- http://twit.tv/floss131 18:36 pdurbin shuff: vyatta sounded familiar... 19:25 ventz pdurbin: vyatta? 19:25 * ventz -> knows more about vyatta than he wishes 19:27 ventz cat config.boot | wc -l 19:27 ventz 904 19:42 pdurbin ventz: awesome 19:43 pdurbin whorka: you could use vyatta instead of your vpc thing maybe 19:43 pdurbin dunno if it's supported 19:55 pdurbin ventz: could we use vyatta with Google Compute Engine? http://blog.jcuff.net/2012/08/gce-ftw.html 19:55 pdurbin whorka: can you explain your setup at all? the vpc thing? 19:58 ventz idk what GCE is 19:58 ventz pdurbin: get cuff to join this channel 19:58 ventz or the jabbers (from a network that's reachable by other servers :)) 20:03 pdurbin ventz: GCE eq Google Compute Engine 20:04 pdurbin cuff was in this channel once... 20:04 ventz :nod: but not sure what it does -- is it yet another paas? 20:05 pdurbin http://irclog.perlgeek.de/crimsonfu/2012-03-02#i_5237495 20:05 pdurbin i need whorka to explain 20:05 pdurbin or shuff. it was his idea 20:06 pdurbin idle for 35 minutes. oh well 20:24 * ventz eyes shuff and his auto-channel selection ;) 20:28 pdurbin ventz: auto-channel selection? is shuff in #windowsfu? ;) 20:28 shuff no no, the problem is that i am NOT in #geeknight 20:29 ventz exactly! :) 20:29 pdurbin whorka: openauth so far... https://github.com/fasrc/openauth-puppet 20:29 ventz pdurbin: i figured, i would give him a hard time about it until he updates his conf file to include that 20:43 whorka pdurbin, we are using Amazon VPC essentially to make a persistent VPN tunnel to an unrouted subnet of EC2 nodes 20:43 whorka http://docs.amazonwebservices.com/AmazonVPC/latest/UserGuide/VPC_VPN.html 20:46 whorka do you think it would be possible to run an OTP token generator as a web script (protected by PIN auth) for our non-smartphone users? 20:46 pdurbin whorka: uh. we just use native (and nice looking) mobile clients 20:47 whorka yeah, but I just had our security compliance plan vetted by the security office, and they want all our users with access to confidential data to use two-factor auth. 20:47 pdurbin Google Authenticator - Android Apps on Google Play - https://play.google.com/store/apps/details?id=com.google.android.apps.authenticator2&hl=en 20:47 crimsonfubot https://plus.google.com/112876949103794517392/posts/cgv5RS5UseZ 20:47 pdurbin App Store - Google Authenticator - http://itunes.apple.com/us/app/google-authenticator/id388497605?mt=8 20:48 pdurbin yes... this is 2 factor auth... 20:49 whorka I just don't think it would be reasonable for us to require all users have a smartphone, so I'm looking for a workaround. 20:49 pdurbin ah! ok 20:49 pdurbin yeah, i don't know if blackberry even works, honestly... 21:01 shuff perhaps it would be more reasonable to supply each user with a Yubikey: http://static.yubico.com/var/uploads/pdfs/Howto_GmailYubiKey.pdf 21:10 semiosis those are pretty cool 21:10 pdurbin_m whorka: is a desktop client good enough? 21:10 whorka hmm, I guess what I'm trying to work around is the "Something the user has" part of multi-factor auth, which would make it not multi-factor auth at all, just multi-password auth. http://en.wikipedia.org/wiki/Multi-factor_authentication 21:10 pdurbin_m we have jauth 21:10 whorka a desktop client would be great! 21:12 pdurbin_m https://github.com/mclamp/JAuth 21:22 whorka that could work... although I'm having a hard time seeing how providing this auth token proves anything more than that the user was able to access the OTP generator... is there a key built into the app or something? 21:24 whorka With SecurID, you know that whoever has the OTP had access to the physical device that generated it... but with JAuth what's to prevent an attacker from stealing a copy of the app?