| 02:08.56 | *** join/#gllug samb1 (~samb1@2a01:7c8:aab0:1a7:2cc4:7a2a:20e6:3bad) |
| 08:43.00 | *** join/#gllug chrisp (~wibble@host86-179-229-171.range86-179.btcentralplus.com) |
| 09:21.38 | *** join/#gllug ess_tee_u (~NULL@2001:8b0:908:6a91:8e89:a5ff:fe52:e41d) |
| 10:25.42 | *** join/#gllug w1bbl3 (~Jamie@host217-44-89-19.range217-44.btcentralplus.com) |
| 10:47.51 | Leeds | you might *think* you like pineapple... you've got nothing. https://www.youtube.com/watch?v=7FU-Prz4O2Y |
| 11:00.41 | ChoHag | Looks like easterners aren't as good at forcing a fake smile as we are. |
| 11:09.24 | ChoHag | Oooh that looks fun - infect USB controller firmware from within a VM to add a second maldevice to the firmware which is then connected to the host. |
| 11:32.55 | ChoHag | "When an OS accesses the stick, only the USB content is shown" ... "When the BIOS accesses the stick, a secret Linux is shown, booting a root kit, infecting the machine, and then booting from the USB content." |
| 12:43.00 | *** join/#gllug dick_turpin (~peter@host217-34-163-30.in-addr.btopenworld.com) |
| 12:54.28 | wethrin | oi dick_turpin. Stop directing everyone to get to your blog through Google+. No-one uses Google+ except for Google! |
| 12:58.40 | dick_turpin | wethrin: You pathetic social leper. Everyone knows I spam all my social media accounts from G+ |
| 13:01.17 | wethrin | Yes, we've noticed.... :) |
| 13:07.28 | dick_turpin | wethrin: It's only because; |
| 13:07.42 | dick_turpin | A. I cannot afford a secretary |
| 13:07.53 | dick_turpin | B. I'm a lazy feck |
| 13:08.16 | dick_turpin | C. Throw enough mud something's bound to stick |
| 13:09.41 | wethrin | Find a secretary who'd work for free |
| 13:14.22 | dick_turpin | wethrin: Actually that's a bit weird. The site is supposed to post to Facebook yet that post has, as you say, come from G+ via friends to me. Interesting? I wonder if Facebook is rejecting the wordpress plugin? https://wordpress.org/plugins/social/ |
| 13:21.22 | wethrin | Could be |
| 13:25.19 | dick_turpin | I've just re-invoked the trust for Facebook and Twitter. Well see what happens on the next post. In theory Facebook should get spammed with two posts. |
| 13:39.38 | wethrin | Quick make a post! |
| 15:05.34 | dick_turpin | wethrin: I'm posted out at the minute. Maybe tomorrow |
| 15:08.57 | wethrin | Post about changing your settings |
| 15:13.58 | ChoHag | When did the past tense die? |
| 15:14.56 | wethrin | Ages ago |
| 16:16.11 | *** part/#gllug dick_turpin (~peter@host217-34-163-30.in-addr.btopenworld.com) |
| 18:35.54 | *** join/#gllug ess_tee_u (~NULL@2001:8b0:908:6a91:12fe:edff:fe24:450) |
| 20:47.54 | *** join/#gllug samb1 (~samb1@turbomolecules.com) |
| 21:05.09 | ChoHag | I can't think of any reasonable way to create a host with a known cryptographic identity other than by a) returning the public key data from the host over the secure installation channel (ie. from the console not over the network), or b) creating the key offline and installing it during OS setup. |
| 21:05.23 | ChoHag | Or just trusting the network, which is what I'm trying to avoid. |
| 21:05.52 | ChoHag | a is nigh on impossible to do in a manner which is not vendor-specific, and b is just ugly in so many ways. |
| 21:06.24 | ChoHag | Any ideas? |
| 21:07.21 | yaMatt | just wondering if you can generate it on the client and send it to the server securely |
| 21:08.33 | ChoHag | That's a |
| 21:08.47 | ChoHag | Unless your definition of client and server are backwards from mine, in which case it's b. |
| 21:11.13 | ChoHag | The goal is to run code from $HOME which spits out a blob which is passed securely to a vm host (or localhost, or lom) which uses that blob to install an os. |
| 21:11.39 | ChoHag | I should then be able to ssh into $HOME without fingerprint confirmation (or a password, but that bit's easy). |
| 21:12.21 | ChoHag | I really want to generate keys on the newly created host, but that means finding some solid and secure means of getting the public key information back. |
| 21:12.38 | ChoHag | I also am more interested in designing the process rather than specific tools so it's not tied to ssh. |
| 21:47.55 | ChoHag | The annoying thing is, I kind of have a process which works if I create the keys externally. It needs a lot of hacking together and polish, but it's sound and it works. |
| 21:48.00 | ChoHag | It just means spreading secret keys further than exactly one spot. |
| 21:48.04 | ChoHag | And until I get stuck in with gusto, this problem keeps coming up and reminding me that my proposed solution is shit. |
| 22:21.22 | *** join/#gllug dgeary2 (~portlandi@90.200.10.9) |
| 23:17.18 | *** join/#gllug Leeds (~richardc@n058153123110.netvigator.com) |