00:06.59 | DocScrutinizer | MohammadAG: >>Departed Facility in TEL AVIV - ISRAEL Monday, August 01, 2011 19:03 << \o/ |
00:08.40 | DocScrutinizer | MohammadAG: seems they transport from tel aviv to LOD with bike, or taking a walk |
00:10.50 | GeneralAntilles | yawns. |
00:12.04 | MohammadAG | DocScrutinizer, yeah, testing Sports Tracker |
00:12.22 | DocScrutinizer | MohammadAG: so seems your deadline 08-03 will be the date. Dunno if it's the last day to pick it up, or the first day you're not at home |
00:14.26 | DocScrutinizer | GeneralAntilles: hush! you're several TZ behind, you're not allowed to yawn right now ;-D |
00:14.41 | GeneralAntilles | Long day |
00:14.41 | GeneralAntilles | Whew |
00:20.53 | DocScrutinizer | how do I get the fqn of a file? except from concatenating CWD with the relative filename |
00:20.59 | DocScrutinizer | shell |
00:22.50 | DocScrutinizer | dirname and readlink all are not helpful, even for "see also:" in manpages |
00:23.07 | *** join/#harmattan meegoexperts_mob (~Adium@i-83-67-88-78.freedom2surf.net) |
00:24.54 | DocScrutinizer | stat -c %N x #also not what I need |
00:28.05 | SpeedEvil | Is that a valid question? |
00:28.17 | SpeedEvil | I point at various files in /sys with multiple paths |
00:28.23 | DocScrutinizer | dang, isn't there any function/executabe that, on ># themagicls ~/../B/x; replies >> /home/B/x |
00:29.55 | *** join/#harmattan trx (~ns-team@212.200.199.233) |
00:30.43 | DocScrutinizer | mmmpff! I probably could compare inode number of the file in question, and a given FQN path I want to know if it's same file or not |
00:32.03 | DocScrutinizer | is there any tool that lists all hardlinks pointing to a file? |
00:32.55 | SpeedEvil | I don't think it's possible to do that. |
00:33.08 | SpeedEvil | Other than with find, or something like tracker. |
00:33.28 | DocScrutinizer | probably a dang heavy tool, it had to ls -lr / and compare the inode numbers |
00:33.41 | SpeedEvil | There is no 'stat' that spits out all of the directories the file is in, or its names, as that's not held in the file inode. |
00:33.45 | DocScrutinizer | yeah find |
00:34.34 | DocScrutinizer | find / -inum 764634 |
00:34.47 | DocScrutinizer | is probably what I look for |
00:35.47 | DocScrutinizer | or -samefile :-D |
00:42.02 | *** join/#harmattan Scifig (~Scifig@c-24-4-32-47.hsd1.ca.comcast.net) |
00:49.31 | DocScrutinizer | anyway unless I find out what's "A 0 0 33061" in (grep -v "A 0 0 33" ) /var/lib/aegis/refhashlist |
00:50.04 | DocScrutinizer | ... :-S |
00:50.43 | SpeedEvil | inode 33061? |
00:51.24 | DocScrutinizer | nope, thought that as well first, but it's either a group ID, or a permissions bitset |
00:51.30 | DocScrutinizer | S 15 com.nokia.maemo H 40 a68426a5b1586cccd918bbb63798c43ca26b7a8d A 0 0 35309 P 22 energy-profiler-server R 30 usr/bin/energy-profiler-server |
00:51.31 | DocScrutinizer | S 15 com.nokia.maemo H 40 871ed0d45e694039478e651295861fb3ec1080fd A 0 0 35309 P 8 libc-bin R 16 usr/lib/pt_chown |
00:51.36 | SpeedEvil | hmm |
00:51.46 | SpeedEvil | Well - the long string is obviously a hash |
00:53.42 | DocScrutinizer | Sring length:15 com.nokia.maemo Hash length:40 871ed0d45e694039478e651295861fb3ec1080fd A??? 0 0 35309 Package length:8 libc-bin Reference length:16 usr/lib/pt_chown |
00:55.40 | DocScrutinizer | in the whole 700some kB refhashlist there are EIGHT lines not matching "A 0 0 33" |
00:56.28 | SpeedEvil | flags indeed |
00:56.31 | rm_you | so rebooting didn't fix my blank call window problem, any thoughts? |
00:56.32 | DocScrutinizer | http://paste.debian.net/124816/ |
00:58.05 | SpeedEvil | There should possibly be a packagename in there too for eavh file |
00:58.18 | DocScrutinizer | actually it seems like 33261 and 33188 are the only sets of flags(?) used |
00:58.34 | SpeedEvil | Different signers? |
00:58.51 | DocScrutinizer | checks /etc/groups |
00:59.54 | DocScrutinizer | meh, I guess that's aegis permissions |
01:00.23 | DocScrutinizer | the whole hashlist was useless if it wasn't for telling aegis WHAT to do with those files |
01:00.44 | DocScrutinizer | the 3 ints suggest U G O |
01:01.00 | SpeedEvil | Seems logical. |
01:01.39 | DocScrutinizer | there's exactly ONE line with G!=0 |
01:01.57 | DocScrutinizer | err 2 |
01:02.01 | DocScrutinizer | S 15 com.nokia.maemo H 40 838157fee92ca7a8df6c093dea9079145a3ed2f3 A 0 30021 34285 P 14 openssh-client R 17 usr/bin/ssh-agent |
01:02.12 | DocScrutinizer | S 15 com.nokia.maemo H 40 9465b53d341467bfe43b7975b488dd61cc2dde32 A 0 30018 35181 P 21 sdk-connectivity-tool R 18 usr/sbin/devrootsh |
01:02.32 | DocScrutinizer | setgid() ? |
01:04.16 | DocScrutinizer | javispedro once deduced about missing setgid perm for bash, from a aegis diagnostic printout in syslog |
01:04.41 | DocScrutinizer | wish I could find where from he got the bit meanings |
01:06.57 | DocScrutinizer | hmmm - Aegis: credp_kcheck failed 9990004 bash - is 7 digits |
01:07.11 | DocScrutinizer | while hashlist flags(?) are 5 |
01:08.48 | DocScrutinizer | man 5 refhashlist !!!1!!1!!!!@#%&&!!1 |
01:09.04 | DocScrutinizer | grrrr |
01:11.49 | DocScrutinizer | RM680-22-6_PR_RM680:~# cat /var/lib/aegis/refhashlist|wc -l |
01:11.51 | DocScrutinizer | 5546 |
01:14.08 | DocScrutinizer | ehmmm |
01:14.12 | DocScrutinizer | S 0 H 40 0b2879714e842125406fcee56f7c8881475dbc05 A 0 0 33261 P 2 mc R 30 opt/mc/libexec/mc/extfs.d/uace |
01:14.14 | DocScrutinizer | S 0 H 40 c31fe5dda65c9e711364a26c10a72bd53069d9bc A 0 0 33188 P 2 mc R 28 opt/mc/etc/mc/edit.indent.rc |
01:14.15 | DocScrutinizer | S 0 H 40 e4bbe0cd6120fa1287fcd3ed8a298fe81ce6e89f A 0 0 33261 P 2 mc R 29 opt/mc/libexec/mc/fish/unlink |
01:14.17 | DocScrutinizer | S 0 H 40 d62804c56054aa03ce38d09ea4d308d983f288db A 0 0 33261 P 2 mc R 30 opt/mc/libexec/mc/extfs.d/ulha |
01:14.46 | DocScrutinizer | fun bit: one file got other flags(?) |
01:19.37 | DocScrutinizer | hmmmmm, edited opt/mc/etc/mc/edit.indent.rc, started mc, no issues at all, not even any logs in syslog |
01:21.07 | DocScrutinizer | refhashlist record for the file didn't change though, ergo it can't be correct now |
01:21.46 | SpeedEvil | maybe it will now blow up if something tries to exec() the file when it wouldn't before. |
01:22.01 | DocScrutinizer | let's try it :-D |
01:22.54 | DocScrutinizer | http://paste.debian.net/124818/ |
01:29.44 | DocScrutinizer | nah, I always get "permission denied" when I try to run those scripts as root |
01:30.22 | DocScrutinizer | RM680-22-6_PR_RM680:~# su - user |
01:30.23 | DocScrutinizer | su: can't set groups: Operation not permitted |
01:30.25 | DocScrutinizer | o.O |
01:31.45 | DocScrutinizer | as user as well |
01:36.22 | DocScrutinizer | http://paste.debian.net/124819/ you can't execute shellscripts. GREAT! |
01:37.27 | DocScrutinizer | err, while in develsh |
01:38.18 | DocScrutinizer | http://paste.debian.net/124820/ |
01:39.25 | SpeedEvil | I wonder how often they poke the RDA devices to see if anyones bricked them |
01:39.49 | DocScrutinizer | lol |
01:39.59 | MohammadAG | daily |
01:40.04 | MohammadAG | or every other day |
01:40.17 | MohammadAG | I broke an N97 mini once |
01:40.50 | DocScrutinizer | there should probably a button "reflash" in the GUI ;-D |
01:40.57 | MohammadAG | Aegis, protecting kids from internet porn since 2011 |
01:40.59 | DocScrutinizer | +be |
01:40.59 | MohammadAG | sh: ./xxx: Operation not permitted |
01:42.01 | DocScrutinizer | you've been told not to play doctor games! operations are always not permitted |
01:42.33 | DocScrutinizer | and xxx operations even more |
01:44.22 | DocScrutinizer | this friggin aegis crap gives me headaches |
01:44.53 | MohammadAG | i'm going to sleep |
01:44.53 | DocScrutinizer | e.g. what is develsh, what does it do and why can it do what it does? |
01:45.03 | MohammadAG | my N950 better be here when I wake up |
01:45.08 | DocScrutinizer | :-D |
01:45.16 | rm_you | so rebooting didn't fix my blank call window problem, any thoughts? :P |
01:45.35 | DocScrutinizer | restful dreams! |
01:45.48 | DocScrutinizer | yet none |
01:46.46 | DocScrutinizer | rm_you: I guess it's simply a bug |
01:46.56 | rm_you | yeah, but how do I FIX it |
01:46.57 | rm_you | lol |
01:46.58 | DocScrutinizer | maybe even a race |
01:47.04 | rm_you | it worked at first |
01:47.11 | rm_you | for like the first week |
01:47.14 | DocScrutinizer | the REFLASH! |
01:47.16 | rm_you | lol |
01:47.19 | DocScrutinizer | then* |
01:47.26 | rm_you | that's not a good solution |
01:47.35 | DocScrutinizer | :shrug: |
01:47.37 | rm_you | because if i don't figure out the problem, it will probably keep happening |
01:47.43 | DocScrutinizer | don't see any alternative |
01:47.46 | rm_you | not reasonable to reflash every week |
01:47.59 | rm_you | i don't have a problem reflashing |
01:48.04 | rm_you | but you see the problem, no? |
01:48.06 | GeneralAntilles | Kill yourself. |
01:48.09 | GeneralAntilles | coughs. |
01:48.11 | rm_you | lol GA |
01:48.19 | GeneralAntilles | It requires blood sacrifice. |
01:48.20 | DocScrutinizer | nah, you must reflash and then be alert about the steps causing the problem again |
01:48.26 | GeneralAntilles | It's how Elop is powered. |
01:48.41 | rm_you | DocScrutinizer: but i know every single action i took before it started |
01:48.47 | rm_you | and none of them seem related |
01:48.53 | DocScrutinizer | then reflash and redo |
01:49.01 | rm_you | and see if it breaks again? |
01:49.06 | DocScrutinizer | irrelevant what seems related |
01:49.10 | rm_you | lol |
01:49.34 | DocScrutinizer | either it's reproducable by your steps, or it's heissenbug |
01:50.28 | rm_you | lol |
01:50.40 | rm_you | n950 has quantum processor |
01:52.11 | DocScrutinizer | rm_you: look, it might be a random flipped bit in flash. it might be proximity sensor broken after one week. or it *might* be actually caused by your unrelated steps done during last week |
01:52.23 | rm_you | lol |
01:52.23 | DocScrutinizer | nobody but you can find out |
01:52.27 | rm_you | yeah |
01:52.30 | rm_you | i prolly will |
01:52.31 | DocScrutinizer | and your only chance is reflash |
01:52.39 | rm_you | i'm going to investigate |
01:53.05 | DocScrutinizer | esp when you claim your steps are "unrelated" |
01:53.15 | rm_you | what was that utility package |
01:53.21 | DocScrutinizer | not even you seem to have an idea where to look and what for |
01:53.35 | rm_you | there was a util package someone mentioned earlier |
01:53.42 | rm_you | useful for debugging these sorts of issues |
01:56.59 | DocScrutinizer | probably script (1) - make typescript of terminal session |
01:58.06 | DocScrutinizer | bisect down to the one instruction/action that triggers the bug, then we'll be wiser |
01:58.38 | DocScrutinizer | but first: reflash and see if the bug vanishes |
01:59.03 | DocScrutinizer | to ruke out it's been always there or a hw defect |
01:59.09 | DocScrutinizer | rule* |
02:00.12 | SpeedEvil | Does anyone know where to get large ferrite bars cheaply? I'm wondering about ones similar to the ones in my induction cooker for containing the field on the underside. |
02:00.15 | DocScrutinizer | or ignore the whole issue - if your app you're developing isn't related to making calls, you just as well can ignore the whole thing |
02:00.16 | SpeedEvil | Argh |
02:00.42 | rm_you | no, it was a util to actually see the inner workings of an active Qt window |
02:01.05 | DocScrutinizer | that's called gdb ;-P |
02:01.29 | Termana | morning |
02:06.02 | *** join/#harmattan epage (~epage@adsl-99-62-32-209.dsl.aus2tx.sbcglobal.net) |
02:09.20 | ieatlint | anyone looked much into changing the standby/lock screen? |
02:09.27 | ieatlint | or more specifically, where the image file is located/configured |
02:27.53 | *** join/#harmattan eman (~lemmings@124-168-12-42.dyn.iinet.net.au) |
02:59.29 | *** join/#harmattan twoboxen (~twoboxen@24-207-248-228.dhcp.stls.mo.charter.com) |
03:10.36 | *** join/#harmattan willer_ (~Willer@201-75-102-243-ma.cpe.vivax.com.br) |
03:23.54 | hiemanshu | DocScrutinizer, ieatlint, dm8tbr: you could always use a universal battery charger around when such things happen - http://3.bp.blogspot.com/-Rom8-Z_zd0o/TeCwEokQMvI/AAAAAAAACJA/FxK7PeL8FbU/s640/Universal+Battery+Charger.jpg |
03:24.18 | DocScrutinizer | yoh |
03:24.42 | DocScrutinizer | but... does it come with TX4? ;-D |
03:25.03 | DocScrutinizer | seriously, this MUST NOT happen |
03:25.06 | DocScrutinizer | ~2119 |
03:25.06 | infobot | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119. |
03:25.38 | DocScrutinizer | the less on a device with "no user servicable parts inside" |
03:26.09 | hiemanshu | yes it MUST NOT happen, and hasn't happened for me either when my battery drained like 5-6 times now, though my N900 has gone crazy, but thats a different story |
03:26.12 | DocScrutinizer | imagine this happening on N9 |
03:27.12 | hiemanshu | 'hey darling, I think I broke my N9' 'Naah the battery just died and nokia didn't care enough to fix the issue, let me charge it up for you' |
03:28.43 | DocScrutinizer | hehe |
03:28.49 | DocScrutinizer | exactly |
03:30.10 | DocScrutinizer | the service points will need automatic coffee machines and little paper cups. And a corner with armchairs for the waiting customers ;-P |
03:32.12 | DocScrutinizer | hammocks, drinks, and a hula band |
03:34.04 | DocScrutinizer | I bet no developer ever let his N9 sit for 4 weeks with a depleted battery, then tried to start charging it. Odds are the cell (self)depleted enough during those 4 weeks to deadlock the device |
03:35.34 | DocScrutinizer | but hey, why am I telling this now, rather than publishing it crypted on my blog, and publish the decrypt key with a big HAHA, wehn the first 10.000 N9 returned to service for charging? |
03:37.52 | DocScrutinizer | I offered free hw review, Nokia wasn't interested. A bit of sarcasm may be ok, no? |
03:38.09 | twoboxen | ugh⦠this security policy makes it a huge pain in the ace to dev for the n950 |
03:38.24 | twoboxen | wtf root doesn't have permission to delete a file with user/users ownership |
03:38.29 | hiemanshu | heh well no, they wont be interested in anything, because they uhmm, dont care much about it |
03:38.50 | DocScrutinizer | twoboxen: welcome to the wonderful world of AEGIS |
03:38.53 | DocScrutinizer | ;-P |
03:38.58 | DocScrutinizer | ~aegis |
03:38.58 | infobot | [aegis] http://www.developer.nokia.com/Community/Wiki/Harmattan:Developer_Library/Developing_for_Harmattan/Harmattan_security/Security_guide , or "The purpose of this framework is: ... to make sure that the platform meets the requirements set by third party software that requires a safe execution environment.", or http://en.wikipedia.org/wiki/Trusted_Computing#Criticism |
03:39.06 | twoboxen | where is my sudo gain root that actually works |
03:39.32 | twoboxen | i'm about to say f. this⦠it's difficult EVERY step of the way |
03:39.38 | DocScrutinizer | inexistent |
03:40.07 | DocScrutinizer | twoboxen: welcome to the club, I already got tired with ranting :-D |
03:40.24 | twoboxen | :) |
03:40.39 | twoboxen | if they are going to abandon this platform, at least give us a way to get FULL dev mode |
03:42.24 | DocScrutinizer | twoboxen: you missed the best yet [2011-07-31 21:28:21] <DocScrutinizer> I'm going to eventually document on wiki: "aegis is protecting arbitrary files from editing/deleting/renaming/chmod. You have no means to know if a file is protected that way. Touching such a file will possibly result in bricking and need for a reflash of complete system. That's the situation and you either deal with it or forget about harmattan, as nobody is going |
03:42.25 | DocScrutinizer | to do anything about it to fix this permanent threat" Maybe NOT - CBA |
03:43.23 | twoboxen | so true |
03:43.57 | twoboxen | DocScrutinizer: I know I was counting on qole's easy debian. and he is pissed as well |
03:44.20 | DocScrutinizer | the evil notorious aegis selfdestruction function |
03:45.09 | DocScrutinizer | http://maemo.cloud-7.de/Aegis-kills-device.jpg |
03:46.49 | DocScrutinizer | so you're about to "say f. this" - I'm a tad further over the edge |
03:48.33 | *** join/#harmattan antman8969 (~antman896@pool-98-113-198-248.nycmny.fios.verizon.net) |
03:50.49 | DocScrutinizer | http://dz015.wordpress.com/2011/07/05/the-good-the-bad-and-the-ugly-or-python-security-fw-and-harmattan/ |
03:50.53 | twoboxen | DocScrutinizer: meaning, you already said 'f this' |
03:51.37 | DocScrutinizer | >>After installing the package, do NOT modify the installed files if they request a token. Security FW will discover an unexpected change in the file and lock the device (ops! reflash).<< |
03:52.00 | DocScrutinizer | s/files/python scripts/ |
03:52.29 | twoboxen | are there any petitions or forums where people are staging a protest? WTF does Nokia care what we do? |
03:52.34 | twoboxen | they didn't for the n900 |
03:53.19 | DocScrutinizer | hands over the banner to twoboxen, sighs, yawns, and waves |
03:53.23 | twoboxen | WebOS is a lot nicer⦠webos<somedate> and you get ACTUAL dev access⦠openssh, root access, etc. See? The users who do that know what they are getting into |
03:53.51 | twoboxen | DocScrutinizer: So what platform are you moving to now? :) |
03:54.05 | hiemanshu | wp |
03:54.12 | DocScrutinizer | staying at fremantle for now (and next few years) |
03:54.13 | *** join/#harmattan Arkenoi (~ark@178.177.18.79) |
03:54.23 | DocScrutinizer | never been interested in N9 anyway |
03:55.15 | DocScrutinizer | eventually Samsung might come up with sth similar to maemo, which is *not* bada |
03:55.43 | hiemanshu | DocScrutinizer: do you know what bada means? |
03:55.53 | DocScrutinizer | wave, or sea, or sth |
03:56.16 | hiemanshu | bada is big in hindi |
03:56.47 | hiemanshu | and in korean it means ocean or sea |
03:56.56 | DocScrutinizer | seems bada is "made in korea" though |
03:57.10 | twoboxen | DocScrutinizer: what about intel's actual meego releases? They can't be that far off. |
03:57.26 | DocScrutinizer | no handheld devices |
03:58.08 | hiemanshu | well yeah, nothing as of yet, but you can run it on the N9{,00,50} apparently |
03:58.12 | DocScrutinizer | support for N9 from Nokia is more than questionable |
03:58.25 | DocScrutinizer | regarding "real" meego |
03:59.52 | DocScrutinizer | and honestly I don't care, as - like I already mentioned - I'm not particularly interested in N9. And it seems there won't be any "meego" device from Nokia after N9 |
04:00.35 | DocScrutinizer | so no matter how you look at it, it looks like a dead end |
04:01.25 | hiemanshu | pretty much yes, and I am not moving to android, so its most likely iOS or webos for me |
04:07.00 | DocScrutinizer | nota bene N9 never got attributed as NIT by Nokia |
04:08.32 | twoboxen | hiemanshu: you mean the me ego CE release? Does it work on n950 yet? |
04:11.41 | twoboxen | on http://wiki.meego.com/ARM/N950 so does me ego use aegis? |
04:17.02 | twoboxen | why the hell didn't they just follow android's security model |
04:17.13 | twoboxen | it meets all their goals on http://www.slideshare.net/peterschneider/maemo-6-platform-security |
04:19.50 | dm8tbr | hiemanshu: yes, such things go unsaid. I just mentioned the hacky approaches |
04:31.13 | *** join/#harmattan DocScrutinizer (~halley@openmoko/engineers/joerg) |
04:39.03 | *** join/#harmattan antman8969 (~antman896@pool-98-113-198-248.nycmny.fios.verizon.net) |
04:41.37 | dm8tbr | moaning |
04:47.30 | *** join/#harmattan antman8969 (~antman896@pool-98-113-198-248.nycmny.fios.verizon.net) |
04:54.42 | *** join/#harmattan antman89691 (~antman896@ool-457ca94a.dyn.optonline.net) |
05:13.56 | *** join/#harmattan npm (~npm@cpe-76-90-30-220.socal.res.rr.com) |
05:40.33 | *** join/#harmattan djszapi_ (~lpapp@80-186-91-70.elisa-mobile.fi) |
05:43.24 | *** join/#harmattan Scifig (~Scifig@c-24-4-32-47.hsd1.ca.comcast.net) |
05:45.08 | *** join/#harmattan antman8969 (~antman896@pool-98-113-198-248.nycmny.fios.verizon.net) |
06:01.10 | *** join/#harmattan rcg (~rc@g230050205.adsl.alicedsl.de) |
06:03.14 | *** join/#harmattan npm (~npm@cpe-76-90-30-220.socal.res.rr.com) |
06:34.35 | *** join/#harmattan smoku (~spectrum@xkh0g2.infr.xiaoka.com) |
06:39.37 | *** part/#harmattan smoku (~spectrum@xkh0g2.infr.xiaoka.com) |
06:40.21 | MohammadAG | hiemanshu, iOS? seriously? |
06:40.57 | hiemanshu | MohammadAG: I have owned an iPhone, so yeah, iOS is better than android, much much better |
06:41.23 | MohammadAG | in what ways? |
06:41.27 | hiemanshu | every way? |
06:42.05 | MohammadAG | not really? |
06:42.23 | Stskeeps | it's 8:36am and we're discussing platform wars |
06:42.43 | MohammadAG | Stskeeps, I'm actually holding a shotgun for the courrier |
06:43.13 | Stskeeps | trust me, in the future, platforms and their APIs matter less, they'll just be a delivery mechanism to differentiate with the ecosystem being the free web |
06:43.16 | Stskeeps | :P |
06:44.43 | MohammadAG | Forwarded for delivery, meh |
06:45.12 | hiemanshu | MohammadAG: the main thing about iOS is loads of games \ |
06:45.14 | hiemanshu | \o/ |
06:45.29 | hiemanshu | and I have developed for iOS |
06:46.16 | MohammadAG | hiemanshu, meh, I've been with maemo for a year, never cared about games |
06:46.32 | MohammadAG | development needs a mac, I don't intend on buying one |
06:46.35 | hiemanshu | MohammadAG: I travel enough to care about games |
06:46.42 | MohammadAG | plus it's Obj-C |
06:46.44 | hiemanshu | MohammadAG: I have a mac, and getting another one some time soon |
06:46.59 | hiemanshu | yeah, Obj-C is beautiful code, and prettier API cals |
06:47.01 | hiemanshu | calls* |
06:47.07 | MohammadAG | so why aren't you on an iPhone? |
06:47.13 | hiemanshu | I lost mine |
06:47.29 | hiemanshu | about a month or so ago, and not buying one right now, waiting for iPhone 5 |
06:47.42 | hiemanshu | only reason I am not full time into iPhone dev is no Qt |
06:49.59 | *** join/#harmattan aleksander_m (~aleksande@63.46.18.95.dynamic.jazztel.es) |
06:50.27 | MohammadAG | well, the platform war didn't work well |
06:50.33 | MohammadAG | let's talk rpm vs deb |
06:50.35 | MohammadAG | runs |
06:50.59 | Stskeeps | i've used debs, i've used rpm, and i like rpm better, allows me a much nicer workflow |
06:51.29 | MohammadAG | but RPM sucks!!!1!1 |
06:52.04 | Stskeeps | not a productive argument |
06:53.05 | MohammadAG | Obviously, I wasn't being serious... |
07:02.46 | hiemanshu | MohammadAG: I have used rpm all my life, deb is just meh |
07:03.01 | *** join/#harmattan harbaum (~quassel@et-1-20.gw-nat.bs.kae.de.oneandone.net) |
07:07.19 | *** join/#harmattan antman8969 (~antman896@pool-98-113-198-248.nycmny.fios.verizon.net) |
07:11.52 | *** join/#harmattan andre__ (~andre@g1.blanicka25.net) |
07:11.52 | *** join/#harmattan andre__ (~andre@Maemo/community/bugmaster/andre) |
07:13.54 | DocScrutinizer | <<in the future, platforms and their APIs matter less>> seems I've heard this since end of last millenium, still it didn't exactly come true, despite chromeOS, thin clients, clouds and all |
07:19.07 | *** join/#harmattan lbt (~david@Maemo/community/contributor/lbt) |
07:20.51 | antman8969 | does anyone know who owns the my-meego.com site? (also my-maemo.com) |
07:21.26 | hiemanshu | antman8969: see who owns the domain. use a whois service |
07:21.39 | antman8969 | I was hoping for a user name lol |
07:21.55 | antman8969 | micheal jirz |
07:22.04 | antman8969 | jerz |
07:23.26 | *** join/#harmattan eman (~lemmings@124-168-12-42.dyn.iinet.net.au) |
07:28.14 | *** join/#harmattan Wirta (~Wirta@nemein.hietalahti.nemein.net) |
07:48.38 | lbt | FYI http://wiki.meego.com/MeeGo_Apps/Problem_Statement discuss in #meego. Also see http://forum.meego.com/showthread.php?p=27975 and email threads |
07:56.17 | DocScrutinizer | ?? |
07:59.17 | *** join/#harmattan wazd (~wazd@broadband-95-84-185-178.nationalcablenetworks.ru) |
07:59.48 | *** join/#harmattan Arkenoi (~ark@swsoft-msk-nat.sw.ru) |
08:02.56 | harbaum | Pretty enteraining read ... |
08:02.58 | Arkenoi | thinks easydebian must be hell to use on capacitive touchscreen |
08:06.33 | *** join/#harmattan djszapi (~lpapp@plexyplanet.org) |
08:06.35 | *** join/#harmattan slaine (~slaine@84.203.137.218) |
08:07.53 | DocScrutinizer | you bet |
08:07.59 | *** join/#harmattan mikhas (~michael@p4FC22F1E.dip.t-dialin.net) |
08:08.28 | DocScrutinizer | esp without mouse and kbd support, due to missing hostmode (and alas this doesn't seem to change any time soon) |
08:08.50 | Arkenoi | DocScrutinizer, well, you may use bluetooth ones.. |
08:09.53 | RST38h | I am creating a repo on OBS. What repo type should I choose? |
08:10.00 | DocScrutinizer | If I had, I'd test it to confirm :-D |
08:10.39 | DocScrutinizer | RST38h: strawberry |
08:10.56 | DocScrutinizer | scnr |
08:11.11 | djszapi | RST38h: pick one via advanced interface. |
08:11.38 | djszapi | and armv7el there. |
08:12.29 | RST38h | aha |
08:18.50 | *** join/#harmattan leinir (~leinir@amarok/usability/leinir) |
08:24.57 | *** join/#harmattan cpscotti (~cpscotti@212.36.161.100) |
08:50.11 | *** join/#harmattan vandenoever (~oever@kde/vandenoever) |
08:58.20 | djszapi | DocScrutinizer: we are gonna have a documentation review meeting with the SDK team prolly. Let me know what you miss from the aegis documentation (without screaming, and in a mature mood please) and I try to get into this. |
08:58.54 | DocScrutinizer | djszapi: noticed, thanks |
08:59.46 | SpeedEvil | Thanks! |
09:00.22 | SpeedEvil | 'man aegis' |
09:00.47 | DocScrutinizer | maybe ask twoboxen and javispedro as well, if they appear from the underbush |
09:01.23 | DocScrutinizer | man 5 refhashlist |
09:01.59 | djszapi | yeah, please tell it to everybody |
09:02.05 | djszapi | we try to make it work by Friday. |
09:03.47 | djszapi | I would appreciate a wikipage for it with short notes. |
09:03.55 | Arkenoi | damn they call *this* http://thinkflood.com/products/redeye-mini/ "affordable". $50 for fscking IR diode with simple converter! would be useful as we do not have CIR anymore if not the price |
09:03.55 | DocScrutinizer | aaaah, of course! >>what is a practicable way to make aegis "hush", I.E. get a set of tokens for root that lets root feel like root?" |
09:04.45 | DocScrutinizer | WUT? |
09:05.27 | SpeedEvil | writes page overview on wiki. |
09:06.00 | DocScrutinizer | dang, I bet I could do better, by feeding left headset channel with max dBm 20kHz and rectify/multiply it for VCC, while right channel outputs signal |
09:06.02 | Arkenoi | root cannot even view dmesg, that sucks! |
09:06.13 | djszapi | Arkenoi: no, it does not. |
09:06.19 | djszapi | you have no idea what a user device means. |
09:06.32 | Arkenoi | user device means you cannot view dmesg? |
09:06.40 | djszapi | *sigh* |
09:06.41 | DocScrutinizer | ok, this comment was it for me |
09:06.49 | Arkenoi | hell even iPhone can do |
09:07.08 | DocScrutinizer | cheerio |
09:07.13 | Arkenoi | doesn't it qualify as user device? |
09:07.44 | djszapi | Arkenoi: in my opinion, it is much worse approach if you have a unix workstation design for a consumer phone. |
09:07.44 | *** part/#harmattan DocScrutinizer (~halley@openmoko/engineers/joerg) |
09:08.15 | djszapi | Arkenoi: frankly, you should just learn instead of whining, how to do things. |
09:09.04 | SpeedEvil | I'm writing an overview of the issues as I see them on the wiki. Comments or alterations welcome when I have it up - maybe a few mins I'll post the link. |
09:09.13 | Arkenoi | djszapi, i run selinux enforced mode on my desktop, it does not suck that much |
09:09.22 | djszapi | Arkenoi: hahahahahaha |
09:09.31 | djszapi | made my day =) |
09:09.39 | djszapi | SpeedEvil: about aegis ? |
09:09.51 | SpeedEvil | djszapi: yes. |
09:10.02 | djszapi | cool, thanks really. |
09:10.15 | SpeedEvil | The broad themes, about why it causes issues, an the narrower things that we want to know. |
09:10.15 | djszapi | We got an opportunity to meet the SDK team and fix the documentation by Friday |
09:10.24 | djszapi | I would like to see everybody's feedback |
09:10.37 | djszapi | if it does not now happen, it cannot be easily amended in the near future... |
09:10.40 | SpeedEvil | DocScrutinizer can be a little bad-tempered. |
09:11.09 | djszapi | so please take it seriously as an opportunity to improve this field. |
09:11.18 | SpeedEvil | I am. |
09:13.00 | Arkenoi | actually it would be more useful to have thing like that on the desktop as it has potentially bigger malware and remote exploits threat exposure (potentially means who the hell will hack linux desktops when there are zillions of windows machines with careless users) |
09:13.49 | *** join/#harmattan divan (~dev@212.90.177.150) |
09:13.54 | Arkenoi | we had vulnerable flash with remote code execution bug on the n900 from the very beginning and no one gives a fsck |
09:16.02 | djszapi | Arkenoi: yeah, we know you know better and all the principal security engineers are just silly at Nokia and Intel :) |
09:16.28 | djszapi | including Linus Torvalds who is heavily rejecting the selinux kernel model and accepted an upstream approach which is pretty much aegis alike. |
09:16.34 | djszapi | * than all |
09:17.02 | SpeedEvil | The issues Aegis was intended to solve are pretty much those solely around a mass-market series of handsets. |
09:17.14 | SpeedEvil | Intended to take over much of Nokias line. |
09:17.15 | Arkenoi | selinux is a good thing and its poor adoption is shame on humanity |
09:17.40 | SpeedEvil | The reality - when it's implemented on one niche handset - is more questionable. |
09:18.26 | djszapi | 12:17 < SpeedEvil> The issues Aegis was intended to solve are pretty much those solely around a mass-market series of handsets. -> no, it is not true. |
09:18.51 | djszapi | but nice to see you are confident enough to know better than us :) |
09:18.57 | SpeedEvil | Umm. |
09:19.06 | SpeedEvil | Back when Aegis was designed, this was the vision. |
09:19.12 | Arkenoi | SpeedEvil, i just think a futile attempt to make DRM that does not suck is so futile.. though Aegis security model is worth something even beyond DRM |
09:19.16 | SpeedEvil | That was the (public) plan. |
09:20.00 | Stskeeps | i still kind of want something like aegis in a world where devices are as promiscious as a US teenage girl studying in europe |
09:20.06 | djszapi | SpeedEvil: never really been a plan at the architecture design. I think you should just learn more about this field before saying so untrue explanations. Just start at the smack kernel implementation. |
09:20.15 | SpeedEvil | There were security platform announcements around n900 time which I assume were about aegis, which ever made it into the n900. |
09:20.43 | Arkenoi | having a trusted environment on a consumer device is great as long as the trust relationship are under the full control of the owner |
09:20.47 | SpeedEvil | djszapi: By issues, I mean security issues for a phone maker. |
09:21.00 | SpeedEvil | Not security issues as a general kernel or unix thing. |
09:21.24 | djszapi | 12:20 < SpeedEvil> There were security platform announcements around n900 time which I assume were about aegis, which ever made it into the n900. -> so untrue again. |
09:21.42 | SpeedEvil | No, it's not untrue. |
09:21.47 | SpeedEvil | I assume that. |
09:21.56 | djszapi | ok, if you know better, I give up. :) |
09:21.57 | SpeedEvil | If my assumption is incorrect, fine. |
09:22.17 | SpeedEvil | I have no data, as as far as I know, this has not been published. |
09:22.43 | Arkenoi | phone makers are anal. nokia is double so. see, HTC lets you take HD2 and run android on it and nothing terrible happens. Nokia guys thing that the sky will fall if you are allowed to change OS on a consumer device (n900 is really not an example) |
09:23.21 | djszapi | what bugs me is that, I have been trying to help as much as possible here since I feel it my obligation. Nobody does it apart from me in my team, and people keep saying they know better. Don't you think it is a bit soul-destroying ? |
09:23.26 | djszapi | SpeedEvil ^ |
09:23.26 | SpeedEvil | djszapi: What aspect of that are you disagreeing about. That there were announcements and talk of a security platform on the n900? |
09:23.45 | *** join/#harmattan smoku (~smoku@93.159.54.194) |
09:23.53 | djszapi | SpeedEvil: aegis has nothing to do with N900 |
09:24.00 | SpeedEvil | I know. |
09:25.01 | SpeedEvil | However, statements were made at that time which seem to the outside world to be very related to what aegis has turned out to be on the n950. It would seem logical to outside observers that there was an internal development project running at that time to make aegis. |
09:25.28 | djszapi | please stop speculating. |
09:25.31 | SpeedEvil | And at that time, the vision was (publically at least) that maemo was going to take over a large slice of nokias handsets. |
09:26.12 | Arkenoi | no one expects the spanish inquisition^W^WElop |
09:26.24 | SpeedEvil | If you can't publically address these points - say so - fine. |
09:26.56 | djszapi | SpeedEvil: publicly address 100 times ? :) |
09:27.03 | djszapi | sorry, I find it really tiresome. |
09:27.23 | djszapi | I have never seen any aegis work on N900, period. (at gazillion times). |
09:27.39 | SpeedEvil | I never said it was working on the n900. |
09:28.00 | djszapi | sorry, I find it time wasting, afk :) |
09:28.05 | SpeedEvil | I said it seems from the outside like at least design work was going on at that time. |
09:28.31 | SpeedEvil | Anyway - reading docs and writing overview - please critisise that. Sorry we're talking past each other appparantly. |
09:30.55 | djszapi | SpeedEvil: seriously the last time, 1000005th. Aegis was designed for Harmattan and then a very alike approach was proposed against the Linux kernel as an upstream version. Linus accepted it since he just simply dislikes selinux like almost everybody else in the linux security domain apart from the selinux developers. really period. |
09:31.25 | SpeedEvil | I'm not disagreeing with you. |
09:32.18 | Arkenoi | do you mean i am a pervert or work for NSA? |
09:32.35 | Arkenoi | (or both) |
09:32.49 | SpeedEvil | I mean - the above seems to be what I understand too - it's just I expressed it in different ways. |
09:32.53 | *** join/#harmattan NIN101 (~NIN101@p5DD29599.dip0.t-ipconnect.de) |
09:33.18 | Arkenoi | SELinux is disliked by people who are too lazy to profile their software |
09:33.20 | SpeedEvil | I'm not saying that aegis was ever intended for n900, just that there were (unclear) announcements made at that time. |
09:33.40 | Arkenoi | unfortunately it includes almost all "enterprise software vendors" |
09:33.46 | SpeedEvil | Indeed. |
09:34.07 | Arkenoi | but it does not mean SELinux is bad |
09:34.10 | SpeedEvil | SELinux is a good idea in principle. Most software has way too much access. |
09:34.56 | Arkenoi | redhat team made hell a lot of work to write selinux policies for most packages |
09:35.30 | djszapi | SELinux does not really work in the practice, but let us not fight it again. There are enough mailing list threads about it amongst the linux security experts. Since selinux was born there were just new upcoming linux security models. The reason is very simple. It does not work in the practice, hard to configure, not modularized and I could enumerate, really overdiscussed matter. |
09:36.06 | Arkenoi | could you please provide a proof it does not work? |
09:36.36 | djszapi | Arkenoi: try to configure selinux for a really simple task and then smack. |
09:36.44 | djszapi | You will see the difference in no time. |
09:37.17 | kimju | my wish, apart from core documentation (like description of those /var/lib/aegis/* files) would be documenting all the various capabilities in use, what they (dis)allow and which of those can not be set in "unofficial" packages. |
09:37.31 | djszapi | kimju: that has nothing to do with aegis |
09:37.38 | djszapi | those are really application things... |
09:37.52 | djszapi | if an application defined a token, like tracker, tracker should document it, next! :) |
09:38.04 | Arkenoi | i have done that, quite simple and there are comprehencive tutorials, actually i am going to do that for all my packages and i do not consider it to be waste of time |
09:38.19 | djszapi | hahahahahahaha |
09:38.34 | kimju | djszapi, technically you're of course correct, but for user, that all seems "aegis". |
09:38.44 | SpeedEvil | djszapi: There - seems - to be no public documentation of these things you are saying. Which is why people are asking questions that are silly. |
09:39.14 | SpeedEvil | djszapi: And getting upset as you're saying they're silly, because we don't know what's in scope or not. |
09:40.02 | SpeedEvil | Sorry - this probably isn't productive, I'll get back to writing coherent thoughts for wiki. |
09:40.02 | djszapi | kimju: we can put one line into documentation, it has nothing to do with aegis, ok |
09:40.48 | Arkenoi | well, people may dislike SElinux or not, but I am yet to see SElinux causing a fraction of PITA aegis happily provides |
09:40.56 | djszapi | SpeedEvil: I told you gazillian times to look for documentations and videos |
09:41.00 | djszapi | do I need to make the google for you ? |
09:41.09 | djszapi | ok, let us give one example.... |
09:41.10 | SpeedEvil | djszapi: I'm looking at them at the moment. |
09:41.30 | SpeedEvil | Sorry - I haven't dug as deep into the docs as I should. |
09:41.44 | SpeedEvil | reading hrouhg the released docs. |
09:41.53 | kimju | djszapi, please make it two lines, to other pointing the blame to the apps :) |
09:42.01 | SpeedEvil | Part of the confuseion may be as I'm basicng my comments of others that may not have read the docs. |
09:42.45 | SpeedEvil | Is there more than at http://www.developer.nokia.com/Community/Wiki/Harmattan:Developer_Library/Developing_for_Harmattan/Harmattan_security/ ? |
09:43.04 | kimju | djszapi, but still, I'd like to see such documentation. even if it's not your (personally nor the teams) responsibility to make such. |
09:44.00 | Arkenoi | and i guess aegis is one of primary reason we are not likely to see cheap chinese phones and tablets with harmattan |
09:44.58 | Arkenoi | well, the diversity of maemo platform is not a good thing for wide adoption |
09:45.18 | kimju | and I actually do like some things that aegis makes possible, like secure storage in the device. |
09:47.44 | Arkenoi | there is TPM thing, like "embedded smartcard", it is much more simple and widely available |
09:47.46 | SpeedEvil | djszapi: However - whatever - thanks for the willingness to discuss things, and sorry there seems to be so much drama. |
09:48.13 | djszapi | the drama is only that, people are not constructive if there is some issue :) |
09:48.31 | djszapi | they tend to be smarter than a bunch of principal engineers in full time :) |
09:48.45 | SpeedEvil | I don't think anyone is claiming that. |
09:49.22 | kimju | I wonder what is wrong with my mg-terminal package, it gets build but then obs gets stuck when it should move the resulting .deb to repo. |
09:49.26 | SpeedEvil | Disagreeing with policy is not disagreeing with the team of engineers, it's disagreeing with their managers. |
09:49.34 | djszapi | SpeedEvil: also, do not forget, meego tends to use the aegis-alike upstream security model. |
09:49.37 | djszapi | y does not have to be complicated. |
09:49.44 | djszapi | https://lkml.org/lkml/2007/9/29/147 |
09:50.04 | djszapi | also, just good feedbacks in comparison with android, windows security model... |
09:50.23 | kimju | other packages seem to get build and pushed to repos, mine gets stuck each and every time. |
09:50.24 | djszapi | so yeah, there might be undocumented things that can be improved, but whining all the time when we are still better than everybody else ... :) |
09:50.29 | djszapi | well, that is not really constructive. |
09:50.33 | *** join/#harmattan eman (~lemmings@124-168-12-42.dyn.iinet.net.au) |
09:51.04 | SpeedEvil | The problem is that at times it's not been clear what the release configuration of the n9 is. |
09:51.14 | djszapi | it is like saying kdevelop's cmake system sucks :) |
09:51.28 | djszapi | it is not perfect, there are minor issue, but still the one available and the best ever for that purpose. |
09:51.39 | SpeedEvil | And - for example - from the perspective of most open-source developers - there is the worry about what happens if nokia stops signing stuff 12 months down the line, and drops all support. |
09:51.41 | djszapi | and I think that is something people forget to remember. |
09:52.38 | SpeedEvil | 'best ever' - for purposes of nokia. |
09:52.39 | Arkenoi | so can anyone answer me a simple question: how do i look at dmesg? |
09:53.11 | SpeedEvil | Ayway - it's probably best if I clarify this in document form. |
09:53.16 | Arkenoi | that reminds me symbian certificate uglyness |
09:53.36 | djszapi | 12:52 < SpeedEvil> 'best ever' - for purposes of nokia. -> again untrue :) |
09:53.40 | SpeedEvil | Rather than trying to put points at random in off-the-cuff responses that may seem confrontationa. |
09:53.49 | djszapi | such a security model has nothing to do with Nokia...ie, smack and meego.... |
09:53.56 | djszapi | and actually upstream linux kernel, so anybody can use it... |
09:54.08 | SpeedEvil | djszapi: Nokia = manufacturer |
09:54.18 | SpeedEvil | djszapi: I'm not saying specifically nokia, sorry. |
09:54.36 | Stskeeps | kimju: osc wipebinaries doesn't help? |
09:54.58 | kimju | Stskeeps, there is no binaries |
09:55.06 | Stskeeps | kimju: hmm |
09:55.54 | kimju | https://build.pub.meego.com/package/show?package=mg-terminal&project=home%3Akimju%3Aharmattan |
09:56.04 | kimju | if someone wants to have a look |