log☇︎
1100+ entries in 0.013s
Framedragger: where was that link to intel's content-less advisory... it had two parts, one remote, one local
Framedragger: but it seems that it's then possible to run *local* exploit (privilege escalation)
Framedragger: tl;dr is "i have nfi"
Framedragger: makes sense to know if only enabled, too
Framedragger: asciilifeform: remote diddle only works if AMT is not only enabled but also *provisioned*.
Framedragger: well, that's why i said "dunno if any good". on *cursory* glance, nothing mischievous, but obvs wouldn't v-sign it
Framedragger: (^ may as well check phuctor box, but module probably won't be loaded.)
Framedragger: (for posterity, x220 is i5-2520M, xeon server is W3520)
Framedragger: and on x220 lappy with ubuntu, AMT was enabled (will check bios settings later), but not provisioned.
Framedragger: not on debian, it seems. checked on a xeon cpu which has AMT, but module was not loaded
Framedragger: yep
Framedragger: (yesyes ubuntu is not an OS, etc)
Framedragger: loaded by default in stock ubuntu, say
Framedragger: HN spit out https://github.com/mjg59/mei-amt-check , dunno if any good, maybe need to check later. to be clear, AMT won't be provisioned "by default", and it being provisioned is the worser thang. ☟︎
Framedragger: ^ relevant (yes i know stross is not really liked here, but this was ~ok)
Framedragger: http://www.antipope.org/charlie/blog-static/2017/05/rejection-letter.html
Framedragger: ah :)
Framedragger: "programmatically pandering approval eigenstates" haha awesome BingoBoingo :)
Framedragger: but the bootstrap website says that it's industry proven, has FB logo. MIXED SIGNALS
Framedragger: ic. i fiddled with it around ~2009 i think. but maybe with some 'freeware' version or w/e.
Framedragger: asciilifeform: orly, commercial? hah ok, didn't know
Framedragger: author made strong opinionated choices etc, was interesting iirc
Framedragger: i never got to really explore D, but vaguely recall the compiler not being / not relying on llvm some years ago
Framedragger: i mean, one can have a local entry in hosts file, even with old ip it seems, the client just needs to supply a correct 'Host' header field
Framedragger: LOL
Framedragger: if nc'd to 208.94.116.204
Framedragger: X-Pingback: http://www.loper-os.org/xmlrpc.php
Framedragger: Server: Apache
Framedragger: Date: Wed, 10 May 2017 16:25:26 GMT
Framedragger: HTTP/1.1 200 OK
Framedragger: Host: www.loper-os.org
Framedragger: GET / HTTP/1.1
Framedragger: asciilifeform: apparently it works with 208.94.116.204, too
Framedragger: srsly
Framedragger: so www.loper-os.org actually becomes www.www
Framedragger: not sure about www.www, i also thought, maybe you have an alias loper-os.org => www.loper-os.org mircea_popescu ?
Framedragger: do you have an entry for loper-os.org?
Framedragger: mircea_popescu uses local hosts file right
Framedragger: ah
Framedragger: damn russian hackers
Framedragger: if i supply this to nc, i get 200
Framedragger: Host: www.loper-os.org
Framedragger: GET /?p=1887&cpage=1#comment-18086 HTTP/1.1
Framedragger: hm
Framedragger: i wonder if mircea_popescu'd get the same if he ran a manual GET under `nc loper-os.org 80` hah
Framedragger: i mean, at this point i'd almost recommend to run a traceroute....
Framedragger: seems that www.www is the 301 *target* returned to his client, hah
Framedragger: no, mine does not redirect, incl. with curl (gives 200)
Framedragger: asciilifeform: loads fine, and reloads fine
Framedragger yet to fetch keys and side-channel-verify...
Framedragger: oh shit, you meant sig. no, sorry
Framedragger sees
Framedragger: http://btcbase.org/log/2017-05-10#1654047 << php error_log may be able to tell you something? oblig caution re. gas mask, tho... ☝︎
Framedragger: (not yet, but plan to later)
Framedragger: gizmolearner: http://btcbase.org/log ; http://logs.bvulpes.com/trilema ; http://log.mkj.lt/trilema/today ; pasting anchor hrefs from the first and the last will make bots sitting in channel quote those lines
Framedragger goes to rearrange life
Framedragger: ben_vulpes: true :( (painfully aware of it)...
Framedragger: there is that. i don't do lots of driving at all, and plan to avoid driving at night, ever. but, yeah, point taken.
Framedragger: heh, yeah, true...
Framedragger: re. soup, i dunno stats / anecdotal cases, but there have been instances of otherwise-high-hygiene folks getting nasty bacteria by forgetting not to use tap water, once (source is unreliable bbc article so yeah, meh); etc.
Framedragger: yeah, suppose so!
Framedragger will bring it up on next visit
Framedragger: mircea_popescu: multiple operations? i haven't even considered that. hmm, thanks for the pointer
Framedragger: omg it seems that it is, wrong value passed to strncmp ahahaha
Framedragger: and in scanning news, launched ipv4 rescan. (1st phase, which is easier than 2nd phase (key extraction), but will give us some interesting data nonetheless.)
Framedragger: heh.
Framedragger: asciilifeform: are you planning on building an entropy source based on them, then? :) need a good uv light reader, or something? ☟︎
Framedragger: gizmolearner: now you can `/msg deedbot !!up gizmolearner`
Framedragger: !!v A4F5EC635F416E296E2BCA9C11C7D7F4701F9E5B516236AD55C29E4A844F158D
Framedragger: !!rate gizmolearner 1 apu etc. tinkerer / new blood
Framedragger: gizmolearner: just fyi, you could register your gpg key with deedbot (http://deedbot.org/help.html), would make things easier
Framedragger: !!up gizmolearner
Framedragger: (one good outcome of .lt joining .eu: was able to get driver's license (change in regulations for driving, if person can see well with glasses)) ☟︎
Framedragger sits here with ~ -10 dioptre (genetics, man)
Framedragger: gets more dangerous with more intense myopia etc., doesn't it? ☟︎
Framedragger: and good environment for all kinds of very nasty bacteria to flourish ☟︎
Framedragger: !!up gizmolearner
Framedragger: !#s abolition of work
Framedragger: phf`: ah ok that makes sense. i checked bob black (lols), yeah gotcha. lulzy re "art"
Framedragger bbl, sleep
Framedragger: i guess i need to educate self more. (also, e.g. bakunin called himself "socialist" heh, but that's just change of value of term over time)
Framedragger: anarchists? hm.
Framedragger: (or hm, not sure.)
Framedragger: very nice. not a lot of uhh modulation (i guess is the word) possible. but cool
Framedragger: (but what if function of said idea is mockery? G-d knows!)
Framedragger: k.
Framedragger: !!up gabriel_laddel_p
Framedragger msg'd vc about #t presence and whether he's interested, as of now he's not considering offering dedi boxes tho, it seems
Framedragger will rate moar later
Framedragger: !!v B7B6AC45283C343C3195042D6CE20D54E1707D9C315CD0D2016AA7D1435CC52B
Framedragger: !!rate vc 2 used his box.cock.li vps service, no issues, fast response, good guy
Framedragger: oblig, https://www.youtube.com/watch?v=up863eQKGUI don't copy that floppy!
Framedragger: http://btcbase.org/log/2017-05-05#1652133 << ah this may indeed be relevant, haven't seen it, will check, thanks! ☝︎
Framedragger: http://btcbase.org/log/2017-05-05#1652129 << and yeah this is PROBABLY the way to get burned. asciilifeform imagined the archiver as a "public whore prostitute", a box which can be exposed to exploits and malware, but that's even more dirty. (that said, may be the way to go.) ☝︎
Framedragger: possibly taleb's writings, etc. and yeah it sucks and may be the wrong choice politically (contrast with mp's explicit refusal to load PDFs, period).
Framedragger: http://btcbase.org/log/2017-05-05#1652110 << and yeah to be clear i did skip this consciously, knowing that i'd be stepping into a swamp. and while i'd very much like to embrace http://btcbase.org/log/2017-05-05#1652126 , it is the case that i'd like to be able to archive shitsites which don't render without JS. ☝︎☝︎
Framedragger: http://btcbase.org/log/2017-05-05#1652109 << yeah it does, relevant refs are probably http://btcbase.org/log/2017-04-05#1637988 and http://btcbase.org/log/2017-04-05#1638129 (re. images in particular, i know, painful) ☝︎☝︎☝︎
Framedragger: http://btcbase.org/log/2017-05-05#1652107 << yeah, output should be sane, but more research needed. ☝︎
Framedragger: rehi, finally almost-summer here (hey it's a big deal here when it's not mist and misery more than 50% of the week), frolicking in the sun :)
Framedragger: also not sure how easy it'd be to do the "have JS run, then save the resulting no-JS snapshot" thing (for having properly rendered copies without JS in them.)