**** BEGIN LOGGING AT Thu Feb 07 02:59:57 2019 Feb 07 03:16:46 I recently had a plate break while being microwaved, do not know why it broke because I do not think we would have it at my office if it was not safe to microwave. Feb 07 04:41:44 Because it was heated unevenly. Feb 07 04:43:16 The plate will expand slightly when heated. If you heat only a single part, that part will expand and the cool part will stay the same, so you get some amount of tension between the hot/cold parts. Feb 07 05:55:15 Maxdamantus: ACK. Feb 07 07:20:30 DocScrutinizer05: swap of battery did not remove my connection problems, but I think it did improve it a bit. Feb 07 07:21:34 like for now. I switched to gprs and lost network signal only once. Feb 07 08:50:48 3G consumes more power too Feb 07 09:28:23 What part of MicroB packages is responsible for parsing JS? Because it is getting tiring to see websites, such as Moodle, not working due to what looks like Javascript incompatibility. Feb 07 09:28:57 So far, I am thinking of microb-engine... Libmozjs.so looks suspicious. Feb 07 09:29:14 Wikiwide: yes, it will be libmozjs Feb 07 09:30:07 You probably won't be able to simply replace that with a newer version, since ime, JSAPI tends to have breaking changes quite frequently. Feb 07 09:30:32 Thank you! It would be fun to run Virtual Reality on ancient Nokia N900 ;-) That is, if intricate details of graphics handling will not make it impossible. Feb 07 09:31:33 So, libmozjs.so isn't the only file to be changed - the files relying on it will need to be changed as well, to handle changes in JSAPI? Feb 07 09:32:15 You'd very likely need to upgrade libxul or whatever it's called too. Feb 07 09:32:19 But the changes will likely not go outside microb-engine - engine is engine, nothing else needs to be concerned about JS. Feb 07 09:32:39 jonwil seemed to be putting quite a lot of effort into something like that recently. Feb 07 09:32:45 Libxul... Why is it here at all? MicroB doesn't use XUL, right? Feb 07 09:33:02 Yes, it's a XUL application, like Firefox. Feb 07 09:33:13 Maxdamantus: where may I see jonwil's progress? Feb 07 09:33:39 XUL support can be disabled, just like SVG support can be disabled? Feb 07 09:33:48 https://talk.maemo.org/showthread.php?s=3cbd26c5a4a8d869fac0ba3df7a9984d&t=100296 Feb 07 09:34:11 No. XUL is the platform that the browser is implemented on. Feb 07 09:34:38 It's like trying to disable Gtk+ support from X-Chat. Feb 07 09:35:01 Firefox was implemented on XUL. Modern Firefox is not XUL-based. MicroB isn't XUL-based, either? Feb 07 09:35:03 Actually, X-Chat does have other frontends, so it's probably more drastic than that. Feb 07 09:35:27 Thank you :-) I amin fairly tumultous circumstances myself, so I am not sure when I will steadily devote time to actually editing code. Feb 07 09:35:58 I'd be surprised if modern Firefox is not "XUL-based", but when I say "XUL" I basically mean gecko/xulrunner. Feb 07 09:37:02 The thing that "runs" Firefox or MicroB, whether those applications involve actual XUL markup, or just JavaScript that produces XUL DOM structures, or just uses the set of services that have evolved throughout the gecko project. Feb 07 09:37:12 I like Gecko. I like XUL, even, but I think that Hildon interface is better for Maemo 5 than XUL interface. Feb 07 09:37:14 I'm pretty sure it still uses at least XUL DOM though. Feb 07 09:37:56 Don't think so... Should look into modern Firefox. I think it's anti-XUL Feb 07 09:38:48 Definitely still using XUL: chrome://browser/content/browser.xul Feb 07 09:39:13 You can open that URL in current versions of Firefox and introspect the XUL DOM elements in the developer tools. Feb 07 09:42:46 Apparently what they mean by being anti-XUL is just anti-non-standard sets of elements. Feb 07 09:43:47 So architecturally I suspect they don't really intend to change much, just reimplement the UI using HTML elements instead of XUL elements. Feb 07 09:57:05 from that jonwil thread: > Although I am very close to saying "screw it" and looking for a fork of webkit or similar that works on our ancient libraries but supports the features needed (TLS 1.2 in particular but also more modern HTML/CSS/JS so it can render web pages that microb can't do). Feb 07 09:58:59 My solution to the TLS problem is to just run a MITM proxy I wrote, which runs using a modern version of OpenSSL and just creates certificates for domains on the fly, signed by my own root certificate that I've installed in Opera. Feb 07 09:59:26 is it working well? mind to share? :) Feb 07 10:01:25 It pretty much works. There are probably some optimisations that would be worth doing; atm it uses a thread for each connection, and I have a suspicion that there is a slight connection delay due to the signing of that certificate at the beginning of each connection (it could instead do something like keep a cache of the last X used certificates to avoid resigning if a single site involves multiple Feb 07 10:01:31 sockets) Feb 07 10:02:12 https://gist.github.com/Maxdamantus/e32ab94dbc5d9d43298428400020620e Feb 07 10:05:47 I just run that in my debian wheezy chroot, after compiling the latest version of openssl there. Feb 07 10:09:28 The reason it needs a relatively new version of OpenSSL is for easy host verification. Supposedly a few versions back you would have to implement a lot of that yourself (or pull in some other dependency that does). Feb 07 10:10:47 (or you could just not do host verification, but I'd rather not do that) Feb 07 10:14:47 I'd also like to have a wrapper script that generates a certiicate db file for Opera, so the private key only needs to be kept in memory, but I wasn't able to figure out the format for that in the time I spent looking into it. Feb 07 10:15:45 in fact, the only way I got it to work was by running an old version of Opera on my desktop machine and adding the certificate there, then copying the certificates database file over to the N900 Feb 07 10:16:18 and also chmodding that file so it wouldn't get rewritten on startup Feb 07 10:21:02 HTML is for hyper text, not for GUI of an application. Unless the whole application is intended to be text interface - akin to ncurses, but built with HTML. But I am being picky. Feb 07 10:22:41 "HTML" also refers to a bunch of things, not just markup. Feb 07 10:24:05 And the provided ssl workaround, while apparently better in terms of privacy than using a third-party proxy - and I have to wonder if it is possible to run a new-tls-to-old-ssl proxy directly on N900... Still doesn't resolve problem of JS engine being too ancient for modern websites. Feb 07 10:24:30 I run the proxy on my N900. Feb 07 10:24:46 that's how I've been using all sites for the last few months. Feb 07 10:25:03 (and that's its function: new-tls-to-old-ssl) Feb 07 10:26:06 That's great :-) I am just surviving by dismissing all these new-security websites as haughty, and choosing anz.com instead of anz.com.au for Internet Banking. Feb 07 10:26:34 How difficult is it to set up this proxy? A package from repository, or?.. Feb 07 10:27:14 Yeah, I currently can't use my online banking in Opera due to lack of JS features like `Set` Feb 07 10:28:09 ANZ Internet Banking works fine in MicroB, absolutely fine - just a tad slow JS when doing a bank transfer. Feb 07 10:28:54 I was thinking of just adding some polyfills or something to edbrowse and then using that for banking. Feb 07 10:29:12 I like /etc/hosts blocking (DNS redirecting to localhost) of advertisements, but I feel like that's not enough. Feb 07 10:29:52 atm I can only use it on Iceweasel in the debian chroot, which seems to be very memory intensive. Feb 07 10:31:14 as for running it, you need to build openssl somewhere, then compile the C file using a command something like: Feb 07 10:31:17 gcc -D_BSD_SOURCE -D_POSIX_SOURCE mitm.c -lssl -lpthread -Wall -pedantic -std=c99 -I /mnt/sd/build/openssl/include/ -L /mnt/sd/build/openssl/ -lcrypto Feb 07 10:31:44 I feel like somewhere during parsing of source code web browser should smartly (with something like userContent.css and userContent.js?) cut off all but the most essential parts of web page, somewhat similar to Reading Mode? So that number of DOM elements being remembered and rendered is minimised. Feb 07 10:32:33 /me whistles Feb 07 10:32:49 I don't have an SD card, so far. Feb 07 10:32:52 and you need to create a private key and corresponding root certificate (both PEM files), then you can run it as something like ` SSL_CERT_FILE=ca-certificates.crt ./a.out cakey.pem cacert.pem 127.30 9876` Feb 07 10:33:20 Doesn't require an SD card. Just happens to be where my openssl build directory is. Feb 07 10:34:10 Where do I find source code? Is openssl also buildable with a single command? Feb 07 10:34:45 Because it's seriously tiring when most pages just fail due to security. Feb 07 10:34:58 https://github.com/openssl/openssl Feb 07 10:35:25 I was able to just build the master branch there without difficulty in my wheezy chroot. Feb 07 10:35:36 Might build under maemo too, haven't tried. Feb 07 10:36:07 * Maxdamantus already runs other things from wheezy anyway, so prefers to build things there. Feb 07 10:36:19 No need to fetch something-dev? Feb 07 10:36:52 When openssl compiles, is it just one .so file? Feb 07 10:38:18 Does MicroB use the same certificates as maemo-security-certman? Feb 07 10:53:38 Dunno if it requires -dev packages. It'll probably fail on ./configure if it's missing something. Feb 07 10:54:03 it's not just one .so file. I think there's libssl and libcrypto. Feb 07 10:55:28 but transitively, the program should only depend on libssl, libcrypto, libpthread and libc. Feb 07 11:08:45 Maxdamantus: I will free up some space on MyDocs (it's choke-full of files, such as thousands of photographs). But last I heard, new-ish openssl is in repositories anyway - fahrplan has to support the latest security protocols. Feb 07 11:08:51 http://maemo.merlin1991.at/cssu/community-devel/pool/free/o/openssl/ Feb 07 11:11:44 Ah, that should be okay then. Feb 07 11:14:04 Qml-browser sounds interesting. As in, recompiling MicroB against newer openssl sounds like a pain, whereas Qt4 and qml-browser are apparently already compiled against newer openssl. Feb 07 11:16:40 Forgot about that one. Feb 07 11:18:45 Just looking at https://talk.maemo.org/showthread.php?t=100343&page=2 and wondering how JS is in this browser. Feb 07 11:19:28 URL navigation seems a bit flaky, but apparently I've still got the latest version, and I must've installed it years ago. Feb 07 11:27:22 Uh-huh. As a lazy person, instead of downloading individual packages, I added the whole community-devel repository. Now application manager is checking for updates... Feb 07 11:27:49 and yeah, my mitm.c compiles fine on Maemo just using the current version of libssl-dev from community-devel. Feb 07 11:28:34 Maxdamantus : package your proxy into community-devel repository? ;-) Feb 07 11:30:08 I should have packaged "duckduckgo search engine" into repositories long ago, but packaging it properly is a hassle - easier to edit everything manually. Feb 07 11:30:28 Maybe. The main thing is probably that compiling it is about the easiest part of setting it up. Feb 07 11:31:56 Since you also need to create a private key and root certificate, and probably a recent distribution of ca-certificates for host verification, and you need to get whatever browser you're intending to use to accept that root certificate. Feb 07 11:32:11 Yes. The trickiest part with ddg search engine is imagining that there is also an xyz search engine packaged. Feb 07 11:32:13 and you need to get your browser to connect to it as an HTTP proxy. Feb 07 11:33:10 HTTP proxy configuration on microb seemed quite annoying; it just takes the system settings, which means you need to configure the proxy through Maemo settings for every network you use. Feb 07 11:33:12 Whatever browser : browser-switchboard knows something about choosing which browser is being used. Feb 07 11:33:58 Annoying, but reliable. Better than having each browser use its own configuration. Feb 07 11:34:37 And I use four different networks, at most. Home wifi, eduroam, uniwide and cellular data. Feb 07 11:35:30 Are there any default presets for networks? So that each new network would, by default, use the proxy? Feb 07 11:36:09 this is an issue on a lot of mobile devices Feb 07 11:36:13 Oh right, opera did that as well, but I stopped it by just chmodding the configuration file to be non-writable. Feb 07 11:36:27 isnt opera sold to some chinese corpo? Feb 07 11:37:57 Installed ddg: google->ddg. Installed xyz: ddg->xyz. Uninstalled ddg: xyz->google. Uninstalled xyz: google->ddg. Expected outcome: google. Received outcome: ddg. Bug. Feb 07 11:38:35 The only way out is to say that each search engine conflicts all other search engines. Feb 07 11:38:53 Then there would be no such tangles. Feb 07 11:40:18 But I don't know if it's possible to say that ddg-engine provides/replaces and conflicts at the same time. Feb 07 11:44:15 yeah, because bug exists in newer kernels Feb 07 11:44:19 erm, wrong chan Feb 07 19:36:24 How do I add CSSU devel to HAM? I tried http://maemo.merlin1991.at/cssu/ community-devel free, doesn't seem to work. Feb 07 19:47:59 http://maemo.merlin1991.at/cssu/community-devel/ ./ free doesn't seem to work, either Feb 07 19:53:02 http://maemo.merlin1991.at/cssu/community-devel/ fremantle free Feb 07 22:37:09 Apparently, the repository is http://maemo.merlin1991.at/cssu/community-devel/ fremantle free. However, qml-browser requires qt-components-hildon? Which should be available in extras-devel, but doesn't show up for me. Feb 07 23:29:38 Okay, downloaded qt-components-hildon manually from extras-devel and got them installed. And qml-browser, too. Feb 08 00:52:16 isnt opera sold to some chinese corpo? Feb 08 00:52:16 Yes, it was but I still use Opera for Android until Vivaldi is released for Android. Feb 08 00:53:13 I thought that X-Chat could use text mode in addition to GTK+ for the front end? Feb 08 00:54:20 Sigh, I am spending my time on a problem caused by a software licensing regime instead of a “real” problem. Feb 08 01:08:06 What does the end user see when they try to access a Web site that needs a newer/higher version of TLS than their system supports? I can try for myself on my N900 when I am back home tonight if I remember. Would Firefox 2 on Windows 98 have this problem too because Firefox 2 is the last release that officially supports Windows 98 if I recall correctly? Feb 08 01:11:55 brolin_empey: iirc it will have some message like "protocol error" or something. Feb 08 01:12:09 brolin_empey: it's one of those "Try again" pages anyway. Feb 08 01:15:20 Actually, I think I already had this failure mode with old Netscape versions on Windows. Feb 08 01:17:06 Maybe s/old/early/ Feb 08 02:06:39 Qml-browser doesn't show any signs of having newer openssl Feb 08 02:30:17 Looks like I need devel versions of all the qt4-x11 packages **** ENDING LOGGING AT Fri Feb 08 02:59:56 2019