**** BEGIN LOGGING AT Tue Aug 25 02:59:59 2015
Aug 25 09:01:38 <zGrr> moin :)
Aug 25 10:28:11 <KotCzarny> But I still use oscp daily and it's part of the reason I'm back using my n900.
Aug 25 10:28:46 <KotCzarny> what a beautiful comment for a coder
Aug 25 10:28:48 <KotCzarny> :)
Aug 25 10:29:11 <KotCzarny> pity most of the n8x0 users don't browse tmo these days
Aug 25 17:06:43 <KotCzarny> ok, anyone played with fmtx ?
Aug 25 17:14:31 <DocScrutinizer05> fahrplan fixed and in extras-testing. Please QA and vote  
Aug 25 17:16:50 <KotCzarny> or in other words, is there a source for fmtx_client or any other way to enable/modify rds programatically (other than exec or system)
Aug 25 17:28:46 <totalizator> guys, I want to buy *new* N9; do you know any verified sellers from EU?
Aug 25 17:29:01 <KotCzarny> um, are you really sure you want n9?
Aug 25 17:29:12 <KotCzarny> many people say bad things about harmattan
Aug 25 17:30:01 <totalizator> um, I don't but I'm sick of searching an Android phone that would suit me
Aug 25 17:30:36 <KotCzarny> learn droid sdk?
Aug 25 17:31:09 <totalizator> and the main reason I'm still using N900 is the camera 
Aug 25 17:31:22 <Sicelo> camera?
Aug 25 17:31:47 <KotCzarny> i think you can shoot in RAWs with n900
Aug 25 17:31:48 <KotCzarny> :)
Aug 25 17:32:16 <totalizator> KotCzarny: nah, I just want a smarter phone as N900 is more and more like a feature phone for me
Aug 25 17:32:31 <totalizator> Sicelo: the N900 camera quality is superb
Aug 25 17:32:37 <KotCzarny> o.O
Aug 25 17:32:40 <KotCzarny> is it?
Aug 25 17:33:15 <Sicelo> but i'm sure our 5MPix won't compare with other newer shooters (android...)
Aug 25 17:33:28 <bencoh> Sicelo: actually ...
Aug 25 17:33:43 <totalizator> yup, I have documented last few years of my life with it so I know what I'm saying :3
Aug 25 17:34:05 <bencoh> the ccd is noisy and the aperture is too small, but other "smart"phone have the aperture issue
Aug 25 17:34:24 <Sicelo> nice to hear that. tbh i haven't used my camera so much (in the last 4 years) until recently :)
Aug 25 17:34:38 <bencoh> they're a bit less noisy, have a higher resolution, and try to hide bad results with image processing
Aug 25 17:35:32 <totalizator> hah, I'll try to prepare a small compilation of my best photos taken with N900 
Aug 25 17:35:34 <Sicelo> so totalizator in what way is N900 a feature phone? what is it lacking? (asking, not because i disagree, but to understand ...)
Aug 25 17:35:52 <KotCzarny> hmm, used n9 goes for ~70eur
Aug 25 17:36:42 <KotCzarny> and new one for ~120eur
Aug 25 17:36:43 <totalizator> almost all Internet features are dead for me
Aug 25 17:37:04 <totalizator> using the browser is a pain
Aug 25 17:37:16 <KotCzarny> totalizator: internet streams are playable without a problem
Aug 25 17:37:22 <KotCzarny> (audio)
Aug 25 17:37:27 <totalizator> apps are outdated or slllooow
Aug 25 17:37:29 <KotCzarny> and youtube is also supported in a way
Aug 25 17:38:19 <Sicelo> maybe you need to do your research properly .. N9 might just disappoint you as well
Aug 25 17:38:38 <KotCzarny> n9 has 1G of ram
Aug 25 17:39:14 <KotCzarny> so has a chamce to run webkit/firefox just fine
Aug 25 17:39:31 <Sicelo> of course it has 4x ram. 2x faster processor too
Aug 25 17:39:46 <Sicelo> do they have such browser in harmattan world?
Aug 25 17:40:33 <totalizator> KotCzarny: media capabilities are more than OK but it's not whan I need from a phone on a daily basis - I want to check bus timetable, instantly find a route using maps etc.
Aug 25 17:41:12 <totalizator> I want to try N9 mainly because it's quite cheap nowadays
Aug 25 17:42:11 <totalizator> but it's hard to find a new one and many are fake chinese replicas
Aug 25 17:42:15 <KotCzarny> hmm, forum.meego.com is down?
Aug 25 17:42:28 <KotCzarny> http://my-meego.com/software/applications.php?fldAuto=18&faq=9
Aug 25 17:42:31 <Sicelo> i love its hardware. very very nice (sans hwkbd)
Aug 25 17:42:34 <KotCzarny> anyway, someone built it and ran
Aug 25 17:43:55 <KotCzarny> but fennec was abandoned long time ago
Aug 25 17:44:59 <Sicelo> totalizator: maybe you'll have better luck with used N9 then?
Aug 25 17:45:36 <totalizator> contrary - I'm concidering things like Sony Z3 Compact and Iuni I3
Aug 25 17:46:05 <Sicelo> :)
Aug 25 17:46:18 <totalizator> Sicelo: seems like there is no other option
Aug 25 17:46:26 <totalizator> lel, I know
Aug 25 17:47:41 <Sicelo> best wishes
Aug 25 17:47:55 <totalizator> Iuni I3 is less than 200€ but I have heard it has no Google Play by default Q__Q
Aug 25 17:48:05 <KotCzarny> totalizator: are you going to sell n900 cheaply?
Aug 25 17:48:19 <totalizator> KotCzarny: NEVER
Aug 25 17:48:22 <KotCzarny> :)
Aug 25 17:48:26 <totalizator> :3
Aug 25 17:49:05 <KotCzarny> http://talk.maemo.org/showthread.php?t=90537
Aug 25 17:49:11 <KotCzarny> this one looks interesting
Aug 25 17:49:34 <KotCzarny> i wonder if anyone backported it to n900
Aug 25 17:50:40 <Sicelo> KotCzarny: http://talk.maemo.org/showpost.php?p=1417776&postcount=172
Aug 25 17:50:52 <KotCzarny> [']
Aug 25 17:51:10 <KotCzarny> still, could be newer/faster than fennec
Aug 25 17:51:18 <totalizator> Sicelo: "best wishes" - please elaborate on this
Aug 25 17:51:46 <KotCzarny> totalizator: i think he thought that you are gonna sell n900
Aug 25 17:51:52 <Sicelo> nothing more totalizator. just hope you find something to suit your needs, whether it be N9 or some Droid
Aug 25 17:52:15 <totalizator> KotCzarny: Sicelo: oh
Aug 25 17:53:23 <totalizator> btw - I have lost faith when it comes to better, faster N900 web browser - impossible Q__Q
Aug 25 17:53:28 <Sicelo> nah, haha. i know totalizator has been a long time user of N900. selling would be sacrilege ;)
Aug 25 17:53:49 <KotCzarny> totalizator, i think main showstopper is memory size
Aug 25 17:53:59 <KotCzarny> and most of it eaten by os
Aug 25 17:54:08 <totalizator> KotCzarny: ++
Aug 25 17:54:48 <totalizator> Sicelo: sometimes, during a panic attacks I'm looking for a spare N900 to buy ;)
Aug 25 17:55:11 * ecc3g also looks for a spare n900 after buying an android phone...and is totally disappointed.
Aug 25 17:55:20 <KotCzarny> :)
Aug 25 17:55:33 <KotCzarny> i'm looking for a spare n900 for .. science and stuff ;)
Aug 25 17:55:48 <KotCzarny> gonna hack it hard when i get around it
Aug 25 17:55:50 <ecc3g> i hate android, i thought i could try to acclimate to it but every moment I use it, I get more and more pissed at it
Aug 25 17:55:51 <totalizator> android phones are like a lesser evil - a tools, nothing more
Aug 25 17:56:38 <KotCzarny> http://talk.maemo.org/showthread.php?t=85191
Aug 25 17:56:39 <KotCzarny> hmm
Aug 25 17:56:53 <KotCzarny> anyone tried alopex?
Aug 25 17:57:48 * ecc3g got an Asus Zenfone2 (4GB RAM, 64GB eMMC, 2.3GHz..., alas completely soured by android... can't use it.)
Aug 25 17:58:12 <KotCzarny> acc3g: write your own apps?
Aug 25 17:58:16 <ecc3g> so sad...
Aug 25 17:58:17 <KotCzarny> it's not that hard
Aug 25 17:58:20 <ecc3g> need to replace the whole OS
Aug 25 18:01:33 <ecc3g> I do wonder how hard it is to replace the whole OS... powervr is a problem, but dunno about the baseband processor
Aug 25 18:01:49 <KotCzarny> ecc3g, with closed pieces, hard
Aug 25 18:02:26 <ecc3g> well... that's the question, I dont know how closed the baseband is. powervr is definitely a problem
Aug 25 18:02:42 <ecc3g> but the kernel module is floating around
Aug 25 18:03:08 <Sicelo> bootloader hackable or open?
Aug 25 18:03:22 <ecc3g> someone apparently hacked it already
Aug 25 18:03:40 <ecc3g> no idea for sure.  pretty sure it's some UEFI though.
Aug 25 18:05:19 <Sicelo> ah .. if you're able to boot something else, then the device starts to look very attractive ;)
Aug 25 18:05:38 <Sicelo> i had wished somebody would do that with Nokia's N1 tablet
Aug 25 18:05:43 <ecc3g> yes it's good hardware, just bad sofware :(
Aug 25 18:06:39 <ecc3g> (someone ran windows7 on the phone, but it wasn't clear how it was running.  looked like VM on the phone which isn't as interesting)
Aug 25 18:07:28 <Sicelo> yes .. i see someone with Ubuntu chroot on XDA as well
Aug 25 18:07:32 <ecc3g> if i could run gentoo on this phone and still have 4g and "phone" capability, that would be great.
Aug 25 18:07:50 <Sicelo> N900 .. N900 ... N900
Aug 25 18:07:53 <Sicelo> haha
Aug 25 18:08:25 <ecc3g> yeah
Aug 25 18:08:38 <KotCzarny> hmm, midori supports html5+css3
Aug 25 18:08:40 <ecc3g> it's still my preferred phone because of software
Aug 25 18:17:23 <DocScrutinizer05> ((<Sicelo> of course it has 4x ram. 2x faster processor too)) just like Neo900 ;-D
Aug 25 18:20:51 <Vajb> yo im back \o
Aug 25 18:21:08 <KotCzarny> :)
Aug 25 18:22:04 <Vajb> got few new problems with phone
Aug 25 18:23:19 <Vajb> now when i took more pictures than usually i noticed that after few pics camera just freezes when it should show taken picture and i have to kill it manually and picture is of course lost
Aug 25 18:23:49 <Vajb> is there way to get some debug stuff or this is known problem?
Aug 25 18:24:24 <KotCzarny> dmesg?
Aug 25 18:24:37 <Vajb> it is easy to reproduce. Just take less than ten pictures and it freezes
Aug 25 18:24:52 <KotCzarny> monitor free space?
Aug 25 18:24:53 <Vajb> umm just to run dmesg when it hangs?
Aug 25 18:25:10 <DocScrutinizer05> I think it's sort of seen-before problem nobody really was able to tackle so far
Aug 25 18:25:21 <Vajb> 3,36gb
Aug 25 18:25:26 <DocScrutinizer05> possibly related to some closed blob driver
Aug 25 18:25:27 <KotCzarny> another trick would be running camera app from terminal
Aug 25 18:25:41 <Vajb> i have camera-ui2 i think
Aug 25 18:25:53 <KotCzarny> uninstall and try stock?
Aug 25 18:26:25 <Vajb> just one time i had to do killall camera-ui to get it back working
Aug 25 18:26:42 <DocScrutinizer05> yes, some assume nicocam would be the culprit, however freemangordon had a very sound argument why it couldn't be related
Aug 25 18:27:17 <Vajb> when i just ran camera-ui from terminal it didn't take picture. Camera ran, but just didn't shoot
Aug 25 18:28:24 <Vajb> hmm maybe i try stock. Been thinking of reflash since i read about doc's never ever do apt upgrade on device...
Aug 25 18:28:40 <KotCzarny> :)
Aug 25 18:28:53 <Vajb> thinking that there might lay some problem
Aug 25 18:29:39 <Vajb> because camera-ui2 is now part of cssu, right? So it should be stable as table
Aug 25 18:30:21 <DocScrutinizer05> camera-ui2 became part of CSSU-T before I was able to argue against it
Aug 25 18:30:25 <Vajb> tho i like new camera-ui more than stock
Aug 25 18:30:41 <Vajb> i see
Aug 25 18:31:48 <Vajb> damn, just realised that i have my other phone laying around useless. Will try if i can reproduce it there
Aug 25 18:31:55 <DocScrutinizer05> in fact it's not thoroughtly tested (at least in my book) and for sure not needed to fix any bug or implement a *needed* feature. So it's basically just forcefeeding to user a app *somebody* considers the better choice between equivalent alternatives. And that's not what CSSU is supposed to do, rather the contrary
Aug 25 18:32:43 <Vajb> well i don't see any problem with new features :)
Aug 25 18:32:56 <Vajb> unless they don't bring any problems that is
Aug 25 18:33:08 <DocScrutinizer05> I see problems with QA and maintenance of new apps
Aug 25 18:33:44 <DocScrutinizer05> and I the heck don't want to get forcefed with new apps when I rather prefer keeping the old stock version
Aug 25 18:34:26 <Vajb> that reminded me of other thing. Last week there was some guy promising to ask for sources. How did it go or no info yet?
Aug 25 18:34:26 <DocScrutinizer05> camera-ui2 *clearly* is _optional_ and *not* _mandatory_
Aug 25 18:35:05 <DocScrutinizer05> I'm not really wondering what been the result of this effort
Aug 25 18:35:07 <DocScrutinizer05> ;-)
Aug 25 18:35:09 <Vajb> yes, you have valid point there
Aug 25 18:35:33 <Vajb> so better would be to give it as option if one wants
Aug 25 18:35:43 <DocScrutinizer05> yes, exactly
Aug 25 18:36:13 <Vajb> like is case with open media player. As far as i know
Aug 25 18:36:41 <DocScrutinizer05> or with firefox instead of ms crap in windows as default browser
Aug 25 18:36:59 <Vajb> oh yeah and one other thing. Yappari crashes from time to time
Aug 25 18:37:02 <DocScrutinizer05> you have an option "make firefox default"
Aug 25 18:37:29 <DocScrutinizer05> why not an option "make camera-ui2 default" ?
Aug 25 18:37:57 <DocScrutinizer05> there is ZILCH reason to forcefeed it to CSSU users
Aug 25 18:38:19 <KotCzarny> features?
Aug 25 18:38:27 <Vajb> im not sure how to reproduce it, but i _feel_ like it happens when i close yapparis window when it's in minimized mode (swithing between apps)
Aug 25 18:38:37 <DocScrutinizer05> and please don't tell me you don't know how to implement that, dear maintainers ;-)
Aug 25 18:39:27 <DocScrutinizer05> actually swapping default camera is baby simple
Aug 25 18:39:39 <Vajb> but it puts users in awkward position. They have think wether they need it or not ;-)
Aug 25 18:40:09 <DocScrutinizer05> which is what whole maemo is all about
Aug 25 18:40:32 <DocScrutinizer05> just Nokia fscked it up
Aug 25 18:40:52 <DocScrutinizer05> ~cherry
Aug 25 18:40:52 <infobot> [cherry] http://wiki.maemo.org/PR1.2_compulsory_My_Nokia_subscription
Aug 25 18:41:15 <DocScrutinizer05> this mindset... :-.(
Aug 25 18:41:44 <Vajb> ah i thing cherry was first thing i purged after flash
Aug 25 18:41:49 <Vajb> think*
Aug 25 18:42:31 <DocScrutinizer05> and that you actually _could_ purge it is courtesy maemo general design principles
Aug 25 18:42:57 <DocScrutinizer05> on Android you need cyanogen mod to purge such stuff
Aug 25 18:43:03 <KotCzarny> with updated meta package, yes
Aug 25 18:43:45 <Vajb> i would love to purge some stuff from my gf's xcover2, but can't be arsed
Aug 25 18:43:58 <KotCzarny> vajb, with root on droid you can
Aug 25 18:44:10 <KotCzarny> simply removing apks from /sys/app etc
Aug 25 18:44:18 <KotCzarny> or whatever was the path
Aug 25 18:44:27 <Vajb> it's limited to 1gb filesystem wether you have sd card or not
Aug 25 18:44:38 <KotCzarny> symlinks
Aug 25 18:44:39 <KotCzarny> :)
Aug 25 18:45:09 <Vajb> im sure it's not that hard, but like i said "can't be arsed" :-)
Aug 25 18:45:41 <Vajb> she didn't cope with maemo so let her suffer mwahahah
Aug 25 18:46:30 <DocScrutinizer05> my gf urgently wants a Neo900 - quite amazing. I guess I have to hand her a N900 first ;-)
Aug 25 18:47:33 <DocScrutinizer05> then otoh she's already lost on standard Luser usage patterns on android phone. So... hmmm
Aug 25 18:48:27 <Vajb> yeah that's how it goes...
Aug 25 18:49:30 <Vajb> heh, guess im hooked. Because while on vacation i looked all stores which sold used phones, but couldn't find any n900
Aug 25 18:50:10 <Vajb> saw one jolla, but was too expensive for used phone imo
Aug 25 18:50:18 <DocScrutinizer05> maybe you want to order one from Neo900 UG?
Aug 25 18:50:34 <DocScrutinizer05> nah, nevermind
Aug 25 18:50:47 <DocScrutinizer05> I'm not going to engage in selling N900s
Aug 25 18:50:52 <KotCzarny> :>
Aug 25 18:50:58 <KotCzarny> i would like one or more n900s
Aug 25 18:51:27 <DocScrutinizer05> I know I could sell a few. But the overhead doesn't make up for the margin I could make on them
Aug 25 18:51:46 <Vajb> what is eta for neo900?
Aug 25 18:52:01 <DocScrutinizer05> they cost me >100EUR plus taxes plus handling plus shipping etc
Aug 25 18:52:16 <DocScrutinizer05> Vajb: so far 1st quarter of 2016
Aug 25 18:52:25 <Vajb> oh
Aug 25 18:53:00 <DocScrutinizer05> ((cost me)) for pretty much mint condition, but anyway
Aug 25 18:53:04 <Vajb> so it's finally happening
Aug 25 18:53:21 <DocScrutinizer05> sure, did you think it's vaporware? ;-D
Aug 25 18:53:56 <Vajb> not familiar with the term, but i thought it'll take few years still
Aug 25 18:54:09 <DocScrutinizer05> times getting tougher, demand for a device built with owner's security and privacy in mind is higher than ever before
Aug 25 18:55:06 <Vajb> speaking of security. Does someone do online banking on n900?
Aug 25 18:56:10 <DocScrutinizer05> I occasionally did, indeed
Aug 25 18:56:14 <kerio> Vajb: ayy lmao
Aug 25 18:56:15 <KotCzarny> um
Aug 25 18:56:23 <KotCzarny> online banking requires working js/java
Aug 25 18:56:25 <kerio> you have to harden microb a little
Aug 25 18:56:27 <KotCzarny> often
Aug 25 18:56:32 <DocScrutinizer05> but really only when in a pinch
Aug 25 18:56:35 <kerio> javascript and java are WILDLY different
Aug 25 18:56:52 <KotCzarny> kerio: they usually need both
Aug 25 18:56:57 <kerio> KotCzarny: no they don't
Aug 25 18:57:06 <kerio> because the iphone exists
Aug 25 18:57:13 <Vajb> yeah my bank uses jave and i haven't got courage to even try it
Aug 25 18:57:16 <DocScrutinizer05> KotCzarny: my bank doesn't need any weird js crap for online banking
Aug 25 18:57:21 <KotCzarny> personal banking usually doesnt require java signing applets
Aug 25 18:57:24 <Vajb> java*
Aug 25 18:57:32 <KotCzarny> but js is almost a must
Aug 25 18:58:00 <kerio> microb is getting a bit outdated in that regard, yeah
Aug 25 18:58:04 <DocScrutinizer05> it's based on https, PIN, and iTANs
Aug 25 18:58:07 <kerio> fennec 17 is recent enough
Aug 25 18:58:15 <KotCzarny> he he
Aug 25 18:58:39 <kerio> DocScrutinizer05: you're forgetting the most important factor
Aug 25 18:58:40 <kerio> insurance
Aug 25 18:58:41 <DocScrutinizer05> I could do online banking with... wget
Aug 25 18:59:06 <Vajb> microb hang when i tried to view local news site with it...
Aug 25 18:59:26 <kerio> it's a damn shame that they dropped support for the maemo ui in more recent firefoxen :(
Aug 25 18:59:29 <KotCzarny> as for security, apart from broken certs, n900 is quite safe (because its obscurity)
Aug 25 18:59:45 <DocScrutinizer05> sure, those are so terribly JS infested, even my PC browser throws up on them
Aug 25 18:59:50 <kerio> KotCzarny: the fuck it is
Aug 25 18:59:57 <kerio> poodle and logjam
Aug 25 19:00:03 <kerio> disabling ssl3 helps
Aug 25 19:00:09 <kerio> and also disabling the most problematic ciphers
Aug 25 19:01:39 <Vajb> yet another "bug" in opera also
Aug 25 19:02:01 <Vajb> when wifi requires authentication it crashes
Aug 25 19:02:31 <Vajb> so i had to authenticate with microb first and then i could browse with opera
Aug 25 19:02:37 <DocScrutinizer05> kerio: to spoof some transaction, they would need a MITM attack on N900, or design a highly customized trojan that actually works in maemo / microB to fake the website content
Aug 25 19:03:04 <kerio> DocScrutinizer05: are you willing to say that our ancient NSS doesn't have any security issues?
Aug 25 19:03:20 <kerio> let alone the rest of the browser
Aug 25 19:03:29 <kerio> for crying out loud, it doesn't even *warn* you of mixed active content
Aug 25 19:03:37 <DocScrutinizer05> I'm using konqueror becuase of that on my PC and I guess they won't bother to write a trojan for that one. On N900 I'm probably even more safe
Aug 25 19:04:03 <kerio> they won't write a trojan for your browser
Aug 25 19:04:14 <kerio> they'll write a fairly generic xss exploit for /your bank/
Aug 25 19:04:16 <KotCzarny> usually weakest link is luser clicking on unsafe links
Aug 25 19:04:33 <DocScrutinizer05> kerio: and how would they trick me into loading it?
Aug 25 19:04:37 <KotCzarny> and yes, xss is a thing
Aug 25 19:04:55 <kerio> they'll serve it from some compromised website
Aug 25 19:04:59 <kerio> usually as an ad
Aug 25 19:05:15 <DocScrutinizer05> only when I do web browsing
Aug 25 19:05:20 <DocScrutinizer05> I don'zt
Aug 25 19:05:28 <KotCzarny> https://en.wikipedia.org/wiki/Cross-site_scripting
Aug 25 19:05:39 <kerio> cool, microb is the safest web browser ever
Aug 25 19:06:14 <DocScrutinizer05> look, when I want to do online banking, I open up microB, go straight to my online banking URL, do my thing, and then I close browser again
Aug 25 19:06:58 <DocScrutinizer05> (btw I do same on my PC. Just there I might have other instances of webbrowser running concurrently - not so on N900)
Aug 25 19:08:22 <DocScrutinizer05> that's very basic precaustion measures when doing sensitive stuff: don't open multiple concurrent web pages. Use a freshly opened browser instance. Go *directly* to the https: URL you want to go to
Aug 25 19:08:43 <totalizator> I can't stop thinking - what about Jolla? any discount codes working right now? 
Aug 25 19:09:24 <totalizator> what would be the lowest price I could get it for?
Aug 25 19:11:11 <DocScrutinizer05> I dunno if those precautions are sufficient to defeat the usual non-persistent (aka trojan) attacks. But the help a lot anyway
Aug 25 19:12:22 <DocScrutinizer05> s/non-//
Aug 25 19:12:23 <infobot> DocScrutinizer05 meant: I dunno if those precautions are sufficient to defeat the usual persistent (aka trojan) attacks. But the help a lot anyway
Aug 25 19:12:36 <DocScrutinizer05> err nevermind
Aug 25 19:13:07 <DocScrutinizer05> s/trojan/non-trojan/ was what I meant
Aug 25 19:13:09 <Vajb> meh my reliable gprs...
Aug 25 19:14:38 <DocScrutinizer05> for trojans I hope for maemo /microB being a too marginal ancient arcane target
Aug 25 19:14:49 <KotCzarny> as i said, security by obscurity
Aug 25 19:14:50 <KotCzarny> :)
Aug 25 19:14:55 <DocScrutinizer05> exactly
Aug 25 19:16:23 <DocScrutinizer05> nevertheless you probably shouldn't do online banking from your mobile device on a regular basis, unless it's specially hardened
Aug 25 19:16:37 <KotCzarny> or use token card
Aug 25 19:16:43 <DocScrutinizer05> yep
Aug 25 19:17:01 <DocScrutinizer05> and even then, it depends on type of card
Aug 25 19:17:08 <KotCzarny> scratch type
Aug 25 19:17:19 <KotCzarny> scratch'n'sniff
Aug 25 19:18:36 <sixwheeledbeast> Vajb: you tried qml-browser?
Aug 25 19:18:59 <DocScrutinizer05> the type where you either input (via sort of kbd) the amount and destination account number, or it reads that stuff from display and shows it to you on a display so you can compare, is considered secure
Aug 25 19:19:41 <Vajb> i think i tried, but can't remember why i didn't like it
Aug 25 19:19:44 <DocScrutinizer05> reads it from phone/PC moni display
Aug 25 19:20:18 <Vajb> reading through xss wiki... interesting stuff
Aug 25 19:22:10 <KotCzarny> doc: or when you enter account nr then on the next page it's displayed and asks for token
Aug 25 19:30:47 <totalizator> so, no Jolla discount codes right now? meh
Aug 25 19:32:17 <DocScrutinizer05> https://en.wikipedia.org/wiki/Cross-site_scripting#Exploit_examples is the typical XSS attack vector which with my online banking would only work if my bank was stupid enough to add such vulnerability to their site, or *I* was so stupid to proceed to my online banking site from another website which injected the trojan into mircoB
Aug 25 19:33:52 <DocScrutinizer05> or, even worse: I'd receive a mail on my N900 (which I generally quit to do at all) with a fake email claiming it's from my bank and advising me to click the URL below to proceed to my online banking
Aug 25 19:34:13 <KotCzarny> as i said, luser is the weakest link
Aug 25 19:34:21 <DocScrutinizer05> :nod:
Aug 25 19:34:51 <KotCzarny> (which also means running vulnerable os (windoze, he he))
Aug 25 19:37:25 <DocScrutinizer05> simple effective rules: #- *always* use a freshly opened browser instance to go to your online banking (NO Google startpage!!!) #- *diectly* enter the HTTPS-URL of your online banking (or rely on your known-good bookmarks, but *check them* nevertheless) #- do *NEVER* open a new tab in parallel to your online banking
Aug 25 19:38:36 <KotCzarny> or just use operation authentication method which is independent of internet
Aug 25 19:38:55 <DocScrutinizer05> that's orthogonal
Aug 25 19:39:12 <KotCzarny> safe enough usually
Aug 25 19:40:03 <DocScrutinizer05> it's another way to block worst doom, however you might disclose details you better shouldn't disclose if you don't follow the very simple 3 points above
Aug 25 19:41:09 <Vajb> so even google startpage is bad?
Aug 25 19:41:15 <KotCzarny> dns hacks
Aug 25 19:41:19 <DocScrutinizer05> even when an attacker exploiting XSS couldn't instantly fake a transaction when you use such auth card, they still can read all private details you see when you access your online banking
Aug 25 19:41:29 <DocScrutinizer05> Vajb: definitely
Aug 25 19:41:29 <Vajb> so one should use empty startpage?
Aug 25 19:41:33 <DocScrutinizer05> yes
Aug 25 19:41:38 <KotCzarny> use local html page if you must
Aug 25 19:41:57 <Vajb> i see
Aug 25 19:42:46 <KotCzarny> quick tip: in firefox entering: g something
Aug 25 19:42:52 <KotCzarny> googles for something
Aug 25 19:43:00 <KotCzarny> (or whatever search engine you have selected)
Aug 25 19:43:02 <DocScrutinizer05> KotCzarny: later on same attacker could use that info to do some phone banking for example
Aug 25 19:43:23 <KotCzarny> my phone banking uses the same scratch card tokens
Aug 25 19:43:28 <Vajb> yes i know
Aug 25 19:44:31 <KotCzarny> building cmake 2.8.12 in scratchbox, so far so good, weird no one compiled it earlier
Aug 25 19:44:38 <KotCzarny> 2.6 from extras-devel is old
Aug 25 19:44:48 <KotCzarny> most stuff requires 2.8.something
Aug 25 19:45:05 <DocScrutinizer05> KotCzarny: whatever, suggesting to forget about reasonable precaution measures since you hope your scratch card is safe enough is quite silly
Aug 25 19:45:35 <KotCzarny> doc, i'm not suggesting that, just saying it's quite nice ADDITIONAL security
Aug 25 19:45:45 <DocScrutinizer05> yes, that's true
Aug 25 19:45:49 <KotCzarny> two-channel auth
Aug 25 19:46:42 <DocScrutinizer05> unlike silly paypal, all decent German banks use some form of TAN to secure transactions
Aug 25 19:47:12 <DocScrutinizer05> which is similar to your scratchcard I guess
Aug 25 19:49:06 <DocScrutinizer05> https://en.wikipedia.org/wiki/Transaction_authentication_number#Indexed_TAN_.28iTAN.29
Aug 25 19:49:43 <DocScrutinizer05> note that "Mobile TAN (mTAN)" is a *very* bad idea on smartphones
Aug 25 19:49:49 <KotCzarny> he he
Aug 25 19:49:54 <KotCzarny> two channel
Aug 25 19:49:59 <DocScrutinizer05> same channel
Aug 25 19:50:04 <DocScrutinizer05> ;-P
Aug 25 19:50:04 <KotCzarny> yeah
Aug 25 20:58:10 <kerio> DocScrutinizer05: http://webpolicy.org/2015/08/25/att-hotspots-now-with-advertising-injection/
Aug 25 20:58:35 <kerio> you're protected if you're connecting directly to https, but still
Aug 25 21:07:12 <DocScrutinizer05> ~ping
Aug 25 21:07:12 <infobot> 1 packet transmitted, 1 packet received, 0.0% packet loss
Aug 25 21:07:23 <KotCzarny> ~pong
Aug 25 21:07:24 <infobot> ping, or also https://en.wikipedia.org/wiki/First_video_game
Aug 25 21:07:27 <DocScrutinizer05> ooh sorry, different server
Aug 25 21:13:29 <KotCzarny> trying to compile sqlite3, fun
Aug 25 21:14:03 <KotCzarny> [sbox-FREMANTLE_ARMEL: ~/src/browser/SQLite-c1d499af] > make 2>&1 |grep -i error|wc -l
Aug 25 21:14:04 <KotCzarny> 10018
Aug 25 21:17:49 <Sicelo> what's missing in stock version?
Aug 25 21:20:26 <KotCzarny> --   package 'sqlite3>=3.6.19' not found
Aug 25 21:20:39 <KotCzarny> too low
Aug 25 21:21:31 <KotCzarny> and in general trying to compile midori browser
Aug 25 21:21:44 <kerio> Received lag check reply from wilhelm.freenode.net. Time elapsed: 0.04786 seconds. (Rating: Are you plugged into the server?)
Aug 25 21:21:52 <kerio> aw yiss
Aug 25 21:33:09 <DocScrutinizer05> I*am* the server ;-P
Aug 25 21:39:37 <kerio> the freenode server is actually 0.5ms away from my bouncre
Aug 25 21:39:39 <kerio> *bouncer
Aug 25 21:42:35 <DocScrutinizer05> oh, your bouncer has a ping?
Aug 25 21:58:49 <kerio> barely
Aug 25 21:59:00 <kerio> half a millisecond to freenode :3
Aug 25 21:59:16 <kerio> it's like in the building across
Aug 25 21:59:36 <kerio> hold on aren't you on hetzner as well
Aug 25 21:59:41 <KotCzarny> unless you are playing some irc game, does it matter?
Aug 25 22:00:04 <kerio> KotCzarny: people like you are the reason we're not going to the moon anymore
Aug 25 22:00:05 <kerio> :v
Aug 25 22:00:48 <KotCzarny> and people like you are the reason internet is infested with trolls
Aug 25 22:09:51 <sixwheeledbeast> :D
Aug 25 22:21:35 <KotCzarny> WebKit-SVN-source.tar.bz2
Aug 25 22:21:37 <KotCzarny> Length: 1681553316 (1.6G) [application/x-bzip2]
Aug 25 22:21:40 <KotCzarny> o.O
Aug 25 22:42:10 <KotCzarny> i must say even older midori (0.2.1) works nicely
Aug 25 22:52:27 <KotCzarny> but loading bigger pages reaults in swapthrashing, eh
**** ENDING LOGGING AT Wed Aug 26 02:59:59 2015