Back to Home / #linode / 2018 / 09 / Prev Day | Next Day
#linode IRC Logs for 2018-09-19

---Logopened Wed Sep 19 00:00:56 2018
00:25-!-kirollos [~oftc-webi@] has joined #linode
00:25-!-kirollos is "OFTC WebIRC Client" on #linode
00:27-!-kirollos [~oftc-webi@] has quit []
01:30-!-Juan_Tek [~Thunderbi@2a02:1205:34f8:16b0:9441:b975:d645:c39] has joined #linode
01:30-!-Juan_Tek is "Juan_Tek" on #linode
01:56-!-technoid_ [] has quit [Ping timeout: 480 seconds]
02:17-!-xtrWrithe [] has joined #linode
02:17-!-xtrWrithe is "xtrWrithe" on #tor-south #linode #qemu
03:11-!-Shentino [] has quit [Read error: Connection reset by peer]
03:15-!-Shentino [] has joined #linode
03:15-!-Shentino is "realname" on #linode @#tux3
03:23-!-marshmn [~matt@] has joined #linode
03:23-!-marshmn is "Matt Marsh" on #linode
03:38-!-fstd_ [] has joined #linode
03:38-!-fstd_ is "fstd" on #gentoo #linuxfs #oftc #vserver #linode #kernelnewbies
03:38-!-marshmn [~matt@] has quit [Ping timeout: 480 seconds]
03:38-!-Hobbyboy|BNC [Hobbyboy@] has joined #linode
03:38-!-Hobbyboy|BNC is "Andrew" on #perl #openttd #oftc #moocows #linode
03:39-!-Hobbyboy [] has quit [Read error: Connection reset by peer]
03:39-!-Hobbyboy|BNC is now known as Hobbyboy
03:39-!-fstd [] has quit [Read error: Connection reset by peer]
03:39-!-d1b is "db" on #linode #moocows #xen
04:08-!-theodoor [] has joined #linode
04:08-!-theodoor is "realname" on #hamara #linode
04:09-!-theodoor [] has quit []
04:10-!-theodoor [] has joined #linode
04:10-!-theodoor is "realname" on #hamara #linode
04:40-!-relidy [] has quit [Ping timeout: 480 seconds]
04:52-!-thiras [~thiras@] has joined #linode
04:52-!-thiras is "realname" on #debian #linode #virt #tami
04:52-!-theodoor [] has quit [Quit: Leaving]
05:28-!-Glenn [~oftc-webi@] has joined #linode
05:28-!-Glenn is "OFTC WebIRC Client" on #linode
05:28<Glenn>Hello customer support,
05:29<Glenn>I need to setup SSL on my existing website using Linode hosting.
05:29<Glenn>can you please assist me on it?
05:30-!-Glenn [~oftc-webi@] has quit []
06:07-!-Juan_Tek [~Thunderbi@2a02:1205:34f8:16b0:9441:b975:d645:c39] has quit [Quit: Juan_Tek]
06:17<LouWestin>Glenn’s gone.
06:38-!-dd [~oftc-webi@] has joined #linode
06:38-!-dd is "OFTC WebIRC Client" on #linode
06:39<dd>how to become a Most Valuable Professional of linode
06:42<@mtjones>Are you interested in joining the Linode team? If so, you can see all open positions and apply here:
06:57<dd>no im not interested in joining? i want to beccome a MVP to help my team
06:58<dd>team and students also my clients how use cloud servers
07:01<grawity>I don't think that's a thing here
07:05<dd>my client ask me today you use linode i'm saying yep i used this. now he says provide us your certificate you know about it.
07:06<dd>what can i do for this?
07:07<grawity>not every tech company issues certifications, indeed most don't
07:07<grawity>sadly there are no certs in the ability to convince clients that they're wrong
07:08<dd>yeh i know. but you know client is client and he alway right.
07:09<dd>something he think linode is AWS. hehehe
07:10<LouWestin>There’s no Linode certifications. There’s Linux certifications.
07:11<grawity>LouWestin: well, there *are* AWS certifications
07:13-!-technoid_ [] has joined #linode
07:13-!-technoid_ is "Tech-noid" on +#Corsair #debian #linode
07:15<LouWestin>Oh yeah that too!
07:16-!-thiras [~thiras@] has quit [Quit: Leaving]
07:17<dd>good bye every one take care
07:17-!-dd [~oftc-webi@] has quit [Quit: Page closed]
07:18<rsdehart>clearly any company that doesn't have certifications isn't worth doing business with
07:18<rsdehart>I guess
07:24<LouWestin>Become a certified Linode manager expert?
07:38-!-RobR [] has joined #linode
07:38-!-RobR is "OFTC WebIRC Client" on #linode
07:39<RobR>Hi all.
07:40<RobR>I just got an altert from Microsoft notifying me of 'unusual activity' on my MS account from an IP address belonging to Linode. Can anyone explain this?
07:42<grawity>Linode rents virtual servers to people, people are dicks, people rent servers for malicious purposes
07:45<LouWestin> did you trace back the IP address and Whois said Linode?
07:46<grawity>tbh, forward the email to abuse@ and let them deal with it
07:48-!-_Cyclone_ [~Cyclone@2600:3c00::f03c:91ff:fe1f:53f4] has quit [Quit: Heigh-Ho I'm off to...]
07:48-!-Mannie [~oftc-webi@2407:7000:8c1f:3100:c98b:5345:2f77:6a78] has joined #linode
07:48-!-Mannie is "OFTC WebIRC Client" on #linode
07:48<Mannie>Hello there
07:48-!-Mannie [~oftc-webi@2407:7000:8c1f:3100:c98b:5345:2f77:6a78] has quit []
07:52-!-_Cyclone_ [] has joined #linode
07:52-!-_Cyclone_ is "CPU Heat" on #linode #ceph
07:58<RobR>OK, thanks @grawity
07:58<RobR>@LouWestin, yes
07:59-!-RobR [] has quit [Quit: Page closed]
08:02-!-eyepulp [] has joined #linode
08:02-!-eyepulp is "eyepulp" on #linode
08:11-!-eyepulp [] has quit [Ping timeout: 480 seconds]
08:45-!-acald3ron [] has joined #linode
08:45-!-acald3ron is "Armando" on #linode #debian-next #debian-mx #debian-es
09:06-!-eyepulp [] has joined #linode
09:06-!-eyepulp is "eyepulp" on #linode
09:12-!-anomie [] has joined #linode
09:12-!-anomie is "Anomie" on #linode
09:14-!-Dreamer3_ [] has quit [Ping timeout: 480 seconds]
09:18-!-Dreamer3 [] has joined #linode
09:18-!-Dreamer3 is "Josh Goebel" on #linode
09:38<linbot>New news from kernels: 4.18.8-x86_64-linode117 <> || 4.18.8-x86-linode136 <>
09:53-!-acald3ron [] has quit [Remote host closed the connection]
09:54-!-jeremiah [] has joined #linode
09:54-!-jeremiah is "Jeremiah C. Foster" on #linode
09:55-!-jeremiah is now known as Guest835
10:34-!-kyhwana [~kyhwana@] has quit [Remote host closed the connection]
10:38<Abi12>Is an MVP certificate like a Bachelors degree ;)?
10:39<Abi12>*bad dum tsss*
10:39-!-kyhwana [~kyhwana@] has joined #linode
10:39-!-kyhwana is "kyhwana" on #otr #linode
10:46-!-emerson [] has quit [Quit: WeeChat 2.2]
10:52-!-danstoner [] has joined #linode
10:52-!-danstoner is "Dan Stoner" on #linode
10:53-!-danstoner [] has quit []
10:53-!-danstoner is "Dan Stoner" on #linode
10:53-!-danstoner [] has joined #linode
10:57-!-Daedolon [] has joined #linode
10:57-!-Daedolon is "Daedolon" on #linode
11:19-!-acald3ron [] has joined #linode
11:19-!-acald3ron is "Armando" on #linode #debian-next #debian-mx #debian-es
11:42-!-Dreamer3 [] has quit [Ping timeout: 480 seconds]
11:49-!-me [] has joined #linode
11:49-!-me is "OFTC WebIRC Client" on #linode
11:50<me>Hello, I was wondering before making a purchase - do you guys provide CPanel... I asked because I am migrating from AWS, and I dont want to deal with such headache
11:50<linbot>Install cPanel on CentOS: Linode does not sell cPanel licenses, but it's provided free to Linode Managed customers: Or try a free panel like Webmin: Or just use the command line:
11:51-!-me [] has quit []
12:00-!-gatman [] has joined #linode
12:00-!-gatman is "OFTC WebIRC Client" on #linode
12:01-!-Dreamer3 [] has joined #linode
12:01-!-Dreamer3 is "Josh Goebel" on #linode
12:01<gatman>fail2ban is flagging Zenlayer attempts from IP on our linodes
12:02<gatman>anybody seeing similar recent activity?
12:07-!-gatman [] has quit [Quit: Page closed]
12:22-!-darwin [~d@] has quit [Ping timeout: 480 seconds]
12:44-!-darwin [~d@] has joined #linode
12:44-!-darwin is "Darwin of The Elves" on #linode #bitlbee
12:44-!-marshmn [~matt@] has joined #linode
12:44-!-marshmn is "Matt Marsh" on #linode
12:46-!-Dreamer3_ [] has joined #linode
12:46-!-Dreamer3_ is "Josh Goebel" on #linode
12:47-!-Dreamer3 [] has quit [Ping timeout: 480 seconds]
12:48-!-roland [~oftc-webi@] has joined #linode
12:48-!-roland is "OFTC WebIRC Client" on #linode
12:48-!-roland is now known as Guest843
12:50-!-Guest843 [~oftc-webi@] has quit []
12:53-!-internat [~nf@] has quit [Ping timeout: 480 seconds]
13:02-!-Daedolon [] has quit [Ping timeout: 480 seconds]
13:06-!-acald3ron [] has quit [Remote host closed the connection]
13:09-!-xtrWrithe [] has quit [Ping timeout: 480 seconds]
13:28-!-Daedolon [] has joined #linode
13:28-!-Daedolon is "Daedolon" on #linode
13:34-!-Daedolon [] has quit [Quit: Good luck, Material Defender.]
13:35-!-marshmn [~matt@] has quit [Ping timeout: 480 seconds]
13:39-!-acald3ron [] has joined #linode
13:39-!-acald3ron is "Armando" on #linode #debian-next #debian-mx #debian-es
13:53-!-darwin [~d@] has quit [Read error: Connection reset by peer]
13:55-!-darwin [~d@] has joined #linode
13:55-!-darwin is "Darwin of The Elves" on #linode #bitlbee
14:00-!-Dreamer3_ [] has quit [Ping timeout: 480 seconds]
14:18-!-Dreamer3 [] has joined #linode
14:18-!-Dreamer3 is "Josh Goebel" on #linode
14:45-!-marshmn [~matt@] has joined #linode
14:45-!-marshmn is "Matt Marsh" on #linode
14:48-!-Guest835 [] has quit [Quit: Guest835]
14:57-!-dueyfinster [~dueyfinst@2001:bb6:502b:7d58:9802:f292:f953:b163] has joined #linode
14:57-!-dueyfinster is "Neil G" on #linode
15:06-!-acald3ron [] has quit [Remote host closed the connection]
15:23-!-marshmn [~matt@] has quit [Ping timeout: 480 seconds]
15:32-!-dueyfinster [~dueyfinst@2001:bb6:502b:7d58:9802:f292:f953:b163] has quit [Quit: My iMac has gone to sleep. ZZZzzz…]
15:33-!-dueyfinster [~dueyfinst@2001:bb6:502b:7d58:9802:f292:f953:b163] has joined #linode
15:33-!-dueyfinster is "Neil G" on #linode
15:52-!-dueyfinster [~dueyfinst@2001:bb6:502b:7d58:9802:f292:f953:b163] has quit [Ping timeout: 480 seconds]
16:04-!-Juan_Tek [~Thunderbi@2a02:1205:34f8:16b0:8cd4:7649:55ca:4c9f] has joined #linode
16:04-!-Juan_Tek is "Juan_Tek" on #linode
16:05-!-tj [] has joined #linode
16:05-!-tj is "OFTC WebIRC Client" on #linode
16:14-!-Juan_Tek [~Thunderbi@2a02:1205:34f8:16b0:8cd4:7649:55ca:4c9f] has quit [Remote host closed the connection]
16:22-!-marshmn [] has joined #linode
16:22-!-marshmn is "Matt Marsh" on #linode
16:32-!-elky [] has quit [Remote host closed the connection]
16:33-!-elky is "elky" on #oftc
16:33-!-elky [] has joined #linode
16:39-!-marshmn [] has quit [Ping timeout: 480 seconds]
16:55-!-acald3ron [] has joined #linode
16:55-!-acald3ron is "Armando" on #linode #debian-next #debian-mx #debian-es
16:58-!-marshmn [] has joined #linode
16:58-!-marshmn is "Matt Marsh" on #linode
17:18-!-Netsplit <-> quits: MJCS, anomie, dan64, eyepulp, acald3ron, Guest1810, Kamilion, tmberg
17:19-!-Kamilion is "I am kamilion. But you knew that, didn't you." on #moocows #linode #debian-next #tardigans #debian-live #linode-beta
17:19-!-Netsplit over, joins: Kamilion, acald3ron, anomie, eyepulp, dan64, tmberg, MJCS, Guest1810
17:34-!-cps_ [] has joined #linode
17:35-!-anomie [] has quit [Read error: Connection reset by peer]
17:35-!-cps_ is "Chris Smolinski" on #linode
17:35-!-cps [] has quit [Read error: Connection reset by peer]
17:35-!-cps_ is now known as cps
17:47-!-cps [] has quit [Quit: cps]
17:48-!-marshmn [] has quit [Ping timeout: 480 seconds]
17:48-!-cps [] has joined #linode
17:48-!-cps is "Chris Smolinski" on #linode
18:02-!-tj [] has quit [Quit: Page closed]
19:30-!-William [~oftc-webi@2604:6000:1509:e032:897c:36:a961:2bcb] has joined #linode
19:30-!-William is "OFTC WebIRC Client" on #linode
19:31-!-acald3ron [] has quit [Remote host closed the connection]
19:31<William>Hi. I have a question. Are Linode's Newark servers housed in the same physical datacenter as Cloudflare's Newark (EWR) cluster?
19:34<William>I'm concerned because Cloudflare is caching content that New Jersey is trying to make illegal, and I don't want my server to be at risk of being swept up in an illicit raid.
19:35*millisa puts on a tinfoil hat
19:35-!-fstd [] has joined #linode
19:35-!-fstd is "fstd" on #gentoo #linuxfs #oftc #vserver #linode #kernelnewbies
19:35<millisa>I'm not sure that they would come right out and tell you 'yes, we are in the same facility' . . .
19:35<LouWestin>A couple of the guys here who are or were a employee can tell you possibly.
19:35<millisa>but, you could probably deduce it if you ask them for whatever certifications the DC has to be passed on to you...
19:35<William>Good point, considering they knowingly keep online the biggest content piracy websites. Probably should go to daily backups until it blows over?
19:36<LouWestin>Then again for security reasons...^
19:36<dwfreed>I doubt Cloudflare is in Cedar Knolls
19:36<William>I thought my server was in Newark.
19:37<dwfreed>how many people know where Cedar Knolls is vs Newark?
19:37<William>And pinging Cloudflare's website gets about 1ms ping time.
19:37<dwfreed>it's 10x easier to tell people it's in Newark
19:37<dwfreed>because networks are fast
19:37<dwfreed>if you don't have to travel more than 100 miles, 1ms is about right
19:38<dwfreed>heck, one of Digital Ocean's NYC datacenters is actually in NJ, and yet they still call it NYC
19:38<dwfreed>from a network perspective, there's practically no difference
19:39<dwfreed>besides, Cloudflare does not own the datacenter that Linode uses for Newark, so if Cloudflare was hosting something NJ says is illegal, then legally speaking, NJ couldn't seize Linode servers
19:40<millisa>what content is NJ trying to make illegal that's different than the rest of the states?
19:40<William>Of course such a seizure would lead to a 1st Amendment lawsuit.
19:40<William>Firearm blueprints, specifically 3D printable ones.
19:42<William>And a website that is being promoted heavily is behind Cloudflare, specifically anycast IPs and
19:42<millisa>so are a bunch of kkk sites
19:42<dwfreed>so are a bunch of <insert illegal thing here> sites
19:42-!-fstd_ [] has quit [Ping timeout: 480 seconds]
19:43<William>Believe it or not, KKK isn't illegal, and if one says they are they can be highly litigious.
19:43<LouWestin>Could you move your site to Dallas?
19:43<nate>To be fair 3D designs for weapons being protected by the 1st are still a bit up in the air :P
19:43<nate>That said, I think the fuss over them is dramatically overblown
19:43<LouWestin>For the sake of worrying about it I mean.
19:44<dwfreed>hate speech is not protected by the first amendment
19:44<William>What's currently at dispute is export controls rather than the 1st Amendment issue; the court ruling even admitted the plans could be mailed, securely transmitted, etc.
19:44<William>More like Linode has a 1st Amendment right to refuse to host hate speech, and the ACLU will fight tooth and nail now emboldened by this ruling:
19:45<nate>Ah sorry mis-read above, reading up again though even at that if you think the gov is going to sweep up an ENTIRE datacenter because of shit cloudflare is hosting, you're silly
19:45<William>The government once nuked Blogetery.
19:45<LouWestin>What’s the chances of the Feds raiding Linode?
19:45<millisa>Depends if they have cake
19:45<nate>blogetery is not an -entire- datacenter
19:45<dzho>not Linode, the DC
19:45<dzho>er, the DCs
19:46<William>Remember we do have an unginged president that just killed off net neutrality.
19:46<Peng>LouWestin: What do you mean by "raiding Linode"?
19:46<LouWestin>That’s what I mean. The DC
19:46<nate>Technically we have a verizon weasel in the FCC that killed it off, I doubt trump even knows what net neutrality even is himself.
19:46<LouWestin>What William is worried about happening?
19:46<dzho>if you have a security model that depends on the DC not already being compromised by nation-state actors, you may be in for a bad time
19:46<Peng>LouWestin: Which DC? To what affect? Linode's cages? Other cages? Blowing up the entire building?
19:46<William>Getting cut off.
19:47<nate>But that has largely nothing to do with feds raiding stuff in a datacenter. DC's generally have segmented sections, and they get warrants for the specific equipment of the location
19:47<William>Feds are probably smarter than New Jersey's AG.
19:47<Peng>And since Linode is a VPS provider, they can just ask for images.
19:47<nate>they don't just start going in and pulling everyone's equipment, there'd be such a shit ton of legal violations involved in that
19:47<Peng>nate: I mean, usually.
19:47<dwfreed>search and seizure warrants are still required to be specific
19:47<dzho>nate: I know, just like they wouldn't wiretap the exchanges!
19:47<dzho>except, well.
19:48<dwfreed>doesn't matter if you're dumber than a box of rocks or smarter than albert einstein
19:48<millisa>room 641a is the best room.
19:48<dzho>millisa: ah you beat me to it
19:48<dzho>I had to look it up
19:48<nate>dzho: There's still a big difference between illegal wiretapping and illegal seizure, especially when most of the companies w/ big rackspace in those centers likely have attorney groups that could royally crap on them, collectively at that :P
19:48<nate>(linode included I would think)
19:48<dwfreed>also, the Attorney General is much more of a politician than an acting lawyer
19:49<LouWestin>Ah shit look what you started Willy!
19:49<dzho>like I say, the putative legal heft of corporate attorneys has already been widely acknowledged to count for absolutely jack shit
19:49<William>Of course I made the maybe stupid move to have my nameserver operate on the same server as my website, so if I need to move without warning it will be up to 48 hours before I am back online, not to mention getting new certificates and revoking the old ones, etc.
19:49<dzho>oh, well, they went *that* far but no way would they go *this* far
19:50<nate>dzho: Tell that to all the corporate attorney's that have largely stopped overreach
19:50<dzho>except what *this* and *that* are shifts--you used to be called a tinfoil hatter to hint that anything like 641A might happen.
19:50<dzho>now it's fait accompli
19:50<Peng>William: I've heard there's a good DNS host called Cloudflare. ;-D
19:51<nate>If they were really all that worried about an entire datacenter past what they got a warrant for they'd more likely try and quietly do something with the DC network to be able to MitM there, rather than seize tens of thousands of hardwares and deal with metric craptons of lawyers :P
19:51<dzho>yeah, hauling it out is not the scenario I envision. too noisy. so I guess if that's the question then ok
19:51<William>614A was invented in a time before HTTPS became a big deal.
19:52<William>Of course what's to say they haven't already tapped the Cloudflare proxies?
19:52<millisa>maybe cloudflare is in kahoots. one of them might be in here now.
19:53<nate>Doesn't bother me, I won't use cloudflare :P
19:53<millisa>except for your linode dns?
19:53*nate doesn't use linode DNS :P
19:54<nate>actually apologies I correct myself, I run a dinky little IRC network I took over that I set up on linode DNS cause I was too lazy to add it to my own nameservers
19:54<William>Of course I went to self-hosted for my most recent domain so I can dump for supporting Infowars.
19:55<nate>eh let alex jones make his money selling anti-gay-frog water, it's a good reflection of how many nitwits there are in the world
19:55<nate>if not for him we may never know there were so many :P
20:01-!-eyepulp [] has quit [Remote host closed the connection]
20:14<William>Of course if things get real bad I could just host off a Raspberry Pi at home until Spectrum takes offense...
20:14-!-eyepulp [] has joined #linode
20:14-!-eyepulp is "eyepulp" on #linode
20:14<William>When between jobs that was actually an idea I had, but thankfully the $5 Nanode keeps things afloat on a tiny budget.
20:15<millisa>why not both? (I have been playing with these on pi3b+'s recently, and they work great)
20:16<millisa>you can still get to the 40 pin, it still fits in all cases, and you can dangle them off a poe switch without any extra dongles for the poe
20:17<William>If I encounter an outage that lasts more than a few hours, I will find an alternative.
20:18<William>Just staying away from Vultr as their parent company doxed me a few years ago for reporting a shock site to their abuse.
20:21<William>By the way, anyone notice that last week OpenSSL 1.1.1 LTS with TLS 1.3 support got released in full?
20:22-!-eyepulp [] has quit [Ping timeout: 480 seconds]
20:22<MrPPS>William: a company doxed you?
20:23<MrPPS>that sounds like bizarre behaviour, assuming we're referring to standard dox; collect + release online?
20:24<William>They released my contact info to the site owner who posted it in their forum, as well as the MyWOT forum before the moderators there took it down.
20:25<MrPPS>Ah righto, so not quite as much doxing as just bad handling practices
20:25<MrPPS>Very concerning that they'd do that though
20:25<William>Of course Linode treats abuse reports with strict confidentiality?
20:26<MrPPS>I would have no idea, but I would hope/imagine most companies would
20:27<millisa>That depends if you consider putting stuff up on stall walls doxxing or not
20:31<dwfreed>William: if you send Linode an abuse complaint that includes information that needs to be forwarded on to the customer, it's going to get forwarded on, unredacted
20:31<William>Does that include personal contact information?
20:31<dwfreed>depends on the situation
20:32<dwfreed>for DMCA complaints, it definitely does, as that's required by the DMCA
20:32<William>Suppose I report a site involved in hate speech or the sale of illicit goods, would my contact information be shared?
20:32<dwfreed>Not likely
20:36<MrPPS>William: if you're ever concerned anyway, you can always submit real logs with fake contact info (provided you're not legally obligated to provide correct info, such as in a DMCA)
20:40*nate wonders if qualys updated their test for final TLS 1.3 yet
20:40<William>Current version is still Draft-28, just tested a few minutes ago.
20:41<nate>Yeah just checked as well, odd
20:41<nate>wonder why they're taking a while, the only real difference between the final and draft 28 to my understanding is the general protocol declaration
20:42<nate>I really wish they would re-balance their key exchange and cipher strength 'values' too
20:42<dwfreed>they talked about completely redoing their scoring; did they ever actually implement that?
20:43<dwfreed>and that was years ago...
20:43<William>It appears they haven't yet; TLS 1.0 is still not penalized.
20:43<nate>You still only get 100% on cipher strength if you do purely 256-bit ciphers (which w/ RSA isn't technically better)
20:43<nate>William: You sure? I thought TLS 1.0 docked you a smidge of protocol support
20:43<nate>like 10 points or something
20:44<dwfreed>fun fact: 128 bit AES is not less secure than 256 bit AES
20:44<William>I meant the letter grade; it doesn't penalize 3DES either, as long as it isn't prioritized.
20:44<nate>dwfreed: That's what I meant
20:44<dwfreed>current cryptanalysis research has found weaknesses in reduced-round 256 bit AES that does not work for 128 bit AES
20:45<nate>William: I thought it flagged 3DES as 'weak' w/ RC4 now
20:45<nate>dwfreed: I shoulda said AES instead of RSA, apologies :P
20:46<nate>I actually dropped 256-bit AES ciphers from my line up and placed the 128-bit ones under other things like poly
20:46<nate>though I recently also put in ARIA to play with
20:47*nate would drop 128-bit AES CBC as well but some goofy stuff *cough*IE*cough* still uses it
20:47<nate>Oh apparently safari too, odd
20:47<nate>or well older safari
20:49-!-tmberg [] has quit [Remote host closed the connection]
20:50-!-tmberg [] has joined #linode
20:50-!-tmberg is "tmberg" on #dfri_se #linode
20:52-!-VladGh [] has quit [Ping timeout: 480 seconds]
20:53-!-acald3ron [] has joined #linode
20:53-!-acald3ron is "Armando" on #linode #debian-next #debian-mx #debian-es
20:54<linbot>New news from community: Obtain a list of image and plan types using Linode API/CLI? <>
21:00<William>My boss still uses IE.
21:02<LouWestin>William: Not edge?
21:02<William>Company policy to use Windows 7 because of some crusty old program they refuse to upgrade.
21:02<William>And possibly company policy to use IE.
21:02<William>Hopefully that info wasn't covered by my employment NDA...
21:04<dwfreed>that can't exactly be covered by NDA
21:05<dwfreed>considering that information is leaked to every website you visit ever
21:06<LouWestin>7 isn’t too bad then.
21:08<LouWestin>Just don’t say your company’s name.
21:08<William>You never know; it is a machine shop and they don't even have a proper IT department.
21:08<LouWestin>That’s typical.
21:09<LouWestin>The hospital I work at still runs Windows 7.
21:10<Peng>Taylor Swift does not approve
21:12<William>Of course IE doesn't warn you when you enter passwords into a plaintext site.
21:15<Peng>Does your company consider that a feature or a bug?
21:16-!-eyepulp [] has joined #linode
21:16-!-eyepulp is "eyepulp" on #linode
21:17<William>I never asked, and am afraid to do so.
21:18<William>Last workplace retaliated against me for telling them their mailserver was insecure.
21:18*nate still prefers Win7 so
21:18<William>They had an unsecured XP computer out on the production floor.
21:18<nate>Well I don't mind Win8 but it only feels functional if you got a touch screen
21:18<William>Still not an excuse to support SSL2 on the mailserver.
21:19<nate>William: I mean XP will do TLS1.0, shitty 1.0 but still yeah
21:19<nate>depending what they're doing, could tell them they could potentially be violating PCI-DSS
21:19<nate>at which point it becomes a potential fine-inducing problem
21:19<nate>usually that motivates a lot of companies
21:21<William>Probably in the case of that company, contact the DoD.
21:21-!-eyepulp [] has quit [Remote host closed the connection]
21:22<William>And that XP computer had the last working version of Chrome on it so it was TLS 1.2 enabled. Supervisor didn't like the fact it showed a red triangle and crossed out https:// since in 2017 it had a SHA1 certificate, so he preferred the Windows 7 computer with IE until Windows Update sent an update to block SHA1 certificates.
21:40-!-William [~oftc-webi@2604:6000:1509:e032:897c:36:a961:2bcb] has quit []
23:05-!-acald3ron [] has quit []
---Logclosed Thu Sep 20 00:00:57 2018