Monday, 2016-11-07

*** m_w <m_w!> has joined #minnowboard02:21
*** metastableB_ <metastableB_!~metastabl@> has quit IRC03:32
*** metastableB <metastableB!~metastabl@> has joined #minnowboard03:34
*** m_w <m_w!> has quit IRC05:27
*** vstehle <vstehle!> has joined #minnowboard06:00
*** zz_ka6sox is now known as ka6sox06:37
*** agust <agust!> has joined #minnowboard06:59
*** _franck_ <_franck_!527f6536@gateway/web/freenode/ip.> has joined #minnowboard08:21
*** __av500__ is now known as av50008:48
*** bluelightning <bluelightning!~paul@pdpc/supporter/professional/bluelightning> has quit IRC10:19
*** wmarone <wmarone!> has quit IRC10:59
*** wmarone <wmarone!> has joined #minnowboard10:59
*** lamego <lamego!jose@nat/intel/x-qgrsgtrncupfekue> has joined #minnowboard13:56
*** tripzero <tripzero!~tripzero@> has quit IRC14:38
* Bitweasil yawns14:40
BitweasilMorning, all.14:40
*** martinr__ <martinr__!sid104431@gateway/web/> has joined #minnowboard15:42
*** martinr <martinr!sid104431@gateway/web/> has quit IRC15:42
*** martinr__ is now known as martinr15:43
*** pidge <pidge!~pidge@2001:41d0:a:5dc5::> has quit IRC15:43
*** Rjmendez_ <Rjmendez_!sid132888@gateway/web/> has quit IRC15:43
*** ALicinio <ALicinio!sid115539@gateway/web/> has quit IRC15:43
*** Rjmendez_ <Rjmendez_!sid132888@gateway/web/> has joined #minnowboard15:43
*** pidge <pidge!> has joined #minnowboard15:48
*** ALicinio <ALicinio!sid115539@gateway/web/> has joined #minnowboard15:55
*** martinr <martinr!sid104431@gateway/web/> has quit IRC15:57
*** ka6sox is now known as zz_ka6sox16:00
*** Rjmendez_ <Rjmendez_!sid132888@gateway/web/> has quit IRC16:00
*** martinr <martinr!sid104431@gateway/web/> has joined #minnowboard16:01
*** Rjmendez_ <Rjmendez_!sid132888@gateway/web/> has joined #minnowboard16:02
*** dscully <dscully!~dscully@> has joined #minnowboard16:38
*** _franck__ <_franck__!527f6536@gateway/web/freenode/ip.> has joined #minnowboard16:47
*** _franck_ <_franck_!527f6536@gateway/web/freenode/ip.> has quit IRC16:51
*** m_w <m_w!> has joined #minnowboard17:36
warthog9'morning Bitweasil17:44
warthog9i won't claim it's "good" on account of it being Monday, and being exhausted ;-)17:44
ecdhewarthog9, did you get an extra hour of sleep this weekend? Or are you in a anti-dst state?18:09
*** clsulliv <clsulliv!~clsulliv@> has joined #minnowboard18:31
warthog9ecdhe: I got the extra hour18:32
warthog9but sadly, not of sleep18:32
warthog9Personally I'd be happy to be in one of the anti-dst states18:33
*** bluelightning <bluelightning!~paul@pdpc/supporter/professional/bluelightning> has joined #minnowboard18:55
*** harisu <harisu!uid137087@gateway/web/> has joined #minnowboard19:02
ecdheMe too, I'd be glad to see DST removed nation wide.  Nobody has asked me, though.19:15
warthog9ecdhe: that's 'cause they don't ask sane/normal/folks like us ;-)19:35
warthog9(noting that 'sane' is probably used very relatively, at least in my case)19:35
ecdhewarthog9, have you looked into badgereader setups any more?19:54
ecdheI hear the yubikey neo has an NFC interface, could be great for access controls.  I'm familiar with the HID Millenium system now, but it seems like anyone with some basic arduino skills could build a spoofer for that.19:55
warthog9ecdhe: I haven't dug back into them recently19:55
ecdheA bluetooth-managed deadbolt is secure against key forgery... until it isn't.19:56
warthog9ecdhe: yup19:56
warthog9that being said, keys on doors are laughable from a security perspective19:57
warthog9since most key locks are not nearly as secure as everyone would like to think19:57
BitweasilOh, come on.  It takes at /least/ a few seconds to bump pick one.20:11
ecdheIt's just nice when your lock is based on strong cryptographic primitives...20:12
BitweasilYeah, the side channels in implementation that leak the key don't matter. ;)20:12
ecdheThe badge solutions from billion dollar vendors are vulnerable to replay attacks...  access is controlled on the basis of a badge's ability to repeat a number in the clear.20:13
ecdheAnyone with an RTLSDR and an upconverter can get every access code used all day, whether through skimming or a hi gain antenna20:14
ecdheBy simply replaying those codes you could gain access as any account which you overhear authenticating.20:15
BitweasilI'm quite aware.20:16
warthog9I'm actually surprised that there aren't more rfid type cards that do a challenge response OTP type negotiation out there21:56
*** harisu <harisu!uid137087@gateway/web/> has quit IRC22:23
*** agust <agust!> has quit IRC22:51
*** vstehle <vstehle!> has quit IRC23:05
*** tripzero <tripzero!~tripzero@> has joined #minnowboard23:15
*** lamego <lamego!jose@nat/intel/x-qgrsgtrncupfekue> has quit IRC23:30

Generated by 2.11.0 by Marius Gedminas - find it at!