IRC Networks
Irc Logs Stats
Start date: 2007-09-27 02:48:27
Last update: 2008-10-24 20:19:38
Channels: 41
Logged Lines: 6230436
Size: 1825.82 MB
Powered by
Channel Info
Network: freenodeChannel: #macosx |
Search in www.irclog.org
Log from #macosx at freenode 2006-08-03
[10:06]<wjgcgu>!
[10:06]<zllzggvyag>!!!
[10:15]<sgrg->http://www.onedigitallife.com/2006/08/02/wwdc-2006-banner/
[10:16]<sgrg->anyone recognize the icon there between automator and spotlight? guess its a new app
[10:16]<vrfcgg>hi everybody
[10:23]<jgncj>hey kids
[10:23]<jgncj>i need f33db4cK
[10:24]<uppmje>you need milk. ;)
[10:24]<jgncj>mmm milk
[10:25]<jgncj>http://70.114.145.151:4240/
[10:25]<wjgcgu>...
[10:25]<wjgcgu>whi should i touch that
[10:25]<wjgcgu>why
[10:25]<jgncj>it's my virus page yo
[10:26]<jgncj>it'll infect your mac
[10:26]<jgncj>even linux
[10:26]<wjgcgu>...
[10:26]<wjgcgu>you are infected by stupidity
[10:26]<wjgcgu>yes
[10:26]<wjgcgu>even human
[10:26]<jgncj>i want to make sure my exploit is robust enough
[10:26]<jgncj>before i release it on he wild
[10:26]<jgncj>so help me test it
[10:26]<wjgcgu>exploit cannot be generic for linux or mac
[10:26]<jgncj>if it works... i'll know... :)
[10:26]<wjgcgu>you say scam/shit
[10:26]<jgncj>wonknu: you obviously know nothing about byte-compiled shellcode!
[10:26]<uppmje>It does not work with lynx.
[10:27]<wjgcgu>oneko, probably..
[10:27]<jgncj>anyway
[10:27]<jgncj>it's my test blog
[10:27]<jgncj>i want feedback on the design/layout
[10:27]<jgncj>it's RubyOnRails powered
[10:27]<wjgcgu><wonknu> you are infected by stupidity
[10:27]<wjgcgu>this is my feedback
[10:28]<uppmje>you use javascript, this is a design flaw.
[10:28]<jgncj>no
[10:28]<jgncj>nothing wrong with javascript
[10:28]<jgncj>i need it for my AJAX shit
[10:29]<jgncj>plus, it has full fallbacks for JS disabled
[10:30]<uppmje>In general I hate js, I have it disabled in almost all of my browsers. It was too risky in the last years.
[10:31]<jgncj>javascript is very powerful if you use it well
[10:31]<jgncj>it's a misunderstood language
[10:31]<uppmje>If not, the browser is compromised.
[10:32]<jgncj>i'd like to know exactly which browser exploits you're talking about in 2006.
[10:33]<uppmje>I stopped following any exploits in 2004, i simply take care for disabling it. I use around 3 different browsers with javascript capabilities, I don't have the time any more to have differing configurations for every exploit.
[10:34]<uppmje>Subject: ZDI-06-025: Mozilla Firefox Javascript navigator Object Vulnerability
[10:34]<uppmje>Date: Wed, 26 Jul 2006 15:42:35 -0700
[10:34]<uppmje>That's what I found on my mailinglists so far.
[10:35]<jgncj>doesnt say the vulnerability
[10:35]<uppmje>This vulnerability allows attackers to execute arbitrary code on
[10:35]<uppmje>vulnerable installations of the Mozilla Firefox web browser.
[10:35]<jgncj>give me a link
[10:35]<uppmje>http://www.zerodayinitiative.com/advisories/ZDI-06-025.html
[10:35]<jgncj>the conditions for vulnerability is probably like 0.1%
[10:36]<uppmje>That is too much.
[10:36]<jgncj>User interaction is required to exploit this vulnerability in that the target must visit a malicious page.
[10:36]<jgncj>= non issue
[10:36]<uppmje>rofl
[10:37]<jgncj>:)
[10:37]<uppmje>oneko: People like you are probably the reason why so many spamming boxes are out there.
[10:37]<uppmje>I consider the assumption, the user is smarter than exploiter as inherently wrong.
[10:37]<wjgcgu>hey oneko do you know what retintolibc is ?
[10:37]<jgncj>I've never had security issues
[10:38]<jgncj>btw i was joking about non issue :P
[10:38]<wjgcgu><oneko> I've never had security issues < or you have never known
[10:38]<wjgcgu>that's different
[10:40]<jgncj>eh
[10:40]<zudl>
[10:40]<jgncj>i take reasonable enough precautions
[10:40]<wjgcgu>you're on irc
[10:40]<uppmje>but howevr, js is widespread and often used without producing any damage. So it is not generally evil, but the implementation is not at that level as it should be.
[10:40]<jgncj>as are you
[10:40]<wjgcgu>you give your serv port and ipaddress
[10:40]<zudl>i am gonna move my dock bar around but is there any way i can backup which icons are on there
[10:40]<wjgcgu>i don't think it is enough precaution
[10:41]<jgncj>the only port open besides ssh is the one i jsut gave you
[10:41]<jgncj>which is temp :P
[10:41]<wjgcgu>paranoia != security
[10:41]<wjgcgu>:)
[10:42]<jgncj>there's absolute security
[10:42]<jgncj>then there's real world security
[10:42]<jgncj>it's a comprimise
[10:42]<jgncj>so anyway
[10:42]<jgncj>i think javascript is a fair comprimise
[10:43]<jgncj>it simplifies many things in the world
[10:46]<uppmje>I still follow the philosphie, to present xhtml1-strict to the browser. Any dynamic content is generated on server-side.
[10:46]<jgncj>i code for XHTML strict
[10:46]<jgncj>i havent audited my site yet, tho
[10:47]<jgncj>but it should pass with maybe a few small updates
[10:47]<uppmje>I mean plain, no js and the like. Additionally I see problems with portability across different browsers. They interprete a fair amount of the standard different.
[10:48]<jgncj>oh, looks like i used the dreaded <center> element once :P
[10:48]<jgncj>ulfdoz: i only use JS to modify presentation in a slicker way
[10:48]<jgncj>everything I do works 100% fine with JS disabled
[10:48]<jgncj>just makes for more server/client interaction
[10:48]<jgncj>more page reloads
[10:58]<zudl>i am gonna move my dock bar around but is there any way i can backup which icons are on there
[10:59]<zyzxzzmp>moo
[10:59]<zyzxzzmp>oneko: evening, long time no see
[11:03]<zudl>anyone getting album art in QS on intel
