[01:15:57] *** Joins: sea (6c5559fe@gateway/web/freenode/ip.108.85.89.254)
[01:16:21] *** sea is now known as Guest16403
[01:16:42] *** Quits: Guest16403 (6c5559fe@gateway/web/freenode/ip.108.85.89.254) (Client Quit)
[02:10:32] *** Joins: JB (ae74af14@gateway/web/freenode/ip.174.116.175.20)
[02:22:06] <JB> test
[02:51:30] <vishwin> tsst
[03:48:00] *** Quits: JB (ae74af14@gateway/web/freenode/ip.174.116.175.20) (Ping timeout: 252 seconds)
[09:47:17] *** Joins: majora (~majora@205.204.23.189)
[10:28:27] *** Quits: nsgomez (~nsgomez@2001:19f0:5c00:8965:22f2:77ed:e053:d8be) (Remote host closed the connection)
[10:29:13] <majora> how does MHacks' site/ process always fuck up
[10:29:32] <majora> you'd think after being at it for so long they'd just have it down or make a site that is refined enough
[10:29:33] <majora> lmao
[10:39:48] *** Joins: nsgomez (~nsgomez@2001:19f0:5c00:8965:22f2:77ed:e053:d8be)
[11:00:33] *** Quits: majora (~majora@205.204.23.189) (Quit: Leaving)
[12:24:19] *** Joins: majora (~majora@199.87.224.40)
[12:31:14] *** Joins: vishwin60 (~thinktab@wikimedia/O)
[12:40:44] <majora> oh this is cool <https://github.com/inversepath/usbarmory>
[12:40:45] <yossarian-bot> Title: inversepath/usbarmory · GitHub
[12:41:50] <iangcarroll> neat
[12:50:30] *** Quits: majora (~majora@199.87.224.40) (Quit: Leaving)
[12:55:19] *** Quits: vishwin60 (~thinktab@wikimedia/O) (Quit: ¢£A$$I¢)
[13:50:15] *** Joins: Xaradas (~Xaradas@vpn.aslteramo.it)
[14:16:22] *** Quits: Xaradas (~Xaradas@vpn.aslteramo.it) (Quit: Going offline, see ya! (www.adiirc.com))
[15:31:43] *** Joins: majora (~majora@205.204.23.189)
[17:35:59] <sivoais> apparently adding exclamation marks to place names is a thing <https://github.com/patch/i18n-testing/blob/master/place-names.tsv>
[17:36:00] <yossarian-bot> Title: i18n-testing/place-names.tsv at master · patch/i18n-testing · GitHub
[18:03:53] <gsingh93> lol: https://code.google.com/p/google-security-research/issues/detail?id=693
[18:03:54] <yossarian-bot> Title: Issue 693 - google-security-research - TrendMicro node.js HTTP server listening on localhost can execute commands - Google Security Research - Google Project Hosting
[18:04:46] <iangcarroll> gotta love trend micro
[18:05:08] <iangcarroll> though the fix window isn't bad, even if it ends up just using domain whitelisting
[18:09:13] <gsingh93> domain whitelisting is a good temporary patch
[18:09:23] <gsingh93> but there are ways to bypass it
[18:09:39] <gsingh93> the correct solution is really just to do a complete audit, like tavis is suggesting
[18:10:16] <iangcarroll> yeah
[18:18:48] <sivoais> woooow... and these devs work at an infosec company...
[18:20:08] <iangcarroll> you'd be surprised how bad antivirus software can be :p
[18:20:28] <iangcarroll> i think it was project zero that found an XSS when avast detected something
[18:20:46] <iangcarroll> https://code.google.com/p/google-security-research/issues/detail?id=546
[18:20:47] <yossarian-bot> Title: Issue 546 - google-security-research - Avast Antivirus: X.509 Error Rendering Command Execution - Google Security Research - Google Project Hosting
[18:25:59] <gsingh93> wow...
[18:26:03] <gsingh93> and it's tavis again too
[18:26:42] <gsingh93> how do they get to RCE though?
[18:27:01] <iangcarroll> tavis has been auditing AVs for a few months now and it's amusing lol
[18:27:45] <iangcarroll> maybe he did window.open on a file path?
[18:27:47] <iangcarroll> idk
[18:28:18] <iangcarroll> yeah
[18:28:36] <iangcarroll> "Subject: C=US, ST=CA, L=Mountain View, O=Google, OU=Project Zero, CN=<a href="file:///c:/Windows/System32/calc.exe">\x0D\x0A<img src="http://www.troll.me/images/are-you-fucking-kidding-me/srsly.jpg" />\x0D\x0A</a>\x0D\x0A<h1><a href="file:///c:/Windows/System32/calc.exe">Click Here</a></h1>"
[18:30:35] <gsingh93> oh duh
[18:30:38] <gsingh93> good call
[19:24:07] *** Quits: majora (~majora@205.204.23.189) (Quit: Leaving)
[19:30:47] *** Joins: thmsmlr (81617c4e@gateway/web/cgi-irc/kiwiirc.com/ip.129.97.124.78)
[19:32:46] <thmsmlr> Hey peeps, question for y'all what're your favourite IRC clients?
[19:33:00] <iangcarroll> I like irccloud.com and Textual for OS X.
[19:33:06] <m0shbear> irssi in a screen session over ssh
[19:33:28] <vishwin> irssi has a slight lead over chatzilla for me
[19:33:55] <m0shbear> >not needing x11 is a "slight" lead
[19:34:04] <vishwin> actually no
[19:34:25] <vishwin> there are two braindamages of chatzilla, but X ain't one
[19:35:13] <vishwin> can't connect to the same server/port combo more than once, no native SASL support
[19:46:08] <thmsmlr> Hmm, I was thinking irssi, but i'm not sure i'm motivated to do all the work to get things like notifications working natively with my Mac
[19:46:38] <thmsmlr> Couldn't stand Textual or that other Mac one, they were clearly built ontop of web technologies, and have major UI lag
[19:46:46] <thmsmlr> (at least last time I used them)
[19:46:59] <thmsmlr> irc cloud.com sounds appealing though
[19:47:03] <thmsmlr> Thanks iangcarroll
[19:47:18] <iangcarroll> Textual definitely isn't (?)
[19:47:25] <vishwin> irccloud is a bouncer service provider
[19:47:27] <iangcarroll> it runs perfectly for me, and it definitely looks native
[19:47:35] <iangcarroll> with a great client :p
[19:47:39] <vishwin> they're set up to make money, but they have a free account
[19:47:56] <vishwin> they kick free users off after some inactivity time :-\
[19:48:13] <iangcarroll> well, yeah, but your client kicks you off after you turn your computer off instantly :p
[19:48:37] <iangcarroll> you don't actually have to be active; whenever irccloud is open on my mac it stays connected
[19:48:42] <vishwin> right
[19:48:49] <vishwin> that's what I meant
[19:48:56] <thmsmlr> Hmm, it definitely was laggy when I used it a year ago, but who knows, maybe they fixed their bugs
[19:49:21] <thmsmlr> I like the idea of a browser IRC client though
[19:49:40] <thmsmlr> IRC is not something I plan on customizing enough to warrant some fancy terminal setup
[19:49:48] <vishwin> wouldn't work with browsers that don't have a javascript interpreter
[19:49:49] <vishwin> like lynx
[19:50:00] <vishwin> which I use fairly regularly
[19:50:10] <thmsmlr> Actually?!
[19:50:19] <vishwin> yes
[19:50:21] <thmsmlr> I'm a Safari, or wget kind of guy :P
[19:50:30] <vishwin> sometimes I don't have a GUI at my disposal
[19:50:39] <vishwin> sometimes life is better without the GUI
[19:50:53] <iangcarroll> mouses 4 life
[19:51:19] <vishwin> you could get away with windows 1.01 without a mouse
[19:51:29] <m0shbear> iangcarroll: webdevs don't count
[19:51:35] <iangcarroll> :(
[19:51:43] <iangcarroll> what if I do security stuff too
[19:51:50] <m0shbear> thmsmlr: telnet for http and curl for https
[19:52:05] <vishwin> sometimes I mess with IRC with telnet
[19:52:21] <m0shbear> irc over telnet is pretty chill; just don't miss the server pings
[19:52:26] <vishwin> yeah
[20:04:28] <sivoais> wrap it in expect(1) ;-)
[20:05:00] <m0shbear> sivoais: tcl is cheating
[20:27:31] <iangcarroll> wow
[20:27:32] <iangcarroll> https://twitter.com/petertoddbtc/status/686362883756695553
[20:27:33] <yossarian-bot> Title: Peter Todd on Twitter: "With my doublespend.py tool with default settings, just sent a low fee tx followed by a high-fee doublespend. https://t.co/RjPKNuAjy4"
[20:27:36] <iangcarroll> i wonder if this is real
[20:27:59] <iangcarroll> he said he bought someone else reddit gold via coinbase with this attack
[20:28:12] <iangcarroll> https://twitter.com/Disruptepreneur/status/686358988523319296
[20:28:13] <yossarian-bot> Title: Jeremy Gardner on Twitter: "1. At 2:30 this morning @petertoddbtc committed a double-spend attack on @Coinbase by buying me Reddit gold and then redirected the payment"
[21:08:31] <iangcarroll> https://mail.mozilla.org/pipermail/persona-notices/2016/000005.html D:
[21:08:32] <yossarian-bot> Title: Shutting down persona.org in November 2016
[21:39:47] *** Joins: vrew (44c19736@gateway/web/freenode/ip.68.193.151.54)
[21:42:36] *** Quits: vrew (44c19736@gateway/web/freenode/ip.68.193.151.54) (Client Quit)
[22:04:03] <arirawr> waiting for ruby gems to install....anyone want to entertain me? :P
[22:16:46] *** Quits: thmsmlr (81617c4e@gateway/web/cgi-irc/kiwiirc.com/ip.129.97.124.78) (Quit: http://www.kiwiirc.com/ - A hand crafted IRC client)
[22:36:12] *** Joins: majora (~majora@205.204.23.189)
[22:48:49] <sivoais> download the bb package and play it :-)
[22:53:01] <sivoais> here's a video instead <curl  -LH "Accept: application/x-research-info-systems" 'http://dx.doi.org/10.7910/DVN/29381' 'http://dx.doi.org/10.7910/DVN/MD2UM1'>
[22:53:02] <yossarian-bot> Title: Unknown
[22:53:04] <sivoais> woops
[22:53:14] <sivoais> <https://www.youtube.com/watch?v=FLlDt_4EGX4>
[22:53:15] <yossarian-bot> Title: Ascii AA Project BB Demo - 1080 HD
[23:02:20] *** Joins: thmsmlr (4b77fb84@gateway/web/cgi-irc/kiwiirc.com/ip.75.119.251.132)