stryngs has left #neo900 [#neo900]
<Psykus> yeah that's one of the irritating things about it. i typically just use an account from bugmenot to browse it
<Psykus> heh, seems like they check the referrer and let you in without a login if you're coming from google results
<DocScrutinizer05> duh!
<DocScrutinizer05> I guess my browser failed on that then. Or maybe you are logged in on google?
<DocScrutinizer05> or it's the cookies I blocked
<Psykus> well as soon as I clicked anywhere else it asked me to login. I was clicking on individual product results from google
<Psykus> their excuse seems to be to prevent price scrapers like amazon does sometimes "In order to offer the lowest prices for products requested by the community, most of our vendors require that we be a members-only site. This allows us the ability to list great products for our community members."
corvinux has quit [Ping timeout: 260 seconds]
AndrewX192 has quit [Ping timeout: 260 seconds]
robotanarchy has joined #neo900
robotanarchy_ has quit [Ping timeout: 276 seconds]
AndrewX192 has joined #neo900
raoulzecat has quit [Ping timeout: 244 seconds]
raoulzecat has joined #neo900
DocScrutinizer05 has quit [Disconnected by services]
DocScrutinizer05 has joined #neo900
pagurus has quit [Ping timeout: 276 seconds]
illwieckz has quit [Quit: Ça va couper chérie…]
illwieckz has joined #neo900
<DocScrutinizer05> [notice] since 03:49h 2016.04.18 our https service is out of order (actually moved to port 444 for unknown reasons). We're working on it and are sorry for the inconvenience
jonsger has joined #neo900
jonsger has quit [Client Quit]
<x29a> different service at 443 which blocks the port?
<DocScrutinizer05> nope
<DocScrutinizer05> it's a tad obscure what's going on
<DocScrutinizer05> looks like a typo
<DocScrutinizer05> or a configuration oopsie of the more twisted kind
<DocScrutinizer05> maybe there was a service on 443 and the service on 444 was always there but not meant to be active, and now the 443 service went south unnoticed and we look at it and say "oh, how did that service move from 443 to 444?"
<x29a> lol
<DocScrutinizer05> we'll have to wait for dos1 looking into it
<DocScrutinizer05> on current server we had a somewhat twisted mix of apache and nginx, since the shop doesn't work with plain nginx in this config
<DocScrutinizer05> 444 is nginx
<DocScrutinizer05> apache seems gone
<DocScrutinizer05> hellekin looked into the reported IPv6 issue and I dunno what he did
<DocScrutinizer05> to make matters worse, I don't have IPv6 here to check
rjeffries has quit [Ping timeout: 264 seconds]
freemangordon_ has joined #neo900
paulk-aldrin has joined #neo900
modem has joined #neo900
corvinux has joined #neo900
corvinux has quit [Client Quit]
corvinux has joined #neo900
mzki has joined #neo900
bredebid2 has joined #neo900
corvinux has quit [Ping timeout: 250 seconds]
pagurus has joined #neo900
<DocScrutinizer05> [notice] fixed
useretai- has joined #neo900
kodomo_ has joined #neo900
quatrox has joined #neo900
rweichle1 has joined #neo900
wpwrak_ has joined #neo900
wpwrak has quit [Disconnected by services]
useretail has quit [Ping timeout: 260 seconds]
kodomo has quit [Ping timeout: 260 seconds]
jake42 has quit [Ping timeout: 260 seconds]
rweichler has quit [Ping timeout: 260 seconds]
x29a has quit [Ping timeout: 260 seconds]
jake42 has joined #neo900
x29a has joined #neo900
corvinux has joined #neo900
jonwil has joined #neo900
jonwil has quit [Quit: ChatZilla 0.9.92 [SeaMonkey 2.40/20160120202951]]
jonsger has joined #neo900
wpwrak_ is now known as wpwrak
corvinux has quit [Ping timeout: 250 seconds]
corvinux has joined #neo900
bredebid2 has quit [Ping timeout: 246 seconds]
raoulzecat has quit [Ping timeout: 250 seconds]
raoulzecat has joined #neo900
bredebid has joined #neo900
rjeffries has joined #neo900
corvinux has quit [Ping timeout: 240 seconds]
freemangordon_ has quit [Quit: Leaving.]
heinrich5991 has quit [Ping timeout: 260 seconds]
heinrich5991 has joined #neo900
heinrich5991 has quit [Ping timeout: 246 seconds]
heinrich5991 has joined #neo900
Pali has joined #neo900
panais has quit [Ping timeout: 260 seconds]
panais has joined #neo900
SylvieLorxu has joined #neo900
l_bratch has joined #neo900
qwazix has quit [Ping timeout: 276 seconds]
qwazix has joined #neo900
xray256 has quit [Ping timeout: 276 seconds]
xray256 has joined #neo900
raoulzecat has quit [Ping timeout: 260 seconds]
jambooner has joined #neo900
<jambooner> Hi, I wanted to write an article on the neo900 but there was something I wanted to clarify. Which member was it that used to do contract work for NSA and then left and started working full time on the neo900 project?
<jambooner> IIRC his work was dealing with the modem.
Guest24524 is now known as pigeons
<wpwrak> dos1: is there something we don't know about you ? :)
jurov has quit [Ping timeout: 260 seconds]
jurov has joined #neo900
<jambooner> hi dos1 , how much do you charge for a simple interview?
<dos1> wpwrak: you know, those pesky NDAs... ;)
<jambooner> lol @ inside jokes, I have friends who work at Booz A H too
<dos1> jambooner: joking aside, where have you got that info? I don't think it's even close to being true
<dos1> :D
<jambooner> hackernews
<jambooner> oh
<wpwrak> then is must be joerg. hah, he had us all fooled ! :)
<jambooner> Is the only way where the modem cant be turned on, to where it can be turned on, where a team is funded via RAND for example, and has 10,000x the the budget neo9000 has to make the modem be able to turn on?
<jambooner> eg. people who can put a team together of people who make the tools that neo900 uses
<jambooner> from the languages to hardware
<dos1> "dealing with modem" part could be somehow about Joerg actually, but it definitely wasn't at NSA :P
<dos1> jambooner: could you rephrase?
<jambooner> It seems the neo900 is designed in a way where the modem cant be turned on, and then the mic, unlike all phones that are out right now which can be remotely turned on even if the phone is powered down. If someone wanted to circumvent this, and has billion dollar budgets eg. RAND, and can commission a team in a matter of few months (people who invent programming languages, and do breakthru hardware), is that pretty much the only s
<dos1> well, of course the easiest way to break into Neo900 is to break into the software user is running
<dos1> just like on PC
<dos1> you're free to run whatever you want to, so you can also run vulnerable stuff if you're not careful enough
<jambooner> you mean at app/program level, and not at OS level?
<dos1> jambooner: if you're determined enough you can run any OS you want, to that could be also true on OS level
<dos1> again, exactly like on your PC
<dos1> but from the hardware design, the modem itself cannot just request the microphone nor touch anything inside your OS
<jambooner> how are the current phones being turned on when they are in pseudo sleep and then the mic turned on?
<dos1> and you can cut the power off anyway
<jambooner> i guess the psedo sleep...but why arent Android people saying anything?
<jambooner> I guess its like linux faggots who are blind to seeing it being an IBM project
<jambooner> the kernel
<dos1> jambooner: any modem has its own firmware, which generally runs in parallel to your main OS, like Android
<jambooner> ah, so ..its pretty much ...where you have to be a billionaire that has a factory for the fabrication
<jambooner> which nobody really has lol
<jambooner> its like intel cpus which may have backdoors and nobody has money to spend on verifying?
<dos1> so basically, if the modem is connected directly to the microphone (or RAM or anything else), it's just a matter of its software to do anything it wants in its "pseudo sleep"
<jambooner> so why isnt the Android community demanding a phone .eg from Google where they dont have the modem directly tied to soemthing
<jambooner> that can imply easy surveilance
<dos1> and modem firmwares have already been shown to be vulnerable and exploitable many times
<jambooner> vulnerable on purpose I guess
quatrox has quit [Quit: Leaving]
<dos1> maybe, sometimes it's hard to distinguish malice from incompetence ;)
<jambooner> typical linux fan who works 9-5 in a cubicle will always think its incmpetence
<dos1> and of course, it works both ways
<dos1> well, I guess the public awareness is rather low
<jambooner> the neo900 will use the Android kernel?
<dos1> from time to time you can see articles "there's a hidden second OS in your modem!" circulating hacker news, slashdot etc. and there are always lots of surprised people
<jambooner> dos1: surprised reaction shows a sign of stupidity
<jambooner> and slave-like
<dos1> the Neo900 is an open platform, so nothing will stop you from using Android kernel if you want
<dos1> but the basic kernel should be closer to mainline than anything android-y
<jambooner> if I wanted to use openbsd on neo900, and I only know basic js/python, I pretty much would have to amass a million dollar budget correct?
<jambooner> to commission it out
<pigeons> no i'll do it much much cheaper
<dos1> I don't think it would be this expensive :P
<jambooner> is the work mainly with drivers?
<pigeons> yes
<pigeons> oh wait what architectures does openbsd support
<amatus> a bit of bootloader work too
<dos1> I think there was somebody who already launched some BSD kernel (FreeBSD?) on Nokia N900
<pigeons> but still i'll do it much cheaper
<jambooner> do you have a guesstimate figure? I may want to put a crowdfunding campaign , where the audience is celebrities who I am connected to (Gucci Mane-like people)
<pigeons> get them to order some units first
<amatus> i bid 50 BTC for the project
<jambooner> ~22k can get openbsd on a neo900 platform , phone calls, gps?
<jambooner> lol these dudes can sell a key for 22k
<jambooner> jsut 1
<jambooner> but they spend money on bullshit
jambooner has quit [Quit: Page closed]
mzki has quit [Quit: leaving]
rweichle1 is now known as rweichler
tsuggs has joined #neo900
<DocScrutinizer05> dang, I need to ask NSA how far they got with that surface wave communication protocol integrated into the current sensors, LEDs, FETs etc, I don't want to build a prototype with regular non-modified components ;-)
<DocScrutinizer05> backdoored transistors. where's my patent lawyer?
<Arch-TK> backdoored silicon
<Xiaoman> Backdoored atoms
<Xiaoman> NSA can force a certain spin of a few particles in your phone, think about that
raoulzecat has joined #neo900
SylvieLorxu has quit [Quit: ZNC - http://znc.in]
<DocScrutinizer05> I'm actually pondering whom to contract for a hw security audit of our design
<DocScrutinizer05> I mean, the nicest proof would actually be an offer by NSA to take over the company ;-)
<DocScrutinizer05> but then it's prolly not worth the effort for them, after all we're an almost invisible player on the ground. even when one or two worthy targets would be our customers, TLAs could handle those few cases with conventional means
<Pali> BND? :-)
<DocScrutinizer05> mej, those are really stuck in the 1970s
<DocScrutinizer05> actually I'd rather bet on NSA etc being our customers (stealth of course) than them offering to take over the company
<DocScrutinizer05> my GF every now and then warns me that ISIS also might be interested in our device. I don't think so since they prolly rather use "standard applications" to not stick out of the masses, but even if it was true, there's hardly anything I could do
raoulzecat has quit [Ping timeout: 260 seconds]
paulk-aldrin has quit [Quit: Leaving]
<DocScrutinizer05> if somebody under tight NSA surveillance buys a Neo900, odds are those persons rather will fall for a false sense of protection than actually evading any measures the NSA has planned for them
<Pali> yes... I think they will not use non standard solution...
<DocScrutinizer05> Neo900 only helps to avoid mass surveillance
<DocScrutinizer05> any targeted high effort attack won't rely on the phone anyway
<Pali> anyway, what is status of stallman's respect your freedom certification?
<DocScrutinizer05> I don't think they are interested in us, since we are not willing to cripple our modem to forbid user what carrier can do over the air
<DocScrutinizer05> just to ease FSF's mind so they can say "this is not software"
<Pali> they refused to do certification? becuase you are not going to add "restriction" for disabling upgrading firmware?
<DocScrutinizer05> tbh I didn't ask for certification after RMS asked for that "write protect measure"
<DocScrutinizer05> FSF is pretty unambiguous regarding that requirement, in ther RYF specs as well as in mails and conversation
<DocScrutinizer05> so why debate with them? I got other ToDos on my list
<Pali> maybe you should officially ask for certification
<DocScrutinizer05> maybe I don't care
<Pali> and if they refuse, then you can show that whole FSF is doing stupidity!
<Pali> this could be final proof if they are for real "free" software or not
<DocScrutinizer05> I could ask Cinterion for copy permission and prepare a TRM of the modem for FSF that simply doesn't mention neither explain the update path
<DocScrutinizer05> I'm not interesting in proving FSF anything. I honestly got other things to do
<DocScrutinizer05> I take pride in stating "more free than FSF allows"
<Pali> :D
<DocScrutinizer05> s/interesting/interesed/
<Pali> but official statement that phone "is more free then FSF allows" by showing rejected certification can be really useful for everybody
<Pali> everybody can see how FSF is good/bad
<DocScrutinizer05> again I think FSF _is_ good. I just think they got a completely different more political agenda
<DocScrutinizer05> FSF rules are made to convey a message to hw manufs, and we heard it. alas we have no saying in FCC cert rules or modem manuf policies
<DocScrutinizer05> for the user FSF rules / cert is just a statement about political correctness
* Wizzup doesn't get the FSF bashing. It's very clear what he FSF wants and stands for. They're saying the same things for many years, and many things they say make sense
<Wizzup> That haven't said much about hw, just stated that hw that has firmware that can update itself may be bad.
<DocScrutinizer05> we don't agree 100% with this political agenda, or rather with the means to achieve it
<Wizzup> They state that if there is no fw that can be changed, it's more free
<Wizzup> This is in a sense true, but also weird.
<Wizzup> I think that it is hard to agree 100% with the FSF :)
<DocScrutinizer05> exactly
<Wizzup> And I agree that a RYF certification is likely not necessary / useful
<Wizzup> concluding, it also seems time for me to hit the sack :)
<Wizzup> nn
Pali has quit [Remote host closed the connection]
jonsger has quit [Quit: jonsger]
<DocScrutinizer05> night!
deafboy has quit [Ping timeout: 260 seconds]
bredebid has quit [Ping timeout: 250 seconds]
<DocScrutinizer05> one last word about RYF: we could build a Neo900 without modem and without WLAN/BT module, and probbaly get a AAA grade RYF cert for it, with sugar on top. For modem and WLAN/BT we picked the best most free components we reasonably could find (there are _physical_ and _legislation_ limits on how good it gets with those) and I don't see any sense in trying to debate with FSF why *adding* components limits user's freedom or why we should
<DocScrutinizer05> add even more components to *really* limit user's opportunities, just for linguistic sophism
<DocScrutinizer05> ((sophism)) >>it's no software as long as we don't see it<<
* DocScrutinizer05 would really be interested in a hardwired engine that does AT interpreter ;-)
<DocScrutinizer05> so "it walks like a duck, it talks like a duck, it looks and smells and acts like a duck - heck let's agree on this being tuna sandwich from walmart" is not a game I'm going to play. Too silly for me
<DocScrutinizer05> above is the quote of the county duck hunter, when looking over the fence and seeing the ducklings in neighbors garden which he's not allowed to shoot
<DocScrutinizer05> you see FSF err the official hunter claims he's responsible for *all* ducks in this county, so anything he sees which might be a duck and nevertheless he has no saying, clearly must be something other than a duck
<DocScrutinizer05> IOW FSF always failled to define own borders of responsibility domain
<DocScrutinizer05> in a landline phone network, does the domain of a RYF cert end at the cable from handpiece to body of the local phone, or does it extend along one more wire into the exchange, and does it stop there or extend to other exchanges and to all connected phones?
<DocScrutinizer05> and what's the definition of those borders, for example in the case of a landline phone network?
<DocScrutinizer05> FSF used an axiom of "we have a system" and nobody ever defined where that system starts or ends or what defines what the system consists of
<ds2> there is no end. it is everything. they aim to take over the world.
<DocScrutinizer05> exactly
<DocScrutinizer05> that's prone to fail
<ds2> if you read the FAQ for stuff like the GPL, that is pretty much what they are saying
<DocScrutinizer05> it's fine for a political agenda, not for a practical one
tsuggs has quit [Ping timeout: 252 seconds]
<DocScrutinizer05> (landline) pro: 'but the phone is only connected via 2 wires to the exchange'; contra: 'our modem also is connected only with two wires' / pro: 'but your 2 wires are USB'; contra: 'the landline is ISDN' / pro: 'but your landline phone can't update the excange via that wire'; contra: 'how would you prove that?'
<ds2> side question - what part of FCC rules govern wireless telephone services?
<DocScrutinizer05> in this particular case? for GSM, UMTS, LTE?
<ds2> GSM/UMTS/AMPS/etc
<ds2> POTS is part 68 IIRC
<DocScrutinizer05> no idea, I don't know the FCC regulations by heart. I however know that they mandate immutable IMEI (to protect the customer from theft, much like for cars)
<DocScrutinizer05> and that implies you can't mess with the firmware, as long as that firmware handles IMEI in any way
<ds2> someone should defeat that by keeping the cell phone stuff in a tiny module
<ds2> make it high volume and cheap so any theif can swap it out
<ds2> kind of like a GBIC for ethernet
<DocScrutinizer05> I don't think the modem chipset manufs see a worthy business model in that
<ds2> yes, it needs a new player
<ds2> it'd be something along the lines of a SIM+
<ds2> and sell it on environmental lines
<DocScrutinizer05> I'd rather focus on WLAN at this point in time. More valuable target, better chances to actually achieve some improvement
<DocScrutinizer05> WLAN situation massively goes south
<ds2> yes but the #@$@$@#%@#$@# "cell phones" are chewing through spectrum faster then terminites through wood
<ds2> I would much rather see the specturm re-allocated to "IP services" and requiring a seperate company to provide a telco interconnect (i.e. via SIP)
<DocScrutinizer05> so far WLAN chipsets were at least 'free', usually, though not FOSS firmware. Now the EU comisiion(?) and the FCC aim at implementing same firmware lockup on WLAN they already have on modems
<DocScrutinizer05> (("IP services", "SIP")) well that's LTE
<DocScrutinizer05> see VoLTE
<DocScrutinizer05> (WLAN) manufacturers like AVM already start removing features for downgrade and flashing of unsigned firmware, from their FritzBoxes
<DocScrutinizer05> soon whole laptops will suffer similar fate
<DocScrutinizer05> unless they go the Neo900 way of strict separation/isolation
<DocScrutinizer05> and you see how attractive it is to not go cheap mainstream hardware-wise
<ds2> I know about VoLTE - I am saying forcing a seperation between IP provider and service (Voice, etc) provider
<DocScrutinizer05> soon 90% of laptops come with (windoze, Android) OS tivoized onto the platform, while the remaining 10% are either *significantly* more expensive or come without any WLAN
<DocScrutinizer05> ds2: well, that's in LTE base specs already
<DocScrutinizer05> incl quite intricate accounting protocols and all
<ds2> yes but htat is one company
<DocScrutinizer05> basically that's prolly the main reason VoLTE is still not widely adopted
<ds2> i am saying allow 1 company to provide one or other but not both
<DocScrutinizer05> no, LTE specifies that the services need independent implementation
<ds2> LTE implies an underlying LTE carrier, right?
<ds2> where as I envision a world where you buy IP like you buy electricity
<DocScrutinizer05> it just happens that no alternative service providers for VoLTE are entering the market yet since there is no market yet
<ds2> if I want to use it for lights, I build a light fixture, etc
<ds2> at the same time, outlaw all the integrated voice protocols
<DocScrutinizer05> LTE is transport (the cable). On top you get connectivity/data (the ISP), and VoLTE (your phone company). The three are completely independant, like they are on landline
<ds2> and no one is selling it that way
<ds2> I should be able to say I want voice and I get a password/auth. it is none of their business how I choose to transport the vocie
<DocScrutinizer05> exactly, since there is no market yet, mainly because of the highly intricate accounting
<ds2> why is such an accounting needed?
<DocScrutinizer05> the transport company is responsible for invoicing you
<ds2> I much rather get multiple invoices
<DocScrutinizer05> since they are also the ones to authenticate you
<ds2> hmmm?
<DocScrutinizer05> well, that's how LTE is specified
<ds2> hence why I am purposely not calling out LTE
<DocScrutinizer05> VoLTE providers rely on the transport service to authenticate their users
<DocScrutinizer05> even more intricate: roaming/handover when you move from a LTE zone into a UMTS-only zone during a call
<DocScrutinizer05> you need handover of calls from one voicecall provider to another one in that situation
<DocScrutinizer05> now figure what that means for accounting ;-P
<DocScrutinizer05> and the accounting protocols
<DocScrutinizer05> tariff negotiation afaik happens at start of call
<DocScrutinizer05> now one carrier's freecall number might be another carrier's premium
* DocScrutinizer05 shudders
arossdotme has quit [Ping timeout: 276 seconds]
arossdotme has joined #neo900
<DocScrutinizer05> ((forcing a seperation between IP provider and service (Voice, etc) provider)) you can't forbid transport provider to also offer voice service. If you did, they'd just spawn a new company for that
<DocScrutinizer05> technically the separation is mandatory in LTE, just there are no restrictions who may offer what
<DocScrutinizer05> and so far most LTE networks not even offer VoLTE on a technical level
<DocScrutinizer05> no matter which company is the provider
<DocScrutinizer05> when you want plain SIP via data carrier, you're free to do so. I have that on N900 since years
<DocScrutinizer05> in that case auth is not done via transport layer
<DocScrutinizer05> you simply use your password, just like you asked for above
<DocScrutinizer05> VoLTE however is designed to avoid exactly this requirement
<ds2> SIP's offering is scant
<ds2> what I want is a choice of carriers. so rather then having to compromise on data/voice/etc offerings; I want to pick and choose
<DocScrutinizer05> again, that's what LTE is all about
<ds2> you are missing my point
<DocScrutinizer05> yes,obviously
<ds2> LTE Is fine if all you care about is wireless
<ds2> i want the same thing regardless of what is the underlying transport
<DocScrutinizer05> o.O
<ds2> it is none of their business if I want to do Voice over IP over pigeons for example
<DocScrutinizer05> sipgate doesn't care you using pigeons
<ds2> yes but VoLTE does
<DocScrutinizer05> sipgate works via DSL, LTE, UMTS, landline 56k modem...
<DocScrutinizer05> again, a last time: VoLTE is meant to use authentication via transport layer, so you can switch providers in an instant
<DocScrutinizer05> otherwise it would be caled VoPIGEON
<ds2> this is getting way OT :D
<DocScrutinizer05> if you want that, use it, but don't ask LTE to take care, beyonf them providing transport, and via possibly other provide data transport
<DocScrutinizer05> you're free to use SIP on LTE. You're free to use VoLTE via LTE (if it eventually gets implemented)
<DocScrutinizer05> don't demand VoLTE competing / mimicking SIP
<DocScrutinizer05> maybe you VoIP provider offers SIP *and* VoLTE eventually, integrated services
<DocScrutinizer05> maybe some already do, I dunno
<DocScrutinizer05> then you actually could choose if you want to use their SIP service or their VoLTE service over your LTE
<DocScrutinizer05> with VoLTE working way more reliably
<ds2> my whole point is - stop offering theirs alternatives. one service agnostic to the transport
<DocScrutinizer05> particularly during handover etc
<ds2> yes, I can use SIP now but #@%$#$@#$@#$ carriers are insisting on bundling crap
<DocScrutinizer05> *sigh* tell that your VoIP provider
<DocScrutinizer05> no, they don't insist