<Wizzup>
Noticed some instabilities, but nothing too bad
<Wizzup>
you can probably also increase the resolution but I didn't try that, I know it runs at higher resolutions as well (albeit slowly)
<Wizzup>
the current resolution (800x600) allows me to fluently(!) play videos
<DocScrutinizer05>
Wizzup: excellent! thanks a lot :-)
<Wizzup>
It does segfault when I start firefox (but only with firefox)
<Wizzup>
but surely that is fixable
<Wizzup>
this is using the old FB driver, not the new fancy KMS one
<Wizzup>
didn't get that to work anyway
<Wizzup>
(I probably could - but this works well enough)
<DocScrutinizer05>
Wizzup: I think you should post about this on tmo, incl details about host machine CPU and clock rate etc
<Wizzup>
alright, can do that (not right now)
<Wizzup>
I've also been thinking about somehow putting the n900 in host mode, while using the usb power lines to charge the n900. It's crazy but should be possible...
vakkov has quit [Ping timeout: 244 seconds]
<DocScrutinizer05>
that's absolutely not crazy but a rather normal supported operation mode of H-E-N :-)
jonwil has quit [Quit: ChatZilla 0.9.91.1 [SeaMonkey 2.33.1/20150321194901]]
arcean has joined #neo900
vakkov has quit [Ping timeout: 264 seconds]
jonsger has joined #neo900
vakkov has joined #neo900
mvaenskae has quit [Ping timeout: 255 seconds]
mvaenskae has joined #neo900
vakkov has quit [Ping timeout: 272 seconds]
vakkov has joined #neo900
paulk-collins has quit [Ping timeout: 256 seconds]
Kabouik has quit [Read error: Connection reset by peer]
vakkov has quit [Ping timeout: 255 seconds]
vakkov has joined #neo900
Kabouik has joined #neo900
mvaenskae has quit [Ping timeout: 255 seconds]
Kabouik_ has joined #neo900
Kabouik has quit [Ping timeout: 246 seconds]
dos1 has quit [Read error: Connection reset by peer]
paulk-collins has joined #neo900
che11 has quit [Ping timeout: 246 seconds]
che11 has joined #neo900
dos1 has joined #neo900
kolp has quit [Ping timeout: 250 seconds]
xes has joined #neo900
Pali has quit [Ping timeout: 265 seconds]
arcean has quit [Quit: App terminated!]
che11 has quit [Ping timeout: 246 seconds]
arossdotme has quit [Quit: Ex-Chat]
louisdk has joined #neo900
louisdk has quit [Remote host closed the connection]
che11 has joined #neo900
mvaenskae has joined #neo900
jonsger has quit [Quit: jonsger]
StevenC99 has joined #neo900
<StevenC99>
hello, I notice a new SSL cert was put on the web store, but there are issues with SSL trust chain; is someone already working on fixing it or would it help if I explain how to do that?
sparetire_ has joined #neo900
che11 has quit [Ping timeout: 245 seconds]
paulk-collins has quit [Remote host closed the connection]
<StevenC99>
I'll mention here anyway for reference. the server has SSLCertificateFile configured but not SSLCertificateChainFile
<StevenC99>
it still works in chrome, but get errors in firefox and maybe others
<DocScrutinizer05>
please don't visit webstore
<StevenC99>
oh okay. there was a link to it in the FAQ
<StevenC99>
i can't see the contents of the website, still pw protected
<StevenC99>
but still noticed there are certificate errors
<DocScrutinizer05>
I actually wonder how you could reach it since the URL is supposed to be not mentioned anywhere - we want to keep it like this for a week until we sent out all vouchers - and so far it been protected by .htaccess too
<DocScrutinizer05>
StevenC99: anyway could you please elaborate on cert issues? dos1 implemented a new cert yesterday
<wpwrak>
linking to shop-letter ...
<StevenC99>
try something other than Chrome and I think you'll get warnings about unknown certificate issuer because that is missing
<DocScrutinizer05>
wpwrak: good
<DocScrutinizer05>
dos1: ^^^^ please check
<wpwrak>
DocScrutinizer05: you may want to be more specific regarding what dos1 should check (i.e., SSLCertificateChainFile)
arossdotme has joined #neo900
<StevenC99>
this is in Apache mod_ssl config, though maybe you administer the server via some webpanel instead
<DocScrutinizer05>
tbh I have pretty few clue about that stuff
<wpwrak>
updated the faq link
<DocScrutinizer05>
thanks
<StevenC99>
can anyone at least confirm the SSL certificate error?
<DocScrutinizer05>
sorry?
<StevenC99>
has anyone besides myself, seen the SSL certificate error when testing the web shop?
<DocScrutinizer05>
I confirmed we got a new cert instead of the selfsigned we used before, yesterday
<StevenC99>
i'm referring to the new cert
<dos1>
StevenC99: I haven't seen the error, but you're correct that there's no ChainFile configured
<StevenC99>
do you know how to configure that?
<dos1>
interesingly, it works on Firefox for me
<dos1>
yeah, will do it soonish :)
<StevenC99>
I'm using slightly older Firefox ESR
<dos1>
aah, that may explain it
<StevenC99>
on Linux
<StevenC99>
while you're there...
<dos1>
thanks for heads up!
<StevenC99>
the server support SSLv3 so is vulnerable to the POODLE downgrade attack by man-in-the-middle
<StevenC99>
it's unlikely and not a noticeable issue but thought I'd let you know
<wpwrak>
StevenC99: my firefox 36.0.1 also complains
<wpwrak>
chromium seems happy. almost too happy, for it has seen the site before. guess it doesn't do cert pinning yet ...
<dos1>
StevenC99: haven't got into configuring all ciphers and stuff yet, but will do it somewhere this week
<StevenC99>
okay. you may at least want to set SSLProtocol All -SSLv2 -SSLv3
<dos1>
will check for perfect forward secrecy as well while at it :)
<StevenC99>
but thanks, just making sure you knew this before vouchers started going out
<StevenC99>
ah yeah, well...
<wpwrak>
rekonq also complains (but is less explicit about the nature of the problem than firefox)
<StevenC99>
for PFS you could use a larger DH modulus size, and maybe that's tricky if the server OS is quite old
<StevenC99>
may I ask what OS this is running?
<wpwrak>
ah, chromium complains, too. but quietly.
<StevenC99>
thanks wpwrak
<DocScrutinizer05>
dos1: could you provide the first 20 for approval, so I could _finally_ have a shower? ;-D
<wpwrak>
chromium has the lock-with-yellow-triangle. when you click on it, there's more info. and then you can click for even more details.
<StevenC99>
odd, my chromium doesn't complain at all
<StevenC99>
v37
<wpwrak>
here Version 41.0.2272.76 Ubuntu 14.04 (64-bit)
<dos1>
wpwrak: yellow triangle should be for mixed-content (http images etc. on https page)
<StevenC99>
does it specifically mention the certificate chain issue, or is it referring to other issues?
<dos1>
cert issue wouldn't be this quiet
<StevenC99>
I agree, sounds like a different issue
<wpwrak>
dos1: i think it tries to tell me that the cert looks okay but doesn't have the usual paper trail (but google knows what these papers would say, and uses this "non-public" information)
<StevenC99>
the audit trail thing shows for most SSL certs and doesn't cause the triangle
<wpwrak>
ah, it's more subtle: the triangle does indeed mean mixed content. and it hides the other one ;-)