00:12:13  <kumavis>ogd: moving to seattle - just got tickets for toorcamp http://toorcamp.toorcon.net/ - still planning on doing a hacker camp around june
00:12:26  <kumavis>that last one was a question
00:20:27  <jfhbrook>where from kumavis (and why) ?
00:20:47  <kumavis>east bay
00:21:03  <mikolalysenko>kumavis: shit, if you are in town we should hang out before you go
00:21:13  <mikolalysenko>I just moved here for a job
00:21:36  <kumavis>its somewhat temporary, we needed to be somewhere in the us for a year or two, then maybe south east asia
00:21:52  <kumavis>my brother lives there, and he has a kiddo and i have a kiddo
00:22:01  <kumavis>and they can be kiddos togehter
00:22:17  <kumavis>mikolalysenko: o rly!
00:22:19  <kumavis>where?
00:22:24  <mikolalysenko>oakland
00:22:55  <kumavis>nice
00:23:01  <kumavis>yes we should meet indeed
00:23:49  <jfhbrook>why do you need to be in the us kumavis ?
00:24:02  <kumavis>citizenship application for waifu
00:24:56  <jfhbrook>oh, I see!
00:24:59  <jfhbrook>where's your wife from?
00:25:24  <kumavis>japan
00:25:34  <jfhbrook>oh neat!
00:25:56  <kumavis>yeah we mostly speak j at home
00:25:59  <jfhbrook>how did you meet?
00:26:07  <kumavis>we met in hawaii
00:26:08  <jfhbrook>how did you learn japanese?
00:26:11  <jfhbrook>ohhh
00:26:15  <jfhbrook>that makes total sense actually
00:26:20  <kumavis>smack dab in the middle
00:26:29  <jfhbrook>I have a friend from japan, she said there are a lot of japanese tourists there due to proximity
00:26:44  <kumavis>ive studied japanese formally and informally for a decade
00:27:21  <kumavis>also been on quite a few hitchhiking trips in the j countryside
00:28:06  <kumavis>its true, i had a lot of job ops as interpreter when i was there
00:28:32  <jfhbrook>how'd you end up in hawaii?
00:28:53  <kumavis>i move their from tianjin, china
00:29:07  <kumavis>hah your unraveling a long and winding story
00:30:22  <kumavis>basically u of hawaii has a good j program and i didnt want to return to my previous u
00:30:34  <kumavis>china was a little adventure in the middle
00:32:08  <jfhbrook>where were you previously?
00:32:23  <jfhbrook>I feel so poorly traveled right now
00:32:25  <kumavis>tianjin was kinda meh. im very grateful for the experience but so much booze and cigarettes
00:32:35  <jfhbrook>I've moved a few times but not a lot of straight up adventuring
00:32:38  <jfhbrook>only internationally once
00:32:48  <jfhbrook>luckily I like booze and cigs
00:33:00  <jfhbrook>I like weed more though, what's that situation like in tianjin?
00:33:08  <jfhbrook>why tianjin specifically? I don't know that I've even heard of it
00:33:18  <kumavis>previously was u of wisconsin madison - another crossing with mikolalysenko but i think not at the same time
00:33:36  <kumavis>tianjin is kinda weird not much going on there
00:33:48  <kumavis>or well a lot of building and growth and stuff
00:33:56  <jfhbrook>man I wonder what it's like buying trees in a foreign country where you're terrible at the language
00:34:05  <kumavis>but nothing i found interesting
00:34:26  <kumavis>we got access to hash balls that were probly mostly just dirt
00:34:37  <kumavis>idk but its what we had
00:35:04  <kumavis>tianjin was bc partnership with u of wisc
00:35:07  <jfhbrook>hand-rolled hash? niiice
00:35:23  <jfhbrook>I had a lot of that in India, but the Indian stuff was top-notch for the most part
00:36:11  <kumavis>yeah this was bottom shelf
00:37:36  <kumavis>im really curious about india would love to go
00:38:10  <jfhbrook>it's a fucking circus
00:38:18  <jfhbrook>but I had a really good time
00:38:48  <jfhbrook>driving is batshit insane
00:39:02  <jfhbrook>the alcohol is not great, but the hash is fantastic
00:39:15  <jfhbrook>I was in Goa, which has a lot of huge tropical trance raves
00:40:39  <jfhbrook>and the drugs that come with that
00:41:54  <kumavis>phase II, moving to south east asia, is more about setting up a base and then exploring more from there
00:42:04  <kumavis>and goa is definitely on that list
00:42:49  <kumavis>$300/mo for 4 bedroom in chiangmai + 15k usd for 10 year visa
00:43:02  <kumavis>chiangmai, thailand
01:21:35  * contrahaxjoined
01:25:51  * prfquit (Remote host closed the connection)
01:29:56  * pfrazequit (Ping timeout: 240 seconds)
02:18:17  <jjjohnny>latest code music https://soundcloud.com/johnnyscript/break-or-bust
02:18:57  <jjjohnny>substack: thats the one you couldn't play on yr computer previously
02:20:44  * dguttmanquit (Quit: dguttman)
03:16:17  * pfrazejoined
03:19:44  * prfjoined
03:26:53  * prfquit (Remote host closed the connection)
03:38:30  * shamaquit (Quit: (╯°□°)╯︵ɐɯɐɥs)
03:40:26  * prfjoined
05:01:29  * prfquit (Remote host closed the connection)
05:09:29  <feross>mafintosh and i have just been working on a safer node.js buffer https://github.com/feross/safe-buffer
05:09:37  <feross>looking for feedback from folks
05:10:20  <feross>i think we'll open an issue on node core and see if they're open to moving the uninitialized memory part to a new function call
05:19:24  * prfjoined
05:22:05  * pfrazequit (Ping timeout: 250 seconds)
05:23:16  <feross>mafintosh: https://github.com/nodejs/node/issues/4660
05:24:57  <mafintosh>feross: nice
05:25:15  <mafintosh>feross: i wonder what the reaction will be. you explained it well
05:25:51  <feross>mafintosh: yeah, the downside to returning zeroed out memory seems minimal
05:26:07  <feross>all maintained packages that are performance critical will get updated to Buffer.alloc really quickly
05:26:16  <feross>and the others will get magically safe from this attack
05:34:08  <noffle>feross: well written!
05:34:37  <feross>noffle: thx :)
05:40:06  <noffle>feross: how did you make the decision of whether to disclose it publicly? I'm curious what the timeline of this looked like. private conversation /w node security team first?
05:41:04  <feross>we fixed our own package immediately and then talked with node security about making a disclosure with CVE
05:41:19  <feross>deprecated on npm, so people get warnings on install too
05:41:41  <feross>then we found the ws one, emailed the author privately, and he fixed it within a day
05:41:56  <feross>then node security did a disclosure for that too
05:42:14  <feross>then we tossed around the idea for a few days about making a safe-buffer package
05:42:49  <feross>we did it tonight, then realized that we could do this in core without removing new Buffer(number)
05:43:11  <feross>by zeroing instead of removing the whole API we can be backwards compatible
05:44:02  <feross>even though this is arguably a security issue, it's so widespread and not directly actionable, I think that node will only include it in a semver major release
05:44:14  <feross>and for that it's going to need public discussion
05:45:24  <feross>what I mean is that it's not a direct problem with core, it's just an unfortunate design that could be better
05:45:40  <feross>and will cause downstream security issues until it's changed
05:46:54  <noffle>interesting
05:47:25  <noffle>still; surprised that they're waiting for major, just considering how easily "exploitable" it is
05:47:47  <jjjohnny>brb gonna check netflix vulnerability and chill #bufferbleed
06:31:21  * prfquit (Remote host closed the connection)
07:15:29  * peutetrejoined
07:16:06  * peutetrequit (Client Quit)
07:34:08  * fotoveritequit (Quit: fotoverite)
08:49:34  <karissa>It's like mysql _real_escape_string
08:54:17  * djcoinjoined
09:12:35  * drptbljoined
10:02:00  * peutetrejoined
10:11:53  * drptblquit (Quit: My MAC has gone to sleep. zZz..)
10:17:32  * drptbljoined
10:22:40  <rom15043>I guess it is exploitable, but this is really the same behavior as malloc, and you wouldn't ask c people to change malloc. But then I guess c programmers know better what they are doing, so there might be less problems with that in c
10:32:05  * peutetrequit (Quit: ...)
10:35:46  * peutetrejoined
10:39:22  <rom1504>(I mean they might know better because c is generally unsafe, so they're already careful for other reasons)
10:58:44  <joepie91>FYI
10:58:50  <joepie91>ffmpeg is pwn
10:58:52  <joepie91>I repeat, ffmpeg is pwn
10:59:09  <joepie91>if you run anything ffmpeg-based on a server (or a desktop, like a file search / thumbnailer...), this is a good moment to turn it off
10:59:12  <joepie91>https://twitter.com/skovorodan/status/687204381373165568
11:09:46  * chrisdickinsonquit (Ping timeout: 240 seconds)
11:13:33  * chrisdickinsonjoined
11:30:27  <emilbayes>mafintosh: Is it possible to make my local machine accessible to the internet automatically? I'm looking at upnp, nat-pmp and pcp, but I'm wondering if what I'm trying to do is impossible and maybe you have been looking at this (or know the answer)?
11:39:19  * djcoinquit (Quit: WeeChat 1.0.1)
11:47:15  * contrahaxquit (Quit: Sleeping)
11:52:13  * contrahaxjoined
11:56:04  * peutetrequit (Quit: ...)
12:00:38  * peutetrejoined
12:25:24  <mafintosh>emilbayes: from a fixed location or in general?
12:26:19  <emilbayes>mafintosh: Fixed? (if that makes it easier)
12:26:22  * emilbayesnot sure
12:26:41  <mafintosh>emilbayes: i mean is the computer always connected to the same router?
12:27:22  <emilbayes>mafintosh: For the durating of "being exposed". I mean, the user could retry if they're changing network
12:28:22  <emilbayes>mafintosh: I don't know if what I'm saying makes any sense
12:28:57  <mafintosh>emilbayes: in short, yes there are ways but it depends a lot on the routers between you and the internet
12:29:32  <emilbayes>mafintosh: Alright :S Maybe bittorrent would be an example. How do you connect peers? Through the tracker or?
12:30:05  <mafintosh>emilbayes: mainly the dht
12:30:55  <emilbayes>mafintosh: I guess bittorrent is not exactly the same since it's peer to peer, and I was more hoping to expose my local machine temporarily. The wikipedia description of the purpose nat-pmp is exactly what I want to do, but support seems to be flaky :(
12:35:15  <emilbayes>mafintosh: Are there other protocols worth looking at or keywords I could search for to read more?
12:40:03  <mafintosh>emilbayes: nat-upnp / pmp is the way to go for your use-case
12:40:58  <mafintosh>emilbayes: there is no guarantee of success (if there are two routers between you and the internet you are basically fucked)
12:46:45  <emilbayes>mafintosh: I think that's what's going on here at work :p Might that be the reason bittorrent doesn't work here?
12:47:17  <emilbayes>I see lots of people posting that utorrent doesn't work if neither are enabled or if the network has multiple layers
12:47:42  <mafintosh>emilbayes: bittorrent doesnt really have this problem since it just requires at least one connection in the swarm to work
12:48:00  <mafintosh>emilbayes: and if someone else isn't behind two nats chances are you can connect to them
12:48:18  <mafintosh>emilbayes: it probably doesn't work at work because the explicitly filter out bt traffic
12:48:30  <emilbayes>mafintosh: Oh yeah, that makes sense
12:48:58  <emilbayes>mafintosh: Yeah, they probably do :/
12:55:43  <mafintosh>emilbayes: what are you up to today? wanna hack?
12:56:13  <emilbayes>Yeah, just having lunch. I have something on at 18.45
12:56:17  <emilbayes>Where are you?
12:56:25  <emilbayes>^ mafintosh
12:56:36  <mafintosh>emilbayes: i have something around then too
12:56:52  <emilbayes>Let me just finish eating and we can hack
12:56:54  * peutetrequit (Quit: ...)
12:57:01  <mafintosh>emilbayes: just getting up. we can meet at islands brygge maybe?
12:57:02  <emilbayes>mafintosh: Where abouts are you now?
12:57:14  <mafintosh>emilbayes: home half awake
12:57:30  <emilbayes>mafintosh: Haha, I can be there in 30 - 45?
12:57:52  <emilbayes>mafintosh: Do you have a lighting bolt charger?
12:59:04  * peutetrejoined
13:06:22  <mafintosh>emilbayes: is that the phone charger?
13:06:30  <emilbayes>mafintosh: Yeah
13:06:38  <emilbayes>mafintosh: For 5 and 6
13:06:44  <mafintosh>emilbayes: have one of those yea. i need a quick shower and then i'll head to islands brygge
13:06:54  <mafintosh>emilbayes: are you on bike?
13:07:16  <emilbayes>mafintosh: Not yet, haven't bought one
13:07:28  <mafintosh>emilbayes: okay no worries
13:07:34  <mafintosh>emilbayes: see you there!
13:07:40  <emilbayes>mafintosh: Write here when you're heading out
13:07:46  <mafintosh>wil ldo
13:31:20  * peutetrequit (Ping timeout: 260 seconds)
13:38:31  <mafintosh>emilbayes: cykler ind til opbeat paa bryggen nu
13:38:45  <emilbayes>mafintosh: Det er i founders house, right?
13:39:02  <mafintosh>emilbayes: lige ved siden af ja
13:39:54  * peutetrejoined
13:57:46  <emilbayes>mafintosh: jeg er der ca nu
14:27:50  * prfjoined
14:59:44  * dguttmanjoined
15:05:11  * prfquit (Remote host closed the connection)
15:06:37  * prfjoined
15:16:45  * prfquit (Remote host closed the connection)
15:33:19  * pfrazejoined
15:40:08  * peutetrequit (Quit: ...)
15:40:46  * prfjoined
15:42:37  * peutetrejoined
16:09:46  * fotoveritejoined
16:24:19  * contrahaxquit (Quit: Sleeping)
16:45:15  * peutetrequit (Quit: ...)
17:11:25  * drptblquit (Quit: My MAC has gone to sleep. zZz..)
17:14:07  * shamajoined
17:14:44  * peutetrejoined
17:25:15  * peutetrequit (Quit: ...)
17:37:23  * warbrett_joined
17:37:45  * warbrett_changed nick to warbrett
18:08:29  * jcrugzzquit (K-Lined)
18:08:35  * kumavisquit (K-Lined)
18:08:35  * warbrettquit (K-Lined)
18:08:35  * tanepiperquit (K-Lined)
18:08:49  * DamonOehlman__quit (K-Lined)
18:08:49  * benglquit (K-Lined)
18:08:49  * parshapquit (K-Lined)
18:08:49  * tmpvarquit (K-Lined)
18:08:49  * mafintoshquit (K-Lined)
18:08:49  * kikobeatsquit (K-Lined)
18:08:49  * toddselfquit (K-Lined)
18:08:49  * indexzeroquit (K-Lined)
18:08:49  * meschquit (K-Lined)
18:08:49  * montesluquit (K-Lined)
18:08:49  * sorribas_quit (K-Lined)
18:08:49  * beaugundersonquit (K-Lined)
18:08:50  * hughskquit (K-Lined)
18:08:50  * owenb________quit (K-Lined)
18:08:50  * machtyquit (K-Lined)
18:08:50  * emilbayesquit (K-Lined)
18:08:50  * ELLIOTTCABLEquit (K-Lined)
18:08:50  * mikolalysenkoquit (K-Lined)
18:08:50  * ferossquit (K-Lined)
18:08:50  * ngoldmanquit (K-Lined)
18:08:50  * rvagg_quit (K-Lined)
18:08:50  * HannahWolfequit (K-Lined)
18:08:50  * brycebarilquit (K-Lined)
18:08:50  * ogdquit (K-Lined)
18:08:50  * hackygolucky_quit (K-Lined)
18:08:50  * bretquit (K-Lined)
18:08:50  * mappumquit (K-Lined)
18:08:50  * dubroy__________quit (K-Lined)
18:08:50  * ehdquit (K-Lined)
18:08:50  * finnpquit (K-Lined)
18:08:50  * addisonjquit (K-Lined)
18:08:51  * daleharveyquit (K-Lined)
18:08:51  * jden_quit (K-Lined)
18:08:51  * karissaquit (K-Lined)
18:08:51  * Raynosquit (K-Lined)
18:08:51  * tobiequit (K-Lined)
18:08:51  * jhieseyquit (K-Lined)
18:08:51  * andreypoppquit (K-Lined)
18:08:51  * cndquit (K-Lined)
18:08:51  * mmckeggquit (K-Lined)
18:08:51  * freeman-labquit (K-Lined)
18:08:51  * eugenewarequit (K-Lined)
18:08:51  * nrwquit (K-Lined)
18:08:51  * h0kequit (K-Lined)
18:08:51  * pkruminsquit (K-Lined)
18:08:51  * jlord_quit (K-Lined)
18:08:52  * wa7sonquit (K-Lined)
18:08:52  * Domenicquit (K-Lined)
18:08:52  * calvinmetcalf__quit (K-Lined)
18:08:52  * jbenetquit (K-Lined)
18:08:52  * sindresorhusquit (K-Lined)
18:10:30  * emilbayesjoined
18:12:04  * mikolalysenkojoined
18:12:05  * ELLIOTTCABLEjoined
18:12:12  * bretjoined
18:14:45  * machtyjoined
18:15:24  * Domenicjoined
18:15:41  * sindresorhusjoined
18:15:45  * tobiejoined
18:15:54  * mafintoshjoined
18:16:05  * beaugundersonjoined
18:16:06  * ngoldmanjoined
18:16:26  * jlord_joined
18:17:27  * jhieseyjoined
18:18:08  * addisonjjoined
18:18:23  * DamonOehlman__joined
18:18:24  * indexzerojoined
18:18:36  * ogdjoined
18:18:37  * owenb________joined
18:18:38  * mmckeggjoined
18:18:51  * parshapjoined
18:19:08  * andreypoppjoined
18:19:11  * mappumjoined
18:19:18  * jbenetjoined
18:19:19  * eugenewarejoined
18:19:26  * karissajoined
18:19:28  * h0kejoined
18:19:30  * jcrugzzjoined
18:19:30  * ferossjoined
18:19:35  * dubroy__________joined
18:19:47  * tanepiperjoined
18:20:06  * kumavisjoined
18:20:25  * Raynosjoined
18:20:27  * hackygolucky_joined
18:20:58  * daleharveyjoined
18:22:00  * monteslujoined
18:22:56  * finnpjoined
18:23:09  * rvagg_joined
18:24:04  * meschjoined
18:24:19  * hughskjoined
18:25:38  * jden_joined
18:25:48  * bengljoined
18:27:12  * calvinmetcalf__joined
18:27:21  * wa7sonjoined
18:27:24  * HannahWolfejoined
18:27:25  * cndjoined
18:28:12  * ehdjoined
18:28:13  * brycebariljoined
18:28:22  * sorribasjoined
18:28:26  * warbrettjoined
18:28:38  * pkruminsjoined
18:28:43  * nrwjoined
18:31:10  * tmpvarjoined
18:31:41  * toddselfjoined
18:32:17  * freeman-labjoined
18:32:41  * kikobeatsjoined
18:43:03  * darvonquit (Ping timeout: 260 seconds)
18:45:03  * darvonjoined
19:46:32  * darvonquit (Ping timeout: 256 seconds)
19:48:51  * peutetrejoined
19:55:32  * darvonjoined
19:55:52  * peutetrequit (Ping timeout: 272 seconds)
20:33:11  * phatedjoined
20:36:35  * shamaquit (Remote host closed the connection)
20:36:59  * shamajoined
21:28:54  * prfquit (Remote host closed the connection)
21:33:10  * pfrazequit (Ping timeout: 250 seconds)
21:38:42  * shamaquit (Quit: (╯°□°)╯︵ɐɯɐɥs)
22:17:05  * contrahaxjoined
22:18:10  * warbrettquit (Quit: Connection closed for inactivity)
23:03:26  * prfjoined
23:18:41  <rom1504>`Array(1000000).fill(0).map(() => new Buffer(50).toString('ascii')).filter((x) => x.indexOf('ToP') !== -1)[0]` is giving me "'ilter((x) => x.indexOf(\'ToP\') !== -1)[0]\nArray(100'" . Isn't that a fun application of uninitialized buffers :d ?
23:19:34  <rom1504>challenge : build a Quine using uninitialized buffers
23:19:51  * phatedquit (Remote host closed the connection)
23:24:17  <joepie91>haha
23:44:24  * phatedjoined
23:48:10  * prfquit (Remote host closed the connection)