IRC: #boycottnovell @ FreeNode: Sunday, April 11, 2021

-TechrightsBN/#boycottnovell-nitter.cc | zoobab "NO Software Patents" (@zoobab): "Breaking News: Campinos to Appear Before the Legals Affairs Committee of the European Parliament on Monday 12 April http://techrights.org/2021/04/10/campinos-juri/ #epo #juri #europarl" | nitter

https://nitter.cc/NormanTShenley/status/1381200451379601410#m

Techrights-sec

-TechrightsBN/#boycottnovell-nitter.cc | N.Shenley- Tweets by @miserablesatire from 130121 (@NormanTShenley): "The Gates's house and Rick Allen Jones - is what we should all be asking more questions about. http://techrights.org/2020/06/23/engineer-of-bill-gates/" | nitter

*rianne_ has quit (Ping timeout: 252 seconds)

Apr 11 15:58

*liberty_box has quit (Ping timeout: 260 seconds)

Apr 11 15:58

*rianne_ (~rianne@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell

Apr 11 16:01

*liberty_box (~liberty@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell

Apr 11 16:02

*liberty_box has quit (Ping timeout: 252 seconds)

Apr 11 17:25

*rianne_ has quit (Ping timeout: 240 seconds)

Apr 11 17:25

*rianne_ (~rianne@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell

Apr 11 17:27

schestowitz

I have changed the monitoring with apachetop slightly for tuxmachines to better understand the nature of the attacks. Tomorrow gyms reopen; if the site is under attack, would you be able to give the DB a kick (if needed)? It's one command.

Apr 11 17:34

*liberty_box (~liberty@host81-154-169-167.range81-154.btcentralplus.com) has joined #boycottnovell

Apr 11 17:37

schestowitz

Re: EPO questions for tomorrow in JURI

Apr 11 17:48

schestowitz

> Hi,

schestowitz

schestowitz

> If you have some questions to ask to Mr Campinos, let me know.

schestowitz

schestowitz

> I have drafted some and sent them to some MEPs.

schestowitz

Ask him about Microsoft outsourcing and EPOTIF ('shadow budget'), then baseless claims of GDPR compliance.

schestowitz

> Hi Roy,

schestowitz

schestowitz

> I noticed your recent blog about hosting and censorship.

schestowitz

schestowitz

> Some of the sites moved from Hetzner.de to Orangewebsite.com (Iceland).

schestowitz

schestowitz

> There were a handful of SLAPP requests on Hetzner

schestowitz

schestowitz

> There have been no SLAPP requests through Orangewebsite.com

schestowitz

schestowitz

> On the broader censorship question, I don't just write blogs. I've been

schestowitz

> looking at some robust solutions. People are complaining about all the

schestowitz

> following being censored:

schestowitz

schestowitz

> - Planet sites (Planet Fedora stopped syndicating any blogs during the

schestowitz

> first week of the hate letter, it could just be coincidence)

schestowitz

schestowitz

> - IRC (users in the rms-support-letter forum opened an issue about

schestowitz

> Freenode and OFTC both kicking people who support RMS)

schestowitz

schestowitz

> - Discourse forums (since moving discussions from email to Discourse,

schestowitz

> Red Hat and Mozilla have both been particularly vicious in pruning

schestowitz

> conversations)

schestowitz

schestowitz

> - Mastadon (you blogged about this yourself)

schestowitz

schestowitz

> - conferences (see my comments about Google pulling funding from OSCAL,

schestowitz

> I have other emails about conference speaker censorship too, then there

schestowitz

> is the Linus/DebConf thing)

schestowitz

schestowitz

> - packages: notice that some packages vanish when Developers are subject

schestowitz

> to these plots

schestowitz

schestowitz

> I feel that solving the censorship problem involves solving all

schestowitz

> together, not just attacking one of these things at a time.

schestowitz

schestowitz

> On your own publishing workflows, are you sharing any code that can help

schestowitz

> other people with any aspect of converting their content to a form that

schestowitz

> can live in Gemini and IPFS? HTML has issues with relative links and

schestowitz

> this is compounded when the blogs are syndicated in Planet sites. The

schestowitz

> Planet sites need absolute links in the IMG tags but IPFS needs relative

schestowitz

> links. A static site generator like Jekyll may be able to turn out

schestowitz

> multiple versions of the same site with both types of link or it may be

schestowitz

> able to use different conventions in the rss.xml and regular HTML.

schestowitz

The nature of the censorship we deal with in Techrights is quite different. Social control media is, in general, not a good idea at all. It's temporarily useful in some cases, but over the long run it's just data loss.

schestowitz

All in all, the tactics and tone used define who will support you and who you will alienate. Recently some people complained about unwanted emails and "doxing".

schestowitz

(Re: hosting changes, SLAPP, censorship)

Techrights-sec

Apr 11 19:38

Techrights-sec

ack I don't see any of them in my monitoring so I must modify them, but

Apr 11 19:38

Techrights-sec

don't know the approach to take yet.

Apr 11 19:38

schestowitz

some time ago I fixed DNS issues (DNS servers that were retired 13 days ago without me noticing), also scanned the TM DB... no issues found

Apr 11 19:39

schestowitz

I also combined all the CSS files into one, but the DB still goes into a frenzy due to some reason sometimes, restarting it seems like the only way to go

Apr 11 19:40

schestowitz

can we maybe set a rule to restart mysqld when cpu load is maxed?

Apr 11 19:41

schestowitz

Yesterday, or last night, I saw the same scraping type attack directed at TM and TR at the very same time, so it looks like someone does something by intention

Apr 11 19:41

Techrights-sec

what else could possibly be optimized?

Apr 11 19:42

Techrights-sec

Can Varnish be put in front?

Apr 11 19:42

Techrights-sec

Is the origin of the attacks limited to a set of IP addresses or a subnet?

Apr 11 19:43

Techrights-sec

If so, then they could be filtered out in the net.

Apr 11 19:43

schestowitz

my thoughts are, maybe it's time to upgrade this OS and DB, because it needs to be done regardless

Apr 11 19:44

Techrights-sec

Yes, I think that upgrading would help very much. It would allow other

Apr 11 19:46

Techrights-sec

mitgations too

Apr 11 19:46

Techrights-sec

I wonder if I should introduce a short(er) timeout in the monitoring

Apr 11 20:08

Techrights-sec

scripts on this end.

Apr 11 20:08

schestowitz

There are lots of improvements we can do, there's always maintenance stuff to be done, and the scale of the sites justifies the efforts. I just want not too move too fast and break things, hence I typically make small changes each day, then judge the effects overnight, we don't have a CI-type pipeline

Apr 11 20:09

Techrights-sec

A full update of the OS is needed, that might break things.

Apr 11 20:10

schestowitz

for sure, but for TM we need older versions of some things, even if LTS versions

Apr 11 20:11

Techrights-sec

Well, I still have that spare machine for testing available for a few more days.

Apr 11 20:17

Techrights-sec

Perhaps a VM could be set up there and then copied over to HV?

Apr 11 20:17

schestowitz

I was thinking exactly that...

schestowitz

the general task is, make TM work the same there, but on a newer OS

schestowitz

as a VM that is portable

schestowitz

or a container

Techrights-sec

I guess lxd could be set up there , but qemu is more familiar.

Apr 11 20:21

schestowitz

with the DB on TM going into weird frenzies under attack and sometimes without any (I've scanned it several times) I think it's time to rush up the move to something newer

Apr 11 20:23

Techrights-sec

Is there a strong preference either way? lxd or qemu?

Apr 11 20:23

schestowitz

lxd is used in alpine, but with the VMs qemu too was used. lxd for the containers

Techrights-sec

I agree.

Techrights-sec

What about moving to PostGresql at the same time?

Techrights-sec

That's probably the way forward in general after the Oracle acquisition of

Techrights-sec

mysql

schestowitz

drupal is better with mysql, I think

Apr 11 20:25

Techrights-sec

What about wordpress though?

Apr 11 20:27

schestowitz

works better with mysql, but in theory can be made to work with other DBs

Apr 11 20:27

Techrights-sec

Ok, then that would be for much, much later. The3 main task is a new OS.

Apr 11 20:28

schestowitz

This might need postponing, due to heavy workload on kaniini's side (more to follow in a mo)

Apr 11 20:29

schestowitz

in the meantime, do you know how to trigger mysqld restart when the load picks? The conditional statement in bash is the key part I am not familiar with

Apr 11 20:31

Techrights-sec

It would be a value collected using https://wiki.bash-hackers.org/syntax/expansion/cmdsubst

Apr 11 20:32

-TechrightsBN/#boycottnovell-wiki.bash-hackers.org | Command substitution [Bash Hackers Wiki]

Apr 11 20:32

Techrights-sec

load=$(uptime | awk '{a=$(NF-2);sub(/,$/,"",a); print a}')

Apr 11 20:37

Techrights-sec

be sure to have a wait in there to prevent another type of DoS

Apr 11 20:37

schestowitz

techrights just came under ddos, same pattern as last night, I've temporarily blocked the target

Apr 11 20:39

Techrights-sec

see ~/load-trigger.sh

Apr 11 20:43

Techrights-sec

(unt3ested)

Apr 11 20:43

schestowitz

thanks, I will check

Apr 11 20:43

schestowitz

which machine?

Apr 11 20:47

schestowitz

never mind, found it, TR

Apr 11 20:48

schestowitz

[20:24] <sssssssssssssss> what up

schestowitz

[20:25] <schestowitz> :-D

schestowitz

[20:25] <schestowitz> is there a change we can upgrade tuxmachines to a new OS like alpine?

schestowitz

[20:25] <schestowitz> *chance

schestowitz

[20:26] <sssssssssssssss> probably in the future, i have been busy with work

schestowitz

[20:26] <schestowitz> yes, I could see based on IRC

schestowitz

[20:26] <schestowitz> thanks for the catch-up anyway and thanks for everything else

schestowitz

[20:26] <sssssssssssssss> and with the current issues in the FOSS world, i am tkaing a break from techrights et al

schestowitz

[20:28] <schestowitz> our world has been through tougher times in the past, e.g. SCO suit and Novell deal

schestowitz

[20:33] <sssssssssssssss> our world is under attack by daniel pocock

schestowitz

[20:33] <schestowitz> that too

schestowitz

[20:33] <schestowitz> he's really disappointing

schestowitz

[20:33] <sssssssssssssss> it's pretty amazing that he got the "RMS should fuck off" and "we love RMS" crowds to agree on something

schestowitz

[20:36] <sssssssssssssss> anyway, this is precisely why i urged you to not syndicate his content. he is literally just making stuff up and quoting things out of context to make his points. he is angry that his debian developer privileges were suspended because he was mentoring his girlfriend as part of Google Summer of Code

schestowitz

[20:36] <sssssssssssssss> at this point, i think he is just angry in general

schestowitz

[20:37] <sssssssssssssss> but that makes him immensely dangerous to our world, as he only wishes to be destructive

schestowitz

[20:39] <sssssssssssssss> this is not the usual thing i involve myself in. my main goal is to build something that can possibly last a long time and be meaningful

schestowitz

[20:40] <sssssssssssssss> the thing is, pocock's motive is revenge against every person and institution he feels has wronged him. he isn't even pro-RMS, he's just pro-RMS *right now* because it's convenient to him to be