Techrights logo

IRC: #boycottnovell @ FreeNode: Sunday, April 11, 2021

(ℹ) Join us now at the IRC channel | ䷉ Find the plain text version at this address.

*rianne_ has quit (Ping timeout: 240 seconds)Apr 11 01:35
*liberty_box has quit (Ping timeout: 240 seconds)Apr 11 01:36
*rianne_ ( has joined #boycottnovellApr 11 01:38
*liberty_box ( has joined #boycottnovellApr 11 01:39
*rianne_ has quit (Ping timeout: 268 seconds)Apr 11 02:05
*liberty_box has quit (Ping timeout: 268 seconds)Apr 11 02:06
*rianne_ ( has joined #boycottnovellApr 11 02:10
*liberty_box ( has joined #boycottnovellApr 11 02:11
*rianne_ has quit (Quit: Konversation terminated!)Apr 11 03:09
*rianne_ ( has joined #boycottnovellApr 11 03:09
*rianne_ has quit (Ping timeout: 252 seconds)Apr 11 03:57
*liberty_box has quit (Ping timeout: 252 seconds)Apr 11 03:58
*rianne_ ( has joined #boycottnovellApr 11 04:02
*liberty_box ( has joined #boycottnovellApr 11 04:10
schestowitz[01:02] <xxxx> Now someone allegedly sends spam with what dpocock tells us, about Red Hat, and signed with the name of a Fedora employee (who is against RMS, but didn't sign the letter)Apr 11 07:00
schestowitz[01:03] <xxx> s/employee/person/Apr 11 07:00
-TechrightsBN/ | Mail spam · Issue #6450 · rms-support-letter/ · GitHubApr 11 07:00
schestowitzx 11 07:57
schestowitz# sw patents drive deployement insteadApr 11 07:57
-TechrightsBN/ | NTFS, FAT, exFAT: Windows 10 File Systems ExplainedApr 11 07:57
*rianne_ has quit (Remote host closed the connection)Apr 11 08:07
*rianne_ ( has joined #boycottnovellApr 11 08:08
*liberty_box has quit (Ping timeout: 252 seconds)Apr 11 09:06
*rianne_ has quit (Ping timeout: 268 seconds)Apr 11 09:07
*rianne_ ( has joined #boycottnovellApr 11 09:09
*liberty_box ( has joined #boycottnovellApr 11 09:09
*liberty_box has quit (Ping timeout: 240 seconds)Apr 11 09:20
*rianne_ has quit (Ping timeout: 252 seconds)Apr 11 09:21
*liberty_box ( has joined #boycottnovellApr 11 10:07
*rianne_ ( has joined #boycottnovellApr 11 10:07
*liberty_box has quit (Ping timeout: 260 seconds)Apr 11 11:33
*rianne_ has quit (Ping timeout: 268 seconds)Apr 11 11:33
*rianne_ ( has joined #boycottnovellApr 11 12:44
*liberty_box ( has joined #boycottnovellApr 11 12:45
Techrights-sec 11 14:31
-TechrightsBN/ | zoobab "NO Software Patents" (@zoobab): "JURI EPO Poem: "The house has spoken The EPO is broken Bribery of token Regulators awoken Immunity! Impunity! Kangaroo courts dismantled Their composition was all meddled"" | nitterApr 11 14:31
Techrights-sec 11 14:32
-TechrightsBN/ | zoobab "NO Software Patents" (@zoobab): "Breaking News: Campinos to Appear Before the Legals Affairs Committee of the European Parliament on Monday 12 April #epo #juri #europarl" | nitterApr 11 14:32
Techrights-sec 11 14:32
-TechrightsBN/ | N.Shenley- Tweets by @miserablesatire from 130121 (@NormanTShenley): "The Gates's house and Rick Allen Jones - is what we should all be asking more questions about." | nitterApr 11 14:32
*rianne_ has quit (Ping timeout: 252 seconds)Apr 11 15:58
*liberty_box has quit (Ping timeout: 260 seconds)Apr 11 15:58
*rianne_ ( has joined #boycottnovellApr 11 16:01
*liberty_box ( has joined #boycottnovellApr 11 16:02
*liberty_box has quit (Ping timeout: 252 seconds)Apr 11 17:25
*rianne_ has quit (Ping timeout: 240 seconds)Apr 11 17:25
*rianne_ ( has joined #boycottnovellApr 11 17:27
schestowitzI have changed the  monitoring with apachetop slightly for tuxmachines to better understand the nature of the attacks. Tomorrow gyms reopen; if the site is under attack, would you be able to give the DB a kick (if needed)? It's one command.Apr 11 17:34
*liberty_box ( has joined #boycottnovellApr 11 17:37
schestowitzRe: EPO questions for tomorrow in JURIApr 11 17:48
schestowitz> Hi,Apr 11 17:49
schestowitz> Apr 11 17:49
schestowitz> If you have some questions to ask to Mr Campinos, let me know.Apr 11 17:49
schestowitz> Apr 11 17:49
schestowitz> I have drafted some and sent them to some MEPs.Apr 11 17:49
schestowitzAsk him about Microsoft outsourcing and EPOTIF ('shadow budget'), then baseless claims of GDPR compliance.Apr 11 17:49
schestowitz> Hi Roy,Apr 11 17:56
schestowitz> Apr 11 17:56
schestowitz> I noticed your recent blog about hosting and censorship.Apr 11 17:56
schestowitz> Apr 11 17:56
schestowitz> Some of the sites moved from to (Iceland).Apr 11 17:56
schestowitz> Apr 11 17:56
schestowitz> There were a handful of SLAPP requests on HetznerApr 11 17:56
schestowitz> Apr 11 17:56
schestowitz> There have been no SLAPP requests through Orangewebsite.comApr 11 17:56
schestowitz> Apr 11 17:56
schestowitz> On the broader censorship question, I don't just write blogs.  I've beenApr 11 17:56
schestowitz> looking at some robust solutions.  People are complaining about all theApr 11 17:56
schestowitz> following being censored:Apr 11 17:56
schestowitz> Apr 11 17:56
schestowitz> - Planet sites (Planet Fedora stopped syndicating any blogs during theApr 11 17:56
schestowitz> first week of the hate letter, it could just be coincidence)Apr 11 17:56
schestowitz> Apr 11 17:56
schestowitz> - IRC (users in the rms-support-letter forum opened an issue aboutApr 11 17:56
schestowitz> Freenode and OFTC both kicking people who support RMS)Apr 11 17:56
schestowitz> Apr 11 17:56
schestowitz> - Discourse forums (since moving discussions from email to Discourse,Apr 11 17:56
schestowitz> Red Hat and Mozilla have both been particularly vicious in pruningApr 11 17:56
schestowitz> conversations)Apr 11 17:56
schestowitz> Apr 11 17:56
schestowitz> - Mastadon (you blogged about this yourself)Apr 11 17:56
schestowitz> Apr 11 17:56
schestowitz> - conferences (see my comments about Google pulling funding from OSCAL,Apr 11 17:56
schestowitz> I have other emails about conference speaker censorship too, then thereApr 11 17:56
schestowitz> is the Linus/DebConf thing)Apr 11 17:56
schestowitz> Apr 11 17:56
schestowitz> - packages: notice that some packages vanish when Developers are subjectApr 11 17:56
schestowitz> to these plotsApr 11 17:57
schestowitz> Apr 11 17:57
schestowitz> I feel that solving the censorship problem involves solving allApr 11 17:57
schestowitz> together, not just attacking one of these things at a time.Apr 11 17:57
schestowitz> Apr 11 17:57
schestowitz> On your own publishing workflows, are you sharing any code that can helpApr 11 17:57
schestowitz> other people with any aspect of converting their content to a form thatApr 11 17:57
schestowitz> can live in Gemini and IPFS?  HTML has issues with relative links andApr 11 17:57
schestowitz> this is compounded when the blogs are syndicated in Planet sites.  TheApr 11 17:57
schestowitz> Planet sites need absolute links in the IMG tags but IPFS needs relativeApr 11 17:57
schestowitz> links.  A static site generator like Jekyll may be able to turn outApr 11 17:57
schestowitz> multiple versions of the same site with both types of link or it may beApr 11 17:57
schestowitz> able to use different conventions in the rss.xml and regular HTML.Apr 11 17:57
schestowitzThe nature of the censorship we deal with in Techrights is quite different. Social control media is, in general, not a good idea at all. It's temporarily useful in some cases, but over the long run it's just data loss.Apr 11 17:57
schestowitzAll in all, the tactics and tone used define who will support you and who you will alienate. Recently some people complained about unwanted emails and "doxing".Apr 11 17:57
schestowitz(Re: hosting changes, SLAPP, censorship)Apr 11 17:57
Techrights-sec Apr 11 19:38
Techrights-secack  I don't see any of them in my monitoring so I must modify them, but Apr 11 19:38
Techrights-secdon't know the approach to take yet.Apr 11 19:38
schestowitzsome time ago I fixed DNS issues (DNS servers that were retired 13 days ago without me noticing), also scanned the TM DB... no issues foundApr 11 19:39
schestowitzI also combined all the CSS files into one, but the DB still goes into a frenzy due to some reason sometimes, restarting it seems like the only way to goApr 11 19:40
schestowitzcan we maybe set a rule to restart mysqld when cpu load is maxed?Apr 11 19:41
schestowitzYesterday, or last night, I saw the same scraping type attack directed at TM and TR at the very same time, so it looks like someone does something by intentionApr 11 19:41
Techrights-secwhat else could possibly be optimized?Apr 11 19:42
Techrights-secCan Varnish be put in front?Apr 11 19:42
Techrights-secIs the origin of the attacks limited to a set of IP addresses or a subnet?Apr 11 19:43
Techrights-secIf so, then they could be filtered out in the net.Apr 11 19:43
schestowitzmy thoughts are, maybe it's time to upgrade this OS and DB, because it needs to be done regardlessApr 11 19:44
Techrights-secYes, I think that upgrading would help very much.  It would allow other Apr 11 19:46
Techrights-secmitgations tooApr 11 19:46
Techrights-secI wonder if I should introduce a short(er) timeout in the monitoringApr 11 20:08
Techrights-secscripts on this end.Apr 11 20:08
schestowitzThere are lots of improvements we can do, there's always maintenance stuff to be done, and the scale of the sites justifies the efforts. I just want not too move too fast and break things, hence I typically make small changes each day, then judge the effects overnight, we don't have a CI-type pipelineApr 11 20:09
Techrights-secA full update of the OS is needed, that might break things.Apr 11 20:10
schestowitzfor sure, but for TM we need older versions of some things, even if LTS versionsApr 11 20:11
Techrights-secWell, I still have that spare machine for testing available for a few more days.Apr 11 20:17
Techrights-secPerhaps a VM could be set up there and then copied over to HV?Apr 11 20:17
schestowitzI was thinking exactly that...Apr 11 20:18
schestowitzthe general task is, make TM work the same there, but on a newer OSApr 11 20:18
schestowitzas a VM that is portableApr 11 20:18
schestowitzor a containerApr 11 20:18
Techrights-secI guess lxd could be set up there , but qemu is more familiar.Apr 11 20:21
schestowitzwith the DB on TM going into weird frenzies under attack and sometimes without any (I've scanned it several times) I think it's time to rush up the move to something newerApr 11 20:23
Techrights-secIs there a strong preference either way?  lxd or qemu?Apr 11 20:23
schestowitzlxd is used in alpine, but with the VMs qemu too was used. lxd for the containersApr 11 20:24
Techrights-secI agree.Apr 11 20:24
Techrights-secWhat about moving to PostGresql at the same time?Apr 11 20:24
Techrights-secThat's probably the way forward in general after the Oracle acquisition of Apr 11 20:24
Techrights-secmysqlApr 11 20:24
schestowitzdrupal is better with mysql, I thinkApr 11 20:25
Techrights-secWhat about wordpress though?Apr 11 20:27
schestowitzworks better with mysql, but in theory can be made to work with other DBsApr 11 20:27
Techrights-secOk, then that would be for much, much later.  The3 main task is a new OS.Apr 11 20:28
schestowitzThis might need postponing, due to heavy workload on kaniini's side (more to follow in a mo)Apr 11 20:29
schestowitzin the meantime, do you know how to trigger mysqld restart when the load picks? The conditional statement in bash is the key part I am not familiar withApr 11 20:31
Techrights-secIt would be a value collected using 11 20:32
-TechrightsBN/ | Command substitution [Bash Hackers Wiki]Apr 11 20:32
Techrights-secload=$(uptime | awk '{a=$(NF-2);sub(/,$/,"",a); print a}')Apr 11 20:37
Techrights-secbe sure to have a wait in there to prevent another type of DoSApr 11 20:37
schestowitztechrights just came under ddos, same pattern as last night, I've temporarily blocked the targetApr 11 20:39
Techrights-secsee ~/load-trigger.shApr 11 20:43
Techrights-sec(unt3ested)Apr 11 20:43
schestowitzthanks, I will checkApr 11 20:43
schestowitzwhich machine?Apr 11 20:47
schestowitznever mind, found it, TRApr 11 20:48
schestowitz[20:24] <sssssssssssssss> what upApr 11 20:58
schestowitz[20:25] <schestowitz> :-DApr 11 20:58
schestowitz[20:25] <schestowitz> is there a change we can upgrade tuxmachines to a new OS like alpine?Apr 11 20:58
schestowitz[20:25] <schestowitz> *chanceApr 11 20:58
schestowitz[20:26] <sssssssssssssss> probably in the future, i have been busy with workApr 11 20:58
schestowitz[20:26] <schestowitz> yes, I could see based on IRCApr 11 20:58
schestowitz[20:26] <schestowitz> thanks for the catch-up anyway and thanks for everything elseApr 11 20:58
schestowitz[20:26] <sssssssssssssss> and with the current issues in the FOSS world, i am tkaing a break from techrights et alApr 11 20:58
schestowitz[20:28] <schestowitz> our world has been through tougher times in the past, e.g. SCO suit and Novell dealApr 11 20:58
schestowitz[20:33] <sssssssssssssss> our world is under attack by daniel pocockApr 11 20:58
schestowitz[20:33] <schestowitz> that tooApr 11 20:58
schestowitz[20:33] <schestowitz> he's really disappointingApr 11 20:58
schestowitz[20:33] <sssssssssssssss> it's pretty amazing that he got the "RMS should fuck off" and "we love RMS" crowds to agree on somethingApr 11 20:58
schestowitz[20:36] <sssssssssssssss> anyway, this is precisely why i urged you to not syndicate his content.  he is literally just making stuff up and quoting things out of context to make his points.  he is angry that his debian developer privileges were suspended because he was mentoring his girlfriend as part of Google Summer of CodeApr 11 20:58
schestowitz[20:36] <sssssssssssssss> at this point, i think he is just angry in generalApr 11 20:58
schestowitz[20:37] <sssssssssssssss> but that makes him immensely dangerous to our world, as he only wishes to be destructiveApr 11 20:58
schestowitz[20:39] <sssssssssssssss> this is not the usual thing i involve myself in.  my main goal is to build something that can possibly last a long time and be meaningfulApr 11 20:58
schestowitz[20:40] <sssssssssssssss> the thing is, pocock's motive is revenge against every person and institution he feels has wronged him.  he isn't even pro-RMS, he's just pro-RMS *right now* because it's convenient to him to beApr 11 20:58
schestowitz[20:41] <schestowitz> yes, he lost itApr 11 20:59
schestowitz[20:41] <schestowitz> anyway, we now focus on the EPO stuffApr 11 20:59
schestowitz[20:41] <schestowitz> tomorrow the EPO is facing grilling in ECApr 11 20:59
schestowitz[20:41] <schestowitz> or EP ratherApr 11 20:59
schestowitzMinceR: ^^ thanks, we got that sortedApr 11 20:59
schestowitzmildly redactedApr 11 21:00
schestowitznothing sensitive thereApr 11 21:00
schestowitzor that should not be seen publiclyhApr 11 21:00
MinceRniceApr 11 21:01
schestowitzwe sorted out a 'patch'Apr 11 21:01
schestowitzduct tape the TMApr 11 21:01
schestowitzthe script will do what we did manually, needs some testingApr 11 21:02
*MinceR has quit (Ping timeout: 246 seconds)Apr 11 22:05
schestowitzscript trigger works ok nowApr 11 22:41
schestowitzif bc <<< "$load >= 20" | grep -q 1;Apr 11 22:41
schestowitzit has just mitigated an attackApr 11 22:42
schestowitzI think I know the nature of an attack now as wellApr 11 22:42
schestowitzthey attacked TR earlierApr 11 22:42
Techrights-sec 11 22:52
-TechrightsBN/ | Fernando Cassia 💚🧡 (@fcassia): "What the hell happened to @schestowitz @glynmoody" | nitterApr 11 22:53
*MinceR (mincer@unaffiliated/mincer) has joined #boycottnovellApr 11 23:15

Generated by 2.6 | ䷉ find the plain text version at this address.