Re: wiki log of #dragonfly irc channel
On Friday 09 March 2007 17:54, Clemens Hintze wrote: > > countries. I believe the reasoning goes along the lines of: they > > have an > > urgent suspicion that there is evidence against you (the encrypted > > partition ), so they can put you into 'Beugehaft' (= coercive > > detention) > > As I understand it, this cannot happen that way in Germany! If your > e.g. friend are under investigation and they mean *you* have anything > to tell to help them (e.g. you having the passphrase to your friend's > crypto container), they can put you into coercive detention, if you > do not want to coorperate. > > But if they suspect *you* have done something criminal, they cannot > force you to help them to get any evidence against you! AFAIK they made a special law to be allowed to force you to give out passphrases. That law does not take into account the possible existence of a second key, so as long as you hand 'em one key per encrypted file/partition they find, they cannot put you into coercive detention. But I2ANAL, so this is only what i read & heard. regards, Helge
Re: wiki log of #dragonfly irc channel
Am 09.03.2007 um (09) 02:28 schrieb Helge Rohde: (...) countries. I believe the reasoning goes along the lines of: they have an urgent suspicion that there is evidence against you (the encrypted partition ), so they can put you into 'Beugehaft' (= coercive detention) As I understand it, this cannot happen that way in Germany! If your e.g. friend are under investigation and they mean *you* have anything to tell to help them (e.g. you having the passphrase to your friend's crypto container), they can put you into coercive detention, if you do not want to coorperate. But if they suspect *you* have done something criminal, they cannot force you to help them to get any evidence against you! But I am not a lawyer, so I may err here ... cheers, Helge Ciao, Clemens.
Re: wiki log of #dragonfly irc channel
Joerg Sonnenberger wrote: On Fri, Mar 09, 2007 at 01:28:10AM +, Helge Rohde wrote: Yeah, i would have thought so too. But apparently they do bend their rules when the see the need, atleast in Germany they *can* put you into jail until you tell them the passphrase and i have heard similar from other european countries. That's only partly true. First of all, without the consent of a judge, you can be put into jail only until the next day. Second, to keep you in prison they have to have enough evidence to warrant it. Third, you can not be forced to answer the questions. Joerg Dream on, guys, dream on. 'They have to...' have been much in the news of late for NOT doing what they allegedly 'have to'. Bigtime. And not just in the Yew-Ass-A, either. And that's just what is public information. But might we let this not-specifically-related-to-DragonFly thread sort of wander off to a more appropriate venue? Of which there is no shortage. Bill
Re: wiki log of #dragonfly irc channel
On Fri, Mar 09, 2007 at 01:28:10AM +, Helge Rohde wrote: > Yeah, i would have thought so too. But apparently they do bend their rules > when the see the need, atleast in Germany they *can* put you into jail until > you tell them the passphrase and i have heard similar from other european > countries. That's only partly true. First of all, without the consent of a judge, you can be put into jail only until the next day. Second, to keep you in prison they have to have enough evidence to warrant it. Third, you can not be forced to answer the questions. Joerg
Re: wiki log of #dragonfly irc channel
On 3/9/07, Helge Rohde <[EMAIL PROTECTED]> wrote: Which is precisly why i always envyid that windoze partition encryption thingy, cant remember the name now, but it provides 2 keys, one will open the (actual) container and another one will open another encrypted container with all legal and perfectly harmless files. That way they cannot crack down on you for destruction of evidence (what second password ? häh? no idea what you mean!). But afaik theres is no such thing on any of the BSD systems. Which is sad, because -as you point out pretty precisely - it refutes most of the points file/HD encryption could be useful for - They will just order you to give them the PW as soon as they find an encrypted Partition/File. As clever as this is, isn't it obvious to anyone investigating that the decrypted partition is much smaller than the encrypted one? Or however it's split - maybe it's two partitions. I don't know, I haven't heard of this. The problem with that scheme is that it requires re-associating the keys (or their hashes, or whatever) with the containers. So while it is fine in a highly opaque, secret-based system like Windows, in any Unix everything is too transparent to hide an association like that. Even if you keep it in the kernel, the information has to be reloaded somehow, and as soon as authorities find out it exists they'll just detect it in use on your machine. It's unreasonable to expect you can hide it - as soon as you use it they'll know for whatever reason. I guess the best you can do is sort-of rootkit yourself, and hide the information even from the kernel (e.g. df, fdisk, etc). They can't fault you for using a kernel that doesn't match any public kernel checksums. A really smart investigator will boot from a live CD and use a trusted kernel, but you can claim you use a homebrew encryption module and that their kernel won't work with it. It's like the inverse of trusted computing - using the technology against yourself so it's also against anyone investigating you. You know what? Talking about this has probably earned us our own investigation squads. The unmarked vans are probably outside right this moment. --- Dmitri Nikulin Centre for Synchrotron Science Monash University Victoria 3800, Australia
Re: wiki log of #dragonfly irc channel
On 2007-03-09 02:28, Helge Rohde wrote: On Friday 09 March 2007 00:57, Martin P. Hellwig wrote: Helge Rohde wrote: > Which is precisly why i always envyid that windoze partition encryption > thingy, cant remember the name now, but it provides 2 keys, one will open > the (actual) container and another one will open another encrypted > container with all legal and perfectly harmless files. That way they > cannot crack down on you for destruction of evidence (what second > password ? häh? no idea what you mean!). But afaik theres is no such > thing on any of the BSD systems. Which is sad, because -as you point out > pretty precisely - it refutes most of the points file/HD encryption could > be useful for - They will just order you to give them the PW as soon as > they find an encrypted Partition/File. > > regards, > Helge In most western legal systems you are not enforced to participate in gathering evidence against yourself. Though it could be enforced that you are not allowed to alter current situation which can influence evidence against you. In short with a warrant they may be allowed to search your home and take your computer as evidence but they may not enforce you to tell them your pass phrase, that contradicts with the "You have the right to remain silent" thing :-) > Yeah, i would have thought so too. But apparently they do bend their rules when the see the need, atleast in Germany they *can* put you into jail until you tell them the passphrase and i have heard similar from other european countries. I believe the reasoning goes along the lines of: they have an urgent suspicion that there is evidence against you (the encrypted partition ), so they can put you into 'Beugehaft' (= coercive detention) until you stop hiding the evidence and cooperate with the authorities. The mentioned two-container system has prooven to be an effective countermeasure (well, atleast until now). As long as they do not suspec you to be a terrorist I doubt that they can lock you up more than a month or two unless they have other evidence than those they suspect to be on the disk. To do otherwise would be an crime against the human rights -- Erik Wikström
Re: wiki log of #dragonfly irc channel
Helge Rohde wrote: Yes that's true but look on the bright side as long as you don't cooperate you're still not convicted, though you may still be rotting in a cell. The legal hook in this case is that they argue that they have strong suspicion on evidence present in the encrypted data and they hold you as long as they need to decrypt the data. Your own choice at that moment is, does it take them longer to decrypt by brute force then my sentence could be? If yes, well you know you go to jail but you probably get out being alive :-). On the other hand most things that are not illegal or immoral (which is a very stretchable state) but are private do have a tendency to lose their sensitive part over time. But the thing I really want to know, is when you do cooperate and there is no evidence, how do they compensate your invasion on privacy, loss of freedom and being restrained from basic human rights? -- mph
Re: wiki log of #dragonfly irc channel
On Friday 09 March 2007 00:57, Martin P. Hellwig wrote: > Helge Rohde wrote: > > > > Which is precisly why i always envyid that windoze partition encryption > > thingy, cant remember the name now, but it provides 2 keys, one will open > > the (actual) container and another one will open another encrypted > > container with all legal and perfectly harmless files. That way they > > cannot crack down on you for destruction of evidence (what second > > password ? häh? no idea what you mean!). But afaik theres is no such > > thing on any of the BSD systems. Which is sad, because -as you point out > > pretty precisely - it refutes most of the points file/HD encryption could > > be useful for - They will just order you to give them the PW as soon as > > they find an encrypted Partition/File. > > > > regards, > > Helge > > In most western legal systems you are not enforced to participate in > gathering evidence against yourself. Though it could be enforced that > you are not allowed to alter current situation which can influence > evidence against you. In short with a warrant they may be allowed to > search your home and take your computer as evidence but they may not > enforce you to tell them your pass phrase, that contradicts with the > "You have the right to remain silent" thing :-) Yeah, i would have thought so too. But apparently they do bend their rules when the see the need, atleast in Germany they *can* put you into jail until you tell them the passphrase and i have heard similar from other european countries. I believe the reasoning goes along the lines of: they have an urgent suspicion that there is evidence against you (the encrypted partition ), so they can put you into 'Beugehaft' (= coercive detention) until you stop hiding the evidence and cooperate with the authorities. The mentioned two-container system has prooven to be an effective countermeasure (well, atleast until now). cheers, Helge
Re: wiki log of #dragonfly irc channel
Helge Rohde wrote: Which is precisly why i always envyid that windoze partition encryption thingy, cant remember the name now, but it provides 2 keys, one will open the (actual) container and another one will open another encrypted container with all legal and perfectly harmless files. That way they cannot crack down on you for destruction of evidence (what second password ? häh? no idea what you mean!). But afaik theres is no such thing on any of the BSD systems. Which is sad, because -as you point out pretty precisely - it refutes most of the points file/HD encryption could be useful for - They will just order you to give them the PW as soon as they find an encrypted Partition/File. regards, Helge In most western legal systems you are not enforced to participate in gathering evidence against yourself. Though it could be enforced that you are not allowed to alter current situation which can influence evidence against you. In short with a warrant they may be allowed to search your home and take your computer as evidence but they may not enforce you to tell them your pass phrase, that contradicts with the "You have the right to remain silent" thing :-) -- mph
Re: wiki log of #dragonfly irc channel
On Wednesday 07 March 2007 19:53, Dmitri Nikulin wrote: > All of this is entirely possible. So either you encrypt something and > accidentally reveal the key through normal use or OS compromise, or > you hide the key perfectly and are charged with destruction of > evidence, which is no picnic. They'll know you did it because when the > random seizure occurs, you'll have the encrypted files somewhere. Even > a complete encrypted partition doesn't look like old-file noise - its > apparent entropy is too high. > > Either way, cryptography doesn't really help you once you're under > investigation. At best, it can help you discuss questionable issues > without being caught by the many indiscriminate monitoring systems out > there, but it takes a lot less than cryptography. Which is precisly why i always envyid that windoze partition encryption thingy, cant remember the name now, but it provides 2 keys, one will open the (actual) container and another one will open another encrypted container with all legal and perfectly harmless files. That way they cannot crack down on you for destruction of evidence (what second password ? häh? no idea what you mean!). But afaik theres is no such thing on any of the BSD systems. Which is sad, because -as you point out pretty precisely - it refutes most of the points file/HD encryption could be useful for - They will just order you to give them the PW as soon as they find an encrypted Partition/File. regards, Helge
Re: wiki log of #dragonfly irc channel
And always remember it's easier to create fake evidence that hold up in any court then it's to brute force a cipher text. I think the key is that you just don't do the things that makes government officials creative, they hate to be creative ;-) -- mph
Re: wiki log of #dragonfly irc channel
On 3/7/07, Joerg Sonnenberger <[EMAIL PROTECTED]> wrote: Sorry, but this is complete bull shit. The average policy agency *anywhere* does have no fucking chance to deal with cryptography. Even the secret services have no chance dealing with it from the stored data alone. It is somewhat different when you can actively monitor the encryption process, but in that case you have no reason to deal with the cryptography itself anyway because you can just watch the plain text. Which is what I just said. "Side-step", right? I didn't say break. They have way too much monitoring or seizure power to need to break ciphers. In fact many can require you decrypt data to present as evidence, and if you don't or can't, it's considered destruction. However, it's not fair to say brute-forcing of archived files is out of the question. Even an otherwise clever criminal is most likely to use plain passwords to protect regular files, and it's especially easy to retroactively determine that password after the monitoring begins. It's either the same as, or extremely similar to, another password the criminal will use, so the likely search space is low enough to run on a single machine over a lunch break. It's still side stepping the cryptography, and it's still not an actual cryptographic break. All it takes is monitoring, at which governments and agencies have proven unnervingly good. If they don't use a plain password on the file, they'll use it on their private or pre-shared key, and that's even more likely to be used once monitoring begins. If that's on an encrypted partition, that'll be the part using a plain password, and so on. Even carrying around a USB bar with a random 256 bit key on it isn't good enough - that key is in plaintext on the bar. If you're a monk who has trained for decades to be able to remember any amount of entropy, and you've memorized the entire key and are happy to enter it into RAM for a computing session, you'll either be monitored outright or have your operating system's security or authentication broken in any of the many ways this can be done. All of this is entirely possible. So either you encrypt something and accidentally reveal the key through normal use or OS compromise, or you hide the key perfectly and are charged with destruction of evidence, which is no picnic. They'll know you did it because when the random seizure occurs, you'll have the encrypted files somewhere. Even a complete encrypted partition doesn't look like old-file noise - its apparent entropy is too high. Either way, cryptography doesn't really help you once you're under investigation. At best, it can help you discuss questionable issues without being caught by the many indiscriminate monitoring systems out there, but it takes a lot less than cryptography. I may not have been perfectly clear with my previous message, but I also don't think it's fair to fly off the handle based on mistaken inference. I hope now I've clarified my position. Thank you for noting that I wasn't clear enough, at least for you. --- Dmitri Nikulin Centre for Synchrotron Science Monash University Victoria 3800, Australia
Re: wiki log of #dragonfly irc channel
On Tue, Mar 06, 2007 at 06:45:27AM +1100, Dmitri Nikulin wrote: > And if you've upset the government enough that a warrant is issued, > any amount of their impressive technology will completely side-step > the cryptography anyway - e.g. tempest emissions or a surprise seizure > of belongings. Sorry, but this is complete bull shit. The average policy agency *anywhere* does have no fucking chance to deal with cryptography. Even the secret services have no chance dealing with it from the stored data alone. It is somewhat different when you can actively monitor the encryption process, but in that case you have no reason to deal with the cryptography itself anyway because you can just watch the plain text. Joerg
Re: wiki log of #dragonfly irc channel
On Tue, Mar 06, 2007 at 06:57:13AM +1100, Dmitri Nikulin wrote: > ... > Still, the code is so short and simple all of this could be fixed in > less time than it took to write this email. But it's something you'll > have to get used to doing yourself, because you will soon love Python > and be unable to keep from writing more of it. > I would have just said, "because it's not written in Perl.." ;) /me ducks Cheers, Brett > --- > Dmitri Nikulin > > Centre for Synchrotron Science > Monash University > Victoria 3800, Australia -- 225.578.1920 AIM: bz743 LONI/LSU HPC http://www.loni.org/ "By the time they had diminished from 50 to 8, the other dwarves began to suspect "Hungry." -- a Larson cartoon
Re: wiki log of #dragonfly irc channel
On 3/6/07, Adrian Michael Nida <[EMAIL PROTECTED]> wrote: Just curious what's not beautiful about it? I appreciate the criticism, but it would be more beneficial for me to hear what it needs to look like, rather than hearing it's ugly :-) Feel free to reply to me directly, if you wish. It's too obviously an independent hack, that's all. Mostly not split into functions, not following the Python code style conventions, not internally documented by comments or pydoc. Run pylint over it, it will whine about a lot of things, but some of its suggestions are pretty reasonable. There are some other style issues which obviously bleed over from a C-like language, such as wrapping if constructs in brackets, and using constants on the left hand side of ==, both of which are unnecessary and rather ugly in Python. Inconsistent naming as well - some things are all lower case, others are in full uppercase, others are in first-letter uppercase. Compare Success = True to readbuffer="" and FILENAME= Path + Still, the code is so short and simple all of this could be fixed in less time than it took to write this email. But it's something you'll have to get used to doing yourself, because you will soon love Python and be unable to keep from writing more of it. --- Dmitri Nikulin Centre for Synchrotron Science Monash University Victoria 3800, Australia
Re: wiki log of #dragonfly irc channel
On 3/6/07, Matthew Dillon <[EMAIL PROTECTED]> wrote: Yah, it's pretty silly. People have been logging IRC sessions and putting them up on the web for over a decade. Nobody should have any expectation of privacy on IRC. Some organizations in many nations have been logging everything possible anyway, and putting them in archives for ~ever. Strong cryptography with trusted software is the only way to go now, and even trusted software is a bit scary. And if you've upset the government enough that a warrant is issued, any amount of their impressive technology will completely side-step the cryptography anyway - e.g. tempest emissions or a surprise seizure of belongings. I'd like to be able to pretend that's only used for the "Bad guys". --- Dmitri Nikulin Centre for Synchrotron Science Monash University Victoria 3800, Australia
RE: wiki log of #dragonfly irc channel
> Now, I'm happy to add whatever changes need to be done. When a consensus is > reached, I'll do it. I think the last irc log had last 1000 lines or something like that. Maybe just keep a short time period like last 12 hours or last 1000 lines.
RE: wiki log of #dragonfly irc channel
Wow, this is getting wild o_O. I never thought a simple bot would cause such chatter. I created this bot the way it is (recording everything for historical purposes) because: 1) I thought that historical archives were what people wanted. 2) It was the easiest way I knew how to accomplish assumption 1) Now, I'm happy to add whatever changes need to be done. When a consensus is reached, I'll do it. Thanks, Adrian : -Original Message- : From: [EMAIL PROTECTED] [mailto:users- : [EMAIL PROTECTED] On Behalf Of Kevin L. Kane : Sent: Monday, March 05, 2007 13:08 : To: users@crater.dragonflybsd.org : Subject: Re: wiki log of #dragonfly irc channel : : > Here it is as it has some stuff from before the bot started : recording, : > it goes back to Dec 20, 2006: : : On second thought I think it was irresponsible to post this : without asking permission as it logs things that happened : back before the issue of logging was raised(?), and to be : courteous to those that thought their words wouldn't be : "published" I wont be make them available to the world. : : -Kevink : : -- : Kevin L. Kane : kevin.kane at gmail.com :
Re: wiki log of #dragonfly irc channel
Here it is as it has some stuff from before the bot started recording, it goes back to Dec 20, 2006: On second thought I think it was irresponsible to post this without asking permission as it logs things that happened back before the issue of logging was raised(?), and to be courteous to those that thought their words wouldn't be "published" I wont be make them available to the world. -Kevink -- Kevin L. Kane kevin.kane at gmail.com
Re: wiki log of #dragonfly irc channel
Yah, it's pretty silly. People have been logging IRC sessions and putting them up on the web for over a decade. Nobody should have any expectation of privacy on IRC. I thought even the default(?) install of irssi logs all the channels you join so I just checked and my machine has been logging #dragonflybsd(and all other channels I lurk in) for quite some time. Here it is as it has some stuff from before the bot started recording, it goes back to Dec 20, 2006: http://www.uberstyle.net/~kevin/dragonflybsd.log -Kevink -- Kevin L. Kane kevin.kane at gmail.com
Re: wiki log of #dragonfly irc channel
:When I read the original message I thought it was a joke. Now that we're :getting serious, could we please stop? The idea of obscuring an IRC log :is preposterous. IRC isn't authenticated, and the log is only going to :show nicknames. What the point of obscurity? My vote is just leave it :as is. : :--Peter Yah, it's pretty silly. People have been logging IRC sessions and putting them up on the web for over a decade. Nobody should have any expectation of privacy on IRC. -Matt Matthew Dillon <[EMAIL PROTECTED]>
Re: wiki log of #dragonfly irc channel
On Mon, Mar 05, 2007 at 10:50:23AM +, B. Estrade wrote: > > To be honest, I was halfway serious. I generally don't hide my > identity when on irc because I don't go on to just 'hang out', but I > do like to monitor the #dragonflybsd channel. You know that most IRC users also log the channels they are in? Many of those are 24/7 online, So this literally doesn't help much... Joerg
Re: wiki log of #dragonfly irc channel
On Mon, Mar 05, 2007 at 11:27:55AM -0500, Peter Avalos wrote: > On Mon, Mar 05, 2007 at 08:16:04AM -0500, Adrian Michael Nida wrote: > > > > : I'm guessing you're serious, so I'll mention why this is a risky idea. > > : IRC has chewing-gum authentication and it's almost trivial for a > > : malicious bot to fool a server into ignoring people by pretending to > > : be them, and this can be done in many points*. Basically, the entire > > : utility of the logging bot is broken because it allows virtually > > : unauthenticated modifications to its behavior. Not to mention the > > : confusion that arises if an entire participant in a conversation has > > : their messages removed. > > > > > > I agree here. I'd be willing to perform some s/USERNAME/ANONYMOUS/g magic > > in the messages. That way, the message would be preserved, but it can't be > > tracked back to a given user. > > > > When I read the original message I thought it was a joke. Now that we're > getting serious, could we please stop? The idea of obscuring an IRC log > is preposterous. IRC isn't authenticated, and the log is only going to > show nicknames. What the point of obscurity? My vote is just leave it > as is. To be honest, I was halfway serious. I generally don't hide my identity when on irc because I don't go on to just 'hang out', but I do like to monitor the #dragonflybsd channel. The easy solution for me is to just mask myself from now on, but the main point of suggesting that people be able to opt out of the log is that I don't want my comments logged as the real me if there is no real benefit. I thought the log of the last 1000 lines was cool because it allowed me to catch up, but I don't know why we need a historical archive of chat sessions. Again, I am going to do what I need to on my end, so it is really a moot issue for me now anyway. Cheers.
Re: wiki log of #dragonfly irc channel
On Mon, Mar 05, 2007 at 08:16:04AM -0500, Adrian Michael Nida wrote: > > : I'm guessing you're serious, so I'll mention why this is a risky idea. > : IRC has chewing-gum authentication and it's almost trivial for a > : malicious bot to fool a server into ignoring people by pretending to > : be them, and this can be done in many points*. Basically, the entire > : utility of the logging bot is broken because it allows virtually > : unauthenticated modifications to its behavior. Not to mention the > : confusion that arises if an entire participant in a conversation has > : their messages removed. > > > I agree here. I'd be willing to perform some s/USERNAME/ANONYMOUS/g magic > in the messages. That way, the message would be preserved, but it can't be > tracked back to a given user. > When I read the original message I thought it was a joke. Now that we're getting serious, could we please stop? The idea of obscuring an IRC log is preposterous. IRC isn't authenticated, and the log is only going to show nicknames. What the point of obscurity? My vote is just leave it as is. --Peter pgpzWM7zmmkwK.pgp Description: PGP signature
RE: wiki log of #dragonfly irc channel
On Mon, March 5, 2007 8:16 am, Adrian Michael Nida wrote: > > : I'm guessing you're serious, so I'll mention why this is a risky idea. > : IRC has chewing-gum authentication and it's almost trivial for a > : malicious bot to fool a server into ignoring people by pretending to > : be them, and this can be done in many points*. Basically, the entire > : utility of the logging bot is broken because it allows virtually > : unauthenticated modifications to its behavior. Not to mention the > : confusion that arises if an entire participant in a conversation has > : their messages removed. > > > I agree here. I'd be willing to perform some s/USERNAME/ANONYMOUS/g magic > in the messages. That way, the message would be preserved, but it can't > be > tracked back to a given user. Here's different reasons for the logs: 1: Catchup for people who have been off IRC for 24-48 hours 2: An introduction for people who want to see what the general tone and topic is in the channel 3: A historical log that keeps things people are interested in from a year or two years ago. Saving the last 2-3k lines of the log will work for purposes 1 and 2, and enough people seem nervous about 3 that I would say maybe we should stick to just holding recent dialogue. I don't know of any scenario where long-term history for IRC proved useful - mailing lists, yes, but not something transitory like IRC conversations.
RE: wiki log of #dragonfly irc channel
: I recommend using Twisted Python as a framework, which gives you an : IRC protocol client out of the box, good efficiency, and very neat : daemon behavior (using twistd, for instance). I will take your suggestion about Twisted and look into a rewrite. Thanks for pointing it out. : It's not beautiful but it's also not much work to clean up. Just curious what's not beautiful about it? I appreciate the criticism, but it would be more beneficial for me to hear what it needs to look like, rather than hearing it's ugly :-) Feel free to reply to me directly, if you wish. Adrian
RE: wiki log of #dragonfly irc channel
: I'm guessing you're serious, so I'll mention why this is a risky idea. : IRC has chewing-gum authentication and it's almost trivial for a : malicious bot to fool a server into ignoring people by pretending to : be them, and this can be done in many points*. Basically, the entire : utility of the logging bot is broken because it allows virtually : unauthenticated modifications to its behavior. Not to mention the : confusion that arises if an entire participant in a conversation has : their messages removed. I agree here. I'd be willing to perform some s/USERNAME/ANONYMOUS/g magic in the messages. That way, the message would be preserved, but it can't be tracked back to a given user. Adrian
Re: wiki log of #dragonfly irc channel
On 3/4/07, B. Estrade <[EMAIL PROTECTED]> wrote: Nice one. Just realize that most people don't mind the last 100-1000 lines of chatting up so that others can "catch up", but providing 24/7 logging of a channel is a bit unnerving ... to me anyway. Maybe you can either only do the last few hundred lines or allow people to register themselves to be ignored: I'm guessing you're serious, so I'll mention why this is a risky idea. IRC has chewing-gum authentication and it's almost trivial for a malicious bot to fool a server into ignoring people by pretending to be them, and this can be done in many points*. Basically, the entire utility of the logging bot is broken because it allows virtually unauthenticated modifications to its behavior. Not to mention the confusion that arises if an entire participant in a conversation has their messages removed. * Such as the client's machine, the server, and any gateways involved. Yes, the same machines can be exploited to change or ignore the messages anyway, but this is more complicated than spoofing an IRC message and, notably, would have a very different effect on the appearance of the conversation. --- Dmitri Nikulin Centre for Synchrotron Science Monash University Victoria 3800, Australia
Re: wiki log of #dragonfly irc channel
On 3/3/07, Adrian Michael Nida <[EMAIL PROTECTED]> wrote: This is only my second python program, so it could probably use some work. Some features I'd like to add are: * Reconnect after disconnect * Ability to fork into "server" mode so I can write startup/shutdown scripts If any phython hackers on this list want to tutor me in the form of examples, I'll be grateful. I recommend using Twisted Python as a framework, which gives you an IRC protocol client out of the box, good efficiency, and very neat daemon behavior (using twistd, for instance). For anyone who hasn't found it, this is the code: http://www.labthug.com/~adrian/LabBot/LabBot.py It's not beautiful but it's also not much work to clean up. I recommend the next iteration get Twisted Python treatment. It's an extra dependency, true, but it also gives you a lot more for free and lends itself to much better reuse. --- Dmitri Nikulin Centre for Synchrotron Science Monash University Victoria 3800, Australia
Re: wiki log of #dragonfly irc channel
I tried my hand at some python the other day and pieced together an IRC logging bot. I placed it within the channel last night, and it's keeping the logs under: http://www.labthug.com/~adrian/LabBot/dragonflybsd/ In /MM/DD.html format This is only my second python program, so it could probably use some work. Some features I'd like to add are: * Reconnect after disconnect * Ability to fork into "server" mode so I can write startup/shutdown scripts If any phython hackers on this list want to tutor me in the form of examples, I'll be grateful. Thanks, Adrian Nice one. Just realize that most people don't mind the last 100-1000 lines of chatting up so that others can "catch up", but providing 24/7 logging of a channel is a bit unnerving ... to me anyway. Maybe you can either only do the last few hundred lines or allow people to register themselves to be ignored: example interaction with logbot: me> logbot: ignoreme logbot> me: ignored me> logbot: status logbot> me: ignored me> logbot: unignoreme lognot> me: unignored me> logbot: status logbot> me: unignored In my mind this would ignore *any* message or action pertaining to this person this person. I think it goes with out saying that you only ignore/unignore for explicit windows of time - I don't think going back and erasing all mention of a person is required unless explicitly requested: me> logbot: eraseme logbot> me: fo' real? me> logbot: yes ... me>logbot: uneraseme logbot>me: lol. you are on teh crack. me> :) Anyway, it is just a thought. Cheers, Brett
RE: wiki log of #dragonfly irc channel
: On Sun, February 25, 2007 8:28 am, Ja'far Railton wrote: : > Hi : > : > I was very interested in the above but it seems to have been : > withdrawn from service. Is this a temporary disruption : > or not? Being on dialup it is not feasible for me to lurk : > live. : : It was coming from Andreas Hauser's IRC bot, which he has taken out of : commission. We're moving the wiki to sit on leaf, and a new logging : bot : would have to sit on leaf to reinstate that log there. I have no : experience in setting up something like that. (It's Matt's call if he : even wants to have an IRC bot on the system.) If someone else could : provide a running log, it'd be helpful. : Hi, I tried my hand at some python the other day and pieced together an IRC logging bot. I placed it within the channel last night, and it's keeping the logs under: http://www.labthug.com/~adrian/LabBot/dragonflybsd/ In /MM/DD.html format This is only my second python program, so it could probably use some work. Some features I'd like to add are: * Reconnect after disconnect * Ability to fork into "server" mode so I can write startup/shutdown scripts If any phython hackers on this list want to tutor me in the form of examples, I'll be grateful. Thanks, Adrian
Re: wiki log of #dragonfly irc channel
:It was coming from Andreas Hauser's IRC bot, which he has taken out of :commission. We're moving the wiki to sit on leaf, and a new logging bot :would have to sit on leaf to reinstate that log there. I have no :experience in setting up something like that. (It's Matt's call if he :even wants to have an IRC bot on the system.) If someone else could :provide a running log, it'd be helpful. I am not particularly fond of running IRC bots or servers. -Matt Matthew Dillon <[EMAIL PROTECTED]>
Re: wiki log of #dragonfly irc channel
On Sun, February 25, 2007 8:28 am, Ja'far Railton wrote: > Hi > > I was very interested in the above but it seems to have been withdrawn > from service. Is this a temporary disruption or not? Being on dialup > it is not feasible for me to lurk live. It was coming from Andreas Hauser's IRC bot, which he has taken out of commission. We're moving the wiki to sit on leaf, and a new logging bot would have to sit on leaf to reinstate that log there. I have no experience in setting up something like that. (It's Matt's call if he even wants to have an IRC bot on the system.) If someone else could provide a running log, it'd be helpful.
