JogAmp IRC Chat Logs

#jogamp @ irc.freenode.net - 20130912 05:06:11 (UTC)

20130912 05:06:11 -jogamp- Previous @ http://jogamp.org/log/irc/jogamp_20130911050611.html
20130912 05:06:11 -jogamp- This channel is logged @ http://jogamp.org/log/irc/jogamp_20130912050611.html
20130912 07:15:28 * odin_ (~Odin@anon) Quit (Ping timeout: 260 seconds)
20130912 07:26:42 * monsieur_max (~maxime@anon) has joined #jogamp
20130912 07:28:36 * odin_ (~Odin@anon) has joined #jogamp
20130912 08:08:47 <sgothel> @Harvey: The subfolder was just my proposal to keep java3d resources 'tightly packed' .. sure, if you prefer it floating around in the scm root folder, your choice - you are the man :) So pls do as you like.
20130912 08:09:15 <sgothel> I renamed the 'create git repo' script in the scm root folder, you find it
20130912 08:25:10 <xranby> openjdk 7u40 plugin adds a new warning click through dialog if you want to run an unsigned app using the signed jogamp jars. triggered for http://jogamp.org/deployment/jogamp-current/jogl-applet-runner-newt-gears-special-napplet.html
20130912 08:27:07 <monsieur_max> we struggled a bit with the new applet warnings here at work, security has been tightened
20130912 08:28:59 <xranby> http://labb.zafena.se/jogamp/7u40/7u40-DoYouWantToRunThisApplicationWillBeBlockedInAFutureRelease.png
20130912 08:30:20 <xranby> fully signed applications still work ok
20130912 08:30:56 <xranby> i am sure certificate authorities are delighened, selling more expensive certificates
20130912 08:35:13 <xranby> monsieur_max: did you have to sign all your applications to make it work?
20130912 08:35:26 <monsieur_max> yes ... that's a shame and the best part is that you have to had some specific parameters to your manifest, so you have to rebuild, and have to be sure to have a valid certificate, even for old stuff
20130912 08:35:45 <monsieur_max> xranby: well, i delegated this dull work to someone else, but yes
20130912 08:35:51 <monsieur_max> that's the whole point
20130912 08:36:00 <monsieur_max> *to add
20130912 08:43:16 <monsieur_max> haha fun, this ticket opened for this particular issue has just been closed , here at work. :)
20130912 08:46:59 <xranby> the unsigned jogamp jogl applets still work here, if the checkbox is checked and the user clicks run.
20130912 08:51:23 <monsieur_max> well, it's just a warning, but it's annoying ( and definitely not something customers should not see )
20130912 08:52:34 <xranby> its clearly a this deployment option is depricated, we will break you app in the next java update
20130912 09:00:16 <sgothel> fake security by certs .. what a humongous bullshit :)
20130912 09:00:59 <sgothel> Julien used self signed .. still working ? :)
20130912 09:01:58 <xranby> let me try his tuer game
20130912 09:03:11 <sgothel> and ofc .. we damn know .. that it is not a sandbox security enhancement by simply have code signed, which only may give you true info whether 'you are who you say you are' ..
20130912 09:03:33 <sgothel> even worse .. users now tend to grant them privileges - the new normal :)
20130912 09:08:28 <xranby> http://labb.zafena.se/jogamp/7u40/7u40-TUERDoYouWantToRunThisApplicationUNKNOWNPublishersWillBeBlockedInAFutureRelease.png
20130912 09:09:02 <xranby> still work after the checkbox run click through
20130912 09:09:07 <xranby> for now
20130912 09:09:47 <sgothel> jaja .. next signing / release round we will sign the damn test-jar files :-(
20130912 09:10:09 <sgothel> but need to make a statement .. how ridiculous that is
20130912 09:10:43 <xranby> i think they have opened up for a social engineering attack by allowing an potential attacker to update the name and publisher line
20130912 09:10:49 <sgothel> happy to remove that feature for our plugin .. hope I can do that soon
20130912 09:11:06 <xranby> inside these dialog boxed
20130912 09:11:09 <xranby> boxes
20130912 09:11:22 <sgothel> again: signed just means you are who you say you are ..
20130912 09:11:32 <sgothel> and even that has to be questioned :)
20130912 09:11:34 <xranby> imagine if the bold line said, click OK or else your computer will blow up
20130912 09:11:41 <sgothel> hehe
20130912 09:12:17 <sgothel> so now .. if you already need to sign your crap, well, why no use one of the nice privileges as well ? :)
20130912 09:12:38 <sgothel> it's lowering the bar .. it's worse
20130912 09:13:10 <sgothel> now you could also remove the whole sandbox applet restriction ..
20130912 09:15:14 <xranby> sgothel: i agree,, having all people sign their apps and grant all privileges are insane
20130912 09:15:27 <sgothel> .. the consequence ..
20130912 09:15:33 <xranby> it was surely safer before this update
20130912 09:15:43 <xranby> running unsigned apps with the sandbox
20130912 09:15:48 <sgothel> yup
20130912 09:16:07 <sgothel> b/c we know how easy cert auth are .. sometimes :)
20130912 09:16:19 <xranby> yup,, and we know certs gets stolen
20130912 09:16:23 <sgothel> plus .. it's an attack vector
20130912 09:16:24 <xranby> by governments etc
20130912 09:16:41 <sgothel> plus .. it's doesn't mean anything in regards to indemnification (virus/trojan/..)
20130912 09:17:02 <sgothel> so now .. all gates are open for applets :)
20130912 09:17:10 <xranby> i wonder why IT tech magazines dont understand this new risk
20130912 09:17:20 <sgothel> we have to roll back this thing for Ji Gong for sure
20130912 09:17:22 <xranby> unless they are completely corrupt
20130912 09:17:37 <sgothel> nobody likes to think :)
20130912 09:17:41 <xranby> haha
20130912 09:17:54 <sgothel> they hear signed and certification - must be secure :)
20130912 09:18:14 <sgothel> I call it snailoil
20130912 09:18:34 <xranby> no this is extorsion
20130912 09:18:41 <xranby> get out of the sandbox
20130912 09:18:44 <xranby> with big letters
20130912 09:19:34 <sgothel> yup .. we make it different in Ji Gong
20130912 09:24:24 <xranby> The new dialog pops up for sandboxed applets like this one as well: http://www.timeanddate.com/worldclock/personalapplet.html
20130912 09:25:13 <sgothel> IMHO there should be only 2 diff actions:
20130912 09:25:20 <sgothel> 1 - sandboxed click to play
20130912 09:26:07 <sgothel> 2 - privileged click to play, incl. saying user is authenticated via a certification authority or not (self signed)
20130912 09:26:47 <sgothel> .. and the mozilla firefox click to play was best .. i.e. no pop-up, but a button within the page
20130912 09:26:53 <sgothel> sadly that is gone now
20130912 09:30:33 <xranby> icedtea-web still allows sandboxed apps (as long as they do not talk to signed jars)
20130912 09:31:27 <xranby> so yes Ji Gong needs to patch icedtea-web to allow sandboxed apps to use signed jars again
20130912 09:31:37 <xranby> in some form
20130912 09:34:40 <xranby> well signed or not.. allow the sandboxed jars to use jars with enhanced priveliges and known source
20130912 09:35:10 <xranby> i dont think signing improves the situation
20130912 09:36:04 <sgothel> .. plus .. see above .. signing also makes it simple to use privileged code -> no applet sandbox
20130912 09:36:23 <xranby> yup.. that is a false messiah
20130912 09:37:46 <xranby> to infuse identification with implicit trust
20130912 09:38:12 <xranby> identification can be done with signing
20130912 09:38:18 <xranby> trust can not
20130912 09:45:07 <xranby> a .exe file on a webpage with sha256 sum is more secure to use than this
20130912 09:45:44 <xranby> at least you then have the trust of the origin
20130912 09:45:48 <xranby> somewhat
20130912 09:46:02 <xranby> and the trust that the file is intact
20130912 09:47:13 <xranby> source + signed release is of course better
20130912 09:47:46 <xranby> then you have the trust of the creators
20130912 09:48:24 <xranby> if i trust the source, then i dont need to know the identity of the creators
20130912 09:48:33 <xranby> thus a certificate is not needed
20130912 09:49:27 <xranby> opinions?
20130912 09:50:23 <xranby> i am trying to brainstorm what information is needed in order to allow people to run code with confidense that it is secure
20130912 09:50:50 <xranby> will crowd sourced testing be required?
20130912 09:51:14 <xranby> like a new binary are not "trusted" unless enough people have used it and reported no issues?
20130912 09:51:32 <xranby> canaries
20130912 09:54:46 <sgothel> reading ..
20130912 09:55:36 <sgothel> agree .. exe, applet and source factor
20130912 09:55:56 <sgothel> this is a good idea .. i.e. one could sign applet w/ a hint to source code git tag (signed)
20130912 09:56:10 <sgothel> (which we already do ..)
20130912 09:56:17 <sgothel> hmm
20130912 09:56:41 <sgothel> we could verify the signed git-sha1 tag ..
20130912 09:57:41 <sgothel> if one could make an architecture that this cannot be modified .. i.e. a generated source bundle is guaranteed to be from that source and hence includes same signature -> bingo
20130912 09:57:48 <sgothel> even better than a cert auth
20130912 09:58:05 <sgothel> right now, they have to trust us in this ..
20130912 09:58:49 <sgothel> that would be like: we prove that this binary is what it source claims to be :)
20130912 09:59:06 <xranby> yes, thus if you have the source online you have a chain of trust
20130912 09:59:12 <sgothel> dude .. this is a freaking business model :)
20130912 09:59:24 <sgothel> sure ..
20130912 09:59:28 <xranby> and the Ji Gong plugin can enforce this new model
20130912 09:59:34 <sgothel> i.e. verify the git tag (signed)
20130912 09:59:56 <sgothel> but .. how can we prove that .. i.e. not injecting things in build ..
20130912 10:00:07 <sgothel> so .. that is tricky
20130912 10:00:13 <xranby> disassembly?
20130912 10:00:32 <sgothel> the binary signature would need to be related to source signature
20130912 10:00:59 <sgothel> i.e. a unique function actually source -> binary (and only this)
20130912 10:01:44 <sgothel> guess it's impossible .. so they have to trust us .. and we could retroactive put the binary signature in git repo (a 2nd tag)
20130912 10:02:22 <sgothel> then plugin could load the source and binary git tag signatures .. and if they are based on same git-sha1 .. good!
20130912 10:02:59 <sgothel> like: git-sha-1-lala tag-source tag-bin-win32 tag-bin-win64 .. etc
20130912 10:03:36 <sgothel> bin-tags can simply be sha256 checksums ..
20130912 10:03:58 <sgothel> bins include tag-source .. and they must be equal
20130912 10:04:33 <sgothel> so if a user trusts the git server .. they can trust the binary
20130912 10:05:05 <sgothel> I start to love that :)
20130912 10:05:16 <xranby> that is nice,, except the git tag can be forged in the binary
20130912 10:05:22 <xranby> ?
20130912 10:05:31 <sgothel> well .. again .. if git server is trusted .. not
20130912 10:05:44 <sgothel> binary provides 2 tags: sourced + bin
20130912 10:05:48 <xranby> sure.. you then trust the server
20130912 10:05:51 <sgothel> both must match
20130912 10:06:01 <sgothel> the source-tag is provided while building
20130912 10:06:09 <sgothel> i.e. git pull ..
20130912 10:06:20 <sgothel> the bin-tag is generated after build (sha256)
20130912 10:06:24 <xranby> so we then have a binary git
20130912 10:06:31 <sgothel> the pushed back to git
20130912 10:06:36 <sgothel> only the tag !
20130912 10:06:51 <sgothel> i.e. including a sha256 signature of binary
20130912 10:07:02 <xranby> right!
20130912 10:07:05 <sgothel> (or whatever signature cypher)
20130912 10:07:13 <xranby> that cant be forged
20130912 10:07:25 <sgothel> and we can impl. this quite easily in our build scheme
20130912 10:07:41 <sgothel> i.e. half of it is already in :)
20130912 10:08:12 <sgothel> let's call this feature: TRUST THE SOURCE, USER
20130912 10:09:00 <xranby> the good part is that this allows revoking found to be broken binaried by removing the tags
20130912 10:09:18 <sgothel> right now, if people trust us, they know which source we use (our *Version git sha1) ..
20130912 10:09:24 <sgothel> yup
20130912 10:09:25 <xranby> so if for example we find a security issue with binary A we may remove the tag for binary A
20130912 10:09:33 <sgothel> yup
20130912 10:09:37 <xranby> excellent
20130912 10:09:38 <sgothel> sexy!
20130912 10:09:51 <sgothel> dude - good brainstorming
20130912 10:10:00 <sgothel> will make a wiki page now :)
20130912 10:10:27 <sgothel> btw .. pushed Ji Gong -> https://jogamp.org/wiki/index.php/Ji_Gong_Overview
20130912 10:11:15 <sgothel> Trust the Source, User ? TSU ?
20130912 10:11:35 <sgothel> better name ?
20130912 10:12:04 <sgothel> Trusting Source Contract ?
20130912 10:12:08 <sgothel> TSC
20130912 10:12:44 <sgothel> Source Certification Contract ? SSC
20130912 10:13:06 <xranby> that one was the most easy to say
20130912 10:13:18 <xranby> SCC you mean?
20130912 10:13:24 <sgothel> yup .. SCC .. right
20130912 10:13:32 <sgothel> good .. it is
20130912 10:14:34 <xranby> http://en.wikipedia.org/wiki/SCC hmm its a popular acronym
20130912 10:14:51 <xranby> well that is good
20130912 10:14:59 <sgothel> :)
20130912 10:15:03 <xranby> noone can claim its "their" acronym
20130912 10:15:34 <xranby> and we may add our reference to this list
20130912 10:17:20 <xranby> we may call it Source Code Control as well
20130912 10:17:55 <xranby> if the certification agencies think they own the work certificate
20130912 10:17:59 <xranby> word
20130912 10:18:28 <xranby> start with Source Certification Contract in the bugzilla
20130912 10:19:39 <sgothel> sure they cannot claim that - but they all think it is so :)
20130912 10:27:57 <xranby> this approach is much better compared to security by revoking certificates, switching identity as the cert agencies suggest is not the best way to deal with a security breach!
20130912 10:29:20 <sgothel> https://jogamp.org/wiki/index.php/SCC_Overview .. in progress ..
20130912 10:30:19 <sgothel> you may edit it if you like .. add details, I have to finish clang / cpptask now .. but "I will be back" :)
20130912 10:34:11 <sgothel> (ok .. added 'design')
20130912 10:34:46 <sgothel> not that any patent will be claimed before us :)
20130912 10:36:53 <sgothel> nice nice
20130912 10:37:39 <sgothel> we will add SCC to gluegen .. and build process for all modules ..
20130912 10:38:01 <sgothel> while SCC is a standalone module ofc
20130912 10:38:29 <sgothel> to be used by others ..
20130912 10:45:55 <xranby> ... meanwhile, mozilla plans to make it hard to use plugins .. period http://people.mozilla.org/~lco/CtP/130415%20CtP%20design%20spec.pdf
20130912 10:46:12 <xranby> "Firefox is removing click to play functionality as we know it. "
20130912 10:46:28 <sgothel> yes .. I know that .. :(
20130912 10:46:38 <sgothel> oh .. at all ? wow
20130912 10:47:23 <xranby> first you click the plugin, then you have to click on a firefox popup accept before runnign the plugin ... and then you can use the plugin
20130912 10:47:28 <sgothel> click to play .. doesn't work .. they all start w/ latest FF
20130912 10:47:53 <sgothel> prev. there was a message in the canvas .. 'click to activate' or something .. that was cool IMHO
20130912 10:47:56 <sgothel> no popup
20130912 10:48:08 <sgothel> but now it's gone :(
20130912 10:48:38 <sgothel> b/c it's nice when a webpage doesn't start 1000 things at once IMHO :)
20130912 10:48:41 <xranby> ... meanwhile crome starts to block the "firfox" npapi plugins
20130912 10:48:53 <xranby> promoting their pepper api plugins
20130912 10:49:02 <sgothel> haha .. the evil
20130912 10:49:20 <xranby> http://code.google.com/p/ppapi/
20130912 10:49:20 <sgothel> well .. however, SCC is good for any binary distribution
20130912 10:49:26 <xranby> sure
20130912 10:49:41 <xranby> it should be a W3C standard :)
20130912 10:50:26 <xranby> and hopefully be endorsed by UNESCO or similar
20130912 10:50:56 <sgothel> haha
20130912 10:51:06 <xranby> on grounds to improve collaboration, peace and universak respect by source sharing
20130912 10:51:24 <xranby> universal
20130912 10:51:32 <sgothel> now you are cynical .. I guess .. but I never really know, since you are so positively enthusiastic always :)
20130912 10:52:17 <sgothel> maybe SCC helps to avoid wars as well .. hmm :)
20130912 10:52:48 <xranby> end of dictatorship
20130912 10:53:07 <sgothel> all dictatorships :)
20130912 10:53:30 <sgothel> some sort .. indeed
20130912 10:53:57 <sgothel> http://en.wikipedia.org/wiki/Sirius_Cybernetics_Corporation#Sirius_Cybernetics_Corporation <- best one :)
20130912 10:54:29 <xranby> :D
20130912 10:54:37 <sgothel> It is very easy to be blinded to the essential uselessness of [their products] by the sense of achievement you get from getting them to work at all. In other words - and this is the rock solid principle on which the whole of the Corporation's Galaxy-wide success is founded - their fundamental design flaws are completely hidden by their superficial design flaws.
20130912 10:58:56 <sgothel> added to our SCC Wiki :)
20130912 10:59:43 <xranby> we should post a generic example of fallacys putting trust in app stores and certificates
20130912 11:00:17 <xranby> Motivation
20130912 11:00:46 <sgothel> our 'do you want to trust this' UI may include popping up a complete code review tool :)
20130912 11:00:56 <xranby> ofc
20130912 11:01:13 <sgothel> seriously .. we could use the gpg chain of trust mechanism .. hmm
20130912 11:01:35 <sgothel> signed off by .. etc
20130912 11:02:02 <sgothel> what a nice thing to start a great day :)
20130912 11:02:40 <sgothel> yup . pls add it .. me done for now
20130912 11:03:48 <xranby> SCC allows you to avoid putting trust into “Treacherous computing”
20130912 11:04:06 <sgothel> well ..
20130912 11:04:24 <sgothel> if you campaign .. it's best to not ambush the others ..
20130912 11:04:39 <sgothel> maybe a good subsection .. like 'What's wrong w/ current models?'
20130912 11:05:24 <sgothel> and then list the fallacies .. i.e. Java Applets (see above) .. and others trusted identities .. but lacking source code review/trust
20130912 11:17:05 <xranby> I have tried to add a clause about Certificate based security : https://jogamp.org/wiki/index.php/SCC_Overview#Certificate_based_security.2C_is_not_secure
20130912 11:19:07 <sgothel> sweet
20130912 11:19:34 <sgothel> or .. trust a person or a source-base ?
20130912 11:21:26 <sgothel> SCC verifies whether it's binary object's signature matches it's source code signatures it claims.
20130912 11:21:32 <sgothel> I guess .. that is more correct
20130912 11:22:48 <sgothel> SCC verifies whether it's binary object's signature matches a claimed set of source code signatures.
20130912 11:22:57 <sgothel> hmm
20130912 11:33:18 <sgothel> SCC verifies whether a binary object's signature matches its assumed source code signatures.
20130912 12:04:00 <sgothel> Refined 'Overview' ..
20130912 12:13:41 <sgothel> .. added 'chain of trust' .. puhh ..
20130912 12:14:50 <xranby> thanks
20130912 12:16:00 <sgothel> I guess we have it well described for now ..
20130912 13:52:06 <xranby> CERT: got it http://www.cert.org/blogs/certcc/2013/04/dont_sign_that_applet.html
20130912 13:52:43 <sgothel> sweet .. pls add it to wiki ..
20130912 13:52:57 <sgothel> KUDOS
20130912 13:53:18 <xranby> already done!
20130912 13:53:27 <sgothel> so .. we are not alone in thinking this way :)
20130912 13:54:01 <sgothel> plus - came to same conclusions independent -> truth
20130912 13:56:26 <xranby> i will now ventilate the idea of SCC with the icedtea-web people
20130912 13:56:35 <sgothel> :)
20130912 13:57:41 <sgothel> proof-of-concept should follow-up soon ..
20130912 14:00:01 <sgothel> https://www.securecoding.cert.org/confluence/display/java/ENV00-J.+Do+not+sign+code+that+performs+only+unprivileged+operations;jsessionid=2F08DC1B78E8122152A6ADC2EA38B14B
20130912 14:00:31 <xranby> very good! please add to wiki
20130912 14:01:47 <sgothel> Certificate based security, is not secure -> Certificate based Applet security, is not secure
20130912 14:01:48 <sgothel> ?
20130912 14:01:56 <xranby> sure
20130912 14:01:59 <sgothel> since this chapter tal... ok
20130912 14:02:25 <xranby> i imagine the ame logical fault exist in non applet code as well
20130912 14:02:36 <xranby> like if someone hands out a signed binary
20130912 14:02:55 <xranby> adding Applet to the headline surely makes the section more clear to read
20130912 14:02:57 <sgothel> yes, but this focuses on the signed applet -> privileges part
20130912 14:03:06 <sgothel> maybe we need to split that .. let me think about it ..
20130912 14:03:17 <sgothel> I will relate it to the new Overview .. hmm
20130912 14:03:18 <xranby> we need an App store section as well
20130912 14:03:32 <xranby> decribing how SCC fixes the trojan horse problem
20130912 14:03:45 <xranby> found in google and apple mobile app stores
20130912 14:03:47 <sgothel> guess we split it in 2 .. .. yup, general and applet specific (privileges)
20130912 14:04:48 <xranby> http://www.gnu.org/philosophy/can-you-trust.html - describes fallacy with signed apps used to enforce DRM
20130912 14:05:23 <xranby> SCC also fixes DRM if you can build your own app
20130912 14:15:03 <sgothel> updated ..
20130912 14:22:46 <sgothel> good
20130912 14:26:25 <sgothel> maybe you can add the Remedy section .. as you listed here ..
20130912 14:26:53 <sgothel> however, I guess it's clear by know .. best project description ever we had before even starting :)
20130912 14:28:54 <sgothel> somebody _IS_ fast :)
20130912 14:29:02 <sgothel> JWeb += SCC :)
20130912 14:42:10 <sgothel> refined design ..
20130912 14:45:38 <sgothel> good
20130912 14:48:13 <sgothel> refined 'tag'
20130912 14:48:59 <xranby> openjdk people are all silent :/
20130912 14:55:14 <sgothel> sure .. I thought icedtea folks might be interested more
20130912 14:55:57 <sgothel> 'not innovated here' .. plus another punch regarding Oracles latest counter-innovation .. well
20130912 14:58:03 <xranby> i will wait some minutes to see if redhat canada awakes, the people who maintains icedtea-web for a living
20130912 14:58:27 <xranby> hopefully jvanek may be interested
20130912 14:58:54 <xranby> also writing an email to the list may be good as well
20130912 14:59:55 <sgothel> well .. another round after proof-of-concept :)
20130912 15:00:44 <xranby> yes, email after proof
20130912 15:00:46 <sgothel> don't need to win them all as friends, at least our infrastructure is fine .. copying and collab. allowed
20130912 15:01:03 <sgothel> *strictly allowed* :)
20130912 15:02:03 * monsieur_max (~maxime@anon) Quit (Quit: Leaving.)
20130912 15:02:33 <sgothel> so 1st tag backend .. will be a simple using git-sha1 .. but others can follow as well ofc .. incl. a more in-depth hash value
20130912 15:02:53 <sgothel> but we can assume, if git-sha1 collides .. SCC will be our least problem :)
20130912 15:03:37 <sgothel> the binary hash .. well, we have to see
20130912 15:04:20 <xranby> git-sha1 + binary size?
20130912 15:04:31 <sgothel> lol
20130912 15:04:45 <sgothel> no the hash value must allow validation
20130912 15:04:52 <xranby> heh
20130912 15:04:57 <sgothel> so we need sha256 or similar
20130912 15:05:30 <sgothel> sha1 maybe as well, but some say not so good actually .. thats why it's funny that git uses this rather weak hash
20130912 15:05:42 <sgothel> but .. well, seems to work until now :)
20130912 15:06:09 <sgothel> SCC needs to validate the binary against it's tag 1st ofc
20130912 15:07:41 <sgothel> Auth-1: SCC validates the binary against its tag and whether both tags exist in the SCR and are equal.
20130912 15:07:42 <sgothel> fixed
20130912 15:08:14 <sgothel> so Auth-1 is mandatory, where Auth-2 is optional
20130912 15:08:34 <sgothel> Auth-2 could also be extended to have stored trusted users (gpg keyring?) .. etc
20130912 15:08:44 <sgothel> ok?
20130912 15:09:19 <xranby> Auth-2 is validation against chain of trust
20130912 15:09:23 <xranby> ok!
20130912 15:09:39 <sgothel> yes .. allows you to see .. 'oh, Sven likes it .. must be good enough for me' :)
20130912 15:10:01 <sgothel> and you may store that logic ..
20130912 15:10:07 <xranby> Auth-2 may imply need to validate against moroe than one git
20130912 15:10:23 <sgothel> same for Auth-1 .. 'sources'
20130912 15:10:27 <xranby> if i trust this binary i add its tag to my git
20130912 15:10:37 <sgothel> right
20130912 15:10:50 <sgothel> so we also say .. a set of SCR == SCR -> plural
20130912 15:11:04 <xranby> right.. this allows offline use
20130912 15:11:14 <xranby> if the SCR is available in offline mode
20130912 15:11:17 <sgothel> but also an SCC store ..
20130912 15:11:30 <sgothel> storage/keyring
20130912 15:12:11 <sgothel> surely we have to 'keep it simple stupid' .. otherwise hell breaks loose :)
20130912 15:12:28 <sgothel> plus each network connection is expensive
20130912 15:12:50 <sgothel> I am sure we can refine while doing the evaluation
20130912 15:13:31 <sgothel> source code repositories (SCR) -> plural now
20130912 15:14:36 <sgothel> looks like we need jgit in SCC :)
20130912 15:20:04 <xranby> great day!, heading home
20130912 15:20:20 <sgothel> yup .. good travels
20130912 15:23:31 <xranby> http://threatpost.com/javas-losing-security-legacy/102176
20130912 15:24:04 <sgothel> .. we are really not alone :)
20130912 15:56:04 * monsieur_max (~maxime@anon) has joined #jogamp
20130912 16:30:32 * hharrison (~chatzilla@anon) Quit (Remote host closed the connection)
20130912 16:52:48 * hharrison (~chatzilla@anon) has joined #jogamp
20130912 17:38:40 * monsieur_max (~maxime@anon) has left #jogamp
20130912 18:43:49 <sgothel> http://people.umass.edu/gbecker/BeckerChes13.pdf <- Trojan's below the gate level .. hu-ha :)
20130912 19:03:19 <dfj> 'ha ha' crap.
20130912 19:10:20 <sgothel> "Our Trojan is capable of reducing
20130912 19:10:20 <sgothel> the security of the produced random number from 128 bits to n bits, where n
20130912 19:10:20 <sgothel> can be chosen. Despite these changes, the modified Trojan RNG passes not only
20130912 19:10:20 <sgothel> the Built-In-Self-Test (BIST) but also generates random numbers that pass the
20130912 19:10:20 <sgothel> NIST test suite for random numbers."
20130912 19:19:30 <sgothel> fascinating, wonder why they simply don't expose the entropy source (ES) itself (the real random number), instead of spreading it using AES encryption (DRBG).
20130912 19:20:09 <sgothel> I guess that would have been tooooo secure :)
20130912 19:57:21 * monsieur_max (~maxime@anon) has joined #jogamp
20130912 20:42:47 <sgothel> CCT published C3D mobile - https://play.google.com/store/apps/details?id=cctintl.c3d.android
20130912 21:13:05 * monsieur_max (~maxime@anon) has left #jogamp