Times are UTC Toggle Colours
00:09:08 *** tokai|noir has joined #openttd 00:09:08 *** ChanServ sets mode: +v tokai|noir 00:16:07 *** tokai has quit IRC 01:56:28 <supermop_Home> now the helicopter is just hovering almost immediately above my apartment 01:56:45 <supermop_Home> for the past 20 minutes 01:59:18 <supermop_Home> presumably due to the budget vote this evening i'd guess 02:10:48 *** debdog has joined #openttd 02:14:04 *** glx has quit IRC 02:14:12 *** D-HUND has quit IRC 02:55:56 *** Wormnest_ has quit IRC 02:57:36 *** Flygon has joined #openttd 03:26:14 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJJR5 04:22:04 *** snail_UES_ has quit IRC 05:29:08 *** HerzogDeXtEr has joined #openttd 05:40:17 *** Smedles_ has quit IRC 05:41:43 *** Smedles has joined #openttd 05:47:03 *** andythenorth has joined #openttd 05:50:57 <andythenorth> hmm 05:54:17 *** keoz has joined #openttd 06:03:15 *** sla_ro|master has joined #openttd 06:08:28 * andythenorth breaks the law 06:27:28 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJJaI 06:28:48 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJJaq 06:37:01 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJJar 06:51:57 *** cHawk has quit IRC 06:54:39 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJJVI 06:57:18 *** keoz has quit IRC 06:58:06 *** nielsm has joined #openttd 07:00:51 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJJVB 07:01:39 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJJVz 07:02:23 <andythenorth> I read the logs for grf.farm 07:02:36 <andythenorth> but not in a way that has an exemption 07:02:40 <andythenorth> so I broke the law 07:03:14 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJJVw 07:03:40 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJJVo 07:05:03 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJJVX 07:06:31 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJJVy 07:06:45 <LordAro> andythenorth: the horror. 07:10:45 <andythenorth> PECR innit 07:10:52 <andythenorth> it was probably your device too 07:12:03 <andythenorth> 'mostly I have been reading EU legal documents' 07:12:51 <andythenorth> maybe I should put a consent banner on grf.farm 07:12:55 <andythenorth> but it must not be intrusive 07:13:03 <andythenorth> and it must be fully informative, but not confusing 07:13:13 <andythenorth> and I can't block access to the service if consent is withheld 07:13:16 <nielsm> are you putting tracking cookies? 07:13:22 <andythenorth> no no, I just read the S3 logs 07:13:36 <andythenorth> but that stores the OS and user agent 07:13:40 <andythenorth> and those are your property 07:13:57 <andythenorth> so it's illegal to read them unless it's for one of 2 exempted causes 07:14:16 <andythenorth> 'beware of the leopard' is all I have 07:18:13 *** virtualrandomnumber has joined #openttd 07:18:28 *** virtualrandomnumber has quit IRC 07:20:15 *** WormnestAndroid has quit IRC 07:20:28 *** WormnestAndroid has joined #openttd 07:22:51 *** WormnestAndroid has quit IRC 07:23:05 *** WormnestAndroid has joined #openttd 07:28:18 *** cHawk has joined #openttd 07:30:14 <andythenorth> hmm vehicle engine plants are quite boring buildings 07:30:19 * andythenorth needs to draw for FIRS 07:36:25 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJJwb 08:10:03 *** iSoSyS has joined #openttd 08:19:48 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJJKI 08:45:57 <CornsMcGowan[m]> what IDE do you all use for OpenTTD dev? 08:47:33 <CornsMcGowan[m]> i used to use VS19 enterprise cause my university gives student licenses out, but i'm trying to get into the habit of using VSCode instead 08:47:59 *** b_jonas has quit IRC 08:48:43 <LordAro> use whatever you feel comfortable with 08:48:49 <LordAro> i use vim 08:49:10 <CornsMcGowan[m]> h o w 08:49:50 <LordAro> because i feel comfortable using it :p 08:51:22 <CornsMcGowan[m]> HAHA thats understandable 08:55:57 *** HerzogDeXtEr has quit IRC 09:16:00 *** arikover has joined #openttd 09:18:55 <nielsm> vs2019 community is what I use 09:24:58 *** gelignite has joined #openttd 09:32:34 *** Laedek_ has quit IRC 09:37:34 *** Samu has joined #openttd 10:17:06 <Samu> hi 10:25:32 *** arikover has quit IRC 10:33:08 <Samu> what was the value in VCPKG_TARGET_TRIPLET x64-windows 10:40:22 <Samu> https://devblogs.microsoft.com/cppblog/vcpkg-updates-static-linking-is-now-available/ 10:52:33 *** iSoSyS has joined #openttd 11:09:44 <Samu> how do I ignore work project files 11:09:51 <Samu> and folders 11:11:21 <Samu> https://i.imgur.com/ldKZADu.png - files and folders in the '.vs' and in the 'out' 11:11:48 <Samu> and also 'CMakeSettings.json' 11:12:39 <Samu> when i add to ignore, it goes to .gitignore and it then becomes another changed file 11:12:48 <Samu> '.gitignore' 11:18:50 <LordAro> Samu: there's an open PR 11:19:03 <LordAro> just ignore them for now 11:38:12 *** iSoSyS has quit IRC 11:53:45 *** gelignite has quit IRC 12:01:06 *** Sacro_ has joined #openttd 12:01:30 *** ST2 has quit IRC 12:03:33 *** Sacro has quit IRC 12:06:13 *** ST2 has joined #openttd 12:33:01 <DorpsGek_III> [OpenTTD/OpenTTD] danchr updated pull request #8189: Update: generate Mac bundle on install rather than packaging https://git.io/Jf12c 12:34:29 <andythenorth> hmm mac cmake build still fails for me 12:34:46 <andythenorth> the cause appears to be that brew ports tree does some inappropriate things with headers 12:34:53 <andythenorth> but I tried the fix and it didn't work so far 12:34:59 * andythenorth 1st world problems 12:42:39 <DorpsGek_III> [OpenTTD/OpenTTD] danchr updated pull request #8189: Update: generate Mac bundle on install rather than packaging https://git.io/Jf12c 12:43:57 <DorpsGek_III> [OpenTTD/OpenTTD] danchr commented on pull request #8189: Update: generate Mac bundle on install rather than packaging https://git.io/JJJH3 13:11:40 *** iSoSyS has joined #openttd 13:25:19 *** andythenorth has quit IRC 13:28:06 *** snail_UES_ has joined #openttd 13:30:36 *** Xaroth has quit IRC 13:30:59 *** Xaroth has joined #openttd 13:31:45 *** jback has quit IRC 13:32:56 *** jback has joined #openttd 13:38:41 *** gelignite has joined #openttd 13:49:59 *** andythenorth has joined #openttd 15:11:06 *** Wormnest has joined #openttd 15:27:11 *** sla_ro|master has quit IRC 15:28:25 *** jback has quit IRC 15:28:41 *** jback has joined #openttd 15:30:16 *** Speeder_ has joined #openttd 15:34:25 *** keoz has joined #openttd 15:37:45 *** Speeder has quit IRC 15:42:48 <TrueBrain> andythenorth: at least you have your own domain :P 15:46:23 *** cHawk has quit IRC 15:47:24 *** Flygon has quit IRC 15:48:48 <andythenorth> I do :D 15:57:11 *** Eddi|zuHause has quit IRC 16:00:57 <DorpsGek_III> [OpenTTD/DorpsGek] LordAro approved pull request #24: Scheduled monthly dependency update for June https://git.io/JJJhg 16:01:19 <LordAro> TrueBrain: quick, before pyup-bot notices and makes a new PR :p 16:02:36 <DorpsGek_III> [OpenTTD/DorpsGek] TrueBrain merged pull request #24: Scheduled monthly dependency update for June https://git.io/Jfi3v 16:02:58 <TrueBrain> YOLO 16:03:19 <LordAro> :D 16:03:27 <LordAro> could enable it on a few other repos, perhaps? 16:03:37 <TrueBrain> yeah, but PyUp is a bit of shit 16:03:47 <LordAro> true 16:03:58 <TrueBrain> they keep spamming me, and be all "I NEED ATTENTION I AM SAD" 16:04:16 <TrueBrain> so I wanted to migrate to dependabot, but lets see if they added 1 PR for all deps now 16:05:31 <LordAro> and nml doesn't even have a requirements file, it's embedded in setup.py 16:05:39 <TrueBrain> that ... is wrong 16:05:43 <LordAro> nah 16:05:44 <LordAro> it works well 16:05:52 <TrueBrain> the fact that things work, don't make them less wrong 16:06:06 <TrueBrain> I can wear a trashbag as tshirt 16:06:07 <TrueBrain> it works 16:06:08 <TrueBrain> but it is wrong 16:06:17 <LordAro> means you can install things easily 16:06:20 <TrueBrain> setup.py should never ever pin an exact version :) 16:06:24 <LordAro> it doesn't 16:06:33 <TrueBrain> so it isn't embedding requirements.txt :) 16:06:42 <TrueBrain> so you are wrong, and mixing up 2 things :P :P 16:06:45 <LordAro> ok, it's embedding requirements.base 16:06:50 <TrueBrain> fine :) 16:06:57 <LordAro> which is an invention of yours, afaik 16:07:00 <TrueBrain> requirements.base is my own hack, because I am too lazy to make a setup.py :P 16:07:28 <TrueBrain> well, you don't need to do setup.py anymore these days .. 16:07:28 *** Eddi|zuHause has joined #openttd 16:07:31 <TrueBrain> still too lazy :) 16:07:34 <TrueBrain> ssttt, he is back 16:09:59 <TrueBrain> github dependabot still doesn't allow a single PR per month, it seems 16:10:06 <TrueBrain> possibly that is an indication what I want is weird :P 16:12:33 <TrueBrain> even their own repo looks ugly because of it; it is useful, as you can see if a single dependency fails, instead of "one of these" 16:12:37 <TrueBrain> but ugh .. it gives a lot of noise 16:13:27 <LordAro> mm 16:14:08 <Eddi|zuHause> so, i have this problem, where if i update to a kernel newer than 5.5 the network card is not recognized 16:14:19 *** HerzogDeXtEr has joined #openttd 16:16:05 <TrueBrain> seems to be not coming any time soon, "grouping" in dependabot .. bah :P 16:16:48 <TrueBrain> so guess I should enable PyUp on the other repos for now .. 16:16:51 <TrueBrain> "soon" :) 16:16:57 <TrueBrain> I have some more free time in a month or so 16:17:19 <TrueBrain> and I will fix setup.py's too in that case :) 16:17:31 <TrueBrain> LordAro: that btw still leaves nml should get a "requirements.txt" with known good dependencies :) 16:18:11 <LordAro> i guess so 16:19:09 *** glx has joined #openttd 16:19:09 *** ChanServ sets mode: +v glx 16:26:22 *** y2kboy23 has quit IRC 16:33:12 *** Progman has joined #openttd 16:39:42 *** y2kboy23 has joined #openttd 17:12:59 *** iSoSyS has quit IRC 17:17:31 *** frosch123 has joined #openttd 17:20:57 *** sla_ro|master has joined #openttd 17:23:15 <CornsMcGowan[m]> hello, can somebody walk me through compiling openttd (jgrpp) on linux ubuntu? 17:26:18 <CornsMcGowan[m]> oh wow i dont even have git installed on this HAHA 17:27:33 *** tokai has joined #openttd 17:27:33 *** ChanServ sets mode: +v tokai 17:34:27 *** tokai|noir has quit IRC 17:40:28 *** ST2 has quit IRC 17:40:51 *** ST2 has joined #openttd 17:41:50 <andythenorth> so should we use grf.farm for all grfs? 17:41:52 <andythenorth> or as my pet? 17:42:16 <andythenorth> [asking for a friend] 17:45:50 <DorpsGek_III> [OpenTTD/OpenTTD] DorpsGek pushed 1 commits to master https://git.io/JJUf1 17:45:50 <DorpsGek_III> - Update: Translations from eints (by translators) 17:51:49 <FLHerne> CornsMcGowan[m]: Get the source, cd path/to/src && ./configure && make -j 17:52:00 <FLHerne> Unless JGR has the cmake patch already 17:54:07 <CornsMcGowan[m]> tyy 17:54:18 <CornsMcGowan[m]> i went the ./configure make route 17:54:24 <FLHerne> (his git head does, but not the latest release) 17:54:30 <CornsMcGowan[m]> whats the -j argument 17:54:42 <CornsMcGowan[m]> is that same as --jobs 17:55:11 <FLHerne> For current openttd or jgr git, you want `mkdir build && cd build && cmake .. && make -j` or so 17:55:14 *** cHawk has joined #openttd 17:56:34 <FLHerne> Yes 17:57:10 <FLHerne> Lets `make` run multiple processes in parallel, which unless your computer is ancient will be a lot quicker 17:59:22 <DorpsGek_III> [OpenTTD/DorpsGek] pyup-bot opened pull request #25: Scheduled monthly dependency update for July https://git.io/JJUJs 18:04:39 *** Gustavo6046 has joined #openttd 18:08:01 <CornsMcGowan[m]> ah sweet ty :) 18:12:17 <andythenorth> hmm tinfoil time 18:12:19 <frosch123> andythenorth: regular people should just just github bundles 18:12:32 <andythenorth> maybe george should do that 18:12:33 <frosch123> your speciality is hosting docs 18:12:35 <andythenorth> yes 18:12:35 <frosch123> which noone else has 18:12:46 <andythenorth> regular people should just use bananas :P 18:13:08 <frosch123> hmm, in that case... possibly george thinks you also run a compile farm 18:13:25 <andythenorth> c'est possible 18:13:41 <andythenorth> il est faux 18:13:52 <andythenorth> je n'ai pas un compile farm 18:13:56 <andythenorth> name might be misleading 18:16:35 <andythenorth> ceci n'est pas une ferme 18:16:48 <DorpsGek_III> [OpenTTD/DorpsGek] LordAro approved pull request #25: Scheduled monthly dependency update for July https://git.io/JJUJj 18:18:17 <andythenorth> anyway tinfoil, if I run the AWS python client locally (https://boto3.amazonaws.com/v1/documentation/api/latest/index.html) 18:18:26 <andythenorth> how do I safely give it creds? 18:19:19 <DorpsGek_III> [OpenTTD/DorpsGek] TrueBrain merged pull request #25: Scheduled monthly dependency update for July https://git.io/JJUJs 18:20:10 <nielsm> safe from what? 18:21:30 <TrueBrain> Make IAM user with limited rights and generate an API key. Have auto keyrotate activated and monitor the account for unusual activity :p 18:22:26 <frosch123> andythenorth: oh, wow... i did not make the relation to .farm either 18:22:30 <DorpsGek_III> [OpenTTD/DorpsGek] TrueBrain created new tag: 1.0.4 https://git.io/JJUU3 18:26:14 *** DorpsGek_III has quit IRC 18:36:30 *** jback has quit IRC 18:36:46 *** jback has joined #openttd 19:14:41 *** y2kboy23 has quit IRC 19:15:15 <andythenorth> nielsm dunno, I am a bit paranoid about creds 19:15:22 <andythenorth> should I be typing them in every time I run it? 19:16:21 *** y2kboy23 has joined #openttd 19:17:35 *** b_jonas has joined #openttd 19:19:32 *** Wolf01 has joined #openttd 19:20:53 <nielsm> andythenorth: as TB suggests, maybe make a separate (limited permissions) account the job can run under, so if anyone does snatch the creds their abilities would be insufficient to do real damage 19:24:08 <Wolf01> Does that need to be suggested? 19:24:26 <nielsm> sometimes the obvious is overlooked 19:25:17 <nielsm> if you're launching the job interactively from macos, maybe it's possible to somehow store the creds in Keychain 19:26:14 <Wolf01> We are even creating a lot of google accounts to handle APIs for different things instead of just creating different projects 19:28:07 <andythenorth> there's a convention in AWS to provision limited creds 19:28:15 <andythenorth> it's this end I worry about 19:28:29 <andythenorth> I am basically taking untrusted 3rd party contributions via github 19:28:43 <andythenorth> and then potentially letting them publish to s3 19:28:53 <andythenorth> it's not a very interesting attack though :P 19:29:14 <TrueBrain> How do you think docs and website end up on AWS? 19:29:19 <TrueBrain> A magic hamster? 19:29:23 <andythenorth> I have general paranoia about creds 19:29:52 <andythenorth> tinfoil to the max 19:30:23 <TrueBrain> well, that can be a good thing, if it doesn't prevent you from living your life ;) 19:30:41 <TrueBrain> but OpenTTD uses a very strictly limited IAM account with API creds as a GitHub secret to publish the website 19:30:47 <TrueBrain> if the creds leak ... they can upload another website 19:30:48 <TrueBrain> that is it 19:31:00 <Wolf01> <TB> A magic hamster? <- this wasted me XD 19:31:07 <TrueBrain> bad? sure. a catastrophic event? Not really. 19:33:58 <TrueBrain> you are welcome Wolf01 :) 19:35:26 <Wolf01> andythenorth: purchased the crocodile... shipping from 20th august 19:35:41 <Wolf01> ಥ╭╮ಥ 19:37:46 <andythenorth> Wolf01 :) 19:41:04 <andythenorth> I do spend an insane amount of my day entering passwords 19:41:10 <andythenorth> it really makes work harder 19:41:25 *** jback has quit IRC 19:41:28 <Wolf01> Me too, and I usually interchange them 19:41:37 *** jback has joined #openttd 19:41:56 <TrueBrain> you do know we have password managers, right? 19:42:02 <andythenorth> I won't use any autofill from my password manager because exploits have been demonstrated against them 19:42:13 <andythenorth> and the password manager requires a password 19:42:50 <Wolf01> And first I need to login on windows to use the password manager 19:43:20 <Wolf01> But usually I have it on my phone because my boss doesn't want us to use it 19:43:21 <andythenorth> I have touch ID unlock on some password managers, but that needs a password every n hours 19:43:34 <TrueBrain> I only need to know 3 passwords during my day 19:43:38 <TrueBrain> I love simplicity in life 19:44:31 <TrueBrain> people who use auto-type, need to have the Firefox / Chrome plugin installed, that adds the URL to the browser title 19:44:41 <TrueBrain> and enable auto-type based on active-window-title 19:44:48 <TrueBrain> avoids all the ... accidental autofills :) 19:45:15 <Wolf01> I need to know 3 passwords too, but I keep filling the wrong one 19:45:59 <TrueBrain> PEKBAC 19:46:04 <TrueBrain> the world's real problem 19:46:35 <Wolf01> Yes 19:49:33 <Wolf01> It's nice how I remember better my own passwords which I don't even need to fill every time as I have autologin or saved in browser, but the ones I fill in constantly at work are the most difficult to get right 19:50:03 <TrueBrain> brrr, save in browser 19:50:07 <TrueBrain> please don't use that :( 19:50:14 <TrueBrain> you ever notice you do not need a password to "unlock" them? 19:50:41 <Wolf01> Yes, but it's my own pc at home 19:51:01 <TrueBrain> just install a password manager :P 19:51:08 <TrueBrain> BitWarden, 1Password, .. 19:52:05 <Wolf01> I use KeePass, but only to get the passwords I don't want to save 19:52:30 <Wolf01> Like banking account 19:53:31 <TrueBrain> use a cloud-based solution, and your world becomes a lot easier :) 19:53:45 <TrueBrain> All my passwords are in 1Password, I never have to remember any, because fingerprint :P 19:54:52 <Wolf01> I just remember them... all 143 19:55:21 <TrueBrain> lies! 19:55:27 <TrueBrain> :D 19:55:36 <TrueBrain> if you can remember 143 passwords, they are not different enough :P 19:55:43 <TrueBrain> or you have the wrong job :P 19:56:12 <Wolf01> Seriously, and no, they aren't different enough, not the same one but I can calculate them :P 19:56:53 <TrueBrain> you should visit one of my trainingdays .. you will have a different opinion afterwards :D 19:57:04 <TrueBrain> I even managed to get HR person to leave the room to change their passwords (with KeePass) 19:57:06 <TrueBrain> epic win :) 19:57:17 <Wolf01> Ahah 19:58:41 <TrueBrain> I train companies on cybersecurity, one of these is a simple session where we introduce all office people to what it is about 19:58:45 <frosch123> TrueBrain: during the coffee break? 19:58:51 <TrueBrain> and we have some passwords we name, which most likely is one of their passwords 19:58:53 <TrueBrain> we always hit a few 19:58:58 <TrueBrain> which still amazes me till this day 19:59:14 <TrueBrain> just the simple things like: <companyname>01! 19:59:21 <TrueBrain> and you just see the reaction on people's face 20:00:00 <frosch123> good, i am safe, i use <companyname>02 20:00:21 <Wolf01> I must not continue with this argument or you'll kill me, because in my company it's just fine if we don't have the passwords written on a sticky note on the monitor 20:00:51 <frosch123> my IT shows a video from some show, where they interview people on the street abuot their passwords 20:01:43 <frosch123> like: what is your password? - the name of by pet. - oh, you have a pet? what it's name? - peter 20:01:50 <TrueBrain> that I use in trainings too frosch123 :) 20:02:04 <TrueBrain> Wolf01: yeah ... hire us for a single session; that will change :P 20:02:29 <b_jonas> frosch123: that sort of interview has a strong selection effect, because the sort of people who are sensible about their password won't tell about them to random people interviewing them in the street 20:02:37 <b_jonas> so it's like even worse than ordinary interviews 20:03:09 <TrueBrain> https://www.youtube.com/watch?v=opRMrEfAIiI 20:03:10 <frosch123> https://youtu.be/opRMrEfAIiI?t=42 <- that one 20:03:13 <TrueBrain> b_jonas: you take it too seriously ;) 20:03:19 <TrueBrain> it is a fuzz-piece 20:03:23 <Wolf01> Aahha, I only use pseudo-random sequences of chars, numbers, symbols, you won't get one so easy, but I can get it knowing my algorythm :P 20:03:26 <frosch123> TrueBrain: so it was the same :) 20:03:33 <TrueBrain> frosch123: yup :) 20:04:00 <TrueBrain> Wolf01: the other VERY common one we see: when I crack your password, I can tell how many months you work at your company 20:04:04 <TrueBrain> as it is <base>01 for the first reset 20:04:06 <TrueBrain> <base>02 for the second 20:04:07 <TrueBrain> etc 20:04:10 <TrueBrain> people are stupid 20:04:12 <TrueBrain> like .. really stupid 20:04:20 <milek7> passwords resets are stupid 20:04:24 <Wolf01> Yeah 20:04:29 <TrueBrain> what you need to tell people .. I find your password of 2 years ago .. it is <base>03 20:04:32 <TrueBrain> we are 4 resets later 20:04:37 <TrueBrain> so ...... can I guess your password now? 20:04:58 <TrueBrain> password resets are not bad; people not understanding why we use passwords are the issue 20:05:03 <TrueBrain> but the solution is simple: enable MFA 20:05:06 <TrueBrain> fuck passwords 20:05:07 <Wolf01> What if I go reverse... ohh shit XD 20:06:03 <milek7> Wolf01: well, if somebody created several honeypot sites for you to register 20:06:21 <milek7> maybe they could reverse-engineer your algorithm :P 20:06:37 <Wolf01> Probably 20:06:38 <andythenorth> I am imagining TB training my staff 20:06:41 <andythenorth> that could be quite lolz 20:07:05 <TrueBrain> the worst realisation of this year: people use password managers .. by adding an entry, and come up with their own password. It was such a facepalm moment, that we (IT) forgot to train our users HOW to use password managers 20:08:11 <frosch123> sometimes sites do not accept random hashes of dozens of chars, but want special chars 20:08:21 <andythenorth> those sites are annoying 20:08:23 <frosch123> then i usually isnert them manually somewhere in the hash 20:08:31 <TrueBrain> some sites still have a "max 16 chars" limit 20:08:34 <frosch123> it's easier than clicking all those checkboxes 20:08:46 <andythenorth> some shopping site, if it's a commodity thing, I just go to a different site when the password rules are dumb 20:08:52 <TrueBrain> which makes you wonder who developed it .. and if he understands hashing ... 20:09:28 <frosch123> TrueBrain: oh, the admin in 2009 send a mail: company policy requires >= 8 chars, our old sunos boxes support <= 8 chars. so you know what that means 20:09:28 <dP> I liked to use algorithm to generate passwords until I realised it depends on a keyboard layout which I change constantly xD 20:09:36 <dP> now I have a separete layout for passwords xD 20:11:20 <TrueBrain> frosch123: yeah, a known issue, sadly .. 20:12:50 <milek7> due to GDPR probably, recently there's trend for encrypting zip mail attachments 20:13:29 <TrueBrain> what ... has GDPR have to do with that? 20:14:02 <andythenorth> I broke the law this morning 20:14:11 <frosch123> i am always amazed when people send two mails, one with the zip, and a second with the plain password 20:14:12 <TrueBrain> you ran a light? 20:14:12 <milek7> probably they think to protect data more 20:14:14 <andythenorth> I read the AWS S3 logs for my new site 20:14:19 <frosch123> how does that help? 20:14:34 <andythenorth> and the purpose wasn't covered by the exemptions, and I don't have consent 20:14:37 <milek7> one issue is.. guess how long it takes to bruteforce 8 digit password in pkzip encryption? 20:14:57 <andythenorth> so I violated PECR 20:15:02 <TrueBrain> frosch123: yeah .... I know right :( 20:15:08 <frosch123> andythenorth: i guess, reading them is fine. it only matters if you acutally use them 20:15:19 <andythenorth> nope, reading is accessing 20:15:32 <andythenorth> I read them to guess who had been looking at the site 20:15:39 <andythenorth> that purpose isn't allowed 20:15:50 <TrueBrain> so you had bad intent! 20:15:53 <frosch123> how good are your guesses? 20:15:59 <andythenorth> I don't know 20:16:11 <andythenorth> I can't actually profile anyone with the data 20:16:14 <andythenorth> but still illegal 20:16:20 <andythenorth> completely allowed under GDPR though 20:16:24 <frosch123> you can run geoip lookup 20:16:26 <TrueBrain> just say you wanted to check no weird URLs were opened 20:16:46 <frosch123> though, since i have a new isp, i actually don't know where it locates me now 20:16:51 <frosch123> previous one was like 200 km off 20:17:02 <TrueBrain> as long as it is the right country :P 20:17:15 <dP> I don't even remember which country is my ip located in xD 20:17:26 <andythenorth> IP lookup is different 20:17:29 <andythenorth> that's not PECR 20:17:44 <frosch123> oh, it's equally far away 20:18:09 <frosch123> and an absolute village i never heard about 20:18:11 <andythenorth> 'everything is awesome' 20:18:14 <TrueBrain> PECR is uk only, right? 20:18:25 <andythenorth> it's the UK implementation of the 2002 ePrivacy Directive 20:18:30 <andythenorth> you probably have your own version 20:18:30 <TrueBrain> yeah, so nobody cares 20:18:32 <milek7> 0:00:00:04 DONE 20:18:36 <TrueBrain> HE WALKED RIGHT INTO THATONE :) 20:18:48 <TrueBrain> we have AVG, which is GDPR, but translated :P 20:18:58 <andythenorth> 2002 version is a Directive not a Regulation 20:19:13 <andythenorth> so the requirement for member nations to translate to local law is different 20:19:19 <andythenorth> Regulation is more stringent / forceful 20:19:29 <andythenorth> yes, even after Brexit, EU law still reks my life 20:19:48 <TrueBrain> I am so happy so many people already say: EU and UK 20:19:53 <TrueBrain> read the best twitter thread ever btw? 20:19:55 <andythenorth> its simplifies my marketing 20:20:08 <andythenorth> we used to get tied in knots about 'our customers in UK/EU' 20:20:08 <TrueBrain> https://mobile.twitter.com/archer_rs/status/1277505330885386240 <- in case you somehow missed it 20:20:14 <andythenorth> UK/EU was a tautology 20:20:16 <TrueBrain> it is better than live tv, and it is still ongoing 20:20:22 <andythenorth> but nobody in UK thought they were in EU 20:21:07 <andythenorth> anyway, you should have your own PECR 20:21:16 <andythenorth> I hope OpenTTD is compliant 20:21:58 <TrueBrain> It most part is 20:22:10 <TrueBrain> There are currently some edgecases 20:22:38 <TrueBrain> (mostly as I am getting used to AWS) 20:22:55 <andythenorth> oh you have a Dutch Telecommunications Act equivalent to PECR 20:22:57 <andythenorth> lucky you 20:25:34 <andythenorth> I just hope you never look what OS players use 20:26:15 <andythenorth> the client probably doesn't supply that? 20:27:54 <TrueBrain> Ah, that is what PECR is, that makes more sense 20:28:32 <andythenorth> it's illegal to access information about the terminal equipment 20:28:38 <andythenorth> except for specific purposes 20:29:00 <andythenorth> it's intended as a privacy law, but it's kind of constructed as a property law 20:29:15 <TrueBrain> in The Netherlands that law is with a completely different focus :P 20:29:45 <andythenorth> it probably still includes terminal equipment 20:29:52 <frosch123> TrueBrain: oh dear, i had a favorite brexit tweet. but it now has been declassed by far 20:30:04 <andythenorth> it has quite funny unintended consequences for network services 20:30:20 <TrueBrain> frosch123: you are welcome :) 20:30:23 <andythenorth> the 2017 draft ePrivacy Regulation even recognises that the 2002 version was, in EU speak, a fucking disaster 20:32:42 <TrueBrain> andythenorth: as far as I can see, the "Telecommunicatiewet" is really only about mobile providers really 20:33:10 <TrueBrain> we do have an "Informatieplicht", information-duty, so to say, which I thought PCRE was including 20:33:19 <andythenorth> maybe you did a better job in NL 20:33:31 <TrueBrain> the latter doesn't allow spam, spamcalls, phishing, etc 20:34:07 <TrueBrain> well, it might be in there 20:34:14 <TrueBrain> I just never heard anyone talk about it in that sense :) 20:34:43 <andythenorth> http://www.legislation.gov.uk/uksi/2003/2426/regulation/6/made 20:34:45 <TrueBrain> it is about frequencies, how they are sold to companies, what to transmit (radio-programms), .. 20:34:58 <andythenorth> metadata about your device is your property 20:35:24 <andythenorth> using it without explicit consent is not allowed, except for specific exemptions 20:37:19 <andythenorth> it's all very silly, and will probably get replaced 20:37:53 <andythenorth> but any analytics using device information are illegal without consent 20:38:16 <TrueBrain> there is a part of what you post in the dutch law 20:38:30 <TrueBrain> but it is about using analytics to give an unfair advantage to a group of people 20:38:36 <andythenorth> I can process that data to respond to security threats or breaches 20:38:46 <andythenorth> I can use it if it's essential to delivering the service 20:38:55 <andythenorth> but I can't use it for anything else 20:39:27 <TrueBrain> here it notes that if you do, you are processing personal data 20:39:34 <TrueBrain> which .. is fine, as long as you follow the rules for that :) 20:39:46 <andythenorth> so I can incidentally do pro-active security, and find that e.g. 30% of our visits are from windows users on vulnerable IE 20:39:56 <andythenorth> but I then have to forget that information when designing the site 20:40:15 <TrueBrain> but okay, this law is meant for the communication network itself; I really wonder if it would apply for webservers tbh 20:40:33 <andythenorth> it does 20:40:36 <LordAro> computers are hard, as it turns out 20:40:38 <TrueBrain> in the NL, I mean ;) 20:40:40 <andythenorth> there are 2 EU determinations 20:40:44 <andythenorth> and a UK ICO determination 20:40:48 <andythenorth> it's quite clear 20:41:01 <andythenorth> I can use analytics to choose appropriate cypher suites for the clients 20:41:19 <andythenorth> and for delivering programmatic (javascript) changes to the design dynamically 20:41:24 <andythenorth> but not for the actual design 20:42:11 <andythenorth> I've read the EU findings, and had 2 legal counsel opinions 20:42:14 <andythenorth> it's nuts :) 20:42:34 <TrueBrain> yeah, and I always wonder when NL followed EU by the letter, and when they made it more .. dutch 20:42:41 <TrueBrain> for GDPR they fucked up, and it is a 1 on 1 20:42:49 <TrueBrain> story goes they were too slow, and the EU deadline passed 20:42:54 <TrueBrain> no clue if that story is true :) 20:43:18 <andythenorth> TV time also :) 20:43:41 <TrueBrain> its funny, an explicit except is giving if you need that data to rate your effectiveness 20:44:02 <TrueBrain> so looking how many people access from Windows, is clearly within that excempt 20:44:26 <TrueBrain> but, also explicit, it must not hurt the enduser in any significant way 20:44:40 <TrueBrain> (So I cannot send you a webcam and force you to install it, basically :P) 20:45:37 <TrueBrain> yeah, funny, but it seems not as strong here as it is for you 20:46:22 <TrueBrain> you just need a good reason; not "because I wanted to know", but "because I want to make sure my Windows visitor get the best experience" 20:47:25 <TrueBrain> andythenorth: the differences are funny. PCRE says: "is given the opportunity to refuse the storage". Dutch law says: "has to give explicit concent" 20:47:27 <TrueBrain> see the difference? :D 20:48:14 <TrueBrain> yeah, the dutch law has more exempts :D Funny :) 20:51:41 <Eddi|zuHause> i've read that brexit thread earlier today, felt quite entertained and also sad about the state of the world... 20:52:11 <TrueBrain> Eddi|zuHause: do realise the twitter account is of an author of a book under his alias 20:52:13 <TrueBrain> so .. yeah 20:52:35 <TrueBrain> andythenorth: seems our law changed in 2014 to change that part, from the strict part you have, to a more .. open form 20:54:18 <TrueBrain> yeah, from "strictly necessary" to "needed for quality or effectiveness" 20:54:19 <TrueBrain> :D 20:56:09 <TrueBrain> 2015-03-11, the date the change was made in the law :) 20:56:14 <TrueBrain> I like how you can browse this online 20:56:19 <TrueBrain> they even show the diff between different versions 20:56:50 <TrueBrain> so it seems the UK stuck in the past 20:56:52 <TrueBrain> no surprise there :P 20:57:28 <Eddi|zuHause> TrueBrain: i'm treating everything i read on twitter as fictional anyway :) 21:00:35 <TrueBrain> what did I learn today? Well, that we had a shitty law till 2015, and the Dutch decided to change it into something sane. Yeah. Laws are allowed to change :P 21:06:16 *** DorpsGek_III has joined #openttd 21:06:16 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJUmU 21:14:15 *** frosch123 has quit IRC 21:18:41 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJUmz 21:29:45 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJUmQ 21:32:19 <andythenorth> TrueBrain the UK regime is based on https://ec.europa.eu/justice/article-29/documentation/opinion-recommendation/files/2014/wp224_en.pdf 21:32:21 <andythenorth> it's lolz 21:32:48 <TrueBrain> happy to live in a sane country 21:32:59 <TrueBrain> you should move here .. you wouldn't have this trouble :P 21:34:13 <andythenorth> is this why NL doesn't want to quit the EU? 21:34:43 <TrueBrain> no, that is because we are sane human beings :D 21:35:23 <TrueBrain> it is so easy to stab with this brexit stuff :P 21:35:39 <andythenorth> how come you don't have to implement the EU rulings? 21:35:49 <andythenorth> it's only a Directive, maybe that's why 21:36:17 <TrueBrain> I know there are 2 types of EU "rules", one you have to adapt, the other which you have to implement 21:36:23 <TrueBrain> the first is strict, the second leaves more room 21:36:36 <andythenorth> Directive vs. Regulation, or vice versa 21:36:50 <TrueBrain> but I am just repeating what people have been trying to tell me 21:36:56 <TrueBrain> I find it rather boring :P 21:37:15 <andythenorth> I have had to learn all this in the last 2 weeks :P 21:37:23 <andythenorth> the funny thing about Brexit 21:37:26 <andythenorth> well there is more than one 21:37:38 <TrueBrain> I have a basic understanding of GDPR, and that is enough law-bla for me for the rest of my life 21:37:51 <andythenorth> all our UK law is basically EU law for the forseeable future :P 21:37:54 <andythenorth> such lolz 21:37:58 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJUYI 21:38:03 <andythenorth> we wrote it all into UK statute 21:38:11 <TrueBrain> except that a lot of EU customers don't agree that it is equal :) 21:38:16 <andythenorth> and we don't have a functioning parliament or government :) 21:38:22 <andythenorth> so no new law 21:38:37 <andythenorth> every day should contain more lolz 21:38:45 <TrueBrain> I have heard a lot of: we want our data to be in the EU, so NOT in the UK, lately .. with the addition: we don't want to be the first in court to find out if the UK law means the same as the EU law 21:39:28 <andythenorth> yes 21:39:34 <andythenorth> lolz unbounded 21:39:50 <TrueBrain> but the twitter thread earlier summarizes everything just fine :) 21:40:47 <andythenorth> ok is it time to automate my AWS deployment? 21:40:52 <andythenorth> or ad cloudfront for https? 21:40:54 <andythenorth> or sleep? 21:41:01 <TrueBrain> cloudfront for https, yes 21:41:03 <TrueBrain> but sleep first 21:41:05 <TrueBrain> AWS after 21:41:28 <andythenorth> sleep! 21:41:35 <andythenorth> tomorrow is more lolz 21:41:51 *** wsc has left #openttd 21:41:58 <andythenorth> was cloudfront easy or hard? 21:42:02 <andythenorth> AWS docs seem quite good 21:42:13 <andythenorth> everything worked great so far 21:44:49 <TrueBrain> CloudFront is piss easy 21:44:52 <andythenorth> gr8 21:44:58 <andythenorth> I will do it while pissing 21:45:00 <andythenorth> one hand 21:45:01 <TrueBrain> make certificate, add CloudFront, point to S3, add Certificate 21:45:01 <TrueBrain> done 21:45:04 <andythenorth> rad 21:45:16 <TrueBrain> for certificate you need DNS validation if it is not hosted by Route53 21:45:23 <andythenorth> it is hosted by Route53 21:45:30 <andythenorth> tomorrow then! 21:45:31 <TrueBrain> it will do it for you if you press the button 21:45:39 <andythenorth> I will press the button after coffee 21:45:48 <andythenorth> then nobody can MITM my train pixels 21:45:50 <TrueBrain> the ONLY thing you might need to do, not sure, is a lambda@edge for / -> /index.html 21:45:57 <andythenorth> I read about that 21:46:05 <andythenorth> I don't rely on index pages for directories 21:46:06 <andythenorth> I think 21:46:17 <andythenorth> explicit paths to .html 21:46:26 <TrueBrain> https://gist.github.com/TrueBrain/0941b1ecb8da68ce2117fae981726f47 21:46:30 <TrueBrain> in case you do want to add it 21:46:34 <andythenorth> thanks 21:46:48 <TrueBrain> it is what OpenTTD uses :) 21:46:58 <TrueBrain> right, sleep time 21:47:00 <andythenorth> my world has always been do routes in the application stack or webserver 21:47:05 <andythenorth> edge stuff is new and funky 21:47:08 <andythenorth> anyway sleep 21:47:08 *** Progman has quit IRC 21:47:14 *** andythenorth has left #openttd 21:49:44 <DorpsGek_III> [OpenTTD/OpenTTD] JGRennison commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJUYD 21:49:45 <DorpsGek_III> [OpenTTD/OpenTTD] JGRennison commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJUYy 21:57:20 *** sla_ro|master has quit IRC 21:59:10 *** Wolf01 has quit IRC 21:59:48 *** nielsm has quit IRC 22:08:01 *** Samu has quit IRC 22:36:33 *** HerzogDeXtEr has quit IRC 23:08:25 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz updated pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/Jf9yI 23:09:27 *** keoz has quit IRC 23:21:08 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJUZw 23:29:46 <DorpsGek_III> [OpenTTD/OpenTTD] techgeeknz commented on pull request #8217: Port GUI rendering improvements from JGRPP https://git.io/JJUZF 23:40:26 *** gelignite has quit IRC