Previous day | Jump to hour: 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | Next day

Seconds: Show Hide | Joins: Show Hide | View raw
Font: Serif Sans-Serif Monospace | Size: Small Medium Large

Click in the nick column to highlight everything a person has said.
The Logo icon identifies that the person is a core developer (has commit access).

#rockbox log for 2016-03-20

00:01:51 Quit MasterplasterPL (Quit: Leaving)
00:07:24 Quit bertrik (Remote host closed the connection)
00:07:59 Join bertrik [0] (~quassel@rockbox/developer/bertrik)
00:08:45 Quit lebellium (Quit: ChatZilla 0.9.92 [Firefox 45.0/20160303134406])
00:16:19 Join metaphys [0] (~metaphysi@
00:18:19 Quit metaphysis (Ping timeout: 246 seconds)
00:23:40 Join metaphysis [0] (~metaphysi@
00:26:01 Quit metaphys (Ping timeout: 244 seconds)
00:33:43 Quit TheSeven (Ping timeout: 246 seconds)
00:34:52 Join TheSeven [0] (~quassel@rockbox/developer/TheSeven)
00:37:01***Saving seen data "./dancer.seen"
00:43:23 Quit metaphysis (Ping timeout: 248 seconds)
00:51:42 Quit FSanches (Quit: Leaving.)
00:55:18 Quit petur (Quit: Leaving)
00:56:49 Nick suYin is now known as suYin`OFF (
01:01:28 Quit bertrik (Ping timeout: 250 seconds)
01:11:51 Join metaphysis [0] (~metaphysi@
01:28:37 Quit ender` (Quit: Curious that we spend more time congratulating people who have succeeded than encouraging people who have not. -- Neil deGrasse Tyson)
01:30:36 Quit krnlyng (Ping timeout: 244 seconds)
01:32:10 Quit __builtin (Quit: ZNC 1.6.3 -
01:34:31 Join __builtin [0] (~franklin@unaffiliated/franklin)
01:43:43 Join krnlyng [0] (
02:02:54 Quit metaphysis (Quit: metaphysis)
02:21:29 Quit krabador (Quit: Take The Time)
02:37:05***Saving seen data "./dancer.seen"
02:49:47 Quit TheSeven (Ping timeout: 248 seconds)
02:51:02 Join TheSeven [0] (~quassel@rockbox/developer/TheSeven)
03:14:33 Nick [Saint] is now known as [Saint__] (~hayden@rockbox/staff/saint)
03:14:37 Nick [Saint__] is now known as [Saint] (~hayden@rockbox/staff/saint)
03:40:08 Join JdGordon_ [0] (~jonno@rockbox/developer/JdGordon)
03:41:57 Join ZincAlloy1 [0] (
03:43:04 Quit JdGordon (Ping timeout: 246 seconds)
03:43:45 Quit ZincAlloy (Ping timeout: 248 seconds)
03:57:39 Join JdGordon [0] (~jonno@rockbox/developer/JdGordon)
03:59:55 Quit JdGordon_ (Ping timeout: 244 seconds)
04:15:28 Join nlogex [0] (
04:19:20 Quit ZincAlloy1 (Quit: Leaving.)
04:37:07***Saving seen data "./dancer.seen"
05:20:23 Quit shamus (Ping timeout: 260 seconds)
05:21:08 Join shamus [0] (
06:00:03 Quit [Saint] (Ping timeout: 250 seconds)
06:01:41 Join [Saint] [0] (~hayden@rockbox/staff/saint)
06:37:09***Saving seen data "./dancer.seen"
06:45:31 Quit Tristitia (Remote host closed the connection)
07:17:03 Quit nlogex (Ping timeout: 260 seconds)
07:33:50 Join JdGordon_ [0] (~jonno@rockbox/developer/JdGordon)
07:37:07 Quit JdGordon (Ping timeout: 250 seconds)
07:53:17 Join la [0] (779da9fa@gateway/web/cgi-irc/
07:53:20 Quit la (Client Quit)
07:54:50[Saint]What a hilariously broken site.
07:55:17[Saint]A banner advertisement that covers half the title banner, and offers a "skip ad" button that closes the entire page.
07:55:30[Saint]...well done ninja advertisers.
07:56:20[Saint]I /probably/ wouldn't hit that url if you're on a windows box and not aggressively stopping in-page scripting.
07:57:50[Saint]The 'skip ad' button is pretty...odd, it ends up at ''
08:25:39 Join advcomp2019_ [0] (~advcomp20@unaffiliated/advcomp2019)
08:36:31 Quit [Saint] (Read error: Connection reset by peer)
08:36:49 Join [Saint] [0] (~hayden@rockbox/staff/saint)
08:37:11***Saving seen data "./dancer.seen"
09:36:49 Join einhirn [0] (
09:40:40 Quit einhirn (Client Quit)
09:52:21 Join rela [0] (~x@pdpc/supporter/active/rela)
10:01:33 Join petur [0] (~petur@rockbox/developer/petur)
10:05:40 Join ender` [0] (
10:37:14***Saving seen data "./dancer.seen"
10:40:00 Join lebellium [0] (
11:10:22 Join pamaury [0] (~pamaury@rockbox/developer/pamaury)
11:30:41 Quit pamaury (Ping timeout: 250 seconds)
11:36:33 Join bertrik [0] (~quassel@rockbox/developer/bertrik)
11:45:36 Quit rela (Ping timeout: 240 seconds)
12:00:26 Nick suYin`OFF is now known as suYin (
12:26:55 Quit soap (Read error: Connection reset by peer)
12:27:25 Join soap [0] (~soap@rockbox/staff/soap)
12:37:18***Saving seen data "./dancer.seen"
12:53:38 Join krabador [0] (~krabador@unaffiliated/krabador)
13:15:10 Join pamaury [0] (~pamaury@rockbox/developer/pamaury)
13:47:26 Quit pamaury (Ping timeout: 252 seconds)
13:49:50 Join pamaury [0] (~pamaury@rockbox/developer/pamaury)
13:50:03 Join FSanches [0] (
14:00:56 Quit pamaury (Ping timeout: 260 seconds)
14:05:00 Quit FSanches (Remote host closed the connection)
14:11:04 Quit petur (Quit: Leaving)
14:12:22 Quit krabador (Ping timeout: 260 seconds)
14:25:35 Join krabador [0] (~krabador@unaffiliated/krabador)
14:37:22***Saving seen data "./dancer.seen"
14:38:35 Join pamaury [0] (~pamaury@rockbox/developer/pamaury)
14:42:19 Quit JanC (Ping timeout: 276 seconds)
14:46:08 Join JdGordon [0] (
14:46:08 Quit JdGordon (Changing host)
14:46:08 Join JdGordon [0] (~jonno@rockbox/developer/JdGordon)
14:48:23 Quit JdGordon_ (Ping timeout: 240 seconds)
14:51:31 Quit bluebrother (Disconnected by services)
14:51:36 Join bluebrother^ [0] (~dom@rockbox/developer/bluebrother)
14:52:37 Join fs-bluebot_ [0] (
14:55:11 Quit fs-bluebot (Ping timeout: 260 seconds)
14:55:19 Join JanC [0] (~janc@lugwv/member/JanC)
15:17:14 Quit utrack (Ping timeout: 244 seconds)
15:36:30 Join nlogex [0] (
15:44:09 Join utrack [0] (~u@unaffiliated/utrack)
16:03:39*__builtin has been thinking about a rockbox-based security device lately
16:04:05__builtinlike this, but in software:
16:05:10__builtinespecially the external RSA implementation
16:07:21__builtinI guess the hard part would be making it fast enough on a DAP
16:12:44__builtinthis looks promising though:
16:13:47 Join ZincAlloy [0] (
16:14:25 Join Jinx [0] (Dojo@unaffiliated/jinx)
16:15:56__builtinhmm, so 1.94 seconds to encrypt with RSA-2048 on an 8 MHz atmega
16:16:36__builtinbut more than 90 seconds to decrypt ._.
16:18:59__builtinand then there's the issue of finding a good entropy source
16:25:58__builtinregarding speed though, the target is probably going to be a 80MHz CPU, so assuming a linear speedup with clock rate, then it's 9 seconds for decryption
16:26:17__builtinwhich isn't totally unacceptable
16:27:47Slasheriyou cannot really compare an 8-bit cpu to a 32-bit cpu
16:28:32__builtinit's just a rough estimate
16:31:16Slasherivery rough estimate, most likely not even close. 32-bit cpu would be way faster, probably magnitudes faster with more useful instruction set, wider registers and so on
16:34:02__builtinyeah, which is good
16:37:25***Saving seen data "./dancer.seen"
16:42:27 Join xorly [0] (
17:28:38*pamaury tries to implement a custom Qt View with a custom delegate with a custom item editor which should be able to resize itself and update the model when it does...that's tricky !
17:30:48 Join rela [0] (~x@pdpc/supporter/active/rela)
17:37:30bluebrother^ok guys, I'm considering to drop OS X 10.4 and 10.5 support, at least for our release binaries.
17:37:38bluebrother^any thoughts on that? Objections?
17:38:18bluebrother^since the current OS X is 10.11 these days our user base on 10.5 and earlier shouldn't be big. If there are any at all.
17:57:31 Join Saratoga_ [0] (ac3817c3@gateway/web/freenode/ip.
17:58:13Saratoga_Bluebrother: sounds OK
17:58:31pamaurybluebrother^: how old is OS X 10.4 and 10.5 ?
17:59:20[Saint]pamaury: 2004~2005ish
17:59:27pamauryah yeah that's old :)
18:00:55[Saint]We should probably drop Rockbox support.
18:01:01[Saint]Makes OSX Tiger look young. ;)
18:01:32[Saint](was 10.4 Tiger? ...I wanna say yes.)
18:02:01[Saint]Oh. I was off some years. 10.4 is 2007 apparently.
18:03:19gevaertsWhat was the powerpc cutoff?
18:03:46gevaertsWas there an intel 32 bit cutoff?
18:04:35gevaertsAnd what's the money-for-upgrade policy for those versions?
18:04:48*gevaerts thinks they can probably be dropped, but he thinks those three questions are relevant :)
18:06:41gevaertsAh, 10.5 was the last powerpc one, and 10.6 was the last 32 bit one
18:07:24gevaertsOf course I don't know if the current build still supports either of those anyway
18:09:09bluebrother^10.6 was the intel cutoff
18:10:00bluebrother^and starting with 10.8 OS upgrades are free.
18:10:23bluebrother^though not all old machines run newer versions. Unsurprisingly :)
18:10:59bluebrother^Intel Core ends with 10.6. Core2 at least 10.9, depending on the machine
18:11:20gevaertsThey went to intel in 2006, so any surviving powerpc machine is ten years old now
18:11:24bluebrother^my years-old mini (with core2duo cpu) is still supported by current (10.11)
18:11:36gevaertsWhich is of course still newer than most DAPs that run rockbox :)
18:12:33bluebrother^problem is that you also need to use Qt4 for PPC support. And AFAIU current xcode doesn't ship ppc support anymore since years either.
18:13:02gevaertsI'd say dropping ppc is fine by now
18:15:15bluebrother^btw, I'm not planning to drop support from the code. Just the binaries.
18:15:50bluebrother^though I don't have any means to test on ppc and usually don't build for that anymore, so it might end up broken ...
18:15:54 Quit Saratoga_ (Ping timeout: 252 seconds)
18:16:11bluebrother^otoh, given the amount of changes we have in Rockbox Utility that shouldn't happen too soon :)
18:17:23gevaertsI suspect even dropping 10.6 would be fine, but if there's no current need for that...
18:17:58bluebrother^actually, Qt 5.6 enables c++11 support, which requires at least 10.7 :)
18:18:13bluebrother^but then staying at Qt 5.5 for now is not a big issue
18:18:38gevaertsThe last 10.6-at-the-latest machine was sold in august 2007
18:19:03bluebrother^so we need to wait another year to make it 10 years ;-)
18:19:17gevaertsUsing c++11 means actual development anyway :)
18:22:00gevaertsDropping 10.7 would mean dropping machines sold in 2009. That *would* get a little harsh for my tastes
18:22:12gevaertsBut then that's not in any way needed for anything
18:22:30[Saint]Your taste?
18:22:38*[Saint] agrees
18:28:18bluebrother^so. My plan is to try to find some time for a Rockbox Utility 1.4.1 the next couple of weeks. I might use the old build setup for that, but at least after that I won't build for ppc / 10.5 anymore.
18:29:27 Join JdGordon_ [0] (~jonno@rockbox/developer/JdGordon)
18:32:18 Quit JdGordon (Ping timeout: 248 seconds)
18:32:18gevaertsSounds good
18:37:27***Saving seen data "./dancer.seen"
18:41:32 Join JdGordon [0] (~jonno@rockbox/developer/JdGordon)
18:44:25 Quit JdGordon_ (Ping timeout: 244 seconds)
19:00:29 Quit Strife89 (Ping timeout: 244 seconds)
19:01:34 Join Strife89 [0] (
19:12:45 Join einhirn [0] (
19:27:29 Quit einhirn (Quit: Miranda IM! Smaller, Faster, Easier.
19:55:13 Quit pamaury (Ping timeout: 244 seconds)
20:15:10 Quit krnlyng (Quit: krnlyng)
20:15:42 Join krnlyng [0] (~liar@
20:37:31***Saving seen data "./dancer.seen"
20:45:57__builtinhow would a rockbox-based crypto device communicate with a computer?
20:46:51[Saint]why would someone do such a thing?
20:47:26__builtinto protect their keys
20:48:00[Saint]on a device that can't offer any protection whatsoever for any content?
20:48:15__builtinthe keys would be symmetrically encrypted and be unlocked by a user password
20:50:00[Saint]and then what, pass it out plaintext after the fact over USB?
20:50:22[Saint]I seem to be missing something. This sounds to me like a convoluted solution to a problem no one has.
20:50:31__builtinno, it would perform the encryption on the device and spit out encrypted data
20:51:36gevaertsOne thing most crypto devices do is *not export private keys*, not even passphrase-encrypted
20:51:49[Saint]so you'd be doing complex encryption on a DAP when the host could do it orders of magnitude quicker? I'm lost.
20:51:53gevaertsThat doesn't block everyone, but it *is* useful, and I don't see you do that on a DAP
20:52:08__builtinit keeps the keys reasonably safe
20:52:31[Saint]and then dilutes that with way more points of failure.
20:52:47[Saint]and degrades the whole thing by running on shitty 15 year old DAP silicon.
20:53:06gevaertsI think that if you have that sort of requirements, things like a yubikey are cheap enough not to compromise
20:54:12 Quit nlogex (Quit: WeeChat 1.4)
20:59:18__builtinwhy not make it free?
20:59:49gevaertsMake what free? You can't do the same thing
21:00:00[Saint]Because a shitty solution that is free is still a shitty solution.
21:00:46__builtinit's obviously not going to be as secure as a purpose-built device
21:01:34__builtinbut it's better than having your encryption keys sitting on a hard drive waiting to get stolen
21:01:43gevaertsThere's also the thing that that sort of thing *has* to be done by people who really know what they're doing
21:01:54gevaertsBecause if not, there's literally no guarantee at all
21:03:12[Saint]Not that I think anyone would actually use it, but, wouldn't opening it up present some pretty serious issues for reversal?
21:03:36__builtinpardon me?
21:03:44[Saint]and since it lives inside an open OS, on a device with no practical way of offering any meaningful security...
21:04:34__builtinif the device gets stolen there's no security beyond the symmetric crypto, yes
21:04:36[Saint]s/no practical way of offering any meaningful security/no security period/
21:04:56gevaertsIf you mount de filesystem regularly, I don't think you gain much
21:05:19gevaertsAnd if you don't, you basically use your DAP exlusively for crypto, and then it's more expensive than a yubikey
21:06:27__builtinwell, you could (in theory) modify the USB mass storage driver to prohibit the reading of the blocks the key is on over USB
21:07:06gevaerts[Saint]: I believe the intended adversary here is a remote attacker
21:07:33__builtinyeah, as I said, nothing works if the device gets stolen
21:07:53gevaertsWill you block rockbox updates though?
21:09:04__builtinthe DAP could lcok itself down when it's attached for the purpose of security
21:09:06*[Saint] hard a really hard time not seeing rockblox
21:09:18[Saint]once again, dualboot.
21:09:38[Saint]not locking down shit in the OF now are we?
21:09:46__builtinagain, this doesn't guard against the device getting stolen
21:10:01__builtinit guards against someone getting remote access to your computer and stealing your keys
21:10:43[Saint]If someone has remote access and that level of escalation you have much bigger issues to consider.
21:11:59__builtinit still protects your keys
21:12:39gevaertsI think you could offer *some* extra security, but I also think it's minor enough that it's not worth doing. Especially since the entire implementation (which includes most of rockbox) is unlikely to be written with security in mind
21:12:40[Saint]how so? if we assume the attacker has remote access what's to stop them from just sniffing up USB traffic as well? Or pulling straight from RAM?
21:13:10gevaerts[Saint]: the point is that the *device* does the encryption, so the key doesn't get to USB
21:13:18[Saint]I really doubt this presents any serious obstacle to an attacker with remote access and a level of execution that is meaningful.
21:13:42__builtinand presumably the device would require user interaction before performing an operation
21:15:11[Saint]wait, I thought this was just a keystore? I guess I got confused. I guess then I'd revert back to "why would anyone want a DAP to be handling their encryption at the ridiculous pace it could manage?
21:15:36__builtinbecause it's not so ridiculous after all, considering the possible use-cases
21:15:42gevaerts[Saint]: you're not using it for full-disk encryption, presumably
21:16:08[Saint]anything over a few MB is going to be pretty bloody painful.
21:16:20__builtinan 8MHz microcontroller can perform RSA-2048 decryption/signing in 90 seconds
21:16:26gevaertsBut there are *many* usecases that don't need megabytes
21:16:43[Saint]if that's the _only_ thing it is doing, __builtin, yes. It can.
21:16:55[Saint]In this instance we know that's pretty unlikely though.
21:17:53[Saint]I could see this making some sense on a single target.
21:18:01__builtinmost of rockbox's targets are an order of magnitude faster than that
21:18:02gevaertsThe thing is that whatever you build will still be fairly full of holes, which means that it would be very dangerous for uninformed people to use
21:18:06[Saint]Nano 2G. Where we can actually use the HW crypto unit.
21:18:14gevaertsAnd then I'm not sure if providing it is a good thing
21:18:23__builtin[Saint]: it's an AES core, right?
21:18:39gevaertsAh yes. If you have *that*, things might get a lot more realistic
21:18:39[Saint]I believe so.
21:18:46 Join JdGordon_ [0] (~jonno@rockbox/developer/JdGordon)
21:19:09__builtinthat won't really help much, I don't think
21:19:29gevaertsDoes it offer secure key storage?
21:19:41__builtinthe only thing it could use AES for is key storage
21:19:53[Saint]Secure from "people", or from us?
21:20:17[Saint]Actually I'm not too sure either is true. Hmmmm.
21:20:21gevaertsSecure from people who forgot their electron microscope at home
21:20:43gevaertsAs in, you put a key in there, and then you can have the crypto unit *use* they key but you can't ask for it back
21:20:49[Saint]Well, it wasn't secure from Mr. Sparrman. So lets assume no. :)
21:21:13gevaertsThat's not what happened, was it?
21:21:21gevaertsHe didn't *extract* they key
21:21:24__builtinit can't perform RSA though
21:21:31 Quit JdGordon (Ping timeout: 244 seconds)
21:37:38 Quit xorly (Quit: I quit, that is all)
21:37:52 Join JdGordon [0] (~jonno@rockbox/developer/JdGordon)
21:41:00 Quit JdGordon_ (Ping timeout: 248 seconds)
21:50:08 Join XL-R8 [0] (5ceb1cde@gateway/web/freenode/ip.
21:51:35XL-R8How ya lads/lasses, new rockbox user here and trying to fine tune my ipod classic to give me the best in features and battery/ram, any suggestions/hints or tips for me :)
21:58:50 Quit XL-R8 (Ping timeout: 252 seconds)
22:37:35***Saving seen data "./dancer.seen"
22:50:33 Join pamaury [0] (~pamaury@rockbox/developer/pamaury)
22:58:23 Quit rela (Ping timeout: 250 seconds)
23:09:54__builtinwell, you probably don't want to be replacing any parts beyond (maybe) the HDD
23:10:01 Quit pamaury (Ping timeout: 240 seconds)
23:10:03 Quit lebellium (Quit: ChatZilla 0.9.92 [Firefox 46.0/20160316065941])
23:10:20__builtinthere's very little to gain from "modding" it beyond that
23:15:49__builtinnot to mention that it very probably won't work
23:17:33[Saint]He's gone bud.
23:17:56__builtindang, ZNC doesn't show it
23:18:02__builtineven with buffextras
23:18:20[Saint][2016 03 21 09:51:37] <XL-R8> How ya lads/lasses, new rockbox user here and trying to fine tune my ipod classic to give me the best in features and battery/ram, any suggestions/hints or tips for me :)
23:18:20[Saint][2016 03 21 09:58:52] <−− XL-R8 (5ceb1cde@gateway/web/freenode/ip. has quit (Ping timeout: 252 seconds)
23:19:03__builtin7 minutes!
23:25:52[Saint]Well...we can only in good consciousness give him credit for 3 of those minutes.
23:26:05[Saint]FOr the other 4 minutes he was stuck in a lag shitstorm.
23:26:19[Saint]Who's to say he wouldn't have left sooner if his client didn't fuck out. :)
23:36:09__builtinregarding the "rockbox crypto device", I suppose it could present itself as an HID device and type out its output
23:36:29__builtinthe problem is then getting input to sign/decrypt
23:38:02[Saint]and HID being pretty fucky on pretty much everything.
23:39:21__builtinIs there a specialized protocol for this? The Googs are giving me nothing
23:42:55__builtinahh, there's ISO/IEC 7816
23:52:52saratogado you really want rockbox for this and not a microcontroller? you can get one with built in USB HID stacks for a couple bucks
23:55:37__builtinI guess it's not the best platform for this...

Previous day | Next day