JogAmp IRC Chat Logs

#jogamp @ irc.freenode.net - 20130515 05:06:34 (UTC)

20130515 05:06:34 -CatOut- Previous @ http://jogamp.org/log/irc/jogamp_20130514050620.html
20130515 05:06:34 -CatOut- This channel is logged @ http://jogamp.org/log/irc/jogamp_20130515050634.html
20130515 06:22:40 * DemoscenePassiv (~Lutsche@anon) has joined #jogamp
20130515 06:52:53 * DemoscenePassiv (~Lutsche@anon) Quit (Ping timeout: 248 seconds)
20130515 07:01:54 * [Mike] (~Mike]@anon) Quit ()
20130515 07:53:09 * xranby (~xranby@anon) has joined #jogamp
20130515 15:59:17 * sgothel (~sven@anon) has joined #jogamp
20130515 15:59:17 * ChanServ sets mode +v sgothel
20130515 15:59:34 <sgothel> Good day .. back.
20130515 15:59:46 <sgothel> Catching up w/ email ..
20130515 16:10:29 <rmk0> 'lo
20130515 16:10:41 <rmk0> pleasant... holiday?
20130515 16:10:44 <rmk0> if it was one
20130515 16:12:30 <sgothel> Yes, thx. St. Pertersburg is a nice and ole city, well rebuild after WW2 destruction (ahem .. good that I am too young to feel guilty :)
20130515 16:12:36 <rmk0> hehe
20130515 16:12:49 <sgothel> castles .. good ole houses .. nice, now back in our little quite city
20130515 16:12:59 <sgothel> have to adjust spam filter it seems
20130515 16:19:01 <sgothel> NEWT keypad cursor keys: We need to use the non keypad types, since X11 (installations) and Windows only report them as normal UP/DOWN/.. keys. Guess we can live w/ that and remove VK_KP_UP/..
20130515 17:22:11 * DemoscenePassiv (~Lutsche@anon) has joined #jogamp
20130515 17:37:41 * hharrison (~chatzilla@anon) has joined #jogamp
20130515 17:48:48 <sgothel> http://blog.martin-graesslin.com/blog/2013/05/mir-in-kubuntu/ http://blogs.kde.org/2013/05/08/notes-breakout-sessions-mataro-sessions-ii
20130515 17:49:45 <sgothel> my thinking so far: Wayland support in 2014 .. Mir ? Maybe .. doesn't matter that much .. or add a Qt support layer.
20130515 17:52:59 * xranby1 (~familjen@anon) has joined #jogamp
20130515 18:05:01 <xranby1> welcome all
20130515 18:05:30 <sgothel> Hi Xerxes, Hi All
20130515 18:05:59 <xranby1> sgothel: hi there how was your journey?
20130515 18:06:44 <xranby1> we have been observing people in space during the past days, at least I have
20130515 18:06:48 <sgothel> nice & interesting .. thx (see remark above) .. big ole city
20130515 18:06:59 <sgothel> hu ?
20130515 18:07:20 <sgothel> 'space' ? I do occupy some .. :)
20130515 18:07:40 <xranby1> https://www.youtube.com/watch?v=KaOC9danxNo - Chris Hadfield sings David Bowie's "Space Oddity" in space!
20130515 18:08:14 <sgothel> oh .. ISS, where you can see stars even at daylight (*hint*hint*) :)
20130515 18:09:06 <xranby1> Chris and his crew returned back to earth about one day ago, i was up at 2am watching the soyuz capsule lock its door and return down to earth
20130515 18:09:38 <sgothel> good that all went well
20130515 18:10:03 <xranby1> they landed safely in the fields of Kazakhstan
20130515 18:10:20 <sgothel> quite a field trip :)
20130515 18:10:36 <xranby1> quite a world rock tour i say!
20130515 18:11:07 <sgothel> let me try to see it .. our local music license monopoly may hinder watching such youtube clips :)
20130515 18:11:30 <xranby1> well yes haha you will be missing this one
20130515 18:12:10 <sgothel> not 'censored' yet .. sweet :)
20130515 18:12:23 <xranby1> sgothel: btw, i hacked in basic java sound sound into the x11 backend so that it would playback something
20130515 18:12:25 <sgothel> daylight .. and stars .. nice
20130515 18:12:37 <xranby1> for the ffmpegmediaplayer
20130515 18:12:49 <sgothel> oh oh ..
20130515 18:13:11 <xranby1> and added poor mans A/V sync
20130515 18:13:18 <sgothel> yes, will work w/ you on this nice work package
20130515 18:13:26 <xranby1> well have to fix the native video frame stuff
20130515 18:13:31 <sgothel> today recap .. etc ..
20130515 18:13:32 <xranby1> buffer
20130515 18:13:39 <sgothel> sounds great
20130515 18:15:02 <xranby1> mir hmm the russian space station
20130515 18:15:29 <xranby1> and a display server yes http://kdubois.net/?p=1845 - Friendly Mir Links
20130515 18:17:06 <xranby1> right now Ubuntu Developer Summit, UDS, is on.. this year its all done online
20130515 18:17:43 <xranby1> http://summit.ubuntu.com/uds-1305/
20130515 18:18:46 <xranby1> http://summit.ubuntu.com/uds-1305/meeting/21757/client-1305-mir-thrash-testing/
20130515 18:19:12 <sgothel> http://mer-project.blogspot.fi/2013/04/wayland-utilizing-android-gpu-drivers.html
20130515 18:19:13 <xranby1> if someone wants to follow mir development that is
20130515 18:19:28 <sgothel> Me? Not really :)
20130515 18:19:51 <sgothel> Will sit and wait .. IMHO Martin's summary says / covers it all ..
20130515 18:22:54 <xranby1> i will have to check Martin's sumamry then
20130515 18:23:56 <sgothel> he tries to stay technical, even though it's hard after all that Ubuntu bad acting (false claims, hidden non sharing development (Jolla), .. license, ..)
20130515 18:24:41 <sgothel> At least Wayland is driven as an Xorg project.
20130515 18:36:07 <sgothel> We have a vulnerability in OpenAL32.dll which we distribute in JOAL ..
20130515 18:37:55 <sgothel> Hmm .. have to dump it somewhere ..
20130515 18:38:12 <sgothel> 'they' close w/ 'Do not hesitate to contact us for more details.
20130515 18:38:12 <sgothel> We have identified more than 30 RCE vulnerabilities in JOAL.
20130515 18:38:12 <sgothel> FuzzMyApp Team'
20130515 18:40:14 <sgothel> Is it 'normal' to not show the source code when working on vulnerabilities ? Or do they seek 'compensation' for detail ? :)
20130515 18:43:05 <sgothel> Remote Code Execution (RCE) .. aha
20130515 18:43:35 <sgothel> is there a Java Class decompiler avail today anymore ?
20130515 18:44:32 <xranby1> email blackmaling?
20130515 18:44:48 <sgothel> that is the question :)
20130515 18:45:04 <sgothel> I will sent you (anybody else interested here?) the email .. unencrypted
20130515 18:45:42 <xranby1> sure i can take a look, i mean cailm without proof is hard to do anything about
20130515 18:46:14 <sgothel> it's a full jar/jnlp .. binary .. but I don't like to test it w/o source code .. or decompiled classes .. :)
20130515 18:46:28 <sgothel> JAD is too old ..
20130515 18:47:38 <xranby1> i am surprised there is so fiew opensource decompilers
20130515 18:47:40 <sgothel> sent
20130515 18:48:52 <sgothel> looks like a business model .. hmm :)
20130515 18:50:32 <sgothel> looks more like .. they can feed crap to OpenAL impl. / binary .. and _IFF_ using another native component, they may be able to exploit it
20130515 18:51:15 <sgothel> i.e. hooking something to that 0xdeadbeef PC .. :) - well, I guess there might be tons of those things possible
20130515 18:51:42 <sgothel> so as long you don't allow another evil native lib .. all is good, dunno ..
20130515 18:55:43 <sgothel> > We have identified more than 30 RCE vulnerabilities in JOAL.
20130515 18:55:43 <sgothel> > Please give me some time to prepare them for you.
20130515 18:55:43 <sgothel> >
20130515 18:55:43 <sgothel> > PS. Would it be a problem for you to coordinate CVE notification?
20130515 18:55:43 <sgothel> >
20130515 18:56:03 <sgothel> how to do 'CVE notification' ?
20130515 18:56:27 <hharrison> Would appreciate that email
20130515 18:56:34 <sgothel> looks all good / professional ? I guess ?
20130515 18:57:33 <xranby1> looks ok from my point of view
20130515 18:58:11 <sgothel> sent ..
20130515 18:58:28 <sgothel> I thought .. they should disclose source code as well .. hmm
20130515 19:01:23 <hharrison> Ooo, they're fuzz testing, fun
20130515 19:06:39 <sgothel> sent a reply w/ both of you involved
20130515 19:16:45 <sgothel> Ok .. I will catch up w/ bugs etc for now .. if any of you find a good *free* java-class decompiler .. or any other further infos .. please post.
20130515 19:29:32 <xranby1> sent a reply to both of you
20130515 21:06:51 * xranby1 (~familjen@anon) has left #jogamp
20130515 21:58:28 <sgothel> awesome, so 'fuzzymyapp.com' are good to us :)
20130515 22:03:53 * DemoscenePassiv (~Lutsche@anon) Quit (Ping timeout: 252 seconds)
20130515 22:39:36 <hharrison> indeed
20130515 22:42:04 <hharrison> I wonder what led them to scan the jogamp stuff though
20130515 22:42:30 <sgothel> maybe some of 'em (or their customers) simply use our stuff :)
20130515 22:43:36 <hharrison> Judging from the name, looks like the android work you've done just paid off a little
20130515 22:45:36 <sgothel> our 'right of existence' seems to click more and more ..
20130515 22:46:05 <sgothel> sure .. in an ideal world, nobody should require our stuff :)
20130515 23:35:59 * void256 (~void@anon) has joined #jogamp
20130516 00:05:42 * void256 (~void@anon) Quit (Remote host closed the connection)
20130516 00:56:39 * hharrison (~chatzilla@anon) Quit (Ping timeout: 256 seconds)
20130516 03:11:25 * masterzen_ (~masterzen@anon) has joined #jogamp
20130516 03:13:50 * masterzen (~masterzen@anon) Quit (Ping timeout: 245 seconds)
20130516 03:48:12 * [Mike] (~Mike]@anon) has joined #jogamp
20130516 05:05:47 -CatOut- Continue @ http://jogamp.org/log/irc/jogamp_20130516050547.html