Announcement

Collapse
No announcement yet.

PUBLIC-NOTICES: Forum Changes/Fixes. Any Questions?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Chrome 58.0.3029.110, can't view the forums because of a NET::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN error
    it = ? what did you delete before you restarted Chrome?

    Comment


    • Originally posted by qumqats View Post
      Chrome 58.0.3029.110, can't view the forums because of a NET::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN error
      it = ? what did you delete before you restarted Chrome?
      For pinning errors since cert upgrades for Chrome, FireFox, Safari, etc:

      * https://linux-audit.com/deleting-out...ns-in-firefox/
      * https://linux-audit.com/delete-a-hst...pin-in-chrome/
      * http://classically.me/blogs/how-clea...major-browsers

      And some cross-over in this:
      * https://www.thesslstore.com/blog/cle...hrome-firefox/

      Procedures for purging old pinning and HSTS/HPKP and pins for several browsers.

      Please report what works and what does not.
      Last edited by TheCotMan; 05-30-2017, 09:14 AM.
      tiny font: _. ___ _... ___ _.. _.__ .._ ... . ... __ ___ ._. ... . _._. ___ _.. . ._ _. _.__ __ ___ ._. .

      Comment


      • Originally posted by TheCotMan View Post

        For pinning errors since cert upgrades for Chrome, FireFox, Safari, etc:

        * https://linux-audit.com/deleting-out...ns-in-firefox/
        * https://linux-audit.com/delete-a-hst...pin-in-chrome/
        * https://www.thesslstore.com/blog/cle...hrome-firefox/

        And some cross-over in this:
        * https://www.thesslstore.com/blog/cle...hrome-firefox/

        Procedures for purging old pinning and HSTS/HPKP and pins for several browsers.

        Please report what works and what does not.
        Thank you for the response
        I followed the instructions in the second link to delete the HSTS key pin for the forum.defcon.org and defcon.org domains and it is now working! :)

        Comment


        • Originally posted by qumqats View Post

          Thank you for the response
          I followed the instructions in the second link to delete the HSTS key pin for the forum.defcon.org and defcon.org domains and it is now working! :)
          Thanks for the feedback!
          -Cot
          tiny font: _. ___ _... ___ _.. _.__ .._ ... . ... __ ___ ._. ... . _._. ___ _.. . ._ _. _.__ __ ___ ._. .

          Comment


          • You might have noticed that the forums slowed down a couple weeks ago, that's because the main server failed on reboot and couldn't locate its own BIOS. We switched to a backup system that is noticeable slower and that's what we are running on now.

            Lucky for us the new hardware has arrived and I'm configuring it this week and hope to be able to switch the forums over on Friday. It should be even faster than the server that failed, just in time for last minute con planning.

            We'll keep everyone informed. Wish us luck!

            DT
            The Dark Tangent: Use PGP Key ID: 0x5D2405E5 for sending me email
            PGP Fingerprint: D121 EAAE D1B6 3D2E A0B1 953F FFAF A718 5D24 05E5

            Comment


            • Originally posted by Dark Tangent View Post
              You might have noticed that the forums slowed down a couple weeks ago, that's because the main server failed on reboot and couldn't locate its own BIOS. We switched to a backup system that is noticeable slower and that's what we are running on now.

              Lucky for us the new hardware has arrived and I'm configuring it this week and hope to be able to switch the forums over on Friday. It should be even faster than the server that failed, just in time for last minute con planning.

              We'll keep everyone informed. Wish us luck!

              DT
              I noticed the slowdown, today after doing some upgrades. Usually, I run a check of the DB after significant upgrades, but the slower hardware caused a timeout to falsely complain of DB troubles because it took too long to complete!

              Yeah, the other hardware was faster. Looking forward to the new.

              In other news, completed more maintenance on the forums. Down time was like 2 periods lasting less than 30 seconds over 5 minutes, and the rest of the time was kicking the tires and realizing the forums do not have tires.

              Please report problems since upgrade here, and if unable, then to forum mail: defconforums@gmail.com

              Thanks!
              -Cot
              tiny font: _. ___ _... ___ _.. _.__ .._ ... . ... __ ___ ._. ... . _._. ___ _.. . ._ _. _.__ __ ___ ._. .

              Comment


              • Forums updated, you may see bugs or new features. Please post your questions or problems here. Thanks!
                The Dark Tangent: Use PGP Key ID: 0x5D2405E5 for sending me email
                PGP Fingerprint: D121 EAAE D1B6 3D2E A0B1 953F FFAF A718 5D24 05E5

                Comment


                • Thank's DT! Anything in particular you want us to check out?

                  Comment


                  • Dark Tangent
                    Dark Tangent commented
                    Editing a comment
                    Usually when things go wrong it's with posting, or not being able to delete something. If anything acts up just post here, or if posting doesn't work email or twitter @defcon

                • SERVER HARDWARE UPGRADE ANNOUNCEMENT:

                  On Tuesday I'll swap servers and expect we'll be down for a few hours. The new server should be much faster and will replace the "emergency" server we had to switch to right before DEF CON 25.

                  This is all part of a migration of the forums that will be happening over the next few months.

                  - New hardware
                  - Updated software and O/S

                  Then I'll start a re-vamping of the layout of the forums to simplify things. I'll start a forum thread on that and invite everyone to comment, but the gist of it is this:
                  People are using the forums less as they use other social media more. The one thing the forums does well is help organizers of contests and events have a central place to make announcements, and it is a central place for con organizers to point people to for updates and conversations. The other aspects of the forums don't get that active. So with that in mind how do we change the flow of the forums to mae it easy for people to find a contest or event, learn about it, and get involved? How to make participation easier? That's what we will be building towards.

                  First, though, is hardware and software updates. :-)
                  The Dark Tangent: Use PGP Key ID: 0x5D2405E5 for sending me email
                  PGP Fingerprint: D121 EAAE D1B6 3D2E A0B1 953F FFAF A718 5D24 05E5

                  Comment


                  • We are back up, but will be recompiling to match the new hardware, etc. So expect a bumpy ride for a few days. Let us know if you experience any strange issues beyond not being reachable. Thanks!
                    The Dark Tangent: Use PGP Key ID: 0x5D2405E5 for sending me email
                    PGP Fingerprint: D121 EAAE D1B6 3D2E A0B1 953F FFAF A718 5D24 05E5

                    Comment


                    • Dark Tangent
                      Dark Tangent commented
                      Editing a comment
                      This weekend Cot and I are working on recompiling and updating some software, and there may be some ups and downs. Once the software is up to date and happy I'll start working on some basic design changes and exploring some design options.

                  • Right now email notifications don't work so no new signups are working. I am working on it!
                    The Dark Tangent: Use PGP Key ID: 0x5D2405E5 for sending me email
                    PGP Fingerprint: D121 EAAE D1B6 3D2E A0B1 953F FFAF A718 5D24 05E5

                    Comment


                    • Dark Tangent
                      Dark Tangent commented
                      Editing a comment
                      Using ktrace and help from an expert to see what is going on. Looks like a bug in one of the modules we rely on.

                  • The problems persist, I'm going to try and do a clean install of some of the software and see if that helps. It looks like we possibly had two conflicting versions of a module, one included with PHP and one included in libc. Under certain circumstances (Sending confirmation email) it would load both.
                    The Dark Tangent: Use PGP Key ID: 0x5D2405E5 for sending me email
                    PGP Fingerprint: D121 EAAE D1B6 3D2E A0B1 953F FFAF A718 5D24 05E5

                    Comment


                    • Here is what is going on in the background, slowly. I am working to remove the duplicate iconv that is preventing the new account confirmation emails from being generated, as well as trying to simplify upgrading in the future. Right now the disk space is being increased to allow for more backups so if I make a mistake it will be easy to revert to a previously working snapshot.
                      The Dark Tangent: Use PGP Key ID: 0x5D2405E5 for sending me email
                      PGP Fingerprint: D121 EAAE D1B6 3D2E A0B1 953F FFAF A718 5D24 05E5

                      Comment


                      • Originally posted by Dark Tangent View Post
                        Forums updated, you may see bugs or new features. Please post your questions or problems here. Thanks!
                        Hey DT,
                        FYI. Was trying to send (2018-02-22) a PM and kept receiving "Request Timeout" messages when I hit "Post", with no message sent.
                        Then tried to use the "contact forum account support" link at the bottom of the page to send a note about that & I received a (408) Request Timeout and the message wasn't sent.

                        Comment


                        • ONGOING EMAIL ISSUES UPDATE:

                          We are still suffering from an ongoing issue of not being able to have the forums send email, so no accounts can get verified and not email notifications are going out. Using ktrace the problem has been identified, libiconv is somehow loaded twice and freaks out when called, but despite all kinds of tweaking I can't get it to be happy.

                          The solution may be to do a complete re-install and move the database over, and that is what I will start working on. It will take time because we are in super production build up to DEF CON China, but I'll start laying the foundations.

                          Those who have accounts working are fine, it just sucks that new people can't sign up yet.
                          The Dark Tangent: Use PGP Key ID: 0x5D2405E5 for sending me email
                          PGP Fingerprint: D121 EAAE D1B6 3D2E A0B1 953F FFAF A718 5D24 05E5

                          Comment

                          Working...
                          X