Show Idle (> d.) Chans


| Results 251 ... 500 found in trilema for 'f:Naphex' |

Naphex: mircea_popescu: aye, rezolv de toate
Naphex: and some other gimmicks :P
Naphex: mircea_popescu: yeah ofcourse,we got some romanian playboy model
Naphex: you're welcomed to join http://www.awsummit.com/
Naphex: doing the launch
Naphex: williamdunne: will actually be in mamaia from saturday
Naphex: ofc
Naphex: never got into chans
Naphex: (has no idea what 8chan is )
Naphex: https://xotika.tv/#/development pretty countdown is on :P
Naphex: Adlai: that'd be probably more dumb :P
Naphex: davout: as far as I know its written in c# and runs on wind0s
Naphex: davout: didn't they switch to AlphaPoint Trading Engine?
Naphex: who would've tought
Naphex: how sweet
Naphex: so.. bitfinex hacked. just as they switched to AlphaPoint and Microsoft servers
Naphex: and you more knowledgeable into what runs where
Naphex: mircea_popescu: a good attacker will do discovery, and map everything ahead of time. while there are some pluses into deviating from the toolset. they mostly come from building your own. which is going to end up better fitted for the task
Naphex: Pierre_Rochard: nice kick on that bucket with gavin :))
Naphex: weak even
Naphex: that kindly asking for stuff is so weka
Naphex: trinque: man you deserve op status, maybe you can kick one or two :))
Naphex: doh!
Naphex: floppy drives no longer usefull? turn em into backdoors
Naphex: lmao :))
Naphex: sorry, forgot the quotes
Naphex: For many of the affected virtualization products, a virtual floppy drive is added to new virtual machines by default. And on Xen and QEMU, even if the administrator explicitly disables the virtual floppy drive, an unrelated bug causes the vulnerable FDC code to remain active and exploitable by attackers.
Naphex: hehe, might not be the best source
Naphex: Khipus, the ancient blockchains. Had much of the security model as well
Naphex: pete_dushenski: found this on your blog http://www.fooledbyrandomness.com/GIF.pdf it was just what i needed atm. awesome thanks! :P
Naphex: pete_dushenski: https://youtu.be/WXhyD0QOw6s?t=1289 is a classic one too :D lmao
Naphex: pete_dushenski: doez yoo think the media have changed?:)
Naphex: Time-Price* Comparator->
Naphex: you use binarySearch with a Time-Price to find the insertion point for your order. Thus your list/map will always be sorted
Naphex: williamdunne: and with binary insert it can do a lot more then tha
Naphex: williamdunne: you aren't doing 'real-matching'. those stats aren't really saying much
Naphex: williamdunne: the good option is to hire the right people and develop an engine according to your infrastrucutre and needs
Naphex: williamdunne: anyway trading engines are not that hard to write, they do require some experience to get right.
Naphex: servers *
Naphex: williamdunne: what davout said. C# is a disadvantage though. You'd have to be crazy to run trading infrastructure on windows sesrvers
Naphex: !rate HoreaV -10 Horea Vuscan former 'CEO' of BTCXchange.ro. Overall scammer and crook. Avoid!
Naphex: !rate -10 HoreaV Horea Vuscan former 'CEO' of BTCXchange.ro. Overall scammer and crook. Avoid!
Naphex: !rate williamdunne 1 young and climbing up
Naphex: !rate williamdunne 1 young climbing up
Naphex: !rate fluffypony 2 Riccardo Spagni of #b-a/monero. Responsible for OpenAlias which kicks ass
Naphex: !rate fluffypony 2 Riccardo Spagni of #b-a/monero. Responsible for OpenAlias which kicks ass
Naphex: !rate fluffypony 2 freenode:#bitcoin-otc:c479d5a2f2e4c3ba71a05a521eb58cd80bebebf35f842bbc4730962b
Naphex: mircea_popescu: https://eprint.iacr.org/2014/161.pdf for bitcoin related sidechans
Naphex: anyway. i'm off. gn
Naphex: to defend from any exposing dos attacks
Naphex: having a annonymous ip is dandy. but no way anywhere near as enough. you still have to implement most of the stuff i said above especially the filtering part
Naphex: local is always a threat as well, no matter where you airgap
Naphex: trinque: that's airgapped gpg. you can implement gpg all over. Not sure how much airgapping it helps. A lot of sidechannel attacks comming up nowadays that can grab keys
Naphex: so when you say system, how deep/high do we go?
Naphex: trinque: how would you define perfect security?
Naphex: well ain't that security?
Naphex: i see now that the term secure was the problem. how about hardened?
Naphex: and not by the NSA, by some kid with some scripts
Naphex: but if you have nothing you will be fucked and quickly
Naphex: or have to internal networking
Naphex: no jimmies rustled. most of that stuff is necessary whenever you have more servers
Naphex: dude, i was giving my 2 cents on what people can do to harden up
Naphex: oh, i tought you hated it
Naphex: :D good one!
Naphex: gn.
Naphex: oh wow, just read the news. so bitgo finally popped with the worst mistake they can make?;o
Naphex: see i don't have to care
Naphex: you and your shitty github page
Naphex: well fuck off then
Naphex: oh
Naphex: gabriel_laddel: can you tell me anything about it?
Naphex: gabriel_laddel: maybe other people wanna know and ask questions
Naphex: gabriel_laddel: maybe other people want to know too, i will check the link
Naphex: gabriel_laddel: what is it?
Naphex: gabriel_laddel: hi o/ thanks for the links, what is Masamune? did you write it?
Naphex: trinque: do you consider your solutions secure?
Naphex: trinque: have you any protection in place for the payment data and the orders?
Naphex: do you worry about 0days? and attacks?
Naphex: trinque: how do you keep the payment data secure?
Naphex: trinque: what do you do?
Naphex: )))
Naphex: and really, i hate the way they look
Naphex: ben_vulpes: the button
Naphex: :P
Naphex: cause it shit, and the paranthesis suck
Naphex: as i will on clisp
Naphex: you were shiting on it
Naphex: and i wasn't advocating it
Naphex: yeah jvm does its job what of it?
Naphex: what's wrong with them?
Naphex: asciilifeform: which part of it was garbage?
Naphex: decimation: yeah, you can do a lot of stuff. depending on far you want to go
Naphex: keep your stuff safe. i try to
Naphex: anyway. words ain't much to me and I ain't one to duke it out on irc for random bullshit
Naphex: anyway, what i was saying is you take steps 'secure' or tape your stuff always, and you don't feed raw data to your apps if you can filter the input beforehand.
Naphex: trinque: is it the word secuire thats the problem, s/secure/replace/ ?
Naphex: trinque: okay. make your point
Naphex: williamdunne: ipsec is end-to-end
Naphex: so maybe you setup, ipsec.. or something to keep that channel encrypted.
Naphex: so people don't snoop on it. maybe its private
Naphex: trinque: and you might want the data transfered between them, you know encrypted
Naphex: trinque: if you have servers, and they are linked together maybe you're using a DC Switch
Naphex: trinque: lol, you think encrypted lans are 'enterprise'
Naphex: or protect yourself, any techniques?
Naphex: do you do anything to prevent?
Naphex: asciilifeform: i do work, explain me in tehnical terms
Naphex: to*
Naphex: i'd like the learn
Naphex: preach me the 'secure' way please
Naphex: asciilifeform: how do you defend from 0days? on the stuff you host?
Naphex: is it secure?
Naphex: asciilifeform: do you do any net code? in what?
Naphex: asciilifeform: are your servers secure ascii?
Naphex: wtf are you talking about really?
Naphex: to be secure
Naphex: well i have no clue what you're saying is too complex
Naphex: which situation?
Naphex: huh?
Naphex: i agree ;]
Naphex: asciilifeform: in your private encrypted lan maybe
Naphex: burying*
Naphex: asciilifeform: and you defend from 0 days as always. running hardened and buring your servers while filltering all input
Naphex: asciilifeform: the languasge and jre are pretty fine. when it comes to enterprise stacks and j2ee it goes all around
Naphex: asciilifeform: getting any shellcode anywhere would be retarded
Naphex: asciilifeform: there won't be any 0days in the basic stuff. There are rarely buffers in the stack. And everything is accounted for. NIO/events/the threads etc are all safe and you don't give raw user input to them
Naphex: asciilifeform: and you get all sorts of added on. as well the standerd jre is pretty clean. most of the exploiting fun is on j2ee app servers and other enterprisey thingies
Naphex: asciilifeform: applets are applets and security issues are all around. being a good dev implies taking care with deploying your product
Naphex: well its better to learn from best practices on these kind of things and drill down
Naphex: trinque: boot time is fast anyway
Naphex: trinque: genkernel is pretty helpful on servers with firmware for building a quick initramfs
Naphex: trinque: or hardened-sources for production
Naphex: trinque: it is in portage, you do an emerge for gentoo-sources
Naphex: later you can keep on recompiling the kernel
Naphex: but if you wanna learn on aws go for it. if you just want to set up chroot and start bootstrapping
Naphex: trinque: i like doing it once and then just reusing the config on the same hardware :P
Naphex: trinque: gentoo doesn't even have iptables defaulted, so as soon as his done he'll end up recompiling
Naphex: trinque: yeah but might as well just skip the kernel.
Naphex: mod6: i'd just do the chroot thing and getting it done. doing a custom kernel won't help you much running in a hypervisor
Naphex: why lose that capability. hide it and use it for fun
Naphex: mircea_popescu: all there is left to do now is grep for secrets :P
Naphex: mircea_popescu: well if they do the breakout they'll surely rootkit the hypervisor kernel as well. so doubt they'll ever find out :P
Naphex: trinque: i guess, as i see they use xen. imho letting xen guests define the kernel is a sure way of suffering when they manage to break out of the hypervisor :P
Naphex: trinque: does amazon load the kernel or just skips it?
Naphex: mod6: if you need the other syslogs like wtmp,btmp,lastlog you'll probably have to hardlink them in log. But that should be it
Naphex: mod6: 1) kill already started services, especially any syslog running. 2) mount sysfs, procfs, and /dev (binded) 3) chroot it :P
Naphex: make sure you kill the other running stuff before
Naphex: get the latest stage, unpack it and chroot it
Naphex: aye
Naphex: mod6: i never used AWS. But i doubt you could switch the kernel. but the chroot should solve your issues
Naphex: mod6: unpack a stage3 and chroot it. set it up
Naphex: mod6: why not just kill most of the stuff running on the AMI and do a chroot and set that up
Naphex: mod6: i roll my own gentoo's. what's the problem with amazon?
Naphex: williamdunne: how will the order handler know who to serve and which order to execute?
Naphex: an order should have a timestamp, side, quantity, and price if it has a limit
Naphex: williamdunne: sounds reduntant
Naphex: you can group orders by price sure, but thats just for 'display'
Naphex: williamdunne: how do you define an order?
Naphex: williamdunne: how will the order handlers do that?
Naphex: atleast get a unique id or something and use that instead of time:p
Naphex: williamdunne: well, you can't have dup data so you need a unique field. Price will have duplicated data :P
Naphex: the map will always be sorted
Naphex: as long as you don't have duplicated data ( and you shouldn't)
Naphex: williamdunne: you do that with a map and binary insert with a Price-Time Priority comparator
Naphex: don't trash the mem :P
Naphex: williamdunne: what you should be doing is just using a regular map, and doing binary insert into it
Naphex: cause you could easily beat that
Naphex: williamdunne: do you do your own locking or use the locking from that Map library?
Naphex: 13:59 <+Naphex> williamdunne: seems like a lot of needless complexity, just use a map with random access(if you need it) and the new stream api's. should be enough performance increase. pre-alloc the memory for the map first if arraycopy is bringing the performance down.
Naphex: anyway, what else is cooking
Naphex: is that better ?:)
Naphex: Clisp
Naphex: what makes it so pernicious?
Naphex: asciilifeform: how so?
Naphex: luckily*
Naphex: luckaly the lisp chef will have his shit serverd and all wrapped in paranthesis :)
Naphex: asciilifeform just has some spaz when he hears java. same thing when i hear about lisp
Naphex: williamdunne: seems like a lot of needless complexity, just use a map with random access(if you need it) and the new stream api's. should be enough performance increase. pre-alloc the memory for the map first if arraycopy is bringing the performance down.
Naphex: williamdunne - Map library for what?
Naphex: !down Naphex
Naphex: 21:43 <assbot> Request successful, get your OTP: http://w.b-a.link/otp/39b3a19008c7bb56
Naphex: i'm authed with assbot, but it keeps devoicing me at timeout. wonder how long i can keep it going :P
Naphex: might as well get ready for govcoin. MIT, DCI, bitcoin devs, something something whitehouse
Naphex: which were paying the girls on behalf of jasmin i think
Naphex: also there was some raid a month ago and basicly disbanded some wierd paxum companies
Naphex: mircea_popescu: yeah. much of numbers surprise me :P
Naphex: williamdunne: yep. pre-regs and referals and romania is full of studios
Naphex: getting pre-regs, and stuff done meanwhile
Naphex: williamdunne: yeah, and most of the advertising and promo starts in june to match with some conference. so why rush it
Naphex: williamdunne: pretty good. been doing lots of working and on the last mile for xotika
Naphex: williamdunne: hey man. how goes it?
Naphex: mircea_popescu: great! getting ready for launch on the last run. been busy as hell. how was the conference? sorry i couldn't make it :/
Naphex: o/
Naphex: :D
Naphex: gotta hit em high :P
Naphex: we'll also have product presentation and some other fun stuff at http://www.awsummit.com/ro/ ;p
Naphex: 100+ regs
Naphex: went into pre-registering and some pub. pretty good so far
Naphex: mircea_popescu: http://xotika.tv
Naphex: yeah fixed. was a failed attempt to try to get a staging env faster
Naphex: so i just stopped the contract and moved to a normal DC
Naphex: lol
Naphex: i tried out some BTC provider and they had a stupid rule of cutting the upstream when you get more then 65k packets/s
Naphex: no worries. had to switch servers and DC's
Naphex: mircea_popescu going good. going into pre-registers while using the amount of time left to polish :D
Naphex: hi o/
Naphex: fluffypony: people can be total retards especially on reddit. And btcxchange.ro wasn't hacked! It was closed down by its bussiness owner like a retard.
Naphex: some MLM Ponzi scheme that has been hypeing in Romania lately
Naphex: mircea_popescu: http://www.romania-insider.com/mcoin/144725/ looks like you got cited :D
Naphex: o/
Naphex: o/
Naphex: ben_vulpes: fixed it. thanks for the heads up o/
Naphex: >>> He is also famous for sending the entire userbase the email address of the entire userbase. This is the sort of moron early Bitcoin attracted. | lmao!
Naphex: so much fiteing on reddit nowadays
Naphex: which is even more retard it
Naphex: yeah but they just send it upwards
Naphex: and essentialy just defraud their aquantances when it busts?
Naphex: do they get busted? they use real names I assume
Naphex: is this the early stages, or just selectively picking idiots?
Naphex: thing is this guys seem to be starting from local, so basicly ruining any market
Naphex: i'm just amazed. that people will "invest" that high amount and do zero dilligence
Naphex: mircea_popescu: apparently they are official google partners as well :O
Naphex: lmao. that ByExpress scam is insanely funny and totally retarded https://www.youtube.com/watch?v=bJMJJIaIurs#t=604 . How are they even hooking anyone on this :o
Naphex: mircea_popescu: same here. one hour and cold ;o
Naphex: bitcoinquestions: so where do you get the money from?
Naphex: too bad most delivery around where i live is crap ;o
Naphex: :o
Naphex: i'd probably use it, when i'm really toned.
Naphex: !up mandarin
Naphex: hehe
Naphex: fluffypony: its porn though :D
Naphex: and a bitcoin exclusive. i'll keep it down low a bit until i get closer to launch date :D
Naphex: fluffypony: well its going to be something really fun :)
Naphex: nothing much, working a lot lately
Naphex: :))
Naphex: sup fluffypony

|