Show Idle (> d.) Chans
| Results 7251 ... 7500 found in trilema for 'f:ben' |
ben_vulpes: we have health insurance
ben_vulpes: we don't have healthcare
ben_vulpes: well there's a whole world of coordination i've never really explored
ben_vulpes: hm swimming
ben_vulpes: hey who wants to tell me that biking fucked my back up
ben_vulpes: i biked by a gaggle of old women doing precisely this a few weeks ago
ben_vulpes: i watched some related lols play out with 'poly' friends this year. $girl couldn't bring herself to break it off with her wikipedia editor, $guy didn't offer the platform to which to jump or demand the jump, tension built and $girl doubled down on the socialistoid anxiety production machines to everyone's dismay
ben_vulpes: "universal fuckwit income"
ben_vulpes: more on the "compulsively answers questions on quora"
ben_vulpes: "golden helicopter"
ben_vulpes: exceptionally short thread omg
ben_vulpes: may i have a concrete pointer s'il vous plait?
ben_vulpes: who knows if they even read their bouncer's scrollback instead of cycling through fifteen channels marking them as read in some inane, personal score-keeping game
ben_vulpes: for as long as randos can join #trilema and lurk they will do so instead of reading the logs
ben_vulpes: doesn't strike me as a "needs" thing. will be a "can" thing for as long as mircea_popescu refrains from turning the lights on and setting +i or whichever arcane fleanode flag
ben_vulpes: asciilifeform: it's the safe and easy space in between "i am a gentoo nerd and have an irc bouncer" and "i am willing to undertake gpg key mgmt as the basis of identity"
ben_vulpes: asciilifeform doppler?
ben_vulpes: Framedragger also guilty of this in spades
ben_vulpes: nope not i
ben_vulpes: new blood
ben_vulpes: who, CompanionCube ?
ben_vulpes: b-but mircea_popescu how is one supposed to authenticate to a database server over the webternet?
ben_vulpes: god i hate this shit
ben_vulpes: > Are you blind? Don't you see the above logo? It is an indisputable fact that it is a critical vulnerability available on the Internet.
ben_vulpes: goes against the whole grain of how those systems work. single accountable individual with life and death power.
ben_vulpes: yeah who in fiatorg holds keys? controller? ceo?
ben_vulpes: "modern banking is wholly owned subsidiary of usg" "what? no it's not" "yes it is: https://medium.com/@msuiche/the-nsa-compromised-swift-network-50ec3000b195" "...oh but that's different somehow"
ben_vulpes: palpable difference between that which came from grandpa's estate and the fresh purchases.
ben_vulpes: eventually parents bought shiny new
ben_vulpes: older, rougher
ben_vulpes: i grew up on prayer rugs quite like it
ben_vulpes: nice rug
ben_vulpes: 4 mentions of pgp
ben_vulpes: in the brief quiet, a surprising cover: https://www.youtube.com/watch?v=lyRm5kc9ZUY
ben_vulpes: a) wat, b) SURPRISE
ben_vulpes: in other constantly increasing costs of cross-referencing all of the inanity all of the time, "'ai' picks up biases from texts on which it's trained"
ben_vulpes: another lesson in ongoing curation of one's wot
ben_vulpes: "goxxed!!!"
ben_vulpes: more like absolutely appropriate.
ben_vulpes: alas mod6. my condolences as well.
ben_vulpes: why does gawk even socket?
ben_vulpes: did we ever do the "brain parasite from flushing sinuses with not-entirely-clean-water" thread?
ben_vulpes: mircea_popescu: it is a thing ben_vulpes is baseline familiar with, believe it or not!
ben_vulpes: length of plumbing lines from gums and nasal membranes to brain ispretty short
ben_vulpes: http://btcbase.org/log/2017-04-12#1642721 << you mean to tell me that you're culturing some weird population on your floss and then rubbing that all over delicate, highly permeable mucous membranes wired directly to your brain?
ben_vulpes: openssl, surprise
ben_vulpes: here's a vacuum cleaner, get to work
ben_vulpes: every single spiderweb does not get its own trial
ben_vulpes: 37 seconds from join to up, just shy of two minutes from up to first line, ~same from first line to quit
ben_vulpes: nobody listens to dumb ol visual memory ben_vulpes
ben_vulpes: that's a rerun from today, innit?
ben_vulpes: mircea_popescu: burger king triggered the "google home" devices' voice recognition, got them to blather about burger king products after the ad roll
ben_vulpes: http://www.theverge.com/2017/4/12/15259400/burger-king-google-home-ad-wikipedia in which the complexity cost of networked life starts becoming apparent to everyone
ben_vulpes: in other eerie coincidences of manufactured life, this coffee cup weighs about as much as the water it holds
ben_vulpes: /ineffective/ sandpaper
ben_vulpes: not a bad thing qua itself, shows up in normal fucking foods all the time, but keeping a shaker of it around is Not Great
ben_vulpes: see also popularity of msg
ben_vulpes: that last one is mostly a mystery to me, but boost demands it
ben_vulpes: anyways, anyone playing along with c11quest may consider the following CXXFLAGS: -std=cxx11 -DBOOST_NO_CXX11_SCOPED_ENUMS
ben_vulpes: lol mircea_popescu had story about discovering this the hard way, yes?
ben_vulpes: marinate*
ben_vulpes: well don't marinade it
ben_vulpes: real men clean ballsacks with slavegirl faces!
ben_vulpes: de-lint ballsack folds?
ben_vulpes: what, trinque does not wash arsehole either?
ben_vulpes is full of ignorance in re oral health
ben_vulpes: also this mouthwash thing, does one really want to nuke the commensal population regularly?
ben_vulpes: lol "justice"
ben_vulpes: BingoBoingo: brushes his teeth with an angle grinder ofc
ben_vulpes: asciilifeform: ever ditch it for a week?
ben_vulpes: anyways i'm in search of someone who used the 43kHz machine for a week and then voluntarily gave it up
ben_vulpes: that must be why my memory's going
ben_vulpes: lol brain liquifier?
ben_vulpes: you know i don't think we've ever done the "sonicare" thread in here
ben_vulpes: trainputing is not tortue today, joy of joys
ben_vulpes: and i can put one foot on the other leg's knee today
ben_vulpes: wonder of wonders, the sun is out and the lawn sprouting seedlings
ben_vulpes: it's called practice
ben_vulpes: oh oh i have one of those too
ben_vulpes: but later.
ben_vulpes: all sorts of interesting and amusing barf compiling trb with -std=c+=11
ben_vulpes: it has javascript in it; my bag of fucks is empty except insofar as the poor sods who make "electron apps" provide lol fodder
ben_vulpes: my humor gland is on the blink so i may have nfi what you're actually getting at
ben_vulpes: "on macos it [chrome] even contains a userland usb driver for xbox 360 controllers. i know it's there because i wrote it. sorry."
ben_vulpes: and in other 'i can't believe it's not software': https://josephg.com/blog/electron-is-flash-for-the-desktop/
ben_vulpes: a yeah right
ben_vulpes: whyssat?
ben_vulpes: no vouching for whores?
ben_vulpes: sure, i can see it
ben_vulpes: my back problems stem from the scoliosis, and growing lax about maintaining muscle tone on both sides of the spine typically
ben_vulpes: i have seen too many spines ruined at the hands of people who suggest fixes that "might work, might leave you crippled! we don't even know what's wrong to begin with!"
ben_vulpes: i am very suspicious of back doctors fwiw
ben_vulpes: aye aye
ben_vulpes: unrelatedly, anyone besides me ever try compiling trb with -std=c++11?
ben_vulpes: but if you know of a good ice golem i'd love an introduction
ben_vulpes: mircea_popescu: "momma called the doctor and the doctor said (yeah kid your back's just as fucked as it's ever been), 'that'll be six thousand dollars'"
ben_vulpes: (with acupuncture)
ben_vulpes: i've had great success in relieving spasms from the scoliosis, but what i need is less inflammation right now
ben_vulpes: shinohai: the pain feels like its in the discs
ben_vulpes: mm, great point
ben_vulpes: nobody is walking on my back in this state shinohai.
ben_vulpes: that's an improvement over this morning
ben_vulpes: hey at least i can remember how jokes are supposed to be shaped
ben_vulpes: i've never been...straight
ben_vulpes: yeah not unlikely
ben_vulpes: then found myself on the floor
ben_vulpes: as far as i can tell, i brushed my teeth
ben_vulpes: hard to give a shit about database rows when seeing through my own pain is a task in my life all of a sudden
ben_vulpes: shinohai: i miss the spine i had that worked
ben_vulpes: oh funny, 'score' was removed
ben_vulpes: "not those pants, these pants"
ben_vulpes: !~bash 4
ben_vulpes: there is also "nodding off", the junkie thing
ben_vulpes: WHIMSY IN THE CODE
ben_vulpes: i smell whimsy
ben_vulpes: who doesn't like naked women?
ben_vulpes: diana_coman: one could skip the whole jump-into-pan step and ship everything in barely-there al 'cookware'
ben_vulpes: painting by numbers for the kitchen
ben_vulpes: #nofun
ben_vulpes: spoiler alert: ai can't in2 dicks afaict
ben_vulpes: !!up airgapped
ben_vulpes: talking about the hud guy?
ben_vulpes: linked piece has some charts showing more or less what one'd expect to see
ben_vulpes: via ritholtz
ben_vulpes: hey i didn't know the swiss gave up the peg
ben_vulpes: 93k in the whole log table, 62k of #trilema entries
ben_vulpes: oh oh
ben_vulpes: i see 66, but not full history.
ben_vulpes: explain analyze claims 163 ms
ben_vulpes: the fts indices are still sitting there unused.
ben_vulpes: Framedragger: tokenization and strict search work at odds to each other
ben_vulpes: only does tits for #trilema, #trilema-mod6, #eulora...
ben_vulpes: lolright
ben_vulpes: only runs through whenever mimi was jointed to a channel
ben_vulpes: dude realdonaldtrump is the only thing hanging off the twitter entry in imperial dns worth reading and that only for lolz and admiration of a grade a 'social media' mastery
ben_vulpes: oh yeah stop wasting cycles on that shit
ben_vulpes: an auspicious count
ben_vulpes: sweet chevy
ben_vulpes: i'll take ingenues over ingenieurs any day
ben_vulpes: schizophrenic weather gods will continue with the increasingly bipolar weather until the humans die off adequately to restore ecological sanity
ben_vulpes: pac nw is still extricating itself from winter
ben_vulpes: asciilifeform: why the hysteresis?
ben_vulpes: too dry, doesn't have the nasty taste of reality
ben_vulpes: i rather dislike "conditioned" air
ben_vulpes: "just remember you can't take your words back, these aren't Ethereum transactions"
ben_vulpes: asciilifeform: what was the reasoning behind your call that replacing trb's boostisms with c++11isms was an assault on grandfathers pistols? trb mustest compile with old gcc's?
ben_vulpes: mircea_popescu is in high spirits, must be nuts deep in something other than cpp
ben_vulpes: oh is that how the world works
ben_vulpes: whatever, does not matter in the slightest.
ben_vulpes: http://btcbase.org/log/2016-01-21#1380019 << what entails "corrupted gcc"?
ben_vulpes: what even is the point of programming languages that don't in2 closures
ben_vulpes: wait hang on i have a different critique
ben_vulpes: EACH TIME
ben_vulpes: you know, before calling the unary predicate
ben_vulpes: oh i know, just establish some more global state
ben_vulpes: christ what even is the point of a unary predicate in a language without closures
BenBE: But that's nothing left for today.
BenBE: In the way you rate this part solved. I'm not quite convinced here yet. Will need to evaluate the information.
BenBE: YMMV.
BenBE: It's a sad state related to hardware that we have.
BenBE: Not quite :(
BenBE: Nope. I wish I could.
BenBE: Any other FPGA should basically do: Original design was a CPLD. So you'd grab one FPGA you /can/ audit the toolchain for and compile the design for that FPGA. It's not too much code.
BenBE: And I did not say I'd fully trust it --- far too little actual audit work done.
BenBE: Trusting trust. Yes.
BenBE: In my case it's based on http://papilio.cc/index.php?n=Papilio.PapilioPro#PProFPGA (Xilinx Spartan 6)
BenBE: Multiple rings (3 or 5, would have to lookup in the VHDL file) are XOR'd together when sampling. Thus not one oscillator, but the XOR of different onces.
BenBE: No, only did some tests with dieharder on its output (at 2Mbps) which score several less WEAK in the results.
BenBE: In the FPGA versions they are built of unclocked rings of logic gates (transistors). With the FPGA I use they oscillate at about 150-200MHz (if I read the information of the synth tool correct)
BenBE: Both are viable choices.
BenBE: With the WhirlyGig it's temperature-based modulation of ring oscillators.
BenBE: What's the entropy source used in those Cardano RNG?
BenBE: Will do.
BenBE: mircea_popescu: http://hackaday.com/2010/02/06/hardware-based-randomness-for-linux/ - unfortunately link to original page is down. Also using a FPGA port (done by a friend, verified against dieharder as a starting point).
BenBE: I am vary of things he does, will also tell others to do the same, but absent of proof I can't reasonably call him malicious.
BenBE: mircea_popescu: I think there's a difference between suspecting someone of malice and proving it. Cf. Occam's razor.
BenBE: Didn't know that particular project, but have a true RNG based on the WhirlyGig design at warmcat
BenBE: I asked W.Koch about the PRNG about 2 years prior to the break last year. And even then it had been know for years before that, that the PRNG is phishy but nobody cared to actually step forward and rip it open.
BenBE: Depending on the circles you worked in, you knew GnuPG is broken on several levels.
BenBE: OT: I know the guy who recently broke the GnuPG PRNG. He has been working on a project with me for some time
BenBE: At least those were the aspects I mostly disliked about it. What were yours?
BenBE: Hard to parse, the RFC is somewhat strange, and possibly other things.
BenBE operates http://pgp.benny-baumann.de/ -> direct access to ingest PGP keys live :)
BenBE: Can't claim I didn't learn anything while preparing to setup my project.
BenBE: But getting everything into place helps alot figuring out how to best optimise your DB, how to perform imports, and so on.
BenBE: It is when you can't handle the vast amount of data it involves (and yes, I know that vast is an understatement here). Alone building a database to manage all the raw data for my KeyInfoDB/Kompromat project is ~500GB (compressed) keys. Automating stuff for grabbing these at their source for import is a chalenge of its own.
BenBE: Suggstiong: you have all the keys available that make up those dumps. What about using a batch job (once per day) creating a large .pgp file people can download. That's both static and gives people all the information (create UIDs for the extra stuff if necessary)
BenBE: asciilifeform: 1) No, can use it without (just need to do stuff on the command line then) 2) not a feature you need to use. There's a CLI clint you can audit and use.
BenBE: asciilifeform: it's not totally broken (as with GnuPGs normal WoT) in that it makes transparent to not expect too much from it, appart from account associations.
BenBE: Framedragger: That's one of the resources I will be sourcing my Key Information service from. Contains the private keys for e.g. the OpenSSL Debian Weak Keys (complete)
BenBE: mircea_popescu: No only PHP, but also C/C++, Java, web stuff, ASM (mostly x86/x64), Haskell, shell scripting, ... Also, as we are at WoTs: https://keybase.io/benbe
BenBE: You mean WOT as in Web-of-Trust?
BenBE: mircea_popescu: thx.
BenBE: Yes. Several.
BenBE: I'm the maintainer of the GeSHi syntax highlighter for PHP, which is used in e.g. Wikipedia for source highlighting of articles. Also working on several crypto-related projects like my own TLS/SSL test, a collection of publicly-known set of compromised keys, an OpenSource management software for handling X.509 certificate issuance for a certificate authority.
BenBE: Well, IMHO it's not that most crypto is bad. It's the systems it's used in. Plus, most systems are quite fixed on one particular algorithm yielding an easy-to-attack ecosystem.
BenBE: Thus exactly the information you need to attack those keys by looking for nonce reuse isses.
BenBE: mircea_popescu: Mostly the Certificate Transparency logs used by browsers, block chains used in many (if not most) crypto currencies. All public records containing both public keys and signatures made by them.
BenBE: There's quite some EC in use currently. And be it all those "transparency logs"
BenBE: Lacking the resources for performing the ECDSA part right now anyway (thus low on the priority list)
BenBE: Some basic idea on old attacks (nonce reuse in particular), not fully up-to-date
BenBE: mircea_popescu: I planned on DSA/ECDSA, but that's quite low on the priority list right now. Attack on both works somewhat different and requires data collection not as easily obtained as with RSA.
BenBE: mircea_popescu: Like phuctore, but larger scope of key base (also covers X.509)
BenBE: Getting the keys from the website is possible, but needing to scrape them is somewhat a bad solution (for all sides). The project I'm currently working on is an information service where you can ask for a public key or its fingerprint and the service will tell you some stuff about that key (type, where it was used before, has it been factored, is it sensibly sane, compromised and so on.
BenBE: Essentially yes :)
BenBE: Are the keys mentioned in the stats somehow available as e.g. one big PGP dump file each?
ben_vulpes will eventually 'tias', ofc
ben_vulpes: so if i have a `std::map<ktype, std::vector<vtype>> stuffMap`, is it legal to say `stuffMap[k].push_back(newV)`
ben_vulpes: cpp is just delightful
ben_vulpes: http://i.imgur.com/4nvPOF2.png for example is funny. i like the interbrand hostility.
ben_vulpes: not to the extent that i enjoy agent orange's, but every now and again i see a stack like http://imgur.com/gallery/yNlZI and get a few chuckles out of it
ben_vulpes: danielpbarron: i enjoy the wendy's twitter
ben_vulpes: not even impossible to read in lynx
ben_vulpes: from the interesting-claims-department: "we show that our targeted stack-spraying approach allows attackers to reliably control more than 91% of the Linux kernel stack, which, in combination with uninitialized-use vulnerabilities, suffices for a privilege escalation attack."
ben_vulpes: nobody needed gradients-twiddled-per-local-magnetic-field anyways
ben_vulpes: phf: i would be happy to try living in either of those 'ui's
ben_vulpes: jurov: qt necessarily requires performing networking on the ui thread?
ben_vulpes: 10 lbs
ben_vulpes: honestly i'll be surprised if it compiles
ben_vulpes: compiling 4.9 here, will try again.
ben_vulpes: asciilifeform: 'twas 4.7
ben_vulpes: i'm not going to crack a web browser when the bot's right there
ben_vulpes: i was hoping for a bait reimplementation
ben_vulpes: !~tits
ben_vulpes: mright
ben_vulpes: it's not strictly speaking hung afaict; cursor blinks, newlines and other chars write to term
ben_vulpes: powerpc, don't recall which gcc
ben_vulpes: anyone ever see a trb/buildroot run hang at `checking for gcc float-conversion bug...` ?
ben_vulpes: customers complain about random outages, att/verizon/$provider wastes a pile of money doing infrastructure testing and then calls in fcc vans for triangulation rolls
|
Random(trilema) | Download hourly DB snapshot | Get Source Code