caaddr: and my vpatch was trivial work, I just wanted to report it here to avoid other ffa pioneers having to duplicate trivialities
trinque: caaddr: to date the only use I've seen is people put an expiration date on a key, then whine to me about swapping it out
asciilifeform: i will NOT be lowest-common-denominator-ing between all of the various gnu liquishit and the one actually-working gnat.
caaddr: I don't know if anybody is actually using PGP, now you mention it. outside of the serene republic
asciilifeform: mircea_popescu: i question the wisdom of keeping the gcc-ada bullshit on life support.
caaddr: it would be entertaining/devastating to survey how many users of PGP actually use the extra metadata besides the primes and exponent in the first place
mircea_popescu: which explains why gpg 1 has but gpg2 has not : by the time gpg2 came out, there was an absolute lower bound firmly in place, and well... TOO BIG. "people could never handle this!"
caaddr: because that's what they saw in a LEET PGP guide that somebody wrote in 2003. it's gotta be safe, it's a guide! on the web! copy and paste, try not to think too hard about what's formatting what
caaddr: primes, who could need those? what the user really needs are a hundred poorly named command line flags to manipulate a keychain state that they normally control using easily spoofed truncated fingerprints
caaddr: indeed. this inversion of "fundamental principles" with "implementation details best left hidden from the 'casual' user" is all of a pattern
mircea_popescu: they literally could not conceive HOW to give you those.
mircea_popescu: this may seem weird considering we've had numbers for a long time. but i am pretty certain that's what the problem is.
mircea_popescu: gpg doesn't "allow" the exporting of your own damned primes because IT DOES NOT KNOW HOW TO NOTATE THEM.
mircea_popescu: the OTHER however, plain idiocy as opposed to the malevolent sort, is perhaps best rendered as "missing formats".
mircea_popescu: one is, of course, the attempted building of a http://btcbase.org/log/2017-10-03#1719979
caaddr: as far as I can tell, you can either rewrite their shitware from scratch and surgically remove the primes yourself, or you can import it into the less damaged gpg1 to achieve much the same in a less irritating way
mircea_popescu: im certain that's not it. there's two causes of the by now well identified and documented pantsuit idiocy.
caaddr: something from the same book: gpg2 does not allow export of the two RSA primes, p and q, from a password protected key. it does not think that you *own your own primes*. the primes upon which your reputation rests
mircea_popescu: one day eric raymond came to mp and said "given enough eyes, all bugs are shallow" ; mp extended him the can of beluga roe he was dipping into : "here you go, a whole <<<new software movement>>>". eric raymond never understood what just happened.
mircea_popescu: caaddr this is amply discussed, generally under the "not as much as a fucking working cipher omfg"
caaddr: which revealed a general "caveman with microscope" level attitude towards that technology. it occurs to me that the fact nothing like phuctor existed before shows the same caveman approach to all of cryptography, not just blockchains
mircea_popescu: no there isn't, ben_vulpes fixed it!
caaddr: asciilifeform, remember you said something a while ago about there being a lack of basic tools for interrogating information contained within the blockchain?
mircea_popescu: caaddr empire ~stole the box, started quest for republican isp.
caaddr: can it be resurrected phoenix-like from the disk whereon it resides?
asciilifeform: caaddr: the number-crunching part was separate program, in c
mircea_popescu: ie the bridge from math to peoples.
mircea_popescu: caaddr iirc the webserver was pythonm
asciilifeform: caaddr: the www front end was in python
caaddr: I didn't know there was any python involved in phuctor. I see that http://trilema.com/2015/on-how-the-factored-4096-rsa-keys-story-was-handled-and-what-it-means-to-you/#comment-114249 mentions migration from python to GMP
asciilifeform: BingoBoingo: dun do so much good without the iron
asciilifeform: ( the only lappy that had an ACTUAL MOUSE inside it. pops out, no shit, from the side )
mircea_popescu: i don't expect anyone gives a shiot abput the gimmick.
BingoBoingo: <caaddr> what if there had been a multipart guide to building your own phuctor from scratch, *without* revealing the end purpose of the software until the end? would that have attracted more or less commentary? << No one wants to read more random python
asciilifeform: speaking of which, asciilifeform just uncrated a 'omnibook 800' , prolly the spiffiest dos portable ever made
mircea_popescu: the correlate of postmodern confusion is that i'd so much rather gouge out an eye than watch another benjamin-shithead movie.
caaddr: what if there had been a multipart guide to building your own phuctor from scratch, *without* revealing the end purpose of the software until the end? would that have attracted more or less commentary?
mircea_popescu: the cruise... "it's nice, i guess", but it doesn't fucking hurt and the stump doesn't bleed afterwards, why even bother.
asciilifeform: how did herr schicklegruber put it, 'england gave the english comfort and safety, and they barfed; i asked germany to give me blood, tears, death, and it gave gladly' or how it went
mircea_popescu: people WANT to be asked for parts of their own fucking body cut off with a half bent spork.
asciilifeform: possibly because did not trigger the boeck immune cells
mircea_popescu: i have a theory, and it goes like this :
a111: Logged on 2018-01-22 14:08 caaddr: I've been working on Chapter 1 of the ffalib guide
a111: Logged on 2018-01-22 13:23 diana_coman: I really can't begin to understand what exactly is that; some gems in there too with organisation making silk-purse out of a sow's ear and "every participant has the option to be that player" and ...
mircea_popescu: http://btcbase.org/log/2018-01-22#1773923 << well, i suspect they're countrymen. weren't they both from lebanon or somesuch ?
jhvh1: BingoBoingo: The operation succeeded.
trinque: I will be willing to import a key with the same parameters, but marked as E
asciilifeform: but yes gpg is retarded and no there isn't an easy workaround afaik other than to feed it what it wants
a111: Logged on 2018-01-19 01:57 mircea_popescu very much will refuse to consider random fucktards who spent 2012 going "oh, who pays for mpex seats" in the hope that "hey, i'll weasel my way back in through peripheral commentary anyway"
a111: Logged on 2018-01-22 13:19 diana_coman: wtf Taleb's"foreword to the book by Saifedean Ammous" on medium.com apparently: https://medium.com/@nntaleb/bitcoin-1537e616a074#---0-337
asciilifeform: http://btcbase.org/log/2018-01-22#1773921 << the entire taleb & friends circle, reminds me inescapably of http://btcbase.org/log/2018-01-19#1772872 / http://btcbase.org/log/2018-01-19#1772873 .
asciilifeform: the trb treatment.
ave1: also, the number of changed lines between release is very large (way too large for maintenance). It probably does not get better in later releases, just different.
ave1: Yes on restrict.adc plus it's the inline pragma that did not work for earlier FFA (adacore 2014).
a111: Logged on 2016-01-11 17:02 ascii_butugychag: the few precious things that ACTUALLY WORK, consistently, every time - your cpu's adder, the bus, etc. SHIT on postel.
asciilifeform: gnat has a deliberately brittle behaviour re the restriction pragmas -- if you use one it doesn't know about, it barfs. ( and i'm not even convinced that this is wrong. half of the appeal of ada is that it takes 'postel's law', rips off its head, and fucks the stump )
jhvh1: asciilifeform: The operation succeeded.
a111: Logged on 2018-01-22 16:04 ave1: re: http://btcbase.org/log/2018-01-22#1773970, it seems that gcc simply lags behind and a releases version will never be updated / fixed to newer adacore releases. AdaCore 2014 also cannot build FFA from the box
asciilifeform: !~later tell ave1 http://btcbase.org/log/2018-01-22#1774137 << re the 2014 : any particular reason aside from the contents of restrict.adc and the gpr's flags ?
asciilifeform doesn't 'fix that's either
trinque: ftr I will never "fix that". noob either says exactly what he did and helps me reproduce it, or gets ignored. I'm not comcast customer support.
asciilifeform: ( no expir date, or the like )
asciilifeform: there doesn't appear to be anything peculiar about his key.
trinque: how many times have noobs said deedbot didn't work, and how many times have they been right?
a111: Logged on 2018-01-22 15:23 deedbot: http://107.170.141.103/2018/vdiff-fixes/ << BARKS IN THE WIND - vdiff fixes
asciilifeform: http://btcbase.org/log/2018-01-22#1774125 << phf neato. mod6 : prolly this oughta go instead of the old one, in trb www.
ave1: re: http://btcbase.org/log/2018-01-22#1773970, it seems that gcc simply lags behind and a releases version will never be updated / fixed to newer adacore releases. AdaCore 2014 also cannot build FFA from the box
mod6: it's not in there yet, but this is so awesome.
mod6: it was a royal pita to get it to work... hopefully what I've posted here will work for you, others.
mod6: so in that case the hard nofile limit for root gets set to 2000000, and the soft to 1500000 and hanbot's get set to 1000000 each hard/soft. And then that one line is required in common-session.
mod6: hanbot: here's what I have currently running on an Ubuntu 14.04 box. I believe this to be all that is required, you can change the values as required, but I think one catch that I found is that root's ulimit needed to be set just a bit higher than the non-root user.
mod6: <+caaddr> http://btcbase.org/log/2017-12-02#1745440 << fwiw, in the end the version that worked for me, requiring no changes to alf's code was Adacore 2016.
asciilifeform: it led to microshit, konsoomerization, 'eternal september', all of these 'joys' that we still live in.
asciilifeform: the microcomputer was a massive step back, not merely technically ( that'd be fixable ) but sociopolitically.
caaddr: and a few other lisp-aware structures
asciilifeform: there's been no significant discoveries, in 80s or 90s.
caaddr: sure, but I'm just lamenting the negative differential of the progress curve. what are the big discoveries since 1990?
asciilifeform: hey and 'we have plumbing' but 'we' still shit between two bricks on the ground. in rural redit^H^H^Hindia that is
caaddr: instead we have... what do we have? we have the blockchain but we're still using dns. we have common lisp but we're still using scheme, or, worse, clojure. we have ada but we're using rust. "we" being "we the people", as in the redditoid masses
asciilifeform: or what existed on the bus, and where, also unknown
asciilifeform: the bolix arch itself, was never publicly documented. even something like the instruction set, is not fully known publicly
caaddr: anyway, see how sad the state of affairs is? we can't even reproduce the technology of the early 1980s, whereas we ought to have had nearly three decades now of advancement in this area
asciilifeform: worse is that we have nfi what the actual work of the fep ( other than in very approximate terms ) was
phf: shit, try cold booting a genera system, rebuilding the FEP, etc. you'll discover that those are non-trivial tasks requiring expert knowledge. that knowledge can be gained from what we have though, but it'll take you weeks or months to get there
asciilifeform: caaddr: it was ordinary genera, but came with a dec alpha emulator for the machine
caaddr: oh, that was OpenGenera too, the RISCised version
phf: all these things are reddit available "oh i saw link and played with it". try ~actually~ ~rebuilding~ a genera system from source code
caaddr: the full source is available, is it not?
phf: caaddr: my personal issue with resurrecting all these lisp machine architectures is that Genera really is the only interesting platform to build upon, and there's not enough source/details available ~at all~ to actually rebuild a genera system from first principles.
caaddr: even the power *switches*
asciilifeform: erything else thinks it has the right to do whatever .
caaddr: fun story: I tried to use vdiff with the busybox version of awk. this did not end with smiles and sunshine and laughter
asciilifeform: the problem with attempting to resurrect 1980s 'big iron' designs, however, is the unavailability of various formerly common ( and quite painful to emulate items ), e.g.,
asciilifeform: caaddr: if it's gone from the net, i'll stand up a mirror ( as soon as i have where to; currently between isps )
caaddr: "After a period of time, when no investors were found, the material assets of Gigamos, including the K-machine board sets, specifications, schematics, and printed circuit artwork were sold for salvage to Eli Hefron and Sons in Cambridge, MA. I purchased these materials from Eli Hefron and Sons and they are currently in my possession."
caaddr: "Unlike other Lisp Machines, the K-machine is not descended from Tom Knight's original CONS architecture; the K-machine is an original design."
asciilifeform: lmi iirc never was able to build even one unit of their non-cadr machine
phf: lmi also stayed closer to CADR for longer. at the very least later versions of S
asciilifeform: well they sold cadr clone
asciilifeform: caaddr: they shipped massive box of discretes .
asciilifeform: there's a reason why no sane ic layout, photoprocessing, etc tools exist today, and whole stack is a TB+ of winblowz liquishit for which foundries get charged $mils
phf: oh sure in a sense that daedalus was part of the IP packet
asciilifeform: what i meant is, betcha the daedalus tool ended up mit'd and 'licensed' out for money etc . and ended up going down with the bolix ship.
asciilifeform: nope, the bolix ns
phf: there was nothing "censored", it's just what was published are abstracts. litereally just reading corresponding AIMs will show you that you can't literally rebuild the cpu from them
phf: scheme-79 is not "whole thing published", which is something that i said in the logs multiple times also. there's AI memoes of variying detali, but the actual toolset, something called daedalus, and the corresponding daedalus files that actually describe the chip, are nowhere to be found. also dies will not be particularly interesting because the whole point of daedalus was semi assisted layout
caaddr: perhaps one day we'll be able to hang up a poster of the transistors that caused the FDIV bug
asciilifeform: caaddr: that was the latest, afaik, fully reversed from die ( publicly, that is ) ic
caaddr: that chip was about the same era. it's certainly doable, but a chore unless you have significant passion for the subject
caaddr: I enjoyed the long series of posts where a gentleman reverse engineered the 6502 die photograph, drawing the schematic from the photo
caaddr: but AIM-559 has the details
asciilifeform: learning anything from dies is veeery expensive, see the microscopy thread.
phf: http://btcbase.org/log/2018-01-22#1773848 << i've shared a version of vdiff in logs that fixed that issue, because the issue is of course there. i believe the comment was "not oneliner!!1"
caaddr: "WARNING: MAY STILL CONTAIN DANGEROUS LEVELS OF SANITY". yes, just a joke. it would be nice to handle them as an exercise in hardware archaeology
asciilifeform: i dunno why you would need the dies, to learn from
caaddr: I think I remember from the paper that only two of the actual pressed irons even worked. I wonder what happened to them?
asciilifeform: caaddr: re earlier, i'll say this : if a sane os and sane compiler cannot be ~small~ on a given iron, the iron design is ipso facto defective.
caaddr: for now just remember: cdr twice, then car twice. anybody else is an impostor ;)
diana_coman: if it's not that the trouble here too, trinque might help
caaddr: I suppose you would prefer hardware-only optimizations in any case, so ideally they would not be part of the software stack at all. compilation for performance as caching only
caaddr: I wonder how early in such a stack you would add the kind of compile time protections that ada guarantees. compile time protections seem to be the hardest thing to keep a programming language at "fits in head" size
asciilifeform: if you want to actually do it, rather than simply pretend, that is
caaddr: it would be nice to bootstrap an entire operating system from machine code to forth to some strange mix of forth and ada, ada, then tinyscheme, and finally a sane common lisp subset
asciilifeform: ( it won't build without an existing working copy of their gnat, exactly like the gcc fork's )
caaddr: I get the same output with "!!up caaddr"
caaddr: GNATMAKE 4.9.2 is the answer to the now redundant question. I'll use adacore instead. I had avoided this because it contains precompiled binaries, with no independent reproducible build certification
asciilifeform: this would seem to create the unpleasant situation of having just 1 adatron. but it is not clear to me that there ever were 2. there was only adacore and broken-adacore (aka gcc-gnat)
diana_coman: from my own experience with adacore and with gnat, I tend to agree with asciilifeform's evaluation there ^^
asciilifeform: if anyone has a counter-argument, now is the time. otherwise ch9 will contain a 'don't use gcc-gnat' preface.
asciilifeform: ( there is no such thing as 'gnat-4' )
diana_coman: upload the patches there + discussion as to why and what; link to asciilifeform's ch1 ffa and you're done
diana_coman: I suppose asciilifeform will want to have a look at them perhaps ; I'm not sure though I see a point in changing ffa to fit whatever gnat4 wants though
caaddr: so I've created a vpatch for both of these issues, which makes the genesis Chapter 1 code work with gnat-4
a111: Logged on 2017-11-23 17:55 whaack: asciilifeform: gnat1: error: unrecognized command line option ‘-fdump-scos’ when I try gprbuild. gnat version 4.6 gcc version 4.8.4. I removed the command line option from the gpr file since it seemed to be just used for coverage tools. Then got error prefix of "Image" attribute must be a type in 3 places in blocks.adb
caaddr: having browsed the logs of #trilema I've found that I'm not the only one who has run into issues:
caaddr: I'm trying to follow the instructions precisely, and that has included not using gcc-5.x or above. I'm just using the standard gnat-4 package in debian which is linked to the gcc-4 package, and I've noticed these are a bit out of date
diana_coman: what's the problem/question caaddr ?
caaddr: I've been working on Chapter 1 of the ffalib guide
diana_coman: to be fair it sounds like a rushed caught-in-the-hallway-had-to-say-something piece
shinohai: "hick-ups" <<< Is this supposed to be the bumpkin version of "hiccough" ?
diana_coman: I really can't begin to understand what exactly is that; some gems in there too with organisation making silk-purse out of a sow's ear and "every participant has the option to be that player" and ...
shinohai: Owned by the crowd?
diana_coman: wtf Taleb's"foreword to the book by Saifedean Ammous" on medium.com apparently: https://medium.com/@nntaleb/bitcoin-1537e616a074#---0-337
mircea_popescu: reover, the pretense to the contrary and the "blank mind" humanist wank is strictly the path to insanity.
mircea_popescu: "Coping with radical novelty requires an orthogonal method. One must consider one's own past, the experiences collected, and the habits formed in it as an unfortunate accident of history, and one has to approach the radical novelty with a blank mind, consciously refusing to try to link it with what is already familiar, because the familiar is hopelessly inadequate." << this never was, and absolutely never will be the case. mo
mircea_popescu: for the record, that dijkstra piece on "radical" bla bla is so fucking idiotic...
a111: Logged on 2015-04-02 01:00 asciilifeform: http://therealbitcoin.org/ml/btc-dev/2015-April/000080.html
asciilifeform: pretty sure it was the end of a lengthy thread
trinque: beyond "well and then it worked"
trinque: it's been a great exercise, since the histfile demands rationale.
asciilifeform: but aside from that , i do not know the seekrit of why it was an issue
trinque: I am not putting a negative in the history file
a111: Logged on 2018-01-21 23:56 spyked looked at the patch. admits to not being able to compile an example with gcc 4.9 nor 5; so there's probably more to it, e.g. C++ voodoo. I'm curious of asciilifeform's answer
asciilifeform: http://btcbase.org/log/2018-01-21#1773685 << if this is about the 'integer retardation' issue, the 1 thing it quite definitively had 0 to do with , is gcc5 : which did not exist in the era of 0.5.3 , nor did it exist in my stator or rotor setups
mod6: <+mircea_popescu> iirc it just edits something in /etc/security/limits.conf ? << off the top of my head, that's only like 50% of it. there is at least one other thing that needs to be set/configured too.
a111: Logged on 2018-01-21 23:26 douchebag: Thanks man, I've been spending a lot of my time focusing on security research and helping others get involved in the InfoSec community. I have a pretty decent resume compared to most people I go to college with because I have a pretty decent amount of experience, and when it comes to InfoSec jobs experience is probably the most important factor for most employers
mod6: I don't have the incantation in front of me at the moment... but if you would like it, I can dig it up for you tomorrow.
mod6: <+hanbot> no onboard ulimit, no package found, heh. << it is a huge pain to get a ulimit set on these mclinux boxes. but after seriously, a bunch of trial and error, I was able to get it to work.
a111: 2017-10-06 <Framedragger> yes but someone committing to the project without having the necessary time is not far away from malice, imho
asciilifeform: http://btcbase.org/log/2018-01-21#1773642 << i gotta reveal the terrible troof here : nobody's here into soap bubble penetration testing either... nor tissue paper, nor plastic bags.
mircea_popescu: asciilifeform trinque you'd be surprised how many of these exist!
mircea_popescu: it's "could have had, that's just as good" all the way down!
mircea_popescu: welcome, all, to the wonderful world of computers which nobody has ever used before for any purpose whatsoever.
trinque has been going down memory lane today, re-reading trb patches and finally sticking sig on them.
deedbot: http://thetarpit.org/posts/y04/06a-ffa-ch4-puzzle.html << The Tar Pit - A solution to the largest-of-seven FFACalc puzzle
deedbot: http://thetarpit.org/posts/y04/069-on-intellectual-ownership.html << The Tar Pit - On intellectual ownership
deedbot: http://thetarpit.org/posts/y04/068-the-story-of-the-citadel.html << The Tar Pit - The story of the citadel on the hill, by a thicket
deedbot: http://thetarpit.org/posts/y04/065-eu-at-the-end.html << The Tar Pit - The European Union at the end: a chronicle
deedbot: http://thetarpit.org/posts/y04/064-interests.html << The Tar Pit - Things that interest me; things that don't interest me
mircea_popescu: trinque adding thetarpit.org to teh rssing ?
lobbes: will see how much bandwidth starts running once the zip delivery is operational
lobbes: mircea_popescu, ah good idea on the making it a paid service. mats had suggested a context search to me earlier
mircea_popescu: meter the resources as you do it, cpu time/disk io, whatever is your concern. then bill the person, and store the bill, so you can present it in the future ("the previous three bills average X, so you have an idea how much)
lobbes: minor nits are welcome. Helps me fine tune the ol' process. But glad folx find useful
ben_vulpes: bing's in there but noooo love for me lobbes, i see how it is :P
mod6: thanks for putting that together, very cool
lobbes: ben_vulpes, yeah, atm it just searches the url only
ben_vulpes: mircea_popescu: it's in the title!
mircea_popescu: if not worth reading then... not worth reading.
lobbes: I think the wotpastes muddle it up a bit
lobbes: ben_vulpes, should be in there no?
mircea_popescu: aaand in other http://trilema.com/2016/i-dont-think-you-understand-how-credit-cards-work/ , http://78.media.tumblr.com/3ab87e3147d951bba3bf88b5d0e6cac2/tumblr_npr8ursIac1romx5eo2_400.gif
ben_vulpes: eyy lobbes how do i get me blog in there
a111: Logged on 2018-01-11 06:25 lobbes: Top three things I need to do next: 1) set up automated updating of the reporting database the thing sits on (currently 'stale' data). 2) set up lobbesbot to similarly search via IRC commands 3) Zip distribution system!
shinohai hears a woman squealing "QUE LIIIIIIIIIIIIIIIINNNNNDOOOOOOOOOOOO" in the loudest voice possible.
BingoBoingo: The fine points of usage are harder for me to discern when 90% of the time I hear a word it is because Latinos fear not hearing their own voice.
BingoBoingo: They use it and "Este" as verbal pauses here
BingoBoingo: Apologies for the brainmush lemme disambiguate: That has worked so far, until the pretty girl who invited me to her place offered a beer and she met my "no" with a series of gentle teases. Since I was in her home when my dick asked "what's the worst that could happen" my brain wasn't ready to answer with "Look at all these other pretty girls"
BingoBoingo: That has worked so far, until the pretty girl invited me to her place and she met my "no" with a gentle tease.
mircea_popescu: it's a relatively easy place to get by as an aa, they're not really heavy drinkers. just say no and that's that.
BingoBoingo: Being in LATAM and full of gringo confidence I slacked on my recovery. Going forward the talking to pretty girls time budget is going to have to take some cuts to make more room for talking to old men about feelings.
shinohai: It's still there for you BB
BingoBoingo: Hence injury to the sanity
BingoBoingo: But I did find a local AA sponsor at the meeting tonight. In the interim my sweat hasn't smelled this bad since the first time I sobered up.
BingoBoingo: It has been a serious blow to the confidence reserve, but it has been a aid to the nofap challenge LATAM edition
BingoBoingo: The only serious cost discovered so far has been to my sanity.
BingoBoingo: I had been slacking on meeting to get more Spanish conversation in, and when the pretty girl offered me a beer in her place there was no resistance.
BingoBoingo: <mircea_popescu> BingoBoingo how the hell can that thing contain NO numeric characters ?! do it properly, x - y - z - k = q. << I appologize. I got drunk last night and rushed the report in order to get my ass into an AA meeting.
douchebag: I think the next thing I'm going to blog about is this: http://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43018/?q=RDP&l=en_US&fs=RelatedArticle
mircea_popescu: i can see the logic.
douchebag: However, if I just were to have my own blog on my own website it would be a bit more difficult for people to find it until I am better known in the community
mircea_popescu: cool then.
douchebag: Actually yes it is, I've seen a number of people who reposted my medium blog on a few websites other than medium. The people who are reposting this found my blog post through medium and shared it elsewhere
douchebag: Oh no, not yet I'll throw something up the next time I find something interesting to blog about. Currently I'm using medium as a way to get better known in the community
mircea_popescu: not on some "platform" that'll "turn it off" the moment you no longer serve their bosses.
mircea_popescu: spyked well, i expect the ivf of ye olde library was epsilon. as alf says, "entomologist only". because wtf do they have, a story of two scytales ? tyvm, it's obsolete.
spyked looked at the patch. admits to not being able to compile an example with gcc 4.9 nor 5; so there's probably more to it, e.g. C++ voodoo. I'm curious of asciilifeform's answer
trinque: my question was particularly what let people get by without it, and it appears to be a question of what c standard was the default in what gcc
trinque: that is exactly what the patch did, include stdint.h
a111: Logged on 2018-01-21 16:51 mircea_popescu: http://thetarpit.org/posts/y01/038-the-archive.html << this is so fucking endearing.
spyked: http://btcbase.org/log/2018-01-21#1773463 <-- lol! and quite naive, didn't actually consider information value at all; kinda begs the question of the ifv in the ol' library of alexandria. probably a lot higher than the web, given the economy of writing (imposed by those times' tech). brings us back full circle to http://btcbase.org/log/2016-05-30#1473632
douchebag: Thanks man, I've been spending a lot of my time focusing on security research and helping others get involved in the InfoSec community. I have a pretty decent resume compared to most people I go to college with because I have a pretty decent amount of experience, and when it comes to InfoSec jobs experience is probably the most important factor for most employers
mircea_popescu: no-binary mp-wp is a major fucking progress ; and if we set the groundwork for eventual complete rejection of all binary formats, image and then video, holy hell we got it.
mircea_popescu: do me a favour and walk the list of binary images, applying one or the other as best fits.
mircea_popescu: anyway, you're on to something here douchebag ; work on it, with serious dedication, by the time you're as old as the rest of these guys you'll prolly be more valuable than them.
hanbot: mircea_popescu : if you'd prefer, there's also a format to encapsulate em as base64: http://wotpaste.cascadianhacker.com/pastes/RlPyK/?raw=true
mircea_popescu: to quote the universal george c. "that's a fun age!"
mircea_popescu: i thought the whole "memory security" shit sandwich just got blown to smithereens coupla weeks ago.
douchebag: I plan on learning more about low level memory exploitation in the future, however it's a bit more difficult these days due to stack canaries and other protections to prevent that sort of stuff from happening.
mircea_popescu: but yes, fucking up the empire's "technology" ie, websites, is a perfectly fine entry point towards actual life.
mircea_popescu: i guess. stuff like http://trilema.com/2016/to-the-dao-and-the-ethereum-community-fuck-you/ pays better.
douchebag: Ohh right, I understand. I agree, however to me I treat web application pentesting as almost a sort of game or puzzle, in my opinion it is rather entertaining challenge to be able to modify a web applications behavior in a way that leads to total comprimise.
mircea_popescu: sv there stands for silly-cons valey.
mircea_popescu: douchebag you're familiar with how there's a group of idle cocksuckers holding conferences and printing books about "technology!" which immutably consists of pointless websites run as investor swindles ? groupon, facebook, what have you. http://trilema.com/2015/you-know-what-gets-no-airplay-unflattering-truth/ sorta thing.
a111: Logged on 2018-01-07 20:28 mircea_popescu: he also wrote a lisp-is-faster-than-c item back in the days the microsoft hired hands were pissing all over o'reilly&marc "my middle name is cocksucker" andressen's java
hanbot: re the binary files thing: here's a conversion of the rss feed image on the trilema footer ( http://trilema.com/wp-content/themes/trilema/images/rss.jpg ) : http://wotpaste.cascadianhacker.com/pastes/fLVsf/?raw=true thoughts?
mircea_popescu: notreally ; republic mostly despises the sv-powered "tech" ; you'll find pmarca's notion of "the web" doesn't carry much water, or interest, among actually competent computer folk.
a111: Logged on 2018-01-15 07:15 mircea_popescu: well, lessee, stuff that might be of professional interest to you then. http://trilema.com/how-the-beastforumcom-private-messaging-function-became-a-paid-user-only-item http://trilema.com/internet-census-2016 http://trilema.com/xenforo-no-better-than-vbulletin-certainly-not-all-that-different etc.
douchebag: Last night I found a rather interesting vulnerability in a website for a bug bounty, second time I've been able to leverage SSRF to XXE, very fun stuff.
douchebag: Alright forsure, if I were to find something how would you want me to disclose the information to you in a secure manner?
douchebag: mircea_popescu: I'm a little bored at the moment and I'm looking to practice my web application pentesting skills, would you mind if I took a look at your site and try to identify any potenial vulnerabilities?
phf: (there's yet another solution is to actually provide a binary patcher, that uses some minimal delta algorithm to patch files, while also providing the patching details in plain text. so you could say that the result is readable in a sense that it takes file FOO and replaces bits #10 #1343 #325435 etc)