Results 1 ... 250 found in all logged channels for 'tcp f:asc' |
(pest) asciilifeform: notion was, you run the thing with memory image, the linux 'boots' in <0.1sec, runs whatever (e.g. pdf to jpeg tool), shits out output on tcp
(pest) gregorynyssa[asciilifeform]: signpost: asciilifeform: If I am not mistaken, the benefit of Luby codes is that we no longer need a TCP-like flow-control mechanism.
(pest) gregorynyssa[asciilifeform]: Implementing a TCP-like protocol using UDP is a common problem in professional-level game-development.
(pest) asciilifeform: awt: largely theoretical concern ( a log station hasn't any seekritz other than its peer keys ) but e.g. wouldn't want to accidentally enable the tcp log on a civilian station, etc
(pest) awt[asciilifeform]: asciilifeform: In this case, http server would connect to the station via a tcp interface, so technically not inside. Would indeed have to take care not to allow the www to send anything other than read ops.
(pest) awt[asciilifeform]: signpost: yeah. single-threaded python 2.7 with integrated IRC server -> multi-threaded python3 with a json api available over a tcp socket for clients (including the gui I've been working on).
(pest) unpx[asciilifeform]: ``The symbol "=<" means "less than or equal" (modulo 2**32).'' tcp rfc As you wish...
(pest) awt[asciilifeform|cgra]: cgra: in any cases I'm re-architecting - there will be station server you can connect to via a tcp socket that you can send json formatted commands to.
(pest) awt[asciilifeform]: Got a basic wire protocol going between client <-> station over a tcp connection using json. One step closer to being irc-free.
(pest) asciilifeform: fwiw the 'serious designers' gave us luldesigns like tcp.
(pest) jonsykkel[asciilifeform]: maybe can be achieved with tcp tunnel
(pest) asciilifeform suspects that 'use last entry' aint gonna work, necessarily, if there's >1 session (e.g. there's an x proggy going over tcp)
(pest) phf[asciilifeform]: gb/s nic that you're using 82 version of "ip/tcp" stack written in macsyma/symbolics common lisp hybrid to sling packets over, gtfo :>
(asciilifeform) asciilifeform: tcp suxx, noose at 11...
(pest) jonsykkel[asciilifeform]: thought about even spliting pestron into pure item with no irc/tcp, with "rpc" inteface (but bidirectional) then have temporary rpc<->irc device as separte item
(pest) phf[asciilifeform]: i sort of expect udp to have dropped back when protocol was called ip/tcp, because a machine that still has cathode lamps had one burn out in the process. i suppose the workings of the intertubes are a mystery now more so than ever
(pest) asciilifeform: http://logs.bitdash.io/pest/2022-07-25#1010411 << bt proper is not only a shitsoup of oddball crapola (incl. tcp), but is rather the antithesis of pest, i.e. scheme for swarm of unauthenticated anons ( which, observe, easily 'poisoned' in various ways , the copyrasts maintain entire shops to do this )
(pest) phf[asciilifeform]: awt: i don't remember canonical source on this, but if you e.g. search this document for the word action https://raw.githubusercontent.com/grawity/irc-docs/master/client/CTCP/ctcp.txt
(pest) awt[asciilifeform]: whaack: at one point I resorted to using tcpdump
(asciilifeform) asciilifeform: folx who have 0 lived experience 'winning from' a tradition unsurprisingly inclined to categorically piss, 'hey, wainot tcp over horseback courier' etc.
(asciilifeform) asciilifeform: verisimilitude: at a certain point, cpu & tcp state liquishit table exhaustion; but this takes moar 'popularity' than 'redditus wave' (tho not rate in even small-time organized ddos)
(asciilifeform) asciilifeform pictures 'tcp over .22' lol
(pest) awt[asciilifeform|billymg]: Wouldn't be surprised if it was running a BTCPay server somehow.
(asciilifeform) asciilifeform: no tcp then needed at all
(pest) shinohai[asciilifeform|billymg]: 2022-03-05 12:55:18 listening on TCP port 0
(asciilifeform) asciilifeform: http://logs.nosuchlabs.com/log/asciilifeform/2022-02-17#1079607 << perhaps obv., but multiple problems w/ such approach ( in what write the 'filter' ? foist python on n00bs on top of the rest of the horror? ... or anuther cpp turd ? or try in ada, where we dun even have tcp glue yet? )
(asciilifeform) asciilifeform: billymg: 'not bug, but pheature' , lol, in my logotron indeed clock is used to detect tcp death
(asciilifeform) asciilifeform: verisimilitude: how do you propose to bake irc frontend w/out tcp ?
(asciilifeform) asciilifeform: sometimes curable w/ heroic work; for instance asciilifeform will be able to bake an ada pestron once he (or someone else) comes up w/ tcp and sqlite glue for same
(asciilifeform) asciilifeform: imho ideal way to do this would be as dedicated station (if the world-tcp end is ddoses, 0 impact on operator's primary station)
(asciilifeform) asciilifeform: jonsykkel: dunno how familiar you are with mechanics of ddos; but e.g. tcp makes it quite simple (once somebody gives you a SYN, you're stuck allocating memory to store connection state)
(asciilifeform) asciilifeform: aaapparently the default ephemeral range (by rfc6056 ? tho iirc it only covers tcp normally...?) is 1024ā€“65535 . so could be by pure chance.
(asciilifeform) asciilifeform: streams in nqb on account of the gnarly tcpism of the bitcoin wire protocol, with its various 'variable-length' turds
(asciilifeform) asciilifeform: apeloyee: some of the things you mentioned (e.g. messages signed 'for' one peer but also, 'on outside of envelope', 'for' another, to be relayed) are arguably useful. and i thought about them. but they are ~costly~ in complexity. moving parts are a cost, and not counting this cost is why literally every traditional high-level protocol, starting with tcp, is garbage, imho.
(asciilifeform) asciilifeform: apeloyee: does spec for e.g. tcp , lay out explicitly what it 'is and is not designed for' ?
(asciilifeform) asciilifeform: apeloyee: if you calculate a hypothetical cost of, for instance, running a traditional tcp www server in such a way as to be proof against arbitrary ddos -- it would approach the cost of a space fleet.
(asciilifeform) asciilifeform: http://logs.nosuchlabs.com/log/asciilifeform/2021-09-16#1058346 << what was interesting there? seems on 1st pass like an ad-hoc variant of tcp
(asciilifeform) asciilifeform: (also will note that i haven't a tcp glue for ada presently. and one is needed for the irc client end..)
(asciilifeform) asciilifeform: verisimilitude: massive pile o'shit quite similar to tcp, and for same reasons. (includes even moar craptastic garbage, e.g. 'heartbeats')
(asciilifeform) asciilifeform did not delve into the linked algo in detail, but on cursory look appears to reimplement a good chunk of tcp
(asciilifeform) asciilifeform: previously only encountered the traditional type (tcp for payload, udp for dht)
(asciilifeform) asciilifeform: verisimilitude: 'not just tcp' == 'uses tcp'
(asciilifeform) asciilifeform: tcp demands state.
(asciilifeform) asciilifeform: (for that matter, this isn't even a problem peculiar to tcpism, but exists in the general case. the problem here is that you've already given 'allcomer' a chunk of memory for tcp statefulness, and only ~after~ this demanded rsa op.. )
(asciilifeform) asciilifeform: when you're using tcp, fact is that your box 'sees' EVERYTHING people throw at it, and invoking rsaism simply makes it easier to ddos your cpu
(asciilifeform) asciilifeform: http://logs.nosuchlabs.com/log/asciilifeform/2021-05-18#1036645 << it's considerably ~simpler~ than the tcp+sslism shitstack
(asciilifeform) asciilifeform also not very interested in schemes which are narrowly specific to chat, or www replacement. instead interested in general-purpose replacement for tcp, riding on top of existing net but with rsa pubkeys as deliverable addresses, zero knobs that unauthenticated ddosers can expensively push (incl. using captured authentic payloads) and complete opacity of traffic to any third party.
(asciilifeform) asciilifeform: tho if narrowly specific to chat, rather than general-purpose parcels a la tcp, not clear why needs fountains -- a signed 'line' of reasonable length could fit in 1 packet
(asciilifeform) asciilifeform: the application i was thinking of in this thread was the third one -- where civilized replacement for tcp.
(asciilifeform) asciilifeform: since haven't tried, cannot comment in detail. but iirc is decent example of gains from udpization of a traditional tcp protocol.
(asciilifeform) asciilifeform: observe that there is not a similar profusion of articles with patently-broken explanations of e.g. bittorrent or tcp.
(asciilifeform) asciilifeform: and, likewise, tcp offers no possibility of authentication for handshakes. which is why ddos is possible (tcp needs memory for state, and anyone can come and demand some, and it'll be given, until machine chokes) and why 3rd parties can RST your connection
(asciilifeform) asciilifeform: http://logs.nosuchlabs.com/log/asciilifeform/2021-02-26#1032510 << the issue is that there is NO POSSIBILITY of encrypting handshakes or seq #s in tcp (other than by tunneling via an actually-encryptable protocol on top of udp...)
(asciilifeform) asciilifeform: http://logs.nosuchlabs.com/log/asciilifeform/2020-11-06#1024419 << several times asciilifeform thought 'why not bake ada ircd' then each time realized that there aint a tcp lib (yet)
(asciilifeform) asciilifeform: verisimilitude: how do you intend to implement 'tcp spackle for sbcl + buncha others' w/out ifdefism ?
(asciilifeform) asciilifeform: so i'ma say that spyked's complaint is 100% factual, yet misdirected. you CAN'T turn the shitsandwich of tcp-on-linux into a tasty meal by slathering on spackle. of whatever kind.
(asciilifeform) asciilifeform: verisimilitude: tcp per se is a mindbogglingly-braindamaged abstraction that never has been and probably never could be implemented even half-sanely . which limits, to asciilifeform's pov, the appeal of the very idea of 'fixing' it.
(asciilifeform) asciilifeform: trinque: tcp -- and in particular, the standard stack for it -- per se, is (as discussed prev.) a quite sad kludge. for instance i still dunget why there's any trace of a socket left after process terminates in linuxen, for there to later 'socket in use'
(asciilifeform) asciilifeform: streams are only a halfway decent abstraction for tcpism tho
(asciilifeform) asciilifeform: megatonne of discussion in ye olde logs re braindamage of tcp (where e.g. any idjit can RST yer connection, or SYN flood, or make educated guesses re payloads via the plaintext sequence #s, etc )
(asciilifeform) asciilifeform personally doubts that there is 1 single exit noad that doesn't tcpdump. ( and, on top of which, there isn't a usg dumper upstream -- the list is after all public )
(asciilifeform) asciilifeform: and tcpdump -nnXSs 0 port 8333 plz .
(asciilifeform) asciilifeform: mod6: initially had 4 hypotheses ( 1) magic tx in mempool 2) magic liquishit administered via plain tcp directly to noad 3) peculiarity in block 618406 4) failed reorg in vicinity of 618405 ). elim
(asciilifeform) asciilifeform: dunno whether yer into CL, but there something very similar happened in '80s -- which is how the language ended up missing basic functionality like tcp/ip in its standard
(asciilifeform) asciilifeform: shinohai: i never wrote a proper ada shim for tcp, as i had for udp , never saw a compelling reason. possibly will make one tho, there are potential uses, such as bots.
(trilema) asciilifeform: mp_en_viaje: loox like hooligan might be sending forced tcp close in 'your' ip .
(trilema) asciilifeform: mp_en_viaje: it was in fact 'ready to fire' on dulap , but not kept running eternally (a tcpdump of ERRYTHING slows box to a crawl and will eat yer ssd in ~week)
(trilema) asciilifeform: http://logs.ericbenevides.com/log/trilema/2019-10-07#1941224 << can i persuade diana_coman to share that pcap ? dulap ended up unplugged just before i could set up tcpdump on it .
(asciilifeform) asciilifeform: bvt: tcpdump/wireshark then
(trilema) asciilifeform: ftr i did not put this in genesis because naively supposed that ordinary workings of tcp will in fact throw a connection if the pipe were to unplug. but apparently this aint so
(trilema) asciilifeform: i still dun grasp why os's tcp stack doesn't liquidate a socket known to be stone dead. but this i suppose is a q for the original perpetrators , when they're connected to 220v
(trilema) asciilifeform: mircea_popescu: if the tcp stack per se is retarded in this way, i expect it is also in cobol , fortran, etc, how not.
(trilema) asciilifeform: http://logs.nosuchlabs.com/log/trilema/2019-09-08#1935080 << seems like finally lobbes photographed that legendary ufo, the 'socket alive, but wedged tcp' state.
(trilema) asciilifeform: mircea_popescu: ctcpism
(trilema) asciilifeform: diana_coman: if it runs, will run, all that's asked of it is to forward a tcp pipe to port x (whichever yer py is on)
(trilema) asciilifeform: worse, not even certain that it is possible to write a clean/light www shitter , considering what http , tcp , are like to begin with
(trilema) asciilifeform: mircea_popescu: i can think of a few riotously braindamaged proggies atm (e.g. 'sshd', where author somehow thought it acceptable to generate host key at boot ; and tcp stack, where seq #'s )
(trilema) asciilifeform: spyked: mine disconnects strictly when a send() or recv() actually return eggog (i.e. indicating dead tcp pipe)
(trilema) asciilifeform: http://logs.nosuchlabs.com/log/trilema/2019-08-22#1930066 << ftr i've yet to observe this 'silent wedge' effect in my bot (i.e. where the tcp pipe is 'alive' but not doing anyffin useful). tbf it is, what, only 3rd week of this bot.
(ossasepia) asciilifeform: atm i vaguely suspect that tcp on piz is slowed by an inept wiretap somewhere.
(trilema) asciilifeform: ( and, interestingly, specifically fucked re tcp. )
(trilema) asciilifeform: http://logs.nosuchlabs.com/log/trilema/2019-08-19#1929694 << this is worth expanding on. asciilifeform also gets very fast pings ( never moar than 200msec, to date ) and fast udp. what i suspect is, usg's snoop gear that sits as parasitic toad on south amer's pipe, specifically slows down tcp.
(trilema) asciilifeform: pipe delay ( piz <-> asciilifeform's chair , cannot be generalized to entire planet ) varies from 0.2-0.4s (for revvup of tcp pipe, that is)
(trilema) asciilifeform: tried large buffers, no buffers, various tcpism knobs, no obv culprit for the impedance mismatch (what i suspect this is )
(trilema) asciilifeform: mp_en_viaje: thinking about it, it's outgrowth of tcp retardation, where having the client alive costs the server at all times
(trilema) asciilifeform: in trad irc, server periodically asks 'PING blah' and client expected to 'PONG blah' back (why? if it's a tcp pipe? what's the whole point of tcp, orig, if not to avoid this? dun ask me)
(trilema) asciilifeform: ( and, ideally, w/out tcpism )
(trilema) asciilifeform: my 'udp' lib was orig. gonna be a 'udp and tcp' lib. but very quickly realized...
(trilema) asciilifeform: could try to use ada's 'streams' model. but then must decide, how to represent ~all~ of the possible tcp hiccups.
(trilema) asciilifeform: aand that's just pg. now consider how to deal with tcp.
(trilema) asciilifeform: i think i mentioned, considered writing one. but then realized that will have to write tcpism and postgresism glue from 0.
(trilema) asciilifeform: bvt: how do i throw into a tcp socket a formatted fetch of log, consisting of unknown length of "<a ... " + blah + "</a>" etc, w/out string munging ?
(trilema) asciilifeform: there's a place, at least for so long as we're doing tcpisms, for langs with garbagecollector etc.
(trilema) asciilifeform: currently there aint a 'tmsr lang' in which can readily write wwwisms. (i dun even have a tcp end for gnat atm)
(trilema) asciilifeform: what does, is to prevent eternal hang on silent (ask the tcp committee why this is physically possible, not me) deaths
(trilema) asciilifeform: reason why 3 decade of 'apache' is same as why erryone (incl. microshit) is using that SAME tcp stack from berkeley '80s. cuz protocol was deliberately made so braindamaged, with literally 10,000+ moving parts, that ~impossible to correctly reimplement if demanding compat with 'everyone'
(trilema) asciilifeform: you can't actually write a tcpistic http serv thing that doesn't end up looking exactly like this, or worse.
(trilema) asciilifeform: point is , tho, that it is barfalicious ~because tcp~, not because author as such was tard
(trilema) asciilifeform: 'Now, as if this wasn't enough, TCP also has a (transport layer) segment size, which must fit into a so-called "Maximum Segment Size" (MSS), which must be smaller than the MTU, because we also need to fit lower-layer headers and all that. Otherwise TCP isn't concerned too much with this, but misconfiguration can cause problems with congestion windows and whatnot, and we sure as hell don't want this shit to blow up. Finally, as if the
(trilema) asciilifeform: as if the ludicrous cpu & bw waste of tcp weren't enuff, it also conveniently groups (with said grouping being entirely plaintext) 'sessions' for hitler to moar conveniently store & read.
(trilema) asciilifeform: ever wonder why heathens still fascinated, like chukchas with radio found in taiga, with 'bittorrent' ? it's because warez goes at ~line rate~ over 'bittorrent'. and at maybe 2/3 line rate on http on a good weather day. why? cuz bt , despite authored by idiot, ~let go of tcpism~ !
(trilema) asciilifeform: tcp was a 'gift' of profound retardation that 'keeps on giving', even to moar obvious extent than e.g. unix. it is single-handedly responsible for ~100% of the backbreaking complexicrud of apache, ssh, ftp, etc
(trilema) asciilifeform: spyked: imho your 'hunchentoot' vivisection illustrates important point : just how much of the complexity of that thing is on acct of idjit tcpism's shit abstractions, i.e. the lengths to which it goes to pretend that the machines aint exchanging short packets in quasi-reliable ordering
(trilema) asciilifeform: the fundamental boojum is that tcpism makes 'cost of ddos' open-ended . but this is problem with tcpism, and the only final solution is 'gossipd-only hosting' with wot-only direct peering. but we aint there yet..
(trilema) asciilifeform: not to mention, gotta establish process re tcp ddosen. tomorrow could be e.g. qntra instead.
(trilema) asciilifeform: re upstack >> anyone using one of asciilifeform's kernels can use simple cure : echo 0 > /proc/sys/net/ipv4/tcp_sack
(trilema) asciilifeform: tcp shows erry possible sign of having been designed, from the start, to extend the ease of snoopage from traditional circuit-switched telco grid, to the packet world. consider e.g. the 'helpfully' plaintext sequence numbers.
(trilema) asciilifeform: spyked: not only is the implementation what it is, but tcp per se is massive pile o'shit, where it aint even possible to implement it w/out 9000 tonnes of state machine gnarl
(trilema) asciilifeform: Mocky: iirc mircea_popescu's scheme centers around a return to the good ol' days when ~all~ names could be found on a given machine's /etc/hosts (or equiv.) -- so one ~could~ in principle use a very slow mechanism to sync'em, and it'll still work in practice. ( tho i also would rather avoid cementing tcpisms into future design of whatever type )
(trilema) asciilifeform: tcp over slightly bent rudder.
(trilema) asciilifeform: he has parsers, tcptronics, various datastructures
(trilema) asciilifeform: gotta flesh this one out tho, cuz as written it posits the conclusion. how does the raw device know that it is being put to use for tcpip ? rather than e.g. to control aquarium temp.
(trilema) asciilifeform: asciilifeform sees tcp as a legacy tech, really
(trilema) asciilifeform: i'll add that even a tcp skin wouldn't be entirely useless ( right nao the only way to write a wwwistic proggy in ada is to use adacorpse's 'gnatsockets' crock of shit )
(trilema) asciilifeform: mircea_popescu: as i understand , this one would need either tcpism (not written yet) or unixsocketism (also afaik not written, aside from the sad adacorpse implementation in gnat std lib)
(trilema) asciilifeform: or , say, take tcp. mircea_popescu aint even a programmer, and is just about as 'clean' as a fella can get in re programming radiation damage and still have worked with comp. but it took asciilifeform 3+yrs to get him to see that tcp is -- by design -- garbage
(trilema) asciilifeform: ( e.g. the problems of mitigating tcp ddos are irrelevant to proper udpistic gossipd. and ditto authentication of handles. )
(trilema) asciilifeform: diana_coman: i'll admit that it isn't clear to me how effort put into baking glue for oddball nonstandard ircisms helps in re gossipd . irc as i see it is an entirely dead-end tech ( rides on tcp, and 0 notion of crypto , and cannot be retrofitted really )
(trilema) asciilifeform: defo premature, esp. in light of prospect of e.g. ditching tcp
(trilema) asciilifeform: mircea_popescu: i dun expect you'll want to eat the whole article, but it sums to quite a bag of lulz : can run entire proggy in the 'speculated' parallel universe, in such a way that it dun logically exist on e.g. by-the-book emulator, but only on post-2009 shitcpu
(trilema) asciilifeform: fwiw simply rejecting tcp won't do the trick, you also gotta not allocate state for udp ( all extant routers, afaik, do.. but e.g. s.mg protocol and similar, will operate entirely correctly without this, as i understand it )
(trilema) asciilifeform: ( and also happen to know why : they 'give to allcomers' in the sense of allocating memory for state of tcp connection. therefore it stands to reason that if one built router that doesn't tcp at all -- it will not fall. )
(trilema) asciilifeform: mircea_popescu: i have plain old tcp with 'pehbot' ( via trinque's cl proggy )
(trilema) asciilifeform: ( unlike e.g. tcp, where pipe can die )
(trilema) asciilifeform: the mechanics of use is actually 'easy part' -- they take x11 pipe over tcp, and are pretty light on graphics (1bit raster)
(trilema) asciilifeform: i dun have a tcpdump on that thing at all times, lol, no amt of disk count conceivably suffice
(trilema) asciilifeform: mod6: they were not. see log, i set up the tcpdump ~after~
(trilema) asciilifeform: or hey, wai not tcpdump -w fuckwads.pcap -i eth0 "net 165.227.0.0/16" or "net 178.238.0.0/16" .
(trilema) asciilifeform: i'ma leave a tcpdump -w fuckwads.pcap -i eth0 "host 165.227.138.176" or "host 178.238.224.213" running on zoolag
(trilema) asciilifeform: i for instance am sitting here and tryin', not always successfully, to cure folx of delusions that linux instilled in'em, e.g. 'tcp gives cheap an' reliable pipes' ( cured mircea_popescu after , what, 3y ) and nao 'udp packets can be anyffing, not merely 1472' (not cured yet..)
(trilema) asciilifeform: diana_coman: do you suppose you can reproduce this, with tcpdump going ?
(trilema) asciilifeform: wouldn't go this far; dunno about mircea_popescu , but i'm presently connected to fleanode, trb, etc via tcp
(trilema) asciilifeform: mircea_popescu: 'catalogue of tcp braindamage' is prolly ripe for an article. ( sadly asciilifeform is mired in liquishit and prolly will not write it this wk )
(trilema) asciilifeform: !#s from:asciilifeform tcp
(trilema) asciilifeform: mircea_popescu: the braindamage of tcp, iirc, is elaborated in buncha old threads
(trilema) asciilifeform: i picture the end product as something like tcp but without the retardations.
(trilema) asciilifeform: diana_coman: tcpdump -i eth0 udp port YOURPORT -vv -X
(trilema) asciilifeform: ftr i never grasped why irc is a tcp item to begin with. it aint as if the messages outweigh the available bucket.
(trilema) asciilifeform: imho tcp , if preserved anywhere, oughta live as a lowered-into-pederasty item-only-carried-over-better-protocols or strictly-on-lan, like telnet.
(trilema) asciilifeform: tcp imho is fundamentally sad, not the least reason for which is that 'anybody' can break yer pipe
(trilema) asciilifeform: i cut off the tcpism, cleaned up, turned into 'udp' lib
(trilema) asciilifeform: 'g' , the tunnel-tcp-through-ciphered-udp thing
(trilema) asciilifeform: as for tcp, unixsockets, etc. imho if we ever need these, they oughta live in own separate lib, given as they force somewhat different and gnarlier semantics, they do not belong in 1 gigantic 'kitchen sink' imho
(trilema) asciilifeform: incidentally, my lib can be asmed just as readily as ave1 asmed the classical 'all of tcp stack' glue. ( sadly i dun currently have the free hands to do this )
(trilema) asciilifeform: mircea_popescu: 'defined' is the item that differs in asciilifeform's, in fact. i dispensed with ~90% of the knobs simply by going 'sockets are udp, that's it'. no tcpism, i.e. no accept() and the associated streamolade, no unix sockets with their weird, etc.
(trilema) asciilifeform: ( a reply here, in turn, is not the idjit tcp 'ack', but a packet containing hash(currentsecretsalt + prevpacket) + cipherola-to-current-key , i.e. can only have been generated by the box on the other end, and can only be authenticated by yours
(trilema) asciilifeform: this way you also dun have to concern with 'packet congestion', a perennial plague of tcpdom
(trilema) asciilifeform: tcp is very difficult to sanely work with without a stream abstraction, but udp -- trivial.
(trilema) asciilifeform: diana_coman: that's pretty odd, i could not get it to tcp on 22
(trilema) asciilifeform: and moreover, they are a problem with the basic design of (for the most part) tcp.
(trilema) asciilifeform: it's convention, is all, the high ports were reserved for the local ends of tcp pipes
(trilema) asciilifeform: mircea_popescu: perhaps he dun have a tcp pipe in the cokemachine chair.
(trilema) asciilifeform: mircea_popescu: the new biosen are lulzy also, often they have tcp stack nao, and read file system , and even show spam in the setup
(trilema) asciilifeform: phf: last thing i want on my boxes, tho, is yet another 1MB ball of c opensores publicly-tcpable liquishit.
(trilema) asciilifeform: ben_vulpes: iirc i proposed at one time an intermediate item on the way to proper gossipd ( 'serpent'-ciphered tunneler to connect coupla ircd instances to each other, and ditto for users ( get otp cookie a la deedbot, get a key that's good for 1 tcp connect ) but so far instead followed mircea_popescu's advice re not wasting sweat on such a thing, but pushing with ffa so as to get with what to gossipd.
(trilema) asciilifeform: as result it had own tcpip thing, db, etc yes
(trilema) asciilifeform: i'm not objecting to the 'opens tcp to to usg server' part. but to the price signal.
(trilema) asciilifeform: i was convinced that mircea_popescu was picking at the tcp socket handoff !11 lol!!
(trilema) asciilifeform: mircea_popescu: based on tcpdump/wireshark
(trilema) asciilifeform: i dun think keepalive ( of the http variety , rather than tcp's ) comes into play at all when you aren't on a dialup modem or similar horror
(trilema) asciilifeform: tcp gives every allcomer a quite-expensive 'something'
(trilema) asciilifeform: mod6: not, sadly, practical with tcp at all
(trilema) asciilifeform: this problem was a serious headache for the tcp/ip people, they solved it mircea_popescu-style, 'fuckyou and errything going over the wire is to be bigendian' (at the time, bigendianism dominated in 'serious' iron)
(trilema) asciilifeform: tcpdump and you might be surprised.
(trilema) asciilifeform: it's a resurrection of circa-2014 embraceandextendism -- 'let's impose prbtronic sslistic payment-via-tcp, and at the same time spam some moar spamola, make blox less breathable'
(trilema) asciilifeform: prbism where you gotta tcp to somebody's box to pay him, or something of the kind
(trilema) asciilifeform reads 'tcptrack' manual and bewildered, why is it needed ? what's wrong with ' netstat -a ' ?
(trilema) asciilifeform: because we're doing arbitrary tcp to whole planet, presumably ? vs derping around inside one physical house
(trilema) asciilifeform: tcp'd to death, looks like.
(trilema) asciilifeform: i don't much like the phrase 'trusted nodes', when you connect to trb node, you get plaintext tcp, and 0 guarantees re who or what you're actually talking to.
(trilema) asciilifeform: it can't really be vanished away without killing 'tcp to arsebook' etc also. as i currently understand it.
(trilema) asciilifeform: ( and other tcp )
(trilema) asciilifeform: and partly in that i find the 'prototype' that solves 0 of the difficult problems, simply not interesting. i can write a perlism that pushes shitrsa packets over tcp etc. in half hour. but why.
(trilema) asciilifeform: in other, not wholly unrelated, lulz, '...out-of-bounds write in systemd-resolved in Ubuntu, which is possible to trigger with a specially crafted TCP payload. ... Certain sizes passed to dns_packet_new can cause it to allocate a buffer that's too small. A page-aligned number - sizeof(DnsPacket) + sizeof(iphdr) + sizeof(udphdr) will do this... A malicious DNS server can exploit this by responding with a specially crafted TCP payload
(trilema) asciilifeform: hey i know a TCP jokehey i know a TCP jokehey i know a TCP jokehey i know a TCP jokehey i know a TCP jokehey i know a TCP jokehey i know a TCP joke[barf]
(trilema) asciilifeform: now, not all of these invocations are of recv() for udp. most -- tcp.
(trilema) asciilifeform: 'February 16, 2017 ... Enphase Energy, Inc. (ENPH), a global energy technology company, today announced that it has refinanced and extended its term loan facility with certain funds managed by Tennenbaum Capital Partners ("TCP") from $25 million to $50 million.'
(trilema) asciilifeform: in other lulz, from the dept. of 'let's make a sham version of EVERYTHING discussed in #trilema', http://btcpowupdate.org
(trilema) asciilifeform: attempts to secure tcp are duct tape.
(trilema) asciilifeform: the important thing is to throw tcp straight into the shitcan where it belongs.
(trilema) asciilifeform: Framedragger: the problem with tcp isn't simply that enemy can insert an RST packet and make you blame your peer. (and whitelists do 0 against this.) but that it is very expensive , computationally, long before you have any idea who you're talking to.
(trilema) asciilifeform: that being said, you can use 'wire' with anything that can maintain a ciphered tcp pipe between two boxes. dun have to be ssh.
(trilema) asciilifeform: by looking at who never plaintcp's to whom on 8333 !
(trilema) asciilifeform: 'IOC/ECG's Advanced Forensic Division (AFD) performed an analysis of Hive version 2.5 network communications to assess its likelihood of detection.The results of this analysis are found in document AFD-2012-0973-2. In summary, AFD was able to create signatures for DNS, ICMP, and TFTP triggers; found that the TCP and UDP triggers did not adhere to their respective protocol standards; and further found that the TCP and UDP triggers eac
(trilema) asciilifeform: or any matches. If a match is found the packet is assumed to be a TCP replay and is dropped.'
(trilema) asciilifeform: https://wikileaks.org/ciav7p1/cms/files/DevelopersGuide.pdf << for aficionados strictly -- details of implant protocol, where gibblets are disguised as tcp replay packets. apparently standardized across this particular directorate.
(trilema) asciilifeform: which is why you'll often find trb-related tcp pipes randomly RST'd, and the like.
(trilema) asciilifeform: my wired nodes still find each other via addr.dat and open ~second~, plaintext tcp pipe...
(trilema) asciilifeform: 1. 'blackhole.' 2. tcpdump on two blackholed trb nodes. multitude of peers emitting 'ping, ping, ping...' and soaking up sockets. 3. hypothesis: killing socket hoggers will dissolve blackhole. 4. 'socket-hogging prb is responsible for blackhole condition'
(trilema) asciilifeform: to revisit upstack, i set up tcpdump on blackholed dulap and recorded
(trilema) asciilifeform: srsly almost ANY protocol built on top of raw lossy packet, even with one hand tied behind your back, ends up beating the shit out of tcp.
(trilema) asciilifeform: http://btcbase.org/log/2017-02-10#1613048 << you get ~all of this for free JUST BY DUMPING TCP
(trilema) asciilifeform: ben_vulpes: also subject to all classical tcp abuses (enemy can close connection for you without breaking a sweat or any cooperation from counterparty)
(trilema) asciilifeform: 'Multiple vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service or the execution of arbitrary code.'
(trilema) asciilifeform: tcp over dead monkey?
(trilema) asciilifeform: with which to tcp
(trilema) asciilifeform: (specifically they did not permit chumps incoming tcp)
(trilema) asciilifeform: mircea_popescu: the tcp stack per se does not offer any means whereby two proggies speak simultaneously through 1 socket
(trilema) asciilifeform: this, incidentally, was a proggy that doesn't even use tcp.
(trilema) asciilifeform: looks almost as if it'd be a skin , front end running tcpwise in front of trb node
(trilema) asciilifeform: so we get a snapshot of the, say, 20 minutes of tcpdump prior to node entering blackhole state.
(trilema) asciilifeform: at the same time, tcpdump is running
(trilema) asciilifeform: mircea_popescu: 'g' was result of my frustration with trb's plaintext tcp
(trilema) asciilifeform: nmap: 'Discovered open port 49152/tcp on 82.193.247.114' >>>>> https://archive.is/WAevR
(trilema) asciilifeform: now it pings, but won't take a tcp socket.
(trilema) asciilifeform: (and was not merely premined, but the 'btcphobic' mr mold had 'coins', of which there are only 256, die ! after 9 moves.)
(trilema) asciilifeform: ( i could even see an argument that, e.g., rawtx eater doesn't belong in trb , and that tx ought to be injected via the ordinary tcp method. but i dun recall having this argument )
(trilema) asciilifeform: in other noose, https://archive.is/cgpZD >> 'This botnet with 145607 cameras/dvr (1-30Mbps per IP) is able to send >1.5Tbps DDoS. Type: tcp/ack, tcp/ack+psh, tcp/syn.'
(trilema) asciilifeform: 'I know when ARPANET was being developed, they were interested in physical (wires-level) robustness (i.e., in case of war) ā€“ but Iā€™m not aware of any scholarly research going on about how to protect TCP/IP from itself.'
(trilema) asciilifeform: and it was plugged into a bank of tcp to serial (yes) converters, even.
(trilema) asciilifeform: Framedragger: i won't touch a tcp 'gossipd'
(trilema) asciilifeform: and that (b) means either being retarded (services built on tcp, such as www and irc) or some variation on udp.
(trilema) asciilifeform: (if all-comer can get a challenge, this not only makes you ddosable tcp-style, but turns your gossip net into a ddosatron weapon for any idiot who can get spoofed packets into it)
(trilema) asciilifeform: tcp has no future, Framedragger .
(trilema) asciilifeform: Framedragger: not only tcp, but the horse it rode in on. whole thing must burn.
(trilema) asciilifeform: Framedragger: tcp is evil.
(trilema) asciilifeform: syn flood is challenge enough, because tcp is braindamaged.
(trilema) asciilifeform: the kind that accepts tcp conns from all-comers.
(trilema) asciilifeform: trinque: 'nothing for showing up' is quite physically impossible with tcp.
(trilema) asciilifeform: but they ought not to complain when 'my tcp connections are blackholing' or 'someone derived my rsa privkey using known-ciphertext attacks' etc.
(trilema) asciilifeform: as an only sane possible replacement for tcp.
(trilema) asciilifeform: phf: the handful of interesting aspects (single-packet friend-or-foe, no tcp) were outlined here.
(trilema) asciilifeform: but it was ~always~ possible, from day1 of tcp, and this is evident to anyone with a copy of, e.g, richard stevens's 'tcp/ip illustrated'.
(trilema) asciilifeform: it can also inject crapolade, into any tcp stream whatsoever. this is not a hypothetical, the actual mechanism that is actually used was recently discovered.
(trilema) asciilifeform: usg can reset any and all tcp connections whenever it feels like it.
(trilema) asciilifeform: tcp is evil, fundamentally because it violates the 'NEVER something-for-nothing-to-all-comers-FUCKOFFRANDOS' principle.
(trilema) asciilifeform: http://btcbase.org/log/2016-08-26#1529651 << ~tcp~ is evil, and i will kill it with my own hands. at least in the sense where i killed, e.g., git.
(trilema) asciilifeform: the most galling thing is the VERY NOTION of a tcp that isn't porous. because tcp breaks BOTH of the two, as i found, iron rules of network sanity: 1) NOTHING TO RANDOS FOR FREE 2) NO OPERATIONS ON UNSIGNED INPUT
(trilema) asciilifeform: rther, if the connection is present, such an off-path attacker can also infer the TCP sequence numbers in use, from both sides of the connection; this in turn allows the attacker to cause connection termination and perform data injection attacks. We illustrate how the attack can be leveraged to disrupt or degrade the privacy guarantees of an anonymity network such as Tor, and perform web connection hijacking. Through extensive experi
(trilema) asciilifeform: ments, we show that the attack is fast and reliable. On average, it takes about 40 to 60 seconds to finish and the success rate is 88% to 97%. Finally, we propose changes to both the TCP specification and implementation to eliminate the root cause of the problem.'
(trilema) asciilifeform: 'In this paper, we report a subtle yet serious side channel vulnerability (CVE-2016-5696) introduced in a recent TCP specification. The specification is faithfully implemented in Linux kernel version 3.6 (from 2012) and beyond, and affects a wide range of devices and hosts. In a nutshell, the vulnerability allows a blind off-path attacker to infer if any two arbitrary hosts on the Internet are communicating using a TCP connection. Fu
(trilema) asciilifeform: lulzily, the iturd is the only phone that reliably works here in the house (because it supports telephony over tcp, transparently, instead of being stuck with tower, ~all of which are far away / weak)
(trilema) asciilifeform: 'highland communications' << tcp-over-bagpipe ?
(trilema) asciilifeform: (tcp, that massive barrel of liquishit, was designed before the discovery of luby code - or any of the subsequent 'fountain' algos)
(trilema) asciilifeform: alert reader will realize that this abolishes tcp.
(trilema) asciilifeform: and gossipd is considerably more general than a chat, it is to be a complete replacement for tcp/ip and packet switching as ordinarily understood.
(trilema) asciilifeform: and incidentally what's packet size to do with irc, it runs on tcp.
(trilema) asciilifeform: i routinely use, e.g., ida pro under 'wine' over x11 over tcp.
(trilema) asciilifeform: mircea_popescu: aha, but then some bozo added tcp to it
|
Download hourly DB snapshot | Get Source Code