asciilifeform: http://logs.nosuchlabs.com/log/asciilifeform/2020-12-01#1025678 << nifty postmortem. and imho illustrates well the futility of 'mitigations'.
snsabot: Logged on 2020-12-01 20:51:02 mats: https://googleprojectzero.blogspot.com/2020/12/an-ios-zero-click-radio-proximity.html
snsabot: (trilema) 2015-07-07 asciilifeform: mats: as a rule, i am entirely uninterested in 'mitigations'
snsabot: (trilema) 2015-10-27 asciilifeform: if you are unwilling to treat the problem as something to be abolished AS A LOGICAL CLASS - you are stuck with idiot epicycles
asciilifeform: the author of linked piece, is, unsurprisingly, an establishment tool. i.e. he tipped off crapple, instead of e.g. worming the hell outta the whole planetary ipnoje install base.
asciilifeform: sad but typical.
asciilifeform: not that it matters one lick in the general case -- ~all~ overflowlang shitware is effectively nsaware, i.e. has inexhaustible supply of exploitable bugolade.
asciilifeform: $ticker btc usd
btcinfobot: Current BTC price in USD: $18895.62
asciilifeform: !w poll
watchglass: Polling 16 nodes...
watchglass: 205.134.172.27:8333 : Alive: (0.084s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=659640 (Operator: asciilifeform)
watchglass: 54.39.156.171:8333 : (ns562940.ip-54-39-156.net) Alive: (0.114s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=659640
watchglass: 176.9.59.199:8333 : Could not connect! (Operator: jurov)
watchglass: 205.134.172.28:8333 : Alive: (0.024s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Return Addr=0.0.0.0:8333 Blocks=659544 (Operator: whaack)
watchglass: 205.134.172.4:8333 : (172-4.core.ai.net) Alive: (0.135s) V=70001 (/therealbitcoin.org:0.7.0.1/) Jumpers=0x1 (TRB-Compat.) Blocks=659640
watchglass: 71.114.46.209:8333 : (pool-71-114-46-209.washdc.fios.verizon.net) Alive: (0.141s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=659640 (Operator: asciilifeform)
watchglass: 208.94.240.42:8333 : Alive: (0.178s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=659640
watchglass: 143.202.160.10:8333 : Alive: (0.230s) V=70001 (/therealbitcoin.org:0.7.0.1/) Jumpers=0x1 (TRB-Compat.) Blocks=659640
watchglass: 213.109.238.156:8333 : Alive: (0.327s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=659640
watchglass: 185.85.38.54:8333 : (tlapnet-38-54.cust.tlapnet.cz) Alive: (0.411s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=659640
watchglass: 103.36.92.112:8333 : (terebe.ns01.net) Alive: (0.656s) V=99999 (/therealbitcoin.org:0.9.99.99/) Jumpers=0x1 (TRB-Compat.) Blocks=659640
watchglass: 192.151.158.26:8333 : Alive: (0.266s) V=70001 (/therealbitcoin.org:0.7.0.1/) Jumpers=0x1 (TRB-Compat.) Blocks=659640
watchglass: 84.16.46.130:8333 : Could not connect!
watchglass: 185.163.46.29:8333 : Violated BTC Protocol: Bad header length!
watchglass: 205.134.172.26:8333 : Busy? (No answer in 120 sec.)
watchglass: 205.134.172.6:8333 : Busy? (No answer in 120 sec.)
verisimilitude: What incenses me, asciilifeform, is that not only are people expected to hand over the discovered flaws, but do it for a pittance, a reduced-rate that's been gaslit as ``the right thing to do''.
verisimilitude: I could see it being fine, were the reward commensurate, but it's effectively ``Here kid, buy part of a house.''.
verisimilitude: It's disappointing that perfect software is possible, but the overlords are too incompetent to build it. Movies depict evil empires run with cold efficiency, and many other things, but my sparse knowledge of the world has me inclined to perhaps believe that the US has been mostly successful with, say, war, because of its chaotic nature, and not because of much of anything greater.
verisimilitude: What I've in mind are those quotes from Germany and Russia and the US, where the US one is, paraphrased: ``If we don't know what we are doing, the enemy certainly can't anticipate our future actions!''
snsabot: (trilema) 2017-12-24 asciilifeform: the 3 or 4 people on the planet who can actually SELL 0days , knowing they'll be paid 1) know who they are 2) wouldn't even cough and spit for a mere 500 , esp if paid in taxolade 3) don't deal with 'uber' et al, or any 'responsible-disclosure'-pushing usg.tentacle , not for promises of three kingdoms and five princesses
snsabot: (trilema) 2017-12-24 asciilifeform: the 3 or 4 people on the planet who can actually SELL 0days , knowing they'll be paid 1) know who they are 2) wouldn't even cough and spit for a mere 500 , esp if paid in taxolade 3) don't deal with 'uber' et al, or any 'responsible-disclosure'-pushing usg.tentacle , not for promises of three kingdoms and five princesses
snsabot: (trilema) 2018-05-04 asciilifeform: for instance 'responsible disclosure' ( i.e. if you find a bug, report to usg first )
snsabot: (trilema) 2018-05-22 asciilifeform: douchebag: https://www.hackerone.com/disclosure-guidelines << 'responsible disclosure'ism, payment in kycolade, etc crapola
snsabot: (trilema) 2018-05-22 asciilifeform: the only responsible, in actuality, disclosure, is one that deals maximal damage to the fucking great satan.
asciilifeform lost a line in there somewhere, but nao too late.
asciilifeform: http://logs.nosuchlabs.com/log/asciilifeform/2020-12-02#1025708 << it aint about incompetence. e.g. tagged memory architectures existed in 1970s. instead, it's about this. there is 0 systemic incentive to release products which work 'now and forever' and require 0 'upgrades', 'mitigations', etc.
snsabot: Logged on 2020-12-02 12:53:59 verisimilitude: It's disappointing that perfect software is possible, but the overlords are too incompetent to build it. Movies depict evil empires run with cold efficiency, and many other things, but my sparse knowledge of the world has me inclined to perhaps believe that the US has been mostly successful with, say, war, because of its chaotic nature, and not because of much of anything greater.
snsabot: Logged on 2020-08-20 19:16:49 asciilifeform: Aerthean: related reading. it is ~very~ difficult to profit by 'actually Do Right Thing' in engineering, vs. 'convincingly pretend to Do Right Thing' , 'i can't believe it's not butter!' atrocities.
thimbronion: asciilifeform: perhaps the only incentive to 'Do Right Thing' wrt computers arises in life or death existential matters, such as war, and humdrum commerce will just never cut it.
asciilifeform: thimbronion: and usually not even then. see also e.g. f35, boeing 737max..
thimbronion: asciilifeform: f35 ever used in combat? I have no rejoinder wrt the 737max.
snsabot: Logged on 2020-01-13 21:34:10 asciilifeform: ( notably, the vendors won in the end, and the usg.pentagon's imposition of ada for war machine industry was repealed. so that microshit cpp could reign. )
asciilifeform: the 'interchangeable component model of software engineers' in the end won even there (so that bluebloods could buy 3rd and 4th yachts.)
verisimilitude: The incompetence persists even when doing the right thing is the entire point, such as with things meant to restrict users.
verisimilitude: Intel wants a ``secure enclave'' or whatever, and can't do it properly.
verisimilitude: I've read that only Israel has had any use out of the F35, asciilifeform.
asciilifeform: verisimilitude: that's the thing, it aint meant to be used. purchased -- yes. paraded -- occasionally. used?
verisimilitude: Ada is intended to make the programmer fungible, in the sense that any large project over long enough needs to, but it's different from languages such as Java and Go, in that it doesn't bust the programmer's kneecap to do it.
asciilifeform: verisimilitude: ada was primarily intended to make the ~lang vendor~ fungible. errything else, was afterthought.
asciilifeform: this was same period as when us-dod attempted to enact e.g. a 'standard cpu' for all official irons
verisimilitude: I'm not familiar with that; do tell.
asciilifeform: verisimilitude: subj
verisimilitude: Alright.
asciilifeform: repealed, btw. and afaik last remaining producer of'em is... chinese.
verisimilitude: On the topic, Ada is nice, but I think a better way for building such software is producing the highest-level model, with as little human direction, and then using tools to manipulate it for the particulars, until it can be guaranteed it meets the requirements.
asciilifeform: verisimilitude: to understand context in which ada was enacted, must look at what sort of horrors were then in common use in heavy industry.
verisimilitude: So, ``Read from sensor and do this.'' and the like is accomplished with, say, one line of APL for the entire system (A better non-textual language would be best.), and then the machine is told to optimize it for these qualities, until it can be guaranteed real-time, etc.
verisimilitude: Another quality would be ensuring it runs in constant memory, etc.
asciilifeform: verisimilitude: this is known traditionally as 'sufficiently smart compiler'(tm). a kind of philosopher's stone in the industry.
verisimilitude: The major work, at least at the beginning, would be building proven optimizers and whatnot so it actually works, but it would probably be reusable.
verisimilitude: I don't see it that way, asciilifeform.
verisimilitude: Importantly, I want to again stress this would ideally not be a language, but a tool.
verisimilitude: I'm convinced textual languages are poor tools, and not the future, if the future is to be worth a damn.
asciilifeform: verisimilitude: to date, efforts at 'automated proof systems' more or less all resolve to this.
snsabot: (trilema) 2016-01-21 asciilifeform: mircea_popescu: when i was a small boy, my elder brother taught me a lesson once:
asciilifeform: verisimilitude: i would not refuse a mechanical reasoner/optimizer/etc which WORKED and in fact simplified, and could 'explain' how did it,etc. but these don't actually exist, the state of the art there is stuck in the early '70s still.
verisimilitude: I don't know how I'll take the idea behind mine MMC, along with other thoughts, and apply it to a high-level system, but I must act as if it's something I can accomplish.
verisimilitude: Perhaps weapons will cease to be programmed, per se, and built out of more specialized components. Its ``mind'' is viable, if it can be pressed to valid hardware.
asciilifeform: verisimilitude: it aint esp. 'sexy' activity, but i rec to read at least a little re historical compiler design (e.g. 'dragon book') an' get a sense of what can and what cannot be accomplished w/ known tech re mechanical optimizations
asciilifeform: verisimilitude: also try programming in e.g. prolog, haskell, and see what looks like when the language feels free to make use of np-complete algos at will while trying to figure out what you meant by your proggy
asciilifeform: btw verisimilitude , this leads naturally into question : pcb routing is ideal fit for machine optimizer. constraints are easily expressed ('don't cross wires'; 'make'em all as short as possible'; 'reduce layers') and 0 intrinsic text involved. pcb routing is still hell. and 0 movement on this front in
snsabot: Logged on 2020-12-02 14:22:52 verisimilitude: I'm convinced textual languages are poor tools, and not the future, if the future is to be worth a damn.
asciilifeform: decades.
verisimilitude: Well, one thing I'm certain of is that textual languages expose failure cases a dedicated tool can eliminate.
verisimilitude: The iterated removal of failure cases, along with the tool knowing its purpose and being able to automate things textual languages typically can't, stands to at the very least improve the situation greatly.
BingoBoingo: thimbronion: Israelis used F35 http://qntra.net/2019/07/israelis-enthusiastically-burning-f-35s-stealth-window-with-strikes-now-in-iraq/
BingoBoingo: Pretty much the only ones to have used F35 and take advantage of the narrow window where the stealth gives them some alleged advantage over cheaper aircraft
thimbronion: BingoBoingo: ok. My theory as stated doesn't stand then. I'll just mumble something to myself about Iraq not being a *real* adversary or something.
BingoBoingo: thimbronion I suspect they rolled their own shit for substantial parts of the softs
BingoBoingo: Or worked within the hard limits
BingoBoingo: But yeah, they pretty much ruined the F35 for all the folks paying more and hoping to use it against real adversaries later
BingoBoingo: Whether or not the F35 is getting shot down over Syria and Iraq yet... probably a really good picture of how they look to S-300 and S-400 radar arrays
thimbronion: I suspect we'll find out (or someone will) soon wrt Syria.
BingoBoingo: I strongly suspect there's an embargo on shooting them down. "Never interrupt enemy while they are making a mistake" and all that. F35 program has to have cost the US far more than any possible benefit that could be derived and... what real adversary would want to interrupt that
thimbronion: BingoBoingo: I'm sure it's generated thousands upon thousands of mcmansions though.
BingoBoingo: Funny how some people think those mcmansions are assets.
verisimilitude: I was going to make a joke about what a miracle Israel's use of the F35 would be lauded as, were religious texts still being written, but then I recalled that's what history books are.
shinohai: asciilifeform: Ever used aws for Ada ?
asciilifeform: shinohai: nope. tried -- but could not get the pile o'shit to build.
shinohai: hmmm, kk thanx. Was reading docs on it to see if I could get it to build using libressl
asciilifeform: shinohai: wasn't even a sslism barf, iirc. simply, none of my gnats would swallow the thing w/out sea of eggog