Hide Idle (>14 d.) Chans


← 2015-05-16 | 2015-05-18 →
hanbot: reasons being, nobody had figured out how to hike their pet concern to the event.
decimation: well, one would think that the trains that carry the flower of the ny & dc elites might carry some level of interest
asciilifeform: elite, on trains?
asciilifeform: what is this, 1890 ?
decimation: how do you think they travel? tsa screening?
asciilifeform: 'learjet' etc
asciilifeform: no tsa.
hanbot: elites travel?
decimation: nah. if going from dc to ny (or reverse) aircraft would be less convenient
asciilifeform: only for plebes condemned to arse searches and queues
decimation: not really. you gonna land a plane in grand central station
hanbot: who goes dc-ny?
decimation: gotta go to teterboro or some other outlying airport
decimation: lawyers, politicians, media
hanbot: i thought it was all maryland
decimation: usg is all over the place
decimation: but the important bits are within walking distance of a metro station
hanbot: ny goes to albany, mostly.
decimation: joe biden was famous for commuting daily from delaware on amtrak
decimation: while he was a senator
asciilifeform: to imagine that this is why the bricks fly, is lunacy
decimation: sorry I wasn't implying that was the case
decimation: the fact that bricks fly at such trains ought to be newsworthy
decimation: my point being that it only turns out to be newsworthy once a major accident happens and people get injured/killed
assbot: [MPEX] [S.MPOE] 40900 @ 0.00028386 = 11.6099 BTC [+]
assbot: [MPEX] [S.MPOE] 55150 @ 0.00028386 = 15.6549 BTC [+]
deedbot-: [cascadian hacker] electronics hack night featuring the twiddler and asciilifeform's TRNG - http://cascadianhacker.com/blog/2015/05/16_electronics-hack-night-featuring-the-twiddler-and-asciilifeforms-trng.html
deedbot-: [cascadian hacker] A brief history of the Bitcoin Foundation's activity from 10/2014 through 4/2015 - http://cascadianhacker.com/blog/2015/05/02_a-brief-history-of-the-bitcoin-foundations-activity-from-102014-through-42015.html
deedbot-: [cascadian hacker] fyooturgigs: knife sharpener, garbage-sorter, computational sommelier - http://cascadianhacker.com/blog/2015/04/26_fyooturgigs-knife-sharpener-garbage-sorter-computational-sommelier.html
deedbot-: [cascadian hacker] Bitcoin needs no changes to destroy your world - http://cascadianhacker.com/blog/2015/04/24_bitcoin-needs-no-changes-to-destroy-your-world.html
deedbot-: [cascadian hacker] Hacking on the Satoshi Codebase: Some Pointers - http://cascadianhacker.com/blog/2015/02/01_hacking-on-the-satoshi-codebase-some-pointers.html
trinque: decimation | it occurs to me that one use of deedbot would be timestamping potential evidence, like camera/video captures << seems a fine use.
assbot: [MPEX] [S.MPOE] 9000 @ 0.00028386 = 2.5547 BTC [+]
decimation: sure, pakistan has been a useful stooge for a variety of powers
trinque: given the cozy relationship there I would not be surprised if saudi tries to purchase nukes from pakistan, if they haven't already
assbot: [MPEX] [S.MPOE] 66150 @ 0.00027653 = 18.2925 BTC [-] {3}
decimation: eh, saudi arabia doesn't really need nukes
trinque: why don't they?
decimation: they got usg's nukes on call if they need them
trinque: http://www.wsj.com/articles/saudi-arabia-considers-nuclear-weapons-to-offset-iran-1430999409 << usg might be shifting the balance of power in the region towards their competitor
trinque: I wouldn't trust the USA if I were them.
assbot: [MPEX] [S.MPOE] 43850 @ 0.00027138 = 11.9 BTC [-] {3}
assbot: [MPEX] [S.MPOE] 18800 @ 0.00027033 = 5.0822 BTC [-]
mats: > China to invest $50bn in Brazil infrastructure
gabriel_laddel: BAD (bitcoin-assets distro) update #2.
gabriel_laddel: Testing the install process has been impeded by possibly faulty hardware (my testing box reliably kernel panics as of today - idkwtf). I'm stalled until I've new boxen. If someone were willing to set aside a few hours to test the install process, please leave it in the logs. I'll follow up with you via PM.
BingoBoingo still rather inclined towards promoting *nix hetrogeny
gabriel_laddel sees *nix hetrogeny as meaningless unless the personalized systems all have sources included, can be bundled into a usb stick or CD/DVD installer with a single procedure call
gabriel_laddel: Quote suggestions for 8chan ads:
gabriel_laddel: "He who refuses to do arithmetic is doomed to talk nonsense." - JMC
gabriel_laddel: "PS. Smart people don't give a shit about how much money you have. Because they can take it from you, any time they feel like it. Get it through your skull: you ain't buying it, you ain't coercing it, get on your knees and start worshipping it." -- http://trilema.com/2013/the-sanity-dogma/#comment-95113
gabriel_laddel: "in the meantime, resistance is not futile. only the weak of mind will be assimilated, and they are no loss, anyway." -- Naggum
gabriel_laddel: "Reductio ad absurdum, which Euclid loved so much, is one of a mathematician's finest weapons. It is a far finer gambit than any chess play: a chess player may offer the acrifice of a pawn or even a piece, but a mathematician offers the game. -- A Mathematician's Apology (London 1941)"
assbot: Logged on 17-05-2015 02:54:48; indiancandy1: im like the only pretty girl who comes in here
gabriel_laddel: !s hanbot
assbot: 795 results for 'hanbot' : http://s.b-a.link/?q=hanbot
gabriel_laddel: ;; later tell indiacandy1 who are your role models in the porn biz?
gribble: The operation succeeded.
BingoBoingo: gabriel_laddel: Did you stumble upon my 11 year plan in the logs yet?
gabriel_laddel: BingoBoingo: becoming a MMA punching bag? Yeah.
gabriel_laddel: BingoBoingo: whats up?
BingoBoingo: gabriel_laddel: Nah, avoiding MMA, becoming a boxing tomato can for my 40th birthday in 11 years
BingoBoingo: Oh, not too much is up. My youngest brother got their BS in Mechanical engineering today.
BingoBoingo: WOuld maybe recruit for La Republic serene if we need a trebuchet
BingoBoingo: gabriel_laddel: Year one goal is ending their year in sufficient shape after a decade of chainsmoking and heavy drinking to not get too winded at a gym
BingoBoingo: Also strengthening the metacarpals through controlled stress fractures
gabriel_laddel: Eh, whatever floats your boat I suppose.
gabriel_laddel: I like walking and that is about it as far as exercise goes.
BingoBoingo: I like walking too, but walking lets me smoke while I do it, also seems less like exercise and more liek an activity of daily living the doctors count against you if you can't do it.
gabriel_laddel: BingoBoingo: are you trying to impress to fuck a doctor or something?
gabriel_laddel: who cares?
BingoBoingo: gabriel_laddel: I live in a rogue state atm (Illinois) and I'd rather not have to get a prostate exam to buy legit hunting rifle of Mosin or Simnov design. So earlier this week I was watching past oscar movies and hit Million Dollar Baby. Then it hit me. Why not weaponize me?
gabriel_laddel: BingoBoingo: someone willing to slit throats isn't scary
gabriel_laddel: really, they're not even that useful.
gabriel_laddel: learn organic chemistry
gabriel_laddel: a motivated chemist is really fucking scary
gabriel_laddel: china ships precursors to mexico all the time, head out there (cn), meet the people involved.
BingoBoingo: Oh, scary is context dependent. I sat through ~75% of a pharmacy school's curriculum as a grad assistant who just worked the microphones.
BingoBoingo: Thing is the legitimate governments of most of mexico frown on synthesis without their blessing.
assbot: [MPEX] [S.MPOE] 29900 @ 0.00027969 = 8.3627 BTC [+]
gabriel_laddel: BingoBoingo: China homie
gabriel_laddel: BingoBoingo: do you know synth then?
BingoBoingo: I know the concept of a recipe and I know what a catecholamine is.
BingoBoingo: China? WTF?
gabriel_laddel: BingoBoingo: Explain C2 symmetry to me.
BingoBoingo: gabriel_laddel: It is a rotational thing. Anything cool will lack symmetry greater than C1.
BingoBoingo: Blame our earth biases towards amino acids one way and carbohydrates another, not opposite way
BingoBoingo: citalopram vs. escitalopram and levo-methamphatamine vs. dex-methamphetamine is a good starting point on chirality
gabriel_laddel: BingoBoingo: The bent I'm attempting to communicate here is something like this: You've made it to #b-a, which unlike any community I've ever encountered provides a foundation for building a sane civilization and you want to... become a boxer? It doesn't follow. Boxing is a last resort sort of thing, even if you were to become the worlds best boxer you're still basicly some poor fuck who couldn't make
gabriel_laddel: it as an intellectual.
gabriel_laddel: If your goal is to become scary, well, there are way to get there that are going to make you much more scary than the worlds best MMA fighter.
BingoBoingo: Ah, You are looking at ends.
gabriel_laddel: If your goal is to become healthy, idk how boxing figures into it.
gabriel_laddel: Yeah, always work towards a purpose, not a cause right?
gabriel_laddel: that said, I wish you the best in all your ventures.
BingoBoingo: My take is there is a tradition.
gabriel_laddel: Regarding China - finding reliable chemical suppliers and integrating with the WoT sounds like a useful use of one's life.
gabriel_laddel: /s/useful/productive
gabriel_laddel: <BingoBoingo> My take is there is a tradition. << this means nothing to me
BingoBoingo: It requires minimal monetary expenditure and substantial time expenditure to approach X, A side effect of X is getting punched. Getting punched will happen regardless through other habits I entertain.
cazalla: ya know BingoBoingo, people told pacman he couldn't become a boxer
gabriel_laddel: Getting punched will happen regardless through other habits I entertain. << can't save people from themselves...
BingoBoingo: I'm actually pretty good at taking a beating.
gabriel_laddel: I'm excellent at shooting H
gabriel_laddel: Seriously?
BingoBoingo: Seriously, Mu chin is good.
gabriel_laddel: Between me, rents and sickboy I'm the best petty thief
BingoBoingo: +++++++ ^ +++++++++
mircea_popescu: decimation afaik it was always known (tm) that they found him by sherpa.
mircea_popescu: <decimation> they got usg's nukes on call if they need them << nope, not anymore. new king is trashing the alliance.
mircea_popescu: the us will have to work out of cuba and hawaii.
BingoBoingo: Thankfully Obummer surrendered to the Castros
mircea_popescu: can be bundled into a usb stick or CD/DVD installer with a single procedure call <<< exactly this.
mircea_popescu: an "install" you have to "fiddle with" is not an install.
mircea_popescu: gabriel_laddel kinda too long to fit on a banner, i fthat's what you meant ?
cazalla: of course for every pacman there is countless spider ricos
gabriel_laddel: mircea_popescu: small fonts? I can't speak for anyone else, but I *must* read pretty much any text that makes its way into my vision.
cazalla: BingoBoingo, figured you more for baseball anyway, then you could get juiced up on HGH
cazalla: hispanics getting homeruns
mircea_popescu: gabriel_laddel I like walking and that is about it as far as exercise goes. << im pretty much the same.
BingoBoingo: cazalla: The time it takes to learn to throw anything left handed... versus the exosud of young potential prize fighters for MMA and the NFL... I leik my odds
mircea_popescu: " You've made it to #b-a, which unlike any community I've ever encountered provides a foundation for building a sane civilization and you want to... become a boxer? It doesn't follow." << ahaha lulzy way to put it, but i dbout the guy actually aspires to this as his life. sounded more like a hobby to me
cazalla: still don't get the 11 years of training
mircea_popescu: gabriel_laddel i think that's how half the chan people are too. that's why it's such a trap for them
BingoBoingo: mircea_popescu: Honestly having been roundly rejected by the fiat economy anything I approach is as a hobby, except for the qntra. The Qntra is deadly serious.
mircea_popescu: but anyway, guy has it : we definitely need more people in china.
BingoBoingo: cazalla: If only you knew the tar on my lungs.
assbot: [MPEX] [S.MPOE] 15950 @ 0.00027982 = 4.4631 BTC [+]
BingoBoingo: Also, 40 is kind of peak athlete age barring major injuries
cazalla: i dunno about that, boxing? maybe though
cazalla: but still, 12-18 months training and you're good to go
BingoBoingo: cazalla: Think about how many pitchers peak in ability in their late 30's early 40's (or not) versus combat sports peeps over at 30 because they are too beat.
cazalla: and that's if ya only never boxed before
BingoBoingo: First step is getting to high school graduation weight.
cazalla: slip the jab
BingoBoingo: While building the upperbody and core back up
cazalla: do ya compound exercises
gabriel_laddel: hahahaha
BingoBoingo: I leik'd dpb's "transmen are evil" sjw clickbait tumblr
BingoBoingo: cazalla: Working on it.
cazalla: yeah i keep meaning to as well but the booze really gets its hooks in
mircea_popescu: https://www.youtube.com/watch?v=66ag6-nWZ1E << dude, i had no idea that cartman-vlog south park episode was actually ripped from an irl thing
assbot: [MPEX] [S.MPOE] 13050 @ 0.00027982 = 3.6517 BTC [+]
BingoBoingo: Boose isn't as bad as the smoking it seems atm for me, may change.
BingoBoingo: mircea_popescu: Anymore nothing in south park doesn't have an irl connection
mircea_popescu: apparnetly.
BingoBoingo: Last season's season long arc and its tanents all irl tied
BingoBoingo: *tangents
mircea_popescu: check it out jurov https://8ch.net/btc/res/33.html#177 teh plebs do not like your art!
cazalla: ya should toss a quote in from that boy and the tree, that'd go well in /pol/ believe it or not
mircea_popescu: (honestly, that hauling assets banner is great, easily the best of the crop. meanwhile the qntra one is probably the shittiest. imagine these derps, conflating the extremes like that)
BingoBoingo: Nah that's a tie for beating rhonda quotes
mircea_popescu: cazalla oh that's a point huh.
cazalla: it's a great story though, not the first trilema article i read but the first that stuck in my mind
cazalla: BingoBoingo, anyway we should both train and then we can put on some exhibition fights in BA in a year or 2, find some local picaninnies to go up against
BingoBoingo: cazalla: That sounds agreeable
mircea_popescu: ;;seen mike_c
gribble: mike_c was last seen in #bitcoin-assets 4 days, 13 hours, 37 minutes, and 38 seconds ago: <mike_c> i'll add something
BingoBoingo: The dying locust tree in the back yard will probably appreciate the break
mircea_popescu: omg mikey! i need you.
BingoBoingo: If anyone didn't guess already the Qntra Bird Flu article came out of buying 2 dozen eggs and the next week buying the same two dozen eggs for a budget busting (who plans for 67% markups) price.
cazalla: BingoBoingo, buying em? what's the matter with you, can't catch a chicken?
cazalla: chicken chasing is how we use to train in the old days btw
BingoBoingo: cazalla: Turkeys here you can catch wild. Fuck, drove past a roadkill armadillo today which should only happen on the other side of the mississippi river. Chickens though... It takes three eggs to make a decent omlette. Even if you are getting an egg from each hen per day that's still a lot of birdshit.
cazalla: armadillo edible?
BingoBoingo: cazalla: Carries Leprosy
BingoBoingo: So, maybe? I'm not that brave.
cazalla: i thought road kill was like american pie
BingoBoingo: cazalla: You still got to be picky. People fight over rights to bumper deer. Less so for plague carriers like armadillo.
BingoBoingo would rather punch one of the local coyotes into dinner than try making an armadillo edible
BingoBoingo: <gabriel_laddel> BingoBoingo: The bent I'm attempting to communicate here is something like this: You've made it to #b-a, which unlike any community I've ever encountered provides a foundation for building a sane civilization and you want to... become a boxer? It doesn't follow. Boxing is a last resort sort of thing, even if you were to become the worlds best boxer you're still basicly some poor fuck who couldn't make << Where are
BingoBoingo: you a native to?
gabriel_laddel: BingoBoingo: USSA
BingoBoingo: <gabriel_laddel> If your goal is to become scary, well, there are way to get there that are going to make you much more scary than the worlds best MMA fighter. << Scary for the sake of scary is one of the last things I aspire to. That's how people get shot and sliced.
assbot: [MPEX] [S.MPOE] 14507 @ 0.00027969 = 4.0575 BTC [-]
gabriel_laddel: BingoBoingo: You're splitting (the wrong) hairs.
BingoBoingo: Anyways my survey of the field now is half the people on my high school's football team tried MMA at one point and got into "pro" fights of some sort. They played the proverbial tomato can to a t.
BingoBoingo: Because few of them could get under heavy weight.
gabriel_laddel sputters, cannot compute
cazalla buys BingoBoingo a tapout shirt for xmas
BingoBoingo: Some things don't
BingoBoingo still works on getting reasonably fit though
BingoBoingo though doing an honest assessment finds a person who can reasonably keep up in a lot of #b-a convos but who can't program for shit. And honestly... training to trade punches seems much easier than learning to program on any level approaching asciilifeform, ben_vulpes, and mod6.
BingoBoingo: And numerous others
BingoBoingo admits probably too old to lern to code worth damn
assbot: [MPEX] [S.MPOE] 53460 @ 0.00027015 = 14.4422 BTC [-] {2}
assbot: [MPEX] [S.MPOE] 36100 @ 0.00027695 = 9.9979 BTC [+] {2}
assbot: [MPEX] [S.MPOE] 18700 @ 0.00027982 = 5.2326 BTC [+]
assbot: [MPEX] [S.MPOE] 64800 @ 0.00027534 = 17.842 BTC [-] {2}
assbot: [MPEX] [S.MPOE] 7602 @ 0.00027982 = 2.1272 BTC [+]
assbot: [MPEX] [S.MPOE] 44855 @ 0.00027118 = 12.1638 BTC [-] {2}
assbot: [MPEX] [S.MPOE] 4295 @ 0.0002685 = 1.1532 BTC [-]
assbot: [MPEX] [S.MPOE] 21863 @ 0.00027982 = 6.1177 BTC [+]
assbot: [MPEX] [S.MPOE] 36600 @ 0.00027988 = 10.2436 BTC [+] {2}
assbot: [MPEX] [S.MPOE] 17750 @ 0.0002685 = 4.7659 BTC [-]
assbot: [MPEX] [S.MPOE] 49850 @ 0.00027301 = 13.6095 BTC [+] {3}
assbot: [MPEX] [S.MPOE] 30009 @ 0.00028072 = 8.4241 BTC [+]
copypaste: ;;later tell mircea_popescu 8chan is also blocked in Saudi Arabia and Oman according to reports I've received. Apparently only a few Russian ISP block it on order of ROSKOMNADZOR.
gribble: The operation succeeded.
assbot: [MPEX] [S.MPOE] 48216 @ 0.0002684 = 12.9412 BTC [-] {2}
assbot: [MPEX] [S.MPOE] 110000 @ 0.00026761 = 29.4371 BTC [-] {2}
assbot: [MPEX] [S.MPOE] 56200 @ 0.00027402 = 15.3999 BTC [+] {2}
assbot: [MPEX] [S.MPOE] 27550 @ 0.0002676 = 7.3724 BTC [-]
jurov: http://log.bitcoin-assets.com/?date=17-05-2015#1134165 i don't see how, if we're limited to straight paths for electrons
assbot: Logged on 17-05-2015 02:37:42; asciilifeform: http://log.bitcoin-assets.com/?date=17-05-2015#1134108 << they don't need to turn sharp corners, in our hypothetical machine
jurov: your "field emission display" is in fact counterexample - it does no computation whatsoever while electron flies
jurov: classic CRTs do at least the "demultiplexing"
assbot: [MPEX] [S.MPOE] 27100 @ 0.00028096 = 7.614 BTC [+] {2}
assbot: [MPEX] [S.MPOE] 23600 @ 0.00027548 = 6.5013 BTC [-]
assbot: [MPEX] [S.MPOE] 18800 @ 0.00028108 = 5.2843 BTC [+]
davout: ;;later tell mircea_popescu http://i.imgur.com/g5ci4oK.png <<< the paymium banner
gribble: The operation succeeded.
assbot: [MPEX] [S.MPOE] 35750 @ 0.00027707 = 9.9053 BTC [-]
asciilifeform: ;;later tell mircea_popescu http://nosuchlabs.com/stats << notice anything ?
gribble: The operation succeeded.
asciilifeform: jurov: you are quite right, the electrons would have to move laterally. but not necessarily in very sharp turns.
asciilifeform: ;;later tell mircea_popescu you've got mail.
gribble: The operation succeeded.
asciilifeform: yes, we broke a pgp key.
mats: how exciting
asciilifeform: ;;later tell kakobrekla https://bitbet.us/bet/1144/phuctor-will-find-a-bad-key can be resolved? get the necessary data from mircea_popescu
gribble: The operation succeeded.
asciilifeform: (for anyone perplexed - we promised not to announce dud keys publicly, at least not if key's owner answers the warning - see http://nosuchlabs.com/theory )
kakobrekla doesn't resolve bets, but mods that do read bb comments so is fine.
asciilifeform: kakobrekla: i woke you up because the info necessary to resolve this bet is not public (as of yet.) hence tricky.
asciilifeform: in fact, i'm rather unclear on what will happen if key's owner wakes up and asks 'pretty please don't rape me on camera'
davout: RAEP RAEP RAEP
asciilifeform: (he isn't anyone we know. but we did promise to spare)
mats: i loled. 1.08btc on 0.02btc
asciilifeform: somebody's gonna chortle on cock
mats: too bad its the house
davout: lol
asciilifeform recused himself from the bet
kakobrekla: well, lets see what the wot is worth.
kakobrekla: anyway, the affected parties are basically (listed by alphabetical order): mp
asciilifeform: phun phuct: i never actually tested the code which displays phuctored moduli. (couldn't be bothered to craft a dud key, it's a pain) - but it worked. because was written correctly. perhaps a novel concept to some folks
kakobrekla never heard of that
asciilifeform: and the poor bugger appears to be in the strong set, no less.
davout: asciilifeform: aren't there, by definition, at least two 'buggers'?
assbot: [MPEX] [S.MPOE] 38700 @ 0.00028269 = 10.9401 BTC [+] {2}
adlai: iiuc, finding the second bugger would require bruteforce checks against all the keys contributing to the modulus that phucked the first bugger
adlai: (not that much work, definitely less than the work which has already been done to find the first one)
assbot: [MPEX] [S.MPOE] 65450 @ 0.00028294 = 18.5184 BTC [+]
adlai: (phuctor now knows the factorization of a single key, and it knows which of the two prime factors is shared with the second bugger)
davout: if you know that there's another broken one in the set, might as well re-check the set to find it
asciilifeform: davout: there sure are
asciilifeform: davout: in not too long, i will learn who the 2nd one is.
asciilifeform: so here's my other observation:
asciilifeform: we haven't really discussed it, but there are interesting implications in breaking a fella's pgp key.
asciilifeform: mircea_popescu likes to speak of having 'killed' that greek derp, but in a very real sense the schmuck whose key we just broke, is dead
asciilifeform: which is to say, i could sign, with his key, 'please rape me in public with a donkey' and it will be as legit as anything he will ever say himself
asciilifeform: in the eyes of the gods
asciilifeform: to rephrase, he no longer (if ever did) have sole control of his private key
asciilifeform: and we must not neglect the third party - the fine folks who boobytrapped mr schmuck's copy of pgp.
asciilifeform: if keys are identities are people - which, for purposes of wot and dealings among folks who will never meet in the flesh, they most certainly are - that one: has died.
asciilifeform: phuctor does not send automatic emails. to anyone. so, let's see what happens when mircea_popescu writes to mr schmuck
asciilifeform: but my point above was, what are we to do with the answer? it could be coming from just about anyone!
assbot: [MPEX] [S.MPOE] 38491 @ 0.00027652 = 10.6435 BTC [-] {2}
assbot: [MPEX] [S.MPOE] 3909 @ 0.00027595 = 1.0787 BTC [-] {2}
jurov: asciilifeform: but there were multiple people with colliding moduli, not only one?
jurov: or i misunderstand something?
assbot: [MPEX] [S.MPOE] 39142 @ 0.00027555 = 10.7856 BTC [-]
jurov: soo i have inadvertently turned to computational sommelier,too... thinking about replacement to my broken qwerty phone, then it hit me..n900!
jurov: with possible upgrade to neo900 in few months (expected price 900euro, tho)
assbot: [MPEX] [S.MPOE] 42000 @ 0.00026963 = 11.3245 BTC [-]
adlai: jurov: yes, at least two keys need to have a primer in common. had phuctor run over the keys in reverse order, it would've found the other chump first
asciilifeform: jurov: there is a second, but it will take a while to unearth it.
asciilifeform: mircea_popescu!
mircea_popescu: 340k submitted HOL SHIT
asciilifeform: ahahahaha.
mircea_popescu: achtung BingoBoingo cazalla : phuctor broke a rsa.
asciilifeform: mircea_popescu read log
asciilifeform: and check yer mails
mircea_popescu: yes im going to
asciilifeform: the most lulzy part (what the common factor was) is not even posted publicly yet.
mircea_popescu: im waiting to share it in the interview lolz.
asciilifeform: kudos to mircea_popescu for supplying the cpu cycles for this apparatus pro bono
mircea_popescu: i am in complete disbelief that this actually happened.
mxtm: what exactly has happened?
mxtm: gpg key has been breached?
mxtm: or
asciilifeform: mxtm: some 2 schmucks (of which i've identified 1, but the other will follow in a week or so) had common factor in their rsa private keys.
mircea_popescu: this is truly fucking major.
mxtm: and you derived the priv keys from this?
mircea_popescu: yes. once keys are factored we have the privkey.
mxtm: jeez
mxtm: that is quite major
mircea_popescu: that is quite major. but it's not the half of it.
mircea_popescu: more stuff to be announced here, later.
mircea_popescu: ;;rated asciilifeform
gribble: You rated user asciilifeform on Sat Nov 30 16:31:44 2013, with a rating of 3, and supplied these additional notes: S.NSA engineer..
mircea_popescu: ;;rate asciilifeform 4 First man to factor a 4096 RSA key in the history of computing.
gribble: Error: For identification purposes, you must be authenticated to use the rating system.
assbot: [MPEX] [S.MPOE] 49144 @ 0.00026758 = 13.15 BTC [-] {2}
mircea_popescu: !rated asciilifeform
assbot: You rated user asciilifeform on 30-Nov-2013, with a rating of 4, and supplied these additional notes: He came up with the Cardano For Christmas marketing plan. Also phuctor..
asciilifeform: eh waitup
mircea_popescu: !rate asciilifeform 5 4 First man to factor a 4096 RSA key in the history of computing.
assbot: Request successful, get your OTP: http://w.b-a.link/otp/f995623f9ad9fe6a
asciilifeform: perhaps the ssl folks did
asciilifeform: factor one
mircea_popescu: i sign my lines, you sign your lines
mircea_popescu: !v assbot:mircea_popescu.rate.asciilifeform.5:d27ae6467cd0fbd6f440b352f05f3a753c3bde57d60bac74172b5cf5cc0fd544
assbot: Successfully updated the rating for asciilifeform from 4 to 5 with note: 4 First man to factor a 4096 RSA key in the history of computing.
assbot: [MPEX] [S.MPOE] 65133 @ 0.00027838 = 18.1317 BTC [+] {3}
williamdunne: Holy shit wel done asciii
asciilifeform: williamdunne: 'first ecstacy, then laundry.' (al schwartz)
jurov: i have verified my gpg 2 imports it
asciilifeform: jurov: most peculiar. it is a valid rsa key.
mircea_popescu: yeah now he has to do various shit.
asciilifeform: no this is a good find, i will add it to the queue of three or four other mysterymeats
asciilifeform: the only peculiar thing i can see in this key is the use of odd orcish hieroglyphs in the id string
asciilifeform: but that shouldn't throw off my apparatus.
mircea_popescu: lmao utf strikes again
mircea_popescu: python strings alf. python strings.
asciilifeform promises to investigate this oddity, and see if there are others like it, as soon as finishes current plate
mod6: <+mircea_popescu> yes. once keys are factored we have the privkey. << holy shit o.0
asciilifeform: for the record, since folks were asking, much simpler than i thought,
asciilifeform: we have schmuck-P; if one were to divide Π(∀n) by (schmuck-P ^ 2), result is J*K where J is $schmuck-Q and K is $otherschmuck-Q. thereby K*schmuck-P == otherschmuckmodulus.
asciilifeform: no need to walk it.
mod6: lol, great work.
mod6: im stunned. very impressive.
asciilifeform: that was fast.
mike_c: mircea_popescu: good afternoon
mircea_popescu: mike_c just hte man i wanted to see
mike_c: what can i do for you?
mircea_popescu: say, can i has 728x90 bitbet banners ? and in some manner WITH the link, so i can put them on 8chan ?
mircea_popescu: you get to use your own btc addy for referrals.
mike_c: yeah, i can whip that up
mircea_popescu: excellent.
mod6: wow! 231?!
mod6 falls out of his chair
mxtm: looooooooooooooool
mxtm: yeah
mxtm: that's great
Apocalyptic: asciilifeform, mircea_popescu, congratulations
mod6: ^^
Apocalyptic: this is quite stunning
mircea_popescu: i am quite stunned myself.
mircea_popescu: anyway, i do encourage everyone to try this themselves.
mxtm: now what do we do with our GPG keys and GPG in general :(
Apocalyptic: asciilifeform, isn't Π(∀n) the product of all the modulus treated by phuctor ? how do you get $schmuck-Q * $otherschmuck-Q by dividing it by (schmuck-P ^ 2) ?
mircea_popescu: mxtm we check implementations to make sure they're conformant to spec.
mircea_popescu: the spec is in no way broken by this.
mircea_popescu: oh also - if anyone has a hacker news account or w/e - put it in.
asciilifeform: Apocalyptic: you are correct, the formula is missing a step. but i will leave it as exercise.
Apocalyptic: asciilifeform, that calculation makes sense if Π(∀n) is in fact the product of only the two modulus we're interested in
asciilifeform: mats: the ssl folks ?
asciilifeform: i shat on them when we started out, because they published neither code nor results !
asciilifeform: and i shit on them now.
mircea_popescu: never happened (tm)
asciilifeform: the paper is worth reading, it contains a bit of exposition on -how- a schmuck might end up with dupped privates
Apocalyptic: asciilifeform, also I noticed that "Moduli waiting to test" number is updated quite regularly, why the running product displays the same number of digits for a while now, I guess it doesn't update as often ?
asciilifeform: Apocalyptic: it gets updated when a batch is done
asciilifeform: Apocalyptic: so you'll be waiting a few days
Apocalyptic: s/why/while
asciilifeform: ^ good question
asciilifeform: answrs.
mircea_popescu: optimized bubble-like process, was discussed in the logs iirc
mircea_popescu: faster to pair them up.
asciilifeform: we don't crap out the product often, it dances on the disk and slows things down
asciilifeform: it lives in ram normally.
Apocalyptic: understandable
asciilifeform: (which is why the thing takes an ungodly time to revv back up after a cold boot)
deedbot-: [Trilema] Full disclosure : 4096 RSA key in the strongset factored. - http://trilema.com/2015/full-disclosure-4096-rsa-key-in-the-strongset-factored/
asciilifeform: aaaaand then there were 2.
mats: if that makes it to front page, prepare for an onslaught of 'mp is a pornographer and slaver'
mircea_popescu: oh, well... this was powered by slave labour.
mircea_popescu: ask anyone. such as stan.
mats: asciilifeform: ya, wasn't sure if the link was the same paper you referred to earlier re: 'ssl folks'
jurov: lol. and which machine was this? in odessa?
mircea_popescu: and holy shit.
mircea_popescu: boys ? it ... it just found another.
mircea_popescu: NOT the pair to the previous one.
mircea_popescu: another PAIR
mod6: wow!
mxtm: WHAT LOL
mod6: exponential ?!
mircea_popescu: omfg strong set is rotten to the core.
mircea_popescu: expo-fucking-nential.
mircea_popescu: see, it needed a well loaded up P
davout: hory shet
mircea_popescu: asciilifeform is this 500 line py script published anywhere ?
asciilifeform: the ugly www frontend ?
asciilifeform: or werker
Apocalyptic: wait, the worker is a python script ?
asciilifeform: i don't recall if i posted it anywhere.
asciilifeform: Apocalyptic: v1 was. but not this one
asciilifeform: the thing that does the gruntwork is in c, uses gmp (as gpg uses)
Apocalyptic: sound choice
asciilifeform: the www front end is an ugly python hack
asciilifeform: i posted werker in #b-a a few days after phuctor went public
asciilifeform: no one commented
asciilifeform: feel free to post somewhere
mircea_popescu: asciilifeform plox put it as post on loper-os
asciilifeform: the src specifically ?
mircea_popescu: and yes, 2nd one also includes key in strong set.
asciilifeform: mircea_popescu: sure, lemme cook up a ps0t
davout: so 2 identified keys have been factored and 2 others have been factored, but not identified yet, right?
Apocalyptic: mircea_popescu, asciilifeform, will the second colliding prime be published ?
davout: just publish them in chan, as they come, more log readership
davout: :D
mircea_popescu: Apocalyptic nah.
mircea_popescu: just owner(s) announced.
mircea_popescu: davout two pairs of gpg keys are known, in the sense that their pubkey modulus has been factored.
kakobrekla: same p on second one?
mircea_popescu: nope. 21 this time. why bother with a full length 77 when one could just use 7.
Apocalyptic: <mircea_popescu> just owner(s) announced. // once you have the owners name you can get their keys, and at that point it's trivial to compute the common prime factor
mircea_popescu: (generally - since the gcd finally contains 3, it will be a massacre now for all the shitty keys)
mod6: 21?!
mircea_popescu: Apocalyptic announced PRIVATELY. of course.
mircea_popescu: im not tellin' you.
davout: mod6: digits?
mircea_popescu: Apocalyptic from what i hear alf's contemplating sending them certs signed by their own key.
mircea_popescu: he has a sense of humour like that.
mod6: proof in the pudding :]
davout: mircea_popescu: best proof possible
davout: !up bad_duck
mircea_popescu: if anything shows the value of hard work and just sitting down and doing it, in the present environment of financial "futures" and just-in-time everything, this would be it.
davout: !rated bad_duck
assbot: You rated user bad_duck on 25-Mar-2014, with a rating of 1, and supplied these additional notes: encore une victoire pour canard.
mircea_popescu: everybody could have tyold you gcd'ing is a waste of time and cycles.
mircea_popescu: "que permitía romper una clave pública de 1024 bits en 20 minutos, con un simple portátil."
assbot: Logged on 15-05-2015 04:11:23; mircea_popescu: (for they following at home : 4x as many bits does not mean 4x as large numbers. when computer registers went from 32 to 64 bits, maxint went from 2147483647 to 9,223,372,036,854,775,807)
mircea_popescu: you know, just a line down from where i say "i have my doubts 4096 keys will EVER be factored."
bad_duck: davout: thx
mircea_popescu: of course, i was not contemplating nonsense of this sort.
davout: bad_duck: you should be able to !up yourself in PM with assbot
asciilifeform: jurov: i'm waiting for the apocalyptic 'omg1111111111!!!111 pgp broken, seppuku now' stampede
davout: hahaha, reddit is downvoting it
davout: if(matters) { downvote } else { moon_moon_moon }
jurov: more like "mircea popescu t3h ev1l"
mircea_popescu: what do i have to oh
mircea_popescu: cause of trilema ? ookay.
davout: because paywall...
mircea_popescu: the supreme irony of which being, that you have to be a fairly frequent reader to hit the paywall.
davout: precisely
jurov: of be behind NAT with an reader
jurov: *or
mxtm: wait
mircea_popescu: i guess, yeah.
mxtm: apparently, luckier
asciilifeform: the article on my www (earlier link) contains link to 'werker'
asciilifeform: for curious folks
mxtm: is that supposed to be a hint at the number
mircea_popescu: mxtm no, it's just that having maintained control over the box i feel no need to divulge anything.
mxtm: gotcha
mats: re: previous es link, it appears openssl at some point did not check whether factors were weak
asciilifeform: mircea_popescu: at this point i must note that i have no idea if i'm connected to shakespeare or another man by the same name, when i talk to dulap
mircea_popescu: mats gpg always did afaik, special algo foir this
assbot: [MPEX] [S.MPOE] 15306 @ 0.00028464 = 4.3567 BTC [+]
asciilifeform: the box, if it had been purloined and returned, has yielded up its private ssh key to enemy
mircea_popescu: asciilifeform why, no openssl ? :D
mircea_popescu: you can make another one.
asciilifeform: make other one by taking airplane ?
mircea_popescu: make another one while ssh'd in :D
asciilifeform: or by asking ft meade, where the process lives now, to do it
asciilifeform: if it was stolen - it remains stolen
asciilifeform: sorta how one can't un-fuck goat
asciilifeform: take a minute to think
mircea_popescu: APPRECIATE MY SARCASM GOD DANGIT
asciilifeform appreciates. commenting re: 'maintained control'
jurov: just use cpanel to replace the ssh key, no?
mircea_popescu: voted most likely to succeed perianne.
asciilifeform: so far this is nothing.
mircea_popescu: davout hit a reload, went from 2 points by davout 8 minutes ago to 49 points by davout 35 minutes ago | 11 comments
asciilifeform: wait till we find the boobytrapped pgptron that is responsible for the $smallint factors.
mircea_popescu: asciilifeform very curious, because i always suspected you know "older versions"
mircea_popescu: well... shit man, older versions don't really do 4kb keys
trinque: holy phuctor
asciilifeform: gonna guess it's a creative bug where pollard-rho -must- fail to pass
davout: asciilifeform: what's the version string on the key?
asciilifeform: which one
jurov: phuctor discards comments, i guess
asciilifeform: jurov: actually sks does
assbot: [MPEX] [S.MPOE] 52218 @ 0.00028491 = 14.8774 BTC [+] {2}
mircea_popescu: yeah, sks cuts comments.
mircea_popescu: this, tbh, is a good move, because : someone came up with the fucktarded idea of adding "visual" identity to keys. as if i can tell one whore from another on the basis of a 5kb icon.
asciilifeform: i was never strongly interested in the version strings. anyone can write what he wants.
asciilifeform: it isn't even signed
mircea_popescu: allowing comments means you can't have fixed width tables, which ffs.
asciilifeform: i can change yours to 'pgp over dead goat' and it'll parse.
mircea_popescu: also this.
mircea_popescu: jurov lots of these republishing things. i think it's some business major's idea of web entrepreneurship
asciilifeform: achtung, panzers
mats: hey, they preserved links to the original thing.
mircea_popescu: asciilifeform i know.
mircea_popescu: what did you think the considerations were.
mxtm: woah, i didn't know that hpa was
mxtm: THE peter anvin
trinque: so... gpg's used by kernel devs to sign patches, eh?
trinque: oh man he's the maintainer of kernel.org?
mxtm: used to be
mxtm: and like his name used to show up on syslinux
trinque: that's... incredible
mxtm: everything that used syslinux
mxtm: it would be like
mxtm: SYSLINUX PETER ANVIN
asciilifeform: wai wut
asciilifeform was off reading wankatron threads on hn, reddit
mircea_popescu: asciilifeform i thought you were banned on graham-altman propertiesd
asciilifeform: did we just nuke a known fella
asciilifeform: mircea_popescu: my -site- iirc was banned.
mircea_popescu: you were banned on wikipedia, for being a spammer, i recall now.
asciilifeform: i'm a little surprised that trilema wasn't
mod6: nice
davout: http://log.bitcoin-assets.com/?date=17-05-2015#1134868 <<< did that for a deed, got trinque all worked up, 'whoa, you really do GPG on an atari box??'
assbot: Logged on 17-05-2015 17:59:08; asciilifeform: i can change yours to 'pgp over dead goat' and it'll parse.
trinque: haha
trinque: twas win 3.11, I remember
mircea_popescu: "In the army battle field tactical communication are handle by streaming ciphers on the radio. The idea is not to be impossible to breach. But strong enough that time is on your side"
mircea_popescu: experts :D
mircea_popescu: !up d34th
d34th: thanks, its been a while since i've been in here
mircea_popescu: how do you like the world outside ?
d34th: its a dark and dangerous place
mircea_popescu: gotta update that post.
mircea_popescu: actually i guess just the comment will do.
mircea_popescu: !up dandelany
williamdunne: To this day I have not had my connection drop, the wired connection has remained solid without dropping. Maybe I'm just lucky and ddos guys like me?
mircea_popescu: Server Load0.45 << kinda funny to watch trilema iron.
mircea_popescu: williamdunne i dunno what exactly he does, but if people are complaining it must be something.
trinque: it has happened to me on occasion
d34th: mircea_popescu: question about the working is it cpu based or opencl
trinque: not since cloaked and getting a new IP from the ISP
mircea_popescu: d34th you mean phuctor ? it's cpu
d34th: i have a few cores i could donate
davout: it would probably make sense for the phuctor to start munching SSL certs as well
mircea_popescu: d34th you wanna do something, do the same with ssl certs.
mircea_popescu: openssl is dead for us here./
asciilifeform: see link by mats earlier
asciilifeform: re: openssl
asciilifeform: (it was, purportedly, done, by a bunch of academitards who refuse to publish any results)
mircea_popescu: !up fgeek
mike_c: mircea_popescu: banner created. http://www.btcalpha.com/bb_ad.png?height=90
mircea_popescu: mike_c how do i get what url it needs to link to ?
asciilifeform: incidentally, folks asking 'how does it work' can go to my site & read the fucking src now
asciilifeform: the relevant bit is posted
davout: mircea_popescu: it would be better for the phuctor itself to do it
mircea_popescu: you can just import the P ?
mircea_popescu: it's published for this reason.
davout: or i guess yes, GCD the running product once in a while
asciilifeform: this is a point, if you convert your ssl or whatever rsa key to pgp format,
asciilifeform: you can throw it in the pot with the rest.
asciilifeform: ditto ssh
mircea_popescu: in other news, how does a server look while trending on everything ? like so :
mircea_popescu: CKKC_CKC__._CKKKKWKKKK__KK_KKK___KKKK___C_KKC_KK___C_K.WWK._K__.
mircea_popescu: .KK_WCCC__K___CK_KKKK___K__C__C_KW_C_KK_K_KWK__C_CKC_W___.CK_KCK
mircea_popescu: KC_K_K__C_K_____K_______K_K_K____________K_..._.................
mircea_popescu: .............K..................................................
davout: asciilifeform: it doesn't parse plain rsa keys?
asciilifeform: (please don't throw in private key. i will -not- get it back out for you)
asciilifeform: davout: nope. applies pgp parser 1st
asciilifeform: -possibly- if folks ask nicely i will add a 'throw modulus raw' thing
asciilifeform: but right now the display apparatus expects all moduli to be associated with pgp keys
asciilifeform: (one or more)
mike_c: I have a script that will do it, not sure if you can use that for your ads? If not, we could either pick a specific bet to promote and link it to that, or link to homepage.
williamdunne: mircea_popescu: What do the CKW__.s mean?
asciilifeform: does one of you ad folks wanna make a commemorative banner for this occasion ?
asciilifeform: 'we broke a 4096 key, read how'
davout: lol, good idea
mircea_popescu: williamdunne "_" Waiting for Connection, "S" Starting up, "R" Reading Request, "W" Sending Reply, "K" Keepalive (read), "D" DNS Lookup, "C" Closing connection, "L" Logging, "G" Gracefully finishing, "I" Idle cleanup of worker, "." Open slot with no current process
mircea_popescu: mike_c you see how the 8chan ads work ?
mircea_popescu: i pass a base64 img wrapped in a tags. could you maybe make it be the same and i just forward it ? dunno.
asciilifeform: then again, is it 'him' or 'another shakespeare'
asciilifeform: anybody got any material signed by anvin ?
davout: few extra features to implement for the phuctor... also nice to have: "throw list of URLs at it, it fetches the SSL cert and tries to factor it"
mircea_popescu: davout yeah cuz we're so totally out of material to squeeze atm :D
asciilifeform: l0l aha
mike_c: mircea_popescu: iframe?
mircea_popescu: run out of geyser oil, gotta go to fracking.
davout: yo
mircea_popescu: mike_c https://8ch.net/btc << see what it imports from trilema.com
williamdunne: mike_c: could work just as well as an <img src="something.php"/>
mircea_popescu: nice one trinque
trinque: mircea_popescu: pretty lulzy
asciilifeform: trinque: 0xBDA06085493BACE4
assbot: [MPEX] [S.MPOE] 35469 @ 0.00028515 = 10.114 BTC [+]
mircea_popescu: asciilifeform https://news.ycombinator.com/item?id=9561045 << please be warned about my kthx
mike_c: mircea_popescu: ok, i can make something like that. headed to a bbq right now, I'll get it going tonight.
mike_c: mircea_popescu, asciilifeform: awesome work guys :)
mircea_popescu: mostly him.
Apocalyptic: asciilifeform, it so happens that $shmuck-Q is actually not a prime as well
mircea_popescu: nothing is a prime anymore ;/
asciilifeform: jurov: i was suspecting a spurious key
asciilifeform: or corrupt sks
mircea_popescu: interesting.
mircea_popescu: anyone feel like running a -v -v over the thing ?
mircea_popescu: curious what the actually useful output is.
mircea_popescu: seems the guy was maybe being attacked or something ?
asciilifeform: me thinks we may have found a mouse hill.
asciilifeform: who's got the mouse spray
mircea_popescu: so this is a manufactured subkey that was somehow uploaded to sks and merged into the guy's key but not necessarily used or even issued by him ?
mircea_popescu: incidentally... how likely is it that this behaviour is emergent, which is to say, you can't import the weak key ANYMORE ?
deedbot-: accepted: 1
mircea_popescu: possible at all even ?
asciilifeform: mircea_popescu: quite possibly it was diddled -in order to- create this effect.
asciilifeform: then again, what would they gain ?
asciilifeform: the subkey is skipped
asciilifeform: so what
asciilifeform: the rest of it gets sucked in
mircea_popescu: how would i know that
asciilifeform: anything anvin signs with his actual key, should still validate
mircea_popescu: no idea.
assbot: [MPEX] [S.MPOE] 26900 @ 0.00028395 = 7.6383 BTC [-] {2}
trinque: jurov: so yours imported the subkey?
jurov: no, rejected, scroll to the bottom
trinque: ah I see it; different output than mine
jurov: i asked it to be twice as verbose
trinque: yeah I did -v -v
trinque: maybe different versions
asciilifeform: at the moment it looks like sks bit rot is responsible
asciilifeform: anybody got his original published key ?
asciilifeform: the one for which the sigs verify
asciilifeform: (anvin's)
mircea_popescu: !up anig
asciilifeform: (and we haven't even begun the other 3 poor schmucks)
mircea_popescu: because we have a year-old snapshot and it doesn't look different.
mircea_popescu: asciilifeform i wonder if this is reproducible, make sks servers display random data as people's subkeys.
mircea_popescu: definitely not what's expected from / implied by the listings, but who knows.
asciilifeform: seems like a bit of a tall order to believe that anvin was struck by a lucky cosmic ray
asciilifeform: this 'uncle' is 'too rich' to die a natural death
asciilifeform: too many hungry heirs
mircea_popescu: even from a purely operational standpoint - it'd seem sks servers have all the interest in the world to reject such broken keys rather than publish them, carry them in db etc
asciilifeform: afaik they don't check
asciilifeform: (if anyone can disprove this, please wake me up)
asciilifeform: mircea_popescu: we're #1 on hn btw
mxtm: wow
mxtm: noice
mircea_popescu: couldn't have happened to better people.
asciilifeform: 'Here's what's going on: There are a number of keys on the keyservers that are faulty copies of real keys - they share most of the values, but have some errors. I don't exactly know why that is happening, but I assume it's because of network transmission errors or server crashes during transmissions. These keys don't really do any harm. ...'
mxtm: wat
asciilifeform: https://eprint.iacr.org/2015/262 <<< aaad we got a plagiarist
mircea_popescu: i am not sure how much of this to believe.
mircea_popescu: asciilifeform so what exactly is this, ft meade damage control ?
asciilifeform: obligatory:
assbot: Logged on 04-06-2014 00:08:26; asciilifeform: BingoBoingo: the buggers' traditional defense is to pretend that the event was a non-event - or, if this is impractical, to continue living in an imaginary world where they 'scooped' the story first, and all of the 'unsanctioned' discussion never happened.
asciilifeform: '04-06-2014 00:08:26 <asciilifeform> BingoBoingo: the buggers' traditional defense is to pretend that the event was a non-event - or, if this is impractical, to continue living in an imaginary world where they 'scooped' the story first, and all of the 'unsanctioned' discussion never happened.'
mircea_popescu: !up irkki
mats: assbot lives
mircea_popescu: slow, but here.
mircea_popescu: asciilifeform lol dude's story is that he's replicated the results of phuctor since late march ?
mircea_popescu: mmmmkay.
mircea_popescu: brave of him to come out like that lol.
mircea_popescu: !up fufu
mircea_popescu: !up tmp6548
mircea_popescu: !up spockywocky
mats: hello visitors
kakobrekla: prolly ddosed to moon
mircea_popescu: strange, our fortress has a moat, provided free of charge by "the enemy"
tmp6548: Hi all
ben_vulpes: asciilifeform: who is hanno's sponsor?
mats: http://www.codereversing.com/blog/archives/226 >> 'Nop Hopping: Hiding Functionality in Alignment'
asciilifeform: ben_vulpes: feel free to dig. i can't be bothered.
ben_vulpes: found that, yeah
asciilifeform: mats: jumping into the middle of an instruction is as old as time
ben_vulpes is still sobering up from last nights revelry
mircea_popescu: freelance journo/whatevs. doubt there's sponsors in the classic sense.
asciilifeform: mats: classic vx-er trick
mircea_popescu: "The results I worried about, millions of children running Windows on the OLPC, have not occurred. Instead we see millions of children running Windows on the Intel Classmate."
mircea_popescu: poor rms.
asciilifeform: incidentally, anybody want to take the time to walk the sks set and check for 'skipped...' ?
asciilifeform: 'there is never kitchen with single cockroach'
ben_vulpes: * BingoBoingo though doing an honest assessment finds a person who can reasonably keep up in a lot of #b-a convos but who can't program for shit. And honestly... training to trade punches seems much easier than learning to program on any level approaching asciilifeform, ben_vulpes, and mod6. << you could catch up to me in rather short order
mircea_popescu: !up fche_
ben_vulpes: asciilifeform: 'caltrop' << how does the tossing of control bits affect output?
asciilifeform: ben_vulpes: you won't see certain bytes in the output
asciilifeform: ben_vulpes: i specifically warned you not to use an rs232 dongle. don't be surprised when output fails a number of tests.
ben_vulpes: so if the device randomly cooks up a control sequence that will get ripped out?
asciilifeform: at all times.
asciilifeform: 'everything can be as simple as possible, but not simpler' (TM) (R)
davout: asciilifeform mircea_popescu is the same 'skipped' behaviour observed when importing the second broken key?
mircea_popescu: and then, as that's ripped out, some tests will find the entropy not as good
mircea_popescu: davout tis on the list of things to do, but it is a long list
ben_vulpes: i am not as malbec immune as davout thinks
mircea_popescu: !up yang
yang: hi
mats: asciilifeform: as a new dog i must learn old tricks
mats: asciilifeform: this in particular wasn't new to me but nonetheless i shared
ben_vulpes: mats: as a new dog i must piss on each and every electric fence
davout: mircea_popescu: it'd be really interesting to know, it's a gpg --recv-keys | grep skipped away
mats: asciilifeform: it hurts ma ego everytiem i get a 'old fucking news'
asciilifeform: ben_vulpes: it'll be especially puzzling because you won't immediately know why it fails, given as you debiased the bits
asciilifeform: (you did, didntcha?)
ben_vulpes: workin on that part
asciilifeform: so the missing value in the output won't be, e.g, 13
asciilifeform: it'll be a pattern.
mircea_popescu: davout yes but honestly i'd rather let it work some more first.
mircea_popescu: asciilifeform ben_vulpes a fine example of the perils of "whitening".
asciilifeform: just as i said then
asciilifeform: mircea_popescu: got a link to your article quoting that day's convo ?
asciilifeform: i've misplaced it
asciilifeform: the one with rs232 link
mircea_popescu: you can't fool mother nature. nevertheless, it is more than happy to sell you the tools by which to fool yourself.
mircea_popescu: lemme look
asciilifeform: filed somewhere under s.nsa iirc
mircea_popescu: oh ya 1 sec
mircea_popescu: !up xaxs
asciilifeform: ty mircea_popescu. that's the one.
asciilifeform: ben_vulpes ^^^^
ben_vulpes reads...again
decimation: asciilifeform: so did the sks server at one point accept anvin's key and then later bitrotted it?
decimation: cause I thought there was a checksum
mircea_popescu: this seems the most ... "nothing happened, go back to sleep"-benign theory.
mircea_popescu: it seems tempting, tho there are sticking points. but in any case, as phuctor progresses we'll get a better idea.
mircea_popescu: now that it has 3, 7, 11 etc in the P it will find all these.
decimation: doesn't the sks server check before shitting public key?
decimation: 'oh I got a bad key'
mircea_popescu: more on point, would you expect they STORE bad keys ?
trinque: incidentally dieharder has been busted in gentoo for at least two months
mircea_popescu: why ? space is an issue, right ?
mircea_popescu: trinque how ?
trinque: I'm trying to figure out why it wont build
decimation: apparently because of their political stance (all gpg keys must be public and stored for all time)
ben_vulpes: trinque: so it's not me!
asciilifeform: they store them, easily enough, by never checking
mircea_popescu: !up referredbylopero
asciilifeform: l0l it cuts the nicks
mircea_popescu: decimation doesn't that stance open them to incredible ddos ?
decimation: heh yeah sure does
mircea_popescu: i mean, if the claims is accurate, what's to keep me from making anyone's sks profile 1 gb long ?
decimation: I don't think anything
mircea_popescu: full of 1mn such pubkeys ?
ben_vulpes: trinque: how does one go about walking the history of portage?
trinque: ben_vulpes: you can always build a specific version provided the ebuild is still available in portage by emerge =category-name/thing-0.1.2
trinque: this underscores the need to archive /usr/portage/distfiles
decimation: well, I guess if you want your 'roster of people' to be a combination of legal record and bathroom graffiti, they got you covered
trinque: and probably the portage tree itself
mircea_popescu: decimation anyway, we'll know more / anything of actual substance once the guy himself answers.
mircea_popescu: and we'll have a pretty decent picture once phuctor's done walking the set, which looks like a coupla months
decimation: indeed. I'm off on a home improvement project, good luck with the ramblig mob that's gonna come by
mircea_popescu: asciilifeform the man has a good point.
asciilifeform: very much
asciilifeform: why not one of the guests is speaking, l0l
asciilifeform: all ddosed ?
davout: HN now displays "Why Japanese Toilets Are Failing in America (2013)" higher than this
trinque: lol this is now #20
trinque: for me
asciilifeform: davout: pg has an override button that is used very frequently and with scarcely any subterfuge
asciilifeform: (most folks know)
mircea_popescu: davout what diff does it make lol.
davout: none, just a random observation :D
asciilifeform: i recommend that someone who cares, snapshot the thing before it vanishes entirely
asciilifeform: assuming anyone cares.
davout: I was thinking time-decay algo
trinque: jumped from #1 to #20 abruptly for me
trinque: I've been refreshing
mircea_popescu: what was it that wiped an article badly leaving it still sorta-visible ?
mircea_popescu: was it reddit i think ?
asciilifeform: re: blocksizewarz
asciilifeform: it was mega-lulzy
asciilifeform: because the 'hand of smiting' was visible
trinque: tendrils everywhere
mircea_popescu: oh right right
asciilifeform: iirc there's a full copy of it on mircea_popescu's www
mircea_popescu: was like "we have consensus and therefore will delete your reddit thread proving the contrary. because this will totally work, you being some derps who depend on the graham lulzatron"
mircea_popescu: then it... didn't work.
mircea_popescu: whether that proves the contrary, or for that matter whether the contrary needs any proof... exercise for reader.
ben_vulpes: https://news.ycombinator.com/user?id=throwaway2391 << bobby boy do i have to smack you again?
ben_vulpes: can you hear me major tom...
JPT: Thank you
mircea_popescu: sure. who're you ?
JPT: I decided to read along a little since it got to me that some rsa keys were broken ;)
mircea_popescu: aha. enjoy.
mircea_popescu: ;;bc,stats
mircea_popescu: !up delan
gribble: Current Blocks: 356889 | Current Difficulty: 4.880748724468138E10 | Next Difficulty At Block: 358847 | Next Difficulty In: 1958 blocks | Next Difficulty In About: 1 week, 4 days, 6 hours, 4 minutes, and 8 seconds | Next Difficulty Estimate: 52452025482.1 | Estimated Percent Change: 7.46717
mircea_popescu: so in also newsworthy : between yesterday and today there has been a shitton of hashpower added
mircea_popescu: enough to push the estimate up 5 points.
asciilifeform: any public comment on who/why ?
mircea_popescu: no. and obviously, "the process is inherently dirty" etc. nevertheless...
mircea_popescu: something came online.
asciilifeform: perhaps the first batch of those cable boxes.
mircea_popescu: lol. no fucking way.
asciilifeform: eh howthefuck would i know. but why not.
mircea_popescu: tosoon dude. how fast do you think that can be deployed.
asciilifeform: yesterday - if they were baked a month ago
mircea_popescu: not even designed yet.
asciilifeform: it srsly isn't hard
mircea_popescu: !up sharp0_
asciilifeform: none of this shit is hard
assbot: [MPEX] [S.MPOE] 47600 @ 0.00028283 = 13.4627 BTC [-]
mircea_popescu: nothing is hard. nothing gets done. ya know ?
trinque: lol dieharder has been rotting for a year on both redhat descendants and gentoo
asciilifeform: trinque: wai wat ?!
asciilifeform: as in, won't build at all ?
asciilifeform: or just as ebuild
mircea_popescu: trinque only terrorists would want to test their rngs.
trinque: yeah I'm figuring out a patch
davout: asciilifeform: just because something is easy for a guy with 200 IQ doesn't mean it's as easy for two dudes with 100 IQ
trinque: just missing an include
trinque: for intptr_t
trinque: blowing up inside glibc
asciilifeform: davout: no, i meant that it is actually not hard. as in, go and read definition for sha256
asciilifeform: not rocket surgery
mircea_popescu: THAT is hard.
davout: just teasing :D
mircea_popescu: half the "literate" population can't even read trilema because "it's too hard" and words hurt their brain
davout: only action can be hard as only action can oppose resistance
asciilifeform: mircea_popescu: they won't read it because it makes them want to eat a luger
asciilifeform: this is understandable
trinque: gotta already want to eat a luger when you find trilema :p
mircea_popescu: !up KeesH
asciilifeform: perhaps it needs a 'cum se suge luger' article
mircea_popescu: you know that's to this day one of the most popular articles ? i dunno what's with them ppls.
trinque: ok I fixed the dieharder build on gentoo
asciilifeform: like my 'clojure' article aha
asciilifeform: trinque: congrats. post plz
trinque: yeah I'll make a patch
trinque: just missing an include
asciilifeform: (mine was built in '11 and never touched since)
mircea_popescu: funny how targetted them folks are.
asciilifeform: wondered if anyone will notice
ben_vulpes: <mircea_popescu> most she-haters i know are womenz. << girl last night pointed out that all of her worst clients (she's a physical therapist, deals with highly athletic folks coming to terms with their now-reduced performance envelopes) are women
davout: oh god srsly, white on white
delan: mircea_popescu: grats to you and loper on factorising hpa’s key
delan: I really hope my keys’ factors are /actually/ prime
mircea_popescu: delan myeah. one shouldn't have to hope on this score, but then again here we are.
asciilifeform: delan: the good news is, that it remains possible to do arithmetic whether or not anyone grants permission. go and run test on your own
mircea_popescu: arithmetics drm, now that's an idea.
asciilifeform: delan: imagine, the entire 'international community' and obama himself can't stop you from running euclid.
asciilifeform: much as they might like to.
mircea_popescu: actually, a fully-explicit "how to extract your rsa moduli as numbers, and how to test things" write-up may be a good use of someone's time.
asciilifeform: it'll be a backbreaker on account of rolling in rfc2440
mircea_popescu: !up wowPGP
asciilifeform: but if we say 'use a tool' then 'pgpdump'.
mircea_popescu: asciilifeform hence "may"
assbot: [MPEX] [S.MPOE] 39350 @ 0.0002841 = 11.1793 BTC [+] {3}
mircea_popescu: mopre like a training exercise for younguns looking to get shellshocked by "free software"
asciilifeform: iirc no extant pgptron includes this functionality
mircea_popescu: asciilifeform tbh i find the "broken in transit" explanation offered by the back to sleep camp particularly ridiculous.
mircea_popescu: seriously, some bits got changed ? and what archive still extracted , no problem ?
mircea_popescu: no checksums even, no crypto, nothing at all ?
mircea_popescu: who is this supposed to persuade, exactly ?
davout: the real thing here would be to actually find a GPG implementation that does not run the check that leads normal ones to simply discard this key
delan: something fishy going on — http://puu.sh/hQVmI/b85c9c57d0.png
delan: probably getting nuked
mircea_popescu: davout how would you know it is even publicly accessible ?
mircea_popescu: maybe this is paort of a tandem with specific userland diddling.
mircea_popescu: which would neatly explain why it HAS TO stay on sks servers.
mircea_popescu: victim gets nsa-something or the other, gets the "key", etc.
asciilifeform: the choice of victim is very telling
mircea_popescu: i meant the REAL victim.
asciilifeform: i should like to get a list of -everything- he 1) signed 2) public is running
mircea_popescu: some guy trying to do something or the other with softwasre.
mircea_popescu: asciilifeform debian.
asciilifeform: then we have our corpse.
ben_vulpes: conspiraci!
mircea_popescu: i am definitely suspicious of this entire tower of mirrors made of shit.
mircea_popescu: "oh, it's not really what it seems, fart fart"
asciilifeform: the buggers' only defence
asciilifeform: is the fart cloud.
asciilifeform: expect it to thicken, thicken.
mircea_popescu: anyway, im not entirely sure we might ever see the diddled gpg that goes with this didlded key to produce anything interesting
mircea_popescu: but if we do see it, im definitely publishing the story.
davout: mircea_popescu: yup, not saying it's possible, saying that would be definitive proof
mircea_popescu: it would be, yes, if it were to somehow be found.
asciilifeform: actually the necessary diddle would be small:
asciilifeform: anything that doesn't check self-sigs.
davout: yep, not saying anything more
asciilifeform: probably includes at least one 'www-based' pgptron
mircea_popescu: asciilifeform nah, i suspect it's more subtle than that.
asciilifeform: subtle bug triggered by really terrible keys?
asciilifeform: also possible
mircea_popescu: there's a long tradition of "must fail to pass" bullshit seen in the wild, and allegedly not originated by nsa
asciilifeform: perhaps even remote exec
mircea_popescu: for all you know this is the magic packet required to X.
asciilifeform: somebody wanna copy cryptome on this ?
mircea_popescu: im letting things settle for a day and plan to write a follow-up.
mircea_popescu: !up referredbyloper
asciilifeform: speaking of which, mega-l0l (unrelated) - http://cryptome.org/2015/05/william-mcneilly.pdf
asciilifeform: 'This contains references to CB8890: The instructions for the safety and security of the Trident II D5
asciilifeform: strategic weapon system. I'm sure all the Strategic Weapon System (SWS) personnel are scratching
asciilifeform: their heads and wondering how I'm writing this on my personnel laptop and referencing a book,
asciilifeform: which is contained within a safe in the Missile Control Centre (MCC). The MCC is the
asciilifeform: compartment used to control the launch of the nuclear missiles. It can only be accessed by people
asciilifeform: on the access list, and no personnel electronics are allowed. I was on the access list but how could I
trinque: asciilifeform: http://dpaste.com/1XXN25S.txt << nothing too crazy
asciilifeform: have gotten a copy of every single chapter on to my phone? A hidden camera? No. Smuggled the
asciilifeform: book out then filmed it? No. What I did was walk into a room were no recording devices are
asciilifeform: allowed. I sat down; took my Samsung Galaxy SII (white) out of my pocket, and recorded the entire
asciilifeform: book word for word. I held the phone still, about a foot in front of my face and anyone who looked
asciilifeform: at the screen or used common sense, would've seen I was recording. There were other SWS
asciilifeform: personnel in the room; in the video you can see a SWS JR about 3 feet in front of me talking to
asciilifeform: another SWS JR sitting right beside me.'
mircea_popescu: so do they actually work ?
asciilifeform: trinque: neat
asciilifeform: trinque: consider contacting the maintainers
mircea_popescu: !up rororo
asciilifeform: mircea_popescu: no idea how genuine the text, but riotously funny
trinque: asciilifeform: yeah I'll bother the ebuild guy for this
asciilifeform: mircea_popescu et al: http://dpaste.com/00YX117 << plain txt
mircea_popescu: trinque is this like the only bit of c code deployed without stdint ? i wonder if he had a reason
asciilifeform: ^^ recced to all. hilarious turd
mircea_popescu: asciilifeform incidentally, i know of no better proof that the "atomic weapons not actually militarily useful" than this sort of perennial wank.
trinque: mircea_popescu: seems it might've worked against an older glibc
trinque: which perhaps implicitly included that?
trinque: I know not.
asciilifeform: mircea_popescu, ben_vulpes: http://www.loper-os.org/pub/tard.png << glorious fan mail
trinque: lol?!
mircea_popescu: asciilifeform useless without sender field ; uninteresting if it's anything but sam altman
mircea_popescu: i'd have added "or one of his harem slaves" but iirc he's a twink
mircea_popescu: but since we're doing random anon lulz, https://8ch.net/btc/res/33.html#187
mircea_popescu: !up referredbyloper
asciilifeform: mircea_popescu: going by the style, it's our old phriend, mr spam
asciilifeform: post on loper-os.org updated to include tard.png
trinque: ye gods the autism
ben_vulpes: that's some top kek
asciilifeform: buysometime42@gmail.com
asciilifeform: throwaway
mircea_popescu: how the system can’t pass tests to show it could’ve launched ha!
mircea_popescu: !up tuxforce
ben_vulpes: gotta be ninjashogun
asciilifeform: the sheer mental breakage required to waste one's time so.
asciilifeform: in other news, we got another.
ben_vulpes: "Not known to me -> No." << omg
asciilifeform: mircea_popescu you have mail.
asciilifeform: mircea_popescu: this new one's a dev too.
asciilifeform: check him out
mircea_popescu: 9. for crying out loud, NOT EVEN SINGLE USE.
asciilifeform: well, 3
mircea_popescu: this, if indeed reflective of an implementation error, shows an entirely different bug
asciilifeform: incidentally, this is consistent with 'cosmic rays'
mircea_popescu: you should check to make sure yo udon't use the same prime TWICE
asciilifeform: a number with flipped bit is likely to be divisible by smallint
trinque: lol, article's at #28 now with way more points than those above
trinque: there are older articles with fewer points above
mircea_popescu: doubleplusungood article!
mircea_popescu: what i don't get is, how exactly you reproduce this ? i can't seem to make sks server to accept extra, unsigned subkeys from anyone.
asciilifeform: mircea_popescu: this one's another 'invalid subkey...'
mircea_popescu: moreover, the way it presents the blob is as a single, shares pgp key blob
mircea_popescu: so can anyone get a key server, no matter which, to somehow swallow up an extra subkey for an existing key ?
asciilifeform: evidently
asciilifeform: the entire blob, notice, as per rfc2440/4880, is not in any way hashed
asciilifeform: the way you do it is 1) take existing 2) feed in place of old
asciilifeform: it will update, because - evidently - there is no mechanism whereby the update would be rejected.
mircea_popescu: i must be doing something wrong then
trinque: and articles are moving around it, yet it stays where it's pinned
trinque: #1 -> #20 -> #28
trinque: hilarious
mircea_popescu: "We are at war, with a new kind of enemy. The terrorists have infiltrated every nation on our planet." tsk tsk now how would will mcneilly know this.
mircea_popescu: trinque it is pretty lulzy.
BingoBoingo: What a fucking morning to sleep in !!! Digesting Convos around Phuctor's discovery and writing up some news.
assbot: [MPEX] [S.MPOE] 22300 @ 0.00028283 = 6.3071 BTC [-]
mircea_popescu: BingoBoingo lol you slept with lady luck eh ?
asciilifeform: l0l reddit broken
mircea_popescu: aww, links beleeted again ?
asciilifeform: nah just overload
asciilifeform: i expect it'll all be memory-holed shortly.
BingoBoingo: mircea_popescu: Well, downside of sleeping in is I missed a timely annoucement of keys shattering. On the plus side Am I reading it right, that the pattern seems to be various sorts of strongset people have these weak keys, almost exclusively?
asciilifeform: after folks start going 'snore, it's just another gnu dev with b0rk3d key'
asciilifeform: BingoBoingo: a few folks appear to have bit-corrupted keys on sks
trinque: I'm about as amazed with how rapidly the various "news" sites can respond to this
trinque: by respond I mean bury
asciilifeform: (nothing, afaik, has been signed publicly with them)
mircea_popescu: BingoBoingo the official story seems to be that keys got accidentally.
asciilifeform: accidentally gnu devs aha
BingoBoingo: But this accidentally seems to mostly affect a certain kind of person
mircea_popescu: so far at least.
mircea_popescu: trinque within the hour. not so terribru.
asciilifeform: #2 is small change
asciilifeform: (though he programs)
asciilifeform: #1 and #3 - not so much
asciilifeform: their factor-counterparts, i do not yet know
asciilifeform: but of them, there are also 3.
asciilifeform: any student could build 'phuctor'
asciilifeform: (distributed not in the 'faster' sense - it cannot be - but the 'remove single juicy target' sense)
asciilifeform: oughta be part of ordinary keyserv practice.
mircea_popescu: people dun wanna werk tho.
mircea_popescu: people wanna sperg all day on "social media" and "attract investors".
asciilifeform: those aren't people.
trinque: seems this is actually glibc fuckery re: dieharder
asciilifeform: trinque: ??
mircea_popescu: Zoe Quinn is the role model, dumbass made a "game" that wouldn't have passed muster in the early sierra adventure games
trinque: asciilifeform: unistd.h uses intptr_t within, yet does not include stdint.h
asciilifeform: trinque: i've run into this kind of thing on several occasions.
asciilifeform: not yet sure what to make of it.
trinque: "whatever used this also had an include for stdint.h so who cares" ?
asciilifeform meatspace break, bbl
trinque: "I assume they are produced by network errors, harddisk failures or software bugs. It may also be that someone just created them in some experiment."
trinque: ahahaha
trinque purchases bulk tinfoil
mircea_popescu: !up stevko_
mircea_popescu: trinque imagine if "network errors, harddisk failures" worked this way.
mircea_popescu: it'd stop warez dead in its tracks, seeing how you couldn't watch any movie or anything.
mircea_popescu: but yes, software bugs. now that we got to software bugs...
mircea_popescu: !up beautyon
mircea_popescu: the instructor said don't touch anything. A crew member responded by saying “it doesn't matter none of it works anyway, you can touch what you want.”
mircea_popescu: bwahgaha
danielpbarron: >> There is a service called Phunctor where you can upload a key and it'll check it against a set of known vulnerable moduli.
trinque: now #93 lol
trinque is done watching that
trinque: criminals everywhere.
mircea_popescu: i updated the article to lulz a little at the ydumbinator crew
trinque: guy sends me to go bother whoever can fix glibc
trinque: and I will, if only as an exercise in whether it's actually possible to get something fixed in glibc
assbot: [MPEX] [S.MPOE] 10350 @ 0.00027823 = 2.8797 BTC [-]
ben_vulpes: "Someone handed you an ebuild, and you don't know what to do with it? Fear not, for here be instructions!" << docs with a dash of humor
cazalla: http://log.bitcoin-assets.com/?date=17-05-2015#1134624 <<< i'll defer to BingoBoingo for this story, i sorta grasp the situation but not really enough to do a story justice
assbot: Logged on 17-05-2015 16:10:13; mircea_popescu: achtung BingoBoingo cazalla : phuctor broke a rsa.
prx: thx mircea_popescu
mircea_popescu: trinque we were looking for someone to fix glibc earlier too
mircea_popescu: for the libnss debacle.
mircea_popescu: there is theoretical support, but in practice the lists seem dead and i have nfi who can even undertake that beast of a task
prx: just wanted to see myself what's up here with those insane broken keys
mircea_popescu: prx log's in the topic.
prx: mircea_popescu: yep, thx. I'll stay here forlivestuff, if that's fine with you guys
trinque: tragedy of the commons; everyone fucks glibc and no one pays her medical bills
mircea_popescu: prx sure
mircea_popescu: http://log.bitcoin-assets.com/?date=17-05-2015#1135377 < if this were the case i should also be able to replace your key with mine. doesn't seem that works tho
assbot: Logged on 17-05-2015 20:24:41; asciilifeform: it will update, because - evidently - there is no mechanism whereby the update would be rejected.
mircea_popescu: prx are you getting flooded btw ? some people complaied.
prx: mircea_popescu: Not yet, will yell if it pops up.
mircea_popescu: been some internet tough guy months ago "destroying us" by flooding noobs, but i had thought he gave up meanwhile.
prx: So you're on someones hatelist :)
mircea_popescu: ah, plenty of people.
ben_vulpes: the more the merrier...
prx: Having the right enemies might be more interesting than having the wrong friends
mircea_popescu: ;;google trilema sec waxman
gribble: Interacting with fiat institutions, a guide on Trilema - A blog by Mircea ...: <http://trilema.com/2014/interacting-with-fiat-institutions-a-guide/>; The SEC asked this Romanian Bitcoin CEO for private data to probe ...: <https://ihb.io/2014-03-20/news/sec-asked-romanian-bitcoin-ceo-private-data-response-4087>; MPEx owner in danger of being extradited to US to face charges ...: (1 more message)
mircea_popescu: can start there lawls.
mircea_popescu: http://log.bitcoin-assets.com/?date=17-05-2015#1134581 << amusingly enough, that 0.02 is obviously the house. nobody took the opposing side.
assbot: Logged on 17-05-2015 14:42:17; mats: i loled. 1.08btc on 0.02btc
asciilifeform: omfg the idiocy.
asciilifeform: mircea_popescu: let's post all 3
asciilifeform: so we can put the 'cosmic rays' folks to rest.
mircea_popescu: the wicked may never rest.
mircea_popescu: !up alphonse23_
alphonse23_: thanks
mircea_popescu: aha. who're you ?
alphonse23_: I came because of the 4096-rsa article
alphonse23_: mostly curious why HN would care to hide the story?
alphonse23_: but from the article it was reported here.
davout: re the bitbet, this guy had it: "So I can still drop bad keys on purpose? Or key had to be added before announcing this bet?"
trinque: alphonse23_: interesting, eh? it plummeted from #1 very strangely
mircea_popescu: graham, altman &co are butthurt because we regularly mock their "venture capitalism" ? i dunno
mircea_popescu: !up tcrypt
alphonse23_: HN has changed a lot in the pass few months
alphonse23_: it's a lot more heavily moderated
alphonse23_: i've been going there daily for years, and I've noticed the change
mircea_popescu: davout that bet promises to be a conundrum to resolve.
davout: no shit
alphonse23_: but this, the mod manipulating titles -- for whatever reason. There's ton of down voting too.
alphonse23_: it's like, their in league with the NSA now or something...
mircea_popescu: eh, their site, they can do whatever they please.
mircea_popescu: i don't personally use it.
davout: the bet was misworded from the beginning, had someone intentionally created a set of shitty keys and fed the to the phuctor, it would resolve as yes
davout: the title diddling on HN is documented in the comments actually
mircea_popescu: the conundrum is more along the lines of "what constitutes a key"
mircea_popescu: alphonse23_ anyway, the mistake here is for members of the public naive enough to imagine conde nast / ycombinator / etc sites represent anything but the alt-reality their owners have a financial interest in.
davout: that's the easy part i think "anything recognized as such by asset's favorite gnupg version"
trinque: this guy's making me write a test program to fix an include in glibc
mircea_popescu: they will farm said naive members of the public for free content, yes.
trinque: lol
mircea_popescu: but that's as far as it goes.
trinque: it's plainly visible looking at the header itself
mircea_popescu: davout then i suppose it's not broken yet ?
davout: mircea_popescu: well, if i craft a key whose factors are 1 and 3, theoretically it's a valid gpg key
davout: if i then submit a key whose factors are 3 and 5
davout: phuxxored they are, to yes the bet should resolve
mircea_popescu: !up joshbuddy
mircea_popescu: davout yes, had you done it afore the bet i guess.
alphonse23_: mircea_popescu: but to do it so openly, how does that not hurt them.
davout: mircea_popescu: right, the bet does specify the number of moduli to test
joshbuddy: hiya, just hanging out after reading the hilarious rsa key blog post by .. umm you
mircea_popescu: alphonse23_ whom has heardbleed hurt ?
alphonse23_: so where the hell do I get my tech news from. Reddit? they Y combinator owns them too.
mircea_popescu: joshbuddy enjoy.
mircea_popescu: alphonse23_ once gossipd is done, i guess there.
assbot: [MPEX] [S.MPOE] 47155 @ 0.00028062 = 13.2326 BTC [+] {3}
alphonse23_: "MQTT broker in golang" first time hearing about it
mircea_popescu: !s gossipd
assbot: 103 results for 'gossipd' : http://s.b-a.link/?q=gossipd
mircea_popescu: alphonse23_ an ad-interim solution is of course variety. there's qntra doing bitcoin news. there's 8chan doing all sorts of things.
mircea_popescu: the man of one book, like the man of one site, is never too close to truth
mircea_popescu: http://log.bitcoin-assets.com/?date=17-05-2015#1134618 << seeing how the factors so far have been 3, 7 and 11... i imagine all the truely bad keys will be in one of those (possibly most/all of those) groups
assbot: Logged on 17-05-2015 15:59:46; adlai: jurov: yes, at least two keys need to have a primer in common. had phuctor run over the keys in reverse order, it would've found the other chump first
alphonse23_: sure. it just a shame. hacker news was a real gem back in the day. I'm sure it's inevitable, as things become more mainstream, they get too political, and less honest. Now I have to go out a find good honest news from somewhere underground.
ben_vulpes: september forever
mircea_popescu: just the way that goes.
ben_vulpes: <gabriel_laddel> I like walking and that is about it as far as exercise goes. << i'm on this minimal time workout kick lately
ben_vulpes: put 20lbs of bricks in backpack, bike to 'mountain', park bike at base of tabor (http://www.communitywalk.com/map/list/394038?order=0), brick up stairs twice, roll back to office
ben_vulpes: got it down to 35 minutes.
mircea_popescu: sounds like you're a pashtun training for marriage
mircea_popescu: (the kidnapping 13 yo bride part)
assbot: [MPEX] [S.MPOE] 35574 @ 0.00028595 = 10.1724 BTC [+] {2}
ben_vulpes: i thought that was a family activity
ben_vulpes: (because malnutrition?)
ben_vulpes: http://www.ap-linux.com/ << why does this need to be its own distro?
mircea_popescu: other than because some she-geeks are cute and people try to hit on them with "hy babyy i r maek distro" ?
ben_vulpes: DreadKnight: how's the game coming?
trinque: https://bugs.gentoo.org/show_bug.cgi?id=549754 << specific incantation that breaks the glibc headers
ben_vulpes: i'm getting the impression with gentoo that i should copy the dieharder source into mydiehardfork overlay and then emerge mydiehard fork - how wrong is this?
trinque: ben_vulpes: probably faster than waiting for a glibc fix :^)
ben_vulpes: lol yeah that's indeed the conclusion i came to
trinque: yeah that's right, put your own hand-carved ebuilds in your local overlay
assbot: [MPEX] [S.MPOE] 47990 @ 0.00027705 = 13.2956 BTC [-] {2}
jurov: jus' looking on code path that produces the "invalid subkey binding" message, found this:
jurov: /* does this make sense????? */
jurov: not implying anything, only found the commnt lulzy
mircea_popescu: !up zlrth
mircea_popescu: looking in there is the right thing jurov so props.
mircea_popescu: http://blog.fefe.de/ < i think this guy was here earlier ?
assbot: [MPEX] [S.MPOE] 37550 @ 0.00027703 = 10.4025 BTC [-]
mircea_popescu: "Proudly made without PHP, Java, Perl, MySQL and Postgres"
ben_vulpes: confirmed for being in over my head with overlays
mircea_popescu: also Heilige Scheiße has a nice ring to it.
ben_vulpes: so is qntra not writing up the gpbacle?
mircea_popescu: iirc BingoBoingo is working in it
mircea_popescu: copypaste any idea why https://8ch.net/btc/res/183.html#183 yields a 404 when one clicks reply ?
mircea_popescu: asciilifeform http://trilema.com/2015/full-disclosure-4096-rsa-key-in-the-strongset-factored/#comment-114226 "Because Phuctor shows me an Internal Server Error when I try to test a key."
ben_vulpes: !up DreadKnight
ben_vulpes: there ya go
DreadKnight: yey, cheers
DreadKnight: usually too lazy to do the whole thing manually
DreadKnight: regarding the game, polishing documentation and preparing some a crowd funding
DreadKnight: if I secure a bit of cash, things will run smoothly
mircea_popescu: asciilifeform https://news.ycombinator.com/item?id=9561547 << check it out, people were doing lectures at stanford about phuctor, omitting to mention phuctor.
assbot: [MPEX] [S.MPOE] 5300 @ 0.00028352 = 1.5027 BTC [+]
mircea_popescu: i'm looking forward to all the gavin lectures about the perils of larger blocksizes. also at stanford.
mircea_popescu: pushed by someone with... a keybase.io account.
mircea_popescu: because ofcourse.
assbot: [MPEX] [S.MPOE] 39900 @ 0.00028602 = 11.4122 BTC [+]
mircea_popescu: bitrated.com/zmanian/ << there's even a chump wot and everything
mircea_popescu: no doubt, ALSO lectured about at stanford.
mircea_popescu: also made in march
mircea_popescu: also etc etc etc.
ben_vulpes: DreadKnight: whaddaya need the funding for? i thought you wrote the thing yourself.
mircea_popescu: !up Humean
trinque: ben_vulpes: pssh, those sweet office chairs with 5-way lumbar support for one
Humean: woah neat i feel special
Humean: thanks assbot
ben_vulpes: trinque: keep laughing, you'll be renting a desk soon
trinque: ben_vulpes: oh don't misunderstand, I am a big fan of the 5-way lumbar support
ben_vulpes: we rearranged the deck chairs last week, place feels almost like humans and not nerds
trinque: fancy
trinque: and I hear there's not one cat on the premises
ben_vulpes: NO FUCKING CATS.
ben_vulpes: !up evhan
mircea_popescu: aite ima be out for a while. laters.
evhan: ty ben_vulpes
ben_vulpes: what brings you by, evhan?
evhan: Mention on loper-os, swung by out of curiosity.
DreadKnight: ben_vulpes, didn't coded the gameplay, it's a bit above my skill level; anyway, even if I did 100% of the thing, would still need funding
ben_vulpes: serenissima runs on slave labor
DreadKnight: the republic of Venice?
DreadKnight: the project gets small contributions constantly, but when it comes to bigger stuff, people tend to vanish at about 90% progress xD
ben_vulpes: that last 10% is more expensive than anyone ever expects
DreadKnight: there's sure something strange going on when it comes to the last few steps
ben_vulpes: why would people work on it for free?
DreadKnight: we have a saying around, going something like "you drawn like the gypsy near the shore", meaning overall that you failed in the last few steps
DreadKnight: well, there are quite a few reasons, crediting (name/link), experience, the joy of contributing to something bigger just to name a few
DreadKnight: the other day found out that a cg animation series done in blender by just one dude used quite a few of the creatures from my project :)
decimation: there are clearly people on hacker news who are enemies of #b-a
DreadKnight: the project itself is free, so this stuff is allowed provided crediting is done
decimation: that hboeck link is top on hn now
trinque: decimation: fancy that eh?
ben_vulpes: DreadKnight: i thought the thing was supposed to make money?
trinque: decimation: got there quick too
ben_vulpes: !up DreadKnight
DreadKnight: even if something is free, it can still make money
decimation: I thought ninjashogun was one of the h-n mods?
DreadKnight: gmail is free and makes money, same goes for games like league of legends, soon even world of warcraft
ben_vulpes: decimation: in his dreams
ben_vulpes: DreadKnight: every single one of those companies pays their employees.
ben_vulpes: people working for a link or publicity need to have some sort of assurance that their time so spent is going to yield a return.
ben_vulpes: (i mean, everyone does, right? for every thing that we do.)
trinque: DreadKnight: doing the ad-supported thing is a loss leader at best; you have to be able to burn money until your audience is large enough to merit being paid for the # of eyeballs
DreadKnight: ben_vulpes, a return is not always needed, some people do things for passion or practice; there are quite a few nice free open source games out there and software, most likely the browser you are making is done half by unpaid contributors
DreadKnight: trinque, the ad crap is my last option
ben_vulpes: i'm just trying to point out why you're having problems retaining horsepower is all
ben_vulpes: just because she doesn't care about her boyfriend around that other guy doesn't mean diddly when it comes to your desire to get up her skirt
DreadKnight: ben_vulpes, yeah, I'm aware, that's why it's perfectly fine to pay people to work on open source and it's why I need some funding or get better at coding
DreadKnight: anyway, I partnered up with a coder this year, will see how that goes in the long run
williamdunne: >Forget MPEX. The best/most reliable stock exchange is, by far, BTCT.CO.
ben_vulpes: !up pete_dushenski
ben_vulpes: good afternoon, pete
pete_dushenski: afternoon ben_vulpes !
assbot: [MPEX] [S.MPOE] 52450 @ 0.00028602 = 15.0017 BTC [+]
ben_vulpes: following the key drama?
pete_dushenski: and a big pacific howdy from the coast !
pete_dushenski: ben_vulpes indeed. just catching up on it.
decimation: pete_dushenski: where are you at? vancouver?
pete_dushenski: i tested and re-tested my key a *few* times already
pete_dushenski: decimation even better : victoria
ben_vulpes: ah vbc is byootiful
ben_vulpes: ferry's fucking expensive, though.
decimation: yeah I've been through there, I wouldn't mind going back
pete_dushenski: ben_vulpes ya not cheap eh
ben_vulpes: well, en velo...
ben_vulpes: how would i say "on bike" in french?
pete_dushenski: decimation it's quite the place. not quite summer here yet tho. still only 16-18C during the day.
pete_dushenski: ben_vulpes sur velo ?
pete_dushenski: no, par velo
pete_dushenski: "by bike"
ben_vulpes: davout:
pete_dushenski: "sur" is too literal of a translation from english, "par bicyclete" even.
decimation: I don't think it ever gets too hot there?
decimation: the pacific moderates
mxtm: pete_dushenski: spanish uses en for "by" in cases of transportation
mxtm: which translates "in/on"
mxtm: fwiw
pete_dushenski: en carro, sure.
mxtm: en bici, etcétera
pete_dushenski: mxtm aha. sounds like anglocization but what do i know.
mxtm: i dunno either
pete_dushenski: decimation who's the hboeck guy again ?
pete_dushenski checks logs.
trinque: pete_dushenski: the guy who ended up top comment on the HN post
pete_dushenski: ahaha mr. "i'm almost certain"
williamdunne: I'm pretty sure the internet was invented for two purposes, selling drugs and pretending to know stuff you don't
williamdunne: Anything outside of that is just abusing the tech
decimation: asciilifeform: https://news.ycombinator.com/item?id=9561764 < lol you butthurt the mr. spam mod
pete_dushenski: williamdunne except... the internet sucks for drugs. mp has an ancient essay on the matter.
decimation: pete_dushenski: mircea's 'story' on hacker news was quickly demoted to well below visibile for most folks
williamdunne: pete_dushenski: Wasn't the first transaction ever completed on the internet the purchase of weed?
decimation: meanwhile this guy (hboeck) has a post that pretty much says "nothing to worry about", and is promoted to #1
pete_dushenski: decimation lulzy.
pete_dushenski: williamdunne the first transaction was knowledge, no ?
williamdunne: pete_dushenski: Trade then
williamdunne: Read the article, and I still don't see how that makes it bad for the last mile
williamdunne: Obviously 10 tonnes of cocaine isn't going to be carried by FedEx
ben_vulpes: for one, fedex doesn't hire its submersibles out yet
ben_vulpes: people aren't even supposed to know those exist
pete_dushenski: williamdunne i really have nfi what the first trade was. if you say it's weed, we'll go with that, but that doesn't mean that first=best
williamdunne: Very trye
williamdunne: ben_vulpes: Family friend is working on something kinda cool for the other side
williamdunne: Well, owns the company doing it
ben_vulpes: what does "kinda cool" mean
ben_vulpes: last mile delivery?
williamdunne: Its a line of speedboats that can go underwater on command without any real preparation to collect drugs dropped from boats
williamdunne: For the coast guard to stop drug smugglers
assbot: [MPEX] [S.MPOE] 57850 @ 0.00028602 = 16.5463 BTC [+]
williamdunne: Disagree with the cause, but pretty cool project IMIO
ben_vulpes: excellent bezzletron
ben_vulpes: won't work, wrong target etc
ben_vulpes: but if they're draining derpbuxx from the beast more power to 'em
williamdunne: Government contracts don't need to work
ben_vulpes: and moreover cannot actually.
ben_vulpes: !up pete_dushenski
pete_dushenski: cheers ben_vulpes
ben_vulpes: ;;$(sleep 3600 && echo "!up pete_dushenski")
gribble: Error: "$(sleep" is not a valid command.
pete_dushenski: you tried !
ben_vulpes shrugs
ben_vulpes: > gribble is not a tty. falling back to telnet.
jurov: *gribble on fire
ben_vulpes: !up pete_dushenski
pete_dushenski: ben_vulpes thx!
ben_vulpes: de rien
pete_dushenski: fuckin pawn brokers in this town i tell ya
pete_dushenski: you'd swear they were trying to keep their inventory for their grandchildren
deedbot-: [cascadian hacker] how to process bitcoin transactions for your webapp (or: the ghetto watch-only-wallet) - http://cascadianhacker.com/blog/2015/05/17_how-to-process-bitcoin-transactions-for-your-webapp-or-the-ghetto-watch-only-wallet.html
pete_dushenski: so i walk into a shop on the edge of chinatown and find a beautiful mid-century modern walnut table
pete_dushenski: complete with two leaf inserts. perfect height (tall), in good condition, only $270 !
pete_dushenski: so i want to ship it home, naturally.
pete_dushenski: no can do, they tell me.
pete_dushenski: all they have are cardboard boxes, no freight boxes, no shipping relationships in place, no arrangements can be made.
pete_dushenski: honestly, there are thousands of cruise ship tourist visiting victoria daily, and these assderps haven't figured out shipping a box 1,000km IN THE SAME COUNTRY
pete_dushenski: no customs, no duty, nothing complicated.
pete_dushenski: just basic frieght is too complicated for these people.
pete_dushenski: completely nuts.
ben_vulpes: call dhl breh
chetty: http://blogged.com/ search for 4096
chetty: the replacement story is already up hehe
pete_dushenski: ben_vulpes i've used fedex freight before, they'll come pick up the package from wherever and deliver it wherever.
pete_dushenski: but box it up for you ? i'd be surprised.
ben_vulpes: your privilege is dripping on the floor
pete_dushenski: wtf my privilege nothing. i'm getting on a plane tmrw morning and it's not so much to ask to have a seller of goods to crate a fucking table for transport.
pete_dushenski: or w/e, mebbe my privilege knows no bounds. hey, i'm not the one losing business.
ben_vulpes: win some lose some
pete_dushenski: ya, tis just a table.
pete_dushenski: i didn't want one that bad when i woke up, just saw the right one at the right price and wanted it.
pete_dushenski: ah well.
assbot: [MPEX] [S.MPOE] 45707 @ 0.00027956 = 12.7778 BTC [-]
ben_vulpes: mwell i'm off for a spell
ben_vulpes: trying out a new fried chicken joint
decimation: pete_dushenski: surprising. I thought those kinds of tourist shops specialized in shipping
pete_dushenski: decimation seriously. you'd think so, but you'd think wrong.
pete_dushenski: i guess there's enough local demand in this retirement town that they don't have to try.
pete_dushenski: very nice, seemingly helpful staff, entirely inept.
pete_dushenski: "We have been in business for nearly 26 years and hold a full pawnbroking license to buy, sell and loan." << no mention of shipping eh...
decimation: fun fact: there's a part of vancouver, bc that is us territory (point roberts)
decimation: also, victoria is well south of the canada-us border
danielpbarron: !up pete_dushenski
pete_dushenski: danielpbarron ty!
pete_dushenski: decimation that it is. though victoria feels like a million miles away from us-istan.
decimation: heh. I guess I can see why a pawn shop wouldn't bother with shipping
pete_dushenski: decimation why's that ?
decimation: I suppose they figure enough derps would come and go on foot
decimation: but I imagine that they could sell on the internet for $$
decimation: their website is unwhelming
pete_dushenski: these guys obviously fail at the internet.
pete_dushenski: so shooting themselves in the foot is par for the course, i guess.
decimation: pete_dushenski: are you planing on visiting any other outlying islands or the rest of bc from there?
pete_dushenski: not this time 'round.
pete_dushenski: i've seen most of bc previously, just hadn't been to vic in a while.
pete_dushenski: i went to summer camp nearby in my youth
pete_dushenski: sacha baron cohen went to another camp in the same organisation ;)
decimation: heh did they teach hebrew?
pete_dushenski: more socialism.
pete_dushenski: seriously, the shit in my veins !
pete_dushenski: "solidarity forever", "ticky tacky houses", etc.
decimation: I got screwed of out learn german from my german heritage too
pete_dushenski: ya, i didn't get german or romanian somehow.
pete_dushenski: this camp though had *daily* chores for like 2.5 hours.
pete_dushenski: camp, where you do chores, imagine.
assbot: [MPEX] [S.MPOE] 11550 @ 0.00028607 = 3.3041 BTC [+] {2}
pete_dushenski: some kids helped in teh kitchen, some cleaning garbage.
decimation: like, sweeping the forest?
decimation: sounds like a good way to save on staff costs
pete_dushenski: i wrote for the newspaper, wrote mad magazine-esque fake nooz
pete_dushenski: decimation no doubt. it wasn't *that* expensive, at least compared to the bbyo summer camps.
mats: ever cut grass with a pair of scissors?
pete_dushenski: mats haha omg no. why ? have you ?
mats: yeah. as punishment.
pete_dushenski: parents ?
pete_dushenski: you call that grass ? i trim more manbush than that on a monthly basis.
mats: builds character (tm)
cazalla: http://log.bitcoin-assets.com/?date=18-05-2015#1135775 <<< heh we had this even here but i'd walk off with the group which cleaned dishes the night before, never washed as much as a plate
assbot: Logged on 18-05-2015 00:39:54; pete_dushenski: some kids helped in teh kitchen, some cleaning garbage.
mats: i spent the whole day (0900-1600) with some other trainees cutting grass at battalion hq because one of the nubs in my squad saved his granola bar from the mess hall and put it in his locker where it was discovered
cazalla: http://log.bitcoin-assets.com/?date=18-05-2015#1135780 <<< did this one countless times, not as punishment though, old man forced me to do it along the fenceline so he didn't have to whippersnip it
assbot: Logged on 18-05-2015 00:43:05; mats: ever cut grass with a pair of scissors?
assbot: [MPEX] [S.MPOE] 27523 @ 0.00028624 = 7.8782 BTC [+]
mats: i drank something like 6-7 litres of water that day... missouri is hot as fuck during the summer
mats: cazalla: how much fence? several km?
cazalla: 1/4 acre block
cazalla: wasn't just me though, he had my mother out there doing the same thing
danielpbarron: !up referredbyloper
mats: ah
mats: in other news, the new Mad Max picture is quite good
pete_dushenski: that's a bit of a surprise.
mats: http://www.metacritic.com/movie/mad-max-fury-road << surprised metacritic treats it so well
mats: (they tend to shit on everything)
cazalla: aussie football ceremony lol http://gfycat.com/ThirdWeeklyChital
danielpbarron: !up pete_dushenski
mats: decimation: i'm just happy to find a fun action movie that passes the Bechdel test
assbot: [MPEX] [S.MPOE] 16821 @ 0.00028624 = 4.8148 BTC [+]
decimation: well, then sjw is where it's at
danielpbarron: !up justJanne
justJanne: Nah, I was just reading on the RSA factorization article where someone claimed this channel would still DDoS everyone who joins. Sadly I can’t see any of that (was hoping to see if it actually is true xD)
danielpbarron: it comes and goes
justJanne: I mean, I see some traffic, but it’s minimal.
BingoBoingo: justJanne: It isn't anything done by any of the channel regulars. It's just some butthurt dickbag with an excess of unwarranted self importance who imagines they are saving the world by DoSing every ip they spot here
justJanne: Reminds me of that guy spamming a gaming channel with links to their DDoSing company
danielpbarron: i heard that it just targets the user who most recently joined, and especially if it is a new hostmask
BingoBoingo: justJanne: Well the person doing it at first called themselves the reddit police and started by DoS'ing sites affiliated with regulars here. Then the sites beefed up and weren't so easy to DoS. So now they's had to settle for messing with home internet connections.
justJanne: I got some traffic on my system from 159.118.187.45 accessing my server via HTTPS and sending a few thousand GET requests, but nothing really devastating
williamdunne: lol what a tool
justJanne: (I have a bouncer on my server with 1Gbps connection, so I rarely notice DDoS at all)
mats: he's doing us a favor.
BingoBoingo: People examining the traffic spotted that most of the zombies were ntp reflection and stuff anyone could walk away with, and they likely did leaving less to hit here with.
mats: if you read this -- please stop by for another friendly conversation
justJanne: I have null-routed NTP and everything anyway
justJanne: So, they really DDoS random people?
justJanne: or, rather DoS
BingoBoingo: justJanne: Yeah, just anyone without a freenode cloak who joins when their spybot is online here to pull the trigger
justJanne: BingoBoingo: tell me when the bot is online, I’d like to analyze the traffic xD
adlai: is it an altcoin? is it a bubble? no, it's driveby moderation: http://hnrankings.info/9560790/
BingoBoingo: justJanne: I dunno what nick it uses. Never much cared to try identifying it.
justJanne: BingoBoingo: It should be easy to find.
danielpbarron: !s fivezerotwo
assbot: 204 results for 'fivezerotwo' : http://s.b-a.link/?q=fivezerotwo
danielpbarron: justJanne, ^ for you
danielpbarron: !s from:fuddos
assbot: 7 results for 'from:fuddos' : http://s.b-a.link/?q=from%3Afuddos
justJanne: Sometimes when I get DDoSd I run nmap against the attacking servers, one time I found a small IRC server with only one channel, in which were 256 clients all with just a number as name, and one other client sending specific commands every few minutes
justJanne: kinda interesting.
assbot: Logged on 08-12-2014 17:59:30; asciilifeform: incidentally, if anyone bothered to read the packet dump i posted a while ago, they should know that the ddos bot uses misconfigured consumer routers (upnp reflection)
assbot: Logged on 06-01-2015 01:32:50; asciilifeform: svetlana: i got a massive packet dump, and so has kakobrekla
trinque: check out that precipitous drop
trinque: and the abrupt rise of the rebuttal
trinque: it'll be interesting to see how much longer that stays at #1
williamdunne: justJanne: Thats an IRC botnet
williamdunne: Pretty oldschool method
justJanne: assumed as much, but I have no experience with them yet, and was surprised seeing one in the wild
adlai wonders whether any of the strongset edges point to the diddle
williamdunne: Guessing for some reason they thought it would be a swell idea to use the IRC server for additional DDoS power?
williamdunne: !up justjanne
justJanne: but yeah, I was kinda surprised, would have assumed they’d put the control for the botnet on a different system
justJanne: at least so that one doesn’t discover their botnet that easily
justJanne: anyway, let’s wait for that DDoS-bot ;P
justJanne: danielpbarron: looking into it, but just found out my last GPG key’s validity ends this month
decimation: justJanne: no problem, make a new subkey or extend the date
decimation: justJanne: Someone compiled a list of ips that originate dos'er
justJanne: Meh, too lazy to copy it from my other PC, I’ll just make a new one and sign it with my old key later
decimation: you can see the logs at log.bitcoin-assets.com
assbot: [MPEX] [S.MPOE] 31396 @ 0.00028687 = 9.0066 BTC [+] {4}
assbot: [MPEX] [S.MPOE] 49100 @ 0.00028281 = 13.886 BTC [-] {2}
mircea_popescu: lol janne 18yo female ? srsly ?
mircea_popescu: !up justJanne
justJanne: Yes, why?
mircea_popescu: these guys keep saying it's forbidden on irc.
justJanne: oh, btw, need to update that.
williamdunne: Hmm wonder whos younger out of me and Janne
justJanne: sorry, forgot to update it -.-
justJanne: am 19
mircea_popescu: that totally kills the whole thing. i bet you're not even from cali.
justJanne: nah, northern Germany
justJanne: just another compsci student
mircea_popescu: anyway, get in the wot, then you can voice.
mircea_popescu: http://trilema.com/2015/full-disclosure-4096-rsa-key-in-the-strongset-factored/#comment-114229 << lol check it out, ~they~ are going to ~lend me~ credence. i've been visited by backwards world wtf is with today.
justJanne: I am registered with assbot, but no one levelled me up yet ;P
cazalla: 14/f/cali oldest fbi trick in the book
williamdunne: You need a lord to do that
mircea_popescu: !rate justJanne 1 55 yo Pittsburgh steel mill worker posing as 19 yo girl on the interwebs.
assbot: Request successful, get your OTP: http://w.b-a.link/otp/3ce24e592e5d8bcf
justJanne: Nooo
justJanne: If you want, you can mail me on my student mail, I’m real stu120691@informatik.uni-kiel.de >_>
mircea_popescu: !v assbot:mircea_popescu.rate.justJanne.1:44086df839c6a505edd1681e3dff4c96ffd5990b1c9abddd93c99f55a195008c
assbot: Successfully added a rating of 1 for justJanne with note: 55 yo Pittsburgh steel mill worker posing as 19 yo girl on the interwebs.
mircea_popescu: justJanne well on the plus side now you can voice.
williamdunne: justJanne: I'm pretty sure a 55 yo Pittsburgh steel mill worker would have the connections to get one of those there fancy emails
decimation: koennen Sie ein bisschen Deutsch schreiben?
justJanne: ja, wieso?
adlai: !t m s.mpoe
assbot: [MPEX:S.MPOE] 1D: 0.00026733 / 0.00027828 / 0.00028748 (2307220 shares, 642.06 BTC), 7D: 0.00023904 / 0.00026467 / 0.00029014 (38353417 shares, 10,151.15 BTC), 30D: 0.00019511 / 0.00026548 / 0.00033918 (109094749 shares, 28,962.95 BTC)
decimation: bitte schreiben Sie eine Kurzbiographie?
adlai: is the middle number vwap?
williamdunne: ich habe eine gross hose schlange is about all I remember from three years of German lessons
williamdunne: And ich bin zwolf jahre alt
williamdunne: But I couldn't update that to my current age
justJanne: Die wird aber ganz kurz ausfallen müssen ;P Ist auch nicht viel zu sagen – Geboren in then 90ern, ganz normal Grundschule, bin mit 8 ins Hochbegabtenförderungsprogramm gekommen, hab neben der Schule interessantes Zeug gelernt, dann Gymnasium, hab mit 16 neben der Schule angefangen zu studieren, und hab mit 18 Abitur mit 2,2 gemacht. Bin seit letztem Herbst Vollstudentin ;)
decimation: ^ sufficiently idomatic to pass the google translate test
justJanne: you could have just looked at my hostname ;P
decimation: justJanne: given your interest in this gpg episode, there is something that you could assist with
decimation: can you identify the supposed "german email program" that was supposedly the source of these weak keys?
mircea_popescu: decimation wait, we're progressed past the "it occured while copying" to obscure email programs naoi ?
mircea_popescu: jeez how the world changes in a coupla hours based on what's said in b-a log, you'd think we're talking to gavin-the-handpuppet & co.
decimation: heh yeah lemme find a link
justJanne: Yeah, I probably can.
mircea_popescu: not that we aren't, just, lulz factor.
decimation: it's in the comments of that article that replaced yours on hacker news https://blog.hboeck.de/archives/872-About-the-supposed-factoring-of-a-4096-bit-RSA-key.html
decimation: "I don't really know, but I talked to Nadia Heninger about it and she mentioned that they were probably created by some email software only used in Germany. "
decimation: Note that your headline was dinged for being inaccurate, while this guy's blog is more inaccurate by his own admission
justJanne: That's very helpful. NOT ;P
mircea_popescu: herpitty derp.
mircea_popescu: anyway, to quote myself, "I will write up an article addressing this particular set of bullshit tomorrow. I promise it will be good. Engage bated breath."
justJanne: Hmm.
mircea_popescu: http://log.bitcoin-assets.com/?date=17-05-2015#1135600 << heh the blessed 90%. "nothing may ever get done!!1"
assbot: Logged on 17-05-2015 22:51:31; DreadKnight: the project gets small contributions constantly, but when it comes to bigger stuff, people tend to vanish at about 90% progress xD
decimation: https://mvideos.stanford.edu/graduate#/SeminarDetail/Spring/2015/EE/380/9469 < this Nadia Heniger chick claims that rsa keys can be poorly generated by bad rngs (around 50:00 or so)
mircea_popescu: http://log.bitcoin-assets.com/?date=17-05-2015#1135604 << confirmed romanian. "te-neci ca tiganu' la mal." implying normal people drown in blue water, but gypsies can't even do this right, they drown after almost getting to shore.
assbot: Logged on 17-05-2015 22:57:59; DreadKnight: we have a saying around, going something like "you drawn like the gypsy near the shore", meaning overall that you failed in the last few steps
justJanne: decimation: that's true. RSA keygens use a probabilistic prime test.
justJanne: With a very bad RNG, it would tell you 2 is prime.
justJanne: Sorry.
justJanne: Meant 20
decimation: lol she claims that (52:41) that openssl just adds the current time of day in seconds to the entropy pool
justJanne: It does.
mircea_popescu: this is (or at least was) true
justJanne: Read the report on OpenSEL by the OpenBSD guys. It's a whole new level of WTF
mircea_popescu: "[1] He's been scraping the profiles of young women (specifically) and posting links, names, and hometowns on his blog. Yes, as technologists, we know that this kind of indexing is trivial. That's no reason, as a decent human being, to terrorize innocent people."
mircea_popescu: who the fuck asked anon what is and isn't reason nao ?
mircea_popescu: backwards world srsly.
mircea_popescu: justJanne it was in chan.
adlai considered writing some words about how security theater damages actual security, but stuck to lazy bean counting
justJanne: Actual security is sadly a thing that doesn't exist in critical places.
mircea_popescu: http://log.bitcoin-assets.com/?date=17-05-2015#1135608 << everywhere someone hopes to get something for nothing and figures govt's the answer to that quandry there's an enemy of b-a. amusingly, this boils down to really very few people and traceably so.
assbot: Logged on 17-05-2015 23:00:52; decimation: there are clearly people on hacker news who are enemies of #b-a
adlai: (a reporter writing about 'accidentally' carrying a multiple-inch blade onto an airplane damages airplane security far, far less than the security practices that let it through)
mircea_popescu: http://log.bitcoin-assets.com/?date=17-05-2015#1135619 << it's unclear to me how you figure gmail makes money.
assbot: Logged on 17-05-2015 23:04:20; DreadKnight: gmail is free and makes money, same goes for games like league of legends, soon even world of warcraft
justJanne: Gmail isn't free.
williamdunne: mircea_popescu: scraping your emails to better sell your advertisements
adlai: gmail sells adspace to its parent company. the number of people who know its actual revenue is probably quite low.
williamdunne: Increasing the number of people who know the platform so that enterprise customers will purchase it
justJanne: Gmail has two options: sell your data or pay.
justJanne: Yeah.
williamdunne: I think with pay they still have your data
justJanne: Nope.
decimation: gotta pay if you want 'google apps' too
justJanne: As a large company you can get Google Apps as a box.
assbot: Logged on 17-05-2015 23:07:10; trinque: DreadKnight: doing the ad-supported thing is a loss leader at best; you have to be able to burn money until your audience is large enough to merit being paid for the # of eyeballs
justJanne: A local server you can put in your own data center. It can operate even separate from the web.
decimation: justJanne: did you see any ntp reflection traffic?
justJanne: decimation: I'm on phone right now, but as the latency didn't go up, doesn't seem so. Or at least nothing noticeable.
adlai notices that assbot doesn't insert titles anymore... midnightmagic linked "Lets Call Stunt Hacking What it is, Media Whoring", an apt topic for today
mircea_popescu: midnightmagic not bad, but it lost me at the "well credentialed" etc bs.
mircea_popescu: adlai i suspec assbot is a little tired.
adlai taps it, gently
justJanne: Tbh, security of embedded systems could be better.
justJanne: In general embedded systems could be better.
mircea_popescu: decimation honestly, i suspect the guy complaining on trilema was either trying to stir up shit or else working on meanwhile inacurate history. seems the ddos guy is gone.
adlai: was this some fix-in-anger to the http://log.bitcoin-assets.com//?date=29-04-2015#1115842 conundrum?
assbot: Logged on 29-04-2015 14:33:49; davout: mircea_popescu kakobrekla mebbe make scoopbot_revived not mention the title and let assbot handle it?
justJanne thinks back to the Toyota issue
decimation: mircea_popescu: yeah, in fact I suspect "the lady doth protest too much"
mircea_popescu: adlai iirc that measure didn't pass.
assbot: Logged on 17-05-2015 23:11:27; williamdunne: >Forget MPEX. The best/most reliable stock exchange is, by far, BTCT.CO.
midnightmagic: mircea_popescu: The old Aurora attacks are an excellent example of the perversion of the idea of 'well-credentialed'. The people they had making comments about the SCM systems involved in that attack and the shoddy investigations going on were.. extreme.
mircea_popescu: yeah. if i don't happen to know someone willing to vouch, you can have credentials coming out of your ears, i just see "idiot" in thick font. which is basically wot-ness.
midnightmagic: I personally watched the responses internal to some of the companies involved and observed the evolution of the document they presented to the public. The people on whose opinions some of those documents were based were bullshit artists, borderline pathological, of the worst order.
midnightmagic: mircea_popescu: Everything it seems, comes down to human trust evaluation.
midnightmagic: most of the time.
justJanne: Embedded systems are still often built by programmers, not by engineers.
mircea_popescu: worst part being that it's usually "corporate [in]culture" that takes marginal yet ambitious intellects and molds them to this shit.
decimation: !up btcg
mircea_popescu: !up btcg
btcg: thanks
decimation: btcg: what brings you here?
mircea_popescu: aha. who're you ?
btcg: to talk about interesting topics :)
btcg: do i need to auth with assbot for voice perm?
mircea_popescu: and get rated, yes.
decimation: was assbot's link title functionality kaput?
btcg: i didn't see anything
mircea_popescu: three minute half hour ?
mircea_popescu: !up btcg
mircea_popescu: kakobrekla hey, is something the matter with assbot ?
BingoBoingo: prolly just needs to fart
williamdunne: btcg did you dieded?
btcg: no i am here
williamdunne: To get perma voice you need to be in assbots L2 - so you need a rating from a lord
williamdunne: So someone on the send section here: http://w.b-a.link/user/assbot
midnightmagic: mircea_popescu: Mediocrity is a natural result of psychopathic and sociopathic inroads. The moment upper management ceases to directly observe their employees, the result is the most convincing-sounding people's voices become the most relied-on. Convincing-sounding is not the same as accurate/informed.
decimation: midnightmagic: convincing-sounding is pretty much the going standard in the english speaking world
midnightmagic: -- which directly resulted in the erroneous and I would say, outright lying in the Aurora analyses. None of the conjecture that the public could see (because that's what the fuck it was) needed to ever be tested or 'pay rent' in terms of accuracy.
btcg: !register F4DE 6DF4 EB8B A2DA AD8D 14A5 B004 5BC9 02AC 1559
assbot: That does not seem to be a valid fingerprint.
williamdunne: no spaces
btcg: !register F4DE6DF4EB8BA2DAAD8D14A5B0045BC902AC1559
assbot: Searching pgp.mit.edu for key with fingerprint: F4DE6DF4EB8BA2DAAD8D14A5B0045BC902AC1559. This may take a few moments.
assbot: Key 02AC1559 / "boxsk <boxsk@tutanota.io>" successfully imported.
assbot: Registration successful.
btcg: now i need a vote?
decimation: is tutanota.io even valid?
btcg: oh should be .com
btcg: sorry, can i reset my key
danielpbarron: >> My aim is to fight mass surveillance. I write code to fight for our human right to privacy. I want to create a cloud service which is so easy to use and so secure that it locks out all the spies. We really deserve it. << lol
decimation: btcg: sure, just make a new one
danielpbarron: !up joshbuddy
justJanne: danielpbarron: that sounds like Kim Schmitz
justJanne: Sorry, he's known outside of DE as Kim DotCom
joshbuddy: danielpbarron: where was that quote from?
joshbuddy: also, thanks for voice
decimation: btcg: do you use this tutanota app?
btcg: !register CDA330208F2249841291524C65A7427639BAE3AB
assbot: Nick btcg is already taken.
btcg: i use their webmail mostly
decimation: btcg: heh sucks I'm not sure if you can unregister
danielpbarron: !changekey
assbot: You need to specify your new key fingerprint.
decimation: yeah auth with assbot and use that ^
btcg: !changekey CDA330208F2249841291524C65A7427639BAE3AB
assbot: Request successful, get your OTP: http://w.b-a.link/otp/90180887373ba656
btcg: tuta is nice at least encrypts all email
danielpbarron: i can do that with gmail + gnupg
assbot: [MPEX] [S.MPOE] 39419 @ 0.00028808 = 11.3558 BTC [+] {2}
decimation: yeah how is something 'encrypted' on a website that isn't under your control?
justJanne: I can do that with Thunderbird, K9 and GnuPG.
BingoBoingo: K9? You trust private keys on mobile devices?
danielpbarron: the point being, your email client shouldn't have anything to do with your encryption
decimation: or mail storage
justJanne: BingoBoingo: Yes — remember, I use no Google services, and modified half of the apps on my phone myself.
decimation: justJanne: yeah but have you examined your phone's firmware?
BingoBoingo: And hardware
williamdunne: !up btcg
btcg: thanks william
mike_c: mircea_popescu: you should be able to drop this link in as the source of the iframe: http://www.btcalpha.com/bb_frame.html?height=90&ref=1GiSXgAhjqYvAB17JjXX8YCqNCizCjLJgp
williamdunne: v.welcome
williamdunne: !gettrust assbot btcg
assbot: Trust relationship from user assbot to user btcg: Level 1: 0, Level 2: 0 via 0 connections. |http://www.btcalpha.com/wot/trust/?from=assbot&to=btcg | http://www.btcalpha.com/wot/user/btcg/
williamdunne: !gettrust assbot williamdunne
assbot: Trust relationship from user assbot to user williamdunne: Level 1: 0, Level 2: 3 via 3 connections. |http://www.btcalpha.com/wot/trust/?from=assbot&to=williamdunne | http://www.btcalpha.com/wot/user/williamdunne/
justJanne: decimation: BingoBoingo: compiled from source myself every month.
justJanne: And monitoring all networked IO.
mike_c: ;;later tell mircea_popescu: ad ready, see log 5 lines up
gribble: The operation succeeded.
mats: how about your baseband fw?
williamdunne: mats: How about you hard disk controller?
mats: i can dump it, can you?
justJanne: The ISP I'm using was started by a few people from the CCC, so from that side not too high of a risk.
justJanne: And I'd like to dump the firmware, but that would violate copyright.
mats: fwiw i use a smartphone too, the point being rammed here is that you don't really have an expectation of security.
mats: layer accordingly.
williamdunne: ;;seen samouraiwallet
gribble: samouraiwallet was last seen in #bitcoin-assets 1 week, 2 days, 3 hours, 14 minutes, and 55 seconds ago: <SamouraiWallet> cool system. tying in wot with irc +v
danielpbarron: btcg, http://log.bitcoin-assets.com/?date=18-05-2015#1136035 << you need to decrypt this with your first key, and send the result back as !v [decrypted string]
assbot: Logged on 18-05-2015 03:27:04; assbot: Request successful, get your OTP: http://w.b-a.link/otp/90180887373ba656
danielpbarron: there is no "auth with assbot" and all actions come with a OTP
btcg: ah ok, well 404
williamdunne: btcg: Easiest way is wget -O - URL | gpg -d
danielpbarron: expired. try again
williamdunne: Automate using this
danielpbarron: williamdunne, that means you're decrypting on the same machine that has internet?
williamdunne: Yes, I'm a peasant that does that
mircea_popescu: mike_c win
btcg: !changekey CDA330208F2249841291524C65A7427639BAE3AB
assbot: Request successful, get your OTP: http://w.b-a.link/otp/5844d86bdf7b9395
williamdunne: I'll eventually create another key offline which I'll use as a master or summin
williamdunne: In case of breach
williamdunne: Stick authentication of it in deedbot or summin
mircea_popescu: mike_c will be going up shortly, guy's online and all.
cazalla: lol those comments always remind me of this scene https://youtu.be/n16uBK71miQ?t=1m
mircea_popescu: midnightmagic i have my doubts about how all that *pathic stuff works. kinda weaponized terminology, like "heretic"/"disbeliever" in middle ages.
cazalla: what sorta person are you mircea_popescu terrorizing those poor sods on fetlife
btcg: !v assbot:btcg.changekey.cda330208f2249841291524c65a7427639bae3ab:6448f8043a7a44284ff9e38a2c9c7c34ffb455f01d9c8618ec07770e996d43a9
assbot: Key 39BAE3AB / "boxsk <boxsk@tutanota.com>" successfully imported.
assbot: New key fingerprint for btcg is: CDA330208F2249841291524C65A7427639BAE3AB
mircea_popescu: cazalla the masochist and the terrorist. should be a book.
BingoBoingo: !up dandelany
mircea_popescu: <justJanne> BingoBoingo: Yes — remember, I use no Google services, and modified half of the apps on my phone myself. << o.O what are you, like a hacker ???
justJanne: A CompSci student.
mircea_popescu: you gotta appreciate, a compsci student in the us is a guy that's too autistic to deal drugs.
mircea_popescu: otherwise about as literate.
mircea_popescu: !up btcg
justJanne: Nah, they'd fail Math101 here.
mircea_popescu: iirc math101 is no longer with numbers
justJanne: Without that you can't progress in CompSci.
mircea_popescu: they were racist.
justJanne: And math101 is helpful here, about 90% fail that class.
justJanne: Helps keep the study free from scriptkiddies.
btcg: ty mircea_popescu
justJanne: And, tbh, math101 at university isn't supposed to work with numbers. Math 101 is set theory, logic, lists, trees, functions, relations, sur/in/bijectivity, upper and lower bounds, complexity, etc.
mircea_popescu: i think alf might fall in love.
BingoBoingo: justJanne: At my school those topics were all in 300 series classes.
mircea_popescu: yeah, but you went to a good school.
justJanne: Right now I'm taking second semester classes, last week homework was doing RSA on paper.
justJanne: In math
mircea_popescu: i have my doubts if you could get a decent definition of the notion of number from one in ten us graduates.
← 2015-05-16 | 2015-05-18 →