asciilifeform: phf: l0l!
asciilifeform: and the examples are quite contrived.
asciilifeform: http://btcbase.org/log/2016-04-09#1449300 << imho this is lame, sheerly from the fact that i need 10x as many keystrokes to transform an old link to a usable one.
asciilifeform: fuck iso.
phf: i think i'll add /log/?date=09-04-2016
phf: which'll do correct redirect, but i didn't have the time. tomorrah
mircea_popescu: ;;seen davout
gribble: davout was last seen in #trilema 19 hours, 20 minutes, and 33 seconds ago: <davout> mircea_popescu: http://dpaste.com/0HR7P5B.txt
mircea_popescu: $up dooglus
deedbot: dooglus voiced for 30 minutes.
mircea_popescu: you up the same way, say $up to deedbot in pm then $v
mircea_popescu: and in other breakfast news, http://41.media.tumblr.com/43a7927447299f00dcdf7c7848abb343/tumblr_n6lnvegu0b1t0gmzbo1_1280.jpg
asciilifeform: 'MF are running the WP SMTP plugin which gives you the ability to send mail from your website via a mail server. This plugin stores email server address and login information in plain text in the WordPress database. ... MF are also running the ALO EasyMail Newsletter plugin which provides list management functionality. One of the functions it provides is to receive bounced emails from a mail server and automatically remove those boun
asciilifeform: ced mails from the subscriber list. To do this, the plugin needs access to read emails from the email server. This plugin also stores email server login information in the WordPress database in plain text. ...'
asciilifeform: hola señor popescu !
mircea_popescu: como andan ?
asciilifeform: El coronel no tiene quien le escriba, Полковника никто не ждет, Большие города, ... , Ни берега ни дна , Холодная война. (tm) (r)
mircea_popescu: in other open questions for the esteemed citizenship, please explain how quadrupedes walk.
asciilifeform: which ones ?
asciilifeform: camel - quite unlike dog, etc.
asciilifeform: (exercise for the reader - determine which animal(s) the famous machine 'bigdog' walks as.)
mircea_popescu: dog/cat/mostly horse
mircea_popescu: you know, the common ones.
mircea_popescu: check it out, invalid cert
mircea_popescu: valid for 0ldrepublictitle.com ?
asciilifeform: i get plain http l0l
asciilifeform: oh hah
asciilifeform: pasted internal link from the site
asciilifeform: with the link pasted, i see their traditional cert.
mircea_popescu: oh check it out, the independent didn't have 17.9 btc spare.
asciilifeform: mircea_popescu is getting a monkeyed route it seems ?
mircea_popescu: for fiat science, vorwarts!
mircea_popescu: jesus christ look at that, sha384.
mircea_popescu: anyway, wtf is this 0ldrepublictitle.com
asciilifeform: i see no such thing.
asciilifeform: openssl s_client -showcerts -connect cryptome.org:443 </dev/null 2>/dev/null|openssl x509 -outform PEM >cryptome.pem
asciilifeform: ^ gets what ?
mircea_popescu: lemme export the whole hierarchy sec
asciilifeform: (given command only shits out the 1st in the chain)
asciilifeform: i do not see the '0ldrepublictitle.com' crud anywhere in my chain.
mircea_popescu: https://certificate.revocationcheck.com/whisperhearing.com << and w/e THAT is either.
mircea_popescu: asciilifeform so i got a different chain.
asciilifeform: holy fuck is this a cheap diddle.
asciilifeform: y so cheap!!11
mircea_popescu: openssl reports same as in dpaste.
asciilifeform: in yours, i presume
mircea_popescu: so what are all these domains then :D
mircea_popescu: compare, for your amusement, dig 0ldrepublictitle.com with dig access.0ldrepublictitle.com (the latter is what the cert really serves)
mircea_popescu: rarely have i seen all the letter servers from a to m be in the authority section of an obscure, blogger.com-esque domain.
asciilifeform: i see same thing in both.
mircea_popescu: with cryptome.org i meant
mircea_popescu: in other lulz, "The team of hearing care professionals at. Whisper Hearing Centers use the most advanced technology. My Humor. Talking some good old fashion gossip" etc.
mircea_popescu: so why is some aural health clinic in roseville/oakland connected to this thing then.
asciilifeform: why do you THINK. l0l.
asciilifeform: except, again, it is only connected if you're on mircea_popescu's end of the ferretcannon.
asciilifeform: fabff2ffd92a4118b31279ee8dad6c5101202b1aae815dd392d175ff9f4e96cfe3d0ad31e0f910c06e10bc90a4224526911857747a7744960bf533fb2560bce8 << mine.
mircea_popescu: $ wget -l 0 -qO- https://cryptome.org | sha512sum cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e
asciilifeform: oh for FUCKS sake
deedbot: $ wget -l 0 -qO- https://cryptome.org | sha512sum cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e is not a command.
asciilifeform: dollars to doughnuts you get a diddled john young pgp pubkey
asciilifeform: can haz diff ?
mircea_popescu: in a sec ya
mircea_popescu: i gotta confess this was the best cryptome link to date. usually it's kinda flat.
mircea_popescu: asciilifeform so where do you want me to get the key from ?
asciilifeform: mircea_popescu: just diff plox
asciilifeform: i'd like to know the diddlepayload.
mircea_popescu: between the stuff in dpaste and ?
asciilifeform: and your wget ....
mircea_popescu: of ?
mircea_popescu: a ok ok
asciilifeform ON A MOTHERFUKING SATURDAY yet ANOTHER phone interview with folks who ~lied~ in advertisement re telecommute
asciilifeform: srsly the derpery
asciilifeform: 'caek for sale' rrrrring 'let's talk about the cake' 'ok' [next day] 'let's talk about the cake. we don't actually have cake. but we have some broken glass and cement. how would you like some??'
mircea_popescu: this shit doesn't even wurk
mircea_popescu: for srs.
asciilifeform: try curl ?
mircea_popescu: curl works fine o.O
asciilifeform: paste the raw text, i'ma 'meld' it
mircea_popescu: for great glory, it almost starts with "petuh"
asciilifeform: null diff !
mircea_popescu: vhell then!
asciilifeform: $ sha512sum mp.txt
asciilifeform pictures hitler minion, who turned off the jammer ~just in time~, cackling
mircea_popescu: yeh same hash.
mircea_popescu: i still get the same pem tho
mircea_popescu: in other lulz " www.0ldrepublictitle.com; or visit us on Facebook at ORNTIC or ORTC, or on Twitter @OldRepTitle. The Old Republic Title Insurance Group, Inc. is comprised of ..."
mircea_popescu: so what the fuck is the relation between a cali hearing clinic, a mid sized title holding/services company such that they'd share certs ? and no, it's not JUST on the mp end of the cannon : http://archive.is/uHV8m
asciilifeform: clinic and title company both ran winblowz and Generous Shareholder Donated their cert to ftmeade ?
asciilifeform: i thought this was obvious
mircea_popescu: no i meant from the alt-reality usg perspective
mircea_popescu: "never happened - but if it did happen, then... what ? operator error ?
asciilifeform: from inside the mental asylum, this... idk, helps stand up the delusion that anyone gives half a shit re ssl ?
mircea_popescu: yeah totally
asciilifeform: props up the notion that the master keys aren't owned by hitler and therefore this idiocy must be done ?
asciilifeform: or that the protocol isn't swiss cheese on all levels outside of the crypto ?
asciilifeform: or, or.
mircea_popescu: anyway. was entertaining.
asciilifeform: would've been mega-entertaining if not for the null diff. but sure.
asciilifeform: BingoBoingo et al ^ qntra-able ??
mircea_popescu: possibly of interest to the cryptome people only.
asciilifeform: not imho mega-nyooz but it beats the 'furry' nonsense
mircea_popescu: nah, that's funny, this is tedium.
mircea_popescu: people who know the us is a scam know the us is a scam. people who "don't know" "don't know" for various good reasons that this bit isn't addressing.
asciilifeform: there still always remains the chance to not merely 'x is a scam' but to take the scammer, and nail his arms and legs to the floor
asciilifeform: imho more rewarding pasttime
mircea_popescu: can't argue with that.
mircea_popescu: anyway, root domain isn't a very good test. who knows, maybe there's some web-based "log in" state thing somewhere on cryptome or w/e.
asciilifeform: not visibly.
asciilifeform: i get diffs only when he updates the text.
asciilifeform: and only there.
mircea_popescu: wouldn't necessarily be linked from main
asciilifeform: (there are no timestamps, cache control crapolade, etc)
BingoBoingo: <asciilifeform> BingoBoingo et al ^ qntra-able ?? << Mebbe? Lemme take a look
BingoBoingo: Ok, someone with a better idea of how SSL works, pls qntra this
BingoBoingo: * asciilifeform ON A MOTHERFUKING SATURDAY yet ANOTHER phone interview with folks who ~lied~ in advertisement re telecommute << Seriously try home depot
BingoBoingo: Who knows alf mebbe you even get to make friends with some orcs?
shinohai: "Police dropped all endangerment charges in exchange for him not filing a complaint about them expressing relief he won’t be able to reproduce." https://thevalleyreport.com/2016/03/14/man-shoots-off-his-own-penis-taking-selfies-with-gun/
asciilifeform already has a shitjob, dun need another that pays 10x less for anything
deedbot-: [» Contravex: A blog by Pete Dushenski] Five cars, four peoples, $3 mn, two turtledoves, and one supreme weapon. - http://www.contravex.com/2016/04/09/five-cars-four-peoples-3-mn-two-turtledoves-and-one-supreme-weapon/
jurov: http://btcbase.org/log/2016-04-09#1449442 << was that https? they likely use some middleman like cloudflare which issues one common certificate per random group of customers
jurov: just checked, they still do it, there's like 40 alt names on one cert
asciilifeform: jurov: realize, i see no such thing here
asciilifeform: jurov: try usa proxy & see what i mean.
asciilifeform: and afaik cryptome never used shitflare.
asciilifeform: ;;later tell adlai holy shit did you really end up in an asylum ?
asciilifeform: http://www.contravex.com/wp-content/uploads/2016/04/hitler-did-nothing-wrong-mountain-dew.jpg << win
mircea_popescu: jurov doesn't seem to resolve to a cloudflare ip, but possible.
mircea_popescu: tho if cryptome actually uses cloudflare... lol.
ben_vulpes: asciilifeform: how d'you figure re adlai ?
BingoBoingo: Y U SO inquisitive?
mircea_popescu: lol. but srsly, conn reset ? wut ?
deedbot-: [Trilema] Eulora : Official April Auction, or A Story of Toils - http://trilema.com/2016/eulora-official-april-auction-or-a-story-of-toils/
shinohai: ;;later tell BingoBoingo disregard msg above, this version has ref links: http://ix.io/vIc
asciilifeform: ;;later tell ben_vulpes http://oopweb.com/Ada/Documents/AdaLinux/Volume/book.html
asciilifeform: ^ not barnes but very useful
BingoBoingo: ty shinohai
shinohai: thx for title, I always forget that.
asciilifeform: shinohai et al : http://qntra.net/2016/04/more-sourceforge-fail/#comment-51370
shinohai: The only reason I used it was for trb private key issues, and the last time I tried to add a key it borked the entire wallet.dat.
phf: RUN MORE... oh wait now
asciilifeform: run moar shit ya didn't read off whoreforge
asciilifeform: (serving up infected exe since, when, 2010 ?)
asciilifeform: at least.
phf: mac version of torrent client i use was compromised couple of months ago, "oops we found a ransomware, we don't know how it got there"
shinohai: You use transmission?
asciilifeform: aha, 'transmission', famous
shinohai prefers rtorrent
mircea_popescu: i don't get this, you installed it recently ?
phf: well, no my version is like year old or so
asciilifeform: folks who left 'autoupdate' on, got phucked
mircea_popescu: folks who "leave autoupdate on" really weren't fucked enough.
phf: nor do i have autoupdate on anything, obviously
mircea_popescu: worst scum.
asciilifeform: mircea_popescu: consider that the proggy ran on ~os~ with autoupdate.
mircea_popescu: it exists for linux too, im sure.
asciilifeform: http://researchcenter.paloaltonetworks.com/2016/03/new-os-x-ransomware-keranger-infected-transmission-bittorrent-client-installer << linked from, even. pretty good dissection.
asciilifeform: 'As KeRanger encrypts each file (i.e. Test.docx) starts by creating an encrypted version that uses the .encrypted extension (i.e. Test.docx.encrypted.) To encrypt each file, KeRanger starts by generating a random number (RN) and encrypts the RN with the RSA key retrieved from the C2 server using the RSA algorithm. It then ....' << L0l!1111
asciilifeform: '... encrypts the RN with the RSA key retrieved from the C2 server ...' << !!
mircea_popescu: hey, same way gpg works.
mircea_popescu: "symmetric key"
phf: but i wouldn't necessarily think twice when provisioning new system. i ended up provisioning this imac entirely from things i found on backup drive. that's it, i'm airgapping up in this bitch
asciilifeform: mircea_popescu: y'know, not ~all~ malware artists are tards. some folks have embedded key.
mircea_popescu: from your own link : the only other mac thing wasn't even working.
asciilifeform: these are common, believe or not.
asciilifeform: crapware that doesn't even run.
mircea_popescu: ironically, this shit was signed with apple's whatever.
asciilifeform: (in the old days this was unheard of, because the thing needed to propagate after all.)
mircea_popescu: totally shooting the discussion re "trusted cpu".
mircea_popescu: if fucking apple can't keep its key safe...
asciilifeform: mircea_popescu: signed with apple's developer cert !
asciilifeform: understand, this means that somebody cought up $100
asciilifeform: i can do right now.
asciilifeform: sign 10 times.
asciilifeform: they get revoked at the drop of a hat.
asciilifeform: just like microshit's driver signing certs.
mircea_popescu: i don't see how any of this is a counter to what i said.
asciilifeform: because this is not a precious master key
mircea_popescu: yes, the "strong wall" will be breached by the owners themselves. of course.
mircea_popescu: this is why the whole "security" shit dun work.
asciilifeform: but something their coke machine dispenses when you stick in a benjie.
mircea_popescu: not as drm, not as tpe, not as w/e.
mircea_popescu: they want to live in a world of idiots. this means they can never be safe. full stop.
asciilifeform: well the plebe-cert-signed shit doesn't get to turn ~all~ of the knobs
asciilifeform: that's how the drm prison worx
mircea_popescu: all the knobs that are must be ; and necessarily must be. the knobs that are not, are not ; and necessarily can't be.
mircea_popescu: do you want to hear it in greek, also ?
phf: meta-nsa has best keys of course
asciilifeform: phf: meta-nsa relaxes and smokes in the corner, it doesn't need keys, sends magic udp
asciilifeform: mircea_popescu: crapple app dev keys and microshit driver keys play roughly the same role in ecosystem as that cali hearing aid shop's ssl cert.
asciilifeform: i.e. they get harvested by folks lookin' to do some infectin', and revoked immediately when the news break
asciilifeform: cheap, disposable.
asciilifeform: easy come, easy go
mircea_popescu: i don't think you take the point, perhaps for lack of familiarity with anaximander.
asciilifeform: let's have it
mircea_popescu: in any case : the fiat world will never be secure, no matter what.
asciilifeform: fiat world is exactly as secure as... the zoo.
asciilifeform: yes, once in a while some critter escapes.
asciilifeform: generally, they stay on the correct side of the bars.
mircea_popescu: this is not so.
mircea_popescu: a better model would be "a zoo where the humans are scored by how many times the animals have sex with them"
asciilifeform: bit of a puzzler
asciilifeform: (who is scored in an ordinary zoo, and how? i dun follow the analogy)
mircea_popescu: the correct model, ie, the zoo, is right here. the republic is a zoo. outsiders are kept in cage.
mircea_popescu: the fiat world is not such. yes, it has the choice to either become such, in which case we won, or else keep trying to pretend no child left behind. in which case we win. etc.
mircea_popescu: in an ordinary zoo, humans are scored like in any other employment. by how often they come late, and other factors.
asciilifeform: fiat world has, what, 400 yrs. of accumulated fat, with which it carries out caligulistic nonsenses like, yes, 'child left behind'
mircea_popescu: that is definitionally its identity.
mircea_popescu: if it abandons that, it no longer substantively exists.
asciilifeform: which is ?
mircea_popescu: "no child left behind"
asciilifeform: incidentally, and perhaps mircea_popescu does not know this, but even here in the heart of mordor this phrase is a comical byword for idiocy, like nixon's plumbers
mircea_popescu: so ?
asciilifeform: but i definitely see how it handily encompasses the varied crimes of the egalitarian cult.
mircea_popescu: what, and if 15 yo girlie "mocks" some dude in her english class that means she's not interested ?
asciilifeform: no i get it.
mircea_popescu: so yes, "walled garden". except it's not so walled as to prevent INEPT third worlder to "we are accept only bitcoin".
asciilifeform: re earlier thread, here is an interesting example of strong cage - intel microcode
mircea_popescu: the bar it poses is exactly that, ~100 bucks, ie fifteen minute's labour or w/e.
asciilifeform: in 20 yrs of signed microcode patches, NOTHING leaked out, not only keys, but even the format of the payload.
mircea_popescu: similarly, in 500 years of continued derpery, nobody bombed isfahan.
asciilifeform: (key exists, legendarily, in 1 copy, in the castle of doom, etc.)
mircea_popescu: i'm sure that'll do something for the future.
mircea_popescu: but it says exactly nothing about the item being strong, it's all about the item being worthless.
asciilifeform: i disagree.
mircea_popescu: and on what basis ?
asciilifeform: not only on the obvious basis of 'can add magic instruction' but 'will reveal magic instructions that have been added in 20 yrs of nsa-supplied patches'
mircea_popescu: "isfahan could host the mother of the red heifer"
mircea_popescu: this is no basis.
mircea_popescu: basically, i've by now distilled the unifying, common principle of all our disagreements to date. it is as follows :
mircea_popescu: you use engineering valuator, which defaults to 0 and respectively maxint in certain edge cases. this comes into conflict with known floors and ceilings established through political, generally, but occasionally economical valuations.
asciilifeform: iirc i once did explain that my mental model of the enemy is myself with a negative sign.
asciilifeform: and i see this as proper, because scheming against a ~stupid~ enemy is largely a waste of time, because how to know ~exactly how stupid~ he is ?
mircea_popescu: not a matter of stupid.
asciilifeform: so the correct thing to do is to picture enemy who has thought of ~at least~ everything you can think of.
mircea_popescu: and in any case, scheming against an enemy modelled on the basis of yourself is rather silly, seeing how if you are so similar you shouldn't be enemies in the first place.
asciilifeform: not how it works
asciilifeform: different colour uniforms --> enemies.
asciilifeform: or, he has a pie, and i do not, enemies.
mircea_popescu: i dun follow.
asciilifeform: and in all cases the most similar creatures are the ones that must fight
mircea_popescu: certainly not so.
asciilifeform brb, phood
asciilifeform: re the microcode thing, i can picture mircea_popescu going on a bank heist, and, coming up against a massive safe, 'let's not bother with the dynamite, fellas, this thing surely is full of used condoms'
asciilifeform: the intel turds are ciphered and signed for a reason.
asciilifeform: (a reason that was in place as early as '97)
asciilifeform: while it is ~conceivable~ that any particular heavy safe is filled to the brim with used condoms,
asciilifeform: generally it is not why safes exist upon satan's green earth.
mircea_popescu: depends who owns the safe.
mircea_popescu: i don't let the enemy inform my decisions by his behaviour this explicitly. you ever read the fox and bear fable ?
mircea_popescu: how'd they say in russian, "trage, trage ca de radacina tragi"
mircea_popescu: ah so then dunno it ? this one : http://www.neamt.ro/cmj/Creanga/Ursul_pacalit.html
mircea_popescu: ie how the bear lost its tail.
asciilifeform: ah i was thinking of aesop's
mircea_popescu: story in brief :
mircea_popescu: fox wakes up to the sound of peasant driving very heavy cart full of fishes from the lake. climbs in quietly, and while on its back pushes fishes off the cart with feet. then collects it up and goes home.
mircea_popescu: on way home, bear, who at the time had splendid tail, nicer than fox', asks where she got all the fishes.
mircea_popescu: fox explains that you go to lake, put tail in water, pull out full of fishes.
asciilifeform: ah yes i recall this!
mircea_popescu: bear believes, proceeds. overnight the lake freezes, with his tail inside, as he pulls he thinks there's lots of fishes. breaks tail off.
mircea_popescu: seeks out fox in a rage, fox runs into a tree hole. bear can't get in, grabs a hooked branch, tries to get fox
mircea_popescu: whenever he catches on fox, fox cries out in joy "pull, pull, you're pulling on a root"
mircea_popescu: whenever he catches on root, fox goes "o noes, stop with the pulling you're killing me"
mircea_popescu: si asa a ramas ursul pacalit de vulpe [and so the bear was left tricked by the fox]
asciilifeform: we definitely had this tale.
mircea_popescu: so how do you say the "pull, pull" bit ?
asciilifeform: https://www.youtube.com/watch?v=k5rMKHLV6Hk << variation on this theme. with ~wolf~ instead of bear, and a number of other tweaks.
asciilifeform: мерзни, мерзни, волчий хвост !
asciilifeform: ^ iconic phrase known to every kid
asciilifeform: 'freeze, freeze, wolf's tail!111'
mircea_popescu: kinda weird tho, as wolf has tail.
asciilifeform: he was supposed to have had ~moar tail~ !111
mircea_popescu: but wolf eats fish ?
asciilifeform: this one does!11
asciilifeform: or ~would~ if he could catch!
mircea_popescu: $up joecool
deedbot: joecool voiced for 30 minutes.
mircea_popescu: you can self-up cantcha ?
joecool: mircea_popescu: deedbot functions same as assbot did?
mircea_popescu: yeah, pm it $up and then $v the otp
joecool: I see, thank you
mircea_popescu: hey phf, can i get you to log into eulora for an hour ? i need a noob to do a bouq click to see what comes out.
phf: i don't have a eulora build on this machine
mircea_popescu: the damndest thing, the people who play it aren't noobs, and the noobs don't play it :D
mircea_popescu: who the fuck could have predicted.