Show Idle (>14 d.) Chans

← 2016-08-02 | 2016-08-04 →
asciilifeform: there is not such a thing as 'we used for x years and no reported problem.' quite conceivably the correct yamamoto has simply not yet flown.
fabio__: sure, sure
asciilifeform: or, alternatively, flown 10,001 times to his death, unreported.
asciilifeform: statistical methods are wholly inappropriate here.
fabio__: i totally agree, but what I was getting at was what methods of analysis do you trust
fabio__: internet protocols have RFCs
fabio__: by the time they have made it there they have undergone enough analysis to be robust enough to use
asciilifeform: fabio__: the only cryptosystem for which any rigorous analysis exists is vernam (otp).
fabio__: you use rsa
fabio__: and endorse it
fabio__: how did you arrive at this conclusion?
asciilifeform: i use a buncha stuff
asciilifeform: most recently, a battery that nearly turned to a frag in my pocket
asciilifeform: use - what's available.
asciilifeform: and understand the limitations.
asciilifeform: $up nosuchlabswww
deedbot: nosuchlabswww voiced for 30 minutes.
asciilifeform: nosuchlabswww: hello ?
asciilifeform: nosuchlabswww: lemme guess, you clicked 'contact' link on the www. presumably you have something to say ?
nosuchlabswww: Not really. Just read about phuctor and the square rsa keys and shit.
mircea_popescu: fabio__ rsa has the advantage that it's the simpler solution. i thought i said this before.
nosuchlabswww: Havent been in a irc since 1999. Brings back memories.
mircea_popescu: or do you specifically want to hear it out of his mouth also.
mircea_popescu: nosuchlabswww the chicks are hotter now.
fabio__: you did, but I'm fighting through the snark to ask for more details ;)
asciilifeform: fabio__: what kind of details are you interested in ? there is no reduction-to-complexity-class proof of hardness for either cryptosystem.
asciilifeform: it is, for instance, not proven that rsa reduces to difficulty of factoring integers, or what complexity class factoring is in.
mircea_popescu: not that we're even sure "complexity class" is meaningfully defined for this purpose
mircea_popescu: last the topic was took up it came out that no, it's absolutely not.
asciilifeform: in the elementary sense of 'number of ops required to solve avg case'
mircea_popescu: avg case is of no interest here.
asciilifeform: there is also this.
fabio__: so in your mind, new comers are not worth considering RSA unless they are equivalent in complexity or simpler. and until RSA is broken no need to migrate?
asciilifeform: and yes, we had a thread
mircea_popescu: fabio__ rsa is not breakable in the "shit someone broke openssl" sense you seem to be thinking of.
mircea_popescu: if someone breaks rsa you have all sorts of other problems to contend with.
fabio__: yes I know, integer factorisation problem
fabio__: so in your mind, new comers are not worth considering RSA unless they are equivalent in complexity or simpler. and until RSA is broken no need to migrate? <-- is this fair?
mircea_popescu: what does "new comers" mean ? like, people fresh out of highschool ?
fabio__: for example ECC
fabio__: alternatives
mircea_popescu: you mean, "alternatives for rsa are not worth contemplating" ? sure, they are, much like anything's worth contemplating. it's educative if nothing else.
mircea_popescu: but "the new better replacement for copper pipe" is not worth contemplating today like it wasn't worth contemplating in 516 ad.
fabio__: your said "fabio__ rsa has the advantage that it's the simpler solution."
asciilifeform: ~contemplate~ whatever suits your fancy -- folks have... contemplated, e.g., trains with triangular wheels riding on sinusoidal rails.
asciilifeform: ~adopting~ is another matter.
fabio__: so alternatives that are more complex are regarded as lesser
fabio__: that's one criteria
mircea_popescu: always and everywhere in engineering, this is the case.
mircea_popescu: $s muntz
asciilifeform: fabio__: understand, also, that someone who offers you a more complicated (i.e. more moving parts) cryptosystem without ~justification~, is attempting to compromise your security, no less than if he were stalking in your garden under the cover of night bristling with cameras and antennae
mircea_popescu: well the ecc justification is "shorter keys", other than a bunch of "new! better!" crapola.
fabio__: ok I think I understand your position a bit better now thanks
mircea_popescu: $up nosuchlabswww
deedbot: nosuchlabswww voiced for 30 minutes.
nosuchlabswww: Not trying to spam. Check out qntra dot net. Fourth article down is about rsa and brought me here. Good read and new article.
mircea_popescu: good for you.
nosuchlabswww: Phuctor Finds Seven Keys Produced With Null RNG, And Other Curiosities
mircea_popescu: asciilifeform btw re the fermat discussion, i wonder if anyone ever did a proper review of rsa code for lattice and fermat-closeness weakness in p,q generation.
mircea_popescu: one obviously hopes that gpg did. but then again the brutal teacher that is experience shows it's wiser to suspect everyone merely hoped someone else did it.
asciilifeform: mircea_popescu: well... indirectly: us.
mircea_popescu: yes but no. for one thign you don't do lattice search iirc ? for the other, the keys we're working on are too large.
mircea_popescu: more practical would be to force the code to make a pile of say 64 byte keys and sieve them.
mircea_popescu: /* make sure that nbits is even so that we generate p, q of equal size */ << what ?
mircea_popescu: this is already a fucking stupid idea.
asciilifeform: we had this thread...
mircea_popescu: why give away this fucking trivial protection.
mircea_popescu: we did ?
mircea_popescu: how did it go ?
a111: Logged on 2015-05-24 14:45 Apocalyptic: "there's no guarantee p and q have the same bitsize is there ?" // I think there is, a couple of lines above it generates them both with nbits/2 bits, so I would say yes, unless there is a bug in "generate_secret_prime", because this function specifically sets the two high bits to 1
mircea_popescu: when we reimplement rsa plox : a) either p length odd and q length even or vice-versa ; b) neither within 1 of a lattice power
asciilifeform: could've sworn this was in the logz
mircea_popescu: asciilifeform same length p q is fucking stupid.
asciilifeform: even that snipped from gpg
asciilifeform: *snippet
mod6: <+asciilifeform> could've sworn this was in the logz << i recall a few discussions, ya.
mircea_popescu: actually to formalize that : a 4096 bits key means a p that is 257 to 259 bytes long ; and a q that is 258 to 260 bytes long. end of fucking story.
mircea_popescu: oh and to revisit : guess what mistake the dutch made, that the japanese repeated in ww2.
a111: Logged on 2016-08-03 02:58 mircea_popescu: incidentally, the curious amateur historian may be well served by a review of the 2nd anglo-dutch war. some underlined parts : the anglos were deeply overextended politically - their crummy country consisting of one single town and a bunch of retarded peasants ; while the republic had many more merchants, with lots more money. in practice this meant that the english could pay for one ship where the dutch could afford seven ;
mircea_popescu: yes, that's right : landed at chatham, burned the ships, FAILED TO BURN THE FUCKING DOCKYARDS.
a111: Logged on 2015-05-20 15:03 mircea_popescu: << speaking of this, am I the only one nonplussed by all this "we use <<best practices>> fixed exponent" bs ? it's an unavoidalbe magic number , okay, but it's tyhe sort that should eminently be a knob for the user. a proper gpg would have e user-settable at the key generation phase (with 65536+1 as a default, sure)
mircea_popescu: mod6 ok but none of this resulted in "current gpg shitfest is acceptable"
mod6: ya, no
mod6: <+mircea_popescu> more practical would be to force the code to make a pile of say 64 byte keys and sieve them. << this would be interesting.
BingoBoingo: "The results mean that, on Nov. 8, the state's gubernatorial race will be between Koster, a former Republican turned Democrat, and Greitens, a former Democrat turned Republican."
BingoBoingo: Guess we now know who killed Missouri's late next governor
mircea_popescu: and speaking of gpg deplorable state asciilifeform can you think of any possible reason the damned thing doesn't come a) bundled with ent and b) with ready implemented tests of local entropy while c) key generation is a subset of entropy testing in all cases ?
deedbot: [Trilema] MiniGame (S.MG), July 2016 Statement -
shinohai: ;;bc,stats
gribble: Current Blocks: 423466 | Current Difficulty: 2.0189321085305896E11 | Next Difficulty At Block: 425375 | Next Difficulty In: 1909 blocks | Next Difficulty In About: 1 week, 5 days, 9 hours, 30 minutes, and 23 seconds | Next Difficulty Estimate: None | Estimated Percent Change: None
asciilifeform expected this idiocy to pop up at some point.
shinohai: Well after getting his fudge packed for so long, I guess it finally made it's way to his brain.
asciilifeform: << the obvious reason: at this point, even the lamest system rng (urandom, etc) are 'whitened' and trivially pass the tests, while having anywhere from 0 to whatever actual hardware entropic content
a111: Logged on 2016-08-03 06:15 mircea_popescu: and speaking of gpg deplorable state asciilifeform can you think of any possible reason the damned thing doesn't come a) bundled with ent and b) with ready implemented tests of local entropy while c) key generation is a subset of entropy testing in all cases ?
asciilifeform: it is useless to test rng that is, to steal hanbot's phrasing, 'an unknown mixture of fact and hogwash'
asciilifeform: (recall, e.g., digits of pi, pass the ent tests.)
asciilifeform: to compactly rephrase, entropy testing is only useful when you ~know the design of the rng~
asciilifeform: otherwise you get slipped the wonderfully entropic digits of some transcendental constant and that'll be it.
mircea_popescu: asciilifeform yes, but this is not a reason to not have the tool.
mircea_popescu: otherwise you're in the position of the camper who doesn't pack a burner because, technically speaking, he doesn't know there will be oxygen where he goes, not having been there before.
mircea_popescu: (also by definition whitening doesn't trivially pass the tests, just superficially seems to.)
asciilifeform: mircea_popescu: whitened crapolade passes all known entropic tests, in fact considerably better than the 'real thing'.
asciilifeform: (e.g., aes of a stream of nulls, outscores (debiased) geiger, electric rng, whatever you like, on ~100% of the tests)
mircea_popescu: passing it better than the real thing is failing, innit.
asciilifeform: if it were a consistent, known-quantity effect - yes
mircea_popescu: well, it's a statistical matter, so modellable like any other.
mircea_popescu: anywya, i don't dispute that "accidentally"-deliberately nobody put any effort into rng quality assurance ; key quality assurance ; etc.
mircea_popescu: but i do dispute that for this reason it then follows there also can't be put any.
asciilifeform: my contention is that this test belongs on the system end.
mircea_popescu: all tests must always and forever be in the hand of hte user.
asciilifeform: because on the userland end, ~100% of shit os will pass.
asciilifeform: even winblowz.
mircea_popescu: the concept of test is, definitionally, "on user end".
asciilifeform: testing whitened bits which may or may not even have actual physical entropy behind them is ~useless.
mircea_popescu: this is also true.
mircea_popescu: it just doesn't actually speak to the foregoing. i suppose the correct rsa implementation comes with a kernel patch.
mircea_popescu: (incidentally those "accidental"-deliberate fucktards : fixed whitening scheme ? really ? what the FUCK! if there's anything in the entire fucking os the user must be able to customize, it's NOT the fucking glyph table / window size for the love of christmas fucks!)
asciilifeform: hey they're genius exam takers, whaddayaexpect, 'we want to pass ent' 'how to pass' 'whiten' 'done'
asciilifeform: they 'hired the cheapest soothsayer' !!111
asciilifeform: if there is anything one cannot accuse insects of, it is lack of economy.
mircea_popescu: maybe (there is a valid argument here, that at the time they were making this shit it was for toys not btc nodes). or maybe they're just usefully idiotarian.
mircea_popescu: i prefer to discern between the two by their reaction to events. the fact that they're not all here means they're all there.
mircea_popescu can't think of any valid excuse anyone involved in os design could possibly have not to already be in wot.
asciilifeform: it is a kind of forced/nudged idiotarianism, via os architecture, useland does not have the direct access to the hardware (incl. the scheduler) to force a proper sampling of whatever hardware rng
asciilifeform: *userland
asciilifeform: so rng gets stuck as an os api function
asciilifeform: and userland proggies trust it implicitly, lacking any alternative
mircea_popescu: im not sure this model can/should be breached.
mircea_popescu: but better rng code could well live in the os.
asciilifeform: recall how the original pgp collected keystroke fuzz etc.?
mircea_popescu: the verbiage still reflects this
asciilifeform: it was a desperate wunderwaffen.
mircea_popescu occasionally lulz at girlies earnestly clucking around to speed up key production.
mircea_popescu: "hey, it says on the screen"
mircea_popescu: "o ya ? then put echo "come suck my dick"; in bash!"
asciilifeform: << i must now point out that ~everyone ~involved in os design~ is... dead
a111: Logged on 2016-08-03 13:57 mircea_popescu can't think of any valid excuse anyone involved in os design could possibly have not to already be in wot.
mircea_popescu: o right, they recently got the last one huh.
mircea_popescu: well, not an excuse, but definitely an explanation.
asciilifeform: and likewise their designs are also dead (or alive in museums and collections like mine)
asciilifeform: linux, quite arguably, was designed by no one
asciilifeform: (has no design.)
mircea_popescu: well no, linus is the foreman-architect there.
asciilifeform: foreman. but no design.
asciilifeform: just 'tip the dump truck here and here'
mircea_popescu: as per aristotle, there is no such thing as "no design"
asciilifeform: by that token a dog taking a shit is a sculptor.
mircea_popescu: and he is.
asciilifeform: uselessly debased concept.
mircea_popescu: speaking of which, i once knew anal sculptor girl. she'd insert condom full of prepared gypsum, shit it back out.
mircea_popescu: debased, yes. uselessly, no.
asciilifeform pictures said 'sculptor' grunting out a dodecahedron
mircea_popescu: well no, feminist you see. had no use for those e=mc2 shapes that predilect the edge of light over roundnesses much more important ... to "us".
asciilifeform: only 1 shape matters, aha, lel
mircea_popescu: one time one person inquired at party "but what's with all the monster cocks"
mircea_popescu: they weren't on speaking terms thence.
asciilifeform: the situation of open sores is really not at all different.
asciilifeform: all of the proggies have roughly this very same shape.
mircea_popescu: kinda what reminded me.
asciilifeform: same organ, same shape, mega-unsurprise
mircea_popescu: see, but that's not it. same FUNCTION of organ. that's the issue. the anal ring is made to keep farts in, and ~arguably~ to pleasure a beloved penis now and again. this is very much the same function.
mircea_popescu: nobody asked you to force the poor thing to art ; much like nobody asked you to force the minimal brain of the huswife into producing political discourse and directing ships on the sea.
mircea_popescu: she's well equipped for the things she does, invidious gossip, raising children and burning the cabbage. there's really no call for cabbage os and burned "literature".
asciilifeform: nobody forced poettering.
asciilifeform: just as, per yesterday's thread, nobody forced the bathroom mold.
mircea_popescu: yes, everybody did. that's the problem. when derp mcherperson wants commit access to vomit her versiuon of invidious gossip therein as "comments" and "sensitivity", PEOPLE FORCE IT
mircea_popescu: instead of everyone laughing her into bulimia, and weekly egging and tping the house in which basement she dwells,
mircea_popescu: they go exactly fucking opposite. this is forcing.
mircea_popescu: i get that it's a diffuse, socialist, retarded sort of forcing where nobody actually does anything that could possibly be upon them. but that dun matter so much, if you end up pushed out of bed by a colony of maggots, THE MAGGOTS DID IT.
mircea_popescu: even if any single maggot only exerted 1/800 N and as part of squirming in a different direction altogether,
mircea_popescu: their resultant effort pushed you out of bed.
asciilifeform: a sane exterminator would begin by asking why the bed has 100kg of maggots in it to begin with
mircea_popescu: no. a sane examinator always begins by twisting the necks he can, not the necks he "should".
asciilifeform: $up fromphuctor
deedbot: fromphuctor voiced for 30 minutes.
mircea_popescu: merely opening the matter of should to the maggots is a bad idea.
asciilifeform: this inevitably brings to mind the characters in BingoBoingo's links, who curse doctor for going to the root cause of bedridden maggot farm
asciilifeform: not only is it a mistake to ask the maggots, but likewise it is mistake to ask the maggot-farmer
mircea_popescu: well there is that.
asciilifeform: fact: folks who share their bed with maggots are different, in fundamental and interesting ways, from those who do not
asciilifeform: and not, as they usually contend, simply M units of unlucky, for M == number of maggots
mircea_popescu: this is quite likely true.
mircea_popescu: nevertheless - there must be collective guilt at work here, as a concept, for the opposition. if you are "a computer programmer", and you aren't part of the solution, you ARE part of the problem, ands personally responsible for it.
asciilifeform: there were no 'gender comment commits', not only in, e.g., system v unix, but in symbolics 'genera' (smbx corp employed, interestingly, a multitude of chix, some of whom appear in my bookcase even now)
mircea_popescu: if you are a guy who was on a list where a maggot tried to get in and you didn't, personally, flame and humiliate that maggot,
mircea_popescu: then you are, personally, a bad person.
mircea_popescu: if you participate in "communities" that make this difficult, you are, personally, a bad person. it's not "oh, i'm just trying to on facebook".
mircea_popescu: you're a bad person, there's no two wais about it, kiddy fuckers may be great or horrible. you're horrible, no great.
asciilifeform: well, there is 'Если немца убил твой брат, Если немца убил сосед, — Это брат и сосед твой мстят, А тебе оправданья нет. За чужой спиной не сидят, Из чужой винтовки не мстят.' (tm) (r)
mircea_popescu: being "inclusive" is not merely distasteful. it is actually something to carry on your conscience, as a murder, except worse.
asciilifeform: but fact is, effective pest control does not work by individual squishing.
mircea_popescu: and so following.
asciilifeform: it works by 1) hygiene , and -- distantly -- 2) squishing.
mircea_popescu: asciilifeform yes, but hygiene starts as well as exists as a "better squishing". people given the "hey, it'd be elegant to wash" will wash and retain the bugs. people given the "hey, you will be in this dungeon until you squished all the bugs" given "hey, use this, works faster" WILL fucking wash.
asciilifeform: hygiene starts with ~not attracting~ vermin
mircea_popescu: that's the thing. especially to the inferior man, "hygiene" does not exist, as an abstract. it may only exist as "mechanized individual squishing"
mircea_popescu: in fact, it does. conceptually, it does not.
asciilifeform: not attracting, not supplying array of crevices where they can hide from any form of killing
mircea_popescu: the only practical starting point for hygiene in the mind of the golum is through forcing pain until a desired result. that it's unachievable through means available to the golum does not matter one iota.
asciilifeform: ever live in a flat that CANNOT be cleaned short of demolition and flamethrower ?
asciilifeform: i have.
asciilifeform: i wrote 'don't blame the mice' in it.
mircea_popescu: well depends. i once had a colony of ants. which i personally liked.
asciilifeform: in your kitchen ?!
mircea_popescu: no they were the black sort interested in bugs and whatnot.
mircea_popescu: they patrolled all the outside walls constantly. being no damage they could do to rebared concrete... i really didn't see the harm.
asciilifeform: ah, see, these are a-ok
mircea_popescu: judge your chances to get rid of that colony though.
asciilifeform: that's the other end of advanced pest control - cultivate beneficial predators
mircea_popescu: similarly i guess, once had a colony of crickets
mircea_popescu: i also didn't mind them - but it did drive one girl positively crazy. couldn't sleep, eventually had a mild psychotic episode. so i got rid of them.
mircea_popescu: fucking guess how ?
mircea_popescu: borrowed a cat, to live there temporarily.
mircea_popescu: for some reason cats and crickets don't mix. at all.
asciilifeform: cat will devour ~any animal that is roughly in that size range, yes
mircea_popescu: yeah, maybe they hunt them, though i've never personally seen it.
mircea_popescu: alternatively there's some pheromone interaction or something. dunno.
asciilifeform: to briefly go up the stack: 'gender comment commits' aren't cricket-level, they are maggot-level
asciilifeform: there has to be decaying flesh in the mix
asciilifeform: for them to ever appear.
asciilifeform: no amount of individual tweezer work will undecay the flesh.
asciilifeform: the most that can be accomplished is... what a mortician does
asciilifeform: e.g., my embalmed gentoo
mircea_popescu: the point being that i have wisened to understand the problem. it is a lack of negative reinforcement.
mircea_popescu: the reason argentines drive horribly, as well as are incredibly inept economically, and the reason for pretty much all visible misbehaviour is exactly the same : lack of negative reinforcement.
mircea_popescu: if i start screaming at the idiots they WILL execute their job, and well. but absent my scream, they have no fucking idea they're doing a bad job, even. nobody ever told them so.
asciilifeform: well yes. consider the predicament of a maggot trying to feed on living flesh
asciilifeform: or fungus - in a body with functioning immune system
mircea_popescu: nobody ever told 20 yo girly, in her 16 or so years of active intellectual life to date, that she's fucking untalented and needs to go do something she can actually do.
mircea_popescu: so she ends up underwriting debt to "pursue" rank nonsense.
mircea_popescu: idiots must be told they're dumb. often. loudly. in no uncertain terms.
mircea_popescu: this is universally the fucking problem. and it's passively supported by idiots' tendency to build life support systems for themselves, hence the all-pervasive socialism.
mircea_popescu: it's ~like a fungus colony that secretes plastic substrate for itself to live on.
asciilifeform: ^ familiar ?
deedbot: [Recent Phuctorings.] Phuctored: 17407531760166155857697 divides RSA Moduli belonging to 'Ismael de Moura Costa (email pessoal) <>; ' -
asciilifeform: ^ old mirrorolade
mircea_popescu: so in this sense, the solution seems to be quite simply vitriol. dissolve the "acceptance" blanket of idiocy.
mircea_popescu: intolerance saves teh day.
asciilifeform: it is a necessary thing, but not a solution to the infestation in question
asciilifeform: for so long as maggoting on software is even ~thinkable~, the upper echelon of 'aspirational' maggots will bang on the door, and some - will get in.
asciilifeform: nobody's maggoting on reactor - or even bulldozer - design.
asciilifeform: there are fields with crystallized sanity, or at the very least sufficiently well-known hard priors, to make the sort of festering gangrene we live with here, quite unthinkable.
mircea_popescu: i dun think so. to wit : every kid has a toy buldozer, which he does improvements to.
asciilifeform: note that somehow real bulldozer can work without attracting army of adult 'improvers'
mircea_popescu: item such as "articulated bulldozer" which now exists and is factually useful in particular applications, did not exist 50 years ago, mostly because of machining difficulties involved.
mircea_popescu: in fact, the heavy machinery industry is today very much a "designer item" sort of thing, pretty much any large mine will order machinery to spec for its own particular use.
mircea_popescu: that 1% or w/e it shaves off costs over using generics is still many billions.
asciilifeform: it isn't that the machine has never, or could never again, be improved, but that it can stand and work without gathering crowd of 'train pushing face' who want to weld forks, knives, onto it, to 'improve', and be paid for the privilege
mircea_popescu: for all we know a buldozing naggum is dying right now.
mircea_popescu has only vague contacts in minerals at that level.
asciilifeform: hey recall my proposal for standing-wave flexing cable ?
asciilifeform: could just as well paint walls, pick strawberries, etc.
mircea_popescu: what, you want it to move earth ?
asciilifeform: could very easily move earth.
asciilifeform: quickly, in small chunks.
mircea_popescu: all this shit is made of solid steel mostly because earthmoving is barely a step away from direct abrasion. it's like making tools to push the grinder.
mircea_popescu: it all comes down to durability, nothing else.
asciilifeform: at the very least, could pump away the soluble earth, and leave the rocks to be broken up, into same
asciilifeform: as oil drillers do.
mircea_popescu: actually oil drillers use a version of your arm thing.
asciilifeform: minus the articulation, lel
mircea_popescu: it's pressure-directed though.
asciilifeform: but yes, vertically.
mircea_popescu: no, no, flexible piping.
asciilifeform: well yes, there is sometimes a side drill
asciilifeform: and yes, flexed hydraulically, like cock.
mircea_popescu: not VERY flexible, <1/100 or somesuch, but still, can go in directions
asciilifeform: to move yet again up the stack: mining machinery is improved by engineers, who - if not went to a school, at least are literate - rather than by gawkers who 'drinkin' beers, beers, beeers' in front of the mine, suggest 'hey bubba let's weld on a SHIT HANGING OFF THE SIDEZ'
asciilifeform: mao's 'cultural revolution' - in fact, had a brief episode of nearly this, with the 'backyard steel' thing
asciilifeform: $s backyard steel
a111: 11 results for "backyard steel",
asciilifeform: lel, phuctor piece still top of tarddit 'netsec'
asciilifeform: and ~0 notable comment
PeterL: << asciilifeform mircea_popescu does this support "use alphabet not symbols", or is it just emojis are braindead lulz?
asciilifeform: PeterL: ☭!
PeterL: use more communist microshit and crapple?
asciilifeform: 'In March a Frenchman was actually jailed for sending his ex-girlfriend the pistol emoji, in what was interpreted as a threat. What if a joke sent from an Apple user to a Google user is misconstrued because of differences in rendering?' << lel
asciilifeform: 卐 hande hoch! 卐
BingoBoingo: ;;later tell jurov pls to shares
gribble: The operation succeeded.
mircea_popescu: "a font can't change your interpretation of a letter" AHAHAHAHA OH MY FUCKING IEHOVA
BingoBoingo: <asciilifeform> this inevitably brings to mind the characters in BingoBoingo's links, who curse doctor for going to the root cause of bedridden maggot farm << See there was a purpose!
PeterL: you could make a custom font with each letter shifted (so my A looks like your B etc), right?
mircea_popescu: PeterL it's an application of idiotum per idiotius, really.
mircea_popescu: PeterL no. the "letters" you currently use are the result of FONT FLUCTUATION in the roman empire.
asciilifeform: PeterL: iirc winblowz used to ship with one such.
mircea_popescu: hence i/j
PeterL: aha, right, roman alphabet is just a transmutation of greek etc?
mircea_popescu: and hence numerous examples i'm too much of a business insider to bother fucking listing. who the fuck let these idiots write in the first place, they're an insult to the cattle that had to die for the vellum.
mircea_popescu: PeterL no, and leaving the greeks aside : one day some people decided to make an I that looked more like a J. sexier font, stylish, whatnot.
mircea_popescu: then the barbarians decided to hear distinction between i and j.
PeterL: same with U/V?
mircea_popescu: to this day "Exchange" in serbian is menjati, for this reason. two "i".
mircea_popescu: and yes, more or less same with u and v
mircea_popescu: BingoBoingo lol imagine, we made a fat loser with no friends hate rabbits.
shinohai: Soon it will be a federal crime to use handgun or assault-rifle emojis
BingoBoingo: Amazing Company!
phf: the whole font changes meaning take two is coming from the japanese. they were actively promoting this idea back during early unicode standardization days, where there was a strong drive to include every idiosyncratic version of kanji in the standard, because "that's how my family writes it in our last name".
mircea_popescu: the notion of unicode is fucking stupid in the first place.
mircea_popescu: the ~only~ way to get useful symbolics, which does mean STRICTLY standardized symbols, is to have very few of them.
mircea_popescu: azn illiteracy is no excuse for doing things wrongly, which is why colonialism and the rape of nanking are more sensible policies than whatever the fuck's going on presently.
phf: they have an encoding in circulation, that actually encodes text in terms of font glyph offsets, which was also the way emacs did it initially. the solution was written by japanese, was called MULE, and that was one of the first major flame wars naggum participated in. famously forked his own version, etc.
mircea_popescu: i can't comprehend why anyone'd summon the interest to care. the only correct solution is to insist strict latin set exists throughout, and otherwise they can all get fucked.
mircea_popescu: "retroactively changes the meaning of text". what fucking text ? strings including "emoji" ipso facto carry no meaning.
asciilifeform: бнопня вхрюк!
PeterL: perhaps should be "retroactively changes the meaning of the message"
mircea_popescu: dude that fucking thing... i loled all over again
mircea_popescu: <Ishamael[eager]> сам ты нахрюер
mircea_popescu: joke of the fucking year.
mircea_popescu: anyway, back to the romans : the whole "dickus maximus" bit in monty python is actually very strict scholarship. to the "rugged men of the fronteer", the speech of proper roman citizen sounded so fucking faggoty you can't imagine.
mircea_popescu: campiest of drag queens today barely matches.
BingoBoingo still really that Puget Sound Muslim Association was big enough news for Liztler to kill Buttfunex over it
BingoBoingo: *reeling
mircea_popescu: that may be not quite exactly what happened.
asciilifeform: i wrote to them
asciilifeform: just now.
asciilifeform: not expecting much.
asciilifeform: (the muslim assoc, that is, not shitfinex)
mircea_popescu: looks like a one-man-newsprop.
asciilifeform: 'Thank you for contacting us. We will look into this.'
mircea_popescu: meanwhile in other news, trilema has served 5.5 mn pages... this month.
mircea_popescu: what contemporary servers can do is pretty fucking shocking, for srs.
mircea_popescu: and it verifies and everything.
mircea_popescu: check out the deluge of comments. suddenly "the community" is showing itself to be eXACTLy
mircea_popescu: they have opinions on things, and the collected value of those opinions is nothing.
phf: ahaha
phf: that's beautiful
asciilifeform: holy mother of fuck, nlocktime ?
asciilifeform: 3, 2, 1, countdown to 'petition to miners to break softfork and mine it'
asciilifeform: spoiler: that 1000 can move into 1BitcoinEaterAddressDontSendf59kuE any time the 51% feels like it.
asciilifeform: 'If one tries to calculate a modular exponentiation with the base equal to the modulus (a^b mod a, code) it would return an error. If one tries to calculate a modular exponentiation with the base zero (0^b mod a, code) it would crash with an invalid free operation, potentially leading to memory corruption.'
asciilifeform: ' I just discovered a somewhat similar issue in Nettle. They switched their RSA implementation from GMP's mpz_powm() function to mpz_powm_sec(), which is supposed to be sidechannel resistant. However mpz_powm_sec() is no drop-in replacement. Unlike mpz_pown() it doesn't accept even moduli and crashes with a floating point error. Therefore when trying to use a specifically crafted RSA key with an even modulus this will crash. '
asciilifeform: ' A common way to speed up the calculation of RSA signatures is an algorithm based on the chinese remainder theorem (CRT) that splits it up into two smaller calculations. However if one of these calculations goes wrong an attacker can learn the private key. Last year Florian Weimer observed that various devices had this error and he could extract their keys. He recently mentioned...'
asciilifeform: $s weimer
asciilifeform: yes, him
asciilifeform: 'observed'.
asciilifeform: it gets better!
asciilifeform: 'The way the MatrixSSL team "fixed" the miscalculation issue is not really satisfying: They now restrict the input to the pstm_exptmod() function to a set of bit sizes (512, 1024, 1536, 2048, 3072, 4096). My test input had a different bit size, therefore I cannot reproduce the miscalculation any more, but the underlying bug is most likely still there. ... Despite the fact that the bug may be still there the CRT attack will probably
asciilifeform: no longer work. A protection mechanism against that was implemented in version 3.8.3. '
asciilifeform: typical 'protection'.
a111: Logged on 2016-08-03 03:05 fabio__: There has been quite a bit of noise about ECC NIST curves (nistp256, nistp384, nistp521) being tampered with by the NSA. I thought using ECC was all good if you don't use the NIST curves and instead use community approved curves like Curve25519 and Curve1174 by like DJB and friends, or other approved ones at
gribble: The operation succeeded.
mircea_popescu: asciilifeform i see you admire teh beauties yes.
asciilifeform: from same beauty contest as BingoBoingo's 'beauties'
asciilifeform: just encoded differently.
mircea_popescu: all beauty's just mud piles
mircea_popescu: merrily merrily merrily...
shinohai: $rate _FeltPen -1 My argument is you are just another redditard that sucks VC cock.
shinohai: $v 2D54080C8FB2A65B4A225D92C0737C87B6DC628B7BFAECC3BE734C8AAF78CB98
deedbot: shinohai rated _FeltPen -1 << My argument is you are just another redditard that sucks VC cock.
mircea_popescu: what's that all about
mircea_popescu: $up DaoSancho
deedbot: DaoSancho voiced for 30 minutes.
mircea_popescu: $up _FeltPen
deedbot: _FeltPen voiced for 30 minutes.
_FeltPen: thx!
deedbot: [Trilema] You are not a person ; and you don't get a vote. -
asciilifeform wrote to krebs, re khadeer
asciilifeform: iirc we haven't tried him yet
asciilifeform: perhaps a hole in the unbroken wall of stupid
_FeltPen: !register A7C8CC92707C479FF0BB80BE549A82E9DF24ABB6
gribble: (register <nick> <keyid>) -- Register your GPG identity, associating GPG key <keyid> with <nick>. <keyid> is a 16 digit key id, with or without the '0x' prefix. We look on servers listed in 'plugins.GPG.keyservers' config. You will be given a random passphrase to clearsign with your key, and submit to the bot with the 'verify' command. Your passphrase will expire in 10 minutes.
_FeltPen: shinohai - what's up the tweet?
asciilifeform: 'ACCIDENT!!!!'
shinohai: But hey asciilifeform still on front page!
trinque: _FeltPen: you are already registered with deedbot
_FeltPen: your failing at constructing a thought, shinohai - so disappoint.
_FeltPen: *you're
mircea_popescu: _FeltPen stop linking nonsense sm and explain stuff in plain terms before that half hour runs out
shinohai: Oh hai, I suppose you are merely another 21co fanboy that gets butthurt every time I point put how your $400 doorstop has no case, ad naseum
asciilifeform: mircea_popescu: pass the luck oil
mircea_popescu: mno, i think ima keep it all.
mircea_popescu: better lube than even baby panda tears.
_FeltPen: i'm trying to figure out what shinohai is randomly tweeting at me and making up shit about VC relationships that don't exist. a little confused atm.
asciilifeform inescapably recalls the 'chess oil' from sierra online's 'gabriel knight'
_FeltPen: what are you talking about shinohai? i don't have a 21co - i tend to root for folks that make things for this ecosystem.
shinohai: I'm sorry, I was unaware 21co actually made anything useful for this ''ecosystem"
_FeltPen: normally sanity lives here, so a little confused by your nonsense today.
asciilifeform: pigeon, we did not know, but turns out is a sculptor, MAKES THINGS for city statutes
asciilifeform: *statues
_FeltPen: who said anything about it being useful? i just said they made something.
mircea_popescu: asciilifeform hater.
mircea_popescu: shinohai _FeltPen do you two have anything more substantive of a beef than what one might have implied by what he might have said on facebook ?
_FeltPen: i hope . . . normally, i just lurk and learn. happy to keep doing that.
mircea_popescu: what do you do other than lurking ? ie, "for teh ecosystem"
shinohai: Besides getting trggered by a hashtag, for instance.
_FeltPen: speculate, write, research, buy coin, mine, etc. - usual stuff.
_FeltPen: tbf - haven't mined in a while, but i have a nice fleet of antminer S1s
mircea_popescu: where do you write ?
mircea_popescu: asciilifeform incidentally, "owned by whitening" is not altogether a bad theory wrt the null-entropy keys. ie, "they replaced rng with null-outputting one, never noticed because whitening". this, of course, doesn't explain why gpg would end up with null-generated keys, but whatevs.
asciilifeform: mircea_popescu: my best hypothesis is a) khadeer generated key with, e.g., 'jihadcrypt' b) winblowz gpg with the memcpy from rng nopped out by ???
mircea_popescu: seems more sensible.
asciilifeform: in other news,
asciilifeform: ^ papert dead.
trinque: asciilifeform: guy gets trotted out every shooting to "islam is not about this!" so one might suspect him as having a reason to have a bad key
asciilifeform: trinque: if fella is a stooge, no reason for him not to have ~normal~ pgp key with puppet master having copy of the private.
asciilifeform: why have the loud diarrheal fart ?
shinohai: "" and "dogecoin" tell me all I need to know.
_FeltPen: and what's that?
trinque: asciilifeform: maybe they want to find where messages originate without having to have the privkeys at the points of surveillance? but yeah, not clear
gribble: The operation succeeded.
asciilifeform: trinque: just about any scenario involving a stooge khadeer would make considerably more sense with a properly-generated pgp key
asciilifeform: of course, there is no degree of idiocy that could be wholly ruled out where usg is involved..
trinque: aha. might have to roach-brain harder
asciilifeform: $up fromphuctor
deedbot: fromphuctor voiced for 30 minutes.
asciilifeform: ...hello fromphuctor ??
fromphuctor: is phuctor's source code shared somewhere?
asciilifeform: fromphuctor: nope.
asciilifeform: fromphuctor: however, the factorings are reproducible - you can dump modili with 'pgpdump', and any bignum calculator - e.g., 'bc', or ordinary python repl, can multiply the factors.
asciilifeform: *moduli
asciilifeform: e.g., pgpdump -i pubkey.txt
fromphuctor: so when we can modulus N, how do you use bignum calc for it? don't you need to brute force 2^x -1 starting from 2^1023 ?
fromphuctor: *when we get
asciilifeform: fromphuctor: calculator is suggested here for ~verifying~ output of phuctor
fromphuctor: oh got it
fromphuctor: but to do the same thing youself, you need to bruteforce 2^x -1 == your N?
asciilifeform: if you're speaking of the latest experiment, we used fermat's method
mircea_popescu: not exactly ; the faq has some good links re this.
asciilifeform: which is ~more or less a brute force starting at sqrt(N).
fromphuctor: yup, that's what I meant. Thank you!
fromphuctor: so for this brute-forcing, don't you need a little bit of fast PC?
asciilifeform: fromphuctor: it parallelizes.
fromphuctor: on a single PC?
fromphuctor: or across net?
mircea_popescu: $s 256 gb ram
asciilifeform: fromphuctor: whichever you have. ~3.7M keys split nicely across N cpus.
fromphuctor: thank you for all the info
fromphuctor: one dumb question, would GPU do this operation faster? (I doubt it, but have to ask)
asciilifeform: fromphuctor: doubtful. afaik there is no bignum routine optimized for gpu
asciilifeform: nor would such a thing necessarily work especially well.
mircea_popescu: dependiong on your set-up, possibly. not very clear how.
fromphuctor: exactly
fromphuctor: you might end up writing your own bignum calc in GPU and still I'm not entirely sure it will be faster for this op in CPU
mircea_popescu: it might be cheaper, though, in terms of digit/dollar
fromphuctor: thanks again guys, I learned a lot in 10 mins :)
asciilifeform: mircea_popescu: doubtful, ram will be bottleneck
mircea_popescu: obviously a lot of the cpu is not really used to do bignum mults. a smaller lot of the gpu isn't.
asciilifeform: and obliterate the parallelism
asciilifeform: (gpu's ram)
mircea_popescu: asciilifeform which is why i say depends on the set-up. maybe something plouffe-esque could be had to fit it in tight ram
mircea_popescu: i have nfi.
asciilifeform: this kind of thing really begs for a cpu arch optimized for bignummery
asciilifeform: would be entertaining to see what ft meade's looked like.
mircea_popescu: symptomatic for the "we are the premiere science and tech world in the world", it dun exist.
asciilifeform: dun exist in the corner store.
mircea_popescu: in other lulz : "Although you can't get a list of all the fans of a Facebook Page, you can find out whether a specific person has liked a Page."
mircea_popescu: meanwhile, takes a non-idiot half an hour to fish them out.
asciilifeform: for l in lusers ...
asciilifeform: likes(l, p)
mircea_popescu: asciilifeform nothing that advanced/serious even. they leak it.
asciilifeform: is the skin worth the tanning ?
mircea_popescu: is the latrine worth the shitting ?
asciilifeform: fromphuctor: in case you didn't know - fermat's method is not an effective way to attack a properly-generated rsa modulus
fromphuctor: I know that, it works well only on non-properly-generated rsa modulus, which is easily factorizable by 2^x -1
asciilifeform: well no
asciilifeform: nothing to do with powers of 2
asciilifeform: rather, with moduli where the two factors are quite close together
asciilifeform: (and, ergo, to the square root of the mod)
mircea_popescu: it's just "bruteforce from a conveniently chosen spot", mostly.
asciilifeform: an rng firing blanks and leading rsa key gen to spit out the square of a prime immediately following a power of two, is simply one way to arrive at such.
fromphuctor: I see. so for this to work, two factors should be close to each other. So nothing todo with 2x-1?
asciilifeform: fromphuctor: << example of rsa key generation, as seen in gpg
a111: Logged on 2016-08-03 04:25 asciilifeform: mircea_popescu: << relevant excerpt. gpg 1.4.10.
asciilifeform: ;;later tell ben_vulpes your wotpaste gizmo mangles c code, e.g.,
gribble: The operation succeeded.
ben_vulpes: asciilifeform: does the mangling show up in ?raw=true?
ben_vulpes: also pls to characterize mangling
asciilifeform: ben_vulpes: diff the raw and standard views of linked piece.
phf: ben_vulpes: your non raw version does not escape html, so it parses #include <header> as a tag
mircea_popescu: do a /</&lt;/ shoulod be ok
ben_vulpes: gross.
mircea_popescu: html bish.
ben_vulpes: i'm rather tempted to simply nuke the html view.
ben_vulpes: pointless complexity.
mircea_popescu: i never use it
mircea_popescu: shouldn't be default anywya.
ben_vulpes: i'm glad we all agree
asciilifeform: shinohai: perhaps he finally found that oil well.
asciilifeform: or what was it he went prospecting for.
shinohai: gold?
shinohai: Or something metallic in nature
mircea_popescu: i thought he was raising a kid
shinohai: Even better reason to be preoccupied
shinohai: ;;later tell BingoBoingo
gribble: The operation succeeded.
mod6: good evening
mircea_popescu: hola mod6
mod6: how goes?
mod6: im 'bout to build v0.1.2b here.
mircea_popescu: o hey neat!
mircea_popescu: lemme know how it goes
mod6: will do, just about got all the deps dl'd.
deedbot: [Qntra] Unveils Ether Cleaver -
mircea_popescu: $up Nordic
deedbot: Nordic voiced for 30 minutes.
Nordic: :D Thanksies, and evenin' people.
mircea_popescu: hello. who might you be ?
Nordic: How do i answer that, lol. Norwegian dude, interested in the cryptoscene.
Nordic: Also very entertained :D .. today has been a funny day.
mircea_popescu: pretty much every other day is
Nordic: I see some "known" nicks from slacks here
shinohai: ty BingoBoingo
BingoBoingo: ;;bc,stats
gribble: Current Blocks: 423560 | Current Difficulty: 2.0189321085305896E11 | Next Difficulty At Block: 425375 | Next Difficulty In: 1815 blocks | Next Difficulty In About: 1 week, 3 days, 22 hours, 24 minutes, and 34 seconds | Next Difficulty Estimate: None | Estimated Percent Change: None
BingoBoingo: ;;ticker --market all
gribble: Bitstamp BTCUSD last: 565.57, vol: 15204.58183312 | BTC-E BTCUSD last: 566.5, vol: 11751.78284 | BTCChina BTCUSD last: 559.612394, vol: 244120.33970000 | Kraken BTCUSD last: 569.388, vol: 4297.53924609 | Volume-weighted last average: 560.387831839
BingoBoingo: Oh, recovery
a111: Logged on 2016-08-04 00:13 Nordic: I see some "known" nicks from slacks here
BingoBoingo: Deviant IRC a-like but not really
BingoBoingo: Or pants
BingoBoingo: Hard to tell
asciilifeform: BingoBoingo: yes, but which? 'slack' is a corporate aol-like chat
BingoBoingo: Oh prolly luke-jr midnightmagic maybe hegemoOn ??
ben_vulpes: fuck software, it's time for a new scam.
ben_vulpes: i'm thinking dig olivine out of the earth, blow co2 over it, and sell carbon credits.
mod6: mircea_popescu: works good! followed the guide pretty much exactly. just the version numbers need to be updated in the wiki, and the link to the binary.
ben_vulpes: operate as a triple-bottom-line corp, strive to lose money, and sell stock on an ongoing basis to 'ethical investors'
mod6: but, yeah, solid!
ben_vulpes: for bonus points, capture some amount of the heat generated from the exothermic co2 sequestration process
mod6: (built on african linux)
mircea_popescu: only took me ~10 minutes also, pretty smooth.
mod6: werd. Saw you were in there mowin' the lawn.
mod6: :D
mircea_popescu: lol yah.
mircea_popescu: ben_vulpes your scam's noobish!
shinohai: "He is a very good person and had nothing to do with the hack"
asciilifeform: in other noose,
asciilifeform: ^ the champion ^
asciilifeform takes off hat
shinohai: this is the epitome of shitposting, the whole site
asciilifeform: ^ 5,431
mod6: haha
mod6: "Public Exponent 35 is NOT PRIME!"
asciilifeform: mod6: dupe champ
mircea_popescu: lol "he is a very good person"
mod6: <+asciilifeform> mod6: dupe champ << was that thte total dups counted below? 5`431?
mircea_popescu: what the fuck does that mean, he failed to ? that doesn't make him a "good person", that makes him a fucking shitstain.
a111: Logged on 2016-08-03 14:38 mircea_popescu: nobody ever told 20 yo girly, in her 16 or so years of active intellectual life to date, that she's fucking untalented and needs to go do something she can actually do.
mircea_popescu: could it be called da tao ?
BingoBoingo: ;;laserkittens
gribble: ุ ₍˄.͡˳̫.˄₎ ุ ┌━ ┄ ┄ ┄ ┄ ┄ ┄ *pew*
phf: "U.S. Team Wins First Place at International Math Olympiad (" first win, entire team is chinese, hmm
ben_vulpes: well that didn't render in my irctron
asciilifeform: on the other end of the stick, there are 8914 256/384-bit (trivially broken) mods.
asciilifeform: bbbbutt boeck HIMSELF vouched for shitoshi!!1111
asciilifeform: (he did.)
BingoBoingo: asciilifeform: GQ piece comes out sometime in the next 24 hours for further lulz
BingoBoingo cleans gasmask and zeroes dosimeter
asciilifeform: << yes, specifically of that one.
a111: Logged on 2016-08-04 01:20 mod6: <+asciilifeform> mod6: dupe champ << was that thte total dups counted below? 5`431?
phf: "because i turn up and it’s not fucking not anonymous anymore. i’m not just some guy in the crowd ever again." цыпа такая цыпа. зашкварился, теперь под петухами всю жизнь ходить
BingoBoingo: phf: He could always go to San Diego and jack it.
← 2016-08-02 | 2016-08-04 →