deedbot: http://thestringpuller.com/2016/10/thug-motiviation-101-applied/ << Pull Your Own Strings - Thug Motiviation 101 Applied
mircea_popescu: !!up oama
deedbot: oama voiced for 30 minutes.
mircea_popescu: thestringpuller and how do you propose the buyer "not let the supplier leave" ? unequal relationship, the supplier is the supplier, the buyer can run the gamut from the lowest upwards, so.
shinohai: localbuttcoins is truly a convoluted way of obtaining btc
mircea_popescu: !!up oama
deedbot: oama voiced for 30 minutes.
oama: still here mircea_popescu? you haven't convinced the argentinians to make you their dictator yet?
mircea_popescu: i dun wanna be the king of cattle.
mircea_popescu: how's ladyboyland ?
oama: hot and humid
mircea_popescu: "vaginal"
mircea_popescu: shinohai what the everloving fuck, handmade sks ?
shinohai: ikr
mircea_popescu: by a guy who "only has access to pc on weekend" ie, is 12 irl ?
shinohai: I should feed all dem keys into phuctor
oama: maybe that's why they all aim to have vaginas?
mircea_popescu: shinohai bet you we have them, but if you do - plox script for the love of all that's holy. bash-curl even.
mircea_popescu: oama i thought they just aimed to suck the dick.
oama: that too
mircea_popescu: in other "holy shit open source" news : to run a linux repo, you must provide... md5hashes for the stuff, because... apt-get wants it. fancy that. and by default you get that and sha1. because it's fucking 1995 and there's a thousand fly eyes!
PeterL: do we need to make a republican version of apt-get now?
mircea_popescu: no, burn the whole thing. v is enough.
PeterL: linux repo in v?
mircea_popescu: also in lulz, red hat does not package rhash. at all. you want keccak on your system, use the buggy openssh implementation!
mircea_popescu: PeterL all software belongs in v and nowhere else.
mircea_popescu: and in other fucking lulz http://archive.is/YOQ4U
mircea_popescu: anyone have any idea how to do sha-3 in centos ?
mircea_popescu: for the love of christ.
asciilifeform: or build their c reference proggy.
mircea_popescu: yes. because this is why fucking weimer exists, so anything you need you build from source. then PeterL can wonder if "linux repo in v".
mircea_popescu: IN WHAT THE FUCK ELSE
mircea_popescu: fucken bullshit.
asciilifeform: hey wasn't it mircea_popescu who (correctly) pointed out that there are no usable gold teeth in executed usg corpses. and now he's trying to salvage rathead linux ??
mircea_popescu: legacy fucking sytstems
mircea_popescu: for the past five fucking years, nearly, i've been in the process of getting rid of the crap
mircea_popescu: and i'm still not done.
mircea_popescu sings... for the water is wide, i cannot get o'er
mircea_popescu: neither have i
mircea_popescu: wiiiiiiings to flyyyyyy
asciilifeform: !!key kmalkki
asciilifeform: !!rate kmalkki 1 coreboot maestro
deedbot: Get your OTP: http://wotpaste.cascadianhacker.com/r/h089d/?raw=true
asciilifeform: !!v 2858810A09E13E28CDCA83155877499E99905A51C93CD7909A7DD840FA53C04A
deedbot: asciilifeform rated kmalkki 1 << coreboot maestro
mircea_popescu: welcome.
mircea_popescu: !!rate kmalkki 1 coreboot
deedbot: Get your OTP: http://wotpaste.cascadianhacker.com/r/45p2d/?raw=true
mircea_popescu: !!v EB71EA3ABADCAB6F6A6DFB5A4D788ED7D785907CD4B350B533BD033CDBEE104F
deedbot: mircea_popescu rated kmalkki 1 << coreboot
kmalkki: smartprobe binaries now as ELFs with symbols... mostly
mircea_popescu: where ?
kmalkki: on my desktop.. what's your favorite anon share
mircea_popescu: can put in http://wotpaste.cascadianhacker.com/ or else make a v out of them i guess.
mircea_popescu: though the later prolly premature
mircea_popescu: if you sign them, they can also go into deedbot's list
mircea_popescu: as seen on http://deedbot.org/
thestringpuller: mircea_popescu: in my experience you don't. it's more of a final warning. if the supplier tries to bail early, it's usually a setup of some kind.
thestringpuller: i really should change it. thx.
mircea_popescu: more like a sign that the setup's done as he no longer cares what you think.
thestringpuller: gotta case the trap spot first. honestly with street trapping you should have a shadow or two...some muscle...but I didn't want to imply i endorse violence in the article
thestringpuller: http://btcbase.org/log/2016-10-06#1553536 << i use it to find the plug. people as close as possible with regular access to clean btc with no KYC links. based on dealings in our good 'ol city I think there is a small underground miner consortium.
a111: Logged on 2016-10-06 12:33 shinohai: localbuttcoins is truly a convoluted way of obtaining btc
shinohai: mircea_popescu: this is nearly everyone besides a few which sed ate, but nearly all are keybase.io http://wotpaste.cascadianhacker.com/pastes/2gmzb/?raw=true
shinohai: so I'm willing to bet phuctor has em already
mircea_popescu: anyway, i AM mildly curious how many here present can actually calculate sha-3 512 (ie, keccak) from command line.
mircea_popescu: shinohai aha.
shinohai: Doesn't rhash do that?
mircea_popescu: do youy have it ?
mircea_popescu: because if you don't have it it doesn't do that ; and from a cursory inspection it turns out NOBODY packages it. because why would they, usg has its own designs.
asciilifeform: mircea_popescu: there was a reason i did not use sha3 in the lamport tutorial.
mircea_popescu: sucks.
thestringpuller: from other lulz: http://www.telegraph.co.uk/technology/2016/10/06/spotify-has-been-sending-computer-viruses-to-listeners/
mircea_popescu: and in other passtimes, http://67.media.tumblr.com/b0db55c8f2e3d557b27d184023d4b93c/tumblr_mt72waEt5p1s7ejhlo1_500.gif
shinohai: When Vinny says pay, you pays bitch.
mircea_popescu: aye
PeterL: https://www.gnupg.org/faq/gnupg-faq.html << "If you need more security than RSA-2048 offers, the way to go would be to switch to elliptical curve cryptography not to continue using RSA." hmm, interesting
PeterL: "RSA-4096 is not a bad idea: its just, generally speaking, unnecessary. You gain very little in the way of additional resistance to brute-forcing and cryptanalysis."
PeterL: aha, this is the actual reason I was looking through FAQ: "SHA-3 is a completely new hash algorithm that makes a clean break with the previous SHAs. It is believed to be safe, with no warnings about its usage. It hasn't yet been officially introduced into the OpenPGP standard, and for that reason GnuPG doesn't support it."
PeterL: https://pthree.org/2014/04/30/sha3-keccak-in-linux/ << mircea_popescu it looks like rhash does do this
PeterL: from rhash -h : "--sha3-224, --sha3-256, --sha3-384, --sha3-512 Calculate SHA3 hash sum."
phf: i get this on local machine
phf: echo foobar | rhash --sha3-256 -
phf: 9c5bbf00bb6103c7f3d91fe598489725341010b8d0785274029d4645c34ebe9c (stdin)
PeterL: hmm, I get ec7f27c2fb6588d30116d0abd380354bd73b9100e4ad2520c099c0716895ca70 (stdin)
PeterL: shouldn't they be the same?
trinque: wat
phf: kek
PeterL: rhash v1.3.1 here, you?
phf: 1.3.3
phf: fwiw i tried both echo foobar and echo -n foobar
trinque: was just about to ask if one of you was using a weirdo shell
trinque: with warped echo
trinque compiles rturd
phf: we need a tie breaker
trinque: % echo foobar | ./rhash --sha3-256 -
trinque: 9c5bbf00bb6103c7f3d91fe598489725341010b8d0785274029d4645c34ebe9c (stdin)
trinque: clearly all PeterL's fault
PeterL: should I be worried that I am getting a different value?
shinohai: just got back, I get:
shinohai: 9c5bbf00bb6103c7f3d91fe598489725341010b8d0785274029d4645c34ebe9c (stdin)
shinohai: so same as trinque
trinque: SHA512 (rhash-1.3.3-src.tar.gz) = 0ac1699a0e5718b750610cd6189d9d582186d7e17191e3723a994559c8f9c6ea7e0d34825da0c96fd0fc6be3e14b5f44ce7a21d17156cdfce3f0e3e4ff09389e
trinque: PeterL: worth figuring out eh? even if it's pebkek
shinohai always userd rhash to create torrent files
shinohai: !~later tell BingoBoingo http://ix.io/1tIO
jhvh1: shinohai: The operation succeeded.
PeterL: 9c5bbf00bb6103c7f3d91fe598489725341010b8d0785274029d4645c34ebe9c (stdin) << must be something to do with the older version I got from apt-get, with newer version I get this hash
PeterL: now, how do I go about removing the old version and replacing it with the new one I just built?
shinohai: apt-get autoremove rhash
shinohai: if you built from source it will leave that in /home/ or wherever
PeterL: I learn so much hanging around here!
shinohai: now you can copy the one you built to /usr/local/bin and good to go
PeterL: what's the difference between /usr/bin and /usr/local/bin ?
diana_coman: rhash actually has make install...
shinohai: oh thats true
trinque: PeterL: /usr tends to contain items considered part of your distribution, /usr/local contains 3rd part or "contrib" items
trinque: though this distinction has gotten pretty muddy over the years
trinque: on openbsd for example, /usr contains things shipped with the release. anything installed from ports is in /usr/local .
trinque: then there's /opt which roughly translates to "fuck it, I'm putting this turd all by itself in say /opt/rhash-1.3.3/"
trinque avoids discussing /var lest he have an aneurysm.
shinohai: http://archive.is/dsW46 <<< handy pic of what a bf that attempts to pull stuck vibrator out of gf's ass with salad tongs looks like.
trinque: http://archive.is/dsW46#selection-965.0-965.33 << ahaha now it's a cause.
shinohai: No woman should ever have to have a buttplug irretrievably lodged in her ass again.
trinque: I can only assume "go in through my stomach" is "abdomen" for the anatomically illiterate.
trinque: since this is probably clickbait fiction, they should rewrite it in a month with the dude playing lead. it'd be funnier.
ben_vulpes: trinque: tell us about /var
trinque: thing's overrun with autistaxonomy n-levels deep, because the filesystem is a terrible database.
trinque: /var is meant to be mutable state, as opposed to static-at-runtime state in /etc
trinque: but y'know CUPS writes to /etc/cups/printers.conf all damned day, because fuck you.
phf: when i learned unix from graybeard, i was actually told things like "have your etc mounted read only for day to day operation, have your var on separate drive since that's where all the thrashing is" etc.
trinque: yep, not a terrible thing to mount whole root r/o
trinque has a bigger problem with every unique graybeard snowflake inventing his own format inside /var
trinque: so when I want to "join" across all this data I get to munge strings like some barbarian
mod6: haha
ben_vulpes: CUPS haha
mircea_popescu: PeterL i'll ask you what i asked him : does it do it on your box ?
PeterL: I am confused, yes it does
mircea_popescu: then ok ; but it doesn't exist on plenty of boxes and in most distros - is the point.
mircea_popescu: (and from looking through the log - no, it didn't. but anyway)
PeterL: because I just installed it
mircea_popescu: ikr?
PeterL: but it is relatively new, so that is why you have to manually add it, right?
PeterL: eventually all the open source guys will get around to adding this to thier packages
mircea_popescu: in one interpretation.
ben_vulpes: aww PeterL
mircea_popescu: they don't seem to take very long in adding the official usg holes to "their" packages.
ben_vulpes: that's either very charitable or very naive
ben_vulpes: or very sarcasatic.
PeterL: did I forget the sarcasm tag again?
ben_vulpes: hey, midwesterners use mayo as a food base, i have nfi when y'all are joking
PeterL: so, this gets added to "tmsr distro"?
PeterL: I thought it was the cajuns that made everything out of mayo?
mircea_popescu: shinohai why does that student look 45.
PeterL: maybe she went back to school?
mircea_popescu: mebbe.
mircea_popescu: phf lol graybeard trying to emulate vax on micro ?
mircea_popescu: and in other "practical lessons in redundancy", http://66.media.tumblr.com/8eb17a81724f99bdd761115606b6cee5/tumblr_nhsz38o5MS1u2tjfmo1_500.gif
mircea_popescu: "research indicates coffee made from capsules contains significantly more furan than drip or boiled."
mircea_popescu: i suppose no marketing budged to pay for this awareness, however. gotta find better awarenesses.
PeterL: "lets run our boiling hot water over some random plastic bits, what could possibly go wrong?"
mircea_popescu: it's actually from the coffee.
mircea_popescu: furan is a degradation product ; mostly driven by thermal shock.
PeterL: would that also apply to cappucinos?
mircea_popescu: to a slighter degree. and to microwaves. and so on.
mircea_popescu: http://www.tandfonline.com/doi/abs/10.1080/02652030701551842?journalCode=tfac20 for the passionate.
diana_coman: mircea_popescu> then ok ; but it doesn't exist on plenty of boxes and in most distros - is the point. <- ubuntu 14.04 at least actually has it
mircea_popescu: a does it ?
diana_coman: apparently previous version of ubuntu should have it too https://launchpad.net/ubuntu/+source/rhash
PeterL: "brewing by an espresso machine caused significant loss of furanic compounds." < from another study on mircea_popescu's link
diana_coman: so yeah, from ubuntu 12.04
trinque: could ship a statically compiled rhash.
trinque: there is an example with the rpm target in the Makefile using ADDLDFLAGS, should also work with target "all"
PeterL: why not build from source?
mircea_popescu: 10.04 definitely doesn't have it, fwiw.
diana_coman: that being said, it is from "universe" aka not "officially" supported
trinque: PeterL: I just proposed that.
PeterL: I guess I misunderstood what you proposed
mircea_popescu: if you ship a statically compiled rhash that'd be a binary neh ?
trinque: sure if he meant end user of Eulora compiles. I understood that most of them download binaries.
mircea_popescu: ah, this is only vaguely related to eulora ; inasmuch as i've decided to keep snapshots of known-good linuxen and in the process discovered the horribru state of "open source" opsec
mircea_popescu: ps. you'd be surprised just how many installs are secured by a md5 hash. do check what happens if you disable it ; or try to use a repo with it disabled.
trinque: got it, and yes.
mircea_popescu: and by now md5 collisions are subsecond affairs even without significant gear / investment.
mircea_popescu: (because src allows comments, this literally means ANYTHING could be in that file that "matches" md5 signature)
trinque: meanwhile gentoo, which obviates the whole F35^H^H^Hdebian-style build infrastructure, bloats by the day
trinque did another base install of gentoo the other day, was something like 1.5-2gb
mircea_popescu: what the fuck.
trinque: gotta have like two pythons, a perl, can't remove scads of doc/info/sgml(WHAT?)/man pages in-band, god knows whatever else
mircea_popescu: ....
ben_vulpes: trinque: can you install an ancient gentoo?
mircea_popescu: none of these is 2gb wtf
trinque: ben_vulpes: I'd rather freeze an openbsd and steal portage from gentoo
trinque: farting around with that still.
mircea_popescu: diana_coman of course the q now is, if it has it or "has" it, like seen above with PeterL 's experience with a v 1.3.1 that fraudulently misrepresented sha2 as sha3
mircea_popescu: tension, apprehension and dissension long ago began.
diana_coman: mircea_popescu, and right you are, ofc
diana_coman: it's version 1.3.1 in the repos from what I see
mircea_popescu: whell.
mircea_popescu: this then would qualify as "not has it".
diana_coman: indeed; not has it then it is
PeterL: I don't think it matched up with sha2 either
mircea_popescu: whole fucking termite nest, in all places and everywhere, THIS paper thin. "it has it, o wait dun look closer".
mircea_popescu: from littoral combat ships to convenience paper cups, all the way and whichever way. the usg way!
asciilifeform: mircea_popescu: one of your earlier links contained yet another 'happy surprise' - there are TWO INCOMPATIBLE keccaks floating around, by decree of His Putrid Majesty, one of'em is simply the normal keccak but it appends a constant turd to the input (nfi why)
PeterL: http://ethereum.stackexchange.com/questions/550/which-cryptographic-hash-function-does-ethereum-use << more confusion
diana_coman: only latest version of ubuntu claims to have 1.3.3-1 rhash but by this time I'm not even sure that is what it claims anyway
mircea_popescu: PeterL it's sha-256 long, but you're right, not the correct value
mircea_popescu: asciilifeform doh.
mircea_popescu: diana_coman 1.3-3.1, get it ? it's a palindrome!
mircea_popescu: asciilifeform well you could venture a guess.
diana_coman: lol
mircea_popescu: and i'm going to write up that " "If you need more security than RSA-2048 offers, the way to go would be to switch to elliptical curve cryptography" nonsense ; because it's getting ridiculous
mircea_popescu: hm, anyone recall the "the canonical 'specificity of diddling theorem' article." as per http://btcbase.org/log/2015-05-30#1148301 ?
a111: Logged on 2015-05-30 04:04 asciilifeform: mircea_popescu: y'know, at some point one of us needs to write the canonical 'specificity of diddling theorem' article.
mircea_popescu: i guess ima go with http://trilema.com/2013/how-to-airgap-a-practical-guide/#selection-89.209-89.346
ben_vulpes: iirc there is no canonical specificity of diddling article
ben_vulpes: but that's the best i've found as well.
mircea_popescu: alright.
deedbot: http://trilema.com/2016/werner-koch-lies/ << Trilema - Werner Koch lies.
BingoBoingo: * trinque avoids discussing /var lest he have an aneurysm. << /var is great. Most stuff belongs there!
trinque: lets separate things properly here
trinque: having a partition for run-time mutable state sounds great
trinque: one could have that and impose some rigorous structure over the damned thing too
trinque: and /etc for that matter
shinohai: Todays ebay scam brought to you by the US Army http://archive.is/Mcf5H
trinque: insert into `/etc/hosts` (ip, hostname) select ip, hostname from `/var/db/dhcp.leases`; << the only reason this (represented in *any* syntax, has nothing to do with SQL itself) isn't possible is that "freedom" plus autism equals makework
trinque: a pile of cleartext sexprs manipulated through a transactional constraints checker would be superior, even, to the relational example.
mircea_popescu: freedom plus autism equals makework eh ?
mircea_popescu: trinque i think you're on to something.
mircea_popescu: shinohai i lullzed.
shinohai: Do all scammers have only a 3rd-grade education now? Seriously, ebay of all places.
mircea_popescu: the cattle regards the fence as "part of its environment". it endows it with basic assumptions of fairness etc derived from the "fact" that it & its fellow moos still moo.
mircea_popescu: just like they don't suspect the rain of being radioactive ; they wouldn't suspect ebay of being run by you know, someone.
mircea_popescu: "it just is."
deedbot: http://qntra.net/2016/10/us-tax-department-busted-by-indian-police/ << Qntra - US Tax Department Busted By Indian Police
mircea_popescu: "although no word was available as to whether any iTunes gift cards were recovered the haul" BingoBoingo ?
mircea_popescu: and in other kim gageshian news, https://lh5.googleusercontent.com/-q7nOPKd9m3I/UsaZLZA1beI/AAAAAAAAASc/GcTx92XVbHI/w800-h600/KimKardashianMuzzleGagged.jpg
shinohai: You haven't got a call from a Preet asking you to pay fines with an itunes giftcard?
mircea_popescu: no it was John ford-kerry or w/e ketchup firm they named him after.
shinohai: I guess they figure they need to send the big cheeses after you.
mircea_popescu: it's not a cheese it's a ketchup im telling you.
mircea_popescu: did we have https://eprint.iacr.org/2015/1000.pdf here btw ? asciilifeform ?
shinohai is going to start offering pdf to text conversions as a service
mircea_popescu: for srs
asciilifeform: mircea_popescu: pretty sure we did, it's a nadia heninger
BingoBoingo: mircea_popescu: fxd, ty
thestringpuller: preet just called, he wants his defendent back.
BingoBoingo pretty sure that is the wrong cart for that load https://i.imgur.com/qE6kGWQ.jpg
BingoBoingo: "I bought this toilet and it already had shit it it!"
mircea_popescu: asciilifeform tacked on yeah. but iirc we didn't.
shinohai: !~later tell diana_coman http://ix.io/1tOB
jhvh1: shinohai: The operation succeeded.
asciilifeform: mircea_popescu: it was in crypto-'13. iirc, the original 'here is how much amazonium it takes to break n-bit rsa'
mircea_popescu: this is a 2015 re print
asciilifeform looks
asciilifeform: ah this is the one where they added 'and now it costs ~ a hundy, and plenty of idiots still remain to whom to do it'
shinohai: Apparently a new round of DoS attacks on ETH ... this time on *parity* clients
mircea_popescu: aww.
mircea_popescu: but i thought come at me bro!
shinohai: Well, they asked for it
mircea_popescu: i dunno anything makes one so happy as derps who dunno when to quit.
mircea_popescu: particularly well fed by this entire "you are a special snowflake and have rights and nobody can ever rape you"
mircea_popescu: + of course the "money is of no consequence, plenty of things more important '''in life'''" bit, not to mention the "you gotta just keep faith and hold out forever!" etc.
mircea_popescu: usg is the ultimate lolcow factory.
shinohai: As long as I have a gas station to work in, I can ride out teh storm and keep huffin'
mircea_popescu: werd.
mircea_popescu: meanwhile in "productive travel" news, http://66.media.tumblr.com/acaf02eb8ff46c553e67bab94dd775ad/tumblr_mkgnh7mKc91rubadgo1_1280.jpg
mircea_popescu: get the whole couchette compartment is still the best way to travel
shinohai: What a lovely posterior
mircea_popescu: nature helps teens.
deedbot: http://cascadianhacker.com/least-effort-signups-in-django << CH - Least-Effort Signups in Django
mircea_popescu: what the fuck is an automatic login.
ben_vulpes: what the fuck is a password
ben_vulpes: mircea_popescu: elaborated upon
mircea_popescu: what's to elaborate, i have nfi what the guy you quote wants to do.
shinohai: http://archive.is/VkjX4 <<< nothing like free booze to lube the blocksize debate
trinque: he's also way too fuckin excited about django
trinque: should always come off like you're clearing your throat the morning after a moonshine bender
mircea_popescu: shinohai "will you give a shit ? let us know in comments below". apparently they forgot to add to the pinoy workorders, because about as empty as evan fraggart's gaze.
mircea_popescu: "senior editor of bitcoin.com", 17yo.
shinohai: Hey it's hard to find any decent help when you recruit from reddit, even if you do supposedly have millions in btc
mircea_popescu: guess so.
mircea_popescu: amusingly, this is almost exact replay of a story 4 years old. aanyway.
shinohai: I loll'd at his tweet earlier this morning, so ecstatic that they have 1% of all mining power on their phork
shinohai: IT'S HAPPENING
mircea_popescu: 1% today, two percent tomorrow!
ben_vulpes: WE! ARE! THE ROGER VER PERCENT!
ben_vulpes: (tm)(r)(occupy*)
shinohai wonders why he doesn't call his fork "Bitcoin Uncensored"
mircea_popescu: i need roger ver percent because i don't want beer to dictate my body shape!
deedbot: http://trilema.com/2016/body-heat/ << Trilema - Body Heat
deedbot: http://www.contravex.com/2016/10/06/voltaire-money-adnotated-part-2/ << » Contravex: A blog by Pete Dushenski - Voltaire. Money. Adnotated. Part 2.
mod6: does anyone else have this issue running asciilifeform's lamport example diff commands? http://dpaste.com/00VJ9E2.txt
asciilifeform: mod6: it's a wordpress idiocy
asciilifeform: try as i might, i was unable to zap the space between the < and (.
asciilifeform: 'diff < (./lamport_decode.sh sha256sum pubkey.txt < encoded.txt)' should be 'diff <(./lamport_decode.sh sha256sum pubkey.txt < encoded.txt)' .
asciilifeform: (possibly not wp per se, but the plugin i used to format code fragments. i fought with it for a while, and gave up)
mod6: ah got it.
mod6: yup works if i use it like: diff <(./lamport_decode.sh sha256sum pubkey.txt < encoded.txt)
mod6: anyway, onwards and upwards.
asciilifeform: because that is the correct syntax. the other - rubbish.
trinque: mega-useful and syntactically befuddling sugar for bolting the command inside to a fifo and passing as argument
BingoBoingo: <mircea_popescu> i need roger ver percent because i don't want beer to dictate my body shape! << For eight easy payments of cyan dollars you too can be Roger VERified media Impire editeroror