Hide Idle (>14 d.) Chans


← 2017-04-12 | 2017-04-14 →
mircea_popescu: !!up xhiggy
deedbot: xhiggy voiced for 30 minutes.
xhiggy: anyone here?
ben_vulpes: 37 seconds from join to up, just shy of two minutes from up to first line, ~same from first line to quit
mircea_popescu: canadians.
mircea_popescu: "* A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged user able to set the HDLC line discipline on the tty device could use this flaw to increase their privileges on the system. (CVE-2017-2636, Important)"
mircea_popescu: did we do this ?
Framedragger: mircea_popescu: i don't think so, and i thought about linking this, too heh (need to update/patch kernels if they are < 4.5)
Framedragger: it's great fun!
mircea_popescu: real men don't multiuser linux boxes.
Framedragger: ohno wait this is something else.. i was planning to link https://nvd.nist.gov/vuln/detail/CVE-2016-10229
Framedragger: << this one *does* apply to everyone < 4.5 i think
Framedragger: multibugs for multiusers
Framedragger: (the latter is a proper RCE)
Framedragger: ^ fuckload of android sheep affected. did i hear, 'another internet survey?'
trinque: All those pnojes will be lost in time, like tears in rain. Time to die.
mircea_popescu: they support the last flimsy pretense of public participation, you realise. about half the general population is functionally illiterate, will spend all their social time inthe day clucking at the things for literal lack of alternative options.
Framedragger: trinque: sounds like a line from a text based adventure game :)
Framedragger: ahh blade runner
trinque: did they make one? it was Blade Runner, Do Androids Dream of Electric Sheep in tree form
mircea_popescu: the options died because of the classical giant-sits-in-chair. in the decade intervening, bars went out of business, and people who knew how to run a bar moved on. it's not like the sheeple will raise up and RECONSTRUCT THE PUB.
Framedragger: ah nice.
mircea_popescu: so, once they go into the night, that's it. 4 concrete walls.
mircea_popescu: same model repeating itself over and over and over again. oh, the ancient world where slave talked to woman talked to husband talked to headsman talked to senator was humiliating and inequalitarian ? let's flatten it into a system where 1% talk to the senator (1000% increase over the 0.1% of yore!!11) and the rest talk into an empty takeout box. PROGRESS!!!1
mircea_popescu: and besides, only terrorists would notice that moving from moderated but present inclusion of everyone towards absolutely exclusiuon of almost everyone is no fucking improvement in public access. what, comparisons ? RACIST!!1 thinking about things ?!!?!? MYSOGINY!!!11
trinque: that trilema was one of the more world-altering ones for me, where you described that the hierarchial social model actually gave better odds for the lower branches to be heard. not that this by itself is the most important thing, but rather that look, sense works better for everyone because it is sense.
mircea_popescu: yeah. see, in 1617 the clerk interesterd could go ask the peasants, and if nobody did it was ~an option~ of theirs, which they could remedy or alter. today, pollster is going to talk to peasant's phone which'll tell him moot is to be nytimes man of the year, and he'll call the observation that inexplicably hillary clinton had no support, polls notwithstanding, "Fake news". this is NO LONGER AN OPTION OF HIS.
mircea_popescu: huge fucking loss in human control over human affairs, and meanwhile the idiots are sitting around worrying about "Evil ai". hey, guess what, you don't need the ai to fuck you over.
mircea_popescu: somehow the fact that i can make the phones ( or solar panels, or fridges/cars/whateverelse) read absolutely anything i wish while the poor fuckers supposedly so represented have exactly 0 recourse and 0 alternative is of no concern ; meanwhile the deeply inept conclave of imbeciles is happy and patting each other on the back ebcause hey, they stole a botnet! worth 2-3mn ie nothing! IT WAS ALL WORTH IT!!11
mircea_popescu: idiots, no more can be said, what.
mircea_popescu: back in 1938 THIS https://www.youtube.com/watch?v=SjJry0vhHj4 was a fucking thing. why ? i have no idea, because a black woman lost her fucking basket. who cares, what difference does it make ? i dunno, none that anyone can discern. NEvERTHELESS!!!!! there she is. she's there. with her stupid basket that only could possibly matter to her. yes, "and half a million black women entirely indistinguishable from her", but this as a
mircea_popescu: natural fact not as an outside enforcement.
mircea_popescu: today it's "here's a deck of representational trading cards, pick one to think you are, and we'll be reprersenting... the card!!! and therefore (?!?!?) you".
mircea_popescu: do you wanna be a kimkardashialladin or a meganfoxarrior ? or perhaps a transgenderogue ?
mircea_popescu: deck's got it fucking all, max aoe, max dps, defense buff, you name it! and don't fucking go "wtf is all this dumb shit" because that's self-radicalizing!!11
mircea_popescu: there's a rather tremendous difference between ella fitzgerald caring about her basket for no reason anyone could comprehend ; and a twentysomething pantsuided aide with 0 sexual experience and owing money coming up with "these are the four things THAT COULD BE, i spent a whole five minutes thinking through the "metaphysics" of "life" and this is what came out so therefore!1". yes, on their own devices people live lives that
mircea_popescu: are bad literature. but there's a tremendous difference between letting them do just that and trying to force them to act in your badly written, tendentious bit of fanfic (with bowdlerized bits lifted from shakespeare and mark twain, just like the sad bits of processed fruit that made their way in your granola).
mircea_popescu: and this is how i'll end up hittign the rum at six in the fucking morning.
asciilifeform: http://btcbase.org/log/2017-04-13#1642778 << who the fuck sets MSG_PEEK flag and why
a111: Logged on 2017-04-13 11:50 Framedragger: ohno wait this is something else.. i was planning to link https://nvd.nist.gov/vuln/detail/CVE-2016-10229
mircea_popescu: guess why.
mircea_popescu: i'm using the name to represent the corruption. you know who sets it, usg agents set it. and for the obvious why.
asciilifeform: i dun recall koch calling recv() ever
asciilifeform: but i sat down and tried to answer concrete q, who and where sets it, so far found 0 examples in anything asciilifeform used or would use
mircea_popescu: eh, as long as it gets people on the new kernel. it's good for them.
asciilifeform: Framedragger do you happen to know of one ?
mircea_popescu: nice find. apparently that's the ONLY thing on all github that does.
a111: Logged on 2016-02-05 21:54 ascii_butugychag: '“I cannot for sure rule out the possibility of a backdoor,” said Gerhard Rieger, a Socat maintainer. “But personally I do not believe that the contributor has a backdoor because he uses an email address at a well known and reputated company, and if someone wants to install such a backdoor he would not use a parameter that can easily be proven as non prime.”'
mircea_popescu: aha. socat, what more do oyu need.
a111: Logged on 2016-02-05 21:55 ascii_butugychag: 'A post to a technical forum discovered that the non-prime parameter was introduced more than a year ago. A note in the commit indicates that Socat was not working in FIPS mode because it requires a 1024 Diffie-Hellman prime, and added that a developer named Zhiang Wang provided a patch with the new prime. The poster revealed that Wang works at Oracle and contributes to Socat.'
asciilifeform: anybody here have a massive gentoo tarball mirror ? try searching for MSG_PEEK ?
mircea_popescu: just did. 3 hits on socat.
asciilifeform: and no other? same here.
mircea_popescu: hence my comment above.
asciilifeform: or rather, 0 here
asciilifeform: i dun have socat
mircea_popescu: no, but lots of usg-tronic "corporations" do.
mircea_popescu: fucking useless chinese names btw. gotta start requiring serial numbers from them folk, i betcha there's 10`000 "zhiang wang" s
mircea_popescu: and besides, they all spell it randomly.
Framedragger: asciilifeform: i dunno who uses it, either, and why would it be used. it's kind of "remind me about this later" feature, pretty weird/useless
Framedragger: hm. are there cases when the program would be like, "i don't have resources to handle this, later", in some embedded/realtime/low-resource context
Framedragger: prolly no cases where you couldn't use something saner instead?
Framedragger: you can get the length of incoming message by other means than just reading it into the buffer (through ioctl or w/e)
Framedragger: so hm good point, pretty retarded
asciilifeform: gotta wonder, the folx who signed off on the fix -- why they are silent ? why linus - silent
asciilifeform: could say the truth, in theory, 'only used in socat, inserted by wrecker'
Framedragger: what are they supposed to say? that this is socat-specific? because it's not
asciilifeform: Framedragger: as far as i can tell -- it is
asciilifeform: also for some reason silence re authorship of the overflow..
Framedragger: maybe it is.. someone could be using it to get buffer length (folx exist who ask 'so how do i use MSG_PEEK for this...')
asciilifeform: kernel is not vtronic, naturally, but linus dun take patches from thin air, they all have names attached
Framedragger: can't you use `git blame` to find out the latter?
asciilifeform: Framedragger: possibly
Framedragger: and commits in linux are pgp-signed, not just "ok"d
asciilifeform: Framedragger: so far nobody's turned it up anywhere but in socat
Framedragger: there is that.
Framedragger: i can find it elsewhere, too, but small/stupid projects
Framedragger: !~google site:github.com "MSG_PEEK"
jhvh1: Framedragger: recv MSG_PEEK flag ignored · Issue #4586 · kripken/emscripten ...: <https://github.com/kripken/emscripten/issues/4586>; MSG_PEEK capability · Issue #551 · ARMmbed/mbedtls · GitHub: <https://github.com/ARMmbed/mbedtls/issues/551>; hiboma/ MSG_PEEK .md at master · hiboma/hiboma · GitHub: <https://github.com/hiboma/hiboma/blob/master/kernel/net/MSG_PEEK.md>
Framedragger: asciilifeform: actually i can see some rationale. checking that socat source and that line (https://github.com/craSH/socat/blob/master/xio-udp.c#L220), if you check the definition of buff1, it's `char[1]`.
Framedragger: it seems to use MSG_PEEK to check info on the connected peer (and drop it if need be), and by using this, it can avoid allocating additional memory to take in whole buffer
Framedragger: i guess you could also do `recv(&one_byte_buffer)` and then later `recv(&larger_buffer)`, too; but their use at least makes some sense to me. imho.
asciilifeform: Framedragger: this is foolish, you're reading the packet regardless
Framedragger: (sure, data comes in to network card's buffer anyway)
asciilifeform: it doesn't save memory.
asciilifeform: it is the exact equivalent of an older idiocy, ungetc()
Framedragger: it saves program-internal memory, but the card itself reads in the data regardless, sure.
Framedragger: asciilifeform: hah, omg i've only heard about this and checking now, even the description is lulzy. "put stuff back into stream"
asciilifeform: Framedragger: it saves no memory of any sort
Framedragger: yeah i see what you mean. ultimately it's bullshit/snakeoil. i was just saying that ~some~ sense was had (but you'll prolly deny even that - fair enough)
asciilifeform: does same thing as normal recv(), except for clearing the buffer.
asciilifeform: so packet can be (why?!) read twice.
asciilifeform: no, no sense.
Framedragger: yeah i know i know, ultimately pointless
Framedragger: hm i guess you don't save *any* memory, i can see why
Framedragger: you read in to a fixed size buffer and then discard info/connection if need be. they're pretending to be 'only reading one byte' but it's the kernel which chops off one byte from the rest of the packet
asciilifeform: still 'crediting the empire', eh, Framedragger .
asciilifeform: 'but there's GOTTA be a valid reason!!1'
asciilifeform: nope. there never is.
Framedragger: i'll grant you that i'm this overly naive kid as regards these matters. but i fear the psychological alternative :) (becoming an angry man full of bile; principle of charity has a psychological function to me, too). and eh, 'empire'. very binary
Framedragger: also there is an easy habit to slip into by which you start discarding any things a priori. (mp-emulator: that's not a bad thing(tm))
Framedragger: http://btcbase.org/log/2017-04-13#1642864 << just for context/posterity, i meant ungetc() here, what a load of crap
a111: Logged on 2017-04-13 13:47 Framedragger: asciilifeform: hah, omg i've only heard about this and checking now, even the description is lulzy. "put stuff back into stream"
asciilifeform: Framedragger: fwiw i read the manpage prior to 'this is liquishit, there is 0 possible justification, it is exactly same as ungetc()'
asciilifeform: i dun do the a priori thing. ( it may seem that way, because it does not ever take asciilifeform very long to distinguish flies from cutlets. but this comes from experience, and from flies and cutlets generally looking nothing alike. )
Framedragger: re manpage, thanks for educating me, as always - yeah ok it's the same thing
asciilifeform: in other lulz, look which muppet is back in business : https://archive.is/31IH2
a111: Logged on 2015-01-12 18:59 mircea_popescu: bitcoin_charlie didn't you make a plea bargain ?
a111: Logged on 2015-01-12 19:41 pete_dushenski: so bitcoin_charlie what brings you by on this sunny day ?
asciilifeform: in yet-other lulz, https://archive.is/mcaLO >> 'NEW YORK -- Sheila Abdus-Salaam, an associate judge on New York state's highest court and the first African-American woman to serve on that bench, was found dead Wednesday in the Hudson River, authorities said. ... became the first Muslim judge in the United States when she started serving on the state Supreme Court in 1994 ... On the court, Abdus-Salaam was among the most reliable and
asciilifeform: steadfast liberal voices, regularly siding with vulnerable parties -- the poor, impoverished ... '
trinque: http://btcbase.org/log/2017-04-13#1642876 << this is not unlike the "rich man must be sad" trope, could instead take pleasure in the way one keeps his cranial house.
a111: Logged on 2017-04-13 13:52 Framedragger: i'll grant you that i'm this overly naive kid as regards these matters. but i fear the psychological alternative :) (becoming an angry man full of bile; principle of charity has a psychological function to me, too). and eh, 'empire'. very binary
ben_vulpes: every single spiderweb does not get its own trial
ben_vulpes: here's a vacuum cleaner, get to work
Framedragger sees point.
asciilifeform: in other lulz, apparently there is NOT a standard way to grep inside tar.gz.
asciilifeform: ( zgrep only greps inside the unzipped tar, producing, e.g., '/usr/portage/distfiles/foo.tar.gz:Binary file (standard input) matches' and dun work on bz2 .
asciilifeform: infuriating idiocy.
asciilifeform: orc glyphs, gender commits -- as many as you want. useful everyday tools -- none. not since, say, 1995.
doppler: why not use a pipeline?
asciilifeform: doppler: elaborate
trinque: yup, can untar to stdout
doppler: gunzip | tar | grep
trinque: I'd do it through find for multiple files
doppler: yeah
asciilifeform: and how about bz2 ?
trinque: flag to tar
trinque: oh right, I mean the bash solution gets hairier from there
trinque backs away slowly
asciilifeform: it gets exponentially uglier.
asciilifeform: doppler, trinque : the pipe method loses the filename in which the match was found
doppler: yeah, I'm working on that now
asciilifeform: e.g., tar xvfz cmake-2.8.10.2.tar.gz --to-stdout | grep -H MSG_PEEK > liquishit.txt
asciilifeform: you get:
asciilifeform: (standard input):#ifdef MSG_PEEK
asciilifeform: (standard input): (RECV_TYPE_ARG3)1, (RECV_TYPE_ARG4)MSG_PEEK) == 0) {
doppler: they get the file index, and then grep each file separately
asciilifeform: sounds miserably slow
doppler: yeah probably
asciilifeform: http://wotpaste.cascadianhacker.com/pastes/WfMq7/?raw=true << preliminary list of infected packages, from a well-used gentoo box
asciilifeform: mircea_popescu , trinque , Framedragger , et al ^
asciilifeform: and this is ONLY .tar.gz
asciilifeform: there are also bz2, which i have not tested (zgrep dun work on'em)
doppler: if you just want match then it's easy, as you said
doppler: don't need zgrep
asciilifeform: i want the motherfucking filenames and lines.
trinque: musl's probably defining the thing in net.h or w/e it was
asciilifeform: and hah, bzgrep exists
shinohai: today is the 13th (Maundy Thrursday); There are now 13 Lords.
Framedragger: asciilifeform: neat
Framedragger: pkg-config, oh good
shinohai: Tjis could be a sign of imminent apocalypse
asciilifeform: Framedragger: not all of the hits are actual real-life invocations
asciilifeform: but we won't know until we have a proper search
trinque: aha, asciilifeform, musl defines the flag only, in include/sys/socket.h:262
ben_vulpes: openssl, surprise
trinque: crypto/bio/bss_dgram.c has several invocations with recvmsg
asciilifeform: i'ma guess that mircea_popescu was grepping compressed tarballs with plain grep and naturally found nothing.
asciilifeform: (i initially did same, when waking up)
asciilifeform: naturally all versions of gcc match ( they gotta, they have the header in'em -- snore )
asciilifeform marvels at the 'respectable kompooter sekoority community' today doing 10,000,001 things, none of them being THIS
BingoBoingo: <Framedragger> i'll grant you that i'm this overly naive kid as regards these matters. but i fear the psychological alternative :) (becoming an angry man full of bile; principle of charity has a psychological function to me, too). and eh, 'empire'. very binary << There's more than one psychological alternative. Why do you automatically go to the worst case?
asciilifeform: mircea_popescu , trinque , Framedragger , et al : part 2 : the bz2 search : http://wotpaste.cascadianhacker.com/pastes/iJwoo/?raw=true
Framedragger: BingoBoingo: i smell bile and i hate that taste. but possibly i am misconstruing things (i.e., not actual bile in #t)
asciilifeform: ( bzgrep MSG_PEEK ..... )
trinque: dhcpcd << lol
Framedragger: xchat.. RCE on irc users heh
BingoBoingo: Framedragger: Bile serves a useful function. Without bile you become a cardiac case, a hangry hangry hamplanet.
asciilifeform: gentlemen, start yer engines, perlists, awkists.
asciilifeform: gotta get the line matches, with context (say, 5 up / 5 down from match.) could qntra it.
Framedragger: need to start thinking about internetcensus2012 reboot, i tell ya
BingoBoingo: Framedragger: You simply have to have a healthy bile cycle, don't try to live without bile, but also don't try to hold it all in.
Framedragger: that makes sense :) circulation is the keyword i suppose
Framedragger: asciilifeform: busy at work unfortunately but would be a good effort, yeah
asciilifeform: now, not all of these invocations are of recv() for udp. most -- tcp.
asciilifeform: (still retarded, as discussed earlier, but won't trigger this particular boobytrap)
asciilifeform: sadly there is no automatic means to discover which of the proggies contain exploitable invocations, other than with hard grindstone sweat (or usg's automated tool!1111)
asciilifeform: https://news.ycombinator.com/item?id=14105718 ( https://archive.is/nmX2h ) << witness the unsurprising chorus : 'nobody used it! NOBODY! shuddup terrorist'
mod6: testing out this first fg here.
asciilifeform: mod6: oh hey
asciilifeform: mod6: works ?
mod6: im using gentoo, having a hard time figuring out which usb device the one. i suspect that it's /dev/tty1 but lsusb doesn't exist on this box.
asciilifeform: it will never be tty1
mod6: it ~does~ power on though
asciilifeform: will be, in all likelihood, /dev/ttyUSBn
asciilifeform: where n is 0...9
asciilifeform: (depending on how many other ttl dongles you have)
asciilifeform: check dmesg after plugging in, it will be clearly visible.
asciilifeform: then you can the the stty thing from the instructions.
mod6: werd.
asciilifeform: (unfortunately NO unixlike sets 8bit cleanliness by default, afaik)
Framedragger: ^ could be useful
asciilifeform: Framedragger: it seems to find strictly 1) glibc 2) quake (?!)
Framedragger tried fg last weekend, was all good, (very) small sample (2.7MB) had 7.999936 bits of entropy per byte. but yet to test more thoroughly, including removing shields, etc.
asciilifeform: Framedragger: recommended sample size is 1GB
Framedragger: asciilifeform: nah if you iterate thru pages will be other packages as well
mod6: dmesg says 'usb 3-2' for this guy.
Framedragger: asciilifeform: that's why i didn't wave around with the result :) yeah need to do more testing for sure.
asciilifeform: Framedragger: dieharder in particular loops around . (why ? because customary bit-poverty)
asciilifeform: mod6: ls /dev/ttyUSB* gives you what ?
mod6: no, i have no /dev/ttyUSB devices at all.
asciilifeform: hot damn, you found one of those linuxen with no pl2303 support ?!
mod6: which is kinda weird, because i hvae a usb keyboard too
asciilifeform: or do you have module loading disabled ?
asciilifeform: (if you do, you will have to compile pl2303 into the kernel)
mod6: ah, hmm. ok.
Framedragger: asciilifeform: ah, only glibc etc if "recvfrom" in keywords, you're right. but if only "recv" (https://codesearch.debian.net/search?q=recv+.*+MSG_PEEK&page=1), then lots of results
Framedragger: (it's possible that bug isn't triggered if you only recv(), not recvfrom(), but i didn't look into it to confirm)
mircea_popescu: http://btcbase.org/log/2017-04-13#1642842 << they misperceive the cost of not saying so ; as well as the cost of saying so. why's girl in highschool not say "i hate these dumbass girls who claim they're my friends and absolutely like you" ? because human nature.
a111: Logged on 2017-04-13 13:33 asciilifeform: could say the truth, in theory, 'only used in socat, inserted by wrecker'
asciilifeform: mircea_popescu: see continuation of thread
asciilifeform: Framedragger et al : bzgrep -E 'recvfrom.*MSG_PEEK' /usr/portage/distfiles/*.tar.bz2; zgrep -E 'recvfrom.*MSG_PEEK' /usr/portage/distfiles/*.tar.gz; zgrep -E 'recvfrom.*MSG_PEEK' /usr/portage/distfiles/*.tgz
Framedragger: asciilifeform: btw udp_recvmsg() is the kernel-internal function which is vulnerable. need to check callstack of recvfrom() vs recv(), possibly only recvfrom() is vulnerable (thereby reducing set of exposed programs greatly). otherwise even more funtimes.
Framedragger: ah nice ^
mircea_popescu: http://btcbase.org/log/2017-04-13#1642845 << that is misunderstood esprit de corps. it's visible when child does something stupid, gets punished for it, and mother shows up at school to protest ~the punishment~. the fact her son does stupid shit does not bother her -- on the contrary, she knows where he got that from, which knowledge fills her of joy and hope for the future. perhaps if she insists the dumb will inherit the ea
a111: Logged on 2017-04-13 13:36 asciilifeform: also for some reason silence re authorship of the overflow..
mircea_popescu: school should punish HER, of course.
mircea_popescu run highschool would have pillory for inept mothers, with topless zebra'd milfs there present almost every day.
asciilifeform: lol zebra
Framedragger: huh gdb's `bt` is not giving me backtrace. i put a breakpoint on recvfrom(), it got called and everything, and `bt` gives me squat. compiled with debug symbols. go back to school framedragger
mircea_popescu: this is a new one.
Framedragger: is just me i'm sure
mircea_popescu: you must be doing something creative.
mircea_popescu: http://btcbase.org/log/2017-04-13#1642876 << which adult strikes you as fulla bile ?
a111: Logged on 2017-04-13 13:52 Framedragger: i'll grant you that i'm this overly naive kid as regards these matters. but i fear the psychological alternative :) (becoming an angry man full of bile; principle of charity has a psychological function to me, too). and eh, 'empire'. very binary
Framedragger: "custom shitty udp program" probably fits the bill
Framedragger: mircea_popescu: i dare not say, it's more of an emergent effect, a piece from one, a piece of another, and you get a log full o' it
mircea_popescu: is that so ? hm.
Framedragger: only to an extent, and as BingoBoingo said, circulation. tide goes in, tide goes out
mircea_popescu: who knows these things.
Framedragger: i'm hangover af after $party, everything is black currently (doesn't happen often, tbh)
mircea_popescu: lol fulla bile after party ?
mircea_popescu: or wait, bile's green is it.
Framedragger: fulla set of different liquids
ben_vulpes: http://btcbase.org/log/2017-04-12#1642721 << you mean to tell me that you're culturing some weird population on your floss and then rubbing that all over delicate, highly permeable mucous membranes wired directly to your brain?
a111: Logged on 2017-04-12 21:58 danielpbarron: http://btcbase.org/log/2017-04-12#1642660 << i don't use mouthwash, brush and floss once a day (with regular non vibrating brush, and i reuse the floss untill it splits apart or breaks) -- hadn't been to the dentist in over 8 years; went in last year and they tell me my teeth are in great shape considering, although i did have to get some cavities fixed (mostly in wisdom teeth which is expected. and yes i still have my wisdom teeth
mircea_popescu: http://btcbase.org/log/2017-04-13#1642884 << lolz. camp fed fellow, expert in usg-bitcoin issues and items of interest ? mmkay.
a111: Logged on 2017-04-13 15:23 asciilifeform: in other lulz, look which muppet is back in business : https://archive.is/31IH2
asciilifeform: Framedragger, mircea_popescu , et al : http://wotpaste.cascadianhacker.com/pastes/N9Eir/?raw=true << zgrep -E 'recvfrom.*MSG_PEEK' ... ( and bzgrep ...) from several gentoo boxen here. i even found one with -- lol -- socat
mircea_popescu: ben_vulpes nothing's "wired directly to brain" wtf are you on about.
Framedragger: asciilifeform: nice, and seems realistic!
asciilifeform: wtf is it doing in awk.
mircea_popescu: those gcc matches.
mircea_popescu: /usr/portage/distfiles/gcc-3.3.6.tar.bz2:Binary file (standard input) matches
mircea_popescu: /usr/portage/distfiles/gcc-4.3.6.tar.bz2:Binary file (standard input) matches
mircea_popescu: and then every gcc subsequent.
doppler: uuudsaudas
doppler: whoops. :(
asciilifeform: mircea_popescu: no shit it's in gcc. headers.
ben_vulpes: length of plumbing lines from gums and nasal membranes to brain ispretty short
mircea_popescu: do you not have the rest of the 3.* tree asciilifeform ?
mircea_popescu: ben_vulpes they're not plumbing lines. there is such a thing as brain-blood barrier.
asciilifeform: mircea_popescu: not on running disk, they live on cd somewhere
ben_vulpes: mircea_popescu: it is a thing ben_vulpes is baseline familiar with, believe it or not!
ben_vulpes: did we ever do the "brain parasite from flushing sinuses with not-entirely-clean-water" thread?
mircea_popescu: no. let's ?
asciilifeform: ahahahaha guess what
asciilifeform: gawk has proper invocation, exploitable
asciilifeform: in socketopen()
asciilifeform had nfi that any awktron knew how to open sockets.
ben_vulpes: why does gawk even socket?
trinque: by now I assume the g prepended means "shit bolted to side"
mircea_popescu: http://btcbase.org/log/2017-04-13#1642888 <<->> http://btcbase.org/log/2016-07-10#1500604 in which vein, let me guess, this is because black, yes ? not because pantsuited, middle aged woman ?
a111: Logged on 2017-04-13 15:30 asciilifeform: in yet-other lulz, https://archive.is/mcaLO >> 'NEW YORK -- Sheila Abdus-Salaam, an associate judge on New York state's highest court and the first African-American woman to serve on that bench, was found dead Wednesday in the Hudson River, authorities said. ... became the first Muslim judge in the United States when she started serving on the state Supreme Court in 1994 ... On the court, Abdus-Salaam was among the most reliable and
a111: Logged on 2016-07-10 01:40 mircea_popescu: http://btcbase.org/log/2016-07-10#1500575 << let me guess, this is really the washington-thinktank-gendarmerie plan getting rid of those pesky washington-local-thinktanks ? plan proceeding according to plan ?
mircea_popescu: tremble, bitches, because you will end up floating on the fucking river. all of youze.
asciilifeform: tightvnc -- ditto
asciilifeform: recvfrom(....MSG_PEEK
mircea_popescu: trinque that's accurate, actually. "shit improved by the radical communist branch of usg". a sort of "Bitcoin foundation" avant la lettre, "GNu the african antelope".
mircea_popescu: how is this supporting "Sinus flushing" as opposed to, i dunno, "used to wash up pre anal sex" ?
asciilifeform: and hey hey hey lbj!!
trinque: asciilifeform having a great day over here; what bile?
asciilifeform: there's a recvfrom(...MSG_PEEK...) in apr.
asciilifeform: cleverly disguised, also, it doesn't specifically mention datagram.
asciilifeform: anyone who uses apr, and works on datagram socket, gets nailed.
asciilifeform: this is discussed afaik nowhere. but now -- here.
mircea_popescu: http://btcbase.org/log/2017-04-13#1642916 << actually can coax grep to properly recognize "multifile" by adding a /dev/null at end
a111: Logged on 2017-04-13 16:03 asciilifeform: (standard input):#ifdef MSG_PEEK
mircea_popescu: nfi why it thinks deluge from pile is single file, but anyway.
asciilifeform: mircea_popescu: it dun do any good for searching in tars.
mircea_popescu: tar xvfz cmake-2.8.10.2.tar.gz --to-stdout | grep -H "MSG_PEEK" /dev/null > liquishit.txt
asciilifeform: and of course it thinks 'single file', it's presently the only known way to grep in a tar.gz.
asciilifeform: mircea_popescu: null result
mircea_popescu: oh tar. doh.
mircea_popescu: so detar it also!
asciilifeform: it's what i ended up doing.
Framedragger: (meanwhile gdb is "Target does not support branch tracing." (cpu doesn't support one way to do this; it's an i5; omg)
asciilifeform: (took fucking forever)
mircea_popescu: asciilifeform hey, i recall having sed crash on me last week. "tools". zamac 100% quality guaranteed.
mircea_popescu: Framedragger get better wintel!!1 ?
asciilifeform: mircea_popescu: asciilifeform can't possibly be the first to ever try to search inside a dir of tarballs. srsly, 0 support?!
Framedragger: wtf apparently server with xeon cores doesn't support it, either?
mircea_popescu: you're not deserving. either of you.
mircea_popescu: now if you were poor and "from a needy family" or however "two idiots had kids" is doublespoken today...
mircea_popescu: i would be authorized to give you a sandwich.
mircea_popescu: and pee mcnuggets.
asciilifeform: Framedragger: i dun recall it ever working.
asciilifeform: other than with intel's magic probe box.
Framedragger retires to pig farm
asciilifeform: lulzily enough, asciilifeform ~has the box~ -- but 0 software for it, it never leaked. box turned out to contain empty fpga.
asciilifeform: so of 0 use, unless somebody gets hold of the magic proggy.
mircea_popescu: dude what are you talking about i/we use gdb all the time to trace
Framedragger: asciilifeform: would gdb be able to run on it, tho? with `record btrace`? just curious
asciilifeform: Framedragger: nope and nope, intel's thing only works with their shitware
asciilifeform: mircea_popescu: he wasn't trying for ordinary trace
asciilifeform: but for 'record all jumps'
Framedragger: mircea_popescu: function call history for c proggy? i prolly am doing sth horribly wrong, tho
mircea_popescu: ah i guess oh. turns out ~i~ was doing some creative reading.
mircea_popescu: Framedragger something like "backtrace full" ?
mircea_popescu: or could do backtrace full n to limit to n frames.
mircea_popescu: but basically ctrl-c bt will print out the whole strack, one line per frame. if that's what you wanted ?
Framedragger: full n gave me nothing but i'll recheck again
mircea_popescu: you are running this in gdb yes ?
asciilifeform: Framedragger: https://archive.is/qEQNe << likbez
Framedragger: i sorta did want 'any and all jumps' but should be enough for now maybe
Framedragger: mircea_popescu: asciilifeform: ty
mircea_popescu: yeah, that's not actually available. i doubt even intewl thing ever worked as advertised (which is the true explanation of the rarity)
mircea_popescu: it is a more difficult taks than immediately apparent.
asciilifeform: mircea_popescu: iirc it worked by cordoning off a portion of l0/1 caches to use as trace record
asciilifeform: (and to store whatever else that dun fit in the standard debug regs)
mircea_popescu: which works for fixed length tree ? ookayt.
asciilifeform: well of course fixed, how else.
mircea_popescu: well so then what use it is ? as per alfism, not reliable, worse than useless!!1
a111: Logged on 2017-04-13 16:11 trinque: crypto/bio/bss_dgram.c has several invocations with recvmsg
asciilifeform: it's as reliable as the box it was slaved to, signalled when the bucked filled, to go and empty.
asciilifeform: but again i don't have a working set of box+proggy. only box and manuals.
asciilifeform: ( also note, rarely is anyone interested in ALL possible branches in ALL of ram -- typically you want some particular set. )
mircea_popescu: http://btcbase.org/log/2017-04-13#1642960 <<< yeah, it's quite evidently usg burning one of their few remaining good exploits once they finally figured out it was leaked and used by republican interest.
a111: Logged on 2017-04-13 16:56 asciilifeform: https://news.ycombinator.com/item?id=14105718 ( https://archive.is/nmX2h ) << witness the unsurprising chorus : 'nobody used it! NOBODY! shuddup terrorist'
mircea_popescu: http://btcbase.org/log/2017-04-13#1642982 << such lulz that thing. really, looping over the entropy ?
a111: Logged on 2017-04-13 17:03 asciilifeform: Framedragger: dieharder in particular loops around . (why ? because customary bit-poverty)
asciilifeform: mircea_popescu: you'll also love how it is done because... prngs sometimes PASS when you do this (how ? idk)
mircea_popescu: in any event i am looking forward to the princeton paper providing the original research of "shit we read on #trilema that we came up with ourselves shut up terrorist!!1"
mircea_popescu: perhaps it'll be stanford or mit or "another" meaningless head of the same turd of agglomerated stupidity though. for flavour.
asciilifeform: mircea_popescu: per the tards' internal logic -- 'we burned the vuln -- we own the tendrils'
asciilifeform: pretty sure that they earnestly see it like this.
asciilifeform: also i have difficulty picturing enemy burning a hole without having ready replacement.
asciilifeform: (dun mean it's impossible.)
mircea_popescu: o, you mean like they obsoleted the only remaining useful us plane without having as much as a proper paper replacement for it ?
mircea_popescu: yeah, i see it.
asciilifeform: warthog is actually gone nao ?
mircea_popescu: !#s warthog
asciilifeform: iirc it was spared, last-minute.
mircea_popescu: no, but they ~obsoleted~ it. the trick is that in physical engineering you are allowed backsies.
asciilifeform: the lulzy bit re pwnholes is that they are a renewable resource: every major version of ~everything introduces a few dozen new ones.
asciilifeform: the almost forcible induction of gendercommitters, wimminzintech, etc. mushminds into open sores -- tops off the supply of deniable, 'free-range, organically grown' liquishit
mircea_popescu: except teh terrorists don't upgrade.
mircea_popescu: end up with the same three herbivores on iphone.
asciilifeform: if only
asciilifeform: megatonnes of 'internet of shit' boxen hanging around, unpatchably.
asciilifeform: ( the various 'buried in cement' routers, modems, etc. exhibited in phuctor , say . )
asciilifeform: they're the intended victim, much of the time.
mircea_popescu: who was the anodyne condolezza rice clone that was doing "revolutionizing" ukraina and failed so spectacularily ?
asciilifeform: psaki ?
mircea_popescu: i confess i have trouble retaioning the names of all these c list starlets
mircea_popescu: asciilifeform nah
asciilifeform: in other lulz, bitbet.us '...is no more, for what he thought was h2o, was h2so4'
mircea_popescu: o btw, no more visa free travel in eu for ustards.
asciilifeform: ( http://archive.is/fJuR7 << expert entomologists only ! )
asciilifeform: '...for all the bad rep Mircea Popescu gets (trolling, narcissist and an asshole in general), his websites are trustworthy, never been hacked and works.' << lel
asciilifeform: 'Also on #bitcoin-assets, but that place is very toxic. People on #bitcoin-assets probably have info about bitbet.us, but they aren't quite sane, so be careful.' << lolx2
mircea_popescu: oh what the fuck was her name.
mircea_popescu: dumb bitch, kept trying to push "orange revolution" angle and whatnot, 30 years out of date.
Framedragger: tymoshenko?
mircea_popescu: o look at that -- wikipedia page re "orange revolution" includes no verbiage of usg involvement ; mentions vaguely "russian nationalist groups".
mircea_popescu: Framedragger nah, us citizen, dept of state aparatchick.
Framedragger: ah, ok interesting heh
asciilifeform: mircea_popescu: sorta the whole point in even having pediwikia -- so that they can have this.
mircea_popescu: just about, yes.
Framedragger: http://btcbase.org/log/2017-04-13#1642997 << lulzy: http://www.ecsl.cs.sunysb.edu/elibrary/linux/network/udprecv.pdf diligently follows path of recvfrom() and the likes, *quotes the lines around the bug*, but fails to notice anything bad. if you didn't know, it'd be a very nuanced thing showing that the monk is not actually a good monk
a111: Logged on 2017-04-13 17:19 Framedragger: asciilifeform: btw udp_recvmsg() is the kernel-internal function which is vulnerable. need to check callstack of recvfrom() vs recv(), possibly only recvfrom() is vulnerable (thereby reducing set of exposed programs greatly). otherwise even more funtimes.
mod6: nice. all of the basic tests passed.
mod6: on to the advanced tests.
asciilifeform: congrats mod6
mod6: thanks alf, looking good!
asciilifeform: mod6: stty thing worked without problems ?
asciilifeform: ( i must point out, if it doesn't , you may not get any warning, other than idiot linux kernel silently dropping bytes, e.g. 0x03 )
mod6: naw, I gave up on gentoo for the time being, and just used a old deb build machine i've got laying around.
mod6: worked straight away.
asciilifeform: it has to be done on all known unixlikes.
asciilifeform: default is a non-8bitclean tty.
asciilifeform: why -- ask the wreckers, not me.
mod6: the profile i had on that gentoo machine was 'default/linux/amd64/13.0/nomultilib' and i think it was just an uber basic kernel
asciilifeform: where did mod6 get the idea that this was a gentoo-specific thing ?
asciilifeform: because it isn't
mod6: i don't have that notion. just saying, that this one didn't abide.
mod6: was the first box i tried.
mod6: i may give some other boxen a try here at some point too. got a handfull of gentoo boxes, freebsd, openbsd, etc.
mod6: anyway, am now collecting the fg.bin upto 1Gb.
a111: Logged on 2015-06-05 18:36 mircea_popescu: "[Personal experience: I have taken on a recent high school grad (friend’s son) as an intern in my web development business. He was an above-average student in a Harvard University intro CS class and also completed AP Computer Science in high school plus an additional programming class. His current productivity is about 1/100th of a $25/hour Ukrainian or Filipino contract programmer so any wage+benefit package above
a111: Logged on 2017-03-29 17:50 mircea_popescu: not for a fucking second. he is enabling the misbehaviour of 30yo children. i gotta do more work bitchlapping these idiot cunts into the ground because he buys them food and doesn't makle them pay for the shiot they break.
mircea_popescu: (apparently dept of state running out of funds, reuse agitprop materiel)
mircea_popescu: asciilifeform victoria nuland!
asciilifeform: aaah yes!
Framedragger: AQ for al qaida?
trinque: further down named in full
deedbot: http://trilema.com/2017/in-case-you-were-wondering-where-all-the-worthless-nuland-drones-ended-up/ << Trilema - In case you were wondering where all the worthless Nuland drones ended up
mircea_popescu: (the link is particularly funny for the amounts. when it comes to turkey dollars, usg is really poor. 40k here, 10k there, 5k overages accounted for --- a far cry from the "we lost one trillion dollars in 100 bills that never existed" dept of war fare.)
mircea_popescu: anyway, on meditation there's substance to Framedragger 's protest, though perhaps not the sort he'd like. the impulse to "generosity", ie unqualified giving is how people end up in trouble / how the whole mess was engineered in the first place. when you've two oxen yoked to the same cart and one's smaller, sickly and can't pull, some people will naturally have the correct reaction to whip it to death. others will naturaly ha
mircea_popescu: ve the suicidal reaction to "try and help it", ruining carts and setting the world on fire in the process.
mircea_popescu: tis what it is.
asciilifeform: in other lulz, analytical balances have, apparently, come quite a long way since the days of http://btcbase.org/log/2015-11-19#1326780 : http://nosuchlabs.com/pub/balance.jpg
a111: Logged on 2015-11-19 02:58 asciilifeform: had an analytical balance sold for use with diamonds and rare earths
mircea_popescu: is that a -3 gram weight ?
mircea_popescu: shows 6.77 with a 10g + item in ?
asciilifeform: the weight is a test standard (for some reason the box came with 2, and 1 lives in a dedicated hole in the chassis)
mircea_popescu: and does the test measure at 10.000 ?
asciilifeform: in fact it does.
mircea_popescu: impressive.
asciilifeform: chinese thing, fiddybux.
asciilifeform: fits in shirt pocket.
mircea_popescu: what's it use ?
asciilifeform: same piezo as everything else?
mircea_popescu: performance piezo chinese make huh. nice.
asciilifeform: now unlike the $maxint mettler, this thing probably dun have a thermo-compensator; or gravimeter
asciilifeform: but it seems to do the job.
mircea_popescu: yeah, but it has test weights. just as good.
asciilifeform: what i wonder is -- what this thing was intended for.
asciilifeform: 20g is too small for the dope aficionados, i imagine
asciilifeform: ( 20g is max load on this instrument )
mircea_popescu: no, actually 20g is plenty.
mircea_popescu: looks like the chinese are returning the opium war favours. "here, measure your crack!"
asciilifeform: the balances sold in american 'head shops' are typically slightly larger than this.
mircea_popescu: afaik most sold crack rock is 5g.
asciilifeform: then would make sense.
asciilifeform: ( prior to buying this little tool, asciilifeform used a... prehistoric su-era hanging balance . y'know, the kind 'lady justice' has . )
mircea_popescu: reason us-made balances are larger being that... they're crappier, helps mask it.
mircea_popescu: total tech reversal omg.
mircea_popescu recalls the time su made "bigger" to hide "shittier" behind it.
asciilifeform: mircea_popescu: i don't know of any us-made electronic balance
asciilifeform: not since, idk, '70s
asciilifeform: btw an ~accurate~ balance is a mighty useful thing to have. esp. if you deal with piles of physical objects that are nominally identical
asciilifeform: and want to fist-pass test if this is in fact so.
asciilifeform: (sorta physical equiv. of 'diff by file size')
asciilifeform: also worked great for z-axis zeroing (pick up pipette, then stab at the estimated height of the weighing platform, stepwise, until it registers )
deedbot: accepted: 1
asciilifeform: sorry to hear this, mod6 .
mod6: Thanks asciilifeform
mod6: <3
asciilifeform takes off hat.
diana_coman: sorry to hear that, mod6
mod6: Thanks diana_coman
mircea_popescu: condoleances.
mod6: Thank you, Mr. Popescu.
ben_vulpes: alas mod6. my condolences as well.
mod6: Thanks ben_vulpes.
mod6: fwiw, I hope that wasn't a sort of spam for the deedbot.
ben_vulpes: more like absolutely appropriate.
mod6: Thanks.
mod6: She went downhill pretty fast over the last 12 weeks, but her suffering is over.
trinque: sorry to hear this mod6.
mod6: Thanks trinque
mod6: In other, less depressing news...
mod6: I'm up to 361k+ and onto blk0019
mod6: asciilifeform: I took bunch of pics while doing the basic tests of the FG.
mod6: I'll write up something and put up the pics somewhere. making thumbnails is a pain in the ass... but will do it anyway.
phf: mod6: my condolences
mod6: Thanks phf
mircea_popescu: mod6 mp-wp makes thumbs automatically!
mod6: aha, good to know. thx :]
mircea_popescu: !#seen znort987
a111: 2016-10-22 <znort987> A fresh set of opinions on the topic would be welcome
ben_vulpes: "goxxed!!!"
mircea_popescu: some dude asking me on trilema. da fuck can i tell him.
ben_vulpes: another lesson in ongoing curation of one's wot
mircea_popescu: "it'd have actually been much better for everyone if http://btcbase.org/log/2016-03-13#1431645 ie i had actually kept the bitcoin." is an obvious thing one could say, but whatever.
a111: Logged on 2016-03-13 21:02 ben_vulpes: "I will simply consider the matter moot." << and keep bettor funds if no receiver steps forward?
mircea_popescu: (no, by no means the first case of "let's take republic wealth and "sell"/give it to usg". our short but rich history is littered with that sort of dorkitude, from http://btcbase.org/log-search?q=from%3Abugpowder to name your poison, which is how "taking investors" ie, allowing outsiders into the wealth even got such a bad name in the first place. the last fucking thing i want is MORE mentally stunted midgits making a profit
mircea_popescu: in btc only to immediately turn around and put that behind the usg idiocy du jour.)
ben_vulpes: in other constantly increasing costs of cross-referencing all of the inanity all of the time, "'ai' picks up biases from texts on which it's trained"
ben_vulpes: a) wat, b) SURPRISE
Framedragger: mod6: so sorry to hear that, man, my condolences.
mircea_popescu: for the curious : condolences comes from latin, con - together, dolent, pain.
mircea_popescu: indolent has the same root, "one who feels no pain", in the sense of the pain of being a worthless pos. like legendarily some species of africans, "not worth the whipping".
pete_dushenski: mod6: sorry for your loss. that's tough.
pete_dushenski: damn znort987... there was no way he was going to make his 86btc back at 1 or 2% margins was there. roi approached infinity as bitbet lost broader republican usage and support. shame.
mircea_popescu: well, i dunno, back in the day people kept saying things about marketing or whatever.
CompanionCube is very sory for mod6's loss, but at least their suffering is over.
pete_dushenski: mircea_popescu: somehow marketing must've just added to expenses!
mircea_popescu: i thought marketing is the only thing that adds to revenue, unlike everything else like say engineering etc, that adds to costs.
mircea_popescu: i guess this is one of those things people say with no expectation of ever being asked to actually carry through or something.
pete_dushenski: you've been reading too many books again, haven't you.
mircea_popescu: and, of course, nubbins / the rest of the "defenders of the public interest" will now reach into their deep pockets and make that public interest whole, amirite ?
asciilifeform: re: ^ >> <kakobrekla> want me to spin up a fresh instance lol
mircea_popescu: i'm sure.
Framedragger: (i'm angry with nubbins for upsetting the discourse back then, even tho i wasn't involved at all. shit like http://btcbase.org/log/2016-03-08#1426930 ; he's of a different kind entirely cf. kako in my mind.)
a111: Logged on 2016-03-08 18:14 nubbins`: incidentally this was the idea from the start
mircea_popescu: idealism is the notion that there exist "kinds" outside of what experience unfolds.
mod6: Thanks Framedragger & pete_dushenski
mod6: Thanks CompanionCube, indeed.
shinohai: --------{---(@ <<< My condolences mod6 http://btcbase.org/log/2017-04-13#1643247
a111: Logged on 2017-04-13 19:47 mod6: !!deed http://p.bvulpes.com/pastes/3j4QZ/?raw=true
lobbes: I offer my condolences, as well mod6.
BingoBoingo: <mircea_popescu> or wait, bile's green is it. << Black or neon yellow depending on saturation
mod6: shinohai, lobbes, Thank you.
asciilifeform: in other noose, a geiger ( sbm-20 tube: sov., circa early 1980s ) tied to a 500g plastic bottle of KCl registers 0.18uSv/hr (incl. room background: 0.07 uSv/hr.)
asciilifeform: 99.99% (supposedly) synthesis-grade kcl.
mircea_popescu: so about 0.1 huh
asciilifeform: this is just the gamma tho
asciilifeform: ( kcl puts out a very scarce gamma per however many betas )
asciilifeform: very soon i will have with what to pick up the beta.
asciilifeform: ( current idea being, ZnS+optical-grade-epoxy paste spread on PIN diode. )
mircea_popescu: could work.
asciilifeform: btw very same geiger parked on top of common american smoke detector (unmodified!) (am-241) -- 0.54uSv/h
mircea_popescu: they still sell those ?
asciilifeform: no idea
asciilifeform: house came with a pile of'em (mandatory!)
mircea_popescu has never lived in a place with smoke detectors. is a good life.
asciilifeform: not to be confused with 'sprinklers'
mircea_popescu: o, those either. fucking hell.
mod6: wait, are you building your own geiger alf?
mircea_popescu: nah he has legacy
asciilifeform: mod6: i have a bog-standard geiger here in toolbox
mod6: ah, ok.
mod6: and KCl =~ Potassium Chloride?
mircea_popescu: they're hard to calibrate in kitchen
asciilifeform: mod6: but contemplated experiment (see kcl thread ) is re something else
mircea_popescu: it's a wonder they sell that, btw, considering how easy it is to kill someone with it.
asciilifeform: mod6: the idea of 'ideal rngistor', self-contained diode+isotope, but also in such a way that $isotope is something that is sold worldwide and passes unmolested through the post etc.
mod6: ah, sure.
asciilifeform: mircea_popescu: with kcl ?! you'd have to stab somebody with it neh
mircea_popescu: yeah, inject 10ml isotone, watch the heart failure.
asciilifeform: 10ml of air also kills
mircea_popescu: not even detectable unless someone's looking specifically.
mod6: yeah, dont they use that stuff for leathal injections?
asciilifeform: mircea_popescu: believe or not, americans ~eat~ it
asciilifeform: ( supposed to be a 'diet replacement for salt' or sumthing )
mircea_popescu: hey, americans eat ~everything.
ben_vulpes: in the brief quiet, a surprising cover: https://www.youtube.com/watch?v=lyRm5kc9ZUY
asciilifeform: meanwhile, from the dept. of liquishit, https://archive.is/zxmZA
asciilifeform: re usg.'journalists' 'helping' snowdens, e.g., 'If you want to set up a secure way to communicate (which I think every journalist should) the best method is IM with an OTR encryption. You’ll need: a Jabber account, Pidgin IM client, and OTR plug-in.'
asciilifeform: ^ for some reason, fresh batch.
asciilifeform: ( get this -- pidgin. the thing with new 0day every 2 wks or so )
ben_vulpes: 4 mentions of pgp
mircea_popescu: "otr" is not very specific either.
mircea_popescu: anyway. im terrible idea for SECURE comms. because you leak time if nothing else.
asciilifeform: mircea_popescu: 9/10 it means the lolcow 'libotr'
mircea_popescu: if you want to communicate securely, reg your key and pastebin encrypted stuff.
mircea_popescu: asciilifeform even if it did, the way in which it is ductaped to the whole shebang is more important in the end.
asciilifeform: it gets better,
asciilifeform: 'From the start, he said, their communication was flawed. Snowden had initially forgotten to provide his own PGP key, which meant that Micah’s reply couldn’t be encrypted. “Everything wasn’t perfect,” Micah said, recalling such missteps. “But there was no red flag, and I’ve gotten lots of emails from random anonymous people. I did pretty well, considering that I had no idea what the hell was going on. I kept switching a
asciilifeform: nonymous identities. When I first talked to him, I made a new anonymous identity, and then when he got to Hong Kong, I switched. And when he left Hong Kong, I switched again.”'
asciilifeform: get this, 'anonymous identities'.
mircea_popescu: she's clueless, trying to say pseudonymous
asciilifeform: nope, probably meant exactly this. 'anonymous' (in the sense of, no fixed rsa pub.)
mod6: hello, this is dog!
asciilifeform: 'hi, it's still me, here's my new key, now let's talk'--anonderp4398598395
mod6: just install jabber and talk to the dog, w00f!
ben_vulpes: nice rug
mod6: haha
mircea_popescu: ben_vulpes old country stuff.
ben_vulpes: i grew up on prayer rugs quite like it
ben_vulpes: older, rougher
ben_vulpes: eventually parents bought shiny new
ben_vulpes: palpable difference between that which came from grandpa's estate and the fresh purchases.
asciilifeform: in classical su rug like this is 1) on floor 2) on wall (usually next to bed)
asciilifeform: 'Once the ladder ended, it was easy to climb from branch to branch up to where the material was located. A bird had built a nest on top of the sealed container. Happily, the nest was empty: breeding season had passed. We opened the container. The item was inside. We remained in the tree for a while....'
asciilifeform pictures nsa goons with NJDs combing the woods
asciilifeform immediately thought 'vectored shit?!'
deedbot: http://trilema.com/2017/hiking-inc/ << Trilema - Hiking, Inc.
asciilifeform: police radio : '...no one was in danger. and the caller was anonymous.'
mod6: no mosquitos!?
mod6: im in the wrong locale.
mod6: i just killed the first ones of the year, last weekend. which is pretty insane for Minnesota to have mosquitos /already/.
mod6: I had my revenge though.
mod6: It snowed on very early Tuesday morning and killed the SOBs.
mod6: muhahaha
mircea_popescu: i haven't yet seen one. or i think i might've seen one, that may also have been a misidentified wasp
mircea_popescu: the variety of wasps they have here is staggering. i got TWO kinds nesting, one's a perfectly harmless paper wasp, they eat the polen off a vine growing ion the fence. the other's a mud hut building guy, i think he eats spiders. then a third really fearsome type showed up evidently praying on the first type... then later a fourth super tiny kind was discovered when one fell in my drink....
asciilifeform: cop 'a': 'your caller is janet. she wants to discuss... strange things with you. she says she saw strobe lights in her neighbour's house, and that he is communicating with her via... electromagnetic fields.' cop 'b' : 'yes i'm familiar with her'
mircea_popescu: asciilifeform a good half of police work in all times, interfacing with bored / insane middle aged women.
asciilifeform: i'd naively imagine they would 'excommunicate' these
mircea_popescu: in functioning state entirely not up to them.
asciilifeform: i suppose dc is 'functional' then!11
asciilifeform: '...an ar-15, a shotgun, five pistols... in bedroom closet'
asciilifeform: '... the complainant's dog is running around the house, strangely, as if it senses someone... '
mircea_popescu: is this in the "we're about to break and enter and trying to pretend like no warrant is needed because probable cause" ?
asciilifeform: apparently
mod6: the wasps sound nasty tho ya.
mod6: <+mircea_popescu> asciilifeform a good half of police work in all times, interfacing with bored / insane middle aged women. << did alf just flip on his scanner?
mod6: lol
mircea_popescu: they're not really the attacking type.
asciilifeform: '...25 y.o. female... took entire bottle'
asciilifeform: 'Mircea Popescu stole a large amount of BTC from BitBet.us prior to this...' << lol
CompanionCube: lol: 'They used fake details for the domain registry. The "company" behind the domain is Polimedia which is currently in "Forfeited Existence" in Texas. The registry info has been the same even before they switched owners a year ago.'
CompanionCube: mircea_popescu: from some random redditor re: bitbet
mircea_popescu: !#s polimedia
a111: 649 results for "polimedia", http://btcbase.org/log-search?q=polimedia
CompanionCube: ik it's yours
CompanionCube: you'd think they'd update the whois *eventually*
a111: Logged on 2012-08-15 19:45 mircea_popescu: smickles http://trilema.com/2012/falimentul-polimedia-srl/ there, 2011 results. the 2010 and 2009 are also published on my blog
mircea_popescu: ~nothing changed, same corp numbers etc.
CompanionCube: unfortunately I can't read romanian.
asciilifeform: '...94 year-old, said he was a vet..'
mircea_popescu: CompanionCube what is this relevant to ?
CompanionCube: the linked blog post?
mircea_popescu: you think ?
mircea_popescu: aanyway, let's just say this bla bla has been going on for as long as there's been an internenet. nubbins abound, and they have shit to say about things, obviously.
mod6: <+CompanionCube> unfortunately I can't read romanian. << i used to translate trilema from .ro for, a long while before it was ever written in english.
mircea_popescu: meanwhile on the webz, The password should not contain the invalid characters like: ', ".
asciilifeform: '...complainant's father is hitting her... ...he has access to long guns, a shotgun, but it was not used in this incident...' << lol!
BingoBoingo: Condolences mod6, consider submittting obituary to paper of record?
mircea_popescu: eh, too much publicity don't you think.
mod6: Thanks BingoBoingo
mod6: I don't think it needs to be announced otherwise. Just my way of tribute for my folks.
mod6: My family appreciates the outpouring of sympathy from the Republic.
mircea_popescu: Last updated at block 461176. << is that like 3 days ago ?
BingoBoingo: <mircea_popescu> eh, too much publicity don't you think. << The option's available to the berieved lord
mod6: wb
mod6: <+mircea_popescu> Last updated at block 461176. << is that like 3 days ago ? << i think trinque's node was down for repair for that wallet thing. might be behind a bit. not sure tho...
mircea_popescu: ah yeah.
mircea_popescu: did you ever nail that issue trinque ?
deedbot: http://qntra.net/2017/04/bitcoin-mining-difficulty-up-4-238-to-520808749422-13983154/ << Qntra - Bitcoin Mining Difficulty Up ~4.238% To 520808749422.13983154
← 2017-04-12 | 2017-04-14 →