Hide Idle (>14 d.) Chans


← 2017-04-27 | 2017-04-29 →
BingoBoingo: The only people really served by mass electrification are marketers
mircea_popescu: how did that go, electricity + power of soviets = socialism ?
deedbot: http://phuctor.nosuchlabs.com/gpgkey/D33A6D003FB3DE795015D471B96EEE94F66F6C072D342040BACBCAACA43C526A << Recent Phuctorings. - Phuctored: 1391...5257 divides RSA Moduli belonging to '79.174.66.73 (ssh-rsa key from 79.174.66.73 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (2709.ovz-ssd8.hc.ru. RU)
deedbot: http://phuctor.nosuchlabs.com/gpgkey/D33A6D003FB3DE795015D471B96EEE94F66F6C072D342040BACBCAACA43C526A << Recent Phuctorings. - Phuctored: 1558...2707 divides RSA Moduli belonging to '79.174.66.73 (ssh-rsa key from 79.174.66.73 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (2709.ovz-ssd8.hc.ru. RU)
deedbot: http://phuctor.nosuchlabs.com/gpgkey/1E513C40B6621513CDF703FE3B0EFDB1B68135E2C9E459CAF01F96CD128EB68A << Recent Phuctorings. - Phuctored: 1458...4359 divides RSA Moduli belonging to '200.131.128.6 (ssh-rsa key from 200.131.128.6 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (netuno.unifei.edu.br. BR)
deedbot: http://phuctor.nosuchlabs.com/gpgkey/1E513C40B6621513CDF703FE3B0EFDB1B68135E2C9E459CAF01F96CD128EB68A << Recent Phuctorings. - Phuctored: 1494...6389 divides RSA Moduli belonging to '200.131.128.6 (ssh-rsa key from 200.131.128.6 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (netuno.unifei.edu.br. BR)
mircea_popescu: in other electricities, "La exmujer de un oligarca comparte su secreto para ganar dinero en Internet..."
mircea_popescu: truth be told you don't actually need, or for that matter want, electricity to juju worship. be a lot happier with a coupla tubers rather than all this unmanageable complexity
mircea_popescu: and teh juju worship'd come out just as good.
BingoBoingo: That's as a worshipper. As a peddler of a particular juju, electricity helps to sell more jujidgets
mircea_popescu: but it's exactly the same as the rent market : yes, you sell more jujidgets but guess what ? so does everyone else. so now you HAVE TO sell more jujidgets.
BingoBoingo: Or Jewidgets, however the spelling works out
mircea_popescu: electricity is not actually serving you, much like the idea of "stand on tiptoes to see better at ball game" doesn't actually serve you.
mircea_popescu: all you get is... "well now you GOTTA stand on tiptoes, sucker"
BingoBoingo: Well it's inflation. So what about actual value? Gotta march to 120k classroom monitor!
BingoBoingo: So tiptoes on stacked jujewgidgets all because tv said so.
mircea_popescu: sure. but it dun mean they're ~needed~.
BingoBoingo: Naturally. Brb, sleep.
deedbot: http://phuctor.nosuchlabs.com/gpgkey/80D5068863DD5F013D5B4595395297924EC59FF2D20D32347D486BC8648DD427 << Recent Phuctorings. - Phuctored: 1507...1897 divides RSA Moduli belonging to '193.85.175.196 (ssh-rsa key from 193.85.175.196 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (mail.spih.cz. CZ)
deedbot: http://phuctor.nosuchlabs.com/gpgkey/80D5068863DD5F013D5B4595395297924EC59FF2D20D32347D486BC8648DD427 << Recent Phuctorings. - Phuctored: 1715...3769 divides RSA Moduli belonging to '193.85.175.196 (ssh-rsa key from 193.85.175.196 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (mail.spih.cz. CZ)
deedbot: http://phuctor.nosuchlabs.com/gpgkey/ABED940920ED0364789083EFA6B705C00B3467D5D372FD60803368E66E869800 << Recent Phuctorings. - Phuctored: 1649...7863 divides RSA Moduli belonging to '79.61.96.90 (ssh-rsa key from 79.61.96.90 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (host90-96-static.61-79-b.business.telecomitalia.it. IT)
deedbot: http://phuctor.nosuchlabs.com/gpgkey/ABED940920ED0364789083EFA6B705C00B3467D5D372FD60803368E66E869800 << Recent Phuctorings. - Phuctored: 1761...1589 divides RSA Moduli belonging to '79.61.96.90 (ssh-rsa key from 79.61.96.90 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (host90-96-static.61-79-b.business.telecomitalia.it. IT)
deedbot: http://phuctor.nosuchlabs.com/gpgkey/7C3241B637A9A30400454834C03F9816B3F6AC390A3CBF63CA7102638F841C6B << Recent Phuctorings. - Phuctored: 1781...2663 divides RSA Moduli belonging to '85.125.200.62 (ssh-rsa key from 85.125.200.62 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (85-125-200-62.static.upcbusiness.at. AT)
deedbot: http://phuctor.nosuchlabs.com/gpgkey/7C3241B637A9A30400454834C03F9816B3F6AC390A3CBF63CA7102638F841C6B << Recent Phuctorings. - Phuctored: 1786...9583 divides RSA Moduli belonging to '85.125.200.62 (ssh-rsa key from 85.125.200.62 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (85-125-200-62.static.upcbusiness.at. AT)
lobbes: http://logs.minigame.bz/2017-04-28.log.html#t06:10:10 << pete_dushenski, if I send a plaintext your way with lobbesbot's commands could you add it to your list?
lobbesbot: Logged on 2017-04-28 06:10:10: <danielpbarron> and a command to query for uncompressed specifics of a named auction
lobbes: Oops, wrong link
BingoBoingo: !~ticker --market all
jhvh1: BingoBoingo: Bitstamp BTCUSD last: 1325.09, vol: 7937.54606425 | BTC-E BTCUSD last: 1290.004, vol: 5832.62338 | Bitfinex BTCUSD last: 1393.5, vol: 12385.97136821 | BTCChina BTCUSD last: 1131.0029, vol: 9843.39680000 | Kraken BTCUSD last: 1325.343, vol: 3404.35614867 | Volume-weighted last average: 1292.93748819
deedbot: http://phuctor.nosuchlabs.com/gpgkey/64B6EAF797B208717F4341A4F1251FB212242560F4A4BAF5CC1FD6E6FFD673E6 << Recent Phuctorings. - Phuctored: 1393...6903 divides RSA Moduli belonging to '83.151.29.51 (ssh-rsa key from 83.151.29.51 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (m18s17.vlinux.de. DE)
deedbot: http://phuctor.nosuchlabs.com/gpgkey/64B6EAF797B208717F4341A4F1251FB212242560F4A4BAF5CC1FD6E6FFD673E6 << Recent Phuctorings. - Phuctored: 1454...6529 divides RSA Moduli belonging to '83.151.29.51 (ssh-rsa key from 83.151.29.51 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (m18s17.vlinux.de. DE)
lobbes: http://www.politico.com/story/2017/04/28/trump-presidency-easier-previous-life-237728?cmpid=sf << In other lulz, Trump starts coming to grips with his being 70 years old
deedbot: http://cascadianhacker.com/a-brief-foray-into-the-swamp-of-trb-boost-usage << CH - A Brief Foray Into The Swamp of TRB Boost Usage
asciilifeform: ben_vulpes: i must confess -- the font on your www is barely readable on my boxes. gloms horizontally.
asciilifeform: like misadjusted electric typewriter.
ben_vulpes: asciilifeform: i must confess -- styling html makes me impotent
asciilifeform: how about ~not~ styling it.
asciilifeform: like qntra.
asciilifeform: would do a world'o'good.
asciilifeform: it is driving me batshit that this liquishit font is even ~on~ my box.
asciilifeform: (why??)
asciilifeform: i'm half-convinced that just about all commonplace linux fonts were specially made by wreckers in '90s.
asciilifeform: also your last link is broken
ben_vulpes: asciilifeform: ty
ben_vulpes: asciilifeform: what means "gloms horizontally"?
asciilifeform: see screenshit
ben_vulpes: i am looking. what in particular are you objecting to?
asciilifeform: the characters TOUCH. it is physically painful to read.
ben_vulpes: gotcha
ben_vulpes: yeah that sucks
ben_vulpes: asciilifeform: better?
asciilifeform: ty ben_vulpes .
ben_vulpes: no thank you
Framedragger: verdana sucks. especially when it's not antialiased
Framedragger: actually interestingly, trilema.com also renders verdana here on firefox. but i think that ben_vulpes' site somehow managed to use "verdana italic" as "regular verdana", which looked horribru. but i'm not sure what that even
BingoBoingo: Seriously, the correct answer is to not style web text.
BingoBoingo: Let reader of text assign style
asciilifeform: BingoBoingo: one problem -- some things MUST be monospaced.
asciilifeform: ( imho -- i'd much rather have everything monospace, if could only have one. )
Framedragger: thing is, you can monospace with <pre> and let browser decide on monospaced font, too
Framedragger: so shouldn't be a prob.
asciilifeform: but this in re BingoBoingo's 'just don't style'
asciilifeform: but if you don't know how to style correctly -- then, yes, don't.
Framedragger: you can view <pre> as a content/semantic tag, and 'style' would be 'shit in css'. i mean, if we truly believed in content/form separation on the web
ben_vulpes: web is not even a place where "words have meaning"
ben_vulpes: browser authors happily route around eg multiple identical ids on same page
Framedragger: it's the ultimate zoo, what can i say
ben_vulpes: ultimate poo
BingoBoingo: <asciilifeform> but this in re BingoBoingo's 'just don't style' << <pre> isn't style, it's semantic
BingoBoingo: ben_vulpes: Any thoughts towards the agriCltural Supremacy Challenge
ben_vulpes: BingoBoingo: i thought about looking up local fairs
ben_vulpes: but digesting other people's abstractions distracted me
BingoBoingo: It's not such a bad thing
danielpbarron: !!v 14AAE3891C27B0694C3B0DAF888335CD80BBA0E06A1AF618A4A532EBDDA7AFC4
deedbot: danielpbarron updated rating of juliatourianski_ from 4 to -4 << Stupid harlot, segwit shill, self-admitted enemy of the republic
mats: lel
ben_vulpes: theeeere it is
ben_vulpes: self-admitted enemy of the republic is a new one, gotta citation on hand danielpbarron ?
ben_vulpes: for my lulzporium
Framedragger: meh. if i was told out of the blue like that, i may respond the same :) (contra is of course "ignorance is not an excuse")
trinque: man, I was hoping for some kind of spy vs spy situation where danielpbarron thwarted her honeydicking
Framedragger: totally
danielpbarron: there is no out of the blue about it
danielpbarron: i have spent considerable time in person with her in which she is very friendly, and she knows well about tmsr, this goes back several years
Framedragger: oh lol, okay, that will do heh
trinque: danielpbarron: I always take "anarchist chick" as "I have daddy problems omg look at me breaking the rules"
danielpbarron: i've met her dad. he's a nice guy
mats: busy building a brand and appearing on cringey venues like 'anarchast' and 'anarchapulco'
mircea_popescu: is that good for the anarchy within ?
mats: good if you want to be roger ver and Bitcoin Mary
mircea_popescu: trinque since we're on it, what do you take "lesbian" as ?
trinque: I've seen both "I hate taking baths" and "holy shit there are zero acceptable men in my wot" variants
danielpbarron: unrelatedly, trinque why can't i deed stuff? i tried again with a smaller thing and i got the same result. bot says "deeds online" much later but my entry isn't on the website
trinque: be specific
trinque: you're deeding huge items yes?
a111: Logged on 2017-04-24 08:04 danielpbarron: !!deed http://danielpbarron.com/NVIDIA-Linux-x86_64.asc
danielpbarron: this one is ~300 M
trinque: couldn't like...
trinque: deed a hash?
danielpbarron: i asked if i should do that and someone specifically told me to do it this way
trinque: otherwise your feature request is noted and I'll have to do something about eating bigger files
mircea_popescu: i recall that conversation.
trinque: know what? I bet it's just a timeout happening
trinque: nope, ram limitation lol
trinque: danielpbarron: I'm gonna stop my bitcoin node a sec
trinque: poar past trinque said to himself "ah this thing's for text, whole download in ram no problem"
jhvh1: asciilifeform: The operation succeeded.
asciilifeform: ^ with constant-time mul
asciilifeform: ( and various other useful things )
asciilifeform: does anybody have a favourite constant-time modular-exp ??
asciilifeform: ( is one even known to exist..? )
trinque: danielpbarron: where is this going? infinite Eulora kids going to download it?
trinque: the pipe on this box is not unmetered.
danielpbarron: i wanted to preserve a copy of it for the future in case it's no longer available anywhere else
mircea_popescu is still searching for where thid discussion happened
danielpbarron: most noobs do the windows thing and don't need the linux drivers
a111: Logged on 2017-04-05 22:36 danielpbarron: what is the proper way to deed such an item? clearsign the sha512sum ?
ben_vulpes: IT WAS ME
mircea_popescu: http://btcbase.org/log/2017-04-28#1649343 << it actually will use whatever you want, has a whole list.
a111: Logged on 2017-04-28 17:50 Framedragger: actually interestingly, trilema.com also renders verdana here on firefox. but i think that ben_vulpes' site somehow managed to use "verdana italic" as "regular verdana", which looked horribru. but i'm not sure what that even
mircea_popescu: some people end up with dual char mode because no chinese support in the default.
mircea_popescu: ben_vulpes i hope you bought a cape by now.
trinque: lol
ben_vulpes: cape, top hat, and cane
trinque: danielpbarron: anyhow for now I request that you use deedbot as something to check against, and not as a CDN/archive.is
ben_vulpes: plus a handicapped sticker
ben_vulpes: it's a real site watching me haul my broken carcass out of the muscle car
ben_vulpes: sight*
danielpbarron: trinque, ok
trinque: I can help ya make it eat more large objects (don't mind the archivng) but eventually it's going to need to either deplete the deed author's wallet account for $amountOfBitsServed, or something along those lines
trinque: at which point I'd be more than happy to serve up whichever bits forever
trinque: obviously I'll also make special cases for things like trb deeds.
mircea_popescu: yeah, how's the whole dwallet coming along ?
pete_dushenski: lobbes: of course.
Framedragger: http://btcbase.org/log/2017-04-28#1649251 << as the case currency stands with regards to tox, the saddest thing about it is not its pos code, pos design (i think there are some attempts to have a design?), but that some arguably should-know-better smart people are sinking time into it
a111: Logged on 2017-04-28 03:34 mircea_popescu: anyway. anyone seen that tox thing ?
mircea_popescu: this is so totally novel a situation ;/
Framedragger: this one recent time, an actually decent outside person reported a fixable vuln in their craptography https://github.com/TokTok/c-toxcore/issues/426
Framedragger: folks went defensive. very barf
Framedragger actually went on their channel (whichever it was, they have like tox-talk and -dev and just tox or sth) to see if any clever people. yes, one iphy (also on ##crypto) understood that (1) it was an issue and (2) these other 'core member' fuckwits were destroying any goodwill
Framedragger: i think in the end they managed to address the fact that they should address it
Framedragger: that exhausted my curiosity, tho
mircea_popescu: but then he promotes "the noise protocol framework"
mircea_popescu: which is one synergy short of a buzz cut.
Framedragger: here i have a problem because i don't think noise is necessarily bad; or that e.g. signal protocol is necessarily bad (yes names are barf'y)
Framedragger: i mean, 'compared to what'. certainly not compared to asciilifeform's actually-fucking-constant-time crypto architecture
mircea_popescu: does it not seem to you that a protocol framework (ie, some sort of method for "creating" or "tailoring" protocols) is broken in the head ?
Framedragger: oops by 'certainly not' i meant 'certainly pos compared to alf's
Framedragger: hold on, that does sound retarted
mircea_popescu: even if we don't consider practical experience (hey, automake tried to be a makefile framework yes ?) and only focus on the theoretical aspect
Framedragger: ah. well, i thought it was a set of lower-level crypto interfaces on which you could build higher-level protocols
Framedragger: naming is shit, yeah
Framedragger: i'm not convinced it's a very bad idea. i'm not advocating such 'we love complexiti' architecture of course
mircea_popescu: to put it another way : when a fundamental problem is well understood enough to approach conclusively, and yet the approach eschews creating a standard in favour of preserving choice, the signal is that the problem was NOT actually understood enough.
mircea_popescu: ie, a "protocol framework" is definitionally premature.
mircea_popescu: either you have a protocol standard, or else you have more prototyping work to do.
mircea_popescu: (at least that's what i parse the words to mean, framework = "standard with a lot of user serviceable knobs")
Framedragger: i think by 'you can create protocol' they meant a high degree of abstraction kind of protocol. e.g. stateless or stateful transport security, etc.
mircea_popescu: and who's going to cover the edge case interplay three feet deep ?
Framedragger: makes sense to have core building blocks. i see protocol framework here in the sense of openssl being a protocol framework
mircea_popescu: openssl is woefully insecure!
Framedragger: yesyes, many issues, sure. and in regards to openssl, you know what i meant, the interfaces that the openssl library exports to its operators
mircea_popescu: the... what ?
Framedragger: the fact that interfaces implement literal crap in the case of openssl is of course not the best advertising for a simile...
mircea_popescu: you mean that it runs on linux and consequently you can process its output ?
Framedragger: no, i mean that you can embed it in your $crapchatapp and not worry about IV reuse
mircea_popescu: the part that enables you to not worry thus is in your head not in the openssl.
Framedragger: (you can use more general methods which abstract away the internals)
mircea_popescu: i'd fucking worry. and i'd have great cause to worry, too.
Framedragger: because of openssl or because of this abstraction?
mircea_popescu: because nobody actually looked at all the edge cases, on the assumption that they were only generated through the interplay of idle abstraction and will "never be encountered in practice"
mircea_popescu: which is of course what your crapapp will do post haste, if you've any luck.
Framedragger: i thought you were *for* a crypto library where operator would not have to use (by which i mean abuse, because he will) low level primitives?
Framedragger: damn i need semantic search on logs
mircea_popescu: let's revisit the early cs classes. if you have state machine A, with 4 states, and state machine B, with 5 states, the composed mechanism AB has... 20 states.
mircea_popescu: abstraction has this cost, that if i have to maintain AB i spend twice the time if i maintained an A and a B.
trinque: http://btcbase.org/log/2017-04-28#1649427 << got some needed hardware to pick up at the post office tomorrow, and a bunch of code to deploy to it, then testing.
a111: Logged on 2017-04-28 20:36 mircea_popescu: yeah, how's the whole dwallet coming along ?
trinque: questions remain on how best to handle incoming deposits; I hear ben_vulpes might be working on something to help
mircea_popescu: if your protocol is, for the sake of this argument, a state machine with about 150k states, and then the "framework" is a further state machine with about a half million or so states, your protocol framework escapes security as a fundamental property of it.
mircea_popescu: trinque epic.
ben_vulpes: trinque: output dumper's not entirely done but closeish
ben_vulpes: gotta back out the c++11 work, implement a predicate and test the shit out of it
Framedragger: mircea_popescu: no disagreement. i honestly don't know re framework, i do think they just abused a term (which isn't a great signal)
Framedragger: mircea_popescu: even then, yes, explosion of statespace, sure
mircea_popescu: see, naggum's (correct) advice in that piece ##crypto barfed at was... MAKE YOUR TAILORED CL!
mircea_popescu: not "download the latest cl framework". that's the opposite approach/.
ben_vulpes: current thinking in re testing dumper is to solo mine and test but that's a not-small pile of test harness to write
mircea_popescu: even more directly : every kid who ever tried maintaining a machine, be it linux, bsd, anything, knows very directly the problem with this framework thing. apt-get is guess what ? a package framework. what's its principal function on anyone's machine ? that it imports packages you a) didn't want or need and b) turned out vulnerable.
mircea_popescu: but to return upstack : if i can't enumerate the states of my machine, i will thus therefore worry about it ending up in a state i can't predict, understand or recover. this is rational.
Framedragger: mircea_popescu: well, you're right, damn. looking at list of thing signal gives though, it's just clean functions for doing crypto. i dunno. i think in the case of tox, its crypto may actually map well to noise, in the sense of them being able to just use stuff that noise provides, and not reimplement same shit in broken fashion
mircea_popescu: (predict : i know what it will do in the future ; understand : i know what it is doing now ; recover : i separated it from what it did in the past.)
Framedragger: but then that whole ecosystem may need to die before there is good in the world.
ben_vulpes: awww he's coming around
mircea_popescu: well, maybe. i'm not really able to evaluate a framework rightnao.
Framedragger: i just thought, asciilifeform's bignumtron is probably not even turing complete yes? if it's not, that *a big plus*
Framedragger not ignorant of problem
trinque: nor ignorant in general, but ever wanting to think the best of people, eh?
Framedragger: s/signal/noise/ ^
trinque: THAT HYMEN POPS WITH AGE
trinque: lol
Framedragger: maybe 'tis my function, the forum clown :p
Framedragger: well no clown's function may be more complex
ben_vulpes hands Framedragger the cap, nose
ben_vulpes swirls cape, disappears in flash of powder
Framedragger checks clock, 10pm, tilts head, office space, mk
mircea_popescu: oook this bahamas thing is pretty lulzy.
asciilifeform: Framedragger: how, precisely, is any bignumtron possibly turing-complete ?!
asciilifeform: by itself, that is
asciilifeform: http://btcbase.org/log/2017-04-28#1649464 << gotta understand the principle : if martians landed tonight, and fixed, somehow, all of the bugs in openssl, and god signed off that there are no more -- openssl will STILL be a turd, because does not fit in head !
a111: Logged on 2017-04-28 20:49 Framedragger: because of openssl or because of this abstraction?
asciilifeform: the cost of using an item that does not fit in head, is essentially the cognitive equivalent of curl liquishit | bash .
asciilifeform: 'Perhaps Tox doesn't care about this, or about many of the threat models that modern AKEs are designed to protect against, in which case, probably it's fine to continue using your homebrewed crypto. But if you actually desire some kind of high assurance security, I strongly recommend not building your own protocols and instead use something designed by an educated expert, such as Noise.' << lol , schneier never dies.
asciilifeform: instead he reincarnates as 10,001 cryptoderps
mircea_popescu: the martians didn't make the usg, no.
asciilifeform: 'You might benefit from a bit of humility before comparing your protocol to OTR and SIGMA, both of which were groundbreaking works created by experts, as opposed to a slapdash protocol...'
asciilifeform: experts.
asciilifeform: didjaknow.
asciilifeform: and in the end, 'We acknowledge that the issue exists and will work towards fixing it. ... I will say this very clearly once again: there is an avoidable security flaw in the Tox handshake. This is not something someone made up. The effect is that if your secret key is stolen, an attacker can impersonate anyone to you. We will fix this issue, most likely by adopting Noise for handshakes.'
asciilifeform: schneier won this one.
asciilifeform: 'what, you idiot niggers really thought that pygmies can run a country ? only yale graduates can run a country, shut up get back on yer knees'
mircea_popescu: hey, it's a framework.
Framedragger: ^ interesting thing re above, note, your key thief can impersonate anyone *to* you, not impersonate *as you* - the latter is contained in "thief" and is unavoidable. but the former is avoidable.
trinque: I remember the church derps used to say things like "there's a god-shaped hole in everyone". The homoeroticism of that aside, does appear that there's a "metaphysical domination" shaped hole in most folks. looks like this when nobody in your land bothers to stick it in.
Framedragger: (re. else, later, moving self. but just a quick note re turing complete, well yes a bignumtron should not in itself be turing complete, but i wasn't sure how much additional stuff was planned on top)
trinque: "oh I'll run around and gargle ideological cum from wherever I find it, invariably because of my own wish fulfillment fantasies and onanisms"
trinque: see ##crypto
asciilifeform: Framedragger: the only thing planned on top is a finite-step rpn calculator thing.
Framedragger: right, right, i should have known (you had mentioned this). cool :)
a111: Logged on 2016-12-11 21:09 asciilifeform: trinque: it is a very simple thing, think 'rpn calculator' and you almost have it.
Framedragger: http://btcbase.org/log/2017-04-28#1649507 << at the risk of committing a slippery slope / false equivocation / something, orly? is this not unavoidable sometimes. i do realise "b-b-t muh kernel! is not a good answer
a111: Logged on 2017-04-28 21:14 asciilifeform: the cost of using an item that does not fit in head, is essentially the cognitive equivalent of curl liquishit | bash .
a111: Logged on 2016-12-11 21:24 asciilifeform: for instance, p code is required to first thing put on the stack 1) how many p-instrs are permitted 2) how many bits wide the fixints are
asciilifeform: Framedragger: the first step, as the quitting drinkin' folx say, 'is to realize that you have a problem'
asciilifeform: which means NO NEW NONFITTINGINHEAD items!!
asciilifeform: and a monotonic reduction in old ones.
asciilifeform: until -- gone.
Framedragger: guess so.
asciilifeform: http://btcbase.org/log/2017-04-28#1649519 << somebody with your key, in fact ~is~ you. just the same as if he had killed, skinned you, and put on your skin.
a111: Logged on 2017-04-28 21:25 Framedragger: ^ interesting thing re above, note, your key thief can impersonate anyone *to* you, not impersonate *as you* - the latter is contained in "thief" and is unavoidable. but the former is avoidable.
asciilifeform: any pretense to the contrary is fundamentally dishonest.
mircea_popescu: trinque the hole stuff is eerily apt for the article i'm just brewing.
asciilifeform: there is no longer ~a~ you, once enemy has your privkey.
trinque just surfing the republican vortex
asciilifeform: there is only then a privkey suffering from split-brain disease.
Framedragger: (what if it's a station key? what if you wanted to be alerted of 'key stolen!')
asciilifeform: Framedragger: who will alert you of this ? martians ?
asciilifeform: how do you propose to mechanically determine that a key has been stolen.
Framedragger: other people, e.g., who yes will be alerting both you and other-you
Framedragger: could just be a social thing, someone literally using your key
asciilifeform: who will know about it exactly how ??
asciilifeform: has Framedragger finally discovered the ancient dream of riaa, the magical bits that tattle when copies ?
Framedragger: it's not deterministic, it's not guaranteed, it's pretty crap, yes, but given the option?..
asciilifeform: what option !
asciilifeform: describe, for my enlightenment, the actual algo contemplated, Framedragger
asciilifeform: bool HasBeenStolen(PrivKey) -- if you like.
asciilifeform: how's it work ?
Framedragger: no, there is no such thing, i said it's social. but hold on:
Framedragger: it's not an algo, i was referring to a possible fix of a further bad-thing that happens when key stolen. bad-thing is: once your key stolen, attacker (in that broken tox scheme) can impersonate as *anyone* *to* you.
asciilifeform: he can also log into your box, say, and impersonate ~that~ way.
asciilifeform: or format your hd.
asciilifeform: or whichever.
asciilifeform: for any practical purpose, he ~is~ you.
Framedragger: so if you have your friend bob's key and bob writes you "dude key stolen wtf", you know that shit went down. but now, attacker can be 100 bobs, with 'signed messages' or whatever, telling you "no don't listen to this impersonator not-bob, you're fine"
Framedragger: i do not believe in "single key" thing. there is main-key. but you can have station keys. which can't format hdd. that's slippery slope
asciilifeform: Framedragger: how do you intend to distinguish this situation from impostor ?
Framedragger: if scheme works as it should, you get a signed message from bob and you know it's bob who sent it to you.
asciilifeform: ... or the thief
Framedragger: the idea is that your key was not stolen while attacker had root access to your box.
asciilifeform: or bob-with-splitbrainsyndrome
mircea_popescu: asciilifeform i think he's thinking, basically, of divorce.
mircea_popescu: "this woman is not the woman i married"
Framedragger: no, wait, it's *you* who lost the key, not bob.
asciilifeform: Framedragger: describe, in this hypothetical, how my station key was stolen.
Framedragger: oh god.
Framedragger: i typed it into irc while sleeping.
asciilifeform: why you would not also type the 'master' key ?
mircea_popescu: so basically if master key annuls a key it is thereby annulled ?
Framedragger: i don't have a super-plausible scenario. i'm saying such scenario is possible; scheme used by tox can 'minimise damage' (i realise that it's a funny word when describing 'key stolen'); it doesn't, hence that complaint on shithub.
Framedragger: is end of story. not very interesting, yes
asciilifeform: 'i won't describe how an elephant could get to your garden, but your household is not equipped for gardening without this elephant repellent' ?
Framedragger: mircea_popescu: i don't think the discussion about say gossipd station keys vs 'main key' was necessarily finished? i realise that it ain't pretty
mircea_popescu: i dunno, go on ?
Framedragger: asciilifeform: they were already using a scheme which was supposed to protect it, but broke the spec, and implemented poorly. i don't remember but it's probably fixable without migrating to snakeoil or whatever framework
ben_vulpes: good crypto lib name
Framedragger: mircea_popescu: would love to but not tonight. is big topic!
Framedragger: goddamn tmsr timezones cockblocking muh sleep
asciilifeform: we definitely had the 'key revocation' thread.
asciilifeform: several times, even.
Framedragger: was it conclusive?
a111: Logged on 2016-08-23 21:44 asciilifeform: revocation is a ~promise~, in that there is not such a thing, and never will be such a thing, as a magical lever that instantly makes a key stop working.
mircea_popescu: well, as conclusive as it gets. see the gossipd design document comment section.
asciilifeform: the meaningful subset of 'key revocation' consists of solely those operations which you can do ~in your head~
asciilifeform: e.g., to decide not to make use of a particular key any longer.
asciilifeform: 'i will no longer include 1024b rsa keys in my ~/.wot' , for instance.
asciilifeform: or 'i will never again sign with my dsa key'
asciilifeform: but what you ~cannot~ do is to perform an operation in ~other people's heads~.
a111: Logged on 2016-08-23 21:41 asciilifeform: znort987: rather, yes, there was provision for it in the original openpgp spec, but it is a bogus concept because it entails a global repository of revocation messages and a universal agreement re what time it presently is.
pete_dushenski: https://github.com/paritytech/parity-bitcoin << new node software backed by f2pool, haobtc, and bitmain. because you're not cool if you don't have your own alt-trbf.
mircea_popescu: and sometimes not even if you do have it.
asciilifeform: pete_dushenski: shitlang bitcointrons ain't new, iirc even mike hearn had one
mircea_popescu: anyway, it's a funnysituation this, miners just can't stick to mining. gotta gravitate towards the flame. so what if ~only thing flame does is burn butterflies.
mircea_popescu: love knows no such worries!
pete_dushenski: i dun recall shitrons being published directly by miners but i may be forgetting one.
asciilifeform: pete_dushenski: for starters, gotta question the sanity of anybody publicly claiming to mine.
asciilifeform: ( and to keep in mind that there live man more liars than lunatics )
pete_dushenski: some moths haven't been burned before. like ever.
pete_dushenski: http://archive.is/unVPU << related (antbleed - bitmain). " We planned to add this feature to the code to empower customers to control their miners which often times can be hosted outside their premises. This was after more than one incident of miners being stolen from a mining farm or being hijacked by the operator of the mining farm"
pete_dushenski: "This feature was intended to allow the owners of Antminer to remotely shut down their miners that may have been stolen or hijacked by their hosting service provider, and to also provide law enforcement agencies with more tracking information in such cases. We never intended to use this feature on any Antminer without authorization from its owner."
asciilifeform: 'hijacked by the operator' lolwat?!!
asciilifeform: aaahahahaha
pete_dushenski: these are the people who 'should be more sane' but... aren't. quite clearly.
mircea_popescu: asciilifeform this happened at least two times i know of.
mircea_popescu: "operator" ie, kid actually on the grounds.
mircea_popescu: think "tech support" in mid sized corp.
asciilifeform: 'kid on site' could also pour petrol, and light match.
asciilifeform: what drm nonsense to cure this ?
mircea_popescu: hey, i am not defending their contortions, i am speaking as to fact.
asciilifeform: and let's imagine that mircea_popescu found remotely-detonatable mine in his mercedes, and astonished to learn that it was part of the ~factory~ standard kit, and answer from vendor was 'this was, ummm, here, umm, in case someone were to STEAL your auto, believe'
asciilifeform: ( laugh , but usg made this mandatory on, e.g., boeing !! )
mircea_popescu: there are some items that have charge on yu
mircea_popescu: iirc the "response bots" also.
deedbot: No messages were found.
asciilifeform: what's a response bot
asciilifeform: 'FOF' beacon ?
mircea_popescu: no, those police bot things
trinque: danielpbarron: looks like that one can't make it through with the current code.
deedbot: deeds online
mircea_popescu: in fairness, asc also rather wasteful for large files.
deedbot: http://trilema.com/2017/friday-was-a-good-day/ << Trilema - Friday was a good day.
asciilifeform: ocelots!!
BingoBoingo: Dark girls!
shinohai: Birds!
BingoBoingo: JAIL BIRDS!!!
shinohai is obsessed with birds
pete_dushenski: in related metaphysical sciences, "Multivariate linear regression analysis indicated that lifetime psychedelic use (but not lifetime cocaine use or weekly alcohol consumption) positively predicted liberal political views, openness and nature relatedness, and negatively predicted authoritarian political views, after accounting for potential confounding variables. Ego dissolution experienced during a
pete_dushenski: participant's "most intense" psychedelic experience positively predicted liberal political views, openness and nature relatedness, and negatively predicted authoritarian political views."
pete_dushenski: shinohai: lel i read 'bards' and thought 'shakespeare'
asciilifeform: pete_dushenski: this was the hope, when usg tried to package lsd as an artillery payload. 'ego dissolution'. didn't pan out.
deedbot: http://qntra.net/2017/04/purdue-university-bails-out-bezos-bezzle-bungle/ << Qntra - Purdue University Bails Out Bezos Bezzle Bungle
BingoBoingo: In the bung hole
pete_dushenski: asciilifeform: not for you!
pete_dushenski: for ~many~ i know in meatspace, worked like a charm, which is how http://www.contravex.com/2015/05/06/a-not-so-new-era-begins-in-alberta-politics/ came to be.
BingoBoingo: <pete_dushenski> participant's "most intense" psychedelic experience positively predicted liberal political views, openness and nature relatedness, and negatively predicted authoritarian political views." << Cocaine use positively correlates with an interest in having money
asciilifeform: pete_dushenski: elaborate. what, they were entirely sane prior, and heiled clitler there ever after the dose ??
pete_dushenski: BingoBoingo: though causal arrow impossible to draw
pete_dushenski: asciilifeform: this distinction hasn't been noted within individuals so much as between them. same as per this study afaict.
asciilifeform: 'get married, grow taller!'
pete_dushenski: 'listen to bach, grow smarter!' idem.
pete_dushenski: anyways, i thought it was being a ceo that made one taller
asciilifeform: it worx great; done in same clinic where they paint you black to lengthen cock
pete_dushenski: something about incidence of men >6'5" being <1% in general population but ~20% amongst fortune 500 ceos
BingoBoingo: Fortune 500 CEO's are hired to project appearance of dominance, not actually be dominant
pete_dushenski: asciilifeform: same clinic also sells 'dubs' for car. lead to whole 'dub culture' in early 2000s. deuce-deuces!
asciilifeform: i assume 'dubs' are the 'torpedo' you bolt to the boot, with the flames painted on ?
pete_dushenski: BingoBoingo: depends on the co.
pete_dushenski: or maybe it doesn't depend on the co.. if 'hired' then not founder, so...
pete_dushenski: asciilifeform: your wisdom of the streets knows no bounds :p
pete_dushenski: then again, steve j. was fired then hired.
asciilifeform: 'It is the most advanced and secure instant messaging protocol to date. This is why the designers got an award in front of a conference full of seasoned cryptographers and security engineers a week back for improving Real World Cryptography. ' << from turd in earlier thread. that thing is ~bottomless lulzmine.
BingoBoingo: <pete_dushenski> or maybe it doesn't depend on the co.. if 'hired' then not founder, so... << Fortune 500 usually rides on inertia rather than continued interest of founder in concern
asciilifeform: 'fortune 500' is approx as interesting as that other nomenklatura.
pete_dushenski: asciilifeform: one wonders what the attendees were seasoned with. salt ? paprika ? a dash of lemon zest ?
BingoBoingo: <asciilifeform> 'fortune 500' is approx as interesting as that other nomenklatura. << Hey, thanks to "Real World" cryptographers you too can walk the street wearing privacy invisible pants
asciilifeform was once sent, as 'industrial' non-talking delegate, to a lavish usg-hosted gathering of 'seasoned cryptographers'. it was mega-circus, iirc i described it in old thread.
a111: Logged on 2016-06-01 17:44 mircea_popescu: sure.
a111: Logged on 2016-09-08 17:31 asciilifeform: the #1 entry is gut-bustingly lulzy to asciilifeform , because i spend ~half year auditing a multilinear-map thing for $rupturefarm, and even was sent to a 'conference' where 'serious cryptographers' did not even blink when someone walked in with a proof that whole thing was crock of shit
asciilifeform: i dun recall any of these nongreen colours on the prophet's banner.
phf: asciilifeform: thanks for the ada updates, i was reading knuth's book 3 on arbitrary precision multiplication, so you're 20 steps ahead of me
asciilifeform: phf: the given algo isn't even 'adult', it's the old ancient egyptian one.
asciilifeform: but worx.
asciilifeform: ( for the given purpose )
asciilifeform: what i don't yet have is a fixed-time modular exponentiator.
phf: so my very very naive algo takes 120 seconds to expt 2345 to 5678
asciilifeform: apparently this might be an open problem, of sorts
phf: err 170s
phf: which i think should be considered a kind of upper bound (this is the most naive algo, without making it intentionally retarded)
asciilifeform: ( best mod exp algo i've found appears to be 'montgomery's ladder', but i am not convinced that it can be made fixed-time )
asciilifeform: phf: egyptian algo is , afaik, the simplest that's at all practical
phf: in related lulz Karatsuba and Ofman's "Multiplication of Many-Digital Numbers by Automatic Computers" doesn't seem to be available anywhere online, but "everyone" seems to know it somehow
asciilifeform: ( repeated addition is not exactly physically plausible for 64b, much less 8192b multiplicand..)
asciilifeform: phf: karatsuba's algo is in knuth
asciilifeform: ( and gpg )
asciilifeform: however it is unsuitable, because it branches.
phf: right, i figure as much from reading cmucl's source code (which uses k.)
asciilifeform: k incidentally died not long ago iirc
asciilifeform: was a titan of a man.
asciilifeform: ( karatsuba, that is. knuth afaik zombies along still. )
phf: philistine that i am, for a longest time i thought karatsuba was japanese..
phf: i.e. ka-ra-tsu-ba
asciilifeform: phf: https://archive.is/j4Lue >> 'Умножение многозначных чисел на автоматах' (1962), subj2
asciilifeform: hmm, cut off
phf: aah cheers
asciilifeform: anyway the pdf loads.
asciilifeform: phf: you will notice, i also 'de-optimized' some of the arithmetical functions, to help clarity.
asciilifeform: imho it does not particularly matter if generating rsa key takes a second, an hour, or an entire day.
asciilifeform: if rsatron becomes slightly more readable, and a dozen lines shorter, and less 'clever', and as result generating key takes two days instead of 1 -- i call it a win!!
phf nods
asciilifeform: observe also the 'mux', it is fundamental building block for nonbranching ops.
phf: vaguely related, all these papers that cite subj. i'm sure all these people have a copy in their private collection (the one they referenced when writing!!1), that they don't share out of copyright considerations and the respect for great scientist
asciilifeform: i bet most of these were simply never scanned.
phf: probably not. unless there's a djvu archive somewhere of "доклады академии наук ссср"
mats: http://btcbase.org/log/2017-03-21#1630579 << similarly, did amd mole get a red star for 'f00f' bug? ;)
a111: Logged on 2017-03-21 18:03 asciilifeform pictures intel mole getting 'order of wintel red star' pinned on his uniform
mats: relatedly - a trivia q i didn't know the answer to, until it was shared - what is the proper way to test for support for the cmpxchg8b instruction?
asciilifeform: mats: run it and see if trap? like any other oddball instr?
mats: allegedly some non-intel CPUs lied in CPUID, and some had MSRs to address but others didn't - some bios would set the MSR bit, and others wouldn't even when it was available
mats: the provided answer was - first test for Intel CPU with CPUID (so you don't trigger f00f) and then for anything GenuineIntel, run it and check for undefined opcode exception
mats: Transmeta and Rise processors both had issues with it
asciilifeform: i'd naively suppose that there are more 'cyrix' left in operation today than 'transmeta'.
mats: why did transmeta die? it predates my interest in computers
mats: i remember reading about it years after the fact, 'brightest minds' working on it and so on
asciilifeform: was a pretty typical 'brightest minds' tarpit, aha. 0 useful product.
asciilifeform: linus, involved, iirc. never mentions it today.
mats: hpa, paul allen, too. my impression is he didn't really do anything besides lend his minor celebrity to the org
mats: think he ported linux kernel to their chipset but no record of anything else
mats: made out like a bandit with those shares, i hope
phf: asciilifeform: hey, how's overflow supposed to work in your fz_mul?
phf: (i'm on train so might disappear)
phf: i'm doing 2345x1 on ffa(64*5, u64) and it's giving me overflow 1
asciilifeform: phf: paste whole routine plox?
phf: FZ_Set(A, 2345);
phf: FZ_Set(B, 1);
phf: FZ_Mul(A, B, R, Overflow);
phf: Dump(R);
phf: package Foo is new ffa(Width => 64*5,
phf: Word => Unsigned_64);
phf: use Foo;
phf: err
phf: Dump(Overflow);
phf: gives 929, 1
asciilifeform: 2345 = 0x929 ...
phf: correct, but why overflow
phf: (about to hit comm dead zone, be back in an hour or so, but will check log on hpone)
asciilifeform: actually this is a 'classy' bug, turns out
asciilifeform: does anybody want to try his hand at it before i post answer ?
phf: asciilifeform: i want to
phf: post tomorrow
deedbot: http://phuctor.nosuchlabs.com/gpgkey/229639940255F1BC2F610ECBCD63FEF5F5602846C6BADE6A6D2DF4E04882684A << Recent Phuctorings. - Phuctored: 1647...9399 divides RSA Moduli belonging to '163.20.131.4 (ssh-rsa key from 163.20.131.4 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (Unknown TW)
deedbot: http://phuctor.nosuchlabs.com/gpgkey/229639940255F1BC2F610ECBCD63FEF5F5602846C6BADE6A6D2DF4E04882684A << Recent Phuctorings. - Phuctored: 1422...7973 divides RSA Moduli belonging to '163.20.131.4 (ssh-rsa key from 163.20.131.4 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (Unknown TW)
lobbes: and thank you sir!
asciilifeform: http://www.nugae.com/encryption/index.htm << one of those rare, 1990s people-who-are-people .
← 2017-04-27 | 2017-04-29 →