107400+ entries in 0.056s
diana_coman: I don't quite follow why is server concerned with client's stock of X keys? client can request new keys, burn
them, do whatever it wants as it decides how often it wants new keys
mircea_popescu: X keys only ; R key is one. and server is concerned because if it has no client X keys, it can't send, and if
the client has no server X keys,
the server can't receive.
diana_coman: I don't quite follow why is server concerned with client's stock of R keys? client can request new keys, burn
them, do whatever it wants as it decides how often it wants new keys
mircea_popescu: diana_coman, in any case strictly speaking,
the helo as we spec it does not include R pubkey ; whereas in practice it actually must. but read
the whole blob,
this is better compiled htan parsed.
diana_coman: possibly
the "register account" vs "authenticate"
mircea_popescu: that's what i mean,
this is kinda
too fluid and i suspect it's because somewhere in my head i conflate
two
things.
diana_coman: ah, you mean
the same but just id vs no id?
diana_coman: the idea was
that if client loses all his X keys, he can send a hello message again
mircea_popescu: diana_coman, well,
two kinds of helo, yes ? when initiating a connection ; and when initaitng an account.
a111: Logged on 2018-04-17 16:50 mircea_popescu: at
this juncture, server knows "someone" claiming
to be A initiated a connection. it should
therefore send X(answer) back, where X uses a key
that S knows A should have, on
the basis of previous comms.
diana_coman:
http://btcbase.org/log/2018-04-17#1801027 --> uhm, for starters
this is not correct; initial hello is meant for....initial, no "previous comms" wtf; server needs
to reply not with X(answer) but with R(answer) and yes, it needs
to know
the public rsa key of
the account;
the creation of accts is still a bit in
the air as server needs
to get somehow
the public key
☝︎ mircea_popescu: now obviously,
this approach wouldn't be nearly as useful for dynamically linked clients ; but i deem
the fact
that it puts
the security incentive on dumping dynamic linking a very good
thing.
mircea_popescu: (one could object, "it's pointless
to attempt
this, hacked client can just replace magic string", which is
true, but nevertheless client can still binary audit his item and see / login with a special, known-good string-test-only client and see what he should be. ie, client can bootstrap himself out of
the fakebox produced by a hacked binary.
mircea_popescu: the reason for
this is
that games are eminently a domain where people share binaries, a matter of fact established both from general and minigame's own experience. obviously in
the sane world of source sharing, v is
the correct solution. but if people are going
to share binaries,
this seems like
the only available approach.
mircea_popescu: now here's a question on which i'd very much like
to hear a lordship oppinion. so,
the model currently contemplated for eulora includes a bit whereby
the server has
to be
told by
the client a magic string, and will report
this back
to
the client on demand, "here's what you
told me you are".
the idea is
that
the client can
then sha his binary, and see if
the strings match.
ascii_lander reporting live from... inside
the cage. fixed
the raid oops on smg box; nao partitioning it & copying dulap's gentoo
mircea_popescu: also important,
third question : should
the client be permitted
to generate X keys for
the server ?
mircea_popescu: now subsidiary for all
this : server should generate a batch of X keys and send
them
to
the client every
time its store of either S or C X keys drops under a certain value. it's
therefore
the client responsibility
to make sure
there's enough keys in store if it doesn't want
to pay for key generation. now, what should
this
threshold be ? 3 ?
mircea_popescu: like
this, server must not lose its R privkey and clients must not lose
their R privkey , but pubkeys of all
these can be safely lost, and X keys don't matter at all. seems altogether safer and less friable.
mircea_popescu: if instead we made it rely on R,
there'd be great benefits. consider
this alternate model : C : R(hi,
this is C.R.key) S : R(here's some X keys for me and for you) C:(actually i'd rather you use
these X keys for me).
mircea_popescu: which
then runs into
the obvious problem
that i had been chasing all
this
time : client's R key has
to come earlier in
the flux. how about
the rule
that all hello items sent
to
the server are either a) encrypted
to a pre-existing X key or else b) contain a R key ? ie, our helo is not correct as specced.
mircea_popescu: actually, let's make
this clearer, it's ambiguous as it stands. C : hello ; S : new account, here are some X keys you can use
to decrypt and some X keys you're required
to use
to encrypt ; C : here's my R key [and here are some X keys i'd prefer
to use].
mircea_popescu: this is
then
the eulora future login handshake : C : hello ; S : new account, here are your keys ; C : here's some keys of mine.
they can now continue indefinitely, just as long as nobody loses all
the keys.
mircea_popescu: so implementations MUST keep at least a local and a server X key at all
times ; doing otherwise is === deleting
the account.
mircea_popescu: now, if B wants
to update his X.keys with
the server, he sends
them X'd with one of
the existing S keys. meaning, again,
that if B manages
to lose all S's X keys, it lost
the account.
mircea_popescu: if A fails
to respond, S will close
the connection, practically meaning
that A can't claim
to be A unless he keeps some X keys about. which is something A-implementers must be aware of.
mircea_popescu: at
this juncture, server knows "someone" claiming
to be A initiated a connection. it should
therefore send X(answer) back, where X uses a key
that S knows A should have, on
the basis of previous comms.
☟︎ mircea_popescu: diana_coman,
this is
too fluid
to fix in a comment, and i'd rather have it here
than in #eulora. so : let's call eucrypt.serpent X and eucrypt.RSA-OAEP R. now, 1. client wants
to log in, R(hello) -> S[erver].
spyked: well, I didn't say it *doesn't* have an OS. just
trying
to figure out what
that is :D
mircea_popescu: what, your no-op example is not
trivial, but my no-os example is ?
spyked: aha, found nothing on hardware and software specs. mircea_popescu, if it's any similar
to
the calculators I had as a kid, it might not even have any software (all calculator logic implemented using gates)
mircea_popescu: the confounding factor here is pantsuitist outlook, whereby some retard (the user) regards self as meausre of all
things and imagines all vectors start from him, and
therefore in his boneheaded approach
to
the world, "general purpose os" means something about him. it fucking doesn't, a general purpose os isn't one joe schcmucktoe can put on a stick and carry around and "it'll work on all computers he encounters".
mircea_popescu: because in
the former case,
the VARIOUS gposen would still be in fact different from each other.
mircea_popescu: it all comes down
to WHAT is
the special purpose. mind
that
the direction
the bitcoin node os is
taking is
towards ~special purpose hardware~.
this is very fucking different, whether you have special purpose hardware run by general purpose osen, or whether you have ibm at clone consumershit emulated into republican sanity by usg's flaour of special purpose os.
spyked: mircea_popescu, I don't see a fundamental problem with special-purpose os (which is why I mentioned "bitcoin node os" as one,
though it *could* in principle be implemented as a particular instance of a general-purpose os). embedded hardware (e.g. requiring
timing constriants) is full of
them.
mircea_popescu: whereas
the one user one box
tmsr approach sticks with
the general purpose os philosophy, and expects spurious color-of-bits considerations
to be implemented in
the realm in which
they belong -- if you want
to own
the bits own
the box,
there shall be no legislating here.
mircea_popescu: and perhaps worthy of noting here,
that
the "trend" "emerging" from usg's own "computer security" roadside act cum flea circus, is
towards special-purpose os. because
that's what
they mean by "security".
mircea_popescu: spyked, perhaps another useful heuristic is
the authority problem. if
the specification of a user program CAN include a MUST statement, quo warranto ? if "the os",
then it is not general purpose.
mircea_popescu: spyked, cleanly ie, simplest bijective. 1. all items in A are represented in B ; 2. all items in B have an underlying in A ; 3.
there is no simpler relation in any case.
a111: Logged on 2018-04-17 15:05 mircea_popescu: if however
that os runs on a no-op single instruction cpu,
then it is absolutely general purpose.
spyked:
http://btcbase.org/log/2018-04-17#1800949 <-- could also be a
turing-capable cpu
that exposes
the instructions natively after
the program is loaded.
the important part was re what
the os itself exposes (or not, in
this case) and how
this relates
to "makes no assumptions about P"
☝︎ spyked: anyway,
this
thread put
together should make for a decent follow-up piece, i'ma get
to it
tomorrow.
spyked: so,
taking anotehr shot at
this definition: a general-purpose os is an os
that cleanly exposes hardware
to user programs, without making assumptions about
the latter. it's still not immediately clear
to me what "cleanly" means, but
this'll have
to do.
trinque: aaaand 10-12% packet loss inside
the dc
mircea_popescu: yes. gotta keep your
tits close
to
the chest and
the sharpie firmly up butt.
mircea_popescu: you don't understand
the game of world politics and international intrigue of
the web! you're supposed
to not
tell
things!
THERES
TERRORISTS OUT
THERE.
trinque: heh
that guy
the other day might've mentioned he was getting kbps!!!
trinque: ckang: no, I'll have
the deedbot keys pulled down in an hour;
they'll
then be able
to withdraw, whoever can't
ascii_lander: but
this is at
the cost of 'hey i'ma eat a video card'
BingoBoingo: I just kinda forgot petrocheese was a
thing with
the real stuff here
BingoBoingo: Until alf arrived I had been
taking
the cheese versus petrocheese gulf for granted
mircea_popescu: alf
the beedog happines = long walks + icecream stops.
ascii_lander: mircea_popescu: i'ma actually headed
to
the smg box shortly
mircea_popescu: ben_vulpes, sooo, did you send login details
to douchebag ? what do
these cost in
the end ?
mircea_popescu: then either phf or someone else can
turn
that
text-only client into a webservice.
ascii_lander: trinque: out of curiosity --
this is in a heathen dc ? usa ?
trinque: kind of a wonder it's working at all under
these conditions
trinque: going
to reboot
the deedbot box; getting about 10kbps out of
the
thing currently.
mircea_popescu: ped a "userland package" at all points in its existence,
there's no substantial difference between "the office suite" and "windows +
the office suite".
mircea_popescu: the jury is still out, as far as i'm concerned, on whether
the os
that loses control of a machine is still an os, meaning it's not altogether clear
to me
the basic-whatever combo
they had at
the
time actually constitutes an os. but
the problem FUCKING ISNT
the naive perception at
the
time, "oh, it didn't hjave icons
to click like windows 3.1". windows 3.1 was not an os ; nor was any other windows product an os. microsoft ship
mircea_popescu: (fun facts for
the recently born : 1. most old zx-80 clone programs were games, whether you count by
titles, or by
total cpu
time, or any other way ; 2.
they did not return (mostly because
to make a good one you had
to fuck
the kernel space,
that zx80 shit was
tight), you pressed
the reset button
to load
the next item on
the
tape.
mircea_popescu: god knows i have enough
trouble as it is remembering what i ate yesterday, if i also had
to remember what i was wearing while doing it we could just call it quits.
mircea_popescu: exactly how medicine does not consider whether you were fashionably dressed at
the moment of symptoms,
to establish whether your sartorial ineptitude maybe upset Sartrus,
the god of suits.
mircea_popescu: ines, and
through
this separation allows complex, YET STILL SENSIBLE apparata be aggregated.
a111: Logged on 2018-04-17 09:05 spyked: call, "exit(code)", which allows P
to return control
to NOP-OS, so
that
the user can load another program P'. same question here.
mircea_popescu:
http://btcbase.org/log/2018-04-17#1800914 <<< how it manages user interfacing is not even a consideration here. whether it returns control via pushing
that specific-sounding button on
the back left like
the old
tim-s ; or whether it has a software call implemented is irrelevant. not from a gui/ux perspoective, of course, but
this is
the fucking point of systems design as a discipline :
that it does NOT consider other discipl
☝︎ mircea_popescu: but instead, it would be a particular-purpose os, "for
those cases when
the user wants
the machine
to not be 3 degrees from freezing".
mircea_popescu: if you modified it so it checked whether
the machine
temperature is within
three degrees of freezing and did not expose
the no-op in
THAT case,
then
thereby it would be a general purpose os no longer
mircea_popescu: if however
that os runs on a no-op single instruction cpu,
then it is absolutely general purpose.
☟︎ a111: Logged on 2018-04-17 09:05 spyked:
http://btcbase.org/log/2018-04-16#1799861 <-- I dun fully grasp
this, so bear with me for a moment. suppose
the following (imho no-nonsense)
thought experiment: say we have an os, NOP-OS,
that works as follows: after initialization,
the os loads a (user-provided) program P;
the NOP-OS interface exposes
to P exactly one system call, "no-op", which does nothing and returns. is
then NOP-OS a general-purpose OS? say we add another system
mircea_popescu: so what's
that mean,
that
they were both riding dinosaurs into combat, big deal.
mircea_popescu: ascii_lander,
to a large degree who said what in early church history is a cockularity poontest.
mircea_popescu:
http://btcbase.org/log/2018-04-17#1800909 << wasn't, no. and yes,
the
ti-89, sure. or my ancient citizen solar powered item which i haven't seen for 15 years at
the least but which was revolutionary for its
time and literally worked by degrees -- if you obstructed
two of its cell it could still slightly power
the screen so it did.
☝︎ shinohai: BingoBoingo: overvalues firm / overvalues
the firm ?
BingoBoingo: asciilifeform's sense of wonder here has been good for
the moral. Been learning quite a bit here.
spyked: call, "exit(code)", which allows P
to return control
to NOP-OS, so
that
the user can load another program P'. same question here.
☟︎ a111: Logged on 2018-04-16 15:22 mircea_popescu: whereas
the proper definition of "general purpose" is
the one mentioned, "which makes no assumptions about
the userland".
spyked:
http://btcbase.org/log/2018-04-16#1799861 <-- I dun fully grasp
this, so bear with me for a moment. suppose
the following (imho no-nonsense)
thought experiment: say we have an os, NOP-OS,
that works as follows: after initialization,
the os loads a (user-provided) program P;
the NOP-OS interface exposes
to P exactly one system call, "no-op", which does nothing and returns. is
then NOP-OS a general-purpose OS? say we add another system
☝︎☟︎ mimisbrunnr: Logged on 2018-04-16 15:12 mircea_popescu: i suppose at work might be a confusion between what-some-idiots-might-be-thinking-retroconstructed-on-the-flimsy-basis-of-how-they-behave, where "general purpose os" means "the sprinkle of magic
turning
the computer from a computer
to anything i want it
to be, which is
to say a
tool
that magicvally works for any purpose i might come up with, especially
the nonsensical and self-contradic
a111: Logged on 2018-04-16 15:20 mircea_popescu:
the best example i can
think of is
the code on
the old handheld calculators.
THAT is a general purpose os : it makes no assumption about
the downstream, merely fully, cleanly and directly exposes
the hardware.