110900+ entries in 2.49s
pankkake: can'
t wait for your mining IPO
dexX7: then you can'
t rate me, nubbins`
Tom_Servo: n'
t S.NST shares supposed to be released today?
davout: don'
t think it'll actually change anything, because their service is kindof niche and payments are processed manually, but the hype potential is over 9000 :D
Vexual: there must be something im missing, i don'
t even fully understand bitcoin when im sober, im not too proud to say
mircea_popescu: don'
t piss off btc or else you may not have two codes left standing together.
gecko_x2: but this post doesn'
t mention coins as i'm thinking
dexX7: i don'
t think i fully get it
dexX7: hmm.. but isn'
t the collection of pointers to the parts more or less similar to passwords or a key?
gecko_x2: there is one thing that hasn'
t been mentioned at all after the snowden case
gecko_x2: i don'
t even think gpg keys are the future
pankkake: though we have a small garden… it doesn'
t get much light so not sure it would work
nubbins`: but that doesn'
t really matter, depending on how badly you want one
nubbins`: if the grocery store isn'
t going to take your gold for payment, you can have as much of it as you want
pankkake: Namworld: can'
t pay cash, have to provide ID card
nubbins`: you're saying you don'
t want your possession of gold to be known to the govt in case they demand that you surrender it to them?
pankkake: don'
t want the tax man to show up at my house one day to ""buy"" them
nubbins`: why don'
t you want gold buys to show up on your bank records?
pankkake: And I certainly don'
t want gold buys to show on my bank records anyway
pankkake: anyway, I like their advanced market orders, I haven'
t seen that elsewhere
pankkake: hehe, me too. and since I only want to buy, I don'
t want it to go up that much :)
nubbins`: i don'
t think i've seen that size of a buy order before
kakobrekla: >Apparently the people at Bitstamp aren'
t just thieves, they're incompetent too. If you signed up for API access back when they were using account passwords for API authentication (i.e. before "API keys") you can still withdraw your BTC via the "old" API from an unverified account. Not sure if this works for the new API too (never used it).
fractal: man, those poor bastards who haven'
t got their BFL singles yet...
mircea_popescu: wasn;'
t there some cheapo clone of mpex at some point ?
fractal: MP, the fact that 1 year wasn'
t 2 years is just a trivial detail
turbo_ac100: "the last" doesn'
t refer to the last increase, i.e. 20% -> 24 % and so on but rather "the last" difficulty as in ;;diffchange will be > 20%
mircea_popescu: fractal i don'
t have a choice, im passive in the matter.
mircea_popescu: yeah, something like, "I want to hire X guy, give him a work permit". "we won'
t, because X guy could be replaced by local labor" "stfu"
dub: fyi, you don'
t need to even enter the US legally (transit) to be required by them to unlock and decrypt anything you are carrying
jurov: i admit that. but doesn'
t look very different to me
jurov: oh and the real reason why i don'
t get the issue with fde, is that you imply attackers have access to memory and that implies the machine was on or was shut down just minutes ago
nanotube: what's this "the attack vector" you speak of? haven'
t we agreed that there are multiple? :D
Bunnyh: is it any easier to explain why have you encryped partitions but don'
t actually know what's in there?
jurov: the logic is, such an powerful adversary doesn'
t really need the data, they have them from other sources, just metadata are OK to use against you
jurov: then if you are unable to decrypt it, won'
t help you much
mircea_popescu: i mean i get it, it's lazy cvasisecurity. grand. may work well in many cases. i don'
t want it in my airgapped machine.
nanotube: your diskload also contains a bunch of stuff you didn'
t encrypt
nanotube: mircea_popescu: sure, if you didn'
t happen to use gpg in the session, you're fine. and actually, gpg could be 'really good' at not caching pw in memory, thanks to gpg-agent being purpose-built to handle thing securely. cf this paper: philosecurity.org/pubs/davidoff-clearmem-linux.pdf
mircea_popescu: otherwise we're back to yadda yadfda, you can'
t say faith healing doesn'
t work.
dexX7: yada yada.. i think you simply can'
t say "this one sucks, the other one is the way to go".
mircea_popescu: without going into all the ways truecrypt is broken and etc, which i don'
t feel i have the energy for
☟︎ Bunnyh: suppose i didn'
t decrypt my disk in the current session?
mircea_popescu: ok, let's make it simple : do you agree that in order for your system to be safe it has to be powered down, whereas for gpg to be safe it doesn'
t have to be powered down ?
nanotube: you can'
t just 'steal my comp and have all my data'
nanotube: mircea_popescu> nanotube if i get your "full disk encrupted" pc i can full disk decrypt it. if i get your gpg'd stuff, good luck to me. <- you are missing a crucial step. you don'
t just 'get my fde comp and got everything'
mircea_popescu: nanotube and as to "use both" : the point of science, any science, is to isolate what works from what doesn'
t and exclude the latter. this is why dentist treats your teeth his way rather than recommending you "also use shaman method".
gecko_x2: and he doesn'
t have to fear anymore
nanotube: whereas with full-disk encryption, you don'
t have to worry about that bit.
dexX7: thus "full disk encryption ... that as of yet does not work" is somewhat incorrect imho. lame analogy: "passwords don'
t work, because you can install trojaner/keylogger"
KRS-: Gubment issued vagainas would solve a lot of problems..but can'
t speak for the quality of them, I mean look at gubment cheese.
mircea_popescu: "si no cocino, no como" > if i don'
t pork, i don'
t come.
naemsi: and havelock made some noise about a big announcement coming which doesn'
t sound good.
mircea_popescu: activemining isn'
t worth anything. him i have no idea, who runs it ?
naemsi: well, it was two questions. I'm thinking to get out of HIM before crackdown, but don'
t know if anything concrete came out of activemining yet (I'm not on top of the news).
mircea_popescu: i can'
t believe someone's even asking about that still lol.
pankkake: what estimation? aren'
t you confusing it with asicminer?
mircea_popescu: anyway, the point you bring isn'
t without merit in any case.
mircea_popescu: sadly ips aren'
t impossible to fake, either, especially by a locakl attacker
mircea_popescu: well, IPs are difficult to fake. domain names not so. this is a thing of the internet, i didn'
t make it that way
_Neil: And surely you wouldn'
t suggest that the only way to use bitbet safely, even assuming it were safe, is for users to screw around with host files on their machine.
mircea_popescu: this is a point. the problem with
https is that it doesn'
t REALLY deliver that end to end promise.
_Neil: Unless something's end-to-end encrypted I can'
t really trust it. It's that simple. It's not my job as an honest person to figure out how to break it. I know it's been done many times.
_Neil: No not really. Avoiding HTTPS just for the ability to claim it's unnecessary isn'
t really a goal.
mircea_popescu: (i swear i haven'
t changed it since, but maybe you got a messy page ?)
nubbins`: amazing. you'd think it wouldn'
t.
[\]: it can'
t end with amazing.
mircea_popescu: as prev discussed, those things are mostly a teaching tool. the same reason you don'
t race cars made out of legos, you don'
t use the openpgp smartcard for actual security.
bgupta: Only issue I see with opengpg/gpg smartcards is that although the latest spec supports 4096bit keys, the current shipping devices don'
t..
jurov: if it's big then actually you don'
t need fees anyway
jurov: i had fun when i accumulated dust from faucets (although then they paid ~0.001/day) and realized i can'
t spend it without exorbitant tx fees
jurov: isn'
t it wonderful such a thing (airgapped mpex acct) is fully feasible?
mircea_popescu: in unrelated news, i taught this girl to cook. she loves the power this gives her, so she tries to cook everything now. so for instance can'
t find halva ? "maybe i'll try cooking some!"
jcpham: jurov kakobrekla doesn'
t kick people for allcaps ragin
gecko_x2: My VISA CARD ISN'
T WORJING UUUH HUUH
mircea_popescu: or in the immortal words of the devil himself, "He gives man instincts. He gives you this extraordinary gift, and then what does He do, I swear for His own amusement, his own private, cosmic gag reel, He sets the rules in opposition. It's the goof of all time. Look but don'
t touch. Touch, but don'
t taste. Taste, don'
t swallow. Ahaha. And while you're jumpin' from one foot to the next, what is he doing? He's laughin' Hi
ThickAsThieves: it's due to shallow thought, most people don'
t attempt to think more than a layer or two deep on things
mod6: mircea_popescu: yeah. some ideas just sound great and seem like amazing harmless solutions. but yah, stuff doesn'
t work that way.
mjr_: the key is to speak spanish, but also be able to look like you don'
t speak spanish
nubbins`: (which isn'
t REAL africa, but i digress)
nubbins`: if i didn'
t know a word, i'd just say the french word with a spanish accent
mircea_popescu: nubbins` i don'
t book anything. i jsut land, go to the local university, find the english dept
nubbins`: but there's nothing better than travelling to a country where you don'
t speak the language
mjr_: i don'
t like beaches and stuff