asciilifeform: mod6: relax a bit. recall, my original vtron didn't even check hashes post-patch
asciilifeform: (given that no catastrophic braindamage, e.g. cyclic graph, is permitted)
asciilifeform: i'll point out that for so long as we have an agreed upon patch format, and can agree on a sigtron to use, with agreed pubkeys, 'each d00d has own vtron' worx fine
asciilifeform: again, i dun see why i should have to remove seals when i variant-wot
asciilifeform: at no point should the answer be a null set
asciilifeform: mircea_popescu: incidentally a vtron that has my 'origin' op, can check any tree for consistency simply by iterating over the files and running origin(hash_of_file)
asciilifeform: it's what my original vtron did (when in normal operating mode)
asciilifeform: mod6: you ought to be able to press variant-wots (say, mod6-only) without having to also remove patches mod6 did not sign from patches dir
asciilifeform: mircea_popescu: the current setup (with the patch.nickname.sig) is an artifact of the idiocy of pgp, where one cannot take the signature and extract a hash from it with which you can look up the patch from a manifest of patch hashes in O(NlogN)
asciilifeform: because eventually mircea_popescu et al will gripe about 'this is dog slow'
asciilifeform: ly Mail itself doing the censoring.' << this is not a necessary hypothesis, swedish mitm could easily smooth out the response times (by slowing, or, alternatively, caching, the victim site)
asciilifeform: 'If there's a middlebox in the Swedish ISP side (theory 1), we should see that HTTP 302 responses come back much faster than HTTP 200 responses, because a hypothetical middlebox will sit between the Swedes and upstream, and therefore may respond much faster than upstream. If there is no middlebox (theory 2) we'd see comparable response times for HTTP 200 and HTTP 302. Of course, no middlebox implies quite strongly that it's the Dai
asciilifeform: ftr it was definitely ben_vulpes who found $bug
asciilifeform: what archaeologists will say to this, i have nfi.
asciilifeform: they enabled 'shoot friend' mode (normally, 'friend or foe' beacon, would prevent.)
asciilifeform: when v. belenko flew his mig to jp, and gave it as a gift to usa, su army ended up installing 'belenko switches' in all combat aircraft, supposedly.
asciilifeform: i can see mircea_popescu's 'this is a car with 4 brake pedals, wtf is wrong with you' argument.
asciilifeform: mircea_popescu: this is not a pure win. for instance, some folx don't even ~keep~ a nonairgap signtron around. and now -- they would have to.
asciilifeform: how is a 'shitsign key' a 'use of cryptography' ?
asciilifeform: (and yes, you can have 'test1', 'test2', ... while there is only one 'wild'. but who the hell uses 'wild' for anything other than one-at-a-time test, of own code?!)
asciilifeform: so instead of '[TESTKEY]' it prints '[WILD]' -- big fat difference?
asciilifeform: anyway, the behaviour of having 'wild' button with red flip cover , that permits (and at all times, clearly marks, 'WILD') unsigned patches, or mircea_popescu's variant, where you gotta have 'test key' in .wot, are equivalent afaik
asciilifeform finds this thread somewhat confusing, is probably doomed to actually read mod6's vtron and comment only after.
asciilifeform: (would apply patch regardless of signed or not, if present in .patches)
asciilifeform: mod6: didn't you just recently discover that yours didn't even do the check?
asciilifeform: mod6: as i understand, trinque and mircea_popescu were taking the position that 'it is dangerous and useless to have an off switch for signature check'
asciilifeform: yes. because gotta piss in ~something~.
asciilifeform: and yes it is a 'flood reactor button'
asciilifeform: until then, i use the wild knob every day.
asciilifeform: when trinque posts his fixed patch util, it will be safe to remove this 'hair' from vtron.
asciilifeform: this is unacceptable for ~any~ purpose because it doesn't check precedent hashes !
asciilifeform: trinque: dutch had imho a correct observation, the greeks had no particular desire to be us, and would barf in about three seconds if they could meet modern folx
asciilifeform: afaik there is no ready pill against this . folks won't climb ladders unless prodded, and you cannot predicate the prodding on whether they seem to see the ladders or not.
asciilifeform: even the current thread in #mod6 , is possibly an example
asciilifeform: believe or not -- i have this problem with various people routinely.
asciilifeform: which is to say -- purely theoretically, in much the same way that my arse has a nonzero chance of falling through the chair, through the floor, and down into china
asciilifeform: and yes, 'greeks could have made tesla coil.' the same way that gavin can guess the bits in mircea_popescu's privkey
