167900+ entries in 0.1s
edivad: at
these
times porn industry should have generated enough pornstar name entropy
edivad: i could even
try with pornstar names
edivad: mod6: You need at least one UTF8 locale
to build a
toolchain supporting locales
edivad: do you mean with paper and pencil, and
then storing
the paper in some hole very distant from NSA eyes? mircea_popescu
edivad: in some random words
that can be converted into
the 64 hex original key
edivad: since i'm not yet capable
to remember my 64 characters hex private key,
there is a way
to convert it in a seed without decreasing
the security, and maybe being able
to memorize it?
mircea_popescu: yes.
there's isn't, nor is
there going
to be a way, manner, instrument or device
through which
to protect
the passive from
the active.
edivad: that's quite sad, but
there's nothing
that will stop
this general
trend
edivad: but you know, user friendliness is going
to fuck hard security perception of mainstream users
edivad: that's some good warning
that should be public in many places
a111: Logged on 2017-08-10 15:39 mod6: But wouldn't be a bad idea
to
throw it on
there in
the case where someone, decides
to use
the linked vdiff script, which uses diff.
edivad: using deterministic shit, I'm reducing
the entropy of my keys, correct?
edivad: so basically,
tell me if I'm wrong
a111: Logged on 2016-02-04 01:12 asciilifeform: why
the FUCK would i
edivad: >
the state-of-the-art among
thinking folk is
that pre-generated
tx are stored on paper and fed into a hot node when necessary
edivad: ok going
to check
the results
edivad: wasn't able
to learn because
those damn seeds have a last checksum word (that maybe is a perfectly ok security feature, but it cuts out manual experiments with dice)
edivad: because you know, with a bip 44 compliant seed, you
then generate your extended public key, and you can leave your dice in
the drawer
edivad: and one
thing
that i haven't learnt yet is how
to generate a bip 44 compliant seed with dice
edivad: but yes, asciilifeform, is very
time consuming if you need
to do repeatedly
edivad: i
thought
that dice was great for cheap and safe cold storage, if done it right
☟︎ edivad: so, back
to
the question, is
the fuckgoats device meant
to be, for instance, if i run a bitcoin service
that constantly need
to generate private keys, let's say, for example, for an hot wallet?
mod6: ok,
that /is/ a bit less steps, so a decent place
to start until you get
the hang of
the process.
mod6: edivad: are you doing
the online or offline build?
edivad: basically, i recently learned how
to generate private keys with a D16 + paper and pencil, and i
thought
that was a great way
to have low cost
true entropy
edivad: that maybe someone can answer later and i will check on
the logs
edivad: is now downloading again boost, meanwhile i would like
to ask some questions about
the fuckgoats device
edivad: i'm gonna leave
the actual dir for future forensics analysis when i'll be moar expert and now i'm going
to create another one
mod6: i would blow everything away and start over following exact instructions in
the howto
edivad: can i keep
the .wot folder?
edivad: under src or
the main?
edivad: going
to check on ubuntu where is located
shinohai: No in
the file CheckIncludeFiles under your cmake installation
☟︎ edivad: into
the makefile.unix under src?
shinohai: Find
the line: `CMAKE_CONFIGURABLE_FILE_CONTENT}\n\nint main(){return 0;}\n")` and put `void` in
the parentheses after int main()
mod6: yeah,
this looks like it might be something with your /etc/alternatives or something
shinohai: ^
That pthread issue I solved on Debian by going
to /usr/share/cmake and changing a line in CheckIncludeFiles.cmake
☟︎ jhvh1: asciilifeform:
The operation succeeded.
edivad: :) please
tell me
that
the solution is right around
the corner, like adding a CC=/path/to/something into
the makefile
edivad: but i really cannot figure out what i could
try before running again
the make command
mod6: yeah, it does not seem
to understand where 'c' is located.
edivad: since gcc is present i
think
that is some kind of env problem
edivad: so,
this is
the last error mod6
edivad: you know, a satisfacting
terminal
try & die
till everything works
edivad: i feel
that i'm very near of a succesful compiling of bitcoind, especially after
the update of
the guide
edivad: i promise
that
this will be
the last emergency
troubleshooting about
TRB
mod6: Ok, I
think it's better now.
mod6: Updated
the formatting
too.
mod6: But wouldn't be a bad idea
to
throw it on
there in
the case where someone, decides
to use
the linked vdiff script, which uses diff.
☟︎ mod6: my V doesn't use diff anyway, only patch, gpg, sha512sum, and wget -- and otherwise just standard shell
tools such as echo, mkdir, rm, cat, etc.
mod6: I
think it was patch, but yeah, maybe I'm mis-remembering
that.
shinohai: Yeah I forgot you had a guy with some sort of linux
that didn't have diff
mod6: maybe i aught
to add 'diff' on
that list. it is inexplicable
to me
that it wouldn't be
there, but
then again, lol.
mod6: Thanks for
taking a look shinohai
mod6: Hi, I've updated
the howto, it's not "finalized" yet. Please
take a look and let me know if
this doesn't read quite right, or if I've left something out:
☟︎ PeterL: oh, and I was
trying
to make
the functions more general, avoid putting in magic numbers as much as possible
PeterL: ah, originally I had it written
to allow user
to change key sizes,
that is a holdover just in case
a111: Logged on 2016-08-18 12:32 mircea_popescu: asciilifeform since we're on
this btw,
the way i want
tmsr-rsa key generation
to work is as follows : a contains a number of entropy bytes specified by user in
tmsr-rsa.conf read whenever
tmsr-rsa.conf specifies (such as urandom); b contains a base-tmsr string specified by user. c = base-tmsr(a).b ; p = nextprime(cut(sha512(c),257)) ; process is repeated for q = nextprime (cut(sha512(c'),258));
mircea_popescu: PeterL + padlen = min(keya.l, keyb.l) - 1 # make sure
that
the strings will not overflow
the key mods << i don't get it, why do you have variable length keys ?
mircea_popescu: (and in any case,
this is also a major improvement over gpg, which realloy only uses 2^16, and worked ok in
the field for many years)
mircea_popescu: a cheap improvement would be
to write down also
the LZW compression ratio.
mircea_popescu: are you
trying
to say
that since
there's only 2^32 possible values for
the crc, it
then follows
that 1 in 4bn will match ?
mircea_popescu: if you're asking "what is
the probability of a 4000 bit string being randomly generated so it matches an arbitrary crc32",
the answer is you know, 1 in infinity.
mircea_popescu: crc checks
that
the string is
the same now as it was when crc was originalyl computed
PeterL: not
trying
to catch changes,
trying
to catch random string accidentally passing
the check
mircea_popescu: this is what crc does : for blasts up
to its size, 100%. for larger blasts, proportionate.
mircea_popescu: PeterL if your string is 250 chars,
there is 0 probability
that an up
to 32 bit setcion being altered in any way will not be caught up
PeterL: also, my question re crc32 yesterday, I meant
to say: given a (random) string of 250 chars, what is
the proability
that (random four byte string) will pass
the crc32
test? which I
think is just 1/256^4
mircea_popescu: once implemented, "theft" dropped like 90%. which is more
than any usgstani effort has, or ever will do.
mircea_popescu was a major, and in fact for a year or so
the only proponent of encrypted wallets for btc.
mircea_popescu: i expect at least one's own history should be kept encrypted
to a key of his.
PeterL: at
the moment
there is no securing of data.
that would be something
to add before battlefield use.
mircea_popescu: PeterL is
there any security contemplated for
the data, such as i dunno, encrypt
the lists of peers / keys / history etc ? or simply a case of "fuck you secure your machine" ?
mircea_popescu: if
the machine is on and i'm long dead, am i online cuz it pings ?
PeterL: the idea would be
to ping everybody, and have an option for wther or not you respond
to pings