asciilifeform: ^ or to program in cl without a button that evaluates the current set of parens your cursor is in

asciilifeform: (asking folks to, e.g., match parens or indent by hand is ~retarded~)

asciilifeform: i suspect that 99% of folks who think they 'hate lisp!111!!111' were created by the harmful delusion that any meaningful work can be done without emacs+slime or the exact equivalent

asciilifeform: http://log.bitcoin-assets.com/?date=14-08-2015#1237612 << if you think therealbitcoin without rotor is rough, you haven't tried common lisp without emacs+slime... ☝︎

asciilifeform: http://log.bitcoin-assets.com/?date=14-08-2015#1237609 << let me know if you discover either of these. i've always wanted. ☝︎

asciilifeform: (naturally it is a bit of a constricted subset of the language)

asciilifeform: regs only.

asciilifeform: (thingie which lets you build a c proggy for, i shit thee not, ~stackless+heapless~ machine. as in 0 bytes of addressable ram)

asciilifeform: phun phakt: 'romcc' exists. http://www.h-online.com/open/features/About-ROMCC-and-V3-746827.html

asciilifeform: go overwrite, aha.

asciilifeform: i'm also fond of cramming things in rom

asciilifeform: but yes, when this is physically possible, it is done. in any safety-critical system

asciilifeform: this saves you from leakage but not from corruption (you just trade heap overflow for stack if you fuckup!)

asciilifeform: the attempts of folks who tried to 'kill mem corruption in c' are a lulzmine of their own.

asciilifeform: for massage only.

asciilifeform: and not then, either.

asciilifeform: (see, e.g., 'cyclone')

asciilifeform: http://log.bitcoin-assets.com/?date=14-08-2015#1237496 << not without turning your 'c' into a 'half-finished bug-ridden reimplementation of ada' ☝︎

asciilifeform: 'you walked, anybody can walk' 'fine. go and walk back. through the same minefield'

asciilifeform: i try to explain this point to folks and nearly always fail

asciilifeform: mircea_popescu: ... upside of a sane approach is never "where it gets you", but always "where it didn't take you" << aha. precisely this.

asciilifeform: (rides on ghostscript. any box you run it on, you may as well use a traditional displayer)

asciilifeform: there is 'pdf2html' but it shits out a massive dir with html index and gif pages

asciilifeform: there may be others

asciilifeform: came with gentoo package 'pdfminer' iirc

asciilifeform: 'pdf2txt.py' on this box

asciilifeform more than content to wait to learn how to fly a carpet until he actually gets the carpet.

asciilifeform: mircea_popescu: i'd be delighted to learn how 2 is solved. but the full story can wait for 3 if you like

asciilifeform: gernika: precisely where it will sit, forever, until you patch it!

asciilifeform: mega-unsurprise

asciilifeform: e to wait for my physical jailbreak from usaschwitz..

asciilifeform: http://log.bitcoin-assets.com/?date=14-08-2015#1237481 << this is more difficult than mircea_popescu might appreciate. for one thing, i do hardware, where merely the ~fact of~ a usable hole existing is half the secret - once you say, credibly, folks know precisely where to look; the other half of it is that i am in the wot neither of folks buying nor of folks brokering; and the third 'half' is that any attempt at this will hav ☝︎☟︎

asciilifeform: http://www.thingaweak.com/wp-content/uploads/2008/05/switches_closeup.jpg

asciilifeform: not rocket surgery.

asciilifeform: if more patient still, wire it to a front-panel switch.

asciilifeform: (don't leave it floating, pull the stump to the supply rail (it is typically active-low. consult data sheet!))

asciilifeform: and snip the write-enable leg off.

asciilifeform: after that, a clever and patient man will take a pair of snippy-cutters

asciilifeform: and dispense with 'seabios' etc

asciilifeform: if you have a reasonably spacious (e.g., 8MB) eeprom, you can cram your favourite linux kernel right in there as payload

asciilifeform: and by 'run' i mean properly, honest-to-goodness run. with all the peripherals working.

asciilifeform: and virtually nothing with an even moderately recent intel - will.

asciilifeform: to this i will add that pretty much anything with an amd on it will run.

asciilifeform: re: earlier thread: http://www.coreboot.org/Supported_Motherboards#Motherboards_supported_in_coreboot

asciilifeform: mm.

asciilifeform wantz

asciilifeform: woah

asciilifeform: aha!

asciilifeform: !s кто ты по жизни

asciilifeform: 3) you can insert an arbitrary binary as payload. the most traditional payload is another item called 'seabios', which emulates typical pc bios and can even boot winblowz

asciilifeform: 2) the job of the thing is to init the box as quickly as possible and get the fuck out of the way

asciilifeform: 1) their www has a list of boards known to work (and ones that don't, with brief statements of ~why~)

asciilifeform: just about everything there is to say about it would fit in a paragraph... let's see:

asciilifeform: (complete with ncurses menuconfig)

asciilifeform: actually resembles 'buildroot' and the grandfather, naturally - linux kernel

asciilifeform: http://log.bitcoin-assets.com/?date=14-08-2015#1237476 << unlike, e.g., bitcoin, coreboot is deadly easy to build ☝︎

asciilifeform: ^ this change is unfortunately necessary.

asciilifeform invites somebody to try retesting a phuctored key, e.g., http://nosuchlabs.com/gpgkey/A627338D751C449EA54C0BA518ABCB2E215D939534F7D149C246EA9EA0D36279

asciilifeform: ^ one source

asciilifeform: !s trachtenberg

asciilifeform: aha then

asciilifeform: (digits)

asciilifeform: but a decent stage magician can do 3x5 mentally in a few sec.

asciilifeform: nobody cancelled abacus.

asciilifeform: (alternatively, vuln is kept alive for some nth-generation revised variant that never lost contact)

asciilifeform: where the old hosts still resolve to something working

asciilifeform: to 'magic' routes

asciilifeform: prolly reroute of traffic out of .ir at the backbone

asciilifeform: would be interesting to learn how it contacts the apparently-dead c&c boxes

asciilifeform: trinque: afaik, stuxnet ~still~ works

asciilifeform: (mircea_popescu's eternal question re: why do we have imbeciles programming computers is a valid but separate question)

asciilifeform: the less room for 'oops', the harder it is for scoundrels to masquerade as imbeciles.

asciilifeform: y'know, like they had in 1978.

asciilifeform: aaaaand i'm still a loonie for calling for, among other things, a cpu with hardware bounds checking.

asciilifeform: call to the new operator will truncate that value down to fit into a 32-bit integer, thus allocating an undersized buffer. Subsequently, chunk_size worth of data is read into this undersized buffer. Even if the value is truncated to 32-bits, the function will still read 0xFFFFFFFF bytes into the buffer, leading to a heap overflow...'

asciilifeform: 'For example, if a malicious MP4 is crafted with a chunk_size of 0x1ffffffff (notice this is larger than a 32-bit value) the faulty overflow check will be bypassed because chunk_size > SIZE_MAX. Next, chunk_size is added to size. If size is any value greater than 0, an integer overflow will occur. If, for instance, size is 1, the addition will result in a value of 0x200000000, which is larger than a 32-bit value. The following

asciilifeform: Run Moar Turdroid !

asciilifeform: 'Despite our notification (and their confirmation), Google is still currently distributing the faulty patch to Android devices via OTA updates.'

asciilifeform: 'In summary, the Stagefright disclosure process was an interesting one to observe. The (un)surprising outcome being that given all the exposure this vulnerability received combined with essentially infinite resources on the vendor side, effective security mitigations were still not deployed.'

asciilifeform: http://log.bitcoin-assets.com/?date=13-08-2015#1237379 << l0l! ☝︎

asciilifeform bbl.

asciilifeform: my entire blog, all ~7+ years of it, is about this.

asciilifeform: ^

asciilifeform: instead emulator (and, more often, its optimized sibling, virtualizator) is used to host ten thousand instances of lolcat server on one poor intel box

asciilifeform: but no such thing, of course, ever happened.

asciilifeform: what bug could survive

asciilifeform: imagine, i thought, what an advance, you can finally emulate a proper pc on itself

asciilifeform: when i was, decade later, we had proper emulator

asciilifeform: for instance, when my brother was a uni student and took 'operating systems', they were stuck testing on actual 486 and reboot, reboot, 500 times a day with precious little meaningful output

asciilifeform: illustration of overall direction.

asciilifeform: it is really a matter of 'malicious twerp will level more houses with bulldozer than with spade'

asciilifeform: but it isn't

asciilifeform: <mircea_popescu> well, specifically what triggered me was the proposition that "this man that is doing a bad job would do a better job weith better tools" << now, if it were simply a matter of strength and weakness, one could argue that 'more folks could dig well with bulldozer than with spade'

asciilifeform did all but two grades in the land of mordor

asciilifeform was always envious of his elder brother, who did all ten grades in the proper school.

asciilifeform: cn, like ru, has plenty of experience (which arguably neither ever fully recovered from!) of being ruled by foreign yoke

asciilifeform: usg tried to 'orange revolution', failed. tries again every day since.

asciilifeform: ag3nt_zer0: it matters to cn only in the sense that your body killing a particular bacterium you ate last night matters to you.

asciilifeform: (if you are specifically interested in cn matters, mandarin. if you just want to unplug from the idiot anglo cultural matrix, ru.)

asciilifeform: ag3nt_zer0: srsly.