tmsr - Search: a

190900+ entries in 1.386s

mircea_popescu: kakobrekla totallyput a \n after otps

assbot: Request successful, get your OTP: http://w.b-a.link/otp/08d27186c6ed6b39

assbot: You rated user assbot on 12-Apr-2014, with a rating of 1, and supplied these additional notes: Nice ass & face bot..

assbot: Request successful, get your OTP: http://w.b-a.link/otp/f4c7a7785fd43f96

kakobrekla: whats next, a nuclear sub delivered 2 days before your order while paying you 500$?

asciilifeform: if i want to change keys, i should have to specifically sign a message to that effect.

mircea_popescu: do as a batch

mircea_popescu: can't hurt. leave all these for a 2nd version down the road.

assbot: You rated user kakobrekla on 03-Mar-2013, with a rating of 5, and supplied these additional notes: too much stuff to list. inquire within..

assbot: Request successful, get your OTP: http://w.b-a.link/otp/5fcd835b15264557

assbot: Request successful, get your OTP: http://w.b-a.link/otp/9493f77dcc359a13

assbot: Trust relationship from user assbot to user mircea_popescu: Level 1: 1, Level 2: 27 via 27 connections. | http://w.b-a.link/trust/assbot/mircea_popescu | http://w.b-a.link/user/mircea_popescu

assbot: Trust relationship from user kakobrekla to user mircea_popescu: Level 1: 5, Level 2: 47 via 31 connections. | http://w.b-a.link/trust/kakobrekla/mircea_popescu | http://w.b-a.link/user/mircea_popescu

assbot: You rated user mircea_popescu on 16-Dec-2012, with a rating of 5, and supplied these additional notes: good fella.

assbot: Request successful, get your OTP: http://w.b-a.link/otp/d625cacf59990e9f

assbot: Request successful, get your OTP: http://w.b-a.link/otp/1f7f6d235233d678 ☟︎

asciilifeform: ';Urko is a dog. Urko is one of my best friends. Urko is a fantastic dog becoz sometimes..... Urko SPEAKS! Urko is very timid and only speaks to me...and not always...urko only speaks when both,urko and me,we start to smoke that rare cigarretes that urko has. Then urko start to speak a lot of :) and we stay all night speaking,smoking and seeing films orplaying trivial pursuit,or coding,or doing a lot of things :)'

artifexd: I will pause coding to read "Malicious Crypto" and finish the course. I'll report back when I'm done and made a decision re: golang's crypto libraries.

mircea_popescu: nono it was a course, you were supposed to email your results

assbot: 1 results for 'pollard rho' : http://s.b-a.link/?q=pollard+rho

mircea_popescu: asciilifeform you got a link to that hacking course thing that was crypto oriented ?

asciilifeform: artifexd: well-thumbed copy of this right here on my desk. beautiful book, if you skip all the parts that must have been thrown in to give it a sensational/saleable 'seekoority' flavour (vignette about h4xx0rz shuffling floppies around in ch.1, mostly)

asciilifeform: artifexd: i recommend a particular monograph, 'malicious crypto' by a. l. young & moti m. young.

mircea_popescu: even if you use rsa-only keys, you can rsa-encrypt a message so that it's easier to break but still decryptable by destination.

mircea_popescu: artifexd not to be taken lightly this. a lot can be compromised in gossipd crypto.

artifexd: How could the crypto routines be compromised in a way that would matter? Weak key generation? gossipd doesn't generate keys. Weak rng during encryption? I pick the rng (and can offer an option for you to supply your own). Encrypting a message with an "extra" key so peet can read it? That should be easy to see in the code.

mircea_popescu: seems a reasonable approach tbh, but generally people should free to use whatever they wish to use.

mircea_popescu: if i pick a barber i don't go by the straight razor brand.

asciilifeform: someone still remains here in #b-a, of such a habit?

asciilifeform: and fella uses a winblows box for daily life ?!?!

mircea_popescu: well ok, sure, but still. i dun see the problem, so b-a guy wants to play with go. his choice, his signature, why is this an issue.

asciilifeform: it wasn't around in '89. won't build on a vax.

asciilifeform was simply floored with mindfuck that anyone would choose google's turdlang for a piece of critical infrastructure, and could not resist ringing the bell ☟︎

mircea_popescu: well so why do you want him to also write it in c ? go is a better choice neh ?

asciilifeform: i'll run own client. (will tweak it for compatibility with the rest of you, when i have a little time.) and invite anyone who wishes, to read.

asciilifeform: it isn't simply an 'other language', it's a massive toolchain created and maintained by a usg satrap.

asciilifeform: it didn't even occur to me that anyone would write such a thing in anything other than c

mircea_popescu: davout let's keep the drama one strand at a time

mircea_popescu: well you know it occurs to me it'd be a lot more productive if you go in early with a "hey, could it please be c ? i would like to run this on mips" discussion than a late paniucwhen guy picks whatever he happened to pick.

asciilifeform: as discussed a few days ago, i recently installed a mips64 router.

mircea_popescu: so c is a gnu proprietary language ? what's a proprietary language ?

asciilifeform: mircea_popescu: it's a google-proprietary language similar to 'd.'

asciilifeform: what are you developing on? a vax ?

asciilifeform: 'go' is a turd that i will not have on my systems.

asciilifeform: davout: 1) his gizmo is in 'go', a google-proprietary turdlang 2) he's using its built-in crypto routines 3) if you don't like this, have fun waiting 300-500msec/packet using the shell-callout

davout: "later add the option do the crypto via a shell out to gpg"

artifexd: <asciilifeform> speaking of which, did artifexd follow mircea_popescu's prescription and use a hacked gpg for 'gossip' ? << No. I'm using go's openpgp code. However, I'm structuring the code so that I can later add the option do the crypto via a shell out to gpg. Then you can use whatever version of gpg your heart desires.

mircea_popescu: so... what do you mean not everybody on the internet is a dumbass ?

davout: they kind of think that some random guy that never heard about bitcoin will be thrilled to receive a fraction of a cent in magic internet money, redeem it, and start spreading adopshun

mircea_popescu: also, if they never hear a dissenting opinion ever again that'll be soon enough.

asciilifeform: the part that's puzzling is - a classical cargo cult has 'the airplane flies', or an analogous prayed-for outcome

asciilifeform: or is it a kind of chumpatronic acid trip, like lotteries

asciilifeform: what is with reddit and the 'tipping' thing? is everyone 'roleplaying' a waiter, a bootblack ?

assbot: It's Easy To Call Us A Tiny Minority When You Engage In Vote Manipulation | Qntra.net ... ( http://bit.ly/1udziRn )

mircea_popescu: http://qntra.net/2015/01/its-easy-to-call-us-a-tiny-minority-when-you-engage-in-vote-manipulation/#comment-7446

teward: mircea_popescu: please don't force me to sit through a 4 hour lecture on my own state's history without some distraction >.>

mircea_popescu: teward you are aware this place has a history and so on, right ? read it and all ?

MetatronOne: mircea_popescu> unrelatedly : today i find that prior to 1820 or so, hawaii was all-nude, and that the proper an' traditional hula dance is to be done without panties or other apparel. | woah. what a way to ruin it!

PinkPosixPXE: morning ben_vulpes .. sorry, I got pulled into a meeting hehe

mircea_popescu: well, depending of what you actually need to sign, never putting your signed matter over the wire unencrypted can help a lot.

joecool: but i will continue to read on this and see if i can come up with a better way to handle it

mircea_popescu: and inasmuch as you're a person rather than an organisation, "forced coercion" is really not very much use.

joecool: an adversary with large resources will likely be able to get around that through forced coercion before even needing to try to attack the implementation (which I still believe would be a nontrivial task unless the system had a rootkit installed that maliciously generated signatures, that i would see on the counter)

joecool: mircea_popescu: there are two major problems with this implementation that i see. both are problems the cardano solves, 1. the system knows it's a smartcard and malicious software could use it, and 2. weak entropy generation for signing

mircea_popescu: nobody ever said "if i'm ever in a fire i'll have bigger problems than this tiny fire hydrant can solve"

joecool: if i needed to protect from a 3-letter agency i'd have bigger problems than the shortcomings of a smartcard

mircea_popescu: cazalla not particularly. unless you either have exclusivity, a scoop or actual documents,

asciilifeform: speaking of which, did artifexd follow mircea_popescu's prescription and use a hacked gpg for 'gossip' ?

cazalla: i use to cover the company A raises X amount of capital but have been skipping them as you could really just word replace the amount and company name from a previous article and be done with it. does anyone actually care about such things and wishes to see them?

joecool: i can't do a static build

mircea_popescu: it's a huge no-no. you can't go into afterlife anymore.

asciilifeform: do they give a damn re: being eaten? now pigburial may be another matter.

asciilifeform: e boards; and for back-up, deep in all their hearts, there were always the Nukes, they loved to remind you that we had some, “right here in-country.” Once I met a colonel who had a plan to shorten the war by dropping piranha into the paddies of the North. He was talking fish but his dreamy eyes were full of mega-death.'

asciilifeform: 'That night I listened while a colonel explained the war in terms of protein. We were a nation of high-protein, meat-eating hunters, while the other guy just ate rice and a few grungy fish heads. We were going to club him to death with our meat; what could you say except, “Colonel, you’re insane”? … Doomsday celebs, technomaniac projectionists; chemicals, gases, lasers, sonic-electric ballbreakers that were still on th

cazalla: talk is cheap! make them illegal, be a doer like bill gates

mircea_popescu: i have half a mind to do it anyway.

undata: asciilifeform: I guess I'm speaking as a guy in his 20s

undata: no one with a brain

undata: this pot legality thing is just another american political football. no one ever had trouble getting weed, nor passing a drug test. its a distraction issue.

MetatronOne: well just saw it, had a lol

pete_dushenski: which should conceivably always be cheaper than a whole hoard of congressmen

pete_dushenski: a yes

asciilifeform: 'My suggestion was quite simple: Put that needed code number in a little capsule, and then implant that capsule right next to the heart of a volunteer. The volunteer would carry with him a big, heavy butcher knife as he accompanied the President. If ever the President wanted to fire nuclear weapons, the only way he could do so would be for him first, with his own hands, to kill one human being.'

assbot: Vamos a morir Todos ; III guerra mundial - ForoCoches ... ( http://bit.ly/1KQUNSu )

pete_dushenski: i already broke into the b-a lordship in 2014 so...

mircea_popescu: herpy-derp an' a bottle of rum... well not rum. ginger ale.

pete_dushenski: "look mom, i made a straight line to infinity!"

mircea_popescu: "The reason for doing this is that we can better reason about the output of a CSPRNG; by contrast, it is difficult to reason about the output of the entropy source." << gotta love the sweet innocence on display here tho.

kakobrekla: <mircea_popescu> well whos the guy ? < fuck if i know. i just made a bet he wont reply, but he did. iirc.

pete_dushenski: apparently donald sterling is a bit of a trend setter

pete_dushenski: a yes, where that *other* very bad racist joo is trying to sell the basketball team

thestringpuller: hey look a pete_dushenski

assbot: Go ahead Jim Prentice: raise taxes in Alberta and see if by 2025 the province isn’t an economic shithole like Quebec and Ontario. | Contravex: A blog by Pete Dushenski ... ( http://bit.ly/1C81kEe )

pete_dushenski: http://www.contravex.com/2015/01/16/go-ahead-jim-prentice-raise-taxes-in-alberta-and-see-if-by-2025-the-province-isnt-an-economic-shithole-like-quebec-and-ontario/ << what good is a blog if you can't take a run at local politicians, amirite?

asciilifeform: (how and why it works is a primary school level mathematical proof. i recommend that anyone unfamiliar with it, try to derive)

jurov: but these people nave a need to construct such reasoning

asciilifeform: von neumann's balancer is not a whitener.

jurov: Thus, it is possible to say that the resulting device is at least as secure as a CSPRNG, but, since we have a constant stream of new seeds, we can be confident that it is actually a better source of random numbers than a CSPRNG that is seeded less frequently.

assbot: 15 results for 'whitening' : http://s.b-a.link/?q=whitening

jurov: The output of the conditioner is then fed into a cryptographically secure pseudo-random number generator (CSPRNG). The reason for doing this is that we can better reason about the output of a CSPRNG; by contrast, it is difficult to reason about the output of the entropy source.