195100+ entries in 0.116s
pete_dushenski: shinohai: lel i read 'bards' and
thought 'shakespeare'
pete_dushenski: in related metaphysical sciences, "Multivariate linear regression analysis indicated
that lifetime psychedelic use (but not lifetime cocaine use or weekly alcohol consumption) positively predicted liberal political views, openness and nature relatedness, and negatively predicted authoritarian political views, after accounting for potential confounding variables. Ego dissolution experienced during a
☟︎ trinque: danielpbarron: looks like
that one can't make it
through with
the current code.
mircea_popescu: hey, i am not defending
their contortions, i am speaking as
to fact.
mircea_popescu: asciilifeform
this happened at least
two
times i know of.
pete_dushenski: these are
the people who 'should be more sane' but... aren't. quite clearly.
pete_dushenski: "This feature was intended
to allow
the owners of Antminer
to remotely shut down
their miners
that may have been stolen or hijacked by
their hosting service provider, and
to also provide law enforcement agencies with more
tracking information in such cases. We never intended
to use
this feature on any Antminer without authorization from its owner."
pete_dushenski:
http://archive.is/unVPU << related (antbleed - bitmain). " We planned
to add
this feature
to
the code
to empower customers
to control
their miners which often
times can be hosted outside
their premises.
This was after more
than one incident of miners being stolen from a mining farm or being hijacked by
the operator of
the mining farm"
mircea_popescu: anyway, it's a funnysituation
this, miners just can't stick
to mining. gotta gravitate
towards
the flame. so what if ~only
thing flame does is burn butterflies.
a111: Logged on 2016-08-23 21:41 asciilifeform: znort987: rather, yes,
there was provision for it in
the original openpgp spec, but it is a bogus concept because it entails a global repository of revocation messages and a universal agreement re what
time it presently is.
mircea_popescu: well, as conclusive as it gets. see
the gossipd design document comment section.
a111: Logged on 2016-08-23 21:44 asciilifeform: revocation is a ~promise~, in
that
there is not such a
thing, and never will be such a
thing, as a magical lever
that instantly makes a key stop working.
Framedragger: mircea_popescu: would love
to but not
tonight. is big
topic!
Framedragger: asciilifeform:
they were already using a scheme which was supposed
to protect it, but broke
the spec, and implemented poorly. i don't remember but it's probably fixable without migrating
to snakeoil or whatever framework
Framedragger: mircea_popescu: i don't
think
the discussion about say gossipd station keys vs 'main key' was necessarily finished? i realise
that it ain't pretty
Framedragger: i don't have a super-plausible scenario. i'm saying such scenario is possible; scheme used by
tox can 'minimise damage' (i realise
that it's a funny word when describing 'key stolen'); it doesn't, hence
that complaint on shithub.
mircea_popescu: so basically if master key annuls a key it is
thereby annulled ?
Framedragger: no, wait, it's *you* who lost
the key, not bob.
mircea_popescu: asciilifeform i
think he's
thinking, basically, of divorce.
Framedragger: the idea is
that your key was not stolen while attacker had root access
to your box.
Framedragger: if scheme works as it should, you get a signed message from bob and you know it's bob who sent it
to you.
Framedragger: i do not believe in "single key"
thing.
there is main-key. but you can have station keys. which can't format hdd.
that's slippery slope
Framedragger: so if you have your friend bob's key and bob writes you "dude key stolen wtf", you know
that shit went down. but now, attacker can be 100 bobs, with 'signed messages' or whatever,
telling you "no don't listen
to
this impersonator not-bob, you're fine"
Framedragger: it's not an algo, i was referring
to a possible fix of a further bad-thing
that happens when key stolen. bad-thing is: once your key stolen, attacker (in
that broken
tox scheme) can impersonate as *anyone* *to* you.
Framedragger: no,
there is no such
thing, i said it's social. but hold on:
Framedragger: it's not deterministic, it's not guaranteed, it's pretty crap, yes, but given
the option?..
Framedragger: could just be a social
thing, someone literally using your key
Framedragger: (what if it's a station key? what if you wanted
to be alerted of 'key stolen!')
trinque just surfing
the republican vortex
mircea_popescu: trinque
the hole stuff is eerily apt for
the article i'm just brewing.
a111: Logged on 2017-04-28 21:25 Framedragger: ^ interesting
thing re above, note, your key
thief can impersonate anyone *to* you, not impersonate *as you* -
the latter is contained in "thief" and is unavoidable. but
the former is avoidable.
a111: Logged on 2016-12-11 21:24 asciilifeform: for instance, p code is required
to first
thing put on
the stack 1) how many p-instrs are permitted 2) how many bits wide
the fixints are
a111: Logged on 2017-04-28 21:14 asciilifeform:
the cost of using an item
that does not fit in head, is essentially
the cognitive equivalent of curl liquishit | bash .
a111: Logged on 2016-12-11 21:09 asciilifeform:
trinque: it is a very simple
thing,
think 'rpn calculator' and you almost have it.
Framedragger: right, right, i should have known (you had mentioned
this). cool :)
Framedragger: (re. else, later, moving self. but just a quick note re
turing complete, well yes a bignumtron should not in itself be
turing complete, but i wasn't sure how much additional stuff was planned on
top)
trinque: I remember
the church derps used
to say
things like "there's a god-shaped hole in everyone".
The homoeroticism of
that aside, does appear
that
there's a "metaphysical domination" shaped hole in most folks. looks like
this when nobody in your land bothers
to stick it in.
Framedragger: ^ interesting
thing re above, note, your key
thief can impersonate anyone *to* you, not impersonate *as you* -
the latter is contained in "thief" and is unavoidable. but
the former is avoidable.
☟︎ a111: Logged on 2017-04-28 20:49 Framedragger: because of openssl or because of
this abstraction?
Framedragger checks clock, 10pm,
tilts head, office space, mk
trinque: nor ignorant in general, but ever wanting
to
think
the best of people, eh?
Framedragger: i just
thought, asciilifeform's bignumtron is probably not even
turing complete yes? if it's not,
that *a big plus*
mircea_popescu: well, maybe. i'm not really able
to evaluate a framework rightnao.
Framedragger: but
then
that whole ecosystem may need
to die before
there is good in
the world.
mircea_popescu: (predict : i know what it will do in
the future ; understand : i know what it is doing now ; recover : i separated it from what it did in
the past.)
Framedragger: mircea_popescu: well, you're right, damn. looking at list of
thing signal gives
though, it's just clean functions for doing crypto. i dunno. i
think in
the case of
tox, its crypto may actually map well
to noise, in
the sense of
them being able
to just use stuff
that noise provides, and not reimplement same shit in broken fashion
mircea_popescu: but
to return upstack : if i can't enumerate
the states of my machine, i will
thus
therefore worry about it ending up in a state i can't predict, understand or recover.
this is rational.
mircea_popescu: even more directly : every kid who ever
tried maintaining a machine, be it linux, bsd, anything, knows very directly
the problem with
this framework
thing. apt-get is guess what ? a package framework. what's its principal function on anyone's machine ?
that it imports packages you a) didn't want or need and b)
turned out vulnerable.
ben_vulpes: current
thinking in re
testing dumper is
to solo mine and
test but
that's a not-small pile of
test harness
to write