asciilifeform: Chillum: at present there is no chance of a 'civilian' stumbling upon 0.5.3.1 and putting it to use

asciilifeform: Chillum: http://trilema.com/2013/how-to-airgap-a-practical-guide << good starting point

asciilifeform: Chillum: try to deploy a self-signed thing commercially and be buried in whines from idiots whose browsers flash red.

asciilifeform: Chillum: even this - improvement. because you control the keys.

asciilifeform: Chillum: if you are presently living in a one-bit universe where the only two choices for hotwallet control are ssl and plaintext - first you have to consider moving out of that universe and into a neighbouring one, where there are other choices

asciilifeform: Chillum: were you speaking of a 'hotwallet' ?

asciilifeform: bitcoind ?

asciilifeform: api of what ?

asciilifeform: let's take it in pieces. plaintext of what ?

asciilifeform: Chillum: but if you are interested in actually learning something, try to understand how we reached this particular conclusion

asciilifeform: Chillum: you can run feathercoin on tops-10 for all we care

asciilifeform: ^

asciilifeform: mircea_popescu: no but did read the table of directorates circa 2003 (see log ~6mo ago)

asciilifeform: mircea_popescu: 0days live in the 0day directorat.

asciilifeform: mircea_popescu: 0day isn't a cryptodirectorat affair

asciilifeform: mircea_popescu: valued ?

asciilifeform: Chillum: did you also sleep through, e.g., 'stuxnet' having a perfectly legal ssl cert ?

asciilifeform: Chillum: we have a 'read the fucking source before you build and run it' warning, does that count ?

asciilifeform: Chillum: if you worked in security, did you sleep through 'heartbleed' ?

asciilifeform: Chillum: i am the one who cut the ssl idiocy from therealbitcoin's bitcoind. and i did it for reasons which had nothing to do with memory footprint (we did not have an embedded device project yet)

asciilifeform: ^

asciilifeform: Chillum: you may live on a planet where plaintext is the only alternative to ssl, but here on the third rock from sol there are other cryptosystems

asciilifeform: Chillum: why do you not consider the existence of the master keys a vulnerability ?

asciilifeform: ( http://mobile.nytimes.com/2015/03/29/magazine/inside-americas-toughest-federal-prison.html?from=promo&_r=0 )

asciilifeform: 'When he was returned to Springfield four years later, after slashing his wrists and writing “American Gulag” in blood on his bedsheets, the doctor wrote, “Considerations that [Powers] has some form of psychosis, thought disorder or mental illness are unfounded.”' << mega-l0l

asciilifeform: ^ if it had cameratron (see earlier thread) we'd have more to laugh at than a torn box.

asciilifeform: why hurry.

asciilifeform: collect for a while.

asciilifeform: !s xor lemma

asciilifeform: Chillum: if you can predict wave from turbulent flow (e.g., water faucet) don't settle for small change. aeronautics and naval folks would like a word with you.

asciilifeform: Chillum: ever play http://www.loper-os.org/bad-at-entropy/manmach.html ?

asciilifeform: pick up radio << interestingly my early-1990s 'gravis' stood head and shoulders above modern pc in this respect

asciilifeform: 'It had an airport, railway and dungeons. Most of Pingfang was burnt by the Japanese to destroy evidence but the incinerator where the remains of victims were burnt remains and is still in use as part of a factory.' -- pediwikil0l

asciilifeform: not around here. nobody cancelled the traditional pull-down cage

asciilifeform: exactly the mouse

asciilifeform: http://solutions.3m.com/wps/portal/3M/en_US/Window_Film/Solutions/Markets-Products/Residential/Safety-Security_Window_Films << the 'break-in attempt' film is a mega-l0l

asciilifeform: 'own goals' are not uncommon in usa

asciilifeform: decimation: american security paraphernalia usually presumes owner is home with shotgun

asciilifeform: (traditional in usa)

asciilifeform: and wouldn't it be in a sense counterproductive? as in, burglars will often themselves glue film to windows before breaking them, to silence the sound

asciilifeform: so he break & then cuts with knife ?

asciilifeform: aha like in car.

asciilifeform: mega-expensive

asciilifeform: ah 'lexan' replacements

asciilifeform: why even have a window if covering in opaque armour

asciilifeform: no, brick in the widow

asciilifeform: and if foil in window, why not brick?

asciilifeform: bulletproof foil? made of what?

asciilifeform: wai wat

asciilifeform: if a house, with glass windows, etc. and not a vault - probably wasted money.

asciilifeform read the mit guide and did the exercises like everybody else

asciilifeform not mega-lockexpert

asciilifeform: decimation: did, at times

asciilifeform: Chillum: this has been known to the public for months, to me for years, and to #b-a for at least a year and a half.

asciilifeform: this can be used to narrow key class.

asciilifeform: but because of the known relationship between bit N and N+k

asciilifeform: incidentally, i will use this occasion to point out that prng is not deadly because enemy can somehow get the exact bits again

asciilifeform: nubbins`: the number 3 is very random by same token.

asciilifeform: for all we can tell.

asciilifeform: could be avalanche. could also be marsaglia seeded with phase of the moon.

asciilifeform: no?

asciilifeform: means that one understands

asciilifeform: understanding'

asciilifeform: and manufacturer has one of the worst histories of stonewalling and fraudulently 'open' source of any.

asciilifeform: Chillum: it is not know for a fact to be anything other than prng

asciilifeform: aha rare.

asciilifeform: but other than that - sure

asciilifeform: only trouble spot is the rng

asciilifeform: (go delete that.)

asciilifeform: and system logs.

asciilifeform: they are good for printing onetimepads.

asciilifeform: happen to own one myself.

asciilifeform: i like thermal printers.

asciilifeform: Chillum: what is in the box ?

asciilifeform: classical gambit - fuck a goat, folks will forget that you also fuck babies and guinea pigs

asciilifeform: i meant, not merely the seal, but the trivially bent box (as shown in film linked earlier)

asciilifeform: http://www.contravex.com/2014/07/17/proof-that-mycelium-knows-how-to-make-a-better-rng-for-its-entropy-dongle-and-isnt << pete's summary

asciilifeform: mircea_popescu et al : i would almost dare to suggest that the idiot seal was a deliberate smoke grenade to distract from the idiocy of the 'mycelium' produce itself

asciilifeform: 'keep honest man honest'

asciilifeform: mass produced seals, sold commercially, are approximately as useful as the lock on a typical home door

asciilifeform: note also the 'pouch' quite large enough for a passenger car

asciilifeform: this includes customs inspectors (who are supposes to stay the fuck away)

asciilifeform: (set off the thermite)

asciilifeform: if threatened

asciilifeform: su diplo couriers would also hit the Big Red Button (TM) on the crate

asciilifeform: and shoot to kill

asciilifeform: by vienna convention (1815 iirc) diplo couriers are permitted to treat any attack upon their cargo or person as an act of war

asciilifeform: incidentally

asciilifeform: diplomatic mail has carried items as large as entire tanks

asciilifeform: Chillum, Adlai : 'pouch' is a misnomer

asciilifeform: are known for a fact to have traveled in diplopouch

asciilifeform: nukes, even

asciilifeform: plenty of folks

asciilifeform: Adlai: go send coke and plutonium over pgp

asciilifeform: it is not difficult to dissolve and bond paper.

asciilifeform: envelope has other side, edges

asciilifeform: (after having cut the original crate open on the end opposite)

asciilifeform: Chillum: unless the seal encloses the entire package, all you need to do is recreate the box and reattach the seal.

asciilifeform: in the linked example, no one had to even build a second box - original opened and closed undamaged.

asciilifeform: Chillum: very hard to reproduce the identical swirls << l0l. you don't need to reproduce the seal. only the box.