tmsr - Search: " T"

208600+ entries in 0.133s

asciilifeform: and no, no connection, it dies in the manner described

asciilifeform: same crapola, repasted 10,000 times on www

Framedragger: oh, did mp's client connect to server before, without autossh etc? need to confirm fingerprint

Framedragger: some suggest to try with stock openssh server, to see if same happens. anyway, curious if sshd_config on your end has custom knobs (e.g. prefers one crypto format over another), but i guess the whole thing's a timesink

asciilifeform: 'no, increase the mtu!' ☟︎

asciilifeform: 'reduce the mtu on your nic!'

asciilifeform: searching for this, yielded up megatonne of voodoo 'trythis!' idiocy

asciilifeform: and all permissions set correctly, key sitting right next to the others (that work), etc.

asciilifeform: Framedragger: his ssh client mysteriously barfs when connecting to my sshd. (though nominally same versions..)

asciilifeform: Framedragger: nothing to do with keys ☟︎

Framedragger: tbh that log snippet in that post (http://trilema.com/2017/how-i-almost-created-a-constellation-of-bitcoin-nodes/), "evidently new ssh is needed altogether" reads a bit like "oh i need to generate ssh key for this to work? well fuck ssh, obvs it's a pos."

asciilifeform: this imho is why there is moar at stake than only a mechanized hawalatron.

asciilifeform: i suspect that 'greybeard' holdouts, taleb et al, who 'bitcoin is a fad, will go into the sands of time, snoar' are on a sound logical footing, 'every OTHER attempt to combat massed stupidity has ultimately fallen, nuked by OurDemocracy, and the more brazen the assault, the quicker' ☟︎

Framedragger: then again, it'd be a more powerful filter to deter stupid people.

asciilifeform: it is in the empowered whinerism. ☟︎

asciilifeform: the damage is not in the mutated frogs, or the two dozen dead firemen, no.

Framedragger: i can see re. precedent tho.

Framedragger: 'cause comparing to chernobyl...

asciilifeform: folx with ~actual~ wealth (vs, say, usg payola, a la sv derps) tend to be ~very~ risk-averse when it comes to storage.

asciilifeform: it could quite easily go to where the lisp machine went.

asciilifeform: and 'dead bitcoin', esp. if it dies on enemy's terms, would imho be a technogenic catastrophe, quite comparable to, e.g., chernobyl. ( not for mircea_popescu 'i'm rich anyway, fuck everyone' , and not for other folx, who might not even have any; but for the concept of 'gold sans the guard labour') ☟︎☟︎

Framedragger: sorry for making you repeat things.

asciilifeform: ( what ~can~ be done is to build a thing that could function in place of a dead bitcoin. ) ☟︎

Framedragger: i won't insist - you're right, we've already just had that chat on #b-a

asciilifeform: Framedragger: at the risk of repeating old thread : there is no way to 'replace bitcoin with trbi'. it isn't a thing that can be done.

a111: Logged on 2017-02-28 13:38 asciilifeform: to wind it up, the casks algo is asciilifeform's attempt at the 'high vacuum pump' from earlier -- to get the max possible removal of something-to-allcomers element , to the extent possible without running an entirely closed wotronic system (and consequently turning into visa or swift)

asciilifeform: ( http://btcbase.org/log/2017-02-28#1619996 see thread. ) ☝︎

Framedragger: ..which means that the latter should be dropped eventually, i guess (but then cue my question 'why not just work on trb-i if no compatibility with heathen prb network')

asciilifeform: (and on the edges of the graph, you're stuck talking to heathens unless mining were somehow brought into the fold)

asciilifeform: for so long as the nodes actually 'serve all-comers', they can be enumerated.

Framedragger: i think it makes sense, thinking of the future, to eventually move to a model where there is no 'public trb node ip list'.

asciilifeform: at any given time, a few of these are ddosed.

Framedragger: asciilifeform: btw regarding bitcoin, sure re. 1000 machines but if/when there's only 15 or however many trb nodes....

Framedragger: heh that's why for logging i proposed http://fd.mkj.lt/stuff/irc_logging.txt which includes some 'hidden' nodes. but, fleanode and irc are leaky and the whole 'cloaking' thing is snakeoil.

asciilifeform: ( it is, for instance, impractical to ddos -- at least in the usual packet flood sense - 1,000 machines. or it would be the preferred form of attack against bitcoin, which it is not )

asciilifeform: if instead your box is an octopus of ip, and none of the clients have any business knowing ~all~ of the tentacles, the concept dissolves.

Framedragger: aha, good stuff, i guess the point is that this kind of ddos is *easy*.

asciilifeform: this went on for, iirc, a year or so, then got tired. ☟︎

asciilifeform: Framedragger: in the old #bitcoin-assets days, there was a bot, that idled under (afaik still unknown) names, and would target ddostron (used vulnerable konsoomer router 'upnp' for udp amplification) at anyone who logged in without using fleanode's 'cloak' feature (i.e. had visible ip).

Framedragger: yeah, good stuff, thanks ISPs

Framedragger: ah right, that, too.

asciilifeform: BUT you in many cases ~do~ know that a given packet could not have originated from the supposed return addr.

Framedragger: well if you're the first hop..

asciilifeform: well unless you are a telepath, you don't know 'actual source'

asciilifeform: Framedragger: it would not exist if it were not for silently complicit isps that route forged packets

asciilifeform: Framedragger: 'amplified udp' refers to egregiously idiotic konsoomer appliances that send N udp packets 'back in reply' in response to 1 incoming. which of course has forged return addr.

Framedragger: (one day i'll dup up logs why tae fuck mircea_popescu allegedly filters out udp by default)

asciilifeform: the important thing is to throw tcp straight into the shitcan where it belongs.

asciilifeform: if rejecting udp spamola -- then != udp's. etc

asciilifeform: if masquerading as, e.g., dns crapola, becomes important, then can set udp's

Framedragger: ah, you mean in that sense - sure.

Framedragger: suresure, so maybe can choose to fuck (2).

asciilifeform: folx can use whatever protocol number they want, so long as other end knows it.

asciilifeform: Framedragger: remember, we aren't usg, don't have to STANDARDIZE FOR ALL TIME!!!111

Framedragger: also, ip packets with custom proto number would (1) stand out more easily to enemy, and could be more easily filtered out (vs. udp header with rng-data within) - see how chinese firewall blocked tor bridges etc etc; and (2) i'm sure quite a few appliances would filter them out by default (like how they filter out icmp, etc.)

asciilifeform: ( and skip the cost of the cpu ring switching )

asciilifeform: if i did, i'd stuff whole thing into the kernel.

asciilifeform: no i don't want to throw away what little separation linux provides.

asciilifeform: Framedragger: this is the raw device thread again, isnnit.

Framedragger: asciilifeform: can you not use raw sockets (with some kind of linux cap to allow program to open them without root), defining udp-like struct within? (i'm sure performance tuning may not be easy, i mean to achieve same level of optimisation as in kernel stack)

asciilifeform: ( but to make alt-udp you gotta patch the kernel. ) ☟︎

asciilifeform: so as to be able to make a box that silently drops garden-variety udp spamola, if any comes

Framedragger: aha. it's funny this little difference is 'forgotten' in most tutorials etc. heh.

asciilifeform: nothing is reserved per-packet other than the buffer where you put it (which is normally the same buffer for each incoming packet)

asciilifeform: Framedragger: on just about any reasonable unixlike, you can receive udp at the rate your nic can dish'em out

Framedragger: yes that i know, but you still gotta reserve things to parse things...

Framedragger: i'm sure it's less than that especially as you don't need to save state/session info

Framedragger: asciilifeform: hm, sure. (and i forgot about arbitrary RSTs by anyone in the path which destroy the session, heh.) do you know how the resource allocation compares to udp in a typical (say, linux kernel) networking stack?

asciilifeform: ( you gotta reserve memory, for state, and cpu cycles to handle the socket )

asciilifeform: Framedragger: the problem with tcp isn't simply that enemy can insert an RST packet and make you blame your peer. (and whitelists do 0 against this.) but that it is very expensive , computationally, long before you have any idea who you're talking to. ☟︎

Framedragger: (this is just to juxtapose topics of trb and gossipd for a second and to maybe show why some folks really like the lighthouse idea) :)

Framedragger: mircea_popescu: re. blackholing and to be alf-pessimistic for a second, node is exposed to risk of being blackholed as long as it uses TCP; because not only can enemy make it read packets (unavoidable in the end it seems), but there may be ways to making it send packets back. ☟︎

asciilifeform: not so many of these.

deedbot: http://phuctor.nosuchlabs.com/gpgkey/5430D04B21F3EE28C51D7E1867FF1BCCBE4E8BF96D45617959BA1E68E225521B << Recent Phuctorings. - Phuctored: 43 divides RSA Moduli belonging to '67.49.219.148 (ssh-rsa key from 67.49.219.148 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (cpe-67-49-219-148.socal.res.rr.com. US)

mircea_popescu: fixt thanks

mircea_popescu: heh <li> rather than </li>

deedbot: http://trilema.com/2017/how-i-almost-created-a-constellation-of-bitcoin-nodes/ << Trilema - How I almost created a constellation of Bitcoin nodes

asciilifeform: ACHTUNG, panzers! ben_vulpes , trinque : dulap is back.

asciilifeform: ACHTUNG, panzers! ben_vulpes , trinque : trb node at dulap will be unavailable for next ~hour .

mircea_popescu: eh, im sure there's 500

ben_vulpes: actual tx in question: http://mimisbrunnr.cascadianhacker.com/blocks/455604#5da9e054f81716ff54fefa10fae3c025685faf5170d1b270b3384a3406d781e0

a111: Logged on 2017-03-03 17:25 asciilifeform: ( https://blockchain.info/tx/5da9e054f81716ff54fefa10fae3c025685faf5170d1b270b3384a3406d781e0 << typical example of tx spamola, in recent few blox. and yes i'd rather link to mimisbrunnr but it does not seem to have linkable tx knob presently. )

mod6: ok. i think we've got something we can work with. :]

trinque: sounds pretty sane to me

mod6: so either user creates ~/trb-deps and then pulls all .asc's from deedbot manually in offline mode. or makefile creates ~/trb-deps and pulls .asc files in `make ONLINE=1` mode and dumps files in there.

trinque: then they can sit there for the rest of your life and that's that

trinque: makefile would make the dir, maybe ~/trb-deps as default, or w/e

mod6: so yeah, something other than what I did is preferred (at least to me).

mod6: but having it set up as i just did in the above paste is unpressable in current vtronics.

trinque: could just drag deps/Makefile into the root Makefile, and put the dep-files someplace else

trinque: I tend to have a couple trees pressed right next to each other, when testing a patch, when writing my own

trinque: whole idea is to get them outside the press, so you don't have to copy them in each time you press

mod6: like this: http://p.bvulpes.com/pastes/uuSiv/?raw=true

trinque: could do the same for deps path, provide some default, and if you want something else:

trinque: this is the kind of thing I provided defaults for, like what your copy of your checksum proggie is

trinque: nah makefile can make those dirs if absent

mod6: this would leave, for instance, a 'trb' output press directory along side of the above stated dirs. of which, all that would be contained in there is a bitcoin directory, and the underlying 'src' directory.

mod6: so that'll be the next thing to take a look at.

mod6: problem will be with pressing and a vpatch. press wants to put everything underneath of the given press directory. not place contents adjacent to a press directory.

mod6: interestingly, i just tried moving 'bin', 'deps', and 'build' and all of their makefiles + a few small tweaks up ../../.. and was able to build.