229200+ entries in 1.785s
BingoBoingo: The problem of taking action to fix
a problem is that at some point you will have to take more action.
assbot: Only
a few days old, OpenSSL fork LibreSSL is declared unsafe for Linux | Ars Technica
BingoBoingo: You'd think when somone creates the sort of tool he googled and instead recieved
a virus for the tool's creator would instead bleed the target dry.
BingoBoingo: The site hosting the malware in question if you make to the end of the thread atm was revealed to be
a "cheat" for some coinflip gambling game.
BingoBoingo: Most disturbing part about that report was he had
a whole BTC to lose.
mircea_popescu: "{to be honest timmy, having read your attempts to make
a pump and dump coin, to also make
a HYIP scam.. i feel sorry for anyone losing coin... but not so much with you."
BingoBoingo: Dictation much like keyboarding is
a skill.
assbot: Only
a few days old, OpenSSL fork LibreSSL is declared unsafe for Linux | Ars Technica
BingoBoingo: What does no one have
a scroll button on their keyboards either?
BingoBoingo: mike_c:
A proper keyboard (portable machine or not) ought to have
a Thinkpad style clit.
Mats_cd03: as well as
a project known as vivisect, which is also python like radare
copumpkin: well, from what I've seen (i just started tinkering with hopper
a couple of days ago, so I dunno), the basic hopper disassembler interface/functionality isn't all that different from IDA's
Mats_cd03: im not good with ida and i cant comment on substitutes, although i have spent
a fair amount of time trying (radare, mostly)
kakobrekla: interestingly, the ergonomic model m goes for about
a grand on ebay when it pops up from time to time
copumpkin: alternatives exist, and buying
a mac and hopper can be cheaper than getting hex rays :P
copumpkin: asciilifeform: yeah, the decompiler output seems kinda flaky and silly. The Mac OS thing doesn't seem like
a big deal that makes it
a "monopoly"
mike_c: kakobrekla: i have heard that the das mechanical keyboards are the modern version of the m, and they have
a silent version. i tried one for
a few minutes once and liked it. but not ergonomic.
kakobrekla: btw mike there is
a mod where you can make the model m office safe in terms of noise and the feedback is only slightly affected
mike_c: keyboards should be able to take
a good beating. otherwise they are by (my) definition not fit for professionals.
Mats_cd03: ended up smashing
a keyboard out of
a fit of childish rage
Mats_cd03: its been milder recently, ive been typing
a lot less (which means no coding unfortunately for benkay)
atcbot: [X-BT] Bid: 210 Ask: 242 Last Price: 210 24h-Vol: 0k High: N/
A Low: N/
A VWAP: N/
A gribble: Cosmos was last seen in #bitcoin-assets 3 weeks, 3 days, 5 hours, 31 minutes, and 52 seconds ago: <Cosmos> I brought entertainment & then I faded down to
a speck of nothing
BingoBoingo: Mats_cd03: Not even perfection, merely "good enough" is
a challenge in any endeavor
BingoBoingo: So over
a sample size of 2, drunk is less memory bad than stoned
benkay: <Rassah> who won't be bothered to create
a Tails linux distro on
a USB, generate addresses on them using Bitaddress or something, printing to
a USB connected priner, and wiping the printer // this is what one calls
a "strawman" argument. as
a person nominally involved in "public relations" you should never commit such derpitude in public.
BingoBoingo: Maybe there needs to be
a backup instance of assbot named buttsett
FabianB: Rassah: so it's mainly for the masses who want to store 0.01 btc on
a paperwallet
mircea_popescu: BingoBoingo what, you kidding ? just pour the caulk in
a shape. cheapest shit ever.
BingoBoingo: mircea_popescu: That's
a shortcut for the consumer. It's the opposite of
a shortcut to produce. Doing the minimum is the right way to produce. Never mind we won't polish the burrs off the edges either.
Rassah: I seriously hate this keyboard btw... It's
a very old microsoft touch-type wireless ergonomic, and it misses the keys around the G and H constantly. But I'm too cheap of
a bastard to get
a better one. So, please ignore my typos, and don't let them reflect on my grammar skills (I took Latin, damnit!)
BingoBoingo: mircea_popescu: No, I'm just cutting the pipe and selling it.
A dick fits, what is this thing where
a dick needs to do more than fit in something to fuck it. I'm just taking
a shortcut.
Rassah: This ting is made for people who are not techy (most of not bitcoiners) who won't be bothered to create
a Tails linux distro on
a USB, generate addresses on them using Bitaddress or something, printing to
a USB connected priner, and wiping the printer. I think this device, where you plug t into your printer and hit print, will make bitcoin
a hell of
a lot easier to secure for the masses. And it costs
a fracton of what the other
BingoBoingo: If fucking is just about sticking your dick in
a hole that accomodates it, I'm just going to get some pipe from the hardware store, saw it into dick length pieces, and sell them pocket pussies. What could go wrong???
Rassah: asciilifeform: I take it you're one of those who thinks the only way to create
a paper wallet is to buy
a used $100 laptop, use diceware with at least 20 words, use the laptop to hash that into your private key and address, write it down by hand on paper using
a hard glass surface, and then burn the laptop?
Rassah: And yes, if the software and hardware is completely open source and public, why wouldn't someone want to sell cheaper knockoffs? We hope we can still sell outs at
a premium, due to our reputaton and such, but...
mircea_popescu: at least the fact that it's been worked on since sept makes me feel
a lot better.
Rassah: kakobrekla: What kind of
a question is that?
Rassah: asciilifeform: Work on this device was started in early September. So we have had
a lot of tests on the chips by people who have been working on bitcoin cryptography for years now. So it seems as if they are aware of most of these concerns...
mircea_popescu: with
a little less luck they're identical but physically translated in the plane.
Rassah: So it's
a good thing we're not relying on just SRAM fo the entropy then
mircea_popescu: same batch, yea, obv. with
a little luck they are exactly identical.
Rassah: I plug it into my printer, and make
a paper walet. I put it away, and send money to the paper wallet. Then you......
mircea_popescu: he could also say "i don't want my signature to be dependent on the code written last year by
a bunch of dudebros"
BingoBoingo: Rassah: And the last tolerable version of Multibit does something else as well. When PGP/GPG has the ascii armored text block already it just isn't worth trying to replace it with bitcoin signing just to save
a few bytes.
BingoBoingo: Rassah: ... Otherwise I don't know what the difference in implementation is between PGP and BTC signing << Other big difference is PGP signing has
a nice container for inline signatures attached to signed human readable text of arbitrary length
Rassah: and won't that make an excelent opportunity for someone to sell
a device just like ours, using their own trusted sram chips? Maybe for more money, but more secure?
mike_c: it's not
a cameo if you're not famous
Rassah: BingoBoingo: Name one movie (besides Mighty Ducks, where he had
a sall cameo) that we was in? I've never even heard of him before bitcoin
Rassah: We don't use hashing as
a source of entropy, no. Only to combine ours with
a salt
Rassah: but since the sample amount is very large even
a 10% value is technically enough
Rassah: state and we'd read 0 and refuse to generate
a key. We will check if the amount of 0 > x% and < y% (to check for deep-freeze temperatures) the Closer they are to 50% the better
Rassah: asciilifeform: from Nikita: Firstly, we'll publish our analysis of data from chips and argue that it should apply to all chips, and whoever wants can get data from his chip and run our tools or make his own. (our device will be fully open source, so anyone can make one if they wish). Secondly, we zero out
a word in memory and make sure it's got enough 1s next time. If there was not enough power-off time, sram would retain its
BingoBoingo: Oh it is abnormal as hell, but because of its role it is still
a transmission
Rassah: BingoBoingo: I think Prius calls it
a transaxle too. But I don't see it as any sort of normal "transmission"
BingoBoingo: Right, but this arrangement of gears and fluids to drive power to wheels is still
a transmission. Even if oddly arranged. Nearly any front wheel drive, front engine car uses the term transaxle for this.
Rassah: Basicaly, normally to get more power,
a car (or other hybrids) switch to
a lower gear ratio and spin the electric and/or gas harder. In
a prius, the gas engine spins faster than the smaler inner engine can keep up, whic cases it to spin backwards, generate electricity, and then that electric is pumped into the big electric engine
Rassah: Just Prius. Others use plain engine, plain motor, ad connect them with
a CVT
Rassah: BingoBoingo: It's three motors in
a constantly moving planetary gear setup. The "transmitting" is done by varying input, generation, and torque of he electric motors
BingoBoingo: Rassah: What I didn't know before is that Priuses have no transmissions, timing belts, or belts f any kind, and reqire practicaly no mainenance other than 10k mile oil changes and 100k brake pad and transaxle fluid changes. Everything else is electric... After $600+ expenses every 3 to 5 years on my Honda Civic, this is awesome. The 60mpg helps too << Transaxel is just
a sideways transmission
Rassah: asciilifeform: He's writing. Give me
a sec
Rassah: Initially the idea was: Write
a salt onto the stick. Then generate key = H(H(entropy_1) + salt) + H(H(entropy_2) + salt), and print all of [key, salt, H(e1), H(H(e1) + salt), H(e2), H(H(e2) + salt)]. (+ could be arithmetic addition or XOR; either should be fine.) The user can then verify exactly one of the outer hashes on an insecure computer, and can verify the additions by hand (literally, pen and paper, no computer)
Rassah: key = H(salt||H(entropy)) with H(entropy) on
a second sheet of paper so the user can verify it... or something
Rassah: Yes. If you plug tis device into your PC while holding down the button, it shows up in "flash mode", where instead of just
a USB stick with
a JPG on it, you get to see all the system and settings files. One of those files is
a user provded sald (like diceware) that will be combined with the rest of the entropy sources to produce the final key
Rassah: I mean the chip and the hardware has
a lot of stuff in there. The entropy is altready there, but initially we figured the SRAM chip was overkill. The "software adding entropy" meaning we just add more code to grab entropy from more hardware and user sources