tmsr - Search: i

235300+ entries in 1.769s

ninjashogun: anyway I'd think there's a market for in-between, people (like me) who don't care that much, but would rather not keep a key on a PC

ninjashogun: I'm currently developing a wireless version of my prototype, and it is true that I am still learning it.

ninjashogun: I'm trying to invest in some 2.4 ghz wireless equipment (spectrum analyzer among other things) and would be the first time I use one.

ninjashogun: I guess I could radically underestimate how much CPU state a wifi transmission can carry away.

ninjashogun: I tend to go from first principles.

ninjashogun: personally anyone who could bruteforce all that, while breaking wireless encyrption and your whole network stack, can see the damn document as far as I'm concerned. and they still wouldn't have my private key.

ninjashogun: asciilifeform, I don't even mena to "sign" a single document. Just to transmit it. And receive back hte signed version.

mircea_popescu: diametric i love it too hehe

ninjashogun: asciilifeform, I get your point but obviously if you can learn a single bit of a key, you can learn them all. Not one bit should be leaked, ever.

ninjashogun: asciilifeform, I've done that :)

diametric: mircea_popescu: that picture is fantastic, i was literally just having a conversation about redheads with someone moments ago.

BingoBoingo: I'm old

ninjashogun: BingoBoingo: I hate to be the one to break it to you. I thought you heard. /. had a stroke and is in a nurinsg home :(

asciilifeform: am i speaking chinese? what part of this isn't clear

asciilifeform: radio carries bits from nearby wires. do i have to draw a picture, or what ?

ninjashogun: asciilifeform, I told you? You can consider the link totally insecure and still use it....?

ninjashogun: dignork - further I don't have any problem with it in the current form. I think asciilifeform should patent it. I also suggest he work on just one layer of the solution, which is the physical transport layer, and consider bluetooth or wifi.

ninjashogun: dignork - you misinterpret my tone if you think I'm arguing. I like the idea of the Cardano very much, I think it's a genuine, useful, good, and non-obvious innovation, and I encourage asciilifeform in building it and getting it to market.

ninjashogun: BingoBoingo, I like it. It's also something you can unobtrusively carry around.

BingoBoingo: ninjashogun: I think the point of the Cardano is it serves people who can not even entirely trust the security of *nix systems

asciilifeform: i mentioned S for a reason.

ninjashogun: asciilifeform, by the way don't let the haters take anyting away. All of my suggestoin are at a single layer - and do not in ANY way impact the basic idea you've come up with with mircea_popescu --- which is a VERY good one. I don't really add anything in my suggestoins - it is the same design. You should patent it.

ninjashogun: on http://trilema.com/2013/how-to-airgap-a-practical-guide/ - I would also suggest running several copies of hte same hardware next to each other. If they're all doing something, how is someone going to know which is the one that is of interest. This can even subvert someone physically ocming in and using it in your absence.

BingoBoingo: I have a reason to get another SE/30

asciilifeform: ok i'm back, because this is just too precious.

ninjashogun: BingoBoingo, Yes, I am. I realize this is not an airgap.

ninjashogun: BingoBoingo - I learned of this literally 20 minutes ago. My improvements already have something that can at least theoretically work with an iPad and iPhone, which loads of people do their surfing on in the evening, and certainly don't want to keep keys on.

BingoBoingo: ninjashogun: I'm not defending his design. I'm am suggesting your "improvements" are abominable

ninjashogun: Again, none of this is to take away from the design as I've already read about it here. I like it a lot.

ninjashogun: I don't think packet sniffing is a problem if you tunnel over it.

ninjashogun: I disagree, I think firefox running javascript is one of the simplest things to develop and target 100% of PC's with. Also it would work on some tablets, which have no USB subcomponent at all, but do have copy and paste and wifi connections.

ninjashogun: BingoBoingo - I always consider the simplest hting that could possibly work.

ninjashogun: asciilifeform, if I can have up to a 3 year grace period I would accept that with the full $22.5K.

mircea_popescu: i tihnk it's been enough for a day tbh.

asciilifeform: BingoBoingo, mircea_popescu - be so kind as to take care of our dear guest. i'ma lie down now.

mircea_popescu: i despise the entire thinking process that got you there.

ninjashogun: Overall I would suggest you consider it due to the amount of security attention that 1) the WIFI stack 2) browser communications, have received. You can leverage that.

asciilifeform: i don't have anything against a man who eats turd. but i will eat, and serve my friends, sausage. not turd.

ninjashogun: asciilifeform, I was just suggesting some directions for version 2 or 3.

ninjashogun: asciilifeform, this is not to take anything away from cardano - I like it.

ninjashogun: asciilifeform, I get your point.

BingoBoingo: I wonder how Many interns have been charged with reading trilema nao.

asciilifeform: i wish i had the energy to explain here, for stone age man, how a radio works

mircea_popescu: she was utterly unprepared, from what i hear.

diametric: mircea_popescu: I enjoy your style of writing, and I wonder if she was prepared for that kind of response. I'm highly interested to see if anything else comes of it

ninjashogun: I mean it retains no knowledge of what it signed. The person can't go home and check everything they've signed.

BingoBoingo: ninjashogun: I mean why not some sort of cable that might only incidentally happen to function as an antenna, for which shielding is possibly. WHy demand an active antenna throwing your bits around?

ninjashogun: BingoBoingo - you are right and for this reason I probably shouldn't ahve called it an "air" gap.

ninjashogun: and I like the basic idea of not having your key on another PC.

ninjashogun: I think wifi security has more attention paid to it, yes. Even when it's broken. Many eyes make security deeper.

ninjashogun: I think there are a lot of unknowns over USB and it is a frequently underestimated attack vector, with very little security research being done.

ninjashogun: :) I undrestand what you're doing with the USB thing. However, I, personally, do not consider USB stacks to be very secure.

ninjashogun: I think this would be an interesting application for using one's private key without having it in one's possession.

ninjashogun: asciilifeform, I have a suggestion for your next version. My suggestion is that the air gap with the computer be maintained, by running (a different brick) that is a wireless access point. You can connect to its wifi and use Firefox on localhost to upload and sign or upload and encrypt/decrypt files, which it would then serve back. This requires a computer with access to WIFI. However, I think in general a network stack

ninjashogun: So, I like the idea very much.

mircea_popescu: half why i even keep that blog, if i didn't write the shit up i'd end up forgetting it all.

mircea_popescu: asciilifeform did i actually write that ?!

ninjashogun: I just wasn't sure if the tone is somewhat pseudo- or ironic, or it's meant to be read "straight"

mircea_popescu: BingoBoingo i recall he was prepping for some surgery i hope they didn't end up cutting the wrong part.

ninjashogun: It's an intersting introduction. In the end I like it :)

ninjashogun: I'm reading that page

ninjashogun: The ones I know that made a killing did so by immigrating to the United States :)

mircea_popescu: but i know plenty of hungarian folk that really killed it in the 90s

ninjashogun: mircea_popescu, well I could just ask you. Not really that interested.

asciilifeform: ninjashogun: did i just fall through time warp? 'mpex' not built yet?

ninjashogun: mircea_popescu, I don't mean to pick on Romania. For many of my examples I'm really thinking of Hungary, and using it as an analogy.

mircea_popescu: i dunno, rav for instance is a romanian startup

ninjashogun: I'm generalizing, but only a little bit.

ninjashogun: asciilifeform, that is part of what I mean

asciilifeform: i'd venture to guess that there are many romanian startups. just not registered officially.

mircea_popescu: BingoBoingo i thought they had interwebs too, no ?

mircea_popescu: BingoBoingo i wonder why not more people starting businesses from inside a us prison

ninjashogun: I don't know if it's evil or not but it's factually mistaken.

ninjashogun: asciilifeform, I was actually responding to the earlier statement (day 1: ...lottery) with my statement about his model being wrong.

ninjashogun: mircea_popescu, I don't know about the criminals, generally they're not very smart. But I do know about founders and creating something.

ninjashogun: mircea_popescu, I think your model is a very, very fair one under normal circumstances. (Such as the Efficient Market Hypothesis.) However, I have very deep theoretical proof that your model is mistaken, and that these founders were in fact leveraging the same opportunity inefficiency that I am.

ninjashogun: mircea_popescu, also, if my investors don't know of them, i can't leverage their background to get an investment, either.

asciilifeform: day 1: a certain mr. smith wins lottery, $100M, lights $100 with $100 full of cocaine, on tv. day 2: stinking bum knocks on yer door - 'lend me $5.' you: 'why should i lend to a stinking bum?' bum: 'if i'd had $5, i could've won just like smith'

ninjashogun: mircea_popescu, so how would I learn from them? What use are they to me?

ninjashogun: asciilifeform, again, this is why I mention that Steve Jobs (a kid who stole $5000 from his best and only friend to start Apple), Mark Zuckerberg (a guy who scammed a map website guy out of $2000 to start facebook), and Larry Page (a poor grad student who had to give $50B away in equity to get an immigrant to code up his Larry Page Rank), also did not have the means to play.They couldn't play. They did anyway.

mircea_popescu: asciilifeform i thought you used to be a duke

asciilifeform: so i didn't start a pharma co.

asciilifeform: sometimes you just can't play. i, for instance, might like to start a pharma company, but i checked my sofa cushions and there is not $1B to be found therein

ninjashogun: Note that the wireless portion doesn't exist at all. I don't even have a specan (spectrum analyzer). The only eqiupment I developed is with large arduinos, as well as mockups of what it could look like.

ninjashogun: I don't mean to say anything about hte level of ambition you have in your hardware startup but usually a certified lab for developing ours costs $60K, which I am going to do on about $8K in used eBay equipment.

asciilifeform: ninjashogun: nope. and i'm not a baron, duke, anything, no titles of nobility

asciilifeform: ninjashogun: i know what you'll answer: 'having a day job sucks.' and sure. but then you can pay for hardware, prototype runs, etc. without begging

asciilifeform: ninjashogun: if i were anyone else, i'd swallow this. but i'm doing much the same thing you said you did (hardware startup) but without passing begging hat

ninjashogun: asciilifeform, I know how one "traditionally" secures capital, but it is usually against assets such as a house, etc.

ninjashogun: asciilifeform, at this point I need the loan in order to get to the stage of prototype that the investors need to test (as part of their due dilligence also) and see in close to the final form factor.

ninjashogun: asciilifeform, I had to make an unbelievable amount of progress to get offered a seed round on a hardware project that has not yet been completed and has no traction.

ninjashogun: asciilifeform, sorry - I don't get your analogy?

ninjashogun: I was extended this loan (basically) we did up paperwork for it and then I've been trying to collect it for over 5 weeks without luck. I can't get back in contact wiht the person (after exchanging many forms of contact). so so much after how easy it is to get a loan.

ninjashogun: sorry, I meant to write: without pay for my startup (and now startups) - as I started working on the jobs site one after spending more than a month trying to collect the loan I closed

ninjashogun: asciilifeform, I have no proof of income due to the fact that I have been working without pay for my startups (startup at the moment)

ninjashogun: mircea_popescu, yes, rent in a very small room in a very large shared apartment, is $111 (after some clever negotiation from me based on how infrequently the room could be rented out due to its size). This includes all eelectricity bills, the Internet (that I'm using now) hot water, gas, utilities.

ninjashogun: asciilifeform, given my high-risk profile what APR would you (personally) extend me on between $7K-$22.5K (amount I take depends on APR) with no collateral except a registered Delaware C-Corp I'm currently full owner of (100%) going to 90% after an investment clears that I've committed to - the company has intellectual property including a patent that is pending and trademark that has been assigned, as well the equipment I

dub: its funny I dont get unsolicetd cards from my primary bank anymore

asciilifeform: i'm not the least bit of 'rockefeller' but i shred & throw out 3-4 unsolicited 'platinum' cards in the snailmail every week or so

ninjashogun: I don't have the time to take employment, even temporarily. Two months ago I was invited to give a demo with the working prototype as part of closing a $150K investment. I need to finish it.