log☇︎
275100+ entries in 0.175s
mircea_popescu: yes, everybody did. that's the problem. when derp mcherperson wants commit access to vomit her versiuon of invidious gossip therein as "comments" and "sensitivity", PEOPLE FORCE IT
asciilifeform: just as, per yesterday's thread, nobody forced the bathroom mold.
mircea_popescu: she's well equipped for the things she does, invidious gossip, raising children and burning the cabbage. there's really no call for cabbage os and burned "literature".
mircea_popescu: nobody asked you to force the poor thing to art ; much like nobody asked you to force the minimal brain of the huswife into producing political discourse and directing ships on the sea.
mircea_popescu: see, but that's not it. same FUNCTION of organ. that's the issue. the anal ring is made to keep farts in, and ~arguably~ to pleasure a beloved penis now and again. this is very much the same function.
asciilifeform: all of the proggies have roughly this very same shape.
mircea_popescu: they weren't on speaking terms thence.
mircea_popescu: one time one person inquired at party "but what's with all the monster cocks"
mircea_popescu: well no, feminist you see. had no use for those e=mc2 shapes that predilect the edge of light over roundnesses much more important ... to "us".
asciilifeform: by that token a dog taking a shit is a sculptor.
mircea_popescu: as per aristotle, there is no such thing as "no design"
asciilifeform: just 'tip the dump truck here and here'
mircea_popescu: well no, linus is the foreman-architect there.
asciilifeform: and likewise their designs are also dead (or alive in museums and collections like mine)
mircea_popescu: o right, they recently got the last one huh.
a111: Logged on 2016-08-03 13:57 mircea_popescu can't think of any valid excuse anyone involved in os design could possibly have not to already be in wot.
asciilifeform: http://btcbase.org/log/2016-08-03#1513748 << i must now point out that ~everyone ~involved in os design~ is... dead ☝︎
mircea_popescu: "o ya ? then put echo "come suck my dick"; in bash!"
mircea_popescu: "hey, it says on the screen"
mircea_popescu occasionally lulz at girlies earnestly clucking around to speed up key production.
mircea_popescu: the verbiage still reflects this
asciilifeform: recall how the original pgp collected keystroke fuzz etc.?
mircea_popescu: but better rng code could well live in the os.
mircea_popescu: im not sure this model can/should be breached.
asciilifeform: and userland proggies trust it implicitly, lacking any alternative
asciilifeform: it is a kind of forced/nudged idiotarianism, via os architecture, useland does not have the direct access to the hardware (incl. the scheduler) to force a proper sampling of whatever hardware rng
mircea_popescu can't think of any valid excuse anyone involved in os design could possibly have not to already be in wot. ☟︎
mircea_popescu: i prefer to discern between the two by their reaction to events. the fact that they're not all here means they're all there.
mircea_popescu: maybe (there is a valid argument here, that at the time they were making this shit it was for toys not btc nodes). or maybe they're just usefully idiotarian.
asciilifeform: if there is anything one cannot accuse insects of, it is lack of economy.
asciilifeform: they 'hired the cheapest soothsayer' !!111
asciilifeform: hey they're genius exam takers, whaddayaexpect, 'we want to pass ent' 'how to pass' 'whiten' 'done'
mircea_popescu: (incidentally those "accidental"-deliberate fucktards : fixed whitening scheme ? really ? what the FUCK! if there's anything in the entire fucking os the user must be able to customize, it's NOT the fucking glyph table / window size for the love of christmas fucks!)
mircea_popescu: it just doesn't actually speak to the foregoing. i suppose the correct rsa implementation comes with a kernel patch.
mircea_popescu: this is also true.
asciilifeform: testing whitened bits which may or may not even have actual physical entropy behind them is ~useless.
mircea_popescu: the concept of test is, definitionally, "on user end".
asciilifeform: because on the userland end, ~100% of shit os will pass.
mircea_popescu: all tests must always and forever be in the hand of hte user.
asciilifeform: my contention is that this test belongs on the system end.
mircea_popescu: but i do dispute that for this reason it then follows there also can't be put any.
mircea_popescu: anywya, i don't dispute that "accidentally"-deliberately nobody put any effort into rng quality assurance ; key quality assurance ; etc.
mircea_popescu: passing it better than the real thing is failing, innit.
asciilifeform: (e.g., aes of a stream of nulls, outscores (debiased) geiger, electric rng, whatever you like, on ~100% of the tests)
asciilifeform: mircea_popescu: whitened crapolade passes all known entropic tests, in fact considerably better than the 'real thing'.
mircea_popescu: (also by definition whitening doesn't trivially pass the tests, just superficially seems to.)
mircea_popescu: otherwise you're in the position of the camper who doesn't pack a burner because, technically speaking, he doesn't know there will be oxygen where he goes, not having been there before.
mircea_popescu: asciilifeform yes, but this is not a reason to not have the tool.
asciilifeform: otherwise you get slipped the wonderfully entropic digits of some transcendental constant and that'll be it.
asciilifeform: to compactly rephrase, entropy testing is only useful when you ~know the design of the rng~
asciilifeform: (recall, e.g., digits of pi, pass the ent tests.)
asciilifeform: it is useless to test rng that is, to steal hanbot's phrasing, 'an unknown mixture of fact and hogwash'
a111: Logged on 2016-08-03 06:15 mircea_popescu: and speaking of gpg deplorable state asciilifeform can you think of any possible reason the damned thing doesn't come a) bundled with ent and b) with ready implemented tests of local entropy while c) key generation is a subset of entropy testing in all cases ?
asciilifeform: http://btcbase.org/log/2016-08-03#1513709 << the obvious reason: at this point, even the lamest system rng (urandom, etc) are 'whitened' and trivially pass the tests, while having anywhere from 0 to whatever actual hardware entropic content ☝︎
shinohai: Well after getting his fudge packed for so long, I guess it finally made it's way to his brain.
asciilifeform expected this idiocy to pop up at some point.
mircea_popescu: and speaking of gpg deplorable state asciilifeform can you think of any possible reason the damned thing doesn't come a) bundled with ent and b) with ready implemented tests of local entropy while c) key generation is a subset of entropy testing in all cases ? ☟︎
BingoBoingo: "The results mean that, on Nov. 8, the state's gubernatorial race will be between Koster, a former Republican turned Democrat, and Greitens, a former Democrat turned Republican."
mod6: <+mircea_popescu> more practical would be to force the code to make a pile of say 64 byte keys and sieve them. << this would be interesting.
mircea_popescu: mod6 ok but none of this resulted in "current gpg shitfest is acceptable"
a111: Logged on 2015-05-20 15:03 mircea_popescu: http://log.bitcoin-assets.com/?date=20-05-2015#1139680 << speaking of this, am I the only one nonplussed by all this "we use <<best practices>> fixed exponent" bs ? it's an unavoidalbe magic number , okay, but it's tyhe sort that should eminently be a knob for the user. a proper gpg would have e user-settable at the key generation phase (with 65536+1 as a default, sure)
mod6: maybe im remembering this http://btcbase.org/log/2015-05-20#1140428 ☝︎
mircea_popescu: yes, that's right : landed at chatham, burned the ships, FAILED TO BURN THE FUCKING DOCKYARDS.
a111: Logged on 2016-08-03 02:58 mircea_popescu: incidentally, the curious amateur historian may be well served by a review of the 2nd anglo-dutch war. some underlined parts : the anglos were deeply overextended politically - their crummy country consisting of one single town and a bunch of retarded peasants ; while the republic had many more merchants, with lots more money. in practice this meant that the english could pay for one ship where the dutch could afford seven ;
mircea_popescu: oh and to revisit http://btcbase.org/log/2016-08-03#1513511 : guess what mistake the dutch made, that the japanese repeated in ww2. ☝︎
mircea_popescu: actually to formalize that : a 4096 bits key means a p that is 257 to 259 bytes long ; and a q that is 258 to 260 bytes long. end of fucking story. ☟︎
mod6: <+asciilifeform> could've sworn this was in the logz << i recall a few discussions, ya.
asciilifeform: even that snipped from gpg
asciilifeform: could've sworn this was in the logz
a111: Logged on 2015-05-24 14:45 Apocalyptic: "there's no guarantee p and q have the same bitsize is there ?" // I think there is, a couple of lines above it generates them both with nbits/2 bits, so I would say yes, unless there is a bug in "generate_secret_prime", because this function specifically sets the two high bits to 1
mircea_popescu: why give away this fucking trivial protection.
asciilifeform: we had this thread...
mircea_popescu: /* make sure that nbits is even so that we generate p, q of equal size */ << what ?
mircea_popescu: more practical would be to force the code to make a pile of say 64 byte keys and sieve them.
mircea_popescu: yes but no. for one thign you don't do lattice search iirc ? for the other, the keys we're working on are too large.
mircea_popescu: one obviously hopes that gpg did. but then again the brutal teacher that is experience shows it's wiser to suspect everyone merely hoped someone else did it.
mircea_popescu: asciilifeform btw re the fermat discussion, i wonder if anyone ever did a proper review of rsa code for lattice and fermat-closeness weakness in p,q generation.
nosuchlabswww: Not trying to spam. Check out qntra dot net. Fourth article down is about rsa and brought me here. Good read and new article.
fabio__: ok I think I understand your position a bit better now thanks
mircea_popescu: well the ecc justification is "shorter keys", other than a bunch of "new! better!" crapola.
asciilifeform: fabio__: understand, also, that someone who offers you a more complicated (i.e. more moving parts) cryptosystem without ~justification~, is attempting to compromise your security, no less than if he were stalking in your garden under the cover of night bristling with cameras and antennae
mircea_popescu: always and everywhere in engineering, this is the case.
fabio__: so alternatives that are more complex are regarded as lesser
asciilifeform: ~contemplate~ whatever suits your fancy -- folks have... contemplated, e.g., trains with triangular wheels riding on sinusoidal rails.
fabio__: your said "fabio__ rsa has the advantage that it's the simpler solution."
mircea_popescu: but "the new better replacement for copper pipe" is not worth contemplating today like it wasn't worth contemplating in 516 ad.
mircea_popescu: you mean, "alternatives for rsa are not worth contemplating" ? sure, they are, much like anything's worth contemplating. it's educative if nothing else.
fabio__: so in your mind, new comers are not worth considering RSA unless they are equivalent in complexity or simpler. and until RSA is broken no need to migrate? <-- is this fair?
mircea_popescu: if someone breaks rsa you have all sorts of other problems to contend with.
mircea_popescu: fabio__ rsa is not breakable in the "shit someone broke openssl" sense you seem to be thinking of.
asciilifeform: and yes, we had a thread
fabio__: so in your mind, new comers are not worth considering RSA unless they are equivalent in complexity or simpler. and until RSA is broken no need to migrate?
asciilifeform: there is also this.
asciilifeform: in the elementary sense of 'number of ops required to solve avg case'
mircea_popescu: last the topic was took up it came out that no, it's absolutely not.
mircea_popescu: not that we're even sure "complexity class" is meaningfully defined for this purpose
asciilifeform: it is, for instance, not proven that rsa reduces to difficulty of factoring integers, or what complexity class factoring is in.
asciilifeform: fabio__: what kind of details are you interested in ? there is no reduction-to-complexity-class proof of hardness for either cryptosystem.
fabio__: you did, but I'm fighting through the snark to ask for more details ;)
mircea_popescu: nosuchlabswww the chicks are hotter now.