tmsr - Search: i

28300+ entries in 0.198s

mircea_popescu: asciilifeform so ? i see your junkl and raise you our junk : http://nosuchlabs.com/fg/fg_small.jpg

mircea_popescu: asciilifeform i can't blogspot.

mircea_popescu: i dunno what the fuck you think juniper is ; but as a factual matter juniper is the result of exactly this conversation among dumber people ~15 years ago. ☟︎☟︎

asciilifeform: i must repeat, that i'd be lying if i claimed that i knew how to build a box that throws packets at even 1/5th the rate of the cheapest juniper, out of off-the-shelf components.

mircea_popescu: i have not yet encountered a dc which didn't have a waffle list composed mostly of junishits.

asciilifeform: i admit i dun grasp, why, having already fronted 500k to usg.juniper, they would entertain a 'try my homemade router plz'

asciilifeform: now what i ~have~ wanted to bake, for years nao, is a box with ~2~ jacks, that tests rsa sigs on specially-defined packets at line speed, and drops all the ones that dun pass. this is imho the Right Thing, for entirely curing the disease in question. ☟︎

asciilifeform: trinque: 'competition' box routes 1G/s from 48 jacks, daisy-chains with 10GB/s snakes, compiles ip filter rules into 1mil+ gate fpga fabric. how do i bake a sucks-less without large fpga ? ( we dun have large fpga, tho we do have working tiny ones ) ☟︎

mircea_popescu: i dunno how he's supposed to be from odessa, don't got not a gypsy bone in his body.

trinque: asciilifeform: I think your mind is set on correctness, which blocks a pragmatic "better" which is only defined by delta with competition

asciilifeform: trinque: am i thick, and mircea_popescu right ? how do i bake a 'sucks less than juniper' while being stuck with off-the-shelf nic ic ?

asciilifeform: i'd luvv to do it. but to ~actually~ do it, as opposed to junkyard wars ersatz that will inevitably suck.

asciilifeform: unless i misunderstand somewhere, this needs ic fab.

mircea_popescu: i got news for you, alfie! http://trilema.com/2018/how-things-have-changed/

a111: Logged on 2018-09-04 15:07 mircea_popescu: diana_coman can i get you behind this "iptables are for amateurs" line ?

asciilifeform: mircea_popescu: for all i know, they have a microshit antivirus also plugged in. should we then also attempt 'better one' of these as well ?

asciilifeform: it's an algorithmic problem ( i.e. fundamental ), rather than implementation.

mircea_popescu: possibly i didn't make it plain enough that SUCH AN ITEM ALREADY IS PLUGGED IN THERE ?

asciilifeform: possibly i did not clearly explain the problem with iptables then ?

asciilifeform: mircea_popescu: i know this, had the misfortune of buying'em, plugging in, fiddling.

diana_coman: if I understand correctly asciilifeform's solution is essentially not as much kill the pest as make the whole thing pest-resilient

mircea_popescu: asciilifeform the rate this is going, i guess nsa will soon be in the business of producing flood-fighters ; considering what the "professional" crapola out there costs...

mircea_popescu: i misspoke. i meant "this is a sorry reason to write code."

diana_coman: that much I can see, yes

mircea_popescu: i suspect "iptables" is like "php implementation of ftp" : most people don't have their own isp.

diana_coman: I am very, very tempted but precisely for this reason still trying to make sure I'm not just preferring the easy way out here

asciilifeform: i do know that many people's pest control setups rely on iptables, and so all new pizarro customers will get it by default. but imho it is a bitter pill.

mircea_popescu: diana_coman can i get you behind this "iptables are for amateurs" line ? ☟︎

asciilifeform: i won't go as far as 'iptables is addictively useless' but: nearly

asciilifeform: diana_coman: i used nothing at all. given as bandwidth hogs dun seem to ever have any trouble coming up with ~infinite new ip proxies.

diana_coman: asciilifeform, what did you use then? I'm not a huge fan of iptables in any way and this have-to-recompile-kernel doesn't help but I don't know of anything else that is better

asciilifeform: i ended up going back to it, largely to use the aws-ban script

a111: Logged on 2018-09-04 14:34 mircea_popescu: well this promises to be a serio0us problem that can't be winged, but will require some thought ; in part because i don't directly see the difference ; and in part because i don't really think a machine without a functioning way to limit access to it is actually seaworthy.

asciilifeform: http://btcbase.org/log/2018-09-04#1847273 << at the time i built the 1st kernel for these particular iron, i was not using (believe or not) iptables, was quite disappointed with the 'whack-a-mole' approach to bandwidth conservation ☝︎

asciilifeform: trinque: specifically i mean that kernel is built ~for the iron~ rather than 'for the userland'

asciilifeform: ( i discovered the method quite early, in the days of mass FG tests, but did not know the sheer number of sad boxen / kernels afflicted, that turn out to need it )

asciilifeform: mircea_popescu: i still dunget why it has to be issue, usb hub can be dialed down to desired speed with method described on FG www pg

asciilifeform: mircea_popescu: note that this kernel is tailored to dulap-style box (i.e. amd, and with that particular raid card)

a111: Logged on 2018-08-01 21:28 diana_coman: after reading around on this mess with the usb speeds, the summary + questions would be: 1. the dwc_otg seems actually specific to raspberry pi so I don't see how it's directly useful atm; am I missing something? 2. the manual/runtime pill so far relies on the companion mechanism to force a USB port down from "high speed" to "full speed" so basically from ehci to uhci/ohci; wouldn't it make more sense to blacklist ehci, xhci and whatever

asciilifeform: mircea_popescu: iirc i posted the config, lessee, :

diana_coman: asciilifeform, I have iptables atm; the idea was to have it by default on any new config/box/system

a111: Logged on 2018-09-04 14:16 diana_coman: asciilifeform, trinque in case it helps, the kernel option I need to turn on in order to be able to run iptables on the smg machine is networking support/networking options/network packet filtering framework/core netfilter configuration/netfilter xtables support

asciilifeform: http://btcbase.org/log/2018-09-04#1847258 << diana_coman i was under the (possibly mistaken) impression that i built smg box with iptables-able kernel. but was not ? ☝︎

mircea_popescu: trinque kinda what i was thinking here, spend an hour thinking what'd make the cut, put it in, and that's it.

diana_coman: it is asciilifeform's kernel indeed; iptables or something else to limit access though I think is a must on a server

trinque: iirc diana_coman is running an asciilifeform kernel, but I think alf approaches kernels similarly to me: "nothing broke when I turned this off, so off" until that heuristic bumps into something. going to be different bumps in different deployments.

trinque: there is an extremely broad category of possible iptables/netfilter doodads with which to make a firewall, router, etc. I could certainly see use in defining a subset of what's available as standard.

mircea_popescu: i mean, it'd be ok for a terminal. but as a server it gotta have something-like-iptables neh ?

mircea_popescu: well this promises to be a serio0us problem that can't be winged, but will require some thought ; in part because i don't directly see the difference ; and in part because i don't really think a machine without a functioning way to limit access to it is actually seaworthy. ☟︎

trinque: which isn't how I run my own kernels at all.

mircea_popescu: we're not even discussing you, here. i was talking about iptables.

trinque: I can't anticipate every single use case someone's going to have.

diana_coman: asciilifeform, trinque in case it helps, the kernel option I need to turn on in order to be able to run iptables on the smg machine is networking support/networking options/network packet filtering framework/core netfilter configuration/netfilter xtables support ☟︎

cazalla: not much i can say you haven't experienced or don't already know having done it i guess

cazalla: i did get out of my head, i hear (and have read from your own account) what you're saying, went out on a few day trips with the locals and spoke to them etc

cazalla: surprised enough i got a plane and went overseas.. really should've done that shit a long time ago

cazalla: i already know what you'll say re: accommodation though :)

cazalla: they make the distinction where as i don't, but do you if i bring some taiwanese lass in here?

cazalla: i guess i don't have the experience and it makes me feel uncomfortable chatting with someone under 18 even if it's benign, call it conditioning from the west

cazalla: i don't wanna be the white foreign guy hitting on young girls tbh

cazalla: mircea_popescu, i have any idea of what you want from the logs, but can we come up with some specifics so i have some kind of framework as to work with

BingoBoingo: Oh, crap I went for a walk and missed cazalla

mircea_popescu: myeah. i'm aware.

cazalla: i'll give it some thought and planning, likely go back october/november once it cools a bit more

cazalla: yeah, i get that, but the taiwanese speak/read/write a different chinese to the mainlanders, as to how different it is i don't know

mircea_popescu: otherwise i could send my own heh.

mircea_popescu: i dun want some european transplant. born there to locals.

cazalla: i don't understand how large the difference between traditional v simplified chinese is or if it matters in this case

cazalla: i guess she could put posters up at work (amkor)

cazalla: i'd rather come back with nothing if i wasn't certain whatever i found was up to par

cazalla: when i go back, i can try to find someone to fit that role, can't say i'm confident in my ability to come up with someone though

cazalla: i'll likely go back to do the south of the island, but nothing permanent

mircea_popescu: i'm slow.

cazalla: well, i just got back from a month bumming around taiwan, probably says enough

trinque: ave1: couldn't reproduce your errors. all I had to do to re-run the cuntoo build was to fix the portage snapshot var. ☟︎

asciilifeform: i still suspect a very noisy 'route through london' lulz afflicting deedbot.

mircea_popescu: i got links so it did happen!

mircea_popescu: in my old age i barely dare a coupla slices a day. and no, they're not footwide slices either ;/

asciilifeform as a small boy, 'if i jump this-high, can i see turks??'

mircea_popescu: asciilifeform i really wouldn't believe the spinsters one iota in this matter. sure as fuck nobody in turkey gave no "assurances" and in general their pretend-sovereign posture is fucking ridiculous, besides spurious.

asciilifeform: i suspect even northkr has a list of 'tolerated untermenschen' with us passport who go in, out

PeterL: unless she married somebody over there and never told anybody in the family, which I guess is possible

mircea_popescu: i outright deny it is possible to build anything other than a ~model~ mosque in the new world.

mircea_popescu: well, if i said "i'm the only guy here to have read illuminated manuscript" and someone said they read beatrix potter's books i'd similarily point out that the term denotes items made before beatrix potter was invented.

PeterL: http://btcbase.org/log/2018-09-01#1846578 << I have visited a mosque, it's actually the biggest in the US, in Dearborn MI ☝︎

PeterL: I see your point

mircea_popescu: PeterL how in are you to begin with ? pick a rifle stand a post ; alternatively pick a lord help out in his castle ; alternatively may i suggest radiomodelism ? or perhaps fishing ?

PeterL: http://btcbase.org/log/2018-08-30#1845808 << I feel like this is directed at people like me, telling me to get out, but I am not sure? ☝︎

Mocky: i don't have any complains, vague or otherwise. just stated what i saw. worked out for me in the end

trinque: but I'll upgrade to 486DX2 just for alf

trinque: yeah that's what I've observed as well

mircea_popescu: no, i'm saying freenode adds multi-minute delays at least weekly.

mircea_popescu: i put in the more egregious ones, such as "timeout 260 seconds" coming BEFORE a message and such nonsense. but really...

trinque: I thought you were saying deedbot

a111: Logged on 2018-09-03 18:01 asciilifeform: trinque: fleanode puts 5min delays in your path ?! ( i'll believe , but haven't yet seen this wonder with own eyes )

asciilifeform: trinque: fleanode puts 5min delays in your path ?! ( i'll believe , but haven't yet seen this wonder with own eyes ) ☟︎

trinque: I'm not taking any more responsibility for freenode than any of you.

asciilifeform: Mocky: i've seen this before, sometimes i suspect trinque runs the thing on a 386...

asciilifeform: https://i.4pcdn.org/pol/1515121778824.jpg << related lul

mircea_popescu: lobbes ye olde link 404s. sadly i'm affraid this particular corner case wasn't covered in mp-wp user friendliness, doesn't autofix it.