log☇︎
285800+ entries in 0.174s
asciilifeform: so far this is kindergarten botronics
phf: mircea_popescu: it's actually pretty immaterial, public key crypto doesn't buy you anything in this case
mircea_popescu: phf what's this symmetric key fixation ?
phf: each slave vm gets a random int id and a symmetric key, master store int<->symmetric key in a binary tree. packet comes in <int><sig>, you get the symmetric key for int and use it to verify sig
asciilifeform: where do you hide a nest in that?!
mircea_popescu: or things that work.
asciilifeform: mircea_popescu: the sewer rats cannot abide small, simple things
mircea_popescu: hard to do when there's nobody with a clue in "the team", obv.
mircea_popescu: of course, if you read the java-esque nightmare that "solidity" is, reimplementing eth as a small emu thing would benefit it immensely.
asciilifeform: mircea_popescu: reimplementing eth would be sad tho.
mircea_popescu: reimplementing bitcoin is not the end of the world anyway. the extant version is crap.
phf: otherwise you have to read the whole thing before you can make a decision whether or not whole thing is bogus
asciilifeform: but yes, the only topologies i know of for this are the traditional star, with 'signed by fuhrer - blob runs, no - not' or ... reimplementing bitcoin
phf: in order to do that you need crypto where each individual byte in a stream carries enough information to make a decision there and then. so you send a byte packet and have a 1/256 change of going to next byte
mircea_popescu: you want contact to my uci interface, we agree in advance, and i whitelist your key.
asciilifeform: and - ideally - succumb to doing some useful work on their own as well.
asciilifeform: the important thing is that usg's 1,000,000,001 emulated uci sybils should have no bearing on the workings of genuine nodez.
phf: but that's unimplementable constraint. anon rando can send you a well crafted pubkey that is bogus, and you will only know it's bogus after you finished your read
phf: well, that's going back to your "not a single byte" unless crypto
phf: asciilifeform: same way as you do with wot folks. you state who you are, then prove it with a sig
asciilifeform: nodes can have no meaningful identity other than pubkeys.
asciilifeform: for one thing, 'pairing' is undefined
asciilifeform: phf: and how do you accomplish this
phf: "but own key for each vm to vm pairing"
thestringpuller: isn't the point of V to prevent compromised binaries?
phf: you will have that problem with any form of crypto. if your binary is compromised it's compromised (ignoring fancy techniques of avoiding compromise)
asciilifeform: and anyway you can't use symmetric key that could be pulled from the binary by adversary to any useful end.
asciilifeform: we demonstrated this in... march?
asciilifeform: symmetric crypto other than otp dun exist.
phf: but own key for each vm to vm pairing
mircea_popescu: the one tricky bit is that other one tricky bit.
asciilifeform: the one tricky bit is the crypto
mircea_popescu: i certainly see the argument re SMALL.
asciilifeform: you want a really small beast, that you can easily polymorph, stuff into roms, various appropriate places..
phf: asciilifeform: that solution doesn't preclude fancy metering techniques, wot members own control hubs, talk to each other gossip style, and route tasks accordingly
mircea_popescu: fundamentally uci is a lateral pill for the hardware problem, oddly enough.
mircea_popescu: so it becomes "winner takes all" sorta tourney.
mircea_popescu: main reason hardware is so centralizing today is exactly lack of this sort of marketplace,
mircea_popescu: "is your dec alpha/toaster/bitcoin miner pluggable into uci ? cool, then it makes money. no ? it's broken fix it"
phf: then write your lisps or c compilers that would target the arch
mircea_popescu: HOWEVER, it will create, if successful, a ready way to resolve http://btcbase.org/log/2016-06-28#1492111 and such problems. ☝︎☟︎
asciilifeform: we sorta went over this in the pogo threads.
phf: so a virtual machine with constraints, "jump to here, run at most 100 ticks, claim at most 100 heap" that's generated for the target with target platform and control key baked in during generation
asciilifeform: the p2p control is the one tricky bit
asciilifeform: quite easy to do actually.
mircea_popescu: the whole point of uci is for there to be no more platform in that sense. course, this seems an unlikely goal.
asciilifeform: which is why you want TINY emulated thing.
mircea_popescu: yeah, the platform specificity is a bitch.
asciilifeform: mircea_popescu: for one thing, traditional bot-herding is a misery in 1,001 ways: intensely platform-specific, suffers various central points of failure, etc
mircea_popescu: i'm not saying that we are, but WHY NOT must be stated, and in such a way 107 iq guy in 2049 reading this understands exactly wtf.
asciilifeform: but rather mechanizing the process of harnessing chickens.
mircea_popescu: ben_vulpes that there's no specific check or test other than top | grep "ram" sorta thing.
asciilifeform: my understanding was that we are specifically protocolizing what was once customarily promise.
mircea_popescu: if we do a "trust but verify" no agreement all code, we end up strongly decentralizing, but exposed to you know, thedao.
mircea_popescu: anyway, this is a political choice mostly. if we do a "gentleman's agreement" and no code sorta thing, we end up strongly centralizing, army of lovers.
ben_vulpes: asciilifeform: aok. then not 'any key in wot' and bill afterwards
asciilifeform: ben_vulpes: the key emplaced on install.
mircea_popescu: at the other end of the spectrum, it can just be open bash and well, don't take code from people you don't trust.
ben_vulpes: or, read from tickets.
ben_vulpes: i imagined that each installed worker process would listen for orders from only one key, which'd handle billing.
asciilifeform: in that sense, yes
asciilifeform: phf: without the qemu crapola
mircea_popescu: seems to be coallescing that way
ben_vulpes: so then worker process would have to get involved in the billing loop?
asciilifeform: at any rate, nothing precludes listening for new turd WHILE running current one.
mircea_popescu: not the end of the world, 1700 business orders carried expiration.
mircea_popescu: asciilifeform if we do it like that will have to have expiration.
ben_vulpes: if the lubified turd came from the supervisor process C could come along with the 'script'
asciilifeform: Min(box-c, turd-c)
mircea_popescu: gordian solution to turing problem.
asciilifeform: when it pieces one together, and it passes sig - it runs.
asciilifeform: for years, if it has to.
asciilifeform: in 'idle' state, when the thing has no payload, it listens for a lubyfied turd signed with $key.
ben_vulpes: oh a buildroot that compiles a 'linux' to the nintendo emu arch?
asciilifeform: if you emulate a cpu that gcc knows how to target,
asciilifeform: but that has nic, disk, etc
mircea_popescu: more along these lines i'm thinking.
mircea_popescu: no i know, it's not on you ; just, the matter has to be discuss't.
mircea_popescu: i think it's time to bury that corpse, it smells.
mircea_popescu: silk road hurt the shit out of itself with "their own tools"
mircea_popescu: they know more holes in "their own tools" than you do.
ben_vulpes: but the fun of hurting them with their own tools
mircea_popescu: ben_vulpes too many lines of code
asciilifeform: worked kinda like this...
asciilifeform: btw there was a trojan bearing 'tinyscheme'
mircea_popescu: bear in mind, we're not selling investors on this. cheap, broken, angry sample to iterate on is jus' fine.
asciilifeform: nontrivial on toy os
mircea_popescu: even if you just run top and count ram/cpu it's close enough
asciilifeform: ben_vulpes: very easy to botch, note
mircea_popescu: yeah but we don't have that cheat as of yet
asciilifeform: this is in the homomorphic vein
mircea_popescu: anyway. uci is not gossipd. there is a good reason to implement gossipd OVER uci, but on the uci layer the thing shouldn't be concerned with this kind of security i don't thinl
asciilifeform: not thinking of it here
mircea_popescu: asciilifeform the tor model is, other than its many implementation warts, fundamentally broken i think.
asciilifeform: where a node receives encrypted 'rubbish' and does ?????, and sends various rubbish back, and adversary would have to capture 67% of nodes to have any clue re what.
mircea_popescu: asciilifeform i'm thinking a "independent nodes" sort of botnet, as opposed to the zombie windowze thing usually run
asciilifeform: and the other one.
asciilifeform: there are 2 basic angles to approach uci : the standard botnet model, which appears to be what mircea_popescu is thinking of, where nodes are individual boxes running specific program that does fairly straightforward thing,
mircea_popescu: not entirely sure bash it is the right way here ; but it does cheaply (in cognitive terms) expose the system for usage. which is why ssh runs into a bash shell.
mircea_popescu: ben_vulpes ideally it'd be more like "run this bash script"