tmsr - Search: a

31500+ entries in 0.191s

asciilifeform: i was actually in line to buy the box myself, for something like a year, turn finally came but by that time i got to see the photos / reviews

spyked: re. nsa laptop thread: olimex ppl (huh, it seems I keep mentioning these folks) have a "diy laptop kit" whose specs are very similar to the c101pa (for comparison: http://archive.is/4cp8W vs. https://www.olimex.com/Products/DIY-Laptop/KITS/TERES-A64-WHITE/open-source-hardware , the latter doesn't seem to archive for some reason). it's a candidate for my (by now long) hw-to-buy list, the "open sores diy" aspect is otoh the biggest

asciilifeform: i used to work with a roughly similar fella, so yes, agree

mircea_popescu: contrary to your respective inclinations, you two'd actually make a great team. very bias-mismatched.

asciilifeform: it's a massive ball o'shit

asciilifeform: potentially we find a hole in this process.

asciilifeform: so far i did find how to disable #wp signal on the h1 ( it tracks the battery-triggered #wp ). the way updater works, it permits flashing in any old turd, and it goes in a temp slot, which only on next boot gets ecc-sigchecked

mircea_popescu: in more general terms, if you had to dismantle every organisation the moment it had a mole in it... there'd be no organisations ever.

mircea_popescu: i dunno, have the boot flash a pink pixel, put a number on screen, whatever. replacement boot sequence won't know to do it, will it.

mircea_popescu: anyway, can also prep a boot rom that has a canary.

mircea_popescu: so in a sense it's up to you. if you've lost the love of labour because of the cp50 issue, i guess it dies. but if not, i do not see it's a waste of time. make it boot cleanly, try see what happens if you remove the item, try see what happens if you fuzz the item, maybe more stuff occurs -- this is a productive line of research.

mircea_popescu: yes, but it seems to me it's basically a local rootkit. so it's not such an overwhelming concern for the contemplated usecase -- give iphone girly machine.

asciilifeform: but i've not found a remote trigger for it. (dun mean there isn't one)

asciilifeform: upstack, before i start to fall asleep -- what do we wanna do in re the c101 ? march on with curing the 'ordinary' boot rom, and then sit on the thing pending a successful break of the cr50 booby ? shelf whole thing ? which'll it be

mircea_popescu: but yes, re the тяжело в учении -- легко в бою bit -- it comes as a shock generally that "your training must ~exceed~ actual usage, by a ~factor~. you don't train for 80% of what you'll do ; you train for 250% to 300%+ of what you'll actually do."

mircea_popescu: there is such a thing as ankle weights. my slavegirls should know, they get them lots.

asciilifeform: iirc there was a continuation, where , something like asciilifeform:'lorica oughta be heavy, but from iron, not lead weights' and mircea_popescu:~'but only the centurion who wears it should get to decide why heavy'

asciilifeform: https://chromium.googlesource.com/chromiumos/third_party/tpm2/+/master << for aficionados. the crypto, such as they are, routines in the cr50 thing. ( even seems to include a kind of orc rsa )

asciilifeform: there is not a mechanical cure for the need to exclude vermin

mircea_popescu: point remains, two bit everything all around. that's your "short ooda loop". it's a lot closer to cocaine than the users realise.

mircea_popescu: and i was sitting there in disbelief, "dude, it's two milf lamers in a tub, what the fuck".

mircea_popescu: you know i recently googled a pic, and google helpfully informed me who the, and i quote, "reality television personality, model, entrepreneur, socialite, and social media personality" involved were ?

mircea_popescu: HOWEVER. she can dance. she can sing. because she's a 1950s actress, and that was a PROFESSION which MEANT SOMETHING.

mircea_popescu: i saw a terrible film recently, with doris day. something something bla bla bla. she spends the whole time in an ugly looking deerskin.

asciilifeform: moar, if you have a largeformat cam

mircea_popescu: then they wonder why they don't ever have any gfs, these people. "i tried to evaluate whether she's my gf in a second or less, came out negative" "maybe give it i dunoo... FIVE DAYS ?" "omfg what ? i don't like... live that long"

mircea_popescu: hm, that's a thought

esthlos: trinque: I added a manifest to my v_genesis vpatch. I'm curious, though, how these items (vtron, manifest) become declared "standard", if ever

mircea_popescu: i've not thought a line in my life!

mircea_popescu: the worst case being what, a pile of useless data ? big woop, i have some of that myself, isn't killing me.

mircea_popescu: i'm telling you, building a fuzzing harness for a bunch of these may not be a bad way to lock down a machine (driving the fuzzing) for a week or two.

mircea_popescu: i'd love nothing more than qntra running a "google's ecc crypto defeated in field"

mircea_popescu: listen, my (often wrong, millitantly ignorant, whatever) intuition is that if oyu have an oracle in your hands (the chip after all DOES say yes or no) and all you want to do is produce a sig it accepts for an arbitrary string, you should be able to achieve this bit fiddling in less than 2^256 tries.

asciilifeform: it's a pretty plain boobytrap, wants magic sig to r/w the 'h1' firmware, or to unlock the console (which gives rootkit access to whole ram, cpu, ec, etc via the usb jack)

asciilifeform: it dun have a seekrit to extract, simply checks pubkey sig

mircea_popescu: you know, it occurs to me... it it's a captive minichip. it should be... defeatable. keep feeding it bad sigs and measure the powerlines.

asciilifeform: btw the 'h1' turd is a mass of c crapola, chances are there's an overflow somewhere

asciilifeform: not to mention that it seems to be a ~pogo with eeprom proggy (these dun show on micrograph anyway)

asciilifeform: mircea_popescu: i'd luuvvvvv a properly photographed bolix...

asciilifeform: it doesn't have a magic symmetric key, there's a ecc public sig thing to unlock the boobytrap and, e.g., erase/reprogram the thing

asciilifeform: mod6: read end of thread, subj is a ~standard arm with eeprom that ( per my experimentation in past 2hr ) actually does seem to contain something like the linked crapola

mod6: the zeptobars route may be a decent idea. has anyone reached out to that guy?

asciilifeform: aa so it's a sad rando anon

mircea_popescu: i mean, the backstop would obviously be "either follow spec as-is or get out of chan", i suppose. i don't specifically care either way, we already have plenty of proper loggers for one thing, and the original, "Hey, maybe someone exists on freenode that's both a) not totally braindead and b) hasn't heard of #trilema yet" was thoroughly proven wrong by now ; the intelligence flow is the other way.

a111: Logged on 2018-06-07 20:13 phf: asciilifeform: can they put a bot here so it'll quote for us? :)

asciilifeform: but suggests that the thing is a standard arm chip, with flash ram, that can be rewritten

asciilifeform: ( so far errything he said, such that asciilifeform was able to probe, turned out to be troo. if he's a liar, he's a very high-quality liar )

phf: i'm sure a russian with an electron microscope would love nothing more than do a careful job on a bonafide fritz chip

asciilifeform: and bolix is a 2um; this thing is prolly 22nm

asciilifeform: has the appearance of a hasty and gnarly glue job

asciilifeform: vertical integration is a thing, google bought a few power plants; but afaik not fab yet

mircea_popescu: anyway, back to it : the cp50's point of interest is, that it has a connection to power button. this is a single line, is it ?

asciilifeform: quite likely, the fella was telling the truth, it's a google.nsa die

asciilifeform: fw (or what claims to be the fw, i cannot verify re actual iron) is a c proggy, for what looks like an arm

asciilifeform: google had various crapola fabbed in the past, it wouldn't be a first

asciilifeform: if it's a shelf chip with title sanded off, neither i nor apparently anybody else knows which

phf: i mean, it's a different scenario, but that must be the feeling americans felt in the situations like that

a111: Logged on 2018-06-07 20:50 deedbot: http://trilema.com/2018/martin-cracauer-is-a-fucking-moron/ << Trilema - Martin Cracauer is a fucking moron.

phf: http://btcbase.org/log/2018-06-07#1821238 << crafty little strategy "we built a device with an open EC" "..." "we now have a sikrit cheap making sure our EC is not too open" ☝︎

asciilifeform: at any rate, if d00d was telling even half the truth re 'we had a cpld, in prev machines, and moved it, among else, to cr50 when we got to make own die' then it prolly is not a standard konsoomer loltron.

asciilifeform: they also distribute a ball of src which they ~claim~ (unverifiably, afaik, see thread) runs in it.

asciilifeform: ( they dun have, afaik, a fab, the 'TWN' suggests they contracted out to e.g. infineon )

asciilifeform: it's a google in-house product.

asciilifeform: i'ma guess you used a search engine and found http://courses.daiict.ac.in/mod/resource/view.php?id=1403 , random indian d00d with no connection

mircea_popescu: asciilifeform, my suspicion is that your "no cr 50" will simply mean "they put it in the die of a diff ic, and you can't find it"

asciilifeform: recall thread where mircea_popescu explained to a n00b, 'even when typhus epidemic rages, does not excuse you from washing hands' ?

mircea_popescu: so no, you're not going to find "a board without". you might find one where it's poorly attached and can be hammered off. but that's all.

deedbot: http://trilema.com/2018/martin-cracauer-is-a-fucking-moron/ << Trilema - Martin Cracauer is a fucking moron. ☟︎

asciilifeform: or is it for use as hammer ? ( it ain't a very good hammer )

mircea_popescu: a de-alphabet'd item that has no functioning power button is actually acceptable.

asciilifeform: ( it's a 16-layer pcb )

mod6: It's not long, worth the full read if one has a few extra mins.

asciilifeform: whole thread worth reading. presently i have doubt that the project is even worth the candles. ( tldr: there is a nsa rootkit chip on the board )

phf: asciilifeform: can they put a bot here so it'll quote for us? :) ☟︎

phf: well, the "1hz" point comes up periodically in lisp conversations, and there's a value behind it. asciilifeform attacks in various forms, naggum talked about it also, though i'm failing to find relevant article. cracuer is just surprisingly neotenic to express the point coherently

mircea_popescu: oh, neoteny of postmodernism, how ye keep telling yourself you're ok and what a disgusting slimy maggot ye are...

asciilifeform: it'll be interesting to try the plug with a recent intel box ( i dun have any, currently, with usbc ); see earlier derpery link re why

BingoBoingo: It's a small victory in the direction of capturing USB-C as a Republican standard

BingoBoingo: Small victory in the same sense being the first to summit a mountain is a small victory. There's this impossing and incomprehensible mass of rock, eventually someone makes his way to the top, documents or creates a human navigable path, etc, etc.

deedbot: http://qntra.net/2018/06/hfpa-insists-former-heads-groping-of-george-of-the-jungle-was-a-joke/ << Qntra - HFPA Insists Former Head's Groping Of 'George of the Jungle' Was A Joke

asciilifeform: the trickiest part of this magic trick still remains to be done, because -- if google's shitpile is to be believed -- one of those /dev/ttyUSBn is actually a spi bridge

asciilifeform: the only 'exotica' is the usbc breakout plug; these are on lulzazon ( part http://a.co/hus7Yyh ) and prolly elsewhere.

asciilifeform: it was buried in a megalith standards committee pdf crapola.

spyked: that's a fair point I guess. the wave of self-aggrandazing poetry critics seems dead today, and that didn't mean much to begin with.

a111: Logged on 2018-04-18 20:55 mircea_popescu: spyked, apparently you have no comments ? anyway, "the smiling girl i saw today bewitched my soul entirely ; another line goes in a diary that's read by me, and Mr. Sorrowly."

spyked: lol. mircea_popescu, I'm not denying nor admitting! the fact remains that your version has a borken metre, i.e. the last two lines don't match the first two. for ref., http://btcbase.org/log/2018-04-18#1802222 dunno how much this counts for mircea_popescu, but it does for me. ☝︎

spyked: actually meeting one tomorrow, so now that you mentioned it... I'm definitely going to ask her to do a japanese translation!

spyked: ah, okay. re that, I think it's a good assignment for philology students, so I'm actually making it a point to mention it to ppl in the field.

spyked: http://btcbase.org/log/2018-06-06#1820987 <-- sure thing. actually it may be a great idea to try to get them published. they're usually not coherent enough to make a blog post, but worth giving a shot. ☝︎

mod6: stranger, it was packed pretty well. pack of six was in a rigid corrugated box stuffed with foam peanuts.

mod6: yeah, somehow the bottom of one of the bottles got a crack in the bottom.

mircea_popescu: wait, a ~plastic~ bottle was broken ?!

asciilifeform: well, possibly i spoke in haste, it ain't a cp201/ftdi/etc, but some google strange.

asciilifeform: sbu1/sbu2 is a ~usb~ d+/d-.

fromdeedbot: namecoin and deedbot... i cant think of a better use case

fromdeedbot: decepticons.... she needs a shave though

fromdeedbot: if my aunt had a dick, she'd have been my uncle

trinque: Mocky: I'll have something for you to try out in a few days, if you like. ☟︎

Mocky: I figured I'd give it a try since I couldnt get my old 2014 version to install, nor my 2016 version

a111: Logged on 2018-06-06 17:59 danielpbarron: http://btcbase.org/log/2018-06-06#1820856 << not really. i don't have any ready and i don't know if my recipe even works any more. i'm currently using a debian install for eulora