tmsr - Search: i

33500+ entries in 0.247s

asciilifeform: i suspect strongly -- relapsed.

danielpbarron: i didn't have time to explain. he triggered quickly

Mocky: i was into tor, dark markets. now cured

mircea_popescu: i dunno all that much work was put into curing.

a111: Logged on 2018-06-11 23:36 danielpbarron: i once triggered a guy to the point of thinking he might have his first fist fight, over anti-ssl, till his friend dragged him away

BingoBoingo: <mircea_popescu> i need a unicode for the new york jew handwave. << Gaza http://qntra.net/2018/06/israeli-knesset-quietly-disqualifies-equality-bill-maintain-the-jewish-majority-even-if-it-violates-rights/

mircea_popescu: i need a unicode for the new york jew handwave.

asciilifeform: 'look ma i have linuxbios'

asciilifeform: i have hard time picturing him showing up again

mircea_popescu: i got excited.

a111: Logged on 2018-06-11 19:52 asciilifeform: thus far i know how to cut power to it, and this suffices for my purpose

asciilifeform: i found the custom periph btw, or at least 1 of them

asciilifeform: well 'whitelabel arm' implies a proper physical one with the engraving sanded off. which i suspect this one is emphatically not.

asciilifeform: http://btcbase.org/log/2018-06-12#1823375 << except, it ain't a proper arm cortex, but a softcore-arm in (metallization)fpga. cuz i suspect somebody read the Logz re specificity-of-diddling ☝︎

asciilifeform: ( btw when it's Trooly Cured i'ma put it up for auction, mircea_popescu-style )

asciilifeform: http://btcbase.org/log/2018-06-12#1823382 << i accidentally nuked the trackpad on my current test unit, so i got this!11 ☝︎

a111: Logged on 2018-06-11 19:37 asciilifeform: personally, i'd consider a box with no trackpad function, to be usable

danielpbarron: they placed me next to the celebritarian muslim guy. idk if coincidence, but i'm glad -- the guy will be serving food, and food vendors attract all the foot traffic

danielpbarron: i'm working on an article that suggests otherwise, porcfest is too small a thing to go to such existential lengths

danielpbarron: they have some app exibitors can use to promote where they'll be and what they are serving (i reserved a vendor campsite specifically for the purpose of provoking conversation about the Bible) -- i also mention in my "profile" that i'm a lord in the most serene republic of Bitcoin, which mysteriously gets removed. I add it again, removed again. They apparently don't mind a religious "cult" but not ☟︎

danielpbarron: what i expected has come to fruition, nobody who would attend such an event can afford to buy bitcoin anymore

danielpbarron: as in, anything else, just not bitcoin, that thing i told them years ago they shouldn't be spending on hotdogs and coffee

danielpbarron: speaking of the buring geek, bitcoin is (i suspect) a banned word/topic

danielpbarron: guy says "and replace it with what??" to which I said "idk, libreSSL, but i'm not really a fan of ssl in general"

danielpbarron: i was wearing my openbsd shirt that read "Keep calm and abandon OpenSSL"

a111: Logged on 2018-06-11 19:22 swiftgeek: asciilifeform: i'm only speaking about doing it once in history xD

oda: I enjoy following nerd drama but I try to stay out of arguments. Only one in recent memory was a bunch of people calling me an idiot for swapping on zram (which I kind of have to do on my shitty netbook)

danielpbarron: i once triggered a guy to the point of thinking he might have his first fist fight, over anti-ssl, till his friend dragged him away ☟︎

oda: mircea_popescu: I got it working with the paste site in the deedbot help site. Also that tiuxo site is my site. Cloudflare filtering might have denied deedbot, I filter out China / Russia / Korea and a few useragent strings I was getting a lot of weird traffic from

a111: Logged on 2018-06-11 19:14 |\n: even if something is not clear - hardware is full of shit, supplying any trust towards vendors is as stupid as saying that someone might now have some private keys from whatever, being it an IT or automotive industry (pick any), i believe that is why some papers on standards that might shed light on ways of how proprietary things (that belong to owners) work

a111: Logged on 2018-06-11 19:05 |\n: apart from things unspeakable on freenode i love to bring up tor relays and i got a job as an admin of shitty place

a111: Logged on 2018-06-11 18:37 apt-get: the reason I keep using this nick is because it's quite handy to have personal info drowned out in a sea of noise when someone tries to look it up

a111: Logged on 2018-06-11 18:33 apt-get: rude tbh, I've been using this one online for quite some time

mircea_popescu: eventually went to specialist store, bought 3 meters of double-width towel substance, had them rodeando it. 3 * 3500 + 3000 for the work = ~30 bux. now i have a proper beach towel, can seat five.

mircea_popescu: and in other fuck-this-failed-civilisation, NO SHOP in all the fucking town had a proper beach towel. the chinese overlords have decided all towels must be up to 1/3 size and that's it. "i want a towel king bed size" "you mean sheets ?" "no dood. towel." "here's the towels." "these are small."

asciilifeform: mircea_popescu: i'm picturing the archaetypical baba yaga scoop

mircea_popescu: and in other news, i bought myself a meter and a half long spoon paddle.

asciilifeform: BingoBoingo: i still find it lulzy how google apparently banked on nobody outside of their heathen pit getting hold of the fucking debug hose. ☟︎

a111: Logged on 2018-06-11 20:35 asciilifeform: so far my only clue that h1 actually runs the given fw , is that i was able to flash in a vendor update : http://btcbase.org/log/2018-06-08#1821699 and ended up with a slightly different, in the ways suggested by the src, console

a111: Logged on 2018-06-11 19:57 asciilifeform: swiftgeek: given your introduction ( http://btcbase.org/log/2018-06-11#1822589 ) i assume you may be interested in verifying fact that cr50 is not a subfunctionality of the ordinary (i.e. kept in winbond spi ) bootrom or the EC controller ('nuvoton' arm , visible in right hand of photo ). this is very simple to do:

asciilifeform: BingoBoingo ( and other awake folx ) , plz to point future 'fact checker' i_came_from_reddit folx, to http://btcbase.org/log/2018-06-11#1822821 + http://btcbase.org/log/2018-06-11#1822990 etc, if i'm off in meatland ☝︎☝︎

trinque: for one, I'd expect anyone who spent enough time in one to come out the other side schizophrenic

asciilifeform: it'd be one thing if, say, google dev showed up and 'yes i'ma pgp to mircea_popescu the magic key', or even 'here's the schem'. but nooo, instead they come to 'explain' to us how 'tpm can be used to benefit you' . ☟︎

asciilifeform: they dun make tards, apparently even, like they used to. i swear , the tards from 10y ago were not this thick.

a111: Logged on 2018-06-11 20:42 hl`: I'm a longtime owner-control advocate.

asciilifeform: seekrit committee generally concerned with specifics of applications (i.e. anything where you gotta know the identity of intended victim, say)

asciilifeform: (i.e. snarfing up that delish printolade like there's no tomorrow )

a111: Logged on 2017-09-15 23:48 asciilifeform: kanzure: i spilled the beans from a similar darpa conference that i attended, in the heart of the beast itself, few yrs back ( it's in the l0gz, spoiler : multilinear map homomorphic crypto is bunkum ) and still waiting for gasenwagen

swiftgeek: anyway that covers everything for me, i can only wait for more docs to appear (or dead boards)

swiftgeek: otherwise i will exploit other device on the bus and replay it remotely

asciilifeform: back upthread -- discussion of 'roots of trust' WILL start with , at the very MINIMUM, iron where i can fucking see the transistors through optical microscope. and never with anything else.

swiftgeek: nah i was just referring that qcom code is generating code that generates to generate code that (....)

hl`: i.e., you'd have to solve the halting problem to write a program which can analyse the generated programs in the general case, meaning that any computational malevolence (compromised silicon, etc.) can only compute the result of the algorithm by executing it unless someone solves the halting problem

asciilifeform: this is an eprom. and i've had them in physical possession long enuff to know that they weren't touched by fucking nato. and , on top of this, i can physically photo the crystal without decap.

hl`: asciilifeform: that's actually an interesting idea - i've toyed with a similar idea previously, though for different applications. basically, my idea was to come up with some way of algorithmically generating algorithms such that the algorithm generator can know the correct answer computationally easily, but where the structure of the algorithm is highly randomised such that it resists analysis in the

asciilifeform: which resolves to 1) i wrote the code 2) i know that the die was not built in advance to subvert the functionality of said code

hl`: Sure. Honestly, I'm surprised nobody has managed to dump decrypted Intel microcode yet. Seems to me you could probably accomplish something with glitching.

asciilifeform: crypto on single-die device of modern (i.e. past 25 yrs ) manufacture, is a losing proposition.

hl`: pretty much - agreed that TPMs with nonfree firmware (i.e. all of them which currently exist) are pretty dubious for that reason.

asciilifeform: if i cannot audit the contents of the device, it is impossible to prove the nonexistence of magic key.

asciilifeform: my 'root of trust' is iron that i assembled with own hands, out of soviet components, and sealed with glitter polish. fuck fritz tpm.

asciilifeform: tell me again why i would want 'tpm' if i have an airgapped 1990s machine for all computations on secrets.

hl`: yes, exactly. i'm talking about the use of owner-controlled TPMs to secure against other parties.

asciilifeform: my machine. i read or flip whatever fucking bits i want.

asciilifeform: and i am definitely not interested in iron that protects against ~my~, the owner's, physical attack.

asciilifeform: hl`: i am not interested in buying iron that specifically protects against everybody-but-nsa physical attack.

swiftgeek: yeah i was just saying about having TPM module implemented in open manner

asciilifeform: understand, i can have ice40 boards to fit lappy chassis roll off conveyor in 6mo, if i want.

asciilifeform: i fucking hate riscv

asciilifeform: i am not particularly interested in infineon, you can safely desolder it from any box that has it

swiftgeek: what i'm annoyed about is that infeon is not distributing updates directly to consumers

asciilifeform: ( this was possible because i purchased a unit having cr50.r0.0.10.w0.3.3 fw )

asciilifeform: i've established that cr50 ~will~ accept fw update if ver is incremented and rsa signature is valid. so anybody with google's rsa key and 10 seconds of physical access can insert new fw into cr50.

asciilifeform: but i will add, cr50 also hangs from same vreg's enable line and can switch it... back on

asciilifeform: i can also 'replace the card' by switching off its power rail via ec and inserting usb nic dongle.

asciilifeform: swiftgeek: understand, i have a quite specific aim in re this machine, outlined in http://btcbase.org/log/2018-06-11#1822866 . i do not particularly care re the irrelevant details, e.g. the shape of the antennae in m2, or the exact diameters of the screw holes, etc. ☝︎

swiftgeek: asciilifeform: i can tell at the very least it doesn't look like anything ROHM would make (the chip)

asciilifeform: swiftgeek: i personally am more annoyed at rubbish masquerading as computer, than by general-purpose rubbish

asciilifeform: swiftgeek: as far as i'm concerned , all boxes not yet cured of fritz are 'ewaste'

hl`: I found your blogpost on lobste.rs.

hl`: I'm a longtime owner-control advocate. ☟︎☟︎

swiftgeek: asciilifeform: anyway if you can tell i care a lot about e-waste and such chipie is creating serious problems

asciilifeform: at any rate i encourage folx who think that i dreamed it all, to build the snake ( i posted schem ) and do the exact experiment suggested earlier in http://btcbase.org/log/2018-06-11#1822821 . ☝︎

swiftgeek: i didn't know they have actually made it finally

asciilifeform: not to mention that i do not have the 'servo' device, nor see anything to be won from building it ( it gives access to the consoles, which i already have, and spi, which i already have via soldered probes, and that's it. )

asciilifeform: a chinese shop could, for instance, mount the http://www.loper-os.org/pub/c101pa_dbg.jpg ( 'google servo' ) connector, on to the vacant pads. BUT this does not give me anything that i do not already have via the 'suzyq'.

a111: Logged on 2018-06-08 17:15 asciilifeform: i was able to flash in the https://gsdview.appspot.com/chromeos-localmirror/distfiles/cr50.r0.0.10.w0.3.4.tbz2 image ; it supports a few moar commands, including 'rma open' returned-to-factory unlocker thing. but result was , unsurprisingly, 'with notes from hitler only' : http://www.loper-os.org/pub/c101pa/c101pa_unlock_nodice.txt

asciilifeform: so far my only clue that h1 actually runs the given fw , is that i was able to flash in a vendor update : http://btcbase.org/log/2018-06-08#1821699 and ended up with a slightly different, in the ways suggested by the src, console ☝︎☟︎

asciilifeform: but i have no way to verify the truth of what he said, aside from noticing that there is 0 discussion anywhere on the net, aside from #trilema and my www, of the h1.

swiftgeek: i only realized it when investigating some newer SSDs

asciilifeform: i have already identified all of the major components

asciilifeform: fwiw i don't have any use for anything short of the schem

swiftgeek: what i mean is that chromebooks aren't popular in china

asciilifeform: last i saw.

asciilifeform: the schem, for instance, is not given to repair contractors. or i would already have found it.

swiftgeek: asciilifeform: i would bake cookies and bring them some xd

asciilifeform: i don't see this as a productive line of probing

swiftgeek: i thought you were in russia

swiftgeek: asciilifeform: i don't consider swapping a board as repair