36500+ entries in 0.291s
spyked: zx2c4, I've been looking over the tamarin protocol verification paper and I'm curious, what does "symbolic verification" mean? also, what's the thing's output? is it just
a "yes, properties hold" or does it also output the proof?
☟︎ trinque:
a muntzed drakma would be
a fine thing, I'd sign
☟︎ spyked: whole thing's
a mess, but I'm organizing the code so that I can eventually replace it with something else.
trinque: nope, current thing is
a sad pythonball hanging off the side.
spyked: trinque, yeah, I'm actually playing with cl-feed-parser to get an idea of what's required for the feed bot, going to spec it and all. I grabbed it off the githubs (
https://github.com/tkych/cl-feed-parser ) and the number of dependencies is irksome, so if you happen to know
a better alternative other than building my own, I'm open to suggestions
avgjoe: no, it's
a easy/fake study to have more spare time keeping government grants
☟︎ avgjoe: after seeing that raiblocks was just some random coin, i tried to understand better bitcoin and found trilema as
a very valid starting point, no-frills like, to use bitcoin in
a responsable manner
avgjoe: and
a couple of months ago i was lucky to cash out in bitcoin the crazy (at least for me) amount generated by solving captchas
ben_vulpes: well it's more of
a nineties yahooforum pink sheet stock but that's neither here nor there
avgjoe: basically
a coin that was given to lazy people that solved captchas
avgjoe: i'm
a student, I've discovered bitcoin thanks to raiblocks
trinque: note that
a horde of titties just came through and used the thing on the basis of knowing douchebag
ben_vulpes: trinque: dude has
a point, self-referential though it might be faq.html would benefit from an "i am trinque, and have been running this service for members in good standing of the #trilema wot and others before it since XXX"
ben_vulpes: trinque: web site is run on
a daily job?
avgjoe: so if I understand correct: all the deedbot functions are ready to go for
a newcomer, except for the wallet function that works well after having
a good wot connection
trinque: avgjoe: the point being, while I can give you
a lot of nice words about not stealing your bitcents, this doesn't amount to much.
avgjoe: is
a feature for doing off chain transactions by trusting the human meat or i'm missing something?
avgjoe: "Requests that `amount` be withdrawn from your available balance and sent to `to-btc-address`. This step shall be performed by
a human operator after reviewing account history. Expect at least one day of processing. Bitcoin transaction fees shall be deducted from your account."
mircea_popescu: nobody cared about him back when he was
a good actor 20 years ago as much as they care now, that he delivers wooden monologues of sheer nonsense.
mircea_popescu: morgan freeman is also worshipped now. why ? same reason. wolf-raised kids can't believe oldman is
a thing.
avgjoe: or at least,
a server located where?
avgjoe:
a curiosity about the deedbot wallet feature: if i use that feature, who is controlling the keys?
mircea_popescu: !#s "Transgressing the Boundaries: Towards
a Transformative Hermeneutics of Quantum Gravity"
a111: Logged on 2018-04-12 16:25 zx2c4: i havent compiled
a list of Name+WrittenReview. maybe i should do that
mircea_popescu:
http://btcbase.org/log/2018-04-12#1797184 << you definitely should do that, seeing how the superficial "was reviewed" claim collapses upon the most cursory scrutiny. this is not
a good state to put yourself into, it makes it too easy to be painted with unflattering brushes.
☝︎ mircea_popescu: but if you look through that category ("la pas prin lume") there's
a ton of various.
a111: Logged on 2014-11-13 23:07 mircea_popescu: In the days when Sussman was
a novice, Minsky once came to him as he sat hacking at the PDP-6.
mircea_popescu: asciilifeform it can't be
a debit like that, because the main unknown is the approach.
a111: Logged on 2018-04-12 18:10 mircea_popescu:
http://btcbase.org/log/2018-04-12#1797142 << understand, the discussion here is re cryptographic hardness, not mathematical hardness ; as discussed otherplaces in the logs, the mathematical notion of difficulty is "what's the absolute hardest case this problem can yield", because they want to offer maximal flop guarantees ; cryptographically it is kinda opposite : what's the LOWEST difficulty
a problem in this class may yield
BingoBoingo: Now, there's also "alfajores integrals" where
a birdseed paste is smashed between two birdseed wafers, but those cost ~70 pesos whereas alfajores verdaderos costs 20-30 pesos
BingoBoingo: <ben_vulpes> i have been seduced into liking sugary delights! << It's scarcely been more than
a month since
a fractional alfajore gave you sugar shock
mircea_popescu: . because they want to put
a MINIMUM floor in. so to
a large degree mathematical discussions of hardness are not cryptographically useful.
mircea_popescu:
http://btcbase.org/log/2018-04-12#1797142 << understand, the discussion here is re cryptographic hardness, not mathematical hardness ; as discussed otherplaces in the logs, the mathematical notion of difficulty is "what's the absolute hardest case this problem can yield", because they want to offer maximal flop guarantees ; cryptographically it is kinda opposite : what's the LOWEST difficulty
a problem in this class may yield
☝︎☟︎ a111: Logged on 2018-04-12 16:12 zx2c4: things like RSA boil down to number theory problems. but that's in
a sense scarier than the set of problems that good block ciphers tend to boil down to. because it means that those primitives have lots of _structure_, and generally structure is something that can be exploited. just look at all the amazing and fantastic attacks on things with structure. so just boiling down to
a [currently considered] "hard problem" doesn't provide as much solace
mircea_popescu: the line 332 explosion is
a fine example of this as any could be had.
ben_vulpes: mircea_popescu: the .htaccess files included with/generated by mpwp include the `Allow` incantation, which is not
a thing in apache 2.4; trilema purports to run on 2.4.16; can the Order/Allow incantations be replaced with the 2.4-style Require?
mircea_popescu: generally the alfajor as
a commercial item is two wafers, ddl in betrween, whole dipped in hard chocolate.
mircea_popescu: hey, i didn't think i even liked girls, as
a 14yo. people get strange ideas in their heads.
ckang: from
a security perspective
ben_vulpes: well they are
a far cry from the mango gelato of mircea_popescu's haremfactory but goshdarn these alfajores are magical with coffee in the morning
mircea_popescu: anyway, guy got
a bitcoin, meaning he can put however many more hours into the thing you're using, so wins all around.
zx2c4: but ill idle in here for
a while and will be back in several hours mostlikely
zx2c4: i need to head out for
a bit now
zx2c4: ill give ada
a look. ive long heard about it but never dived in
zx2c4: linus has never been so happy about other languages in the kernel. for example, he rejected
a C++ layer many years ago
mircea_popescu: that's
a perl impl of
a v tool by mod6 ; everyone is invited to make their own v tools.
mircea_popescu: the idea with it is that patches must be
a) clearly assigned to
a responsible key and b) well read. actually, not putatively
a la ers's trillion dead fish eyes.
mircea_popescu: anyway, as to the other one : v is the republican... well many things, but also works as
a versioning system. here's
a pretty picture to help the notion along :
http://btcbase.org/patches << you can select from the drop menu to the left, see vaqrious trees extant. you can click on any item to see the patch it represents.
zx2c4: i suppose your point is that you _could_ choose to obscure the lengths of the messages youre sending back? whereas with zero that isnt
a possibility?
mircea_popescu: if however he observes
a stream of n messages of length = 0, he can infer nothing was said.
mircea_popescu: one thing at
a time : if an attacker observes
a stream of n messages of lengths != 0, there is nothing he can infer : maybe they're part of one message, or maybe they're not, or maybe they don't even say anything.
zx2c4: why do you think zero is
a special case?
mircea_popescu: anyway, the point here isn't that padded protocols infoleak in multiples of the paddiong., the point is that 0 is
a special case invariant, and yhou can never leak
a multiple of 0 safely. because, again,
a message of arbitrary length n can be presented as m messages of length k ; but 0 messages can never carry anything.
zx2c4: this may indeed be too large of an infoleak and you'd prefer
a different padding scheme like always filling the entire MTU
zx2c4: mircea_popescu: padded protocols infoleak in multiples of the padding. you get to see if
a given packet elicited
a 0 reply,
a 16 reply,
a 32 reply,
a 48 reply, and so forth
mircea_popescu: in any case, cryptography comes in two sorts : sort
a), known here as "this must be secure, it's so confusing to me", and sort b). the moment you say "i can't see what this gives attacker" you force-shove yourself in group
a. it's not your business to know the attacker, that's the whole fundamental philosophy of ciphering, that you do not need to know the attacker.
mircea_popescu: this is the problem : you introduce
a categorical breach with this system.
mircea_popescu: because i can turn
a 31 message into two 15 messages or back ; but i can't turn 0 messages into anything else.
zx2c4: mircea_popescu: an attacker can also distinguish between
a length 15 message and
a length 31 message. i still maintain this doesnt give an attacker anything useful
mircea_popescu: why am i held to explain how
a protocol breach can be elevated to arbitrary height ? the attracker FIND SOMETHING
zx2c4: what do you get by knowing from inference that it's
a keepalive?
zx2c4: no, i dont think sending
a random string would make it more secure
zx2c4: when you encrypt
a message of 0 bytes, you get 0 bytes of ciphertext + 16 bytes of authentication tag
mircea_popescu: zx2c4 here's
a simple alternative to consider : would you agree the assemblage would be more secure if instead of sending
a null payload you sent
a random string ?
zx2c4: normally when you encrypt
a message of 32 bytes, you get 32 bytes of cipher text + 16 bytes of authentication tag
mircea_popescu: can you off the top of your head give me
a dummy example of such ?
zx2c4: in otherwords, the empty plaintext is still
a valid value to be authenticated-encrypted
mircea_popescu: so it is not "empty" in the sense of "" ; it is empty in the sense of the payload being null, but the actual message is in fact
a nonce and some tags anyway.
zx2c4: in this case, its important that you send me
a keepalive, so that i know you at least got it. however, these keepalives arent persistent. if subsequently, i have nothing more to say to you, then we both go silent and dont say anything.