371900+ entries in 0.232s
adlai: (seems
to be just
the one)
assbot: Logged on 28-11-2015 21:24:54; mod6:
This is a clean break point
to start working on
the rest of
these large pieces such as
the mempool.
assbot: Logged on 28-11-2015 21:15:00; mod6: depends on what makes sense. i'll need all
the help I can get. either we put in
the work
that needs doing and you have a republic, or you don't.
assbot: Logged on 28-11-2015 21:02:41; jurov: my proposition is
that if packets signed by key in WoT come from an address, it's unlikely DoS will come from
there
too.
BingoBoingo: Ah, yes about
the passports. If your hands are full no worries.
jurov: about
the passports?
BingoBoingo: jurov: Care
to qntra a piece or are your shiva hands full
too?
ben_vulpes: or
they'll do it anyways and print
to cover
the loss.
ben_vulpes: not until
they install checkpoints anyways, and
that'll cost far more
than
they really can spend.
☟︎ ben_vulpes doesn't see
the point on domestic
travel
jurov: not for domestic
travel afaik
trinque: Some states initially refused
to comply, fearing
that
the feds would make a national database of citizens. << lulzy
assbot: Logged on 28-11-2015 18:44:19; mircea_popescu:
http://log.bitcoin-assets.com//?date=22-05-2015#1143203 << lettuce re-introduce
this into
the record. One Robert J. Hansen goes
to california
to help some derp make drm for
the palm pilot ; gets scammed and ass raped. while
this is exactly what he deserves,
the story of his suffering is nevertheless instructive.
ascii_field: i have personally met folks who grew up on
this 'history'
ascii_field: r way onto
the mainstream book list. 3. Neo-conservative books promoting
the U.S. as
the world’s SWAT
team.' << aha
ascii_field: not going
to rest until every non-German human had been wiped from
the face of
the Earth.]
The leftist rewriting of
this conflict seems as kooky as
the bizarre neo-Nazi revisions I read in my youth, but is more
troubling, because, where
the right wing kooks who wanted
to paint humanity’s largest killing with a bizarrely fantastical brush of Germanic innocence were rightly ignored,
the lefties are finding
thei
☟︎ ascii_field: '1. Books ghost written for a Fox news Op-ed figure, 2. Jingoistic
tomes on
the defeat of
the evil Nazi empire by “the greatest generation” of Americans, revealing as yet unfathomed Nazi evils and under-appreciated American heroics. [WWII is no longer, apparently recognized as having had a Russian or Japanese component, and
the
Third Reich is represented as an engine of global extermination
that was
ascii_field: BingoBoingo: gotta stay under
the mtu. but otherwise yes.
BingoBoingo: <ascii_field> jurov:
then we stego on a 'recognizable' structure << 1024 nudes encoding!
ascii_field: so
there is never any possible confusion about source or destination.
ascii_field: and you know
the packet is 'for you' because you were able
to decrypt it with your privkey.
ascii_field: it is quite simple
to ignore
the apparent originating ip because we always know where a valid packet came from - based on which pubkey on your end is able
to validate
the sig.
ascii_field: jurov:
then we stego on a 'recognizable' structure
jurov: if $enemy reacts
to packets without recognizable structure by ddosing
ascii_field: and, if it comes
to
this, over some other net.
jurov: well,
then just better keel up and die
ascii_field: at no point must a gossip packet's apparent source ip be
treated as meaningful.
assbot: Logged on 28-11-2015 21:02:41; jurov: my proposition is
that if packets signed by key in WoT come from an address, it's unlikely DoS will come from
there
too.
ascii_field: and enemy can do useful
traffic analysis on
top of
that.
assbot: Logged on 28-11-2015 20:42:43; phf: ben_vulpes: sure, so you're going
to cap
the size of ciphertext of what you expect
to be nonce, which is fine, but after
that you rely on state outside of gossipd (tcp packet from ip such and such)
to drop all subsequent
ascii_field: and
the conversation, from first packet onwards, must be indistinguishable from rng garbage
to
the enemy.
ascii_field: gotta know
the pubkey of your recipient, from first packet up
ascii_field: and imho it is absolutely impermissible
to have any plaintext invariant fields
assbot: Logged on 28-11-2015 20:29:36; phf: so gossip should be able
to accept variable size packets, a naive version is
to have our own header, {headerbit,body size} followed by body. in case of gpg backend we feed body
to gpgme, let it figure
things out. a better option is
to have a (rudimentary?) parser for opengpg packets, and only accept a fixed subset of packet sequences, or specifically what you get when you encrypt a message with gpg. {pubkey enc
mod6: This is a clean break point
to start working on
the rest of
these large pieces such as
the mempool.
☟︎ mod6: Not a lot really remains left for v054. I'm in
the process of getting all of
the 3rd party deps, listed and
then will sign and find a place for
them on
the website.
Then I need
to update my build script so it pulls and verifies all of
that stuff from our own host. Beyond
that, I just need
to publish
the v054-RELEASE patch I've been sitting on.
Then Mr. Vulpes & I will need
to sign all
the vpatches and post 'em
to
the mailing list.
mod6: I'll
try my best
to steer us
there.
mod6: Perhaps
these additional major changes will go in one release at a
time. And, we've been here before, but I'd like
to keep
the changes per release down
to something manageable.
mod6: I'm
thinking
that we cap further changes on v054.
jurov: well, if you want
the fixed mempool in 054, gotta start now. it's not possible without rewrite.
mod6: depends on what makes sense. i'll need all
the help I can get. either we put in
the work
that needs doing and you have a republic, or you don't.
☟︎ mod6: maybe we can
take
these
things, quarter at a
time.
mod6: then get
these
tasks written up and broken down if possible as a road map for '16.
mod6: so I'd like
to get v054 done by
the end of
the year.
danielpbarron: from
the yoga cancelled
thing >> Ms. Scharf offered
to rebrand
the class as "mindful stretching," but student leaders did not
think
that was enough.
mod6: i need
to quit shitshoveling and just dive down
these manholes everyday instaed.
ben_vulpes: won't you end up in a situation a la bitcoin where
the ip is encoded into
the message itself?
mod6: good scrollback
today
jurov: my proposition is
that if packets signed by key in WoT come from an address, it's unlikely DoS will come from
there
too.
☟︎☟︎ jurov: well,
the fact
that packets have source and destination address is not avoidable
ben_vulpes: jurov: phf's point
though is
that
then you're relying on state /outside/ of gossipd
to run gossipd. if i understand correctly.
jurov: until
there's DoS
that spoofs
the address, i know.. but
that bar is much higher
jurov: if
the nonce is bad, it's ok
to just ignore all packets from
the address(with
timeout)
phf: ben_vulpes: sure, so you're going
to cap
the size of ciphertext of what you expect
to be nonce, which is fine, but after
that you rely on state outside of gossipd (tcp packet from ip such and such)
to drop all subsequent
☟︎ ben_vulpes: i was under
the impression
that a first gossip packet was a signed nonce so
that
the implementation could drop all subsequent packets at its convenience.
phf: i'm not sure what's
to be done about DoS attacks
though. body size caps? we have a handful of protections allowed by
the carrier (only accepting messages from certain ips, etc), but ultimately can get a spoofed 4gb bundle and will not know
that
the data is spoofed until have
the whole
thing, and
try and verify/decrypt it
phf: so gossip should be able
to accept variable size packets, a naive version is
to have our own header, {headerbit,body size} followed by body. in case of gpg backend we feed body
to gpgme, let it figure
things out. a better option is
to have a (rudimentary?) parser for opengpg packets, and only accept a fixed subset of packet sequences, or specifically what you get when you encrypt a message with gpg. {pubkey enc packet}{encrypted data
☟︎ assbot: Yoga Class Is Suspended After Students Deem It Culturally Inappropriate –
The
Ticker - Blogs -
The Chronicle of Higher Education ... (
http://bit.ly/1MLcrru )
ascii_field: l0l if i even knew how
to steal a broken cent properly
mircea_popescu: see, had you stolen and sold some soviet
tanks for scrap in 2009 you could have moved
to ba in 2013 and been looking for an engineer
to join your workshop
today.
ascii_field: me: 'i'd be looking for a kaisyaku for
the seppuku'
ascii_field: pet: 'aintcha glad you didn't
take preorders'
mircea_popescu: no,
that was before nefario,
theymos, goat &
the rest of
the friends split.
mircea_popescu: not really, started by glbse, maintained by every single non-mpex "bitcoin business"
to date.
ascii_field: mircea_popescu: what was 'the lose half your money
thing' ?
gribble: Bitfinex BTCUSD
ticker | Best bid: 354.02, Best ask: 355.01, Bid-ask spread: 0.99000, Last
trade: 353.99, 24 hour volume: 21705.98693894, 24 hour low: 351.0, 24 hour high: 363.29, 24 hour vwap: None
mircea_popescu: anyway,
to reassure
teh investors : s.nsa actually does have 456.01462284 in cash, should
the company be wound down
today it would distribute ~9626 satoshi per share
to investors.
mircea_popescu: apparently
the "lose half your money"
thing is still with
the btc public huh.
ascii_field: this is not hard, just use engineer
that works day job... but
this has flip side, yes
mircea_popescu: company with 9980 satoshi/share in capital on
the books nevertheless
trading at 5500. now
that's one hell of a performance.
mircea_popescu: unlike any other concern, s.nsa pays everyone ~100% of what
theyr work is worth
mircea_popescu: anyway, in
the even keeled view of
the matter, a person can only be participating in one death march at a
time. since you're working with some other company, and it doesn't seem
to be wanting
to list itself, we need an engineer actually working for s.nsa ?
mircea_popescu knows
that he's supposed
to be doing management for
the
thing and has no product whatsoever
to show
the investors
THREE years later!
this is
the 3rd xmas.
ascii_field: well we currently have one engineer who works infamously slowly between death marches of day job. mircea_popescu
thinks
that
two or more would work faster ?
mircea_popescu: i suppose s.nsa should actually hire more engineers ? whadda ya
think ?
mircea_popescu: but if your
thoughts are figured out before you sell
the
thing, you will forever be looking for a job.
ascii_field: if my
thoughts were never figured out by independent other folks, i would have
to conclude
that i have finally gone mad