log☇︎
391600+ entries in 0.267s
asciilifeform: phf: the weights ought to be trotyl
mircea_popescu having homemade black forest with "alamos" chardonnay, supposedly "best seller in teh usa". it's not terribru.
asciilifeform: various nice touches. e.g. the wheel well goes all the way through, does not collect shit like normal mouse
phf: pretty sure that thing has a remote triggered cyanide injector. a "present" for ascii
mitch_callahan: and you can add weights to it
asciilifeform: (this is not clear from the photo, but the 'wings' are on long screws and... can move)
mitch_callahan: i find it helps with carpal tunnel.
mitch_callahan: on the left, I use the 2 as forward/back
asciilifeform: it is very neat. but, what to do with the extra buttonz !
mitch_callahan: I've got one of those
asciilifeform got a spiffy gift from a phriend, a mouse where various pieces of the chassis can move around to fit the hand, various iron knobs. endlessly tunable thing. had no idea this existed.
mircea_popescu: i poured a little on the floor for your soul.
mircea_popescu: asciilifeform i discovered a new japanese restaurant (in china town) whereby i had an exceptional peruan soup.
assbot: You rated user menahem on 26-Apr-2015, with a rating of 1, and supplied these additional notes: New blood.
mitch_callahan: i wanted to change my nick anyhow
asciilifeform: fully 90% of what was in the camera, even.
asciilifeform still needs to post his recoleta pics
mircea_popescu: i think at least.\
mircea_popescu: mod6 maybe you're thinking recoleta. i did that one a while back.
mod6: arg! i gotta finish the documentation on this thing so i can play new eulora!
mod6: eh, maybe not the same place
mod6: ah cool, you got a chance to walk through there!
asciilifeform goes off to eat dinner before it dies a 2nd time
asciilifeform now will have to prove, pissed
mircea_popescu: but just as far as the general principle goes. how are you going to do "padding" w/o hashing ?
asciilifeform: (and especially not close in the phase space of cryptographic malleability, for the kind of crypto in use)
asciilifeform: mircea_popescu: 'padding' is a misnomer for a variety of possible processes, all of which have the objective of making sure that a message is never close in phase-space to another plausible message
mircea_popescu: been a bunch of those.
mod6: haha. i recall there was a guy before phf's time that was like, "i can't hang in here! too much sedition!" or something
mircea_popescu: what is this.
mircea_popescu: what, different dood on the internet ?
mircea_popescu: phf link them to the place where ytou said you're against sedition.
mircea_popescu: they're fucking inverse functions. one does many-to-one, the other needs an arbitrary bytecount.
phf: i'm waiting for this channel to catch up with me, i'm going to go through some routine dc check, like a metal scanner or security clearance, and it's going to be "step this way sir." some gruff looking gentleman holding b-a printouts..
asciilifeform: the 'padding' thing is an entirely separate animal
mircea_popescu: asciilifeform how is unpadded rsa supposed to work ?
phf: mp gets them every time
mircea_popescu: whenever something doesn't fly that's usually why
mircea_popescu: nothing but terrorists in this chan i swear.
phf: inertia, there was a point when amtrak was also inexpensive in addition to being cheap
asciilifeform thinks 'sic transit gloria mundi'
mircea_popescu: whenever i hear of someone saying they're in transit i always picture a person inside an intestine.
phf: mircea_popescu: will do around saturday. i'm still in transit, so no working client
asciilifeform: in ~that~ sense alone, a hash is a cheque drawn on a total unknown.
asciilifeform: today - gigabux, tomorrow - penny (pointedly ~not~ because of any advance in cpu, but on account of mathematical efforts)
asciilifeform: the only question concerns the difficulty of finding said collisions
asciilifeform: thing re: hashes is that every hash, being a many-to-one function, is by definition guaranteed to collide.
asciilifeform: normally everybody proposes it and then writes it off as 'we haven't the cpu or the entropy'
mircea_popescu: but i am reserved as to the hashlessness
asciilifeform: mircea_popescu did propose putting it to battlefield use
mircea_popescu believes he proposed this originally.
asciilifeform: where nothing needs to be hashed.
asciilifeform: and to that we have analogy: the pure-rsa variant
asciilifeform: tesla begs to differ
asciilifeform: hash is the proverbial 'hole through which the night walks in'
asciilifeform: the weaker the hash, the more 'promise' and less 'protocol'.
asciilifeform: systems which rely on a hash, ultimately contain trace elements of 'promise'
asciilifeform: the fundamental issue that bothers me is that a broken hash is where 'protocol' begins to decay into 'promise'
phf: mircea_popescu: back then it was kek, these days i could probably get a hackernews frontpage "fundamental vulnerability found in gnupg, no one is safe!" either way completely irrelevant. just reminded me, it was 2005 or so
asciilifeform: but i suggested it some months ago, and so it is conceivable that it will.
mircea_popescu: has this ever happened ?
mircea_popescu: exponential costs. modest benefits. very much in line with all the other bad choices that sunk the ship of state.
asciilifeform: let's picture, say, an isis beheading is held on top of a banner containing an fp
mircea_popescu: doing this is actually a strategic mistake i'd be more than happy to see executed.
asciilifeform: sitting between them
asciilifeform: phf: this only leads to laughs unless you can somehow be there for the rest of the two would-be pen pals' lives
phf: oh hey i wrote a poc for pgp filter at toorcon, when that other wifi mitm came out. no need to figure out what's where, just sit on the http stream, catch text/*, grep it for gpg headers, and then rewrite on the fly
mircea_popescu: there still is time.
mircea_popescu: the people who went to oregon first, got homesteads. the people who go now - get to pay rent.
asciilifeform: the other thing is, to the extent that the integrity of the wot as we now have it is predicated on sha1 not costing a penny to break, some of the sweat that went in to forming the wot may end up having to be re-sweated
asciilifeform: no mega-shocking result - pgp is not a magical fountain of phree-energy-style 'trust from the aether', but rather an amplifier of trust established - to some extent - in the meat.
mircea_popescu: \as you say, the time to join the wot isn't when sha-1 collisions cost a penny.
mircea_popescu: yes, this was, and perhaps still is true.
mircea_popescu: i said and i repeated there';s major value to jointing the wot early. to the point that it was throughout the greatest gift one could give his rest of his life.
mircea_popescu: (turns out mp deliberately isn't keeoping the pobkey and the signerd material in the same place. har har who knew! )
asciilifeform: this of course demonstrates the point mircea_popescu made earlier, whereby no one who he was not properly introduced to, could ever hope to escape this.
mircea_popescu: but herein the problem gets fractured. how many things does it need to filter ?
asciilifeform: deedbot, then
mircea_popescu: there aren't any signatures contained therein.
assbot: Contact : PGP on Trilema - A blog by Mircea Popescu. ... ( http://bit.ly/1jRZXEJ )
asciilifeform: and the matching hitler key, for the key normally appearing in http://trilema.com/contact-pgp
asciilifeform: other thing is, the problem goes a little deeper. one might craft, for instance, a filter which eats mircea_popescu's www and substitutes hitlerine signatures for all of the signatures contained therein.
asciilifeform: my original observation, though, stands - the time to stop thinking of pgp 64bit fp as 'the man' is not when arbitrarily colliding sha1 costs a penny! it is now. ☟︎
asciilifeform has intended to produce one for a long while, but it is not a priority presently
mircea_popescu: but an extractor is a fundamental tool, yes.
asciilifeform: they are candidates for the treatment described earlier.
asciilifeform: because they can be derived from signed material
asciilifeform: the one thing remaining to add is that, theoretically, it is not necessary to distribute pubkeys at all!
mircea_popescu: this is rank nonsense, and the cornerstone of stupidworld.
asciilifeform: the basic result here is that pgptronium is conserved, if you will.
mircea_popescu: the notion that people may read "newpspaers" made by people they don't know. ☟︎
mircea_popescu: the deep fundamental reason usg exists needs to go away. not merely the usg, or preet bharara's head.
mircea_popescu: there is nothing else. in very particular, there is NOT this bullshit star pattern of "everyone reads vice".
asciilifeform: 'here is me, and this is my pgp' also works, is what i meant.
mircea_popescu: this is the only thing that owkrs, or ever has worked.
mircea_popescu: "talk to this guy - here's his php"
mircea_popescu: the ONLY way to meet new people is via recommendation.
mircea_popescu: asciilifeform what happened to the third ?
asciilifeform: (if you can meet in the flesh, you could exchange one time pads just as well)
asciilifeform: that is, the idea was that it is not necessary to meet in the flesh to form a working relation