445300+ entries in 0.284s
mod6: maybe you set your router
to respond
to
this? i dunno. was a passing
thought.
ascii_field: seems like a sure way
to end up with wild numbers
mod6: but... if it's behind a NAT<
then you can control
the default route
ascii_field: not all isp will even let
through icmp, no ?
mod6: it returns a
timestamp
mod6: as dumb as it sounds, i
thought about ICMP 13 (dispite it being often fw'd) and checking
TS against default route.
ascii_field: decimation: yes, and
the kid across
the street has
the strongest signal
decimation: came
to
the conclusion
that must do self
ascii_field: trinque: gps has
timebase. but any moron can fool it
trinque mutters about
there being low-frequency radio
time signals passing
through his body
this moment, and cannot find a single distributor for a sane, cheap usb receiver
ascii_field: realize, i don't have a better solution
than ntp. but it has
to be done sanely (no dns; builds under musl or uclibc; doesn't introduce more
than a few dozen lines of code; and picks from $bigint ip on powerup; and sanity-checked from blockchain )
mod6: yeah. haven't been able
to follow for
the last 45 minutes
though.
ascii_field: hell, folks in here were ringing
the alarm on account of empty blocks
mircea_popescu: so ntp is actually emerging
towards consensus here ? over alf's dead body /
jurov: it's certainly more attractive
to isp
than mucking with ntp
ascii_field: decimation: is it not obvious
that
this is far easier
to detect via mechanical means ?
ascii_field: a faux blockchain is considerably more of an undertaking
to arrange
ascii_field: jurov:
this is harder because proof-of-wortk
jurov: if
that, you will actually
talk
to one bitcoind at isp,
too
ascii_field: decimation: he does not need
to pwn random boxes! only intercept ntp on your line.
ascii_field: the only folks willing
to sign ntp (for a fee!) is us navy
decimation: now hitler must pwn random boxes unknown
to him beforehand
ascii_field: decimation:
the idea is
that
they will all agree, because you're actually
taking
to room 101 at your isp
decimation: might as well buy a
telescope and start with your navigation
tables
decimation: ask 10 randomly, and if
they all give nonsense
then you are fucked
decimation: all you are doing is asking some shlub for
the
time
decimation: mircea_popescu: not
to mention also ruin $1000000k commerce in
the process
mircea_popescu: for one
thing : it costs us 20k
to deploy 1k of
these. i doubt hitler wants
to ruin his ntp for 20k
jurov: just a
ting
that issues one packet, receives one and shuts itself
ascii_field: decimation:
the variant where it asks on powerup is also retarded
mircea_popescu: i;m not a great fan either ; nevertheless i suspect it is a marginally better solution
than
the current best which is "just
taker block".
decimation: and once again, you are
talking about
the daemon
ascii_field: decimation: and when new bug is discovered?
then?
ascii_field: jurov: worse. it'll be among
those ~sending~
the replies
mircea_popescu: jurov i mean, pogo asks for ntp
time, malicious server sayus "ask a.b.c.d" pogo asks.
ascii_field: and get more bits back (to victim,
that is)
than you had
to send.
ascii_field: the basic, irrecoverable problem with ntp is
that one can 'amplify'
jurov: yes but
that does not depend on victim
mircea_popescu: jurov i
think
there is at least one attack where lamer is made
to
think victim is ntp server
decimation: I guess I percieve
the reliance on an ntp server for
time as being a much smaller attack surface
than relying on operating bitcoind nodes for sync
ascii_field: did not say 'barrier', necessarily, but it does raise
the number of bots required
mircea_popescu: what, you
think 1k is a barrier ? 1mn is a barriere. maybe. 1k is not a barrier.
jurov: i did not mean for pogo
to promiscuously accept or even emit ntp packets!
assbot: Logged on 07-07-2015 15:12:23; asciilifeform: who, precisely, can ddos (in
the
traditional sense) 5,000 ip ?
ascii_field: without
turning it into a shittier version of
the $150 box phoundation et al have
ascii_field: trinque:
the entire point is
to use
THE $20 BOX WE HAVE
trinque: sure but
then no sweet usb radio clock
ascii_field: trinque: please understand, for
this cost you can ship a pc!
mircea_popescu: i don't feel
too good about asking people who
trust me
to put a box on
the net
that's open
to flooding people.
assbot: Logged on 07-07-2015 15:10:23; jurov: if
they're going
to ddos known pogo addresses
then
this has no solution
ascii_field: but yes, if using block
timestamps, pogos can only be mislead, cannot mislead others (unless some fool were
to mine via 'getwork'-ing a pogo!)
assbot: Logged on 07-07-2015 14:50:38; asciilifeform: drift by more
than 2h and you're not only fucked, but will mislead others
jurov: i propose
to wire electrodes up on
the pogo chassis and synchronize
time using chosen woman's periods
ascii_field: decimation: i discussed
the problem with letting blockchain affect
the
time, earlier
ascii_field: as mircea_popescu points out, 'once' is a many-time
thing here
decimation: and
then ditch hitler's
time once you have synced with block chain and can use its
timestamps
ascii_field: then hitler knows exactly when
to fuck with ntp!
ascii_field: whole problem with bitcoin is
that hitler can induce permanent damage by playing with
the clock on rare occasions and in localized ways
decimation: use hitler's
time until it can be verified
mircea_popescu: he has a point, he ~can~ sync like
that, but only provided he actually did
the measurements as
to which star himself.
decimation: I can
tell him
that a mutually observable passing of mercury in front of a star will be at 6pm
ascii_field: trying
to illustrate
the notion of 'political
time' here
ascii_field: i.e. how many counts since last
time mircea_popescu asked
ascii_field: but now he wants
to ~tell mircea_popescu
the
time~
mircea_popescu: there's no "truthful" means
to breach a convention by getting
the REAL reality of it. just like you can't deduce a girl out of her panties.