454700+ entries in 0.177s
mircea_popescu: Do you think the result from a IRC script calculator is evidence for what exactly?
mircea_popescu: (and also, that i happen to run the most popular blog in romanian, and this means, romanians being a little schadenfreunde-y, that various nitwits have been trying to get it offline for maybe 5 years now ?)
mircea_popescu: are you aware that site was there for oh, 3 years by now ? 4 ?
mircea_popescu: "You must obtain a signed letter of holding from Nefario as a shareholder, or pay a deposit into escrow if you are a potential investor. I really do not care if you decide not to invest with me as a result of this decision."
mircea_popescu: the point isn't to make a system that makes human retardedness impossible, that's too hard a problem.
mircea_popescu: OneEyed then he could claim o really, peanuts and buttersquash w/e.
mircea_popescu: this is a largely theoretical point, he's proposing somebody claim that i made a fake duplicate.
mircea_popescu: jurov you can re-encrypt the signed stat and that is accepted.
mircea_popescu: actually, it says in the gpg spec the sigdate is not to be trusted.
mircea_popescu: and in general i want to mandate as little as possible. having 1`000`000 contracts include an extra field
mircea_popescu: understand, there's a lot more at stake here than just "what retardedness i could do".
mircea_popescu: except, in the scenario you describe, i just negrate you in the wot, can your accnt and whoopdedoo, you've managed what.
mircea_popescu: but i mean, what is the false claim im protecting myself from ? seems a rather narrow case.
mircea_popescu: i could mandate it, but i don't see the benefit sufficient.
mircea_popescu: the fact of the matter is, you can just trail it on as it is now
mircea_popescu: well, it's not a bad ideea to have an uid from a safety pov
mircea_popescu: and attacker could re-sign Cs if he had Cs and make Ce'' which'd be accepted
mircea_popescu: attacker can try repeat Ce or Ce', but he just gets an error
mircea_popescu: Ce will be accepted once. customer can re-sign the Cs and make Ce', which will also be accepted, once.
mircea_popescu: legitimate user makes contract, call it C. he clearsigns it, make Cs. he then encrypts it with mpex key, making Ce
mircea_popescu: FabianB it pains me to say, but i doubt evoorhees is as retarded as me, to end up making multiple payments :D
mircea_popescu: OneEyed you can reuse the same clearsigned message, but you'll have to re-encrypt with mpex key
mircea_popescu: the 2nd and subsequent requests on the same command just die with an error message.
mircea_popescu: pgp software was not really tested in this sort of environment, so im not letting it see the internets.
mircea_popescu: if there's no code to process key updates then there's no way to hijack key updates.
mircea_popescu: also, the server that processes auth is not connected to the internet. it'd have to be processed by hand, the update.
mircea_popescu: if you change that you've pretty much lost the entire account.
mircea_popescu: OneEyed the way mpex works, you're identified by your key id.
mircea_popescu: and the rest isn't either very large or doing too good.
mircea_popescu: and yes, i am the most paranoic person you have ever seen.
mircea_popescu: Cylta the market cap of companies listed is closing in on 1mn btc
mircea_popescu: OneEyed cause of the risk involved in the scenario where someone manages to update someone else's key
mircea_popescu: jurov so how's coinbr coming along ? did users find a lot of holes ?
mircea_popescu: poor people bring drama not liquidity. i don't need drama.
mircea_popescu: nope, just an ever increasing cost to participate, prolly will be in the 10-50k usd range before it stops.
mircea_popescu: this was planned for when volume crosses 100k per minth, but i held back because btcusd went from 5 to 12
mircea_popescu: pigeons no, he's never been paid anything. also he doesn't have any nda signed with mpex or me.