log☇︎
474300+ entries in 1.485s
mircea_popescu: the instructor said don't touch anything. A crew member responded by saying “it doesn't matter none of it works anyway, you can touch what you want.”
mircea_popescu: but yes, software bugs. now that we got to software bugs...
mircea_popescu: it'd stop warez dead in its tracks, seeing how you couldn't watch any movie or anything.
mircea_popescu: trinque imagine if "network errors, harddisk failures" worked this way.
trinque purchases bulk tinfoil
trinque: "I assume they are produced by network errors, harddisk failures or software bugs. It may also be that someone just created them in some experiment."
trinque: "whatever used this also had an include for stdint.h so who cares" ?
asciilifeform: not yet sure what to make of it.
asciilifeform: trinque: i've run into this kind of thing on several occasions.
mircea_popescu: Zoe Quinn is the role model, dumbass made a "game" that wouldn't have passed muster in the early sierra adventure games
trinque: seems this is actually glibc fuckery re: dieharder
mircea_popescu: people dun wanna werk tho.
asciilifeform: (distributed not in the 'faster' sense - it cannot be - but the 'remove single juicy target' sense)
asciilifeform: but of them, there are also 3.
mircea_popescu: trinque within the hour. not so terribru.
BingoBoingo: But this accidentally seems to mostly affect a certain kind of person
mircea_popescu: BingoBoingo the official story seems to be that keys got accidentally.
asciilifeform: (nothing, afaik, has been signed publicly with them)
trinque: I'm about as amazed with how rapidly the various "news" sites can respond to this
asciilifeform: BingoBoingo: a few folks appear to have bit-corrupted keys on sks
BingoBoingo: mircea_popescu: Well, downside of sleeping in is I missed a timely annoucement of keys shattering. On the plus side Am I reading it right, that the pattern seems to be various sorts of strongset people have these weak keys, almost exclusively?
BingoBoingo: What a fucking morning to sleep in !!! Digesting Convos around Phuctor's discovery and writing up some news.
mircea_popescu: "We are at war, with a new kind of enemy. The terrorists have infiltrated every nation on our planet." tsk tsk now how would will mcneilly know this.
mircea_popescu: i must be doing something wrong then
asciilifeform: it will update, because - evidently - there is no mechanism whereby the update would be rejected. ☟︎
asciilifeform: the way you do it is 1) take existing 2) feed in place of old
mircea_popescu: so can anyone get a key server, no matter which, to somehow swallow up an extra subkey for an existing key ?
mircea_popescu: moreover, the way it presents the blob is as a single, shares pgp key blob
asciilifeform: mircea_popescu: this one's another 'invalid subkey...'
mircea_popescu: what i don't get is, how exactly you reproduce this ? i can't seem to make sks server to accept extra, unsigned subkeys from anyone.
trinque: lol, article's at #28 now with way more points than those above
asciilifeform: a number with flipped bit is likely to be divisible by smallint
mircea_popescu: you should check to make sure yo udon't use the same prime TWICE
asciilifeform: incidentally, this is consistent with 'cosmic rays'
asciilifeform: mircea_popescu: this new one's a dev too.
ben_vulpes: "Not known to me -> No." << omg
asciilifeform: the sheer mental breakage required to waste one's time so.
mircea_popescu: !up tuxforce
mircea_popescu: how the system can’t pass tests to show it could’ve launched ha!
ben_vulpes: that's some top kek
trinque: ye gods the autism
asciilifeform: post on loper-os.org updated to include tard.png
asciilifeform: mircea_popescu: going by the style, it's our old phriend, mr spam
mircea_popescu: i'd have added "or one of his harem slaves" but iirc he's a twink
trinque: which perhaps implicitly included that?
mircea_popescu: asciilifeform incidentally, i know of no better proof that the "atomic weapons not actually militarily useful" than this sort of perennial wank.
asciilifeform: ^^ recced to all. hilarious turd
mircea_popescu: trinque is this like the only bit of c code deployed without stdint ? i wonder if he had a reason
asciilifeform: mircea_popescu et al: http://dpaste.com/00YX117 << plain txt
trinque: asciilifeform: yeah I'll bother the ebuild guy for this
asciilifeform: mircea_popescu: no idea how genuine the text, but riotously funny
asciilifeform: trinque: consider contacting the maintainers
mircea_popescu: so do they actually work ?
asciilifeform: personnel in the room; in the video you can see a SWS JR about 3 feet in front of me talking to
asciilifeform: at the screen or used common sense, would've seen I was recording. There were other SWS
asciilifeform: book word for word. I held the phone still, about a foot in front of my face and anyone who looked
asciilifeform: allowed. I sat down; took my Samsung Galaxy SII (white) out of my pocket, and recorded the entire
asciilifeform: book out then filmed it? No. What I did was walk into a room were no recording devices are
asciilifeform: have gotten a copy of every single chapter on to my phone? A hidden camera? No. Smuggled the
trinque: asciilifeform: http://dpaste.com/1XXN25S.txt << nothing too crazy
asciilifeform: on the access list, and no personnel electronics are allowed. I was on the access list but how could I
asciilifeform: compartment used to control the launch of the nuclear missiles. It can only be accessed by people
asciilifeform: which is contained within a safe in the Missile Control Centre (MCC). The MCC is the
asciilifeform: their heads and wondering how I'm writing this on my personnel laptop and referencing a book,
asciilifeform: strategic weapon system. I'm sure all the Strategic Weapon System (SWS) personnel are scratching
asciilifeform: 'This contains references to CB8890: The instructions for the safety and security of the Trident II D5
mircea_popescu: im letting things settle for a day and plan to write a follow-up.
asciilifeform: somebody wanna copy cryptome on this ?
mircea_popescu: for all you know this is the magic packet required to X.
mircea_popescu: there's a long tradition of "must fail to pass" bullshit seen in the wild, and allegedly not originated by nsa
asciilifeform: subtle bug triggered by really terrible keys?
mircea_popescu: asciilifeform nah, i suspect it's more subtle than that.
asciilifeform: anything that doesn't check self-sigs.
asciilifeform: actually the necessary diddle would be small:
mircea_popescu: it would be, yes, if it were to somehow be found.
davout: mircea_popescu: yup, not saying it's possible, saying that would be definitive proof
mircea_popescu: but if we do see it, im definitely publishing the story.
mircea_popescu: anyway, im not entirely sure we might ever see the diddled gpg that goes with this didlded key to produce anything interesting
asciilifeform: expect it to thicken, thicken.
asciilifeform: is the fart cloud.
mircea_popescu: i am definitely suspicious of this entire tower of mirrors made of shit.
mircea_popescu: some guy trying to do something or the other with softwasre.
asciilifeform: i should like to get a list of -everything- he 1) signed 2) public is running
mircea_popescu: i meant the REAL victim.
asciilifeform: the choice of victim is very telling
mircea_popescu: victim gets nsa-something or the other, gets the "key", etc.
mircea_popescu: which would neatly explain why it HAS TO stay on sks servers.
mircea_popescu: maybe this is paort of a tandem with specific userland diddling.
davout: the real thing here would be to actually find a GPG implementation that does not run the check that leads normal ones to simply discard this key
mircea_popescu: who is this supposed to persuade, exactly ?
mircea_popescu: asciilifeform tbh i find the "broken in transit" explanation offered by the back to sleep camp particularly ridiculous.
asciilifeform: iirc no extant pgptron includes this functionality
mircea_popescu: mopre like a training exercise for younguns looking to get shellshocked by "free software"
asciilifeform: but if we say 'use a tool' then 'pgpdump'.
mircea_popescu: actually, a fully-explicit "how to extract your rsa moduli as numbers, and how to test things" write-up may be a good use of someone's time.
asciilifeform: much as they might like to.
asciilifeform: delan: imagine, the entire 'international community' and obama himself can't stop you from running euclid.
mircea_popescu: arithmetics drm, now that's an idea.
asciilifeform: delan: the good news is, that it remains possible to do arithmetic whether or not anyone grants permission. go and run test on your own
mircea_popescu: delan myeah. one shouldn't have to hope on this score, but then again here we are.