asciilifeform: i find it hilarious how they carry on pretending that a crypto lib where ~some~ of the functions are (supposedly..) constant-time, is worth half a shit
asciilifeform: the funny bit is that this was quite obvious from the proggy, unreadable otherwise as it is, and plentifully discussed, incl. here
asciilifeform: 'BN_gcd gets called to check that _e_ and _p-1_ are relatively prime. This function is not constant time, and leaks critical GCD state leading to information on _p_.' and a few moar.
asciilifeform: in other lullies, https://eprint.iacr.org/2018/367 >> 'Most of OpenSSL's constant-time code paths are driven by cryptosystem implementations enabling a dedicated flag at runtime. This process is perilous, with several examples emerging in the past few years of the flag either not being set or software defects directly mishandling the flag...' 'granularity issues due to word-size operands to the GCD function' etc
asciilifeform: why are douchebag's sybils still here ?
asciilifeform: frog vision, so to speak. the only item i even had to defend at all were... the rockchippen
asciilifeform: ( they did not give half a fuck re the 1u's, for instance )
asciilifeform: the observations from asciilifeform's voyage suggest that the UY customs folx don't actually give a shit about anything that doesn't look like it is new and sellable
asciilifeform: mircea_popescu: i suspect he's asking re the customs racket
asciilifeform: perhaps edging into chinese level, but asciilifeform has not personally smelled the chinese one
asciilifeform: mircea_popescu: montevideo was just about soviet-level of exhaust gas
asciilifeform: the 1 item i didn't like, is the air pollution
asciilifeform: mod6: i'll admit to also wishing for moar colonies, but also we are yet far from +ev...
asciilifeform: could go to, e.g., kazahstan, next...
asciilifeform: BingoBoingo is a very formidable advance-guard scout
asciilifeform reads over the initial burst of phuctorola
asciilifeform: and right nao he can't even decamp to , say, buenos aires for a few days, without losing his berth
asciilifeform: mod6: seems like his bed + 'cowork' is already ~80% of the cost of actual flat
asciilifeform: http://btcbase.org/log/2018-04-24#1805086 << once we get to troo +ev -- and iirc asciilifeform discussed this with BingoBoingo in BingoBoingostan -- oughta get a proper conspiratorial flat there, and then we can rotate ( say asciilifeform does a shift, BingoBoingo goes on shore leave )☝︎
asciilifeform: mod6: this'd be the usd for pizarro's rent
asciilifeform: BingoBoingo: isp wire is grinding nao
asciilifeform puts the postgres docs down, drained for nao, goes back to bed, apparently did in fact pick up some sort of slow-burning infectious nasty on the return plane
asciilifeform: incidentally , knob won't 'break errything that isn't proper', troo champions of idiocy like gpg , will chug along without a working /dev/random ( iirc -- silently )
asciilifeform: ( observe, linus hasn't really got a kernel, just a tall pile of items like the one linked )
asciilifeform: trivially, the 'random.c' item linked earlier, simply cut it.
asciilifeform: my whole point was that there can be no such thing as 'native fg handling' on pc. there's always a piece of shit in the way, e.g. usb.
asciilifeform: i can describe some known dead ends. for instance, you definitely do not want to marry the thing to the pl2303. because 1) you have no way of knowing that every pl2303 on usb is an fg 2) not every fg user got a pl2303 , they get whatever cheapest chinese cable is at any given moment 3) for all i know, pl2303 will not be gettable next month, next yr etc
asciilifeform: mircea_popescu: this sounds great and wholesome but still gotta decide exactly how to break and where.
asciilifeform: recall, linus's kernel has no notion of random, it implements '/dev/random' as yet another sort of faux device, via module
