log☇︎
501100+ entries in 0.324s
BingoBoingo: <decimation> asciilifeform: usg buys everything on the 'friends&family' plan << And no one knows how tenous their connection is as Force, Carl Mark IV can likely attest
BingoBoingo: ben_vulpes: Perhaps re-read http://cryptome.org/2015/03/snowden-cia-fraud.htm though beast has a dissciative mental disorder and this brave soul reporting suffers isolation the thread doesn't tear
asciilifeform: ^ pre-telegraph - was true
decimation: 'the mountains are high and the emperor is far away'
ben_vulpes: plenty happens beyond its domain. its domain, as was the french, is vastly less broad and strong than it thinks.
BingoBoingo: <asciilifeform> is mickey-d usg ? << When I worked there after Library school frozen meat cam in boxes labeled Cargill, member of Carlisle group, indicted somewhat in Farenheit-911
asciilifeform: while not everything in the solar system 'comes from jupiter' - he has a say in what happens.
asciilifeform: ben_vulpes: take jupiter.
ben_vulpes: "everything comes from the government" my arse
asciilifeform: but where do the clientele get their dough ?
BingoBoingo: <ben_vulpes> maybe not where you live. << You may know there where, but not the how to look
ben_vulpes: i dunno man, new relic isn't terrifically dependent on government purchases.
asciilifeform: but then look - who buys it? with what ?
asciilifeform: say ben_vulpes sells aluminum siding. by the gigatonne.
asciilifeform: see tlp's piece.
decimation: asciilifeform: usg buys everything on the 'friends&family' plan
asciilifeform: (there is no private industry, in the traditional sense, in usg-dom. nothing larger than a hotdog stand, certainly.)
decimation: "U.S. Immigration and Customs Enforcement (ICE), a division of U.S. Homeland Security, said it would pull the plug on its 17,600 employee BlackBerrys and favor iPhones instead. The deal, according to a "solicitation" document, would be worth $2.1 million — to the U.S. taxpayer, at least."
decimation: lol even apple plays the game http://www.zdnet.com/article/ios-6-granted-fips-140-2-approved-for-u-s-government-use/
asciilifeform: see the case of the 'drone' pinched in iran, which was gps-spoofable because crypto was omitted entirely
asciilifeform: you will never hear of northrop or lockheed losing a contract from failing to pass 'fips' etc
asciilifeform: exceptions free for the asking for 'favourite sons' of course
asciilifeform: the tests are a chump tax charged on folks peddling turdware to usg and friends
decimation: $19.95 I'm getting more comprehensive algorithm testing than I can for a five-figure sum with the FIPS algorithm tests."
decimation: "Compare this to the example I gave earlier of performing a TLS exchange with Amazon. This performs an in-depth test of all the crypto algorithms (corresponding to the FIPS algorithm tests, including ones that FIPS ignores), and the crypto mechanisms (many/most of which FIPS again ignores). In other words simply by connecting to Amazon using TLS and ordering a "Scrubs" DVD for
asciilifeform: were always in the hole.
decimation: but as long as 'we' are maintaining someone else's code it's pretty much inevitible to fall into the hole
asciilifeform: and is meta-designed to make this thinkable and practical.
asciilifeform: this is 'the hole through which the night walks in', to borrow a mircea_popescuism ☟︎
asciilifeform: which is why that human turd jon callas kept going on and on about how 'real security patches, even against user's will, because updates are the most important thing in security'
decimation: not so much if you want to add any features
decimation: this kinda 'works' when you are trying to keep a somewhat frozen baseline
asciilifeform: decimation: the patches reliably break, in their turn, other things
BingoBoingo only gave chewing tobacco 3 weeks as a habit before returning to smoked tobacco
decimation: If you look at how redhat 'maintains' a baseline of code, you find that they pile up patches as shit breaks
asciilifeform: BingoBoingo: it is, to use my technical term, a spittoon.
BingoBoingo: I suggest this not as a solution to the OpenSSL turdation and version hell, but as a way to identify which parts of OpenSSL turdify unforgivably
ben_vulpes: "does the sub fly if i tape this jet engine to it?"
ben_vulpes: join the glorious open source archaelogy project of #bitcoin-assets
asciilifeform: who wants to maintain it ?
ben_vulpes: BingoBoingo: i recently got an itch to try that myself
decimation: I remember fixing that by turning off docs
asciilifeform: BingoBoingo: but recall the thread where mircea_popescu demanded mathematical proof.
asciilifeform: BingoBoingo: i have not tried it
assbot: security/openssl build failure | The FreeBSD Forums ... ( http://bit.ly/19LHFzl )
asciilifeform: incidentally, my own portatronic build did not work without this patch.
asciilifeform: but we're talking about a b0rk3d -build-
decimation: yeah that's the lion's share of it
ben_vulpes: which was the integer patch again?
asciilifeform: well, all the accepted patches plus my unaccepted integer fix patch (not today's, but the earlier one in portatron)
asciilifeform: included all the patches but the static-build stuff
asciilifeform: because that's sorta what releases are for
asciilifeform: not from the old crap
asciilifeform: and wanted my patches, when any, to diff -from it-
asciilifeform: but there is a Release !
asciilifeform: i realize that i could do this just as well with my old traditional build.
asciilifeform: wanted to build an instrumented version of bitcoind for this
asciilifeform: i actually sat down that time to properly fix the bastard blocks thing
asciilifeform: ben_vulpes: but you are running ahead of the class even here.
ben_vulpes: (is it in the set of whatever whatever)
ben_vulpes: forgive my *staggering* thickness
ben_vulpes: asciilifeform: is your medium-term goal to cross compile bitcoind with buildroot?
asciilifeform: ^ all the detail you could ever wish for.
gribble: Ravenscar profile - Wikipedia, the free encyclopedia: <http://en.wikipedia.org/wiki/Ravenscar_profile>; Guide for the use of the Ada Ravenscar Profile in high ... - SIGAda: <http://www.sigada.org/ada_letters/jun2004/ravenscar_article.pdf>; The SPARK Ravenscar Profile - AdaCore: <http://docs.adacore.com/sparkdocs-docs/Examiner_Ravenscar.htm>
BingoBoingo was going to pick up an UltraSparc box this month, but the Chimp in Chief has forced a revision of all my budget priorities
asciilifeform: this is easier than it sounds
decimation: actually some folks have tried to build ada kernel
asciilifeform: (when i do the thing that requires the ada, it won't be happening on openbsd. or gentoo)
BingoBoingo: <asciilifeform> (assuming ordinary gcc still builds there!) << It seems they use a... modified GCC
asciilifeform: or to openbsd
asciilifeform: BingoBoingo: not related to what we were doing though...
BingoBoingo: asciilifeform: I'll add that on the 5.7 release to do list
asciilifeform: (assuming ordinary gcc still builds there!)
decimation: I made a bug report on macports recently, was told to fix myself
BingoBoingo: If I want to revert to Nigbuntu or a linux, Sure I can get an Ada.
ben_vulpes: nvm i think i'm off-thread
BingoBoingo: asciilifeform: OpenBSD does not have a working ada in its ports that I could discover
BingoBoingo: I had to replace the wifi card in this machine at a cost of $25, but that was not a dealbreaker. It's the other weird that prevents wholesale recommendation. It to asciilifeform's disappoint lacks an Ada
decimation: but that's a function of their focus
BingoBoingo: OpenBSD has been nice to me, but weird compared to linux and as a point that displeases MP poor fundraiser Bob Beck is in their WoT
decimation: although I agree with folks who assert that redhat is gov't influenced, I also think that there is something to the idea of freezing a baseline and keeping it stable
ben_vulpes: how did you come to rhel?
decimation: but rhel 7 may end that
ben_vulpes: at the end of the day, man must compute
BingoBoingo: ben_vulpes: without a full deturding of a stack there likely can not be a single one blessed OS
ben_vulpes: so what *is* the #b-a sanctioned os?
BingoBoingo: Oppenheimer himself was enough of a hippy to go on the "bad" list
decimation: "But enough of such simplicities, let us now turn our attention to the real headscratcher. The source of that drum was Los Alamos, which is largely – but by no means exclusively – a nuclear weapons lab. And we have someone there who apparently preferentially purchases organically. A"
scoopbot: New post on Trilema by Mircea Popescu: http://trilema.com/2015/the-definitive-sovereign/
assbot: Nuclear waste spill: How a pro-organic push sparked $240m blunder • The Register ... ( http://bit.ly/1CyZCLJ )
decimation: ntpd was a somewhat misguided attempt to turn unix into a 'scientific instrument'
BingoBoingo: <decimation> but apparently nobody gives a shit, like the open ntp ddos amplifiers << Software names make this shit weird because there was ntpd which had this problem and openntpd which to my knowledge didn't
mircea_popescu: which then inspires idiocy in stuff like wordpress. "hey, open ddos amplification is industry standard!!11"
decimation: but apparently nobody gives a shit, like the open ntp ddos amplifiers
decimation: yes, the traditional glibc/dns client shit is quite turdly
decimation: I gather the warning means that it will probably work on the system on which it is built but if you move it to a different system (the binary) you might not be able to resolve dns properly
mircea_popescu: so basically the problem there is that it says it's static but links dynamically ?
assbot: c - Create statically-linked binary that uses getaddrinfo? - Stack Overflow ... ( http://bit.ly/1CyYzvl )
decimation: http://stackoverflow.com/questions/2725255/create-statically-linked-binary-that-uses-getaddrinfo <glibc uses libnss to support a number of different providers for address resolution services. Unfortunately, you cannot statically link libnss, as exactly what providers it loads depends on the local system's configuration.
decimation: if I recall the getaddrinfo calls up the resolv.conf apparatus