log☇︎
504500+ entries in 0.315s
Chillum: I would love to read an essay describing the sort of infractructure you find safe
Chillum: May I suggest that you describe your best practices so that people running this SSL free code will know how to not do it wrong?
mircea_popescu: pete_dushenski and read their own dbs and advanced shit like that!
pete_dushenski: mircea_popescu: because they can spell and write their own e-mails ?
mircea_popescu: Hope you are doing well. I am a client services manager here at AdMedia. I was wondering if there might be a possible partnership opportunity between our two companies. We have previously and recently ran campaigns for trilema.com via third party networks. We wanted to discuss the opportunity of working directly
mod6: plz go read 1+ year of logs + trilima
ben_vulpes: the thing calling into your wallet is also an attack point
Chillum: what exactly does more than one computer get me?
mircea_popescu: single machine paradigm is flawed for this application.
Chillum: if the built in API is really that insecure I suppose I can write an access layer
mircea_popescu: whoever wants them can put them in, like you say above.
mircea_popescu: and whatever customers may "have come to expect", bitcoin is too valuable to cater to that in breach of security and safety. so, options that are by their nature insecure shouldn't be provided at all.
mircea_popescu: that idiocy was easily excusable in 2009. meanwhile, we just don't do that.
mircea_popescu: Chillum generally, the idea being that running a wallet client and a bitcoin node on the same system (let alone in the same program) is beyond idiotic.
Chillum: sockets vs tcp, should be secure both ways
Chillum: how would you import a key into a wallet if not with the API?
funkenstein_: why would you do that?
Chillum: also when using the API we will be passing private keys
mircea_popescu: oh rassah, i remember this.
mircea_popescu: pete_dushenski is that actually the guy ? who even made mycellium ?
Chillum: funkenstein_: you don't. Buy when you contact the API and provide your API keys you want that encyrpted
mircea_popescu: Chillum the problem is we know ssl to be intentionally misimplemented. as you say, on layers.
Chillum: all tools have potential for implementation errors
assbot: Proof That Mycelium Knows How To Make A Better RNG For Its Entropy Dongle. And Isn’t. | Contravex: A blog by Pete Dushenski ... ( http://bit.ly/1D0hill )
asciilifeform: Chillum: try to deploy a self-signed thing commercially and be buried in whines from idiots whose browsers flash red.
funkenstein_: for example if i am trying to publish a transaction to the world with my wallet, why would i encrypt it before sending?
mircea_popescu: Chillum and also make your own implementation, to not depend on "implementation errors" ?
Chillum: in fact trusting verisign or something to authenticate keys is the root of most problems
Chillum: you can control the keys in ssl. You don't have to use existing authority chains you can make your own
mircea_popescu: funkenstein_ ssl is for any application where security theatre is +ev and security itself doesn't matter.
asciilifeform: Chillum: even this - improvement. because you control the keys.
funkenstein_: i thought ssl was for websites
Chillum: I could ssh tunnel
asciilifeform: Chillum: if you are presently living in a one-bit universe where the only two choices for hotwallet control are ssl and plaintext - first you have to consider moving out of that universe and into a neighbouring one, where there are other choices
mircea_popescu: ben_vulpes he's not from reddit, he's from wikipedia. pls to not insult teh muggles with misidentification.
Chillum: if you were not using a wallet then I agree SSL is pointless
ben_vulpes: maybe instead of "herp derp i pinions bros" you might start by asking "why did you rip TLS out with such anger and speed?"
ben_vulpes: there is more context in this channel than dreamt of in all of reddit, Chillum
Chillum: yes I am building a full node on a raspberry pi 2 to be used as a hot wallet
ben_vulpes: <Chillum> [14:55] In my opinion SSL is not a turd to be ripped out << dude this is a something like 4 month long project going on here
mircea_popescu: ben_vulpes troll.
mircea_popescu: i don't think that's a supported usecase as of yet ? mebbe i'm behind here.
funkenstein_: all TXs, block DL requests, block solution reports, node announcements etc.
Chillum: I am going to get some fresh air
mircea_popescu: Chillum have you seen the numerous cases where we pass back and forth "plaintext" over pastebin here ?
asciilifeform: let's take it in pieces. plaintext of what ?
Chillum: asciilifeform: nobody is disputing that SSL has issues, but plaintext is not a better alternative
mircea_popescu: offending people is required to participate here i thought.
asciilifeform: Chillum: but if you are interested in actually learning something, try to understand how we reached this particular conclusion
Chillum: I certainly did not mean to offend anyone by saying SSL is not a turd, if this is a controversial statement I will keep it to myself
mircea_popescu: but a debate doesn't become religious by declaratory relief from having to think about it.
mircea_popescu: Chillum definitely can run whatever the heck you please.
asciilifeform: Chillum: you can run feathercoin on tops-10 for all we care
funkenstein_: sslsniff is a tool you can use to capture ssl data
Chillum: It is clear I have stumbled into a religious debate. I have no more interest in changing your mind about SSL than I do with you changing my mind. I will run SSL on my bitcoind API if you don't mind.
mircea_popescu: get it to any other standard, you'll do as bad as all the schmucks on windows
funkenstein_: nokia was caught capturing all ssl traffic through their networks at one point
mircea_popescu: get your security to where usg fails, you'll do fine.
mircea_popescu: Chillum just all the ones you should practically care about.
mircea_popescu: funkenstein_ incidentally, about 5x better than sending someone to go listen to something is transcribing the something so they can read it.
Chillum: not all attackers are people in dark server rooms with ciggerette smoking g men behind them
asciilifeform: mircea_popescu: no but did read the table of directorates circa 2003 (see log ~6mo ago)
funkenstein_: Chillum, go listen to moxie marlinspike's talks on the topic
Chillum: actual encounters = some script kiddie running ettercap to intercept your traffic
mircea_popescu: asciilifeform you wrote the meta-nsa micromanagement three ring binder too ?
mircea_popescu: "ssl will stop all but the actual attacks you will encounter"
asciilifeform: mircea_popescu: 0days live in the 0day directorat.
Chillum: okay sure, turd pancakes
Chillum: SSL will stop all but the most advanced of attackers
mircea_popescu: Chillum "i like turd pancakes, it's my groupthink"
Chillum: security is layers, that is how the industry works
Chillum: so because ssl has had problems it is better to use plain text?
mircea_popescu: asciilifeform didn't you use to bemoan the fact that "no valued crypto stuff is ever leaked" ?
asciilifeform: Chillum: did you also sleep through, e.g., 'stuxnet' having a perfectly legal ssl cert ?
mircea_popescu: asciilifeform btw, is the "valued crypto" bit starting to fuzz over there ?
funkenstein_: chillum its not the encryption thats broken its the authentication
mats: have you read the openssl code Chillum?
mircea_popescu: what was tikrit then ?
mircea_popescu: "an implementation failure" ? the time we took out usg's most valuable asset and publicly shot it in the head was "an implementation failure" "?
Chillum: read the patches before running it
asciilifeform: Chillum: we have a 'read the fucking source before you build and run it' warning, does that count ?
Chillum: I think it should come with a big "NO SSL" warning next to the download so people are not caught unaware
asciilifeform: Chillum: if you worked in security, did you sleep through 'heartbleed' ?
mircea_popescu: Chillum but they do in fact ALL accept verisign master keys.
Chillum: I saw the diff
asciilifeform: Chillum: i am the one who cut the ssl idiocy from therealbitcoin's bitcoind. and i did it for reasons which had nothing to do with memory footprint (we did not have an embedded device project yet)
mircea_popescu: with the advent of bitcoins, things have changed. a stolen bitcoin is a stolen bitcoin no matter how the theft was perpetuated, or under what color of law.
Chillum: I have worked in computer security for 15 years. While many implementations of SSL host checking are flawed and the hierarchial trust model is a joke the underlying encryption is solid until some learns to find prime factors of large numbers easily.
mircea_popescu: now, this entire "yeah the usg is your main enemy but whatever, you don't really want to protect your fucking tweets from them anyway" worked to propose turdstack = pancake.
mircea_popescu: to date, the most successful bitcoin thief
mircea_popescu: not a person, but the government of the united states
Chillum: In most practical scenarios the enemy is a person trying to steal bitcoins
mircea_popescu: security solutions that avoid this point are exercises in disinfo.
mircea_popescu: in most practical scenarios, the only enemy any user will ever encounter is the usg.
asciilifeform: Chillum: you may live on a planet where plaintext is the only alternative to ssl, but here on the third rock from sol there are other cryptosystems
mircea_popescu: a turdstack is not a better pancake "because layers".
mircea_popescu: ssl != fucking in this simile
asciilifeform: Chillum: why do you not consider the existence of the master keys a vulnerability ?
Chillum: exactly, not a reason to stop fucking
Chillum: not sure that I do