tmsr - Search: from:asciilifeform

54100+ entries in 0.012s

asciilifeform: the most abject kind of slavery known, really

asciilifeform: douchebag: do you realize that you are doing the equiv of showing up at e.g. google campus and repainting the stairs in exchange for the pennies accidentally dropped there ?

asciilifeform: ^ mandatory reading.

asciilifeform: !#s responsible disclosure

asciilifeform: douchebag: on the contrary.

asciilifeform: ( or 100, for 10, etc )

asciilifeform: douchebag: does it ever bother you that you sell a $10k info for $1k ? ☟︎

asciilifeform: and to the 'mechanical puzzle' thread, aha.

asciilifeform: ( but pointedly not in ~all~ pygmistans. recall the 'ru prison cheating at cards is not cheating if not obvious' thread )

asciilifeform: mircea_popescu: the 'anyone could cheat with witchcraft' thing is a recurring motif in idjit pygmystans , verily

asciilifeform: ( orwell aficionados will also remember his version of fefeleaga's bator , the sad horse character boxer )

asciilifeform: fefeleagaization lol

asciilifeform: it's exactly the kind of thing that would be greatlyexaggerated. so i have nfi.

asciilifeform: there was this rumour of a 1time massive horse-to-sausage conversion when eu pressed on a ban against horse on roads

asciilifeform: like , supposedly, in ro.

asciilifeform: possibly -- that's where they went.

asciilifeform: horse himself suffers the disadvantage of being edible

asciilifeform: mircea_popescu: or that. ( the difficulty with privkeys-as-prizes is to show that they are in in fact inside the prizebox prior to play )

asciilifeform: e.g. 'make your invalid sig of $item cause my verifier to say 'valid' ' etc.

asciilifeform: now to revisit upstack, once i describe peh-rsa , and demonstrate signing etc, it will be possible to make straightforward mechanical puzzle for whoever wants to play.

asciilifeform: mircea_popescu: this is correct. which is why we dun have mechanisms judging kochs.

asciilifeform: ifonly this worked for mosquito.

asciilifeform: i must admit to BingoBoingo , i have not yet experienced the 'joys' of this insect

asciilifeform: the difference b/w http://btcbase.org/log/2018-01-26#1776941 and e.g. koch-rng remains apparent to anybody with half a brain ☝︎

asciilifeform: not that it'd do'em any good.

asciilifeform: certainly would

asciilifeform: right, not mechanically.

asciilifeform: i dun think that it is solvable as-stated.

asciilifeform: same type of problem.

asciilifeform: hey BingoBoingo , recall james randi's flower pot ?

asciilifeform: and it specifically does not admit room for inclusion by 'failed to spec X'.

asciilifeform: BingoBoingo: the whole thread is re the impossibility of a satisfying spec of any such kind.

asciilifeform: just like if a d00d managed to sneak in and steal it, it ain't 'exploit for ffa' . etc

asciilifeform: BingoBoingo: let's develop your picture. because it still isn't a complete one . because e.g. knowing the magicpacket for that particular box's nic, is not 'exploit for ffa', it is for $nic.

asciilifeform: coming next, pole vaulting contest where folx hop over the trump tower.

asciilifeform: BingoBoingo: why not add 'and burns down the box' also.

asciilifeform: BingoBoingo: for instance.

asciilifeform: but even worse -- the type of effort that the work rewards, is exactly the wrong type

asciilifeform: the fruit hang so low , all muscles atrophy.

asciilifeform: phf: i am at this point nearly convinced that working with www stack -- even moar so than, say, work with retarded children -- is destructive to one's own higher brain

asciilifeform: mircea_popescu for instance prolly knew that one could paste a js into his php thing. but had no particular reason to give a damn ☟︎

asciilifeform: there is the element of surprise , i.e. ' i had nfi that it would do X ' . but this is subjective, and impossible to say in advance that ' you had nfi that it would X '

asciilifeform: 'is this funny'

asciilifeform: it is almost like trying to define humour

asciilifeform: http://btcbase.org/log/2018-01-26#1777052 << i'd like to make such a challenge. but turns out that we do not even yet have a usable formula for what exactly even is an exploit. ☝︎

asciilifeform: lol

asciilifeform: but in re mircea_popescu's variant

asciilifeform: no i get how original worx

asciilifeform: douchebag: with urlshortener ?!

asciilifeform: mircea_popescu: that wouldn't run js in the log page tho

asciilifeform: mircea_popescu: loads nao

asciilifeform: mircea_popescu: eggog

asciilifeform: mircea_popescu: to carry the analogy, luddite dun care whether clock or orrery, thinks 'gears'

asciilifeform: mircea_popescu: only in so much as the mosquitoes in my backyard have to do with your skin

asciilifeform: recall few yrs back during 1st obummer term, for instance, when they set to work on the remaining ortho-mormons

asciilifeform: ( enemy has a very good idea of the efficacy of the mircea_popescu form of harem org , and tries to burn it down wherever and however the chance presents itself )

asciilifeform: subj lit is so laden with desinfo that asciilifeform has genuinely nfi

asciilifeform: hm. gotta wonder then, wainot

asciilifeform: i thought this was sop for meatcults

asciilifeform: mircea_popescu: entirely troo, there are no mechanical prostheses for love, loyalty, honour. the ancients -- knew this.

asciilifeform brb

asciilifeform: thought so.

asciilifeform: or is this a perpetuum mobile.

asciilifeform: specifically such that puzzler specifically rewards the breaking of the proggy, rather than the condition.

asciilifeform: hey mircea_popescu : asciilifeform sat down and tried to make a 'and i'll give you a 1btc prize' puzzler for douchebag re 'break pehbot' . but how to phrase the condition of said puzzle, i am still at a loss, burned half hour nearly.

asciilifeform: !~later tell mod6 http://btcbase.org/log/2018-01-26#1776700 seems to be ye olde http://btcbase.org/log/2016-12-11#1581504 inbandism crapola ☝︎☝︎

asciilifeform: ( and lol, this has gotta be the 1st time i hear mircea_popescu refer to a hardcopy of sumthing..? ) ☟︎

asciilifeform: mircea_popescu: or even photo, if it's reasonably compact

asciilifeform: got text ? or does one have to go to nyc and break into a museum to get it

asciilifeform: i dun see a megaresult.

asciilifeform: sticking to wwwtardism stack is not a manifestation of learnedhelplessness ?

asciilifeform: how's that? i dungetit

asciilifeform: for any of us, i mean

asciilifeform: why is this a whatnow

asciilifeform: a flounder in epoxy , then.

asciilifeform: aa i see

asciilifeform waits for mircea_popescu to scream in 'joy' when he finds that not 1 attempt at any such pgpsig verifies, on account of newline mutilation in www stack

asciilifeform: mircea_popescu: this is one of those items that really wants the rsa fpga

asciilifeform: but what'll that do if browser dun check the sig

asciilifeform: iirc c-style /* */

asciilifeform: or wouldja cache it, or how

asciilifeform: gonna luvv the multi-second pageloads

asciilifeform: congrats

asciilifeform: re specs, whole thread ( e.g. http://btcbase.org/log/2016-08-01#1512423 ) re pgpkey worth a reread. ☝︎

asciilifeform: mircea_popescu: lo, aaaah, but where will you get a microshit bugcount. the stars in the sky themselves not sufficient to count !11!

asciilifeform: and the 'bad spec' thing is part of multilayered shit sandwich, the general principle is that complexicrud accretes; the overflows, etc. follow naturally ( with helping hand from kochs, dreppers, et al as necessary )

asciilifeform: lol

asciilifeform: the philosophical puzzler of 'what is a vuln' probably cannot be answered from strictly 1side pov. consider the ultimate degenerate case, microshit, who produces more vulns every day than mircea_popescu spermatozoids , but not 1 of them dings it in any substantial way ( and many in fact are a profit )

asciilifeform: the xss thing ? aha

asciilifeform: the interesting thing re js, is that entirely ~aside~ from traditional cmachine bugolade, it gets compiled c-cstyle nowadays, in popular graphical wwwbrowsers, ( how else to churn 50MB of google crapola ) and so e.g. rowhammerism works in it.

asciilifeform: well, ~wants~ to 'make new hypertext', really it's a sad emulation. but considerable improvement over nothingatall

asciilifeform: it's a poor man's tednelsonlink

asciilifeform: i use the feature also.

asciilifeform: no i get.

asciilifeform: it isn't , as it happens, particularly difficult to neuter js in pasteolade. but that's separate , imho, matter.

asciilifeform: that's the idea.

asciilifeform: the fundamental q is whether there is a diff b/w 'enabled js' and 'enabled opensesamism'

asciilifeform: but conceivably one day there will be an idjit browser that gives obama root on yer box when it sees string 'open sesame'. and what, errybody gotta know in advance to escape 'open sesame', lol ? ☟︎☟︎

asciilifeform: let's picture the general case. the pgpkey xss thing did not 'fire' against phuctor viewers, because quoted. but did against wotpaste reader ( with 0 practical effect , but for the principle of the thing )