tmsr - Search: " T"

554500+ entries in 0.351s

mircea_popescu: BingoBoingo / cazalla pls to write-up this truly momentuous development.

PeterL: having the same for voice would make it so our scripts from gribble would be easily convirtable ☟︎

mircea_popescu: can't hurt. leave all these for a 2nd version down the road.

danielpbarron: maybe make the voice one always use the same url?

kakobrekla: is it so hard to read off the link?

mircea_popescu: heh, too slow eh

mircea_popescu: yeah the old way had the advantage of automation, but this has the more significant advantage of airgap

kakobrekla: do the jizlle and bring them back

kakobrekla: you can request 10 commands, take them all at once to airgap

PeterL: so the link is different every time?

kakobrekla: yeah your political strike was totally worth it.

assbot: You rated user kakobrekla on 03-Mar-2013, with a rating of 5, and supplied these additional notes: too much stuff to list. inquire within..

kakobrekla: ah and another detail, if you noticed there is no place to specify your 'wot' nick

mircea_popescu: would be useful. then we have gribble-assbot talk to each other via diffs

kakobrekla: i guess i can add tat.

kakobrekla: ah that

mircea_popescu: kakobrekla as in, if the rating was given via here, or imported from gribble's db

kakobrekla: also if we downrate someone to l2=0 you should be able to !down immediately now, although i havent tested it.

kakobrekla: and you dont have to be on chan to use it.

kakobrekla: ah forgot to mention, otps can be executed out of order, but they are valid only for 15 min

kakobrekla: what is the value of source

kakobrekla: imm just hax this manually.

assbot: Key 48079D7A / "test test <test@test>" successfully imported.

mircea_popescu: kakobrekla can it have another field, the user json ?

mircea_popescu: ok this is like splendid

assbot: Trust relationship from user assbot to user mircea_popescu: Level 1: 1, Level 2: 27 via 27 connections. | http://w.b-a.link/trust/assbot/mircea_popescu | http://w.b-a.link/user/mircea_popescu

assbot: Trust relationship from user kakobrekla to user mircea_popescu: Level 1: 5, Level 2: 47 via 31 connections. | http://w.b-a.link/trust/kakobrekla/mircea_popescu | http://w.b-a.link/user/mircea_popescu

assbot: You rated user mircea_popescu on 16-Dec-2012, with a rating of 5, and supplied these additional notes: good fella.

assbot: Successfully updated the rating for mircea_popescu from -10 to 5 with note: good fella

mircea_popescu: this is almost as if someone sat down and thought about it.

assbot: Successfully updated the rating for mircea_popescu from 3 to -10 with note: scammer

mircea_popescu: i'll get on nano's case to see if he's willing to put it all into gribble.

mircea_popescu: asciilifeform the idea is to import gribble's wot but mark it as gribble's, and allow others to import assbot's wot.

kakobrekla: as ascii pointe out, session is bad so there is no more that.

asciilifeform: are these synchro-forks or fork-forks ?

kakobrekla: anyway, the wot has been forked into assbot and is running now

asciilifeform: where are these kids now.

asciilifeform: evidently not too much acid, because - they ran.

mircea_popescu: sounds like that much acid.

asciilifeform often wonders what happened to those people.

asciilifeform: next time contemplating the raving insanity of 'reddit' bitcoin users, etc. - read these.

asciilifeform: ';Urko is a dog. Urko is one of my best friends. Urko is a fantastic dog becoz sometimes..... Urko SPEAKS! Urko is very timid and only speaks to me...and not always...urko only speaks when both,urko and me,we start to smoke that rare cigarretes that urko has. Then urko start to speak a lot of :) and we stay all night speaking,smoking and seeing films orplaying trivial pursuit,or coding,or doing a lot of things :)'

artifexd: I will pause coding to read "Malicious Crypto" and finish the course. I'll report back when I'm done and made a decision re: golang's crypto libraries.

mircea_popescu: stupid fucking name. anyway, towards the end there's some good foundational stuff. perhaps not directly useful for the purpose at hand, but very good to get your head swiveled in the right position

assbot: Logged on 12-08-2014 15:50:28; artifexd: http://cryptopals.com/ <- some nice lessons teaching how crypto works, how to attack it, and how easy it is to screw it up

asciilifeform: i definitely remember that this existed.

mircea_popescu: nono it was a course, you were supposed to email your results

asciilifeform: damn, thought it might have been in that thread

mircea_popescu: i been looking for it magically can't find it. the one that had the rsa break in the last fascicle

mircea_popescu: asciilifeform you got a link to that hacking course thing that was crypto oriented ?

asciilifeform: artifexd: the most basic 'kleptography' takes the form of slipping bits of key into variables which are normally random. but there are more subtle channels.

asciilifeform: artifexd: well-thumbed copy of this right here on my desk. beautiful book, if you skip all the parts that must have been thrown in to give it a sensational/saleable 'seekoority' flavour (vignette about h4xx0rz shuffling floppies around in ch.1, mostly)

mircea_popescu: asciilifeform good time to be very speciffic.

mircea_popescu is in awe at discussion suddenly turned productive.

asciilifeform: artifexd: certainly. search for term of art 'kleptography.'

artifexd: Point me to education?

artifexd: Can you explain to me how *I* could do it?

asciilifeform: this is very easy to achieve.

mircea_popescu: numerous attacks/approaches for this purpose.

mircea_popescu: even if you use rsa-only keys, you can rsa-encrypt a message so that it's easier to break but still decryptable by destination.

asciilifeform: them - sure. but they are not the only keys.

artifexd: I'm talking about the identity keys.

mircea_popescu: artifexd not to be taken lightly this. a lot can be compromised in gossipd crypto.

asciilifeform: or the blockcipher symmetrics?

asciilifeform: where do the ephemeral keys come from

artifexd: How could the crypto routines be compromised in a way that would matter? Weak key generation? gossipd doesn't generate keys. Weak rng during encryption? I pick the rng (and can offer an option for you to supply your own). Encrypting a message with an "extra" key so peet can read it? That should be easy to see in the code.

mircea_popescu: seems a reasonable approach tbh, but generally people should free to use whatever they wish to use.

asciilifeform: don't want to discourage people - but also can't see wtf is wrong with using same environment gpg was written and built in.

asciilifeform: i'll save the rest for when artifexd posts his apparatus.

mircea_popescu: as opposed to... well... it's what the build pulled in.

mircea_popescu: anyway. guy can use whatever crypto routines he's comfortable with, on the general understanding that he's read them and is actually comfortable with them

asciilifeform: let's say, specifically the use of questionable crypto routines

mircea_popescu: can you point to this ?

asciilifeform: will still 'trust the man, ignore the things' ?

asciilifeform: but suppose he lubricates the razor in his own liquid shit.

mircea_popescu: if i pick a barber i don't go by the straight razor brand.

mircea_popescu: trust people, ignore things eh ?

asciilifeform: i confess, never imagined this could be.

mircea_popescu: well ok, sure, but still. i dun see the problem, so b-a guy wants to play with go. his choice, his signature, why is this an issue.

asciilifeform: google is the i.g.farben of this particular hitler.

mircea_popescu: dude you can't impeach people on the grounds that they ate with hitler.

asciilifeform: not that vague. google brass dine with the fuhrer regularly, etc. this is well-known.

mircea_popescu: no, that's vague lol.

asciilifeform: and tainted with known satanic minion's juice.

asciilifeform: basically, does not predate the age of corruption.

mircea_popescu: supposedly nobody ever read these

asciilifeform was simply floored with mindfuck that anyone would choose google's turdlang for a piece of critical infrastructure, and could not resist ringing the bell ☟︎

mircea_popescu: well yes. that way it gets implemented in two languages.

mircea_popescu: well so why do you want him to also write it in c ? go is a better choice neh ?

mircea_popescu: so basically you want to write your own c variant ?

asciilifeform: i'll run own client. (will tweak it for compatibility with the rest of you, when i have a little time.) and invite anyone who wishes, to read.

mircea_popescu: well, conversely, now they get to be reviewed.

asciilifeform: i know of no reason to put one lick of trust in its crypto libs, for example.

asciilifeform: it isn't simply an 'other language', it's a massive toolchain created and maintained by a usg satrap.

davout: i was about to add 'specifically?' :D

asciilifeform: it didn't even occur to me that anyone would write such a thing in anything other than c

mircea_popescu: davout let's keep the drama one strand at a time

asciilifeform: it quite possibly can be made to run on bigengian mips

asciilifeform: was sorta trying to keep my dirty hands off it

asciilifeform: i didn't commission the thing, lol