789100+ entries in 0.57s
herbijudlestoids: mircea_popescu well when i say you its
the "example" you, not
the actual mirpop you
BingoBoingo: herbijudlestoids: Black bag / Rubber Hose cryptoanalysis is more expensive
than people imagine.
mircea_popescu: herbijudlestoids so fyck you
then, why am i
talking
to you ?
herbijudlestoids: mircea_popescu lets just say if certain people found out it was me who sent you
the message,
they could
turn up at my doorstep and coerce more messages from me
BingoBoingo: herbijudlestoids: I have
to say I underestimated you when you first arrived, but you are still only halfway
to Bitcoin
mircea_popescu: jurov not in
the same sense, is it ? nat is unnecessary overhead in
the sense shoes are unnecessary overhead.
jurov: that's unnecessary ovehead,
too
jurov: heh. last
time you were completely fine with needing a middleman because both computers connected
to "internet" are behind NAT
herbijudlestoids: mircea_popescu i want
to send you a message. but i dont want anyone
to know it was me
that sent you
the message
mircea_popescu: i'm saying
that it is a design with massive overhead for dubious reasons.
herbijudlestoids: so youre saying? idiots will use i2p for uses other
than its original use?
mircea_popescu: the whole point of
the bitcoin code was
to prototype an idea, not
to be used for srs.
herbijudlestoids: the whole point is
to use it for
traffic
that you dont want associated with your IP
mircea_popescu: hey dub, what if all internet
traffic henceforth needed 4
tunnels built up per connection ?
mircea_popescu: just gpg
the package and send it over. i definitely like fabian's cjdns much more
mircea_popescu: see,
this is why i say it fails :
the overhead imposed by all
the sha(sha(sha(sha bs
to keep metadata secret from downstream hops
mircea_popescu: In I2P,
tunnels are unidirectional. Each party builds
two
tunnels, one for outbound and one for inbound
traffic.
Therefore, four
tunnels are required for a single round-trip message and reply.
herbijudlestoids: im used
to
the
type i guess lol, spent some
time with owsley in his old age, very codger
mircea_popescu: yeah, i'm just codgery and will find random
things
to bitch about
herbijudlestoids: ignore
the nomenclature, i just pasted
the link
to see if it met your requirements of passing
traffic based on keys
mircea_popescu: since i do more business
than gossip... i'm not so impressed with onion and garlic and so on.
mircea_popescu: now,
the security provided by ;;ident is necessary for business.
the security provided by otr is necessary for gossip
herbijudlestoids: i got no issues with GPG, but most of
the conversations where i care about
the security of it, i dont want it
tied
to my identity if at all possible
herbijudlestoids: err no, because youre
talking about
tying my identity
to a key
mircea_popescu: cause if you didn't i'd guess it's possible
the forging aditional messages may mean something even for your
threat model :)
mircea_popescu: did you just
tell me you're promising
to pay 10 btc for a stuffed dollie five minutes ago ?
herbijudlestoids: being able
to forge additional messages post conversation really means nothing
to my
threat model
herbijudlestoids: i find it confusing because you seem
to imply
the messages are not encrypted
mircea_popescu: i'm by no means saying otr is bad or anything. i use it extensively for
that matter
mircea_popescu: "Anyone can forge messages after a conversation
to make
them look like
they came from you. However, during a conversation, your correspondent is assured
the messages he sees are authentic and unmodified."
mircea_popescu: it doesn't make
the gpg guarantee
that old conversations can never be read by
third parties.
mircea_popescu: herbijudlestoids otr makes exactly
two guarantees :
that only your intended recipient can read your next line, and
that should someone obtain
the plaintext of your communications
they can't prove
that it is in fact yours rather
than
theirs.
herbijudlestoids: mircea_popescu: why do you seem
to
think OTR does not encrypt
the conversations?
FabianB_: herbijudlestoids: coz you want
the anonymity i guess
FabianB_: what you're describing sounds like cjdns (encryption of
the network, but i
think not anonymity)
herbijudlestoids: but
there is certain communications
that i simply dont want associated with my actual identity
herbijudlestoids: if i
thought i could conduct
the communicatoins i needed over OTR using jabber
mircea_popescu: it's just
this stupid
thing everyone does because everyone's doing.
mircea_popescu: but i
tell you... i am mp. i have always been mp. everyone else is fkghsgeiohgiurehg.
to what gain and for what benefit ?
mircea_popescu: i have no idea if it does or doesn't and really can't be arsed
to find out, cause what do i care.
mircea_popescu: don't use
that
term lol, it's a direct pastiche from romanian and in english it's a
term of art with diff meaning.
mircea_popescu: someone
they have in
their wot should
tell
them
this is prime rib of stupid. separate
these.
herbijudlestoids: do you feel like i2p at least makes a reasonable
tool for metadata securitization,
to use your
term?
mircea_popescu: except
the kids doing stuff like onions, garlic and other vegetables.
mircea_popescu: and i
think mixing
together securitization of data and of metadata is an epic mistake.
mircea_popescu: tbh it seems
to me all
the enthusiasm of
the darknet people is woefully misdirected.
mircea_popescu: i am strictly interested in keeping secret
the messages passed back and forth.
mircea_popescu: you can't possibly deliver all
those about apples, but keep all
those about fish
mircea_popescu: well, if i give you a list of gpg messages encrypted
to a bunch of my friend's keys
mircea_popescu: makes all route nodes unable
to filter
traffic, plain and simple.
mircea_popescu: you want an adressing scheme where
the reading of packets depends on
the destination's identity.
mircea_popescu: nah, you want an adressing scheme where
the routing of packets depends on
the destination's identity.
herbijudlestoids: i view it as like...sort of like a 'actually secure replacement for
the s/web/internet' ...kind of like a public VPN
that anyone can piss in
herbijudlestoids: mircea_popescu:
there was a guy very much like satoshi who came up with iip/i2p originally....very smart guy, i remember i used
to hang on
the #iip chatroom inside iip back when i was a kid
mircea_popescu: not even compatible, mind you. pick port 90 and create a wholly and completely different
thing.
mircea_popescu: tho an actually secure replacement for
the web would be a decent use of bitcoin resources.
herbijudlestoids: because right now
the latest
tails is one version behind on i2p
herbijudlestoids: so last night i was
thinking of forking
tails, and ripping out
tor and filling it with i2p app goodness
mircea_popescu: what business sends over its book just because someone wants
to see it ?!
mircea_popescu: the only reasonable answer
to
this sort of crap being "get fucked"
mircea_popescu: dude srsly ? how is
the us legal system still a
thing ?
mircea_popescu: ssociated with
Tidbit, a list of all websites running
Tidbit's code and
the name of anybody whose computer mined for Bitcoins
through
the use of
Tidbit, although
Tidbit's code was not configured
to mine for Bitcoins.
mircea_popescu: But in December,
the New Jersey Division of Consumer Affairs issued a subpoena
to Rubin, requesting he
turn over
Tidbit's past and current source code, as well as other documents and agreements with any
third parties. It also issued 27 interrogatories -- formal written questions -- requesting additional documents and ordering Rubin
to
turn over information like
the names and identities of all Bitcoin wallet addresses a
BingoBoingo: I'm
telling you gox could say Gox BTC == 10^8 Gox USD
tomorrow, because all is play money
mircea_popescu: they send you a pen, you film yourself fucking
the pen and send
the
thing over