log☇︎
82400+ entries in 0.048s
mod6: get in the wot, rent a rockchip, become a start
rain2: this seems very interesting and i want to learn about it
asciilifeform: rain2: who are you , and what brings you to #trilema ?
asciilifeform: mircea_popescu: 'seclist' lulzfest linked specifically for the laugh where some boeck figure loses his shit because some 'traitor' didn't wait the requisite 14days usg wanted etc
mircea_popescu: "digital divide" a-ok nao, for reasons (see "code of conduct", i'm sure it explains why they can blather all they want for as long as they do exactly what we say etc)
a111: Logged on 2018-07-16 15:44 mircea_popescu: as we're contemplating an eulora client rewrite, i am contemplating the following code release paradigm : client author a) releases code encrypted to l1, signed and deeded (so basically, gpg -aer asciilifeform -r ave1 -r etc) ; b) releases precompiled binaries for allcomers.
a111: Logged on 2018-05-22 05:11 mircea_popescu: this paradigm readily explains the soviet state - "rock and roll" relationship, and moreover that historical accident had a lot to do with why alphabet even ~exists~ today. otherwise, on the naked strength of imaginary "advertising revenue" google is worth ~dozen stackexchanges/slashdots/sourceforges. but, generals always fight last year's war, and so here we are, "bayesian lesswisdom".
a111: Logged on 2018-08-10 00:26 asciilifeform: http://btcbase.org/log/2018-08-10#1840622 << the shitstains have been doing their 'coordinated disclosure' for , what , 20yrs nao , it isn't particularly 'idea', but rather the default herd-biological behaviour of shitstains
mircea_popescu: http://btcbase.org/log/2018-08-10#1840646 << i don't mean that, i mean specifically http://btcbase.org/log/2018-05-22#1816498 part. ☝︎☝︎
mimisbrunnr: Logged on 2018-08-09 21:21 asciilifeform: if can find the originating booby, can potentially turn half dozen pops, into several 10k.
asciilifeform: mircea_popescu: not only do we , but http://logs.bvulpes.com/asciilifeform?d=2018-8-10#411746 ( and elsewhere, earlier ), if can find how they constrained the keyspace, can pop ~all~ of'em
mircea_popescu: inb4 tmsr did it
mircea_popescu: http://btcbase.org/log/2018-08-10#1840633 << wowza, we actually have the ssh keys for some of these ? ☝︎
asciilifeform: i had to look that one up, lol
mircea_popescu: meanwhile the pantsuit wank is overpowering, both odorously and lulzy. "digital divide" for instance ? totally term of pantsuit (idiocy is not an art).
mod6: sounds like a serene trip 'eh!
asciilifeform: i gotta go and see some of this..
mircea_popescu: there's also you know, 200m drop bridges and gazebos overlooking miles of jungle and stuff like that.
mircea_popescu: in this country water's a safe assumption. if none on the ground, some will coming in via aeropost soon enough.
mircea_popescu: well, there's a lake, and of course jacuzzipools etc. but anyways.
asciilifeform naively assumed an 'arenal' to be a beach
mircea_popescu: aactualy arenal is a volcano, no crocs there.
mod6: About 10 days until that one expires, ya.
asciilifeform: ( unless , i suppose , trinque proclaims arm64 cuntoo release b/w nao and then )
asciilifeform: mod6: iirc there's another unit that will be vacant next wk. it will get same setup.
asciilifeform doesn't anticipate making any further changes to the pizarro rk kernel, at least while we use same iron
mod6: Lords and Ladies: We have a rockchip ready to go! Let us know if interested, details here if you didn't know already: http://pizarroisp.net/pizarro-hosting-rate-sheet/
a111: Logged on 2018-08-09 16:49 asciilifeform: mod6: plox to test and confirm.
mod6: http://btcbase.org/log/2018-08-09#1840476 << Ok, Sir! Thanks, looks good :] ☝︎
a111: Logged on 2018-08-10 00:00 mircea_popescu: http://btcbase.org/log/2018-08-09#1840480 << forgot to mention which log they read to get the "idea". because totally, it'll no longer be "we copied tmsr" if they don't admit they copied tmsr.
asciilifeform: http://btcbase.org/log/2018-08-10#1840622 << the shitstains have been doing their 'coordinated disclosure' for , what , 20yrs nao , it isn't particularly 'idea', but rather the default herd-biological behaviour of shitstains ☝︎☟︎
a111: Logged on 2018-08-10 00:07 asciilifeform: http://btcbase.org/log/2018-08-09#1840508 << will be interesting to check these against mats's mega-collection ( subj above ) , as i understand it is reasonably fresh and covers good % of ipv4
asciilifeform: http://btcbase.org/log/2018-08-10#1840631 << btw i dun have'em all unpacked yet, but estimate the net weight to be somewhere b/w 300 and 500 mil. rsa mods ☝︎
asciilifeform suspects the most elementary default creds shitrouter worm
asciilifeform: and pretty busy bees -- loading the admin prompt takes almost whole minute for some of these
asciilifeform: and they're ~all in orcistans, argentina, vietnam, etc ;
asciilifeform: http://btcbase.org/log/2018-08-09#1840621 << a random sampling of your dropbears reveals them to huawei ( e.g. 143.255.155.51 is a HG8247H , 14.187.228.175 -- a HG8045A ) , and ubiquiti ( 188.255.132.97 -- 'air os' ) ☝︎
a111: Logged on 2018-08-09 23:56 mircea_popescu: http://btcbase.org/log/2018-08-09#1840467 << o look, they're gonna sue their own cvasi orc republic because nonos.
asciilifeform: http://btcbase.org/log/2018-08-09#1840619 << would be lulzy to watch the scorpion sting itself, tho ☝︎
a111: Logged on 2018-08-09 23:52 mircea_popescu: for future entomologists : entire list of http://p.bvulpes.com/pastes/akDqm/?raw=true (seeming fixed ips in the recent bot attack) produced 0 matches. home routers.
asciilifeform: http://btcbase.org/log/2018-08-09#1840508 << will be interesting to check these against mats's mega-collection ( subj above ) , as i understand it is reasonably fresh and covers good % of ipv4 ☝︎☟︎
asciilifeform: http://btcbase.org/log/2018-08-09#1840493 << i'ma fire'em 1 full parcel at a time ( i.e. weekly ) ; output will ( per trinque's earlier note ) land in #asciilifeform for all interested. ☝︎
a111: Logged on 2018-08-09 21:08 asciilifeform: 'In about 500 submissions on average we recover the whole key' << from e.g. montrezor, other shitwallets, etc.
mircea_popescu: http://btcbase.org/log/2018-08-09#1840487 << and i'm sure http://trilema.com/2016/and-they-wont-fucking-yield/ "we" have to "explain" why some randos calling themselves names aren't the names they chose but the names we chose. ☝︎
a111: Logged on 2018-08-09 19:31 asciilifeform: in continuing lulz, 'Which "club"? If you're an Open Source operating system distro, you can now apply to join (linux-)distros under our published criteria. Otherwise, yes, you're out of luck joining that "club". This is "selective disclosure", and it has drawbacks. There's no perfect alternative.'
mircea_popescu: http://btcbase.org/log/2018-08-09#1840480 << forgot to mention which log they read to get the "idea". because totally, it'll no longer be "we copied tmsr" if they don't admit they copied tmsr. ☝︎☟︎
a111: Logged on 2018-08-09 16:14 asciilifeform: but still lulzy wankage, e.g., https://archive.is/qeO5s >> 'Since this has business impact, we consider legal action against the opaque Linux-distros vulnerability-disclosure-among-friends-for-fun-and-profit scheme, that we exposed at the ITU earlier this year. This is digital divide in the works, with real impact for non-club-members ...'
mircea_popescu: http://btcbase.org/log/2018-08-09#1840467 << o look, they're gonna sue their own cvasi orc republic because nonos. ☝︎☟︎
mircea_popescu apologizes for teh incoming spam.
mircea_popescu: tsk. turns out spykedbot does not actually answer in pm ;/
mircea_popescu: for future entomologists : entire list of http://p.bvulpes.com/pastes/akDqm/?raw=true (seeming fixed ips in the recent bot attack) produced 0 matches. home routers. ☟︎
mircea_popescu: http://btcbase.org/log/2018-08-09#1840435 << useful in more than one way, actually ; we've had cases before where people dig'd by hand to see whether dns problem local or what. ☝︎
a111: Logged on 2018-08-08 17:04 asciilifeform: 'The security researcher also recommended we consider using GPG signing for Homebrew/homebrew-core. The Homebrew project leadership committee took a vote on this and it was rejected non-unanimously due to workflow concerns.'
a111: Logged on 2018-08-09 08:47 spyked: ^ note that the default behaviour now is "say nothing on failure". I'm not convinced that this is the proper way to interact, would like to hear opinions on this.
asciilifeform: ( eater is order of magnitude faster today than last yr, but still slowest component )
asciilifeform: about half of the 1st ( of 24!) parcel of 27M keyz from mats , eaten up nao. by end of next wk, will grind.
asciilifeform: meanwhile, in castles, http://logs.bvulpes.com/asciilifeform?d=2018-8-9#411725 << thread of interest to phuctor readership
asciilifeform: 'In about 500 submissions on average we recover the whole key' << from e.g. montrezor, other shitwallets, etc. ☟︎
asciilifeform: in other lulz, 'The Go implementation of the P-256 elliptic curve had a small bug due to a misplaced carry bit affecting less than 0.00000003% of field subtraction operations.'
BingoBoingo: So on this third day of baking, the dough may become a pizza crust instead of a bread. We'll see after incoming Qntra
asciilifeform: ( for folx who dun feel like digging through that particular latrine pit -- they have an explicit '14 day embargo' to give nsa time to drill new holes into victims )
asciilifeform: in continuing lulz, 'Which "club"? If you're an Open Source operating system distro, you can now apply to join (linux-)distros under our published criteria. Otherwise, yes, you're out of luck joining that "club". This is "selective disclosure", and it has drawbacks. There's no perfect alternative.' ☟︎
mod6: Ah, thanks alf. Much appreciated.
asciilifeform: mod6: it's simply the launch codes for rk 'C' ( previously occupied by mats ) , it is ready for new user.
asciilifeform: mod6: plox to test and confirm. ☟︎
mod6: <+asciilifeform> mod6: new rk kernel baked, tested, worx. << nice! thanks for baking.
asciilifeform: ( consists, in practice, of regular warm, wet kisses from usg.nsa straight into mouths of folx still using 'modern distros' , followed up by generous cocktail of obfuscatory lies to the public , then exposure, then the usual fudstorm to try an' keep the ruse alive for a bonus day or three )
asciilifeform: for non-expert entomologists : the perps ( i dun distinguish b/w 'bug'-inserters and coverup-artists ) ~continue~ to spew the squid ink where the patch is disguised as 'for denial of service bug' rather than arbitrary r/w -- despite the cat being out of the bag for nearly whole day nao
asciilifeform: or letting this happen. (At the same time, I did force another semi-public issue to oss-security right away since that one didn't involve coordination with so many parties.)'
asciilifeform: and the cucks entertain, https://archive.is/4L8IS >> from one 'Solar Designer' , kernelist, 'However, with CERT involved and with related issues affecting more than just Linux, there was little I could do, short of playing full BOFH and breaking the semi-embargo for everyone. While I think that would have been for the general public's benefit overall, I didn't feel about it strongly enough to actually do it this time. I apologize f
asciilifeform: but still lulzy wankage, e.g., https://archive.is/qeO5s >> 'Since this has business impact, we consider legal action against the opaque Linux-distros vulnerability-disclosure-among-friends-for-fun-and-profit scheme, that we exposed at the ITU earlier this year. This is digital divide in the works, with real impact for non-club-members ...' ☟︎
asciilifeform: 'The bug only affects kernels that have CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE enabled, which is done by a lot of modern distros' << i.e. none of asciilifeform's kernels
asciilifeform: BingoBoingo: let's take the rest of this to #p, to reduce log pollution. ping me there when you get back.
asciilifeform: ok, this'll take 20-30min, can go eat
asciilifeform: if this worx for you, go ahead and move your drive over to dulap
BingoBoingo: asciilifeform: I have the stuff I need off of it.
asciilifeform: BingoBoingo: you mentioned that you want yours reimaged ? didja back up the thing ?
asciilifeform: BingoBoingo: ok to remove and boot C back up
asciilifeform: BingoBoingo: ok to swap
BingoBoingo: asciilifeform: Ready for the swappy dance?
asciilifeform: mod6: new rk kernel baked, tested, worx.
asciilifeform: 'Mozilla wants to override any configured DNS server with Cloudflare' << pretty lulzy
jurov: while !S can be kept as is, only show the one IP banner is from.
jurov: in the light of https://archive.is/PLWLd
spyked: some tests using sbcl, for reference: http://p.bvulpes.com/pastes/lMcV9/?raw=true
spyked: jurov, thanks for the idea! sbcl's resolver (sb-bsd-sockets:get-host-by-name) returns both addresses on my machine, but querying each of them for the banner might break the one-response-per-command rule (I could try to string them all together in one response, but I find that ugly). so maybe I could add DNS resolution as a separate command?
jurov: and github.com resolves to two IPs (but that'd be perhaps too complicated to implement)
jurov: spyked: when querying via DNS, perhaps show the IP address, too?
spyked: ^ note that the default behaviour now is "say nothing on failure". I'm not convinced that this is the proper way to interact, would like to hear opinions on this. ☟︎
mod6: ah, sorry, overlooked that. thanks asciilifeform
a111: Logged on 2018-08-08 16:58 asciilifeform: BingoBoingo: i'ma test new kernel today, then tomorrow will ask BingoBoingo to power down rk-c and put disk in dulap to i can snap new master img, then it will go into service ( and can reimage BingoBoingo also ) .
asciilifeform: mod6: will be tonight, after which there will remain http://btcbase.org/log/2018-08-08#1840376 ☝︎
mod6: <+asciilifeform> ok worx << all finished with the re-image then?
asciilifeform: ( similarly i observe that, e.g., phf , or ben_vulpes , do not post re ruby or whatever horror they're currently mired in in the saeculum, for what i suspect is same reason )
asciilifeform: observe that you won't find asciilifeform posting tips an' tricks re winblowz terraforming. or anything re subj. the Right Thing to do with winblowz, is to flush it down toilet, and walk away.
asciilifeform: phf: fwiw ( and possibly i mentioned this in the past ) asciilifeform works with... undocumented corners of microshitiana , for his bread. ( would liek to stop, but i dun see it happening any time soon . ) but i wouldn't wish it on other people, or recommend it as a 'promising career' etc.
deedbot: http://qntra.net/2018/08/pentagon-bombs-market-for-fitness-trackers-with-ban/ << Qntra - Pentagon Bombs Market For Fitness Trackers With Ban
asciilifeform: at this point it is not so unlike winblowz , i.e. if yer getting srs dough for putting on the bathyscaphe and descending into sewer, then yes, descend, but prolly won't feel like telling people about it, and will try to forget at end of the day
asciilifeform: ideally log reader will find way to avoid contact with crapple
phf: that is fine, log readers can try both methods, i've stated my warnings.