845300+ entries in 0.554s
pankkake: "I don't know" is a better answer
than "it's fine" when it's not
mircea_popescu: jurov
there's a lot of sales copy
there but i dunno how it's supposed
to work/be implemented.
jurov: then i guess bigger animals
than us will start making fun of it
jurov: if it really it will be required
to run shred /dev/sdf; mkdosfs /dev/sdf every
time
pankkake: it's not hard
to give clear answers
jurov: pankkake, we'll see when
the design will come out...
Vexual: nice. i couldnt
think of a suitable h
pankkake: your product is flawed,
there are easy ways
to fix it and yet… no?
pankkake: that sucks, and as stated, you have ways
to make
the concern go away *and* not wear
the
thing
mircea_popescu: it does. if you are concerned about
this point, copy a file repeatedly until
the bits die, and so
then it won't be.
pankkake: doesn't really respond
to
the "is
the decrypted data recoverable"
mircea_popescu: as opposed
to how commercial flash drioves work (optimised for least wear)
mircea_popescu: jurov which is why
this is optimised
the opposite way. it will wear down
the bits.
pankkake: it's less IO expensive
than erasing
the data (but more CPU expensive as anything written is encrypted)
jurov: hmmmm... cuz safely erasing
today's wear-levelled flash memory is non-trivial endeavor
Vexual: call it solid state, it sounds more expensive
than rom or flash
pankkake: jurov:
there is actually a better way: use a one-time-encryption key for
the filesystem. each
time you reboot it, it is effectively erased
mircea_popescu: consequently, you can
trash
the bits yourself by repeatedly copying/deleting a file
to it.
mircea_popescu: jurov
the writing scheme is most-used rather
than least-used
pankkake: it doesn't have
to be different - it would simply be another service provided by
the device; and would probably provide less attack vectors
than
the filesystem
mircea_popescu: so as
to rpotect from a variety of snooping
techniques such as diff analysis from
the host.
mircea_popescu: pankkake maybe, but it'd be a diff product.
this one separates itself from computer when
touching
the key,
Vexual: 3 letter? didn't read,
too long
pankkake: anyway, I
think an optional, streaming interface would be good
mircea_popescu: if it confuses people it's because people gotta learn what
the words mean.
mircea_popescu: ram is volatile, rom is not volatile. it's what
the words mean.
mircea_popescu: jurov well hopefully it has a 8gb slate, it puts it right
there
jurov: mircea_popescu: really, what happens if i put on it 4GB file
to decrypt? where will it put
the decrypted file?
mircea_popescu: it's
the same
thing you find if you crack open any usb stick
mircea_popescu: o wait. no need
to solder, cause nsa made it replaceable.
mircea_popescu: C) Working slate ROM.
This Flash ROM is removable, and may be inspected or replacedx by customers either before deploying
the unit or at any point during.
pankkake: does
the cardana have gigabytes of storage?
pankkake: and I don't
think you can do
that with a filesystem
pankkake: it would have
to work in a "streaming" way
pankkake: but yeah,
the decryption
then…
pankkake: oh I'm dumb. you only need
the pubkey for
that
pankkake: how would it work,
to encrypt a, say, 4 GB file?
mircea_popescu: pankkake yeah
the idea is, you can make a simple bash script
to backup sites
jurov: didn't you violate contract with
this executive meddling?
pankkake: oh, you put your
thing it its filesystem. clever
Vexual: add a discharge cap
to smoke
the usb hub just for fun
jurov: pankkake: it's in
tfa
pankkake: also how do you communicate with it? you will need some software on
the host?
jurov: so
that stuff
to be signed can be verified right on
the device
jurov: asciilifeform: you have not considered adding a display? it's
the
thing i like about
trezor
pankkake: well, I get
the point of
the device, but no backup is a dealbreaker for me
bitesak: the ability
to destroy
the key?
mircea_popescu: as best i can see
the smartcard is a sort of fun and games project, let's play with smartcards. it doesn't have
the critical features such as separation of key from slate.
FabianB: mircea_popescu: maybe, but
there seem
to be 4096 versions
too, and can handle kakobreklas wish for programmability (which of course decreases security)
Vexual: will
the girlfriend christmas package include lingerie, your email and a digital camera?
mircea_popescu: curious if anyone ran a knc
thing for more
than a week or so by now
jborkl: 2 jupiters for 350gh - bam
tearing it up
mircea_popescu: yeah cause very easy
to use, very hard
to fuck anything up.
bitesak: precisely, I was speaking about GPG with my gf and
this would be a good christmas gift
mircea_popescu: i would
think you know, if anyone
that groks gpg gives one
to
their numerous gfs
bitesak: would one be able
to order and pay via fiat or is
this strictly
through bitcoin ?
pankkake: at least it wasn't a whale
taking a dump
jborkl: ok, who p2pd in
the pool
jborkl: They are all staring at each other and appear
to be wearing lipstick :/
mircea_popescu: the mexican is
there
to bean flavour
the sausage soup
they're making.
jborkl: that one has
the least amount of btc
Vexual: not a mexican, just a rich dude with a
tan
jborkl: I am just looking at
the picture'
jborkl: mircea - you in
the pool with
those guys
mircea_popescu: bitesak
they shall be assembled at a secret & undisclosed set of locartions
bitesak: Good evening ! will
these devices be assembled in Romania?
mircea_popescu: mike_c should be here before xmas, so you can all make nice gifts
to peopkle.
mike_c: another question you won't answer yet (even
though potential investors would love
to know),
target release date?
mircea_popescu: whiuch, even if someome smacks you over
the head, can't be cloned
Vexual: a
thin lead case perhaps, so one can be sure it's in ones pocket
mircea_popescu: in principle you could design your garage door/house door
to
take a usb stick
Vexual: i like
the faraday cage bit