tmsr - Search: " T"

89700+ entries in 0.062s

phf: "beware of dog"? seems unlikely though.. ☟︎

asciilifeform: nao this is imho hard to swallow ('submarine with screen door') and so currently i'm assuming that i simply missed something. will have to test, at any rate.

asciilifeform: the other interesting bit ( from asciilifeform's disasm of the 3.4 fw) is that there doesn't seem to be any pinning of the keys! ( i.e. i can't currently find any reason why it wouldn't eat a rw-fw update signed with a variant key, so long as said key is stuffed in where expected)

asciilifeform was aiming to nail down from what derives what, rather than flooding phf, lel

mircea_popescu: you dare speak in #trilema ?! here's eight lines of stuff from the logs!

lobbesbot: phf: Sent 2 hours and 54 minutes ago: <asciilifeform> other interesting observations: 1) loader is not the same as what appears in the src, in either 3.3 or 3.4 fw bin; not only key differs, but eggog strings, and possibly the rsa per se. 2) seems like : nowhere else in the fw is there any other routine which checksums/rsaverifies the cr50 fw , or references the rsa keyz at all other than to print keyid .

lobbesbot: phf: Sent 3 hours and 6 minutes ago: <asciilifeform> http://btcbase.org/log/2018-06-22#1828933 >> http://btcbase.org/log/2018-06-23#1829007 >> https://github.com/coreboot/chrome-ec/blob/master/chip/g/signed_header.h >>>>> http://www.loper-os.org/pub/c101pa/ro_signature.txt ( not the only 1, but illustrative )

deedbot: http://qntra.net/2018/06/austria-threatens-border-controls-against-increasingly-isolated-germany/ << Qntra - Austria Threatens Border Controls Against Increasingly Isolated Germany

BingoBoingo: ian flag." << Apparently the whole swiss team is Albanian or Bosnian

BingoBoingo: In miscellani-lulz: "The Serbian football association says it will demand that FIFA take action against Granit Xhaka and Xherdan Shaqiri for their eagle salute goal celebrations in Switzerland’s 2-1 World Cup win in Kaliningrad on Friday. Shaqiri and Xhaka, both of whom were born in Kosovo and are of Albanian descent, celebrated their goals in Switzerland’s comeback win by making an eagle salute in apparent reference to the Alban

a111: Logged on 2016-03-16 15:42 mircea_popescu: both the "shittier than historical" and "new addr for change" bits are satoshi's dubious kludges to protect "anonimity"

asciilifeform: ben_vulpes: absolutely, this has been a sore spot of asciilifeform's since day1

ben_vulpes: would it be sensible for the send* commands to eat a changeaddress argument? ☟︎

asciilifeform: possibly the 2nd dumbest thing shitoshi did, after the mining algo -- the coin fragging nonsense.

a111: Logged on 2018-06-22 21:55 ben_vulpes: next thing i'm going to try is manually walk the spend-to-self down by 100 satoshis until this trb shits a tx out and then look at what it produces

asciilifeform: http://btcbase.org/log/2018-06-22#1828901 << this kind of thing was a multi-week headache for asciilifeform the last time he had to actually uncork the launch codes and move coin; and i expect that it will only ever get worse ☝︎

asciilifeform: btw i did figure out the http://btcbase.org/log/2018-06-22#1828757 matter -- their key format reserves 1st 4bytes for 'keyid' . but the lulzimplementation pictured in the (useless, doesn't seem to occur in the bin) published 'loader', treats the key as starting there . as i currently understand, couldn't actually work as written, barring some mathematical curio ☝︎

mircea_popescu: eh. from a statistical perspective, it can't be said we don't get enough tards talking, so...

asciilifeform: since his monumental 'nobody has the keys!' gem, all i saw of him was that 1 time he popped in here and drooled for coupla min.

asciilifeform: pretty great lolcow, btw, that d00d. spilled what he thought was a carefully incomplete pile of beans to 'get asciilifeform to waste months making debug cable', i suspect, didn't quite expect us to get a working one in 1wk

mircea_popescu: useless, it is true. but expensive nevertheleess.

mircea_popescu: well, the cloud of oricsh morons a la amstan are an expensive luxury.

asciilifeform: the only even mild surprise is the sheer pile of echafaudage

mircea_popescu: this comes as such a shock to absolutely nobody.

asciilifeform: not a terribly high quality dangle, took roughly a day to uncover.

asciilifeform: summary : google set up what is likely a deliberate bullshit dangle re the loader src; for reasons that are yet unclear

lobbesbot: asciilifeform: The operation succeeded.

asciilifeform: !Q later tell phf other interesting observations: 1) loader is not the same as what appears in the src, in either 3.3 or 3.4 fw bin; not only key differs, but eggog strings, and possibly the rsa per se. 2) seems like : nowhere else in the fw is there any other routine which checksums/rsaverifies the cr50 fw , or references the rsa keyz at all other than to print keyid .

asciilifeform: mod6: by all indications you have a box with iron problem. in your place i'd get a fresh set of iron, rather than sinking sweat into interpreting randomly flipped bits as 'bug'

asciilifeform takes break, lets the red hot barrels cool...

a111: Logged on 2018-06-23 04:30 mod6: thing was stuck, flooded with connections, not keeping up, wouldn't respond to any rpc calls. this going on for hours and hours. finally i just killed it. i probably instead should have just firewalled off 8333 instead.

mod6: <+asciilifeform> http://btcbase.org/log/2018-06-23#1829030 << hey mod6 is this the same box as in the last coupla similar threads, with the questionable hdd ? << yup, same item. will post more about it later for sure. ☝︎

lobbesbot: asciilifeform: The operation succeeded.

a111: Logged on 2018-06-23 02:18 asciilifeform: http://p.bvulpes.com/pastes/corod/?raw=true << the RO pubkey. (labels mine, offsets original). does not appear to be posted publicly anywhere.

a111: Logged on 2018-06-22 22:35 asciilifeform: if nobody finds obvious mistake, i guess i'ma have to pull an actual enemy signature out of the binariola, and see wtf

asciilifeform: !Q later tell phf http://btcbase.org/log/2018-06-22#1828933 >> http://btcbase.org/log/2018-06-23#1829007 >> https://github.com/coreboot/chrome-ec/blob/master/chip/g/signed_header.h >>>>> http://www.loper-os.org/pub/c101pa/ro_signature.txt ( not the only 1, but illustrative ) ☝︎☝︎

mircea_popescu: meanwhile in true romance, https://78.media.tumblr.com/026a35dd07d2f0e4b08676f607ad9f52/tumblr_nconfxDv7X1rzv0kmo1_400.gif

asciilifeform: mircea_popescu: for comparison : the last time i reset 'zoolag' was to change ps. and the time before that -- to swap in the 'aggression' build

mircea_popescu: asciilifeform same here, lotta problems in 2012ish but meanwhile fuzzed out the weird, learned like ox, by trying.

a111: Logged on 2018-06-23 05:10 lobbes: http://btcbase.org/log/2018-06-22#1828740 << so I figured it out: cause of downtime ended up being a flood of tor exit nodes >> http://p.bvulpes.com/pastes/VYVGW/?raw=true

asciilifeform: http://btcbase.org/log/2018-06-23#1829051 << lobbes didja determine what proggy (e.g. apache?) it was that actually fell down ? ☝︎☟︎☟︎

asciilifeform: unless dying hdd, etc, all bets off then.

asciilifeform: fwiw asciilifeform has not suffered this problem in many yrs, for box on uninterruptible power ( and resist the temptation to fiddle! no it ain't 'stuck', it stands up again by itself in coupla hrs ) -- no bitrot

a111: Logged on 2018-06-23 04:45 mircea_popescu: just reinstate the old index, have it check the chain. odds are it'll be able to recover, because it doesn't so much care about data ~past~ its index point.

asciilifeform: http://btcbase.org/log/2018-06-23#1829041 << mircea_popescu has it , index is the only piece that actually bitrots ( bdb was written by the maliciously retarded ) ☝︎

asciilifeform: http://btcbase.org/log/2018-06-23#1829030 << hey mod6 is this the same box as in the last coupla similar threads, with the questionable hdd ? ☝︎

mircea_popescu: in principle saying something like "no more than x connection from a given ip will be entertained" is perfectly reasonable ; though careful how low you set the x, some browsers (especially the mobile versions dedicated to fucking as much battery as possible) can turn a pageload into 10-20 simultaneous requests.

mircea_popescu: mod_whateverthefuck the common one also can do it for you. and also csf or w/e you use to manage the firewall.

lobbes: hm, yeah, looks like there is mod_limitipconn but the arm64 support looks dismal >> https://packages.gentoo.org/packages/www-apache/mod_limitipconn

mircea_popescu: i could say "trilema runs like that ~70% of the time", but then again trilema's got a larger box. pretty sure you can set it up though so it rejects multiple conns like that. there's a setting somewhere to limit inbound.

mircea_popescu: the thing is very stringently optimized to waste as little as possible on the spammer wanna-bes, but then again i never tried it on an arm.

lobbes: and to boot, I tried setting up some rules in iptables, but it barfs claiming it is missing 'insmod' module or somesuch

lobbes: word, well that is good to know at least.I tried to deny a shitload of em via virtualhosts.conf. Blog is back up for now, but I half-expect it to be down again by morning

mircea_popescu: of course... this is the rockchip ?

mircea_popescu: ah, crapolade trying to spam. shouldn't really bring mp-wp down afaik.

mircea_popescu: lobbes that's not overmuch by web standards. same one or diff ones ?

a111: Logged on 2018-06-22 16:14 lobbes: http://btcbase.org/log/2018-06-21#1828477 << ack, ty for letting me know. I'll try sshing in tonight to rule out webserver failure before I flag down BB to check out the situation manually. (I must say, it is a good feeling knowing that nowhere in this troubleshooting cycle will I need to interface with orcs.)

lobbes: http://btcbase.org/log/2018-06-22#1828740 << so I figured it out: cause of downtime ended up being a flood of tor exit nodes >> http://p.bvulpes.com/pastes/VYVGW/?raw=true ☝︎☟︎

mod6: but backing up the chain is a good idea. i actually have backups more recent than that, but from other trbs, not this specific one.

mircea_popescu: then maybe not worth it, likely will take more than 10 days to sync

mod6: anyway, will try it. (it's from january)

mircea_popescu: mod6 backups are your friend! this whole trb stuff is a little friable.

mircea_popescu: meanwhile in the basement, https://78.media.tumblr.com/df0b4f8fa317c5110325b4496d0a7dee/tumblr_o6gtpxaWH61rhup7qo1_540.gif

mircea_popescu: just reinstate the old index, have it check the chain. odds are it'll be able to recover, because it doesn't so much care about data ~past~ its index point. ☟︎

mod6: i'll probably just turn all of this into a blog post.

mod6: should take 10 days.

mod6: i think i'm just gonna cutblock all the blk*.dat files, and eatblock 'em.

mod6: yeah, ensure that if something like this happens to you, you do not kill it -- instead firewall it off. wait until all connections drop.

lobbes: ouch... I could see myself doing the same thing

mod6: this ip from the nodes list: 208.94.240.42

mod6: will need to probably resync the whole thing.

mod6: anyway, now the db is corrupt.

mod6: thing was stuck, flooded with connections, not keeping up, wouldn't respond to any rpc calls. this going on for hours and hours. finally i just killed it. i probably instead should have just firewalled off 8333 instead. ☟︎☟︎

mod6: i broke my trb blockchain.

phf: what's the executable substrate? i mean it's an fpga carrying its own architecture, what's it compiled with?

asciilifeform: https://github.com/coreboot/chrome-ec/blob/48d6891db8b5b2b0825136f6f9013a110b2a98da/util/signer/create_released_image.sh << moar re the layout of the fw. apologies for l0gz clutter.

asciilifeform: so as to get a known turd

phf: the later is a guess though right, that it's currently installed?

asciilifeform: oh , for compleeetness, http://loper-os.org/pub/c101pa/cr50.bin.prod << the 0.3.4 cr50 fw currently installed in my box. ( the offsets above, are valid for it)

asciilifeform: for today this'll be all.

asciilifeform: 'Note: early versions of the SoC would let us build and manually sign our own bootloaders, and the RW images could be self-signed. Production SoCs require officially-signed binary blobs to use for the RO bootloader(s), and the RW images that we build must be manually signed. So even though we generate RO firmware images, they may not be useful.'

asciilifeform: it remains possible that the loader crapola lives in some part of the rom that doesn't get updated and thereby not part of my bin image.

asciilifeform: in particular, the '0xcafebabe' magicturd in https://github.com/coreboot/chrome-ec/blob/b9f5a3d6baae84950f5ff0c4f7c588e55944818a/chip/g/loader/main.c#L102 , dun appear at all in the bin

asciilifeform: the last bit of wtf, is that there dun appear to be anyffing corresponding to the published loader

asciilifeform: stored in presumably same bass-ackwards form as the RW.

asciilifeform: http://p.bvulpes.com/pastes/corod/?raw=true << the RO pubkey. (labels mine, offsets original). does not appear to be posted publicly anywhere. ☟︎

asciilifeform: however, after this, gets moar interesting:

asciilifeform: ( there's a rw and ro piece in each of the 2 redundant sections of the rom , and each contains a copy of rw key -- why? ask'em, not me )

asciilifeform: this in turn , is found in 4 places in the rom , http://p.bvulpes.com/pastes/dqhNR/?raw=true ( labels mine , offsets preserved )

asciilifeform: 2) the RW key, corresponding to 'RW keyid: 0xde88588d(prod)' , appears , and is identical to what lives in https://chromium.googlesource.com/chromiumos/platform/ec/+/cr50_v3.4/util/signer/cr50_RW-prod.pem.pub

asciilifeform: 1) the pubs thrown earlier in phuctor ( seen in e.g. https://chromium.googlesource.com/chromiumos/platform/ec/+/cr50_v3.4/chip/g/loader/verify.c#17 ) dun appear anywhere in fw 3.4

asciilifeform: so, meanwhile : finds : key id's seen in http://www.loper-os.org/pub/c101pa/c101pa_unlock_nodice.txt , lead to pay dirt,

mircea_popescu: haha. they all think this before they meet him :D ☟︎

BingoBoingo: Girl thinks alf is a cool dood and does interestin work

BingoBoingo has doubts the venezolana is running away for keeps, because she keeps asking how alf is doing

BingoBoingo: This feeds, what is commonly called a series. Sometimes they go exciting places... Sometimes they don't

asciilifeform: BingoBoingo: details will take a while to pry out.

BingoBoingo: Blog the details. It's friday night. Two and a half days to SEO it

asciilifeform: mircea_popescu: in other twists, not only is neither key in the cr50 fw image i have, but the verification routine does not correspond to the 'open' sores.