64 entries in 0.837s
BingoBoingo: mp_en_viaje: Every
shared hosting customer's home directory and databases are being uploaded to trinque's deedbot box now as
gpg encrypted tarballs.
BingoBoingo: Now, one thing we do need is some sort of ftp server we can use to get
shared hosting customers
GPG'd tarballs with their files and databases
a111: Logged on 2018-05-04 15:00 asciilifeform: jurov: the way it works is, every time /rss pg is generated , we go select mods from factors order by whenfound desc limit N ( n is 20 currently ) ; call this M, it is a list of moduli affected by that factor being known. afterwards , ~each~ of these lists is tested against the set of ~
gpg keys~ , in the
shape of select * from gpgkeys where [the list from earlier] && mods , and this yields up a list of most-recently-popped ~keys~, w
apeloyee: but
gpg uses CRT, thus
shaving a bit off d itself ~doesn't matter. looks like "because said so"
a111: Logged on 2015-06-29 02:56 asciilifeform: i sorta want to start doing this thing where we for blocks 0 ... n,
sha512sum block_n |
gpg ...
mod6: <+mircea_popescu> in other news : it was established in teh minigame torture rooms that in point of fact 4096 bit keys contain only 4090 bits of entropy at the very most (minus whatever koch-
gpg manages to
shave off in other ways). << uugh. every time we peel a layer back...
mircea_popescu: in other news : it was established in teh minigame torture rooms that in point of fact 4096 bit keys contain only 4090 bits of entropy at the very most (minus whatever koch-
gpg manages to
shave off in other ways).
davout: asciilifeform: i'm not speaking about
gpg as its currently-existing braindamaged implementation of a
shaky protocol
mod6: my V doesn't use diff anyway, only patch,
gpg,
sha512sum, and wget -- and otherwise just standard shell tools such as echo, mkdir, rm, cat, etc.
diana_coman: mod6, list of deps for trb from what I gathered on a fresh, minimal centos box: bc, gcc, g++,
gpg, wget, perl, patch, rsync,
sha512sum, unzip
a111: Logged on 2014-10-16 14:00 mircea_popescu: btw, cazalla bingoboingo and everyone else in the same situation : if the blob
gpg spits out when you sign contains a
SHA1 you are using the older, and perhaps not all that secure digest algo. you should move on to
sha512 either with --digest-algo
SHA512 or else edit
gpg.conf to insert personal-digest-preferences
SHA512
SHA384
SHA256
mircea_popescu: first case of koch-
gpg / openshit-ssh keys
sharing a factor. pity it's such a lulzy one, HOWEVER, it does make the "sks error" nonsense just a little more lulzy.
jurov: yes, your
shares are tied to your
gpg fingerprint, so pls make a signed request to onetime/automatic delivery toi certain coinbr account
a111: Logged on 2016-06-04 14:44 mircea_popescu: asciilifeform ftr, i have nfi what you're using, but most people here are using either aes256 or twofish, i would suspect. and if they do not - they should edit ~/.gnupg/
gpg.conf and add personal-cipher-preferences AES256 TWOFISH right above the line that says personal-digest-preferences
SHA512
mircea_popescu: asciilifeform ftr, i have nfi what you're using, but most people here are using either aes256 or twofish, i would suspect. and if they do not - they should edit ~/.gnupg/
gpg.conf and add personal-cipher-preferences AES256 TWOFISH right above the line that says personal-digest-preferences
SHA512
☟︎ jurov: shinohai: you send me
gpg signed request to add all your qntra
shares to coinbr account X , and if you want, to do it automatically from now on
jurov: it uses
sha-1 of
gpg --decrypt to spot duplicates
punkman: retro
share does p2p forums with
gpg, but I wouldn't really trust the thing
jurov: hanbot & hdbuck: you can call the s.qntr
shares any time now or later, upon
gpg signed request with destination coinbr/mpex account and whether it should be delivered once or always
☟︎ danielpbarron: i noticed today that you don't need to rename the files in order for them to verify; you can
sha1sum and
gpg --verify the downloaded attachments as they come, and go straight to extracting the tar afterwards
trinque: Hasimir: deedbot records the
sha256 of
gpg signed messages into the bitcoin blockchain
ben_vulpes: ascii_field: would you
share the code for splitting the
gpg dumps up?
BingoBoingo: funkenstein_: Edit your
GPG conf file to switch from
SHA1 to a better message digest
Adlai: mike_c: i'd rephrase that as "is it kosher to associate a single wot node with multiple nicks" ie ratings to nicks
sharing a
gpg key should apply to both equally
nubbins`: ostensibly so it's easier to
shame people who have registered both a
gpg key and a btc address, but choose not to auth via
gpg assbot: Logged on 16-10-2014 14:00:51; mircea_popescu: btw, cazalla bingoboingo and everyone else in the same situation : if the blob
gpg spits out when you sign contains a
SHA1 you are using the older, and perhaps not all that secure digest algo. you should move on to
sha512 either with --digest-algo
SHA512 or else edit
gpg.conf to insert personal-digest-preferences
SHA512
SHA384
SHA256
Apocalyptic: by the way are
SHA1
gpg-signed messages considered read ? I read somewhere one might rather use
sha256 or higher, don't know if there's any merit to that claim
mircea_popescu: btw, cazalla bingoboingo and everyone else in the same situation : if the blob
gpg spits out when you sign contains a
SHA1 you are using the older, and perhaps not all that secure digest algo. you should move on to
sha512 either with --digest-algo
SHA512 or else edit
gpg.conf to insert personal-digest-preferences
SHA512
SHA384
SHA256
☟︎☟︎ justusranvier: Tonight is bitstien giving a #bitcoin-otc and
GPG contracts tutorial, followed by yamamushi demoing his "file
sharing over bitmessage" app
mircea_popescu: you know, the schneier of "this is an interesting article on
gpg by Random As
shat Greene, Cryptozoologist"
fluffypony: listing on an "exchange" that anyone can list on with zero due diligence or even an email address verification makes it doubly challenging...I suggest leveraging the -otc WoT and
GPG contracts (
http://wiki.bitcoin-otc.com/wiki/GPG_Contract) to build trust and tie yourself down to
shareholders
gribble: Nick 'bitcoinpete', with hostmask 'bitcoinpete!~bitcoinpe@S01060016cbc6cced.ed.
shawcable.net', is identified as user 'bitcoinpete', with
GPG key id 165749929F9A6BDD, key fingerprint E6625CC14638C4CA404694E9165749929F9A6BDD, and bitcoin address None
gribble: Nick 'bitcoinpete', with hostmask 'bitcoinpete!~bitcoinpe@S01060016cbc6cced.ed.
shawcable.net', is identified as user 'bitcoinpete', with
GPG key id 165749929F9A6BDD, key fingerprint E6625CC14638C4CA404694E9165749929F9A6BDD, and bitcoin address None
gribble: Nick 'bitcoinpete', with hostmask 'bitcoinpete!~bitcoinpe@S01060016cbc6cced.ed.
shawcable.net', is identified as user 'bitcoinpete', with
GPG key id 165749929F9A6BDD, key fingerprint E6625CC14638C4CA404694E9165749929F9A6BDD, and bitcoin address None
thestringpuller: so then non related person sends you the issuer a
gpg signed email from both the original
shareholder and themselves signifying an exchange
tg2: brb
sha1 1024
gpg key inbound
benkay: either
gpg, or
sharpie in the pooper.
gribble: Nick 'bitcoinpete', with hostmask 'bitcoinpete!~bitcoinpe@S01060016cbc6cced.ed.
shawcable.net', is identified as user 'bitcoinpete', with
GPG key id 165749929F9A6BDD, key fingerprint E6625CC14638C4CA404694E9165749929F9A6BDD, and bitcoin address None
thestringpuller: mircea_popescu: "This means that the physical machine which hosts the trading engine is not accessible directlyii from the Internet." <<< so if i were to vpn a machine with a private
gpg key and send data over the wire (via some computer) I would never have to worry about the keyring being compromised? Or is the most effective way to sign/encrypt/decrypt/verify data on an airgapped machine then mar
shall it over v
bounce: skipped the standard issue FUDwords artcle for the abstract of the paper. it reads like the ecdsa equivalent of the cache hit/miss sidechannel
gpg key snatch. ie, don't run bitcoin transactions on
shared or even virtual anything boxes. no running wallets on ec2, say.
herbijudlestoids: BingoBoingo: how is turtle F2F different from retro
share...which uses mircea_popescu favorite
GPG nubbins`: [SSWs] are numbered and
GPG signed instruments which create the right for a beneficiary specified by
GPG fingerprint to purchase a specified number of S.MG
shares directly from MiniGame"
nubbins`: "Special Stock Warrants (abbreviated SSW) are numbered and
GPG signed instruments which create the right for a beneficiary specified by
GPG fingerprint to purchase a specified number of S.MG
shares directly from MiniGame for a specified price, no earlier than a specified date."
jurov: and, if they absolutely strive improve over
gpg, need to better protect input/output from copy/paste/encoding mi
shaps
mircea_popescu: for instance, if i were to sign blocks with my
gpg signature the suspicioun would be misplaced, as it's not bloody likely i've
shared my private key with some random miner to win a bet.
ThickAsThieves: "Please note that due to my vacation in Spain, the payout and buy back of the S.DICE
shares will not happen until the 28th. I am sorry for this but I do not have my
gpg key and such on my laptop they are on a dedicated computer of which I currently do not have access to. Best Regards, DeaDTerra"
jurov: i think mp is the wrong person to ask things from... you want to have corporations that issue something like
gpg-signed
share certificates
kakobrekla: can someone sell me 1
share of tu.silver here in otc
gpg signed contract, you get keep holding the
share for me
jurov: so, dividend issuers have a nice tool they'll need maybe once a month... but end users
shall fumble with
gpg and browserevery time they trade?
BTC-Mining: I don't know how much
shares he had. But I suppose if he signed it with his
gpg key, I could indeed pay interests to you for his debt.
mircea_popescu: BTC-Mining i must
shamedly confess i haven't been using
gpg for all that long.