▁▁▁▁▁⏐︎▁▁ 6087
shinohai: https://github.com/BitcoinUnlimited/BitcoinUnlimited/pull/344 This pull request changes "Bitcoin Unlimited" to "Zero-Confirmation StarbucksCoin,"
mircea_popescu: kek
ben_vulpes: ahaha
ben_vulpes: hey, it's julia tourianski!
ben_vulpes: nominally
mod6: smh
mod6: "I was told core has all the best dev and you guys let us down like this..." << lmao
mircea_popescu: meanwhile in unrelatedia, http://68.media.tumblr.com/529fb21895244fab6e7763a774ed1112/tumblr_ol1q68r2hT1vjt0k0o1_400.gif
mod6: nice
asciilifeform: in other ??? : http://www.loper-os.org/?p=1871&cpage=1#comment-18047
asciilifeform: 'CEO Level Attention’ << lel, almost 'memeworthy'
asciilifeform: !!up magicmoose
deedbot: magicmoose voiced for 30 minutes.
mircea_popescu: is coreboot the thing with the derposexual trying to posture itself into relevancy on other people's code ?
asciilifeform: nein, that'd be 'libreboot'
mircea_popescu: ah!
mircea_popescu: right you are.
asciilifeform: 'coreboot' is ye olde linuxbios, that dun work on post-2011 iron
mircea_popescu: unless amd fixes its shit
asciilifeform: or key phuctored.
asciilifeform: ('fix' is peculiar choice of word, the minefield laid was quite deliberate and purposeful)
mircea_popescu: well... maybe it didn't have ceo level support.
asciilifeform: reichsführer-level
BingoBoingo: https://i.redditmedia.com/BLwMskbzU-N-i4ohArWoi2tOnGtR-L0aiw6s56Vm9yU.jpg?w=739&s=d9239b28830107c4b9420c87db344b0b
shinohai: kek
davout: bonjour everyone
davout: so i did some reading re the wallet separation thing and ended up realizing i had an incorrect idea about trb's internals
davout: i thought i'd find an in-memory UTXO index, which i didn't. appears to me like trb will have to keep some sort of "watched addresses list" after all, or that such an index will have to be bolted in somehow
davout: the former looks like the most practicable option at this point
mircea_popescu: !!up dm0n_
deedbot: dm0n_ voiced for 30 minutes.
mircea_popescu: davout this links into which part of the conversation ? ☟︎
dm0n_: thks
mircea_popescu: aha. an' who might you be ?
Reuel: https://twitter.com/wikileaks ☟︎
Reuel: Anyone following this? CIA dump
Reuel: My smart TV :(
mircea_popescu: notrly. trump vs the rogue usg, kinda meh.
Reuel: poor USa...
mircea_popescu: speaking of, asciilifeform what about that ada rsa for eulora!
Reuel: "CIA air-gap jumping viruses" lol gonna read this
asciilifeform: mircea_popescu: when 'p' is released, it can be put to use in eulora and elsewhere
mircea_popescu: http://btcbase.org/log-search?q=%22%27P%27%22 << stretches back... A YEAR.
mircea_popescu: when is this when ?
asciilifeform: ffs i have 2 hands mircea_popescu .
mircea_popescu: hey, didn't that hawking fellow have an eyeball typewriter ?
asciilifeform: arse joystick
asciilifeform: i gotta get one
mircea_popescu: oh i thought you already had THAT
asciilifeform: http://btcbase.org/log/2017-03-07#1622672 << https://wikileaks.org/ciav7p1 >> massive bag'o'lulz, in some ways considerably moar 'current' than the snowden rubbish . includes discussion of 'nsa is retarded, they forget to strip out debug crapola', etc ☝︎
a111: Logged on 2017-03-07 14:43 Reuel: https://twitter.com/wikileaks
asciilifeform: and also hilarious 'HIVE is a multi-platform CIA malware suite and its associated control software. The project provides customizable implants for Windows, Solaris, MikroTik (used in internet routers) and Linux platforms and a Listening Post (LP)/Command and Control (C2) infrastructure to communicate with these implants.'
mircea_popescu: well it'd have to be more current, five years later.
asciilifeform: mikrotik!
asciilifeform: !#s mikrotik
a111: 15 results for "mikrotik", http://btcbase.org/log-search?q=mikrotik
mircea_popescu: anyway, shutting down the "lp/c2" bs is about half the fun of this internet life.
mircea_popescu: half the time they don't even bother to argue the point, go down like common malware artists.
asciilifeform: the wikifolx censored ip list for some reason
mircea_popescu: keeps changing anyway, notjust for above reason.
mircea_popescu: but anyway, the "law enforcement" / terrorist government bs reduces to "we're like in the top 20 or so malware houses". hurr.
mircea_popescu: hardly worth 0.1% of the budget. "cyberwarfare" hurr durr.
asciilifeform: possibly the funniest bit is the docs for their internal gossipd
mircea_popescu: which is badly designed and dun work.
asciilifeform has not tested, does not know how well works
asciilifeform: lel, mikrotik is ~the~ platform apparently.
asciilifeform: all versions factory-pwned, just as suggested by phuctor.
asciilifeform: https://wikileaks.org/ciav7p1/cms/index.html << handy table of lulz , for log readers.
asciilifeform: also apparently mircea_popescu was right about the staffing problems, https://wikileaks.org/ciav7p1/cms/page_23134361.html
asciilifeform: 'gender commits'
mircea_popescu gets lucky and is right on occasions!
asciilifeform: CandyMountain_v1.0/bin/unclassified/centos/candymountain-centos-64 << lel
asciilifeform: https://wikileaks.org/ciav7p1/cms/page_14587860.html << the very same huaweis
asciilifeform: from phuctor.
asciilifeform: lulzy
mircea_popescu: i suppose the fellow who was looking to be useful could write a phuctor - confirmed - by - wikileaks piece for qntra.
asciilifeform: anybody who wants a copy of the 'implants' wikilicks censored, just gotta log into some of the phuctored boxen.
mircea_popescu: the fundamental problem being that it's way the fuck easier to spend day clicking through lolpics and "voting" on whatever retarded 2.0 site than reading the logs ; which then down the road means that one can'd do jack shit that's useful because drooled in class instead of paying attention. and so it goes, the gap between man and cow ever deepens.
Framedragger: vim tips (https://wikileaks.org/ciav7p1/cms/page_3375350.html) and unit test guidelines (SECRET//NOFORN!!!1) https://wikileaks.org/ciav7p1/cms/page_11629048.html
mircea_popescu: "oh i had some other things to do."
asciilifeform: https://wikileaks.org/ciav7p1/cms/page_14588809.html << 'how nsa fucked'
mircea_popescu: i'm sure you did, especially given that there totally even are other things to do irl. like... what ?
mircea_popescu: Framedragger they have a point, indians don't do unit tests.
BingoBoingo: Who wants the honor of writing of Wikileaks Phuctor gloating for Qntra?
Framedragger commits to writing at least one article in june (or maybe even before) #preplanninglikeachump
shinohai is busy with whoreticulture but may have time later if no one else steps up ....
asciilifeform: https://wikileaks.org/ciav7p1/cms/page_14588652.html << more in re mircea_popescu's psychiatric observations
Framedragger: some kind of boys club with too much time on their hands lol.
BingoBoingo: If no one else writes /me will, but mostly offering mircea_popescu and asciilifeform, S.NSA partners well earned "dibs" if they want them
davout: http://btcbase.org/log/2017-03-07#1622669 <<< folks wondering how the "wallet split" was going ☝︎
a111: Logged on 2017-03-07 14:25 mircea_popescu: davout this links into which part of the conversation ?
mircea_popescu: seems somewhat solipsistic
asciilifeform: 'Topic 3: BadUSB' << lel
davout: mircea_popescu: howso ?
mircea_popescu: "what part of the conversation this links to ?" "no, just stuff going on in my head" "seems like stuff going on in your head" "how so"
davout: http://btcbase.org/log/2017-02-19#1615802 ☝︎
a111: Logged on 2017-02-19 22:41 mod6: i haven't heard on davout's progress recently.
davout: http://btcbase.org/log/2017-02-19#1615799 ☝︎
a111: Logged on 2017-02-19 22:40 mircea_popescu: curious how davout 's work on splitting function is coming along btw
davout is confused.
mircea_popescu: well, so how is it coming along ?
davout: back at square one, did some reading to get started on implementing what i had in mind (full scan of the UTXO upon request for UTXOs relevant to addresses)
asciilifeform: 1 more lul:
asciilifeform: '(S//NF) All tools must utilize OS provided cryptographically secure sources of entropy (e.g., /dev/random on *nix, Microsoft CryptoAPI, etc) and should be a source compliant with NIST SP 800- 90. If a non-800-90 mechanism is used, the output from the source of entropy must be hashed with SHA-256 prior to use. Deviations from this must be justified and accepted by the OCRB.' -- 'Network Operations Division Cryptographic Requirements'
mircea_popescu: did what you have in mind come from a discussion here at any point ?
davout: found out that i in fact hallucinated the existence of this index, which may or may not have been added later on to prb, but was absent from trb
davout: yeah, i remember talking about it here
mircea_popescu: can link ?
davout: http://fr.anco.is/2017/removing-the-wallet-from-trb-first-thoughts
mircea_popescu: seems kinda solipsistic.
mircea_popescu: "how so" "because you didn't link to the conversation here, you linked to your own thingee"
mircea_popescu: "i am confused" "evidently"
mircea_popescu saving the next 14:25 - 13:55 interval of this convo.
davout: http://btcbase.org/log/2017-01-27#1608204 ☝︎
a111: Logged on 2017-01-27 19:00 davout: thestringpuller: UTXO set is ~2gb tops, indexing might be nice but necessary to scan for UTXOs that match a given set of addresses, also the wallet part can cache them if that particular wallet is the only one able to actually spend those UTXIs
mircea_popescu off to re-read that thing
asciilifeform: davout: the '~2gb tops' may (or may not) be true currently, but it is a fundamentally unbounded quantity. as discussed in 2 very recent threads with mircea_popescu re 'proton decay' and ultimate lifespan of bitcoin
davout: asciilifeform: yeah, you did mention it also during that thread
mircea_popescu: i also recall a thread re how to do this with maybe mimi or else deedbot, which i don't think is that one
asciilifeform: davout: likewise i have nfi why wallet split requires indexing ~all~ unspents. just index the ones the user specifies
mircea_popescu: how will the user specify them
davout: asciilifeform: the idea was that the internet facing piece shouldn't have this kind of information
mircea_popescu: (but yes, this was broadly the idea there, index by arbitrary-address-list)
asciilifeform: davout: aha, you do it on an in-house 'hot' node
asciilifeform: (at some point you gotta touch the net, if you want to broadcast tx, or learn that you've been paid)
davout: well, obviously, but there's no particular reason your signed tx has to go out through ~your~ node
mircea_popescu: http://btcbase.org/log/2017-01-03#1595779 << ah there it was. ☝︎
a111: Logged on 2017-01-03 20:42 mircea_popescu: this scheme among other things cheaply allows the "add arbitrary new address to wallet", just have utility that (separately) processes B.B and produces new set of B.T.
mircea_popescu: davout so the competing idea, other than "maintain uxto unspent index", was "maintain index of txn involving specified list of addresses"
davout: the existing wallet already does that
mircea_popescu: that's the bit i was looking for.
mircea_popescu: ok, so then what's teh problem ?
davout: 1. the principle of the thing where the wallet is coupled to the node and chain storage
mircea_popescu: i thought that was adequately resolved through layering.
davout: 2. the way the existing trb wallet currently works, mainly the automatic utxo selection
mircea_popescu: didja ever discuss the unsuitability of that ?
davout: of the coupling?
mircea_popescu: yes.
mircea_popescu: i also dun get 2. how's the fact you already have the index you need related to the fact prb fucks up output selection ?
davout: you mean trb?
mircea_popescu: trb too, for now, i guess.
davout: it's not really related
mircea_popescu: well then why's it there.
deedbot: http://phuctor.nosuchlabs.com/gpgkey/84DEA074B5B7F0A858E8B3AE0A0E6C1EEF4E40E2835FB94585FA727B344168FD << Recent Phuctorings. - Phuctored: 1508...2273 divides RSA Moduli belonging to ' (ssh-rsa key from (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (Unknown DE HE)
deedbot: http://phuctor.nosuchlabs.com/gpgkey/84DEA074B5B7F0A858E8B3AE0A0E6C1EEF4E40E2835FB94585FA727B344168FD << Recent Phuctorings. - Phuctored: 1720...7347 divides RSA Moduli belonging to ' (ssh-rsa key from (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (Unknown DE HE)
davout: has the index, should ask user to select outputs, not automagically generate transaction
mircea_popescu: absolutely.
davout: s/outputs/inputs/
mircea_popescu: yeah.
davout: so basically i thought it would be quite easy to cleanly decouple the wallet from the node, but i'm now stuck with the realization that for now the most workable option will simply be to make small improvements here and there
mircea_popescu: well, if you're not willing the read the jan 3rd discussion, i guess.
davout: yeah, i will.
davout: i did read actually, but seems it didn't really stick
mircea_popescu: lol ok. anyway, the issue is that you seemed diverged, ie conversation is there, you're doing something else with no real discussion of why / what's wrong with it / etc.
davout: http://btcbase.org/log/2017-01-03#1595788 <<< hah, true ☝︎
a111: Logged on 2017-01-03 20:51 davout: hrm, i'll have to re-read
mircea_popescu: lel
asciilifeform: https://wikileaks.org/ciav7p1/cms/page_4849711.html << lel they have in-house irc
asciilifeform: almost like people
mircea_popescu: do you know since when ?
asciilifeform: (rather than 'slack', aol, etc.)
asciilifeform: mircea_popescu: dunno, prolly since 1985 or wat
mircea_popescu: 2013ish actually afaik.
davout: mircea_popescu: i agree that the description made in the convo you linked is a very desirable target architecture
asciilifeform: https://wikileaks.org/ciav7p1/cms/page_46628880.html << 31117w4r3z
mircea_popescu: davout dja see a problem with it ?
davout: as far as the wallet is concerned it's pretty much "when new address is added, rescan blockchain, have relevant txes in specific collection"
mircea_popescu: pretty much
davout: i don't see any fundamental problem with it
mircea_popescu: i don't see the user has a leg to stand on, "i'm not sure which my addresses are". if you add some - there's a (minor) penalty.
mircea_popescu: well ok so then you can just make it.
mircea_popescu: maybe fundamental problem appears.
davout: in essence, that's already what trb does
mircea_popescu: keeping a pile of ALL utxos, as the alternative, is not very good, because you end up storing a bunch of (potentially toxic) crap
davout: i thought trb was keeping them in ram already
mircea_popescu: node-trb.
mircea_popescu: this'd be wallet-trb.
davout: which allowed any existing node to trivially serve any arbitrary wallet, at the cost of a 2gb memory scan for unspent outs ☟︎
mircea_popescu: well yes but the idea was to split.
davout: it would have allowed some level of split, but anyway, this particular idea is dead since trb doesn't have this in-memory data structure
davout: so now, re your description, i'm not sure what a good start would be, because cutting it the way you described sounds like a mega-project that encompasses more than the mere wallet
mircea_popescu: how so ?
davout: well, as i understand it the end result is a different set of binaries that talk together through a $to-be-defined queue mechanism
davout: and even if single binary, still sounds like a large architectural rewrite
mircea_popescu: you can just take stock trb, operate on it, and place it so it only connects to operator-specified trb nodes.
mircea_popescu: then you can take stock trb, operate on it, and so people interested can pick both version, have internal-external couple.
mircea_popescu: conceivably can use current trb as your genesis for this.
davout: yeah, take a few trbs and cut different parts from each basically
mircea_popescu: yep
davout: design a way for them to talk together
mircea_popescu: then also conceivably the changes will be backported into trb main once well tested
mircea_popescu: and so there you go
mircea_popescu: well no, let them talk to each other as they do now exactly.
mircea_popescu: you don't have to invent a new protocol.
asciilifeform: http://btcbase.org/log/2017-03-07#1622815 << davout why would you need to store all of these?! just fire them, through the diode, at the wallet box that is actually computing addr balances , 1 at a time ☝︎
a111: Logged on 2017-03-07 17:22 davout: which allowed any existing node to trivially serve any arbitrary wallet, at the cost of a 2gb memory scan for unspent outs
mircea_popescu: eh trhat';s a dead branch, let it be.
asciilifeform: aite
asciilifeform still eating thread
mircea_popescu: this has been a honest-to-god real-time davout node emerging in march going "so guyse... chatlog-block-419333 is highest rite ?" and resyncs ensued. ☟︎
mircea_popescu: bitcoin is like the paradigm of thought.
asciilifeform: 'AVG will sometimes heuristically identify Raptor/Melomy/Ferret trojans as, well, Trojans (duh). However, in many cases this heuristic detection can be avoided by renaming the .exe to a common installer name such as setup.exe. There may be other names that can be used – Windows itself recognizes a few "installer" exe names and slaps the little shield icon on there by default and also does that weird "this program didn't install c
asciilifeform: orrectly" popup, which can be elminated with some manifest-fu.'
asciilifeform: gold.
mircea_popescu: sounds about the level.
mircea_popescu: you understand ? backfeed fucking computing, "if i do this this happens so you press thios button" sorta excel-dev.
davout: this split really doesn't sound that simple to me
mircea_popescu: davout well it's certainly not trivial, no.
mircea_popescu: i suspect it's the simplest-possible, which still doesn't promise it's simpler than any arbitrary level.
davout: see, i don't see how it could be done without designing another way for nodes to communicate in another way than the currently existing protocol
asciilifeform: mircea_popescu: so far reads like data dump from any large american software co. plenty of 'excel monkey' material, a veeery small bit of classy.
mircea_popescu: davout why not ?
trinque: davout: there is also eatblock
mircea_popescu: asciilifeform just about. and large in the sense of alcatel not in the sense of alphabet, at that.
trinque: wallet node could be munching with that hole
davout: for example, how does the wallet perform a reindex, without storing the chain itself
mircea_popescu: davout wallet doesn't.
mircea_popescu: meh. wallet doesn't NOT store the chain. it's just stock trb.
mircea_popescu: it doesn't store ~the mempool~ is all.
asciilifeform: i know of no reason why wallet would ever want to ~receive~ mempool tx
mircea_popescu: if net-trb decides to engage in a reorg, it will eventually induce one in all the wallet-trbs connected to it.
mircea_popescu: asciilifeform quite.
trinque: why would it send either? crap a signed tx and operator feeds it to network node
asciilifeform: and trinque has it : i've put up nodes that communicate outside the house ~only~ via eatblock
mircea_popescu: asciilifeform incidentally your ssh thing may well have been a major step forward for this split.
asciilifeform: worx great.
trinque: aha
mircea_popescu: because now - they can ssh connect!
asciilifeform: mircea_popescu: that is one of the most obvious uses, aha
mircea_popescu: aha.
davout: asciilifeform: knowing about incoming txes before they've confirmed?
trinque: why does that help anything?
asciilifeform: davout: ~nobody gives half a shit about unconfirmed tx he didn't himself make
trinque: isn't in a block; may *never* be in a block
asciilifeform: aha
mircea_popescu: i concur. "unconfirmed tx" is improperly thought of as a tx.
davout: asciilifeform: mebbe operator wants to check his tx propagated?
trinque: and if I wanted that I'd want to do it as a "mempool explorer" tool
trinque: ^
mircea_popescu: davout operator sshs into network node.
asciilifeform: davout: you wouldn't do this from wallet box
mircea_popescu: and yes, better money just ask mimi for instance.
mircea_popescu: (ie, someone else.)
davout: i really don't feel strongly about this, just thinking out loud
davout: (this unconfirmed tx thing)
mircea_popescu: that's why the forum's here for.
mircea_popescu: well, that and not being read.
asciilifeform: in other lulz, nsa has internal clone of ida, 'ghidra' ☟︎
asciilifeform: java turd.
asciilifeform: and it is not even first-revealed in today's dump, has figured in... help-wanted ads, for eons.
mircea_popescu: does it even work ?
asciilifeform: now how would i know.
asciilifeform: in-house mega-seekrit javaturd.
asciilifeform: ( ads, e.g., https://www.techexpousa.com/jobdetails.cfm/450840/Software-Engineer )
mircea_popescu: myeah.
asciilifeform: lel, ipnoje uses 'tinyscheme' internally.
asciilifeform: 'Apple seems to have taken version 1.38 of the Tiny Scheme project (available online, google it or check workshop output) and modified it a little. Most modifications are fixes for the most obvious bugs in the program: changing sprintf to snprintf and adding some more size checks but they have not fixed everything. In fact, they haven't even bothered keeping up with the Tiny Scheme project, which is now on version 1.41. Apple have al
asciilifeform: so added a couple of new members and changed some sizes in the struct scheme.These are fairly trivial to reverse but comparing each function in a disassembler with the Tiny Scheme source version. Apple uses Tiny Scheme to create a vector of sandbox rules that it then converts to a compiled sandbox profile....'
mircea_popescu: lel
asciilifeform: ( from the docs of the active ios9+ browser driveby-with-arbitrary-payload. which hopefully surprises nobody )
deedbot: http://qntra.net/2017/03/wikileaks-hands-elected-trump-us-government-weapon-to-gut-careerist-deep-state-us-government/ << Qntra - Wikileaks Hands Elected Trump US Government Weapon To Gut Careerist 'Deep State' US Government
asciilifeform: ( more re same, https://wikileaks.org/ciav7p1/cms/page_13205587.html )
asciilifeform: BingoBoingo: neato
BingoBoingo: ty asciilifeform, figured I'd take big picture leaving opportunity for experts to fill in mined lulz with further submissions
asciilifeform: 'VOIP - Huawei VOIP Collection' << direct phuctor lel
asciilifeform: various cisco rootkits, also, but these i regard as a snore
asciilifeform: buncha konsoomer junk also (linksys et al)
Framedragger: isn't internet backbone basically juniper + cisco still? :(
asciilifeform: Framedragger: don't forget huawei.
asciilifeform: which is why you'll often find trb-related tcp pipes randomly RST'd, and the like.
Framedragger: i thought huawei only made consumer shit? (not that that's reassuring...)
asciilifeform: nope
Framedragger: i see - i'm behind on the internet of shit it seems
asciilifeform: 'Development of a tool to burst out a binary using udp packets with forward error correction at 100MB/s' << somebody reads the l0gz
asciilifeform: https://wikileaks.org/ciav7p1/cms/page_5341225.html << him, apparently
asciilifeform: 'Worked as head of Software Engineering at Mediatech Inc. from 2004-2006' << who will be the first to name this illustrious fella.
asciilifeform: https://wikileaks.org/ciav7p1/cms/page_18382968.html << winblowz code-signing bypass, courtesy of microshit
asciilifeform: https://wikileaks.org/ciav7p1/cms/page_3375460.html << usbdrive-shaped hardware raper for crapple desktops
asciilifeform: https://wikileaks.org/ciav7p1/cms/page_14588150.html << crapple firmware infector
trinque: no lets get rid of openfirmware; it doesn't x, y, and ...
trinque: moar ARM and EFI
trinque: it may sadden those that don't yet know that open firmware was a dead simple forth nugget. i.e. in the sense that apple for a brief time meant dead simple.
asciilifeform: https://wikileaks.org/ciav7p1/cms/page_36405256.html << re the 'internal gossipd', at the time of the writing appears to be entirely hypothetical
asciilifeform: trinque: the move to intel, killed it, intel iron wants megatonne of initialization crapolade
trinque: aha
asciilifeform: (and, bonus: builds only on winblowz, heavy on -- yes -- masm)
asciilifeform: lel, i was wrong re their 'gossipd', it was written, by unknown commercial contractor: https://wikileaks.org/ciav7p1/cms/files/Fluxwire_manual-3.5.0.pdf << docs.
asciilifeform: pretty heavy.
asciilifeform: and oh hey, http://btcbase.org/log/2015-08-02#1222312 <<<>>> https://wikileaks.org/ciav7p1/cms/page_2621481.html ☝︎
a111: Logged on 2015-08-02 20:02 mircea_popescu: siemens is "german" in the sense tsipras is "greek" and so on. absolutely nothing to do.
asciilifeform: ^ siemens voip gear, pwned
asciilifeform: aaaand https://wikileaks.org/ciav7p1/cms/page_9535850.html << hald (dbus component, poetteringism) local root.
asciilifeform: (0 details, but stated to exist.)
asciilifeform: https://wikileaks.org/ciav7p1/cms/page_1179686.html << lulzy, pocket gadget for theft of seeekrits from... floppies
asciilifeform: '...initial plan for concealment host is as a day planner.'
asciilifeform: 'hey lemme borrow this'
asciilifeform can almost picture this scene
asciilifeform: https://wikileaks.org/ciav7p1/cms/page_22642800.html << plunder of lulz from the italian 'hackteam' dump of '15
asciilifeform: https://wikileaks.org/ciav7p1/cms/page_9535630.html << their version of mircea_popescu's 'uci'.
mircea_popescu: i see you're well entertained.
asciilifeform: actually nearing the bottom of this barrel
asciilifeform: 'RainMaker v1.0 is a survey and file collection tool built for a FINO QRC operation. IOC/FINO is looking to expand asset-assisted operations. The intended CONOPS involves using an asset to gain access to a target network. The asset has the ability to plug in a personal thumbdrive to the network. In this scenario, the asset will have "downloaded" the portable version of VLC player (2.1.5) and will listen to music during work hours. W
asciilifeform: hile she is listening to music, the tool will execute the survey and a prioritized file collection. All collected data will be stored to the root of the removable media it is executing from. When the asset next meets with the case officer, the thumbdrive is retrieved and the collection is processed. '
asciilifeform: srsly?
asciilifeform: https://wikileaks.org/ciav7p1/cms/page_4849785.html >> 'I strongly suggest that you name your missing vector for DanceFloor "Twerk". '
mircea_popescu: note the fist fucking ever appropriate use of "she"
asciilifeform: loox like they censored the ~only ~useful bits, e.g. the active av holes.
asciilifeform: largely sums to snoar.
asciilifeform ate the whole thing.
mircea_popescu: anyway. maybe new elbrus brings ofw back.
asciilifeform: https://wikileaks.org/ciav7p1/cms/files/DevelopersGuide.pdf << for aficionados strictly -- details of implant protocol, where gibblets are disguised as tcp replay packets. apparently standardized across this particular directorate.
asciilifeform: 'Hive beacons were designed to work with the Blot proxy (developed by Xetron). Blot looks for a tool ID embedded in the HELLO packet of an SSL session initiation. If the ID is found, then it forwards the packet to the tool-handler, otherwise it is sent to the cover server. The tool ID is embedded in the HELLO packet using the embedData function defined in …/polarssl/library/loki_utils.c. The SSL data structure defined in …/polars
asciilifeform: sl/include/polarssl/ssl.h is extended to include the session _checksum, tool_id, use_custom, and xor_key. The data contained within this packet is constant with the exception of a time stamp taken from the real-time clock and a few bytes of random data. A CRC checksum is computed from the entire packet and is included with the HELLO packet. When Blot receives this packet, it checks the CRC searches a list of previously seen packets f
asciilifeform: or any matches. If a match is found the packet is assumed to be a TCP replay and is dropped.'
asciilifeform: document also of slight interest in re discussion of ntp, and issues of time synchronization in general. apparently unsolved problem for usg just as well as for victims.
trinque: unsolved problem for reality too
asciilifeform: 'IOC/ECG's Advanced Forensic Division (AFD) performed an analysis of Hive version 2.5 network communications to assess its likelihood of detection.The results of this analysis are found in document AFD-2012-0973-2. In summary, AFD was able to create signatures for DNS, ICMP, and TFTP triggers; found that the TCP and UDP triggers did not adhere to their respective protocol standards; and further found that the TCP and UDP triggers eac
asciilifeform: h had consistent packet sizes.'
asciilifeform: ^ apparently they use own auditor directorate for beta testing, and consistently fail
asciilifeform: this rounds out today's lulzfest, i think.
asciilifeform: and srsly, 0 directly bitcoin-related anything. in motherfucking 2015-16. asciilifeform is disappoint.
asciilifeform: ~that~ compartment, apparently, leakproof.
asciilifeform: ( just as crypto directorate is )
BingoBoingo: asciilifeform: To be fair about lack of Bitcoin, this is CIA rapidly reinventing own "NSA"
BingoBoingo: Stuck on low hanging fruit
asciilifeform: BingoBoingo: we did have a thread back in... 2013? re 'they will copy su approach and make 2-in-a-box kgb/gru duet'
BingoBoingo: AHA
asciilifeform: not even the directorate which runs the gavins, the hearns, ever seems to leak so much as a drop.
BingoBoingo: Well, draining has just begun. Build windmill and pump!
asciilifeform: thus far i suspect that 'leakage' is roughly proportional to a directorate's population of folx who know what is 'twerk'
asciilifeform: and who embed anime gif into their project docs (several examples in the linked dump)
asciilifeform: but i'll be the first to admit that this heuristic is very much a 'blind man and the elephant'.
BingoBoingo: And thus pumping needs to begin. Change pressure on the container and see what fails
ben_vulpes: in other water-related engineering projects, here's something that is very definitely not a lock: http://gcaptain.com/worlds-first-ship-tunnel-to-bypass-dangerous-seas-in-norway/
trinque: https://1917.rt.com/ << russian revolution member-berries
shinohai: https://github.com/bitcoin/bitcoin/pull/9938 <<< locks-free checking
trinque: http://btcbase.org/log/2015-02-05#1008756 << this is indeed still the case ☝︎
a111: Logged on 2015-02-05 18:01 punkman: http://log.bitcoin-assets.com/?date=05-02-2015#1008336 << this is now stuck at 124275
trinque: http://btcbase.org/log/2015-02-05#1008972 << mod6, is that why this patch did not make it in? ☝︎
a111: Logged on 2015-02-05 19:11 mod6: <+punkman> running a node with this line removed: http://btc.yt/lxr/satoshi/source/src/main.cpp#0939 . works so far << check out this patch: http://therealbitcoin.org/ml/btc-dev/2014-December/000023.html
trinque: would've been nice if punkman studied this when he first saw it.
asciilifeform: shinohai: no mention of the db, the actual bottleneck..
asciilifeform: ( incidentally, trb doesn't validate scripts in blocks. at. all. )
trinque has such a checkpoints-cauterized node wedged at that very block, will in fact study
trinque: 124276 happens to be a 1 txn block btw
asciilifeform: trinque: first q to ask in a wedge: 'has it SEEN the block?'
asciilifeform: ( recall, in mircea_popescu's recent case, answer was the -- very usual -- 'nope' )
trinque: this guy's running with -connect to deedbot.org node
trinque: sec and I'll grab some logs
mircea_popescu: asciilifeform aha. the nsa itself long knew it is both a) deeply ineffectual and b) extremely loud. which is why now and again i say something to the effect of "wtf straw must one have in head to work for those dorks, move on already."
mircea_popescu: asciilifeform> not even the directorate which runs the gavins, the hearns, ever seems to leak so much as a drop. << the reason is that utterly nobody gives a shit.
asciilifeform: mircea_popescu: and somebody gives a shit re junk routers etc?
mircea_popescu: yeah.
mircea_popescu: don't ask me to explain what entertains teh public.
asciilifeform: i suspect that , e.g., gavin's pay stubs, would entertain plenty.
mircea_popescu: they're not that substantial.
trinque: not nearly so much as "omg caught pirate robertz" or "pedo dark web lair"
asciilifeform: no, but the fact-of.
trinque: makes great tweets
mircea_popescu: nobody working for idiot empire makes much. this is a recurrent fantasy of yours, but not more.
asciilifeform: gotta divide by amt of honestwork, mircea_popescu
asciilifeform: megabux / ~0 is pretty sum
mircea_popescu: no ; because if a girl who does nothing but fucks up and sucks my cock makes a grand, that grand does not get divided by 0.000000epsilon to result in TWENTY BRILLIONS!!1
asciilifeform: in asciilifeform's mental calculus, it sure does
mircea_popescu: the only difference between slavegirl in my household and usg employee is that a) i whip mine and b) after a while they are sensibly better at everything. the usg drones don't get whipped and don't improve.
asciilifeform: commuting to and sitting in butugychag is a mega-difference
mircea_popescu: but otherwise, it's the same. i sent a bunch of girls on a bunch of missions this month, with various wads of cash.
mircea_popescu: except for the part where IT IS MY CASH, they could just as well have been "government employees"
mircea_popescu: who you know, "made salaries".
trinque: couldn't find the log, but the other day mircea_popescu discussed that some pedo case's dismissal had very much to do with that the guy refused to LARP with them re: their importance.
asciilifeform: mircea_popescu: that's rather like to say that fucking same gurl vs fucking hole in a muddy tree trunk, 'is the same'
trinque: no one can seriously claim the guy wearing steampunk goggles and going to conferences isn't LARPing in the grand american tradition of pretense to existing
mircea_popescu: asciilifeform explain
mircea_popescu: trinque no but it's exactly it, an exercise in serving the phantasmagorical.
mircea_popescu: http://trilema.com/2009/inchipuiti-va/ << very related, sadly in romanian.
mircea_popescu: (gedankenexperiment, what would happen if you could produce any item by thinking about it.)
asciilifeform: mircea_popescu: sweeping a floor for beloved comendante hasta y por la siempre, as gurl does, is quite different from sweeping floor for salary from hitler. even if same broom and same floor somehow.
mircea_popescu: well yes, certainly.
mircea_popescu: but not ~economically~ different.
trinque: the stay-puffed marshmallow man, elementarily
trinque: i.e. any manner of destructive nonsense, or cancer of the imagination
asciilifeform: trinque: wassat?
mircea_popescu: yea trinque the who ?
trinque: first ghostbusters, the david bowie lesbian god tells them to choose teh form of their destroyer
trinque: first thing that popped into what's his name 80s hack's head was the marshmallow man
mircea_popescu: lol ok
mircea_popescu wanders back to his zuleika rewrite that he's been labouring on since weekend.
mircea_popescu: expect an 80kword novel to be dropped on your heads later this week dear all.
asciilifeform: briefly upstack: as i once described, many years ago asciilifeform actually tried to sign up for nsa! was , unsurprisingly, turned down ( you get a ream of paper even if turned down! )
asciilifeform: and , years later, ended up briefly labouring in a butugychag full of ex-nsa folx, who confirmed, they dun like ethnic untermenschen there
asciilifeform: they suure luvv anime bois tho. apparently.
asciilifeform: or maybe this is only at cia.
asciilifeform: the funny bit is, that was when i formed picture of nsa as 'serious org'
trinque: I guess it wouldn't be the only "serious" gay men's club on earth.
asciilifeform: 'they're exempt from equalism!11 , think!'
asciilifeform: dunno, per my informant there were gurls there,
asciilifeform: fuckable, even
trinque cannot connect those inputs to "luvv anime bois"
asciilifeform: conflicting data re seekrit heathen pits, noose at 11
mircea_popescu: i don't see why it's such a big deal, i included all sorts of strange in the logs, what of it ?
asciilifeform: in other strange, '4-year-old male white rhino who was slaughtered this week inside his enclosure at a zoo outside Paris. The rhino — discovered by his keeper at the Thoiry Zoological Park on Tuesday — now holds the ominous distinction of likely being the first rhino to be killed by poachers inside a zoo, experts said.'
asciilifeform: !!up onlooker
deedbot: onlooker voiced for 30 minutes.
shinohai: Well onlooker certainly lives up to his handle.
asciilifeform: shinohai: i still dun get why cia stooge needs a handle. can read the l0gz on www, like anybody
shinohai: Maybe they get paid by # of connections
trinque: somebody's boss's boss just orders that X must infiltrate and monitor, and yes sir right away sir.
trinque: and so he does the most visibile thing such that boss sees him working, and he goes back to reading reddit.
mircea_popescu: alternatively random guy clicked a link, hasn't even noticed the tab among the symphony of tabs on his ie.
asciilifeform: mircea_popescu: he didn't show up under the default lamer nick (e.g., 'fromphuctor') so probably not this
mircea_popescu: perhaps. who knows where the link is found by now.
asciilifeform: and lol, infiltrate, sooo 2013!111 what'll he do, bore folx to death, like ninjashotgun
asciilifeform: or the other d00d, which one was he,
asciilifeform: decimation.
asciilifeform: ( the last time i mentioned him on the air -- he actually showed up! in pm! to whine re how cruelly he is libelled, how he was Never A Stooge, etc. snoar. )
mod6: <+trinque> http://btcbase.org/log/2015-02-05#1008972 << mod6, is that why this patch did not make it in? << i don't think it was because of any such wedge. i think we held off because it was proposed that there might have been a better way to handle that through configuration files. it's all in the logs if you look in around the time that email was sent; december of '14. ☝︎
a111: Logged on 2015-02-05 19:11 mod6: <+punkman> running a node with this line removed: http://btc.yt/lxr/satoshi/source/src/main.cpp#0939 . works so far << check out this patch: http://therealbitcoin.org/ml/btc-dev/2014-December/000023.html
trinque: meanwhile found some discussion, yep
trinque: and in fact, meanwhile found that it was my own build environment hauling in libressl on openbsd
trinque: so no big deal
asciilifeform: trinque: what was this in re
trinque: stripping out of checkpoints. I'd done it here myself days ago before finding that you had already in 2016
asciilifeform: snip of 'checkpoints'
asciilifeform: ah
trinque: *2015
asciilifeform: i never cut the old ones out, but introduced flag 'verifyall'
asciilifeform: iirc mircea_popescu at the time said that the thing really oughta eat a programmable set of checkpoint ☟︎
asciilifeform: but imho we are very, very far away from the 'verifying chain takes too long' problem, for this to be a burning issue
trinque: maybe; seems like a data structure that somebody would love to spooge malicious values into via some other (networking code) exploit
asciilifeform: trinque: if you have remote-execution 0day in the thing, you have a problem.
asciilifeform: plus/minus one useless routine, will make no difference, just like 7 bullet holes in head vs 8.
asciilifeform: but recall, i started by asking for 'the book' and for it to be as thin as reasonably possible (but not thinner..)
trinque: having a branch available to skip verification ~at all~ seems questionable.
asciilifeform: so snip, snip the crapolade.
trinque: indeed, I'm snipping and mapping for entirely that reason.
asciilifeform: fwiw i run my boxes with verifyall.
trinque: aha
asciilifeform: btw trinque lemme know if you'd like a 'wire' on dulap.
asciilifeform: ( ideally you would also have one to ben_vulpes , et al , avoid 'stars' )
trinque: asciilifeform: need an ssh pubkey for it iirc?
asciilifeform: aha
trinque: k will generate shortly and send it to ya
asciilifeform: gpggram.
trinque: sure will
asciilifeform: in other cia lulz, https://www.academic-signature.org
asciilifeform: in yet other lulz, 'dwave' no longer gets to monopolize snake oil market, https://www-03.ibm.com/press/us/en/pressrelease/51740.wss