log
▁▁▁▁▁▁⏐▁▁
danielpbarron: apparently one of the firms developing that tech has a building at 666 5th Ave NYC
mod6: my second run on the 2nd FG out of my bunch has completed. results here: http://www.mod6.net/fg/fg-test/fg2.ent_run2.txt http://www.mod6.net/fg/fg-test/fg2.dieharder_run2.txt
asciilifeform: neato mod6
asciilifeform: incidentally i had a thought re what an 'ideal dieharder' might look like.
asciilifeform: imho it ought to return an ~algo~ for attempting a better-than-chance prediction of nth bit, given n;
asciilifeform: or of k-th bit, given bits k_i-j ... k_i , for some j.
asciilifeform: because that's, really, what alleged 'weakness' means -- that you can say 'can predict...'
asciilifeform: this generalization also exposes what exactly the 'minimal sample' is, likewise.
asciilifeform: for very short input, algo will be likewise short. for long, well-entropic -- long. for long, poorly-entropic -- short.
asciilifeform: the scalarization of 'weakness' is an absurdity. gotta make this -- specific -- claim.
asciilifeform: * of k_i+1st bit
asciilifeform: ideally this output (algo) would consist of a runnable lisp proggy.
asciilifeform: that way you do not have to wonder wtf the particular test consisted of. and can immediately replicate.
asciilifeform: (without a copy of the tester, even.)
asciilifeform: btw i now realize that this entire idea isn't asciilifeform's, but actually greg chaitin's.
asciilifeform: from 1990s.
asciilifeform: described in almost exactly these terms.
asciilifeform: but i haven't the original paper at hand, this is a 20y+ memory.
asciilifeform: ( if anyone recalls where this was -- plz post !! )
asciilifeform: until somebody suggests a better name, i'ma call this hypothetical method 'die maximally hard'.
asciilifeform: (dmh).
mod6: heheh. i'll look for the posting
asciilifeform quite enjoyed the ru sphere's name for dieharder, 'умри тяжело'
asciilifeform: ( approx. 'go and die a hard death' )
asciilifeform: poor ol' english folx, have not only toilet and sink in same rooms, but imperative same as infinitive verb...
mircea_popescu: asciilifeform this is a pretty hard standard though.
mod6: not sure that this is it, but a decent read anyway: https://www.cs.auckland.ac.nz/~chaitin/sciamer.html
mod6: !~s Ada Big_Number
jhvh1: mod6: Error: "s" is not a valid command.
mod6: inconceivable
shinohai: !~google Ada Big_Number
jhvh1: shinohai: Arbitrary length integer in Ada - Stack Overflow: <http://stackoverflow.com/questions/1309195/arbitrary-length-integer-in-ada>; The Big Number Page: <http://bignumber.chez.com/>; Ada –A Crash Course - VTC - Vermont Technical College: <http://web.vtc.edu/users/pcc09070/TutorialAda/AdaCrash.pdf>
mod6: I guess what I was looking for was this: http://btcbase.org/log/2017-03-29#1633709☝︎
a111: Logged on 2017-03-29 12:08 asciilifeform: http://btcbase.org/log/2017-03-29#1633699 << it is a notbad library to study (no external deps!) -- but it DOES use heap.
mod6: I was thinking today about a ~tmsr~ crypto lib, and it starts (probably) thinking about bignum
mod6: I did run across one on shithub that was implemented with a linkedlist. this seems like exactly what we wouldn't want.
asciilifeform: http://btcbase.org/log/2017-04-26#1647926 << funnily enough, it's what i'm polishing for release as we speak.☝︎
a111: Logged on 2017-04-26 02:18 mod6: I was thinking today about a ~tmsr~ crypto lib, and it starts (probably) thinking about bignum
mod6: !
mod6: That's exciting asciilifeform
asciilifeform: since mod6 mentioned subj, i'll say a bit
asciilifeform: thing is optimized for -- strictly -- constant (always-worst-case) time and space usage; and fits-in-head (in that order)
asciilifeform: so not only , e.g., comparison, but addition, subtraction, take same number of ops regardless of what bits are set
asciilifeform: and all ints have fixed max width ( set at warmup )
mod6: aha. ok.
mod6: this is pretty similar to the semi-counterintuitive idea i had been thinking about -- or more probably, was remembering from a previous discussion in here about the same.
asciilifeform: no normalization, either - adding 8kb of zero to another 8kb of zero takes same time as any other possible pair of 8kb bitstrings.
mod6: right on. very cool.
asciilifeform: and no seekritbit-dependent branches.
asciilifeform: anywhere.
asciilifeform: ( in the arithm ops, that is )
asciilifeform: for some peculiar reason, everybody else (afaik) who implemented a bignumtron, only did this (or claimed, at any rate) for modular exponentiation -- but not for its subcomponent ops
asciilifeform: the usual argument is 'that'd be slow'
asciilifeform: but that's transparently bogus, rsa has 0 business ever running in anything but worst case spacetime
asciilifeform: ( and on encrypt, as well as decrypt end ! leaking plaintext isn't more forgivable on transmitter end than on receiver )
mircea_popescu: so how slow is it ?
asciilifeform: mircea_popescu: the only palpably slow knob is prime-finding
asciilifeform: (several min. on pc with no entropy bottleneck (i.e. FG present))
mod6: my re-run of eatblock is complete... will re-post stats etc here in a bit
mod6: asciilifeform: cool
asciilifeform: aim is to cap the thing at its current ~1000 ln.
asciilifeform: short and simple enough for even exceptionally impatient folx to read and grasp.
mod6: very exciting stuff
asciilifeform: actually-- deadly boring stuff. and intentional. 0 surprises. 'schoolboy' algos for just about all arithm ops.
asciilifeform: http://btcbase.org/log/2017-04-26#1647918 << was quite exactly this idea, but it also had the lisp outputs iirc☝︎
a111: Logged on 2017-04-26 01:56 mod6: not sure that this is it, but a decent read anyway: https://www.cs.auckland.ac.nz/~chaitin/sciamer.html
asciilifeform: http://btcbase.org/log/2017-04-26#1647917 << imho it's the only sane standard. rng 'weakness' can only be expressed properly as a 'predictor'. anything else is 'suggestively named token'☝︎
a111: Logged on 2017-04-26 01:54 mircea_popescu: asciilifeform this is a pretty hard standard though.
mod6: <+asciilifeform> actually-- deadly boring stuff. and intentional. 0 surprises. 'schoolboy' algos for just about all arithm ops. << that's just it though. excitingly boring.
asciilifeform: lol!
asciilifeform: mircea_popescu: so, to take example, if you found a rng that turns out to emit digits of pi -- the proof-of-weakness will be plouffe's algo.
mircea_popescu: plouffe's algo took until 2010 to be spit out. by plouffe.
mircea_popescu: notwithstanding it is trivial in that "olympiad problem" sense.
asciilifeform: 2001 iirc
mircea_popescu: right.
mircea_popescu: my 2001 is alt-spelled.
asciilifeform: but note that it dun have to be 'nth digit' , can also be 'next digit', o(n) , works just as well.
asciilifeform: for weakness proof.
mircea_popescu: the principle of the thing though. it is an exceptionally hard standard
mircea_popescu: not without theoretical merit ; but in practice imponderable.
asciilifeform: on the contrary -- all of the classical tests can be cleanly rewritten in this form
asciilifeform: at least, all of the meaningful ones...
asciilifeform: we aren't speaking of an ~optimal~ predictor, note
asciilifeform: ( that's provably undecidable )
asciilifeform: but of ~any~ better-than-chance predictor.
asciilifeform: any rng test can be rewritten as a producer of a predictor. or the test is rubbish.
asciilifeform: possibly the pi example was a poor one -- no ~automated~ tester, will ever find it, unless specifically made to
asciilifeform: ( the digits of pi do not autocorrelate, as far as anybody ever publicly found, in any other way )
ben_vulpes: https://blog.buoyant.io/2017/04/25/whats-a-service-mesh-and-why-do-i-need-one/ << "everything must run over http" monomania in full effect
ben_vulpes: parts of it have an odd feel, as though i were reading altcoin propaganda from another dimension
mod6: Ladies and Gentlemen of The Most Serene Republic: My Second Offline Eatblock Sync Test is complete (with DB Read Wait Stats): http://www.mod6.net/eatblock-test/
mod6: I have updated all the statistics, charts, and commentary in place.
mod6: Thanks to diana_coman for the help with gnuplot!
mircea_popescu: o hey
mircea_popescu: mod6 maybe i'm thick, but where's the per-line timing per block ?
mod6: hi
mod6: if you're looking at this chart: http://www.mod6.net/eatblock-test/trb_offline_eatblock.png
mod6: this is built from this line in the debug.log, for example: "ProcessBlock (res == 1) took : 2901ms; db write wait: 313ms; db read wait: 155ms "
mod6: the red lines are the first number after "took", so in the case of the example above, ProcessBlock took 2901 milliseconds.
mod6: is that what you're asking?
mod6: It wouldn't take much more effort to add the AcceptBlock values into the trb_offline_eatblock.png if that's wanted.
mircea_popescu: what i was looking for was, supposing the whole of trb looks like : http://wotpaste.cascadianhacker.com/pastes/YOK7i/?raw=true then something like : http://wotpaste.cascadianhacker.com/pastes/qGO07/?raw=true
mircea_popescu: literally, time per line of code per block.
mod6 looks
mod6: ah. ok.
mircea_popescu: kinda give a time heatmap for the whole codebase, as it were.
mircea_popescu: asciilifeform "specifically made to" means a lot less than it appears to, for reasons such as euler's equality etc. pi is a fundamental constant, it's everywhere.
mod6: sure. i missed that point completely - was just putting some stats together from alf's timer/odometer vpatches. i think something along the lines of what you're referring to takes deeper, or much more extensive instrumentation / profiling.
mod6: asciilifeform: unless I'm missing something major from one of your vpatches? (i've also posted my debug.log -- please take a second to see if I'm missing something major if you have a spare one)
mod6: but, in any case, I could work on further analysis like that, mircea_popescu
asciilifeform: mod6: you didn't miss any patch
asciilifeform: mod6: and mircea_popescu seems to br asking for gprof raw out
asciilifeform: this is easy to get, but he ouhta read http://yosefk.com/blog/how-profilers-lie-the-cases-of-gprof-and-kcachegrind.html first.
asciilifeform: *be asking
asciilifeform: and fwiw i did not use gprof when i determined where to put the timer -- i used an actually clueful initial hypothesis, and an outer timer ( on ProcessBlock, which was the item of interest ) to compare the output of various inner ones against.
mircea_popescu: http://btcbase.org/log/2017-04-26#1648004 << no i know, but it can't hurt to have☝︎
a111: Logged on 2017-04-26 12:15 asciilifeform: this is easy to get, but he ouhta read http://yosefk.com/blog/how-profilers-lie-the-cases-of-gprof-and-kcachegrind.html first.
mircea_popescu: moreover, there's not that many published large codebase sort of thing. in fact, this may be the largest ever.
asciilifeform: 1 snag is that -- afaik -- gprof doesn't work with static bins, or musl.
mircea_popescu: mm. doesn;t it ?
asciilifeform: iirc.
asciilifeform: https://web.eecs.umich.edu/~sugih/pointers/gprof_quick.html << gprof likbez, if anyone wants to try.
mod6: aha, ok thanks for the info alf.
mod6: will start looking into that. no reason why I cant set that up and do another run.
mircea_popescu: mod6 he has a point, it is a pit of vipers, but at least we'd know.
mircea_popescu: asciilifeform for one thing, the yossi kreinin piece doesn't EVEN USE an actual program. and this "let's imagine" fluff is pretty much peak data in this "field" of "cultured folks". naimean ?
mircea_popescu: (for the record, his "proper fixation" quote is opaque. fixation is generally used in medicine, but histopathology branch thereof, to denote preparation of microscope slides. if he means "tying up the person", i'd guess that'd be proper affixation or something (not really affixation, that's a grammar term of art), though it's entirely disused.)
mircea_popescu: proper affixion*
asciilifeform: mircea_popescu: unfortunately the d00d is quite correct in his description of the mechanism. gprof doesn't work in the obvious, sane way ( a mechanized version of what i did -- per-routine timer ) but using randomized sampling.
mod6: ah, herp. missed that part about the statics & musl
shinohai: Was in a discussion this morning with someone regarding mircea_popescu 's "How to take control of your provider" piece and was shown this horror: https://twitter.com/SarahDiAvola/status/857214088471953409
mircea_popescu: asciilifeform ah no dispute as to the theory. just ... practice kills us.
mircea_popescu: shinohai on a scale of 1 to nuts, that's not even cashews.
mircea_popescu: also, ask her for me how does she know to open "the ones with $" without reading the rest.
mircea_popescu: "i read a book i like twice, but books i don't like i don't read at all!11"
shinohai: I had never seen that particular device, and boy have I seen some strange ones.
mircea_popescu: she's got a very nice bj, actually. who dunnit ?
asciilifeform: reminds me of the dream i just woke up from -- where i found a way to send a bit backwards in time
shinohai: Most of the girls won't answer their DM's unless sent > $20 fee. Answering these emails for select ladies could be profitable for me if they'd only pay in Bitcoin.
mircea_popescu: twitter takes a fee ?
shinohai: Nope, the findom girls do tho.
asciilifeform: https://archive.is/NieCy << in other lulzies
mircea_popescu: shinohai how does she know what to read ?
mircea_popescu: asciilifeform imbecile somehow missed the point that last reverted "upgrade" got "majority" within a week.
mircea_popescu: !!rate rick falkvinge -10 doddering imbecile, entirely unqualified to speak publicly on any matter.
shinohai: I dunno yet for sure, seems each of the greedy bitches has a different method. I'm sure eventually I can automate this too.
mircea_popescu: basicallty, their method is lie();
mircea_popescu: though some just use pretend()
shinohai: The whole of their twitter empire is an illusion, not that I care how much they lie as long as *my* payment is forthcoming.
shinohai: But yes, pretend makes up majority of shitposts in attempt to make themselves appear in demand.
mircea_popescu: the whole "findom" business is a rather funny comment on female behaviour and the nature of the human brain. so out of all the services freeranged cunt could provide to substitute the wife in man's daily economy, "taking his paycheck" is certainly the least useful. but then again as far as the woman's concerned, it's why she got married in the first place.
mircea_popescu: so... let's offer the... service of... doing what we wanted to do anyway. this is a business proposition, now.
shinohai recalls one girl who used fakeinvoicegenerator.com or somesuch to make it appear subs were paying.
mircea_popescu: and "it works" because IT HAS TO, because hey, americans, wholly brain rotten, "can do anything". and if you can you must and therefore let's claim and nobody'll give us the lie because everyone's in the same rut.
shinohai: Didn't bother to crop the url from screenshots
mircea_popescu: shinohai it happens, but it happens like it happens in browser games.
mircea_popescu: ie, you get lucky. most don't.
mircea_popescu: then those who do lord it over the ones who don't, irrespective of how they had ~no merit in it, then those who don't get frustrated and double down their efforts because hey, it's personal now, and that's how women judge their self worth, and so on and so forth.
mircea_popescu: if the academia scam weren't there to extract the ones with iq > room temp from "street lyfe", we'd be stuck fishing this end of the lulz pond rather than campuses.
shinohai: lol
shinohai: I'm rather willing to bet 99% of these "dommes" would be flipped in an instant on arrival to mp's harem.
mircea_popescu: how would such arrival work ?
mircea_popescu: no, i expect something more along the lines of http://trilema.com/2011/deci-de-revelion-acum-niste-ani/ ; ie providing they somehow landed in they'd identify a situation according to their own mental furnishings, which'd have nothing much to do with the actual situation, then proceed to "Strategize" on that basis and the girls would toy with her for as long as that's funny before chewing her up and spitting her out.
shinohai: That would be even *more* entertaining.
mircea_popescu: possibru
shinohai: http://archive.is/oOYD8 <<< Supports segwit, hates scams. Noted.
mircea_popescu: shinohai lol "like they did with etc".
mircea_popescu: dorks.
shinohai: If only anyone actually gave a shit about Litecoin.
mircea_popescu: asciilifeform anyway, either approach discussed is ridiculous. i don't need valgrind to emulate a processor and then guess how long things' take ; i don't want gprof's sampling either. just awk the codebase to add a printf after each instruction spitting out time and recompile. that's it.
mircea_popescu: shinohai well, if they keep talking about it as if someone does, certainly someone one day will.
mircea_popescu: financial domination!!11
shinohai: Something, something, LTC
shinohai: I'm rich.
asciilifeform: mircea_popescu: good luck parsing cpp grammar (yes, all of it...) in awk.
mircea_popescu: it still uses semicolons yes ?
asciilifeform: think.
mircea_popescu: ask me to do something i'm good at!
asciilifeform: can't put printf in , e.g., declarations.
mircea_popescu: aren't those in .h ?
asciilifeform: not exclusively.
mircea_popescu: heh.
mircea_popescu: anyway, point still remains, the way to do this is printf time&line each line.
mircea_popescu: awk oneliner may not be available, but in point of fact "find the lines" is a ~solved problem, even for borland ide.
asciilifeform: sadly, again nope
asciilifeform: see callgraph thread.
mircea_popescu: eh!!!
mircea_popescu: in other DOH, "people who write bad code will misuse profilers also" ~yosefk.
asciilifeform: mircea_popescu decided ahead of time to barf -- and did so
mircea_popescu: no i was quoting this as a right and proper observation.
mircea_popescu: wasn't a protest.
asciilifeform: i disagree that there is anything fundamentally misleading in the linked piece.
mircea_popescu: i think he's making an important point.
mircea_popescu: asciilifeform i'm not saying there is ; i am saying i don't care for either method of profiling he discusses for this usecase.
asciilifeform: aah
mircea_popescu: if you're interested in either gprof or valgrind's callgrind, or both or whatever, his thing is useful. but i'm not. specifically because bitcoin is too large and slow to be run on valgrind-simulated cpu, and moreover if we could do that we wouldn't have any of the problems we currently approach anymore.
mircea_popescu: and gprof is just not useful, with the sampling and etc.
asciilifeform: valgrind doesn't simulate cpu
asciilifeform: it does approx what mircea_popescu asked for
mircea_popescu: afaik it does.
asciilifeform: and result is 500x slowdown.
asciilifeform: mircea_popescu: doesn't simulate cpu -- read the src/docs
asciilifeform: but does insert probes.
mircea_popescu: dude...
mircea_popescu: first fucking line. "cachegrind simulates"
asciilifeform: cachegfind
asciilifeform: Grr
mircea_popescu: http://valgrind.org/docs/manual/cg-manual.html <
asciilifeform: cachegrind
mircea_popescu: yes. it is a valgrind plugin is it not.
mircea_popescu: "valgrind [when used for this purpose through this module] simulates" etc.
asciilifeform: this yes
mircea_popescu: http://logs.minigame.bz/2017-04-26.log.html#t15:22:21 << perhaps of republican interest.
lobbesbot: Logged on 2017-04-26 15:22:21: <mircea_popescu> puts the whole "only fate of average mankind is harem slavery" rhetoric quite into focus.
phf: gprof interrupts the program every few ms and saves the backtrace, the whole family is called "sampling profilers" because it only knows of functions that it saw during the interrupt. functions with runtime < interrupt ms show up with wrong estimates
phf: valgrind i take it from what asciilifeform is saying instruments the code, in an equivalent of putting printf after every statement
mircea_popescu: phf functions with any runtime that average about the interval PER CALL show up all over the place.
phf: cachegrind is something else entirely :o
mircea_popescu: cachegrind is a valgrind plugin eh.
phf: right
shinohai: !~later tell BingoBoingo http://wotpaste.cascadianhacker.com/pastes/yBR9C/?raw=true
jhvh1: shinohai: The operation succeeded.
deedbot: http://phuctor.nosuchlabs.com/gpgkey/4D1E6E444832FBBE0092F39A459F03112F0D8F32637F1DC8B8245A86C16578B7 << Recent Phuctorings. - Phuctored: 1778...3099 divides RSA Moduli belonging to '81.170.222.10 (ssh-rsa key from 81.170.222.10 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (h-81-170-222-10.NA.corp.bahnhof.se. SE D)
deedbot: http://phuctor.nosuchlabs.com/gpgkey/4D1E6E444832FBBE0092F39A459F03112F0D8F32637F1DC8B8245A86C16578B7 << Recent Phuctorings. - Phuctored: 1413...1427 divides RSA Moduli belonging to '81.170.222.10 (ssh-rsa key from 81.170.222.10 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (h-81-170-222-10.NA.corp.bahnhof.se. SE D)
deedbot: http://phuctor.nosuchlabs.com/gpgkey/308C79ED32BB1D28E5F59EC4ADB2E56B1ED16614D3B4C737238FC3D169AF94B0 << Recent Phuctorings. - Phuctored: 15 divides RSA Moduli belonging to 'Robert J. Hansen; Robert J. Hansen <rjh@sixdemonbag.org>; '
deedbot: http://phuctor.nosuchlabs.com/gpgkey/DB096A7B64B9F4A9CE82785D9AF80E50E2AAE4BCC607BF6BFDACDD92BF65873C << Recent Phuctorings. - Phuctored: 15 divides RSA Moduli belonging to 'PGP Global Directory Verification Key; '
deedbot: http://phuctor.nosuchlabs.com/gpgkey/5377DC3F52C67DB02FB2F4CBC7391DDD471AF66B9AFF37F4A5FB782434DC1748 << Recent Phuctorings. - Phuctored: 15 divides RSA Moduli belonging to 'Shell Arkell <shell@zenrio.net>; '
deedbot: http://phuctor.nosuchlabs.com/gpgkey/49636881FF5C8C4B95D9CA4B2AB73D5C13B35FF5D9AB0DA41B9E8EC1231F33E5 << Recent Phuctorings. - Phuctored: 15 divides RSA Moduli belonging to '46.45.142.230 (ssh-rsa key from 46.45.142.230 (13-14 June 2016 extraction) for Phuctor import. Ask asciilifeform or framedragger on Freenode, or email fd at mkj dot lt) <ssh...lt>; ' (voip.istanbuldc.com. TR)
shinohai: lol @ turkish one
asciilifeform: in other lulz, 'Korean Bitcoin Exchange Yapizon Loses 3,831 BTC Due To Hack'
asciilifeform: 1) collect btc from chumps 2) 'get hacked' 3) profit
asciilifeform: apparently works same today as in 2011.
shinohai: ^ will add to shitcoin roundup
asciilifeform: voip.istanbuldc.com << this and 1,001 other voip crapolades. gotta wonder why usg is so fixated on voice telephony.
shinohai: Must have fingers in all teh telcom pies. (See upcoming Qntra for more telcom lulz )
BingoBoingo: ty shinohai
deedbot: http://qntra.net/2017/04/g-inflation-continues-in-fiat-rf-allocation-with-austin-texas-getting-fifth-g/ << Qntra - G Inflation Continues In Fiat RF Allocation With Austin, Texas Getting Fifth G
shinohai: ty BingoBoingo I have another one in limbo
BingoBoingo: good luck
asciilifeform: in other lulz, https://v.teknik.io/v/MlDDG << 'FUCKGOATS unboxing' ( pankkake ! )
asciilifeform: <pankkake> if I knew there would be goatse, I would have bought earlier
asciilifeform: lulzy.
pete_dushenski: http://archive.is/yzAMq << "Grayscale Investments plans to launch the first-ever private fund focused on ethereum classic"
shinohai: http://www.antbleed.com/ lel
asciilifeform: ahahahahahaha
pete_dushenski: i badly wish silbert's latest fund were a late apr1 joke. just seems too cruel to be true!
pete_dushenski: https://grayscale.co/ethereum-classic-investment-trust/
pete_dushenski: "Annual Fee: 3% (includes Development Contribution)*"
asciilifeform: http://btcbase.org/log/2014-07-08#749741 << see also☝︎
a111: Logged on 2014-07-08 23:51 asciilifeform: if you can stop all miners but yours - for a given interval - you can plunder blocks at far below the expected energy cost
asciilifeform: + http://btcbase.org/log/2014-07-08#749717☝︎
a111: Logged on 2014-07-08 23:48 asciilifeform: if you can arrange for, say, the entire crop of 'bfl' units to spin their wheels fruitlessly during known time intervals, your own miners (presumably exempt) can be scheduled to run then and precisely then
pete_dushenski: "* The Sponsor intends to direct up to one-third of the Annual Fee, for the first three years of the Trust's operations, towards initiatives that support development, marketing, and community activities of the Ethereum Classic Network."
shinohai: haha I was searching for that tidbit in the logs asciilifeform, thought you had said this previously.
asciilifeform: for ze l0gz: 'The firmware checks-in with a central service randomly every 1 to 11 minutes. Each check-in transmits the Antminer serial number, MAC address and IP address. Bitmain can use this check-in data to cross check against customer sales and delivery records making it personally identifiable. The remote service can then return "false" which will stop the miner from mining.'
phf: beautiful call
asciilifeform: 'backdoor allows Bitmain to shut off a large section of the global hashrate (estimated to be at up to 70% of all mining equipment). It can also be used to directly target specific machines or customers.'
pete_dushenski: "Even without Bitmain being malicious, the API is unauthenticated and would allow any MITM, DNS or domain hijack to shutdown Antminers globally. Additionally the domain in question DNS is hosted by Cloudflare making it trivially subjected to government orders and state control.
pete_dushenski: "
pete_dushenski: tragicomedy gold
jhvh1: No one could have predicted!
shinohai: Apparently there is remote code execution exploitation in this backdoor as well: "unexploitable out-of-buffer read access in if(strstr(rec,"false")) as rec may not be zero-ended if 1024 bytes are received."
shinohai goes to shithub to see what else might actually be in there
asciilifeform: pete_dushenski et al : there is no particular reason to suppose that subj is the ~only~ back door, also.
shinohai: BingoBoingo: http://archive.is/Jhv2t
BingoBoingo: lulzies, should have refused service. This is a srs warning to funeral home insurers
asciilifeform: BingoBoingo: http://btcbase.org/log/2014-10-19#883002 << oblig☝︎
a111: Logged on 2014-10-19 03:18 asciilifeform: BingoBoingo: 500 lb. body causes fire at Henrico crematory << one time i spent an evening reading cremator manuals (for no particular reason. happened to stroll by a modern crematory on evening walk in new street, was curious.) every manufacturer has special instructions for the peculiarly fat 'clients.'
BingoBoingo: Aha, yes. This keeps happening enough that the only final solution here is refusing service. This must be driven by insurers unless Obama care has perverted the meaning of insurance in the post-health industry too.
asciilifeform: or cremate in open air pyre, like hindus.
asciilifeform: ( where moar fuel --> merrier )
asciilifeform: or on a barge, like viking.
asciilifeform: many possibilities.
BingoBoingo: No, only solution is force the obest to slow cremations on manure pile.
shinohai: If burned in barged, what ensures complete combustion so the remaining fats don't seep into the water supply and pollute ?
shinohai: *in barge
asciilifeform: shinohai: ever boil water in a paper cup ?
shinohai: Can't say I have.
asciilifeform: try it some time
mircea_popescu: does microwave do it ?
asciilifeform: mircea_popescu: yes, but not interestingly.
asciilifeform: point is that it won't burn until water boils out.
pete_dushenski: pete_dushenski: it'd be more surprising if it were the only backdoor. like ferrari factory authorised odometer rollback (this recently too!) would be surprising if it were only sketchy business practice that $RACE engaged in.
pete_dushenski: lol ^ asciilifeform
pete_dushenski: i could at least ping one of my own sockpuppets eh
mircea_popescu: http://btcbase.org/log/2017-04-26#1648125 << because empire of idiots. actually believes bottom is best.☝︎
a111: Logged on 2017-04-26 16:57 asciilifeform: voip.istanbuldc.com << this and 1,001 other voip crapolades. gotta wonder why usg is so fixated on voice telephony.
mircea_popescu: http://btcbase.org/log/2017-04-26#1648148 << trivially bypassed, though. i expect more of a "checking if anyone's awake" sort of thing.☝︎
a111: Logged on 2017-04-26 21:12 asciilifeform: 'backdoor allows Bitmain to shut off a large section of the global hashrate (estimated to be at up to 70% of all mining equipment). It can also be used to directly target specific machines or customers.'
asciilifeform: every booby is 'trivially bypassed' AFTER YOU FOUND IT lol
mircea_popescu: it's not so hard to fucking notice your box is dialing out.
asciilifeform: afaik nobody till now ever admitted to having noticed. fwiw.
mircea_popescu: now imagine instead of "false" it actually wanted the time signed.
mircea_popescu: well yes, mining business is secretive.
asciilifeform: imho biggest surprise is that there still is such a thing as a not fully vertically-integrated mining op.
mircea_popescu: this is doubtful.
asciilifeform: it'd appear to follow trivially from the noose item ( why would ant sabotage ~own~ iron. )
asciilifeform: unless subj concerned a stolen/otherwise 'with legs' item. which is possible, i have nfi.
mircea_popescu: they're chinese, they don't make sense. but anyway.
mircea_popescu: "My own experience here is depressing – nobody, not even the smartest folks, is willing to read anything unless they came specifically to read. If they came for any other purpose, forget it. When you're a tutorial, you can tell things to people and they listen. When you're an error message, people read you to the extent necessary to make you go away but no further. And when you're a warning, people simply ignore you. It suc
mircea_popescu: ks to be a warning. People also don't expect things to be complicated enough to warrant a tutorial, so they won't allocate time specifically to read one, on any topic, for any reason. They're wrong, of course, but they won't ever find that out, to the best extent of their abilities."
mircea_popescu: ^yossi, paraphrased slightly.
mircea_popescu: he's pessimistic about big red warnings, i'm pessimistic about the ~possiblity~ of an english-language culture.
mod6: werd to that
mircea_popescu: its hard