mircea_popescu: trinque o excellent news. so you all ok on that score ?
mircea_popescu: douchebag qr code it's not one thing, it has like 30 different versions. there's tiny 21 module v1 to > 150 x 150 modules later. a mid sized item is about 3-400 bits.
deedbot: saturn_ voiced for 30 minutes.
hanbot: on the mp-wp newsfront, i've a pressed genesis via phf's lastest leftwards/keccak vtools. am waiting on pizarro folks to get apache & mod_rewrite going so i can test it and see to the initial patches it'll need.
☟︎ trinque: mircea_popescu: sure am, oughta be able to get things squared shortly, couple days
ckang: hey mircea_popescu I had a talk to zx2c4 to try and smooth things over a bit
ckang: his worry is that he thinks he will feel indebted to trilema
ckang: Like he will owe something
☟︎ ckang: if that makes sense?
ckang: and he wasnt sure what #trilema is about but saw the 'terrorist' thing in the topic
mircea_popescu: oh, btw, whatever happened to that trish chick ? did she ever find me my cartoon artist ???
ckang: ill look for her tonight shes normally on late during the week
trinque: mircea_popescu: gpg IP settings pls?
ckang: mircea_popescu: hes just worried about his nick being associated with a group that calls themselves a terrorist organization, I suggested that he maybe create an alt nick for the purpose of the discussion and also told him it would be a great review of the project since you all know a good bit about the stuff
ckang: but overall seems like a nice guy
trinque: what network settings does this thing need?
mircea_popescu: anyway, he can't really "create an alt nick", what, i'm going to give thousands of dollars to random people ?
ckang: yea, need to figure that one out still.
mod6: lol, i didn't even see that the topic changed.
ckang: i just want to see this happen, think it would be good for his stuff from a codebase perspective to have other smart eyes looking over the implementation
a111: Logged on 2018-04-05 12:29 mircea_popescu: ^ rfc.
trinque: ftr being indebted to trilema is good for you
mircea_popescu: ckang from experience it's a ticket to fame, but anyways.
ckang: well, i can understand his point though. theres a lot of 'proper' types on freenode
mod6: mircea_popescu: nice
ckang: and it does say 'terrorist organization' right when you join ;p
trinque: imagine the honesty. when you get to the state dept, it says state dept.
mircea_popescu: at least this one admits it. usg still trying to claim it's a legitimate state.
a111: Logged on 2018-04-05 04:18 mircea_popescu: lol so in the end ns1/ns2.qntra.net are the pizarro nameservers ?
ckang: anyways it was a good discussion i will follow up with him tomorrow, however removing that phrase from the topic might go a long way in smoothing things over a bit
ckang: but i get you too, dont compromise your beliefs to appease 1 person.
mod6: TMSR is the rock that the water breaks upon, not the other way around.
ckang: he was looking for sponsors it sounded like though as he wants to focus on it full time
ckang: cant say i blame him, ive had hobbies turn in to 2nd jobs and it can get pretty stressful
ckang: torvalds is a pretty funny guy, some of his rants are great reads
deedbot: sashahsas voiced for 30 minutes.
ckang: hey sorry didnt see you come in
sashahsas: At work but have some time to do it if you aren't busy
ckang: you want to talk to mircea_popescu
deedbot: britknee voiced for 30 minutes.
britknee: Hey dear, I believe you are the one I was told to speak with
britknee: Something about random numbers and breast
britknee: Sorry, I didn't know it was out in the open 😮
britknee: Neat, let me find something to write with.
mircea_popescu: and in other logs, "CL-Feed-Parser/0.0.00 (SBCL 1.4.5; Linux;"
☟︎ deedbot: sashahsas voiced for 30 minutes.
ckang: sashahsas was too but she is @ work, told me she could sneak off and do it though
ckang: yea it just may take her a minute to do it depending on whats going on
sashahsas: Intermittent, had a break to check phone though now.
sashahsas: Should have 10 minutes here soon though.
ben_vulpes: dear #trilema is we is an apache prefork club for mod_php?
ben_vulpes: there are a few threading models in apache as i understand it, prefork, worker and event
deedbot: sashahsas voiced for 30 minutes.
deedbot: britknee voiced for 30 minutes.
deedbot: sashahsas voiced for 30 minutes.
sashahsas: Hows it going? Have a few minutes here while I finish eating
ben_vulpes: okay now for the next wtf: phpinfo returns instantly, i can open a database connection from php and query for the number of tables, but when i use the mp-wp index.php shit slows to a 2.7 second crawl
ben_vulpes: i must actually be too thick to configure an mpwp lamp stack.
ben_vulpes: moreover i got the same behavior out of the php_fpm and proxy setup last night, but had trouble believing my eyes. now i've reproduced it with mod_php and am just as baffled.
ben_vulpes: time curl -H 'Host: vantucky' localhost
ben_vulpes: .07s to serve robots.txt, .011s to serve phpinfo, .011s to serve phpinfo with a db connection and query
ben_vulpes: 2.7 to serve the index.php from my copy of mp-wp
ben_vulpes: stick 161.0.121.247 vantucky into your /etc/hosts and curl it on port 800
mircea_popescu: well, is this 2.7 s to first byte ? or total page load ?
ben_vulpes: per time curl -H 'Host: vantucky' -s -w "Connect: %{time_connect} TTFB: %{time_starttransfer} Total time: %{time_total} \n" localhost:800/phpinfo.php -o /dev/null
mircea_popescu: is your mp-wp isntall depending on eg a theme you don't have referencing images that don't exist or w/e ?\
mircea_popescu: ah, lol. are you referencing the mp-wp as "localhost:800/whatever/index.php" ?
mircea_popescu: it must know its own address ; either put it in normally or else i guess edit wp-settings.php to contain your nutty self-reference
mircea_popescu: that's what's going on, it tries to find itself and waits for timeout.
mircea_popescu: i don't believe it's either apache or mysql. i expect is unhappy interaction between your ad-hoc dns mapping and mp-wp.
deedbot: sashahsas voiced for 30 minutes.
ben_vulpes: mircea_popescu: as in actually trying to talk to itself over
http? mircea_popescu: i don't even know that it knows what a port is or what to do with the colon.
ben_vulpes: well it successfully redirects me to the index and the admin login page now when using a consumer browser; not that that's much of an indicator that things aren't deeply fucked within
mircea_popescu: the whole story is whether it waits for a timeout somewhere.
sashahsas: Hey sorry, had a coworker come up and had to put my phone down.
sashahsas: Its a pet peeve of mine, talking to someone and them looking at their phone.
sashahsas: So many people do it though unfortunately these days.
sashahsas: Some can navigate the entire city looking at a phone screen lol
sashahsas: The right keyboard helps a lot with predictive text
trinque: ben_vulpes: vantucky << I can see it
sashahsas: Hmm, that is an actual work? Racecar
ben_vulpes: trinque: yeah but i doubt you see it in a reasonable timeframe
trinque: ben_vulpes lives in the john deere part of pacific nw
trinque: this is just the first time I encountered "vantucky"
mircea_popescu: sashahsas let's try it this way then : amanap : lanac-anal panama
ben_vulpes: omg where is the apache listen port configured asciilifeform
mircea_popescu: ben_vulpes why don't you just put it in production and then futz with optimisation, like normal people ? do you not know anything about webdev ?
ben_vulpes: i am unsure as to how serious you are being.
mircea_popescu: sashahsas ok, ok, how about this -- amanap : lanac a nalp a nam a
sashahsas: That hurts my head trying to see it
ben_vulpes: but also not having .htaccess apparently sucks
mircea_popescu: sashahsas we here at trilema terrorist republic specialize in headhurting & casse-tete chinois.
sashahsas: I need to download a thesaurus or dictionary to understand that sentence I think
mircea_popescu: sashahsas you don't speak french ? it's how the frenchies say "puzzle".
sashahsas: Beautiful language but no never learned it. French girls always sound so sexy.
sashahsas: Nope, just heard them through media, TV, news and such.
sashahsas: There is also the Cajun style which is pretty interesting.
sashahsas: No, Louisiana had a french colony at some point I think.
sashahsas: It is some strange english/french hybrid.
sashahsas: Oh, thats right, I completely forgot about that but the name is familiar.
deedbot: britknee voiced for 30 minutes.
britknee: wow that easy? you want my friends to? lol
britknee: i dont know if i can get them on irccloud though is only thing
trinque: britknee: it says foob on your boob
britknee: is that # random or does it mean anything?
ben_vulpes: hanbot must have some special sauce in her mp-wp
☟︎ britknee: bum atm, not homeless but not in school or work
britknee: it is nice being able to do what i want every day
britknee: but i have my friends who would show you their tots !
mircea_popescu: speaking of friends, do you have any super talented cartoon artist friends ?
mircea_popescu: anyway ben_vulpes here's where you thank me profusely for having saved you dicking about with entirely nonbroken stacks for an alfternity.
britknee: most of my friends are pretty talentless, one can sign but the rest, nothing special i know of
mircea_popescu: britknee with friends like that no wonder you're broke!
ben_vulpes: mircea_popescu: thank you so very very much.
britknee: they are all good ppl though who would do anything they could to help me or each other
ben_vulpes: i am still flabbergasted that it takes apache 2.7 seconds to render what nginx can do with the fpm pool in a tenth of a second.
mimisbrunnr: Logged on 2018-04-12 06:49 ben_vulpes: hanbot danielpbarron: apache with mod_php is, sadly, much slower than the nginx setup we've had until now. however now we can move forward with getting your .htaccess files set up and uploads and such. i'm going to knock off for now but please let me know how i can support your mp-wp projects next.
mircea_popescu: it has nothing to do with apache ; let everyone who isn't hanbot fix their mp-wp
mircea_popescu: ideally by getting her genesis pressed once she puts it out.
ben_vulpes: mircea_popescu: nginx can serve hanbots in .01s, not the .6 of apache
mircea_popescu: ben_vulpes do you realise the 0.5 is measured through dns and all that ? did you do same with nginx ?
trinque: somewhere a star printer screeches with the sound of titties.
deedbot: sashahsas voiced for 30 minutes.
deedbot: britknee voiced for 30 minutes.
britknee: i feel smarter having read all the stuff above but still have no clue what it means lol
ben_vulpes: awww shit reaction engines limited bezzled boeing and rolls-royce into pouring another pile of bezzlars into the sabre engine
ben_vulpes: buncha british poofs have a magical ambient-air-breathing-theoretically-up-to-mach-5 rocket engine system
ben_vulpes: yeah, they did some really impressive work with fine pipe drawing for the intercooler, and some Black Fucking Magic to keep hell from freezing over
ben_vulpes: basic principle is to dump the heat from intake into the onboard lh2 supply, boil a bit off to turn the pumps, and then cut over to internal supplies once out of the atmosphere.
mircea_popescu: this magical heat exchanger getting air to -150 should be interesting.
ben_vulpes: why would the intake stream have to get that cold?
ben_vulpes: black magic, i tell you. cold-fusion grade bezzle.
ckang: cant get behind all this 3d printer fanboy stuff, its just not a good substrate with the current materials for anything you want to last somewhat longterm
☟︎ ckang: granted im sure things are progressing, but its hard to outperform something from a billet of aluminum
☟︎ ckang loves well machined aluminum part & high speed milling vids
a111: Logged on 2017-08-19 18:25 mircea_popescu: are you aware i think your "formal" model is a piece of shit from paragraph one ?
a111: Logged on 2018-04-12 01:31 mircea_popescu: spyked but why would it be difficult in that way ?
a111: Logged on 2018-04-12 04:24 mircea_popescu: and in other logs, "CL-Feed-Parser/0.0.00 (SBCL 1.4.5; Linux;"
deedbot: zx2c4 voiced for 30 minutes.
zx2c4: hello. mircea_popescu asked me to come here for two hours to field some questions about wireguard from you all. i'm not very familiar with this channel or the community in it, but i am happy to talk to whomever about wireguard. so let's start the timer now?
zx2c4: it's small, minimal, has the flexibility to be exactly what i needed and nothing larger. makes conservative choices. fits into the security model i was aiming for with the implementation properties i was looking for. i was also involved with noise from very early on, so several concerns and needs i had with wireguard got factored into noise. and since noise is a very interesting framework, it's now receiving much needed academic attention in
zx2c4: are you interested in learning about the security properties i had in mind when designing wireguard?
zx2c4: wireguard is supposed to be implementable using simple algorithms with as small of a state machine as possible, so that the code size and complexity is kept at a minimum. in otherwords, it aims to be easily auditable so that people can actually read it and feel confident that it doesnt have horrible vulnerabilities. with massive codebases and highly complex designs like openvpn or ipsec, this obviously isnt possible. so with wireguard i was trying
zx2c4: to make something that would make this all possible
zx2c4: then on top of that i wanted a few nice properties:
zx2c4: - silent to unauthorized packets. if you dont know there's a wireguard endpoint there and don't have credentials to talk to it, you can't get it to respond to anything. so, you cant scan for endpoints. this makes it a good thing to put on the outer edge of your network.
zx2c4: - no parsers. fixed length fields only.
zx2c4: - minimal state machine, as mentioned above, which means 1-RTT: if something goes wrong with a message being dropped, the solution is always to just "start over the protocol", since it's only 1-RTT. this saves amazing amounts of complexity
☟︎ zx2c4: - no dynamic memory allocation. all the memory used by wireguard should be allocated at configuration time, not in response to incoming packets.
zx2c4: - denial of service resistance. as mentioned, you should be able to put this on the outer edge of a network
a111: Logged on 2015-01-07 01:22 asciilifeform: with udp, you can make the 'friend or foe?' decision upon receipt of a single (!) packet.
zx2c4: indeed. i guess you could call the property 'stealthiness'
zx2c4: - extremely simple configuration interface. short base64 25519 pubkeys you can paste around through any means. simple config files. everything happens on the interface level.
zx2c4: - ease of system administration. since its interface-based, things like iptables and whatnot work as you'd expect.
zx2c4: asciilifeform: oh cool. i havent seen this ill take a look
zx2c4: - the whole cryptokey routing table thing is very important for making things extremely simple. it pairs the identity of a public key with the ip address someone is allowed to be inside the tunnel. no fancy security marks or whatever from ipsec bloat
zx2c4: asciilifeform: i agreed to stick around for 2 hours. worry not. :P
zx2c4: ive got some more design properties to enumerate if you'd like, but i can answer your direct questions too
zx2c4: KEMs like RSA are more complicated to implement in as few round trips as DH-based protocols
zx2c4: - wireguard isn't chatty. when you're not sending traffic, it shuts up and you cant tell its there
zx2c4: - wireguard doesnt expose any state to the administrator. there's either an interface or there isnt. theres no concept of "connection". with a very simple timer state machine, we're able to completely hide all details from the sender side
zx2c4: so for the handshake we want these properties in 1-RTT:
zx2c4: - authentication in the first message, so that unauthenticated packets arent replied to, hence ensuring things are stealthy
zx2c4: - [limited/weak] identity hiding
zx2c4: - key compromise impersonation resistance
zx2c4: - key secrecy resilience when 2 of 4 keys, one from each side, are compromised (out of static initiator, static responder, ephemeral initiator, ephemeral responder)
zx2c4: key compromise impersonation is what happens when somebody steals your private key, and then can impersonate anybody else _to_ you
zx2c4: for example, when your static longterm keys are compromised, but the ephemeral keys have not been compromised, since they're erased/renewed every 2 minutes
zx2c4: when the RNG is backdoored, the ephemerals are compromised, but not necessarily the statics
zx2c4: or some combination of the above
zx2c4: same source as /dev/urandom
zx2c4: in otherwords, the kernel's built-in RNG
zx2c4: (i've got a project going on right now to rewrite that actually)
zx2c4: which can take entropy from trngs bla bla
zx2c4: another advantage of DH over RSA is that ECDH allows for really short and sweet keys
zx2c4: with relatively simple implementations
deedbot: zx2c4 voiced for 30 minutes.
zx2c4: our two x25519 C implementations (32bit and 64bit) are actually generated by theorem proving software, so that we're sure they dont contain any errors
☟︎ zx2c4: the 64bit one comes from HACL*
zx2c4: the 32bit one comes from fiat-crypto
zx2c4: fiat-crypto also has a 64bit one, but the HACL* one was faster
zx2c4: fiat-crypto uses Coq
zx2c4: things like integer overflow, or general arithmetic errors
zx2c4: also, constant time
zx2c4: by only using a limited subset of constructs which are known to be constant time
zx2c4: yes, there are no conditional jumps
zx2c4: our discussion of HACL* and fiat-crypto pertains to the two C implementations of x25519
zx2c4: ill show you the code
zx2c4: it looks... quite strange
zx2c4: since its machine generated
zx2c4: you mean if you just wanted to hand audit the .o that comes out of this?
zx2c4: not very big at all
zx2c4: i can check for you one sec
a111: Logged on 2018-02-17 04:22 asciilifeform: mod6: i will share my current hypothesis : all current intels have MUL leakage
zx2c4: haha deedbot doesnt like utf8 URLs
zx2c4: does that entitle me to deedbot btc?
jhvh1: stormy with a chance of packeting
trinque: asciilifeform: phf has been fiddling with deedbot?
zx2c4: asciilifeform: i haven't been able to observe any non-constant time multiplications on intel in that code
zx2c4: if you've found an architecture attack though, please do publicise it. that sounds like it could be some really great security attack work.
zx2c4: looks like intel is basically fine?
zx2c4: i dont own any via 2000 hardware to test on
zx2c4: looks like 7T and 9T have issues. nice chart
zx2c4: if you're interested in crypto primitives in wireguard in general, i can give you an overview of our implementations. the hacl and fiat code is not the only code we have in there
zx2c4: chachapoly is well understood and is fast on nearly all hardware
zx2c4: its also easy to implement and simple
zx2c4: aes is also well understood, but is neither easy to implement, simple, nor fast on all hardware
zx2c4: not anymore than other things in cryptography worry me
zx2c4: things like RSA boil down to number theory problems. but that's in a sense scarier than the set of problems that good block ciphers tend to boil down to. because it means that those primitives have lots of _structure_, and generally structure is something that can be exploited. just look at all the amazing and fantastic attacks on things with structure. so just boiling down to a [currently considered] "hard problem" doesn't provide as much solace
☟︎ zx2c4: but even hardness of factoring... how hard is this actually? what number theoretic advances are right around the corner?
☟︎ zx2c4: so anyway, im less concerned about symmetric cryptography than other things
zx2c4: seems like there are many places and interesting ways to optimize at this point. lots of neat creative work coming out. but that with aes and whatnot, we're in a pretty good place in terms of symmetric crypto
zx2c4: are you skeptical of djb primitives? wondering with what motivation came that question?
zx2c4: theyre simple and fast on all hardware, and he came up with an api for using them that many developers like to use (the nacl stuff)
zx2c4: i'm pretty sure there's no conspiracy
deedbot: zx2c4 voiced for 30 minutes.
zx2c4: i'd be surprised to see all 20 rounds of chacha broken
zx2c4: similar criteria - well understood, simple to implement, fast on nearly all hardware
zx2c4: its core is basically chacha ;-)
zx2c4: you know hmac-md5 still isnt broken
zx2c4: (noise uses blake with hkdf, which internally uses hmac)
zx2c4: blake is also faster than md5 which is nice
zx2c4: but anyway, the world has learned quite a bit since md5
zx2c4: blake2 came from blake which went through the sha3 contest as a finalist
zx2c4: so it's received quite a bit of scrutiny
zx2c4: i dont think hmac-md5 is anywhere near broken, actually.
zx2c4: not saying anyone should use it but
zx2c4: its in a much better place than just raw md5
zx2c4: the paper was peer reviewed for NDSS'17
zx2c4: yea usually there's lots of information on the conference and board and whatnot
zx2c4: i dont think they post the reviews? except that it was "accepted" to the conference
zx2c4: then in the acknowledgement of the paper, a few others arementioned who reviewed it while it was being written
zx2c4: and then since several other colleagues and cryptographers have reviewed the system favorably
zx2c4: i havent compiled a list of Name+WrittenReview. maybe i should do that
☟︎ zx2c4: seems like lots of things these days have testimonials
zx2c4: hello mircea_popescu
zx2c4: we've been going at it for a while here
zx2c4: i tried registering my key privately to deedbot but it didnt respond
zx2c4: ill try it in public here instead
zx2c4: mircea_popescu: no, thought it was quite productive actually
zx2c4: asciilifeform: oh, okay. im happy to keep going though. and if you want to be uncivilized, ill gladly accept any harshness you want to throw my way. i dont scare easilyt
deedbot: AB9942E6D4A4CFC3412620A749FC7012A5DE03AE registered as zx2c4.
zx2c4: no, not at all. im also not quite sure what to do with these pgp encrypted blobs i cant decrypt
mircea_popescu: they are not for you ; they are for me. deedbot works an otp verification model -- you tell it to do whatever youwant, it asks you to prove you own the key, if you do it does it.
a111: Logged on 2018-04-12 16:32 mircea_popescu: now let's look at the logs :
mircea_popescu: you can click the link and see a website-based story of the log ; the bot also reads the line referenced in conversation.
zx2c4: if you guys wind up using wireguard for part of your infra and want to support wireguard for a year, i'm always looking for large donations, etc. not sure if that's what deedbot is for exactly but that would be quite the nice deed
mircea_popescu: this is a lot more than meets the eye ; because it actually restructures conversations into a tree. things here have a depth not encountered anywhere else.
mircea_popescu: the deed in deedbot comes from the republican system for registration of deeds. think of it as your county clerk, you can go to him to register your wedding or business or w/e.
mircea_popescu:
http://deedbot.org/ << on deedbot you can register any arbitrary item ; it keeps a record that indeed your signature did so ; and it marks the time, through inclusion in the bitcoin blockchain
mircea_popescu: so it permits indefeasible record of deeds ; something the fiat sovereigns have not yet managed.
zx2c4: !!withdraw 1 1ASnTs4UjXKR8tHnLi9yG42n42hbFYV2um
zx2c4: lets see if that works
zx2c4: im guessing deedbot will send me a otp now
zx2c4: !!v 613368773AD31E2D4F1A68F8F740BE5AE18F5C46924FB8C9C3CC2084E52C6D4D
zx2c4: i wonder if that verification worked i just posted
mircea_popescu: i think if you have not enough in your wallet it drops it silently ; and if the payment's not processed yet you might have nothing in your wallet yet.
zx2c4: well, feel free to keep filling up my wallet, say, with thousands of coins O_o
a111: Logged on 2018-04-12 08:31 ckang: cant get behind all this 3d printer fanboy stuff, its just not a good substrate with the current materials for anything you want to last somewhat longterm
a111: Logged on 2018-04-12 08:33 ckang: granted im sure things are progressing, but its hard to outperform something from a billet of aluminum
mircea_popescu: speaking of which and ben_vulpes boyhood dreams, ssto and so on : i dreamt last night that someone actually managed to create that true wunderwaffen material, the composite/ceramic with higher tensile strength than steel, but negligible caloric conductivity. making some iiiincredible jet engines.
mircea_popescu:
http://btcbase.org/log/2018-04-12#1796976 << you know me. he doesn't know you. this makes all the difference in the world -- i can whip my slavegirls into shape because they ~love me~. people without this benefit are stuck going at snail speed, which is why "education" in the unsexualized way it's implemented publicly does not work. it couldn't fucking work.
☝︎ a111: Logged on 2018-04-12 09:42 spyked:
http://btcbase.org/log/2018-04-12#1796749 <-- that's probably my thing, I've been playing with it for the last two weeks or so, I have it in a loop grabbing feeds from republican blogs.
zx2c4: well im still around here for another half hour or so, so feel free to lob anything more at me
zx2c4: Noise is from Trevor Perrin. I've been very involved in contributing to the project though (i mentioned at the end of the specification)
zx2c4: a null cipher mode? it doesnt...
a111: Logged on 2018-04-12 15:28 zx2c4: sure
zx2c4: oh, that's not quite what that's about
zx2c4: noise defines several different handshakes
zx2c4: wireguard uses Noise_IKpsk2
zx2c4: but there are other noise handshakes
a111: Logged on 2018-04-12 15:36 zx2c4: - minimal state machine, as mentioned above, which means 1-RTT: if something goes wrong with a message being dropped, the solution is always to just "start over the protocol", since it's only 1-RTT. this saves amazing amounts of complexity
zx2c4: 0-RTT, 1-RTT, 2-RTT, and so forth
mircea_popescu: zx2c4 don't break up your sentences in multi lines, we read everything anyway.
a111: Logged on 2018-04-11 16:11 asciilifeform: mircea_popescu: picture if the selector on kalash had a 'fires backwards' position.
zx2c4: noise defines several different handshakes. wireguard uses Noise_IKpsk2, which is 1-RTT. But there are other noise handshakes, some of which are 0-RTT, 1-RTT, 2-RTT, 1.5-RTT, and so forth. each handshake message can optionally contain a payload -- to contain things like, say, certificates or other data. the question is at which stage of the handshake do you use the payload parameter? if you do it too early in some, you get zero confidentiality. so
zx2c4: this is spelled out explicitly in the section you mentiond
zx2c4: but there's certainly not any "null-ciphering" and this is only a misunderstanding of what the specification says
deedbot: zx2c4 voiced for 30 minutes.
zx2c4: its not an "unsecured mode" because this isnt a "mode"
mircea_popescu: zx2c4 you can voice yourself (permanently) by saying !!up to deedbot ; saves us the trouble.
zx2c4: !!v CFFE7CEB6795F523B137AA9A9B0C8A20024FF0EED10EEF7C649C81591CF9DDE1
deedbot: You are now voiced in #trilema
zx2c4: sorry, new here ;-)
mircea_popescu: asciilifeform seems to me the case to be, that they defined a matrix, and then implemented all the cells, and fuck you if you pick a dumb cell.
zx2c4: there are valid use cases of sending information in the clear in the payload parameter. for example, perhaps you want to use it to advertise which aspects of the protocol are valid for subsequent messages. or you want to send a certificate along to authenticate yourself. the payload parameter certainly shouldnt be confused with transport messages, which are what are allowed after the handshake completes
mircea_popescu: the ready argument for doing it this way is simplicity.
zx2c4: this is not the case of the "null mode" in IPsec, which is obviously a complete disaster with no good justification
zx2c4: its not about LoC either.
mircea_popescu: zx2c4 for the public record, make the "this is not the case" distinction plain.
zx2c4: because IPsec's null cipher mode is for transport data. what youre asking about with 7.4 is the payload parameter of the handshake messages
zx2c4: one thing to keep in mind is that Noise isn't a single ready-made protocol for every application designer to take. its instead a protocol framework for protocol designers to use. knowing explicitly what the payload param gives you in each message is really important, so that you dont screw up and put your stuff somewhere it shouldnt be. there are legitimate protocol use cases for using the payload parameter early on during the handshake. its
zx2c4: important to then know what level of confidentiality you get there
mircea_popescu: so in no case a dizzy operator could naively set up noise 7.4 so as to send his payloads in plaintext.
mircea_popescu: this is principally enforced by dizzy operators not touching the framework in the first place, but only given implementations of it.
zx2c4: pretty unlikely that somebody would design a protocol inadvertently that way
zx2c4: which is why trevor explicitly spells it out
zx2c4: i remember asking for this on the mailing list at some point
zx2c4: also, btw, when you're not using the payload parameter in a message, it's just set to empty, because the authentication tag used by it is still important for the protocol.
mircea_popescu: asciilifeform he can't answer that, because it'd be implementation dependant.
mircea_popescu: zx2c4 the fundamental problem with "set to empty" is that ciphers can be and many are vulnerable to this, as a particular case of "known plaintext"
zx2c4: empty message when heartbeat fails? huh?
mircea_popescu: "If a packet has been received from a given peer, but we have not sent one back to the given peer in KEEPALIVE ms, we send an empty packet." <<
zx2c4: every time i send you something, i expect to hear back from you. if i dont hear back from you, then something bad has happened,and i should start over with a new handshake. my way of hearing back to you might be in the natural sense -- i send a TCP SYN, you send me back a TCP ACK -- or it might be the case that you actually just have nothing to send back to me. you got my message just fine, but really just cant think of anything to say back to me.
zx2c4: in this case, its important that you send me a keepalive, so that i know you at least got it. however, these keepalives arent persistent. if subsequently, i have nothing more to say to you, then we both go silent and dont say anything.
zx2c4: because all i need is the valid authtag/nonce. i dont have any actual content to put in there
zx2c4: (usually said messages contain an IP packet)
mircea_popescu: so it is not "empty" in the sense of "" ; it is empty in the sense of the payload being null, but the actual message is in fact a nonce and some tags anyway.
zx2c4: yea. the plaintext is empty. but the ciphertext is not, since it's authenticated
zx2c4: in otherwords, the empty plaintext is still a valid value to be authenticated-encrypted
mircea_popescu: can you off the top of your head give me a dummy example of such ?
zx2c4: im not seeing the vulnerability youre speaking about
zx2c4: normally when you encrypt a message of 32 bytes, you get 32 bytes of cipher text + 16 bytes of authentication tag
mircea_popescu: zx2c4 here's a simple alternative to consider : would you agree the assemblage would be more secure if instead of sending a null payload you sent a random string ?
zx2c4: when you encrypt a message of 0 bytes, you get 0 bytes of ciphertext + 16 bytes of authentication tag
zx2c4: no, i dont think sending a random string would make it more secure
zx2c4: normally 8+16 (though wireguard pads to nearest 16)
mircea_popescu: and if my slut eve in the other room is listening in, she can distinguish the case where i sent 0 from the case where i sent 8 ?
zx2c4: thats right. the padding only happens in multiples of 16
mircea_popescu: so wouldn't it make sense for me to send 8 whether i have anything to say or not ?
zx2c4: so you can do traffic analysis on 16 byte chunks
mircea_popescu: so that eve can't distinguish silent keepalive from actual convo ?
zx2c4: what do you get by knowing from inference that it's a keepalive?
zx2c4: what is the attack here?
mircea_popescu: why am i held to explain how a protocol breach can be elevated to arbitrary height ? the attracker FIND SOMETHING
zx2c4: there _are_ attacks, on say voice compression algorithms, which can gather some information from having precise sizes alone, which is why things are padded to nearest 16. but i dont see what would be gathered by what youre suggesting
mircea_popescu: well, for instance, if i know six nodes in your network and know asciilifeform uses at most two, and i see those are not transmitting, i know he's asleep and send the titassassins.
zx2c4: mircea_popescu: an attacker can also distinguish between a length 15 message and a length 31 message. i still maintain this doesnt give an attacker anything useful
mircea_popescu: because i can turn a 31 message into two 15 messages or back ; but i can't turn 0 messages into anything else.
zx2c4: you might be misunderstanding. when nothing is being sent at all, keepalives arent sent. simply no packets are sent
mircea_popescu: this is the problem : you introduce a categorical breach with this system.
zx2c4: then thoes keepalives are in response to some message he received
mircea_popescu: in any case, cryptography comes in two sorts : sort a), known here as "this must be secure, it's so confusing to me", and sort b). the moment you say "i can't see what this gives attacker" you force-shove yourself in group a. it's not your business to know the attacker, that's the whole fundamental philosophy of ciphering, that you do not need to know the attacker.
zx2c4: the ecc is constant time. but anyway the transport layer doesnt use any ecc
zx2c4: transport layer is all symmetric crypto
mircea_popescu: zx2c4 is this constant time ecc implementation on display somewhere btw ? i don't think i ever saw one before.
zx2c4: mircea_popescu: see logs
zx2c4: mircea_popescu: padded protocols infoleak in multiples of the padding. you get to see if a given packet elicited a 0 reply, a 16 reply, a 32 reply, a 48 reply, and so forth
zx2c4: this may indeed be too large of an infoleak and you'd prefer a different padding scheme like always filling the entire MTU
zx2c4: (that way you give nothing, except your mtu)
mircea_popescu: yes, that's how wer dop it. do you happen to be familiar with diana coman's work on the ada impl of rsa/keccak etc >?
mircea_popescu: anyway, the point here isn't that padded protocols infoleak in multiples of the paddiong., the point is that 0 is a special case invariant, and yhou can never leak a multiple of 0 safely. because, again, a message of arbitrary length n can be presented as m messages of length k ; but 0 messages can never carry anything.
zx2c4: why do you think zero is a special case?
mircea_popescu: one thing at a time : if an attacker observes a stream of n messages of lengths != 0, there is nothing he can infer : maybe they're part of one message, or maybe they're not, or maybe they don't even say anything.
mircea_popescu: if however he observes a stream of n messages of length = 0, he can infer nothing was said.
zx2c4: with many TCP protocols you can infer what's behind it based on the length
mircea_popescu: this reduces your strength, like it or not, because ~attacker inferred something~. that's what strength is, "attacker doesn't infer". see the history of the concept of "ban" and hopw turning bamburismus'd.
zx2c4: i suppose your point is that you _could_ choose to obscure the lengths of the messages youre sending back? whereas with zero that isnt a possibility?
zx2c4: thats an interesting consideration
mircea_popescu: the problem is fundamental, though. the same EXACT thinking informs this problem as informs the earlier discussion with asciilifeform over null ciphers.
mircea_popescu: you have to get it in your head, that 0 is an invariant, and permitting it is always dangerous, because it's not "just another number".
mircea_popescu: and saying "multiples of k : 0, 8, 16" is NOT an enumeration of "similar things". 0 is dissimilar to everything else.
mircea_popescu: anyway, as to the other one : v is the republican... well many things, but also works as a versioning system. here's a pretty picture to help the notion along :
http://btcbase.org/patches << you can select from the drop menu to the left, see vaqrious trees extant. you can click on any item to see the patch it represents.
zx2c4: you guys have invented lots of things here
☟︎ mircea_popescu: the idea with it is that patches must be a) clearly assigned to a responsible key and b) well read. actually, not putatively a la ers's trillion dead fish eyes.
mircea_popescu: asciilifeform did we ever establish why he wrote the thing in c ?
zx2c4: it's written in C because its in the linux kernel, which is written in C
zx2c4: kernel for performance and integration reasons
mircea_popescu: that's a perl impl of a v tool by mod6 ; everyone is invited to make their own v tools.
zx2c4: we've also got implementations in Rust and Go
zx2c4: that are userspace based
zx2c4: ada kernel modules? cool
mircea_popescu: could you guess, zx2c4 , why we would favour ada for finnicy work such as crypto libs ?
zx2c4: unlikely that'd make it upstream if i did wireguard that way, but neat that that's possible
zx2c4: i dont have enough exposure to ada to say for certain. how come?
mircea_popescu: and could you guess WHY it wouldn't make it upstream ? because ada object-links with c object code np.
zx2c4: linus has never been so happy about other languages in the kernel. for example, he rejected a C++ layer many years ago
a111: Logged on 2018-04-12 17:20 zx2c4: you guys have invented lots of things here
zx2c4: performance is good?
mircea_popescu: depends. performance on ACTUAL constanttime items is not so good.
zx2c4: so most checking is runtime instead of compile time then?
mircea_popescu: actually, most crap is not even permitted. see all the pragmas.
zx2c4: ill give ada a look. ive long heard about it but never dived in
zx2c4: i need to head out for a bit now
zx2c4: but ill idle in here for a while and will be back in several hours mostlikely
mircea_popescu: zx2c4 and the good news is, linus permitted ada modules before.
zx2c4: ooo scoped pointers. thats nice
zx2c4: alright, ttyl guys
ckang: hey nice glad to see zx2c4 made it in
mircea_popescu: word. you're building quite the diplomatic reputation for yourself, you know that ?
ckang: lol i try and connect people ;)
ckang: everything yall spoke about is way over my head
ckang: still trying to soak it in
mircea_popescu: anyway, guy got a bitcoin, meaning he can put however many more hours into the thing you're using, so wins all around.
ben_vulpes: well they are a far cry from the mango gelato of mircea_popescu's haremfactory but goshdarn these alfajores are magical with coffee in the morning
ckang: whats your opinion on it, as it stands currently?
ckang: from a security perspective
mircea_popescu: ben_vulpes you should see the britt chocolate covered macadamia nuts.
ben_vulpes: i have been seduced into liking sugary delights!
mircea_popescu: hey, i didn't think i even liked girls, as a 14yo. people get strange ideas in their heads.
ben_vulpes: (and it doesn't even have any chocolate...)
ben_vulpes: experiments from the kitchen, im sure more variants with chocolate will appear as soon as i mention the idea
mircea_popescu: generally the alfajor as a commercial item is two wafers, ddl in betrween, whole dipped in hard chocolate.
ben_vulpes: mircea_popescu: the .htaccess files included with/generated by mpwp include the `Allow` incantation, which is not a thing in apache 2.4; trilema purports to run on 2.4.16; can the Order/Allow incantations be replaced with the 2.4-style Require?
mircea_popescu: ben_vulpes wp doesn't actually care how .htaccess is implemented ; only that it works.
ben_vulpes: huh danielpbarron mentioned to me that it writes the permalinks into .htaccess, this is not so?
ben_vulpes has yet to put rubber to road on this, still researching
mircea_popescu: RewriteCond %{REQUEST_FILENAME} !-d << this sort of thing.
mircea_popescu: it redirects missing file references into index.php ; that's how it does the url replace thing.
ben_vulpes: aok so the Order/Allow can probably be swapped for the 'modern' Require styles
mircea_popescu: ben_vulpes all the Order deny,allow Deny from all Allow from x thing does is lock out by ip ; it's not even generated by wp itself ; it can be implemented any way, iptables, csf, whatever.
ben_vulpes: in other modern scotchguardlifeamericana, these "100% cotton!" napkins are clearly coated with some heinous anti-absorbent "nanotech". yes, works to wipe crumbs off toddlerface but holyfuck is aggressively and annoyingly nonabsorbent.
a111: Logged on 2018-04-12 15:48 zx2c4: our two x25519 C implementations (32bit and 64bit) are actually generated by theorem proving software, so that we're sure they dont contain any errors
ben_vulpes: i was halfway expecting to see the classic machinegeneratedliquishit objections
ben_vulpes: tenor has certainly changed around here of late.
mircea_popescu: the line 332 explosion is a fine example of this as any could be had.
ckang: 'pull request are always welcome' :) as they say
mircea_popescu: these are yet too high level matters to be practically approached by this "here's an impl" method.
mircea_popescu: no, and compiled to 40kb, it's clear from this and plenty other signs the dood has the right ideas in his head.
a111: Logged on 2018-04-12 16:12 zx2c4: things like RSA boil down to number theory problems. but that's in a sense scarier than the set of problems that good block ciphers tend to boil down to. because it means that those primitives have lots of _structure_, and generally structure is something that can be exploited. just look at all the amazing and fantastic attacks on things with structure. so just boiling down to a [currently considered] "hard problem" doesn't provide as much solace
a111: Logged on 2018-04-12 16:13 zx2c4: but even hardness of factoring... how hard is this actually? what number theoretic advances are right around the corner?
mircea_popescu:
http://btcbase.org/log/2018-04-12#1797142 << understand, the discussion here is re cryptographic hardness, not mathematical hardness ; as discussed otherplaces in the logs, the mathematical notion of difficulty is "what's the absolute hardest case this problem can yield", because they want to offer maximal flop guarantees ; cryptographically it is kinda opposite : what's the LOWEST difficulty a problem in this class may yield
☝︎☟︎ a111: Logged on 2018-04-12 16:15 zx2c4: shape packing?
mircea_popescu: . because they want to put a MINIMUM floor in. so to a large degree mathematical discussions of hardness are not cryptographically useful.
BingoBoingo: <ben_vulpes> i have been seduced into liking sugary delights! << It's scarcely been more than a month since a fractional alfajore gave you sugar shock
ben_vulpes: BingoBoingo: that thing was way too way over the top
BingoBoingo: ben_vulpes: That think was the commercial item that defines the standard
deedbot: britknee voiced for 30 minutes.
BingoBoingo: Now, there's also "alfajores integrals" where a birdseed paste is smashed between two birdseed wafers, but those cost ~70 pesos whereas alfajores verdaderos costs 20-30 pesos
ben_vulpes: im generally suspicious of food from plastic bags
a111: Logged on 2018-04-12 18:10 mircea_popescu:
http://btcbase.org/log/2018-04-12#1797142 << understand, the discussion here is re cryptographic hardness, not mathematical hardness ; as discussed otherplaces in the logs, the mathematical notion of difficulty is "what's the absolute hardest case this problem can yield", because they want to offer maximal flop guarantees ; cryptographically it is kinda opposite : what's the LOWEST difficulty a problem in this class may yield
deedbot: avgjoe voiced for 30 minutes.
avgjoe: hello, can i ask why deedbot doesn't send me the challange to solve? instead it tells me that i should not up myself
deedbot: asciilifeform rated avgjoe 1 << new blood
mircea_popescu: asciilifeform it can't be a debit like that, because the main unknown is the approach.
mircea_popescu: what's it help you to know it's "0.1 bits per tb ~on average~"
avgjoe: ok thanks, so after someone rates me deedbot allows to up me on demand?
deedbot: TrixxC voiced for 30 minutes.
TrixxC: hi am here to register for tits
mircea_popescu: britknee right he is, somehow slipped through the cracks. sorry for the delay ; but it's done now.
a111: Logged on 2014-11-13 23:07 mircea_popescu: In the days when Sussman was a novice, Minsky once came to him as he sat hacking at the PDP-6.
mircea_popescu: well, actually about to go to the beach right now, but in general speaking.
britknee: oh I will put the word out then
mircea_popescu: but if you look through that category ("la pas prin lume") there's a ton of various.
mircea_popescu: but are you from uruguay ? because BingoBoingo tells me you look uruguashan.
deedbot: sashahsas voiced for 30 minutes.
deedbot: kittycollector voiced for 30 minutes.
britknee: I haven't actually been, by blood
TrixxC: i brb there is someone at door
mircea_popescu:
http://btcbase.org/log/2018-04-12#1797184 << you definitely should do that, seeing how the superficial "was reviewed" claim collapses upon the most cursory scrutiny. this is not a good state to put yourself into, it makes it too easy to be painted with unflattering brushes.
☝︎ a111: Logged on 2018-04-12 16:25 zx2c4: i havent compiled a list of Name+WrittenReview. maybe i should do that
mircea_popescu: i dunno what your experience with "peer review" is, but as far as anyone involved is aware, exactly no review goes on in those circumstances. see sokal & all.
mircea_popescu: !#s "Transgressing the Boundaries: Towards a Transformative Hermeneutics of Quantum Gravity"
avgjoe: a curiosity about the deedbot wallet feature: if i use that feature, who is controlling the keys?
mircea_popescu: asciilifeform anyway, his stance is defensible, "blake was at sha camp, just like keccak, what do you want."
avgjoe: or at least, a server located where?
avgjoe: i supposed that was an hot wallet feature
mircea_popescu: i know, i know. just saying, "we picked the non-chosen candidates at random, go sue."
mircea_popescu: goes to their silly little "polyamory" covens on campus and frowns paternally.
mircea_popescu: or w/e the fuck. the youth is desperate for adult figures, much like the savage kids in the us black ghetto.
mircea_popescu: morgan freeman is also worshipped now. why ? same reason. wolf-raised kids can't believe oldman is a thing.
mircea_popescu: nobody cared about him back when he was a good actor 20 years ago as much as they care now, that he delivers wooden monologues of sheer nonsense.
trinque: avgjoe: no, there is no hotwallet
avgjoe: "Requests that `amount` be withdrawn from your available balance and sent to `to-btc-address`. This step shall be performed by a human operator after reviewing account history. Expect at least one day of processing. Bitcoin transaction fees shall be deducted from your account."
trinque: only airgapped wallet, and human meat that cuts transactions
avgjoe: is a feature for doing off chain transactions by trusting the human meat or i'm missing something?
mircea_popescu: avgjoe it's exactly equivalent to "segwit" except much less expensive.
☟︎ avgjoe: ok, so as long as i see trinque alive on irc i can feel safe about my test bitcents on it
deedbot: L1: 0, L2: 0 by 0 connections.
trinque: !!gettrust ben_vulpes trinque
deedbot: L1: 4, L2: 21 by 10 connections.
deedbot: L1: 0, L2: 1 by 1 connections.
avgjoe: why the reverse show 1 connection?
trinque: avgjoe: the point being, while I can give you a lot of nice words about not stealing your bitcents, this doesn't amount to much.
trinque: the web of trust, being in it and forming connections, is the proper way to answer the q
trinque: asciilifeform: sure, maybe some guy trusts me and I think he's crazy
avgjoe: trinque: may I also ask, is just the wallet feature that need human presence or deedbot does other semi-auto functions?
trinque: wot updates and all the rest are immediate
trinque: movement of actual money (btc) is for obvious reasons, not
trinque: anyhow avgjoe, who are you, and how'd you come by us?
avgjoe: so if I understand correct: all the deedbot functions are ready to go for a newcomer, except for the wallet function that works well after having a good wot connection
ben_vulpes: trinque: web site is run on a daily job?
trinque: avgjoe: incorrect, wallet works for n00bs immediately
trinque: my point was that you can't answer the question of whether to trust me as you sit there now
trinque: well, can, but by doing it and seeing what happens.
trinque: I am at "dog on internet" status for you
avgjoe: i mean, ok, it works for noobs, but at the same time you don't know instantly who is managing the keys
trinque: sure you do, search logs for "deedbot"
ben_vulpes: trinque: dude has a point, self-referential though it might be faq.html would benefit from an "i am trinque, and have been running this service for members in good standing of the #trilema wot and others before it since XXX"
trinque: depends on whether I think people oughta come in through existing users, or not
ben_vulpes: puts one miles ahead of eg localbitcoins, puts the personal aspect of trust front and center.
avgjoe: that's would be nice, then it's up to the average joe to look up the history and wot
trinque: someone will have to make the argument in favor of average joes
trinque: I will at least say mircea_popescuine features come way first.
trinque: note that a horde of titties just came through and used the thing on the basis of knowing douchebag
ben_vulpes: hey it is your faq, you may answer as f as you like
trinque is fine with putting it, so long as avgjoe here reads that WoT article.
trinque: avgjoe: you didn't introduce yourself though. so go ahead
avgjoe: i'm a student, I've discovered bitcoin thanks to raiblocks
avgjoe: basically a coin that was given to lazy people that solved captchas
avgjoe: then this coin has gained popularity for supposed scalability features that i've never investigated
ben_vulpes: well it's more of a nineties yahooforum pink sheet stock but that's neither here nor there
avgjoe: and a couple of months ago i was lucky to cash out in bitcoin the crazy (at least for me) amount generated by solving captchas
avgjoe: after seeing that raiblocks was just some random coin, i tried to understand better bitcoin and found trilema as a very valid starting point, no-frills like, to use bitcoin in a responsable manner
ben_vulpes: avgjoe: studie in system oppression and advanced microagressions or what?
avgjoe: no, it's a easy/fake study to have more spare time keeping government grants
☟︎ ben_vulpes: and what do you do with all that spare time
avgjoe: and the logs in these days :D
deedbot: TrixxiC voiced for 30 minutes.
lobbes: I was going to hop on to state this very point, but alf beat me to it so I will simply underline and point to trilema article referenced twice above. My own trust for various people (read: cryptographically backed identities) in here was not immediate, but evolved over the 4 years I've spent interfacing with said people. >>
http://btcbase.org/log/2018-04-12#1797719 ☝︎ a111: Logged on 2018-04-12 19:23 asciilifeform: avgjoe: understand, 'looking up' tells you just about nothing if you do not have any existing trust of any of the people who wrote the item you are 'looking up' in.
spyked: hey trinque, the front page of deedbot.org shows "Bot's address: [...] (balance {u'message': u'Method not found', u'code': -32601})" on 2nd line. looks outta the ordinary.
trinque left an experimental walletless trb running on that box
trinque: gotta figure out why the cron job keeps getting stuck.
trinque just ran the same command as from cron, pretty weird
trinque: spyked: any chance you want to do mircea_popescu's requested RSS bot? I've got plenty on my plate as it stands.
trinque: could probably pretty easily bolt your cl-feed-parser to ircbot
ben_vulpes: !!v A8527E69320679E6A9735D12955BCA7DCD898A8A3FCBEA7FBC072778536740D4
deedbot: ben_vulpes unrated kakobrekla.
ben_vulpes: !!v 40DF9387B2D7D3DFD492542208C673DCF4EB12B8CD544FEA04FC749981D783A3
deedbot: ben_vulpes updated rating of mircea_popescu from 4 to 5 << master of the realm
ben_vulpes: !!v 59EAE7DF138654819F93FE3BDFD9CE3A7FC8C8737D5CF401E220CB446845C062
deedbot: ben_vulpes updated rating of trinque from 4 to 6 << against every creature, living or dead
ben_vulpes: !!v 14F938EC2F445708F8B2704A257EA91F60D111ED5D95ACC60A03616701228562
deedbot: ben_vulpes updated rating of mod6 from 4 to 5 << foundation co-chair
ben_vulpes: !!v D4321170EE27F031AD3EEBD41B8E1E4C532F5637D57A62D835551A93A30A3132
deedbot: ben_vulpes updated rating of lobbes from 3 to 3 << staunch sapper
ben_vulpes: !!v 5976F80A1F2794B3EF34F34B531D95AAC1A1EF99007F67608F86ADC5525DC2A6
deedbot: ben_vulpes updated rating of mike_c from 3 to 1 << lost, but not forgotten
ben_vulpes: !!v 51B9DE7561B66E6C2536CEDABC6355C499625EE1012B99831FF71C09FECB429E
deedbot: ben_vulpes updated rating of hanbot from 2 to 4 << legendary valkyrie
ben_vulpes: !!v EC5C8E14678916A59CF2A0AF481BD9AEA6271F301CA009DE720904DC71808096
deedbot: ben_vulpes unrated mthreat.
ben_vulpes: !!v 182509D378DBE6EA3EE17CF0C0E38AAAE2D682170F86A684F3318DBC7FE70CCB
ben_vulpes: !!v 16810532F1E34865D544F57908471397D1314800FCC04AE800275D38D86C1604
deedbot: ben_vulpes unrated ang-st.
ben_vulpes: !!v E7073EFBA9BF9CDB7A6054E7406C45FD38E8F13504CD05F1BE0B13CA126D3DAD
deedbot: ben_vulpes updated rating of danielpbarron from 1 to 3 << his worship
ben_vulpes: !!v F934F5806DE35FBFB10DFD5C64BAB2CFF17A5DD75EB6DC123F65BB80D5DA16B6
ben_vulpes: !!v BCBF03DA53D0411F7C81BC7367C96AF0488FFAC5FB83261C5A550C1A258C6AED
deedbot: ben_vulpes unrated smickles.
ben_vulpes: !!v D99F7B29DD8BC742D50988B5155A3D265BBF5AED29CC8089ED2940DE526BD257
deedbot: ben_vulpes unrated solrodar.
ben_vulpes: !!v 1BFCF592050AC7F1172BAC82BF491D0462E8E274488A67430FDB9FE12C38BB9D
deedbot: ben_vulpes unrated vvande.
ben_vulpes: !!v 761EDFB41C3704005996B2D3A97F68375DDC6F440301B64E9F10DC5C3F82175D
ben_vulpes: !!v 23F54062DF2992D7F763DA177DA54B1C8E535E6D170F8E55EC2E8FE4AC22E01D
deedbot: ben_vulpes unrated agustin.
spyked: trinque, yeah, I'm actually playing with cl-feed-parser to get an idea of what's required for the feed bot, going to spec it and all. I grabbed it off the githubs (
https://github.com/tkych/cl-feed-parser ) and the number of dependencies is irksome, so if you happen to know a better alternative other than building my own, I'm open to suggestions
trinque: nope, current thing is a sad pythonball hanging off the side.
spyked: okay then, I'm gonna work it off this. it'd be enough to replace the "drakma"
http client with something lighter, and I'd already cut about half of it. the dependency tree leads to two xml parser libraries being used (plus other redundant stuff).
spyked: whole thing's a mess, but I'm organizing the code so that I can eventually replace it with something else.
trinque: a muntzed drakma would be a fine thing, I'd sign
☟︎ spyked: zx2c4, I've been looking over the tamarin protocol verification paper and I'm curious, what does "symbolic verification" mean? also, what's the thing's output? is it just a "yes, properties hold" or does it also output the proof?
☟︎ spyked: more to the point, this is similar to asciilifeform's "auditability" question. is there a way to obtain a (ideally human-readable) set of deductions out of the prover?
a111: Logged on 2018-04-12 20:10 trinque: a muntzed drakma would be a fine thing, I'd sign
a111: Logged on 2018-02-02 22:32 asciilifeform: idea is a
http server in <1000 ln of ada, approx.
ben_vulpes: my first q is what is the breadth of intake gas velocities and fluxes that such a device could handle
ben_vulpes: refrigeration depends on compressibility of the working fluid
ben_vulpes: just cribbing from wikipedia here, but "there is no longer cooling observed since cooling requires compressibility of the working fluid"
ben_vulpes: it'll cool, sure, but nowhere near as much as if it were a gas, as the gas will condense and pull further heat out of the local system.
ben_vulpes: there is an expander in the diagram, had a sign error
ben_vulpes: "The Use of the Expansion of Gases in a Centrifugal Field as Cooling Process"
ben_vulpes: might work if you had enough expander and volume to slow the intake down and get it out of the incompressible regime
ben_vulpes: asciilifeform: yeah here and there, more frequently we simply flooded the workpiece with coolant.
ben_vulpes: could make a good intercooler for garage flugenthingers
ben_vulpes: heh well then you gotta cool the dryer, dontcha
ben_vulpes: you'll want to compress it somewhat for reasons of efficiency; consider again the diesel and its turbo
jurov: i think the vortex sorts particles by momentum, not necessarily by temperature
☟︎ ben_vulpes: hellish inferno of combustion chamber is at very high pressures in engineered rocket engine.
jurov: but i don't know if same temperature means h2o and o2 molecules have same momentum? or they have same kkinetic energy?
ben_vulpes: you get some gases that speed up, pulling energy out of the gases that slow down which dump energy into the higher speed gases. not purely a 'sorter'.
jurov: you want it to separate water, no?
ben_vulpes: i think it puts the water in the wrong place. you get dry, hot air which you'd then have to cool and compress into the engine and cold wet air (possibly with the water condensed out entirely with a spigot)
ben_vulpes: "i know, let's premix our fuel and oxidizer!"
mimisbrunnr: Logged on 2018-03-23 04:08 douchebag: Okay, why do you guys liek arguing so much? Is this why you guys don't get anything done?
ben_vulpes: bang gas is then a pressure-drop triggered combustion?
ben_vulpes: yeah i can't this thread anymore, too damn seductive.
a111: Logged on 2018-04-12 20:55 asciilifeform: ada's spark is a similar, if somewhat uglier/bulkier, thing
deedbot: saturn_ voiced for 30 minutes.
saturn_: i did not get my bitcoins yet xc
a111: Logged on 2018-04-12 07:03 trinque will get to these tomorrow, girls