esthlos: "This is the technology equivalent of an edgy 14-year-old atheist writing about religion." loller
a111: Logged on 2018-06-10 18:07 mircea_popescu: and as far as most mouthbreathers are concerned, the world is too much and the little glass bead of "nigger explains what '''events mean to me'''" archsufficient.
a111: Logged on 2018-06-10 18:04 Mocky: it's eye opening for me to see how it looks from this side where asciilifeform exposes obvious stench which is met with chorus of 'nah, it smells good'. apparently 'till now I've been the local, ala:
http://btcbase.org/log/2018-06-10#1822065 mircea_popescu: asciilifeform, without the fritz chips, the situation is 1trn "users" whose router pwd is admin, and then m00t's horde owning time magazine's "man of the year" competition.
mircea_popescu: this is the fucking problem they're trying to resolve, that without restraints, the horde re-organizes into unflat.
a111: Logged on 2015-10-17 17:42 asciilifeform: the point i was trying to make then, as now, is that mri - like fingerprints - is a confession-inducer and evidence-planter apparatus, let's say 'guiltwashing', rather than necessarily a fact-finder.
a111: Logged on 2014-10-19 18:31 asciilifeform: chetty: the whole purpose of 'biometric' crap is to administratively fix the designated chump as the permanently-designated chump.
a111: Logged on 2018-06-11 00:04 asciilifeform: and prolly they will sit in front of same judge who earlier nodded to 'tor devs would never', etc.
mircea_popescu: i don't think it stretches anything. "my superiors". reich is reich is reich, it really has no need or use for thought.
mircea_popescu: honestly, i'm happy with the outcomes. swathes of 20something yo slavegirls as far as the eye can see, to take pick from.
mircea_popescu: hey, it's a crapshoot. if you have 1bn decerebrated muppets reproducing, you get some simona haleps. if you have 1k, you don't.
mircea_popescu: but anyway, to put the matter of piss and gurls to (temporary) rest : Jun 09 01:57:42 <nikki_ff> yes sir i am drunk <mircea_popescu> how do you like your piss ? <nikki_ff> best its ever tasted.
mircea_popescu: henceforth a new "piss on the bitch" cocktail is defined, for public consumption, as piss, vodka and a splash of fruit juice.
mircea_popescu: "We disdain otter piss alcoholic Coors or Budweiser swills wrested from sprouted rice" << utter!
mircea_popescu: hey, nothing beats a self-administered pregnancy test.
hanbot: apropos of exactly nothing, where do skunks go to pray?
hanbot: mircea_popescu: to the pew!
mircea_popescu: asciilifeform, afaik that ali watkins chick is a libertard stalwart. the whole thing is "how dares state challenge the politruks"
mircea_popescu: it's about something or other, but broadly about the fact that the pantsuit party is very angry any sort of pushback against mother china WHATSOEVER still goes on.
mircea_popescu: i can't imagine the chinese actually give a shit about the withc hunts in that obscure european colony.
mircea_popescu: not anymore than anyone over at alphabet gives a shit about the misadventures of amstan ; or anyone at redhat about the new hole in boeck's ass, or etc.
mircea_popescu: well... in the patient's defense, the anglotards are really not all that interesting.
mircea_popescu: and this, from a race that is enthralled by fruit machines.
mircea_popescu: but the point of concern for mcguffin-book writers / social media personalities / journalists / whatever else the pantsuit keep telling themselves they do, would be that the chinese can't seem to be bothered to give the slightest fuck. these are some people who find even one arm bandits fascinating.
mircea_popescu: so basically he can't show "his superiors" that he reads doubleplusungood folk who don't insert a "traiasca tovarasul" sentence twice per paragraph, is the idea ?
mircea_popescu: maybe he gets fired if they think he doesn't like them anymore or something ?
mircea_popescu: i don't get it, so if there's been a famine going for 20 years meatballs are "soo 1997" ?
mircea_popescu: !!rate nikki_ff 1 aspiring slavegirl ; also famous for the "piss on the bitch" cocktail.
mircea_popescu: !!v 8DE2EDFE706112BD08BC21F05A0FFA66614A66F04E25101DD36F84384CCABA00
deedbot: mircea_popescu rated nikki_ff 1 << aspiring slavegirl ; also famous for the "piss on the bitch" cocktail.
mircea_popescu: anyway. in the end, i suppose it's pretty amusing to notice that a) indifferent of form b) the reaction will be to substance c) and negative because the substance's not usg-friendly but nevertheless d) claim to be a reaction to form.
mircea_popescu: "usg sucks" "i don't like how you used the word suck" | "usg is dumb" "i don't approve of the usage of verbs" | "the goat is dead" "i don't like the syllable count and this has nothing to do with my suspicion the goat may be a veiled reference to usg".
lobbesbot: asciilifeform: The operation succeeded.
mircea_popescu: i don't get it, it's supposed to matter when you run it from command prompt neh ?
mircea_popescu: ah so the idea is that if shell callout, you might end up with wrong response ?
mircea_popescu: tho in retrospect i'm not entirely sure why i thought that.
mimisbrunnr: Logged on 2018-06-10 16:16 Mocky: !Q later tell lobbes I just got back from uwharrie national forest, ~50km east of Charlotte. ftr, 'deep river' is misnomer, more like 'shallow creek'
hanbot: ^ phf please to update, apologies for the hassle.
☟︎ mod6: typical repsonse from reich. megaunsurprise.
lobbesbot: trinque: Sent 13 hours and 6 minutes ago: <asciilifeform> might be worth testing whether koch's latest lul affects deedbot's gpg hose
trinque: the thick irony being that for most nickelodeon staff, 16 is way too old.
BingoBoingo: And in the Latest Brasilero quirks, Apparently 28C/82F is the appropriate night time temperature for the heatpump. Because of course during the winter everyone should be adapted to sleep at a summer daytime temperature.
deedbot: IdleGandalf voiced for 30 minutes.
mircea_popescu: who the fuck are you and what's with that idiotic nick.
mircea_popescu: the whole fucking species has a thing for teenage girls ; that's the prime directive of sexuate reproduction : defloration.
mircea_popescu: also, wouldn't you tihnk a girl kinda retarded, if it came out she lost it at 16 ?!
mircea_popescu: it's only natural to get rid of the skin the same year the dumb shit starts bleeding ; and by and large the rule. in any case the ~normal~.
deedbot: loper_os_cr50 voiced for 30 minutes.
trinque: john k's crime here is bending over to the state after making a career upon ramming lulz through the censors. "3 decades struggle with mental illness" such as being heterosexual.
mircea_popescu: the atmosphere in the great stalin-less stalinism has changed lots. nowadays people actually say dumb shit like "what the government wants it called is the proper name for it" and other inanity like that. with a straight fucking face.
mircea_popescu: something their parents would have never even considered.
mircea_popescu: anyway, if you can get factory probes on them pads, i would not even be surprised if you can just flash it without further ado.
mircea_popescu: these fucktards! they wanna go about derping about "tin foil" and whatnot "unprofessional", then queue up to read all about "gandalf".
mircea_popescu: "oh but mp, it's different species of slime". no, it fucking isn't. all slime is the exact same identical species : itself.
mircea_popescu: asciilifeform, how's the rng work ? maybe a bit of electric field can set out 1s ?
a111: Logged on 2018-06-10 15:18 mircea_popescu: if he hadn't heard of the third reich instrument of surrender he'd be going around his village singing "tomorrow belongs to me". as it is, he derps on the periphery of google. if he realised tmsr owns the world he'd be "community organizing" for you. and so on.
a111: Logged on 2018-06-11 14:39 asciilifeform: meanwhile, reddit verdict : 'Are there any less tinfoiley sites that discuss this? All of the references circle back to him.'
a111: Logged on 2018-01-05 00:13 Matthew: you guys wrote this yourself right
mircea_popescu: you have no fucking idea what sorts of punishments it takes to de-ingrain the "now irc link turns off" processes they have.
mircea_popescu: it'd be easier to turn them out. ~literally~, this isn't some sort of rhetorical device. it would be easier to turn them into streetwalking whores than to turn them into sane people whose online presence has continuity.
mircea_popescu: the amount of washing it takes to recycle imperial-farmed cunt into useful slavery is mindnumbing.
mircea_popescu: the better comparison is, 19yo who's been well trained to pick at her scabs.
mircea_popescu: "bitch, stop fucking picking at it" "oh sorry master."
mircea_popescu: but it's this unholy alliance of "it itches" vegetative signal and "pick at your scabs" low level motherly acculturation.
mircea_popescu: (this, by the way, is why you shouldn't permit women to run the house. it's way too fucking easy for them to fritz-chip the jtags.)
mircea_popescu: (and for the gandalfs in the peanut gallery : streetwalking is ~hard~. short of infantryman during war, streetwalker has the hardest, most biodemanding job there is. which is why i respect them a lot more than i respect githikipedia contributors)
mircea_popescu: this is like saying, "Here's our companion games to a pair of dice".
a111: Logged on 2017-11-09 16:38 asciilifeform: ben_vulpes: mircea_popescu earlier suggested , 'boltzmann distrib' of coffee speck velocities, almost certainly has high end that grinds pieces of your vessel into the output
mircea_popescu: somehow all the "opponents" never managed to FUCKING SAY THIS, the only actual, valid argument.
mircea_popescu: said everything else. then they want to talk about tin foils.
mircea_popescu: truth of the marketplace is that a cent of power was always worth millions of beauty.
mircea_popescu: this is the fundamental difference -- in the original soviet, the little soviets were expected to plug selves into machine. which, while in a deeply feminine sort of way, is nevertheless somehow satisfying.
mircea_popescu: the new soviets, however, are expected to hold it in hand -- the machine's all chinesium.
mircea_popescu: whole consumerist thing only really started in earnest after the soviets went away.
mircea_popescu: much like the killer micro was forgotten almost immediately once the handheld tivos were carted in qty.
mircea_popescu: bitch... a phone is a computer in the sense your slit's a cock.
mircea_popescu: anyway. i'm starting to think i'll simply add a "owns desktop" disqualifier to the list.
mircea_popescu: it's how it worked in the 90s, right, you went to a new kid's house, had no computer could not be friends, evidently underclass only good to shine your shoes.
mircea_popescu: asciilifeform, well, "no computer, you can't play" is a disqualifier. "obedient, you've made it" is a qualifier.
mircea_popescu: you know it's like >pi per capita here ? i recently counted, it's a scandal.
mircea_popescu: lmao. most common orc sentence re laptop includes "dun work"
a111: Logged on 2018-01-31 13:56 mp_en_viaje: in other "thanks goodness computer means programmable machine", i have here this hp elitebook. it has the backlight permanently welded to "retina cancer". the "function" key bs works for everything else EXCEPT setting the brightness, fn-f9 does 0.
mircea_popescu: car's got what 3 ? 400 HP under the hood ? let it work.
mircea_popescu: in the immortal words of barry fitzgerald, "let a good piece of machinery earn its fuel"
mircea_popescu: asciilifeform, i recall it too. i was fucking there! the motorola "cell phones" you could maim someone with, and the inductor computers, and so on.
mircea_popescu: not where i lived, either. but in the shitplain of southern romania ? very fucking needed.
deedbot: loper_os_cr50 voiced for 30 minutes.
BingoBoingo: asciilifeform: I can ask. Is the PCB already in Uruguay?
deedbot: apt-get voiced for 30 minutes.
apt-get: just here to lurk in general
apt-get: I've been doing that a bit yesterday
apt-get: >get yerself a proper nick
apt-get: rude tbh, I've been using this one online for quite some time
☟︎ apt-get: I've been interested in learning it for quite some time though
a111: Logged on 2016-09-07 23:49 asciilifeform: alice_: do you know expression 'в чужой монастырь со своим уставом не ходят' ?
apt-get: the reason I keep using this nick is because it's quite handy to have personal info drowned out in a sea of noise when someone tries to look it up
☟︎ apt-get: I'm more interested in that kind of persona rather than adopting an identity meant to be recognized
trinque: how can you expect someone to care about "rude tbh" if you pride yourself on being unrecognizable
trinque: this assuming for the moment that such things aren't immediate and reliable signs the speaker's an idiot
apt-get: I wasn't actually offended or anything, it's just banter
|\n: what is the normal channel "flow", meaning how would i even ask a question if i got one
|\n: just to know if it is even possible
|\n: aha, cool! thanks asciilifeform
trinque: one might, say, introduce himself, like even my cat does when he walks into the room
☟︎ |\n: well it was fast i admit, now i'd better shut up because it brings too much crap to logs, got my answers, thanks
trinque: |\n: nah you don't get off that easy. you're from .ru ?
|\n: trinque, i'm just a dude that sometimes hears of phuctor and things that include links to the blog, i like what i see, cool pals discuss it, i'd like to track more of it, whatever it is
trinque: cool, there are several russian speakers present
|\n: apart from things unspeakable on freenode i love to bring up tor relays and i got a job as an admin of shitty place
☟︎ |\n: so i doubt theres anything remarkable i could tell about myself heh
|\n: good shout, sure i got my miserable excuses, since i'm not media person, i constantly attempt to tell about such things to people who show interest, but the scales are as miserable as my excuses hah
deedbot: swiftgeek voiced for 30 minutes.
swiftgeek: asciilifeform: nope i'm here for fact checking, from #libreboot
swiftgeek: also if you somehow damage C201PA irrecoverably please don't trash them
swiftgeek: that board itself needs to be reversed (PCB)
|\n: even if something is not clear - hardware is full of shit, supplying any trust towards vendors is as stupid as saying that someone might now have some private keys from whatever, being it an IT or automotive industry (pick any), i believe that is why some papers on standards that might shed light on ways of how proprietary things (that belong to owners) work
☟︎ swiftgeek: asciilifeform: what we need is to tear down board layer by layer
swiftgeek: if starts align properly i will be doing something similar for kgpe-d16
swiftgeek: asciilifeform: also decap the damn chip
swiftgeek: and sent it to zeptobars or what they were called
swiftgeek: it's definitely in interesting category
swiftgeek: asciilifeform: well in thinkpads we have fun gate array
swiftgeek: asciilifeform: well you should be only concerned first about black boxing it
swiftgeek: ie. it doesn't look like a necessary component to me
swiftgeek: so making something equivalent first would be beneficial
swiftgeek: asciilifeform: that's what i mean by that :D
swiftgeek: it sounds like you can replace it easily by some dumb components
swiftgeek: asciilifeform: so it's necessary and it's like PMH but with mcu?
swiftgeek: is host communicating with it to do something important to keep machine alive?
swiftgeek: asciilifeform: well you only need to do it once
swiftgeek: asciilifeform: after that once you have confirmed model of black box and from then you can figure out something way more efficient
swiftgeek: asciilifeform: i'm only speaking about doing it once in history xD
☟︎ swiftgeek: asciilifeform: the point is to take some lessons from that 1 unit
☟︎ swiftgeek: it will be silly if end result is just few modwires :>
swiftgeek: i'm telling you that it will be simpler to do it once and this way confirm every part of it
swiftgeek: looking at some code you found there isn't the same as poking the actual thing
swiftgeek: ok skip WEP, it's a whitelabel thing
swiftgeek: it's a tiny bga chip that you can remove yourself easily
swiftgeek: asciilifeform: x200t already requires a bit of rework
|\n: in terms of labour there are many people who would lift it and reflow for 5-10 usd per operation, even here in russia, but epoxy will ruin such perfect model =)
swiftgeek: for something that silly cleaning it up will take order of magnitude more than rework xD
deedbot: |\n voiced for 30 minutes.
swiftgeek: asciilifeform: if somebody will end up with dead c201pa in eu then hopefully i will get it for teardown if they remember
swiftgeek: asciilifeform: e-waste, i'm against it
swiftgeek: using e-waste for research pretty much lowers amount of it
☟︎ swiftgeek: asciilifeform: sure it is , it's the best way
swiftgeek: but c201pa isn't very popular and people forget about me
swiftgeek: with thinkpads we had much more fun
swiftgeek: we pretty much understand in full depth what thinkpad is
|\n: any intel on supply chain of this stone? had to ask
☟︎ |\n: any other devices with the extra similar one (even with brushed label)?
☟︎ swiftgeek: and remember that silly thing where people claimed that quality of thinkpads plummeted since IBM stopped making thinkpads and lenovo took over?
swiftgeek: as if there was some noticeable change xD
swiftgeek: IBM didn't make a single thinkpad since at least T20
swiftgeek: T line belongs to USI till T400/500, then lenovo took over
swiftgeek: asciilifeform: i'm from #libreboot , dev :)
swiftgeek: asciilifeform: TrackPoint is 80C51 blob so we are reversing that too :)
swiftgeek: but patents are expiring so it's really pressing to make libre trackpoint, even at scale modem
swiftgeek: anyway so far you have took some guesses that it's a infeon chip right?
swiftgeek: it certainly doesn't look like one
deedbot: swiftgeek voiced for 30 minutes.
swiftgeek: from this pic, what's the newest date code ?
swiftgeek: sure but they are not using old stock
swiftgeek: i confused the 2 for 1 and this is the thing?
swiftgeek: asciilifeform: so that whole time i was thinking this is c201pa
swiftgeek: asciilifeform: what's the name of the board?
swiftgeek: asciilifeform: yeah i only care about board xD
swiftgeek: pretty awful but again wifi on m.2 card
swiftgeek: so if anything comes you can replace it lol
swiftgeek: asciilifeform: is it connected over sdio or pcie or usb?
swiftgeek: asciilifeform: m.2 comes in many form factors
swiftgeek: asciilifeform: great then you can replace it !
swiftgeek: i can't guess dimensions properly so let's assume it's the same as with c201pa
swiftgeek: not necessarily IR preheater or anything fancy but (any) preheater would be nice
swiftgeek: due to bending and stresses due to differential heating
swiftgeek: still with patience it shouldn't do that even if you don't have preheater
swiftgeek: and it kinda depends on thermal mass in that area
swiftgeek: asciilifeform: grab yourself pile of e-waste and practice on that :>
swiftgeek: except that level up is grab pile of e-waste
swiftgeek: wistron thinkpads are pretty decent when it comes to repair
swiftgeek: X240 was made by compal-lenovo joint venture
swiftgeek: and afair end result was worst aspect of them both combined
swiftgeek: (compal alone makes the best boards for debugging /repair)
swiftgeek: you can diagnose compal board in 5 minutes flat
swiftgeek: asciilifeform: well compal makes tons of things xD
swiftgeek: welp that's interesting and if it spews out a lot of uart then it's most likely running on some core
deedbot: |\n voiced for 30 minutes.
swiftgeek: asciilifeform: then i would really recommend finding dead one and sending chip to zeptobars
swiftgeek: asciilifeform: why would you expect that llol
swiftgeek: asciilifeform: they are marked usualy on die
swiftgeek: no need to reverse really, just look at it
swiftgeek: hopefully layers won't need to be removed
swiftgeek: but if they are bunch of dicks then first visible layer will be just metal blocking chip from the view
swiftgeek: asciilifeform: is it TPM for real?
swiftgeek: then yeah inform zeptobars about the need to remove metal layers
swiftgeek: it will make for interesting post lol
swiftgeek: sigh i think i lost video about removing layers xD
swiftgeek: the point is to see something in it
swiftgeek: asciilifeform: sure but not looking can double the work
swiftgeek: asciilifeform: possible theories of what PMH7 is were pretty wild till we realized it's TC200G
swiftgeek: i finally realized from leftover clues
swiftgeek: but it would be clearly marked on the die as well
deedbot: swiftgeek voiced for 30 minutes.
swiftgeek: yep and all that you will learn from photo of zeptobars
deedbot: loper_os_cr50 voiced for 30 minutes.
swiftgeek: + you can take some educated guesses
swiftgeek: well you will see standard cell library
swiftgeek: eventually somebody will match it to factory
swiftgeek: asciilifeform: just like via matched their to what asmedia stole from them
|\n: imaginary, just in theory, can it be some ST72264G2
swiftgeek: asciilifeform: remember that recent AMD chipset from amdflaws?
swiftgeek: asmedia made it, using standard cell library stolen from VIA
swiftgeek: and i was wondering why we don't see so much VIA chipsets anymore xD
a111: Logged on 2018-06-11 15:46 asciilifeform: one interesting observation, is that the update mechanism lets you flash in arbitrary crapola into 'rw' section ( it simply won't jump to it if it doesn't pass rsa(sha256(payload)) ) . so theoretically could put a nop sled there, ending with jump into the magic half of unlock routine. and then expose the thing to beta/gamma, and perhaps in a few months it will Do The Right Thing
swiftgeek: asciilifeform: do you know what is the name of the board yet or not ?
swiftgeek: yeah then judging from c201pa entry
swiftgeek: that will make for shitty search results in google
swiftgeek: they are doing this shitty naming on purpose
swiftgeek: ok can't find anything on any usual suspects
swiftgeek: it should appear about now for that device
swiftgeek: asciilifeform: repair guide is something that asus supplies for their devices
swiftgeek: it's just a block diagram and power sequencing / tree
swiftgeek: just board shots from 2 sides with few testpoints, block diagram and power sequencing / tree
swiftgeek: asciilifeform: so if you have some asus authorized repair shop
swiftgeek: asciilifeform: i don't consider swapping a board as repair
swiftgeek: then just bring cookies and whatnot
swiftgeek: you need to at least check some points c'mon
swiftgeek: asciilifeform: i would bake cookies and bring them some xd
swiftgeek: asciilifeform: sometimes it's schematics sometimes it's boardview alone only
swiftgeek: asciilifeform: if something ever leaks it first appears on chinafix xd
swiftgeek: what i mean is that chromebooks aren't popular in china
swiftgeek: so likeliness of it leaking on its own is tiny
swiftgeek: asciilifeform: well lol, it's about netlist
swiftgeek: we need it to have something proper
swiftgeek: otherwise you are literally reversing open source code to figure out something that is presented clearly and for sure in boardview/schematics
swiftgeek: that m.2 module thing took seriously way too much time for us xD
swiftgeek: i only realized it when investigating some newer SSDs
swiftgeek: together with your explanation of purpose of the chip
swiftgeek: either chipie does far less or the thing is secret
swiftgeek: asciilifeform: anyway authorized repair shop has ridiculous amount of tools to diagnose board
swiftgeek: whether they use it or not it's up to them xD
swiftgeek: with that amount of tools you could fix those devices during a coffee break xD
swiftgeek: libreboot thinkpad doesn't have it easy, neither BSDLs nor XOR test chains are described for our montevina targets
swiftgeek: * signifies device paulk is connecting from
swiftgeek: so don't be confused if he logs from different node xD
swiftgeek: sure it was planned and everything was so pompous about it
swiftgeek: i didn't know they have actually made it finally
a111: Logged on 2018-06-11 19:57 asciilifeform: swiftgeek: given your introduction (
http://btcbase.org/log/2018-06-11#1822589 ) i assume you may be interested in verifying fact that cr50 is not a subfunctionality of the ordinary (i.e. kept in winbond spi ) bootrom or the EC controller ('nuvoton' arm , visible in right hand of photo ). this is very simple to do:
swiftgeek: and included in commercial device at that
deedbot: swiftgeek voiced for 30 minutes.
deedbot: hl` voiced for 30 minutes.
swiftgeek: asciilifeform: anyway if you can tell i care a lot about e-waste and such chipie is creating serious problems
hl`: I'm a longtime owner-control advocate.
☟︎☟︎ hl`: I found your blogpost on lobste.rs.
swiftgeek: asciilifeform: well if you want to blame google/asus sure
swiftgeek: but don't actually treat them like that
swiftgeek: it's kinda like neighbouring country dumping some trash in forest of other country
swiftgeek: while it's illegal dump, you have to deal with it nevertheless
swiftgeek: hmm let's take last ditch detour, FCC ID
swiftgeek: asciilifeform: i can tell at the very least it doesn't look like anything ROHM would make (the chip)
swiftgeek: yeah another one of those modular certification
swiftgeek: it's a new form of getting FCC certification
a111: Logged on 2018-06-11 20:09 asciilifeform: swiftgeek: my specific interest is to get arbitrary code exec on the device.
swiftgeek: asciilifeform: sure, but you can replace card :)
swiftgeek: asciilifeform: ditto for any other TPM
swiftgeek: what i'm annoyed about is that infeon is not distributing updates directly to consumers
swiftgeek: so if somebody has separate module they are left vulnerable
swiftgeek: asciilifeform: it kinda can in very specific circumstances
swiftgeek: would be nice to have nicer implementation with riscv :D
swiftgeek: well it's already implemented in mass produced devices
swiftgeek: sure but they will chip into contributing to toolchain
swiftgeek: yeah i was just saying about having TPM module implemented in open manner
swiftgeek: then everything would need to be implemented properly in SoC
hl`: no, TPMs _can_ be used to secure your own stuff if _you_ control them
hl`: not really trustworthy if they have non-free firmware on them, but theoretically they have a use case
☟︎ swiftgeek: hl`: it depends on root of trust being somewhere else
swiftgeek: otherwise it can be pretty easily replayed
hl`: that doesn't protect against physical attacks.
swiftgeek: hl`: you don't need physical attack there really
swiftgeek: hl`: if you have more devices on same bus you can figure out something to sniff it, and later replay
swiftgeek: hl`: but OTP root of trust is not a solution either
hl`: yes, exactly. i'm talking about the use of owner-controlled TPMs to secure against other parties.
swiftgeek: hl`: especially when you think about reselling the device
swiftgeek: asciilifeform: it depends on having root-of-trust (tpm isn't it), then it's a fun store of secrets
swiftgeek: if there is no root of trust on device then it's just another layer of obfuscation
hl`: there's not really that much point to tpms if physical attacks aren't in your threat model. if they are, they can provide resistance against evil maids, etc.
swiftgeek: hl`: softbrick in thinkpad provides resistance against evil maids :)
hl`: asciilifeform: completely unacceptable in my view, since it's anti-owner control.
hl`: to be clear, any company which ships chips fused to only run their code gets a 'fuck you' from me
swiftgeek: hl`: 1. lock device in dock (with key), softbrick, profit
hl`: asciilifeform: not exactly. the fundamental premise is just to measure the computing environment - this can be used to pro-owner ends if you control the tpm.
hl`: pretty much - agreed that TPMs with nonfree firmware (i.e. all of them which currently exist) are pretty dubious for that reason.
hl`: (especially since they have a bloody _firmware update_ capacity. !)
swiftgeek: hl`: we have seen plenty mask rom exploits already
hl`: swiftgeek: hmm, can you elaborate?
swiftgeek: hl`: not really, but whether medium is ro or rw it doesn't matter
swiftgeek: it still has ram and you can exploit it
hl`: Sure. Honestly, I'm surprised nobody has managed to dump decrypted Intel microcode yet. Seems to me you could probably accomplish something with glitching.
swiftgeek: hl`: and nobody dumped yet trackpoint code either :>
deedbot: swiftgeek voiced for 30 minutes.
swiftgeek: asciilifeform: yep it needs to be open otherwise lol
deedbot: hl` voiced for 30 minutes.
swiftgeek: you wouldn't go below 65nm if you are sane for tpm
swiftgeek: asciilifeform: we can go far with maskless lithography :P
hl`: asciilifeform: that's actually an interesting idea - i've toyed with a similar idea previously, though for different applications. basically, my idea was to come up with some way of algorithmically generating algorithms such that the algorithm generator can know the correct answer computationally easily, but where the structure of the algorithm is highly randomised such that it resists analysis in the
hl`: general case - basically using the halting problem as a trapdoor function.
swiftgeek: asciilifeform: those packages are expensive and cute :)
hl`: i.e., you'd have to solve the halting problem to write a program which can analyse the generated programs in the general case, meaning that any computational malevolence (compromised silicon, etc.) can only compute the result of the algorithm by executing it unless someone solves the halting problem
swiftgeek: asciilifeform: no this is qualcomm modem code
a111: Logged on 2015-08-12 17:41 ascii_field: (see also, for similar lulz, 'whitebox cryptography')
swiftgeek: and not at all for anyone trying to exploit it xD
swiftgeek: nah i was just referring that qcom code is generating code that generates to generate code that (....)
swiftgeek: hl`: anyway only with proper root of trust you can measure all stages with tpm
swiftgeek: otherwise i will exploit other device on the bus and replay it remotely
swiftgeek: and in x86 case that happens to be EC
hl`: that's actually a fair point too. as implemented in e.g. PCs nowadays, even putting the closed firmware issues aside, the way they are integrated is _not_ secure. they're just connected using open pins to the CPU, you could easily replay everything
☟︎ hl`: (see TPM reset attacks. the TPM specification people claim that these were fixed with TPM1.2, this is not correct however)
swiftgeek: yep that makes it possible even with root of trust
swiftgeek: but exploiting TPM firmware so much that it resets
swiftgeek: and TPM implemented so poorly that it doesn't reset x86 with it
swiftgeek: anyway so far there is no root of trust implemented in SoC that respect end user
swiftgeek: anyway that covers everything for me, i can only wait for more docs to appear (or dead boards)
BingoBoingo: <hl`> that doesn't protect against physical attacks. << Buy a dog and carry a hammer
BingoBoingo: Well for most people, wife replaced while they sleep would probably be +EV
BingoBoingo: And with the read only brains, only hope they have is that they are interesting enough to an MP for them to recieve their exploitable crash that re-enables write access.
BingoBoingo: that, or to repeat the "common" process they are sure gets done all the time.
☟︎ a111: Logged on 2018-06-11 21:15 swiftgeek: DARPA was messing with that a lot
a111: Logged on 2017-09-15 23:48 asciilifeform: kanzure: i spilled the beans from a similar darpa conference that i attended, in the heart of the beast itself, few yrs back ( it's in the l0gz, spoiler : multilinear map homomorphic crypto is bunkum ) and still waiting for gasenwagen
BingoBoingo: Well, living in the land of Mate crackpipes you get to see this behavior taken to extremes. They are playing the game where they TRY to burn as many man hours as possible in an unproductive manner.
☟︎ BingoBoingo: Productivity is dangerous. In Uruguay the danger is raising the bar and taking away from crack pipe time. In DARPA land the dangers being fended off are myriad.
a111: Logged on 2018-06-11 20:42 hl`: I'm a longtime owner-control advocate.
a111: Logged on 2018-06-11 21:24 hl`: that's actually a fair point too. as implemented in e.g. PCs nowadays, even putting the closed firmware issues aside, the way they are integrated is _not_ secure. they're just connected using open pins to the CPU, you could easily replay everything
a111: Logged on 2018-06-11 22:15 BingoBoingo: Well, living in the land of Mate crackpipes you get to see this behavior taken to extremes. They are playing the game where they TRY to burn as many man hours as possible in an unproductive manner.
danielpbarron: crack smokers will burn any time they can get ahold of, granted they generally glob onto other cracker smokers of the have-money-to-buy-more variety
trinque: perhaps the compartmentalized nonsense factory is not such a strong longterm strategy
trinque: for one, I'd expect anyone who spent enough time in one to come out the other side schizophrenic
a111: Logged on 2016-12-16 14:31 mircea_popescu: japan got buldozed chiefly because of the utterly immoral attitude of thinking people at the time.
a111: Logged on 2018-06-11 19:57 asciilifeform: swiftgeek: given your introduction (
http://btcbase.org/log/2018-06-11#1822589 ) i assume you may be interested in verifying fact that cr50 is not a subfunctionality of the ordinary (i.e. kept in winbond spi ) bootrom or the EC controller ('nuvoton' arm , visible in right hand of photo ). this is very simple to do:
a111: Logged on 2018-06-11 20:35 asciilifeform: so far my only clue that h1 actually runs the given fw , is that i was able to flash in a vendor update :
http://btcbase.org/log/2018-06-08#1821699 and ended up with a slightly different, in the ways suggested by the src, console
deedbot: oda voiced for 30 minutes.
mircea_popescu: and in other news, i bought myself a meter and a half long spoon paddle.
mircea_popescu: hand crafted wood. dood was beffudled, didn't really even want to sell it to me. "it's for ovens".
oda: Hi, just got here after reading the cr50 article on loper-os
oda: Just wanted to lurk a bit and see what sort of chat goes on here
oda: asciilifeform: thanks, will do.
a111: Logged on 2018-06-11 18:59 deedbot: |\n voiced for 30 minutes.
deedbot: Provide a paste URL to the ascii-armored GPG public key or the full 40 character key fingerprint without spaces or dashes.
mircea_popescu: and in other fuck-this-failed-civilisation, NO SHOP in all the fucking town had a proper beach towel. the chinese overlords have decided all towels must be up to 1/3 size and that's it. "i want a towel king bed size" "you mean sheets ?" "no dood. towel." "here's the towels." "these are small."
mircea_popescu: eventually went to specialist store, bought 3 meters of double-width towel substance, had them rodeando it. 3 * 3500 + 3000 for the work = ~30 bux. now i have a proper beach towel, can seat five.
a111: Logged on 2018-06-11 18:33 apt-get: rude tbh, I've been using this one online for quite some time
mircea_popescu: then again alf almost sounds like an anime character, doesn't seem to have hurt him any.
a111: Logged on 2016-02-24 04:23 mircea_popescu: omfg alf sees the world like a bee-dog : in black and white and all pixelated.
mircea_popescu: as the whole bee-dog has been a thing for all these many years.
a111: Logged on 2018-06-11 18:37 apt-get: the reason I keep using this nick is because it's quite handy to have personal info drowned out in a sea of noise when someone tries to look it up
a111: Logged on 2018-06-11 19:01 trinque: one might, say, introduce himself, like even my cat does when he walks into the room
mircea_popescu: oda, try putting it in p.bvulpes.com ; that tiuxo site uses some ssh bullshit / isn't on the web.
a111: Logged on 2018-06-11 19:05 |\n: apart from things unspeakable on freenode i love to bring up tor relays and i got a job as an admin of shitty place
a111: Logged on 2018-06-11 19:14 |\n: even if something is not clear - hardware is full of shit, supplying any trust towards vendors is as stupid as saying that someone might now have some private keys from whatever, being it an IT or automotive industry (pick any), i believe that is why some papers on standards that might shed light on ways of how proprietary things (that belong to owners) work
deedbot: oda voiced for 30 minutes.
oda: mircea_popescu: I got it working with the paste site in the deedbot help site. Also that tiuxo site is my site. Cloudflare filtering might have denied deedbot, I filter out China / Russia / Korea and a few useragent strings I was getting a lot of weird traffic from
mircea_popescu: we don't generally support the idiocy known as
https, so merely you not serving
http may put you outside of the web.
mircea_popescu: not to mention the whole pile of shit that's cloudflare.
BingoBoingo: asciilifeform: Well Google probably didn't exact anyone to care to look
oda: jej, so this is a cat-v type crowd?
mircea_popescu: in fact, there was a collision at some point, where was it...
oda: not that there's anything wrong with that. just that my convictions regarding software choices are a bit more moderate
mircea_popescu: tl;dr : cat-v was a bunch of dorks collected around a chosen kid, trying to do things. chosen kid died and they turned to scar tissue.
mircea_popescu: different from, say, comp.lang.lisp archive in that a) their chosen kid wasn't naggum and b) they actually had gathered around properly, as opposed to the idiots on bbs, captive in their self-important notions of independence and other man-alone-isms.
danielpbarron: i once triggered a guy to the point of thinking he might have his first fist fight, over anti-ssl, till his friend dragged him away
☟︎ oda: I enjoy following nerd drama but I try to stay out of arguments. Only one in recent memory was a bunch of people calling me an idiot for swapping on zram (which I kind of have to do on my shitty netbook)
a111: Logged on 2018-06-11 19:22 swiftgeek: asciilifeform: i'm only speaking about doing it once in history xD
danielpbarron: i was wearing my openbsd shirt that read "Keep calm and abandon OpenSSL"
mircea_popescu: we're not here to try and convince mommy that we're cool kids. we're here to fuck her in the ass until it prolapses, and leave her chained to a pole in the park where all the used needles are.
mircea_popescu: because we don't love her secretly. we hate her, and quite fucking plainly.
danielpbarron: guy says "and replace it with what??" to which I said "idk, libreSSL, but i'm not really a fan of ssl in general"
danielpbarron: and he flipped out, started accusing me of working with the enemy, got all shaky and had to be literally dragged away
mircea_popescu: really, replace it with nothing. ssl is a braindead answer to a malformed question nobody asked.
mircea_popescu:
http is a ~stateless~ protocol. you need state, do something else. no, there may not be such a thing as a "website login", not anymore than there can be a planesubmarine.
danielpbarron: speaking of the buring geek, bitcoin is (i suspect) a banned word/topic
danielpbarron: as in, anything else, just not bitcoin, that thing i told them years ago they shouldn't be spending on hotdogs and coffee
mircea_popescu: well, they're the kids with no clue or skill, hoping to eat off the usg's printouts. what's to expect.
danielpbarron: what i expected has come to fruition, nobody who would attend such an event can afford to buy bitcoin anymore
mircea_popescu:
http://btcbase.org/log/2018-06-11#1822648 << can you step back from your own insanity, and look at how they fucked your head ? really, you're going to go through your entire life "taking lessons", ie not doing anything, because that's what they made you do it at the child abuse camp they call college ? and then what, you'll be 80 and dying on a borrowed mattress, and... what ? you'll have had all these lessons you "took" ? wh
☝︎ a111: Logged on 2018-06-11 19:23 swiftgeek: asciilifeform: the point is to take some lessons from that 1 unit
mircea_popescu: you took nothing. start ~ACTUALLY~ taking. heads on pikes.
danielpbarron: they have some app exibitors can use to promote where they'll be and what they are serving (i reserved a vendor campsite specifically for the purpose of provoking conversation about the Bible) -- i also mention in my "profile" that i'm a lord in the most serene republic of Bitcoin, which mysteriously gets removed. I add it again, removed again. They apparently don't mind a religious "cult" but not
☟︎ mircea_popescu: danielpbarron, should be a pretty decent heuristic indicator for you. one of the two things you're in is going somewhere, according to the beast.
danielpbarron: i'm working on an article that suggests otherwise, porcfest is too small a thing to go to such existential lengths
danielpbarron: they placed me next to the celebritarian muslim guy. idk if coincidence, but i'm glad -- the guy will be serving food, and food vendors attract all the foot traffic