a111: Logged on 2018-08-09 19:31 asciilifeform: in continuing lulz, 'Which "club"? If you're an Open Source operating system distro, you can now apply to join (linux-)distros under our published criteria. Otherwise, yes, you're out of luck joining that "club". This is "selective disclosure", and it has drawbacks. There's no perfect alternative.'
a111: Logged on 2018-08-09 21:08 asciilifeform: 'In about 500 submissions on average we recover the whole key' << from e.g. montrezor, other shitwallets, etc.
a111: Logged on 2018-08-09 23:29 mircea_popescu: asciilifeform any pops ?
a111: Logged on 2018-08-09 23:56 spykedbot: SSH banner of 202.58.97.178: SSH-2.0-ROSSSH
a111: Logged on 2018-08-09 23:57 mircea_popescu: anyway. dropbear_2013.62 worth a looksee ?
a111: Logged on 2018-08-10 00:07 asciilifeform:
http://btcbase.org/log/2018-08-09#1840508 << will be interesting to check these against mats's mega-collection ( subj above ) , as i understand it is reasonably fresh and covers good % of ipv4
a111: Logged on 2018-08-10 00:00 mircea_popescu:
http://btcbase.org/log/2018-08-09#1840480 << forgot to mention which log they read to get the "idea". because totally, it'll no longer be "we copied tmsr" if they don't admit they copied tmsr.
a111: Logged on 2018-08-09 16:49 asciilifeform: mod6: plox to test and confirm.
mod6: About 10 days until that one expires, ya.
mircea_popescu: however, nude beauties bathe in waterfalls. not a complete loss.
mircea_popescu: well, there's a lake, and of course jacuzzipools etc. but anyways.
mircea_popescu: in this country water's a safe assumption. if none on the ground, some will coming in via aeropost soon enough.
mircea_popescu: there's also you know, 200m drop bridges and gazebos overlooking miles of jungle and stuff like that.
mod6: hola mircea_popescu
mod6: sounds like a serene trip 'eh!
mircea_popescu: meanwhile the pantsuit wank is overpowering, both odorously and lulzy. "digital divide" for instance ? totally term of pantsuit (idiocy is not an art).
mod6: they're fuckin everywhere
mimisbrunnr: Logged on 2018-08-09 21:21 asciilifeform: if can find the originating booby, can potentially turn half dozen pops, into several 10k.
a111: Logged on 2018-08-10 00:26 asciilifeform:
http://btcbase.org/log/2018-08-10#1840622 << the shitstains have been doing their 'coordinated disclosure' for , what , 20yrs nao , it isn't particularly 'idea', but rather the default herd-biological behaviour of shitstains
a111: Logged on 2018-05-22 05:11 mircea_popescu: this paradigm readily explains the soviet state - "rock and roll" relationship, and moreover that historical accident had a lot to do with why alphabet even ~exists~ today. otherwise, on the naked strength of imaginary "advertising revenue" google is worth ~dozen stackexchanges/slashdots/sourceforges. but, generals always fight last year's war, and so here we are, "bayesian lesswisdom".
a111: Logged on 2018-07-16 15:44 mircea_popescu: as we're contemplating an eulora client rewrite, i am contemplating the following code release paradigm : client author a) releases code encrypted to l1, signed and deeded (so basically, gpg -aer asciilifeform -r ave1 -r etc) ; b) releases precompiled binaries for allcomers.
mircea_popescu: "digital divide" a-ok nao, for reasons (see "code of conduct", i'm sure it explains why they can blather all they want for as long as they do exactly what we say etc)
deedbot: rain2 voiced for 30 minutes.
rain2: this seems very interesting and i want to learn about it
mod6: get in the wot, rent a rockchip, become a start
rain2: i'm not that good with forth - I want to learn it better but it's difficult. I think if we did output threaded code directly that could be a real improvement
trinque: rain2: by chance is english not your first language?
deedbot: 891F03D110B58CD7985D5FBB4CF88D683C827AC8 registered as rain2.
☟︎ trinque: !!v 0378023FB86518671AAB8A0EFD9E4919E599AAF780052962140933C41F7F052E
deedbot: trinque rated rain2 1 << schemer
trinque: sure thing, you can now pm deedbot !!up
trinque: winding down after a long day; yourself?
rain2: yep just poking around online
☟︎ trinque: you said mp brought you? are you a reader of his blog?
mircea_popescu: trinque i said something in <wsm> kaniini has invited you to join #litepub
rain2: oh he didn't bring me, ifollowed
deedbot: kaniini voiced for 30 minutes.
mircea_popescu: asciilifeform fellow's about to discover phuctor, i guess.
kaniini: well, i am not surprised by the finding that the keys are weak, given it is embedded shitboxes
kaniini: i didn't bother to check the keys yet
kaniini: i guess, the question is, i wonder if we can check somehow in real time
kaniini: if key is good, then we can skip scanning it
kaniini: a lot of the devices will let you log in anyway,
kaniini: and then it will send something like "Invalid password"
kaniini: but you can open direct-tcpip channels
kaniini: i'd say at least half of the ips i have seen are like that
mircea_popescu: kaniini ~new~ keys are generally queued because the factorization process is somewhat involved. but there's a real time rss in #asciilifeform
mircea_popescu: rain2 say !!up to deedbot in pm, then !!v the string it gives you.
kaniini: mircea_popescu i mean, it will open a terminal channel and dump you into a login(1) type program, instead of rejecting the password
kaniini: mircea_popescu so from perspective of sshd, you're fully logged in and can do whatever you want
kaniini: mircea_popescu but you have this worthless terminal channel
kaniini: mikrotik routeros is thankfully not that bad
kaniini: i wonder if checking exponent on these huawei keys will be interesting
kaniini: if they are non-prime that would be an easy thing to check
☟︎ mircea_popescu: pretty sure someone published python to do it, even. jurov mebbe ? or spyked ?
deedbot: kaniini voiced for 30 minutes.
kaniini: i can create one i suppose
mircea_popescu: there's no other basis of identity online. people gotta know who they talk to.
kaniini: the huaweis use static kexinit data too it seems
☟︎ Mocky: so in reading the logs I see that musl is a libc which is smaller and stricter than glibc. is there such a thing for c++ standard library or is it not needed?
a111: Logged on 2018-08-10 01:42 kaniini: if they are non-prime that would be an easy thing to check
a111: Logged on 2018-08-10 02:26 kaniini: the huaweis use static kexinit data too it seems
mircea_popescu: asciilifeform entirely possible they actually do, say very narrow keyspace.
mimisbrunnr: Logged on 2018-08-10 07:01 adlai: at the risk of sounding like a lightly-chipped (for the broken don't spin too good) record: i'd be glad to rent the new rockchip. i promise this time to think before i type, and not play the shitty music too loud.
a111: Logged on 2018-08-04 22:25 mircea_popescu: anyway, tbh i'm mostly encouraging the utter collapse of freenode's "security" model. it should be obvious that lode/ae dorks could just as well REGISTER the spambots. it's a fully automated process, what's the problem, emails ? gimme a break.
deedbot: kaniini voiced for 30 minutes.
kaniini: i agree that it would be nice to require SMS or something else to register
kaniini: it would also be nice to be able to exclude accounts newer than X days
kaniini: at least then they have to go to the effort to farm accounts
kaniini: the account login message could be trivially extended to send registration time
a111: Logged on 2018-03-08 00:20 mircea_popescu: sooo... big deal, 1 sent girl to buy a bagful of phone numbers. they cost, no joke, $2.5 here. EXCEPT, of course, they want your "cedula", you know, "por activacion".
kaniini: mircea_popescu yes, but requiring accounts older than X days would help to mitigate
☟︎ kaniini: nobody is going to buy accounts to flood freenode with
kaniini: the average idiot flooding freenode is a dumb kid with no money
a111: Logged on 2018-03-08 00:21 mircea_popescu: this entire exercise in idiocy has, practically speaking, resulted in me paying various hard working ticos a grand or so, to the people fucking in the ass the "security" paradigm of pantsuit.fetlife. IN LIEU of having paid that much, and rather more, to the fetlife itself.
a111: Logged on 2018-03-08 00:22 mircea_popescu: but this paradigm where "we will cater to the peniless but opinionated female herd, instead of the rich and actually powerful white male" fucked them over.
a111: Logged on 2018-08-10 13:15 asciilifeform: e.g. diff chump at same rubber chicken fest, 'Because I declined to have maid service in my hotel room at BlackHat, two security guys came to my room and demanded I open my door and let them do a walkthrough search'
mircea_popescu: this, btw, is why you DO NOT WANT "electronic" key. wtf is this dumb shit, "key no longer works" ? i paid for a fucking day, i own the fucking lease, you can have your room again tomorrow when im done with it AND NOT BEFORE. jesus fuck wtf is wrong with these people.
☟︎ mircea_popescu: none of this is "at will". if i rent a room, i bought the option, that's that.
a111: Logged on 2018-08-10 15:04 mircea_popescu: this, btw, is why you DO NOT WANT "electronic" key. wtf is this dumb shit, "key no longer works" ? i paid for a fucking day, i own the fucking lease, you can have your room again tomorrow when im done with it AND NOT BEFORE. jesus fuck wtf is wrong with these people.
mircea_popescu: sucks for the reich. i just come from one, had brass key for the door and steel key for the safe on the ring.
a111: Logged on 2018-08-10 14:39 mircea_popescu: asciilifeform "evil maild" mandatory\!!!
mircea_popescu: "nothing else exists" right, "this is everywhere" bla bla.
mimisbrunnr: Logged on 2018-08-10 07:01 adlai: at the risk of sounding like a lightly-chipped (for the broken don't spin too good) record: i'd be glad to rent the new rockchip. i promise this time to think before i type, and not play the shitty music too loud.
deedbot: asciilifeform rated rain2 1 << small scheme interpreters
mod6: either you're WoT, or not.
mircea_popescu: sometimes you read like "here's a picture of the apple tree in socialism, as you can see, it makes fruit to help the 5year plan", you know that ?
a111: Logged on 2018-08-10 14:42 kaniini: mircea_popescu yes, but requiring accounts older than X days would help to mitigate
mod6: !!pay BingoBoingo 0.23437500
mod6: (for "Samsung 860 EVO 1TB 2.5 Inch SATA III Internal SSD (MZ-76E1T0B/AM)" x 5) ^
mod6: !!v 69850D450748766DFCF06AE8A4BBE641ACC9DA228811DE7346E57498162385AC
deedbot: mod6 paid BingoBoingo 0.23437500
mod6: Previously we paid .21483957 for UY3 (according to the April statement)
mod6: !!rate mats 2 Pizarro Client, TMSR~ things
mod6: !!v 6C67DCC21EEECCC898DBD1EBEBB8EF13839CE27002E99ABFB8F2197E4CE78A62
deedbot: mod6 rated mats 2 << Pizarro Client, TMSR~ things
mod6: !!rate 2 ave1 musltronic gnat & TMSR~ things
mod6: !!rate ave1 2 musltronic gnat & TMSR~ things
mod6: !!rate spyked 2 TMSR~ Regular
mod6: !!rate mocky 1 Eulora Development
mod6: !!v 14857FD9CBED09635F2279BAA41985A9E5D0B6DCBE6E58B8BE1F11BDB9814968
deedbot: mod6 rated ave1 2 << musltronic gnat & TMSR~ things
mod6: !!v 4560483134951058A1E3E1768E653835B5F9E8D4FD6E2AFEC7AE77EF9930F8BB
deedbot: mod6 rated spyked 2 << TMSR~ Regular
mod6: !!v C47A761BC19959B5E5837E66559613DE3027460F84E8730D195904C8A7296618
deedbot: mod6 rated mocky 1 << Eulora Development
phf:
http://btcbase.org/log/2018-08-10#1840849 << these are not stories of abuse, these are war stories "what i do matters". it's such a huge part of the lore that i wouldn't be surprised if the hotel mgmt does it to attract more of an attention to the event. you mean i get to hang out with dangerous hackers??
☝︎☟︎ a111: Logged on 2018-08-10 16:00 asciilifeform:
http://btcbase.org/log/2018-08-10#1840813 << the only thing funnier than the hotel rectal probing and post-party arrests they do, is how the patients continue to show ( and pay, what, 5-10k usd, for the privilege ) !
phf: well, that's how mountaineering business works: bulk of ascends are done by sherpas, who carry a paying lawyer on their back, but you still have one in a thousand die in an avalanche, so that the rest can pretend like they actually did something dangerous.
☟︎