chetty: the replacement story is already up hehe
pete_dushenski: ben_vulpes i've used fedex freight before, they'll come pick up the package from wherever and deliver it wherever.
ben_vulpes: your privilege is dripping on the floor
pete_dushenski: wtf my privilege nothing. i'm getting on a plane tmrw morning and it's not so much to ask to have a seller of goods to crate a fucking table for transport.
pete_dushenski: or w/e, mebbe my privilege knows no bounds. hey, i'm not the one losing business.
pete_dushenski: i didn't want one that bad when i woke up, just saw the right one at the right price and wanted it.
assbot: [MPEX] [S.MPOE] 45707 @ 0.00027956 = 12.7778 BTC [-]
decimation: pete_dushenski: surprising. I thought those kinds of tourist shops specialized in shipping
pete_dushenski: decimation seriously. you'd think so, but you'd think wrong.
pete_dushenski: i guess there's enough local demand in this retirement town that they don't have to try.
pete_dushenski: "We have been in business for nearly 26 years and hold a full pawnbroking license to buy, sell and loan." << no mention of shipping eh...
decimation: fun fact: there's a part of vancouver, bc that is us territory (point roberts)
decimation: also, victoria is well south of the canada-us border
pete_dushenski: decimation that it is. though victoria feels like a million miles away from us-istan.
decimation: heh. I guess I can see why a pawn shop wouldn't bother with shipping
decimation: I suppose they figure enough derps would come and go on foot
decimation: but I imagine that they could sell on the internet for $$
pete_dushenski: so shooting themselves in the foot is par for the course, i guess.
decimation: pete_dushenski: are you planing on visiting any other outlying islands or the rest of bc from there?
pete_dushenski: i've seen most of bc previously, just hadn't been to vic in a while.
pete_dushenski: sacha baron cohen went to another camp in the same organisation ;)
decimation: I got screwed of out learn german from my german heritage too
pete_dushenski: this camp though had *daily* chores for like 2.5 hours.
assbot: [MPEX] [S.MPOE] 11550 @ 0.00028607 = 3.3041 BTC [+] {2}
decimation: sounds like a good way to save on staff costs
pete_dushenski: i wrote for the newspaper, wrote mad magazine-esque fake nooz
pete_dushenski: decimation no doubt. it wasn't *that* expensive, at least compared to the bbyo summer camps.
mats: ever cut grass with a pair of scissors?
☟︎ mats: yeah. as punishment.
pete_dushenski: you call that grass ? i trim more manbush than that on a monthly basis.
mats: builds character (tm)
assbot: Logged on 18-05-2015 00:39:54; pete_dushenski: some kids helped in teh kitchen, some cleaning garbage.
mats: i spent the whole day (0900-1600) with some other trainees cutting grass at battalion hq because one of the nubs in my squad saved his granola bar from the mess hall and put it in his locker where it was discovered
assbot: Logged on 18-05-2015 00:43:05; mats: ever cut grass with a pair of scissors?
assbot: [MPEX] [S.MPOE] 27523 @ 0.00028624 = 7.8782 BTC [+]
mats: i drank something like 6-7 litres of water that day... missouri is hot as fuck during the summer
mats: cazalla: how much fence? several km?
cazalla: wasn't just me though, he had my mother out there doing the same thing
mats: in other news, the new Mad Max picture is quite good
mats: (they tend to shit on everything)
mats: decimation: i'm just happy to find a fun action movie that passes the Bechdel test
assbot: [MPEX] [S.MPOE] 16821 @ 0.00028624 = 4.8148 BTC [+]
justJanne: Nah, I was just reading on the RSA factorization article where someone claimed this channel would still DDoS everyone who joins. Sadly I can’t see any of that (was hoping to see if it actually is true xD)
justJanne: I mean, I see some traffic, but it’s minimal.
BingoBoingo: justJanne: It isn't anything done by any of the channel regulars. It's just some butthurt dickbag with an excess of unwarranted self importance who imagines they are saving the world by DoSing every ip they spot here
justJanne: Reminds me of that guy spamming a gaming channel with links to their DDoSing company
danielpbarron: i heard that it just targets the user who most recently joined, and especially if it is a new hostmask
BingoBoingo: justJanne: Well the person doing it at first called themselves the reddit police and started by DoS'ing sites affiliated with regulars here. Then the sites beefed up and weren't so easy to DoS. So now they's had to settle for messing with home internet connections.
justJanne: I got some traffic on my system from 159.118.187.45 accessing my server via HTTPS and sending a few thousand GET requests, but nothing really devastating
justJanne: (I have a bouncer on my server with 1Gbps connection, so I rarely notice DDoS at all)
mats: he's doing us a favor.
BingoBoingo: People examining the traffic spotted that most of the zombies were ntp reflection and stuff anyone could walk away with, and they likely did leaving less to hit here with.
mats: if you read this -- please stop by for another friendly conversation
justJanne: I have null-routed NTP and everything anyway
justJanne: So, they really DDoS random people?
BingoBoingo: justJanne: Yeah, just anyone without a freenode cloak who joins when their spybot is online here to pull the trigger
justJanne: BingoBoingo: tell me when the bot is online, I’d like to analyze the traffic xD
BingoBoingo: justJanne: I dunno what nick it uses. Never much cared to try identifying it.
justJanne: BingoBoingo: It should be easy to find.
justJanne: Sometimes when I get DDoSd I run nmap against the attacking servers, one time I found a small IRC server with only one channel, in which were 256 clients all with just a number as name, and one other client sending specific commands every few minutes
☟︎ assbot: Logged on 08-12-2014 17:59:30; asciilifeform: incidentally, if anyone bothered to read the packet dump i posted a while ago, they should know that the ddos bot uses misconfigured consumer routers (upnp reflection)
assbot: Logged on 06-01-2015 01:32:50; asciilifeform: svetlana: i got a massive packet dump, and so has kakobrekla
trinque: check out that precipitous drop
trinque: and the abrupt rise of the rebuttal
trinque: it'll be interesting to see how much longer that stays at #1
justJanne: assumed as much, but I have no experience with them yet, and was surprised seeing one in the wild
adlai wonders whether any of the strongset edges point to the diddle
williamdunne: Guessing for some reason they thought it would be a swell idea to use the IRC server for additional DDoS power?
justJanne: but yeah, I was kinda surprised, would have assumed they’d put the control for the botnet on a different system
justJanne: at least so that one doesn’t discover their botnet that easily
justJanne: anyway, let’s wait for that DDoS-bot ;P
justJanne: danielpbarron: looking into it, but just found out my last GPG key’s validity ends this month
decimation: justJanne: no problem, make a new subkey or extend the date
decimation: justJanne: Someone compiled a list of ips that originate dos'er
justJanne: Meh, too lazy to copy it from my other PC, I’ll just make a new one and sign it with my old key later
decimation: you can see the logs at log.bitcoin-assets.com
assbot: [MPEX] [S.MPOE] 31396 @ 0.00028687 = 9.0066 BTC [+] {4}
assbot: [MPEX] [S.MPOE] 49100 @ 0.00028281 = 13.886 BTC [-] {2}
mircea_popescu: that totally kills the whole thing. i bet you're not even from cali.
justJanne: I am registered with assbot, but no one levelled me up yet ;P
cazalla: 14/f/cali oldest fbi trick in the book
mircea_popescu: !rate justJanne 1 55 yo Pittsburgh steel mill worker posing as 19 yo girl on the interwebs.
justJanne: If you want, you can mail me on my student mail, I’m real stu120691@informatik.uni-kiel.de >_>
mircea_popescu: !v assbot:mircea_popescu.rate.justJanne.1:44086df839c6a505edd1681e3dff4c96ffd5990b1c9abddd93c99f55a195008c
assbot: Successfully added a rating of 1 for justJanne with note: 55 yo Pittsburgh steel mill worker posing as 19 yo girl on the interwebs.
williamdunne: justJanne: I'm pretty sure a 55 yo Pittsburgh steel mill worker would have the connections to get one of those there fancy emails
decimation: koennen Sie ein bisschen Deutsch schreiben?
assbot: [MPEX:S.MPOE] 1D: 0.00026733 / 0.00027828 / 0.00028748 (2307220 shares, 642.06 BTC), 7D: 0.00023904 / 0.00026467 / 0.00029014 (38353417 shares, 10,151.15 BTC), 30D: 0.00019511 / 0.00026548 / 0.00033918 (109094749 shares, 28,962.95 BTC)
decimation: bitte schreiben Sie eine Kurzbiographie?
adlai: is the middle number vwap?
williamdunne: ich habe eine gross hose schlange is about all I remember from three years of German lessons
justJanne: Die wird aber ganz kurz ausfallen müssen ;P Ist auch nicht viel zu sagen – Geboren in then 90ern, ganz normal Grundschule, bin mit 8 ins Hochbegabtenförderungsprogramm gekommen, hab neben der Schule interessantes Zeug gelernt, dann Gymnasium, hab mit 16 neben der Schule angefangen zu studieren, und hab mit 18 Abitur mit 2,2 gemacht. Bin seit letztem Herbst Vollstudentin ;)
decimation: ^ sufficiently idomatic to pass the google translate test
justJanne: you could have just looked at my hostname ;P
decimation: justJanne: given your interest in this gpg episode, there is something that you could assist with
decimation: can you identify the supposed "german email program" that was supposedly the source of these weak keys?
mircea_popescu: decimation wait, we're progressed past the "it occured while copying" to obscure email programs naoi ?
mircea_popescu: jeez how the world changes in a coupla hours based on what's said in b-a log, you'd think we're talking to gavin-the-handpuppet & co.
decimation: "I don't really know, but I talked to Nadia Heninger about it and she mentioned that they were probably created by some email software only used in Germany. "
decimation: Note that your headline was dinged for being inaccurate, while this guy's blog is more inaccurate by his own admission
☟︎ mircea_popescu: anyway, to quote myself, "I will write up an article addressing this particular set of bullshit tomorrow. I promise it will be good. Engage bated breath."
assbot: Logged on 17-05-2015 22:51:31; DreadKnight: the project gets small contributions constantly, but when it comes to bigger stuff, people tend to vanish at about 90% progress xD
assbot: Logged on 17-05-2015 22:57:59; DreadKnight: we have a saying around, going something like "you drawn like the gypsy near the shore", meaning overall that you failed in the last few steps
justJanne: decimation: that's true. RSA keygens use a probabilistic prime test.
justJanne: With a very bad RNG, it would tell you 2 is prime.
decimation: lol she claims that (52:41) that openssl just adds the current time of day in seconds to the entropy pool
justJanne: Read the report on OpenSEL by the OpenBSD guys. It's a whole new level of WTF
mircea_popescu: "[1] He's been scraping the profiles of young women (specifically) and posting links, names, and hometowns on his blog. Yes, as technologists, we know that this kind of indexing is trivial. That's no reason, as a decent human being, to terrorize innocent people."
mircea_popescu: who the fuck asked anon what is and isn't reason nao ?
adlai considered writing some words about how security theater damages actual security, but stuck to lazy bean counting
justJanne: Actual security is sadly a thing that doesn't exist in critical places.
assbot: Logged on 17-05-2015 23:00:52; decimation: there are clearly people on hacker news who are enemies of #b-a
adlai: (a reporter writing about 'accidentally' carrying a multiple-inch blade onto an airplane damages airplane security far, far less than the security practices that let it through)
assbot: Logged on 17-05-2015 23:04:20; DreadKnight: gmail is free and makes money, same goes for games like league of legends, soon even world of warcraft
williamdunne: mircea_popescu: scraping your emails to better sell your advertisements
adlai: gmail sells adspace to its parent company. the number of people who know its actual revenue is probably quite low.
williamdunne: Increasing the number of people who know the platform so that enterprise customers will purchase it
justJanne: Gmail has two options: sell your data or pay.
decimation: gotta pay if you want 'google apps' too
justJanne: As a large company you can get Google Apps as a box.
assbot: Logged on 17-05-2015 23:07:10; trinque: DreadKnight: doing the ad-supported thing is a loss leader at best; you have to be able to burn money until your audience is large enough to merit being paid for the # of eyeballs
justJanne: A local server you can put in your own data center. It can operate even separate from the web.
decimation: justJanne: did you see any ntp reflection traffic?
justJanne: decimation: I'm on phone right now, but as the latency didn't go up, doesn't seem so. Or at least nothing noticeable.
adlai notices that assbot doesn't insert titles anymore... midnightmagic linked "Lets Call Stunt Hacking What it is, Media Whoring", an apt topic for today
mircea_popescu: midnightmagic not bad, but it lost me at the "well credentialed" etc bs.
justJanne: Tbh, security of embedded systems could be better.
justJanne: In general embedded systems could be better.
mircea_popescu: decimation honestly, i suspect the guy complaining on trilema was either trying to stir up shit or else working on meanwhile inacurate history. seems the ddos guy is gone.
assbot: Logged on 29-04-2015 14:33:49; davout: mircea_popescu kakobrekla mebbe make scoopbot_revived not mention the title and let assbot handle it?
decimation: mircea_popescu: yeah, in fact I suspect "the lady doth protest too much"
assbot: Logged on 17-05-2015 23:11:27; williamdunne: >Forget MPEX. The best/most reliable stock exchange is, by far, BTCT.CO.
midnightmagic: mircea_popescu: The old Aurora attacks are an excellent example of the perversion of the idea of 'well-credentialed'. The people they had making comments about the SCM systems involved in that attack and the shoddy investigations going on were.. extreme.
mircea_popescu: yeah. if i don't happen to know someone willing to vouch, you can have credentials coming out of your ears, i just see "idiot" in thick font. which is basically wot-ness.
midnightmagic: I personally watched the responses internal to some of the companies involved and observed the evolution of the document they presented to the public. The people on whose opinions some of those documents were based were bullshit artists, borderline pathological, of the worst order.
midnightmagic: mircea_popescu: Everything it seems, comes down to human trust evaluation.
justJanne: Embedded systems are still often built by programmers, not by engineers.
mircea_popescu: worst part being that it's usually "corporate [in]culture" that takes marginal yet ambitious intellects and molds them to this shit.
btcg: to talk about interesting topics :)
btcg: do i need to auth with assbot for voice perm?
decimation: was assbot's link title functionality kaput?
btcg: i didn't see anything
williamdunne: To get perma voice you need to be in assbots L2 - so you need a rating from a lord
midnightmagic: mircea_popescu: Mediocrity is a natural result of psychopathic and sociopathic inroads. The moment upper management ceases to directly observe their employees, the result is the most convincing-sounding people's voices become the most relied-on. Convincing-sounding is not the same as accurate/informed.
decimation: midnightmagic: convincing-sounding is pretty much the going standard in the english speaking world
midnightmagic: -- which directly resulted in the erroneous and I would say, outright lying in the Aurora analyses. None of the conjecture that the public could see (because that's what the fuck it was) needed to ever be tested or 'pay rent' in terms of accuracy.
btcg: !register F4DE 6DF4 EB8B A2DA AD8D 14A5 B004 5BC9 02AC 1559
assbot: That does not seem to be a valid fingerprint.
btcg: !register F4DE6DF4EB8BA2DAAD8D14A5B0045BC902AC1559
assbot: Searching pgp.mit.edu for key with fingerprint: F4DE6DF4EB8BA2DAAD8D14A5B0045BC902AC1559. This may take a few moments.
assbot: Key 02AC1559 / "boxsk <boxsk@tutanota.io>" successfully imported.
assbot: Registration successful.
btcg: sorry, can i reset my key
danielpbarron: >> My aim is to fight mass surveillance. I write code to fight for our human right to privacy. I want to create a cloud service which is so easy to use and so secure that it locks out all the spies. We really deserve it. << lol
justJanne: danielpbarron: that sounds like Kim Schmitz
justJanne: Sorry, he's known outside of DE as Kim DotCom
joshbuddy: danielpbarron: where was that quote from?
btcg: !register CDA330208F2249841291524C65A7427639BAE3AB
assbot: Nick btcg is already taken.
btcg: i use their webmail mostly
decimation: btcg: heh sucks I'm not sure if you can unregister
assbot: You need to specify your new key fingerprint.
btcg: !changekey CDA330208F2249841291524C65A7427639BAE3AB
btcg: tuta is nice at least encrypts all email
assbot: [MPEX] [S.MPOE] 39419 @ 0.00028808 = 11.3558 BTC [+] {2}
decimation: yeah how is something 'encrypted' on a website that isn't under your control?
justJanne: I can do that with Thunderbird, K9 and GnuPG.
BingoBoingo: K9? You trust private keys on mobile devices?
danielpbarron: the point being, your email client shouldn't have anything to do with your encryption
justJanne: BingoBoingo: Yes — remember, I use no Google services, and modified half of the apps on my phone myself.
decimation: justJanne: yeah but have you examined your phone's firmware?
justJanne: decimation: BingoBoingo: compiled from source myself every month.
mike_c: ;;later tell mircea_popescu: ad ready, see log 5 lines up
mats: how about your baseband fw?
mats: i can dump it, can you?
justJanne: The ISP I'm using was started by a few people from the CCC, so from that side not too high of a risk.
justJanne: And I'd like to dump the firmware, but that would violate copyright.
mats: fwiw i use a smartphone too, the point being rammed here is that you don't really have an expectation of security.
gribble: samouraiwallet was last seen in #bitcoin-assets 1 week, 2 days, 3 hours, 14 minutes, and 55 seconds ago: <SamouraiWallet> cool system. tying in wot with irc +v
danielpbarron: there is no "auth with assbot" and all actions come with a OTP
danielpbarron: williamdunne, that means you're decrypting on the same machine that has internet?
btcg: !changekey CDA330208F2249841291524C65A7427639BAE3AB
williamdunne: I'll eventually create another key offline which I'll use as a master or summin
williamdunne: Stick authentication of it in deedbot or summin
mircea_popescu: mike_c will be going up shortly, guy's online and all.
mircea_popescu: midnightmagic i have my doubts about how all that *pathic stuff works. kinda weaponized terminology, like "heretic"/"disbeliever" in middle ages.
cazalla: what sorta person are you mircea_popescu terrorizing those poor sods on fetlife
btcg: !v assbot:btcg.changekey.cda330208f2249841291524c65a7427639bae3ab:6448f8043a7a44284ff9e38a2c9c7c34ffb455f01d9c8618ec07770e996d43a9
assbot: Key 39BAE3AB / "boxsk <boxsk@tutanota.com>" successfully imported.
assbot: New key fingerprint for btcg is: CDA330208F2249841291524C65A7427639BAE3AB
mircea_popescu: cazalla the masochist and the terrorist. should be a book.
mircea_popescu: <justJanne> BingoBoingo: Yes — remember, I use no Google services, and modified half of the apps on my phone myself. << o.O what are you, like a hacker ???
mircea_popescu: you gotta appreciate, a compsci student in the us is a guy that's too autistic to deal drugs.
justJanne: Without that you can't progress in CompSci.
justJanne: And math101 is helpful here, about 90% fail that class.
justJanne: Helps keep the study free from scriptkiddies.
justJanne: And, tbh, math101 at university isn't supposed to work with numbers. Math 101 is set theory, logic, lists, trees, functions, relations, sur/in/bijectivity, upper and lower bounds, complexity, etc.
BingoBoingo: justJanne: At my school those topics were all in 300 series classes.
justJanne: Right now I'm taking second semester classes, last week homework was doing RSA on paper.
mircea_popescu: i have my doubts if you could get a decent definition of the notion of number from one in ten us graduates.
justJanne: Using only 16-bit Keys, cause everything else would be overkill.
BingoBoingo: In the calculus series classes test questions were taken from the homework, which was conducive to drinking whiskey before tests.
justJanne: For RSA you obviously need groups, spaces, bodies, rings, etc.
assbot: Logged on 17-05-2015 23:34:39; williamdunne: Read the article, and I still don't see how that makes it bad for the last mile
mircea_popescu: having a central (marketplace = central) for it is about as stupid as fire extinguishers loaded with gasoline.
mircea_popescu: it all stems from a very funamental confusion as to what things are andwhat technology can do. the idea being that technology = magic, and so it can change the nature of things. take marketplaces, which are by nature centralizing, and magic them into being decentralising. meanwhile irl, technology works to increase quantitatively, not to alter qualitatively.
assbot: Logged on 17-05-2015 23:39:53; pete_dushenski: williamdunne i really have nfi what the first trade was. if you say it's weed, we'll go with that, but that doesn't mean that first=best
assbot: Logged on 17-05-2015 23:41:43; williamdunne: Disagree with the cause, but pretty cool project IMIO
assbot: Logged on 18-05-2015 00:14:21; ben_vulpes: trying out a new fried chicken joint
assbot: Logged on 18-05-2015 00:38:24; pete_dushenski: "solidarity forever", "ticky tacky houses", etc.
mircea_popescu: something to do with bare adolescentine breasts, one would hope, for the sake of everyone's sanity ?
assbot: [MPEX] [S.MPOE] 22750 @ 0.00028902 = 6.5752 BTC [+] {2}
mircea_popescu: but she's REALLY bad. i mean sweet singer of michigan level bad.
assbot: Logged on 12-05-2015 22:05:41; mircea_popescu: "here i sit in a prefab vinyl siding plebhousing unit, burning a 50 dollar bill" ?
assbot: Logged on 18-05-2015 01:35:23; justJanne: Sometimes when I get DDoSd I run nmap against the attacking servers, one time I found a small IRC server with only one channel, in which were 256 clients all with just a number as name, and one other client sending specific commands every few minutes
assbot: [MPEX] [S.MPOE] 38800 @ 0.0002857 = 11.0852 BTC [-] {3}
assbot: [MPEX] [S.MPOE] 30650 @ 0.00027879 = 8.5449 BTC [-] {3}
mircea_popescu: asciilifeform notice that idiots are doing their pressing. "If I wanted to poison HPA with a fake key, why would I create a degenerate one? A fake key with strong factors would have gone unnoticed, at least by this analysis"
mircea_popescu: right, because poisoning hpa was the idea, not poisoning others.
mircea_popescu: team meade scores another hit on their imaginary, wildly irrelevant scoreboard. for which they get paid. with tax dollars. by idiots.
mircea_popescu: asciilifeform not deliberate trolalge, deliberate damage control. can't google misspelled terms
mircea_popescu: again. team meade scores another hit on their imaginary, wildly irrelevant scoreboard.
mats: this is badly written
mats: as though no editor was involved at all
mircea_popescu: ‘Holy shit, they broke RSA!’ or ‘This is false advertising, they didn’t really do anything!’ imbeciles, << no but it's THE CONTROVERSY
mats: 'phunctor', thins instead of things, using 'Loper-OS' and 'Loper-os', shitloads of passive tense sentences...
mircea_popescu: hmm, anyone has a ready link to the discussion of the reddit deleting the blockchain thing because they had so much fucking consensus it ended up imploding under their feet ?
mircea_popescu: halp halp i've been lyfthreatenet across hte internets
mircea_popescu: this constitutes harassment in zoe quinn degree. i now must have my own oprah show.
assbot: [MPEX] [S.MPOE] 62159 @ 0.00027873 = 17.3256 BTC [-] {2}
assbot: [MPEX] [S.MPOE] 48250 @ 0.00027944 = 13.483 BTC [+]
assbot: [MPEX] [S.MPOE] 14474 @ 0.00028126 = 4.071 BTC [+] {2}
assbot: [MPEX] [S.MPOE] 21200 @ 0.00028787 = 6.1028 BTC [+]
assbot: [MPEX] [S.MPOE] 35200 @ 0.00027723 = 9.7585 BTC [-] {2}
assbot: [MPEX] [S.MPOE] 48100 @ 0.00029087 = 13.9908 BTC [+]
LC^: mircea_popescu: Hi. Can we chat privately?
LC^: I'm a journalist. I shared my identity via privmsg.
mircea_popescu: the right move would be to get in the wot, cultivate your presence here afterr which next time you may have an angle.
LC^: I want to write an article about your Phuctor-related findings.
BingoBoingo: LC^: You may also want to hang around for when Stan wakes up
LC^: so wanted to get your opinion on the issues that have been raised, mainly that the first key was not signed by the owner so was likely added by someone else, with or without malicious intent.
LC^: and whether the other keys that have been factored are similar
LC^: or are there indications that they've been generated by a broken generator
LC^: I guess that is the main problem you're trying to highlight, correct? that some generators might be broken and generate weak keys
mircea_popescu: there are all sorts of classes of broken keys, which we're obviously still sorting through.
mircea_popescu: that aside, the question of how exactly weak keys came to be, and what are they doing there and so on and so forth is not nearly as uninteresting as the usg agency would like to make it.
LC^: are you suggesting that some software was intentionally sabotaged to produce weak keys?
mircea_popescu: i am plainly saying that while the weak keys incontrovertibly exist, it's unclear why they exist. someone put the effort into making them, which is not exactly trivial.
LC^: OK, but can they actually be used? some argued that the weak key supposedly belonging to hpa can't be used to decrypt emails or other data encrypting by him because it was not signed by his real key
LC^: can it be used for impersonation?
mircea_popescu: this is factually correct. it is also not the whole story.
LC^: OK, what is the whole story?
mircea_popescu: one of the more interesting constructions as to the possible intended uses is, a tandem arrangement. it would work like so :
LC^: I'm just trying to understand what the risk is here and why would someone create such keys, intentionally
mircea_popescu: suppose someone needs to talk to hpa - either to verify his signature or to send him encrypted communications.
mircea_popescu: with a correctly working pgp implementation, the user connects ot a sks server, discards the wrong key and proceeds as expected.
mircea_popescu: if however his pgp implementation is compromised in a specific way, the wrong key on the server may very well be the magic packet, causing it to behave in an unexpected - and not otherwise detectable - manner.
mircea_popescu: such as, encrypt to it, or email the NSA, or whatever else.
mircea_popescu: this sort of thing (the so called "fail to pass" testing) is the exact sort of stuff we've seen from the nsa to date, and so it would mesh with that experience.
LC^: I see, so the key would serve as an exploit of sorts or a trigger
mircea_popescu: but it is a theory - until someone produces such a diddled implementation it stays a theory.
mircea_popescu: in any case, the idea that hpa is the target of that attack - if indeed it is an attack - are at best naive and at worst disinfo.
mircea_popescu: clearly people looking at/for him would be the target, if anything.
mircea_popescu: this, of course, is not the only mechanism that would allow such a key to exist. nevertheless, alternative explanations border on the risible.
LC^: particularly people looking to send him highly confidential info that would need to be encrypted
mircea_popescu: especially amusingm, the "key was damaged in transit" one. people p2p HD movies all day, nobody's seen this. gpg data moves around as archives - try flipping a byte in an archive see if you can stil lget the content. etc.
mircea_popescu: understand, opsec is extremely weak all over. including among supposedly experienced hackers. so, a simple scenario : guy with owned userland gpg sends secret info to hpa, it is magically encrypted to wrong key, email sniffed en route, secret is now known, but only to the people knowing what to look for. hpa responds with something like bad key, guy re-encrypts it and resends it.
LC^: there are parts in some archive formats you can modify and the archive will still work, though year I understand your point, the suggested theory of damaged in transit would suggest random damaging not controlled modification
mircea_popescu: how often have you moved a file across the tubes ? how often did it have a magically changed byte ?
mircea_popescu: because i did lots of the former and the latter never occured.
LC^: OK, what about the other keys? Are they similar to hpa's key? in the sense that they've been attached to other keys, but lack the proper signature?
mircea_popescu: there are other people matching exactly hpa's profile (high value foss target) with keys apparently added in the same manner. not too many.
LC^: how many keys have you found so far? do you plan to disclose the owners of the other keys that are similar to hpa's? it doesn't seem to be a big risk there for the owners
adlai thinks a better question could be, "just quite how little human and computer labor did this experiment take?"
mircea_popescu: there's been a total of three pairs, so six total keys to date. i have little doubt that as the program progresses through the list, more will be found. generally, the idea is to discuss this with the owners and them only.
mircea_popescu: the case of hpa was exceptional because at the time the lightning struck (and understand just how unlikely the event we had on our hands this morning was), a call had to be made.
mircea_popescu: in that particular circumstance, where an outside but present chance existed that the box was compromised itself.
mircea_popescu: we might consider publishing the "harmless" keys, but for one thing i am not altogether convinced they're so harmless, and for another, much more interesting would be a hunt for diddled php implementations.
LC^: have you attempted to notify the owners yet and have you had any responses from them?
mircea_popescu: adlai i would guess something between 50 and 100 BTC's worth of S.NSA engineer's time, and maybe a few months-box worth of hardware.
mircea_popescu: not terribly costly, considering what "VC" firms spend and what they get for it.
LC^: so do you expect your findings to inspire such a hunt?
mircea_popescu: it's already underway. but, the more the merrier. this is the sort of thing where one can make a difference.
mircea_popescu: clicking on cat pics, and derping about what zoe whoever said about imaginary feminist issues is a waste of one's youth.
mircea_popescu: this however... this is something where raising awareness actually does something.
mircea_popescu: ehh, diddled php implementations << obviously i mean pgp not php.
mircea_popescu: who the hell came up with the idea of putting these together even ;/
LC^: mircea_popescu: thx for answering my questions so far. I have to jump on a call, but if I decide to go ahead with an article on this and have additional questions I'll look for you around here.
assbot: [MPEX] [S.MPOE] 24028 @ 0.00028967 = 6.9602 BTC [-]
assbot: [MPEX] [S.MPOE] 39500 @ 0.00028997 = 11.4538 BTC [+]
assbot: [MPEX] [S.MPOE] 37350 @ 0.00028967 = 10.8192 BTC [-]
assbot: [MPEX] [S.MPOE] 41650 @ 0.00028997 = 12.0773 BTC [+]
assbot: Logged on 18-05-2015 03:05:47; mircea_popescu: kakobrekla hey, is something the matter with assbot ?
kakobrekla: dunno it was sorta almost working until you started to fiddle with varnish
assbot: [MPEX] [S.MPOE] 30700 @ 0.00028997 = 8.9021 BTC [+]
assbot: [MPEX] [S.MPOE] 19200 @ 0.00028997 = 5.5674 BTC [+]
assbot: [MPEX] [S.MPOE] 17820 @ 0.00028997 = 5.1673 BTC [+]
assbot: [MPEX] [S.MPOE] 22788 @ 0.00028976 = 6.6031 BTC [-] {2}
assbot: Logged on 28-02-2015 01:55:22; cazalla: so i made a bitbet under the influence and couldn't fund it until later, i assume 0 conf address listed for it in /propositions/ is the address of which i need to fund?
cazalla: he answered it from memory but why necro that?
assbot: Logged on 28-02-2015 02:20:09; trinque: flushing with fear on command is to my knowledge not possible
mircea_popescu: "More than two years after unknown hackers gained unfettered access over multiple computers used to maintain and distribute the Linux operating system kernel, officials still haven't released a promised autopsy about what happened."
mircea_popescu: case exactly mirrored by freenode : about a year after they lost at least one server to what appeared like quite the nsa, and promising a full investigation, nothing's been released.
assbot: Logged on 18-05-2015 02:45:11; decimation: Note that your headline was dinged for being inaccurate, while this guy's blog is more inaccurate by his own admission
cazalla: what can i say other than he's right.. 9/10 aussies i met on 4chan love nothing more than shit posting
cazalla: r u trying to shit post me back or wot m8
assbot: [MPEX] [S.MPOE] 7107 @ 0.00027649 = 1.965 BTC [-] {2}
assbot: [MPEX] [S.MPOE] 34300 @ 0.00027934 = 9.5814 BTC [+]
justJanne: I’m downloading all those hidden state.gov documents right now
mircea_popescu: "look in robots.txt for directories that derps inadvertently exposed"
assbot: [MPEX] [S.MPOE] 46450 @ 0.00028017 = 13.0139 BTC [+] {4}
jurov: "made me reminisce about the old days of Occupy Wall Street".. like, it was 20 years ago?
assbot: [MPEX] [S.MPOE] 5650 @ 0.00028691 = 1.621 BTC [+]
jurov: ye olde tea partie
assbot: [MPEX] [S.MPOE] 13950 @ 0.00028743 = 4.0096 BTC [+] {2}
mats: mircea_popescu: terrible trigger discipline
mats: looks like she has her finger in the well
assbot: [MPEX] [S.MPOE] 37003 @ 0.00028278 = 10.4637 BTC [-]
mats: and as an aside the high ready position is inferior
mike_c: ads look like they're working (technically at least). we'll see if 8chan'ers have any money.
mats: their fire will be less accurate in a firefight after a day's patrol due to muscle fatigue
mats: mircea_popescu: oh, lol
mats: osprey falls outta the sky, again
☟︎ assbot: [MPEX] [S.MPOE] 16650 @ 0.00028347 = 4.7198 BTC [+]
assbot: [MPEX] [S.MPOE] 18878 @ 0.00028278 = 5.3383 BTC [-]
mod6: 8 broken keys now eh?
justJanne: Most of them don't seem to be valid.
mod6: how do you know they're subkeys? did I miss this in the log?
mike_c: it was discussed on hacker news. looks like there are a handful of invalid subkeys on the sks servers
mod6: oh yeah, i saw that on outside sites.
assbot: [MPEX] [S.MPOE] 11400 @ 0.00028347 = 3.2316 BTC [+]
assbot: [MPEX] [S.MPOE] 47200 @ 0.00028347 = 13.3798 BTC [+]
assbot: [MPEX] [S.MPOE] 17692 @ 0.00028278 = 5.0029 BTC [-]
hanbot: BingoBoingo Weak 4096 Bit... suggested edits: "the compromised key in question was" / question which was ; " not only on their total length of the key" / the total length ; "two very large prime number" / numbers ; "subverted by an adversary from the key's generation" / range from the key's ; "what failings of they keyserver" / the keyserver ; "they have yet to factored by" / yet to be factored ; "this highlight a number of" / highlights
gribble: Error: "nice" is not a valid command.
trinque: asciilifeform: turns out dieharder uses internal glibc preprocessor directives which cause it to explode when built as c99
trinque: looks easy enough to fix so I'll probably take a crack at it at some point
trinque: --std=c99 kicks on __STRICT_ANSI__ which affects whether __USE_MISC is defined in features.h
assbot: [MPEX] [S.MPOE] 37188 @ 0.00028265 = 10.5112 BTC [-] {2}
assbot: [MPEX] [S.MPOE] 52300 @ 0.00028347 = 14.8255 BTC [+]
ascii_field: trinque: enjoy the rare experience of encountering one's first non-retarded example of something (in this case, gui programming) for the first time.
trinque: ascii_field: I recall somebody "doing" this by bolting webkit to a terminal emulator :p
trinque: I have lived in a sea of shit
trinque: ascii_field: incorporating the command line model into GUI programming is very cool
trinque: and the idea that this GUI widget corresponds directly to some piece of data
trinque: I am merely scratching the surface of what I'm looking at, so far
trinque: seems one could do an incredible database editor in this environment
trinque: run a query, it barfs the results with appropriate widgets given the type of data
trinque: you can click foreign keys to traverse them, so on
ascii_field: ;;later tell decimation does phrase 'grenzenlos naiv' have any idiomatic meaning on top of the obvious ?
ascii_field: so, one of the recent phucked keys contains two subkeys, both of which are phucked. and the self-sig is... valid.
ascii_field: did you know that cosmic rays could perform signatures ?
trinque: I just learned that yesterday from the fine folks at HN
ascii_field: we should like to harness this engine of undiscovered computronic might
ascii_field: nah, this one doesn't purport to belong to anyone famous
assbot: [MPEX] [S.MPOE] 27550 @ 0.00028719 = 7.9121 BTC [+] {2}
ascii_field: BingoBoingo: got an account at 'the register' ?
ascii_field: curious if anyone tried to point out their 'mistake'
decimation: ascii_field: not to my limited knowledge. "boundlessly naive"/"unlimited innocence" or something like that.
ben_vulpes: ascii_field: the new phukkery implies bad keygeneration in the wild, correct?
ascii_field: ben_vulpes: presently the samples of interest fall into several categories
ascii_field: at least one falls under the classical 'generated and correctly signed with dud key'
ascii_field: several have invalid self-sigs and for a subset of these, a non-rotten antecedent key can be found (as pointed out by the peanut gallery)
ascii_field: the remainder lack any self-sigs and -will- import
decimation: ascii_field: someone on the hn comments also listed the diff between the two keys, and it was 32-bits long
ascii_field: decimation: this is not a consistent pattern across the entire set.
decimation: right, but if a cosmic ray were to zing through a ram stick, I wouldn't expect a 32 bit word to change completely?
ascii_field: decimation: most of my observations thus far are not even remotely consistent with 'bit rot.'
Apocalyptic: <ascii_field> at least one falls under the classical 'generated and correctly signed with dud key' // is that key at least a classic RSA key, meaning its modulus consists of only 2 prime factors as opposed to the case discussed yesterday ?
ascii_field: Apocalyptic, decimation: i will let mircea_popescu include this and other interesting zoological specimens in his next article.
assbot: [MPEX] [S.MPOE] 30239 @ 0.00028066 = 8.4869 BTC [-]
Apocalyptic: I would like to point out that unless yesterday's modulus was fully factored, which I have no knowledge of, we actually didn't factor the invalid subkey discussed
ascii_field: Apocalyptic: feel free to perform, e.g., miller-rabin on the larger factor
Apocalyptic: ascii_field, I did some trivial factoring on the reminder, got 2 more primes
Apocalyptic: but there is still this huge reminder, which is certainly not prime, that remains to be factored
Apocalyptic: on a 311 decimal base number I have my doubts, even msieve refuses to crunch it
☟︎ assbot: [MPEX] [S.MPOE] 52200 @ 0.00027691 = 14.4547 BTC [-] {3}
Apocalyptic: (the full factoring is interesting because it's the only way to compute the private exponent d)
☟︎ ascii_field: Apocalyptic: i was saving this exercise for after we demonstrate that one could 1) sign with the dud key 2) it would verify on some broken pgptron, somewhere
ascii_field: one of the state-of-art factorizers, lenstra's elliptic curve factorization,
Apocalyptic: "for after we demonstrate that one could 1) sign with the dud key" wait you can sign without fully factoring N ? this is news to me
Apocalyptic: ascii_field, i thought these it was pretty much NFS all the way
ascii_field: Apocalyptic: yes, because folks are presumed to be using sane keys
assbot: [MPEX] [S.MPOE] 10000 @ 0.00027596 = 2.7596 BTC [-]
Apocalyptic: anyway the remainding part I have is not divisible by primes below something like 1 billion if I remember my tests correctly, may still qualify as -small- though
assbot: Logged on 13-05-2015 21:42:17; asciilifeform: re: '21' etc >> 'The cornerstone of the strategy as presented would have been the release of consumer products that would turn power from wall sockets into bitcoin through the widespread dissemination of bitcoin mining chips.' << -somebody- clearly reads the 2013 #b-a logs.
Pierre_Rochard: yup, read it, this is their latest post with more details
Apocalyptic: ascii_field, can you comment on <Apocalyptic> "for after we demonstrate that one could 1) sign with the dud key" wait you can sign without fully factoring N ? this is news to me
Apocalyptic: or did I misunderstand what you were saying ?
Apocalyptic: ascii_field, the part where you can sign, which implies knowledge of the private exponent d without having fully factored the modulus N
Apocalyptic: afaik you need to have phi(N) to get d from e, and computing phi(N) is equivalently hard as getting the factorization of N
ascii_field: Apocalyptic: see earlier link re: lenstra. there are algos which are optimized for the kind of scenario which appears to exist here (a multitude of smaller primes rather than two extremely large ones)
Apocalyptic: so I don't get how you can save this factorization exercice for after you sign something...
ascii_field: thus i conjecture that full factorization can be had, at reasonable cost, if there is a reason to attempt it
Apocalyptic: i'm disputing you can sign anything without having it first
ascii_field: and what i meant was that one must demonstrate that one could import the pubkey, somewhere, and verify material that was signed with it
Apocalyptic: ascii_field, i'm still thinking about your "exercice for the reader" from yesterday as to how get $othersmuckQ without at least doing a division for every modulus encountered
ascii_field: Apocalyptic: if you come up with answer to this, please wake me up
ascii_field: Apocalyptic: not atm. but i'm currently occupied with other things
Apocalyptic: oh, I thought you knew the answer and it was a challenge
assbot: [MPEX] [S.MPOE] 27450 @ 0.00027585 = 7.5721 BTC [-] {2}
ascii_field: they had, what was it, crackable 'demos' ?
assbot: Logged on 18-05-2015 14:31:30; mats: osprey falls outta the sky, again
ascii_field: mircea_popescu: so in other news one of the keys from last night has a valid sig
mircea_popescu: but this is why you want "the internet" to have its time to proffer its reactions.
mircea_popescu: if you let them "agree" to "the reasonable" "explanation" you can laugh at them later. if you don't, it's gonna be "oh srsly we presented this before stanford" all over again
ascii_field: betcha they're already working on the necessary 'powerpoint.'
mircea_popescu: obviously, nobody is going to have to explain to anybody why they lied or anything, but hey. free internet!
ascii_field: in yet other news, one of the invalid-sig keys is a careful reduction of key size by 1 bit, and very interesting pattern of modifications to public N (not one-bit-flip and not from-this-point, but regularly spaced)
ascii_field: the reduction requires altering a header field
ascii_field: (if you've memorized rfc2440 by now you know this)
ascii_field: cosmic rays know how to do this also, we learn
ascii_field: we should stop settling for small change and take this to the astrophysicists
ascii_field: they will be happy to learn just how clever cosmic ray is
trinque: self aware cosmic rays... sounds like greg egan
mircea_popescu: "we'll just have a world without diehard. should be fine as long as ux is good"
ascii_field: how about he's locked in a room and only fed once it runs.
mircea_popescu: ascii_field well, you know how that goes. "within the constraints". "you can't have this and nsa so this can't be had"
trinque: I've "fixed" it locally which is to say it builds
trinque: does sound like the project could use cleanup beyond that
trinque: but yeah, convenient right?
trinque: as scoopbot is not back I assume deedbot- is the new guy for that too?
mircea_popescu: ever since the us got on this kick about retards using things, stuff that's not for retards has been at a disadvantage.
ascii_field: actively ghettoized and eventually gassed, is more like it
mircea_popescu: trinque i dunno what you two did there. what did you do ?
trinque: mircea_popescu: I noticed scoopbot was absent for a while, and after many complaints just loaded the feeds plugin into tenyks
mircea_popescu: btw, anyone with a slashdot acct ? plox to dump the above link ?
trinque: mircea_popescu: I told william I'd turn it off if his was returning, but it hasn't
trinque: "In closing, for the tl;dr / eli5 / etc crowd : this article is not for you. Go back to doing the dishes, we'll wake you up once you need to buy a new flag." << fucking glorious.
mircea_popescu: im so sick of this "retards are people too" bullshit by now i can't begin to tell you.
assbot: [MPEX] [S.MPOE] 20700 @ 0.00027975 = 5.7908 BTC [+] {2}
mircea_popescu: "Or perhaps they did that stupid human trick that never fails: If you have excess funds, procreate until you no longer have excess funds, then share the funds equally until you all die." << afaik this was never done in practice, outside of easter island. not that women everywhere didn't endlessly & forever try. but anyway, re the ancient women broken strat discussion, THIS is a fine statement of the problem.
davout: trinque: yea, cracked me up too
davout: ben_vulpes: in everyday life you can say "en vélo" and "à vélo", you won't sound retarded either way, the correct way is "à vélo" though, "en voiture", "en avion", "à cheval". depends on whether you're inside or not
☟︎ ascii_field: 'It doesn't work when Nadia Heninger goes to sell Phuctor before Stanford - Nadia Heninger doesn't own Phuctor, and the actual owners are very much present and very much capable to bitchslap her into oblivion.' << actually, 'crime pays.' chick gets a phd and cushy sinecure, etc.
☟︎ davout: but the more i look into this issue, the murkier it looks
assbot: [MPEX] [S.MPOE] 6000 @ 0.00028346 = 1.7008 BTC [+]
ascii_field: mircea_popescu: i was drummed out of academia while reasonably young, for the crime of not-giving-a-rat's-arse
davout: there seems to be something to waht mircea_popescu's saying wrt to 'riding', but it doesn't look that's the full story, i found another source that says both "en/à vélo" are correct
davout: mircea_popescu: i wish the b-a fairy gave me more money, instead of more hair
mircea_popescu: davout i think this is one of those stories of old world privilege meanwhile abandoned because impractical and who gives a shit. just don't make it sur, that's niggerspeak
ascii_field: davout: b-a fairy only hands out honourable deaths
davout: ascii_field: yea, hopefully i end up in decentrally corwdfunded valhalla
davout: mircea_popescu: re niggerspeak, totally
mircea_popescu: i notice alf is very chan-oriented these days. picrelated all day from this fellow.
ascii_field: mircea_popescu: i typically get'em from diametric
davout: ascii_field: oh god, the chair
trinque: the one with dicks would be more relevant to the show... most plot-oriented softcore porn ever created
assbot: Logged on 18-05-2015 19:45:42; davout: ben_vulpes: in everyday life you can say "en vélo" and "à vélo", you won't sound retarded either way, the correct way is "à vélo" though, "en voiture", "en avion", "à cheval". depends on whether you're inside or not
mircea_popescu: is game of thrones the one with a dumb bitch that's the hero in spite of not doing anything ? (outside of feelings)
davout: mircea_popescu: it has complex psychology11!
trinque: mircea_popescu: yep, she's going around freeing teh peoples, torching the previous rulers with dragons
mircea_popescu: "we are the 1 herp, because percents are a jdif conspiracy"
trinque: total circlejerk character
mircea_popescu: by now, im not so sure of the mental health of tv watchers anyway. i guess it's prolly best not disturb them.
trinque: I have a half-baked notion that people in the US like this show because they are aware of 200 years of history, if that, and only of their own dirt
mike_c: box is still standing. yet another reason I need to move to BISP though. it seems ok for now.
mircea_popescu: Shook was on the scene, telling 11Alive’s Duffie Dixon that the image was “highly disturbing, aggravating, obnoxious and illegal.”
BingoBoingo: mircea_popescu: Appears to have been oatse
mircea_popescu: btw copypaste ^ now there's a banner to a respectable exchange in the rotation, people can buy btc there.
assbot: [MPEX] [S.MPOE] 12098 @ 0.0002765 = 3.3451 BTC [-]
davout: yeah, we do europe, technically EEA + CH
davout: americans are a big no-no
davout: so the bitbet banners are generated dynamically from the bets?
mircea_popescu: ayup. mike_c got some serious magic going there, im impresst.
mircea_popescu: it all started with kakobrekla 's sane design, which json etc.
mircea_popescu: but it's a tower of cool to shake the very foundations of "web 2.0" idiocy.
mike_c: thanks! nice things can happen when there is a good foundation to work from.
mod6: aside from keeping up with the unfolding nosuchlabs work, within 7000 blocks of my next regression benchmark being finished. should have some new charts to look at in 24 hours.
mod6: s/regression/performance/
mod6: And as far as the gentoo stuff goes, I kinda had to put that on hold for a minute. I'm going to finish the rest of that up on real hardware. But to do so, I gotta drive across town and buy a new box. I might wait until after the 1st to continue this front.
mircea_popescu: why do anons on trilema prefer to name themselves obama-something ?
assbot: Logged on 07-05-2015 05:21:17; mircea_popescu: this is unlikely to EVER change. i tried to move it to gentoo but the attempt burned, toppled and sunk into the swamp.
mod6: mircea_popescu: ahh, yeah. having gone through the gauntlet already on the thing at least a dozen times in aws, and also now having re-read the Gentoo-Handbook, i feel like I'm very close on this. To complete the guide, i wanna test out all of the steps on real hardware so the steps are accurate. I believe it'll entail something like creating a USB boot image, then booting off of that, then creating a stage3 in a chroot, then deploying that to
mod6: and trinque, thanks for all your help :]
trinque: if you're booting from USB you can make the chroot a mount of the thing's own partitions
trinque: rather than a copy step; might've been what you meant
mod6: ah, yeah. that makes sense.
mod6: anyway, i have high hopes that some of these steps could even be automated to aliviate the pain of building this by hand.
ben_vulpes: trinque: what the actual fuck "not worth maintaining"
ben_vulpes: forgive the ignorance, but what's wrong with the ebuild from 2 months ago?
trinque: ben_vulpes: the actual dieharder code uses glibc internals in a way that used to work, now does not due to as yet undiscovered source of rust, with vague indications that compiling with std=c99 has implications for glibc
trinque: mircea_popescu: does seem that we keep encountering the rot of glibc
trinque: ben_vulpes: that said a working dieharder can be built with my naive patch listed in that bug report
trinque: ben_vulpes: oh and... several weak results from the consumer hardware I have laying around
trinque: so "not worth maintaining" my ass
trinque: I'll chew on the thing for a while and see what comes of it
ascii_field: trinque: if you are a n00b to dieharder, i must remind you that just about anything looks like 'weak result'
ascii_field: it is a comparative, rather than absolute measure
mircea_popescu: ah good point. mind that merely a failed test is of itself meaningless
mircea_popescu: you must have a theory as to what exactly would it do before you can actually say a rng was shown weak by dieharder.
ascii_field: i will also add that, e.g., digits of 'pi', are beautifully entropic per dieharder and most anything else
mircea_popescu: (if you think about it : an entropy source that always pass tests is by definition not entropic. see last year's amusement with the "guess number" toy alf made)
assbot: Logged on 08-04-2014 03:16:07; asciilifeform: don't be the schmuck who builds rng which throws away batches of bits that fail some test
trinque: interesting; I'll consider the dieharder source code a starting point for further research.
Jautenim: lurker at contravex, trilema & the logs for some time now
ben_vulpes: trinque: i still have no idea how to do a local overlay for a package pulled from portage
justJanne: @ascii_field, about pi: No, pi is not a good source of entropy
ascii_field: justJanne: but you will notice that it -passes tests-
ascii_field: ergo, utility for battlefield crypto does not reduce to mathematical tests
mircea_popescu: justJanne the application here is that, if i give you a string of random numbers which unknown to you are the nth digit of pi onwards, you may think you have entropy by "tests".
justJanne: the issue with pi is that it is a very slow RNG
ascii_field: justJanne: nothing to do with 'slow' (baily-borwein-plouffe algo is fast, gives nth digit)
mxtm: why would pi be an entropy source
mxtm: it's the same always
ascii_field: but with the fact that once enemy catches on, he will laugh himself to death (this being your only hope)
Jautenim: I came to ask what are the rough requirements
mxtm: Apocalyptic: the nth digit of pi doesn't change
mircea_popescu: Jautenim atm it's practically running on a pogo, so very low.
Apocalyptic: it is actually conjectured that pi contains all the possible finite sequences you can think of
ascii_field: Apocalyptic: not merely 'pi', but all transcendentals
mxtm: Apocalyptic: then how would it be an entropy source
mxtm: if it doesn't change
mircea_popescu: mxtm it's not a REAL entropy source. it's a defined sequence that may be confused for an entropy source, if one's definition of entropy is test based.
ben_vulpes: Jautenim: not a great deal, i think mod6 ran one in less than 200MB of RAM recently, but that was with asciilifeform's 'orphanage thermonuke'
mxtm: yeah, that's what i was trying to convey, it's a defined sequence
ascii_field: 'The yeasts could be locked in secure laboratories, worked on by screened employees. Sharing them with other scientists without government permission could be outlawed.' << what even.
Apocalyptic: mxtm, Mersenne twister seeded with a strong seed is also a defined sequence
Apocalyptic: yeah, he seems to argue that since it's deterministic it's no good
Apocalyptic: but that isn't relevant to the "tests" discussed
Jautenim: I'm planning to rent a cheap vps and run it more or less full time
mircea_popescu: Jautenim or you could order a pogo and help that effort along ?
ascii_field: Apocalyptic: the precaution taught in school is that 'prng is bad because enemy might learn the seed.' which is a 'lie of omission' - given the existence of a relation between bit N and bit N+1, enemy may have the means to infer N+1 (and N-1) from N
Jautenim: mircea_popescu can they be ordered from teh EU?
mircea_popescu: hm, i recall there were supply problems in the eu. but maybe worth a try.
mircea_popescu: i mean if you have your own iron you don't need it's one thing, but otherwise... best own the box.
mircea_popescu: in other news, "In the newt species Notophthalmus viridescens, males carry out a courtship behavior called amplexus. It consists of males capturing females that do not want to mate with them and using their hind limbs to grasp the females by their pectoral regions." << check out the newt pua!
mircea_popescu: "Male guppies (Poecilia reticulata) have been observed to forcefully copulate with females by trying to insert their gonopodium (male sex organ) into female’s genital pores, whether or not they are accepting. Sometimes, male guppies also try to forcefully mate with Skiffia bilineata (goodeid) females, which resemble guppy females and tend to share the same habitat, even when guppy females are available. A possible ex
mircea_popescu: planation for this is the deeper genital cavity of S. bilineata, which stimulates the males more than when mating with guppy females."
Jautenim: !register 32FE1E61B1C711186CA378DEFD8981F1BC41ABB9
assbot: Searching pgp.mit.edu for key with fingerprint: 32FE1E61B1C711186CA378DEFD8981F1BC41ABB9. This may take a few moments.
assbot: Key BC41ABB9 / "Marcel Hernandez (1MA) <e6990620@gmail.com>" successfully imported.
assbot: Registration successful.
mircea_popescu: !v assbot:mircea_popescu.rate.Jautenim.1:a7148df60687a19ff87c1d6fee176454f47e22b3605b0b356515b3dfd39ba98d
assbot: Successfully added a rating of 1 for Jautenim with note: New blood.
justJanne: okay, I’m kinda in a hurry – anyone know a fast way to do two-out-of-three in boolean logic with less than 5 operators?
justJanne: the question was to implement the < operator on int with boolean logic
justJanne: we got it down to 8 operations, but others got it in 7
justJanne: the only optimizable place would be the point where we do a two-out-of-three logic
justJanne: ascii_field: homework is done in groups of two here at uni, so people learn how to do teamwork
trinque: learn how to pass the whole class
trinque: teaches the best to hold back too; that's always good
justJanne: mircea_popescu: the overall question is to implement the < operator
justJanne: remember, we are working with ints
justJanne: so the ! is necessary there to turn -1 into 1
justJanne: so everything that is not 0 is automatically true
mircea_popescu: <justJanne> so everything that is not 0 is automatically true < ?
justJanne: c has no true, nor real false. But it can return 1 or 0
mircea_popescu: this is where a bring young mind learns what C really is all about :D
justJanne: we did lots of optimizations in the past weeks, homework this week is "you have this blob of binary, find out what it does, circumvent its checks"
ascii_field: justJanne: that last one was called 'the bomb' where i went to school
ascii_field: it's really just a ritualized version of the familiar cracking of w4r3z
justJanne: I spent the past days doing the same – actually cracking DRM of Tidal
justJanne: but then I discovered they have an unobfuscated android app, so I got lazy and started instead decompiling that one
ascii_field: justJanne: traditionally copy protection is implemented, where the rubber hits the road, by poor schmucks who aren't dumb enough to believe that it 'works' but still gotta collect that salary, and so 'are only following orderz'
mircea_popescu: kinda funny that drm never got as clever as viruses. even back when both these were clever, the ms-dos era.
justJanne: the in-browser DRM is a native binary that is pretty much stripped of any information, actually kinda hard to use, but the Android version of almost everything is stupid
ascii_field: (there are notable exceptions, e.g., ilfak guilfanov)
justJanne: (yes, Tidal uses a native plugin for in-browser DRM)
justJanne: A music streaming service that streams lossless unedited FLAC files
assbot: [MPEX] [S.MPOE] 105100 @ 0.00027668 = 29.0791 BTC [+] {4}
ascii_field: if lossless, why not pull'em out of /dev/pcm
trinque: streaming service that got whoever's still considered "famous" in music together, stamped their faces on the thing
trinque: "so totally not spotify you see"
justJanne: I found a way, but now I have a few thousand files encrypted, the corresponding PBKDF2WithHmacSHA1 encryption keys, but was too lazy to find the client-side salt for that
justJanne: and the sound quality, tbh, is great. Just not worth 20$ a month
trinque: heh looks like there's some noise about dr dre being behind burning man
trinque: damned hilarious if so, dunno about that
justJanne: The difference between Dr Dre and Jay Z? Jay Z’s product actually is something more than marketing speech
justJanne: I mean, Beats are just cheap Philips headphones with a bass boost.
trinque: jay-z is probably the best of the rapper-turned-entrepreneurs, yes
ben_vulpes: anyways, Tidal was a flip onto Jay Z who has yet to learn how horrifically expensive software is to build and maintain in fiatland.
trinque: yup, the people who listen to him and beyonce aren't even paying for spotify
ben_vulpes: he'll blow a billi, and never touch software again.
ben_vulpes: mircea_popescu: mami's still lookin good!
mircea_popescu: dawg im impressed, this is like black madonna material.
ben_vulpes: 3+ hours of high-octane beyonce wiggle
justJanne: ben_vulpes: still, compared to all those 9000$ expensive audio cables, or Beats headphones, lossless FLAC has an advantage over 128kbps mp3
☟︎ assbot: [MPEX] [S.MPOE] 42222 @ 0.00027343 = 11.5448 BTC [-] {2}
trinque: justJanne: yeah just average consumer derp is not going to tell the difference between that and spotify's ogg-whatever
trinque: and will just see 10 bucks more than the 10 bucks I'm already not paying
justJanne: yeah, still – Tidal is the first service providing CD quality.
ben_vulpes: justJanne: sure if you discount gnutella.
justJanne: ben_vulpes: we’re talking about services that have a chance of mainstream adoption.
justJanne: gnutella has as much chances of mainstream adoption as Gentoo has
ben_vulpes: bitch please back in the day gnutella /was/ mainstream
ben_vulpes: just because nobody uses it anymore, well.
trinque: who remembers direct connect?
trinque: man that was a glorious age of the internet
mircea_popescu: <justJanne> gnutella has as much chances of mainstream adoption as Gentoo has << ouch-zing-ouch
ben_vulpes: soon we'll be grumpy like mircea_popescu
trinque: ben_vulpes: goddamn kids don't understand the unlimited buffet that was the intertubes
trinque: kazaa was when the idiots all joined the party and ruined it
justJanne: hey, at least nowadays the web is getting better again.
trinque: I apologize for my senseless outburst of hate
justJanne: Almost every video service hosts plain video files instead of flash-based players for .flv videos anymore
ben_vulpes: justJanne: have you been following the glibc travails?
trinque: yeah I'll grant browsers are going further towards "open techmology" whatever that means
mircea_popescu: what now ? owned by a 19yo girl ? not even speaking her mother tongue ? HOW!!1 do you expect to end up bitter like me this wya ?
trinque: hilarious also that the shit getting put into the browser is effectively whatw as in flash
mircea_popescu: im really impressed with stuff like gyfcat or w/e that was called.
justJanne: Now I can just grep through the JS, find the link to the .mp4, and wget it, and watch it offline
justJanne: I remember the sad days of having to decompile swf objects just to rip a video.
mircea_popescu: and 8chan was, to my surprise, chock full of html5 videos that work just fine.
trinque: flash was just another ecmascript runtime thing
trinque: with a canvas like the canvas tag
mircea_popescu: justJanne wait, the sad days from when you were... 9 ?
trinque: and of course DRM and other shit
assbot: [MPEX] [S.MPOE] 13150 @ 0.00027341 = 3.5953 BTC [-]
trinque: I'm not saying the browser isn't adding features; I'm saying it's aping the tired ways of a previous generation
mircea_popescu: you were ripping flash vids before your voice changed. wtf is this!
trinque: there's nothing "new" about html5
assbot: You rated user copypaste on 13-May-2015, with a rating of 1, and supplied these additional notes: Presumably, 8chan owner.
justJanne: people writing in-browser apps that don’t support linking
mircea_popescu: !rate copypaste 2 Confirmed for the ever-awesome HotWheels.
trinque: justJanne: points out the conflict between the web-as-document-store and web-as-app-things
mircea_popescu: !v assbot:mircea_popescu.rate.copypaste.2:dd03f79f93681af647a8dddf4f7c2f32fd9dc2470a2bedda0f600cc1b5da14a7
assbot: Successfully updated the rating for copypaste from 1 to 2 with note: Confirmed for the ever-awesome HotWheels.
trinque: anyhow what are we addressing here. I was reminiscing about opennap servers
trinque: that looks like someone's stupid js data bindey thing fucked up
justJanne: JS webapps that do everything in-browser
justJanne: makes the job a lot harder for crawlers
trinque: I approve of you having independently discovered that this is a shit way to do things.
justJanne: when my crawler stopped working due to this,
trinque: subcategory of... JS is an appalling language and bolted to the DOM it's even worse
mircea_popescu: trinque i dunno dood, i love the select thing on trilema.
justJanne: like that it encourages them to use more functional code
adlai: justJanne: dunno, it seems obvious that if you want to crawl the luser-visible web, you simulate the luser, not curl
justJanne: adlai: yes, but in 2008 you could just curl the web and get it all
justJanne: in 2010 you could throw wget -r on the new york times and get, after a few weeks, half of the web.
justJanne: if your parents didn’t kill you for the dialup bill, though
trinque: mircea_popescu: I can't argue with HTML being a decent way of publishing articles; seems to have worked out pretty well
trinque: I do think many "web apps" of today would do better to be written as native code which just opens a socket for data
mircea_popescu: trinque the selector thing is specific js tho, and it does something not afaik doable in html per se
trinque: the conflict there is the same one as in SQL
assbot: [MPEX] [S.MPOE] 40800 @ 0.0002726 = 11.1221 BTC [-] {2}
trinque: so you've got one group of derps demanding the thing be "intuitive" to "those people"
trinque: and you've got other people trying to use the things as proper programming tools
trinque: the browser's a fine document thing and it should stop there before it hurts someone
justJanne: you might end up with governmental websites using JS for access control.
justJanne: and governments then passing laws that "circumventing client-side access control" becomes a crime
trinque: I don't think anyone in government could form those sentences
mircea_popescu: here's a simple explanation catering to you specifically : it's not a truth finding mechanism, it's a consensus building mechanism.
mircea_popescu: it's point is not to produce sicence, but to prevent people from clobbering each other.
justJanne: we’re talking here about a government where the chancellor has a PhD in Quantum Chemistry – obviously not stupid, but evil.
trinque: mircea_popescu: yes that makes sense re: law
mircea_popescu: so "prove i did it" has a very simple counter : if you weigh the same as a duck
trinque: of course; it's something I may run into or not, but I will not try to make sense of wooden ducks
trinque: justJanne: someone requires I use thing X as part of my browser, and that's the day I stop using browsers
justJanne: the law literally says "if you access an electronical data computation system unauthorized"
mircea_popescu: justJanne blessfully, relatively few people live in that sort of shithole. speaking of which, do you have plans to escape ?
justJanne: nah. It’s good enough. And at least streaming illegal movies is legal here
trinque: mircea_popescu: and someday yes!
justJanne read that as trinique.see() ? someday : sure
trinque: heh maybe if the last two terms are swapped
justJanne: a friend did, but I collected them
mircea_popescu: they do a trick, for frozen cgi, which is very hard to do by hand, where they fold her face in a particular moe pattern. amusingly enough - this is very similar to how pharma works, because it involves searching the space of possible facefolds for something that's not in the uncanny valley and works.
justJanne: I know, I spent 1 year in a dozen frozen fan chats
justJanne: I’ve seen the movie 13 times in cinema >_>
mod6: there's ~20 hours you'll never get back
mircea_popescu: dude let the woman have her childhood. i listened to fucking iron maiden!
justJanne: nah, spending one year in those chats, 24/7 is something I’ll never get back.
trinque: what do you mean "listened"
mircea_popescu: aaaand im now stuck with clairvoyant. well done internets o.O
assbot: Logged on 18-05-2015 22:16:09; justJanne: ben_vulpes: still, compared to all those 9000$ expensive audio cables, or Beats headphones, lossless FLAC has an advantage over 128kbps mp3
justJanne: danielpbarron: it makes sense to have 1400kbps FLAC, as that’s CD quality
trinque: I like how youtube has every damn everything on it, and continues to exist
trinque: meanwhile grooveshark rots on a spike somewhere
trinque: danielpbarron: I once lost like 400gb of flacs
danielpbarron: oh I get the advantages to lossless; I even went out of my way to buy special hardware (fancy headphones and an iPhone-style device with custom firmware)
danielpbarron: yeah i lost all my flac files when i forgot i had them on a harddrive i used to make the RAID in my full node
justJanne: danielpbarron: I have cheap Sennheiser HD 449 headphones and a normal phone, works well enough
trinque: lol yeah I formatted the drive too
trinque: to help some chick upgrade her OS
danielpbarron: i'm not into music enough to care about these things anymore
justJanne: for some years I had a script that wipes a random harddrive at a random time
trinque: man I need a good amount of raging out to metal per day
justJanne: though one day the script wiped the drive itself was on, never found it again
justJanne: <insert short rant about ALSA only allowing 44.1kHz and 16-bit audio here>
gribble: Current Blocks: 357052 | Current Difficulty: 4.880748724468138E10 | Next Difficulty At Block: 358847 | Next Difficulty In: 1795 blocks | Next Difficulty In About: 1 week, 5 days, 13 hours, 15 minutes, and 31 seconds | Next Difficulty Estimate: 49340718499.3 | Estimated Percent Change: 1.09252
mod6: cannot access #bitcoin-assets: No such file or directory
justJanne: mkdir -p #bitcoin-assets && cat /dev/urandom | tr -dc a-zA-Z0-9 > #bitcoin-assets/random
mod6: asciilifeform: heh, now these 21 guys are saying they wanna make embeddable mining chips for smart phones. glwt. seeing as how they run out of power in like 9 minutes as it is.
mircea_popescu: mod6 the entire toaster miner thing was lulzy to begin with, but smartphone coronat opus.
justJanne: your phone will burn through your clothes. And then ignite everything around it, before becoming a blob of molten lava
justJanne: mircea_popescu: they aren’t for sale yet, but if you want to get a taste, you can buy an AMD GPU
jurov: ben_vulpes: what was the problem with the overlay?
btcg: random question: what do you folks think of the proposed embedded mining from 21?
btcg: i wonder how they'll run a full node, i guess there's the ~1.2 gig pruned node
ben_vulpes: jurov: i don't think i actually understand how they're supposed to work.
btcg: i saw mod6's comment how would a phone support a full node
mats: mircea_popescu: wait six months i guess
danielpbarron: btcg, chip doesn't need full node to mine; all chips probably phone home to central node for the next header to work on
trinque: ben_vulpes: if you want to hack best just stick the source in your home directory
mircea_popescu: mats curious if egypt actually goes the way of turkey or mopre like syria
trinque: making an ebuild is more along the lines of packaging up your thing and shipping it
jurov: ben_vulpes: what failed?
btcg: ahh, like electrum heh
trinque: there are a few magical files that need to be inside /usr/local/portage or wherever the overlay may be
mircea_popescu: even admitting you could make this, who in his right mind wants to fuck the food storebox.
jurov: ben_vulpes: but yes, hacking on the source is best in your homedir. only after it compiles there, feed to portage
trinque: mircea_popescu: there's an (american?) phenomenon there where innovating means crapping together however many things that already existed, and calling it something new
mircea_popescu: anyone made homeless linux yet ? where you DON'T get a home dir ?
jurov: export ROOT=/dev/null
btcg: i was hoping a water heater that pays for itself, by using miner heat, but embeddable chip, if their centralized servers have issue, eeek
trinque: mircea_popescu: seems like what happens to the imitators when there's nothing good to imitate
trinque: re-feeds on itself for a few cycles and there's nothing left
jurov: btcg: if you can synthsize it from ECL chips, no prob
ben_vulpes: jurov: more or less getting `emerge` to work with my sources. but...
btcg: ahh, i'll read it thanks
ben_vulpes: <jurov> ben_vulpes: but yes, hacking on the source is best in your homedir. only after it compiles there, feed to portage << this first
btcg: i usually just read it at leisure decided to jump in here
assbot: Logged on 10-05-2015 23:16:02; mircea_popescu: toaster is kinda dumb, but ceramic tiles for warm floor is worth doing.
ben_vulpes: also i read ELSEWHERE on the gentoo wiki that PORTDIR_OVERLAY is deprecated
jurov: btcg: and if it is not only gentoo problem, you can skip portage and go annoy upstream
justJanne: trinque: that is very much true @ the apple-strategy argument
mats: mircea_popescu: i'm inclined to believe egypt will follow syria
trinque: ben_vulpes: god damn it; I smell shitgnoes
trinque: fuck it all; everyone has to bolt a dick massager to everything
ben_vulpes: some "overlay for morons" gentoo wiki page
btcg: jurov apologies i am not on gentoo sir
jurov: btcg sry it was to ben
mircea_popescu: trinque:--std=c99 kicks on __STRICT_ANSI__ which affects whether __USE_MISC is defined in features.h << such a great explanation of wtf is wrong with all this shit.
trinque: justJanne: it's the whole socialist world's strategy
trinque: best stated by mircea_popescu re: reproduce until there isn't anything extra, then divide it all until dead
justJanne: trinque: it makes me especially angry when this is combined with programmers who call themselves "engineers", but whose products stop working after just a decade
mircea_popescu: fwiw, i happen to believe it is actually the correct strategy,
mircea_popescu: just, correct from a game theoretic perspective of genetics, not of individual humans.
trinque: it's what animal populations do right? boom and bust
trinque: justJanne: the problem there is economic; why give a shit what happens next year? we'll all be dead
justJanne: in the past years, technology got worse
justJanne: microwave from 1980 still works, TV from '96 as well, PC from '98 is still in use.
assbot: Logged on 18-05-2015 18:57:06; Apocalyptic: (the full factoring is interesting because it's the only way to compute the private exponent d)
ben_vulpes: <justJanne> your phone will burn through your clothes. And then ignite everything around it, before becoming a blob of molten lava << israelis came up with this one iirc
mircea_popescu: fully investigate the keys in question, cornerstone of which is, get d.
trinque: does seem like if anything coherent is intended at all, it's to provoke a larger regional war
trinque: oh the irony that would be if someday the middle east is united in its hatred for the united states
mircea_popescu: to streamline administration ~~~and deregulate power to lower levels~~~
trinque: sounds like they're going to put the fork in the dollar
justJanne: the US is financing the saudi’s, who sell ISIS weapons, so technically the US is financing ISIS anyway
trinque: I think the Saudi's deserve some credit for the swindle there
mircea_popescu: "your dad brought you clothes, which you traded for drugs, so technically your dad bought you drugs"
justJanne: if the dad still gives you clothes, even though he knows what you’re doing...
justJanne: and the US is also selling weapons to the saudis directly, which they sold directly to ISIS
trinque: probably some faction of bastards in the US is actually aware of this, and others are not
trinque: there's not one coherent "they" to consider in regards to the country
justJanne: yeah, it’s not something the population can do anything against. it’s just inevitable with 2 parties that are both quite corrupt
justJanne: not that Germany would be better, with people like Gerhard Schröder >_>
justJanne: He was a German chancellor in the social democrats party who reduced welfare spending, removed any kind of minimum wage ideas, added laws for some businesses, and changed several laws so that Gazprom could build a pipeline.
justJanne: the day after his time as chancellor ended, he got a job at Gazprom
justJanne: this guy betrayed everyone who voted for thim, and the rest of Germany, too
justJanne: nope. Reducing unemployment money, removing minimum wage, etc is definitely not "good"
justJanne: because everyone should have equal chances
assbot: Logged on 18-05-2015 22:57:22; jurov: ls -l
justJanne: because no one should have a disadvantage from choices they didn’t make.
justJanne: just because your parents are poor doesn’t mean you should have worse chances in life
mircea_popescu: of course you are. you work hard and save to give your kids a better chance.
justJanne: do you want to punish people for stuff they didn’t do, choices they didn’t make?
mircea_popescu: you don't expect every kids have equal chances, because that removes any incentive for you to do anything.
justJanne: nowadays we have basic income here even.
mircea_popescu: i punish people for what they are rather than what they want to be all the time.
justJanne: then you might want to rethink your life.
justJanne: let’s say it like this, not even the literal nazis had such a right-wing idea about society. And they are nazis.
☟︎ mircea_popescu: to me, the difference between soviets and nazis is nil : both were socialists.
mircea_popescu: no, it doesn't. that's the fallacy of "we can't compare to any alternatives, as thery don't exist - so it works fine!!1"
justJanne: like 90% of all firemen here, for example, work for free. volunteers. No pay, nothing. They risk their lives for nothing, while still having a normal job at the same time.
trinque: why should they not be paid for dangerous work?
mircea_popescu: moreover, why is some people's preference a basis for law ?
mircea_popescu: let those firemen do whatever the fuck they please and pay me.
justJanne: the idea is: if society is well enough,
justJanne: then people will work literally for free,
mircea_popescu: society is about as meaningful a concept as baby jesus.
justJanne: just to provide a benefit for everyone
justJanne: obviously it works well in the countries with the highest standard of living –
justJanne: all across scandinavia and central europe
mircea_popescu: just, some people are momentarily insulated from the effects of their stupidity.
mircea_popescu: just like - unprotected sex works fine "in those places where syplhilis hasn't appeared yet".
mircea_popescu: sure. won't last. by the very nature of what unprotected sex is, it won't last.
justJanne: this system of society has lasted for centuries
mircea_popescu: nope. it's barely five decades old, and already cracking.
justJanne: the volunteering fire brigade system has existed since the 1400s
mircea_popescu: ah, that. again : let those firemen do whatever the fuck they please and pay me.
justJanne: the consumer cooperatives operating non-profit chains of grocery stores have also existed since the 1800s
mircea_popescu: and necrophillic pedophillia has existed since 50`000 years ago.
justJanne: It’s obviously more stable than the economical system plagued of bubble bursts that is existing at Wall Street nowadays
mircea_popescu: the system you discuss IS the other system you discuss.
mircea_popescu: there's no difference there, just a meaningless distinction.
mircea_popescu: well, if you manage to survive emotionally, your stay in #b-a is bound to be instructive.
justJanne: the first system I discuss in scandinavia or central europe is a place where 60% of the companies have existed for centuries, have long term neither profit nor losses, and no growth
justJanne: tbh, it’s the only really sustainable way
trinque: sounds like an environment where it'd be difficult to get anything new started
assbot: [MPEX] [S.MPOE] 53750 @ 0.00027982 = 15.0403 BTC [+] {2}
justJanne: not really. There are many startups here, actually.
justJanne: the thing is that most of these don’t aim for a huge profit,
justJanne: but aim for slow growth and a sustainable profit.
justJanne: you don’t need to aim for 1 billion users with your 5 people startup to be sustainable
trinque: you'll get no argument from me on that
trinque: but that is not tantamount to saying "therefore social democracy"
justJanne: we are at a completely different point now