Hide Idle (>14 d.) Chans

← 2021-07-25 | 2021-07-27 →
00:45 asciilifeform whaack: it is theoretically possible that a would-be cooperative miner exists, but the tx aint getting to him. possib. would make sense to autospam it to erry noad turned up by billymg's scanner.
00:45 asciilifeform (or for that matter, a stream of these, generated in realtime)
00:45 asciilifeform !w poll
00:45 watchglass Polling 17 nodes...
00:45 watchglass : Could not connect!
00:45 watchglass : Could not connect!
00:45 watchglass : Could not connect!
00:45 watchglass : (172-4.core.ai.net) Alive: (0.082s) V=70001 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692658
00:45 watchglass : Alive: (0.090s) V=99999 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692658 (Operator: asciilifeform)
00:45 watchglass : (ns562940.ip-54-39-156.net) Alive: (0.170s) V=99999 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692658
00:45 watchglass : Alive: (0.084s) V=99999 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Return Addr= Blocks=692658 (Operator: whaack)
00:45 watchglass : Alive: (0.159s) V=99999 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692658
00:45 watchglass : (static. Alive: (0.279s) V=99999 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=412068 (Operator: jurov)
00:45 watchglass : Alive: (0.234s) V=70001 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692658
00:46 watchglass : (ns3140226.ip-54-38-94.eu) Alive: (0.264s) V=88888 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692658
00:46 watchglass : Alive: (0.337s) V=99999 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692658
00:46 watchglass : (terebe.ns01.net) Alive: (0.577s) V=99999 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692658
00:46 watchglass : (pool-71-191-220-241.washdc.fios.verizon.net) Alive: (0.055s) V=99999 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692658 (Operator: asciilifeform)
00:47 watchglass : Busy? (No answer in 100 sec.)
00:47 watchglass : Busy? (No answer in 100 sec.)
00:47 watchglass : Busy? (No answer in 100 sec.)
~ 6 hours 41 minutes ~
07:28 mats wonder if its in the pool software
~ 43 minutes ~
08:12 mats to elaborate a little, there's too many participants to do everything behind closed doors, cooperation against segwit spends is probably done out in the open
~ 58 minutes ~
09:10 punkman https://twitter.com/ercwl/status/1419580582640721921 "You are now a 20x leverage degen longing the corn when the bankruptcy trustee of the first exchange you previously traded at liquidates you back 3 years in time when selling the remainder of the coins he owes you to pay their fiat-denominated debt to you"
09:12 punkman speaking of liquidations, almost 1b of btc liquidations in last 24h https://www.bybt.com/LiquidationData
09:18 punkman https://twitter.com/ercwl/status/1416643298148691969 oh you see Saylor is the noob, not the guy that got goxxed half a dozen times
~ 43 minutes ~
10:01 mats whenever i think of saylor i remember saifedean and wonder how much content he sourced for his book from the #b-a log
10:03 mats apparently pete d got a credit which is riotous
~ 1 hours 39 minutes ~
11:42 punkman I lol every time I see saifedean cited
11:42 punkman or the turd meister guy
11:42 punkman I think he's also popular in some circles
11:46 punkman also hilarious is how many people think McCaffee mattered at any point since the 90s
11:53 punkman https://www.bybt.com/Grayscale does Grayscale actually hold 650k BTC?
~ 2 hours 30 minutes ~
14:24 mats i met a guy in a cafe in LA who told me a story about brock pierce offering him fifty stacks to launder money after guy told him he was a weed grower trying to get a license and go legit
14:33 mats huh, he was a tether cofounder, didnt know that
14:43 shinohai $vwap
14:43 busybot The 24-Hour VWAP for BTC is $ 38203.56 USD
~ 22 minutes ~
15:05 billymg http://logs.nosuchlabs.com/log/asciilifeform/2021-07-25#1048568 << whaack, lemme know if you need a raw dump of known nodes by any criteria
15:05 dulapbot Logged on 2021-07-25 20:45:21 asciilifeform: whaack: it is theoretically possible that a would-be cooperative miner exists, but the tx aint getting to him. possib. would make sense to autospam it to erry noad turned up by billymg's scanner.
15:11 punkman the "virii aren't real" conspiracy is pretty wild https://www.fluoridefreepeel.ca/fois-reveal-that-health-science-institutions-around-the-world-have-no-record-of-sars-cov-2-isolation-purification/
15:13 punkman went down the "HIV isn't real" rabbit hole a few years ago, those folks also obsessed with "HIV has never been isolated"
~ 24 minutes ~
15:38 shinohai http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048605 <<< Might not hurt to post these txn's to things like https://bitaccelerate.com/ too just to get 'em seen by moar nodes.
15:38 dulapbot Logged on 2021-07-26 11:05:42 billymg: http://logs.nosuchlabs.com/log/asciilifeform/2021-07-25#1048568 << whaack, lemme know if you need a raw dump of known nodes by any criteria
15:47 asciilifeform http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048589 << simplest explanation is that miners are using straight prb
15:47 dulapbot Logged on 2021-07-26 03:28:51 mats: wonder if its in the pool software
15:59 punkman was looking for alt implementations recently, or any mentions of proprietary nodes used by pools, only found these: https://github.com/block-core/blockcore (.net) https://github.com/bcoin-org/bcoin (js)
15:59 punkman and of course the Go-based btcd which is probably the oldest
16:00 punkman I got the impression most pools are using prb
16:11 punkman oh and Taaki's libbitcoin, they even have foundation https://libbitcoininstitute.org/
16:17 asciilifeform http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048608 << textbook example of successfully applied discreditation spray.
16:17 dulapbot Logged on 2021-07-26 11:13:40 punkman: went down the "HIV isn't real" rabbit hole a few years ago, those folks also obsessed with "HIV has never been isolated"
16:17 dulapbot (trilema) 2016-11-22 asciilifeform: the photos of 'victim kidz' added to the mix is same gambit as when the 'martians did it' folx were turned loose upon '9/11 truth'.
16:19 asciilifeform ( see also e.g. )
16:19 dulapbot (trilema) 2015-09-07 ascii_field: discussion of 'fed troops coming' is permitted strictly in the latter; and strictly in conjunction with discussions of martians coming, and shooting mind control rays
16:20 asciilifeform http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048609 << i'd be surprised if it didn't filter for segshitness-compliance (if merely by using prb in the mix somewhere) but worth test
16:20 dulapbot Logged on 2021-07-26 11:38:12 shinohai: http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048605 <<< Might not hurt to post these txn's to things like https://bitaccelerate.com/ too just to get 'em seen by moar nodes.
16:21 asciilifeform http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048615 << recall how mp insisted strenuously for ~years~ that they would never do such thing. then when segshit, quietly stopped mentioning it and would change subj if asked
16:21 dulapbot Logged on 2021-07-26 12:00:22 punkman: I got the impression most pools are using prb
16:22 asciilifeform http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048614 << is that thing still developed ? ( and tracking prbism bug-for-bug ?! )
16:22 dulapbot Logged on 2021-07-26 11:59:31 punkman: and of course the Go-based btcd which is probably the oldest
16:31 punkman dunno about bug-for-bug but seemed active
16:32 asciilifeform punkman: link ?
16:33 punkman https://github.com/btcsuite/btcd
16:33 asciilifeform ty punkman
16:33 punkman https://coin.dance/nodes reports 34 bitcoin-knots and 24 bcoin nodes
16:34 punkman 0 btcd though, and some others that look active
16:34 * asciilifeform not tried btcd, tho iirc ben_vulpes did, at one time seemed like an attractive alternative to the clusterfuck
16:35 punkman knots being lukejr's thing
16:35 asciilifeform punkman: iirc all he had was a 2010s prb fork?
16:36 punkman dunno, he had some "features", guess he's still using it
16:37 punkman some more active projects from coin.dance: https://github.com/haskoin (haskell) https://github.com/k-nuth/kth (c++) https://github.com/bitcoin-s/bitcoin-s (scala)
16:39 asciilifeform 'knuth' ?!
16:40 asciilifeform iirc d00d's alive and has nuffin to do with this rubbish. someone oughta tip him off.
16:41 punkman https://btc.com/stats/pool?pool_mode=month
16:41 punkman distribution seems much better than a few years ago
16:42 asciilifeform interesting imho that the old giants still >50%
16:42 punkman ~5% unknown
16:43 asciilifeform also will point out that there's nuffin to keep 'unknowns' who want to stay unknown from using a 'known''s plaquard in block hdr
16:43 asciilifeform (or, vice-versa)
16:43 punkman 1 month unknown at 5%, 1 year unknown at 1.7%
16:43 * asciilifeform for this reason always took charts such as the linked one 'with grain of salt'
~ 28 minutes ~
17:12 billymg http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048633 << btcd still alive http://paste.deedbot.org/?id=Z0D9
17:12 dulapbot Logged on 2021-07-26 12:34:21 punkman: 0 btcd though, and some others that look active
17:14 billymg http://paste.deedbot.org/?id=RZb5 << filtered by last active in last 48hrs
17:16 billymg perhaps i should expose more user agent filtering options on the nodes page
17:21 punkman top 10 pool summary: http://paste.deedbot.org/?id=W3iv
17:24 punkman so yeah bitmain definitely trying to look smaller than they are
17:27 punkman https://bitcoinmagazine.com/technical/mara-pool-and-bitcoin-mining-censorship " this presumably means that this pool will not include transactions in its blocks if these transactions send coins to or from Bitcoin addresses that have been included on an OFAC blacklist." << lol!
17:38 asciilifeform 'this pool will not include transactions in its blocks if these transactions send coins to or from Bitcoin addresses that have been included on an OFAC blacklist' << loox like a simple recipe for setting up your tx so it won't feed ~this~ pool ( simply include a microscopic donation to $banned_addr )
17:41 asciilifeform punkman: tangentially, do you actually sit and listen to these tapes ? ' hear twiddledum and twiddledee discuss $xyz for 45min' etc ?
17:41 asciilifeform pretty dire 'post-literacy' situation imho, if this is standard nao.
17:56 asciilifeform !w poll
17:56 watchglass Polling 17 nodes...
17:56 watchglass : Could not connect!
17:56 watchglass : Could not connect!
17:56 watchglass : Could not connect!
17:56 watchglass : Alive: (0.083s) V=99999 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692783 (Operator: asciilifeform)
17:56 watchglass : Alive: (0.089s) V=99999 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Return Addr= Blocks=692783 (Operator: whaack)
17:56 watchglass : (ns562940.ip-54-39-156.net) Alive: (0.170s) V=99999 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692783
17:56 watchglass : (172-4.core.ai.net) Alive: (0.220s) V=70001 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692783
17:56 watchglass : Alive: (0.270s) V=99999 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692783
17:56 watchglass : Alive: (0.244s) V=70001 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692783
17:56 watchglass : (static. Alive: (0.333s) V=99999 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=412068 (Operator: jurov)
17:56 watchglass : Alive: (0.290s) V=99999 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692783
17:56 watchglass : (ns3140226.ip-54-38-94.eu) Alive: (0.316s) V=88888 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692783
17:56 watchglass : (terebe.ns01.net) Alive: (0.656s) V=99999 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692783
17:57 watchglass : Violated BTC Protocol: Bad header length! (Operator: asciilifeform)
17:57 asciilifeform !w probe
17:58 watchglass : Busy? (No answer in 100 sec.)
17:58 watchglass : Busy? (No answer in 100 sec.)
17:58 watchglass : Busy? (No answer in 100 sec.)
17:58 watchglass : Violated BTC Protocol: Bad header length!
18:05 punkman asciilifeform: sometimes I listen, but generally no
18:07 punkman I find it hard to listen to audiobooks too, attention drifts off, even if not doing anything else but listening, then you gotta rewind, etc
18:07 punkman not sure if it's just me, but I generally don't believe people when they say they listened to audiobook/podcast
18:08 * asciilifeform long ago used to eat these when rode trains. but it's been years.
18:08 asciilifeform punkman: i can't bring myself to listen to 40min+ of 'ughs', u'umms, etc. for ~10m worth of article (and by some bozo)
18:10 asciilifeform !w probe
18:10 watchglass : (pool-71-191-220-241.washdc.fios.verizon.net) Alive: (0.670s) V=99999 (/therealbitcoin.org: Jumpers=0x1 (TRB-Compat.) Blocks=692791
~ 15 minutes ~
18:26 punkman microbt (whatsminer) seems to be largest bitmain competitor. possibly associated with Poolin.
18:26 punkman wonder if they get their chips from TMSC, or maybe Samsung
~ 15 minutes ~
18:41 bonechewer http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048655 << The scammers of Marathon (which of course was a patent troll before it became a bitcoin miner) backed down from this ploy three weeks later
18:41 dulapbot Logged on 2021-07-26 13:27:44 punkman: https://bitcoinmagazine.com/technical/mara-pool-and-bitcoin-mining-censorship " this presumably means that this pool will not include transactions in its blocks if these transactions send coins to or from Bitcoin addresses that have been included on an OFAC blacklist." << lol!
~ 16 minutes ~
18:58 asciilifeform wb bonechewer
19:01 bonechewer tnx asciilifeform!
19:15 bonechewer http://logs.nosuchlabs.com/log/asciilifeform/2021-07-18#1046718 << upstack: I m\
19:15 dulapbot Logged on 2021-07-18 20:40:36 signpost: is not interested in an item that cannot become relevant at a civilizational scale.
19:15 bonechewer ay be a tedious monomaniac, but I do think that easy availability of a build-it\
19:15 bonechewer -yourself, un-own-able portable OTPtron would have civilisational impact, if on\
19:15 bonechewer ly by crowding out USG's ability to sell [http://logs.nosuchlabs.com/log/asciil\
19:15 bonechewer ifeform/2021-07-07#1043951][ersatz versions]
19:15 bonechewer oh drat bad paste from emacs... sorry
19:15 asciilifeform bonechewer: something odd's going on w/ your terminal
19:15 asciilifeform ah
19:15 asciilifeform bonechewer: plox to repost
19:16 bonechewer http://logs.nosuchlabs.com/log/asciilifeform/2021-07-18#1046718 << upstack: I may be a tedious monomaniac, but I do think that easy availability of a build-it-yourself, un-own-able portable OTPtron would have civilisational impact, if only by crowding out USG's ability to sell ersatz versions
19:16 dulapbot Logged on 2021-07-18 20:40:36 signpost: is not interested in an item that cannot become relevant at a civilizational scale.
19:16 dulapbot Logged on 2021-07-07 23:35:43 bonechewer: But those who use encrochats will have their traffic read; those who use OTP correctly-- won't
19:18 * asciilifeform see prev. thread re subj..
19:18 dulapbot Logged on 2021-07-07 23:55:30 asciilifeform: bonechewer: ever seen operetta 'west side story' ? in it there is line, 'I'll have my own washing machine.' and reply 'What will you have, though, to keep clean?'
19:19 asciilifeform bonechewer: do you know expression 'screen door on submarine' ?
19:20 bonechewer *that* question is beyond my ken, but the rejoinder is "better to need it and not have it, than have it and not need it"
19:20 asciilifeform fat lotta good will 'otp phone' -- even perfectly-honest one, what with FG for the pad generator, etc. -- will do, for 'homo redditus' who has not one but typically three or four listening devices permanently plugged in on his desk (ipnoje, lappy with intel me, etc)
19:22 asciilifeform in this context, any 'crypto machine' you sell these subhumans, will be in the role of a ~fashion accessory~. and you will lose to the people who are able to make better fashion accessories w/out being constrained by also trying to make honest cryptomachinery.
19:22 bonechewer homo redditus is not the most obvious adopter of such a device, but when USG recently mooted the prospect of monitoring SMS messages for crimethink re: vaccines, certainly intelligent normies did sit up and pay attention
19:23 asciilifeform bonechewer: that whole thing is a bogus, constructed pseudo-conflict.
19:23 dulapbot Logged on 2021-07-26 12:17:50 asciilifeform: http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048608 << textbook example of successfully applied discreditation spray.
19:23 * bonechewer sympathizes with asciilifeform's POV, but at the same time knows non-technical people who are nevertheless not fools
19:24 asciilifeform bonechewer: 'not fools' but at the same time they didn't buy e.g. FG.
19:24 asciilifeform why not ?
19:24 asciilifeform because didn't come in a pretty box, and not advertised in 'bitcoin magazine' or 'forbes' etc.
19:25 bonechewer Naah, because they are doctor or businessman but can't use e.g. the command prompt
19:25 punkman making OTP fashionable is more interesting than the specific hardware each tard decides to run it on
19:25 asciilifeform actual security aint a pretty box, bonechewer , that a luser can 'buy and forget'. it's a lifestyle, like orthodox judaism or catholicism etc
19:26 asciilifeform punkman: iirc there are already hucksters offering supposed 'otp on ipnoje' etc via closed src turd. but with lotsa, lotsa fancy magazine fluff articles and pretty pictures !
19:26 asciilifeform if you want to compete in that market, go right ahead.
19:26 bonechewer I know a successful businessman who has secretary handle his email and phone calls a la 1980s, but massively competent within his own bailiwick. I'd hand his secretary an OTPtron.
19:27 asciilifeform bonechewer: let's flesh out the picture. how do you envision this item ?
19:27 bonechewer one of two possible ways:
19:29 punkman I've been thinking of putting together a raspberry zero (no wireless) + keyboard + screen + camera + battery, for own use
19:30 bonechewer (a) dumb handheld box with some microcontroller and SD card inside. OTP on SD card. Simple menu-driven app allows message to be composed and xor'd with pad, and wrapped with asciilifeform's A++ HMAC goodness
19:30 asciilifeform punkman: plz describe yours also (i.e. for what, rather than simply outta what)
19:30 asciilifeform bonechewer: that looks like a bitch to type on
19:31 asciilifeform (can you imagine composing a multipg message on that thing)
19:31 bonechewer Then it renders the ciphertext as a QR code on-device screen. User snaps a pic with pnoje and transmits to correspondent, who captures the QR ciphertext on same OTPtron, verifies and decrypts
19:32 * bonechewer used to send SMSs on a similar looking blackberry back in the day. Let multipage messages wait for a future release; gotta crawl before you walk.
19:33 asciilifeform bonechewer: this as you can already see aint esp. difficult to build. problem will be similar to FG (which, or something like it, you in fact will need to include in each unit). you'll need to sell'em for 1k$+ to break even. (or, alternatively, 100$ but sell 1e6 units.)
19:34 asciilifeform bonechewer: this problem afflicts more or less any and all attempts to build & market sane cryptoirons.
19:34 bonechewer Indeed, I'd be happy to break even. $1k unit price seems about right but 1e6 seems too high at $100; can you share what's behind that estimate
19:34 asciilifeform bonechewer: experience w/ low-volume pcb manufacture.
19:35 asciilifeform which btw is in direr straits than ever before, what w/ parts shortages.
19:35 asciilifeform bonechewer: the 'economics of scale' are ruthless to the 'electronics for smart people' would-be vendor. this is why errything you see on store shelves is shit.
19:36 bonechewer aha yes, if had to fab a PCB... but something off-the-shelf might fill the bill
19:36 mats looks like the tether commercial paper is probably chinese real estate
19:37 asciilifeform bonechewer: you need FG or equiv. in there, if yer doing otp, you live & die by trng quality.
19:38 bonechewer of course! need to pre-fill the OTP with a quality TRNG. That is separable, though, from the handheld client device.
19:38 asciilifeform bonechewer: how do you propose to separate it , and why ?
19:39 bonechewer why not separate it? the use case is as follows:
19:40 bonechewer technical person uses son-of-FG to fill, say, 128G SD card with random bytes, with some sort of block boundary markers
19:41 bonechewer then makes a dozen copies of that SD card and loads each into the handheld client
19:41 bonechewer then gets on a plane and hands each one off to colleague
19:42 asciilifeform bonechewer: this is terrifyingly broken scheme imho, esp. if yer filler uses a computer somewhere in that process.
19:42 asciilifeform bonechewer: what you want instead is for the otp to be internal, and for all devices which are to share one, to be connected for generation of pad
19:43 bonechewer naah-- my interest is only communicating among pre-selected correspondents, not random derps.
19:43 asciilifeform the thing is, the # of devices has to equal 2. or you cannot be assured of proper destruction of spent blocks.
19:43 asciilifeform bonechewer: it aint about 'random derps', but about the absolutely vital elimination of general-purpose computer from the entire scheme.
19:43 bonechewer that is certainly true
19:43 bonechewer so okay, fair enough, scheme needs a refinement.
19:44 * asciilifeform brb
19:44 bonechewer To allow N correspondents to communicate, the guy with the TRNG generates N^2 pads, each of which allows two correspondents to communicate
19:46 mats operation venona happened in part because of key reuse
19:46 bonechewer So each of the N devices gets a different selection of two-person pads, and some menu in the app allows the user to choose which of the N interlocutors the message is for. If sending to K recipients, then K different ciphertexts are generated
19:48 bonechewer Yes, I think the weak point of the whole scheme is where the attacker tries to throw communicants' block selection out of sync.
19:49 bonechewer But in version 1.0, could just require everyone have an accurate clock, and the blocks could be preassigned based on e.g. 15-minute time slots GMT.
19:53 bonechewer (okay, to be more precise, not N^2 pads but just the upper triangle of the NxN matrix minus the diagonal, hopefully you get what I meant
~ 16 minutes ~
20:09 bonechewer or... thinking out loud... probably do need N^2-N pads, so that there is no race condition allowing pad reuse if A wants to message B at the same time that B wants to message A
20:09 bonechewer Therefore the pad for A->B and the pad for B->A must be different.
20:10 whaack http://logs.nosuchlabs.com/log/asciilifeform/2021-07-25#1048568 <-- i will probably do this eventually but it's not a top priority atm
20:10 dulapbot Logged on 2021-07-25 20:45:21 asciilifeform: whaack: it is theoretically possible that a would-be cooperative miner exists, but the tx aint getting to him. possib. would make sense to autospam it to erry noad turned up by billymg's scanner.
20:13 whaack http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048590 <-- not sure exactly what you mean here, are you saying that transactions uncompliant with segwit are blocked (partly) via deleting them from the memorypool?
20:13 dulapbot Logged on 2021-07-26 04:12:32 mats: to elaborate a little, there's too many participants to do everything behind closed doors, cooperation against segwit spends is probably done out in the open
20:15 whaack http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048605 <-- thanks, maybe some dump of all the nodes with prb version < 0.16. again, i may not use this for a bit
20:15 dulapbot Logged on 2021-07-26 11:05:42 billymg: http://logs.nosuchlabs.com/log/asciilifeform/2021-07-25#1048568 << whaack, lemme know if you need a raw dump of known nodes by any criteria
20:18 whaack http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048622 <-- this tool only take the txn hash as a parameter, but the service hasn't seen the txn itself so the service can't rebroadcast it. likely because it's using some prb node
20:18 dulapbot Logged on 2021-07-26 12:20:40 asciilifeform: http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048609 << i'd be surprised if it didn't filter for segshitness-compliance (if merely by using prb in the mix somewhere) but worth test
~ 17 minutes ~
20:35 punkman http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048750 << I'd just want to give SD card to friend, with 2 pads (A->B, B<-A), he plugs it into whatever airgapped device, we use off-the-shelf or custom software for the OTPing
20:35 dulapbot Logged on 2021-07-26 15:42:31 asciilifeform: bonechewer: what you want instead is for the otp to be internal, and for all devices which are to share one, to be connected for generation of pad
20:36 bonechewer punkman: your scheme seems not unlike mine for N=2
20:39 punkman bonechewer: I do like the idea of deleting parts of the pad in specified time interval like you said, but is wasteful if communication is infrequent (and the time interval not very long)
20:40 bonechewer punkman: agreed! But my thesis is that SD cards are cheap and huge, so pads can also be cheap and huge
20:41 punkman also not much sense in deleting pad, if messages aren't also deleted immediately. and you might want to keep unencrypted messages for a while, at least on the device itself
20:43 mats whaack: no, slushpool, antpool etc
20:46 bonechewer punkman: yeah, either way, the idea is for the security of the communication to be equivalent to the physical security of the handheld, airgapped device.
20:46 whaack mats: ok, you're saying the big mining pools block the txns
20:47 punkman https://www.adafruit.com/product/4818 << I was looking at similar adapter board for some blackberry keyboard. Convenient size and price, but annoying for longer texts like asciilifeform said. I've seen some people use off-the-shelf wireless mini-keyboards. I think some of them might be possible to connect via usb instead of bluetooth.
20:48 punkman https://yarh.io/yarh-io-m2.html
20:51 bonechewer punkman: but if the adversary owns your phone, can he not then snoop your keystrokes right from your wireless mini-keyboard? And once you start sending OTPgrams around, the adversary is going to very much want to pwn your phone
20:52 bonechewer so better be able to disable the keyboard's wireless interface
20:53 bonechewer Similarly, if we need to send multiple ciphertexts, one per recipient, it would start to get tedious to snap all those QR codes and send the right one to each
20:54 bonechewer So sending ciphertext to and from the phone over bluetooth might sure be nice
20:55 punkman yeah bluetooth connected keyboard is retarded
20:56 punkman bluetooth is a pile of shit, I wouldn't use it for anything
20:56 punkman you can easily make "animated" QR
20:56 bonechewer asciilifeform seemed to think an enemy bluetooth chip could be trusted if not given DMA; I'd have to be convinced of that.
20:56 dulapbot Logged on 2021-07-09 13:44:19 asciilifeform: bonechewer: keep in mind that 'enemy phy' is only a problem if you give it dma.
20:57 punkman you can also transmit ciphertext with sound if you add speaker
20:57 bonechewer I also hate bluetooth, but if "Bluetooth SPP" really just behaves like a serial port, it's awfully tempting
20:58 * bonechewer did not know about "animated QR", thanks for the information!
20:59 bonechewer seems like video would be much higher bandwidth than sound though
21:00 punkman no idea how fast you can read QR code on phone/laptop
21:00 punkman I imagine both would fall in kbps range
21:02 asciilifeform http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048783 << lol, systemd!
21:02 dulapbot Logged on 2021-07-26 16:48:06 punkman: https://yarh.io/yarh-io-m2.html
21:03 asciilifeform http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048787 << >> http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048708
21:03 dulapbot Logged on 2021-07-26 16:54:42 bonechewer: So sending ciphertext to and from the phone over bluetooth might sure be nice
21:03 dulapbot Logged on 2021-07-26 15:19:36 asciilifeform: bonechewer: do you know expression 'screen door on submarine' ?
21:03 asciilifeform ( see also. )
21:03 dulapbot (trilema) 2014-03-17 asciilifeform: our friends at ft. meade call this 'NONSTOP'
21:04 asciilifeform that's the thing, bonechewer , ~genuine~ cryptoiron looks ~very, very~ different from 'cosmetic' (errything linked above) fashion-crapola.
21:06 asciilifeform http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048791 << was referring to usb strictly.
21:06 dulapbot Logged on 2021-07-26 16:56:28 bonechewer: asciilifeform seemed to think an enemy bluetooth chip could be trusted if not given DMA; I'd have to be convinced of that.
21:06 bonechewer asciilifeform: do I understand correctly that the threat model is: the adversary pwns your phone and uses it to mount a TEMPEST attack against the nearby OTPtron?
21:06 asciilifeform bonechewer: mno
21:07 asciilifeform bonechewer: read link. if you have a) ciphermachine b) radio transmitter in close proximity -- unless very expensive precautions taken, yer broadcasting bits of plaintext and/or key.
21:07 asciilifeform and with considerable reach.
21:08 bonechewer sure, I would call that a TEMPEST attack: OTPtron screen displays message, phone listens to RF emanations and transmits to adversary. No?
21:08 asciilifeform bonechewer: traditionally 'tempest' refers to emissions of the ciphermachine per se.
21:09 bonechewer okay, maybe I am mis-using the word 'tempest', but do I at least understand the proposed threat model?
21:09 asciilifeform anyways how the fuck would you even come up with a horror like 'use bluetooth kbd to enter text into a cirphermachine' ?!!
21:10 punkman asciilifeform: building with "legos"
21:10 asciilifeform punkman: aaha.
21:10 punkman but he soldered power on bt keyboard'
21:11 asciilifeform punkman: this is why folx familiar, even on surface, with adult hardware, laugh their arses off when they see 'kickstarter ciphermachines'
21:12 bonechewer hmm, in case it was unclear I did not consider bluetooth keyboard
21:13 punkman I just want a general purpose linux handheld (without radio)
21:13 asciilifeform ftr what adult iron looks like. observe radio and ciphrator -- separate boxes, w/ own grounding, etc.
21:13 bonechewer rather, was wondering whether a bluetooth link for transmitting ciphertext between phone and OTPtron could be made as secure as scanning QR codes
21:14 mats lol
21:16 asciilifeform punkman: depending what means 'handheld', already canhaz
21:17 punkman asciilifeform: which?
21:17 asciilifeform punkman: 'linux handheld'
21:17 bonechewer with one's own code running on a microcontroller, and an auditable Bluetooth PHY running on an FPGA, rather than someone else's Bluetooth ASIC, that doesn't seem outside the bounds of possibility
21:17 punkman asciilifeform: yes, which device is this?
21:17 mats https://publications.sba-research.org/publications/qrinception.pdf
21:17 asciilifeform punkman: e.g. rk3328
21:18 asciilifeform ( attach spi lcd and your choice of 5v source.. )
21:18 asciilifeform mats: i recall this lolpiece
21:19 asciilifeform mats: it is why 'adult' product is specifically ~not~ 'made of lego'
21:20 asciilifeform if 'made of lego' i.e. other-people's-shitware-opensores -- then you get laffs like the linked 'oh but this is a barcode polyglot, and machine will try to read it as xyz, haha' and similar
21:21 bonechewer mats: fun piece but a QR code hacked by the adversary will fail asciilifeform's hash-against-the-pad test and will be rejected by OTPtron
21:21 dulapbot Logged on 2021-07-08 00:12:39 asciilifeform: just about any hash-based checksumming will prevent anyone w/out a copy of the pad from forging messages. (you still gotta keep count, not only to sync but to prevent replays, however)
21:21 asciilifeform there's a reason why FG is made of a 72 macrocell cpld and ZERO OTHERPEOPLESCODE
21:22 asciilifeform bonechewer: was speaking of the general principle
21:25 * bonechewer agrees on principle, which is in complete opposition to the fashion of, apparently, pulling in as many horrors as dependencies as possible
21:26 asciilifeform the fundamental problem with 'duct tape and chewing gum' ciphermachines, is that it is very, very easy to fool yourself into thinking that you've achieved something, when in fact you have led yourself and -- worse, possibly people with actual secrets to protect -- to the chopping block, by putting same linux+opensores liquishitware into pocket-sized vaguely-ciphermachine-like package.
21:27 bonechewer most egregious examples come from, natch, not only the cesspool that is Javascript but also the very trendy "Rust"
21:27 asciilifeform shitware is shitware regardless of what shape computer.
21:29 asciilifeform a responsible, honest practitioner's job, if he wants to advance state of the art, is to get linux, bluetooth, java-xyz, fucking unix, multitasking os per se, c/cpp compiler outputs, von neumann machine, THE FUCK OUTTA cryptography.
21:29 asciilifeform not in, no.
21:29 asciilifeform who wants to go in this direction -- asciilifeform will help.
21:29 asciilifeform but who in other direction -- can't stop you, naturally, but no, will not help.
21:30 asciilifeform this is asciilifeform's official position on the subj and it aint changing.
21:31 bonechewer This is why I envision a simple microcontroller running single-threaded code at the heart of airgapped OTPtron. Don't need much of anyone else's code other than, unavoidably, SD card and camera interfaces, possibly QR decoder
21:32 punkman bonechewer: sound seems a lot easier than camera+qr
21:32 asciilifeform bonechewer: there's a chinese qr->camera->rs232 box, iirc i linked in the logs
21:32 bonechewer Don't need and don't want a multi-user OS involved; that would just be another point of failure
21:32 asciilifeform bonechewer: i have one here in parts bin.
21:32 bonechewer asciilifeform: A++, that simplifies things a lot
21:32 asciilifeform the important thing is to get qrism etc 100% separated from anything that touches plaintext.
21:32 asciilifeform electrically separated. (optocouple)
21:33 punkman optocouple serial? how fast do those go
21:33 asciilifeform punkman: multi-MB/s if you need
21:34 punkman bonechewer: also easier than QR: blinky led
21:34 asciilifeform typically vendor's datashit will give you a guaranteed min.
21:35 bonechewer hmm, if a Chinese QR reader emits serial data, sticking it behind an optocoupler adds no additional security afaict, because the plaintext is going to be displayed on screen anyway, so there's an electrical connection, right there
21:35 asciilifeform punkman: asciilifeform's experimental version of this eschewed light entirely, in favour of acoustic modem
21:36 asciilifeform bonechewer: the idea there is to separate the multi-MB shitware and iron capable of running it, req'd to process QR, from your own software and its substrate.
21:36 asciilifeform bonechewer: that way if there's e.g. 'magic code' which arbitrarily modifies the qr reader somehow, it still has no possible effect on anything that touches plaintext.
21:37 * asciilifeform thought that this was obv.
21:37 bonechewer Unfortunately not obvious; bear with me. If the microcontroller speaks serial, without DMA, to the Chinese QR reader, how does it increase security if that serial data is transmitted through optocoupler or not?
21:38 punkman because the whole thing is an antenna, and transmits
21:38 asciilifeform the qr reader is a potentially arbitrarily-hostile artifact, you don't want it on same power rail as the piece which handles plaintext.
21:39 asciilifeform this is illustrated in the ciphermuseum link, i thought.
21:39 asciilifeform and yes this seems onerous, unaesthetic, heavy, expensive, and yes definitely won't be a reddit bestseller.
21:39 bonechewer "All electronics engineers create antennas, only some realize that they are doing so" (or words to that effect)
21:39 asciilifeform but this is what adult iron looks like. rather than cosmetic.
21:39 asciilifeform aha.
21:41 bonechewer Try as I might, I can't imagine a realistic attack over a serial line.
21:41 punkman asciilifeform: re: rockchip, have considered, but keyboard is more pressing problem than cpu for my purposes
21:42 bonechewer ...as long as OTPtron lives inside proper metal case.
21:42 asciilifeform punkman: afaik there's very little choice but to reuse a kbd from old lappy. (1990s 'thinkpad' or 'toshiba' best imho for these)
21:42 punkman asciilifeform: I've seen some threads about (perhaps more recent) laptop kbd, and connecting seems not worth the effort
21:43 asciilifeform punkman: typically is simply diodeless matrix
21:43 asciilifeform bonechewer: try to understand that hygiene is not about whether you can at a particular time imagine a particular bacterium entering your body
21:43 punkman https://www.sears.com/m-mc-saite-dzzwd9w-super-mini-wired-keyboard/p-A090644559 this is in current shortlist
21:44 asciilifeform bonechewer: it is about 'holistic' approach to making entire classes of event logically impossible.
21:44 asciilifeform punkman: poor traumatized spacebar !
21:45 asciilifeform would be nifty item if could get w/out winblowskeys
21:45 bonechewer Agreed 100%. The question is what incremental security is added by optocouplers in which microcontroller interfaces
21:46 asciilifeform bonechewer: absolutely nothing added, unless you actually understand why you're doing it and read up on e.g. differential power analysis, power supply fault injection, etc. and follow through with ~the rest~ of the req'd elements in the design (concretely -- separated power rails, proper ground topology, shielding)
21:47 asciilifeform and also understand that if you ~aint~ doing ALL of this, there's 0 point in doing ANY of it, you're simply fooling yerself (and, worse, gullible others) into using homeopathic crypto
21:48 bonechewer I agree with the latter, but if the adversary has no way to get his code onto the OTPtron, then he can't run timing attacks, differential power analysis, and the like
21:49 asciilifeform bonechewer: a but he has not only code but iron in your proposed otptron. in the form of the qr reader box.
21:49 asciilifeform (and its camera, usually itself an entire linux box + chinese shitware)
21:49 asciilifeform a qr reader aint a passive component, it's a thing w/ the horsepower of approx a 486 and often enuff multi-MB of ???
21:50 punkman somewhat neat little keyboard https://hackaday.io/project/175405-mini-piqwerty-usb-keyboard-ii guy also has a tiny radio messenger https://hackaday.io/project/171790-armawatch-armachat-long-range-radio-messengers
21:51 bonechewer In that case, could revert to the original design: simple camera sends pixels to uC and it decodes its own QR codes.
21:51 asciilifeform punkman: nifty kbd. btw i recall a 'keyboard generator' script that ate a layout and shat a pcb mask, in the log somewhere yrs ago
21:51 asciilifeform bonechewer: go and write decoder of qr w/out massive other-peoples-code-shitware.
21:51 asciilifeform maybe come back in 10y.
21:52 asciilifeform bonechewer: much simpler to make acoustic modem in software.
21:52 asciilifeform for short messages, fast enuff
21:52 punkman funny how there is no "hardware wallet" doing anything but QR
21:52 asciilifeform since yer not looking for speed, can use 1970s dtmf encoder/decoder.
21:52 asciilifeform punkman: aaha
21:53 asciilifeform bonechewer, punkman : now that you know the ~actual~ solution to this puzzler, consider who, how, and why put in people's heads the bogus pseudosolution (qr, camera) .
21:54 asciilifeform anyffin, anyffin but the ~actual~ solution!111
21:54 punkman one advantage of QR is that you can also print
21:54 asciilifeform can print 2d barcode just as well
21:55 asciilifeform and 9000x easier to read, doesn't require fft and exotica
21:55 punkman I had a stash of backup-to-paper softwares somewhere
21:56 asciilifeform ( recall, while on subj, how 'pro cryptographers' are all about use ANYTHING BUT RSA!1111 , for similar reason )
21:56 dulapbot (trilema) 2016-08-02 asciilifeform: one of these bargains is that you cannot build a career as a university academic with 'use rsa, kthx, bye'
21:56 bonechewer sorry, not following you here. What are you thinking of as the "actual solution"?
21:56 asciilifeform bonechewer: dtmf for ciphertext i/o.
21:57 asciilifeform needs 0 fancy processors.
21:57 * bonechewer disagrees strongly, but suspect he will not convert asciilifeform to his pov
21:57 asciilifeform a dtmf otptron can be built in fact 100% of 1980s components.
21:57 asciilifeform which in asciilifeform's pov makes it intrinsically superior.
21:58 asciilifeform importantly, requires 0 magic boxes.
21:59 bonechewer Architectural perfection that doesn't add incremental security against any feasible attack is just wank
21:59 asciilifeform anyways imho this is muchly academic exercise -- you will build either a redditardation or a FG, i.e. sumthing ugly and sells 100 units.
21:59 asciilifeform bonechewer: what part of 'qr reader requires an enemy base inside your device itself' is hard to understand ?
22:00 * bonechewer disagrees on two levels
22:00 asciilifeform perhaps more subtle is the notion that this is still true even if you construct the reader yourself. because realistically you will not be able to do it with Zero Other People's Code.
22:01 asciilifeform bonechewer: go ahead, and disagree. go, buy raspberry, chinese camera, stuff it into cigar boxes, sell to chumps. i can't stop you.
22:02 bonechewer First, on an air-gapped device inside a metal case, running one's own application code, enemy QR code could not do more than, maybe, deny service. Assuming it can only be spoken to serially, what knob can the enemy turn into order to attack?
22:02 punkman asciilifeform: perhaps stupid question, is your acoustic modem a wired connection?
22:02 bonechewer Second:
22:02 asciilifeform punkman: audio. recall, it's for ciphertext.
22:02 asciilifeform let whole planet listen to the beep-boop if it wants to.
22:03 asciilifeform bonechewer: your box has an opening, neh ? for the camera objective.
22:05 bonechewer Yep. So? I have already stipulated that if the adversary owns a nearby device, he might be able to snoop plaintext from the RF emantations of the screen.
22:05 asciilifeform i suppose my earlier point about hygiene pointedly NOT being about particulars and enumerated-badnesses fell on 100% deaf ears
22:05 dulapbot Logged on 2021-07-26 17:43:46 asciilifeform: bonechewer: try to understand that hygiene is not about whether you can at a particular time imagine a particular bacterium entering your body
22:07 asciilifeform bonechewer: a decent designer making a boobytrapped camera-qr box for your device run could ferry plaintext a considerable distance beyond what merely leaks from your screen. or simply inject random electrical faults that would jeopardize successful pad block deletion on yer sd. or 9000 other things that presently i haven't time to enumerate.
22:08 asciilifeform just to understand the ^ one given example w/ deletion, you gotta know something about how e.g. nand flash worx
22:08 asciilifeform the spittoon, bonechewer, 'is all in one strand!'
22:08 * asciilifeform unfortunately must bbl.
22:09 * bonechewer appreciates asciilifeform's time and POV, even if doesn't completely share the latter
22:15 bonechewer I suppose that a booby-trapped QR box specifically designed with perfect knowledge of the OTPtron's innards could snoop emanations from the data bus and broadcast them over a secret superminiature wifi chip, but for that to be a realistic threat the adversary would need to steal the QR box from mailbox, replace it with boobytrapped version. This is not the threat model the device under
22:15 bonechewer discussion is intended to address.
22:19 bonechewer And audio transmission of ciphertext is simply laughable for real-world use: ambient noise is often very high
22:30 bonechewer Finally, it would certainly not be ten years' work to snip the necessary bits from 14 year old QR-reading code, read it over to convince self there's not a tailor-made hidden booby-trap (and what, on an airgapped microcontroller, would spring the trap?) and include it in a simple application
22:33 punkman https://blog.bitmex.com/battle-for-asic-supremacy/ << apparently Microbt did start out with TMSC, but is now manufacturing at Samsung. Also Bitmain sued Microbt, because Microbt guy worked at Bitmain and stole teh chip secrets in 2016
22:38 * bonechewer will be back another time
~ 27 minutes ~
23:06 asciilifeform http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048940 << i can't resist to ask, where do you live or work such that acoustic coupler cannot work (they work at point-blank range) due to ambient noise ?
23:06 dulapbot Logged on 2021-07-26 18:19:26 bonechewer: And audio transmission of ciphertext is simply laughable for real-world use: ambient noise is often very high
23:07 asciilifeform http://logs.nosuchlabs.com/log/asciilifeform/2021-07-26#1048941 << very few people merit 'tailor-made boobytrap'. instead what you get is a GB of opensores liquishit in which ~infinitely~ many 'naturally-occurring' boobytraps. a la [insert favourite shitware here]
23:07 dulapbot Logged on 2021-07-26 18:30:45 bonechewer: Finally, it would certainly not be ten years' work to snip the necessary bits from 14 year old QR-reading code, read it over to convince self there's not a tailor-made hidden booby-trap (and what, on an airgapped microcontroller, would spring the trap?) and include it in a simple application
23:07 * asciilifeform tried to make this clear in the earlier thread, evidently entirely failed.
23:08 asciilifeform in wholly-unrelated other noose : phf wrote in , in fact he updated his vpatch page! for ffa, logotron, and trb ! appear to be 100% current nao !
23:08 asciilifeform ty phf .
23:09 * asciilifeform takes this back nao !
23:09 dulapbot Logged on 2021-07-21 20:09:37 asciilifeform: raw_avocado: there's also phf's patch viewer for the early stuff, but catastrophically outta date.
23:09 asciilifeform no longer outta date.
← 2021-07-25 | 2021-07-27 →