#trilema | 2017-11-22

pest - 2d 21h
trilema - 1032d

Show Idle (>14 d.) Chans

← 2017-11-21 | 2017-11-23 → ↓

00:29	danielpbarron	!!withdraw 0.5 1NmvgX3Z2Rvt48CeNgksT8koP616hx9tB5
00:29	deedbot	Get your OTP: http://p.bvulpes.com/pastes/cOZTp/?raw=true
00:32	danielpbarron	!!v D0F05C6FC6B6D03BB6CB01C9DEF031CD00831B96AEEEBE071D4B0E1618527BD4
00:32	deedbot	http://p.bvulpes.com/pastes/0nsyq/?raw=true
00:33	danielpbarron	!!balance
00:33	deedbot	http://p.bvulpes.com/pastes/cLaCZ/?raw=true
		~ 1 hours ~
01:34	deedbot	http://www.thedrinkingrecord.com/2017/11/22/and-the-arrangements-continue/ << Bingo Blog - And The Arrangements Continue
01:34	BingoBoingo	^ The update
		~ 2 hours 24 minutes ~
03:59	ben_vulpes	solid thread phf, asciilifeform
04:00	ben_vulpes	good example of tmsr as antireddit: nothing in the "nollij of crowds", but if yr lucky some sages will come by with a set of koans to set you rethinkin priors
04:01	ben_vulpes	in which BingoBoingo sets hisself deadlines!
		~ 1 hours 21 minutes ~
05:23	spyked	http://btcbase.org/log/2017-11-21#1741755 <-- crap. sorry for the confusion! I was thinking about builtin functions, not symbols. need a meaningful way to point symbols to those things, and meaningful way revealed itself once I finally grasped your point. /me proceeds to rewrite symbols+builtin pieces.
05:23	a111	Logged on 2017-11-21 19:35 phf: http://btcbase.org/log/2017-11-20#1741176 << i don't need to consider that, i grok metacircularity, i.e. there's no such thing as builtin symbols. bytecode or not is lateral to that point.
05:23	jurov	\znc clearallchannelbuffers
05:24	jurov	lol sorry
05:24	mircea_popescu	lol backwards!
		~ 29 minutes ~
05:53	spyked	http://btcbase.org/log/2017-11-21#1741759 , http://btcbase.org/log/2017-11-22#1741862 <-- string not a primitive, but -- "string" datatype aside -- symbol names are (conceptually) strings, so they (the symbol names) require an internal representation etc. cons'ing characters upon reading was simplest approach I found to storing and structuring them. con: list cells introduce memory overhead; pros: avoids arrays and magic numbers like
05:53	a111	Logged on 2017-11-21 19:38 phf: http://btcbase.org/log/2017-11-20#1741179 << you can just ignore the whole "string" question in first version, McCarthy's lisp used symbols instead of strings (that's why early nlp code, like eliza all come out as DOG SAID, HELLO) and the only operation you could do at some point was read and eq.
05:53	a111	Logged on 2017-11-22 00:33 mircea_popescu: string is not a primitive!
05:53	spyked	mccarthy's "up to 30 characters" (ref. Lisp manual Appendix F)
05:53	mircea_popescu	"not a primitive" means "nothing can '''conceptually''' be that"
05:58	spyked	mircea_popescu, I understood that. the point is, McCarthy's Lisp system still uses strings internally in some form.
05:59	mircea_popescu	it might just be that you look at mccarthy's symbols and think "oh strings".
06:01	spyked	nono, I look at Lisp symblol names and I think "strings", i.e. sequences of characters.
06:02	mircea_popescu	whereas odds are mccarthy thought indexes in an array.
06:03	mircea_popescu	you're familiar with how industrial technology looked at the time, the machine'd have a list of items internally, and glued on a piece of paper giving the words per item
06:03	mircea_popescu	(this mechanism survives in "error codes" lulz even today)
06:08	mircea_popescu	and in antique trilemas for the rotaku club (ie, great pieces i'm too lazy to translate), http://trilema.com/2012/pizdita-sau-antropologie-printre-taranii-de-la-oras/ aka mp knows more about "toxic manhood" an' "rape culture" than your local fabecook expert.
		~ 32 minutes ~
06:41	RagnarDanneskjol	mircea_popescu I may have someone worth inviting to chan for interview in the coming days. Most of the folks I know over there are primarily oral translators, so having to look around a bit. Just got back yesterday - BJ is a real shithole but the people are adorable, lots of good duck. FYI - 'VPN AC' (Romanian) seems to be the only one working well/consistently behind the firewall (I've used many) and
		↖
06:41	RagnarDanneskjol	Everbright Bank has, by far, the lowest entry barriers for business or tourist visitors opening new accounts.
		~ 19 minutes ~
07:00	mircea_popescu	oh they're still going on with their pretensions to sovereignity and whatnot, "firewalls", bs.
07:00	mircea_popescu	lulzy.
		~ 18 minutes ~
07:19	shinohai	gm #trilema
07:19	shinohai	!~later tell spyked got a question regarding the w3m patch when you have a sec.
07:19	jhvh1	shinohai: The operation succeeded.
		~ 42 minutes ~
08:01	spyked	morning, shinohai
08:02	shinohai	Heya spyked, was looking at your patch last night .... where did you get your w3m source code from if I may ask?
08:04	shinohai	https://www.digitaltrends.com/cool-tech/lava-lamps-encryption/ <<< in other faux phuctors (page refuses to archive for me)
		↖ ↖
08:04	spyked	shinohai, sourceforge, unfortunately (w3m devs still host it there for some reason). exact link: https://downloads.sourceforge.net/w3m/w3m-0.5.3.tar.gz same for the njs library; one sec, I'll look it up
08:05	shinohai	Its ok spyked .... this is the one I tried, albeit in a Debian VM. ./configure keeps failing for me saying there is no gc
08:06	shinohai	though it is available, I'm puzzled. (Your patch did apply cleanly)
08:06	spyked	ah crap. yes, I installed the gc lib from the debian repo. I don't know why they removed gc from the w3m tree
08:06	shinohai	Hmmm .... I have the gc repo though, still fails.
08:07	spyked	that's odd. can you paste somewhere?
08:07	spyked	the configure/make output, that is
08:08	shinohai	spyked: http://wotpaste.cascadianhacker.com/pastes/ouT0O/?raw=true
08:11	spyked	shinohai, I remember getting this as well at some point. can you also paste config.log? the js library bits that I added to ./configure are very hack-ish (IMHO the thing shouldn't be dynamically linked anyway, so I just hacked through it to make it work)
08:12	shinohai	Just an aside, I also tried this unpatched and get same error. One sec, posting config.log
08:13	spyked	(ftr, libgc is why I rebased the patch on w3m-0.5.3 in the first place; for some reason the "mktable" executable generated by w3m was segfaulting in the gc library, while I knew 0.5.3 compiled on my system before, with libgc from debian sources)
08:14	shinohai	config.log > http://wotpaste.cascadianhacker.com/pastes/X8A1Z/?raw=true
08:15	shinohai	I know I have builit it plenty of times, I'm trying to remember if there was some patch for that, don't recall
08:17	shinohai	( I think I used this version tbh https://github.com/tats/w3m ... I loath sourceforge lol)
08:18	shinohai	ah ha! https://github.com/tats/w3m/pull/2/files
08:19	spyked	shinohai, I know why the patch fails, though not sure why it fails without it... did you also compile and install libnjs? e.g. on line 1840 in config.log, "cannot find -ljs". hm. I am guessing you should have it installed if w3m-0.4 worked for you.
08:20	*	shinohai looks
08:21	shinohai	Nope, not available in repos either .... got a sauce?
08:22	spyked	the original w3m-js patch adds a -ljs compilation/link-time flag. now, there's another issue: if your libjs is in a path that the run-time linker can't find (e.g. /usr/local/lib as opposed to /usr/lib), it will fail again at some point.
08:23	spyked	shinohai, https://sourceforge.net/projects/njs/ (would be cool if there was out of sourceforge link too... /me will have to host all these somewhere publicly at some point)
		↖
08:24	shinohai	grrrr .... thanx for assistance spyked. I rather like w3m (because inline images) but truly needs a lot of cruft removed and things organised - mainly the sourceforge madness.
08:27	spyked	all these libraries (gc + njs + others) can be embedded in the original w3m and made self-contained (including removal of shared library nonsense, like gc was linked in 0.4), but they'll require me 1-2 full days. to put on list
08:30	spyked	I like w3m as well. the codebase is surprisingly easy to understand (took me a few hours yesterday to get a vague idea of how modules work together), though I have no idea why they need a gc. links is even more minimal, but I use w3m mainly because it runs in emacs.
08:32	shinohai	links is nice, it will at least open images in a framebuffer.
08:38	shinohai	bah, weird errors trying to build njs .... this is better left to when I can look at a full cleanup.
08:41	diana_coman	!!up Abot101
08:41	deedbot	Abot101 voiced for 30 minutes.
08:45	mircea_popescu	Abot101 who might you be ?
08:46	mircea_popescu	http://btcbase.org/log/2017-11-22#1742061 << lotta people do.
08:46	a111	Logged on 2017-11-22 13:23 spyked: shinohai, https://sourceforge.net/projects/njs/ (would be cool if there was out of sourceforge link too... /me will have to host all these somewhere publicly at some point)
08:46	spyked	hm. shinohai, I remember patching config.sub and config.guess at least. posting a patch in one minute.
08:47	shinohai	spyked: I did patch config.sub because it is horrendously old and has no idea what system I was using.
08:49	shinohai	oh and good morning Sr. Popescu o/
08:55	spyked	http://p.bvulpes.com/pastes/yVbXl/?raw=true <-- most of it is config.sub and config.guess. two lines at the end may fix shinohai's troubles. anyway, I'ma post the whole thing (w3m+gc+js+whatever else) once I manage to do a static build.
08:59	asciilifeform	in other noose, chaum ( see also http://btcbase.org/log/2016-01-10#1365552 ) peddles promisetronic shitcoin, https://archive.is/DQPVe , as if he had any reputation left to burn
08:59	a111	Logged on 2016-01-10 23:48 mircea_popescu: hey check that out, zimmerman makes nsa-phone and david chaum makes nsa-gossipd.
08:59	mircea_popescu	hola!
09:00	mircea_popescu	asciilifeform shameful excuses of the items they pretend to be.
09:00	shinohai	Adam Back gonna rage on that one
09:01	asciilifeform	meanwhile, https://archive.is/q98xo << intel burns moar amt fritzchip remote nsalogic
09:02	asciilifeform	at the same time fixing , i strongly suspect, the bug that recently showed promise of making the whole thing removable
09:03	asciilifeform	mircea_popescu: chaum is esp. sad case, was at one time actual thinking d00d, invented afaik hashtronic 'proof of work' , then proceeded to narrowly avoid doing anything useful with it
09:04	mircea_popescu	aha.
09:05	mircea_popescu	huge strategic mistake publicizing that item, but sadly i r not yet in the position of making ALL the calls.
09:05	mircea_popescu	(the bug i mean.)
09:06	asciilifeform	'Intel would like to thank Mark Ermolov and Maxim Goryachy from Positive Technologies Research for working collaboratively with Intel on a coordinated disclosure for CVE-2017-5705.' << oh hey named quislings ftr
09:06	asciilifeform	mircea_popescu: aha, oughta have been used in mass rapefest
09:07	mircea_popescu	just kept under lid for 2-3 years.
09:07	mircea_popescu	let them build a lot of the chips.
09:07	asciilifeform	coordinated anal waltz, not 'coordinated disclosure'
09:07	mircea_popescu	very stupid russki geologists.
09:07	asciilifeform	mircea_popescu: it's a fw bug, not silicon , sadly patchable
09:08	asciilifeform	( not, say, like the famous fdivbug in '90s )
09:08	mircea_popescu	not so cleanly cut.
09:08	mircea_popescu	should have let it pile.
09:08	asciilifeform	it piled since 2009
09:09	asciilifeform	when they started fritzchipping
09:09	mircea_popescu	iirc the early ones were different.
09:09	mircea_popescu	aaanyweays.
09:16	asciilifeform	http://btcbase.org/log/2017-11-22#1742041 << dun see what this has to do with phuctor... and 'lavarand' existed in '90s ( where is it nao..? )
09:16	a111	Logged on 2017-11-22 13:04 shinohai: https://www.digitaltrends.com/cool-tech/lava-lamps-encryption/ <<< in other faux phuctors (page refuses to archive for me)
09:16	asciilifeform	!~google lavarand
09:16	jhvh1	asciilifeform: Lavarand - Wikipedia: <https://en.wikipedia.org/wiki/Lavarand>; LavaRnd: <http://www.lavarand.org/>; What is LavaRnd?: <http://www.lavarand.org/what/index.html>
09:17	shinohai	asciilifeform: posted before full coffee, meant fuckgoats
09:17	asciilifeform	was sgi publicity stunt, even patented
09:17	asciilifeform	and apparently doomed to be recycled forever by svderps
09:19	asciilifeform	( will also point out, the lamps per se contribute ~0 entropy, arrangement is really ~same as hashwhitening output of camera static with the lens cap on )
09:29	mircea_popescu	http://btcbase.org/log/2017-11-22#1741924 << http://trilema.com/2017/Кто-ты-по-жизни/
09:29	a111	Logged on 2017-11-22 01:08 BingoBoingo: Anyways, explaining to normal ordinary people in meatspace who Mircea Popescu is, is surprisingly simple.
09:29	*	mircea_popescu is evidently working towards a unified theory of mpdom.
09:36	deedbot	http://trilema.com/2017/%d0%9a%d1%82%d0%be-%d1%82%d1%8b-%d0%bf%d0%be-%d0%b6%d0%b8%d0%b7%d0%bd%d0%b8/ << Trilema - ?
09:38	shinohai	lol .... `?`
09:39	mircea_popescu	unicoarde.
09:39	shinohai	deedbot doesn't know who it is in life. xD
09:39	mircea_popescu	ahahaha
09:41	mod6	mornin'
09:42	mircea_popescu	hola
09:43	mod6	how goes today?
09:44	mircea_popescu	setting up teh yachting for laterz.
09:44	mod6	sounds relaxing :]
		~ 46 minutes ~
10:31	mircea_popescu	in other lulz : p&g cut 100mn off its "online advertising" budget 2nd q ; saw zero impact.
10:37	mod6	heheh
		~ 27 minutes ~
11:04	phf	http://btcbase.org/log/2017-11-22#1742041 << it's not surprising that cloudflare's piece doesn't mention lavarand, but the original was invented at SGI and has a couple of patents around it https://www.wired.com/2003/08/random/, https://web.archive.org/web/20010926221159/http://lavarand.sgi.com/
11:04	a111	Logged on 2017-11-22 13:04 shinohai: https://www.digitaltrends.com/cool-tech/lava-lamps-encryption/ <<< in other faux phuctors (page refuses to archive for me)
11:05	asciilifeform	phf: see thread
11:05	phf	oh bah
11:05	asciilifeform	( am i the only one who actually uses phf's very spiffy pointy-hand arrows ? )
11:06	phf	actually i saw your follow up, but stopped reading at "where is it nao..?"
11:16	asciilifeform	phf: consider the sheer degree of unabashed cargocultism in the endless rehash of the lava lamp thing
		↖
11:16	asciilifeform	betcha it will become a 'new' idea at, e.g., google, a few yrs from now.
11:16	asciilifeform	and then again somewhere else.
11:16	asciilifeform	with bigger, bigger wall of lamps, each time.
11:18	*	asciilifeform for some reason unable to turn up the thread in the l0gz where we did the 'rng design is not a technical problem , but a political problem' thing
11:21	asciilifeform	also phf's linked pediwiki item is hilarious : '...floating material in lava lamps, extracting random data from the pictures, and using the result to seed a pseudorandom number generator.[1] Although the secondary part of the random number generation uses a pseudorandom number generator, the full process essentially qualifies as a "true" random number generator due to the random seed that is used.'
11:21	asciilifeform	didjaknow!
11:21	asciilifeform	Essentially Qualifies!
11:22	deedbot	danielpbarron: http://p.bvulpes.com/pastes/EnGVs/?raw=true
		~ 28 minutes ~
11:51	asciilifeform	in other lulz : http://www.openwall.com/lists/oss-security/2017/11/21/4 ( https://archive.is/N6vFJ ) << 'bignum fuzzer that compares the results of mathematical operations (addtion, subtraction, multiplication, ...) across multiple bignum libraries. Among these is the Go programming language, specifically the "math/big" package [1]. Recently, the fuzzer found a problem in its exponentiation operation...'
11:53	asciilifeform	hilarious on multiple levels : bignumtron so large and unfitting in head that it has to be probed via fuzzing, like microshit...
11:53	asciilifeform	or how about the 'pre-allocated vs not' nonsense
11:53	asciilifeform	or how about bugs in basic arithm routine.
11:57	mod6	eek
		~ 1 hours 8 minutes ~
13:05	asciilifeform	in other noose, sci-hub.cc dun resolve nomoar.
		↖
13:05	asciilifeform	( anyone outside of gringolandia wanna try ? )
13:17	asciilifeform	... sci-hub.la turns out still worx ( reminds of ye olde mpex... )
13:20	diana_coman	asciilifeform, works from here
13:21	asciilifeform	unsurprising
13:30	asciilifeform	( see also http://btcbase.org/log/2017-09-30#1718499 etc )
13:30	a111	Logged on 2017-09-30 00:25 cazalla: BingoBoingo, ah okay :\ dailystormer just got shoah'd again, this time from .is extension heh
		~ 1 hours 29 minutes ~
14:59	mod6	asciilifeform: if there are updates (that are complete & published) for MPI, you may want to update the BTC-Dev ML with the new changes, and reference the original: http://therealbitcoin.org/ml/btc-dev/2015-October/000175.html
15:00	asciilifeform	mod6: whole thing is at http://www.loper-os.org/?p=1533
15:01	asciilifeform	orig & update , both properly vtronic
15:01	asciilifeform	also on phf's http://btcbase.org/patches?patchset=mpi&search=
15:02	asciilifeform	mod6: trb ml was really not imho the proper place for it: mpi is not used in trb
15:02	mod6	yeah, the first message says as much.
15:02	mod6	i just happened to stumble across it and also thought "this is out of date too..."
15:03	asciilifeform	feel free to upload the vdiffs/sigs to the ml yourself if you can think of a reason why it belongs there
15:11	BingoBoingo	<ben_vulpes> in which BingoBoingo sets hisself deadlines! << Sets deadlines for self, and establishes expectations based on collected information.
15:13	BingoBoingo	In other news. USG.blue youth program has instructed parents to not have their daughters hug family members and to discourage hugging especially in cases where girl has recieved gift from said family membe
15:13	BingoBoingo	r
15:13	ben_vulpes	wat
15:14	BingoBoingo	This isnstruction is not specific to throbbing family members
15:14	BingoBoingo	ben_vulpes: Apparently teaches girls to respond to favors with affection, Grill Scouts says bad family
		↖
		~ 37 minutes ~
15:51	deedbot	http://www.dianacoman.com/2017/11/22/taming-of-the-serpent-in-ada/ << Ossasepia - Taming of the Serpent in Ada
		~ 20 minutes ~
16:12	asciilifeform	oh hey hey hey ljb!
16:12	*	asciilifeform reads
16:13	diana_coman	asciilifeform, let me know if you see anything weird in there
16:13	asciilifeform	diana_coman: well 'a candidate replacement for the algorithm used at that time under the name of “Advanced ..' is not quite it, they competed for the usg tourney crown
16:14	asciilifeform	the item at the time known as 'rijndael' was crowned by nsa, and was proclaimed 'aes'
16:15	diana_coman	hm, right; creation of "aes" rather than replacement, right
16:15	asciilifeform	http://btcbase.org/log/2015-01-17#981006 << thread. possibly elsewhere.
16:15	a111	Logged on 2015-01-17 22:38 asciilifeform: or, alternatively, like the choice of 'aes' over the stronger but 'slower' 'serpent' cipher, it was merely orders from lizardhitler.
16:15	diana_coman	replacement for des rather
16:16	asciilifeform	aha.
16:16	asciilifeform	!#s from:asciilifeform aes
16:16	a111	81 results for "from:asciilifeform aes", http://btcbase.org/log-search?q=from%3Aasciilifeform%20aes
16:16	asciilifeform	!#s from:mircea_popescu aes
16:16	a111	38 results for "from:mircea_popescu aes", http://btcbase.org/log-search?q=from%3Amircea_popescu%20aes
16:16	asciilifeform	^ possibly in there, actually. re the faux 'contest'.
16:18	diana_coman	updated; I'll read and link when I find it, as it should be linked I think
16:19	asciilifeform	the process whereby rijndael became usg's national One Troo Cipher was as dubious a thing as could be expected.
16:20	diana_coman	well, I was trying to keep my scope there relatively narrowly focused on serpent itself; it's not a very short post as it is anywya
16:21	diana_coman	found this so far: http://btcbase.org/log/2016-12-28#1591982
16:21	a111	Logged on 2016-12-28 17:09 asciilifeform: the political history is also rather interesting (it was on track to winning the 'aes competition', received fewest thumbs-down votes from the panelists, but mysteriously torpedoed by usg and did not win)
16:21	asciilifeform	truth be told, all published symmetric ciphers are fundamentally liquishit, and for approximately the same reason ( http://btcbase.org/log/2016-06-06#1477746 ) . they divide merely into the 'already publicly broken' and 'not yet'
16:21	a111	Logged on 2016-06-06 21:37 asciilifeform: i find it also very interesting that all aes-like ('boxes') cryptosystems are direct descendants of rotor machines. which were known to be pseudoscientific even when first built, as vernam existed
16:22	asciilifeform	http://dianacoman.com/available_resources/nessie_vectors.txt << 404 btw
16:23	*	diana_coman checks
16:24	diana_coman	it is there now
16:24	diana_coman	I could have sworn I did upload it but apparently..I hadn't
16:36	diana_coman	asciilifeform, mind expanding a bit on what you had in mind as best way to expand serpent to 512 bits blocks?
16:38	diana_coman	and 512 bits key too for that matter
16:40	asciilifeform	to expand a K-bit (block and key, we'll assume, are each K-bit) voodoocipher to J bitness, xor split ( on rng ); having generated J / K independent keys; each incoming plaintext block of J bits, is cut into J / K blocks, and each enciphered with the corresponding key. decipher -- same.
16:41	asciilifeform	xor split each plaintext block, that is
16:42	asciilifeform	actually nm
16:43	asciilifeform	this is wrong; and the correct algo is in the l0gz...
16:45	asciilifeform	anyway for 512bit key, you still keep the 128bit block. but each time you have incoming 128b plaintext, you shamir it rngistically into 512bits, i.e. 4 128b parcels that must be xor'd to reconstitute the original. each of these get ciphered with one of 4 independently-generated 128b keys.
		↖ ↖
16:45	diana_coman	hm, I probably did not know how to search for it properly as I did look but still not very clear on it
16:45	asciilifeform	on the decipherment end, each split gets deciphered with the respective 128b key , and the four parcels xor'd to form the plaintext again.
16:46	asciilifeform	does this make sense ?
16:46	diana_coman	ah, it was the construction on top you had in mind
16:46	asciilifeform	the 1 aspect that historically bothered me, is that enemy knows now a relation between the plaintexts in the 4 streams
16:47	asciilifeform	sorta how i ended up exploring the http://btcbase.org/log/2016-12-24#1589881 item
16:47	a111	Logged on 2016-12-24 01:03 asciilifeform: picture the following 1-dimensional automaton, that eats bitstring in sets of 2bits, and : '10' -> 'tape step left' ; '01' -> 'tape step right' ; '11' -> invert bit at current square; '00' -> terminate.
16:47	asciilifeform	( i see it as a still-unsolved problem. )
16:49	asciilifeform	back to the shamir scheme : the only thing i can properly prove about it, is that it isn't weaker than straight single-key-with-no-splits
16:51	asciilifeform	and, on top of this, each stream ~individually~ is not distinguishable from rngolade.
16:53	asciilifeform	anyway orig method is in log, http://btcbase.org/log/2017-02-25#1618462 << merely in application to slightly different form of the problem ( how to combine voodoociphers in such a way that the result can in no circumstances be weaker than the strongest of the items )
16:53	a111	Logged on 2017-02-25 21:26 asciilifeform: so, for instance, you can prove that a k-of-k (must have ALL parts) shamir split, where you then take each share and encipher with different method -- will NEVER be weaker than the strongest cipher used.
16:53	asciilifeform	you thereby get a 'ratchet'. which afaik is the only hard strength result in all of crypto aside from von neumann's otp proof...
16:54	asciilifeform	( which it is really but a restatement of )
16:55	diana_coman	yes, I had found that one; for some reason I thought you had in mind a different approach for expanding block + key size for serpent itself
16:55	asciilifeform	nope. it isn't a keccak-like thing, isn't 'rubber'
16:55	asciilifeform	not defined for any kind of stretching.
16:56	asciilifeform	my approach is a universal 'stretcher', predicated on having reasonably fast and high-quality trng.
		↖
16:58	asciilifeform	( your encipherment speed is limited to 1/S of your rng's bit rate, where S is the splitness )
17:06	*	asciilifeform brb,teatime
17:07	diana_coman	I think I need to read more on this, so I'll hit the books
17:07	*	shinohai has enjoyed asciilifeform 's and diana_coman 's exchange and also goes to tea [~}
17:09	ben_vulpes	"School superintended Keith Marty said it was a surprise to staff that the student responsible was not white." still? STILL a surprise? http://www.dailymail.co.uk/news/article-5108107/Student-writes-white-lives-matter-N-word-mirror.html
17:11	trinque	how did someone writing niggers in a school bathroom make the news?
17:11	trinque	they didn't even shoot anyone
17:17	ben_vulpes	writing niggers on the wall is basically shooting babies, trinque omfg be more sensitive
17:30	mod6	ya srsly
17:31	shinohai	lmfao this thread
17:46	asciilifeform	diana_coman: lemme give specific example. start with splitting 1 byte. to split byte B into X and Y, you take byte R from rng, and compute B xor R = X. then Y = R . X xor Y = B .
17:47	asciilifeform	diana_coman: now let's split 1 byte into ~four~, A,B,C,D. we take same transform and do it to X and Y in turn. in total, we've used 4 bytes from rng device, to cut 1 byte into 4 otpfrags.
17:48	mircea_popescu	http://btcbase.org/log/2017-11-22#1742164 << hey, next the "instruction function of soviet pioneer org in protecting the poor clueless adults from toxic facts and hate truth" will emerge. and then, probably, the NEP. and then, i guess, the http://trilema.com/2014/the-problem-of-enforcement/#footnote_0_55204
17:48	a111	Logged on 2017-11-22 20:14 BingoBoingo: ben_vulpes: Apparently teaches girls to respond to favors with affection, Grill Scouts says bad family
17:49	diana_coman	asciilifeform, that makes perfect sense, yes
17:49	asciilifeform	diana_coman: observe that knowing 1,2,or even 3, gives you 0 bits of info re the original.
17:50	asciilifeform	( in the shannon sense. you haven't narrowed down what the 4th could be, by knowing 1..3 )
17:51	diana_coman	aha
17:52	mircea_popescu	http://btcbase.org/log/2016-02-06#1398048 << and so on
17:52	a111	Logged on 2016-02-06 16:55 mircea_popescu: derp #1 : "What is wrong with existing block ciphers like AES? AES has been in widespread use for over a decade and to the best of my knowledge, there is still no practical attack on it (unless someone has built a working quantum computer and not told anyone about it). Its totally free of patents and IP issues. Its been implemented in a huge variety of hardware and software (including the Intel CPU that I am using to m
17:53	mircea_popescu	hm that;s still kinda late.
17:53	asciilifeform	there was an earlier one... http://btcbase.org/log/2014-09-07#821750
17:53	a111	Logged on 2014-09-07 17:56 mircea_popescu: i wasn't aware this is public knowledge.
17:54	mircea_popescu	http://btcbase.org/log/2015-07-12#1198022 there's actually lotta these
17:54	a111	Logged on 2015-07-12 03:17 mircea_popescu: asciilifeform http://trilema.com/2014/minigame-smg-august-2014-statement/#comment-114754 << don't you find it a little odd that even on an obscure liuttle game such as eulora, someone does find the time to carefully probe me about aes ?
17:54	asciilifeform	right, plenty
17:54	mircea_popescu	apparently AES is one of those topics where someone could just pick up the log discussion over 3 years and make anencyclopedia entry
17:54	asciilifeform	almost impossible to bring up crypto in heathendom without a 'voice in the crowd' 'helpfully' reminding about 'standardized, well-designed aes'
17:55	mircea_popescu	http://btcbase.org/log/2014-09-07#821766
17:55	a111	Logged on 2014-09-07 18:00 mircea_popescu: It gets worse. Nearly every AES implementation using AESNI will leave two values in registers: The final block of output, and the final round key. The final block of output isn't a problem for encryption operations it is ciphertext, which we can assume has leaked anyway but for encryption an AES-128 key can be computed from the final round key, and for decryption the final round key is the AES-128 key. (For AES
17:55	diana_coman	ha, back when I was blissfully only playing this game!!
17:55	mircea_popescu	diana_coman those happy days.
17:57	mircea_popescu	http://btcbase.org/log/2017-11-22#1742198 << how about actually using a 512 bit block
17:57	a111	Logged on 2017-11-22 21:45 asciilifeform: anyway for 512bit key, you still keep the 128bit block. but each time you have incoming 128b plaintext, you shamir it rngistically into 512bits, i.e. 4 128b parcels that must be xor'd to reconstitute the original. each of these get ciphered with one of 4 independently-generated 128b keys.
17:58	asciilifeform	mircea_popescu: serpent isn't defined as a stretchable thing - i.e. it isn't obvious what ought to be changed to produce a larger ( or smaller, for that matter ) block, and still to have it meaningfully similar to original
17:59	asciilifeform	rather like the diff b/w sha512 and keccak
17:59	asciilifeform	( the latter is defined as a family of functions, and so 'rubber' )
17:59	mircea_popescu	dja see why i'd muchly prefer a native tmsr.rsa length symmetric cypher rather than this nonsense ?
18:00	asciilifeform	really not hard to see
18:00	mircea_popescu	and why trhe fuck am i using "4 bit permutations"
18:00	mircea_popescu	and so on and so on
18:00	asciilifeform	it does cost moar tho. even once i'm done with the asm version.
18:01	asciilifeform	modular exp is intrinsically costlier , at least on pc iron, than the idjit rotorization used in symmetrics
18:02	mircea_popescu	anyway, whatever, diana_coman : the correct implementation approach to patch the 256 bit serpent into 4096 bit rsa is to cut every rsa block into 16 fragments, cipher each independently with diff keys, then paste the 16 keys together make 4096 bit of key.
18:03	mircea_popescu	it's bullshit all the way down, "the 4096 bit block gets cut into 16 sub blocks to be fit into rotorizers that cut each block into 64 bits and process with their 4 bit s boxes". because we're from the fucking cartoons.
		↖
18:04	asciilifeform	sad, innit. asciilifeform for instance has a mtbf of about 1hr when reading about symmetric ciphers. after that -- barf
18:04	asciilifeform	because ultimately yes 'down to the 4bit sbox!'
18:07	mircea_popescu	asciilifeform i have this itching half-memory that serpent 256 was actually defined
18:08	asciilifeform	it was.
18:08	asciilifeform	but ~key~ size
18:08	asciilifeform	block was fixed at 128bit.
18:08	diana_coman	mircea_popescu, 256 key, 128 block
18:08	diana_coman	heh, crossed with asciilifeform
18:10	mircea_popescu	asciilifeform right you are, it's in the... 2006 spec.
18:12	mircea_popescu	in other lulz from same source (ross anderson of cambridge) http://www.cl.cam.ac.uk/~rja14/Papers/tamper.pdf
18:12	mircea_popescu	that one from 1998
18:12	asciilifeform	classic piece
18:12	diana_coman	mircea_popescu, let me see if I got this right re "patch": simply apply serpent as it is and then at the next level up glue x keys together and send as "key", glue the corresponding x outputs together and use as "output"; basically lump together 16 serpents
18:12	mircea_popescu	yea.
18:13	mircea_popescu	asciilifeform the "specificication" published on cambridge page is most likely a later fake. it's a 2006 item supposedly of a 1998 document.
18:14	mircea_popescu	OTHER 1998 documents, of lesser political sensitivity, exist there in original format.
18:14	asciilifeform	mircea_popescu: the current serpent www is at the very minimum known to be missing items from before
18:14	asciilifeform	so why not also serpent.
18:14	asciilifeform	keccak, i meant, turned up missing items
18:15	*	mircea_popescu doesn't recall why we picked up airbase 1 serpent in preference of japanese item ?
18:15	asciilifeform	branch-free
18:15	*	mircea_popescu is annoyed.
18:15	asciilifeform	y'know the splits dun all have to be ciphered with same scheme
18:17	mircea_popescu	asciilifeform dja recall the discssion with apelyobee fellow ? http://btcbase.org/log/2017-11-14#1737658
18:17	a111	Logged on 2017-11-14 14:55 mircea_popescu: this is the problem with "complexify the code machine" tendency. somehow it appears intuitively evident that having a portion of the code INSIDE the machine is "a more complex, therefore a more secure system". it is not. 100% of the key belongs in the key.
18:18	asciilifeform	sure
18:18	asciilifeform	i read that line as a restatement of the ancient 'seekrit algos are a stupidity, honest crypto keeps only privkey seekrit' truism
18:19	mircea_popescu	diana_coman and of course we end up with 8kb of bs "key" for every 4kb payload don't we.
18:19	asciilifeform	16
18:19	mircea_popescu	well 256 bit keys 128 bit blocks.
18:19	asciilifeform	ah with no splits then yea
18:20	mircea_popescu	so basically we'll be reusing serpent keys, is the idea ?
18:21	asciilifeform	( in other 'gangrene ? what gangrene?' horrors : 'LibTomCrypt is pretty nice to read (only bug found in last 10 years was in prime generation — failed to iterate Miller-Rabin)' -- from turd https://comsecuris.com/slides/slides-bignum-bhus2015.pdf re broken bignumatrons. cited line presented as a 'hey it's pretty good'... )
18:22	mircea_popescu	check it out, diana_coman has found de-facto work-around to "my theme overwrites text up top" : put an intro in, page or so before code :D
18:22	diana_coman	mircea_popescu, aha!
18:22	mircea_popescu	smart.
18:23	mircea_popescu	anyway, so what's the work mode here, every now and again server sends client a rsa-encrypted packet containing 16 aes keys ; client enciphers its comms to the server with one selected from a set of 8 selected from those 16 ; and deciphers server's with one selected from set of 8 other than previous set. now and again burns a key.
18:23	mircea_popescu	when left with two unburned gets new set.
18:24	diana_coman	mircea_popescu, aes keys??
18:24	mircea_popescu	sorry serpent keys
18:24	asciilifeform	dun have to swap ~all~ the keys every time there's an rsagram
18:24	mircea_popescu	sed 's/aes/serpent/'
18:24	mircea_popescu	asciilifeform client just keeps a list. adds to it when rsagram
18:24	mircea_popescu	strikes from it by criteria.
18:25	asciilifeform	right
18:25	mircea_popescu	this actually seems a rather workable method tbh.
18:25	mircea_popescu	allows for very elastic packets / metering of security needs by user.
18:25	asciilifeform	iirc this is the scheme asciilifeform originally suggested.
18:26	mircea_popescu	diana_coman thereby all game packets will be multiples of 128 bits, and in principle a client can live off the first original rsa op its entire life if it so wishes.
18:26	mircea_popescu	asciilifeform pretty cool.
18:27	asciilifeform	it costs, however, http://btcbase.org/log/2017-11-22#1742216 .
18:27	a111	Logged on 2017-11-22 21:56 asciilifeform: my approach is a universal 'stretcher', predicated on having reasonably fast and high-quality trng.
18:27	mircea_popescu	diana_coman i guess we'll define a "control packet" which is always the first 128 bits of every comm, which will contain data such as "killed key #x moved to #y" and also "running out of keys send moar".
18:27	mircea_popescu	asciilifeform sorry ?
18:27	mircea_popescu	server generates all serpent keys. no stretching .
18:27	asciilifeform	actually if client doesn't get to generate keys
18:28	asciilifeform	aha right
18:28	asciilifeform	if server generates all keys, client dun need an rng at all.
18:28	asciilifeform	( aside from when creating his original rsa priv )
18:28	mircea_popescu	the major advantage of which is that user will be able to enjoy security flowing from server even without own fg.
18:28	mircea_popescu	right.
18:31	mircea_popescu	and suddenly the fg entropy debit is relevant : eulora server will be capable to produce iirc no more than 64 serpent keys/second per installed FG.
18:32	mircea_popescu	in reality less as it draws some itself.
18:32	asciilifeform	this is approx correct.
18:32	mircea_popescu	so i'm guessing a daily-ish serpent key change per client is not unreasonable.
18:33	asciilifeform	would depend on how populous, neh
18:33	asciilifeform	with few enough clients, even hourly'd be workable
18:33	mircea_popescu	but if memory serves the "attack" on serpent used 2^100 plaintexts sorta deal
18:33	mircea_popescu	asciilifeform yes but taking the assumptions other way to see how bad it looks.
18:33	mircea_popescu	imo dun look bad at all.
18:36	diana_coman	mircea_popescu, 16 serpent keys means 16 keys of 256 bits each?
18:36	mircea_popescu	right.
18:39	diana_coman	mircea_popescu, and then when client enciphers with 1 from a set of 8 selected from those 16: does this mean reusing that 1 key for as many 128 chunks that particular eulora message has? or do you mean 1 per chunk ?
18:39	mircea_popescu	it means reusing
18:40	diana_coman	k, I think I got it
18:42	mircea_popescu	in ~principle~ serpent doesn't expose the key anymore than it exposes the cipher. the claim is that if you know about 2^100 or so plaintext-ciphertext matches you can extract the key.
18:42	mircea_popescu	now, the expectation is that a full day of play will produce less than say 2^15 or so messages.
18:43	diana_coman	myeah, since reading more seriously on crypto I read a LOT of claims, certainly
18:44	asciilifeform	diana_coman: there is ~nothing serious printed on the subject publicly since... von neumann
18:46	asciilifeform	which is why 'hitting the books' is a very limited proposition. the most that can generally be asked from the dead trees, is an accurate picture of the popular algos, plus details of the most well-known attacks on various (e.g. lenstra's, pollard's, etc )
18:46	asciilifeform	but as for the general principles which a naive n00b might hope to find in such a work -- there's nothing since old man john von n.
18:47	asciilifeform	( and , jaw-droppingly, just about every book 'on crypto' omits the otp proof. that very same, that constitutes the alpha and the omega of what's actually proven in the subject at all )
		↖
18:48	mircea_popescu	hey, every ro "blog" omits mention of trilema.
18:48	mircea_popescu	dun look good together.
18:49	asciilifeform	exactly same phenomenon imho
18:49	asciilifeform	including the otp proof would immediately invite the q, in even a half-awake reader, of why the fuck the rest of the tree had to die
18:49	asciilifeform	to produce the brick of nonsense that follows
18:49	mircea_popescu	something quite like that.
18:50	asciilifeform	in today's gnattronics finds :
18:51	asciilifeform	1 ) build a gnat proj 2) gnatxref -a -aO path_where_your_ali_files_end_up yourmain.adb > xref.txt
18:51	asciilifeform	shits forth a concordance, e.g. http://wotpaste.cascadianhacker.com/pastes/MDZMh/?raw=true .
18:51	diana_coman	asciilifeform, I suspect it's quite possible that the writer would end up with that q so... no book
18:52	asciilifeform	( full usage/dep topology for every named entity in your proj )
18:52	asciilifeform	with lines/columns where used, and where defined.
18:52	diana_coman	that being said, whenever I find I don't even have that poor picture as full and as clear as I'd like, I'm still left with little other choice then to go and read; possibly again, what can I do
18:52	asciilifeform	diana_coman: the writer is typically a schneier-style wretch who made 'the bargain' and very well knows about otp
18:53	asciilifeform	and ain't sayin'.
18:56	asciilifeform	diana_coman: aside from von neumann, and the crc encyclopaedia of well-known algos, i cannot in good conscience recommend much reading. there are works devoted to specific known attacks on rsa ( song y. yang, plus a few ru items ) ; at least 1 dead tree on differential cryptoanalysis ( how items like des get trivially demolished ) whose author presently escapes me; and that's just about it
18:56	asciilifeform	you're prolly better off reviewing the fundamentals of information theory ( shannon et al )
18:57	asciilifeform	asking for 'good books on crypto' is not wholly unlike to ask 'good books in astrology'
18:58	diana_coman	eh, 'good books in voodoo', let's not branch un-necessarily :p
18:58	mircea_popescu	lmao
19:04	shinohai	this is os hilarious http://archive.is/lPCer #etheredumb gonna fix bitcoin again hurr
19:04	BingoBoingo	En otra preguntas: "Are we honering that stupid one year plant policy for Christmas trees?"
19:07	ben_vulpes	shinohai: 'payinghyip'
19:08	shinohai	mah ec20 tokens
19:09	asciilifeform	shinohai: newer, cheaper grade of pinoy, or wat
19:09	asciilifeform	physically painful to read.
19:10	asciilifeform	'solve bitcoin's problem by forking it ourself' etc
19:10	shinohai	https://www.reddit.com/r/altcoin/comments/7eveiu/bitcoin_2x_the_next_generation_of_crypto/dq7pvn2/
19:10	asciilifeform	i propose to enact this useful new word as a proper thing
19:10	asciilifeform	if an anthill could speak, it would use word 'ourself'
19:12	BingoBoingo	<asciilifeform> if an anthill could speak, it would use word 'ourself' << And the termitories use ourself too
19:14	mircea_popescu	and in other news, it was established in teh harem over dinner that human demographics should prolly work on the basis of the alcohol used to spawn them
19:14	mircea_popescu	thereby the jennifer generation mostly should be called tequilla-x
19:14	mircea_popescu	succeeding beer-x which came after gin-x and so on
19:15	asciilifeform	what was the 'jennifer generation' ?
19:20	asciilifeform	( incidentally, mircea_popescu , possibly pertinent cultur-artifact, http://a-pesni.org/dvor/javychelrod.php )
19:20	asciilifeform	( whole site pretty decent imho. )
19:30	phf	asciilifeform: https://duckduckgo.com/?q=jennifer+aniston&t=ffab&iar=images&iax=images&ia=images i wonder if mp used that trop before, or it comes from tlp (i'm rereading tlp again)
19:31	asciilifeform	lol agricultural face
		~ 26 minutes ~
19:57	mircea_popescu	phf in my case it's genuinely because i fuck 21f cali.
19:57	mircea_popescu	but anyway,
19:57	mircea_popescu	!~google the jennifer hairdo
19:57	jhvh1	mircea_popescu: See 13 Celebrities Who Have Rocked Jennifer Aniston's Rachel ...: <http://www.instyle.com/beauty/honor-friends-reunion-13-celebrities-who-have-also-rocked-rachel-haircut>; Jennifer Aniston reveals why she hated 'The Rachel' haircut: <https://www.today.com/style/jennifer-aniston-reveals-why-she-hated-rachel-cut-t20831>; The Story Behind Jennifer Aniston's Rachel Haircut \| PEOPLE.com: (1 more message)
19:59	mircea_popescu	asciilifeform lol i can't read this. wtf is it ?
20:01	asciilifeform	mircea_popescu: prison folklore
20:02	asciilifeform	at some point i'ma take a stab at translation.
20:02	mircea_popescu	my vocab too poor
20:02	BingoBoingo	lol
20:03	mircea_popescu	pantsuited hilarity won miss world president race ourself.
20:03	BingoBoingo	With maximust termiterity!
		~ 3 hours 10 minutes ~
23:14	BingoBoingo	!~ticker --market all
23:14	jhvh1	BingoBoingo: Bitstamp BTCUSD last: 8193.37, vol: 7970.22464966 \| Bitfinex BTCUSD last: 8183.7, vol: 28256.73489211 \| CampBX BTCUSD last: 3450.0, vol: 0 \| Kraken BTCUSD last: 8203.5, vol: 2847.63427408 \| Volume-weighted last average: 8187.1153965
23:17	BingoBoingo	!~bcstats
23:17	jhvh1	BingoBoingo: Current Blocks: 495672 \| Current Difficulty: 1.364422081125E12 \| Next Difficulty At Block: 495935 \| Next Difficulty In: 263 blocks \| Next Difficulty In About: 1 day, 21 hours, 57 minutes, and 14 seconds \| Next Difficulty Estimate: None \| Estimated Percent Change: None
23:24	mircea_popescu	and in other black girls code lulz, rorc girl explains FOSS : https://www.youtube.com/watch?v=T-QUSXpy3sk&feature=youtu.be&t=111
23:38	phf	lulzy, but she really needs to do some inhalations and exhalations, this is some speaking 101 torture going on
23:40	mircea_popescu	they're all fucking terrible. this one breathes like she's 1/3 on the way to orgasm.
		↖
23:40	mircea_popescu	buncha "speakers" that are SO FUCKING ANXIOUS you'd think they never spoke to people.
23:42	mircea_popescu	and since we're on this : i'm particularily insulted by the pretentions of ex-"journalists" owners of no more than two pairs of undewear and no two meatballs to rub together in their entrails at any given point that they're you know, postmodern women with preoccupations and opinions and options and whatnot. this shithead made in her entire 10 year long professional life a little over one bitcoin.
23:43	mircea_popescu	yet there she sits, and like her one billion utterly useless facebook tards. i've no doubt she votes, but not randomly -- she thinks she reasons! and in another decade she's gonna write a "book". and so fucking following.
23:44	mircea_popescu	in short, i've had it with the aferations of social participation coming from the facebook fake accounts up to fucking here.
23:46	mircea_popescu	"oh but mp, wetware-run fake accounts are real!!!" like hell they are. the fact that zuck uses a buncha biosacks to do the job of ten lines of perl doesn't mean the biosacks aren't really shitty raspberrypis. what the fuck next, he's gonna run the shitstorm on z80s and pretend like the z80s are people because "they're louder, slower and burn more energy than proper computers" ?! THEY STILL DO THE EXACT SAME THING.
23:48	mircea_popescu	"it's open source which means you don't have to know anything, just copy some codes from the endless information highway". ioana calen xrumer.
23:50	phf	where's genghis kahn when you need him? (c)
23:51	mircea_popescu	http://p.bvulpes.com/pastes/F4C3M/?raw=true << fucking illustratious.
23:51	asciilifeform	http://btcbase.org/log/2017-11-23#1742400 << mm pretty tho
23:51	a111	Logged on 2017-11-23 04:40 mircea_popescu: they're all fucking terrible. this one breathes like she's 1/3 on the way to orgasm.
23:52	mircea_popescu	asciilifeform i randomly clicked a link from an 2008 article by the itisa dood. i suppose he was fucking her at the time or w/e.
23:52	phf	obligatory https://www.youtube.com/watch?v=ita8xHOtv1k
23:52	asciilifeform	mebbe helps that asciilifeform is sitting on a box with no sound card
23:53	mircea_popescu	but this is the fucking "career" of these schmucks. born 83, graduated "college" 2003, worked as a fashion-culture-pop-media "editor" at some obscure local paper, then became "a PR officer!!1" by now pretending to "cultural management". motherfucker. management ?!
23:53	mircea_popescu	for the same money could pretend to cultural engineering. which, obviously, they do.
23:53	phf	asciilifeform: yeah, i had the same thought until she started speaking, i mean, shit, they don't have "toastmasters" in romania? practice your talk before going in front of people
23:54	mircea_popescu	phf it's not that they don't have toastmasters in romania. it's that they don'tr have anything if you're born after 1980.
23:54	mircea_popescu	and i mean this most literally.
23:54	mircea_popescu	" At Buyerbrain, Ioana performs as a researcher and as a multidisciplinary perspective analyst, disseminating and promoting the neuroscience culture while also applying those principles to marketing and communicating the laboratory." you understand me ?!
23:54	mircea_popescu	what fucking toastmasters.
23:55	mircea_popescu	the neuroscience fucking culture so help me.
23:55	asciilifeform	neuroscience culture..?!
23:55	mircea_popescu	apparently what, on the basis of this malfunctioning spam script they also don't have basic logic in romania now ?
23:55	phf	blockchain!
23:56	mircea_popescu	yeah, that's the entomological value here : that these EXACTLY IDENTICAL fucktards haven't yet heard of THAT fashionable bullshit. so they're still working the old style nonsense. yet the underlying opcodes are very visibly exactly the same.
23:56	mircea_popescu	allows for some diffing, "what's this z69 say vs that one ?"
23:57	mircea_popescu	and i'll insist and underline that no, can not be the case these are people. if i can emulate 10k of them on a stock amd, they're not people, they're 1/10k of a stock amd.

← 2017-11-21 | 2017-11-23 → ↑