mod6: im not sure what you've got going on there adlai, but you're missing a bunch of vpatches
adlai doesn't particularly see how this informs mod6 of ~anything
adlai: and, uh, let's get better error msgs, so i don't waste your time, next time
adlai used wget + emacs macro to get vpatches
adlai: maybe emacs is to blame, wouldn't be the first time
mod6: bah, sorry for the redundancy.
adlai: this is like the fi'th time tonite
a111: Logged on 2016年10月04日 02:02 adlai suddenly corrects himself -- pete_dushenski was not part of the highlight. whether he was a member of the can-encrypt set, is a matter too deep to reversee in /me's current state
adlai: pete_dushenski: say what you're trying to say in plain simple language, not chomsky-implicationshish-whateverthefuck
adlai: romanian is probably good enough, even though /me don't speak it yet
trinque: oh man this guy with the jokes
adlai: "joke", to me at least, implies significant setup, exposition, etc
adlai: this would be at most, a driveby
adlai: probably a pritty shitty one
trinque still wondering when the acid superintelligence will kick in for adlai
adlai dunno what kind of "acid" your "friends" sell you
adlai: but all i learned from mine was -- baby, gotta b kind
adlai sure hopes dear reader understands wtf he's on about. if not -- goodnight
trinque: this thing where you pick a tangent and start jawing at length, goto start
trinque: dunno what you expect to come of it
pete_dushenski: trinque: i wanted to deed a pdf of bitfinex being derpy, so i base64'd it, signed it, and tried to deed it bu it didn't bundle
trinque: mod6 has done larger turds than that; should've worked
pete_dushenski: in other holy cramolies i've never seen more than ~30 connections to laocoon but he's been maintaining 66-67 all day. werd.
pete_dushenski: trinque: ya, i recall mod6 going through the whole offline build deeding. took ages but it worked.
pete_dushenski: nfi why not the bitfinex lulz. mebbe deedbot decided it was neither funny enough nor important enough
pete_dushenski: on either account i'm not entirely sure i have any quarrels
trinque: I'll look into it tomorrow in either case.
trinque: all the others farted right on time.
a111: Logged on 2016年10月04日 02:23 mircea_popescu: if you ever wondered what uppity tortilla'd have been like if born intelligent.
a111: Logged on 2016年09月16日 16:45 asciilifeform: 'The long-planned participatory (shall we say) sculpture by the Italian artist Maurizio Cattelan — a fully functional, solid 18-karat-gold copy of a Kohler toilet, an over-the-top apotheosis of wealth — was installed in the humble restroom on the fifth-floor ramp of the Solomon R. Guggenheim Museum late last week and will be open for business to anyone with the urge on Friday...'
adlai: "For ???America??? Cattelan replaced the toilet in this restroom with a fully functional replica" ... functional? no side effects?
pete_dushenski: a damn. you're eminently deserving of your elefant gravatar, asciilifeform.
pete_dushenski: adlai: primary side effect is richard serra wincing in paint at the shot across his 'participatory art' bow.
adlai: why, i think he'd rather take it as a compliment
adlai: you're using his usable doodad
jhvh1: 1. We admitted we were powerless over alcohol—that our lives had become unmanageable.
jhvh1: 2. Came to believe that a Power greater than ourselves could restore us to sanity.
jhvh1: 3. Made a decision to turn our will and our lives over to the care of God as we understood Him.
jhvh1: 4. Made a searching and fearless moral inventory of ourselves.
jhvh1: 5. Admitted to God, to ourselves, and to another human being the exact nature of our wrongs.
jhvh1: 6. Were entirely ready to have God remove all these defects of character.
jhvh1: 7. Humbly asked Him to remove our shortcomings.
adlai: do i need to keep spamming this useless shit?
BingoBoingo: Well, are you still going to spill bottle everywhere?
adlai: '''define''' spill
trinque: enough fucking meta-conversation loop.
adlai: asciilifeform: this is what happened to him: "The board of directors of Silvervault O?? has decided to close the operations. We expect the closure to be on effect June 2016, until which you may pick-up or sell your silver. Fixings will only be conducted on Thursdays. Thank you for the 5 years together, and sorry for the market turning against us!"
trinque: you hit it, and more signal comes out
adlai: (./bjam toolset=gcc link=static -sNO_BZIP2=1 -sNO_ZLIB=1 -sNO_COMPRESSION=1 || true) # FIX THIS ABOMINATION!!!
adlai: also, i had to install 'cpio' on this box, whatever that is
adlai thought trinque went to be
adlai blinks at that weirdly smooth numba
trinque: ftr I put that comment there. used to be that rotor lacked a -e and so would pass over the boost failing targets silently. while we don't use them, the `|| true` certainly has to go
trinque: the task there is disabling all unused boost targets.
mod6: adlai: did you get all of the vpatches then?
adlai: mod6: yes, it's still building atm
adlai: and by 'building' i mean gcc.compile.c++ing
mod6: after a closer look on my side, you got that specific error because you were missing: 'bitcoin-asciilifeform.1.vpatch'
mod6: sounds like it's resolved now.
adlai: well, the missing patch is resolved; but the missing cpio - is a bug.
adlai: wtf, i know of no cl lib that takes this long to build. even with sbcl. wtf.
adlai: /usr/bin/ranlib ../../libcrypto.a || echo Never mind. << these people
adlai encounters another bug, adds `G++ = cxx` to fix, wonders how deep the shithole rabbits
adlai: oh here we go! net.cpp:35:1: error: reference to ???array??? is ambiguous
a111: Logged on 2016年10月04日 04:10 pete_dushenski: in other holy cramolies i've never seen more than ~30 connections to laocoon but he's been maintaining 66-67 all day. werd.
ben_vulpes: over seventy all day so i win or something
a111: Logged on 2016年10月04日 04:31 adlai: do i need to keep spamming this useless shit?
adlai: but i still can't build the silly offline trb doodad!
adlai is stuck on the same error, trying to massage it with cppisms but... yuck
adlai: Linux adlai-t400 4.7.2-1-ARCH #1 SMP PREEMPT Sat Aug 20 23:02:56 CEST 2016 x86_64 GNU/Linux
adlai: t400 is the hardware. lenovo
a111: Logged on 2016年10月04日 04:58 adlai: wtf, i know of no cl lib that takes this long to build. even with sbcl. wtf.
ben_vulpes: yeah so there's a linux to compile as well
adlai: if this fixes it...
adlai will then specify in his resume that he only worked with CLR, not CPP proper
adlai: wonders which cock mystery L1-only deeds suck
ben_vulpes: really? that's what dragged you out of your hole?
adlai: no, i tried building the shit and it failed. but you asked a silly question, so i gave a silly answer
jurov: ben_vulpes: totally swell, just...is machine-readable output planned?
jurov: if it's in lisp, just dump the sexpr, don't even bother with backwards compat
jurov: adlai: it builds boost. which is worse compiletimewise than kernel :)
jhvh1: shinohai: The operation succeeded.
asciilifeform also preparing massive pile of research for blogification
asciilifeform slams head on desk, got 'private!11111' leaks via plaintext shitmail
mircea_popescu: unrelatedly, i wonder if anyone appreciates just how much their social skills, and generally speaking mental kernel improved as a result of interaction with #trilema.
mircea_popescu: and i don't just mean the regulars. whole departments of teh usgistan got more education at work than in "college".
asciilifeform: they typically go to the uni i went to, mircea_popescu . and know what they study? 'journalism'.
mircea_popescu: but still - they pay 50k or w/e ; which is significantly more than we charge.
asciilifeform: it was 'undocumented' but everybody knew where the leprosorium was.
mircea_popescu: asciilifeform also consider that if you don't keep a shitmail ; this becomes not possible.
mircea_popescu: it seriously is not that impossibru, "if you would like to contact me, here's my pubkey, here's the wotpaste link, here's the irc channel. here are instructions how to do all this, step by step, for windows, even with "youtube tutorials".
asciilifeform: my www had 'contact' link, it goes to empty page, gotta fix it to go phuctor-style
mircea_popescu: the quarter or w/e i spent over the past month shows clearly that this CAN be done, even by the bottom of the barrel from that third world scammer forum known as tardstalk.
mircea_popescu: if a marginally literate 17yo barefoot son of a farmer from goatfuckistan can manage to get kleopatra running on the 486 at the "luxor centre for businessmen" and then manage to register his key with deedbot over dial-up, so can the peonry.
a111: Logged on 2016年10月04日 03:56 adlai: mod6: the shit fails, i'm trying to figure out why, but meanwhile, it's deeded - whatever that's worth
a111: Logged on 2016年10月04日 04:00 adlai used wget + emacs macro to get vpatches
mircea_popescu:
http://btcbase.org/log/2016-10-04#1552453 << for the record, "get a probe and do something useful with yourself" was not an invitation to enter the high phase of your bipolar. it was an invitation to get the actual probe, spend six weeks or whatever your skull actually needs learning how to use it, and then next year or w/e start shitting out useful things such as a pill for ddr or a pill for usb or a pill for nvidia or so fo
a111: Logged on 2016年10月04日 04:08 adlai sure hopes dear reader understands wtf he's on about. if not -- goodnight
mircea_popescu: llowing. but in any case - until and unless, you're still the shitstain you always were, shut the fuck up foremost, and stop thinking anyone gives two shits for your whole 150lb sack of flesh or whatever it is.
thestringpuller: asciilifeform: and know what they study? << i thought it was "Communications" now or whatever the fuck US girls (who think they are princess) go into to get into a marketing department
asciilifeform: thestringpuller: cia foreign service recruits (or at least once did) from uni of md 'journalism' sub-dept.
thestringpuller: and despite how sexist it sounds, nearly every female of this type i've worked with is better suited to spitting out babies than actually bringing value to a corporation
asciilifeform: mircea_popescu: and the dude, believe or not, went through bootcamp, drove a tank, you'd think he'd have learned something.
asciilifeform: i suppose with enough dope anybody can unlearn anything..?
thestringpuller: it's a fucking epidemic d00d. Perhaps it was Disney or maybe the dad's who decided it was a good idea to give their daughter any and all things, including that 80k BMW for graduating college with a degree (in communications).
thestringpuller: mircea_popescu may enjoy reprogramming women before entering his harem, but I ain't trynna get into management.
asciilifeform: thestringpuller: these mostly go to 'private', vs state, schools, but i did meet some.
mircea_popescu: asciilifeform army doesn't actually need people to work.
asciilifeform: or idea is that lazy man ~will~ perform under the whip, or what.
mircea_popescu: thestringpuller there's a lot of worthless paper money floating around, "investing it" in "the future" is not even much of a leap. way the fuck better than the local idiots, who run around "investing" their worthless paper money in "real estate" and keep telling themselves that a thirld world square foot with 0 amenties could nevertheless sell for 200 dollars. ie, 10x the heart of san francisco.
mircea_popescu: then they go around and manufacture spoons that are a millimeter wider than standard jars. because soberania and industria argentina and head so far up the ass you can't even tell they have heads in the first place.
mircea_popescu: asciilifeform there's not so much "driving" involved. just follow.
asciilifeform: yes, and i thought mircea_popescu's observation was precisely 'dude can't follow'
asciilifeform: to shuddup, and follow the next tracked coffin, to wherever.
thestringpuller: mircea_popescu: i'm highly convinced corporate america is set up so women get knocked up. for realz, I think you get 6 months paid leave to spawn an offspring as a women here (at my salt mine at least), which hey, fine. So all and all it's just a device to get men wives.
thestringpuller: Or at least that's how it's been playing out given the fact 50% of all women there are pregnant at any given time.
mircea_popescu: they'll even let them do it with black dudes and rappers, still dun do much.
mircea_popescu: asciilifeform he can't follow reliably ; otherwise most all he does is follow.
mircea_popescu: you know, exactly like broken computer. if it doesn't compute altogether it's a brick not a computer. if it computes all the time and you can never trust the ouput, then it's a broken computer.
mircea_popescu: asciilifeform in other news i registered #loper-os and #asciilifeform defensively ; whenever you feel like building them up say and i'll pass them along.
mircea_popescu: and i recall saying this before, but anyway - every lord should seriously consider registering a channel for himself. the way this is going is towards such a federation anyway.
mircea_popescu: and in other fucking nonsense, freenode has decided to redirect ALL inbound links to its most recent web page, to advertise to the world privateinternetaccess.com, ie the nsa front ; and their derpitude in support of "resurrecting tor". this of course includes all old manual pages and everything else.
deedbot: christel is not registered in WoT.
mircea_popescu: including, obviously, rickard falkvinge & his merry gang of sellouts.
mircea_popescu: (incidentally, the source on "andrew lee" being the ceo of privateinternetaccess.com is... an ancient ars technica article... about... oh you've guessed it; mtgox.
http://archive.is/5OSIG
mircea_popescu: aquihire, the favourite nsa mechanism for implanting its shitheads in corps.
mircea_popescu: win-win, it both creates the impression that "200 mn, you could be next!" for the herd of mouthbreathers shelling out 50 bux to see pg eat rubber chicken and stale macaroni out of a plastic plate ; and delivers "under the radar" implants.
mircea_popescu: (and yes the name is very likely a fake, or w/e, a "literary pseudonym". because historical andrew daulton lee, and aren't we fucking clever over at md journo school.)
asciilifeform: 'One of PIA’s biggest selling points (like other VPN providers) is that it does not log anything, and thus has little data to actually hand over to law enforcement.' << lel
mircea_popescu: right ? much like "bitbet.us doesn't log anything" which then seamlessly turns into "of course it does" the moment i pull the chain.
asciilifeform: the greatest american who ever lived, p. t. barnum, is not forgotten in his motherland. his work lives.
mircea_popescu: i don't have a middle finger long enough for these fuckers.
mircea_popescu: anyway, since you seem to care, notice how it's perfectly fine for privateinternetaccess.com to fill EVERY AVAILABLE REDDIT every time they pen some new piece of braindamage ? it's not clear they average less than 6 per, and notice how the votes go ?
mircea_popescu: that's reddit for you. agency washing for the ruminant masses.
mircea_popescu: lulzy as fuck ; both vorhees and casares were there with me when i told them i'm taking mtgox down. in spite of everything teh usg could come up with, i took it down. yet they STILL believe the entity to suck the dick of is the usg.
mircea_popescu: braindamage on this level is why america needs to be made great again in the first place.
asciilifeform: mtgox, evidently, was not a sufficient stalingrad.
mircea_popescu: depends for whom. for idiots there's no sufficient stalingrad. kinda the definition.
asciilifeform: nah, a stalingrad, definitionally, suffices for the folks on the bus.
asciilifeform: 'The theory is that while a court can compel someone to not speak (a gag order), it cannot compel someone to lie.' << orly.
mircea_popescu: thing started life as a "copy trilema six months later" affair.
PeterL: uses the same formatting for files, so you should be able to e.g. generate key with one and use it on the other
asciilifeform: (in actual practice, i would probably use sha512 or keccak; sha256 was for pedagogic example only)
PeterL: aha. Changing hash algo in this is not as easy as in your thing, because I built it in
asciilifeform: notice, with my original, you can substitute in your favourite hasher without changing the code.
asciilifeform: PeterL: what is the logic in ' if hexmessage[-1] == 'L': ' ?
PeterL: there is probably a better way to convert into hex, but I was getting hex with an L at the end of the string, because python
PeterL: I am also not convinced my way is the best way of getting a binary string for the encoding
trinque: so this is what happens when you invert the dakka
jurov: or import binhex (it's in python std lib)
jurov: PeterL has strings, not integers anyway
jurov: er.. sorry, it's binascii.hexlify()
phf: jurov: hexmessage = hex(int(binmessage, 2))[2:]
jurov: nevermind, seems i misread the code
asciilifeform: ACHTUNG, PANZERS! pc engines 'apu2' (the board with the intel nics - vs. 'apu1', with realtek) , turns out, is crippled, hdt probe barfs with it, the cpu is reputed to have a drm fuse set.
asciilifeform: 'AMD’s PSP is based around a single 32-bit ARM Cortex-A5, with its own isolated ROM and SRAM but has access to system memory and resources. It contains logic to deal with the x86 POST process but also features a cryptographic co-processor.' << they stuffed, finally, their 'fritz chip', into the g-series.
asciilifeform: mircea_popescu: it is what gets rolled into coreboot
asciilifeform: i'd like to get their pubkey into phuctor, but it is in some peculiar format. (if somebody can discern a modulus in there, please write in.)
mircea_popescu: "Features and fixes: 1. ENH466357: Reduce PSP/SMN clock back to 300 MHz as a temporarily workaround for eCZ B10/A10 fused parts." eh, what am i looking at here ?
asciilifeform: it gets rolled into coreboot, or post-2013 chip doesn't release from reset on warmup.
asciilifeform: 'PSP: The Cortex A8 running trustzone firmware, implemented from family 15h model 60h (Carrizo) and family 16h model 30h (Mullins) and up. It is running Trustonic TEE OS licensed by AMD. PSP Boot ROM runs *before* x86 core. Then non-bootrom PSP parts are stored (zlib-compressed) in the main flash. Bypass mechanism available via strap pin, but dummy and AMD signed bypass binaries needs to be always run. It is expected that newer CPUs
asciilifeform: ' |--key metadata--|--public modulus--|--public exponent--|--private exponent--|'
mircea_popescu: how is rsa supposed to work with different exponents ?
asciilifeform: realize, if we know the private exponent, we can demolish the N.
asciilifeform: but i cannot presently believe that the 'd' (private exponent) is actually in there.
mircea_popescu: the privexp doesn't seem to be used/referenced in that code snippet though.
mircea_popescu: tee-get-pubkey just loads a mod and exp like in sanity.
mircea_popescu: esp as this is >1 year old by now. foss right, many eyes ?
ben_vulpes: jurov: thanks, that'd be one of those 'glaring oversights'
BingoBoingo: Anyways this seems to be the way the Republic's eye works. Jools are hiding in plain sight unseen. Republican eye turn upon them for unrelated bsns. Jools get got.
a111: Logged on 2016年10月03日 23:46 mircea_popescu: think about it.
deedbot: GiveMe5 voiced for 30 minutes.
deedbot: B661FC04321E3F47F254A0FBA40B09860B4CC476 registered as GiveMe5.
asciilifeform: default "3rdparty/blobs/southbridge/amd/avalon/PSP/AmdPubKey.bin" if CPU_AMD_PI_00730F01
asciilifeform: default "3rdparty/blobs/southbridge/amd/kern/PSP/AmdPubKeyCZ.bin" if CPU_AMD_PI_00660F01
asciilifeform: mircea_popescu: is it just me or is it a strange thing that the pubkey is in there at all.
asciilifeform: (what prevents the substitution of another pubkey ?)
deedbot: kmalkki voiced for 30 minutes.
kmalkki: so.. a package should arrive in your inbox anytime soon
a111: Logged on 2016年10月04日 15:36 asciilifeform: ACHTUNG, PANZERS! pc engines 'apu2' (the board with the intel nics - vs. 'apu1', with realtek) , turns out, is crippled, hdt probe barfs with it, the cpu is reputed to have a drm fuse set.
asciilifeform: mircea_popescu: kmalkki is an experimenter with sage/amd g-series/etc.
mircea_popescu: kmalkki consider registering your rsa key with deedbot.
trinque: I get such great stuff for free running deedbot.
trinque: just now a python lamport-achute
trinque: other times, vintage gpg, complete deps for trb, all sorts of things
kmalkki: I chose the smallest raw binary, SmartUpdater to experiment with
PeterL: the question I have, is lamport-achute any easier for people to understand if written in python than in bash?
kmalkki: readelf and objdump now understand and disassemble it nicely
asciilifeform: kmalkki: now more interestingly, hdt is simply a protocol on top of jtag, imho the main scientific interest in the smartprobe fw would be to extract the protocol.
asciilifeform: so that folks do not need to rely on the extinct smartprobe and can make own debugger (the pinout is public)
kmalkki: do you have access to AMD BKDG documents?
asciilifeform: kmalkki: but the other prong of this is your apparent discovery that new g-series boards disable hdt somehow
asciilifeform: if you would like to post them publicly, send them pgp-encrypted to any of the folks here.
kmalkki: I just found the HDT debug support in the NDAd BKDG
kmalkki: it has been removed from the public BKDG
jhvh1: shinohai: The operation succeeded.
asciilifeform: kmalkki: i know that it is in the private one, yes.
asciilifeform: (or rather, that it was not in any of the public datashits.)
asciilifeform: but no, i don't have access to any amd members-only whatevers.
deedbot: kmalkki voiced for 30 minutes.
kmalkki: I believe I know the key format, 1 min
adlai orders probe & lurks until he has something more useful to contribute than yesterday's babble
mircea_popescu: lubricate the sea, lower transportation costs, save the environment!
asciilifeform: the sea, lol, but apparently it is possible to 'lubricate' tapwater, reduces vorticing and friction loss. discovered in '70s in su, iirc, never used for anything.
asciilifeform: you add short polymer chains, they 'drag', so to speak, the water.
mircea_popescu: finally a use for all that plastic sludge in the pacific.
mircea_popescu: "we found this abundant shit we dunno what to do with." "add it to tap water."
kmalkki: there is SHA-256 hash of AmdPubKey.bin stored in PSP BootROM
asciilifeform: kmalkki: so all we need is a collision to break the thing ?
asciilifeform: mircea_popescu: can be pretty expensive if there is any structure checking
asciilifeform: (i.e. if the collision needs to be a turd in a similar format)
asciilifeform: mircea_popescu: pubkey-with-header, presumably, so i'd like to know 1) where is the modulus 2) is there checksum etc.
mircea_popescu: why ? you don't care what you iterate over ; whatever format it may be you iterate that.
asciilifeform: kmalkki: if it is an rsa key, i would like to get it into phuctor.
kmalkki: 0x38 4 bytes exponent size
asciilifeform: 0x01...0x03 seems to be a constant, 1. but what's 0x04..0x38.. ?
kmalkki: 0x40 N bytes public exponent (N = 0x100 for RSA-2048)
kmalkki: 0x04 .. 0x38 sort of GUIDs, unique identifiers for chain-of-trust
asciilifeform: any idea whether the latter are derived from the modulus ?
asciilifeform: Framedragger: did you ever post your converter-to-rfc4880 script ?
deedbot: kmalkki voiced for 30 minutes.
jhvh1: shinohai: Bitstamp BTCUSD last: 607.0, vol: 3286.01228327 | BTC-E BTCUSD last: 607.502, vol: 3372.35673 | Bitfinex BTCUSD last: 611.3, vol: 5470.86711697 | BTCChina BTCUSD last: 610.322347, vol: 176768.49800000 | Kraken BTCUSD last: 611.337, vol: 387.8041609 | Volume-weighted last average: 610.244758437
asciilifeform: e.g., 'avalon' PspSecureDebug.Key , ends in 0e a8 92 70 .
kmalkki: that is different sized file, different format
kmalkki: same as before, but from 0x240 starts signature with RSA-SSA-SIGN with AMD's private key
kmalkki: the idea behind all this, is OEM can send their public key to AMD to be signed
kmalkki: and then OEM can sign their firmware without bothering AMD for every build
kmalkki: they don't if there is only single SHA-256 fused in PSP bootrom for their public key?
asciilifeform: though it raises the question of why they would not simply share their master key with the OEMs then
asciilifeform: if it reduces to the same thing, given lack of revocation mechanism
kmalkki: I guess you have heard how AMD SMU keys leaked out for previous gen?
asciilifeform: it was interesting, but does not help with the crippled psp.
deedbot: kmalkki voiced for 30 minutes.
asciilifeform: kmalkki: how did you determine the fact about the sha256 at boot ?
mircea_popescu: kmalkki> 0x40 N bytes public exponent (N = 0x100 for RSA-2048) << o seriously, e is 256 bits long ?
asciilifeform: mircea_popescu: i just verified, indeed, they left a 2048-bit long chunk of bits for the 65537 to live in !
mircea_popescu: o right, because it's rsa 2048, so e should be 2048 bits. makes sense >.<
kmalkki: note that RtmPubSigned.key[0x14..0x23] == AmdPubKey.bin[0x04..0x13]
deedbot: kmalkki voiced for 30 minutes.
mircea_popescu: in entirely unrelated nonlulz, "Todos los derechos individuales reconocidos y consagrados por la Constitución Nacional están sujetos a las limitaciones o modificaciones que los derechos de la sociedad imponen, es decir, a un poder de reglamentación con fines de conveniencia social y seguridad común, como que el bienestar y prosperidad general es precisamente uno de los primordiales objetivos de todo estatuto constituciona
mircea_popescu: l, y particularmente del nuestro, según reza con toda claridad su propio preámbulo."
mircea_popescu: what is a socialist state ? why, any state that purports to hold individual rights hostage to imaginary "rights of society".
asciilifeform: (exp_size, mod_size) = struct.unpack_from("<II", blob, 0x38)
asciilifeform: mod = blob[0x40 + exp_size : 0x40 + exp_size + mod_size]
asciilifeform: in python, gives (little-endian) extracts of exp and mod.
asciilifeform: kmalkki: this would suggest that the modulus is stored big-endian ?!
a111: Logged on 2016年10月04日 18:44 mircea_popescu: cosmic ray protection ?
kmalkki: where exactly do you see the even number
mircea_popescu: kmalkki he means, if it's read as little-endian, it ends with a 0 bit
asciilifeform: observe that the exponents are 01 00 01 00 00 .......
kmalkki: but bootrom supposedly contains SHA-256 hash of master key
asciilifeform: kmalkki: this would not be a surprising way to do it - sha is easy to hardwareize, rsa - not so easy
mircea_popescu: there doesn't seem to be much restriction of form whatsoever ; not even of size, re that collided turd.
mircea_popescu: did sha256 have an extension attack or am i confusing it
asciilifeform: (and if it did not, i still don't see how glomming bits onto the payload would change the outcome of the verification)
asciilifeform: kmalkki: do you know whether anyone has read out the mask rom ?
kmalkki: whether it is mask rom or fused hash at production is also unknown
mircea_popescu: time to bust out ye olde microscope huh. you got a chip alf ?
asciilifeform: mircea_popescu: plenty, but no electron microscope.
mircea_popescu: anyway /me had the idea you got one in your garage, nfi why exactly.
asciilifeform: incidentally, the moduli in the self-signed blobs end in : d6 e1 1c ec ; 46 0a d0 9a ; be fe 39 b6 ; 2c c3 f2 a2 ; 46 0a d0 9a ; 13 7d e7 c3 .
deedbot: kmalkki voiced for 30 minutes.
mircea_popescu: kmalkki seriously, register your key so you don't keep being silenced.
asciilifeform: kmalkki: also interestingly, the turdlets are supposedly arm-compatible, and - to naked eye, seeing strings - plainly unciphered, but they do not appear to disassemble cleanly as either big- or little-endian arm.
asciilifeform: (conceivably the cheapest way to read out the boot rom would be to get arbitrary code execution in the stock turdlet)
kmalkki: maybe I got this all wrong, but could [0x140] contain the LSB of the entire modulus
kmalkki: docs have no mention of endianness
mircea_popescu: phuctor hopper takes republican e,N,comment format for rsa yes ?
asciilifeform: (phuctor is very deeply baked around rfc4880 and expects all db entries to parse by it, and changing this would be a titanic labour)
asciilifeform: well, i pinged him earlier (seems like we lost ;;later tell ...) so perhaps he will show up soon.
jhvh1: mircea_popescu: The operation succeeded.
mircea_popescu: afaik Framedragger didn't do so much to it as to justify repub ; he just used jurov's thing. mebbe i'm wrong, but anyway.
kmalkki: gotta go. ping me in #coreboot if there's more guestions
asciilifeform: thank you for your finds, kmalkki . please come back, and make pgp key
asciilifeform: earlier he sent me complete symbol tables for the sage rom.
mircea_popescu: eh, iirc it's divulged on trilema they've been stealing email contents and selling to spammers for half a decade or more by now.
asciilifeform: in other hilarities, i pick up the phone, and it is yet moar unsolicited work offers from usg.
asciilifeform: these tend to come in when we have threads like earlier.
asciilifeform: and to think, none of this was even on my original plate for today.
BingoBoingo: "Recent refugee move-ins in our neighborhood are hacking up the beautiful trees in their yards with machetes. Sometimes it's just removing lower branches (although pine trees have been denuded up as much as 12 feet or more), but other times all branches are hacked off, leaving a 10-15-foot stub. Why can't they at least use hand saws? I feel so bad for the trees, and our neighborhood is starting to look like a disaster area. Why can't peo
BingoBoingo: ple who move into another culture look around and see the culture of the neighborhood? I asked one of them why, and they said that it's so they can get more sun to the ground so they can "farm" -- I understand this in the back yards, but why in the front? None of them are planting anything there! : (" << quite the gem
mircea_popescu: i take it someone hasn't found out wife + both daughters are pregnant just yet.
mircea_popescu: anyone wanna get me an amazon gift cert for like a hundred ?
BingoBoingo: mircea_popescu: Of course he has no idea about the daughters
shinohai: mircea_popescu: I can get you one by gyft ... only way I haz to get Amazon
shinohai: but they take Bitcoin anyways so you don't need me unless it isn't available there
mircea_popescu has once tried to pay via one of these scam aha, there it is, "create an account".
mircea_popescu tried once to pay using one of these scam things, they put up the bill, received the bitcoin, then refused to actually pay the bill unless i "identify".
mircea_popescu: yeah srsly, they end up keeping like 20 bux or w/e it was.
shinohai is amazed at # of scammers that will put forth effort for 20ドル ... then of course I started Eulora
mircea_popescu: this pretended to be a payment processor, i dun recall which lessee here
mircea_popescu: anyway. i dun recall which one it i was and dun really have the patience to dig all the way. one of, admitting they're any different.
ben_vulpes: buying followers for people is entertaining.
mircea_popescu: The CoinCrack team is made up of entrepreneurs, designers, developers, bloggers and social media gurus.
mircea_popescu: and in other very, very sads : On Intel based chipsets (since Intel 5 Series) the following binary components persist: Panic level: 9000+ Management Engine firmware: The management engine is a separate CPU that does various management tasks and needs its own firmware. This firmware exists in a 1.5MB and a 5MB version, where the latter provides the "Intel AMT" functions (ie. remote access, "anti-theft", ...). Probably signed w
mircea_popescu: ith an Intel key. It's unlikely that this is ever replaced by something open source. Firmware that runs on an ARC core inside the chipset. It runs entirely out-of-band with the main CPU. It has DMA access to the entire system memory and can access the networking adapters in a way transparent to the OS (separate MAC and IP)."
mircea_popescu: incidentally, anyoen going to the coreboot conference in berlin ?
deedbot: gembira voiced for 30 minutes.
shinohai: " I simply do not support stealth addresses, multisig addresses, or any other power ranger horseshit at this time." ^___________^
trinque: ben_vulpes: neato. can I get anchors for transaction IDs on the block pages?
trinque: and I'll link ya from deedbot.org
trinque: (nice thing HEY FEATURE REQUEST PLX)
ben_vulpes: (yeah mhm write it down and feed it through the shredder to the right)
ben_vulpes: not until i rewrite the storage layer.
trinque: no; ain't nobody got time for that
ben_vulpes: i'm not doing that immediately because it means either parallelize the hashing of transactions or precompute and cache them.
trinque: I was kidding though; can I look up index in gettransaction or something?
ben_vulpes: how are you spotting deed confirmations now?
trinque: the damned wallet, cursed be its name
ben_vulpes: see if you can figure out the tx index within the block
trinque: it's the pigs fault for dressing so slutty
ben_vulpes: if you can be happified with index-in-block for the short term, i'll give you an index anchor.
trinque: isn't in gettransaction so neh. I'll just link to the block for now.
shinohai: as with links, w3m also barfs on it too
a111: Logged on 2016年10月04日 08:55 jurov: if it's in lisp, just dump the sexpr, don't even bother with backwards compat
a111: Logged on 2016年10月05日 00:37 trinque: the damned wallet, cursed be its name
shinohai: mod6 do you still have that issue where yours shows incorrect balance?
mod6: on that one test node of mine ya
shinohai: weird. I still haven't had that happen yet
mod6: well, it'd be interesting to see if it started because of sending a number of high-s txns or something back in Januaray when I was testing that vpatch.
mod6: i'll have to check into it.
mod6: someone else has seen this issue too, can't remember who. trinque maybe? anyway, yeah, it's some balderdash.
shinohai: I think pete_dushenski mentioned it, don't quote me on that though.
trinque: mod6: yeah, I saw it when I didn't specify -lows
trinque: because highs transactions would be malleated to lows, and then the wallet wouldn't notice they confirmed
shinohai: likely one of the prb turds not supported
asciilifeform: i don't grasp how this kind of thing can work without being a hardfork
asciilifeform: say i use prb to send C coin to addr A, via some strange method that results in ben_vulpes 'unable to decode'
shinohai: yup, same block shows p2sh addys on blokechain.info where "unable to decode" appears
asciilifeform: does it thereby follow that prb and trb have differing notions of how much coin is contained in A ?
mod6: <+trinque> because highs transactions would be malleated to lows, and then the wallet wouldn't notice they confirmed << aha. right on.
mod6: and there is a special message there under Estimated Value Sent:
mod6: "Estimated Value Sent" excludes known change addresses. For example, let's say we have a single transaction where address A sends 1 BTC to address B and also 1 BTC back to address A as change, then only 1 BTC is estimated to have been sent. Proper use of a new change address for each transaction (like all HD wallet implementations) obfuscate this feature.
mircea_popescu: trinque actually - wallet does notice the new inbound tx spending from one of its addresses.
mircea_popescu: asciilifeform your trb node is not capable to send money from derpy addresses ; which is ok because it's also not able to send to them. other people are more than free to do whatever the fuck they like.
mircea_popescu: currently some miners process, eg, 3-leading bitcoin addresses. while that lasts, trb can send money to you. once it goes away - can send no longer, resulting in some lost bitcoin (practically, sent to unspendable address)
asciilifeform: the thing i do not understand is, how does the thing not fork? say i fire up a prbtron and prbsend to A. then fire up trbtron and send same coin to B.
asciilifeform: possibly answer is, trb thinks i sent it to neverneverland ?
asciilifeform: i could work out the details from prb src, but am loathe to
jhvh1: asciilifeform: The operation succeeded.
asciilifeform: elsewhere, 'It is indeed a great folk song, and although I don't know this as a fact, it seems to have been inspired by a certain depressive tendency surrounding alcohol. Many people don't quite understand this, but alcohol is an intelligence, along with all other vegetable derivatives and extracts. This isn't negative, but you can definitely tell the difference between a sober German musician and the ones who tread into bars for s
asciilifeform: pirits and the forests for unconventional allies.'
trinque: adlai check it out; there's intelligence in booze.
trinque: from now on I'm gonna have a pang of "OH SHIT, WAS IT THE AMD KEYS?!" every time there's a phuctor rss
asciilifeform: will also come in handy once we roll out meat phuctoring.
