Anonimity : not for the poor.

Monday, 05 August, Year 5 d.Tr. | Author: Mircea Popescu

Principally for lack of alternative anonimity has been the historical state of the human race. Universal, seemingly perpetual as all doomed circumstances are wont to seem, anonimity bathed like a great sea of air each and every featherless bipedal animal (possesed of flat nailsi).

The first challenge came, of course, from women. This was unavoidable, as the coy behaviour wouldn't work very well if it didn't proceed on identified recipients or if it didn't save state (which is incidentally why the statelesness conventionii is so easily adopted in comic books and their derived formsiii : all this is male entertainment, and males don't need or want to save state - it reminds them too much of death for comfort). This challenge organised itself in and around the cutting edge of innovation at the time, the agrarian settlement, it created the nameiv which remains in use to this day and a certain style of society which also remains in use to this day, principally and most visibly in the Middle East (which includes the Jews, and thus a good chunk of that hapless cultural vacuum sandwiched between Hudson Bay and the Gulf of Mexico).

The boastful announcement of the early Greeksv as to how πολιτικὸν ὁ ἄνθρωποςvi on the grounds of simply "having a voice" (later recycled by French postmodernism into simply "having a face") is of course exactly what you'd expect learned elites to do, as that's what learned elites are for : misrepresent the dire necessity of politics into adequately digested terms of metaphysics. Consider the more recent example of the "science" of global warming : no such science exists. This is a fact. On the other hand, the current situation where people without any merit or justification continue to expend resources they should not really have access to is untenable. This is also a fact. Pseudo science of "global warming" thus becomes a political imperative, and as the weasels involved well know, it's never the scientifically apt that become "famous", but always the politically convenient. If you're curious to find the genius of Aristotle you're well advised to stop looking towards the skyvii.

The second challenge came, unexpectedly, from the church. The original, main, central, essential and might as well have been only selling point of the early Christians was simply this fairy tale : that someone somewhere has your number. That someone somewhere is keeping score. The implication is that all effort, toil, suffering and struggle are not in vain : even if they produce not one ounce of difference down on Earth (as they never will, as they never could) nevertheless they do produce grand celestial movements of the Heavenly Abbacus beads.

This challenge organised itself around the cutting edge of technology at the time, ie, writing, it created the stateviii, which remains in use to this day, and a certain style of society which also remains in use to this day, principally in the old Roman provinces of the Westix.

A seductive theory, is it not ? It is indeed, and the flock flocked. Which part of it ? Why... the women. Of course. The women, instinctually, and with them they who would rule, and soon enough the learned elites were explaining how there's no possiblity of anything good outside of God. Why not ?

The third and final challenge comes straight from technology. By now we've expanded the scientific method to such degree we're keeping track of individual atoms in graphene, why wouldn't we be keeping track of individuals ? Who'd imagine even for a second we wouldn't ? We couldn't eschew it if we wanted to. Consider :

BREAKING: HALF OF TOR SITES COMPROMISED, INCLUDING TORMAIL

In a crackdown that FBI claims to be about hunting down pedophiles, half of the onion sites in the TOR network has been compromised, including the e-mail counterpart of TOR deep web, TORmail. This is undoubtedly a big blow to the TOR community, Crypto Anarchists, and more generally, to Internet anonymity. All of this happening during DEFCON. If you happen to use and account name and or password combinations that you have re used in the TOR deep web, change them NOW.

Eric Eoin Marques who was arrested runs a company called Host Ultra Limited. A few days ago there were mass outages of Tor hidden services that predominantly effected Freedom Hosting websites.

What the exploit does:

The JavaScript zero-day exploit that creates a unique cookie and sends a request to a random server that basically fingerprints your browser in some way, which is probably then correlated somewhere else since the cookie doesn't get deleted. Presumably it reports the victim's IP back to the FBI.

An iframe is injected into FH-hosted sites which leads to this obfuscated code.

via S.H.G._Nackt.

This challenge organises itself around the cutting edge of technology, the Internet, and it might produce something or the other but it's not quite clear what that'd be yet. Perhaps doom.x

How is this all sold ? Why, on the grounds of fighting child pornography, of course, which is perhaps the one point of true female interest now that they're allowed to have abortions.

In the end : could you afford to rape, in the old days, or were you prevailed upon to marry by strength of necessity ? Could you afford to stay out of Church if you didn't feel like going, or did you end up there every Sunday ? Can you splurge on better solutions than Firefox and Tormail ? Did you ? Because if you couldn't and didn't... well my friend. Anonimity is not for the poor.

What exactly it means to be poor is however left as an exercise to the reader. What you find may surprise you. Of course.

———
  1. Incidentally, do you know how this little paranthesis came to be added to the lofty, encyclopedic avant la lettre definition ? []
  2. Ie, no matter how utterly Popeye wrecks the place he still has a "normal" place to live the next episode []
  3. Such as, for instance, the sit com. []
  4. Which, tellingly, worked in from the beginning and still works to this day around the sole point of interest for women : birth. Notwithstanding attempts at subversion through the nickname, which would follow the individual for what rather than whose he is and which never managed to count for more than the lake counts in the sea, names are fundamentally definitions of the person on the pattern "sired by X [out of Y], sired by K [out of J]" etc. The straight paranthesis isn't there to breach the discretion of the female letters by making them explicit, incidentally. There's no discretion at work, there's simply not the need to be explicit. After all they're not fighting themselves. Just a little meta-coyness, pretend like "son of John of James of John of Fred" or "Johnson" are saying anything but "pussywhipped from birth". []
  5. You think "Aristotle said that" and you're wrong, in the sense that you proceed anachronically, much like your countrymen dress up in sheets and imagine a bunch of cowboys now pass for ancient Romans. In point of fact identity worked differently at the time for the purpose of scientific research, and if you're curious to get a better idea of exactly how you might read up on what exactly it meant for a theorem to have been discovered "by Pythagoras". []
  6. Which, amusingly, you've come to translate as "social", which is, of course, very telling, as all mistakes ever are. The actual snippet is Aristot. Pol. 1.1253a :

    διότι δὲ πολιτικὸν ὁ ἄνθρωπος ζῷον πάσης μελίττης καὶ παντὸς ἀγελαίου ζῴου μᾶλλον, δῆλον. οὐθὲν γάρ, ὡς φαμέν, μάτην ἡ φύσις ποιεῖ: λόγον δὲ μόνον ἄνθρωπος ἔχει τῶν ζῴων: ἡ μὲν οὖν φωνὴ τοῦ λυπηροῦ καὶ ἡδέος ἐστὶ σημεῖον, διὸ καὶ τοῖς ἄλλοις ὑπάρχει ζῴοις (μέχρι γὰρ τούτου ἡ φύσις αὐτῶν ἐλήλυθε, τοῦ ἔχειν αἴσθησιν λυπηροῦ καὶ ἡδέος καὶ ταῦτα σημαίνειν ἀλλήλοις), ὁ δὲ λόγος ἐπὶ τῷ δηλοῦν ἐστι τὸ συμφέρον καὶ τὸ βλαβερόν, ὥστε καὶ τὸ δίκαιον καὶ τὸ ἄδικον: τοῦτο γὰρ πρὸς τὰ ἄλλα ζῷα τοῖς ἀνθρώποις ἴδιον, τὸ μόνον ἀγαθοῦ καὶ κακοῦ καὶ δικαίου καὶ ἀδίκου καὶ τῶν ἄλλων αἴσθησιν ἔχειν: ἡ δὲ τούτων κοινωνία ποιεῖ οἰκίαν καὶ πόλιν.

    []

  7. There's a good old joke about the Astrologer who fell into a bear trap. His screams for help stirred some villagers, who brought rope and at length extracted him, and also treated him to the helpful observation that it's unlikely he'd know much about things as distant as stars if black holes right under his nose nevertheless still manage to elude him. []
  8. Indeed if you do your research you might be surprised at the relationship between Cluny (or those other lesser English copies) and bureaucracy. []
  9. Which includes Latin America but does not include Africa, in spite of the later being closer and the Empires expending much more in terms of resources and effort to mould it into shape. My personal suspicion is that the difference comes from the indigenous stock, in the sense redskins suck at life whereas blackskins do not. []
  10. It's always "Perhaps doom". []
Comments feed : RSS 2.0. Leave your own comment below, or send a trackback.

92 Responses

  1. A perfectly-conventional compromised box delivering yet another Winblows-only exploit. Ho-hum.

  2. I can't see who was into using tor for "anonimity". They were giving pseudovpn using US servers, they were giving it for free, they were giving it for public access.

    You have the chance of sending "more anonimous" mail by gpg encrypting your messages while using Gmail or Yahoo rathen than using a vpn.

    They even have public funding from US-SWE gov's, quite a large share of their $2 mil. funds.

    I'm really really curious exactly how many or how much of the whole network usage is actually dedicated to useful needed private communication and how much for encrypted jewtube and p2p. I'm judging 99% traffic for p2p.

  3. i have tried tor, btw.

  4. Mircea Popescu`s avatar
    4
    Mircea Popescu 
    Tuesday, 6 August 2013

    @Stanislav Datskovskiy Exactly.

    Just like yet another housewife-only perfectly conventional drama and so forth.

  5. @Vexare, you are forgetting that in order for Tor to work how it's intended to work, you *need* an ocean of traffic in which the actually much needed and relevant communication can disappear into. That was the whole point in the decision (made while Tor was being conceived in the US Naval Research laboratory) to develop Tor as a civilian project, with (lots of) civilian traffic: the spies and the lot needed "normal" traffic and "normal" users so they would be able to use the network for their own needs.

    Much the same approach is being taken right now: if only political dissidents and activists etc. used Tor, then "Tor user" would be a good metric/heuristic to hunt down people in regimes and kill them. (Well it's still a good enough metric according to some regimes, unfortunately, of course.)

  6. In the end : could you afford to rape, in the old days, or were you prevailed upon to marry by strength of necessity ? Could you afford to stay out of Church if you didn’t feel like going, or did you end up there every Sunday ? Can you splurge on better solutions than Firefox and Tormail ? Did you ? Because if you couldn’t and didn’t… well my friend. Anonimity is not for the poor.

    I can't say I entirely follow your overall point. On a very banal/literal level, it is rather ironic that *precisely if* one were to use strictly free (as in both freedom and in beer) tools, one wouldn't have been compromised. Use a free operating system (ideally with some virtualization in place), use end-to-end cryptography, use the newest Tor Browser - and if it's vulnerable, hey you did remember to virtualize, or at least to use a free OS right? -- and you needn't trust your anon mail provider.. or your browser. Of course, finding this knowledge is another matter entirely; help is needed to document things thoroughly. More tutorials are needed. But a certain amount of overall de-hierarchization is happening.. or so goes the narrative. Right?

  7. Mircea Popescu`s avatar
    7
    Mircea Popescu 
    Tuesday, 6 August 2013

    The problem lies in the definition of free. Apparently linux isn't free, even if it doesn't cost money, and neither is GPG free, even if it doesn't cost money. MPEx does cost Bitcoin, but it's quite apparent that this cost is the smaller part of the actual cost of using it (and Bitcoin still isn't money).

    Consider the more obvious case of an Amulet of Cosmic Perfection +144. If this item costs a million Gold Game Dollars and requires a hundred levels of Amulet skill, you might as well throw it on the ground in Noobtown as they still won't be wearing it.

    Most games proceed very realistically, making all skills universally useful. Suppose however the Amulet skill had absolutely no other utility outside of allowing you to wear that one amulet. Suppose there existed a "Stone of 100 Amulet Skill". Obviously the amulet and the stone would sell as a package if the player run market works, in which case discussing the cost of the Amulet alone is nonsense. So in this contrived, absurd perspective the cost of linux is whatever it takes you to figure out wtf it is and how it works. Since this cost is a function of brainpower and since it has minimums in place, for a good chunk of the population the actual cost equals infinity : even should the sheep spend her entire life chewing the Torah it won't become a rabbi.

    Seeing how for the impoverished majority the various skills required to use a functional operating system or a functional encryption mechanism (or, more generally, the skills required to effectually use numeric processors or design strong data security schemes) appear as "not useful" in "life", they generally don't even bother trying, and since when you're a sheep you're much more likely to go by the herd than try to figure stuff out on your own...

    In a word, poverty isn't what the poor imagine it to be. Chiefly, it's not outside, it's inside, and it's not of the world but of themselves. Because of this there's absolutely no de-hierarchization happening whatsoever, but quite the contrary : while the average sheep could live an independent life and vote for Jefferson cca 1700, the survival of the average sheep today strictly depends on finding good masters and obtaining their misericordious, undeservedly merciful yoke.

  8. Isn't the whole Internet already an ocean of irrelevant communication...

  9. Mircea Popescu`s avatar
    9
    Mircea Popescu 
    Tuesday, 6 August 2013

    Only for the poor.

  10. Poor as in he who doesn't seek solutions but receives solutions to problems he doesn't actually have? Because... anyone needs to receives a share?

    Is American the equivalent of poor?

  11. http://www.nytimes.com/2013/08/06/us/tsa-expands-duties-beyond-airport-security.html

    Yes.

  12. Mircea Popescu`s avatar
    12
    Mircea Popescu 
    Wednesday, 7 August 2013

    T.S.A. officials respond that the random searches are “special needs” or “administrative searches” that are exempt from probable cause because they further the government’s need to prevent terrorist attacks.

    Bureaucratic centralism in the CCP and absolutism in the state regime are flourishing. Its practice of industrialization depends on the administrative lash; agrarian collectivization and communalization especially are carried out by administrative decree, amply manifesting its adventurism. We must not forget that Stalin practiced state industrialization and agricultural collectivization without departing from Stalinism. In carrying out these policies, Stalin used administrative decrees shot through with adventurism and intended not for the benefit of the workers and peasants but for the benefit of the bureaucracy. The CCP policy of industrialization and collectivization is a copy of Stalin’s, with certain corrections but the same in nature.
    ~marxists.org

    Administration :)

  13. Citatul nu este relevant pentru cautari. Mai bine puneai ceva cu cautatul in Dacii dupa cartofi, branza si carne de la tara, cand intrai in oras venind dinspre rural.

    In romana pentru ca nu cunoaste sfera americana procedeul. Cum aia se cauta prin genti dupa furat laptoape' si nu mancare, problemele de tip "vitelul de aur" sunt probleme evreesti si incuiate in babilonul pe care l-au facut ei acolo-n state, aicelea nu merg.

  14. +ceva articol precedent cum ca inteligenta s-a intors impotriva lui obama, deci chestiunea il depaseste, si in masura in care informatia intra pe o parte si pe alta iese(wikipenis, snowden etc), care centralizare.

  15. Another one bites the dust:

    http://www.groklaw.net/article.php?story=20130818120421175

  16. Mircea Popescu`s avatar
    16
    Mircea Popescu 
    Wednesday, 21 August 2013

    I don't get her issue anyway. PGP.

  17. MP, the panic of technical semi-literates is largely muscle reflex, but a wise reflex in the end. PGP does the poor ignoramus very little good on a rooted winblows box. Although how anyone might have laboured under the delusion that plaintext email or telephone ever was 'private,' is beyond me.

  18. Anonimosław`s avatar
    18
    Anonimosław 
    Wednesday, 21 August 2013

    Non rooted Linuxbox might be still not enough, Intel openly admitted to having hardware backdoor on higher end CPUs. I also read that network card has access to whole RAM and can have hardware backdoors. I heard that there are some people who work on OS that will need to trust CPU only.

  19. Mircea Popescu`s avatar
    19
    Mircea Popescu 
    Wednesday, 21 August 2013

    @Stanislav Datskovskiy PGP can be trivially airgapped. A working laptop is cheaper than a decent meal.

    @Anonimosław There's probably some interesting stuff to do with homomorphisms so that the hardware does not actually touch the exact problem the software is resolving, but just a homomorphic one.

  20. CPU microcode backdoors are interesting only from the point of view of privilege escalation (the enemy needs to have something running locally to play.) Network cards are a more interesting possibility. A rootkit which runs entirely in a common Broadcom chip was shown publicly several years ago. It did not rely on any code running on the CPU proper. Why does a network card need a quad-core ARM?

    And yes, the network card (as well as other devices on the bus) can fandango over RAM at will.

    Your network card (and mine) may very well be waiting for a magic packet as we speak. Or perhaps it has already swallowed a few.

  21. MP, re: your airgapped laptop: do you generate keys on it? Using what entropy source? Have you tested any of your keys for known weakness patterns? (Generating weak RSA keys is trivial, requires minimal code diddling, and is entirely without obvious symptoms to the user - until the gasenwagen shows up.)

    Intel has all but confessed to deliberately weakening the RNG built into its recent chips. And, if I recall, some Linux distros will use the on-chip RNG.

  22. openly admitted; confessed.

    links?

  23. http://www.schneier.com/blog/archives/2012/02/lousy_random_nu.html

  24. Mircea Popescu`s avatar
    24
    Mircea Popescu 
    Wednesday, 21 August 2013

    @Stanislav Datskovskiy

    Using what entropy source?

    a. Pick up the want ads, hire ten whores, run the mic while you bang the lot.
    b. Play solitaire.

    I suspect most practical applications will involve option b. I have no idea why, but it's what it is.

    Have you tested any of your keys for known weakness patterns?

    My public key is public, help yourself.

    And, if I recall, some Linux distros will use the on-chip RNG.

    This is very funny, because the Power Rangers are using java. Bad java, at that.

  25. ^

    0.003% of public keys is incorrect

    --

    “They could then install a backdoor on your computer disguised as a Windows security update – and you would think everything was great,” he said.

    http://www.afr.com/p/technology/intel_chips_could_be_nsa_key_to_ymrhS1HS1633gCWKt5tFtI

    srs business. 'they could'.

  26. Intel has all but confessed to deliberately weakening the RNG built into its recent chips. And, if I recall, some Linux distros will use the on-chip RNG.

    You mean all.

    Also pag 13-17: https://www.privacy-cd.org/downloads/truecrypt_7.0a-analysis-en.pdf

  27. shit is srs https://plus.google.com/117091380454742934025/posts/SDcoemc9V3J

  28. As usual, the crackpots are right, and the 'reasonable' and 'pragmatic' fellows are wrong. So very wrong. The 'front row seat in the gasenwagen' kind of 'wrong.' But the Russian saying applies: 'prison, like the grave, is spacious: a spot will be found for each.'

  29. Mircea Popescu`s avatar
    29
    Mircea Popescu 
    Saturday, 7 September 2013

    I fail to notice pgp mentioned among the crud of ssl/vpn/4g/etc.

  30. The magical Satanic Ring of Factoring which breaks RSA lives in a subterranean crypt, behind seven seals - much like the warehouse in Indiana Jones. You read it here first!

    In all seriousness, a pill against RSA is the very essence of a 'glass cannon.' Recall that Churchill let Coventry burn rather than risk leaking the Enigma break. A generic RSA break, if it exists, will be saved for some very special occasion.

    Much safer to feed the peasants weak keys, diddled open source crypto, and the like. Especially when fellows like Mr. Torvalds helpfully cooperate.

  31. I fail to notice pgp mentioned among the crud of ssl/vpn/4g/etc.

    What they have is a hardware backdoor into the entropy source and keygen cache. If you manage to bypass the hardware generator it should be safe, implying the software doesn't have a backdoor too(gpg itself probably not but some interface of it for the gui goim).

    Processors older than Ivy Bridge should be safe but inb4 'aes new instructions' was compromised too.

    Now I's believe.

  32. Mircea Popescu`s avatar
    32
    Mircea Popescu 
    Saturday, 7 September 2013

    @Stanislav Datskovskiy Enigma was fundamentally an exercise in safety through obscurity. That such a thing would have a counterpill would be a certainty in any sane and competent representation of such a system. That the Germans had no idea belies their insane arrogance at the time as well as their lack of experience on the topic. You know, much like in my case.

    I am still trying to make heads or tails out of the Torvalds thing. As far as I know that's absolutely the first time Mackall brought publicly that complaint, and even then it had been so far missed by my intel. If it weren't for Anon above I'd still have no idea, I guess that technologist badge was well earned and is well confirmed.

    @Anon Real men use old hardware for this reason, just like they use old versions of everything for that other reason.

  33. Recall that Churchill let Coventry burn rather than risk leaking the Enigma break.

    This is what crazy seers, street prophets and mass hysteria are used for: get the people out without the enemy knowing you knew. Sadly the Brits of the time were too rational to have crazy seers, street prophets and mass hysteria. It wasn't until the Beatles...

  34. So it appears that the Simtec Electronics Entropy Key is now thoroughly sold out. It might be interesting to obtain one from several years before, well, the mass panic, and one from the current batch - and spend some quality time with an electron microscope comparing the two.

    And any notion that one can judge the cleanliness of an RNG simply by studying the output stream is riotously idiotic. A cleverly-sabotaged entropy source can pass any mathematical test for complexity, just as, for example, the digits of pi do. It is random, except when you know the secret, at which point it isn't.

  35. Mircea Popescu`s avatar
    35
    Mircea Popescu 
    Saturday, 7 September 2013

    Interestingly enough someone was mentioning it on irc earlier. The integrity check/handling they describe is sane, inasmuch as you're trying to detect accidental / "random" tampering with the entropy. Obviously in a well directed attack your digits of pi example controls.

  36. MP, the integrity check and entropy distillation (assuming the firmware does exactly what it says on the box) is to protect against an accidental failure of the analog noise source on the board. It is neither here nor there when considering a deliberately Trojaned unit. The latter will give you mathematically-beautiful entropy which is in fact entirely predictable by a third party, because the analog noise source will be present on the board just for show.

    One can trivially build a PRNG seeded with a real-time clock into the firmware, and shit out bits just from that. Perhaps a Grand Inquisitor has already paid a visit to Simtec, and made them 'the offer you can't refuse.' This might have happened yesterday, or years ago. The only way to tell is with an electron microscope (or, at the very least, by extracting the firmware. Depending on the microcontroller used, you may or may not need an ion beam workstation or other exotic silicon diddler.)

  37. Mircea Popescu`s avatar
    37
    Mircea Popescu 
    Saturday, 7 September 2013

    MP, the integrity check and entropy distillation (assuming the firmware does exactly what it says on the box) is to protect against an accidental failure of the analog noise source on the board. It is neither here nor there when considering a deliberately Trojaned unit.

    Well yeah, that's what I'm saying too. No argument there.

    I personally don't like the model they use (avalanche noise) because it's not user controlled. I would much rather have some sort of lava lamp laser where the user supplies the lava lamp, or audio derivation where the user supplies the audio, because a nefarious unit could more easily be sniffed out by feeding it controlled input (such as silence, for instance). I suppose this could also be taken apart and supplied electrons on a schedule to see what it does, but it's more nitnoy than it has to be.

  38. For user-controllable entropy, an inexpensive Geiger counter works beautifully. Use the Am-241 gamma emitter capsule from the cheapest smoke detector. You can remove the capsule from the rig to starve the entropy source (don't forget background gamma, however,) or bring in a second Geiger to ensure that your capsule hasn't been replaced with a dummy while you were in the bath.

  39. Mircea Popescu`s avatar
    39
    Mircea Popescu 
    Saturday, 7 September 2013

    Which hints at the implicit problem in the otherwise very good radiation counter model : radiation is everywhere and silence is thus impossible. This is great if you need rng in applications such as outer space exploration, as you get the noise for free and dependably, perpetually. For the usecase we're contemplating however I still prefer stuff like the lava lamps, audio etc.

  40. MP, the lava lamp scheme cannot be 'silence tested' any more than the Geiger: thermal noise in the CCD. The same goes for a sound card RNG. In fact, the latter works quite well with nothing plugged into the microphone jack.

  41. I should add that it would be trivial to peg an evil PRNG's output to the entropic quality of the analog noise source. So, you'll still be getting predictable bits, but they will taper off as expected when you disable the noise source.

    The only true solution is to audit the circuit and firmware personally. And for the latter to be so simple that it cannot be meaningfully diddled (for example, but not limited to: using a microcontroller with the smallest adequate ROM.)

  42. Mircea Popescu`s avatar
    42
    Mircea Popescu 
    Saturday, 7 September 2013

    Obviously they'd be so calibrated that thermal noise/unplugged static doesn't cross the threshold.

    Incidentally as a spare thought, I wonder what quality entropy could be obtained by the following scheme : have all computers on the web answer any calls to port 63420 with a random packet sucked out of urandom. Then whenever anyone needs some actual entropy pull 4 bytes out of urandom, send a packet to port 63420 of that ip and mark down the packet received.

  43. Mircea Popescu`s avatar
    43
    Mircea Popescu 
    Saturday, 7 September 2013

    As to your later comment : you wouldn't know aforehand what exact tests are used. I just gave silence as a simple (and dysfunctional) example.

  44. MP, this last scheme would be trivially gamed and you know it. It would be even easier and more fun than setting up diddled TOR exit relays.

  45. Mircea Popescu`s avatar
    45
    Mircea Popescu 
    Saturday, 7 September 2013

    So in a sense it would be... better! than what's currently used.

  46. Related, with insights now NSA works: http://www.mail-archive.com/cryptography@metzdowd.com/msg12325.html

  47. Mircea Popescu`s avatar
    47
    Mircea Popescu 
    Sunday, 8 September 2013

    Not a bad read.

  48. http://www.loper-os.org/?p=1299

  49. Mircea Popescu`s avatar
    49
    Mircea Popescu 
    Tuesday, 10 September 2013

    You link there to http://www.loper-os.org/?p=273, which seems to me to be self-contradictory. To wit :

    All of the information contained inside the machine’s storage array (see the Third Law), whether executable or not, shall be accessible at all times for inspection and modification by the user/programmer, in the form preferred for modification. The user/programmer shall have the ability to modify the functionality of any executable code within the system without cycling power or performing any similar ritual. No modification of any kind shall be able to render the means for undoing said modification (the keyboard and a spare instance of the built-in debugger) inoperable.

    Now I wish to replace the built-in debugger with a succession of 00011100 (for historical reasons). According to the first part I should be able to, but if I am able to then the 2nd part is compromised.

    And obviously if you cop out and except the debugger there's nothing to stop me from mandating all production of such system conform to my specifications, which include never showing 00011100 to the end user, but instead replacing all instances of it with 01001100. There are indeed very strong reasons why that first part is there in its current absolute form, and it's unfortunate but unavoidable that such a machine can not be usefully built.

    Back on this one : I have no idea why you think the naivite of bureaucrats may be excused, outside of you not being one, not knowing one and thus failing to distinguish a bureaucrat from a vegetable (in the sense of braindead pacient). In point of fact the bureaucrat is the slave world equivalent of what the manager is in the free world. Consequently he may be excused nothing.

    Further,

    but the underlying idiocy of the Unix architecture (and all other conceptual foundations underlying today’s computing systems) – to no great surprise on my part – isn’t. And won’t

    I make no secret of being slow, I'm a manager not an engineer. My hair may not be pointy, I might have made a fine engineer, but neveertheless. So, bring me up to speed, what underlying idiocy is that ?

    PKI is – and has always been – a sham.

    This is not a secret. People with a clue (such as for instance myself, as a lowly example) have been both saying this and acting in accordance with this forever. When some random Romanian unknown entity decided to create a Bitcoin exchange it straight out eschewed any sort of PKI. That https is not secure for any Bitcoin application has been said and repeated, here and everywhere. Why do you generalise the stupidity of people like Assange rather than generalise the common sense solidly found everywhere ? (I should perhaps have said "everywhere else" for moar lulzpower, but anyway). I don't ask programatically, merely curious, why one rather than the other ?

    Since we're on this topic, as a paranthesis allow me to translate for you this older article :

    First!

    So you may follow the flow of events :

    I. Friday, September 2nd [2011], around 1 AM we see the first signs that Wikileaks has lost control over the database of telegrams from US embassies to the State Dept.

    II. Friday, September 2nd, around 2 AM someone places in the p2p networks the cables.csv document, a 1.6Gb db dump, plaintext, unedited.

    III. Friday, September 3rd, around 3 AM appear the first confirmations. Press reports start flowing.

    IV. Friday, September 2nd, at 5:25 AM the first telegrams start being published. Here.

    V. Friday, September 2nd, at 9:34 PM Wikileaks announces that they've lost control over the documents, and at the same time offer the file openly on their website.

    VI. Saturday, September 3rd, starting at 2:52 PM Wikileaks is hopping up and down on twitter about how unserious the Guardian is.

    In between IV and V I published hundreds of telegrams [strictly those mentioning Bucharest] and, if you'll allow the arrogance of observing the obvious, not only was I the only one that published anything but also by any logic am the cause of V.

    We [in the sense of Romanians] were first in something, sometime, at some point.

    PS. The Guardian isn't particularly related.

    PPS. It's quite funny to live among people who see these events unfold before their eyes but have no idea what's going on. Well done doods. Guess why you're poor ?

    So. There are powers. They're everywhere. Surely a discussion with a lot of old women / 37 yo men may give the impression that most of medieval England was organised as anarcho-syndicalist communes. Nevertheless...

    Let’s go back to your kitchen. It is squeaky-clean, you say, because nowhere in your house do you make use of Microsoft’s miserable imitation of an operating system. Guess what, the mounds of garbage are still there, stinking brazenly; the mice leap, they play without fear, because virtually all of your cryptographic needs are serviced by some variant of OpenSSL. What a monstrous turd of a library! Have you read and understood it – any of it? Do you personally know a single living soul who has done so?

    If the test is "understood any of it" then the answer to that last question is yes. I did have it reviewed, on multiple occasions, for multiple projects. If the test is "understood all of it completely and absolutely" then the answer is no, and has to be no, for rather plain metaphysical considerations : I've yet to meet god.

    I do not subscribe to the idea it's a monstruous turd of a library, however. There's this old observation re hairy code, courtesy of good ole Joel :

    This is why code reuse is so hard. This is why everybody on your team has a different function they like to use for splitting strings into arrays of strings. They write their own function because it's easier and more fun than figuring out how the old function works.

    As a corollary of this axiom, you can ask almost any programmer today about the code they are working on. "It's a big hairy mess," they will tell you. "I'd like nothing better than to throw it out and start over."

    Why is it a mess?

    "Well," they say, "look at this function. It is two pages long! None of this stuff belongs in there! I don't know what half of these API calls are for."

    Before Borland's new spreadsheet for Windows shipped, Philippe Kahn, the colorful founder of Borland, was quoted a lot in the press bragging about how Quattro Pro would be much better than Microsoft Excel, because it was written from scratch. All new source code! As if source code rusted.

    So therefore, in my day to day practice of administering the work and thus the life, intelelctual as well as otherwise, of bright competent young (or not so young) engineer folk, I tend to take the perceived hairiness as a reverse signal of sorts : human dislikes code smarter than him, and by the time people dislike code they don't know how to fix it's quite possible the reason is simple vanity (unknown and unremarked by the vain, like all good vanity ever is).

    Who is going to bring down the law upon these fellows? You? Your neighbor? Mr. Schneier? The Pope? The Grand Inquisitor?

    I easily could, if I gave two shits. It happens that I don't, but in my place any other manager could, and would, and has historically. That country is completely bereft of managers however, and the task is unequal to bureaucrats (unless they were brought in something similar to the Russian tradition and are motivated by a special sort of mad king - and we still don't understand this exception too well anyway). The reason that country is bereft of managers is of course the unchecked uppity poor class, which has by now thoroughly disgusted anyone competent of ever helping them. So yes, for very deep, perfectly understood structural reasons the entire mess is collapsing, but the entire point you discuss is epiphenomena in this context.

    The one measure which is guaranteed not to work is whining.

    This point is very remarkable to me because I notice a similarity with retard behaviour around Bitcoin (ah such a grand experiment in everything human this Bitcoin thing is - hark my words, if there will ever exist psychology as a science, opposite of all the pseudoscientific crap that discipline consists of now and has consisted of ever ; if there will ever exist social sciences as actual sciences, opposite idem, it will all be because of Bitcoin and through Bitcoin and no way else). Consider this exchange :

    MPOE-PR
    Looky, that I'm the girl in the avatar pic and that MP is a different person are well documented and long standing established rock solid facts. There's pictures of both of us in the same room, people met us in person at that conference you never knew about (you know, the one where MtGox' demise was decided), on it goes.

    In spite of this having been amply documented, all over irc, all over this forum even, clueless noobs still jump both feet into their ridiculous assumptions on the matter, which is by now in itself a meme and a perpetual source of amusement at those clueless noobs' expense.

    The only question remaining would be "why'd you put yourself in that laughable position". Do try and answer, I'm curious.

    Random noob

    Met with high levels of defensiveness and a ready-made swath of dubious evidence. Check.

    It just seems so improbable that two people with such a similar scent of insecure, delusional narcissism would ever meet each other in real life and collaborate suchly.

    Consider the more general situation : if you're to take average noob at his word, the month old kindergarten "exchanges", replete with security holes, badly managed, cluelessly run are the standard, and the years old record holder of Bitcoin security (you know, only service to never have been hacked etc) is some sort of side player. All this while different people went through the psychologically scarring experience of believing the exact same a year ago, and being thoroughly rebuffed by cold hard practice, and their abandoned carcasses are still perfectly visible on the field to anyone willing to look. To quote MPOE-PR, "just ridiculous pace on them, cause you can go pretty fast when you neither think nor read".

    So now : when I say uppity poor class above this is exactly what I mean. Who told this horde that it may not express its ill shapen, ill begotten nonsense & crud distillate as if it were an opinion - on anything! - but outright form one! Who told the horde that it may have an opinion at all!

    Opposite this, I routinely tell my (younger) slaves that "you're too stupid to have an opinion in the first place, shut the fuck up". And they shut up, in fear. In terror. And then in time they discover why it is they're too stupid to even have an opinion, and fix the problems, and then they become able to have opinions, and so they do, and it's all fine. And amusing. And so back in the moment, the older girls smile a certain way and the younger ones cry, because they dare not whine but oh how would they!

    So, why do these people whine ? Why, for lack of masters. And why the lack of masters ? Why, because mastery is demanding and expensive and rare, and worst of all elective. Consequently the day the poor become uppity that place is doomed, for the actual masters leave, and the fakers can but run it into a wall. You'll easily know the fakers, too : they encourage whining in all forms but especially as substitute for action. Or to put this concept in a different perspective, there's two kinds of leaders in this world, and always have been. On one hand there's the kind that's shared by all emperors brought to the purple through acclaim of the troops (with few exceptions towards the end). On the other hand there's the kind that derives from that wholly American heresy known in its later forms as "How to Win Friends and Influence People". There's the master that works you and there's the master that flatters you. The master who's your master because you know he's better than you (and are glad for it) and the master who's your master because you think you're better than him (and are sad for it!)

    So ask around, as a practical exercise : "who do you know that's a better human being than you ?" Don't settle for cheap cop-outs, for dead people, for fathers, for dead people that were the guy's father. Insist it be someone he meets every day, someone he works with. If he doesn't work with his betters, then why not ? Why waste time working with anyone else ? Don't settle for cheap cop-outs, for theoretical sophistry as to how no people are really better people than other people. Of course there are! I am pretty confident you'll see by the answers why whine : alone in a world of things, untouched by breath of life, you would whine too. You would cry. You would moan and growl your utter destruction to the cold stars above. By the way, are you familiar with the purely theological notion that Hell is a construct of the sinner himself, brought about naturally and dispassionately through that sinner's simple if deliberate rejection of greatness ? Vanity, as it were ?

    Civilized society traditionally privileged certain professions – medicine, law, the priesthood – in return for certain obligations. A priest takes an oath not betray the seal of confession, and in return he is trusted with the most damning secrets. The doctor swears not to harm his patient, even when the latter has committed terrible crimes. The lawyer tries to defend miscreants he knows to be guilty.

    Your understanding of the liberal professions is deffective, in that it makes central something that's moreover a byproduct, and in that it represents them in terms of a balance they never substantially worked on. The notion of creating a liberal profession out of coding seems perhaps a little romantic, but I confess I don't really understand enough to be able to be definite. Perhaps there's something here. Props for seriously quoting lj tho, I didn't even think that's at all possible if one tried.

    Perhaps one day there will indeed be someone you can trust to pronounce – truthfully and competently – that a crypto-system is strong, that a protocol has not been diddled, that your computer serves only a single master.

    There's no doubt in my mind that if this should ever be, it will be through Bitcoin much like porn has been through the Internet. There's just no other way.

  50. Mircea Popescu`s avatar
    50
    Mircea Popescu 
    Tuesday, 10 September 2013

    Ps, to crown the logest comment on the internets :

    "What of "terrorism"? Will mandatory anti-terrorism software, provided to Microsoft by the federal government, monitor and report my computerized activities to the Department of Homeland Security for review?"

    Isn't the naivite of 2005 sweet in retrospect ?

  51. Re: the debugger: the solution is trivial. The machine ships with a briefcase full of spare debugger EEPROMs, easily verifiable by a skeptical user as identical to the original.

    This detail was left as an 'exercise for the alert reader,' but perhaps I should have included it from the beginning.

    Re: UNIX idiocy:

    See "The Unix-Haters Handbook" (Garfinkel, Weise, and Strassmann, 1994.) as a quick and pleasantly-humorous introduction to the subject. Unix (and all operating systems derived from or inspired thereby, which includes the MS crapola) is defective in so many fundamental ways that a forest could be killed were they all to be put to paper.

    Re: perceived [code] hairiness as a reverse signal:

    The hairiness I was referring to in the OpenSSL example stems from a clear cause, that of an operating system which leaves the hapless programmer to implement basic data structures (list, queue, hash table, the whole undergraduate orchestra and beyond,) mathematical essentials (bignum, basic arithmetical algos Euclid and onward,) error handling, etc. from scratch. Again and again.

    The lamers you describe, who regard anything which they cannot immediately understand as 'hair,' are quite real. And so is genuine 'hair.' Arbitrarily-competent programmers who are forced to build on defective or inadequate foundations will inevitably produce 'hair.'

    Re: bringing down the law:

    > I easily could, if I gave two shits.

    Please do elaborate...

    > ...that place is doomed, for the actual masters leave...

    This does, perhaps unintentionally, imply some mythical "Gulch" where these fellows wait out the Dark Ages, trading home-rolled cigars for gold coins among themselves. I'm of the opinion that the 'genuine masters' are: dead. Of old age - and no replacements were produced.

    > So ask around, as a practical exercise : “who do you know that’s a better human being than you ?”

    Have you personally attempted this exercise? Would you care to share the result with your readers?

    > Hell is a construct of the sinner himself, brought about naturally and dispassionately through that sinner’s simple if deliberate rejection of greatness

    Well, obviously.

    > The notion of creating a liberal profession out of coding seems perhaps a little romantic, but I confess I don’t really understand enough to be able to be definite.

    There is a romantic component, clearly, but the idea is more of a practical bargain. Even a very clever fellow who could, in principle, understand (for example) the necessity of 'padding' in RSA were he to spend some months in study, might rather be doing what he does best (physics, BTC high finance, etc.) The idea of trustworthy 'programmer priests' is a purely practical necessity - we stand to lose division-of-labour if everyone equipped with a brain were forced, by sheer need, to become a professional cryptographer. Just as you personally would rather employ an expert pistolero than carry your security burden alone.

    > if this should ever be, it will be through Bitcoin

    It could just as easily be through gold coin. The key is not in a particular payment mechanism, but in the cultural institution of trust for a profession as a whole. Trust which must be earned over centuries, and can be lost in mere hours. The profession of 'programmer' is in a far worse place than merely starting from nil with regard to said trust.

    We are, for instance rapidly, approaching the point where anyone describable as a professional cryptographer can be presumed to be either incompetent (and therefore 'harmless,' not worth bribing or threatening) or a government shill (paid or otherwise.)

  52. Mircea Popescu`s avatar
    52
    Mircea Popescu 
    Wednesday, 11 September 2013

    Well let's not gloss over things. Easily verifiable how ? On the score of hair I suspect you're probably right, but the two sides are split by such a thin tiny hair...

    Please do elaborate…

    Dude : Yes you can.
    Me : No you can't, you cunt. Stfu and get lost.

    ~ The End ~

    Of old age - and no replacements were produced.

    Sounds appealing, but you neglect that genuine masters are never produced. They selfborn.

    Have you personally attempted this exercise? Would you care to share the result with your readers?

    Sure, I already have. For instance. For another instance.

    The idea of trustworthy ‘programmer priests’ is a purely practical necessity

    Practicall necessity all of itself doth not a building make. You need to give something to those people. What are you giving them ? Here's a design, the coder priest is held to indeed satisfy the requirements as you espouse them and in exchange he is imune to rape prosecution, and any peon of either sex opposing his sexual advances or failing to wholly satisfy as measured by sworn declaration is to be packed off to jale for a year. Then you can have your priesthood. Deal ?

    The key is not in a particular payment mechanism

    Bitcoin is not a "particular payment mechanism" any more than semiconductors are "conductors".

    I don't think we're doing nearly as badly on the score of trust as you describe.

  53. Re: ROM comparison:

    Trivial solution: a simple device is shipped for this purpose, consisting entirely of discrete logic (no more than 7 or 8 chips, of the standard 74XXX series.) An indicator light is connected to the flip-flop which flips if any bit differs among the two ROMs undergoing comparison. All chips socketed for ease of removal; board is simple dual-layer with all traces visible to the naked eye; schematics included. Skeptic is free to remove the 74xxx chips and replace with identical ones of his choosing, perhaps plucked from an old Commodore-64 or Soviet (Martian, whoever) equivalent thereof. And, should he desire, to construct his own logically-equivalent board, in an hour or so. A circuit which unfailingly compares two ROMs is an undergraduate exercise, no deep science here.

    Re: bureaucrats:

    What you describe here is the current state-of-the-art (ignore them.) This does not solve the pest control problem at hand. Should one get a new house whenever mice chance to appear?

    Re: the masters:

    Regardless of where they come from, I'm not certain there are any around. As for the fellows you mentioned, are you personally in collaboration with them? Google Translate leaves a lot to be desired.

    Re: priests:

    What do Catholic priests traditionally get as a perk of office? Witch doctors?

    Re: Bitcoin & trust:

    Crypto-contracts are applicable only to situations which reduce to an 'iterated prisoner's dilemma.' The trouble is that you never know if a 'prisoner's dilemma' is of the iterated kind until it, well, iterates.

    There's no escape from having to develop trust the old-fashioned way.

  54. Mircea Popescu`s avatar
    54
    Mircea Popescu 
    Wednesday, 11 September 2013

    Can I edit the shipped device ?

    I get a new house every time I dislike the old. I am not in the business of home improvement, of any sort or kind, and my dependants pursue more rewarding and more productive careers than couch moving and window painting. Consequently, I rent everywhere and don't give a shit. This would be the idea (Romanian, regretfully).

    They're certainly neither dead nor my relatives, so it passes the tests as stated.

    Catholic priests get the exact thing described. Always have. Do not be amazed that the concept of seal of confession is no more : the altar boys are servicing no more either, and moreover the cheeky peons are acting as if the servicing all their underage offspring is due the priests is some sort of novel, unheard of element. It is not. The pretense is what's novel in this discussion. Witch doctors are a complicated point because that term reunites a vast diversity of disparate elements under one single label most convenient for Western ignorance. Nevertheless, in no case is a peon allowed to even conceive of sexually disobeying the witch doctor.

    Bitcoin is not merely a crypto currency. It is a complete cultural revolution, it contains everything, from political program to weaponry. Just add water and stir.

    Of course there's no escape from having to develop trust the old fashion way. That's precisely why trust is doing just fine today as always.

  55. Hypothetical device is just a gadget for determining whether two ROMs are identical. You can 'edit' it by re-arranging the wires (wire-wrap if you like instead of printed circuit), but there is little point in doing so. The design presented is a 'nothing up my sleeve' scheme for a circuit whose trustworthiness can be verified with the naked eye (and access to a junkyard.)

    Re: the masters: you did specify that one should not only consider their existence, but ask "why am I not working with them" ?

    Re: house & vermin:

    We can't all be feudal lords. 'Musical chairs.' Planet contains more functional brains than 'chairs.' Hence 'clever poor' and all that follows. Postulating that anyone who ends up without a fiefdom isn't so clever after all solves nothing. Those who are unable to become lords become clever troublemakers.

    Re: cipherpunk-revolution:

    Wake me up when everybody involved (yes, even considering only those who matter) have secure endpoints. And 'hash monks' grunting out SHA on papyrus still don't strike me as particularly plausible. When the lights go dark, BTC is no more. We're dangerously low on trustworthy relays even now, with working mains power.

  56. Mircea Popescu`s avatar
    56
    Mircea Popescu 
    Wednesday, 11 September 2013

    #1 : I think you fully understand what the problems are with the hypotetical device.

    #2 : Yes, but there's also this bitch of a situation where not everyone can discuss everything publicly, as much as they might like to.

    #3 : Planet would be in great shape if there was one functioning brain per dozen chairs. As best I can tell this ideal situation is at least one degree of magnitude off, in the direction of there being way too many chairs. Obviously the poor prefer to represent their poverty as external rather than internal. I fail to see what bearing this has at all, the labrats of Mssrs Dunning&Kruger also held themselves as well as their various imaginary skills and abilities in very high regard.

    #4 : On the other hand of that situation, I'm still waiting for Sir Brave-in-the-mouth to take me up on last year's bet. So far you're debating some "will"s against a set of "is". Doesn't impress.

  57. #1 - I'm not certain there are any problems. It is not even necessary to ship the actual gadget with the kit, just a pencil drawing thereof - and the address of a local junkyard. The mere fact that even an interested child could construct it, combined with its applicability to the larger system, blows Ken Thompson's 'law of nature' out of the water.

    #2 - right

    #3 - idiots with their loyal Praetorians - no particularly expert judges of character or intelligence - run the ship aground, just the same now as 2000 years ago.

    #4 - give them time. and don't store the whole $250mil chest in BTC, diversify to rare earths and AK rounds.

  58. Mircea Popescu`s avatar
    58
    Mircea Popescu 
    Wednesday, 11 September 2013

    #1 You don't get to create an open machine, ie, one which doesn't include all its parts.

    #3 I guess we'll never come to common ground on this one.

    #4 I'm not sure why it's not in any way and anywhere at all obvious just how fucking uncool all this preparation bullshit really is.

    That aside, should I wake up tomorrow in an entirely different world with no relation with the current I will simply continue doing what I'm doing now, with the same degree of success. I know this among other reasons because it's already happened.

    So, there's nothing I feel the need to pack for the trip to Mars any more than there's anything I need to pack for any other trip, I carry everything I need by default and always have. Should the aliens land I'll have great parties with them and we'll drink ourselves under the table, should the Mongols invade I'll have great parties with them and we'll drink ourselves under the table, should the feared whatever post-Fallout 2 invasion occur we'll just have a ball together and that's that.

    The people packing shit are those kids aptly described by Seinfeld as

    What's amazing to me about the library is it's a place where you go in you can take out any book you whant they just give it to you and say bring it back when you're done. It reminds me of like this pathetic friend that everbody had when they were a little kid who would let you borrow any of his stuff if you would just be his friend. That's what the library is. A government funded pathetic friend.

    They know they suck, and they know they don't deserve it. I guess I'm thankful that they're going to be putting all that effort and preparation into dragging all my future AK rounds and rare earths and condoms or w/e up a hill. Sort-of. I guess.

  59. #1 - All computing machines are 'open' in the sense that they fail to ship with: the energy they consume, plus a few other essentials (an operator, for one.) Thompson's 'theorem' remains nulled - there is no place to hide a 'gotcha' in the system described.

    #4 - So it's all in 'human capital' then. Fair enough. Hope it works out when it's time for the acid test. As with #3, you must realize that you have options which are simply not available to everyone - not even every thinking person who you might care to share a scorched Earth with.

    Re: libraries: if public libraries were not a part of your childhood, this is an interesting surprise. In any event, the only libraries we're likely to have around a few decades from now are the kind described in Eco's "Name of the Rose."

  60. Mircea Popescu`s avatar
    60
    Mircea Popescu 
    Wednesday, 11 September 2013

    #1 Except no system was in fact described. Just this item that has to constantly regress by having parts added and as the requirement they be rewritable is extended to them more parts get added ad infinitum. The reason your machine can't be built is pretty much derived from Godel.

    #4/3/generally Let live, let die, basic life lesson. Nothing wrong with any of it, some things we like won't make it, some versions of the future don't include us. Why should this be a big deal ?

    All options are available to everyone all the time. Pretending options are not there because they're "too hard" or inconvenient or "shouldn't even be an option" has no bearing. Some chick choosing not to throw off her clothes in one elegant move and go on her knees is not some chick that never had the option to service me. She did have it, she blew it. Her problem, wholly owned.

  61. @Mircea:
    > Obviously the poor prefer to represent their poverty as external rather than > internal. I fail to see what bearing this has at all, the labrats of Mssrs Dunning&Kruger also held themselves as well as their various imaginary skills and abilities in very high regard.

    What is the agenda here with insisting on poverty being persistent property of individual so much? Obviously Dunning-Kruger and resulting mass societal delusions are real, but also life circumstances are real and negative feedback from financial hardship to intelligence is real:
    http://www.sciencemag.org/content/341/6149/976 You seem to imply the feedback is only the other way around.

    @Stanislav: Well, are you 100% sure that even your own mind/body unfailingly serves you as its master? If not (I don't think so myself), how that mind can aspire to build a machine that does? You have to draw the line somewhere.

  62. Mircea Popescu`s avatar
    62
    Mircea Popescu 
    Wednesday, 11 September 2013

    Well, other than an old stoic tenet, understanding that anything you are is your own creation also has the political advantage of putting everything squarely within your own control.

    The sciencerag shit you quote is excellent example of both social control and bad science. Nothing in there is correct to life, in the sense and to the degree nothing in sitcoms or "reality shows" is correct to life, in the sense Greek worldmaps weren't correct to life. It notes down what some particular people dream reality to be, and they are recognisable by their dreams' particular slant.

    Your mind and your body unfaillingly serve, even when you want them not to. Which is how you came to your opinion.

  63. public libraries not a part of childhood

    I would just like to point to this: http://ebooks.adelaide.edu.au/s/schopenhauer/arthur/religion/chapter3.html

    Also I'm not very sure about but probably the english language doesn't have enough words to describe soviet-style books, you know, those printed up-side-down, missing pages, missing the text, missing any point at all...

  64. #1 - MP, you ought to know better than to invoke Gödel in application to physical computing hardware. Where he is even less relevant than Lindemann's proof of the impossibility of 'squaring the circle' is to the work of a tailor or an architect. We were, after all, discussing the feasibility of a machine which can be shown - to a paranoiac's full satisfaction - not to be booby-trapped; rather than mathematically 'consistent' in the Gödelian sense.

    #3/4 - Glad to see you finally admit that you are mortal. Perhaps you should assign one of your slaves to march behind you and periodically whisper this useful reminder in your ear, a la triumphant Roman generals.

    The man shipwrecked in the North Atlantic 'has the option' of swimming. At all times! Just as you described. Why doesn't he swim home?

  65. Mircea Popescu`s avatar
    65
    Mircea Popescu 
    Wednesday, 11 September 2013

    #1 your machine is still a theoretical item in that you are describing it to me. Something that can't exist in theory can't exist in practice either and there the discussion ends. Your objection is not much unlike the 1900s Tesla-looking guy working hard at making an ACTUAL perpetuum mobile out of sheer conviction that theoretical physics is all well and good, but does not actually apply to his laboratory, as he's no theoretical physicist himself.

    #3 Nihil igitur mors est ad nos, neque pertinet hilum.

    I don't know why some man you propose doesn't do some thing you propose he do. You're the one to say, it's your man after all.

  66. Vexare: you must have grown up in that 'other' USSR. Where the local 'library' consisted of a hundred copies of the complete V. I. Lenin, printed with the letters upside-down and permanently glued together, where everybody sat in the Gulag and ate starvation for breakfast; "honey, please turn down the reactor, it's getting warm! shut up and bring me more vodka! and don't forget to feed the bear, re-string the balalaika, and turn us in to the KGB."

    Here in the U.S., people often ask me about that mythical place. I admit it may not be so mythical after all, perhaps it did in fact last out the century in the pesthole provinces of the empire. My father once had occasion to visit Romania in the 1980s - he described it as an unspeakably mournful shithole.

    Given the kind of dross American publishing houses are cranking out as we speak, perhaps they would do well to copy 'your' USSR and omit the ink. No one will notice.

  67. Here in the U.S.

    Aw fuck.

  68. Vexare: if only the most 'interesting' thing to be happening re: the U.S. were a poor old dervish making an arse of himself in Brazil.

  69. Mircea Popescu`s avatar
    69
    Mircea Popescu 
    Thursday, 12 September 2013

    Really quite the textbook example of senile rage. Consciously impotent, campy, terrified.

  70. BingoBoingo`s avatar
    70
    BingoBoingo 
    Thursday, 12 September 2013

    ödel or George Cantor are perfectly reasonable people to bring up in this discussion as physical computers, in practice and theory, are constrained in their computing by the limits of mathematics and logical symbol manipulation.

    At some point the paranoiac is going to have to accept some level of pragatism with regard to the risk/reward. It is either that or they at some point find themselves in a locked ward swallowing or any number of drugs for reasons entirely unrelated to the threats they were so paranoid about in the first place. This happens because in the meantime an entirely different threat they were oblivious to had come upon them.

  71. Soon, it seems both the russians and arabs got bored of their court buffoon.

    Trivial solution: a simple device is shipped for this purpose, consisting entirely of discrete logic (no more than 7 or 8 chips, of the standard 74XXX series.) An indicator light is connected to the flip-flop which flips if any bit differs among the two ROMs undergoing comparison. All chips socketed for ease of removal; board is simple dual-layer with all traces visible to the naked eye; schematics included. Skeptic is free to remove the 74xxx chips and replace with identical ones of his choosing, perhaps plucked from an old Commodore-64 or Soviet (Martian, whoever) equivalent thereof. And, should he desire, to construct his own logically-equivalent board, in an hour or so. A circuit which unfailingly compares two ROMs is an undergraduate exercise, no deep science here.

    How would you manage large databases or play video on this thing? Large data transfer?

    This changing chip for fun won't end like the netbsd toaster? It works but it can't do nothing?

  72. Vexare: the quote describes a thought experiment - a widget for comparing spare boot ROMs supplied with a machine vs. a known original; while having a circuit which can be proven to behave as-promised purely using visual inspection. Might want to backtrack through the thread if you're curious about why.

  73. "audit the circuit and firmware personally." ?

    How much would it take? I suppose you'll extend the audit to cpu(/gpu?) microcode, all firmware for/on peripherals etc?!

  74. Mircea Popescu`s avatar
    74
    Mircea Popescu 
    Friday, 13 September 2013

    It works but it can’t do nothing?

    The Netbsd toaster ran Apache. You know, just like all the Bitcoin businesses.

  75. What is nginx?

  76. http://www.embeddedarm.com/software/arm-netbsd-toaster.php

    manipulating text files is also reasonably possible using installed text editors, though admittedly using vi on a 4 row text display is not particularly productive.

    Lol not particularly productive. How about waste of time? I went to verify because I thought they connected it to internet and I didnt knew.

    The point was that I can't see how productive can that circuit audit be, aside a small hobby, like making a computer toaster which just runs.

    And a machine dumbfuck to the level of simple auditing is useless, alike the '4 lines not particularly productive' toaster screen.

    It's paranoia?! Like Stallman's raging over people who don't understand his hax into the matrix of true life.

    Maybe I got shit wrong and I'm retarded, sorry.

  77. *dumbed down, i read too much this blog.

  78. Mircea Popescu`s avatar
    78
    Mircea Popescu 
    Friday, 13 September 2013

    Probably time to look up Forth.

  79. Forth is currently used in boot loaders such as Open Firmware, space applications,[1] and other embedded systems.

    This?

    Fsf has done something more user level http://www.coreboot.org/Supported_Motherboards but the hardware they support is at least 5 years old...

  80. I'll take back the not advanced circuitry though.

  81. Re: subverted protocol crapolade:

    Bitcoin Foundation, Tor Foundation, feds, sitting in a tree:

    http://www.wired.co.uk/news/archive/2013-09/13/digital-economy-task-force

  82. Mircea Popescu`s avatar
    82
    Mircea Popescu 
    Friday, 13 September 2013

    Sep 13 22:04:26 pankkake http://www.wired.co.uk/news/archive/2013-09/13/digital-economy-task-force
    Sep 13 22:04:31 ozbot Bitcoin, Tor and Gates Foundation join task force to prevent child exploitation (Wired UK)
    Sep 13 22:05:09 mircea_popescu task-suck-me, what force.

  83. MP, the take-home lesson is that these idiots aren't even shy any more about being seen as obvious stoolies. Trust an alcoholic street bum over a '$PROTOCOL Foundation' functionary, any day of the week.

  84. 13/09/13 bitcoin rip, never forget.

  85. Alcoholic street bums are kinda cool, what is this dispariging!

  86. I used to think hardware backdoor were on the conspiracy theory side of things.

    Well... http://www.reuters.com/article/2015/02/16/us-usa-cyberspying-idUSKBN0LK1QV20150216

  87. Mircea Popescu`s avatar
    87
    Mircea Popescu 
    Tuesday, 17 February 2015

    Yea it's been all over the logs. You will notice that a) this is not really news, and b) this is in no way hardware. Just because the CPUs been split into a dozen parts all over the computer, with each running its own OS and apparently needing to remake the same mistakes, it doesn't mean it's not a software vulnerability.

  88. Jodhpur`s avatar
    88
    Jodhpur 
    Friday, 10 April 2015

    Its like you read my mind! You seem to know so much about this, like you wrote the book in it or somthing. This is fantastic blog. A fantastic read. I will certainly be back.

  89. Mircea Popescu`s avatar
    89
    Mircea Popescu 
    Friday, 10 April 2015

    Cheers.

  1. [...] perk of finding the right things and right people to read is you get to read discussions like this comment thread and and reread them on days like today and see the right things were said by the right people. You [...]

  2. [...] our commitment bets. Unless… [↩]Ever played Minesweeper? [↩]How’s that for not being poor? [↩] Posted on 2014/07/07 by Bitcoin Pete in Mes Voyages | Tagged Alberta, Calgary [...]

  3. [...] and protection in accordance to the quality of their effort. Anonymity is like censorship. You can get anonymity through the expenditure of work and resources. You can avoid censorship by expending work and [...]

Add your cents! »
    If this is your first comment, it will wait to be approved. This usually takes a few hours. Subsequent comments are not delayed.