Forum logs for 21 Jan 2018

Monday, 16 March, Year 12 d.Tr. | Author:
mircea_popescu: http://trilema.com/forum-logs-for-20-jan-2018#2398652 << yeah i think ima have the page style changed. [01:25]
a111: Logged on 2018-01-20 22:55 diana_coman: http://btcbase.org/log/2018-01-20#1773347 <-as I realised I never said this anywhere: this trouble with no-pingbacks on page is part of the reason why I have post+page for this sort of thing (the code reference shelf is one, the bac data another) - so that pingbacks can go at least to the post introducing the page ugly workaround of sorts [01:25]
mircea_popescu: http://btcbase.org/log/2018-01-21#1773416 << but make it cool. [01:26]
a111: Logged on 2018-01-21 02:36 trinque: literature seems exactly the right item to define line of project history, both in the obvious and vtronic sense [01:26]
mircea_popescu: really ? [10:24]
mircea_popescu: !!pay BingoBoingo 0.25 [10:25]
deedbot: Get your OTP: http://p.bvulpes.com/pastes/DAmcV/?raw=true [10:25]
mircea_popescu: BingoBoingo do a few trades with the locals to get a feeling of the place an' report also gpgram me the story of bbisp fiat holdings ab origine. [10:25]
shinohai: gm mircea_popescu .... well it appears to be an Argentine, what to expect? lol [10:29]
mircea_popescu: heh [10:32]
mircea_popescu: meanwhile in "going back to school" footage, http://78.media.tumblr.com/73ffe3190c6d38afe2a384cab6b1b60e/tumblr_oh67lkmHIl1rqo4hto1_400.gif [10:56]
shinohai: https://twitter.com/array_boy/status/954872144365842432 <<< "You KINDA lost your money" [11:01]
shinohai: LMAO [11:01]
mircea_popescu: kids can't commit. [11:02]
mircea_popescu: http://thetarpit.org/posts/y01/038-the-archive.html << this is so fucking endearing. [11:51]
* mircea_popescu just re-read it, and it's like... hello 1995! where were you all these years! [11:51]
mircea_popescu: here's the sad fact of the matter : if you plot the HVF against the IVF, you will discover that the diff doesn't get above water until far far FAR three standard fucking deviations out in right field. for most humans information value is negative. [11:52]
mircea_popescu: (where HVF is the human value function, ie in most cases http://trilema.com/2014/the-battlefield-of-the-future/#selection-133.333-133.484 and IVF the information value function, ie in most cases... http://trilema.com/2014/holy-shit-technical-analysis-is-real/#footnote_0_57849 ) [11:54]
mircea_popescu: and i don't even mean ~subjective~ functions here! it's not a case that "to the exceptionally gifted as identified by ivy league, worth as he is maybe $1000 with clothes included, the subjectively perceived marginal value of information is slightly negative. no, no, no, OBJECTIVE, you can tell him whatever the fuck you will and he will not have any use for it -- i don't mean "he won't be able to find any use, above his $1k pa [11:56]
mircea_popescu: ygrade", i mean there WILL NOT, period, be anything he could have fucken found. [11:56]
* asciilifeform walks this thread back in time, finds, e.g., http://btcbase.org/log/2016-05-30#1473632 [11:59]
a111: Logged on 2016-05-30 15:37 asciilifeform: but i find it hard to see how it is not obvious that 'every sewer rat can publish' is a considerable damper on culture [11:59]
mircea_popescu: that's even a separate problem, naggum's http://btcbase.org/log/2014-02-26#532023 [12:01]
a111: Logged on 2014-02-26 06:23 asciilifeform: channelling herr naggum: 'It is like going to a library full of books that took 50 man-years to produce each, inventing a way to cut down the costs to a few man-months per book by copying and randomly improving on other books, and then wondering why nobody thinks your library full of these cheaper books is an inspiration to future authors.' [12:01]
mircea_popescu: we're not even considering the point of, "could okcupid/facebook/mit/etc scum rewrite trilema". we are considering whether "the collective of x" COULD EVEN BENEFIT from reading it. [12:02]
asciilifeform: i suspect that the 'benefits from reading x' circle is never all ~that~ much larger than the corresponding 'could have written x' circle. [12:03]
mircea_popescu: http://trilema.com/2011/la-ce-imi-serveste-mie-radicalurile/ fails to even consider or discuss this point (for sheer lack of interest at the time), BUT : for most people, square roots as the concept do not bring any sort of gain. [12:04]
shinohai: A monkey hitting keys at random on a typewriter keyboard for an infinite amount of time will surely recreate Trilema! [12:04]
asciilifeform: dunno, even carpenter uses sqrt [12:05]
mircea_popescu: teaching MOST girls basic numeracy is not actually a gain for the most girls in question the whole thing is that for the ~very fucking few~ for whom it IS a gain, it is such a thundersome gain it eclipses the "inconvenience" imposed upon the majority. [12:05]
asciilifeform: but plankton -- does not, no [12:05]
mircea_popescu: which is why societies that fail to teach basic numeracy to girls as a collective spring up all the time, and quite naturally : they are realising "savings" in the sense of bacteriums. [12:05]
mircea_popescu: asciilifeform and so what if "Even carpenter" ? most items that crawl out from between woman's legs can never be a carpenter. [12:06]
mircea_popescu: fucking jesus was a MEDIOCRE carpenter. [12:06]
mircea_popescu: but yes, asciilifeform 's suspicion is very much my own -- the "chuka writer" and the "chuka reader" circles are very close to identity. [12:06]
mircea_popescu: (has any of the reformed-judaism-that-calls-itself-xtianity folk even CONSIDER to date that it's fucking weird their divine item was shown as ~a very competent nigger~, talking smack in church and whatnot, but is not even CONSIDERED in terms of his vocation ? where's the passage in the "here's what we stole from torah" where it is gone into detail as to the quality of the man's joints ? because there's oodlebunches of idle pa [12:09]
mircea_popescu: ges of x begot y who lived z until one falls over. THAT is what interests you ? really ?) [12:09]
mircea_popescu: i wanna see jesus' carpenting school exam work, not that he fucking impressed a buncha journahos with his "profundity". [12:10]
asciilifeform: mircea_popescu went to the wrong door, then, lol, the christians dun worship artisanry, the masonic door is down the hall [12:11]
asciilifeform: ( imho cargocultized artisanry is not particularly more attractive than this item. ) [12:12]
asciilifeform: though could observe, the brotherhood of folx who indeed 'serveste mie radicalurile' went pretty far. [12:13]
mircea_popescu: if you are to evaluate a <30 yo boy, do you want to see his nigger records or his work records ? [12:17]
asciilifeform: depends on evaluate-for-what [12:17]
mircea_popescu: consider : http://trilema.com/2012/culture-shock-ama/ [12:18]
mircea_popescu: noob joins trilema, someone asks sto etcetera, noob answers.... "here's a thing i made", and it goes over well. [12:18]
asciilifeform: depends on the cost of evaluating $thing. [12:19]
mircea_popescu: noob answers a la http://btcbase.org/log-search?q=lubos+motl it's not JUST that it doesn't go well. it goes fucking terribad. [12:19]
asciilifeform: ( recall the fermat proof thread ) [12:19]
mircea_popescu: yet to date we've always evaluated. [12:19]
asciilifeform: in re n00bs, in other noose , http://www.loper-os.org/?p=2175&cpage=1#comment-18895 [12:22]
mircea_popescu: asciilifeform he has an excellent point though. it's fucking unseemly, EVERYONe must report to google they're reading loper ? come the fuck on. [12:37]
asciilifeform: i get a spamturd PER MINUTE [12:37]
asciilifeform: and i dun have a dedicated slave to delete'em. [12:37]
mircea_popescu: use mp-wp, dun have the problem. [12:37]
asciilifeform: can't use, dynamic ip. [12:37]
mircea_popescu: i have the feeling we discuss this periodically. what's dynamic ip to do with it ? [12:38]
shinohai: http://archive.is/Q2ifR <<< In SFYL news [12:39]
asciilifeform: mircea_popescu: recall how your spam filter works ? [12:39]
mircea_popescu: i think so, yes. [12:40]
* asciilifeform reviewing notes from last attempt at mp-wp [12:41]
asciilifeform: lulzily enuff, still there, http://asciilifeform.com , sitting sadly [12:42]
mircea_popescu: my own notes say "he for some reason confused the ip of the people leaving comments with his own, went off tangent to be rediscussed later". [12:43]
asciilifeform: i'd luvv to find that i botched it with idjit mistake and in fact it worx [12:43]
mircea_popescu: it's the expectation here. [12:43]
asciilifeform: mircea_popescu didja ever describe how your spamfilter worked, in the logz ? [12:44]
hanbot: asciilifeform i'm using mp-wp on nfs and spam works pretty much as expected ---though having ~10k marked spam comments helps. [12:45]
mircea_popescu: there's a number of parts to it! but it makes no foreign calls / doesn't rely on the akismet bs, if you can run php oyu definitely should be able to run it [12:45]
asciilifeform: hanbot: what means '10k marked spam comments' ? and didja ever post your patches on mp-wp ? [12:46]
asciilifeform: and if it works on hanbot's www, it oughta work in mine, unless hanbot's definition of 'works' differs from mine [12:46]
mircea_popescu: one thing it does is <input type="text" name="author18c6e55" with that hash changing daily (or how often you please) another thing it does is a "refuse from ips in spam list" there's more i might nor recall right off. [12:47]
mircea_popescu: asciilifeform i dun expect it is possible for it to not work if wp otherwise does work. [12:47]
asciilifeform: how is spam list updated ? [12:47]
mircea_popescu: it has a queue of items to be reviewed (by default everything with a link goes in there). so in this sense it takes some training. [12:48]
asciilifeform: other thing, does it require a php that has write permission to the disk ? [12:48]
mircea_popescu: (well, not exactly, "anything with a link not on a list of permitted links", but anyway) [12:48]
mircea_popescu: asciilifeform no, it has a db, from wordpress. [12:48]
hanbot: 10k marked spam comments means spammy ips are stored and attempted comments from same don't show up in admin, subjectively over time it's seemed i need to spend less time mopping shitcomments. and i didn't post proper patches, but will. [12:48]
asciilifeform: neat [12:48]
mircea_popescu: i have Spam (17,852) [12:49]
asciilifeform: hanbot: i'd luvv a working-with-nfs patchset on mp's wp. unfortunately my own wwwism proved insufficient to make it go. [12:49]
asciilifeform: hanbot: if you post one, i'd like to try it. [12:49]
mircea_popescu: these are all distinct ips as at some point (maybe 2015 ish ?) i wiped dupes. but i get maaaybe 1 spam item in review queue per day [12:49]
hanbot: asciilifeform kk, i'ma give it a shot [12:50]
asciilifeform: i'm satisfied that hanbot showed mp-wp to be usable on nfs [12:50]
mircea_popescu: in fact, let's look here : cheap Path of Exile currency on 2018/01/21 at 4:03 p.m. soehakef on 2018/01/21 at 2:30 a.m. kenyaso60 on 2018/01/20 at 11:44 p.m. zunepudaz on 2018/01/20 at 4:00 a.m. CraigSmild on 2018/01/19 at 2:41 p.m. [12:51]
mircea_popescu: that's the past 5, covering a coupla days. so i guess it's more than 1/day [12:51]
mircea_popescu: but not by much. [12:51]
asciilifeform: sometimes i see obvious spamola on trilema. but always assume that mircea_popescu let it through for lulz/collectiblevalue [12:52]
mircea_popescu: yeah, in order to show up i have to approve it, so it's no accident. [12:52]
asciilifeform: then yes [12:52]
mircea_popescu: anyway game gold 1, viagra 2, pron 1, russki weird 1, pretty balanced. [12:53]
asciilifeform: i've been tempted to replace the idjit captcha with... pehcode riddle [12:53]
mircea_popescu: lol. [12:53]
mircea_popescu: ahaha check this shit out! [12:54]
mircea_popescu: Obedience training should be calm, firm, [url=<snip>wholesalenfljerseyscheap.cc/]Cheap NFL Jerseys Wholesale[/url], quiet,[url=<snip>wholesalenfljerseyscheap.cc/]Cheap Jerseys Online[/url], and persuasive, rather then demanding or sharp. This is why getting all the information about most suitable nuts and bolts detroit company is important.Another benefit of renting construction equipment is that you get to manage your budge [12:54]
mircea_popescu: t well because you only have to pay for the number of days and weeks that the equipment would be used.The back office library is like a gold mine of thousand dollar methods used by the leading earners in the business. [12:54]
asciilifeform: ( hey recall those old ru forums with integrals ! ) [12:54]
mircea_popescu: adaptive text! [12:54]
mircea_popescu: aaand holy shit! "Предлагаем нашим покупателям удивительное средство для похудения сироп Мангустина. С его помощью можно избавиться от 10 kg за 2 недели." [12:54]
mircea_popescu: !#s mangosteen [12:54]
a111: 4 results for "mangosteen", http://btcbase.org/log-search?q=mangosteen [12:54]
mircea_popescu: LOWTAX LIVES!! in russia! [12:55]
asciilifeform: lolwaat [12:55]
asciilifeform: is it made from mangust?! [12:55]
asciilifeform: ( mongoose ? ) [12:55]
mircea_popescu: nah some plant ancient internet lulz. [12:55]
* asciilifeform in 'museum of komunnist konsoomer' leafed through ancient ro mags, and ran into the 'gerovital' lulgem [12:56]
mircea_popescu: https://encyclopediadramatica.rs/Lowtax << primer [12:56]
mircea_popescu: asciilifeform thatactuallyworked.!!! [12:56]
asciilifeform: it was hilarious, i went into a couplea pharmacies, saw ~nuffin that was recognizable as actual pharma, mostly various gerovitals, groundhog fats, snake oils (literally) [12:57]
mircea_popescu: they sell better. [12:57]
asciilifeform: placebocin!111 [12:58]
mircea_popescu: meanwhile in "this is what YOU MUST DO! TODAY!!! so your shithole country/town/life/whatever picks up", http://78.media.tumblr.com/c04a49b94572fe2aaeb4208cc78b4a6e/tumblr_od98qpXtJo1uu92gho1_1280.png [13:06]
hanbot: hey shinohai, what is wp-patch2.diff in the mp-wp hosted @ http://btcinfo.sdf.org/uploads/wp-mp.tar.gz ? i see no sig, no...from where/whom is it? [14:23]
shinohai: I was unsure hanbot, I don't recall if I ever asked mp about it, or why it was included in the copy I got originally. [14:27]
shinohai: The only garbage I remember in the one on my site was I changed icons in the images/ directory, otherwise I believe as I received. [14:28]
shinohai: Worth looking into tho, I should grep and see if this patch was applied at some point in there. Thanks for notifying! [14:32]
BingoBoingo: <mircea_popescu> BingoBoingo do a few trades with the locals to get a feeling of the place an' report also gpgram me the story of bbisp fiat holdings ab origine. << Will do [14:35]
shinohai: I like that `bbisp` [14:40]
mircea_popescu: hm, i don't recall that diff file hanbot [14:46]
shinohai: It all appears to be code related to comments. [14:47]
hanbot: mircea_popescu no wonder --looks like you published it (for phf & asciilifeform) on july 3rd of 2016, file date is july 23rd [14:47]
mircea_popescu: hah [14:47]
trinque: http://btcbase.org/log/2016-07-03#1496554 << iirc it was this [14:49]
a111: Logged on 2016-07-03 23:19 phf: asciilifeform: i also made a patch, but sounds like you don't need it anymore http://107.170.141.103/wp-content/uploads/2016/07/wp-comments.diff [14:49]
mircea_popescu: aaa [14:50]
mircea_popescu: genesisless patches ftw. [14:52]
hanbot: in other lulz, check out /mp-wp/blog/wp-includes/Text/Diff.php [15:16]
hanbot: only 400 LOC! [15:17]
hanbot: mircea_popescu, what is this pingback-updater.php item? [15:18]
mircea_popescu: sometimes (often) wordpress manages to lose a pingback that thing will walk your db, spit out properly formatted xml payloads for all links in all your (published) posts. the resuilt can be run as a bash script to catch up on any missed pingbacks. [15:22]
mircea_popescu: basically mechanized http://btcbase.org/log/2018-01-20#1773304 [15:22]
a111: Logged on 2018-01-20 15:43 mircea_popescu: spyked re pingback thing, doesn't even have to be that hand-generated just walk the db, extract all links, construct the calls as shown and make curl calls. can be a bash script. [15:22]
hanbot: ah cool [15:23]
* mod6 is having some fun stepping through some ffa procedures [15:48]
mod6: (short side quest) [15:49]
shinohai: http://oglaf.com/doctor-hexagon/ [16:07]
trinque: google "asciilifeform_kills_integer_retardation", get >> https://pbs.twimg.com/media/CJKpqS2UYAAAA9i.jpg [16:22]
mod6: lmao [16:28]
mod6: ROBOBUTT [16:29]
shinohai: Boffing purple drank is best way to kill ALL retardation. [16:30]
trinque: to kill retards anyway [16:30]
shinohai: Paging btcvixen [16:32]
BingoBoingo: !~later tell mircea_popescu http://wotpaste.cascadianhacker.com/pastes/DZ3Mc/?raw=true [16:34]
jhvh1: BingoBoingo: The operation succeeded. [16:34]
BingoBoingo: BRB, sobertime [16:34]
trinque: anyhow if anyone recalls specifically why int64_t was present on some systems and not others, I'd be interested for the HISTORY file. [16:37]
trinque: my current wager is folks that had it were using a gcc5, which is defaulted to a later standard for C [16:38]
trinque: and has the type [16:38]
trinque: same deal with uint32_t iirc. [16:39]
trinque: asciilifeform: ^ ? [16:39]
mircea_popescu: trinque i can tell you it was a multi-week pain in the ass to clear the shit out of eulora codebase. [16:49]
mircea_popescu: basically, 32 bit had an int type that became incompatible with 64 bit for ~no reason [16:49]
mircea_popescu: it all comes back down to "byte is machine word but idiots wanna do dumb shit", im pretty sure [16:49]
phf: http://btcbase.org/log/2018-01-21#1773562 << pretty sure that's one of mine, it's either comments.diff or it could be a diff against the baseline wp of that vintage (i wanted to see what kind of modifications exactly mp version introduced) [16:57]
a111: Logged on 2018-01-21 19:23 hanbot: hey shinohai, what is wp-patch2.diff in the mp-wp hosted @ http://btcinfo.sdf.org/uploads/wp-mp.tar.gz ? i see no sig, no...from where/whom is it? [16:57]
shinohai: Hmmm ... I may have put it in there to test or something. [16:58]
mircea_popescu: yesbut! YOU SEE ? [16:59]
mircea_popescu: don't do that. [16:59]
phf: did you get the source directly from mp, or did i republish it? i remember being asked for the source and putting it up at some point, but i don't remember by whom and too lazy to log in this case [16:59]
phf: eh, at best an idle curiosity. in any case original prod didn't have any diffs in it [17:00]
mircea_popescu: BingoBoingo how the hell can that thing contain NO numeric characters ?! do it properly, x - y - z - k = q. [17:01]
mircea_popescu: meanwhile in "i'm just the doorman", http://78.media.tumblr.com/6c5e2674d445a6547e578c7061b531e2/tumblr_inline_o2qnfetugT1thjhje_1280.jpg [17:15]
hanbot: i'm trying to make a genesis for mp-wp first coupla lines of vdiff's output could be a problem: http://wotpaste.cascadianhacker.com/pastes/irACN/?raw=true . what's the policy on this? [17:25]
deedbot: http://trilema.com/2018/iti-minca-cinii-din-straita/ << Trilema - Iti minca cinii din straita [17:26]
phf: hanbot: there's no policy on this, it's an unsolved problem with lots of different solutions [17:27]
phf: the oldest solution, by i believe mp, is "replace all the mp-wp images with their svg equivalents" [17:28]
mircea_popescu: myeah. phf will your differ properly handle binaries by hash ? [17:28]
phf: second solution that was entertained by ascii was to base64 encode binaries and have a second pass with something like makefile to pack them back into place [17:29]
hanbot: hmm, alright [17:29]
phf: third solution, that's latest conversation in logs on subj is that perhaps binary blobs don't really belong in a vdiff which is a human readable code container, and should just be packed separately into e.g. a signed TAR archive and unpacked into place as a second pass [17:30]
mircea_popescu: hanbot honestly looking at the list, just delete them [17:30]
mircea_popescu: let people provide their fucking own avatar favicon etc. [17:31]
phf: you're going to run into png's that are admin interface ux elements that you can't just delete [17:31]
mircea_popescu: / [17:31]
hanbot: yeah [17:31]
mircea_popescu: how come not on her list ? [17:31]
phf: there's a reason why mp-wp hasn't been genesised yet :p [17:32]
hanbot: mircea_popescu they're further down in the vpatch. ugh. [17:32]
phf: mircea_popescu: it's not clear to me what "properly handle" is, given the many conversations on the subj. there's no reason why it couldn't if there was some direction as far as proper. i'm personally leaning towards the idea that binary blobs shouldn't be in vpatch (as per latest thread on subj), but it's a non-pragmatic take [17:34]
mircea_popescu: phf there's no direction re proper cuz of first principle issues, i dun want to make dumb part of the history. [17:35]
phf: right [17:35]
phf: (there's yet another solution is to actually provide a binary patcher, that uses some minimal delta algorithm to patch files, while also providing the patching details in plain text. so you could say that the result is readable in a sense that it takes file FOO and replaces bits #10 #1343 #325435 etc) [17:38]
mircea_popescu: kinda what i was asking [17:38]
mircea_popescu: and why minimal. do actual fragment recognition. [17:38]
douchebag: mircea_popescu: I'm a little bored at the moment and I'm looking to practice my web application pentesting skills, would you mind if I took a look at your site and try to identify any potenial vulnerabilities? [17:55]
mircea_popescu: go ahead. which site is that ? [17:56]
douchebag: trilema.com I believe? [17:56]
mircea_popescu: sure. [17:56]
douchebag: Alright forsure, if I were to find something how would you want me to disclose the information to you in a secure manner? [17:57]
mircea_popescu: can just say it here. [17:59]
douchebag: Forsure [17:59]
douchebag: Last night I found a rather interesting vulnerability in a website for a bug bounty, second time I've been able to leverage SSRF to XXE, very fun stuff. [18:00]
douchebag: Does anyone else in this chat into web application pentesting? [18:04]
douchebag: Is anyone* [18:04]
mircea_popescu: douchebag you mean like http://btcbase.org/log/2018-01-15#1770657 ? [18:05]
a111: Logged on 2018-01-15 07:15 mircea_popescu: well, lessee, stuff that might be of professional interest to you then. http://trilema.com/how-the-beastforumcom-private-messaging-function-became-a-paid-user-only-item http://trilema.com/internet-census-2016 http://trilema.com/xenforo-no-better-than-vbulletin-certainly-not-all-that-different etc. [18:05]
douchebag: Yes exactly [18:05]
mircea_popescu: notreally republic mostly despises the sv-powered "tech" you'll find pmarca's notion of "the web" doesn't carry much water, or interest, among actually competent computer folk. [18:06]
hanbot: re the binary files thing: here's a conversion of the rss feed image on the trilema footer ( http://trilema.com/wp-content/themes/trilema/images/rss.jpg ) : http://wotpaste.cascadianhacker.com/pastes/fLVsf/?raw=true thoughts? [18:08]
mircea_popescu: hanbot ima put this in and see. standby [18:08]
douchebag: What do you mean by sv-powered tech? [18:08]
mircea_popescu: incidentally re http://btcbase.org/log/2018-01-07#1766550 : https://archive.is/56zkT#selection-2319.1-2318.1 [18:09]
a111: Logged on 2018-01-07 20:28 mircea_popescu: he also wrote a lisp-is-faster-than-c item back in the days the microsoft hired hands were pissing all over o'reilly&marc "my middle name is cocksucker" andressen's java [18:09]
mircea_popescu: 2000 vintage no less. [18:09]
mircea_popescu: douchebag you're familiar with how there's a group of idle cocksuckers holding conferences and printing books about "technology!" which immutably consists of pointless websites run as investor swindles ? groupon, facebook, what have you. http://trilema.com/2015/you-know-what-gets-no-airplay-unflattering-truth/ sorta thing. [18:10]
mircea_popescu: sv there stands for silly-cons valey. [18:10]
mircea_popescu: and con stands for confidence game, ie scam. [18:10]
shinohai: Some of us do like to lul about it when it happens, notwithstanding. [18:11]
mircea_popescu: hanbot http://trilema.com/2018/iti-minca-cinii-din-straita/ << pretty terrible, lost all transparency etc. but WILL WORK. [18:13]
mircea_popescu: i would definitely put up with this in exchange for all-svg. [18:13]
mircea_popescu: and at 5kb which is mostly comment crap... [18:14]
douchebag: Ohh right, I understand. I agree, however to me I treat web application pentesting as almost a sort of game or puzzle, in my opinion it is rather entertaining challenge to be able to modify a web applications behavior in a way that leads to total comprimise. [18:14]
mircea_popescu: i guess. stuff like http://trilema.com/2016/to-the-dao-and-the-ethereum-community-fuck-you/ pays better. [18:15]
mircea_popescu: but yes, fucking up the empire's "technology" ie, websites, is a perfectly fine entry point towards actual life. [18:15]
douchebag: I plan on learning more about low level memory exploitation in the future, however it's a bit more difficult these days due to stack canaries and other protections to prevent that sort of stuff from happening. [18:17]
mircea_popescu: i thought the whole "memory security" shit sandwich just got blown to smithereens coupla weeks ago. [18:18]
douchebag: Oh it did [18:19]
mircea_popescu: how old are you, if you don't mind teh asking ? [18:19]
douchebag: I'm 19 [18:19]
mircea_popescu: to quote the universal george c. "that's a fun age!" [18:19]
hanbot: mircea_popescu : if you'd prefer, there's also a format to encapsulate em as base64: http://wotpaste.cascadianhacker.com/pastes/RlPyK/?raw=true [18:21]
mircea_popescu: anyway, you're on to something here douchebag work on it, with serious dedication, by the time you're as old as the rest of these guys you'll prolly be more valuable than them. [18:21]
mircea_popescu: hanbot o shit yeah! you just cracked this nut wide open. [18:21]
mircea_popescu: do me a favour and walk the list of binary images, applying one or the other as best fits. [18:21]
mircea_popescu: no-binary mp-wp is a major fucking progress and if we set the groundwork for eventual complete rejection of all binary formats, image and then video, holy hell we got it. [18:22]
hanbot: kk! [18:22]
douchebag: Thanks man, I've been spending a lot of my time focusing on security research and helping others get involved in the InfoSec community. I have a pretty decent resume compared to most people I go to college with because I have a pretty decent amount of experience, and when it comes to InfoSec jobs experience is probably the most important factor for most employers [18:26]
spyked: http://btcbase.org/log/2018-01-21#1773463 <-- lol! and quite naive, didn't actually consider information value at all kinda begs the question of the ifv in the ol' library of alexandria. probably a lot higher than the web, given the economy of writing (imposed by those times' tech). brings us back full circle to http://btcbase.org/log/2016-05-30#1473632 [18:38]
a111: Logged on 2018-01-21 16:51 mircea_popescu: http://thetarpit.org/posts/y01/038-the-archive.html << this is so fucking endearing. [18:38]
a111: Logged on 2016-05-30 15:37 asciilifeform: but i find it hard to see how it is not obvious that 'every sewer rat can publish' is a considerable damper on culture [18:38]
spyked: http://btcbase.org/log/2018-01-21#1773596 <-- iirc intN_t are C99-specific types, but gcc 4.8 and 4.9 compile just fine, assuming stdint.h is included (workedfor me even with -std=c90) [18:40]
a111: Logged on 2018-01-21 21:38 trinque: my current wager is folks that had it were using a gcc5, which is defaulted to a later standard for C [18:40]
trinque: read moar context. [18:41]
trinque: that is exactly what the patch did, include stdint.h [18:41]
trinque: my question was particularly what let people get by without it, and it appears to be a question of what c standard was the default in what gcc [18:41]
* spyked looked at the patch. admits to not being able to compile an example with gcc 4.9 nor 5 so there's probably more to it, e.g. C++ voodoo. I'm curious of asciilifeform's answer [18:56]
* trinque also [18:56]
mircea_popescu: douchebag got a blog or anything ? [19:13]
douchebag: Yeah, I sent it to you previous [19:14]
mircea_popescu: spyked well, i expect the ivf of ye olde library was epsilon. as alf says, "entomologist only". because wtf do they have, a story of two scytales ? tyvm, it's obsolete. [19:14]
mircea_popescu: douchebag link ? [19:14]
douchebag: https://medium.com/@0xHyde [19:14]
mircea_popescu: a right medium. i mean YOURS. like, you know, trilema. [19:14]
mircea_popescu: not on some "platform" that'll "turn it off" the moment you no longer serve their bosses. [19:15]
douchebag: Oh no, not yet I'll throw something up the next time I find something interesting to blog about. Currently I'm using medium as a way to get better known in the community [19:17]
mircea_popescu: is it working ? [19:18]
douchebag: Actually yes it is, I've seen a number of people who reposted my medium blog on a few websites other than medium. The people who are reposting this found my blog post through medium and shared it elsewhere [19:20]
mircea_popescu: cool then. [19:21]
douchebag: However, if I just were to have my own blog on my own website it would be a bit more difficult for people to find it until I am better known in the community [19:21]
mircea_popescu: i can see the logic. [19:22]
mircea_popescu: got twitter and whatnot too ? [19:22]
douchebag: yes [19:22]
douchebag: I only use my Twitter for infosec related stuff [19:23]
douchebag: I've learned a ridiculous amount about infosec and met some extremely talented people by following security researchers on twitter. [19:25]
mircea_popescu: good for you [19:26]
douchebag: I think the next thing I'm going to blog about is this: http://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA43018/?q=RDP&l=en_US&fs=RelatedArticle [19:27]
shinohai: http://archive.is/s0ZIM "We apologize for this breach and will do all in our power to ensure that it never happens again." #sfyl [19:53]
BingoBoingo: <mircea_popescu> BingoBoingo how the hell can that thing contain NO numeric characters ?! do it properly, x - y - z - k = q. << I appologize. I got drunk last night and rushed the report in order to get my ass into an AA meeting. [20:01]
BingoBoingo: I had been slacking on meeting to get more Spanish conversation in, and when the pretty girl offered me a beer in her place there was no resistance. [20:02]
BingoBoingo: The only serious cost discovered so far has been to my sanity. [20:06]
mircea_popescu: heh [20:08]
BingoBoingo: I woke up at 9:30 this morning in a fat chick's bed. I didn't know those existed here. Today had been a day of confusion, convalescence, and doubt. [20:10]
mircea_popescu: hey, what dun kill ye makes ye fatter... [20:10]
shinohai: Fatties need love too BingoBoingo bwahahahaha [20:16]
trinque: !#s from:BingoBoingo fat [20:17]
a111: 167 results for "from:BingoBoingo fat", http://btcbase.org/log-search?q=from%3ABingoBoingo%20fat [20:17]
* trinque chortles mightily [20:18]
mircea_popescu: got his comeuppance did he [20:22]
BingoBoingo: It has been a serious blow to the confidence reserve, but it has been a aid to the nofap challenge LATAM edition [20:22]
mircea_popescu: dun sweat it too much bb, everyone enjoys fucking a fat girl now and again. [20:23]
BingoBoingo: But I did find a local AA sponsor at the meeting tonight. In the interim my sweat hasn't smelled this bad since the first time I sobered up. [20:26]
shinohai: The more you fuck, the more calories she burns, so actually you are doing her a favor. [20:26]
trinque: goebbels is allowed to bang jewish chicks so long as he whistles Deutschlandlied during [20:26]
mircea_popescu: wait, you actually got drunk ? [20:26]
BingoBoingo: mircea_popescu: Yes [20:26]
BingoBoingo: Hence injury to the sanity [20:27]
mircea_popescu: tsk. [20:27]
shinohai: !~step1 [20:27]
jhvh1: 1. We admitted we were powerless over alcohol—that our lives had become unmanageable. [20:27]
shinohai: It's still there for you BB [20:27]
BingoBoingo: Being in LATAM and full of gringo confidence I slacked on my recovery. Going forward the talking to pretty girls time budget is going to have to take some cuts to make more room for talking to old men about feelings. [20:32]
mircea_popescu: heh [20:34]
BingoBoingo: I feel sufficiently bodily ill to have a strong awareness that if it happens again my life, in LATAM and in general will probably be short. [20:41]
mircea_popescu: it's a relatively easy place to get by as an aa, they're not really heavy drinkers. just say no and that's that. [20:43]
BingoBoingo: That has worked so far, until the pretty girl invited me to her place and she met my "no" with a gentle tease. [20:45]
mircea_popescu: you can still go lol, just you know... coffee. [20:52]
BingoBoingo: Apologies for the brainmush lemme disambiguate: That has worked so far, until the pretty girl who invited me to her place offered a beer and she met my "no" with a series of gentle teases. Since I was in her home when my dick asked "what's the worst that could happen" my brain wasn't ready to answer with "Look at all these other pretty girls" [20:58]
BingoBoingo: Probably just need to get better at screening girls [21:00]
mircea_popescu: meanwhile in thje park, http://78.media.tumblr.com/0088fa380b23340775125404c1ae5a2b/tumblr_oe3yz2YBze1trzasto1_1280.png [21:03]
BingoBoingo: Brb, making coffee and reading a book of substantial size y entonces me voy a dormir. [21:05]
mircea_popescu: entonces is then as in, right then. then as in, afterwards is despues or whatever. [21:07]
BingoBoingo: gracias [21:10]
BingoBoingo: They use it and "Este" as verbal pauses here [21:11]
BingoBoingo: The fine points of usage are harder for me to discern when 90% of the time I hear a word it is because Latinos fear not hearing their own voice. [21:12]
hanbot: ahaha that's dead-on [21:14]
* shinohai hears a woman squealing "QUE LIIIIIIIIIIIIIIIINNNNNDOOOOOOOOOOOO" in the loudest voice possible. [21:21]
phf: BingoBoingo> [21:10:34] gracias [21:53]
phf: err [21:53]
phf: BingoBoingo: one day at a time [21:53]
lobbes: !Qsarchive [22:25]
lobbesbot: lobbes: (sarchive <text>) -- Search TMSR archives for 'text' Click here for a list of known domains: http://lobbesblog.com/queryarchive/view_domains.php [22:25]
lobbes: ^^ list of known domains added [22:25]
lobbes: target=blank added on external archive links (links to archive.is) as well [22:26]
lobbes: Now, finally, ready to begin baking item #3 >> http://btcbase.org/log/2018-01-11#1768934 [22:27]
a111: Logged on 2018-01-11 06:25 lobbes: Top three things I need to do next: 1) set up automated updating of the reporting database the thing sits on (currently 'stale' data). 2) set up lobbesbot to similarly search via IRC commands 3) Zip distribution system! [22:27]
shinohai: neato lobbes ! [22:32]
lobbes: ty shinohai [22:46]
mircea_popescu: !!up coingecko [23:05]
deedbot: coingecko voiced for 30 minutes. [23:05]
mircea_popescu: whoa lobbes that's pretty fab. [23:05]
mircea_popescu: !Qsarchive pantsuit [23:06]
lobbesbot: 23 results for "pantsuit", http://lobbesblog.com/queryarchive/view.php?searchterm=pantsuit&sortby= [23:06]
mircea_popescu: this is fucking rad. [23:06]
mircea_popescu: !Qsarchive cunt [23:06]
lobbesbot: 31 results for "cunt", http://lobbesblog.com/queryarchive/view.php?searchterm=cunt&sortby= [23:06]
lobbes: :D [23:07]
* mircea_popescu slowclaps. [23:07]
ben_vulpes: wow a republican search engine no fucking way [23:19]
ben_vulpes: !Qsarchive fuckgoats [23:20]
lobbesbot: 17 results for "fuckgoats", http://lobbesblog.com/queryarchive/view.php?searchterm=fuckgoats&sortby= [23:20]
mircea_popescu: does this guy rock or what! [23:21]
trinque: wd lobbes! [23:22]
ben_vulpes: eyy lobbes how do i get me blog in there [23:22]
mircea_popescu: aaand in other http://trilema.com/2016/i-dont-think-you-understand-how-credit-cards-work/ , http://78.media.tumblr.com/3ab87e3147d951bba3bf88b5d0e6cac2/tumblr_npr8ursIac1romx5eo2_400.gif [23:22]
lobbes: ty all. I'm happy to sap [23:25]
lobbes: ben_vulpes, should be in there no? [23:25]
mircea_popescu: it just follows chan neh ? [23:25]
lobbes: !Qsarchive cascadianhacker [23:25]
lobbesbot: 1323 results for "cascadianhacker", http://lobbesblog.com/queryarchive/view.php?searchterm=cascadianhacker&sortby= [23:25]
mircea_popescu: !Qsarchive cascadian [23:25]
lobbesbot: 1323 results for "cascadian", http://lobbesblog.com/queryarchive/view.php?searchterm=cascadian&sortby= [23:25]
lobbes: I think the wotpastes muddle it up a bit [23:25]
ben_vulpes: !Qsarchive FUCKGOATS [23:25]
lobbesbot: 17 results for "FUCKGOATS", http://lobbesblog.com/queryarchive/view.php?searchterm=FUCKGOATS&sortby= [23:25]
lobbes: note to self: make a way to -exclude- a term from a search [23:26]
ben_vulpes: oh so it only searches urls its archived that's right [23:26]
lobbes: that is correct [23:26]
ben_vulpes: super nifty [23:27]
lobbes: anything dropped in this chan (historical walk also done back to ~2012) [23:27]
lobbes: soon it'll accept bulk requests to archive / download archived items, but for now only way is via chan (#eulora also snarfed, ftr) [23:29]
mircea_popescu: im not even sure that's a good idea. [23:29]
mircea_popescu: if not worth reading then... not worth reading. [23:30]
lobbes: I can see that logic [23:30]
mod6: ooh lemme check it out [23:30]
mod6: !Qsarchive trb [23:30]
lobbesbot: 85 results for "trb", http://lobbesblog.com/queryarchive/view.php?searchterm=trb&sortby= [23:30]
ben_vulpes: lobbes: naively i'd expect http://lobbesblog.com/queryarchive/view.php?searchterm=fuckgoats&sortby= to have a link to my fuckgoats testing post [23:31]
ben_vulpes: because http://btcbase.org/log/2017-10-21#1727515 [23:31]
a111: Logged on 2017-10-21 23:27 deedbot: http://cascadianhacker.com/fuckgoats-testing << CH - FUCKGOATS testing [23:31]
mircea_popescu: ben_vulpes i think it checks title not full page text [23:31]
mod6: lobbes: nice work! [23:31]
ben_vulpes: mircea_popescu: it's in the title! [23:31]
lobbes: ty mod6 [23:31]
mircea_popescu: !#s "cascadianh" [23:31]
a111: 1803 results for "\"cascadianh\"", http://btcbase.org/log-search?q=%22cascadianh%22 [23:31]
lobbes: ben_vulpes, yeah, atm it just searches the url only [23:32]
mod6: thanks for putting that together, very cool [23:32]
mod6: & useful [23:32]
mircea_popescu: http://cascadianhacker.com/fuckgoats-testing << indeed [23:32]
ben_vulpes: bing's in there but noooo love for me lobbes, i see how it is :P [23:33]
mircea_popescu: lel [23:33]
lobbes: hm. damn I'ma look into this one [23:34]
* ben_vulpes just getting back from an entire weekend spent away from term [23:34]
ben_vulpes: minor nits aside it's pretty awesome lobbes [23:34]
ben_vulpes: one day at a time, BingoBoingo [23:36]
lobbes: minor nits are welcome. Helps me fine tune the ol' process. But glad folx find useful [23:53]
mircea_popescu: lobbes implement a (paid) full text search, you'll be ahead of archive.is, amazon's webarchive and EVERYONE else. [23:54]
lobbes: !Qsarchive cascadianhacker.com/fuckgoats-testing [23:54]
lobbesbot: 3 results for "cascadianhacker.com/fuckgoats-testing", http://lobbesblog.com/queryarchive/view.php?searchterm=cascadianhacker.com/fuckgoats-testing&sortby= [23:54]
lobbes: ^ fixed [23:54]
mircea_popescu: meter the resources as you do it, cpu time/disk io, whatever is your concern. then bill the person, and store the bill, so you can present it in the future ("the previous three bills average X, so you have an idea how much) [23:55]
lobbes: mircea_popescu, ah good idea on the making it a paid service. mats had suggested a context search to me earlier [23:55]
lobbes: *content search [23:55]
mircea_popescu: see how much you actually pay for tyhe resources, charge 2x that for your time, and if you end up ddosed just... buy more hardware. [23:56]
mircea_popescu: path to happy riches. [23:56]
* mircea_popescu dreams of a future of searchable images, because proper svgs. [23:57]
lobbes: yeah, I'm thinking eventually I will need to take advantage of TBI at some point. But currently very low overhead (home laptop with ssd + cheap VPSen) [23:58]
lobbes: will see how much bandwidth starts running once the zip delivery is operational [23:58]
mircea_popescu: cool [23:59]
ben_vulpes: !!rate lobbes 3 search [23:59]
deedbot: Get your OTP: http://p.bvulpes.com/pastes/ELfSt/?raw=true [23:59]
Category: Logs
Comments feed : RSS 2.0. Leave your own comment below, or send a trackback.
Add your cents! »
    If this is your first comment, it will wait to be approved. This usually takes a few hours. Subsequent comments are not delayed.