Does debian distributes chromium with unpatched known bugs?
There was some discussion on the debian security mailing list and it suggests debian distributes chromium with known public exploits which are fixed upstream: https://security-tracker.debian.org/tracker/source-package/chromium Does debian distributes chromium with unpatched known bugs?
Re: Gems in the 2020-09 windows source leak?
On Sun, Oct 4, 2020 at 8:54 AM Georgi Guninski wrote: > > Are there gems in the 2020-09 windows source leak? https://linuxreviews.org/42.9_GB_Of_Microsoft_Source_Code_Leaked:_Historicans_Can_Now_Study_The_Source_Code_For_MS-Dos_3.3_To_Windows_XP File: /Win2K3/inetsrv/query/sqltext/bison.cpp /* Skeleton output parser for bison, Copyright (C) 1984, 1989, 1990 Free Software Foundation, Inc. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2, or (at your option) any later version.
Re: From the history of Microsoft (part 1)
On 2020-09-25 leaker **billgates3** [wrote](https://thehackernews.com/2020/09/windows-xp-source-code.html), adding insult to injury: >"I created this torrent for the community, as I believe information should be >free and available to everyone, and hoarding information for oneself and >keeping it secret is an evil act in my opinion," the leaker said, adding that >the company "claims to love open source so then I guess they'll love how open >this source code is now that it's passed around on BitTorrent." ---
Gems in the 2020-09 windows source leak?
Are there gems in the 2020-09 windows source leak? Like juicy comments/var names/function names? Reference to existing real world figures? https://www.cnet.com/news/microsoft-secret-file-could-allow-access-to-web-sites/ Jan. 2, 2002 Microsoft secret file could allow access to Web sites The software giant says its engineers included a secret back door including the phrase "Netscape engineers are weenies!" in Web site authoring software that could allow hackers to gain unauthorized access to potentially thousands of Web sites.
From the history of Microsoft (part 1)
From my blog: https://j.ludost.net/blog/archives/2020/10/03/from_the_history_of_microsoft_part_1/index.html Markdown source follows. >From the history of Microsoft (part 1) by Georgi Guninski Sat 03 Oct 2020 08:51:30 AM UTC, version 1.0 History is written by the winners, so here we write: --- * [Microsoft accidentally distributes virus July 28, 2002](https://www.cnet.com/news/microsoft-accidentally-distributes-virus/) The software giant's Korean-language version of Visual Studio .Net carries the virulent Nimda computer virus to Asia. --- * [Ballmer: 'Linux is a cancer' Sat 2 Jun 2001](https://www.theregister.com/2001/06/02/ballmer_linux_is_a_cancer/) Contaminates all other software with Hippie GPL rubbish. Microsoft CEO and incontinent over-stater of facts Steve Ballmer said that "Linux is a cancer that attaches itself in an intellectual property sense to everything it touches," during a commercial spot masquerading as a interview with the Chicago Sun-Times on June 1, 2001. --- * [Halloween documents: August 1998 - March 2004](https://en.wikipedia.org/w/index.php?title=Halloween_documents=971686391). The Halloween documents comprise a series of confidential Microsoft memoranda on potential strategies relating to free software, open-source software, and to Linux in particular, and a series of media responses to these memoranda. Both the leaked documents and the responses were published by Eric S. Raymond in 1998. --- * [Bill Gates is an android user: 26 Sep 2017](https://www.theregister.com/2017/09/26/bill_gates_android_user/) **%**RIP Windows Phone, we are not crying much. --- * [Weird garbled Windows 7 update baffles world – now Microsoft reveals the truth: 30 Sep 2015](https://www.theregister.com/2015/09/30/windows_update_glitch/) Its description mostly contained garbled text. Links for more information, help, and support were filled in with gibberish URLs with ".gov," ".mil," and ".edu" domains. --- * [m$ is linux vendor: 27 Jun 2019](https://www.theregister.com/2019/06/27/microsoft_linux_distro_list/) 2001: Linux is cancer, says Microsoft. 2019: Hey friends, ah, can we join the official linux-distros mailing list, plz? We tried to [speak up](https://seclists.org/oss-sec/2019/q3/8), the oss vendor crowd liked m$. --- * Closed source, source leaked and widely open. Possibly to fit Microsoft better in the so called open source community, unknown forces [leaked m$' sources](https://html.duckduckgo.com/html?q=windows%20source%20leaked). [MS hacked! Russian mafia swipes WinME source? 27 Oct 2000](https://www.theregister.com/2000/10/27/ms_hacked_russian_mafia_swipes/)
gmail bounce 19 June
I got gmail bounce on 19 June and I am missing mails again.
Re: ping
On Fri, Jun 19, 2020 at 4:14 PM Greg Newby wrote: > > That was a temporary 13-hour problem caused by a specific misconfiguration I > applied. There is no indication that mail delivery problems before that are > related. > I definitely had gmail problems for at least 3 days and I check spam several times per day.
Re: ping
Do you read me? What a debugging drama, anyone has a conspiracy theory ;) ?
Re: Test list [gmail.com]
On Wed, Jun 17, 2020 at 09:55:15AM -0400, GTI .H wrote: > Hi > > I am not receiving email from this list . . . My gmail.com email doesn't receive mails from the list too. Anyone on gmail.com reading the list?
Re: The Washington Post: Elite CIA unit that developed hacking tools failed to secure its own systems, allowing massive leak, an internal report found
Is the leak available somewhere? On Wed, Jun 17, 2020 at 05:03:38AM +, jim bell wrote: > The Washington Post: Elite CIA unit that developed hacking tools failed to > secure its own systems, allowing massive leak, an internal report found. > https://www.washingtonpost.com/national-security/elite-cia-unit-that-developed-hacking-tools-failed-to-secure-its-own-systems-allowing-massive-leak-an-internal-report-found/2020/06/15/502e3456-ae9d-11ea-8f56-63f38c990077_story.html
[OT] pong
Am I subscribed, don't receive email even in SPAM?
[OT] another email address
just to announce another email: ggunin...@gmail.com ping
Re: 283,549 Road Users Deaths for 2020, Compared to 6,685 Coronoavirus Deaths
On Sun, Apr 26, 2020 at 08:04:29PM +0300, Georgi Guninski wrote: > > On Mon, Mar 16, 2020 at 09:41:55AM -0400, John Young wrote: > > Currently 100,000+ corona victims. > > > > Doubled to 200,000+ victims. > If it keeps doubling, the humans will disappear. About two weeks later 310 000+ victims. Doesn't double in two weeks so far.
Changing the world ;)
Whoever said one person can't change the world never ate an undercooked bat.
Re: 283,549 Road Users Deaths for 2020, Compared to 6,685 Coronoavirus Deaths
On Sat, Apr 11, 2020 at 06:13:29PM +0300, Georgi Guninski wrote: > On Mon, Mar 16, 2020 at 09:41:55AM -0400, John Young wrote: > > 283,549 Road Users Deaths for 2020, Compared to 6,685 Coronoavirus Deaths > > > > 1,354,840 Road Users Deaths in 2019 > > > > https://extranet.who.int/roadsafety/death-on-the-roads/ > > Currently 100,000+ corona victims. > Doubled to 200,000+ victims. If it keeps doubling, the humans will disappear.
Re: 283,549 Road Users Deaths for 2020, Compared to 6,685 Coronoavirus Deaths
On Mon, Mar 16, 2020 at 09:41:55AM -0400, John Young wrote: > 283,549 Road Users Deaths for 2020, Compared to 6,685 Coronoavirus Deaths > > 1,354,840 Road Users Deaths in 2019 > > https://extranet.who.int/roadsafety/death-on-the-roads/ Currently 100,000+ corona victims.
Re: PGP key
On Sun, Mar 29, 2020 at 11:24:41PM +0100, Peter Fairbrother wrote: > On 29/03/2020 22:27, Se7en wrote: > > This is a message to confirm that my previous PGP key was compromised > > and should be considered compromised since its creation one week > > ago. > > Then either PGP is crap at security, or you are. > > Any bets? > The hardware is buggy. The firmware (remote control) is buggy. The kernel is buggy. The userland is buggy. The operator might be buggy. Cert chaining to root certs are known. How do you imagine to keep secret in this situation?
Re: Wuhan is UP, California and Europe are down
ooops, bug: Wuhan is UP. On Thu, Mar 26, 2020 at 05:57:04PM +0200, Georgi Guninski wrote: > Wuhan is down, California and Europe are down. > Only few months downtime for Wuhan.
Wuhan is down, California and Europe are down
Wuhan is down, California and Europe are down. Only few months downtime for Wuhan.
Re: Coronavirus: Thread
On Mon, Mar 23, 2020 at 04:21:47AM -0400, grarpamp wrote: > Deaths resolved: 12.9% Do you compute 100 * deaths / recovered? According to wikipedia, the first 3 countries: China: 4.5% Italy: 82% USA: 172% (over 100 is not a typo).
cryptocurrencies in times of recession
Cryptocurrency exchange rate at times of recession? Dow Jones dropped and according to some we are at or near recession/financial crisis. How are cryptocurrencies going at times of recession/crisis? Browsed some rate charts on xe.com and bitcoin appears to have dropped in the beginning of March.
Happy 8 March
Happy 8 March to the chicks. @->->-
Hospital overflow and corona virus
Is the so called "society" ready for the time when there are not enough hospitals for ill from corona virus? AFAIK all ill from corona virus are sent to hospitals to not spread the disease further. The Chinese built a new hospital for about a week.
Re: Bad News/Good News
On Tue, Mar 03, 2020 at 07:03:11AM +, jim bell wrote: > So, anyone want to take bets on whether I fall ill in the next 2-3 weeks? Some dry statistics (might be wrong): catching common flu in usa: about 2% catching coronavirus in usa: about 3.7861 E-5 After your period ends, your "local" statistics will be either 0% xor 100%. Today is the first day of the rest of your life, so enjoy it.
Expected duration of the Corona virus threat?
What is the expected duration of the Corona virus threat? Not only death counts, include fear, social, technological and economic threats. And what is the mortality rate of common flu?
Window stories
The first one is veeery old. - Do you know that if you play Windows 98 CD backwards it will play satanic music? - That's nothing. If you play it forward it will install Windows 98. - Did you hear the hoax that Bill Gates is related to Corona virus? - That's nothing. He created the Windows epidemy.
Re: HAPPY VALENTINES DAY SEA SEA
On Sat, Feb 15, 2020 at 02:22:23AM +, rooty wrote: > To the only "chick" in this wonderful community happy Valentine's day > > Luv rooty Sea Sea rooted rooty with the ILOVEYOU retro virus. Love like this in times of Corona virus, Nearly like in the Marquez book.
Google's claim of 100% availability
=== https://cloud.google.com/dns/ 100% availability and low latency Our SLA promises 100% availability of our authoritative name servers === I believe the constant 100% is not correct.
Re: Intel Fucks Up Jump Conditional Code Cache, New ucode
On Wed, Nov 13, 2019 at 12:10:10AM -0500, grarpamp wrote: > https://www.phoronix.com/scan.php?page=article=intel-jcc-gaming=1 > https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files > > Users flock to AMD. Is AMD really better? I suspect it is the same garbage as Intel.
Old news: Why Mark Zuckerberg covers his laptop's camera and micophrone
=== Why Mark Zuckerberg covers his laptop's camera and micophrone Is taping your laptop a necessary security precaution? The chief executive officer of Facebook apparently thinks so. https://www.csmonitor.com/Technology/2016/0623/Why-Mark-Zuckerberg-covers-his-laptop-s-camera-and-micophrone === Old joke: When we reach billions of insane people you won't insult as insane. (In Bulgarian: Когато станем милиарди луди, ще видиш то на кой ще викаш луд).
Re: Cypherpunks: Jim Bell meets Sumitomo Electric
On Thu, Sep 12, 2019 at 04:47:49PM +, jim bell wrote: > Jim Bell meets Sumitomo Electric at Seattle. good luck! if the japanese (fucked fukushima) don't work, try spamming some chinese comrades, i hear they do cheap hardware. at worst you will find one more way that doesn't work.
What happened with the hacking scene from 90s and the early 00s?
What happened with the hacking scene from 90s and the early 00s? Off the top of my head, sorry for the missed: 8lgm, gobbles, rfp, http-equiv, Liu (Chinese name) lcamtuf and Solar Designer appear to be big bosses. Recommended reading: Underground, Dreyfus book.
Re: 'Eternally Blue' (At least for 9 years)
On Sun, Jul 21, 2019 at 07:24:10AM -0700, Razer wrote:
> ('Shadowbrokers')
What happened to them?
IIRC they were selling at high price in some cryptocurrency.
The cert of nap.bg and the recent bulgarian tax SNAFU
Since 2019-07-15 there is a major SNAFU in the BG tax authorities. World and dog tax information and ID leaked on the interwebz. I have sporadic SSL failures connecting to https://nap.bg with firefox, lynx and openssl s_client. e.g: $ openssl s_client -connect nap.bg:443 Verify return code: 21 (unable to verify the first certificate) On the other hand, ssllabs.com claims the Cert is OK, grade B. Is the cert of nap.bg OK?
On Microsoft request to access private linux bugs
From my blog: https://j.ludost.net On Microsoft request to access private linux bugs According to theregister [1] m$ wants to access private linux bugs. Theregister mentions that in 2001 she called linux "cancer". Another example of anti-opensource behavior are the Halloween documents [2] from 1998 (some current decision makers and journos have not be born then. History is written by the winners). It is well known that microsoft is entirely money driven and she will sell Gates' first born and Ballmer might even deliver it. First, a hostile kernel contributor is danger for the future of linux kernel IMHO. Unpopular suggestion for microsoft's request for private bugs: Find something that requires windows compatibility (say Wine, some cloud shit, whatever else). Tell microsoft: You want our bugs? We want your bugs. You show first. Probably more realistic price to ask is opening patents/DRM stuff. [1]: https://www.theregister.co.uk/2019/06/27/microsoft_linux_distro_list/ [2]: https://en.wikipedia.org/w/index.php?title=Halloween_documents=895695365
Stuff from the past
History is written by the winners. In 1999 it was disclosed [1] that m$ had a variable name _NSAKEY in the windoze. In 1998 Halloween Documents [2] document leaked showing microsoft's strategy against free software and especially linux. Due to lameness m$ couldn't predict android will run on linux kernel In early 2000 major malware like Code Red and Nimda hit m$, showing to m$ the meaning of word "security". Nimbda exploited the brain damaged loading dynamic libraries from the current working directory (I might have written something on this). In 2003 [3] debian shipped backdoored micq (the backdoor is debian specific). IIRC there was a quarrel between the debian package maintainer and the micq developer. Links to wikipedia are permanent snapshots [1] https://en.wikipedia.org/w/index.php?title=NSAKEY=891818118 [2] https://en.wikipedia.org/w/index.php?title=Halloween_documents=895695365 [3] https://lists.debian.org/debian-devel/2003/02/msg00771.html
On presidents and death
From my blog: https://j.ludost.net/blog/archives/2019/03/26/on_presidents_and_death/index.html Since the office was established in 1789, 44 persons have served as President of the United States. Of these, eight presidents have died in office, four were assassinated and four died of natural causes [1]. 8/44 ~ 1/5 so about one in five US presidents dies in office. In Bulgaria (Eastern Europe) there is another statistical trend. Of the five Bulgarian Presidents since 1990 [2] two lost a child while alive. (If you add T. Jivkov from socialism time they become three). So the probability of losing a child is 2/5 = 0.4 The conclusion is left as an exercise for the reader, because the margin is too small. [1] https://en.wikipedia.org/wiki/List_of_Presidents_of_the_United_States_who_died_in_office [2] https://en.wikipedia.org/wiki/List_of_heads_of_state_of_Bulgaria#Republic_of_Bulgaria_(1990%E2%80%93present)
Re: Tim May (fwd)
On Sat, Dec 15, 2018 at 01:22:04PM -0400, Robert Hettinga wrote: > Give ’em hell, Tim, wherever you are. > RIP Tim. I didn't know you. There might be something true in the folklore that one isn't entirely dead while the alive crowd remembers them.
Re: Deconstructing Tesla
Lol, from the subject I thought this is about the Serb Nikola Tesla. Other conspiracy theories about him besides the Tunguska crash? On Mon, Jul 23, 2018 at 04:51:40PM -0400, grarpamp wrote: > http://leandesign.com/pdf/Tesla-3-Analysis-Sales-Information.pdf
Re: Ecuador Handing Over Assange To UK
On Mon, Jul 23, 2018 at 02:56:31AM -0400, grarpamp wrote: > Hopefully the day will soon come when all will have > those freedoms. Strongly doubt this. Possibly unless we are owned by aliens who teach us humanity the hard way. -- hoping for the best but expecting the worst. are you gonna drop the bomb or not
Re: Geek captcha
math captcha: http://farm3.static.flickr.com/2174/2268237733_cda4a1dbb3.jpg?v=0
Re: Geek captcha
What is this code doing? Looks like obfuscated javascript, not fully shown. On Sat, Jul 14, 2018 at 04:50:15PM -0700, Steven Schear wrote: >
Re: We must preserve the Cypherpunks Mailing List archives! IMPORTANT!
On Sat, Jul 07, 2018 at 05:32:21AM -0700, Greg Newby wrote: > The .tar.bz2 file has 92,195 individual files. I appended them all to a > single file, which email clients can open as an mbox file. But mailx > reported 84519 messages, and mutt reported 84531. > How long does it take opening them with Mutt? My mutt takes more than 10 seconds to open mbox with about 11K messages the first time. Any workarounds for mutt?
Re: Satoshi Nakamoto: Thoughts on excerpt from Duality?
On Tue, Jul 03, 2018 at 03:56:19PM +0200, Tom Busby wrote: > Satoshi actually never, ever signed anything cryptographically. > No problem. As a proof of identity I request 1337.7331 bitcoins from one of their accounts ;)
Re: Satoshi Nakamoto: Thoughts on excerpt from Duality?
On Mon, Jul 02, 2018 at 07:03:24AM -0700, mark M wrote: > http://nakamotofamilyfoundation.org/ > > http://nakamotofamilyfoundation.org/duality.pdf > > http://nakamotofamilyfoundation.org/cryptogram.html Is this the real Nakamoto, speculations? Didn't see crypto key to prevent potential future impostors of this "identity".
OT coverity scan of qmail -- 53 potential defects (with false positives)
From my blog: https://j.ludost.net/blog/archives/2018/07/01/coverity_scan_of_qmail_--_53_potential_defects_with_false_positives/index.html coverity scan of qmail -- 53 potential defects (with false positives) coverity is commercial static source code analyzer accepting some open source projects for free. Did a scan of djb's qmail, the results are at: https://scan.coverity.com/projects/qmail the tool gave only 53 defects. Quick scan suggests that the non-false positives are logically dead code (might be wrong about this). to access the defects, you will need coverity account (free, captchas). djb is giving monetary bounty for qmail, owing me a bounty he couldn't reproduce because of lack of virtual memory on old freebsd ;)
Re: Intel Fail: OpenBSD disables Intel HyperThreading, Lazy FP State Restore
On Wed, Jun 20, 2018 at 07:44:21PM -0400, grarpamp wrote: > https://www.mail-archive.com/source-changes@openbsd.org/msg99141.html According to journos intel won't fix this: https://www.theregister.co.uk/2018/06/22/intel_tlbleed_key_data_leak/ Meet TLBleed: A crypto-key-leaking CPU attack that Intel reckons we shouldn't worry about How to extract 256-bit signing keys with 99.8% success Intel has, for now, no plans to specifically address a side-channel vulnerability in its processors that can be potentially exploited by malware to extract encryption keys and other sensitive info from applications.
Re: Intel Fail: OpenBSD disables Intel HyperThreading, Lazy FP State Restore
On Wed, Jun 20, 2018 at 07:44:21PM -0400, grarpamp wrote: > https://www.mail-archive.com/source-changes@openbsd.org/msg99141.html > https://www.intel.com/content/www/us/en/security-center/default.html > Freebsd: https://www.freebsd.org/security/advisories/FreeBSD-SA-05:09.htt.asc Topic: information disclosure when using HTT Announced: 2005-05-13 When running on processors supporting Hyper-Threading Technology, it is possible for a malicious thread to monitor the execution of another thread. V. Solution Disable Hyper-Threading Technology on processors that support it.
Re: Are the interwebz rather big for google to index?
On Wed, Jun 13, 2018 at 12:45:39PM -1100, Mirimir wrote: > I hadn't noticed, but "site:lists.cpunks.org" doesn't return any results > after November 2017. There are 9670 results in total. And even that is > not much more than the total for 2016 alone (8123 messages). However, > "grarpamp" does return results from this list through at least May 2018. > Hm, my mistake I didn't notice this. Searching for "grarpamp site:lists.cpunks.org" and then from left selecting "since last year" doesn't return any results for me. > About blogs, I don't know generally. But searching "mirimir vpn" > shows google definitely indexes some blogs @Razer, probably only the elite ones.
Fwd: [oss-security] Intel FP security issue
- Forwarded message from Loganaden Velvindron - Date: Wed, 13 Jun 2018 19:34:15 +0400 From: Loganaden Velvindron To: oss-secur...@lists.openwall.com Cc: sec...@intel.com Subject: [oss-security] Intel FP security issue Hi All, Both OpenBSD and DragonflyBSD have gone ahead and committed fixes for the rumored Intel FP issue: OpenBSD: https://marc.info/?l=openbsd-cvs=152818076013158=2 DragonflyBSD: http://lists.dragonflybsd.org/pipermail/commits/2018-June/672324.html I think that the cat is already out of the bag, and releasing details of this security problem makes sense. Since this has gone public, Is there a reason to keep this under embargo ? Kind regards, //Logan C-x-C-c - End forwarded message -
Are the interwebz rather big for google to index?
I strongly suspect at least one of the following holds: 1. The interwebz are rather big for google to index 2. google doesn't return in searches all indexed content on purpose Partial evidence: this list and my blog don't appear in searches.
Re: $1.1 Bln in Crypto Has Been Stolen This Year
On Mon, Jun 11, 2018 at 08:06:28AM -0700, Steven Schear wrote: > Good point. Would love to see a fair comparison. > This appears highly non-trivial. Quick web searches doen't return usable info and in addition the banks and the like probably don't report all incidents because of issues of "trust". IIRC large operator Equifax got owned one of these years, leaking 100+M mericans.
Re: $1.1 Bln in Crypto Has Been Stolen This Year
On Sun, Jun 10, 2018 at 07:22:51PM -0700, Steven Schear wrote: > https://cointelegraph.com/news/report-1-1-bln-in-crypto-has-been-stolen-this-year How does this compare with stolen traditional money? Instead of absolute values probably the ratio "stolen/total" is more interesting.
Personal near death experience
https://j.ludost.net/blog/archives/2018/06/06/near_death_experience/index.html Near death experience
VISA down, crypto probably up
https://www.thesun.co.uk/money/6430640/visa-down-network-crashes-uk-europe-card-payments/ CARD CHAOS Visa apologises for network crash which sparked card payment chaos but insist there was no hack More than 95 per cent of debit cards in the UK are run on Visa's network. The outage affected other networks
Re: Google Project MAVEN: We're Evil and Support Murder with AI
On Fri, Jun 01, 2018 at 12:55:59PM -0400, grarpamp wrote: > https://theintercept.com/2018/05/31/google-leaked-emails-drone-ai-pentagon-lucrative/ FYI from 2003: https://www.computerworld.com/article/2580728/security0/darpa-pulls-funding-for-openbsd--leader-says.html DARPA pulls funding for OpenBSD, leader says In that story, the resident of Calgary, Alberta, said the U.S.-led war against Iraq "sickens" him. De Raadt also said he was uncomfortable taking money from the U.S. military, but "I try to convince myself that our grant means a half of a cruise missile doesn't get built."
Re: Razer gets a call from the fedz about a ZuckerBook 'post you made in April'
On Thu, May 31, 2018 at 11:51:46AM -0700, Razer wrote: > > I just got a voicemail from one special agent Delligan (sp? And why are they > almost always Irish?) in DC about a 'post you made in April', and he wanted too long, didn't read it all. was the troublesome info news or something well known to those familiar with weapons?
Re: Speculative execution vulnerability.
On Wed, May 23, 2018 at 12:57:39AM +, jim bell wrote: > https://arstechnica.com/gadgets/2018/05/new-speculative-execution-vulnerability-strikes-amd-arm-and-intel/ How are the class action lawsuits against CPU vendors going? IIRC there are tens of them. And from TFA: intel suggested to fix applications at risk, not system wide because of the performance hit.
Re: OT is there place on earth where the sun doesn't rise from near east?
On Sat, May 12, 2018 at 05:44:32PM +, jim bell wrote: > Piece of trivia: The "Geographic pole" actually wanders a bit, probably > mostly due to displacements of the mass of oceans and the atmosphere.I think > it's on the order of about 100 meters or so. Presumably, this has to be > accounted for in the calculations used by GPS > receivers.https://en.wikipedia.org/wiki/True_polar_wander > the north magnetic pole moves much, over 60 degrees E/W: https://en.wikipedia.org/wiki/North_Magnetic_Pole The North Magnetic Pole moves over time due to magnetic changes in the Earth's core.[1] In 2001, it was determined by the Geological Survey of Canada to lie west of Ellesmere Island in northern Canada at 81.3°N 110.8°W. It was situated at 83.1°N 117.8°W in 2005. In 2009, while still situated within the Canadian Arctic territorial claim at 84.9°N 131.0°W,[2] it was moving toward Russia at between 55 and 60 kilometres (34 and 37 mi) per year.[3] As of 2017, the pole is projected to have moved beyond the Canadian Arctic territorial claim to 86.5°N 172.6°W
OT is there place on earth where the sun doesn't rise from near east?
is there place on earth where the sun doesn't rise from near east? counterexample will be near the poles. there are two kinds of poles: geographic pole and magnetic pole. it appears to depend how they are placed: the middle of the line between them is a good candidate -- in this case exchanging them will swap directions.
Bitcoin support in the linux kernel?
I hear trustworthy gossips that the linux kernel will support bitcoin soon. m$ trolls troll that blockchain will be used for parallel solutions and mine/pay will give euid zero. Are they gone nuts? I will migrate to BSD if this happens, fuck.
Re: Flaws in AMD CPUs.
On Thu, Mar 22, 2018 at 09:24:24PM +1000, jam...@echeque.com wrote: > The original CPU design was purchased from the US, but a variety of chip > makers have been improving on the design in a variety of ways, so it is not > US cloned, but is US descended - rather distantly descended by now. according to the interwebz, your system is ARM based and in addition ARM is vulnerable to spectre. how many vulnerabilities like spectre affect the "US design"?
Re: Flaws in AMD CPUs.
On Thu, Mar 22, 2018 at 11:22:09AM +1000, jam...@echeque.com wrote: > I have therefore purchased some 64 bit Orange Pi PC2s running Ubuntu 16.04 > server, for a ridiculously affordable computer cluster. This is actually Are these non-capitalist systems? Genuinely commies CPUs? Not cloned reversed chips? About 30-40 years ago the commie block cloned Apple II and Intel 8086 in own chips and the computers worked.
Re: Attn: Image Posting...
On Fri, Mar 16, 2018 at 05:53:59AM -0500, Shawn K. Quinn wrote: > On 03/16/2018 03:38 AM, Georgi Guninski wrote: > > According to my tests, modulo errors. > > The new list has about 10K message of total size 190MB. > > 171 of them are of size > 100K of total size 104MB. > > How many messages are there in the remaining 86MB (give or take)? > I get TOTAL=10K, BIG=171. Then SMALL=TOTAL - BIG ~= 9.9K messages.
Re: Attn: Image Posting...
On Thu, Mar 15, 2018 at 12:59:25PM -0700, g2s wrote: > Aw cmon! I've been hanging around this list for what? A couple of years or > so, and in that time there MIGHT HAVE BEEN 20 or 30 posted by people who > actually has some context in the post relating to the pics. Mine did. The > trolls who add unrelated shit to their just as meaningless screeds ARE NOT MY > PROBLEM. They're a list admin problem. And apparently yours. Are you keeping > tabs for 5/6-eyes, or what? > Go ahead. Take your 190mb zip. Open it. Extract Zenazi's totally meaningless > emails, and check how much of the space in your zip is his. Do it with > Tanaka's love letters. Do it with Juan's hatemails... then extract the ones > with attachments and do the same. > Don't bother getting back to me about it whiner, or I'll attach the > perfunctory butthurt assessment form According to my tests, modulo errors. The new list has about 10K message of total size 190MB. 171 of them are of size > 100K of total size 104MB.
Re: Attn: Image Posting...
On Thu, Mar 15, 2018 at 10:12:56AM -0700, g2s wrote: > Most of that 190mb is Zenazi's garbage, libertard diatribes and bitcoin shit > links. No, it is not, what about a bet? 190MB are only 190 images of size 1MB and some images are larger. > Oh, and get a real computer with a real disk drive. 190mb is nothing, even > for my 10 year old machine with a stock drive. > Rr Image posting retards can overflow google's storage, not only my 256M disk ;)
Re: Attn: Image Posting...
On Thu, Mar 15, 2018 at 09:31:17AM -0700, g2s wrote: > The last full size image I posted was a whopping TWO HUNDRED AND FORTY SIX > KILOBYTES > RrPs. Fuck it, this is about 246 plaintext emails. Image shit poisons backup of mail. Currently the mbox of the new list is about 190M for me. Put the image on some free service and give link to it unless you desperately want punky mirror of the image.
Re: Flaws in AMD CPUs.
On Wed, Mar 14, 2018 at 03:40:26PM +, jim bell wrote: > Security researchers find flaws in AMD chips but raise eyebrows with rushed > disclosure > What is the problem with "rushed disclosure"? A vulnerability is like an asset and the owner can do whatever he wants with it. Why care about the vendor or its lusers at all? The vendor should invest more in quality instead of selling complete shit. Like the game of life, bugs games are non-cooperative games, don't know if equilibrium always exists. Fucked up vendors must find excuse for the shit they sell and jurnos are soldouts. Did waiting help for the Intel shit?
Dying from alcohol or car accident, probabilities
Some non-drinking crowd was rather critical about using alcohol. I am not sure alcohol is more dangerous than car accident. What are the (local) probabilities of dying from: 1. alcohol 2. car accident Since the intersection is not empty, possibly add 0. car accident caused by drunk driver According the interwebs the probability for 2 in california in 2013 is about 1/13K.
Re: Happy 8 March to the women
On Fri, Mar 09, 2018 at 04:49:47PM -0500, rooty wrote: > Ge0rgiE - thank you for the beautiful macro rose - I am forever 0wned > lol. some other file (image, video, text, etc) will likely own you for doubly forever. and this scales.
Happy 8 March to the women
macro rose: https://images.pexels.com/photos/37643/rose-red-flower-37643.jpeg?w=940=650=compress=tinysrgb
Re: Seeking mirror of Stratfor defacement
On Tue, Mar 06, 2018 at 09:34:16PM -0800, Douglas Lucas wrote: > least to two browsers of mine) how Anonymous defaced Stratfor's website > on 24 Dec 2011. Apologies for the lazy web, but can anyone point me to a > resource/URL that does show it in full? Looking at the html source shows IFRAME with: http://zonehmirrors.org/defaced/2011/12/24/www.stratfor.com/ This appears to be defacement snapshot showing /etc/shadow and something TLDR.
Re: AI threats
On Sun, Feb 25, 2018 at 02:13:15PM -0500, 10r wrote: > Hi. I wonder if there has ever been a topic about AI threats against > humanity. If not, I would like to propose this discussion. Should we think of > models / agents that only work on encrypted information such as numer.ai or > should we just think about how to develop such agents / models safely (if > that is possible)? AI fears are not new. Check "Technological singularity" on wikipedia. Some science fiction already came true.
Do some exploits require imagination/creativity or only craftsmanship?
Do some exploits require imagination/creativity or only craftsmanship? Probably an advance in fully automated exploit development will settle it. It is complicated since sufficiently advanced craftsmanship is indistinguishable from creativity.
Re: murica .gov shutdown of 2018
On Sat, Jan 20, 2018 at 07:19:08PM -0500, Marina Brown wrote: > It's fake. The border patrol and other stuff like that will > still be operating. So will a lot of other forces of repression. > > I think it is mostly for show. IMHO this is rather sad show. The so called "world leader" [sic] doesn't have enough money ready to keep .gov up.
murica .gov shutdown of 2018
http://www.telegraph.co.uk/news/2018/01/19/democratic-leader-meets-donald-trump-crisis-talks-us-federal/ the US government has started to shut down
Re: Cryptocurrency Market Bloodbath
On Wed, Jan 17, 2018 at 02:25:14PM -0500, grarpamp wrote: > First futures call Assuming this is for the temporary cryptocurrencies crash on 17.Jan.2018, wouldn't futures affect it even if the price was high, say $25K?
Re: Project Veritas: Social Media Stores Everything You Post Forever
On Thu, Jan 18, 2018 at 07:41:27PM -0500, Steve Kinney wrote: > "Prophets do not predict the future, they direct people to create > specific futures." > "Sufficiently sophisticated trolling is indistinguishable from thought leadership" -- unknown
Re: Project Veritas: Social Media Stores Everything You Post Forever
On Wed, Jan 17, 2018 at 01:53:02AM -0500, grarpamp wrote: > Don't be stupid, this applies to all users of all > social networks, regardless of posted "policy". > Warehouses full of data, all about mining and controlling... you. > I suspect it applies for this list too. In some sense the list is "anti social", so title should read "social and anti social media...".
Re: Hawaii and Japan missile false positive
Updated 1557 GMT (2357 HKT) January 16, 2018 http://edition.cnn.com/2018/01/16/asia/japan-false-missile-alarm-intl/index.html Japanese broadcaster apologizes after false North Korea missile alert
Re: Hawaii missile false positive
On Sun, Jan 14, 2018 at 07:29:29AM -0800, Steven Schear wrote: > Fat finger ---> Fat Ass > Sometimes in situations like this I suspect they might have been owned, but are too shy to admit it publicly.
Hawaii missile false positive
This is how nuclear wars inadvertently start: http://www.hawaiinewsnow.com/story/37259684/ballistic-missile-threat-alert-sent-to-hawaii-phones-was-a-mistake A false ballistic missile threat alert went out to all cell phones in Hawaii on Saturday morning, sending the state's 1.4 million residents and hundreds of thousands of visitors into a state of panic for more than 30 minutes until emergency officials confirmed the message was sent in error. A state emergency management employee apparently pushed the wrong button
Re: Own on install. How grave it is?
On Thu, Jan 11, 2018 at 08:43:27AM -0800, g2s wrote: > > The concerns are real and industry resolves this by applying the minimal > > required patches from a media before connecting device to the network. > > > > >> Thanks. This doesn't appear possible on smartphones, tablets and some IoT, > >> right? > > Phones and tablets? Why not? The update or os is downloaded in full before > installation and, at least in android, a dos bootstrap appears to run the > install. > Rr > Thanks, could be, I am not familiar with phones and tablets. Is this documented in more details somewhere?
Re: Own on install. How grave it is?
On Thu, Jan 11, 2018 at 11:54:00AM +0200, Kirils Solovjovs wrote: > > The concerns are real and industry resolves this by applying the minimal > required patches from a media before connecting device to the network. > Thanks. This doesn't appear possible on smartphones, tablets and some IoT, right?
Own on install. How grave it is?
This is well known, haven't seen it discussed. In short doing clean install (factory defaults) has a window of opportunity when the device is vulnerable to a known network attack. It used to be common sense to reinstall after compromise (probably doesn't apply to the windows world where the antivirus takes care). All versions of windoze are affected by the SMB bug to my knowledge. Debian jessie (old stable) is vulnerable to malicious mirror attack. More of interest to me are devices where the installation media is fixed and can't be changed. This includes smartphones and wireless routers. Some smartphones might be vulnerable to wifi RCE (found by google?). Some wireless routers might be vulnerable to wifi RCE or default admin password attack over wifi. Internet of Things will make things worse (some NAS devices are affected). Shielding the device might not be solution since updates must be applied. Are the above concerns real? Have this been studied systematically?
Re: Intel design flaw
On Wed, Jan 03, 2018 at 06:42:43AM -0500, John Newman wrote: > I think they might go bankrupt ;) > Won't cry much in this case. theregister claims javascript in a web browser can exploit it, is this true? I think js can't read memory in the browser process, let alone kernel stuff.
Re: Intel design flaw
On Wed, Jan 03, 2018 at 08:48:12AM +, jim bell wrote: > For some reason, I'm reminded of the 486 math processor screwup of 1992 (?). > As I vaguely recall, the math coprocessor might have errors in the fourth > digit of significance. Intel offered to replace the affected chips. > I think it is the Pentium FDIV bug. IIRC only the server CPU was replaced in the whole office, don't remember why. From TFA: microcode can't fix it, lol. AMD is not affected. Shouldn't Intel do recall again?
Re: Do you have predictions about 2017?
Which predictions came true? IIRC grarpamp made bold financial prediction which was outperformed by a factor of about 10.
Re: Cypherpunks Predictions For 2018...
Two more: 3. m$ windows will suck so much, computer illiterate people will be ready to pay for just literally "uninstalling windows" 4. bitcoin will at least temporary lose the first place on https://coinmarketcap.com (this is not rigorous metric)
Re: Happy New Year, yay!!! :D
Happy New Year.
Re: Ripple reaches second place by marketing capitalization
On Fri, Dec 29, 2017 at 03:57:00PM -0500, grarpamp wrote: > On Fri, Dec 29, 2017 at 8:21 AM, Georgi Guninski <gunin...@guninski.com> > wrote: > > What should investors know before investing in XRP? > > https://wikipedia.org/wiki/Ripple_(company) > https://wikipedia.org/wiki/Ripple_(payment_protocol) > > $100M Bank funded, massively Corporate and Government partnered, > inflationary, non-p2p centralized gateways, trackable, censorable, selling > their own premine / printing, digital fiat / fiat transport, etc. > > Some people are saying those things, users should research. > Investors optimize profit, not moral values. What is disadvantage to you well could be an advantage to an investor. Current bitcoin (and likely almost all of the decentralized crowd) is unusable on large scale. Numbers taken from Ripple's site, could be biased: BTC does 3 to 6 transactions per second, ETH 15 tps, XRP 1.5K tps (and claims to scale to Visa's 50K tps). Too bad the Bitcoin founding father(s) didn't think about this outcome and code the solution.
Re: Ripple reaches second place by marketing capitalization
On Fri, Dec 29, 2017 at 06:55:27AM -0700, Joseph Frazier wrote: > A friend mentioned to me that it's queued up to be offered on coinbase, so > that may have something to do with the rise in value. I know that eth, ltc > went up after appearing on coinbase. Just speculation there. > They claim they can do 15K transactions per second and scale to Visa's 50K tps. The issue of trust is not clear to me.
Ripple reaches second place by marketing capitalization
Ripple (XRP) reached second place by marketing capitalization. Before: https://web.archive.org/web/20171227090813/https://coinmarketcap.com/ After: https://web.archive.org/web/20171229110520/https://coinmarketcap.com/ Realtime: https://coinmarketcap.com/ What should investors know before investing in XRP?
Re: UFOs: US Defense Dept Videos and Black Money, Alien Tech, To The Stars
On Wed, Dec 27, 2017 at 11:11:24PM -0500, grarpamp wrote: > https://www.nytimes.com/2017/12/16/us/politics/pentagon-program-ufo-harry-reid.html > https://www.reddit.com/search?q=ufo=month > https://www.reddit.com/r/UFOs/ > Some declassified cia stuff: https://www.cia.gov/library/readingroom/collection/ufos-fact-or-fiction?page=1 UFOs: Fact or Fiction?
Re: Current State of Mailing Lists / Forums about Internet Freedom, Security and Privacy?
On Tue, Dec 26, 2017 at 09:27:58AM -0800, bm-2cxcavedtjwvdvxg9hempzp8k5uaakz...@bitmessage.ch wrote: > of the current state of the Internet communities? And what is your > recommendation > of a good online fourm for general discussion of freedom, security and > privacy? > Long ago someone said "the only connection is disconnection". Searching google for this phrase returns only 4 results.
Re: Are cryptocurrencies ready to handle large number of transactions?
On Mon, Dec 25, 2017 at 10:04:23PM -0800, Steven Schear wrote: > Clearly they are not, yet. The problems are somewhat multi-dimensional and Are there attempts to mitigate dishonest majority?
Re: Are cryptocurrencies ready to handle large number of transactions?
On Sun, Dec 24, 2017 at 07:27:24AM -0500, Karl Semich wrote: > > > On Dec 24, 2017, at 6:18 AM, Georgi Guninski <gunin...@guninski.com> wrote: > > > > Are cryptocurrencies ready to handle large number of transactions? > > Some are! Bitcoin is not, but all this incredible growth incentivizes people > to get a move on with regard to making it scale. > Which cryptocurrencies are ready for large scale? Searching the interwebs and chat suggest decentralized solution will be extremely difficult if possible at all.
Are cryptocurrencies ready to handle large number of transactions?
Are cryptocurrencies ready to handle large number of transactions? Say if the database is 1000TB or more? Doesn't handling large number of transactions contradict decentralization? Several days ago the BTC blockchain was about 150GB. Heard complains that BTC fees are rather large and transactions are currently slow. With growing popularity the database size will increase.
Re: Zcash 2nd Ceremony Call for Review / Participation, @Snowden EFF ACLU Privacy Updates
On Fri, Dec 22, 2017 at 12:27:50AM -0500, grarpamp wrote: > The Zcash Foundation’s Powers of Tau Ceremony > Don't know if this is true or not, some concerns over zcash: https://www.coindesk.com/investors-know-trading-zcash/ What Investors Should Know Before Trading Zcash
Re: Lakestone Bank and Trust Just Made A Problem, Oopsie
On Wed, Dec 20, 2017 at 10:02:30PM -0500, grarpamp wrote: > https://www.reddit.com/r/Bitcoin/comments/7l461c/banks_trying_to_come_down_on_crypto_investers/ This greedy bank well might kill herself, possibly downing large amount of the rest of Ponzi scheme banks. It is enough critical (possibly not large) part of their lusers to ask their money back. This leads to the question: How would a cryptocurrency work if the banking system is down or there is global hyperinflation? AFAIK the bitcoin core blockchain is about 150G and it can't track every beer bought for pico BTC.
