Re: Help building python application from source
On 03/03/2020 01:50 PM, Marco Sulla via Python-list wrote: > People of Python List, I strongly discourage you to support this user. > He is quite suspicious for the following reasons: Marco, this is not an appropriate response. If you have concerns about list behavior then email the list owners. If you have evidence of wrong-doing then email the list owners and do what you can to contact the appropriate authorities. Asking the list to not help someone because you disagree with their beliefs will not be tolerated. Consider this your warning. -- ~Ethan~ -- https://mail.python.org/mailman/listinfo/python-list
Re: Help building python application from source
On 03/03/2020 01:50 PM, Marco Sulla via Python-list wrote: > People of Python List, I strongly discourage you to support this user. > He is quite suspicious for the following reasons: Marco, this is not an appropriate response. If you have concerns about list behavior then email the list owners. If you have evidence of wrong-doing then email the list owners and do what you can to contact the appropriate authorities. Asking the list to not help someone because you disagree with their beliefs will not be tolerated. Consider this your warning. -- ~Ethan~ -- https://mail.python.org/mailman/listinfo/python-list
Re: Help building python application from source
On 03/03/2020 01:50 PM, Marco Sulla via Python-list wrote: > People of Python List, I strongly discourage you to support this user. > He is quite suspicious for the following reasons: Marco, this is not an appropriate response. If you have concerns about list behavior then email the list owners. If you have evidence of wrong-doing then email the list owners and do what you can to contact the appropriate authorities. Asking the list to not help someone because you disagree with their beliefs will not be tolerated. Consider this your warning. -- ~Ethan~ -- https://mail.python.org/mailman/listinfo/python-list
Re: Help building python application from source
On 03/03/2020 01:50 PM, Marco Sulla via Python-list wrote: People of Python List, I strongly discourage you to support this user. He is quite suspicious for the following reasons: Marco, this is not an appropriate response. If you have concerns about list behavior then email the list owners. If you have evidence of wrong-doing then email the list owners and do what you can to contact the appropriate authorities. Asking the list to not help someone because you disagree with their beliefs will not be tolerated. Consider this your warning. -- ~Ethan~ -- https://mail.python.org/mailman/listinfo/python-list
Re: Help building python application from source
Mh. I hoped not, but unluckily I expected a response like this. People of Python List, I strongly discourage you to support this user. He is quite suspicious for the following reasons: 1. he go so far as he offers money for, IMHO, a trivial task 2. he does not trust binaries from pip. He is so careful that he wants to freeze the libraries he will use and he want to compile them, so he can see the code and be sure that the binary was generated by that code. A lack of trust in open source projects that is quite unusual 3. I don't trust any cryptocurrency. I believe in privacy, but not in financial privacy. Yes, cryptocurrencies can be useful for circumvent bans from tyrannic states. But they can, and _are_ used, primarily to: - wash dirty money, by criminals and mafias - evade taxes - buy highly unethical "products", like weapons... and who know what other - finance tyrannies. I do _not_ think that all people that uses cryptocurrencies are criminals. I had, for example, some co-workers that invested in BitCoins, only for profit. But I do not trust this man, and I hope no one will offer support to him. By my side, I'll report this discussion to moderators. On Tue, 3 Mar 2020 at 04:24, Mr. Lee Chiffre wrote: > > > > I think I have the solution, but can I ask you why are you creating a > > bitcoin server? > > > Yes. I am a crypto anarchist. I have a bitcoin node to do my part to > running the bitcoin network and help remain it decentralized and > resilient. The more people that run a node the better it is. When it comes > to hosting servers I believe I am able to do so in a highly secure manner. > So I am doing my part in secure the bitcoin network and documenting what I > do to help others do the same thing. > > I support the bitcoin project because it is a liberty enhancing technology > to counter act over reaching government and expanding tyranny. People have > a right to financial privacy. And the world needs a secure financial > network to replace the existing institutional one that suffers from fraud > and theft.In a cyber dystopian world we live in there is a war on cash > and privacy to push us into a digital monetary system where governments > are able to spy on and control everything and everyone. If there is a need > for digital money let it be one that supports liberty instead of weakening > it. It is vital that cypher tech outpaces the police state. What we do > determines the future. We can let ourselves be enslaved and passive. Or we > can be active and support the solutions that create a better world and > preserve what is good. > > Right now it is a full node and not used for any other services or > purposes. If possible I would like to add electrumx so users of the > electrum wallet can use my server. Electrum is a very popular wallet and > is what comes pre installed with TAILS. > > -- > lee.chif...@secmail.pro > PGP 97F0C3AE985A191DA0556BCAA82529E2025BDE35 > -- https://mail.python.org/mailman/listinfo/python-list
Re: Help building python application from source
> I think I have the solution, but can I ask you why are you creating a > bitcoin server? > Yes. I am a crypto anarchist. I have a bitcoin node to do my part to running the bitcoin network and help remain it decentralized and resilient. The more people that run a node the better it is. When it comes to hosting servers I believe I am able to do so in a highly secure manner. So I am doing my part in secure the bitcoin network and documenting what I do to help others do the same thing. I support the bitcoin project because it is a liberty enhancing technology to counter act over reaching government and expanding tyranny. People have a right to financial privacy. And the world needs a secure financial network to replace the existing institutional one that suffers from fraud and theft.In a cyber dystopian world we live in there is a war on cash and privacy to push us into a digital monetary system where governments are able to spy on and control everything and everyone. If there is a need for digital money let it be one that supports liberty instead of weakening it. It is vital that cypher tech outpaces the police state. What we do determines the future. We can let ourselves be enslaved and passive. Or we can be active and support the solutions that create a better world and preserve what is good. Right now it is a full node and not used for any other services or purposes. If possible I would like to add electrumx so users of the electrum wallet can use my server. Electrum is a very popular wallet and is what comes pre installed with TAILS. -- lee.chif...@secmail.pro PGP 97F0C3AE985A191DA0556BCAA82529E2025BDE35 -- https://mail.python.org/mailman/listinfo/python-list
Re: Help building python application from source
Thanks for the comments. > (To make OP's requirements plainly visible, note that this appears to > be a cryptocurrency application.) Correct. It is a software that does not store private keys but acts as a server to serve lightweight wallets that would connect to it remotely. Electrumx does not store or generate private keys but my concern is running binary blobs that someone else created. The advantages of open source software only apply if you can confirm it was created from the source code. This is why I compile everything I can or use binaries based on reproducible build process. I am also wanting to run electrumx in a virtual environment under a dedicated user account on the linux box with lowest privileges. And the reason I want to be able to build from a local directory so that I can be self sufficient and be able to archive the software source code and all needed dependencies to spin up other servers or replace the server in a post disaster situation where internet or python pip package servers might be down. My bitcoin server also has very strict firewall rules that would inhibit the ability to connect to python servers. This is why I want to download the all the source code on my laptop then transfer to the server. But there are SO MANY dependencies. Electrumx has a few dependencies then each of those dependencies have more dependencies and on and on. I guess it might be possible to do what I want by manually downloading the source code of the close to 20 dependencies, manually verify the git tags and signatures. Then "python setup.py install" each one individually in the right order. This might work? I didn't know if there was an easier way. I did find out I could "pip download -r requirements.txt" but this downloads binaries specific for x86. My cpu architecture is aarch64. Is there a way to pip download -r requirements.txt source only or specify aarch64? Thank you -- lee.chif...@secmail.pro PGP 97F0C3AE985A191DA0556BCAA82529E2025BDE35 -- https://mail.python.org/mailman/listinfo/python-list
Re: Help building python application from source
On Fri, 28 Feb 2020 18:49:58 -0800, Mr. Lee Chiffre wrote: [snip] > I am a python noob. This is why I ask the python masters. There is a > python software I want to install on the server it is called Electrumx. > https://github.com/kyuupichan/electrumx is the link. I am having troubles > with installing this. > The short version is I am wanting to build this python application and > needed dependencies from source code all from a local directory without > relying on the python pip package servers. I only run software I can > compile from source code because this is the only way to trust open source > software. I also want to archive the software I use and be able to install > it on systems in a grid down situation without relying on other servers > such as python package servers. (To make OP's requirements plainly visible, note that this appears to be a cryptocurrency application.) I'd suggest that building everything from source code might not be a realistic solution to your security concerns. I don't know what your threat model is, but if it's something like, "Hackers and gangsters who scatter password-harvesting trojans across the globe and then shlurp up what they can," you might find that you get better security by generating your keys on a computer that never communicates with the outside world. Your concerns are (1) that the random numbers from which your keys have been corrupted to make them predictable, or (2) that malicious software will send your keys to the bad guys. Isolating the key-generation machine takes care of #2. If you have Python code for generating keys, something as simple as XORing a fixed value of your choice with its random numbers will take care of #1. I admit that using an isolated machine introduces a lot of inconveniences, but I bet it compares favorably with building everything from source. -- To email me, substitute nowhere->runbox, invalid->com. -- https://mail.python.org/mailman/listinfo/python-list
Help building python application from source
sorry re posting because I forgot subject line in last email. I am a python noob. This is why I ask the python masters. There is a python software I want to install on the server it is called Electrumx. https://github.com/kyuupichan/electrumx is the link. I am having troubles with installing this. The short version is I am wanting to build this python application and needed dependencies from source code all from a local directory without relying on the python pip package servers. I only run software I can compile from source code because this is the only way to trust open source software. I also want to archive the software I use and be able to install it on systems in a grid down situation without relying on other servers such as python package servers. Here is a snippet from https://github.com/lee-chiffre/Announcements/blob/master/02.26.2020 that describes what I am trying to do > 1. I need a way I can download the source of ElectrumX and the dependency tree. 2. In a way that also verifies the integrity of those downloads. I dont think many of these python packages are even signed. 3. Then to be able to build ElectrumX and the needed dependencies from source on a computer that does not have connection to internet. Node2.0 does not connect to internet except for the Tor process. Torsocks is not an option here. I will be running ElectrumX and the python dependencies in a venv virtual environment. If I cannot build ElectrumX and the dependencies for it from source in a way that also verifies the integrity of the downloads then for security reasons I will not run it. If someone has a solution to this I will then run ElectrumX, and give you credit for the help. If you need me to pay bounty for this please reach out to me to negotiate on a price. < Python might be easy to code but simplicity of coding comes at the cost of complexity of the software. With C++ I usually only have only a few dependencies. With python it seems like it is almost 20 dependencies. With Electrumx I counted at least 15 dependencies in the dependency tree. Is it possible to download then build this from source with all needed dependencies? -- lee.chif...@secmail.pro PGP 97F0C3AE985A191DA0556BCAA82529E2025BDE35 -- https://mail.python.org/mailman/listinfo/python-list