| 00:08:57 | phantomcircuit: | gmaxwell, did bc.i fix the xss in coinbase data? |
| 00:10:03 | gmaxwell: | Yes. |
| 00:12:08 | phantomcircuit: | gmaxwell, too bad |
| 00:12:20 | phantomcircuit: | i have enough room for an element |
| 00:12:30 | comboy: | whoa, fun, how was it found? it seems pretty expensive to test |
| 00:12:52 | phantomcircuit: | comboy, < randomly appears in the coinbase anyways |
| 00:12:59 | comboy: | ah |
| 00:13:01 | phantomcircuit: | so im guessing the page rendering was messed up |
| 00:15:42 | gmaxwell: | comboy: it's not hard to get pools to put in custom coinbase text for you, eligius will for example. |
| 00:16:10 | gmaxwell: | and if you're p2pool mining you control your own coinbase text— requires you to find a block however. :) |
| 00:17:28 | comboy: | interesting about eligius, I would imagine it's still expensive though? ;) |
| 00:18:16 | gmaxwell: | comboy: at least at one point they did it for free per request by any miner. |
| 00:19:04 | comboy: | oh, that's cool, it would work nicely as my backup solution |
| 00:19:05 | sipa: | "free per request" is still "just free", no? |
| 00:19:16 | comboy: | I'd need extremely good compression and very long time though ;) |
| 00:22:28 | comboy: | btw was there somewhere a chart of avg fee pr kb? |
| 00:26:11 | rdymac_: | rdymac_ is now known as rdymac |
| 00:26:22 | gmaxwell: | I just mean that you had to ask, and presumably if you started trying to backup data that way you'd be told no. |
| 00:29:27 | comboy: | jk, but that's a pretty cool feature |
| 00:30:10 | comboy: | I mean that they are/were letting people do this, not the backup part |
| 00:30:21 | DBordello: | DBordello is now known as Guest55492 |
| 00:42:38 | just[dead]: | just[dead] is now known as justanotheruser |
| 01:04:58 | execut3: | execut3 is now known as shesek |
| 01:21:18 | warren: | https://plus.google.com/116222474455279966224/posts/AgrefHgP4aK |
| 01:31:39 | maaku_: | "Handling clients money in Assembly for dummies" |
| 02:11:36 | phantomcircuit: | gmaxwell, dear god this is so much data |
| 02:29:03 | justanotheruser: | justanotheruser is now known as just[dead] |
| 02:33:57 | wallet42: | wallet42 has left #bitcoin-wizards |
| 03:18:16 | just[dead]: | just[dead] is now known as justanotheruser |
| 03:32:30 | justanotheruser: | justanotheruser is now known as just[dead] |
| 03:37:10 | just[dead]: | just[dead] is now known as justanotheruser |
| 04:06:14 | justanotheruser: | justanotheruser is now known as just[dead] |
| 04:06:29 | tacotime: | gmaxwell: wow https://bitcointalk.org/index.php?topic=497737.0 |
| 04:06:38 | tacotime: | i wanted to say it too but |
| 04:06:47 | tacotime: | i signed their dumb nda |
| 04:07:03 | warren: | maaku_: assembly might be an improvement for some |
| 04:07:19 | tacotime: | and although i think it might not be legally binding i still err on the side of caution |
| 04:08:33 | gmaxwell: | tacotime: I offered them an alterntive NDA, but alas they chose to not respond to me instead. It's almost certantly no binding in any way shape or form, but yea, wouldn't encourage you to encourage them to give you trouble. |
| 04:10:06 | gmaxwell: | tacotime: you may like the revised NDA I had proposed to them: http://0bin.net/paste/pVUtGcHihaoCLrlu#RpeIps564F55dbWRz1U28blAHreBM2yhuth2TKqX/Ls= |
| 04:12:22 | tacotime: | gmaxwell: that's not really that bad, though i imagine they'll struggle with (d) |
| 04:12:57 | tacotime: | my favourite thing was when they put, "customers must disparage and criticize HashFast products in a public space" in the refund contract. |
| 04:13:03 | gmaxwell: | yea.. lol |
| 04:13:07 | gmaxwell: | disparagement agreement. |
| 04:13:45 | gmaxwell: | I think it's reprehensible to threaten people who you've truly and honestly ripped off for complaining about your ripping. I don't feel like I could agree to any NDA with a company that would do that. |
| 04:15:07 | gmaxwell: | in any case, I was debating on when I should start really hitting back against them with some force, their belief that they can get away with promoting a new product while many people are out completely was sort of a last straw for me. |
| 04:15:17 | tacotime: | it is. the whole situation has been a mess since october. |
| 04:16:18 | tacotime: | yeah, i thought it was obscene when i saw that. i'm glad i at least got my asics but i feel awful for the people who haven't gotten anything yet or are waiting on upgrades. |
| 04:18:24 | tacotime: | they don't seem super interested in helping the pending legal cases against them. |
| 04:18:33 | tacotime: | which is baffling. |
| 04:19:22 | BlueMatt: | who's in barbados? |
| 04:20:09 | tacotime: | i wish. i'm just going to texas this week. |
| 04:40:23 | jtimon: | warren maaku_ what's with assembly? I kind of enjoyed reading the SSE2 manual to optimize my neural networks on the co-processor |
| 04:45:13 | jtimon: | or were you talking void...I mean...ether? |
| 04:55:54 | just[dead]: | just[dead] is now known as justanotheruser |
| 06:17:53 | Luke-Jr: | gmaxwell: really? they wouldn't even look up another airline for me :/ |
| 06:18:21 | gmaxwell: | Luke-Jr: they're supposted to under normal contracts. They don't offer it though, dunno if you asked what was going on there. |
| 06:18:54 | Luke-Jr: | at this point, I don't think they even refunded me :/ |
| 08:10:10 | gmaxwell: | if any php wizards want to check mtgox's code— you can actually see the spending code takes an array for 'forced inputs' |
| 08:10:42 | gmaxwell: | but I think it has a bug where it won't actually force any intputs that were used in another transaction, because it checks if they're in an unspent list and skips them. |
| 08:12:20 | adam3us: | gmaxwell: interesting if they got the tx db too |
| 08:14:07 | adam3us: | gmaxwell: implications of what you said ^^ for abuse of tx malleability + their coding sending diff inputs being responsible for theft of funds? |
| 08:14:26 | gmaxwell: | yes. |
| 08:15:07 | gmaxwell: | I knew from magicaltux that their code would 'sometimes but not always' conflict inputs when reissuing, well the code responsible for that appears to be there. |
| 08:15:59 | gmaxwell: | http://pastebin.com/W8B3CGiN line 162 |
| 08:16:28 | davvblack: | is there any code that automatically reissues? |
| 08:18:41 | gmaxwell: | kinda, thats the code that the reissue would (presumably) use |
| 08:19:00 | gmaxwell: | the interesting thing is I can't square it with their recent behavior of doublespending inputs |
| 08:19:10 | gmaxwell: | so I think there may have been a change. |
| 08:19:28 | gmaxwell: | Basically their forced input logic is broken in that it won't force any inputs if it doesn't think they're available |
| 08:20:22 | adam3us: | gmaxwell: but its concept of availability is the tx db? |
| 08:20:44 | gmaxwell: | But at line 876 it seems to synchronize its claims with the blockchain. |
| 08:21:30 | gmaxwell: | so thats compatible with the idea that the transaction they were trying to conflict with being successful would cause them to fail to conflict (doh!) |
| 08:21:34 | azariah4: | damn, so much rounding, type casts to int and magic numbers |
| 08:21:43 | gmaxwell: | but not compatible with their observed self-doublespending at all. |
| 08:22:24 | gmaxwell: | so now I'm wondering if they didn't— a couple months ago— comment out that synchronization with the blockchain on 876 in order to try to make it not fail to conflict with itself when it needed to |
| 08:22:26 | davvblack: | maybe there's something wrong with the queries including and just after 177 |
| 08:22:38 | gmaxwell: | but by doing that made it constantly doublespend itself. |
| 08:23:08 | gmaxwell: | well thats why I think someone php clueful needs to look at this, my last php expirence was over 5 years ago and in a much cleanear and abstracted codebase (mediawiki) |
| 08:23:41 | davvblack: | there are also syntax errors |
| 08:23:44 | davvblack: | like line 91 |
| 08:24:58 | davvblack: | you cant [] for array literal |
| 08:33:22 | azariah4: | if this code leak is real, I suddenly feel much better about the payment backend code I'm working on @ work |
| 08:33:36 | davvblack: | lol |
| 08:33:43 | davvblack: | I mean, look how many order by RAND() are in there |
| 08:36:55 | davvblack: | I like that it uses variables like $block_size to mean blocks per block reward amount. |
| 08:38:44 | gmaxwell: | davvblack: well coin selection... not so awful there. |
| 08:39:01 | davvblack: | erm, i mean it's still bad from a dba standpoint |
| 08:39:11 | davvblack: | it needs to assign a rand() to each row |
| 08:39:16 | gmaxwell: | I give this code 99.9% chance of being real, though it might be moderately old. |
| 08:41:29 | davvblack: | and as per our previous conversation, no === |
| 08:47:44 | gmaxwell: | this code seems to have no ability to handle reorgs. |
| 08:48:36 | jcorgan: | he'd probably say he didn't know about reorgs, and that reorgs are a "bitcoin bug" |
| 09:58:58 | gmaxwell: | ::sigh:: I posted on reddit about how MTGox green addresses might have massively amplified these problems (inspired by someone elses ranty thing that was arguing that systemic risk can't exist in bitcoin) |
| 09:59:17 | gmaxwell: | http://www.reddit.com/r/Bitcoin/comments/1zef5c/green_addresses_an_accidentally_dodged_bullet/ |
| 09:59:41 | gmaxwell: | and one of the responses is from https://greenaddress.it/ who seems themselves to be confused and think I'm talking about their service. |
| 10:09:47 | airbreather: | lol... |
| 10:12:00 | airbreather: | "Unlike other systems our implementation allows users to login in watch-only mode, meaning that their private keys are not in the browser at all." -- except bc.i offers this same functionality |
| 10:12:08 | airbreather: | >.< |
| 10:14:03 | gmaxwell: | airbreather: I don't think there is any way to _sign_ if you're using bc.i that way. |
| 10:15:57 | airbreather: | ahh, I see what I missed -- you can have them still be in charge of your bitcoins, but log in in a way that makes it so you can't spend them. so, doesn't solve the fundamental problem |
| 10:18:59 | airbreather: | and of course, 100% beside the point of actual green addresses |
| 10:19:37 | gmaxwell: | yea, mind blown at the otness of it all |
| 10:40:59 | justanotheruser: | justanotheruser is now known as just[dead] |
| 10:52:59 | airbreather: | So the "Hardfork Wishlist" wiki page lists the following: "coinbases must be parseable." <-- wouldn't that be possible with a BIP0034-style valid-under-old/invalid-under-new softfork? |
| 10:54:32 | airbreather: | assuming I'm using the term "softfork" correctly... if I'm not, pretend I didn't say that, and I really just mean the upgrade process BIP0034 implemented |
| 11:44:05 | aksyn: | aksyn has left #bitcoin-wizards |
| 12:23:03 | oooooo_m: | oooooo_m is now known as oooooo |
| 14:17:15 | maaku: | maaku is now known as Guest46684 |
| 14:54:22 | realazthat: | gmaxwell: ping |
| 15:32:48 | just[dead]: | just[dead] is now known as justanotheruser |
| 15:56:02 | jgarzik: | So, on MtGox customer info... anybody have additional data? does this mean a bunch of high profile bitcoiners, including myself, have their MtGox high res passport scans floating around? |
| 15:56:13 | jgarzik: | That would be disappointing, but not entirely unexpected. |
| 16:01:23 | nanotube: | there's no confirmation of the data being in the wild. just some guy saying 'we have the db dump' |
| 16:02:03 | nanotube: | and vaguely promising to post a torrent |
| 16:02:05 | nanotube: | eventually |
| 16:02:39 | comboy: | worst part is that afair I tried submitting scan with watermark saying it's for their use only and date and it was not accepted :/ |
| 16:03:32 | nanotube: | i submitted notarized paper. dunno if they scanned it into their db, or if it's still safely in a file cabinet somewhere |
| 16:07:46 | comboy: | nanotube: given this code source leak which looks sadly legit, I'd assume they really have the db |
| 16:08:20 | nanotube: | comboy: i'm not making bets one way or the other. code could be sitting around on various dev machines |
| 16:08:42 | nanotube: | or copies floating around in emails or usb sticks |
| 16:08:58 | nanotube: | db is less likely to be hanging around in bits and pieces all over the place |
| 16:09:22 | comboy: | well, maybe, hopefully |
| 16:09:51 | nanotube: | but certainly Pr(db is leaked | code is leaked) is greater than the prior of Pr(db is leaked) |
| 16:11:20 | jtimon: | I only coded php on a small project at college, but 1719 lines in a single file, the mentioned castings, not using constants for constant values... |
| 16:18:29 | TD: | the whole passport scan+utility bill thing is a horrible standard anyway |
| 16:18:56 | TD: | if the whole thing does leak, i guess exchanges will have to go to doing video chats to confirm id |
| 16:19:05 | TD: | as simple posession won't mean anything any more |
| 16:20:26 | nanotube: | right |
| 16:20:45 | nanotube: | but until they do, expect plenty of fake jgarzik's on the various exchanges. >_> |
| 16:21:19 | jtimon: | yeah interesting thought |
| 16:21:43 | kinlo: | their code does indeed look lik a big mess |
| 16:21:55 | kinlo: | not to mention that php is not the language to write an exchange in |
| 16:21:59 | jtimon: | passports should have a private key for digital signatures like some countries id cards |
| 16:22:28 | kinlo: | jtimon: several passports do have a chip.... |
| 16:22:55 | TD: | all new passports have chips. unfortunately, chips that sign with private keys are ... optional |
| 16:22:58 | jtimon: | yeah, a chip, but can you sign legal documents with that chip? |
| 16:23:08 | TD: | it's not designed for that |
| 16:23:13 | jtimon: | TD oh, so it's possible |
| 16:23:23 | TD: | for most passports it's not possible. the chip is just a data repository |
| 16:23:26 | kinlo: | is a scan legal? |
| 16:23:37 | kinlo: | can I order stuff with just a scan? |
| 16:23:38 | TD: | well banks take photocopies of passports, in my experience |
| 16:23:40 | jtimon: | well, some countries id cards (spain) are designed for that |
| 16:23:42 | TD: | so a scan is i guess normal |
| 16:23:55 | TD: | jtimon: yes sure. some countries operate their own citizen PKI's |
| 16:24:12 | kinlo: | TD: It's so sad you are correct... it opens so many ways to get abused for us |
| 16:24:34 | kinlo: | they have email, id, name, address, everything :( |
| 16:24:34 | TD: | for any institution that needs strong ID verification |
| 16:24:43 | TD: | it's not just a bitcoin specific problem |
| 16:24:53 | kinlo: | TD: I've opened my latest bank account online, without much verification.... |
| 16:24:55 | TD: | id theft is a huge issue, especially in the usa where so much is keyed off social security numbers |
| 16:25:02 | TD: | interesting |
| 16:25:04 | TD: | how did you do that? |
| 16:25:32 | kinlo: | I just went to my banks website, filled in a form, pasted a copy of my id card and they mailed me my bank-card back |
| 16:25:43 | TD: | "pasted a copy"? |
| 16:25:44 | kinlo: | debet card AND credit card :) |
| 16:25:53 | kinlo: | photocopy of my id card |
| 16:26:21 | TD: | right |
| 16:26:28 | TD: | so they don't actually use crypto, even though your id card supports it? |
| 16:26:45 | kinlo: | well, for the credit card I had to give them a copy of my salary card (how to translate that word:P) |
| 16:26:56 | kinlo: | TD: exactly. |
| 16:27:04 | jtimon: | that's scary, so anyone could just create an account in your name if the id cards/passports are leaked? |
| 16:27:04 | TD: | fail |
| 16:27:12 | TD: | probably not worth the complexity |
| 16:27:16 | nanotube: | even if there was crypto... that'd just mean people will try to steal the privkeys |
| 16:27:19 | TD: | i guess you'd need a smartcard reader and most people don't have one |
| 16:27:29 | kinlo: | TD: however, it might have been possible they contacted the governement to get my address - they did had to send my info somewhere |
| 16:27:45 | kinlo: | in the end, a bank with an official licence has access to certain governement databases |
| 16:27:49 | TD: | i don't have an ID card, but swapped a photocopy of my passport + some money for a USB smartcard dongle thing that i can use to log in to a bunch of swiss websites |
| 16:28:04 | TD: | but most people won't do that |
| 16:28:25 | TD: | thinking about it though, i think the passport copy mt gox has for me is actually expired. plus the utility bill has to be fresher than 3 months |
| 16:28:26 | kinlo: | TD: so you can login to any swiss site that requires an id card? |
| 16:28:31 | TD: | yeah |
| 16:28:39 | kinlo: | TD: are you swiss? |
| 16:28:45 | TD: | no |
| 16:28:49 | kinlo: | mmmmz |
| 16:28:52 | TD: | i live here |
| 16:29:01 | kinlo: | you sound american (no offence) |
| 16:29:22 | TD: | i'm british |
| 16:29:27 | jtimon: | I don't think I ever send a utility bill, but it's been a while since last time I used that exchange |
| 16:29:29 | TD: | nearly the same thing :) |
| 16:29:30 | kinlo: | close 'nuff :p |
| 16:29:59 | kinlo: | well, I didn't even got confirmed yet |
| 16:30:03 | kinlo: | I was in the queue |
| 16:30:21 | kinlo: | so I'm definatly going to be in a "hot database", if such a thing exists |
| 16:30:29 | jtimon: | I think at some point the id card was enough |
| 17:13:58 | jgarzik: | (scrolling back) |
| 17:14:07 | jgarzik: | TD, I'm surprised people have not already moved to video chat security |
| 17:14:17 | jgarzik: | TD, maybe it's too obvious and "dumb" |
| 17:18:27 | phantomcircuit: | jgarzik, que |
| 17:21:00 | jgarzik: | phantomcircuit, a wealth of biometrics can be easily captured by a video chat |
| 17:21:13 | jgarzik: | phantomcircuit, and easily measured against future video chats |
| 17:21:30 | jgarzik: | OpenBiometrics has some fun tools |
| 17:25:52 | pigeons: | “The new generation of Kinect technology in Xbox One can distinguish up to six voices in a room, respond to voice commands, read skeletal movement, muscle force, whether people are looking at or away from the TV and even their heart rates. |
| 17:26:03 | pigeons: | http://adage.com/article/special-report-ana-annual-meeting-2013/xbox-reshape-marketing/244605/ |
| 17:26:33 | pigeons: | so yeah |
| 17:33:25 | spin123456: | spin123456 is now known as spinza |
| 17:47:52 | zooko: | Hm. I wonder under what conditions open("/dev/urandom", O_RDONLY | O_CLOEXEC) can return a negative return value. |
| 17:48:53 | Guest46684: | zooko: out of file handles? |
| 17:49:25 | zooko: | Guest46684: yeah, I was wondering about that too. |
| 17:50:01 | Guest46684: | Guest46684 is now known as maaku |
| 17:50:12 | zooko: | maaku: hi there! ☺ |
| 17:50:22 | maaku: | :) |
| 17:52:44 | zooko: | I wonder if there are other cases. |
| 17:53:35 | zooko: | In particular, I'm wondering whether I can deliberately trigger a process on your linux machine to get -1 from open("/dev/urandom"). |
| 17:53:56 | zooko: | And I'm also wondering if open() will ever return any other negative number than -1. |
| 18:00:45 | TD: | phantomcircuit: for exchange KYC verification |
| 18:00:56 | TD: | it seems exchanges spend a lot of time trying to divine whether a scanned passport/bill is forged or not |
| 18:01:07 | TD: | seems doing a 20 second video chat with support staff could resolve the question reliably |
| 18:06:38 | michagogo|cloud: | 18:23:56 | jtimon: yes sure. some countries operate their own citizen PKI's |
| 18:06:38 | michagogo|cloud: | Including Israel, sort of |
| 18:06:54 | TD: | perhaps in future more localised exchanges can use these |
| 18:07:16 | michagogo|cloud: | We're in the 2-year trial phase of a program for new, smart ID cards and e-passports |
| 18:08:24 | michagogo|cloud: | They embed biometric data (photo and two index fingerprints), and the ID card has a smartcard contact on it. With the card, they give you a USB reader, which will allow you to connect the card to your computer and use it for authentication and signing |
| 18:08:52 | TD: | yeah |
| 18:08:58 | michagogo|cloud: | At the moment, though, I don't think there's anything you can do with it -- Windows detects and auto-installs a driver for the reader |
| 18:09:13 | TD: | normally you can sign PDFs with it, and that's legally binding. also mine lets you log into websites using SSL client certs |
| 18:09:23 | TD: | i don't have an ID card though. my "card" is a SIM form factor |
| 18:09:34 | TD: | seems like swiss identity cards let you choose whether you have a chipped one or not |
| 18:09:34 | michagogo|cloud: | And when you insert the card, it's recognized as a smart card, but AFAICT there's nothing that you can do with it |
| 18:10:00 | TD: | you can probably use it with anything that supports PKCS #11 tokens, i think |
| 18:10:04 | TD: | there's a standard for crypto smartcards |
| 18:10:08 | michagogo|cloud: | Eventually, they say they'll release the software for it |
| 18:10:19 | phantomcircuit: | TD, i've actually dont KYC over skype for intersango |
| 18:10:22 | phantomcircuit: | it was a lot easier |
| 18:10:30 | phantomcircuit: | but it took about 10 minutes |
| 18:10:35 | TD: | like, i installed the SuisseID software, and when I plug my usb stick in Mail.app it automatically starts signing mail |
| 18:10:54 | TD: | PDFs is harder. Adobe and other apps like to use the term "electronic signature" to mean "image of a hand-drawn pen signature" |
| 18:11:09 | TD: | phantomcircuit: i guess you could optimise it by having custom stuff on your website using webrtc |
| 18:11:35 | phantomcircuit: | TD, in the us the adobe/docusign things are legally binding contracts |
| 18:11:40 | michagogo|cloud: | TD: Do you know of anything generic that I might be able to use to find out what's on there, what it's currently capable of doing? |
| 18:11:44 | phantomcircuit: | E-SIGN act |
| 18:11:53 | TD: | ah that's good. i didn't know if it was the case in the USA. i think those are legally binding in most countries by now |
| 18:12:21 | phantomcircuit: | TD, http://en.wikipedia.org/wiki/Electronic_Signatures_in_Global_and_National_Commerce_Act |
| 18:12:29 | TD: | michagogo|cloud: do you know any technical data at all? model name etc? |
| 18:12:38 | TD: | michagogo|cloud: is it the "SmartID" system? |
| 18:12:40 | TD: | phantomcircuit: thanks |
| 18:13:03 | TD: | that's going to make contracts and invoicing a lot more convenient |
| 18:13:30 | TD: | * TD blinks |
| 18:13:50 | TD: | did the bitstamp price really go up by $100 in just a few hours? |
| 18:14:15 | tacotime: | TD: this is bitcoin |
| 18:14:31 | michagogo|cloud: | TD: I don't remember off the top of my head |
| 18:14:36 | michagogo|cloud: | Give me a sec, I'll go get it |
| 18:14:59 | tacotime: | http://i.imgur.com/klP77CI.png |
| 18:15:13 | tacotime: | stability is only on a logarithmic axis ;) |
| 18:16:12 | phantomcircuit: | TD, sure except the real world security there is terrible |
| 18:16:26 | phantomcircuit: | like im pretty sure i could forge something to appear like you signed it |
| 18:16:33 | phantomcircuit: | .... and it would be legally binding |
| 18:17:12 | TD: | well, if you hacked my computer and i had the usb stick plugged in and also entered the PIN then probably you could |
| 18:17:18 | TD: | s/PIN/password/ |
| 18:17:24 | TD: | it's not like a trezor, there's no display to confirm what's happenng |
| 18:17:42 | c0rw1n: | why can't that be hacked otherwise? |
| 18:18:03 | c0rw1n: | i don't trust any gov in the world to get security right enough on anything they do, ever |
| 18:18:16 | michagogo|cloud: | TD: The reader is an ASEDrive V3C |
| 18:19:00 | TD: | michagogo|cloud: i don't know how to do it on windows, but on MacOS there's a keychain app that lets you see if it was recognised |
| 18:19:45 | michagogo|cloud: | TD: The card appears in Device Manager as "Israel eID Minidriver for Smart Card" |
| 18:20:50 | TD: | do you have something like Outlook installed? |
| 18:20:51 | michagogo|cloud: | Hardware ID is SCFILTER\CID_54454c454d10211010 |
| 18:21:07 | zooko: | zooko has left #bitcoin-wizards |
| 18:21:19 | michagogo|cloud: | TD: I don't think so |
| 18:23:26 | TD: | hmm. well, i guess you could also grab Acrobat and try signing a PDF with it |
| 18:23:40 | TD: | or chrome/IE would possibly let you use it, if you tried to log on to a site that was expecting it |
| 18:23:44 | TD: | but i don't know if there are any |
| 18:23:54 | michagogo|cloud: | Yeah, I don't think there are any |
| 18:24:20 | TD: | ah ha |
| 18:24:20 | michagogo|cloud: | Like I said, they've said that they expect the software that uses it to be available at some point in the future |
| 18:24:34 | TD: | apparently there's an app called "certificate manager" |
| 18:24:38 | TD: | try http://windows.microsoft.com/en-us/windows-vista/view-or-manage-your-certificates |
| 18:24:47 | TD: | see if you can spot your eID cert using that app |
| 18:25:12 | TD: | well, SuisseID also gave me a pile of custom software, but as far as I can tell it was only needed for enrollment. it wasn't needed for anything else. it's all natively integrated |
| 18:26:29 | TD: | http://www.gooze.eu/howto/internet-explorer-smartcard-howto-windows/using-windows-certificate-manager |
| 18:27:05 | michagogo|cloud: | TD: nope |
| 18:27:13 | TD: | nope to which part? |
| 18:28:36 | TD: | seems like you need to toggle an option in certmgr to make it show smartcard certs for some reason |
| 18:29:29 | michagogo|cloud: | I toggled that option |
| 18:29:31 | michagogo|cloud: | Nothing |
| 18:30:01 | TD: | ok. then i dunno what the issue is. it's one of those annoying things where 95% of it is standardised, but somehow you still end up needing custom stuff |
| 18:30:08 | TD: | so i guess you have to wait for israel to get its act together |
| 18:30:22 | michagogo|cloud: | Yeah |
| 18:31:04 | michagogo|cloud: | I mean, the program is still in a 2-year trial period, and the decision won't be made for a year and a half or so on whether to make it permanent, extend the trial for 2 more years, or cancel it |
| 18:31:13 | michagogo|cloud: | It's not clear what will happen if the program is cancelled |
| 18:35:56 | justanotheruser: | justanotheruser is now known as just[dead] |
| 18:51:51 | jtimon: | michagogo|cloud in spain you have to buy the reader yourself, so I haven't used it, but my sisters are lawyers and they've saved quite a few trips to the courts by using it |
| 18:52:30 | jtimon: | it's a little bit complicated for most people to use anyway |
| 18:57:32 | just[dead]: | just[dead] is now known as justanotheruser |
| 19:08:58 | HM: | any know of any existing generic code for generating hash trees iteratively? |
| 19:09:46 | HM: | as you insert elements in a vector |
| 19:09:54 | HM: | to amortize the cost of computing the root hash |
| 19:10:02 | HM: | just a thought |
| 19:10:58 | tacotime: | HM: I was going to try to merkelise a B+ tree and implement that, but I haven't had time |
| 19:11:27 | HM: | hmm, why a B+ tree? |
| 19:12:12 | tacotime: | was going to use it for a uxto set that i'd store in memory for very fast block and tx verification and propagation |
| 19:12:41 | tacotime: | *utxo |
| 19:12:53 | HM: | sounds cool |
| 19:14:20 | tacotime: | i'm hoping so, when i get around to it. it looks like it'll be a lot of coding and debugging, so it'll have to wait until my other projects are done. |
| 19:14:56 | tacotime: | it's similar to what maako did in his python implementation, but with slightly different data structures. |
| 19:15:14 | tacotime: | *maaku, sorry |
| 19:16:27 | HM: | i was thinking of a memory efficient append-only list of leaf nodes (left to right). if you set a prediction for the size of the tree (n leaves), then at (n/2) population you can discard (n/2 - 1) flush nodes from memory |
| 19:16:42 | HM: | of course if you need to grow beyond that size you need to recompute |
| 19:16:50 | tacotime: | right |
| 19:17:03 | HM: | *flush -> inner |
| 19:18:37 | HM: | and you can still insert in O(log n) time |
| 19:19:34 | HM: | well to the unflushed half anyway hmm |
| 19:29:10 | justanotheruser: | justanotheruser is now known as just[dead] |
| 19:42:34 | gmaxwell: | HM: you don't have to predict you can resize as you grow, you just have these little tree fragments when you haven't yet filled a whole new level. |
| 19:47:37 | TD2: | adobe reader sucks even more than i remember |
| 19:48:03 | TD2: | jtimon: i'm not sure if it's complicated per se, but my experience has been it's all very flaky |
| 19:48:27 | TD2: | jtimon: sometimes my card just randomly fails to work. unplugging it and replugging it makes it happy .... sometimes. the software is a bit dubious too sometimes. |
| 19:49:06 | TD2: | not obviously well tested, at least not for macs |
| 19:49:23 | TD2: | still, i managed to digitally sign a pdf. probably easier and better than printing/signing with a pen/rescanning |
| 19:49:57 | TD2: | for my next trick .... signed payment request |
| 19:59:14 | gmaxwell: | is td2 td? I know too many tds on IRC |
| 20:01:19 | nsh: | it was Mike, aye |
| 20:08:25 | jtimon: | TD2 that's the swiss id, right? I haven't heard my systers complaining about the spanish systems and they're definitely non technical people |
| 20:09:15 | jtimon: | I may borrow them the reader or buy one myself to test the stuff better, I think they're like 10 or 20 eur |
| 20:09:54 | jtimon: | not many companies are using them though, mostly for dealing with the administration more efficiently |
| 20:10:05 | jtimon: | for now at least |
| 21:26:17 | imsaguy: | imsaguy is now known as supatube |
| 21:27:15 | supatube: | supatube is now known as imsaguy |
| 22:19:50 | andytoshi: | i have been thinking about writing a software which mirrors the bills drifting across parl.gc.ca into a git repo. then i can read things like '20. Subsection 4(2) of the Canada Evidence Act is amended by replacing “170” with “163.1, 170”.' (which has no context at all in the bill's text) as a diff, and also see historic info like eg bill sponsors with git log. does anyone know of existing |
| 22:19:53 | andytoshi: | similar projects? |
| 22:20:27 | gmaxwell: | let me ask someone who would know |
| 22:20:38 | nsh: | * nsh blinks |
| 22:22:06 | nsh: | oh. |
| 22:24:10 | antephialtic: | anytoshi: I just got around to reading your paper on schnorr sigs being non-malleable. Forgive me for my lack of experience with this style of proof, but is the essential point of the proof that malleating the sig is as hard as predicting the output of the random oracle? |
| 22:24:38 | antephialtic: | *andytoshi |
| 22:24:47 | nsh: | (mutating is usual verb) |
| 22:25:27 | nsh: | ((closest etymologically in english would be malleting, which is kinda funny)) |
| 22:26:20 | andytoshi: | antephialtic: yeah, basically. |
| 22:26:27 | andytoshi: | nsh: i used 'malleating' several times in the paper :P |
| 22:26:48 | antephialtic: | nsh: seems to be a word :) http://dictionary.reference.com/browse/malleating |
| 22:28:00 | andytoshi: | antephialtic: more specifically, if the random oracle is unpredictable (i.e. it is actually a random oracle) then malleating is just as hard as forging |
| 22:28:13 | andytoshi: | it can be shown that in the random oracle model, forging is impossible, but that's out of scope of that paper |
| 22:28:30 | TD: | andytoshi: surely the right word is mutating? |
| 22:28:59 | andytoshi: | s/impossible/cannot be done with nonnegligible probability/ |
| 22:29:13 | nsh: | * nsh stands corrected :) |
| 22:29:28 | andytoshi: | TD: i dunno, i like malleating because it's clear that this is the problem that i'm addressing and that word never appears in any other context |
| 22:29:38 | andytoshi: | but i'm sure it's not correct |
| 22:29:43 | TD: | usually words not being used anywhere else is not a good thing : |
| 22:29:44 | TD: | :) |
| 22:29:46 | antephialtic: | andytoshi: so if the oracle is unpredictable, (advantage) epsilon ~ 1/(x-1) ? |
| 22:30:45 | antephialtic: | assuming the output of the random oracle is uniform (not sure if that is a valid assumption) |
| 22:30:55 | andytoshi: | fwiw O(1/(x-1)) is O(1/N), where N is the group size. also it might be some polynomial in t rather than 1 |
| 22:31:12 | andytoshi: | antephialtic: yeah, that is part of the random oracle assumption. one sec, matt green has a good article on this.. |
| 22:31:57 | andytoshi: | http://blog.cryptographyengineering.com/2011/09/what-is-random-oracle-model-and-why.html |
| 22:32:30 | antephialtic: | andytoshi: cool, my crypto knowledge is a bit elementary, so this is all interesting stuff for me, thanks |
| 22:34:23 | nsh: | andytoshi, some time when you get the chance please write up a blog post or something detailing the ideas behind the time-asymmetry/random-oracle idea you were telling me about yesterday |
| 22:34:42 | nsh: | i think it's worthy of some meditation |
| 22:35:03 | andytoshi: | nsh: yeah, sure, i'll think about that tonight and hopefully write it up tomorrow. agreed, i think there is something there because it suggests the impossiblitiy of my public-fhe dream |
| 22:35:29 | nsh: | * nsh nods |
| 22:37:33 | gmaxwell: | andytoshi: 14:36 < jgay> gmaxwell, i was working on a system to do that around 2005 but stopped for a few reasons. There have been a few people doing work on this. See https://github.com/divegeek/uscode and google "gitlaw" for a popular blog posts and follow-up discussions on opencongress.org and elsewhere |
| 22:37:38 | realazthat: | gmaxwell: hey |
| 22:38:02 | gmaxwell: | realazthat: hay is for horses. |
| 22:38:06 | realazthat: | :D |
| 22:38:16 | realazthat: | gmaxwell: I been polishing up the interpreter |
| 22:38:34 | realazthat: | some minor issues to note |
| 22:38:46 | realazthat: | first, memory can't be freed |
| 22:39:00 | realazthat: | I allocate it in pages, on demand |
| 22:39:14 | realazthat: | but it doesn't know when you aren't using it anymore, and doesn't check for all-zero |
| 22:39:18 | realazthat: | I assume this doesn't matter |
| 22:39:27 | realazthat: | for your purposes |
| 22:41:16 | nsh: | (the horizontality of punctuation matters, for my purposes :) |
| 22:42:45 | realazthat: | are you making fun of me :P |
| 22:43:13 | nsh: | mebbes :) |
| 22:43:15 | andytoshi: | gmaxwell: thx, i'll check those links out. hopefully i can adapt some of that stuff to the canadian side (and learn more about US law too -- i don't have any RSS feeds for congress/senate :( ) |
| 23:11:57 | gmaxwell: | years ago |
| 23:11:57 | gmaxwell: | 14:45 < jgay> gmaxwell, yeah, here it is http://okfnlabs.org/blog/2012/12/13/bundesgit-german-laws-on-github.html .. there are also links to the OKFN legislative |
| 23:12:00 | gmaxwell: | mailing list at the bottom of that |
| 23:12:32 | gmaxwell: | oops seems to have cutoff the first line, well it was just saying that there was a lot of progress in germany. |
| 23:22:09 | andytoshi: | great, that's really encouraging |
| 23:22:53 | andytoshi: | btw what channel are you pasting from |
| 23:22:56 | andytoshi: | ? |
| 23:24:06 | nsh: | direct from XKEYSCORE |
| 23:24:32 | andytoshi: | lol |
| 23:55:25 | gmaxwell: | yea, stupid packet filters sometimes cut of the beginning of messages. |