00:00:07gmaxwell:[OT] oops. dd if=/dev/zero of=/dev/sd_a_1 isn't what I wanted to type to zeroize a usb stick. ... man, been a _long_ time since I made a mistake like that.
00:00:18gmaxwell:Fortunately /dev/sda1 is just some efi boot partition.
00:01:57jcorgan:heh. not long ago i fell victim to the 'sudo rm -rf $FOO/*' mistake when not confirming $FOO is actually defined.
00:03:05jcorgan:now i have 'set -o nounset' in all my scripts :)
00:05:38phantomcircuit:jcorgan, no --preserve-root ?
00:08:47jcorgan:would not have made a difference
00:09:08jcorgan:the command only deleted everything inside the root, not the root itself
00:09:38gmaxwell:[OT] Hurrah! fixed, safely rebooted; ... while on caltrain. And bonus: I get a bootloader menu now instead of crazy ascii garbage.
00:10:49andytoshi:wow gmaxwell close call!!
00:12:26gmaxwell:I have backups of course, and already had my presentation tonight stored elsewhere; ... but yea, would have been a pita if I'd zeroized the whole laptop.
00:13:51phantomcircuit:gmaxwell, presentation?
00:14:08phantomcircuit:oh dev meetup
00:14:15jcorgan:watching a desktop system self-destruct as the entire filesystem gets nuked from underneath is rather amusing...a few weeks later.
00:16:51gmaxwell:phantomcircuit: I would have suggested you come; but it appears seriously oversubbed already.
02:01:31andytoshi:gmaxwell's slides: https://people.xiph.org/~greg/gmaxwell_sfbitcoin_2015_04_20.pdf (he asked me to post after 7)
06:57:37fluffypony:oh gmaxwell, I like the bitmessage broadcast idea
06:57:41fluffypony:v. nice
07:40:06gmaxwell:fluffypony: yea, Bitmessage is somewhat suboptimal; as is kinda weak against a global observer conspiring with the recipent.
07:40:46fluffypony:but still, if the functionality exists to pass all initial tx broadcasts to an external handler that's advantageous
07:42:03gmaxwell:yea, it's certantly a step forward, plus if run over tor it's not going to be any worse than tor is.
07:43:00gmaxwell:fluffypony: and right the whole idea of the manual broadcast (as far as I'm concerned at least) is making it possible to have an external handler.
07:43:30fluffypony:also with Schnorr multisig vs. current multisig isn't it six of one, half-a-dozen of the other, in that both require significant interaction between the signatories? or does Schnorr require substantially more back-and-forth?
07:44:49gmaxwell:fluffypony: plain schnorr threshold requires huge setup, like roundtrips related to the number of and gates in the circuit, to create a pubkey. Vs in the current system I can just post a pubkey and say people can include me in it.
07:45:06fluffypony:got it
07:46:18gmaxwell:and signing in the current system is a 'half roundtrip' someone proposes a signature and then it just flows through $threshold people. For schnoor schemes you have to agree on R first, which you can either do in advance (as setup), or by making one full round trip. Though some alternatives are worse (e.g. I think the latest threshold ECDSA stuff is threshold+2 roundtrips)
07:47:22fluffypony:in line with that, I've been thinking about 0-conf discovery of and connection to participants for multisig in Monero, it's a problem we're going to have to address eventually anyway; broadcasting it as an "incomplete tx" won't work if there has to be lots of roundtrips
07:50:52gmaxwell:I even worry that the full round trip is a big usability loss; though establishing R in advance is potentially unsafe. (not stateless) Figuring out if its possible to improve this is one of the parts I consider unsolved.
07:52:01gmaxwell:e.g. is there a way to do one time R setup in advance that doesn't risk compromising your keys with state replay (somehow getting tricked into using the same R twice)
07:53:06fluffypony:tough one
07:53:28fluffypony:btw wizards, I'm hitting up Europe over the course of May, will be at Bitcoin and Monero meetups in Belgium (Tue 19th May), Paris (Thur 21st May), Germany (Sun 24th May and Tue 26th May) and then Bitcoinference in Amsterdam on the 30th/31st of May; if anyone wants to meet up for lunch / beer / supper / non-alcoholic-beverages let me know, else I'll post meetup details here as they're confirmed
07:53:47fluffypony:oh well Germany is confirmed: https://forum.getmonero.org/14/events/237/monero-meetup-berlin-germany-may-24th-2015 and Bitcoinference: http://bitcoinference.com
08:04:14petertodd:fluffypony: oh! I may be in germany nearish that date
08:04:23fluffypony:oh good
08:04:28gmaxwell:fluffypony: all this stuff also works with BLS signatures and pairing crypto; and has no nonce... alas slow and stronger assumptions.
08:05:20rajaniemi.freenode.net:topic is: This channel is not about short-term Bitcoin development | http://bitcoin.ninja/ | This channel is logged. | For logs and more information, visit http://bitcoin.ninja
08:05:20rajaniemi.freenode.net:Users on #bitcoin-wizards: andy-logbot Mably wallet42 b_lumenkraft hktud0 damethos NewLiberty xcthulhu bedeho priidu p15x Pan0ram1x moa helo unlord ryanxcharles TheSeven hulkhoga142o RoboTeddy jeremyrubin Dr-G isis Adlai bliljerk101 LeMiner hashtag_ SDCDev pollux-bts justanotheruser ClipperClap sparetire Hunger- PaulCapestany arubi Relos spinza heath kanzure crescendo maraoz gielbier c0rw1n Luke-Jr hashtag Guest50139 p15 Tiraspol nickler Guest55444 Emcy CodeShark
08:05:20rajaniemi.freenode.net:Users on #bitcoin-wizards: prodatalab trstovall dansmith_btc antgreen` dgenr8 sadoshi GAit melvster mkarrer Kwelstr [d__d] dignork nuke1989 dc17523be3 binaryatrocity gnusha luny BananaLotus guruvan lmacken rustyn harrigan waxwing Eliel Cory K1773R kgk warren grandmaster xapp Alanius brand0 poggy ajweiss Zouppen Krellan stonecoldpat phedny aakselrod HM s1w lechuga__ EasyAt_ yorick afdudley mm_0 Taek lnovy cdecker wiz leakypat platinuum koshii MoALTz smooth sneak
08:05:20rajaniemi.freenode.net:Users on #bitcoin-wizards: SubCreative Madars tromp_ throughnothing_ amiller sparetire_ gmaxwell Xzibit17 adams_ forrestv richardus Fistful_of_coins sdaftuar andytoshi Iriez copumpkin face nsh cfields_ wumpus mappum jbenet NeatBasisW dasource dardasaba ebfull luigi1111w jonasschnelli merlincorey [ace] eric a5m0 nephyrin null_radix Sqt mikolalysenko sturles GreenIsMyPepper harrow vonzipper berndj manan19 comboy jaromil catlasshrugged_ Apocalyptic cryptowest_ runeks__
08:05:20rajaniemi.freenode.net:Users on #bitcoin-wizards: Graet veox indolering Keefe petertodd jcorgan larraboj ryan-c jessepollak gribble tromp mr_burdell d9b4bef9 starsoccer BrainOverfl0w MRL-Relay azariah @ChanServ davout CryptOprah Oizopower epscy gwillen kinlo coryfields_ Muis catcow sl01 michagogo STRML warptangent pigeons espes__ roasbeef_ cursive Meeh fluffypony optimator livegnik AdrianG gavinandresen yoleaux nanotube luigi1111 phantomcircuit Logicwax kyuupichan Anduck wizkid057 hguux___
08:05:20rajaniemi.freenode.net:Users on #bitcoin-wizards: mariorz TD-Linux BlueMatt midnightmagic huseby otoburb kumavis artifexd yrashk SwedFTP weex
08:06:13gmaxwell:well I'm not sure a BLS tracable ring signature; but presumably like everything else its trivial with a bilinear map.
08:06:21fluffypony:how slow is slow? I mean, slow is workable as long as it isn't so slow that it opens up a DoS attack where a node is spinning and verifying
08:08:59gmaxwell:well a normal BLS signature takes on the other of a millisecond to verify (two pairing operations); it's substantially slower than ECDSA verification. Though they can be batched, and the batching gains are relatively greater because of the huge ratio the blinding to pairing costs.
08:11:02gmaxwell:(for schnorr batch verification the upper bound on the speedup from batching is pretty low, because it basically only saves you doublings; and makes you do additional scalar operations to blind which are not ~so~ far in cost)
08:15:15gmaxwell:... and while I would be super surprised if you couldn't do a tracable ring signature in a BLS like framework; I would also be surprised if it didn't break batch verification (just as the tracable ring signatures break batch schnorr)
08:31:58fluffypony:gmaxwell: re: the review process, it's a bit of a hard to solve problem. a paid-for-but-disinterested reviewer may just give the client the answer they want to hear; an unpaid-but-interested reviewer may not have the time or capacity to review; a paid-but-grossly-unqualified reviewer (the most common in the altcoin space) will spot a handful of obvious mistakes but miss the gaping design flaws.
08:33:14fluffypony:and I'm not sure formal qualifications help; does someone with a masters in comp. sci. have more competence in cryptography than someone with a bachelors in mathematics?
08:33:55fluffypony:* fluffypony ponders a "licensed to practice cryptography" system
08:34:35midnightmagic:gmaxwell: It may be useful to collate these sorts of things into a secure programming assist for folks: I personally for example find it extremely helpful to review classes of common attack when writing code. Lists of these attacks and in particular descriptions of how they work and examples, would be extremely valuable to people trying, or learning to, do better.
08:36:10midnightmagic:In this sense, we can hear about the programmers whose egos exclude them from doing better, and these are the ones we most-often hear about. But IMO there are entire legions of careful, cautious programmers who would make small steps forward if they knew more about the main ways what they're doing could be attacked.
08:40:26gmaxwell:Someone asked me about licensing (and bonding) for software engineering as a question; I said I was unsure, -- that there were a lot of downsides, in particular because the tools of software work are so accessable to everyone there is much greater harm to society to artificially restrict them. If you try to narrow to "cryptography" there is a trivial workaround, claim that nothing is cryptograph
08:40:32gmaxwell:y; which is the wrong direction I think.
08:42:17gmaxwell:midnightmagic: there are a number of secure programming advice guides that are pretty good reads (e.g. the cert one); though one thing I've looked for and not found is a catalog of actual bugs and their fixes in real software.
08:42:41gmaxwell:(I'd looked previously because I wanted to try to see if I could train machine learning to spot statistically unsafe code)
08:43:47gmaxwell:e.g. take code that just had a bug fixed, convert to an abstract representation, extract features; and teach a discriminating learner to tell the buggy and fixed versions apart.
09:57:31nsh:* nsh blinks, frowns
09:57:58nsh:less talk of permission to crypto please. it's in bad taste in the current governmental insanity climate
09:58:45nsh:more effective failure-evidence is probably to be preferred over blessings and ordination
10:01:40fluffypony:nsh: was a joke
10:02:00nsh:pardon me :)
10:03:22fluffypony:what we really need is a system like this: https://xkcd.com/806/
10:05:14fluffypony:lol: http://www.revk.uk/2010/10/xkcd806-compliance.html
10:06:57nsh:* nsh smiles
10:48:04wumpus:"claim that nothing is cryptography" similar reason as to get around e.g. crypto export restrictions
10:49:26wumpus:it's not cryptography, it's just a discrete math helping tool with very strict requirements
10:50:36midnightmagic:gmaxwell: the openbsd guys have specific classes of bugs they're looking for when they audit code, and their more experienced types (that aren't jaded and weird) often describe them *as* classes of bugs, each with its own name and references. They are consistent enough that one could probably mine at least vaguely-related chunks of commits that correct them and thus, what came before.
10:59:22wumpus:I suppose you'd need an abstract representation of what the code is supposed to do, then one could verify the buggy and fixed version against that, and the fixed version should score better. Alternatively, one could try to detect patterns of what code is *not* supposed to do, but usually a black listing approach will get a lot of false positives.
11:02:53hearn_:"I suppose you'd need an abstract representation of what the code is supposed to do"
11:02:56hearn_:that's called code, isn't it :)
11:02:58hearn_:hearn_ is now known as hearn
11:03:06hearn:just written in a higher level language
11:03:17wumpus:I imagine something more like math
11:03:41wumpus:code says how to do something, not what should be done
11:03:47hearn:right, you want formal methods
11:04:05hearn:"how to do something" vs "what should be done" is often a very fuzzy distinction
11:04:28wumpus:it's the distinction of declarative versus imparative
11:04:32hearn:e.g. when someone says "I want a program that does X" there are often a ton of hidden, implicit requirements behind that statement
11:04:51hearn:such as "and obviously I want it to run on a regular computer, and I want it to use reasonable amounts of cpu time and memory"
11:06:08hearn:if you specify your requirement as "a program that calculates X" formally and then miss out on the other obvious requirements, you can end up with a program that technically meets your requirement but is still useless. so then you have to start getting more and more specific about what exactly you want. and then eventually you end up with code. software developers are in some senses special compilers that have the -Ocommon-sense
11:06:08hearn:flag on them :)
11:06:38wumpus:but my point was that a neural network could just detect patterns, it will not find e.g. subtle deviations from the protocol or algorithm, as it doesn't have the knowledge
11:06:43hearn:but for checking things like security invariants, pairing code with the formal methods approach is probably good enough
11:07:31wumpus:you're too ambitious; I'm not trying to come up with something to replace a software developer, just a post-sanity-check :-)
11:09:36hearn:i'd be happy if our industry settled on the basic sanity checks that have been commonplace for years, things like having length prefixed strings instead of textual formats that need escaping, array bounds checking, avoidance of pointer arithmetic etc
11:09:38hearn:ah well
11:12:00wumpus:safer languages are a significant step forward, yes, some classes of issues can be avoided that way
11:14:51hearn:wumpus: we missed you in london!
11:14:55hearn:would have been cool to hang out
11:17:11fluffypony:I wonder if Cucumber would be a poor fit for that
11:17:11wumpus:yes, would have been cool
11:17:42fluffypony:although afair cucumber-cpp isn't being well maintained atm
11:19:05wumpus:and indeed, to avoid the upfront-requirements issue you'd probably want to develop that kind of specification along with the code, not separately from it
11:19:51lmatteis:hello. could bitcoin use webrtc to relay messages across the network?
11:21:31fluffypony:lmatteis: doesn't CoPay use webrtc for multisig?
11:22:37hearn:lmatteis: possibly in some parallel universe, but why?
11:22:46hearn:lmatteis: bitcoin is not a web app
11:22:57wumpus:you could level the P2P messages over any kind of transport
11:23:42lmatteis:hearn: would make sense since WebRTC is mainstream and would make it harder for ISP blocks
11:23:55wumpus:one example of an alternative transport for a specific purpose is bluematt's relay network
11:23:55hearn:webrtc isn't really mainstream compared to TCP, which is what bitcoin uses
11:24:09hearn:wumpus: that still uses p2p though, afaik? it's just a different topology
11:24:32hearn:lmatteis: ISPs can just block the entire P2P network by IP, changing the transport doesn't fix that.
11:24:50lmatteis:hearn: ugh, isn't WebRTC at a higher level than tcp/udp?
11:25:01wumpus:lmatteis: wouldn't you need a different *physical* transport if ISPs start sabotaging?
11:25:02hearn:yes, webrtc layers more stuff on top
11:25:39hearn:but why would bitcoin need that? it's just more complexity, more potential for security bugs, etc. there's no benefit.
11:25:56fluffypony:if ISPs started blocking then people in other countries could run HTTPS bridges
11:26:03wumpus:hearn: yeah, well if 'just a different topology' is enough to accomplish the goal, why not
11:26:09fluffypony:and people using those bad ISPs could connect to those
11:26:52hearn:fluffypony: indeed
11:28:13wumpus:fluffypony: let Tor handle that cat and mouse game for us
11:28:54fluffypony:wumpus: I was imagining an aggressive ISP where they only allow, say, POP/IMAP, DNS, and HTTP/S
11:29:07fluffypony:I don't know if Tor can hole-punch through that
11:29:54wumpus:I don't think trying to bridge hostile networks belongs at the application level, anyhow
11:30:16wumpus:fluffypony: their connection looks like https IIRC
11:30:41fluffypony:ah ok
11:32:54wumpus:though thinking of it, I don't think the relay network is simply another topology, it also encodes blocks differently to be able to propagate them faster
11:34:39lmatteis:but perhaps webrtc is useful for relaying traffic. imagine websites implementing it and as users browse their site they're actively relaying data around
11:35:16fluffypony:and then add a miner in and boom, you've got yourself a botnet
11:39:03hearn:wumpus: oh, it does? ok i didn't know that
11:39:24hearn:lmatteis: you don't want to use web tech for this stuff
11:39:33hearn:lmatteis: you'd just use an HTTPS CONNECT proxy
11:39:44hearn:then it works for everything and looks superficially like a web connection
11:44:58wumpus:I don't want to relay data around while I browse websites :-(
11:51:33fluffypony:* fluffypony likes DNS tunneling
11:51:35wumpus:javascript, along with all this web* nonsense should die in a fire
12:21:16fluffypony:wumpus: you mean you're not rewriting the QT client in HTML5?
12:24:10hearn:some day i will write a website that explains why the web stack sucks :)
12:25:23fluffypony:hearn: just make sure it's responsive and CSS3 and HTML5 and uses a canvas object for no apparent reason
12:25:57fluffypony:or just use this: http://html9responsiveboilerstrapjs.com
12:28:57wumpus:hearn: hehe. don't get me wrong, I think the document-based web is a good thing, I also like html5 video and such, but trying to turn websites into interactive applications, running arbitrarily fetched, arbitrary code on the user's computer is, IMO, a step too far. It's like an attack surface maximization function.
12:29:17kanzure:"cross-universe compatible"
12:30:57wumpus:hehe exactly
12:33:37hearn:pretty much
12:33:55hearn:the line between document and app is pretty blurry these days though. i don't know if there's a clear dividing line. but some stuff is pretty clearly not a good fit for the web
12:34:08fluffypony:kanzure: "attackclone the grit repo pushmerge" is my favourite
12:34:53fluffypony:hearn: you mean like every news site asking for my location and then trying to shovel push notifications to my Mac?
12:34:59hearn:right :)
12:35:03fluffypony:"Deny, remember for a day." "Deny" "Deny" "PISS OFF!"
12:35:21hearn:well it could be worse. it could be the evil EU "we don't understand cookies" banner that every website has no
12:35:32hearn:at least the browser is still under the control over that particular UX wart
12:35:37fluffypony:hah hah
12:35:39hearn:the cookie banners break even that
12:35:47stonecoldpat:that stupid banner takes up 50% of your screen on a mobile, it is a pain :(
12:35:51fluffypony:yeah the cookie banners are irritating
12:37:34wumpus:hearn: right. I don't think the line is as blurry as some hype-ers want us to believe, though. The basic idea of a document, with some embedded objects like videos, hasn't changed that much. Most of the stuff that requires special code and back-channels is creepy advertising-related.
12:37:55hearn:well, consider a world map that shows bitcoin nodes. is that a document or an app?
12:38:01hearn:you could argue it either way.
12:38:02kanzure:too ambiguous
12:38:24wumpus:a map is a document
12:38:33kanzure:not since google maps
12:39:13kanzure:i think that as a general rule, "when in doubt, resort to the most static-like content medium possible" is a good heuristic
12:39:36wumpus:but sure, the rendering code is an application
12:39:51fluffypony:then that goes into the Tim Berners-Lee "Semantic Web" stuff; just describe the content and let the user decide how they want to view it
12:40:12hearn:right. now what about a 3D globe view .....
12:40:15wumpus:there's still a fairly clear seperation betwen the two
12:40:17hearn:i guess so
12:40:21kanzure:fluffypony: you don't want to anger ted nelson, do you?
12:40:28hearn:a dedicated map/globe viewer app is the Google Earth model
12:40:39hearn:with KML being the document format. in the end not many people used it though
12:41:06kanzure:openstreetmap people did
12:41:19hearn:very strong separations between document formats/protocols and viewer implementations seem to have a hard time being competitive these days
12:41:23hearn:i guess they innovate slower
12:41:24wumpus:well there was (and is?) no good distribution medium for applications
12:41:33hearn:outside of mobile
13:41:57luke-jr_:luke-jr_ is now known as Luke-Jr
13:57:30dEBRUYNE_:dEBRUYNE_ is now known as dEBRUYNE
14:34:35lmatteis:can anyone suggest good reads regarding p2p communication; specifically what enables bitcoin clients to send messages to eachother and ensure that all connected clients get the information?
14:34:50lmatteis:i think it's called gossip protocol - but it'd be great if there was a nice survey of the current state-of-the-art
14:54:00justanotheruser:lmatteis: what exactly are you asking? this may be helpful https://en.bitcoin.it/wiki/Bitcoind#Theory_of_Operation
15:16:18kanzure:lmatteis: http://www.serfdom.io/docs/internals/gossip.html
17:52:31xenog:xenog is now known as Guest65779
17:52:31xenog_:xenog_ is now known as xenog
17:53:10xenog:xenog is now known as Guest76206
17:53:10xenog_:xenog_ is now known as xenog
18:16:34Taek:Is there a strong resource for learning about why privacy is important? I'm struggling to find resources for my friends in the 'nothing to hide' camp.
18:19:53gmaxwell:I give a number of exaples (e.g. in my presentation last night); for the importance of basic privacy for money; I've never encountered any serious counterarguments to them. ... and its telling that there exists no system of money without at least basic privacy (except, perhaps, bitcoin when used poorly)
18:22:13Taek:In particular, I'm finding it difficult to explain why you might hide from a state adversary. Perhaps that's less relevant to this channel.
18:22:42aakselrod:perhaps if you lived in russia, you wouldn't be asking this question :P
18:24:39aakselrod:people have gone to jail in russia just for browsing sites detailing evidence of russia's invasion of eastern ukraine
18:25:46aakselrod:i've seen russians ask for help running a bitcoin client in a way that's invisible to their ISP so they can buy VPN services abroad to avoid such a fate
18:27:43andytoshi:Taek: there are some good examples in hearn's old article http://www.coindesk.com/merge-avoidance-privacy-bitcoin/
18:30:23tromp:possibly relevant: http://chronicle.com/article/Why-Privacy-Matters-Even-if/127461/
18:31:21zooko:Taek: EFF writes many good articles that touch on that topic.
18:31:56dEBRUYNE:Also possibly relevant -> http://www.ted.com/talks/glenn_greenwald_why_privacy_matters
18:32:05zooko:Here's another, newer, resource: https://openitp.org/sup/
18:32:31gmaxwell:Taek: Hiding from a state attacker has a subset of the justification. I also had a second slide specifically to talk in terms of state attackers; but essentially without the freedom to speak against the current state direction (including the spending required to facilitate that speech) you cannot have a democracy, because the public can never demand change;
18:33:04Taek:* Taek takes thorough notes
18:35:52gmaxwell:Another point to make is that all this is basically orthorgonal from criminal stuff; criminal-businesses can afford to buy privacy at a high cost; they'll do whatever they need to do, regardless of the technology and policy (in money laundering, I understand losing half your money in the process is pretty good). The public will only have privacy if its automatic or at least very cheap.
18:36:05zooko:gmaxwell: excellent argument.
18:36:17zooko:gmaxwell: a data point I like to make about that is the HSBC scandal.
18:36:53zooko:Mexican drug lords laundering $10 bn can afford to work the system.
18:37:46kanzure:"nothing to hide"... hardly. even temporary public surveillance means data can be reused indefinitely, by anyone that may either now or in the future wish to target you.
18:38:45gmaxwell:It's also not especially politically contoversial; at least in the US across the full set of the political spectrum we do generally reconize the freedom to be let alone by the state as integral to free speech, and free speech to be integral to free society. We just sometimes fall down on the details because politics is sometimes reactionary.
18:38:53gmaxwell:kanzure: or misconstrued in the light of future data.
18:39:20kanzure:oh right, potential future inferences. have fun, guys.
18:39:23nsh:you can make a pretty simple economic argument: your privacy is a whole bunch of other people's big business
18:39:34nsh:and if they value it, maybe you should
18:39:48nsh:otherwise you might be getting blankets for the great plains
18:40:31kanzure:i was reading an eff thread the other day and their explanations and arguments against "nothing to hide" were surprisingly poor.
18:40:46kanzure:astonishingly poor. that should be a faq on their site or something.
18:41:44arubi:a good argument might be, "do you want your neighbors' using kid your wifi hotspot?"
18:42:04arubi:er, switch using and kid there. can't think of a one liner
18:42:25arubi:s/using kid/kid using/
18:45:02kanzure:that is not a good argument
18:45:40arubi:okay then.
18:46:19kanzure:people will think you are talking about economics and money ("why should i care if someone is helped by my network?")
18:47:44arubi:well that's not what I meant obviously. I was talking about the simple case of why encryption and privacy are important
19:12:49jcorgan:the best i've seen is to get rid of the stigma of the idea of "having something to hide." Everyone has something to hide, it's why they have curtains on their house windows, why they don't publish their banking details, why there is attorney-client privilege, etc.
19:15:18andytoshi:AC privilege is only for criminals ;). confidentiality between a therapist and client is maybe a better example
19:15:59gmaxwell:Also; sure you might not USUALLY have something to hide, sure, but you have to be prepared for the few things that ought to be hidden-- or it won't be, and once a secret it out it can never be taken back.
19:53:20kanzure:jcorgan: i think that is a poor argument too, for the following reasons- there are many people that do not have curtains and are perfectly happy with that, but they are also still interested in preserving certain perfectly-normal data against asymmetrically-powerful adversaries.. even without curtains.
20:03:01fluffypony:Taek: there was an editorial David Latapie wrote on it a little while ago, here - https://forum.getmonero.org/1/news-announcements-and-editorials/191/editorial-the-value-of-privacy
20:14:33jcorgan:lol that gmaxwell is quoted for the part about porn, and the rest of the editorial is basically parroting what else he said
20:15:25hearn:jcorgan: gotta be careful with such arguments. people don't tend to publish their bank balance to the people around them, but they understand and accept that the government knows it.
20:15:31wumpus:well as is said, you may have nothing to hide, but you certainly have something to protect, and leaking (some kinds of) information into the open makes you vulnerable to unscrupulous people. It's a kind of hygiene.
20:15:48hearn:jcorgan: usually "nothing to hide nothing to fear" is an argument about government access to information
20:16:21hearn:jcorgan: moxie has the best discussion of this i've seen so far. http://www.thoughtcrime.org/blog/we-should-all-have-something-to-hide/
20:17:38gmaxwell:hearn: In the US there are a multitude or protections that limit the governments access to your financial records and restrict what they can do with the areas they can access; Some of these have been eroded by the rise of electronic banking, and by more recent anti-terrorism activity; but at least from a US historical and cultural perspective it is incorrect to say that everyone expects their fi
20:17:45gmaxwell:nances are transparent to the government.
20:18:42gmaxwell:hearn: in the case of things related to bitcoin though there is an extra bit of confusion in that people think that having privacy from no one might be acceptable just because it is often acceptable to have the bank or the government see your records (without constraint or otherwise)
20:19:06hearn:i think that would be true in switzerland where the government actually doesn't have any access to banking records, to the extent that tax evasion (by swiss people from their own govt) is quite common. i've not heard of such things elsewhere, people assume that you can't receive large payments into a bank account, not declare them and be undetected for long.
20:19:25instagibbs:"andytoshi: AC privilege is only for criminals" <--- the mere fact that the public doesn't understand why we have AC privilege says a lot
20:20:18hearn:certainly the fact that banks report suspicious activity means that seeing banks as private against governments doesn't hold much water
20:20:48instagibbs:it certainly doesn't have 4th amendment protections that we enjoy in other spheres of life.
20:22:18fluffypony:speaking of quoting gmaxwell
20:22:44fluffypony:Darkcoin/Dash has taken the "Cryptography is all that technology by which we hope to confine and constrain the nature of information" definition to mean that they are cryptographically sound
20:23:05gmaxwell:dear lord.
20:23:25fluffypony:well it leads to chuckles, so there's that
20:23:55gmaxwell:(kat is asking why I'm laughing now)
20:24:35instagibbs:"For example, you have claimed InstantX is just Bitcoin's Green Addresses, which it isn't. From reading the description it is clear they are very different, as a Green Address recipient has to trust the previously published sending address not to double spend whereas InstantX is trustless."
20:24:38instagibbs:ok im rolling
20:24:53zooko:+1 for moxie's blog post
20:24:55fluffypony:instagibbs: I know, right?
20:25:19instagibbs:which post is that zooko ?
20:26:03zooko:That guy is such a good writer.
20:28:07instagibbs:Privacy as shield against capricious prosecution. <--- yeah that's a good one
20:28:30gmaxwell:hearn: In the US do not use proactive monitoring of accounts for anti-tax evasions purposes. I've randomly bounced large amounts of money between various forms all the time between accounts and otherwise, moving between instutions and etc.. none of it is itself tax reportable, none of it goes on my taxes; most is not reported to the IRS under any regulations (though some do get reported elsewher
20:28:36gmaxwell:e for non-tax reasons). If I'm audited they might want to see account records and I may have to explain some of it, but it would be after the fact in an existing audit. I think its a very sensible strategy: people's privacy is protected; there is some tax evasion, but its kept small by serious penalitys; we don't need active monitoring to spot evasion, most of what it would return would be false
20:28:36hearn:it's struck me during the whole post-snowden years that politicians are totally incapable of understanding what big data analytics can do
20:28:42gmaxwell:positives (E.g. in my case).
20:28:49gmaxwell:"It's just metadata!"
20:29:32kanzure:"no it's just a *copy* of the data"
20:29:39hearn:gmaxwell: yes, *if* you ignore that the US Treasury has a record of every single financial transaction made around the world (ignoring cash/bitcoin obviously), and so does the NSA, and that the moment the goverment is interested in your banking records they can get them with a subpoena
20:30:04hearn:gmaxwell: my point is, people don't think of banking as being private from the government because they know that the government can view the records of "bad people" on demand, more or less.
20:30:12wumpus:yes, it's just a summary of the interesting parts of your communication, not the whole of it! :)
20:30:48hearn:so saying "you wouldn't publish your banking details to the world" isn't a very compelling argument to most people when talking about crypto or bitcoin, because they tend to say "i don't want random strangers to see it, but i'm fine with the police having access"
20:30:53gmaxwell:hearn: yea, but on demand, under conditions, in hopefully controlled and regulated ways is not the same has having no privacy. :)
20:30:55hearn:which isn't easily implementable in crypto systems
20:31:10hearn:i mean it can be done but in practice nobody does
20:31:32fluffypony:hearn: Monero does, you can give the cops / gov'mint your viewkey
20:31:54hearn:gmaxwell: yeah sure, but i think that the existence of the Treasury program (TFTP) means the old world has effectively gone
20:32:12gmaxwell:hearn: for tax reasons we do have a tidy solution; basically in tax audits in the US the burden of proof is largely on the tax payer to show their funds were accounted for and correctly tax paid-up. So successfully hiding your records is not so helpful unless they are completely invisible (no shiny boat in your slip).
20:32:14hearn:fluffypony: "can" != "must", i assume?
20:32:25gmaxwell:For things other than tax, not quite so much.
20:32:34fluffypony:hearn: yes, it's opt-in not opt-out
20:32:50zooko:hearn: I think you're using a different standard for cryptocurrencies than for other systems here.
20:33:15hearn:* hearn is currently in an argument with a UK guy who is designing some kind of every-tx-requires-mandatory-id-verification alt coin, and he doesn't seem to grok the difference between tax avoidance and evasion
20:33:16zooko:If a cryptocurrency made it so that you *must* disclose certain things to the government, that would be much *more* transparency than any comparable thing, wouldn't it?
20:33:20zooko:Not equivalent transparency.
20:33:25phantomcircuit:zooko, lol @ killing a lobster in self defense
20:33:34zooko:phantomcircuit: WHAT ARE YOU TALKING ABOUT
20:33:44phantomcircuit: http://www.thoughtcrime.org/blog/we-should-all-have-something-to-hide/
20:33:49phantomcircuit:didn't read it i see
20:33:53hearn:zooko: i guess it'd be the same as banking?
20:34:04zooko:phantomcircuit: I did! But a while back.
20:34:13zooko:Don't have a perfect memory, I see. ☹
20:34:15zooko:Getting old.
20:34:23zooko:hearn: seems to me it would be close to that.
20:34:36wumpus:it's also funny how those schemes always assume that there is only one government
20:34:51zooko:wumpus: Yeah.
20:35:05fluffypony:zooko's memory triangle: memories can be clear, beautiful, true. pick 2.
20:42:52wumpus:in any case revealing your banking details to the world is infinitely worse than just having them available to a government, "you wouldn't publish your banking details to the world" doesn't become any less of a compelling argument due to that
20:47:15wumpus:ie if the only reason to put up curtains would be to prevent the government from peeking, I'm sure many people may neglect doing that, they may not deem it worth the cost. But it's about the other people.
20:48:40instagibbs:if the govt rolled up vans to each and every home you may see a difference in behavior :)
20:50:38zooko:I think most people, at least in the better-governed countries, are okay with "the government" being able to see their transactions, but not with their next door neighbor being able to see them.
20:51:50kanzure:asymmetrically powerful adversaries always warrant asymmetrical caution
20:52:22zooko:One rhetorical technique I'm interested in is directing people's attention to other governments.
20:53:47fluffypony:it's easy when you live in South Africa, our government is so openly messy that we focus on other governments as a default :-P
20:54:48zooko:What I meant was: sure, you're okay with the people, and the policies, of your government having access to your financial transaction records. Now what about the government of France? How about Russia?
20:57:09hearn:i think arguments based on more personal stuff work better
20:58:39hearn:"the UK has tens of thousands of men alive today with criminal records, for being gay. imagine if society had today's technology in the 1960s. do you realise that GCHQ could algorithmically identify almost all sexually active gay people and the government could round them up/jail them all, in one massive overnight operation?"
20:58:50kanzure:hearn: perhaps racial persecution would be appropriate?
20:58:57hearn:"can you imagine what that would have done to the progressive movements, when suddenly there is no longer anyone to fight for or anyone to speak up?"
20:58:59kanzure:er, i mean, as a personal example
20:59:55hearn:it's very clear that British politicians at least, probably american ones too, cannot actually imagine how effective data analytics are. they're stuck on this notion that because the intelligence agencies don't have infinite people, they can only engage in surveillance against a tiny minority, so it's all safe and there's nothing to worry about
21:00:22hearn:the idea that a team of 3-4 software engineers could do en-masse surveillance to enforce social policies hasn't penetrated their minds yet. probably ...... that's a good thing
21:00:24phantomcircuit:hearn, that argument is extremely effective with second amendment supporters who otherwise do not care about government surveilance
21:00:34hearn:which one is the second again?
21:00:55hearn:well that's rather US specific. i like examples that work in any western country :)
21:01:22zooko:hearn: I find that extremely compelling, myself. Not sure if a large set of other people do.
21:01:23wumpus:yes, better to not remind them if it. If they're anything like the dutch government the reply would be more 'oh cool we want that too'
21:01:42zooko:gotta run…
21:02:51wumpus:like the whole Snowden affair, it only gave them ideas and made them propose more funding and authorization for the intelligence agency, after all the others are doing it too and we can't stay behind can we
21:08:26petertodd:zooko: speaking of, I've seen more than one "national blockchain" proposal lately, and they tend to include things like requiring full receipts to be included in transactions so not only will the governments know exactly who is sending money to whome, but also, for what
21:09:20petertodd:zooko: fortunately I've been able to turn down such contracts on grounds other than ethics so far - could be an ugly conversation...
21:10:20fluffypony:Federated Federal Chains?
21:10:29petertodd:fluffypony: basically yes
21:10:59petertodd:fluffypony: of course, keep in mind that many regulators/banking types believe having crypto at all in these systems is fundementally unacceptable, because it prevents you from lying
21:12:06petertodd:fluffypony: e.g. a recent conversation I had in NY was along the lines of how hugely disruptive it would be ifyou could prove your bank account balance to others - really messes with how the regs are written re: seizing funds, as often seizures happen secretely, even to the account holder
21:13:56fluffypony:yeah a lot of cryptography doesn't gel with the way regulations are built
21:14:34fluffypony:nothing is "proven" in the truest sense of the word, everything is overly-laden with trust
21:15:13fluffypony:eg. evidence has a chain of custody that requires that you trust each person behaved
21:15:35petertodd:fluffypony: yup! a great example I ran into recently was for a company doing a bitcoin bank card: their interface to the bank card processing company was over an encrypted VPN, but beyond that there was absolutely no way to prove which side got hacked if anything went wrong
21:16:40petertodd:similarly, I've had a few people at banks tell me they actually have blanket prohibitions against systems that make cryptographically signed statements because of legal reasons - that VPN setup may have been delibrately engineered to be unauditable
21:20:59Taek:I like this: "Software testing is making sure your program does what it's supposed to, security testing is making sure that's all it does."
21:21:58wumpus:yes, that's very apt
21:23:27petertodd:Taek: ...and the attacker can create conditions to exploit bugs that are as unlikely as getting hit by lightning twice during a shark attack... in Idaho.
21:24:09gmaxwell:There was some additional stuff I only said that isn't on the slides which you might enjoy.
21:24:20gmaxwell:when the video is up I'll transcribe it.
21:27:33gmaxwell:e.g. I made a point that people often underestimate how fast computers have become; as their speed is mired in layered software; an attacker armed with a conventional computer is like having a army of a billion imbeciles; they may be imbeciles but you have a billion of them, and thats before you get a 100k node botenet. This favors attackers because you only need to cut the haystack to an unimag
21:27:39gmaxwell:inably large size before you can just search it exhaustively with your billion imbeciles.
21:30:18petertodd:I made an artwork about that actually, showing visualy how even a single, slow, computer can do in literally a blink of an eye is what a human can do in a lifetime
21:32:01gmaxwell:There is a really interesting tedtalk on peak oil which was influential on my thinking here; the speaker holds up a pint of crude oil and explains how its the enegeretic equal of some number of weeks of hard manual labor; explaining that how the more oil a society uses the more prosperous it can be, because its burning up ultra cheap stored labor. ... if you redo the comparison with computing tho
21:32:07gmaxwell:ugh the result is far more mindblowing.
21:33:11gmaxwell:e.g. cpu chip that costs a few bucks to make marginally, and can run forever on a solar sell is the number crunching equal of the worlds population several times over; and it never gets tired and will probably work for hundreds of years if cared for well.
21:37:28petertodd:nuts really
21:38:10petertodd:yet at the same time, there's still speculation that the "raw" processing power of the human brain is on par with things like "all of google's computing power" - it's just that it has highly specialized parallel architecture and software, so to speak
21:39:04gmaxwell:sure, but not actually useful for specialized tasks like breaking cryptosystems. The fact that computing power is so qualitatively different from mental power is part of the reason we underestmate computers at tasks for which they're well suited (and we're not).
21:40:12petertodd:not *yet* useful - it's well within the realm of possibility that highly advanced genetic engineering will lead to biological computers that make our current computers look pathetic.
21:40:59petertodd:of course, cryptosystems often have pretty strong bounds like "to brute force AES will require computers made of something other than matter that occupy something other than space" - it's only your shitty passwords that are at risk :)
21:41:17aakselrod:* aakselrod starts developing chocolate-powered miners
21:42:46gmaxwell:petertodd: yea, the thing people miss sometimes is that a compromise doesn't have to break it completely, it just needs to reduce the search space enough; but the search space can still be huge.
21:44:30petertodd:gmaxwell: yup, e.g. the sha1 break, with an estimated ~$1million to create a SHA1 hash collission that no-one has (as we know) spent the money to actualy do
21:45:00gmaxwell:DJB told me someone is working on that now.
21:45:14gmaxwell:I guess I should ping him for contact info to make sure they can claim the bitcoin bounty.
21:45:16petertodd:oh good! I really, really, hope they publish first by collecting that bounty
21:49:44petertodd:unrelated: has anything else done any low-level analysis of the Ripple codebase? I noticed that if you add extra, non-existent, validators to your UNL your node still accepts the consensus, which looks like it only includes "live" validators in the consensus determination, which then means you can be sybil attacked
21:52:40gmaxwell:petertodd: I believe you've answered your own question.
21:53:09petertodd:gmaxwell: not quite - I didn't and can't answer the question "has anyone else..." :)
21:54:02gmaxwell:It just seems like a realy severe and obvious issue that you'd expect to unconver without actual auditing, just via operation. As in "why am I still up while partitioned".
21:54:44gmaxwell:petertodd: what you described could be a one way latch though; e.g. only count it after its gone up at least once.
21:54:53gmaxwell:Which would be less of an issue.
21:55:13petertodd:yeah, I think it's one of those things where the tooling required to actually do those tests doesn't exist - there doesn't seem to be an equivilent of python-bitcoinlib for ripple
21:55:25petertodd:so people don't notice this stuff
21:55:38kanzure:you could do those tests without python-bitcoinlib. you'd still have to write code, though.
21:56:05petertodd:gmaxwell: yeah, I was wondering if it was a one-way-latch too, although even that's kinda scary if you get sybilled from the beginning
21:56:35petertodd:kanzure: yup, and when your client is getting billed $$$$/hr there's a strong temptation to base your report on theories :)
21:57:17petertodd:kanzure: I've already had to ask them twice for direction for what they want to focus on to keep costs reasonable :(
21:57:36gmaxwell:petertodd: there is a trivial difinitive test; bring up a host, and then iptable off all but one of its trusted parties.
21:58:14petertodd:gmaxwell: ripple does have a flood-fill network, so doing that isn't possible with just iptables
21:59:01kanzure:petertodd: did you happen to read https://news.ycombinator.com/item?id=9341687
21:59:23kanzure:i meant this subthread https://news.ycombinator.com/item?id=9342348
21:59:49gmaxwell:ah yea so thats a pain to configure.
22:00:20petertodd:kanzure: I did! on both counts - I thnk an important thing I'll be talking about is "lets assume the UNL idea works - what incentive does anyone have to *not* use thedefault UNL?"
22:01:02petertodd:kanzure: remember that your node still *validates*, the only difference is you might accept a different consensus, which is really bad - best to just do what everyone else does and use the 5 validators...
22:01:03kanzure:what sort of testing infrastructure is ther ealready?
22:01:45petertodd:kanzure: looks to be just unittests, plenty of them, but not tooled in a way that's easy to experiment with. Even basic documentation like "what exactly is the blockchain data structure?" is really hard to get w/o reading a lot of code
22:02:00kanzure:sounds like you'd have to start with lots of shitty bash scripts, have fun
22:02:24kanzure:you may be interested in http://amoffat.github.io/sh/
22:02:40gmaxwell:petertodd: so for that test, perhaps modify the signature verification code to reject all signatures with particular keys?
22:02:53gmaxwell:(though maybe that will cause peer disconnection)
22:03:07petertodd:kanzure: well, mostly I've been reading the code and taking notes - it's a fair bit less readable than bitcoin core, and there isn't a clear bondry between consensus and non-consensus code :(
22:03:31petertodd:gmaxwell: oh! that's a good idea, but yes, I'm 90% sure that'll cause peer disconnection
22:04:25kanzure:petertodd: one of my tricks for reading code is to read the code at some point in the past, instead of recent. because in the past there is slightly higher chances of there being less code.
22:05:13petertodd:kanzure: haha, good idea, though here it looks like they may have made fairly significant consensus-critical changes
22:05:34petertodd:kanzure: I've done that a lot for the Bitcoin Core codebase though - v0.3 is especially readable, and "modern"
22:06:07petertodd:kanzure: yes - they have done "flag days", but time-based. Also nodes don't download full history, so you can get away with a lot.
22:06:58gmaxwell:yea, it's not history validating. thus the 'altcoin attacks'; if they'd really opened up the UNL membership you can bet that the unspent initially created ripples would have been largely reassigned by now.
22:12:43fluffypony:the sort of thinking that validates Ripple as a *crypto*-currency is the same thinking as a "Bitcoin Floundation" member saying this rubbish: "I'm telling you, when we look back 20 years from now, Vitalik is going to be seen as one of the most important human beings in the world. He's more than a genius—he's a genius among geniuses."
22:12:55fluffypony:oh sorry, Bitcoin Floundation *director*
22:13:01fluffypony:(src: http://www.details.com/culture-trends/critical-eye/201502/bitcoin-digital-currency-investors?currentPage=1)
22:17:11jcorgan:i'm convinced now that the vast majority of non-technical people must think everything around them works by magic, so anytime they see something they don't understand, they can't tell the difference between genius and bullshit
22:17:36fluffypony:jcorgan: magnets...how do they work?
22:18:50hearn:jcorgan: https://www.youtube.com/watch?v=OvmvxAcT_Yc
22:18:50fluffypony:jcorgan: http://knowyourmeme.com/memes/fucking-magnets-how-do-they-work
22:19:06fluffypony:seriously though, that Details article made me irrationally angry
22:19:26fluffypony:wtf has Brock Pierce done that makes him deserving of the title "the godfather of bitcoin" ?
22:19:49fluffypony:even though academically I know it's a PR exercise, it still irks me
22:19:52jcorgan:almost everything i read these days makes me irrationally angry. it's a good sign i'm firmly entrenched in middle age
22:20:33jcorgan:see what all you youngins have to look forward to?
22:20:52jcorgan:if i had a TV in my house i'd be yelling at it
22:21:11kanzure:no you see i'm getting all the rational hatred out of my system *now*, so that later there wont be anything hateworthy, it's simple
22:27:31jcorgan:i'm just bitter. the singularity should have happened by now, and i'm running out of time :)
22:28:13jcorgan:instead of post-AI paradise we have dogecoin
22:29:06tromp:post-Ai does not paradise make
22:29:23gmaxwell:"Much technological progress, very excite" (Kat)
22:30:07fluffypony:Such cryptography. Much decentralisation. Wow.
22:30:15gmaxwell:Oh well could be worse; -- see also Friendship is Optimal (A novel based on the premise of a My Little Pony MMORPG being powered by a superhuman AI)
22:30:40jcorgan:actually, all the deep learning stuff coming out in the last five years really *is* exciting
22:31:13gmaxwell:(And the worst part of it are all the reviews left by my little pony fans who read it but don't realize that its a horror story / cautionary tale)
22:34:02kanzure:jcorgan: waiting for a singularity is a bad strategy
22:34:18ajweiss:what if the singularity has already happened...
22:34:30ajweiss:call it the emergent behavior of humans glued to the internet
22:34:30kanzure:here, have some elon musk propaganda http://images.bwbx.io/cms/2012-09-13/features_elonmusk38__01__405inline.jpg
22:34:42instagibbs:can't be true, the Nerd Rapture wouldn't leave any wizards with beards behind
22:36:23jcorgan:i've never had a gmax-class beard, but there's still time :)
22:36:26fluffypony:* fluffypony likes Elon Musk
22:36:31fluffypony:but only cause he's ex-South African
22:36:39fluffypony:otherwise I'd probably think he's a prat
22:36:59instagibbs:deep learning stuff is pretty cool, just because we're finally getting "good enough" narrow AI for lots of things
22:37:57kanzure:my alternative opinions about "waiting for a singularity" are documented loosely here http://diyhpl.us/wiki/declaration
22:38:26ajweiss:i don't know a whole lot about it.. i always just assumed it was neural nets for classification scaled up on today's fast computers
22:38:40gmaxwell:need faster computers... I sometimes worry that there is something of a gap where making computers faster isn't very commercially interesting because existing applications aren't improved much by it, but future applications are still not yet feasable... and I think we're seeing some of that playing out with more computing moving to mobile devices and leaving costly 'enterprise' hardware as the al
22:39:35instagibbs:ajweiss: sort of. Lots of power increase on GPU, some theory, and lots of little tricks
22:39:42jcorgan:ajweiss: there were a couple "structural" changes in how to train multi-level neural networks in 2006 that re-ignited the field. also GPUs.
22:39:50instagibbs:Without the tricks they all still fall apart
22:40:21kanzure:gmaxwell: red herring; "faster"
22:40:34ajweiss:does it beat svm/kernely stuff significantly?
22:40:52gmaxwell:SVM stuff just has the benefit that the training always converges.
22:41:20gmaxwell:But there is a lot it cannot model, and its models are often ill-conditioned and easily overfit.
22:41:24fluffypony:* fluffypony checks the time
22:41:28fluffypony:gmaxwell: do you even sleep?
22:41:35kanzure:at the moment brains are the only things we know to do vaguely relevant things, so here is some stuff about biologically-accurate emulation of brain matter http://www.fhi.ox.ac.uk/reports/2008-3.pdf
22:41:38gmaxwell:fluffypony: hm, I'm in pacific time.
22:41:47instagibbs:SVM are convex, which is always nice
22:42:33gmaxwell:If you minimize the support vectors you get an RVM, and thats back to non-convex optimization (and quickly intractable)
22:42:33kanzure:also one of my favorite presentations from the blue brain project is transcribed here http://diyhpl.us/wiki/transcripts/markram-2006/ (although the actual video is also good)
22:43:03fluffypony:must just be a coincidental timezone overlap; I'm UTC +2 and you seem to be up all the time when I am
22:43:06instagibbs:hmm I should read on relevance vector machine, I forget what it does
22:43:16gmaxwell:I still think that ANN-ish techniques get far too much attention just because they're named "neural network"; I usually prefer to call them MLP instead.
22:43:36ajweiss:i always understood it as a kind of regularized svm
22:44:02instagibbs:gmaxwell: no doubt but they get fantastic results and just get better with more data :)
22:44:11jcorgan:gmaxwell: i just refer to them as algorithms, for the same reason
22:44:12fluffypony:* fluffypony read ANNouncement thread on Bitcoinalk, and My Little Pony, into that sentence
22:44:36kanzure:yes there is a strong bias towards not looking at the brain for some reason
22:44:57kanzure:i admit life would be easier if brains weren't s ridiculous but that's what we have to work with.....
22:45:16ajweiss:yeah but do they actually do well on whole new classes of problems, or is it just a few pct better on problems that already go pretty well?
22:45:37kanzure:also http://fennetic.net/irc/human_chimpanzee_brain_differences.png
22:46:25gmaxwell:ajweiss: rvm? it works on things that SVM just produces trash on; but the training is intractable on big data sets.
22:47:00ajweiss:naw, fancy new "deep" neural nets
22:47:17gmaxwell:kanzure: because nature works its way into local minima, and the things its optimizing for may have little advice to give for our very differently constructed computer code.
22:47:54gmaxwell:ajweiss: they work on problems that old approaches just get stuck on.
22:48:01jcorgan:kanzure: intelligence via evolved protein-based replicators in competition has arrived at what we have; i suspect this is but one local minimum and it can be achieved different using different media
22:48:22kanzure:gmaxwell: yes but it's an existence proof; otherwise we run into some really really hard selection problems see http://diyhpl.us/~bryan/papers2/ai/How%20hard%20is%20artificial%20intelligence%3f%20Evolutionary%20arguments%20and%20selection%20effects%20-%20Shulman%20-%20Bostrom.pdf
22:48:54kanzure:jcorgan: so what? i would be extremely happy with a very retarded but thoughtful computer. that's a very good start.
22:49:04gmaxwell:Keep in mind that back-propagation is pretty much just Newton's method; it's a purely local optimization. The new approaches merge weaker classifiers.
22:52:58jcorgan:kanzure: i think of it like this--birds evolved flight over many eons, but once understood we recreated something similar and then surpassed nature in a few decades.
22:53:04gmaxwell:there is a bunch of machine learning activity now where someone comes up with a useful technique in one domain (e.g. adaboost over random decission trees) and then people go do the 'morally equal' thing to other kinds of machine learning ('deep belief networks' for MLP/RBM)
22:53:19gmaxwell:(I don't mean that to sound negative, its a good way to make progress)
22:55:34kanzure:jcorgan: what about it?
22:55:56jcorgan:just a counterpoint to the Bostrom article
22:56:17kanzure:you are cheating though, you said "once understood"
22:56:18jcorgan:(haven't read the whole thing)
22:57:17kanzure:yes, if we understood things i'm sure we could improve on things we understood.
22:59:07jcorgan:sorry, i don't follow your argument
23:06:51kanzure:"i suspect this is but one local minimum and it can be achieved differently" and then you said "once understood we recreated something similar and then surpassed nature"... like yes, once we understand something things work out great. sure. but we don't understand. so biologically-accurate emulation is one of the only available options.
23:12:40jcorgan:we don't understand how general intelligence works, so we investigate in different ways until we do (or give up as not understandable.) but i can't tell if you're saying that biologically accurate emulation is (one of) the only option(s) for performing that investigation, or it is the only option for implementation?
23:14:21kanzure:it is one of the few options. i would be very cautious to assign other methods to this category, especially ones that do not involve probing brains and squishing neurons.
23:17:33ajweiss:most of the imaging modalities we have in neuroscience are still pretty crude
23:18:52ajweiss:it pretty much amounts to pointing an infrared camera at a computer from 20 feet away, blindfolded tapping of a few traces at a time and blindfolded excitation of a few traces at a time
23:19:18ajweiss:at least in vivo
23:21:05moa:does the Turing test imply self-awareness or some level of consciousness?
23:21:16ajweiss:i don't think any real progress is going to be made until there's an imaging breakthrough where we can image the dynamics of billions of neurons, or perhaps the whole thing
23:21:42aakselrod:http://neurosciencenews.com/staining-method-brain-mapping-1953/ <-- recent imaging development (only used on dead brains, though)
23:22:14ajweiss:yeah there's a lot of ex vivo stuff coming out
23:22:22ajweiss:but the dynamics are where the magic happens
23:22:31moa:humans don't know how to count until they are taught
23:24:07ajweiss:but they do develop their percepts from sensory input pretty much just by being stimulated
23:25:13moa:you have to consider the possibility that intelligence is seated on consciousness ... and then it gets pretty hand-wavvy after that
23:26:29ajweiss:i'm pretty sure that it's impossible to use the c word without a bunch of hand waving
23:27:51gmaxwell:* gmaxwell dooms you all to get stuck at a dinner party with John Searle
23:31:32kanzure:moa: nobody has ever been able to demonsntrate the existence of consciousness
23:31:34moa:ajweiss: i thnk using the intelligence word implies the hand-waving because it is so difficult to define
23:31:52moa:babies are conscious before they can count
23:32:04moa:computers know how to count when they are built
23:33:17moa:so we are back to the question of wether the Turing test implies self-awareness or consciousness of some form ... as that is the "best" definition out there for "AI"
23:34:06kanzure:jcorgan: fwiw we had kites for many centuries
23:39:51moa:so I guess adult chat bots are leading the way in AI? (porn built the internet, etc)
23:40:40moa:probably a bitcoin business in there somewhere
23:41:46smooth:moa: ai scammer bots
23:42:20moa:the oldest profession, scamming
23:43:04wumpus:moa: do computers 'know' how to count? in a way that's like saying that because neurons 'count' electrical impulses, at a low level the baby does count, they're just not aware of the low-level processes :)
23:43:06sneak:how does the locktime'd refund safety tx for a 2of2 multisig payment channel exist for the refund to the first party if the inputs to the funding of the multisig address aren't on the chain yet?
23:44:35moa:wumpus: good point, maybe we already know how but need to re-learn? like a trained bot might have to
23:45:06moa:they said euler could add subtract multiply huge numbers in his head as effortlessly as breathing
23:54:02moa:maybe consciousness is like a VM, would explain multiple personality disorders
23:57:12wumpus:consciousness is just not well-defined, you 'feel' that you are conscious, but you cannot distinguish whether others are conscious or just meat robots evolved to act like they are