00:01:49 -!- augur has joined.
00:02:42 -!- augur has quit (Remote host closed the connection).
00:04:09 <Phantom_Hoover> Remember that company we thought owned the world until we looked closer and realised they only owned like a percent of it?
00:05:30 <pikhq_> Don't remember at all.
00:08:37 <Phantom_Hoover> I remember that 'deposit-" and "company" were there somewhere.
00:36:40 -!- augur has joined.
00:45:34 -!- kinoSi has quit (Read error: Connection reset by peer).
00:45:44 <shachaf> zzo38: "just intonation" is a tricky thing for sufficiently complex music.
00:46:01 -!- kinoSi has joined.
00:46:22 <shachaf> You might in some cases have a lot of similar notes that are all approximated by the same eqaul-temperament note. So maybe that would compress worse?
00:46:25 <oerjan> i don't see why it should be so tricky, it's just intonation
00:47:36 <kmc> "Then there's the nondescript design, and the marriage of necessity to business features like the TrackPoint (the red nub in the middle of the keyboard). The nub especially feels extraneous for most users now that the trackpad actually works the way it should, but business being business, alienating a mass of outmoded users isn't going to fly." -- gizmodo
00:47:41 <kmc> wow gizmodo you did not just say that
00:49:11 <shachaf> kmc: I didn't know I was a business user. :-(
00:49:25 <kmc> apparently anyone who types a lot and dosen't want to get RSI from reaching to the mouse is "outmoded"
00:49:25 * shachaf doesn't use a ThinkPad at all anymore, actually.
00:49:37 <shachaf> But when I did I preferred the TrackPoint® to the touchpad.
00:50:19 <kmc> what do you use now?
00:51:17 <pikhq_> Urgh. Trackpoint's really kinda handy if you need small amounts of mouse movement.
00:51:43 <pikhq_> A touchpad's a bit better if you're going to be primarily mousing. Or, y'know, a real mouse.
00:51:45 -!- Rain777 has joined.
00:51:47 <ion> Yeah, the Thinkpad nipple is awesome.
00:52:04 <shachaf> A Dell XPS 15. It's not as good as the ThinkPad but it works.
00:52:17 <pikhq_> Of course, you can just use *both* depending on what's optimal for your current task.
00:52:48 <kmc> yeah, my current machine has both
00:52:55 <ion> Small touchpads are horrible. Tap-to-click is horrible as well. Apple touchpads are almost as good as nipples, though.
00:53:17 <pikhq_> Heck, for a wasd-style game the Trackpoint is pretty awesome I'd imagine...
00:53:24 <kmc> i use the trackpoint when i need a bit of mousing in the middle of writing something
00:53:36 <kmc> i use the touchpad when i'm just reading websites, mostly because it does the right edge scroll thing
00:53:48 <pikhq_> Given that there the mouse is being used more as directional input rather than pointing.
00:54:05 <ion> I used the hold-middle-mouse-button-down-and-move-nipple thing for scrolling.
00:54:08 <shachaf> I would like to change the way I use computers to require minimal mouse input.
00:54:11 <kmc> the X1 Carbon is pretty expensive :/
00:54:19 <ion> Much nicer than the side scroll thing with a touchpad IMO.
00:54:22 <pikhq_> shachaf: Have you considered using a tiling WM?
00:54:28 <kmc> though computers overall keep getting cheaper
00:54:30 <shachaf> A mouse is good for analog things, but very few of the things I do are analog.
00:54:41 <kmc> i remember when any halfway decent computer (for its time) would be at least $2000
00:54:44 <shachaf> pikhq_: I have used a tiling WM!
00:54:58 <shachaf> pikhq_: But I barely use the mouse with my current non-tiling WM.
00:55:41 <kmc> if you want to use the mouse more efficiently, you should switch to a toroidal mouse geometry
00:55:48 <ion> I like how Ubuntu’s Unity project has enabled much more keyboard accessibility than before.
00:56:01 <pikhq_> $2000 practically buys you a behemoth nowadays.
00:56:31 <HackEgo> Rain777: Welcome to the international hub for esoteric programming language design and deployment! For more information, check out our wiki: http://esolangs.org/wiki/Main_Page. (For the other kind of esoterica, try #esoteric on irc.dal.net.)
00:56:37 <ion> kmc: What’s toroidal mouse geometry?
00:56:41 <ion> shachaf: yeah
00:56:53 <kmc> when you move the mouse off the edge of the screen, it teleports to the opposite edge
00:57:02 <kmc> i have synergy configured to do this
00:57:42 -!- Rain777 has left.
00:57:44 <ion> You can launch programs by hitting Windows™ and typing a part of the program name; you can select menu items by hitting Alt and typing a part of the menu item name; you can switch to a specific window with Windows™-{1,2,3,…} etc.
00:58:12 <shachaf> ion: Wasn't it more application-oriented like Mac OS X?
00:58:27 <ion> Sorry, yeah, a specific application.
00:58:47 <ion> Dunno about worse since i’m not that familiar with OSX, but i’ve certainly liked Unity.
00:58:48 <kmc> i have a program which lets me launch programs by typing part of the name
00:58:51 <kmc> it's called a terminal ;)
00:59:06 * kmc http://twitter.com/1990sLinuxUser mode
00:59:23 <ion> Yeah, “setsid fire<tab> && exit” is convenient indeed.
00:59:31 <shachaf> Just about every mainstream X11 desktop environment has had Alt-F2 bound to that for quite a while.
00:59:50 <kmc> ion: why setsid?
00:59:51 <ion> Alt-F2 doesn’t know about applications’ descriptions and keywords.
01:00:15 <kmc> xmonad is not mainstream :/
01:00:16 <ion> kmc: To have the terminal window go away immediately.
01:00:20 <kmc> obviously because it involves monads
01:00:27 <kmc> ion: isn't «firefox & exit» good enough?
01:00:36 <ion> zsh: you have running jobs.
01:00:46 <shachaf> kmc: xmonad has never claimed to be mainstream.
01:01:08 <shachaf> ...It's too mainstream for me, though.
01:01:19 <shachaf> Remember back when xmonad was called "thunk"?
01:01:23 <kmc> i should finish that window manager i started writing
01:01:28 <kmc> then i could be a cool kid
01:01:34 <kmc> shachaf: was it really?
01:01:39 <zzo38> What window manager did you start to writing?
01:01:45 <shachaf> kmc: Yep, that was the name before "xmonad".
01:01:49 <kmc> a static tiling wm in haskell
01:01:55 <kmc> with nicer code than xmonad ;)
01:02:01 <kmc> not that xmonad's code is terrible, but mine is nicer :)
01:02:11 <shachaf> The nicest code is code that you don't write in the first place.
01:02:15 <shachaf> Therefore kmc's WM has the nicest code.
01:02:37 -!- oerjan has quit (Quit: Good night).
01:02:38 <kmc> no, i have almost 500 lines of code
01:02:42 <kmc> but they do not a window manager make
01:02:49 <kmc> and we all know xmonad is only 500 lines of code except not at all
01:03:01 <shachaf> Is it as good as xmonad 0.1?
01:03:20 <shachaf> kmc: You should put your code up!
01:03:27 <shachaf> Since it's basically a WM already.
01:03:37 <kmc> much of that is a SDL-based mockup of the keyboard UI
01:03:48 <kmc> designing a good UI for static tiling operations is not that easy
01:03:55 <kmc> i should look at what other WMs do
01:03:58 * shachaf has no idea how the keyboard UI would work for a WM that works the way he wants.
01:04:35 <shachaf> I don't know if the way I want is the same as the way you want, but it seems close enough.
01:04:43 <shachaf> You used to use Ion3, right?
01:04:45 <kmc> in my model, each workspace is a tree where branching nodes are horizontal or vertical splits
01:04:47 <ion> Hehe, 1990sLinuxUser is awesome.
01:04:58 <kmc> ion: i know, right? my favorite part is the background image
01:05:03 <ion> kmc: Indeed!
01:05:25 <kmc> i think the conceptually simplest UI for navigating this tree is to have a key for parent, child 1, child 2
01:05:30 <kmc> but i think this kinda sucks to use
01:05:42 <kmc> probably you also want keys for in-order traversal of the leaves
01:05:49 <shachaf> Is there a reason to special-case workspaces?
01:06:10 <kmc> well, each split is binary, except the split into workspaces
01:06:18 <shachaf> As opposed to them just being the root of an xmonad "Full"-style thing.
01:06:25 <kmc> and each split has a parameter to say how space is divided, except the split into workspaces
01:06:35 * shachaf was thinking of n-ary splits.
01:06:44 <kmc> you could have those, but the second point would remain
01:06:52 <shachaf> In Ion3 any window can be a "workspace" of its own.
01:06:59 <shachaf> You can have floating workspaces and so on.
01:07:04 <kmc> yeah, that's cool
01:07:40 <shachaf> And also any "window" can have multiple windows inside it as tabs.
01:08:04 <zzo38> My opinion is how the keyboard UI works would be: All window and widgets are hover focus, and you can push the key to switch between widgets (such as TAB) and key to switch between windows (such as the window manager's key and TAB together), and doing so move mouse pointer to that position.
01:08:24 <kmc> zzo38: I'm mainly concerned with how you create, adjust, and delete splits
01:08:29 <zzo38> I would think it would be best to have both tiled and floating windows.
01:09:22 <kmc> i never put in the effort to learn how ion actually models all this
01:09:33 <kmc> from the outside it seemed excessively complicated
01:09:44 <zzo38> kmc: At least how I would do is, to adjust splits have one of the mouse buttons assigned for that purpose when you click the border using that button.
01:10:13 <shachaf> My list of "window managers that seemed interesting" also includes Enlightenment, although it's a floating WM.
01:11:06 <zzo38> I would have the widgets basically Athena-style except that keyboard commands can also be used instead of or in addition to the mouse.
01:13:11 <kmc> what are the choices for static tiling wms, anyway?
01:13:12 <zzo38> Some people might not like this of course; some people may prefer programs with Motif or GTK widgets. I prefer SDL.
01:13:25 <shachaf> kmc: You should get the WM to a working state before you're too busy to!
01:14:44 <shachaf> In one sense all floating WMs are static.
01:15:26 <kmc> ion/notion, stumpwm, ratpoison, wmii, ?
01:16:15 <kmc> i think awesome is dynamic and the name annoys me anyway
01:16:16 <shachaf> wmii is very similar to dwm, isn't it?
01:16:33 <ion> “notion” would be an awesome name for a window manager.
01:16:59 -!- derdon_ has joined.
01:17:01 <kmc> and wmii is from suckless.org which also annoys me
01:17:13 <kmc> for me, annoyance is a full time job
01:17:24 <kmc> shachaf: the thing is, xmonad is Good Enough
01:17:37 <shachaf> kmc: Xfce is also Good Enough.
01:17:37 <zzo38> I would think the window system should instead of X, it should be based on SDL. They can include some built-in commands for clipboard (although it could just be /proc/$WINPID/userfs/clipboard if you have that kind of user filesystem mode), fix 8x8 and 8x12 whatever monochrome fonts, etc
01:17:49 <shachaf> At least, the difference between xfce and xmonad is small enough that I haven't bothered to set it up.
01:17:57 <kmc> i get by fine in xmonad with just full and two-column layouts
01:18:18 <kmc> btw, gimp now has a "one window" mode which works pretty well
01:18:29 <kmc> xmonad's floating window support is pretty wonky
01:19:08 <pikhq_> zzo38: Oddly enough, I think you'd at least somewhat like Wayland.
01:19:15 <shachaf> The idea of having a WM inside an application kind of annoys me.
01:19:27 <shachaf> Even though the application knows more about its windows.
01:19:30 <zzo38> pikhq_: Yes I do somewhat like Wayland.
01:19:50 -!- derdon has quit (Ping timeout: 252 seconds).
01:20:56 <kmc> the window managers i use are xmonad, screen, irssi, chromium, and finch
01:20:57 <ion> If it’s made into a library that *everything* uses so that all the windows behave the same way and look alike and if you can still move and close windows owned by processes that are stuck, i’m totally happy with it.
01:20:59 -!- augur has quit (Remote host closed the connection).
01:21:18 <kmc> i don't do splits with any except the first
01:21:34 <kmc> finch supports overlapping windows of any size, it's completely ridiculous
01:22:56 <kmc> i don't use vim for window management
01:26:02 <kmc> ok we're trying out the "irssi.so" window manager for GNT, the curses tooklit used by Finch
01:27:56 <kmc> trip report forthcoming
01:28:59 <kmc> I, the royal "we"... you know, the editorial
01:31:27 <shachaf> A magazine I read when I was much younger had an editoral, which was called something like "words of the editor".
01:31:42 <shachaf> Except it had a handwritten font in which "editor" looked a lot like "crow".
01:31:55 <shachaf> So I thought it was "words of the crow".
01:34:49 <ion> I’d like to have a horizontally looping desktop of arbitrary width and a height equal to the monitor’s height. I’d like to be able to place windows to the desktop side-by-side (never overlapping and never with space between them) and to scroll horizontally whenever its width is greater than that of my monitor. The desktop should grow and shrink automatically to fit the windows. Scrolling should snap
01:34:51 <ion> windows’ left-hand edges to the monitor’s left-hand border, and moving windows’ right-hand edges to resize them should snap to the monitor’s right-hand border.
01:35:51 <ion> There should be keyboard shortcuts to scroll to the next/previous window (so that their left-hand edge will match with the monitor’s left-hand border).
01:37:33 <ion> One could have e.g. a browser and a terminal side-by-side so that they fill the monitor exactly, but also a music player next to the terminal so that if you scroll to the right, the terminal and the music player will fill the monitor exactly.
01:38:38 <soundnfury> ion: that sounds like an interesting idea
01:39:06 <soundnfury> but maybe it'd be even better to be able to have a list of 'views' of the windows
01:39:47 <soundnfury> so you could implement that, but you could also be able to, say, always have your IRC client on the left and effectively scroll through what else should appear on the right
01:40:34 <soundnfury> obviously you'd want to embed a scripting language (perhaps Python? A mini-Lisp?) to programmatically define the views
01:40:44 <soundnfury> rather than just having a set of canned modes
01:41:33 <soundnfury> Then again, all this might have been done already
01:48:20 <kmc> soundnfury: oh, i'm probably biased because of the person who complained that mosh doesn't work in st, and talked like a cult member
01:49:32 <shachaf> kmc: You have a lot of biases. :-(
01:49:46 <soundnfury> yeah, maybe you should join #lesswrong and get them to fix it ;)
01:50:19 <kmc> in general i feel like all this "suckless" "minimalist" stuff means "works only for the author, comes with a screed about how this is all anyone should need"
01:50:24 <soundnfury> I just wondered if there was anything I should know about suckless, since they listed my IRC client on their "Stuff that rocks" page
01:50:48 <kmc> (that's not a criticism of suckless.org specifically, just of the attitude they are latching onto)
01:51:12 <soundnfury> Ok, now I understand... because I have an attitude that could be characterised that way too
01:51:48 <kmc> any feature you do not personally use is "bloat"
01:52:05 <kmc> and 10 half-baked solutions to the same problem is better than 1 complete solution
01:52:11 <kmc> because the half-baked solutions are each "minimalist"
01:52:30 <shachaf> The other extreme is perhaps more dangerous.
01:52:36 <kmc> both extremes are dangerous, yes
01:53:18 <kmc> the best is software which has many features, but which is architected in such a way that you don't pay for the features you don't use
01:53:30 <kmc> don't pay in terms of performance, but most importantly in terms of code complexity and bugs
01:53:46 <kmc> that is, the features you aren't using should not cause bugs in the parts you are using
01:53:49 <kmc> obviously this is very hard
01:53:56 <shachaf> What's an example of that?
01:54:54 <kmc> maybe a programming language interpreter
01:55:01 <kmc> i'm not affected by bugs in python modules i haven't loaded
01:55:18 <shachaf> Many people describe C++ that way.
01:55:28 <shachaf> Though I don't think that's quite right.
01:55:28 <kmc> and module maintainers have relatively little ability to force the core python interpreter to adopt bad design decisions
01:55:37 <kmc> the language itself is a pretty resiliant abstraction barrier
01:55:51 <kmc> shachaf: yeah, but they're talking only about space/time usage and not about cognitive burden
01:56:43 -!- DHeadshot has joined.
01:56:53 <zzo38> Depending on the program and how it is, some things can be external files and separate programs that can be processed separately or piped or whatever.
01:57:30 <soundnfury> Incidentally, since we're on the subject of software development...
01:57:47 <soundnfury> I'm currently trying to decide how to implement scripting in quIRC
01:58:17 <shachaf> Invent your own language which is backwards-compatible with IRC commands.
01:58:18 <soundnfury> I have some ideas (and a half-finished spec) for a scripting language, but I had another idea too: symbionts
01:58:24 -!- DHeadshot has quit (Read error: Connection reset by peer).
01:58:43 -!- DHeadshot has joined.
01:58:44 <zzo38> soundnfury: Probably it depend what you are doing with? There are a few possible ways.
01:58:45 <soundnfury> that is, make quIRC invoke symbiont processes (the scripts) and talk an application protocol to them
01:59:35 <soundnfury> that way you gain the ability to write scripts in any language, but otoh you can only do things there are hooks for
02:01:20 * Phantom_Hoover notes that the present phase of the moon is a waxing gibbous.
02:01:30 <Phantom_Hoover> That's like the worst one for Armstrong to die during.
02:01:59 <zzo38> At least what I have done in PHIRC is the script commands and local commands are like IRC except you put a slash in front; since PHIRC is written in an interpreted language you can also use that interpreter too, though. So, partially your choice will depend what programming language you use, what user interface, and what operating system.
02:02:05 <zzo38> Phantom_Hoover: Why?
02:02:53 <Phantom_Hoover> You can't even describe it very well, it's just "that phase that's a bit more than half full".
02:03:27 <zzo38> Just describe it by the degrees in ecliptic longitude?
02:03:30 <soundnfury> Phantom_Hoover: The Moon is Waxing Gibbous (67% of Full). Full moon in NetHack in 5 days.
02:04:06 <Phantom_Hoover> Thank you soundnfury for telling me something that I had just demonstrated knowledge of.
02:04:38 <soundnfury> Phantom_Hoover: I was giving you a more precise description than "a bit more than half full"
02:04:43 <zzo38> You don't need to describe it as "gibbous" if you don't want to.
02:06:13 <zzo38> Sun ecliptic longitude at 3 Virgo, Moon at 23 Sagittarius, so you subtract 263-153=110 degrees. (180 degrees = full moon)
02:07:07 <soundnfury> doesn't that assume the solar and lunar orbits are coplanar?
02:07:09 <zzo38> By the direction you can know the moon is going forward motion (counterclockwise on the diagram) so you can tell on the diagram the direction of wax/wane, and by aspect lines, whether the full moon is slightly before or slightly after or exact.
02:07:38 <soundnfury> zzo38: I'm not sure I follow your PHIRC explanation
02:07:46 <zzo38> soundnfury: It would seem so. But actually if they are then it is an eclipse. This orbit is used for measurement.
02:08:04 <zzo38> (So actually it is approximate but you have to use some plane of measurement, so the ecliptic is used.)
02:08:47 <soundnfury> but surely what you want to measure is something to do with the proportion of the moon's solid angle that's lit, as viewed from Earth
02:08:53 <zzo38> Because if it is actually moon exactly opposite to the sun, then it will be a lunar eclipse because the Earth is in the way.
02:09:47 <zzo38> So using all the angles it would never actually light the entire face of moon seen by Earth because the Earth is in the way.
02:09:53 <soundnfury> yeah but at "new moon" if it's not a solar eclipse then it'll be a (very very slim) crescent
02:10:33 <zzo38> Using ecliptic longitude only is what is generally done to calculate the phase of moon, I think.
02:12:02 <zzo38> Another common way to calculate phase of moon is by the time instead of by angle.
02:12:03 <kmc> maybe this "don't pay for features you don't use" is actually the most important reason to move things out of a language core and into the standard library
02:13:09 <zzo38> kmc: Yes, I agree you should put thing in a library. Even with Forth you can include most of the control structures and a lot of other things including syntactic stuff in a standard library too. With other programming languages the way it is done will differ.
02:14:06 <shachaf> kmc: Do you know the problem "generate a string of the form /[abc]{N}/ such that no substring appears twice in a row"?
02:14:29 <kmc> i think you mentioned it before
02:14:42 <kmc> de bruijn sequences?
02:15:23 <soundnfury> hmm, is this going to relate to prime numbers in some way?
02:15:32 <shachaf> De Bruijn sequences are sequences such that you can figure out a substring's position from its contents.
02:15:46 <kmc> right, which means each one appears at most once
02:15:54 <zzo38> And then there is Ecclesiastical phase of moon, which is slightly off from the actual phase of moon and is used to calculate the date of Easter, due to tradition.
02:15:59 <kmc> but it's for subsequences of a specific length
02:16:12 <kmc> anyway, please go on about this problem
02:17:27 <shachaf> In this case you're allowed e.g. "abcacbabca"
02:17:41 <shachaf> But you're not allowed a sequence that contains "aa" or "abab" or "abcabc".
02:17:44 <kmc> oh, twice *in a row*
02:17:46 <kmc> i missed that
02:17:52 <soundnfury> kmc: doesn't "to go on about something" have a meaning /subtly/ different to what you meant?
02:18:13 <shachaf> soundnfury: I think the meaning was clear here.
02:18:25 <kmc> don't my nuts have a meaning subtly close to your face
02:18:56 <kmc> glad that's settled
02:19:34 <shachaf> Anyway, you can generate arbitrary-length sequences with this property.
02:19:56 <kmc> how do you generate them?
02:20:01 <soundnfury> I think I'll go for the symbiont method, and then _maybe_ implement my scripting language as just one option
02:20:47 <soundnfury> kmc: I think you can do a tree search, though there may be a better way
02:21:18 <soundnfury> eg. start with an a, now you can have either b or c (isomorphism, doesn't matter which, we'll say b, now there's no further isomorphism left)
02:22:05 <soundnfury> now either we have an a next, so it must then be a c (can't have abaa or abab), or we have a c next, so either abac, abca or abcb (we can't have abcc)
02:22:33 <soundnfury> and so on, I don't know if the tree keeps getting wider or if the branches start to terminate
02:22:50 <shachaf> You can do it by generating and backtracking.
02:23:02 <soundnfury> (ie. if you start getting strings where you can't append any of [abc] without creating a repeat)
02:23:09 <kmc> okay, i was wondering if there was a better way
02:23:12 <shachaf> It's much trickier to do it without, though it's possible.
02:23:51 -!- DHeadshot has quit (Read error: Connection reset by peer).
02:24:25 <kmc> how do you do it?
02:24:36 <soundnfury> can you do something recursive, is there some way to take a sequence and modify it so that you can concatenate the original and modified versions, thereby getting another valid string?
02:24:43 <shachaf> https://en.wikipedia.org/wiki/Squarefree_word
02:39:41 <zzo38> Yes OK I understand what you mean. Was there something like that on anarchy golf?
02:39:58 -!- augur has joined.
02:42:07 -!- DHeadshot has joined.
02:42:23 -!- Phantom_Hoover has quit (Read error: Connection reset by peer).
02:45:58 -!- augur_ has joined.
02:45:59 -!- augur has quit (Read error: Connection reset by peer).
02:54:27 <zzo38> I looked out the window and I can see the moon.
02:56:42 -!- DHeadshot has quit (Read error: Connection reset by peer).
02:56:47 -!- DH____ has joined.
03:00:32 -!- derdon_ has quit (Remote host closed the connection).
03:06:30 -!- DH____ has quit (Read error: Connection reset by peer).
03:06:46 <shachaf> @ask elliott Apparently "travelling" is the British spelling and "traveling" is the American spelling.
03:07:01 <shachaf> @tell elliott Can you make me British? :-(
03:14:50 -!- DHeadshot has joined.
03:22:51 -!- ogrom has joined.
03:22:55 -!- pikhq has joined.
03:23:05 -!- pikhq_ has quit (Ping timeout: 260 seconds).
03:25:06 <shachaf> kmc: What is interesting in southern CA?
03:25:45 <kmc> kelso sand dunes
03:26:48 <shachaf> Hmm, that's rather far inland.
03:28:47 <kmc> are you going to southern CA?
03:31:01 <soundnfury> You know what's remarkable? Is how much of England looks in no way like southern California.
03:32:13 <kmc> what is your remark, then?
03:32:36 <soundnfury> I possibly got it slightly wrong, not watched that for a while
03:33:38 -!- pikhq_ has joined.
03:34:02 <kmc> it's a joke about how Southern California stands in for lots of places in films and tv
03:34:13 <kmc> i went to school at a college used frequently for film shoots
03:34:27 -!- pikhq has quit (Ping timeout: 276 seconds).
03:34:46 <shachaf> I know someone who's going to go there soon.
03:35:06 <kmc> i gather that there are a lot of fun things to do in LA, most of which i have not done
03:35:18 <kmc> i never even went to the beach, despite living a few minutes' bike ride away for a summer
03:35:44 <shachaf> They say it's a good beach. I've never been.
03:35:48 <kmc> which one?
03:35:58 <shachaf> The, uh, one in Los Angeles.
03:37:15 <kmc> there are a few
03:48:42 -!- pikhq has joined.
03:49:10 -!- pikhq_ has quit (Ping timeout: 256 seconds).
04:23:39 <kmc> we alone on earth can rebel against the tyranny of the selfish replicators
04:31:00 <kmc> pass it on
04:31:20 <shachaf> Can I pass it on in my genes?
04:32:58 -!- pikhq_ has joined.
04:33:27 -!- pikhq has quit (Ping timeout: 272 seconds).
04:50:38 <kmc> shachaf: the next CTF should focus on misuse of cryptographic primitives, don't you think?
04:50:45 <kmc> that would be fantastic
04:52:25 <shachaf> kmc: Oh, that would be fun.
04:52:53 -!- TeruFSX has quit (Read error: Connection reset by peer).
04:53:03 <kmc> i told gdb already
04:53:41 -!- TeruFSX has joined.
05:02:27 <kmc> there are so many exciting ways to misuse cryptographic primitives
05:05:14 <shachaf> Yes. It's one of those things I should know more about.
05:06:14 <shachaf> (Though the right answer is generally "use higher-level primitives", not "know how to use low-level primitives correctly".)
05:10:55 <shachaf> The situation with Haskell and cryptography libraries seems kind of terrible. :-(
05:10:56 <kmc> i wonder if that message would come across
05:11:58 <zzo38> What cryptographic primitives?
05:13:01 <kmc> i found it entertaining and enlightening to witness a discussion where each side accused the other of advocating the cardinal sin of "rolling your own crypto"
05:13:19 <kmc> and each side had valid arguments as to why their solution is less "rolling your own"
05:13:28 <shachaf> zzo38: I heard Julius Caesar was pretty cryptographically primitive.
05:13:35 <shachaf> kmc: I think I remember you mentioning that.
05:13:59 <kmc> mosh already rolls more crypto than is desirable
05:14:05 * shachaf doesn't remember the exact arguments.
05:14:29 <kmc> it would be nice to use something higher level like DTLS, but there are a few problems with doing so
05:14:41 <kmc> the argument in question was about OCB vs. CTR+HMAC, i.e. two block cipher modes
05:15:02 <kmc> and plenty of comments from the peanut gallary about "if you have to pick a block cipher mode, you're doing it wrong"
05:15:12 <zzo38> I read somewhere that combining multiple ciphers is sometimes weak; however, I do not think it will be weak if the keys used for each are guaranteed not to be related.
05:15:20 <kmc> which is fair enough, but again, I don't think there was a suitable higher-level alternative
05:16:02 <shachaf> http://nacl.cr.yp.to/ looks like a nice high-level cryptography library.
05:16:16 <shachaf> I don't know enough to know whether it's actually good.
05:16:27 <zzo38> Can you do backward and forward, side effect, stream and block, superencrypted initialization vectors, with a suitable compression in many steps with long keys which do not repeat?
05:16:50 <shachaf> It uses the author's own encryption and authentication primitives, which is generally worrying.
05:17:12 <shachaf> zzo38: What's a superencrypted initialization vector?
05:17:53 <zzo38> In addition, optimize it to run fast and less memory but use a slow algorithm and insert random delays and RAM scrambler
05:18:24 <kmc> i don't trust random delays, statistics can still win out
05:18:50 <kmc> the library shachaf linked is based around the idea of "no data-dependent branches or memory addresses" which seems solid
05:19:01 <zzo38> shachaf: You have an initialization vector of a random length, which is then scrambled with the rest of the code and encrypted again using a different algorithm and with an unrelated key (it because insecure if you use related keys)
05:19:04 <kmc> or you can pick a fixed time that each operation should take, and wait the remainder
05:20:03 <zzo38> kmc: But then you need to also deal with power usage
05:20:38 <shachaf> I think situations where you have to deal with power usage are pretty rare.
05:20:50 <pikhq_> shachaf: RE: NaCl, I *think* DJB is more qualified than most to actually do crypto well.
05:21:31 <kmc> but the number of eyeballs looking for dumb implementation bugs may well be as important as a solid understanding of the theory
05:21:33 <shachaf> Also, they're only a few years old.
05:21:40 <pikhq_> I mean, crypto and crypto attacks is what his math career largely is. :)
05:21:51 <kmc> tarsnap guy is also qualified to do crypto well, and yet he had a catastrophic dumb implementation bug ;)
05:22:26 <shachaf> pikhq_: I'd rather use a stupid algorithm that a lot of smart people have failed to break than a smart algorithm that only one smart person has failed to break.
05:22:32 <pikhq_> Crypto is one of those fields where minor bugs are nearly as catastrophic as "dur, rot13 is good".
05:22:53 <shachaf> (Not that that's the situation here.)
05:22:56 <kmc> security in general
05:23:03 <kmc> because it's about worst case rather than average case
05:23:23 <kmc> i love how many linux root exploits involve subsystems nobody ever uses, and/or code which never worked in the first place
05:23:33 <kmc> they finally removed econet
05:24:22 <zzo38> What does econet mean?
05:24:34 <shachaf> zzo38: Funny, it's just the sort of thing I'd expect you to use.
05:24:39 <kmc> econet is a networking protocol used by Acorn home computers from the 1980's
05:25:00 <kmc> Linux had an implementation of it, which is mostly famous for a number of security holes
05:25:19 <kmc> it's unclear this implementation ever actually worked, and if so how long ago it was last used
05:25:47 <zzo38> In that case I suppose it is a good idea to remove it; whoever will use it can make a new implementation which has a better quality.
05:25:59 <kmc> another example is the code for loading 32-bit Video4Linux1 firmware onto a Video4Linux2 device on a 64-bit machine
05:26:23 <kmc> turns out, nobody had ever tried to do this, the code in the kernel had no chance of working but was easily abused to get root
05:26:47 * shachaf wonders whether the Firefox gopher code has security bugs.
05:26:54 <kmc> zzo38: yeah; what's worse is that many distributions shipped the econet module by default
05:27:09 <kmc> and even worse, they would automatically load it if you tried to use the protocol from an unprivileged program
05:27:11 <pikhq_> shachaf: Maybe. It's not there anymore though.
05:27:20 <zzo38> They should just remove most of the stuff in the kernel since a lot of it too complicated
05:28:27 <kmc> zzo38: also, any remaining users of Econet are almost certainly tunneling it over UDP, and might as well do that in userspace
05:28:31 <zzo38> No, I don't think the Firefox gopher code had security bugs; the Microsoft gopher code has many security issues, though.
05:29:15 <shachaf> zzo38: What about the Plan 9 gopher code?
05:29:40 <zzo38> kmc: No, the problem is using too complicated operating systems (whether it is Windows or Linux or something else, it is still too complicated).
05:29:43 <zzo38> shachaf: I don't know.
05:29:59 <shachaf> Hmm, I guess Glenda isn't a gopher. :-(
05:30:15 <shachaf> Is the golang mascot a gopher?
05:30:31 <zzo38> I don't know but I do not think it is relevant.
05:31:35 <shachaf> zzo38: True. But neither is gopher.
05:34:50 <zzo38> I make up the new computer system to not have all this complexity, it can be a single tasking system (if you need tasking switch you can store it on the hard drive) and not involving such complicated things as PDF and USB.
05:35:20 <kmc> there are many old computer systems with these properties
05:35:56 <zzo38> The old one is too slow and it is out of sale.
05:36:33 <kmc> you can run FreeDOS on your modern PC
05:36:38 <kmc> and there are free development tools for it
05:37:00 <pikhq_> Pretty certain he finds x86 objectionable.
05:37:40 <kmc> fair enough
05:37:53 <kmc> if you are talking about hardware and not just software, then yes it's much harder to remake everything to be simpler
05:38:11 <zzo38> I do happen to think FreeDOS is OK. There are certainly problems with x86 (I don't like the existence of CPUID command is one thing, and modern extensions to the instruction set tend to confuse everything)
05:38:23 <zzo38> kmc: That is why I have to try.
05:38:37 <kmc> i too find x86 objectionable
05:38:51 <kmc> though i disagree with the more specific claim that x86 assembly is so much harder to write by hand
05:38:59 <shachaf> 18:17 <kmc> for me, annoyance is a full time job
05:39:27 <shachaf> x86 assembly is in a lot of ways designed to be nice to write by hand.
05:39:42 <pikhq_> Some of the later addons less so.
05:39:50 <pikhq_> But certainly, at its core it's meant that way.
05:40:02 <kmc> x87 code is not nice to write by hand :(
05:40:40 <pikhq_> Then what *was* it designed for?
05:40:53 <pikhq_> A register-stack sure isn't good for compilers.
05:41:01 <kmc> i think it's just bad
05:42:01 <kmc> i don't know why it's designed the way it is
05:42:10 <pikhq_> It's bad for all involved.
05:42:18 <shachaf> Daniel Bernstein pointed out that 8-element stack + free swap can sometimes to more than an eight-register instruction set.
05:42:42 <kmc> what about an eight register instruction set with free swap
05:43:11 <pikhq_> shachaf: Way back when, that swap wasn't free. :)
05:43:43 -!- asiekierka has joined.
05:43:49 <kmc> shachaf: in what way is it better?
05:43:58 <shachaf> kmc: http://cr.yp.to/qhasm/20050210-fxch.txt
05:44:03 <kmc> zzo38: why don't you like CPUID
05:46:02 <zzo38> kmc: Because a program might not run if you replace the processor. In my idea one thing they could be able to do is, you can store the state of the program to disk and then replace all the components (including the disk) and turn on the program will still continue same as the other one (and if you copy it, both will run identically), is my idea of computer.
05:46:39 <kmc> shachaf: interesting
05:46:42 <zzo38> Including if all the parts are different manufacturer from what it was before.
05:47:01 <kmc> zzo38: but that's also true if different CPUs have different features, regardless of whether you have an explicit way to identify them
05:48:04 <kmc> this is a real problem though
05:48:13 <kmc> Xen can virtualize CPUID
05:48:22 <kmc> so that you can indicate a baseline set of features that all your VM hosts support
05:48:26 <zzo38> That is why it would be made to not have different features, or, if they do have different features have a pin which you can connect to ground to indicate to use compatibility mode or not, so that you can activate the new features or you can turn them off by hardware.
05:49:12 <kmc> (this is a problem for code that uses CPUID as a memory barrier)
05:49:36 <zzo38> Yes those may be some of the problems.
06:02:55 -!- pikhq_ has quit (Ping timeout: 240 seconds).
06:03:07 -!- pikhq has joined.
06:07:46 -!- pikhq has quit (Remote host closed the connection).
06:08:04 -!- pikhq has joined.
06:12:13 <kmc> gotta sleep, ttyl all
06:14:51 -!- zzo38 has quit (Remote host closed the connection).
06:18:54 <Sgeo> I hate Clojure protocols.
06:33:05 -!- ogrom has quit (Quit: Left).
06:39:08 -!- pikhq_ has joined.
06:39:42 -!- pikhq has quit (Ping timeout: 264 seconds).
06:46:13 -!- pikhq has joined.
06:46:28 -!- pikhq_ has quit (Ping timeout: 244 seconds).
07:03:19 <Sgeo> ,(apply (partial some identity) '(true true false))
07:03:25 <Sgeo> &(apply (partial some identity) '(true true false))
07:03:56 -!- Vorpal has joined.
07:32:43 -!- DHeadshot has quit (Read error: Connection reset by peer).
07:32:48 -!- DH____ has joined.
07:50:45 -!- pikhq_ has joined.
07:51:01 -!- pikhq has quit (Ping timeout: 244 seconds).
08:26:04 -!- AnotherTest has joined.
08:34:55 -!- DH____ has quit (Read error: Connection reset by peer).
08:35:00 -!- DHeadshot has joined.
08:37:02 -!- asiekierka has quit (Ping timeout: 244 seconds).
08:40:48 -!- sirdancealot7 has joined.
08:45:09 -!- DHeadshot has quit (Read error: Connection reset by peer).
08:49:04 -!- mig22 has joined.
08:56:26 -!- pikhq has joined.
08:56:40 -!- pikhq_ has quit (Ping timeout: 268 seconds).
09:10:14 -!- AnotherTest has quit (Read error: Connection reset by peer).
09:10:29 -!- AnotherTest has joined.
09:22:34 -!- ais523 has quit.
09:46:49 -!- pikhq_ has joined.
09:47:09 -!- pikhq has quit (Ping timeout: 260 seconds).
10:05:21 -!- cheater__ has joined.
10:08:24 -!- cheater_ has quit (Read error: Operation timed out).
10:18:55 -!- ogrom has joined.
10:36:17 -!- Lumpio- has quit (Quit: _o7).
10:36:30 -!- Lumpio- has joined.
10:39:59 -!- DHeadshot has joined.
10:42:19 -!- MoALTz has joined.
10:42:30 -!- MoALTz has quit (Remote host closed the connection).
10:47:21 -!- DHeadshot has quit (Ping timeout: 276 seconds).
10:58:08 -!- derdon has joined.
11:10:37 -!- Phantom_Hoover has joined.
11:20:54 -!- MoALTz has joined.
11:28:00 <Phantom_Hoover> Hmm, I think I had a dream last night that there was a video on YouTube where some guy was putting some kittens in a glass of water.
11:37:36 <oklopol> you didn't check the comments????
11:43:36 <Sgeo> I'm finally beginning to appreciate the idea of the right tool for the job, rather than one language to rule them all.
11:43:51 <Sgeo> As in, I think newLisp's the right language for a codenomic, but not for much else.
11:45:12 -!- mig22_ has joined.
11:47:12 -!- mig22 has quit (Ping timeout: 252 seconds).
11:47:13 -!- mig22_ has changed nick to mig22.
11:57:06 -!- nooga has joined.
12:04:43 -!- ogrom has quit (Quit: Left).
12:05:08 -!- monqy has quit (Quit: hello).
12:36:34 -!- KingOfKarlsruhe has joined.
12:46:16 -!- kinoSi has quit (Read error: Connection reset by peer).
12:46:45 -!- kinoSi has joined.
13:01:34 -!- pikhq has joined.
13:01:54 -!- pikhq_ has quit (Ping timeout: 264 seconds).
13:14:36 <AnotherTest> typedef std::string::const_iterator interator_type;
13:14:36 <AnotherTest> typedef client::employee_parser<interator_type> employee_parser
13:14:36 <AnotherTest> employee_parser g; // notice this is the first and last use of employee_parser
13:14:47 -!- KingOfKarlsruhe has quit (Quit: ChatZilla 0.9.88.2 [Firefox 14.0.1/20120713134347]).
13:19:00 <AnotherTest> Why do they always give non-virtual destructors to their classes?
13:20:48 <fizzie> Do the classes have any virtual functions? If not, maybe just to save the vtable costs.
13:21:21 <AnotherTest> I have a class that derives from that class
13:22:08 <fizzie> Well, maybe "they" don't want you to derive.
13:23:42 <AnotherTest> http://www.boost.org/doc/libs/1_51_0/libs/spirit/example/qi/employee.cpp
13:24:59 <fizzie> The best %= operator override ever.
13:25:16 -!- AnotherTest has quit (Read error: Connection reset by peer).
13:25:29 -!- AnotherTest has joined.
13:29:03 -!- AnotherTest has quit (Read error: Connection reset by peer).
13:29:19 -!- AnotherTest has joined.
13:31:03 -!- Phantom_Hoover has quit (Remote host closed the connection).
13:32:32 -!- Phantom_Hoover has joined.
13:34:07 -!- AnotherTest has quit (Client Quit).
13:34:17 -!- AnotherTest has joined.
13:41:12 -!- AnotherTest has quit (Quit: Leaving.).
13:42:01 -!- AnotherTest has joined.
13:45:57 -!- AnotherTest has quit (Read error: Connection reset by peer).
13:46:03 -!- AnotherTest1 has joined.
13:58:27 -!- Phantom_Hoover has quit (Ping timeout: 276 seconds).
14:05:45 -!- Phantom_Hoover has joined.
14:26:28 -!- pikhq_ has joined.
14:26:42 -!- pikhq has quit (Ping timeout: 252 seconds).
14:54:53 -!- mig22 has quit (Quit: mig22).
15:19:16 -!- cheater__ has quit (Ping timeout: 248 seconds).
15:20:29 -!- ineiros has quit (Quit: leaving).
15:20:58 -!- ineiros has joined.
15:23:51 <kmc> yeah i used boost::spirit once
15:23:53 <kmc> never again...
15:26:19 -!- cheater__ has joined.
15:27:02 -!- pikhq has joined.
15:27:07 -!- pikhq_ has quit (Ping timeout: 240 seconds).
15:37:13 <ion> http://goo.gl/maps/M9T0H
15:39:02 <kmc> Elephant Butte, New Mexico
15:39:08 <kmc> which is next to Truth or Consequences, New Mexico
15:39:27 <kmc> which is named after a radio show
15:49:07 -!- atriq has joined.
15:55:25 <atriq> I love it when one of mine comes up in CoaP
15:55:34 <atriq> Because I'm like, "This sounds familiar"
15:55:40 <atriq> Followed by, "This is awful"
15:55:48 <atriq> Then, "Oh, yay, it's one of mine."
16:04:19 <atriq> The fourth least popular comic of DMM's
16:05:19 <atriq> After Infinity on 30 Credits a Day, Awkward Fumbles, at that one that never got off the ground
16:07:05 <Sgeo> I now understand Clojure enough to be able to comment about it in my post about name conflicts
16:09:57 -!- Slereah_ has quit (Ping timeout: 265 seconds).
16:13:19 <kmc> Sgeo you so silly
16:14:16 -!- Slereah has joined.
16:16:24 -!- pikhq_ has joined.
16:16:37 -!- pikhq has quit (Ping timeout: 256 seconds).
16:21:24 -!- pikhq has joined.
16:22:24 -!- pikhq_ has quit (Ping timeout: 260 seconds).
16:26:51 <Sgeo> How many Java+other JVM language developers actually stick to the domain name convention, and how many.. well, don't?
16:27:44 <fizzie> I don't see how you could measure that, except by some sort of a silly poll.
16:37:42 <Sgeo> Oh god I want to like Clojure but I don't want to start learning Java.
16:39:29 <kmc> Java is easy
16:39:55 <kmc> and it's not like Clojure is based on Java, it just has a Java FFI
16:40:39 <Sgeo> Well, I have to start learning about classpaths and probably similar things
16:41:10 <kmc> that's true
16:41:19 <kmc> i found that aspect to be the worst part of using clojure, by far
16:42:42 <Lumpio-> JavaScript all the way everywhere
16:43:02 <kmc> 420 smoke javascript everyday
16:43:22 <Sgeo> Well, there is ClojureScript
16:44:12 <nortti> does it have anything to do wi6th Clojure
16:44:33 <Lumpio-> 262 code ecmascript everyday
16:45:02 <kmc> well if Javascript is Scheme with Java syntax, then presumably ClojureScript is Java with Scheme syntax
16:46:03 <kmc> aka the least popular language you could possibly make
16:48:19 <Sgeo> kmc, other than classpath stuff, do you generally like Clojure?
16:52:55 -!- ogrom has joined.
17:04:40 -!- asiekierka has joined.
17:52:14 -!- AnotherTest1 has changed nick to AnotherTest.
18:01:26 <kmc> Sgeo: have only used it a little bit, but yes
18:01:45 -!- aloril has quit (Ping timeout: 244 seconds).
18:11:40 <kmc> AnotherTest: congratulations
18:11:47 -!- pikhq_ has joined.
18:12:05 -!- pikhq has quit (Ping timeout: 244 seconds).
18:12:19 <AnotherTest> kmc: notice spirit classic; I don't think it's possible to get spirit 2 working
18:15:37 -!- aloril has joined.
18:16:20 <kmc> hm, the X1 Carbon has an optional USB 3.0 "dock" box with two DVI outputs
18:16:26 <kmc> i wonder how much video you can push through USB 3.0
18:17:27 <pikhq_> Well, it's nominally 5 Gbit/s.
18:17:38 <kmc> C++: annoying people by misusing the word "functor" since 1983
18:17:51 <pikhq_> Probably not an awesome video card, but should be acceptable at least.
18:17:54 <kmc> i know that USB 2.0 video boxes are usually rather shit
18:18:07 <kmc> anyway yeah, should suffice for business graphics
18:18:38 <pikhq_> Let's go with "closure".
18:18:42 <nortti> our school has usb2 kvm systems
18:19:07 <AnotherTest> pkhq_: no, a function object isn't always a closure; a closure is a function object though
18:20:11 <AnotherTest> reason: a function object does not have a capture
18:21:20 <pikhq_> So, you're distinguishing between closures that don't close and closures that do? :)
18:21:48 <fizzie> kmc: Does it mention whether it has a video chipset on the dock, or just something to feed through the image generated by the computer itself? Single-link DVI maximum data rate is just 4 Gbit/s, you could almost even push that raw over USB, let alone encoded somehow. (Though it'd be weird.)
18:22:04 <kmc> i'm not sure, i'm guessing it's a video chipset in the dock
18:22:13 <pikhq_> That's a highly arbitrary and meaningless distinction.
18:24:20 -!- donmarquis has joined.
18:25:01 <fizzie> kmc: Google says the dock has a http://www.displaylink.com/usb3/index.php on it, and the spec sheet of that speaks a lot about video compression.
18:25:15 -!- impomatic has joined.
18:26:28 -!- donmarquis has quit (Quit: Leaving).
18:28:26 -!- donmarquis has joined.
18:46:54 -!- atriq has quit (Ping timeout: 240 seconds).
18:53:04 -!- ogrom has quit (Read error: Connection reset by peer).
18:58:59 -!- donmarquis has quit (Quit: Leaving).
19:00:57 <Sgeo> https://www.refheap.com/paste/4643
19:07:18 -!- pikhq has joined.
19:07:47 -!- pikhq_ has quit (Ping timeout: 268 seconds).
19:08:48 -!- AnotherTest has quit (Quit: Leaving.).
19:09:05 <Sgeo> Incidentally, the "WARNING! UNTESTED!" is now obsolete
19:10:25 -!- FreeFull has quit (Ping timeout: 260 seconds).
19:11:33 <Sgeo> Is my code really that bad that it's "lol" worthy?
19:11:39 -!- FreeFull has joined.
19:17:56 -!- zzo38 has joined.
19:33:06 <shachaf> kmc: To be fair, most everybody misuses the word "functor" somehow.
19:47:25 -!- pikhq has quit (Ping timeout: 252 seconds).
19:47:31 -!- pikhq_ has joined.
19:49:32 -!- augur_ has changed nick to augur.
19:56:11 -!- zzo38 has quit (Remote host closed the connection).
19:56:45 -!- oerjan has joined.
19:57:02 -!- ais523 has joined.
19:57:14 -!- pikhq has joined.
19:57:20 -!- pikhq_ has quit (Ping timeout: 246 seconds).
20:03:49 <oerjan> 03:35:06: <kmc> i gather that there are a lot of fun things to do in LA, most of which i have not done
20:03:52 <oerjan> 03:35:18: <kmc> i never even went to the beach, despite living a few minutes' bike ride away for a summer
20:04:58 <oerjan> i have gone through LA twice in my life, just enough to get a horrible sunburn on the beach the second time. (the first time we'd forgot to get visas so we had to stay at the airport, technically under guard)
20:06:24 <oerjan> i think this may have been one of the times i shed 3 layers of skin on my shoulders
20:08:02 <oerjan> i recall it was rather fascinating to watch once the pain got relieved
20:08:51 * oerjan wonders if he should have put a NSFL warning on that
20:09:56 <oerjan> 04:23:39: <kmc> we alone on earth can rebel against the tyranny of the selfish replicators
20:10:39 <oerjan> paradoxical yet probably essential to humanity's survival.
20:11:59 -!- pikhq has quit (Ping timeout: 252 seconds).
20:12:02 -!- pikhq_ has joined.
20:16:36 -!- oerjan has set topic: May contain: soy strawberries, chocolate people, vanilla computer programming, natto esoteric, tarragon THX deep note, mutton ecliptic longitude, camomile tea, some CPU locusts, rutabaga nonsensical analogies and theories, hummus matrices of solidity, pudding lovecraftian horrors, and no Ice-9. | http://codu.org/logs/_esoteric/ | http://esolangs.org/wiki.
20:17:54 <fizzie> Given our topics, it's maybe not so unexpected that people come here looking for the other sort of esoterica.
20:18:41 <nortti> also topic of #esoteric-en doesn't help
20:19:49 <nortti> 3:18 -!- Topic for #esoteric-en: Visit #esoteric if you want to speak about occultism andvwitchcraft
20:19:58 -!- asiekierka has quit (Remote host closed the connection).
20:20:20 <oerjan> apparently that's a festival
20:26:52 <shachaf> @quote kmc gentle.introduction
20:26:52 <lambdabot> kmc says: i started to read the "tutorial" and it was incomprehensible. makes the Gentle Introduction to Haskell look like Teach Yourself PHP in 24 Hours
20:27:04 <shachaf> kmc: Isn't the Gentle Introduction the "tutorial"?
20:30:12 <fizzie> http://sprunge.us/bEdX - N900 dmesg is the most useful ever. (All the hard keys are hooked to the GPIO pins, and the driver reports all state changes.)
21:11:46 -!- Arc_Koen has joined.
21:16:29 <HackEgo> Arc_Koen: Welcome to the international hub for esoteric programming language design and deployment! For more information, check out our wiki: http://esolangs.org/wiki/Main_Page. (For the other kind of esoterica, try #esoteric on irc.dal.net.)
21:16:49 <oerjan> a bit quiet here right now
21:16:53 <fizzie> FreeFull: Doesn't help all that much since the GPIO stuff has pushed other things out of the message buffer. (Okay, it only matters for historic matters, but still.)
21:17:42 -!- pikhq has joined.
21:17:44 -!- pikhq_ has quit (Ping timeout: 252 seconds).
21:21:39 -!- nortti has quit (Ping timeout: 252 seconds).
21:24:01 -!- atriq has joined.
21:24:51 <oerjan> darn internet is slow :(
21:25:23 <fizzie> They should build a faster one.
21:25:29 <kmc> shachaf: the ATS tutorial
21:28:04 <kmc> oerjan: do you know the context of the selfish replicators quote
21:29:37 <kmc> shachaf: why did you bring up that quote?
21:30:03 <shachaf> Which for some reason I'm still in.
21:30:12 <kmc> shachaf: did you think up some entertaining misuses of crypto for the next CTF?
21:30:16 <kmc> i'm composing a list in an email to gdb
21:30:24 <shachaf> edwardk has a new lens combinator for filtering, called "iwhere".
21:30:33 <kmc> filter combinators, reinvented
21:31:03 <shachaf> I don't know why I called it a "combinator".
21:31:12 <kmc> because anything sounds better if you call it a combinator?
21:31:15 <shachaf> Is it a combinator? Why did I even use that word? I don't know what it means. :-(
21:31:48 <shachaf> I was just reading <http://www.bsdcan.org/2010/schedule/attachments/135_crypto1hr.pdf>
21:31:49 <fizzie> Instead of taking the bus, take the mobile people combinator.
21:31:58 <shachaf> You could probably take each DON'T line and turn it into a fun CTF challenge.
21:32:23 <kmc> i got some ideas from http://chargen.matasano.com/chargen/2009/7/22/if-youre-typing-the-letters-a-e-s-into-your-code-youre-doing.html
21:32:35 <shachaf> kmc: Did you mention something about length-extension attacks?
21:32:51 <shachaf> Like the thing Flickr had.
21:33:56 <kmc> did you finish the web CTF then?
21:34:49 <shachaf> No. :-( I haven't worked on it.
21:34:58 <shachaf> But today is a good day for it, as soon as I finish $THING.
21:38:24 <kmc> shachaf: huh, that presentation says to use AES-256, despite the related-key attack
21:38:49 <kmc> also it says not to use combined authentication/encryption modes
21:38:52 <kmc> but doesn't say why
21:39:18 -!- Vorpal has quit (Ping timeout: 276 seconds).
21:39:56 <shachaf> I think he has a follow-up post that clarifies some of it.
21:40:41 <shachaf> Do related-key attacks generally matter?
21:41:35 <shachaf> http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html
21:42:36 <kmc> i think this related key attack doesn't matter specifically
21:43:02 <shachaf> Well, the one on AES-256 is only theoretical anyway.
21:43:05 <kmc> but there is a notion that cryptosystems with known but impractical attacks are more likely to develop practical attacks eventually
21:43:42 <kmc> "I did mention the issue of authenticated encryption modes, but to elaborate a bit: CTR mode has the very nice property that the attacker has absolutely no control over what operations you perform. This makes a big difference -- almost all side channel attacks require chosen inputs."
21:44:03 <kmc> fair enough
21:44:38 <kmc> heh, i had forgotten that using a separate HMAC requires you to choose between Encrypt-and-MAC, MAC-then-encrypt, and Encrypt-then-MAC
21:44:49 <kmc> and experts don't even agree on which of these is better
21:45:00 <kmc> this is a point in favor of authenticated encryption modes
21:45:11 <shachaf> I think everyone agrees that encrypt-and-MAC is bad.
21:46:54 <shachaf> There's also the argument that standalone authentication is much cheaper than decryption+authentication, so a system that can reject unauthenticated ciphertexts early is much more resilient to a DoS.
21:47:02 <shachaf> (Assuming you encrypt-then-MAC.)
21:47:22 <shachaf> Oh, I guess he wrote about that.
21:47:26 <kmc> which relates to the side channel argument as well
21:52:31 <kmc> "If you're distributing client code which speaks to a server you operate, there is no need to use SSL; instead, you can distribute the server's public RSA key (or its hash) along with the client code, and "bootstrap" the security process that way. I do this in FreeBSD for the FreeBSD Update and Portsnap services, and I also do this in Tarsnap. It's simple; it works; and it's secure."
21:52:52 <kmc> if you squint right, this endorses what Mosh does
21:53:59 <shachaf> In the sense that "send-key-over-SSL" is similar to "send-key-over-SSH"?
21:54:15 <shachaf> By SSL I mean https when you're downloading the client code, presumably.
21:54:39 <kmc> and rejecting the complexity of SSL for the client app itself, when you don't need it
21:54:51 <shachaf> mosh doesn't send an asymmetric key at all, does it?
21:54:56 <kmc> mosh goes further in having symmetric crypto only
21:55:10 <kmc> obviously this doesn't work if you have multiple mutually-untrusting clients connecting to the same service
21:55:22 <shachaf> On the other hand that makes you more reliant on SSL/SSH, since you have to use it every time rather than just the first time.
21:55:37 <kmc> well, yes and no
21:56:00 <kmc> someone could write a special purpose mosh-server-launching daemon using RSA in the manner Tarnsap guy describes
21:56:11 <kmc> and it would still be a separate component from mosh-server itself
21:58:14 <kmc> someone already wrote a HTTP-based mosh launcher
21:58:32 <kmc> with some questionable security properties
22:00:31 <kmc> the docs said nothing about the fact that you should run it over HTTPS, and had an example of running it over HTTP-not-S
22:00:44 <kmc> when i pointed this out, the author said it was "obvious" that you needed to use HTTPS, so why bother putting this in the docs
22:01:15 <kmc> it had some other problems too, some of which they did fix
22:02:04 <kmc> it had some homebrew authentication mechanism, and i think v1 of this was vulnerable to a path traversal
22:02:22 <shachaf> I,I ln -s /usr/bin/mosh-server ~/public_html/cgi-bin/
22:02:34 <kmc> mosh doesn't contain public-key crypto code but perhaps more importantly, it doesn't contain authentication code
22:03:03 <shachaf> https doesn't really have a mechanism for client-side authentication.
22:03:45 <kmc> it has client certificates!
22:03:51 <kmc> these are used extensively at MIT
22:04:00 <shachaf> I've never heard of anybody using them.
22:04:15 <kmc> MIT is weird :)
22:05:45 <kmc> shachaf: did you know that ECB mode is the default for Java crypto APIs?
22:05:57 <shachaf> ECB mode is the default for all crypto APIs that support it.
22:06:10 <kmc> shouldn't some APIs have no default?
22:06:17 <fizzie> CAcert.org uses SSL client certificates for user login.
22:06:21 <shachaf> "default" in the sense of "requires the fewest parameters"
22:06:31 <kmc> i mean that if you don't choose one, it uses ECB
22:06:33 <shachaf> If you don't know what you're doing, you'll pick the one that looks easiest.
22:06:34 <kmc> but i could be wrong
22:06:47 <fizzie> And OpenVPN setups use SSL client certificates quite often, I believe.
22:07:00 <kmc> level 0 of the crypto CTF would involve finding patterns in an ECB-encrypted file, i think
22:07:10 <kmc> like the Tux image on wikipedia
22:10:58 <shachaf> Is there ever a reason to use a mode other than CTR mode when you're not doing combined encryption-authentication?
22:13:45 <kmc> CTR requires a nonce, which could be annoying
22:14:15 <kmc> "Nevertheless, there are specialized attacks like a Hardware Fault Attack that is based on the usage of a simple counter function as input."
22:14:22 <kmc> CBC doesn't
22:14:38 <shachaf> What's the difference between an IV and a nonce?
22:14:41 <kmc> er, right, i guess that's the same thing basically
22:14:43 -!- atriq has quit (Ping timeout: 245 seconds).
22:16:07 -!- atriq has joined.
22:16:29 <fizzie> I have a crypto-failure T-shirt bought from Bletchley Park; it's describing the occasion when Germans once resent a message (with different typos) reusing -- against the regulations -- the Lorentz stream cipher settings that had been used for the original message. Both were intercepted, with predictable results: http://www.codesandciphers.org.uk/lorenz/fish.htm
22:16:53 <kmc> does the nonce have to be secret in either case?
22:17:05 <shachaf> No, it's not supposed to be secret.
22:18:32 <shachaf> Really there's no point in separating the nonce and the counter, as far as I can tell.
22:18:49 <shachaf> Instead of having an n-bit nonce and an n-bit counter, just have a 2n-bit counter that starts at a random point.
22:19:12 <kmc> 'The one snag with Enigma of course is the fact that if you press A, you can get every other letter but A. I picked up this message and—one was so used to looking at things and making instant decisions—I thought: 'Something's gone. What has this chap done. There is not a single L in this message.' My chap had been told to send out a dummy message and he had just had a fag [cigarette] and pressed the last key on the keyboard, the L
22:19:18 <kmc> So that was the only letter that didn't come out. We had got the biggest crib we ever had, the encypherment was LLLL, right through the message and that gave us the new wiring for the wheel [rotor]. That's the sort of thing we were trained to do. Instinctively look for something that had gone wrong or someone who had done something silly and torn up the rule book.'
22:19:47 <kmc> shachaf: yeah
22:20:03 <Lumpio-> ...they had to translate "fag" and "wheel"...?
22:20:15 <kmc> someone objected that the incrementing plaintext nonce in mosh packets makes it easy to identify the traffic as mosh traffic
22:20:27 <kmc> by someone i mean jacob appelbaum
22:20:39 <shachaf> 15:17 <newsham> challenge/response protocol that is symetrical so that you can pass back the challenge to the remote as if it was your challenge
22:20:42 <shachaf> 15:17 <newsham> and the response you get ack can be used as your response
22:20:44 <shachaf> 15:17 <newsham> diffie-hellman without checking that the challenge you get is in the proper range (ie. so that the attacker can pass in a value that is zero modulu N)
22:20:47 <shachaf> 15:18 <newsham> using number-of-seconds-since-epoch as the seed to a PRNG which is used to generate an important secret.
22:20:50 <shachaf> 15:19 <newsham> using a weak PRNG which can easily be predicted from past values, or alternately one with a very small output space
22:21:19 <kmc> yes i've seen the srand(time(NULL)) used to generate AES keys
22:21:24 <kmc> saw this on stackoverflow anyway
22:21:54 <shachaf> There is a program running on your system which generates random tokens using time(NULL). :-(
22:21:56 <kmc> you see on Windows, the OpenSSL PRNG requires seeding
22:21:58 <pikhq> C rand() should only be used for games and such where all the entropy that matters is "eh, looks random I guess".
22:22:43 <shachaf> I should probably report the bug before saying it, or something.
22:22:59 <coppro> pikhq: it's acceptable but not ideal for situations where the randomness is not as important as the fact that there are arbitrary numbers
22:23:00 <shachaf> 15:20 <newsham> having a buggy challenge-response implementation where you expect to get back Encr(n+1) as a verifier, but due to bug in impl you actualy require Encr(n) as verifier
22:23:05 <shachaf> 15:20 <newsham> (ie. the "n+1" function has bug that makes it a nop)
22:23:05 <coppro> (hash salts come to mind)
22:23:07 <fizzie> Low bits of old-old C rand()s shouldn't even be used for that. :p
22:23:07 <shachaf> 15:22 <newsham> having a strong RNG, but always using it after a fork() in a server daemon so that the value sent out by the daemon always uses the same random sequence for each session
22:23:11 -!- Nisstyre has quit (Quit: Leaving).
22:23:46 -!- newsham has joined.
22:23:51 <kmc> hi newsham
22:24:14 <kmc> can i pass on your suggestions to the people who might be running a crypto-related wargame?
22:24:20 <kmc> by "might be" i mean "i am trying to convince them to"
22:24:30 -!- Nisstyre_ has quit (Quit: Leaving).
22:24:37 <shachaf> kmc: You should run it yourself!
22:24:46 <kmc> too much work
22:24:49 <newsham> - having a protocol where replaying a transaction can cause somethign bad to happen, and not having any liveness in the protocol that prevents an old message (encrypted/authenticated) to by simply replayed
22:25:27 <newsham> - having an authenticator that covers a bunch of important fields, but leaves some important field unprotected (and hence tamperable)
22:25:48 <newsham> possibly due to oversight or possibly due to bug where the authenticator length is incorrect
22:28:51 <newsham> - using a really small keyspace so that brute force is trivial
22:31:32 <kmc> hm, i bet you could construct a fun situation where the message length field is the unprotected one
22:31:40 <kmc> allowing you to send a truncation of any legitimate message
22:31:47 <kmc> kind of the opposite of a hash extension attack
22:32:39 -!- Arc_Koen has left.
22:33:56 <newsham> or like you have an authenticator over the whole msg but not of the pseudodata like what session its from or what IP its from
22:34:01 <newsham> so that other sessions or other IPs can replay the msg
22:34:43 <newsham> ps: if this is going to be a public game, i'd love to hear about it.. love even more if its available for use offline after the game is done
22:35:33 <kmc> i'm suggesting it to the people who are currently running https://stripe-ctf.com
22:39:57 -!- nooga has quit (Ping timeout: 260 seconds).
22:41:13 <kmc> FreeFull: indeed
22:43:29 <newsham> its just hard to add functionality
22:44:03 <newsham> its all really turing and church's fault
22:44:58 <kmc> security was hard before computers too =(
22:45:27 * kmc spent a lot of time performing privilege escalation attacks on pin tumbler lock systems
22:45:45 -!- atriq has quit (Remote host closed the connection).
22:45:53 <FreeFull> It'd be really cool to know if one way functions exist
22:46:00 <newsham> eh.. locks arent designed to be hard to break
22:46:06 <newsham> they're designed to be cheap and convenient
22:46:40 <FreeFull> Feynman did a bit of stuff with locks
22:46:53 <kmc> well some of these were medeco "high security" locks
22:46:59 <newsham> i read abou that in "you're full of shit, mr. feynman"
22:47:16 <kmc> typical house locks are a joke, even i can pick those
22:47:55 <newsham> yup. nifty when they work.. not always suitable
22:48:06 <newsham> youtube has a bazillion videos on em
22:48:28 <kmc> at school we had mailbox locks which were so shitty that basically any key could be used as a bump key
22:49:44 <FreeFull> I once tried my house key on a school door lock
22:50:26 <FreeFull> Then I calculated the chances of that happening with a random lock
22:51:04 <newsham> was that in feynman's book, too?
22:51:15 <kmc> normal house key has 5 pins, with maybe 10 possible heights for each
22:51:40 <newsham> but if it was at a school they might have made master keys, which increases the odds of a random match
22:51:42 <kmc> possible the school lock was missing pins or was excessively worn such that more keys would open it
22:51:45 <kmc> or master keys, yeah
22:52:25 <kmc> increases dramatically... if the master key doesn't share any heights with the other key, you now have 2^5 = 32 keys that can open that lock
22:52:29 <kmc> and many systems have more than one master
22:53:01 <kmc> the priv esc that i alluded to is that you can disassemble a few locks in low security areas and thereby compute the master key which works on high security areas too
22:53:05 <FreeFull> Are you sure about the 10 heights?
22:54:36 <kmc> schlage locks have 10 heights: http://www.clksupplies.com/shop/schlage-pins-bottom-pins-c-22_33_69.html?osCsid=3c7748ac9175559f241b14333637e96e
22:55:17 <newsham> and being off by 1/10th of the height results in no-open?
22:56:09 <kmc> i think a key which is halfway between official heights will open locks of either height, with enough jiggling
22:56:33 <kmc> you kind of learn the magic wiggle to make each of your handmade master keys open each lock
22:57:04 <newsham> so more like 5^x than 10^x?
22:57:07 <kmc> the master and non-master heights in a given pin will never be adjacent, though
22:57:16 <kmc> because the spacer between them would be too small
22:57:29 <kmc> well, FreeFull's house key is probably closer to spec
22:57:40 <kmc> and not exactly halfway between heights
22:58:16 <kmc> my guess is lazy locksmith at the school didn't fill all the columns
22:58:19 <kmc> but it could just be luck
22:58:31 <kmc> if one thing happens to you every second, you should expect a one-in-a-million coincedence about once a month
22:58:32 -!- DHeadshot has joined.
22:59:14 <newsham> its always the clock reading "1234"
22:59:33 -!- MoALTz has quit (Ping timeout: 260 seconds).
22:59:35 <newsham> or pbs having the mr. rogers neighbhood music video on right as you're flipping
23:02:36 <Phantom_Hoover> <kmc> at school we had mailbox locks which were so shitty that basically any key could be used as a bump key
23:02:57 <Phantom_Hoover> There was a locker in my old school that you could unlock by sticking your thumb in the middle and twisting.
23:03:48 <kmc> also you can "pick" Master brand padlocks just by hitting a metal bit at the back of the lock
23:03:51 <kmc> ignoring the pins
23:07:34 -!- DHeadshot has quit (Read error: Connection reset by peer).
23:14:45 -!- monqy has joined.
23:21:21 -!- impomatic has left.
23:24:53 -!- pikhq_ has joined.
23:27:13 -!- pikhq has quit (Ping timeout: 244 seconds).
23:27:38 <kmc> nice, Newegg sells a 21" monitor with 2560 x 2048 resolution
23:27:41 <kmc> for only $10,599
23:29:21 <newsham> http://www.bbc.co.uk/news/technology-19370582 Broadcasts in 8K will offer a resolution of 7,680 by 4,320 pixels - roughly the equivalent of a 32 megapixel photo.
23:29:41 <newsham> "I suspect that we won't see this become available to consumers below $10,000 until 2025," Paul O'Donovan, principal analyst at the tech consultancy Gartner, told the BBC.
23:33:21 <shachaf> I hear those fishy Korean 27" 2560xsomething LCDs are nice.
23:35:58 <kmc> i'm not sure what this "Large Format Monitor" category is
23:36:18 <kmc> they seem to be HDTVs, without the tuner?
23:36:38 <shachaf> newsham: Outdoors got way better when I got the high-resolution expansion.
23:36:48 <shachaf> I think kmc got that too recently.
23:36:49 <kmc> i smell price discrimination
23:47:10 <kmc> > 7680 * 4320
23:47:36 <pikhq_> Which is cheaper, HDTVs or those?
23:48:56 <pikhq_> Appears to be the HDTVs.
23:49:16 <kmc> here's a "Large Format Monitor Built in TV Tuner"
23:50:39 <kmc> HDTVs are a consumer product, LFMs are a business product, everyone knows a business can't just buy a consumer product even if it does the same exact thing
23:51:16 <pikhq_> It's a shame it's near impossible to get reasonably accurate measurements of the performance of displays...
23:51:34 <kmc> what sort of performance, and why is it impossible?
23:51:44 <kmc> oh sure, disregard the manufacturer's claims
23:51:55 <pikhq_> Bull fucking crap you're not getting 1000000:1 contrast.
23:51:57 <kmc> but there are a fair number of websites giving detailed data on contrast, color reproduction, etc
23:52:12 <kmc> http://www.tftcentral.co.uk/ has some pretty comprehensive tests
23:52:13 <pikhq_> Yeah, I was refering to manufacturer's claims.
23:52:19 <oerjan> pikhq_: "our patented blackbody monitors..."
23:52:27 <pikhq_> Obviously, if you look for enthusiasts who measure things sanely, you're good.
23:52:29 -!- zzo38 has joined.
23:52:50 <pikhq_> oerjan: "We accurately display both the brightness of 0k and the sun!"
23:53:00 <oerjan> actually can even a blackbody get that, at room temperature...
23:53:11 <pikhq_> Who said room temperature?
23:54:30 <pikhq_> Safety waiver required for purchase; temperatures of 0K may not be appropriate for corporeal beings.
23:54:46 <oerjan> nor the sun one, incidentally
23:55:05 <kmc> i think it's much easier for enthusiasts to objectively review monitors compared to (say) laptop battery life
23:55:20 <pikhq_> There are actual objective measurements to be made there.
23:55:21 <kmc> reviewers will come up with battery life numbers differing by 2+ hours on similar-sounding tests
23:55:37 <pikhq_> And what's more, the objective measurements map very well to *what you actually care about*.
23:55:57 <pikhq_> A monitor with bad contrast will actually look like shit.
23:56:17 <shachaf> "Area Man purchases Large Format Monitor with Built-in TV Tuner"
23:57:09 -!- Nisstyre has joined.
23:59:40 <oerjan> sadly that is probably too obscure for the onion?