|
Mercury_Storm posted:https://web3isgoinggreat.com/?id=randstorm unciphered posted:On the 6th of April, 2018, an individual calling themselves “Ketamine” sent an email from <ketamine@national.shitposting.agency> to the bitcoin-dev mailing list
|
#
?
Nov 15, 2023 01:19
|
|
|
|
| # ? Jun 8, 2024 01:20 |
|
|
The name "randstorm" for a vulnerability really sounds like the vulnerability is just "weird nerds use passages from randian screeds as passwords" and I do not want to challenge my perfect-faith belief that this is the case.
|
|
#
?
Nov 15, 2023 01:54
|
|
|
FAUXTON posted:The name "randstorm" for a vulnerability really sounds like the vulnerability is just "weird nerds use passages from randian screeds as passwords" and I do not want to challenge my perfect-faith belief that this is the case. idk whether this is "just" that but yeah they totally do in the early days of bitcoin there was some service that derived public-private key pairs from short passages of text, and there were addresses that several people used that came to be watched by bots who would immediately hoover up any butts stored there. there was some address that corresponded to like, a famous quote from atlas shrugged or whatever that was being watched by everyone and was getting the butts swiped from it on the reg. someone will remember more details of this than me
|
|
#
?
Nov 15, 2023 02:41
|
|
|
correct horse battery staple
|
|
#
?
Nov 15, 2023 02:42
|
|
|
Hammerite posted:idk whether this is "just" that but yeah they totally do the john galt oath thing: quote:I swear by my life and my love of it that I will never live for the sake of another man, nor ask another man to live for mine.
|
|
#
?
Nov 15, 2023 03:26
|
|
|
Xakura posted:Michael Lewis should be imprisoned, yes Agreed, everything that came out this year re: Michael Oher is goddamn reprehensible.
|
|
#
?
Nov 15, 2023 03:50
|
|
|
FAUXTON posted:The name "randstorm" for a vulnerability really sounds like the vulnerability is just "weird nerds use passages from randian screeds as passwords" and I do not want to challenge my perfect-faith belief that this is the case. Couldn't bitcoin mining be basically described as a 'randstorm?' Isn't it a bunch of machines generating billions of large-digit random numbers and hashing them, each hoping to find that it stumbled upon the 'correct' random number to match one that was previously 'drawn'?
|
|
#
?
Nov 15, 2023 04:09
|
|
|
Hammerite posted:idk whether this is "just" that but yeah they totally do yeah that was brainwallets and all the low hanging fruit there got picked clean at the time this is just good ol fashioned bad PRNG implementation
|
|
#
?
Nov 15, 2023 04:35
|
|
|
ashpanash posted:Couldn't bitcoin mining be basically described as a 'randstorm?' Isn't it a bunch of machines generating billions of large-digit random numbers and hashing them, each hoping to find that it stumbled upon the 'correct' random number to match one that was previously 'drawn'?
|
|
#
?
Nov 15, 2023 04:55
|
|
|
shame on an IGA posted:yeah that was brainwallets and all the low hanging fruit there got picked clean at the time how could linear congruence fail me? i even chose prime numbers! prime!
|
|
#
?
Nov 15, 2023 05:25
|
|
|
ashpanash posted:Couldn't bitcoin mining be basically described as a 'randstorm?' Isn't it a bunch of machines generating billions of large-digit random numbers and hashing them, each hoping to find that it stumbled upon the 'correct' random number to match one that was previously 'drawn'? Darude_-_Randstorm.mp3.exe
|
|
#
?
Nov 15, 2023 06:56
|
|
|
shame on an IGA posted:yeah that was brainwallets and all the low hanging fruit there got picked clean at the time yeah, I assume that a badly implemented PRNG in libbitcoinjs or whatever meant that some of the keys are somewhat predictable. it doesn't need to be *that* badly implemented to go from "brute force search the entire SHA-256 key space" to "rent some GPU cluster space and start cracking wallets that have more BTC than the power will cost"
|
|
#
?
Nov 15, 2023 07:52
|
|
|
man how the hell do you even write code to do arithmetic with large integers in javascript, the idiot hell fucker language that notoriously doesn't have an integer datatype
|
|
#
?
Nov 15, 2023 09:41
|
|
|
Hammerite posted:man how the hell do you even write code to do arithmetic with large integers in javascript, the idiot hell fucker language that notoriously doesn't have an integer datatype i guess the answer is "badly lol"
|
|
#
?
Nov 15, 2023 09:42
|
|
|
you store your bigints as strings
|
|
#
?
Nov 15, 2023 09:43
|
|
|
RPATDO_LAMD posted:you store your bigints as strings lmao
|
|
#
?
Nov 15, 2023 09:47
|
|
|
Or you can just lose your money https://twitter.com/a_ferron/status/892350579162439681
|
|
#
?
Nov 15, 2023 10:48
|
|
|
Hammerite posted:man how the hell do you even write code to do arithmetic with large integers in javascript, the idiot hell fucker language that notoriously doesn't have an integer datatype code:
|
|
#
?
Nov 15, 2023 12:35
|
|
|
ed zitron summarizes the last hungred pages of this thread
|
|
#
?
Nov 15, 2023 15:03
|
|
|
don’t fix that typo
|
|
#
?
Nov 15, 2023 15:24
|
|
|
infernal machines posted:hungred 
|
|
#
?
Nov 15, 2023 16:02
|
|
|
Weatherman posted:Darude_-_Randstorm.mp3.exe thank you
|
|
#
?
Nov 15, 2023 18:23
|
|
|
Weatherman posted:Darude_-_Randstorm.mp3.exe
|
|
#
?
Nov 15, 2023 18:29
|
|
|
quote:The cryptocurrency industry continually fools the media and venture capitalists in exactly the same way that SBF did — by saying intelligent-sounding things that sound reasonable to people who lack the domain expertise to actually vet the code or criticize the fundamentals of the projects. this is how that article ends, and i take offense at the "by saying intelligent-sounding things that sound reasonable" part because it's a complete lie. everything that comes out of crypto people is obvious bullshit that couldn't have more red flags planted in it even if they tried. it's just that the media and vcs are incredibly loving stupid and just one more symptom of the staggering incompetence of our ruling class. we've seen the chat logs from when sammy boy gave that presentation while playing league and all the vcs were going "i love this guy!!!", "he doesn't even care when there's millions on the line this is amazing!!!", "this man is the next investment superstar!!!", and so on. they were ready to hand over piles of money based on that alone. they all have absolute dogshit brains
|
|
#
?
Nov 15, 2023 18:52
|
|
|
Deep Dish Fuckfest posted:this is how that article ends, and i take offense at the "by saying intelligent-sounding things that sound reasonable" part because it's a complete lie. everything that comes out of crypto people is obvious bullshit that couldn't have more red flags planted in it even if they tried. it's just that the media and vcs are incredibly loving stupid and just one more symptom of the staggering incompetence of our ruling class. we've seen the chat logs from when sammy boy gave that presentation while playing league and all the vcs were going "i love this guy!!!", "he doesn't even care when there's millions on the line this is amazing!!!", "this man is the next investment superstar!!!", and so on. they were ready to hand over piles of money based on that alone. they all have absolute dogshit brains it's because he knows how to dupe greedy people, which is in itself simply not hard to do (just promise them more of what they want and work backwards from there)
|
|
#
?
Nov 15, 2023 18:55
|
|
|
FAUXTON posted:it's because he knows how to dupe greedy people, which is in itself simply not hard to do (just promise them more of what they want and work backwards from there) but just let me toss the dice again with the house money and I can fix this
|
|
#
?
Nov 15, 2023 19:11
|
|
|
Deep Dish Fuckfest posted:this is how that article ends, and i take offense at the "by saying intelligent-sounding things that sound reasonable" part because it's a complete lie. everything that comes out of crypto people is obvious bullshit that couldn't have more red flags planted in it even if they tried. it's just that the media and vcs are incredibly loving stupid and just one more symptom of the staggering incompetence of our ruling class. we've seen the chat logs from when sammy boy gave that presentation while playing league and all the vcs were going "i love this guy!!!", "he doesn't even care when there's millions on the line this is amazing!!!", "this man is the next investment superstar!!!", and so on. they were ready to hand over piles of money based on that alone. they all have absolute dogshit brains the alternate, less charitable explanation is that the typical person is also an idiot.
|
|
#
?
Nov 15, 2023 20:11
|
|
|
as a counterargument to that, see the sheer number of people who have said "it can't be that stupid, you must be explaining it wrong"
|
|
#
?
Nov 15, 2023 20:14
|
|
|
that's usually after a yosposter converts the crazy made-for-vc language into something a normal human would write. we're often eliding the step where we stop, take a second to process whatever bafflegab was presented, and spit out the real meaning in plain terms. see, e.g., the gulf between what people promise with nfts versus what it actually is.
|
|
#
?
Nov 15, 2023 20:18
|
|
|
kw0134 posted:the typical person is also an idiot. i mean, what are the odds?
|
|
#
?
Nov 15, 2023 20:27
|
|
|
"heh, I'm not the average person" --90% of the human race
|
|
#
?
Nov 15, 2023 20:30
|
|
|
haveblue posted:"heh, I'm not the average person" Technically they are all correct.
|
|
#
?
Nov 15, 2023 21:15
|
|
|
Is this javascript vulnerability just this one from 2018 https://davidgerard.co.uk/blockchai...five-years-ago/ coming around again?
|
|
#
?
Nov 15, 2023 21:58
|
|
|
infernal machines posted:i mean, what are the odds? no don't mention odds the ghost of sbf will appear
|
|
#
?
Nov 15, 2023 22:49
|
|
|
divabot posted:Is this javascript vulnerability just this one from 2018 https://davidgerard.co.uk/blockchai...five-years-ago/ coming around again? hahahahahah YES IT IS
|
|
#
?
Nov 16, 2023 01:04
|
|
|
shame on an IGA posted:hahahahahah YES IT IS wait is that the one that was just spitting out the number 4 repeatedly or is this another one
|
|
#
?
Nov 16, 2023 01:26
|
|
|
FAUXTON posted:wait is that the one that was just spitting out the number 4 repeatedly or is this another one
|
|
#
?
Nov 16, 2023 01:29
|
|
|
FAUXTON posted:wait is that the one that was just spitting out the number 4 repeatedly or is this another one at one point they were using a web service for number generation over http (because why would your wallet seed need to be secure over the wire?) that then migrated to https only and wallets were being seeded with "301" for some time
|
|
#
?
Nov 16, 2023 01:46
|
|
|
infernal machines posted:at one point they were using a web service for number generation over http (because why would your wallet seed need to be secure over the wire?) that then migrated to https only and wallets were being seeded with "301" for some time lol i'll never stop laughing at the foibles of languages that treat types as an inconvenient problem to be solved by "common sense" as long as i live because people will keep doing this dumb poo poo forever ah no see it's garbage collected, don't worry you'll never make circular dependencies and leak anyway, and dynamically typed which means you can evaluate a dictionary as a boolean, don't worry you'll never do it by accident, and it doesn't have nulls so it's Safe(tm) because you never get nullpointerexceptions. well it has nulls but we hacked in the ? operator to mean "do this if it's not null and otherwise silently fail and fall through" which means it's safu and you don't have to worry about anything just code it up bro
|
|
#
?
Nov 16, 2023 07:38
|
|
|
|
| # ? Jun 8, 2024 01:20 |
|
|
i loved when some bitcoin thing was using a random website for their time server or something like that and the guy running it figured out what all the traffic was from and changed the site to just say gently caress off
|
|
#
?
Nov 16, 2023 07:40
|
|