|
PhazonLink posted:when you say spicy ramen which specific products do you mean? Maruchan in the bag. You can mash up the noodles and soak them in a little water and it'll add calories/filler to whatever protein they give you. The spice pack is salt, chili powder, and cayenne pepper, used on everything
|
# ? May 12, 2024 04:20 |
|
|
# ? May 26, 2024 13:18 |
|
PhazonLink posted:when you say spicy ramen which specific products do you mean? Arms_Akimbo posted:Pro tip though, chili ramen futures are always through the roof. Trading rice is penny stocks by comparison Maruchan is the normal jail/prison brand.
|
# ? May 12, 2024 04:31 |
|
ewww Maruchan , those people deserve better, surely the Prison Industrial Complex can spend 0.01$ more on top ramen.
|
# ? May 12, 2024 04:58 |
|
Use a fake cake to smuggle in some real cake.
|
# ? May 12, 2024 05:28 |
|
The Lone Badger posted:Does anyone ever smuggle in the higher-end food items so they don't have to pay private-prison commissary markup? Or is it such that if you're going to the effort of bribing a co you might as well bring in something properly illicit to get a better return? Feels like worst of both worlds. Items that can be otherwise obtained so there's an immediate cap on potential profit to be made, and the prison is less likely to look the other way since they are losing out on money from it.
|
# ? May 12, 2024 13:53 |
|
So courts are going to make FTX liquidate a bunch of bitcoins? Should be fun.
|
# ? May 12, 2024 16:48 |
|
For all the talk about being able to make creditors whole, that's sure not going to happen after they crater the price on a firesale.
|
# ? May 13, 2024 13:44 |
|
Iron Chef Ramen posted:For all the talk about being able to make creditors whole, that's sure not going to happen after they crater the price on a firesale. what's the problem? they'll be made whole in kind, and 1 btc == 1 btc
|
# ? May 13, 2024 18:41 |
|
How many bitcoins can you practically sell at once?
|
# ? May 13, 2024 18:48 |
|
Juul-Whip posted:what's the problem? they'll be made whole in kind, and 1 btc == 1 btc The victims won't be getting the bitcoins back, only the value of their account(s), if possible, at the time all the legal restitution proceedings were decided.
|
# ? May 13, 2024 18:54 |
|
The value of each claim is locked in on the bankruptcy date. It's also set in a single currency (USD), not a bunch of random token values. That's the law. quote:
Also they were not able to "find" all their customer's bitcoins somewhere. They had to sell things that SBF bought with customer funds and claw back donations he made. They also still owe billions more to other creditors who probably won't get anything. Zero One fucked around with this message at 01:09 on May 14, 2024 |
# ? May 14, 2024 01:05 |
|
Zero One posted:They also still owe billions more to other creditors who probably won't get anything. They were very clear that they only found enough money to satisfy non governmental creditors yes
|
# ? May 14, 2024 01:43 |
|
buh buh number go up no maore bankrupt!!
|
# ? May 14, 2024 13:23 |
|
weren't they just making up bitcoin? taking people's money and being like "yep you now own 0.0002 BTCH we are holding for safekeeping we promise it exists and is there" wouldnt that person just be owed what they put in, and not whatever the nominal value of the fake thing they never bought would be, were it real and owned by them
|
# ? May 14, 2024 13:26 |
|
Zero One posted:The value of each claim is locked in on the bankruptcy date. It's also set in a single currency (USD), not a bunch of random token values. yeah this is correct. section 502(b) of the bankruptcy code requires you value all claims in dollars as of the filing date. so your account was basically a contract where FTX owed you, say, 1 bitcoin if you demanded it. but in bankruptcy, that becomes a claim for about $16k (the value of the bitcoin as of the filing date). ftx was sitting on a pile of a random shitcoin (solana) that spiked an insane amount this year, and they sold a shitton of it into that spike. that is, basically, just a result of all crypto prices going up. but that original claim stays at $16k, even as bitcoin prices go up. this has caused immense agita among crypto creditors in all of the crypto bankruptcies, but it's the law, though some bankruptcies (ftx and genesis) now have more dollars than they owe, so they're figuring out what to do with the extra dollars. but ftx creditors are seething over "getting paid in full" because they'll get back about 25% of the dollars needed to buy one bitcoin for each bitcoin they lost.
|
# ? May 14, 2024 16:27 |
|
Number going up....good? I'm clearly shitposting, but my read is the creditors bought bitcoin at a value lower than the current value but can only be paid back what they bought for.
|
# ? May 14, 2024 17:11 |
|
They get marked to market as of 11/11/22, regardless of what they paid or how they acquired the butts.
|
# ? May 14, 2024 17:30 |
|
well i'm sure they can put the squeeze on those butts to wring out every last drop
|
# ? May 14, 2024 17:32 |
[Bitcoin]: That investor was no angel
|
|
# ? May 14, 2024 19:56 |
|
I have a moral question for the thread. I need to implement an account creation system that's wide open to the public. I can't rely on email verification, and I need it to work on IPv6. Accounts are sort of lightweight, but an attacker could cause problems by registering thousands, or even hundreds, of accounts. I'm trying to come up with a way to do this that is resistant to this type of Denial Of Service attack, and I keep coming back to HashCash: in order to register, you have to do some complicated calculation that takes time. This essentially makes you use electricity frivolously in order to sign up, but I'm only requiring this to prevent the entire system from being vulnerable to attacks. Essentially, this was the original goal of HashCash: trying to slow down spam to the point that it's not interesting as an attack. In the normal case (nobody attacking), only a few dozen machines would be doing this every 6 months. So, like, probably less energy use than having a screensaver for a year. Honestly, it might even be less energy use than running Google Docs, I don't know. This solution is giving me the willies because it has the stink of Bitcoin on it. But is it morally defensible? cruft fucked around with this message at 00:32 on May 15, 2024 |
# ? May 15, 2024 00:28 |
|
If the normal case is that low, and hashcash will deter (not might), then morally I don’t see an issue with it. If it’s the kind of system where a bad actor would want to try and bypass regardless of the cost then it’s not much of a deterrent? Given the expected extremely low rate of usage, is this an actual expected issue or just protecting against a thing that could be but likely won’t be? If it’s that then don’t bother. My naive recommendation would be to not implement it but monitor so that if it is a clear issue you can look at mitigating, with hashcat or something else.
|
# ? May 15, 2024 00:41 |
|
You could also force people through an annoying CAPCHA to register.
|
# ? May 15, 2024 00:48 |
|
necrotic posted:If the normal case is that low, and hashcash will deter (not might), then morally I don’t see an issue with it. If it’s the kind of system where a bad actor would want to try and bypass regardless of the cost then it’s not much of a deterrent? It's for a hacking competition: I have to assume they're going to try to exploit any vulnerabilities that exist. And there's no question that it will deter this type of attack: rate limiting is the usual solution trotted out for this problem, hashcash implements rate limiting by requiring clients to do something compute-intensive to generate an acceptable input. Hashcash also has the advantage that it doesn't require gobs of memory on the server or complicated algorithms to guess subnets, and the size of the IP space doesn't matter (IPv6 doesn't introduce any new problems). Thinking about how long it takes for Google Docs to load has really given me some perspective on the issue.
|
# ? May 15, 2024 00:52 |
|
The Lone Badger posted:You could also force people through an annoying CAPCHA to register. That's a thought.
|
# ? May 15, 2024 00:53 |
|
Make your own CAPCHACASH interface
|
# ? May 15, 2024 01:07 |
|
Tunicate posted:Make your own CAPCHACASH interface Using your mouse, draw $140 in nickels.
|
# ? May 15, 2024 01:11 |
|
cruft posted:It's for a hacking competition: I have to assume they're going to try to exploit any vulnerabilities that exist. And there's no question that it will deter this type of attack: rate limiting is the usual solution trotted out for this problem, hashcash implements rate limiting by requiring clients to do something compute-intensive to generate an acceptable input. Hashcash also has the advantage that it doesn't require gobs of memory on the server or complicated algorithms to guess subnets, and the size of the IP space doesn't matter (IPv6 doesn't introduce any new problems). Oh, a hacking competition is entirely different problem space! I didn’t suggest ip rate limiting because of the IPv6 factor, otherwise that’d be an obvious solution. I’d go with hashcat for this case. edit; I saw a neat captcha (maybe not a accessibility friendly one) that was pulling a slider to rotate the middle of a picture to align it with the outer part.
|
# ? May 15, 2024 03:34 |
|
This sounds like a technical solution to a human problem. Just define the limits of the competition space and penalize anyone who goes outside of them? Really you're just making this a juicier target by building a wall around it.
|
# ? May 15, 2024 03:57 |
|
Crust First posted:This sounds like a technical solution to a human problem. Just define the limits of the competition space and penalize anyone who goes outside of them? Really you're just making this a juicier target by building a wall around it. That first sentence is eerily close to something I say frequently. But other factors apply to this situation: specifically, the person who's angry and wants to make everybody else angry, too. Experience over the last 15 years has taught me that once a person has given up on the event scoring things fairly, many of them turn to ruining the event for other participants. Attacking the server is typically how that plays out. We've done a pretty good job in the last 10-12 years ensuring that everyone feels like they're being treated fairly, but I always try hard to design things that guide the "screw it, how can I disrupt this event" approach into behaviors that scratch that itch without anybody else suffering. For instance, we deliberately provide to the client a hash of every acceptable answer, instructions on how to compute the hash in JavaScript comments, and a handy function which will hash a string and return whether it matches an answer hash. The intent here is that if you want to brute force a question, there's a wildly faster way to do it than submitting hundreds of HTTP requests per second. We even have a whole puzzle category that walks you through building a brute-force attack against the entire server, which we roll out when we find somebody doing it over the network. We do rate limiting on answer submissions, too, but this is an easier problem at this point since you have to be authenticated, and the number of accounts is orders of magnitude less than the number of IP addresses. This hashcash solution strikes me as another place where if somebody really wants to do it, we can have a discussion about proof-of-work, computational complexity, and parts of how Bitcoin works. Then I can roll out the hash-breaking category and suggest they interact with that instead, since it will boost their ranking on the scoreboard and give them more easily-explained bragging rights. cruft fucked around with this message at 04:25 on May 15, 2024 |
# ? May 15, 2024 04:23 |
|
cruft posted:, this was the original goal of HashCash: trying to slow down spam to the point that it's not interesting as an attack. Something tells me “HashCash” was not created with the original goal of thwarting ddos attacks via account creation. I don’t think anything with “Cash” in the name has ever been created without very specific monetary aims.
|
# ? May 15, 2024 04:39 |
|
Flowers for QAnon posted:Something tells me “HashCash” was not created with the original goal of thwarting ddos attacks via account creation. It totally was! Well, not specifically about account creation, but it was totally about DOS attacks. The follow-up paper even had that in the title: HashCash: A Denial Of Service Counter-Measure. This was published in 2002, 7 years before Bitcoin's paper came out. Hashcash itself was proposed in 1997, and the concept of proof-of-work as anti-spam was in a paper published in 1992, a full 20 years before Bitcoin. The idea was that what email really needed was something like a stamp: some small payment required by the sender. Email had economics all wrong: the sender typically has very low cost for sending lots of email, and the recipient typically has a higher cost for receiving it. The recipient costs were storage space, compute time, and labor spent sifting through the mountains of spam. But the sender only had to generate the message and send a single copy, and the mail system would do all the amplification for free. So the original proposal was like, what if we could make the sender prove they had paid some money in order to send the email? And the obvious way to have random email senders pay money was in their electricity bill. But how do you prove you paid the electric company? MATH! cruft fucked around with this message at 04:58 on May 15, 2024 |
# ? May 15, 2024 04:48 |
|
Crust First posted:This sounds like a technical solution to a human problem. Just define the limits of the competition space and penalize anyone who goes outside of them? Really you're just making this a juicier target by building a wall around it. also block every proxy ipv6 range/endpoint known to man and force fingerprinting because lol someone will automate and bypass rate limits
|
# ? May 15, 2024 05:17 |
|
notwithoutmyanus posted:https://arstechnica.com/gaming/2024/05/jury-finds-activision-blizzard-liable-in-23-4m-patent-infringement-case/ I wonder if this is the same guy who had a trademark scam going through the 90s and 2000s, suing any game dev who used the word 'Edge' in it while claiming to be a developer (who hadnt released anything since the spectrum days). Made a tidy living until he tried to sue EA over Mirrors Edge and they clobbered him.
|
# ? May 15, 2024 08:33 |
|
Spuckuk posted:I wonder if this is the same guy who had a trademark scam going through the 90s and 2000s, suing any game dev who used the word 'Edge' in it while claiming to be a developer (who hadnt released anything since the spectrum days). Didn't he get really depressed and become a priest?
|
# ? May 15, 2024 10:13 |
|
Question: Could you have traded the debt on FTX. E.g. FTX owed you say 100k. If you thought 'Well, clearly I'm never seeing a penny of this'. Could you have sold the rights to any future reimbursement for pennies on the dollar to someone who thought otherwise?
|
# ? May 15, 2024 10:22 |
|
Deptfordx posted:Question: Could you have traded the debt on FTX. I'm sure you could sign a contract that conveyed your right to any cash recovered to someone else. Businesses quite often do that with debt that's proving difficult to collect - sell the debt to a collections agency for cents in the dollar, and then the collection agency sets about rearranging someone's kneecaps until they get the money.
|
# ? May 15, 2024 10:33 |
|
cruft posted:It's for a hacking competition: I have to assume they're going to try to exploit any vulnerabilities that exist. And there's no question that it will deter this type of attack: rate limiting is the usual solution trotted out for this problem, hashcash implements rate limiting by requiring clients to do something compute-intensive to generate an acceptable input. Hashcash also has the advantage that it doesn't require gobs of memory on the server or complicated algorithms to guess subnets, and the size of the IP space doesn't matter (IPv6 doesn't introduce any new problems). I would go with a swiss cheese approach. Combine rate limiting on IP/session with captcha with user agent/browser fingerprinting, with CSRF with manifests with obfuscated and minified code and markup, randomise the input field names every request and the page order of the fields and reorder them visually in JS, label things only in CSS. If you can use an external service then maybe put it behind something like DOS arrest. All of these things can be overcome with time but now you have offloaded the compute effort onto the user and you only have to outlast the competition.
|
# ? May 15, 2024 10:35 |
|
Have them mail in a physical letter to make an account.
|
# ? May 15, 2024 10:58 |
|
48 hour wait on account creation.
|
# ? May 15, 2024 11:13 |
|
|
# ? May 26, 2024 13:18 |
|
Deptfordx posted:Question: Could you have traded the debt on FTX. Yes, a ton of claims were sold. The buyers have made out like bandits.
|
# ? May 15, 2024 12:10 |