|
IANAL isn't there some kind of supremacy clause equivalent that applies to state authority taking precidence over city/county authority
|
#
?
Sep 19, 2019 01:03
|
|
|
|
| # ? Apr 23, 2024 10:29 |
|
|
klosterdev posted:IANAL isn't there some kind of supremacy clause equivalent that applies to state authority taking precidence over city/county authority Apparently in Iowa, the State has to confirm with the county for anything, as the county 'owns' the building. CommieGIR fucked around with this message at 01:21 on Sep 19, 2019 |
|
#
?
Sep 19, 2019 01:04
|
|
|
CommieGIR posted:Its looks like the Iowa Pen Test gig, they were authorized to be there, they showed the Sheriff their documentation, and he arrested and charged them anyways. oh this is going to be entertaining
|
|
#
?
Sep 19, 2019 01:06
|
|
|
CommieGIR posted:Its looks like the Iowa Pen Test gig, they were authorized to be there, they showed the Sheriff their documentation, and he arrested and charged them anyways. mystes fucked around with this message at 01:11 on Sep 19, 2019 |
|
#
?
Sep 19, 2019 01:08
|
|
|
mystes posted:If I was a pen tester I would definitely not want to go anywhere near any sort of government building precisely because in the US you know there would be some sort of bullshit jurisdictional issue and an elected sheriff would try to turn it into a test case for local self governance or something. If they're really unlucky the county judge is also elected there and will have similar political motivations to try to grandstand to chuds. Strong Against Hacking, Strong For Our Citizens Privacy Death penalty.
|
|
#
?
Sep 19, 2019 01:35
|
|
|
Farmer Crack-rear end posted:i think it's less about needing a specifically non-secure random number and more about being assured that a random number will be delivered regardless of whether it is secure or not, because if i'm understanding correctly there are scenarios in which the current secure random number generator may fail, timeout, or otherwise be unable to deliver a secure random number. yeah I got burned by /dev/random literally yesterday, but imo paranoia about /dev/urandom is unwarranted tom ptacek’s https://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/ is pretty positive on urandom and has what I’d consider a pretty good list of reviewers: quote:Thanks to Matthew Green, Nate Lawson, Sean Devlin, Coda Hale, and Alex Balducci for reading drafts of this. Fair warning: Matthew only mostly agrees with me.
|
|
#
?
Sep 19, 2019 02:23
|
|
|
Lain Iwakura posted:oh this is going to be entertaining LOL King George did nothing wrong usa broken irreparably since 1776
|
|
#
?
Sep 19, 2019 02:50
|
|
|
I found the sheriff's website. He has a list of endorsements on it. One endorsement is from former Iowa state rep Ralph Watts, who was apparently the Steve King of the Iowa Legislature:quote:A 73-year-old, eight-term incumbent from Adel, Ralph Watts has a reputation for being an unlikeable guy, even among his fellow Republicans, who neglected to give him any committee leadership spots in the House. Recently, Watts has perhaps been best known as the lawmaker who allegedly used a gay slur against a political rival at a public forum in February 2017. Another endorsement comes from Chris Tjapkes, (former?) pastor at First Baptist Church in Perry, IA. The church's website doesn't give away the game, but if you click through to their Twitter profile, they are following several "fundamental Baptist" accounts. For those who don't know, "fundamental Baptist" churches in America are some of the most extremist of the extreme right-wing Evangelicals. I clicked through to two different organizations the church follows on Twitter in order to verify that they are, indeed, the kind of church that believes the modern state of Israel must exist in order for their Dungeons and Dragons interpretation of the book of Revelation to come true. the guy is nuts
|
|
#
?
Sep 19, 2019 03:34
|
|
|
exmachina posted:LOL King George did nothing wrong usa broken irreparably since 1776
|
|
#
?
Sep 19, 2019 04:35
|
|
|
france's political movement in 1789 was probably the best political movement the united states' move in 1776 was up there, though monarchies get the guillotine software should be free
|
|
#
?
Sep 19, 2019 04:57
|
|
|
CRIP EATIN BREAD posted:france's political movement in 1789 was probably the best political movement have you ever given up and apologized for unironically trafficing in the racist and ableist slur of "mongoloid"?
|
|
#
?
Sep 19, 2019 05:06
|
|
|
Lutha Mahtin posted:the guy is nuts lol at “i wasn’t sure what this meant so i looked it up in urban dictionary which said it was a slur” not only being taken seriously but actually getting printed in a news article
|
|
#
?
Sep 19, 2019 05:13
|
|
|
CRIP EATIN BREAD posted:france's political movement in 1789 was probably the best political movement 1789 was just liberal nobles and the new rich commoners trying to emulate Britain and American revolutions. Seriously everything up to and including 1917 started with the English Civil War. Read the Putney debates, and even some more extreme poo poo like the Diggers (aka the True Levelers) ignore the Puritan stuff (which I believe was a reaction to the church protecting the nobility against the 3rd estate) and you basically get liberal democracies from 1776 to the great depression. And most of the changes were positive, they were just able to kick some economic/social cans down the road as life got better for everyone as the old feudal inefficiencies got scrapped. After Cromwells Commonwealth fell apart, parliament set the precedent of inviting Charles II to establish parliamentary supremacy over the king. The Glorious Revolution and the crowning of George I meant the King of England has pretty much only one power, to dissolve parliament and call for elections. This power protects the people against corrupt or dysfunctional parliament and has been used once in the last few centuries, in Australia of all places. The king must lobby no one, owes nobody any favours for their position and the upkeep paid by the UK is actually a lease of huge amounts of land now used for the public good. To conflate a limited, constitutional monarchy with ancien regime France is stupid. Edit: Monarchy, the true secfuck
|
|
#
?
Sep 19, 2019 06:12
|
|
|
exmachina posted:Read the Putney debates I have never heard of this, so I will read it. You a history major or what? Sometimes I think I can answer jeopardy questions and get poo poo right but history majors always blow my mind.
|
|
#
?
Sep 19, 2019 06:24
|
|
|
No I read a lot. But Mike Duncan's Revolutions podcast is really good. Also a dead podcast called Binge Thinking History had an episode on the Putney debates and a two parter on the South Sea Bubble (early 18th century) that I recommend.
|
|
#
?
Sep 19, 2019 06:29
|
|
|
God I wish I could read like I used to. College absolutely obliterated my desire to read recreationally and it's only been the past year or so that I've been able to consistently do it. I'll check those podcasts out, though.
|
|
#
?
Sep 19, 2019 06:31
|
|
|
Same. These days I listen to podcasts or audiobooks while driving or running so I can at least pretend to be well read.
|
|
#
?
Sep 19, 2019 06:38
|
|
|
CRIP EATIN BREAD posted:God I wish I could read like I used to. College absolutely obliterated my desire to read recreationally and it's only been the past year or so that I've been able to consistently do it. Binge thinking actually starts with a 3 parter on the links between the Civil War and the founding fathers. Here is the Putney debate episode. I found it easier to download the MP3, cos it is not optimised for modern podcatchers http://bingethinkinghistory.blogspot.com/2011/04/19-putney-debates.html exmachina fucked around with this message at 07:10 on Sep 19, 2019 |
|
#
?
Sep 19, 2019 06:45
|
|
|
suffix posted:python had to deal with this and tediously hashed out exactly what required blocking on entropy (anything that users in turn will be relying on to be secure) and what didn't (hash table randomization) BlankSystemDaemon fucked around with this message at 08:02 on Sep 19, 2019 |
|
#
?
Sep 19, 2019 07:58
|
|
|
the problem isn't drawing "too much randomness", the problem is that on linux reading urandom before it is well-seeded will not block, but instead give you nonrandom, predictable data we know this is a real world problem https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final228.pdf but somehow there's still a "just use urandom" meme going around and you get garbage articles like Cocoa Crispies posted:tom ptacek’s https://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/ tpacek can bloviate as much as he wants but anyone can read the kernel source and verify that if your code relies on urandom being random it is catastrophically broken if someone calls it early enough after boot, where early enough can sometimes be within a minute if you make sure your code won't compile on linux or if you're only ever running it yourself and have hardware rng then sure but why risk it, just use getrandom(), unless linus fucks that up too
|
|
#
?
Sep 19, 2019 10:26
|
|
|
maybe you should accept that the idea of computer security is a fever dream and abandon the concept of electronic computation
|
|
#
?
Sep 19, 2019 11:11
|
|
|
suffix posted:the problem isn't drawing "too much randomness", the problem is that on linux reading urandom before it is well-seeded will not block, but instead give you nonrandom, predictable data Oh, right. redleader posted:maybe you should accept that the idea of computer security is a fever dream and abandon the concept of electronic computation
|
|
#
?
Sep 19, 2019 11:44
|
|
|
Maybe I'm loving dumb, but why not just make a Linux kernel compile flag to toggle /dev/urandom behavior between "don't start launching non-kernel code until '/dev/urandom' is seeded" (ALA BSD) and the more traditional "just boot that poo poo up and gently caress userspace, make userspace deal with it". Y'know, let people decide whether they want their OS boots to take longer in order to secure their god-drat entropy pool. Like everything I ever read about Linux Torvalds technical decisions is him basically saying "this is someone else's problem".
|
|
#
?
Sep 19, 2019 11:48
|
|
|
Half-wit posted:Y'know, let people decide whether they want their OS boots to take longer in order to secure their god-drat entropy pool. yeah just give the user that prompt every time they reboot
|
|
#
?
Sep 19, 2019 11:59
|
|
|
Half-wit posted:Maybe I'm loving dumb, but why not just make a Linux kernel compile flag to toggle /dev/urandom behavior between "don't start launching non-kernel code until '/dev/urandom' is seeded" (ALA BSD) and the more traditional "just boot that poo poo up and gently caress userspace, make userspace deal with it". Y'know, let people decide whether they want their OS boots to take longer in order to secure their god-drat entropy pool. Because a whole load of your user space will fail horribly and unpredictably. I’m paranoid enough that tests for code I’ve written do statistical tests on things that should be pseudo random, most of the code your’re relying on doesn’t.
|
|
#
?
Sep 19, 2019 12:01
|
|
|
Hexyflexy posted:Because a whole load of your user space will fail horribly and unpredictably. I’m paranoid enough that tests for code I’ve written do statistical tests on things that should be pseudo random, most of the code your’re relying on doesn’t. Half-wit posted:"don't start launching non-kernel code until '/dev/urandom' is seeded" (ALA BSD) How is computer getting to userspace if userspace isn't launched yet?
|
|
#
?
Sep 19, 2019 12:17
|
|
|
the idea is that the kernel should handle preparing kernel services instead of userspace, but because it's a thing that would make security people happy linux torvalds is against it
|
|
#
?
Sep 19, 2019 12:28
|
|
|
Hexyflexy posted:Because a whole load of your user space will fail horribly and unpredictably. I’m paranoid enough that tests for code I’ve written do statistical tests on things that should be pseudo random, most of the code your’re relying on doesn’t. statistical tests won’t help you if the problem is that you’re using a good prng but with a predictable seed.
|
|
#
?
Sep 19, 2019 13:49
|
|
|
Cocoa Crispies posted:the idea is that the kernel should handle preparing kernel services instead of userspace, but because it's a thing that would make security people happy linux torvalds is against it lol
|
|
#
?
Sep 19, 2019 14:22
|
|
|
linus can never fail, he can only be failed
|
|
#
?
Sep 19, 2019 14:23
|
|
|
CRIP EATIN BREAD posted:God I wish I could read like I used to. College absolutely obliterated my desire to read recreationally and it's only been the past year or so that I've been able to consistently do it. You and me both. It's two years since I finished my PhD. I still can't put a dent in a novel. I really hope this gets better.
|
|
#
?
Sep 19, 2019 14:34
|
|
|
yoloer420 posted:You and me both. It's two years since I finished my PhD. I still can't put a dent in a novel. I really hope this gets better. Takes about a decade after you leave uni.
|
|
#
?
Sep 19, 2019 14:36
|
|
|
Half-wit posted:Maybe I'm loving dumb, but why not just make a Linux kernel compile flag to toggle /dev/urandom behavior between "don't start launching non-kernel code until '/dev/urandom' is seeded" (ALA BSD) and the more traditional "just boot that poo poo up and gently caress userspace, make userspace deal with it". Y'know, let people decide whether they want their OS boots to take longer in order to secure their god-drat entropy pool.
|
|
#
?
Sep 19, 2019 14:37
|
|
|
urandom-er_final_v2
|
|
#
?
Sep 19, 2019 14:38
|
|
|
mystes posted:How about this except rather than a kernel parameter we just make another version of /dev/urandom that blocks so programs can choose which one they want to read from? We can call it /dev/urandom2 or something. /dev/random /dev/urandom /dev/arandom /dev/srandom I hate computers.
|
|
#
?
Sep 19, 2019 14:49
|
|
|
urandom/morerandom
|
|
#
?
Sep 19, 2019 14:49
|
|
|
infernal machines posted:urandom/morerandom mo random mo problems
|
|
#
?
Sep 19, 2019 14:56
|
|
|
/dev/aynrandom, the objective-oriented rng
|
|
#
?
Sep 19, 2019 15:00
|
|
|
https://twitter.com/asluhn/status/1172433125432942592?s=12 Сраные мусора!
|
|
#
?
Sep 19, 2019 15:47
|
|
|
|
| # ? Apr 23, 2024 10:29 |
|
|
flakeloaf posted:/dev/aynrandom, the objective-oriented rng is a man not entitled to the seed of his prng?
|
|
#
?
Sep 19, 2019 15:54
|
|
