orignal
not yet
dr|z3d
well, you should be.
orignal
but what can I do if a request coming to me
dr|z3d
because a rejection is a polite way of saying "go somewhere else".
dr|z3d
ignore those rejections, and they turn into less polite drops.
orignal
even I set code 30 I have to send it to the next peer
RN
but he isn't getting reject response, he's getting ghosted
RN
as the kids say
orignal
right, my tunnel requests got dropped
RN
stop texting her for a while, wait longer and see if she texts you back
RN
hehe
orignal
LeaseSets: 342
orignal
hmmm
orignal
they have changes strategy?
dr|z3d
?
orignal
number of leasesets
orignal
too much
dr|z3d
yeah, I see that. I'm wondering what you're asking.
orignal
they start publishing thier destinations
orignal
for whatever reason
RN
so they publish, but ignore your requests, and they keep on publishing?
orignal
I'm talkign about the attackers
RN
ah
orignal
because the attack keeps going on
dr|z3d
attackers, or someone's doing something different.
RN
I wonder if it could be connected to the "so called TLD grab"
dr|z3d
some sort of new peer-to-peer filesharing thing that's got people excited. dunno, just guessing.
RN
do we still have the christmas routers effect?
RN
I mentioned it elsewhere in another channel recently... but...
dr|z3d
that of course doesn't account for the poor build success happening right now, that seems a bit strange.
RN
I've got about 21% on one and exactly 58% on the other two
RN
+/-10min
RN
but squinting my eyes to make the graphs appear more like an average... I don't see a persistent low trend
RN
my graphs, not the ones on stats
RN
my graphs of exploratory bsr
orignal
poor build success because many routers are overloaded
dr|z3d
well, those should be publishing congestion caps so they can be avoided. that's how it's meant to work.
dr|z3d
anything with a whiff of congestion and + avoids it.
RN
even though trusting caps seems to be dubious
orignal
yes, but when they publish not everybody see it
RN
I suppose trusting the "im busy" signals shouldn't hurt
dr|z3d
wasn't there a proposal/idea floating around somewhere to refresh RI's a bit more frequently, or perhaps before requesting tunnels? can't remember.
orignal
many routers still have old routerinfo
orignal
well I pick first hops from connected routers
dr|z3d
yeah, would make sense to request an up-to-date RI before requesting tunnels, even if there's a bit more traffic involved.
orignal
and they are supposed to send new RI every 20 minutes or so
orignal
yes I suggest such message in SSU2 and NTCP2 like "request RI"
orignal
just from peer
dr|z3d
yup, sane.
orignal
like "give me your current RI"
dr|z3d
indeed, indeed.
orignal
costs nothing but can avoid many problems
dr|z3d
yeah, it's about 2K of nothing.
RN
does either implementation notice if they don't send their new RI every 20 min? or if they stop and start again later?
orignal
I don't think so
RN
like if you have one that's 40 min old and no new one, do you forget the old one?
orignal
no I check if it's still connected
orignal
and keep it
dr|z3d
there's an expiry time in java, which scales depending on number of known RIs.
dr|z3d
in + it's also dependent on the "quality" of the router.
orignal
yes, but current connected shoudn't be removed
orignal
as long as they are connected
dr|z3d
right, I don't think we do that.
RN
noticing it has stale ri but still connected, do you ask for a new one?
orignal
how can I do it?
RN
ah
orignal
no message for this
RN
so that's the feature you are proposing?
orignal
right
orignal
to implement such message
dr|z3d
you'd ask a floodfill right now, but asking the router directly would be more efficient.
orignal
even not a message, just block
orignal
asking a floodfill is too much overhead
zzz
no new feature proposal needed, just send a DatabaseLookupMessage
orignal
shoudl non-FF reply to such message or ignore it?
orignal
or reply with closest floodfill?
zzz
reply for your own RI, or any RI
zzz
closest for LS
orignal
if I'm not a FF I ignore lookups
zzz
drop for expl. lookup
orignal
considering it as kinda attack
zzz
not really, in case a router "forgets" all its ffs, it will ask a non-ff
orignal
it should send an exploratory request
zzz
if non-ff we also send our own RI, as a 'go away' message, so requester realizes it's a non-ff
orignal
anyway I will doble check
orignal
thanks
orignal
will check
zzz
but definitely if non-ff drop expl lookup, and a very low rate limit on RI lookup, because there is a scraper out there
orignal
so we reply with own ident hash for explratiry request in non-FF?
orignal
LeaseSets: 401
orignal
new record
zzz
no, just drop expl if non-ff
orignal
no reponse at all?
orignal
and when I send own back?
zzz
no response for expl
zzz
send your own RI back any time, no restrictions except down tunnels
orignal
and 3 closest floodfill regardless if I'm a floodfill or not?
zzz
yes, if you don't have the RI, for a RI lookup only. If you do have the RI, send it (but rate limit)
orignal
and in which I send own routerinfo instead?
orignal
and I guess leasetset requests should be dropped too
zzz
yes drop LS, I don't understand the other question
orignal
<zzz> if non-ff we also send our own RI, as a 'go away' message, so requester realizes it's a non-ff
orignal
in which we do it?
orignal
*case
zzz
for an RI lookup I think
zzz
not down tunnel ofc
orignal
but it which case
orignal
?
orignal
if we usually reply with list of floodfills
orignal
or RI if found
zzz
basically we do same thing for RI lookup whether ff or not. ONly difference is much lower rate limit if non-ff
orignal
got it no
orignal
w
orignal
so if you exceed rate limit you send own RI back
orignal
we should be prepared for more attack next year
not_bob
Agreed
orignal
although we are ahead of them now, we must think in advance
orignal
"salt" guy was really disappointed
orignal
<Orignal_huesos> Какие конкретно меры по предотвращению eclipse калека предпринял в коде?
zzz
no if rate limit exceeded, drop
dr|z3d
tell him we added anti-donut countermeasures, orignal
not_bob
Can I keep the holes?
not_bob
RTP: Welcome!
RTP
heyy all
not_bob
Things going well?
RTP
pretty good here! dealing with testing some suspected counterfeit flash drive tests.. so much of this junk hardware out there!
not_bob
There are some nifty tools for testing those quikcly.
RTP
everyone enjoying their iphone backdoors? arstechnica.com/security/2023/12/exploit-used-in-mass-iphone-infection-campaign-targeted-secret-hardware-feature :-P
not_bob
Yeah, saw that. Lovely.
not_bob
And, it's been used for years.
RTP
ahh yes, using f3: "fight flash fraud" :-P
not_bob
A rather complex chain to make it work though.
not_bob
zero click exploits are a major issue.
dr|z3d
there's a good tool for that, RTP.
RTP
yeah so much interesting stuff in the ANT catalogue... among other releases. Sh** goes deep.
dr|z3d
it'll take dodgy thumb drives and remap them so they're correctly allocated.
not_bob
dr|z3d: I don't think that's possible. The firmware lies to the computer.
RTP
ahh any tool you suggest?
RTP
yeah the firmware lies about capacity unfortunately
RTP
which makes it tricky for most casual buyers
not_bob
I've used a few, they all work the same.
dr|z3d
the tool partitions the drive which ensures that the bogus capacity disappears. let me see if I can find it.
not_bob
Create a large file, randomly write to it, and see what read results come back with an error.
not_bob
dr|z3d: I could see that working, but still best to trash dodgy hardware like that.
dr|z3d
RTP: apt install f3
RTP
complex backdoor design.. layered approach to concealment ;D
RTP
ahhh thanks. That's actually the one I am using now. :)
dr|z3d
not_bob: not necessarily, you may find you have a drive half the capacity of what you paid for, but you have something.
dr|z3d
a-essam.medium.com/how-to-recover-a-corrupted-flash-memory-using-f3-tools-under-linux-e662c3622d68
not_bob
Curious.
dr|z3d
I've fixed drives using that tool.
not_bob
I bought one once that was to be a 2TB drive. It had 32 gigs writable.
dr|z3d
advertised as 32GB, actual capacity 16GB.
dr|z3d
lol
dr|z3d
that'll teach you to buy too good to be true capacity at ridiculous prices on ebay.
RTP
it's tricky as sometimes places change their quality on you... IME.
dr|z3d
I was specifically referring to not_bob's purchase
dr|z3d
branded is the way to go, from an authentic supplier, even it if costs more.
not_bob
dr|z3d: I thought it might possibly be fine.
not_bob
It wasn't.
dr|z3d
I've been stung before, not_bob, you're not alone.
dr|z3d
these days, branded drives are dirt cheap, so no real sense saving a couple of bucks.
not_bob
Agreed.
dr|z3d
the fraud is pretty amusing, though. I think some of them use ram as a cache, so you can write the full capacity, only it ends up writing over your data once you go past the *actual* capacity.
not_bob
*nod*
RTP
sometimes I find we can be best off buying used hardware *shrugs*
RTP
at least we know it works
dr|z3d
though not for flash drives, or indeed any solid state storage.
dr|z3d
until you plug it in and do some tests, assuming the firmware supports it, you don't know how hard the device has been hammered and what the remaining predicted usage is. not worth it.
RTP
true. And flash can go *poof* without any real warning at times... still once in a while I'll get a large used to hold for backups... but wouldn't rely on it for serious work
dr|z3d
did you get anywhere with Railroad, RTP?
RTP
Holidays have kept me a bit occupied, but planning to sometime soon after I get my server operating system set up. Working on hardware end of my server plan lately. :)
dr|z3d
you and RN have a lot in common.
dr|z3d
professional procrastinators, both. :)
not_bob
lol
RTP
hahaha I like to get involved with too many projects at once. But it is a real plan to put up my i2p based blog. But... surely has not gone quickly yet LOL. I did compile / flash the coreboot based firmware for server though... That's a start!
not_bob
We need more quality I2P based blogs.
not_bob
RTP: Did you ever use galaxy3 on tor?
RTP
You know I haven't tried galaxy3
not_bob
Oh, shit. That's right.
not_bob
Wehave talked about that before.
dr|z3d
you just need to install the plugin first, RTP. then it'll sit there in your router waiting for you to tickle it into action. installation is a copy / paste url affair.
dr|z3d
not_bob: while you're there, in your defcon css, remove any reference to the ubuntu font.
not_bob
It's in there?
dr|z3d
it's probably something like: font-family: Open Sans, Ubuntu Sans, .. the Ubuntu Sans or whatever it is needs to disappear.
not_bob
Ahh, I see it.
not_bob
Just remove the ubuntu bit?
dr|z3d
the problem is it's a lot smaller relative to most other sans serif fonts, so when it's used, it janks the UI.
dr|z3d
yup
not_bob
Let me do that across homes.
dr|z3d
and the other problem is, with firefox's anti-fingerprinting on smash, access to local fonts except a small predefined selection is verboten, so you end up with ubuntu often.
not_bob
Ahh
not_bob
Done and testing.
not_bob
Slowly.
dr|z3d
the top nav buttons were the main victims.
not_bob
It still looks good here. Let me try android.
dr|z3d
vertically misaligned text and search bar out of whack when ubuntu font was active.
dr|z3d
if it still looks good, then you're fine.
not_bob
Lame, thank you.
not_bob
dr|z3d: Thank you for caring.
dr|z3d
np nb
dr|z3d
also, if you have an account on 333.i2p, feel free to use your new avatar there.
dr|z3d
or indeed anywhere else.
not_bob
I do have an ccount on 333.i2p!
not_bob
And, I have saved it for just that use!
dr|z3d
:)
dr|z3d
about time zzz had a new avatar. *grin*
not_bob
hah
not_bob
New avatar is set on 333.2ip
dr|z3d
*thumbs up*
RN
should I cueue the drumroll dr?
RN
queue
dr|z3d
do it, RN, do it now. *chuckle*
dr|z3d
done.
RN
where da url?
dr|z3d
he's all over his site, you'll find him :)
RN
pffff
RN
oh, grandpa
RN
hehe, doesn't look sleepy though
dr|z3d
looks like orignal's not allowing avatars on his site except for his own, or his display code is borked.
not_bob
Lame
dr|z3d
yeah, lame++
not_bob
Yep, quite broked.
not_bob
orignal: You should fix that.
dr|z3d
this is where your avatar is meant to go: <dd class="avatar">INSERT AVATAR HERE</dd>
dr|z3d
of course, there's an empty space in the html where it should be.
not_bob
hahahaa
dr|z3d
bah, sleepy. he looks like someone just woke him up and he ain't happy, RN :)
orignal
what? 333?
dr|z3d
yeah, F- for you, orignal
orignal
avatars worked
orignal
if they don't I will check
dr|z3d
yours is the only one displaying right now.
orignal
let me check
orignal
not true
orignal
for example
dr|z3d
where's notbob's avatar?
dr|z3d
ok, that's one other avatar. outlier.
dr|z3d
I see polistern's avatar now, not sure I did before.
dr|z3d
Qball aka Qubes must have an avatar.
dr|z3d
also, garbage:
dr|z3d
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
dr|z3d
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
dr|z3d
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
dr|z3d
<!DOCTYPE HTML><html lang=ru> is all you need there.
not_bob
Yep, just made a new post, no avatar.
orignal
maybe
dr|z3d
is it a mimetype thing? do you need to explictly add webp? I dunno, I doubt it, there must be plenty of jpeg/png avatars not displaying.
orignal
I didn't do anything special
orignal
it's standard eldrorado
dr|z3d
that much is obvious :)
dr|z3d
special. lol.
not_bob
orignal: Everything you do is special.
orignal
look 333.i2p/avatars
dr|z3d
haha, shut up not_bob
not_bob
dr|z3d: Sorry, that one was too hard to pass up on :)
orignal
looks like not_bib didn't select it
not_bob
I did!
dr|z3d
uploading != selecting, apparently.
not_bob
I did both.
dr|z3d
otherwise it would say "used by not_bob" on that page.
not_bob
I click on "select" on the avatar gallery and it brings me back to 333.i2p
orignal
yes that's what I meant
dr|z3d
you probably need js enabled.
not_bob
Oh
orignal
I can force it in the database
not_bob
Lame.
dr|z3d
which is shit, but hey.
not_bob
Let me try this.
orignal
yes, eldorado uses js
not_bob
Yep, it was a JS issue, argh.
orignal
nice I see now
orignal
so you can start playing with avatars there ))
dr|z3d
next gen stuff.
dr|z3d
just the right amount of ridiculous, but not too much.
orignal
tommorow
not_bob
Ш вшп шею
orignal
will change it wlm logo
dr|z3d
you've got a new avatar orignal. use it.
not_bob
Oops, wrong lanague selected.
RTP
you are right dr|z3d it does look like a very easy set up - might make for a good video as long as all goes well lol
RTP
downloaded it and was about to install... but might record it in case it goes well
RTP
I'd like to see more i2p blogs as well
RTP
I got Railroad to work!!! :) I recorded it so will be making it into a video tutorial for anyone wanting to host an i2p blog. It's supercool. Thanks eyedeekay!
RTP
I skimmed it earlier thinking I had to build it... but all you have to do really is have a working i2p browser set up and paste the link into the dang square... So easy.
dr|z3d
well done, RTP!
dr|z3d
told you it was easy.. plugin, see. :)
orignal
look at my new avatar
orignal
as promised
dr|z3d
crap, orignal. I am disappoint.
orignal
why?
orignal
don't like wlm?
dr|z3d
looks like something out of a hitler youth poster.
orignal
it's from wlm stickers
dr|z3d
well, exactly.
orignal
I took on from thier telegram channel
dr|z3d
I've made you one of the sexiest avatars on the entire planet. use it. :)
dr|z3d
also, you remember that part in your conversation where you were insisting politics had no place on the network...
orignal
I never said this
orignal
I said that politics shouldn't be a part of I2P project
orignal
but applied only to a project
dr|z3d
right, and you're the lead developer of i2pd, so, you know, things matter.
orignal
but it's not an offical position of i2pd, it's my personal
orignal
unlike Java where they claim abotu LGBT support on the offcial site of the project
orignal
see the difference
dr|z3d
sure, there's some road between your position and I2P's, but it's still not a great look aligning yourself with a right-wing political position, even as an individual.
orignal
yes, like echelon says
orignal
don't use i2pd because it's run by an old white racist ))
orignal
at the same time then main dev of yggdrasil is a gay
orignal
but who cares
dr|z3d
it's all about code, or should be.
orignal
and yggdrasil project doesn't have such "Inclusion" section
dr|z3d
sure, you and I are on the same page there, no argument.
orignal
also my racism and homophobia is not a big secrect
orignal
and (surprise!) people find is as pros of i2pd
dr|z3d
surprise! would be you telling us you're really a cross-dressing transvestite.
orignal
with back skin ))
orignal
*black
orignal
remember michael jackson?
eyedeekay
Literally everyone does.
dr|z3d
lol
orignal
he wanted to be more white than natural whites ))
dr|z3d
michael had issues.
orignal
I meant maybe I'm like him ))
dr|z3d
there you go, eyedeekay, enhanced harpo: pr3t6cjlcth36djl3qgnfaollcvcs2kbzigzon6derjzjghttp4q.b32.i2p/topics/3450-whoever-changes-the-site-banner-has-good-taste