00:09:39 <br-m> <syntheticbird> me doing free marketing in.
00:09:39 <br-m> <syntheticbird> https://www.phoronix.com/news/Ubuntu-Rust-Coreutils-Audit
00:09:39 <br-m> <syntheticbird> Zellic found 44 CVEs in rust coreutils. No really when it comes to code no one beats them and I hope they will end up auditing FCMP++[... more lines follow, see https://mrelay.p2pool.observer/e/1JusifwKZGxDS2lM ]
00:26:38 <br-m> <321bob321> Use ai its cheaper
00:26:55 <br-m> <jpk68:matrix.org> That whole thing was a huge mess
00:27:06 <br-m> <jpk68:matrix.org> Wasn't their grep clone like 400% slower or something
00:27:27 <br-m> <321bob321> Ubuntu is a mess
00:29:13 <br-m> <syntheticbird> thx god uutils wasn't related to ubuntu by any shape or form
00:29:50 <br-m> <jpk68:matrix.org> Why would you even use that over battle-tested code with no known issues
00:29:53 <br-m> <jpk68:matrix.org> Seems like a solution in search of a problem to me
00:30:43 <br-m> <syntheticbird> you are wrong. Rust is always good. You must embrace Rust. Rust software are always better than C software. Also its ubuntu's fault for pushing in production a software that WAS ADVERTIZED AS NOT READY.
00:31:08 <br-m> <syntheticbird> Canonical just decided to make uutils the default knowingly and now uutils is getting all the hate in the world
00:31:30 <br-m> <syntheticbird> yeah no shit, its not ready for production yet. It doesn't pass all the tests. A lot of known bugs are no fixed yet.
00:34:22 <br-m> <321bob321> Syn sponsored by Rustc
09:26:10 <br-m> <yiannisbot:matrix.org> > <@rucknium> I am sorry to hear that another entity previously used your open source code without contributing back. But keeping code closed source because you are afraid of it being leveraged for commercial purposes is not the Monero way. Couldn't you release it under the AGPL license and avoid the problem?
09:26:11 <br-m> <yiannisbot:matrix.org> Hi @rucknium:monero.social and everyone, sorry I had to leave last night. Thanks very much for the thoughts. We understand the concerns raised regarding open-sourcing the crawler code. As Dennis mentioned earlier, we generally always operate under FOSS as can be seen at: https://github.com/orgs/probe-lab/repositories.
09:26:11 <br-m> <yiannisbot:matrix.org> After internal discussion we'd like to suggest releasing the Monero extension under the PolyForm Noncommercial license (https://polyformproject.org/licenses/noncommercial/1.0.0/). This means anyone in the community can read, audit, reproduce, and build on the code for research or non-commercial purposes, which covers everythin [... too long, see https://mrelay.p2pool.observer/e/l46imfwKYVJyQWli ]
09:26:11 <br-m> <yiannisbot:matrix.org> [... more lines follow, see https://mrelay.p2pool.observer/e/l46imfwKYVJyQWli ]
16:52:06 <br-m> <kiersten5821:matrix.org> i think it's important to have short typeable addresses as many users type them often
18:35:26 <br-m> <ofrnxmr> I always type mine manually, just to make sure that i have a typo
19:23:52 <br-m> <kayabanerve:matrix.org> I think typing addresses is a very uncommon use-case, PQ addresses will be of such length that use-case becomes infeasible regardless, so we can actually go as far as we want with their lengths until like, the length of other things start to break (QR codes, IRC messages, copy/paste buffers, etc.). For visual comparisons, we r [... too long, see https://mrelay.p2pool.observer/e/jOSqqvwKT0VlMm5i ]
19:33:08 <br-m> <kayabanerve:matrix.org> Note: The proposed license above is not FOSS. That isn't to say I'm against its usage or reasoning for it, but I want to clarify that if there's a requirement for FOSS (e.g. by the CCS), that is insufficient unless an exception is granted (however that would happen).
19:33:11 <br-m> <syntheticbird> > i think it's important to have short typeable addresses as many users type them often
19:33:12 <br-m> <321bob321> Copy pasta and double check
19:33:17 <br-m> <kayabanerve:matrix.org> It wasn't claimed to be FOSS, I just want to be clear it doesn't check the "FOSS" box in case that matters as some people may not immediately understand that.
19:33:23 <br-m> <syntheticbird> > I think typing addresses is a very uncommon use-case, PQ addresses will be of such length that use-case becomes infeasible regardless
19:33:31 <br-m> <kayabanerve:matrix.org> (Sorry if this feels like a drive-by, it isn't, I just get very specific about FOSS licensing)
19:33:35 <br-m> <syntheticbird> THE DUALITY OF MAN
19:34:06 <br-m> <syntheticbird> I hate monero.social
19:34:18 <br-m> <jpk68:matrix.org> As it happens, the length of proposed Jamtis addresses are such that a different encoding approach might make the difference between addresses being able to fit into a bio/text field or not, etc.
19:34:22 <br-m> <syntheticbird> The instance is dying and it ruined my joke
19:34:25 <br-m> <jpk68:matrix.org> Base62 (even with keeping the prefix in Base32) would mean a 94-char reduction. Just saying ;)
19:41:56 <br-m> <321bob321> Reminds when sites strict password characters length
20:31:44 <br-m> <kiersten5821:matrix.org> > <@kayabanerve:matrix.org> I think typing addresses is a very uncommon use-case, PQ addresses will be of such length that use-case becomes infeasible regardless, so we can actually go as far as we want with their lengths until like, the length of other things start to break (QR codes, IRC messages, copy/paste buffers, etc [... too long, see https://mrelay.p2pool.observer/e/m-mmrPwKbDBrbjJC ]
20:31:44 <br-m> <kiersten5821:matrix.org> typing is the most secure and private transmission between two nearby computers, the alternatives are you have to go over the internet, or plug in a webcam plus other software to read the qr code, or stick a usb or other storage media into both. it's just not clean. typing is very important. even 100-200 chars is fine for typing but 1000 chars is reaching
20:52:48 <plowsof> Just type 200 chars, 5 times 
21:07:51 <br-m> <jeffro256> Recipient IDs allow sending the full arbitrary long address over an insecure channel, and confirming it with ~26 characters of typing 
21:08:02 <br-m> <jeffro256> Just FYI 
21:15:56 <tevador> I updated the details table with address sizes for a hybrid base32+base62 encoding. https://github.com/monero-project/research-lab/issues/151#issuecomment-4281932714
21:15:56 <tevador> Unfortunately, I had to add an extra ECDH key to option B addresses, otherwise FilterAssist tier becomes impractical for light wallets. BC1024 is 568 chars.
21:22:04 <tevador> jeffro256: The recipient ID has been rebranded to "visual checksum", but it's basically the same thing. Wallets are only supposed to show the first 30 chars of addresses for manual comparison purposes.
23:46:54 <br-m> <jberman> Update: we've decided on Quarkslab (Vendor 4) for Phase 1 of the FCMP++ integration audit
23:47:15 <br-m> <jberman> They indicated that they can start ASAP (end of Apr, early May), and so we would expect it to be complete by early July, which should not end up blocking the FCMP++ timeline.
23:47:25 <br-m> <jberman>  Repeating, Quarkslab committed to 400 man-hours of work and estimated a 6-8 week timeline from start to finish, at a rate of $50,000. Here is some of their relevant xp:
23:47:31 <br-m> <jberman> https://blog.quarkslab.com/security-audit-of-monero-bulletproofs.html
23:47:31 <br-m> <jberman> https://blog.quarkslab.com/security-audit-of-dalek-libraries.html
23:47:31 <br-m> <jberman> https://blog.quarkslab.com/audit-of-the-mimblewimble-integration-inside-litecoin.html