02:01:29 <br-m> <yushanren:matrix.org> focus on code and algorithm auditing plz
02:01:29 <br-m> <yushanren:matrix.org> talking about economics is fool, because monero is an asset not a kind of money
02:07:10 <br-m> <jpk68:matrix.org> https://mrelay.p2pool.observer/m/matrix.org/vShtqrTMdcWnqdRWQLCBNmLv.png (clipboard.png)
02:17:56 <br-m> <yushanren:matrix.org> money is something that pays tax with
02:17:56 <br-m> <yushanren:matrix.org> you don't pay tax with xmr or btc
02:21:52 <nioc> you are saying that what is money is determined by a government 
02:22:24 <nioc> that is, it is declared by fiat
02:22:34 <nioc> hence the name fiat 
02:23:47 <br-m> <yushanren:matrix.org> money is not determined by gov, it is widely accepted by people
02:24:08 <br-m> <yushanren:matrix.org> fiat is widely accepted by gov force
02:25:41 <nioc> <yushanren:matrix.org> money is something that pays tax with <<>> I took this as meaning that you were saying that the definition was determined by the govt
02:27:32 <br-m> <jpk68:matrix.org> @yushanren:matrix.org: This contradicts your point about taxes. Are you using a state-based or market-based definition?
02:28:57 <br-m> <yushanren:matrix.org> i might be wrong in logic, but what makes you think xmr is money?
02:29:15 <br-m> <yushanren:matrix.org> it could be, but not so soon
02:29:49 <nioc> I have used it as money but it is not widely accepted as money
02:30:00 <br-m> <jpk68:matrix.org> @yushanren:matrix.org: There are many places in real life where Monero is used as money, and there are probably at least a dozen people in this room alone who are paid their salary in Monero
02:30:36 <br-m> <yushanren:matrix.org> just because i am the holder now, doesn't mean i can use it freely in everyday life
02:31:19 <br-m> <yushanren:matrix.org> @jpk68:matrix.org: i prefer to buy more, not to spend it
05:49:36 <br-m> <hbs:matrix.org> > <@sgp_> sech1: we were accepted to the Claude Cyber Verification program, including your account
05:49:36 <br-m> <hbs:matrix.org> I attempted to use the latest Claude Fable 5 within Devin (ex Windsurf) to perform a routine security analysis of a smart contract as I've done previously with Opus 4.8 and the request was purely and simply rejected, so I guess this program is now the only way to have advanced models perform security analyses.
05:50:17 <sech1> I will check Monero's ringct/bp+ code today with Fable 5
05:53:34 <br-m> <hbs:matrix.org> sech1: The same prompt works with Opus 4.8 Max but fails with all Fable 5 ones so I think they included some "safety" filters.
05:55:10 <br-m> <hbs:matrix.org> Even a prompt as simple as "Perform a security analysis of the XXX smart contract" fails
06:03:55 <sech1> Yes, I know. I still haven't tested if my account is whitelisted now, because I have another urgent matter at hand
06:08:02 <br-m> <hbs:matrix.org> sech1: I managed to tweak the prompt so the analysis could start but as soon as the thinking phase identified a potential issue (which actually isn't one), it aborted the process.
06:08:15 <sech1> yes, it was the same for me yesterday
06:08:19 <sech1> I'll try later today
06:10:32 <sech1> this urgent matter: https://www.reddit.com/r/Monero/comments/1u1tt1p/psa_critical_p2pool_security_update/
07:56:11 <br-m> <basses:matrix.org> Why alert about a security vulnerability with no patch, which will make threat actors look for that vulnerability and exploit it during that timeframe?
07:56:11 <br-m> <basses:matrix.org> Why not wait till patch with obscuring commit message and commit change (Ex: multiple code changes at once and not the problematic code only)?
07:57:10 <br-m> <basses:matrix.org> then announce it publicly?
07:57:29 <br-m> <monerify:matrix.org> the patched code can show what the exploit was 
07:58:00 <br-m> <basses:matrix.org> @monerify:matrix.org: > patch with obscuring commit message and commit change (Ex: multiple code changes at once and not the problematic code only)?
07:58:08 <br-m> <monerify:matrix.org> so if it's released now before people are aware and awaiting the update, it's much easier for an attacker to abuse the nodes that haven't been aware of the news
07:59:14 <br-m> <monerify:matrix.org> @basses:matrix.org: might have been an option too, i guess 
07:59:20 <br-m> <basses:matrix.org> how you can be sure that now attackers are motivated to look for this exact issue right now as they have more breadcrumbs to trace where this issue could be exactly
08:00:11 <sech1> It's hard to obscure what I found, believe me
08:02:19 <br-m> <basses:matrix.org> can you detect if someone is exploiting it in the wild?
08:03:36 <sech1> yes
08:03:50 <sech1> DataHoarder has checked it already, it's not being exploited and never was
08:04:31 <br-m> <basses:matrix.org> good, hopefully safe till patch date
08:06:11 <DataHoarder> even in my own codebase @basses:matrix.org in Go it's affected as it matches behavior, and it's even harder to obscure
08:06:38 <br-m> <basses:matrix.org> hmm, ok.
08:06:46 <DataHoarder> I'm not placing the tests that check for it but it's clear with the specific fix. It'd be released along other of my own fixes/consensus checks
08:11:46 <br-m> <basses:matrix.org> thanks everyone
08:18:42 <sech1> sgp_ I'm still not whitelisted for Claude Fable 5 - it switched to Opus 4.8 again because "cybersecurity" flagged
08:21:21 <DataHoarder> sech1: it always switches on that, as Fable is Mythos with the guardrails
08:22:08 <DataHoarder> so I guess it'd switch if you are approved
08:22:09 <sech1> No, my account should be whitelisted - I did sign the "responsible use" agreement
08:22:23 <sech1> for the magic grants team account
08:22:31 <DataHoarder> does it show up as a different model then?
08:22:41 <sech1> No
08:58:29 <br-m> <hbs:matrix.org> I disabled the fallback, otherwise you may end up thinking it's an analysis done by Flame 5 when it was only Opus 4.8
09:02:47 <sech1> "Flame 5" :D
09:13:39 <br-m> <hbs:matrix.org> sech1: It's a fable :-)
09:20:49 <br-m> <longtermwhale:matrix.org> Its not as big of a deal as they try to market it for months. You can just use 4.7/4.8 opus and give it enough $$$ to work.
09:21:31 <br-m> <longtermwhale:matrix.org> Their main goal is to get you out of zero-data-retention, meaning reading all your conversations and train on them.
09:22:59 <br-m> <longtermwhale:matrix.org> You could just put the same guardrails on every account. Every malicious actor can apply for cyber program anyway. KYC use a dipshit ukrainian for 30$. Its 50% marketing, 50% wanting your data.
12:07:18 <br-m> <spirobel:kernal.eu> yes it is a scam. anything above deepseek v4 flash thinking low is a larp. they are all cooking with water. 
12:09:59 <br-m> <spirobel:kernal.eu> zookos BOSL license is the main culprit. nobody besides the zcash cultists looked at the code. the ai "narrative" is a distraction and they succeeded with this distraction. (so far) 
12:30:17 <br-m> <spirobel:kernal.eu> hbs: use a more specific prompt. it does not have to be security related. in the end "vulnerability research" is just a subset of quality assurance
12:37:50 <br-m> <sgp_> It’s possible they don’t really support it for Fable since it’s so new. I’ll check but there’s no separate option on my end to turn on or off for certain models only
12:43:25 <br-m> <sgp_> Glasswing is a separate tier
13:00:02 <br-m> <jpk68:matrix.org> https://nitter.net/0xTib3rius/status/2064442190240100597
13:06:37 <br-m> <spirobel:kernal.eu> isnt "fable" some old rpg game by microsoft? the names for these things are so turbo cringe i have a hard time to suspend disbelief and pretend this magic zip file can do something 
13:07:11 <br-m> <spirobel:kernal.eu> llms are only useful if they are used to gain a deeper understanding of the codebase and the problem. if they are not used as a tool to help the developer achieve that goal, they are just a source of entropy and a distraction.
13:15:35 <br-m> <syntheticbird> @spirobel:kernal.eu: fable also means a type of story in french
13:20:26 <br-m> <spirobel:kernal.eu> @syntheticbird: in German there is the word "Fabel" as well. it means some old made up story about something. really quite fitting 
13:22:24 <br-m> <jpk68:matrix.org> In English it also means the same thing :D
13:23:32 <br-m> <syntheticbird> why is there different langages already ?
13:24:05 <br-m> <jpk68:matrix.org> We should all be speaking Esperanto. Take the Rust route and rewrite all literature in Esperanto
13:25:01 <br-m> <syntheticbird> @jpk68:matrix.org: you almost got me there, it looks so much like a prompt I was about to do it
13:31:43 <br-m> <spirobel:kernal.eu> nitter.net/spirobel/status/2064210981274923325 saw zcashers liking this post. and there is a former ecc member agreeing with my characterization 
13:32:56 <br-m> <spirobel:kernal.eu> https://nitter.net/januszg_/status/2064310786806206946#m
13:57:28 <br-m> <spirobel:kernal.eu> two options: 1. this ai powered vulnerability searcher is a genius and ai is really smart now and can break anything 2. the zcash codebase was toxic waste for anyone outside of the zcash orbit because of the BOSL license 
14:00:16 <br-m> <spirobel:kernal.eu> the reality is number 2. but they managed to convince the market of 1. including the people running the monero twitter account and vik. 
14:03:38 <br-m> <monerobull:matrix.org> great opus marketing
14:07:50 <br-m> <boog900> why would a license prevent people from looking at the code?
14:08:10 <br-m> <boog900> did they have a BBP?
14:10:41 <br-m> <spirobel:kernal.eu> @boog900: look at the BOSL license and you will see why. 
14:10:49 <br-m> <kiersten5821:matrix.org> @boog900: by reading this message you agree to pay me 1000 xmr
14:10:50 <br-m> <monerobull:matrix.org> why would you look at the code of some shitty license that prevents you from using it
14:11:06 <br-m> <spirobel:kernal.eu> @boog900: dont think so no. the researcher is asking for donations now 
14:12:36 <br-m> <spirobel:kernal.eu> @monerobull:matrix.org: that might lead to your unrelated work being forced to pay for zookos groceries in the future 
14:13:30 <br-m> <monerobull:matrix.org> Zooko the typa guy to sue Anthropic for having trained on all of github
14:13:58 <br-m> <monerobull:matrix.org> You dont get it, he DESERVES at least 5% of their company now
14:14:04 <br-m> <spirobel:kernal.eu> similar situation why people working at large companies are not allowed to read patents 
14:15:30 <br-m> <monerobull:matrix.org> btw does anyone have a usecase for fable 5 that isnt security related? i had a usecase, it oneshotted it, ran out of subscription session usage, i added way too many credits and now have 97% of credits sitting here
14:15:56 <br-m> <spirobel:kernal.eu> janusz worked at ecc before so it is zcash insiders agreeing with my pov. ( and more zcashers liked this post, so you can assume there is a large fraction that knows this is the true ) > <@spirobel:kernal.eu> https://nitter.net/januszg_/status/2064310786806206946#m
14:24:27 <br-m> <syntheticbird> monerobull I wanted to use it for creating bioweapons but they they blocked that too, useless model.
14:27:05 <br-m> <monerobull:matrix.org> Aww
15:01:02 <sech1> https://x.com/SergioOSINT/status/2064723683910824263
15:01:23 <sech1> So yes, this doesn't give unrestricted access to Fable 5. But unrestricted Opus 4.8 is not that bad too.
15:19:30 <br-m> <sgp_> sech1: Yeah fake news in original post
16:16:07 <br-m> <syntheticbird> @rucknium:monero.social, there are no reason not to ban fireine
16:16:42 <br-m> <kiersten5821:matrix.org> this guy is a schizo
16:17:08 <br-m> <syntheticbird> he is just a sealion
16:18:11 <br-m> <jpk68:matrix.org> @rucknium:monero.social I think this would be far more preferable to muting the room. Muting also prevents many users without level 10 (including myself) from contributing to the discussion
16:18:53 <br-m> <ofrnxmr:xmr.mx> can mute a single user. let him read. 
16:19:19 <br-m> <rucknium> I will try to boost everyone who has sent messages recently to level 10. Just muting a single user does not prevent ban evasion through creating new accounts.
16:19:28 <br-m> <ofrnxmr:xmr.mx> just lower his power to -1 iirc
16:19:41 <br-m> <syntheticbird> how about both muting and banning him
16:19:47 <br-m> <syntheticbird> sounds like a good option to me
16:21:14 <br-m> <rucknium> People have used new accounts to evade bans in MRL in the past.
16:22:27 <br-m> <jbabb:cypherstack.com> I shouldn't speak for other people but I feel I should mention that at least one person that has been mentioned pretty regularly isn't comfortable being mentioned/cited in such a manner
16:23:36 <br-m> <jbabb:cypherstack.com> or to put it simply, please do not associate Cypher Stack work with this new crop of contributions.
16:24:44 <br-m> <jbabb:cypherstack.com> or rather--it is not associated with Cypher Stack except in that some past papers and some real life conversations seem to have served as some inspiration and that's it.  I am not really in a position to speak "for" CS anyways 🤡
16:25:21 <br-m> <ofrnxmr> @rucknium: I would honestly just mute him alone for now
16:25:42 <br-m> <ofrnxmr> Which should at leash usher /nudge him to use the correct rooms
16:26:06 <br-m> <ofrnxmr> i meant "least", but leash works too
16:27:10 <br-m> <ofrnxmr> "alone" meaning, not the whole room. Just set his power lvl to -1. He can still read along, just cant have verbal diarrhea and blow up everybodies notifications
16:40:06 <br-m> <spirobel:kernal.eu> schizo or Zersetzung 
16:41:06 <br-m> <spirobel:kernal.eu> https://en.wikipedia.org/wiki/Zersetzung
16:43:46 <br-m> <jbabb:cypherstack.com> @spirobel:kernal.eu: I wondered what relation "MONEROCHAN OS" had to the MoneroChan of yours (I think it's yours) I know of--I'm assuming no relation?
16:45:10 <br-m> <jpk68:matrix.org> @spirobel:kernal.eu: Or maybe he's an MKULTRA victim ;)
16:45:39 <br-m> <spirobel:kernal.eu> @jbabb:cypherstack.com: there is constant bullshit with it in the name ... there was also some zcash based tech used as scam with monerochan in the name 
16:47:32 <br-m> <spirobel:kernal.eu> not sure if this is random bullshit of people trying to profit or if there is some concerted action. 
16:47:53 <br-m> <spirobel:kernal.eu> since the gon gate i distrust unknown accounts entirely 
16:48:13 <br-m> <spirobel:kernal.eu> many attempts to glaze first and then do some kind of psycho bullshit 
16:49:14 <br-m> <spirobel:kernal.eu> last one ended with sean bowie and zooko having a conversation with sock puppets in my replies 
16:49:42 <br-m> <spirobel:kernal.eu> where they announced zcash wallets cant be used without an "enterprise kit" anymore 
16:50:35 <br-m> <jpk68:matrix.org> Genuinely, thank you for the rabbit hole > <@spirobel:kernal.eu> https://en.wikipedia.org/wiki/Zersetzung
16:50:43 <br-m> <jpk68:matrix.org> I need something interesting to read
16:52:05 <br-m> <jpk68:matrix.org> Maybe should be on here: https://endwalker.com/archive.html
16:52:12 <br-m> <jpk68:matrix.org> </offtopic>
16:57:57 <br-m> <rucknium> I don't see a way to give users -1 power levels on Matrix. It doesn't accept negatives.
16:59:10 <br-m> <syntheticbird> needs room update
16:59:29 <br-m> <syntheticbird> (probably)
17:00:05 <br-m> <ofrnxmr:xmr.mx> Dont type it in, use the arrow keys
17:00:55 <br-m> <ofrnxmr:xmr.mx> If that doesnt work, then its probably that the room is old
17:01:33 <br-m> <sgp_> room version 6
17:01:46 <br-m> <rucknium> Arrow keys worked. Thanks.
17:08:20 <DataHoarder> Feel free to upgrade the room version later. The bridge will automatically migrate on receiving the tombstone
17:08:44 <br-m> <syntheticbird> based bridge