03:20:07 How? 03:21:01 No mail bouncing issues? 03:24:39 I code since age 9, and I can force myself to adopt that garbage. I am so sorry. 03:24:59 I code since age 9, and I can't force myself to adopt that garbage. I am so sorry. 03:26:06 What garbage? 03:26:13 Complex 03:26:27 you mean like the square root of -1? 03:27:00 That’s imaginary 03:27:10 no its complex 03:27:21 lol 03:28:24 I give. Can’t claim to know something I haven’t used in over a quarter century 03:30:24 And I wow I think I never knew what the application of that is. I hate they teach math like that. At least tell me what I can use this non sense for…. 03:30:43 complex numbers have many uses 03:31:29 theyre necessary for circuit design, but theyre also great for software. you can do 2d rotations without trig functions 03:33:19 Seems you had a good math department. I know for a fact that mine was complete ass 03:34:17 My math teacher used to laugh at students that wouldn't understand her theoretical garbage. 03:34:37 Nop 03:35:06 "But this doesn't make sense, teacher". Her: "HAHA! that's why you're going to fail next exam! Read the book! LOL LMAO HA!" 03:35:16 Screams low self esteem on their part 03:35:49 Yeah, her underpaid fat ass sure did have some issues. 03:37:46 Good to hear. I’ve suggested this to people. And I was thinking of doing this again just today 03:43:17 SHUM https://mastodon.social/@EugeneMcParland⊙mi/111967265924323938 03:45:25 It was good until it wasn’t. That’s why open source atomic swaps are superior though. 03:45:25 btw what makes Serai any better than BasicSwap? 03:48:19 Serai is different than basicswap 03:48:33 Are we supposed to trust loading this url? 03:48:57 the url from hyc? Yes, its hyc and its mastodon 03:49:11 If I ever knew, I’ve forgotten how 03:49:33 It’s a redirect. But maybe I don’t know mastodon well enough 03:49:36 Serai uses liquidity pools of xmr/sri for example, basicswap is p2p atomic swaps 03:51:45 because of tech, some atomic swaps dont work, like firo to monero. Those would work with serai, because it uses sri as an intermediary. basicswap is feeless, p2p, and a solo operation. You run your own trading desk, basically, and rely on nothing but someone else posting/taking your offers 03:53:21 Thanks for the detailed answer. Was just about to ask this 03:53:25 Also, basicswap is live on mainnet, but doesnt support any evm chains yet. so bridging to dex' like uniswap or serai doesnt work yet 03:54:43 BasicSwap has no backend at all? 03:55:48 When you run bsx, you run multiple nodes. The particl chain has a bitmessage (what we use for multisig messages) rewrite that is used for the orderbook 03:58:51 lol I couldn’t remember the nick 04:00:38 the messages themselves arent stored on particls blockchain - they expire after 48hrs 04:02:12 This I don’t understand but that’s fine. It ain’t the only thing I don’t understand 04:04:34 when you do multisig on monero, you relay secure messages with one another using bitmessage. Particl improved bitmessage so it can run an orderbook, and allows users if bsx etc to post "messages" to make/take offers for other chains 12:36:07 they got hacked 12:36:20 how what? 12:37:30 lmao 12:37:55 You never ran into some common matrix can't decrypt message shit? 12:38:28 SimpleX chat is way easier 13:07:24 well you are comparing cow shit to dog shit, of course cow shit is better 13:11:41 elaborate 13:12:16 because that's bullshit 13:32:44 yeah they both suck 13:33:34 They're all terrible software. 13:33:34 Compare to IRC, it runs on kb of code, does essentially the same thing. 13:33:34 Is it really good? No, but it's decades older, works better and it is auditable. 13:33:35 Insanely cheaper too. 13:34:08 3 decades older 13:34:38 And you can use a client from 3 decades ago and it just work 13:35:09 Because irc is a stable well defined protocole 13:36:25 xmpp sucks how? 13:37:31 it sucks less, but it sucks in that there are protocol incompatibilities because it's loosely defined, because "dream up a feature first, make it part of the protocol, then try to implement it later in thousand different ways" policy. 13:37:43 Xmpp and matrix suffer the same issue. 13:37:43 Protocol is less defined, leaving the client the possibility to add there own things. 13:37:43 Thanks to the fragmentation we got dozen of clients that all sucks differently 13:39:02 Its the same reason Linux sucks on desktop (I daily run linux since the 90's) 13:39:21 Yep. 13:40:36 Btw https://suckless.org/philosophy/ 13:41:03 Eventually I will make a Gentoo with musl + suckless coreutils... Eventually 13:41:23 I'll download it. 13:41:46 ping 13:41:52 pong 13:42:07 thanks 13:42:18 you're welcome 13:43:09 not E2EE 13:44:03 Part of the problem is bloat philosophy 13:44:03 That began to execute in the early 2000's 13:44:03 Now 99% of the code our CPU execute is bloat to execute that 1% of the useful code. 13:44:04 But we are getting #monero-offtopic:monero.social 13:44:33 We dont have E2EE here 13:44:33 IRC is for group chat, most of the matrix group room have E2EE disabled and history enabled 13:44:50 Simplex have E2EE for group but it's not battle tested and have no proper PC GUI 13:45:09 no proper PC GUI? 13:45:25 Did that change? Been a while I did not relook? 13:45:52 talking about the protocol, not only for group chats 13:46:00 OTC comes by default with irssi generally. 13:46:10 OTR comes by default with irssi generally. 13:46:29 Nothing prevent you from adding GPG into the IRC mix, you are going to have e2ee and unlike most of the other e2ee, you will also understand how it work ;) 13:46:46 No, man, gpg is terrible, just use OTR 13:46:49 Oh yeah, that OTR thing too 13:48:02 metadata 13:49:39 But it work reliably in a predictable manner. 13:49:39 If you want that and E2EE, Signal is like that too. It's battle tested and finalyyyyyyy they got the unsername thingy to replace the phone number since last release. 13:50:20 Signal have two client that support all the stuff reliably 13:51:28 Oh, Simplex do have a nice desktop app now yay! 13:52:10 Still metadata problems, centralized, requires phone number and no local file encryption 13:52:32 for desktop 13:52:32 Of course it's an bloated app but at least there is an app 13:52:33 yep 13:52:44 use to require phone number 13:52:52 ??? 13:52:58 You can use molly, if you want local encryption 13:53:06 It literally still requires it 13:54:18 YEah, but you don't have to propagate it. 13:54:19 Considering signal got tested and if some glowies ask information about you using your phone number, the only thing they get is when you subscribed to signal 😂 13:54:24 At least that is a confirmed fact 13:55:00 And the glowies need your phone number for that 13:55:01 and metadata 13:55:40 I tried it, doesn't work on Linux, too buggy. 13:56:13 Well, Linux don't have a stable ABI so of course they probably skipped some corners 13:56:13 Wait a few releases I guess 13:56:25 ok 13:56:41 their sealed sender feature could still be exploited by "glowies 13:56:42 their sealed sender feature could still be exploited by "glowies" 13:57:03 all I hear is skill issue 13:57:28 I got many using it on Linux 13:57:56 yeah I must be retard 13:58:00 simplex performs better on phone 13:58:27 Can't test for now, only using Linux on server for now. 13:58:27 I'm getting old and got not time to spend on fixing stuff some guy broke again in his basement. 13:58:46 but has minor battery problems that keeps getting improved every update 13:59:03 Yep, I don't use phone for other than 2FA and extremely rare phone call. 13:59:05 I came to the conclusion that truly private communications are only possible on independently made airgapped hardware 13:59:05 what basement? 13:59:29 >private communications are only possible on independently made airgapped hardware 13:59:30 lmaooooo 14:00:09 tells you all you need to know 14:00:29 You know what I mean. 14:00:29 Oh, yay, it's the 3th critical CVE this month!!! 14:00:30 Let's upgrade... 14:00:30 /-\-/-\-/-\ 14:00:31 Error : Package X require Y 2.2.33 14:00:31 Upgrade aborded 14:00:32 Oh wow, 3 time this year! 14:01:16 At lease Linux on server require WAY less package so the likely of the package manager vomiting on you is way less... 14:01:43 I thought you are talking about simplex 14:01:56 unless you meaning running your own simplex chat server 14:02:00 unless you mean running your own simplex chat server 14:03:16 I guess you have to run your own simplex server 14:03:16 As simplex is not battle tested you have simply no clue if the simplex server code is the one that run on there server. 14:03:40 It's a nightmare. Those url's are simply nasty. 14:03:47 and there is no solution in sight 14:04:09 I'm sorry, it's a great idea, except it doesn't work. It's like trying to hold water with your hands. 14:04:38 The internet itself is centralized and permissioned, you can't go against its nature, you need to adapt and take advantage of it. 14:05:46 Just migrate all useful internet in Tor 14:05:46 Then it will also fix internet blotness because people won't run sites with 32 frameworks and 104MB of js dependencies up there 14:28:25 All rooms lost there avatars since monero.social got fixed! 14:28:41 s/all/most/g 16:02:26 s/there/their/? 16:08:53 s/their/there're/ 16:10:23 you can (and should) run your own simpleX server 16:10:43 their docs walk you through it 16:13:22 Also I told my grandma to audit and compile her monero node and download the entire blockchain on her phone but somehow she refused, what kind of world are we living in? People don't understand code? wut?? 16:16:46 man if only you, the computer expert in the family, could just point your grandma's simpleX app at the server YOU run 16:16:55 maybe the next release will support that 16:19:16 Again, I code since age 9 and I can't understand how that ugly link system works, or how is it decentralized, and to be fair I don't want to. 16:19:16 It's just a waste of time, just use literally anything on Tor and be done with it. 16:19:45 if you had read the docs youd see that it shows you how to put your server on tor 16:20:09 I am more interested in mesh networks that use encrypted packets with no id. 16:20:22 low level stuff 16:20:47 then dont make dumbshit criticisms such as "grandma cant figure that out" against other things 16:20:57 because grandma sure as fuck isnt figuring out mesh networks 16:21:41 I am sorry for being so negative, I am not against innovation, or this developer and his company, or you using it, please don't misinterpret my pedantic rants with hatred. 16:22:15 It just works, those LoRa things are just an app on a phone. 16:22:45 they are also slower than the original modems from the 1960s 16:23:34 and this cant be improved. its inherent to using low frequency radio waves 16:24:10 Haven't tried it yet, but in theory through bluetooth it's fast. 16:24:28 the longer your range, the slower, that is true 16:38:48 >and to be fair I don't want to. 16:38:48 Could have saved our time 16:40:43 Don't try and discredit all the hard work done by the devs to solve actual problems, by spewing misinfo intentionally. 16:47:19 https://popey.com/blog/2024/02/exodus-bitcoin-wallet-490k-swindle/ 16:49:55 the fuck 16:51:01 who in the snap store approved this 16:54:04 Lol, it's to be expected 17:00:23 Having a wallet with over 100k without an hardware wallet is asking to be scammed, unless you DO read all the source code of the shit you are running 17:01:21 compile core wallets yourself 17:01:41 Also audit and compile all the dependencies yourself 17:15:34 You didn't write your own node and wallet software from scratch on a compiler you wrote yourself? 17:15:50 Are you even trying?? 17:16:57 I use an hardware wallet. 17:16:58 To leak my funds, both my hardware wallet maker and feather wallet would need to be to work together 17:17:14 A compiler written in C or assembly or machine language? 17:18:53 the author of this blog post doesnt seem very technically inclined. for example he never mentions a signature verification system 17:30:05 Even with signature verification for the package maintainers, won't prevent someone to do honest work for X package manager then one day backdoor or swap half of the crypto wallet. 17:30:05 Quite worth it actually to slave yourself for a year or two then extra a few millions... 17:31:16 Ideally you do the swap during Christmas holidays 17:31:46 a signature would fail to match on a package that did that.. 17:33:55 The package come with the signatures, the dev put them in right? Just set the one for the malicious package. 17:33:55 Signature only protect you if the package is honest and someone not related replace the binary at the source. 17:34:53 you cant change a binary and still have a signature match. and you cant make a new signature for your malicious binary without the private key 17:35:30 You release a new version of the package with a different signature 17:35:33 and you cant submit malicious commits to the source tree without everyone seeing them 17:35:41 you cant make a "different signature" 17:35:43 thats not how this works 17:36:11 the valid signatures are all public. your "different" one is not on that list 17:36:28 RavFX 🤐: do you audit every single package update? 17:36:43 like if what you were saying made sense, why dont you just sign a tx from my monero wallet and steal my funds? 17:36:57 you dont need malicious software at all. just sign a tx 17:37:02 Once you get commit right on x package manager then your private key will allow you to mess with stuff there 17:37:39 no, it will allow you to make a signature that obviously doesnt match the approved ones and throw an instant red flag 17:39:09 Did you ever worked as a package manager maintainer? 17:39:34 do you know how cryptographically signing things works? 17:40:07 I did and I know how easy it is to corrupt shit for a malicious maintainer 17:40:08 i can write a virus right now and sign it. bfd. that signature wont match anything from any official source repos 17:40:31 Work in a official repo as a maintainer 17:40:47 Like the debian or gentoo one or whatever 17:41:01 great so then sign a monero tx from my wallet and send yourself all my funds 17:41:19 its just that easy. you just sign it! 17:41:49 You wont be able to access the getmonero repo for sure but you can patch the debian build or add a .patch in the gentoo repo, update the ebuild and regen the manifest 17:42:41 and my patch will only be available on shadyasswebsite.com and the signatures will not match anything in the getmonero repo 17:42:46 so wtf are you talking about 17:43:03 Probably easy to do that for gentoo as there monero build is the 0.17 one... Just bump the version and add a .patch "to fix some compiler issue" 17:43:58 uh huh. and the signature of the binaries you build will not match the signatures on the monero source website 17:44:06 you are going in circles 17:44:14 you clearly dont understand how any of this works 17:44:25 For gentoo, the .patch are in the /portage/blah/blah/files folder 17:44:50 Get the normal src from getmonero 17:45:16 Monero binary sigs would only match if you set up the whole reproducible build environment 17:45:33 As you have commit right on gentoo you can update whats in */files and also patch the ebuild 17:45:38 Not if you just compile it straight from source 17:47:37 Monero sig are one gentoo 17:47:37 What about i'm a debian maintainer, and I create a new build of monero that I patch. The problem is not about the source/bin at getmonero, the problem is when you rely on a package manager and a malicious actor fsck it there. 17:47:56 Oups, monero sigs are from getmonero*** i hate phones lol 17:49:18 If you dowbload manually the wallet directly from getmonero, you are safe (but it also got compromished one time afaik) 17:50:38 The website did, and the attacker replaced the files available for download 17:50:50 But anyone checking sigs would have noticed right away 17:50:54 Confirm hashes, do not trust getmonero :) 17:51:10 Maybe its good that most distrib have an outdated monero package or none at all, it force you to get the one from getmonero or feather wallet directly 17:52:03 or maybe monero community members should be doing this stuff 17:52:31 Who cares about accessibility, anyway? 17:53:07 and maybe somebody with a giant cache of monero who is also a core member should raise funds by hosting lotteries 17:54:04 Ah yes, unlicenced gambling. The perfect way to look legitimate and lawful and not a total fucking scammer (on top of being a crypto project) 17:54:14 "unlicensed" 17:54:22