<o​frnxmr:monero.social> When you mine a share

<o​frnxmr:monero.social> P2pool.observer has a calculator on it iirc

<j​effro256:monero.social> gingeropolous_: I'm not seeing what you're referring to. If I run the command `curl localhost:18081/json_rpc -d '{"method":"get_block","params":{"height":3000000}}'`, the `blob` field doesn't have any extra zeros AFAICT. Is there a specific block that does this?

<g​ingeropolous:monero.social> jeffro256: , there's one in 3204026

<g​ingeropolous:monero.social> and then one in 3204027

<j​effro256:monero.social> If you're talking about the example used in the Monerod RPC docs, height 2751506, those last 12 bytes of zeros are 10 zero bytes from a non-standard nonce value (I can't explain that part), then 1 zero byte as the RingCT type, then 1 zero bytes for the number of transaction hashes (0)

<j​effro256:monero.social> lemme look at 3204026

<g​ingeropolous:monero.social> and why do the tx hashes get printed out twice, once with slashes and once in a csv sorta thing

<j​effro256:monero.social> Yeah same thing with 3204026, they put a nonce in tx extra that contains 0s

<j​effro256:monero.social> The tx hashes appear twice just for ease of developers

<j​effro256:monero.social> The "json" field is the block encoded as JSON, the "tx_hashes" is the pure hashes

<j​effro256:monero.social> Technically they appear three times since it's also in the blob field

<g​ingeropolous:monero.social> right. OK, so to get the actual transaction data, i still need to grab them using the get_tx_from_hash or whatever the call is

<g​ingeropolous:monero.social> cause the blob, and then those 2 tx hash fields are all just the tx hash. the vin vout and all the keys are not in the blob

<g​ingeropolous:monero.social> ok yup

<g​ingeropolous:monero.social> im an idiot

<j​effro256:monero.social> The vin vout as well as the rest of the body are there for the miner tx, but yeah only the tx hashes for the the non-miner txs

<j​effro256:monero.social> No, not an idiot

<n​eromonero1024:monero.social> when compiling from source, is there a way to compile only specific tools. like, just `monerod` or `monero-wallet-rpc`?

[01:18:07] <m-relay> <o​frnxmr:monero.social> When you mine a share

i thought it was distributed among the pool when someone in the pool mines a share?

you need to mine a share, the pool needs to mine a block

<j​effro256:monero.social> You could comment out all the `monero_add_executable` lines in the CMakeLists.txt files except the ones you want to compile

<n​eromonero1024:monero.social> thanks

<n​eromonero1024:monero.social> here's another way I found:

<n​eromonero1024:monero.social> clone the monero repo

<n​eromonero1024:monero.social> ```

<n​eromonero1024:monero.social> cd monero

<n​eromonero1024:monero.social> mkdir build && cd build

<n​eromonero1024:monero.social> cmake ..

<n​eromonero1024:monero.social> ```

<n​eromonero1024:monero.social> it creates a `Makefile` that you can use with make

<n​eromonero1024:monero.social> `grep cmake_check_build_system Makefile | sort`

<n​eromonero1024:monero.social> lists all the build targets

<n​eromonero1024:monero.social> just gotta know which target to build :)

Hi guys

<b​asses:matrix.org> Shouldn't localmonero.co be down by now?

<b​asses:matrix.org> nvm it is Nov

<b​asses:matrix.org> will their localmonero.co/blocks stay?

I think the Gentoo ebuild is written so that it can build only selected targets.

<o​frnxmr:monero.social> They said yes, but we'll see

<3​21bob321:monero.social> matrix.monero.social/_matrix/media/…ero.social/jchVtYIBMLyoDTpZYyfJmerz

<j​s:nil.im> PSA: If you are using Tor Browser, **STOP USING IT NOW**. There is an vulnerability actively exploited in the wild and no update for Tor Browser yet. mfsa2024-51

<j​s:nil.im> PSA: If you are using Tor Browser, **STOP USING IT NOW**. There is a vulnerability actively exploited in the wild and no update for Tor Browser yet. mfsa2024-51

<j​s:nil.im> Correction: Tor Browser did fix it, but my Tor Browser didn't show the update. Manually check for updates!

<j​s:nil.im> blog.torproject.org/new-release-tor-browser-1357

Given that this is FF in general and not just Tor, this is scary.

<j​s:nil.im> Yep, this is the worst possible vuln

<j​s:nil.im> Disabling JavaScript doesn't help either

<s​yntheticbird:monero.social> This is over

Now I wonder how long it has existed already and whether we could've been hit too...

<j​s:nil.im> We don't know at what scale it has been exploited.

<j​s:nil.im> It's possible this was used very targeted.

Sure hope so!

<j​s:nil.im> Generally, I'd expect so with a vuln of this caliber. You don't want to use it broadly and waste it. Whoever used it must be really upset right now.

Hoped this was something specific to Tor Browser which I haven't used in a while but no...

Browsers should always be firejailed - at least. When I Tor-browse, I use Whonix.

<j​s:nil.im> Probably it was used in a chain with more exploits

<j​s:nil.im> Very doubtful someone using such an exploit would stop after exploiting the browser

<j​s:nil.im> h​yrkvljer: I think your sandbox won't help - this was very likely combined with a kernel exploit

Well, at least an exploit chain is not something I'd be afraid of because that doesn't sound passive)

holy shit

<j​s:nil.im> Oh you absolutely could do an exploit chain at scale - until it gets detected

<j​s:nil.im> there is no technical reason you can't do it - just that someone will detect it and fix the bugs

I mean that people's systems are more varied...

<j​s:nil.im> My personal guess is that this was targeted at Tor users - a specific Tor user or group of Tor users

<j​s:nil.im> probably used by law enforcement

well, whonix should help... unless it's like really sophisticated

<s​yntheticbird:monero.social> whonix definitely help

Sure hope it wasn't passive malware spread on normal users...

<j​s:nil.im> Given an exploit of *this* caliber? That was sophisticated.

<j​s:nil.im> That exploit was not cheap

<j​s:nil.im> I'd guess this cost at least 200k, if not more

Well, we can only pray it was for people of interest.

<j​s:nil.im> Oh ffs. As this in the layout engine, it probably also works in Thunderbird.

<j​s:nil.im> And there is no update yet.

sorry boss, can't check my emails until its patched

I use alpine.

<k​ewbit:matrix.org> Nah, go distroless bro

<s​yntheticbird:monero.social> Nah, go full EFI bro

heh. Took me a while to understand the confusion. I meant alpine the e-mail reader.

<s​yntheticbird:monero.social> OH

<j​s:nil.im> Remote code execution in EFI. Exactly what we need.

AAAA

<s​yntheticbird:monero.social> *Wait until he learn about EFI drivers*

<j​s:nil.im> WiFi in UEFI!

<j​s:nil.im> It's a thing. I wish it weren't.

<s​yntheticbird:monero.social> Internet archive have just been hacked

<3​21bob321:monero.social> By the book companies?

<h​ighwarlok:matrix.org> Actively rewriting history or conveniently deleting the evidence?

<3​21bob321:monero.social> The monero video is gone?