<awygle>
kicad symbols - easier than drugging cats (TM)
<rqou>
whitequark: afaik one reason china gave several of them the death penalty is because they made the chinese government lose face, and you _never_ want to do that
<rqou>
random offtopic (drama?) question: who is @ErrataRob and why do people seem to dislike him?
GenTooMan has quit [Quit: Leaving]
<whitequark>
rqou: famous infosec asshole
<rqou>
ok then, why is he famous? :P
<whitequark>
appears to be actually somewhat competent, unlike most famous assholes
<whitequark>
well, i think he's famous for being a troll
<whitequark>
he also did a few internet-wide surveys of exposed services (like vpn) with his "massscan" software
<whitequark>
i'm not aware of any other notable achievements although they might exist
calle__ has joined ##openfpga
<awygle>
he also seems to be in some kind of feud with the eff
<whitequark>
don't read too much into it
<whitequark>
he's constantly spouting aggravating nonsense because "trolling"
<whitequark>
the SNR is just through the floor
noobineer has quit [Remote host closed the connection]
<whitequark>
well that and just not generally caring about anything except his ass and popularity contests makes him pretty unpleasant
* whitequark
shrugs
<whitequark>
but that's, like, just my opinion
mumptai_ has quit [Ping timeout: 276 seconds]
<whitequark>
awygle: wait, why are you modifying other level shifters
<awygle>
i didn't on purpose, i think they auto-updated when i saved the library?
<whitequark>
ah
<whitequark>
`git checkout -p` the useless hunks maybe? it's just text
<whitequark>
well, your call
<whitequark>
i do it
<awygle>
it's all the same data just in a different order. i'll leave it be unless somebody complains.
<whitequark>
k
noobineer has joined ##openfpga
<whitequark>
awygle: I know what to do with the three spare FPGA pins
<whitequark>
put an eye-searing RGB LED there
<awygle>
put it on the 400 mA driver pin
<whitequark>
lol yeah what kind of FPGA does even *have* a 400 mA driver
<whitequark>
idea
<whitequark>
you could make a buck converter from it
<whitequark>
anyway I mean these two pins are open-drain anyway, they're not *super* useful otherwise
<whitequark>
three*
<whitequark>
and if we also route I2C to the FPGA then we get two possibilities:
<whitequark>
1. polling ADCs/DACs on the FPGA
<whitequark>
2. connecting all the RGB LED hard IP to the *second* I2C core on FPGA to add nice indication
<whitequark>
you could do weird shit like gradually shifting from red to green as the buffer fills :]
<rqou>
wait, that means that they _should_ in theory detect people doing ss7 hijacks
<rqou>
that sounds like a huge pain in the ass though
<awygle>
whitequark: my laptop's gonna die so i'm done for tonight
<awygle>
i'll clean up the last two symbols tomorrow
<rqou>
i guess i'm glad that in the US there's a unique state of *) consumers are basically never liable for fraud *) banks _suck_ at infosec
<whitequark>
o/
* awygle
should have spent at least 15-20 more minutes working instead of fucking around :p
<rqou>
anyways, my experience with TOTP has been great
<rqou>
i store all secrets on a yubikey neo with nfc
<rqou>
(yes yes, it can be sniffed if you're close i guess)
<whitequark>
i don't trust myself to not lose a hardware token i carry on myself
<rqou>
i actually have _more_ problems with apps that decide that they're too special to tell you that they're actually TOTP (cough cough blizzard, valve)
<rqou>
i just put it on my keyring
<whitequark>
as it is, everything except server backups can be restored using just my head
<awygle>
what whitequark said. i lose, like, everything
<whitequark>
yeah i don't trust myself to not lose my keys
<whitequark>
not being able to log into my house is mildly annoying
<whitequark>
not being able to log into my mail is life-threatening
<awygle>
also, "i've lost my keys" is not a time when i'd want to be locked out of all my accounts
<rqou>
i do have a backup too on a flash drive
<whitequark>
in your house?
<azonenberg>
whitequark: my main file server is backed up to a raid array in a datacenter across the country
<rqou>
yeah, and encrypted in the cloud
<whitequark>
can you log into "the cloud" without TOTP?
<whitequark>
azonenberg: i use tarsnap
<azonenberg>
The SSH and PGP keys to access that (encrypted) backup are stored in a symmetrically-encrypted tar.gz.gpg
<rqou>
hopefully you don't lose everything at once i guess
<azonenberg>
That blob is stored on two identical thumbdrives in a bank vault
<azonenberg>
The key to decrypt the blob lives only in my head
<whitequark>
the key is printed on paper as datamatrix barcodes and laminated
<rqou>
i have yet to find a good solution for "lost absolutely everything"
noobineer has quit [Remote host closed the connection]
bitd has joined ##openfpga
<azonenberg>
rqou: My system is robust to loss of one site (home, bank, or datacenter)
<azonenberg>
plus failure of any one storage device in each of the surviving two sites
<azonenberg>
e.g. one hdd and one thumbdrive
<azonenberg>
That's sufficient redundancy for me
<whitequark>
i guess it won't survive a fire but it'll survive flood and mold
<rqou>
i need to actually plan out exactly how much redundancy i do have
<whitequark>
so that's fine by me
<bitd>
But what about redundancy of the redundant system >.>
<azonenberg>
If both me and my wife somehow lose our keys to the safety deposit box, after proving our identity to the bank we can get the box drilled out if worst comes to worst
<bitd>
Morning >.>
<azonenberg>
rqou: This is full N+1 on everything, afaik
<awygle>
i have very little redundancy in my system generally but my life is very privileged so it's not a big deal
<rqou>
i have the key to decrypt the backup flash drive split with shamir's algorithm and i have some friends keep some of the other key shares
<azonenberg>
i havent found a single point of failure yet
<azonenberg>
Other than my brain, but if i die / am brain damaged enough to not remember the 128-bit hex value I used as a password
<azonenberg>
That data isn't much good to me anyway :p
<rqou>
also, tools for using secret sharding suck
<rqou>
i guess that's not a particularly common operation?
<bitd>
rqou, thats a lot of trust you are putting in your friends.
<rqou>
they don't have all the shares
<azonenberg>
rqou: if you want to do a simple N+1 sharing scheme
<whitequark>
... so effectively you've only reduced *your* capacity to decrypt the thumbdrive?
<azonenberg>
you can basically do raid5
<azonenberg>
raid6*
<rqou>
er no, because i keep multiple keyshares
<rqou>
i'm probably going to fix this at some point though
<rqou>
you can apply secret sharing multiple times to get a hierarchical system of keys
<bitd>
Just seems like having to rely on other people when shit hits the fan... wouldnt put me at ease.
<rqou>
yeah well i'm not great with memorized secrets
<rqou>
especially ones that won't get used very often
<bitd>
Use mnemonics.
<azonenberg>
rqou: I dont memorize a lot of secrets
<bitd>
You can grind it in, in one go.
<azonenberg>
I memorize a small handful then use them to access other stuff
<azonenberg>
one 32-char hex plus a handful of 8-char alnums
<rqou>
yeah well you're brain is overclocked :P
<rqou>
*your
<rqou>
herp
<azonenberg>
Everything that i use less frequently lives in a db that i can read them out of as needed
<azonenberg>
the most frequently used entries, like say my online banking password, eventually end up getting memorized b/c i type them in so often
<rqou>
hmm yeah, i still have a legacy truecrypt volume for that
<rqou>
i need to do another round of cleanup soon
<bitd>
Can you type it in when at a different location?
<azonenberg>
bitd: yes
<azonenberg>
The bulk of the passwords in that db, like say my facebook, i dont have access to when not home
<azonenberg>
I almost never use that one, i keep it logged in 24/7 in the social media VM
<azonenberg>
So i never have to log in
<azonenberg>
As with my other "general purpose" passwords it's 16 char alnum
<azonenberg>
The only ones i memorize are those that are either important enough i dont want to leave it logged in / the system doesn't let me (bank)
<azonenberg>
or those that i use for local console login (work laptop, home desktop root, etc)
<azonenberg>
everything else i just log in to decrypt things then have the dump where i need it
<bitd>
I use a different 32 char password for everything.
<azonenberg>
bitd: I have a few 8 chars that i reuse all over the place on forums etc that have no real value to an attacker
<azonenberg>
As soon as an account gains any actual value i switch to a dedicated 16 alnum i don't use anywhere else
<azonenberg>
log2(62^16) is about 95 bits of entropy
<azonenberg>
Nobody is bruteforcing that
<rqou>
at this point for security i mostly rely on TOTP and don't place particular value on passwords
<azonenberg>
and if the system keeps it in cleartext, IDGAF
<rqou>
(effectively downgrading to 1 factor)
<rqou>
i just dump all passwords in mozilla's password manager
<azonenberg>
they couldn't have gotten that password without pwning the server, at which point my password is compromised anyway
<bitd>
Well I use the object I want access to in my mnemonic to unlock the story that contains the 32 chars :)
<bitd>
I have no log of any password, ever.
<rqou>
passwords are pretty awful and pointless
<azonenberg>
bitd: I dont really care about most of them
<azonenberg>
email and banking are the handful that really matter to me
<rqou>
azonenberg: what would the potential problems be with doing TOTP/U2F only, without passwords?
<azonenberg>
rqou: Dont know, never really thought about it
<rqou>
heh, i've given up on banking
<azonenberg>
a lot of stuff i support with doesn't support it
<rqou>
us banking security is a joke
<azonenberg>
so i havent had time to look into it
* azonenberg
got his CC skimmed a few weeks back... you don't have to tell me that
<bitd>
Uf..
<azonenberg>
At a gas pump, about the only place around here that is still using magstripes :p
<rqou>
and consumers aren't liable, so whatever
<rqou>
lol bullshit
<rqou>
i still use magstripe all the time
<azonenberg>
I only use my physical CC at walmart, the grocery store, and the home depot
<azonenberg>
plus gas
<azonenberg>
pretty much
<whitequark>
lol magstripe
<azonenberg>
oh, and sometimes lunch at work
<whitequark>
i use... contactless visa
<azonenberg>
everything else is online
<rqou>
whitequark: lol you're funny
<rqou>
contactless in the us is also a joke
<whitequark>
i used to hate it but hk's octopus card was just *too* convenient
<rqou>
although it actually did work the few times i tried it
<whitequark>
however, the cash advance fees are not
<azonenberg>
whitequark: when i was in HK i used octopus for probably 80% of my transactions
<rqou>
yeah octopus is great
<whitequark>
yeah i used to do that
<bitd>
They introduced contactless payments here a while ago. Now a lot of 'people' are going around with bags containing mobile pin equipment. If they are holding a bag against your leg, its not because they like you/
<azonenberg>
on that note, how long is an unused octopus good for?
<rqou>
afaik forever?
<whitequark>
yeah
<rqou>
my card is from more than a decade ago
<azonenberg>
they dont disable after a year or so of inactivity?
<whitequark>
the problem with octopus is you cant hold over 1000 HKD on it
<azonenberg>
as in, i havent been in HK since december 2016
<whitequark>
and you have to withdraw cash
<azonenberg>
is mine still any good?
<whitequark>
azonenberg: definitely
<whitequark>
there's no real point in expiring them
<whitequark>
they're phasing out some extremely old cards
<rqou>
they are?
<azonenberg>
rqou / whitequark: well seeing as i likely won't be going back to HK any time soon
pie_ has quit [Ping timeout: 260 seconds]
<whitequark>
yeah, there are automatic replacement machines in MTR
<rqou>
did someone find a vuln in felica?
<azonenberg>
If either of you is in the seattle area in the near future
<azonenberg>
You can have mine
<azonenberg>
along with whatever balance is on it
<azonenberg>
probably only a few tens of HKD, but seems a shame to let it go to waste
<rqou>
azonenberg: i dare you to find a vuln in felica
<whitequark>
decap it lol
<rqou>
anyways, i wonder if the card that i have needs replacement
<rqou>
it's definitely 10 years old
<whitequark>
how does the serial number look like
<azonenberg>
whitequark: i actually have an annoying problem as a result of all of my various international travel from work
<whitequark>
if it doesn't have (N) it is too old
<whitequark>
otherwise keep it
<azonenberg>
I have a small amount (probably <50 USD equivalent of each, possibly <10) of many foreign currencies
<azonenberg>
not enoguh to be very useful when i go to that country
<rqou>
whitequark: it ends in (0)
<azonenberg>
and small enough that if i take it to a bank the exchange fees will eat most of the value :p
<whitequark>
azonenberg: i usually exchange them at the airport at the draconian rate they offer
<azonenberg>
whitequark: the exchange place in SEA charges like a 10 USD conversion fee PLUS an awful rate
<azonenberg>
i'd have literally nothing left after that
<rqou>
whitequark: are they already rejecting old cards?
<whitequark>
rqou: not sure
<whitequark>
but (0) is new enough
<rqou>
ah ok
<azonenberg>
my local bank branch has much better rates but it's still a lot of effort for... not even enough to buy lunch
<whitequark>
yeah
<azonenberg>
right now they just sit in a pile at the back of my safe gathering dust
<whitequark>
at some point i just tossed out all coins i had
<azonenberg>
i think i have CAD, HKD, GBP, and EUR right now
<whitequark>
not worth their weight
<whitequark>
bills are easy to keep
<bitd>
Ugh. back to preping my thesis defence :(
<azonenberg>
whitequark: yeah right now i have everything
<azonenberg>
in ziplocs
<azonenberg>
the coins are nice paperweights on top of the envelopes holding the bills
<rqou>
nah, that was just a jab at how buggy usb driver stacks have historically been
<whitequark>
ah
<whitequark>
no, linux has been remarkably stable so far
<rqou>
e.g. the facedancer person causing X/Skype, etc. to crash
<rqou>
iirc these both had format string vulns
<rqou>
also the ps3 gameos
<whitequark>
lol
<rqou>
which caused a nice temporary shortage of usb atmegas :P
* whitequark
stares at code
<whitequark>
so, bitstream download was failing.
<rqou>
also, afaik the syscall you might have to poke to load a 64-bit dso in a 32-bit process is apparently personality(2) not prctl
<whitequark>
for a reason i couldn't understand.
<whitequark>
turns out it was failing a check i put there to avoid a bug where i would forget to increment an index, because i forgot to increment that index
<whitequark>
defensive programming : bugs 1 : 0
<rqou>
nice
<rqou>
also: "PER_HPUX (since Linux 2.4) Support for 32-bit HP/UX. This support was never complete, and was dropped so that since Linux 4.0, this value has no effect."
<rqou>
brilliant
<rqou>
"PER_LINUX32 (since Linux 2.2) [To be documented.]"
<whitequark>
...
<rqou>
i get the feeling nobody really touches low-level syscalls like this very often
<whitequark>
i wonder why
<rqou>
apparently also according to rich felker the reason the linux mips abi is so weird and gratuitously different is because they were trying to pretend to be an irix-like
<openfpga-github>
libfx2/master 53dac29 whitequark: Fix docs after e99a375e.
<rqou>
but overall i would summarize it as "i can see hope in the state of software improving, but not the state of EDA libraries improving"
<rqou>
maybe/hopefully you'll prove me wrong
<rqou>
whitequark: after you get your board back, maybe you should really quickly comment on *) how many footprint errors there were and how severe *) how many of your kicad lib PRs got merged
<rqou>
whitequark: random question: is there a somewhat-common-ish idea of how a usb _device_ framework should work? (i.e. the logical counterpart to libusb)
<rqou>
or does everybody have their own ad-hoc thing?
<whitequark>
I'm not familiar
<whitequark>
I was always stuck in cases where only the ad-hoc thing worked
<rqou>
i always saw it referred to as V-USB, so i was confused
<whitequark>
it used to be called avr-usb
<whitequark>
very very long ago
<whitequark>
around 2007, maybe earlier
<rqou>
ah ok
<whitequark>
damn i'm old
<rqou>
i didn't use it until ~2009 or so
<rqou>
anyways, that also means that AVRs have three usb stacks: V-USB, atmel's, and LUFA
<rqou>
and they're all different, because reasons!
<whitequark>
LUFA?
<whitequark>
oh, myusb
<rqou>
LUFA is for the AVRs with actual USB hardware
<rqou>
written by some guy in australia
<whitequark>
hooooooly shiiiit
<rqou>
and then ST has their own USB stack, and silabs has their own, and TI has their own, and NXP has their own, etc.
<whitequark>
my code for downloading bitstream to FPGA worked the first time
<whitequark>
i ran it
<rqou>
nice
<whitequark>
my retinas ._.
<rqou>
whitequark: dumb question: what exactly is xargo and why is it magic?
<rqou>
why is cargo not sufficient to do whatever it is that xargo actually needs to do?
<rqou>
why is this part of rust not documented at all?
<whitequark>
cargo can compile crates that are, say, in crates.io, or a repository, or something like that
<whitequark>
libcore and libstd are a part of rust and they're implicitly expected to be found by rustc in its sysroot
<whitequark>
xargo takes the rust source distribution that comes with rustup, pulls the necessary libs out of it, builds them, and puts them in a sysroot
<whitequark>
that's more or less it
<whitequark>
at M-Labs we don't use xargo because it sucks if you have a fork of rust
<rqou>
wait why do you have a fork?
<whitequark>
instead I have a 10-line shell script that builds a sysroot for our architecture and that's... sufficient
<whitequark>
uh
<whitequark>
because OR1K isn't in upstream LLVM and so it can't be in upstream Rust
<rqou>
ugh
<rqou>
that's dumb
<rqou>
wait, it isn't?
<whitequark>
it isn't
<rqou>
i swear i saw plumbing for or1k support
<whitequark>
no one has upstreamed it
<whitequark>
doubt it
<whitequark>
it has never been there afaik
<rqou>
hmm
<rqou>
maybe just in libunwind
<rqou>
so why isn't it upstream yet?
<whitequark>
oh
<whitequark>
yea, I upstreamed the libunwind patches
<whitequark>
because those don't really depend on anything
<whitequark>
why? because upstreaming a backend into LLVM is a multi-month commitment and then you have to maintain buildbots forever
<whitequark>
I mean, it makes sense, you want a backend to not be shit and you don't want it to break
<whitequark>
but M-Labs isn't gonna let me do that
<rqou>
and now everybody ends up with their own special snowflake llvms
<whitequark>
that's better than an unmaintained piece of shit upstream
<whitequark>
when you use "some random person's llvm" you have the right expectations
<rqou>
so rust can't use an external llvm?
<whitequark>
sure it can
<whitequark>
./configure --llvm-root
<rqou>
then why do you need a special fork?
<whitequark>
because rust needs to understand the platform C ABI
<rqou>
i thought there was a magic file that told it that?
<whitequark>
and--now *this* is very stupid--llvm doesn't include an implementation of C ABI
<rqou>
(except for the part where all such examples seem to be bitrotted and don't work anymore)
<whitequark>
so everyone rolls their own shitty C ABI
<whitequark>
no, that's different
<whitequark>
that file is like the gcc specs thing
<whitequark>
it tells rustc what kinda files to write, how to invoke the linker, which cfg() switches to activat
<whitequark>
however C ABI is defined via code only
<rqou>
but supposedly it also has things like "The LLVM data layout to use."
<whitequark>
that one is actually really dumb
<whitequark>
LLVM targets know their data layout perfectly well
<whitequark>
I'm not sure why rustc even needs that field
<rqou>
idk, none of the examples of rust target files seem to work anymore :P
<whitequark>
no, it does need it
<whitequark>
but I don't know why
<rqou>
everybody who isn't doing cortex-m seems to just shrug and give up
<whitequark>
because they're weak?
<whitequark>
seriously, you simply go and read the source of rustc_trans
<whitequark>
it's extremely well documented
<whitequark>
and you have several dozens of examples right inside of it
<rqou>
hmm, so "cpu" and "data-layout" in the target file are both not sufficient?
<rqou>
then what's the point of target files?
<whitequark>
uh, no
<whitequark>
let's say you have ARM. the entire ARM platform uses a few defined ABIs.
<whitequark>
well, nothing except EABI matters anymore, so basically one ABI
<whitequark>
however it has a bazillion possible CPUs
<whitequark>
and even more target features
<whitequark>
the only case where you can't use a target file is when you need a new LLVM backend
<whitequark>
well, there's also the stupid reason for needing to fork rust, namely the fact that you need to call LLVMInitializeOR1K{AsmParser,AsmPrinter,...}
<whitequark>
but that could probably be automated into a build script if someone really wanted it
<rqou>
ah, so target files would be used for e.g. armv4shittycoprocessoredition-vendorros-eabi
<whitequark>
yes
<whitequark>
that's basically all they're useful for
<whitequark>
well, also things like overriding a linker
<rqou>
i thought cargo/xargo can just override the linker?
<rqou>
i guess i'm glad i didn't try to add ppc64 musl support to rust
<whitequark>
oh?
<rqou>
(not that i ever got ppc32 musl working either)
<whitequark>
how is that wrong?
<rqou>
musl only supports ELFv2 regardless of endian
<whitequark>
huh]
<rqou>
iirc rich felker thinks ELFv1 is dumb :P
<rqou>
ah "has function descriptors, so you cant just reference a function pointer, mainly makes asm code messier as needs a header for every function."
<rqou>
"v2, usually known as powerpc64le, helpfully. It is not little endian exclusively, but there are no existing distros that are big endian."
<rqou>
but afaik this distinction is a userspace problem and the syscall interface works the same way
<rqou>
why are all linux ABIs a disaster in some way?
oeuf has joined ##openfpga
digshadow has joined ##openfpga
egg|egg has quit [Ping timeout: 264 seconds]
eduardo_ has joined ##openfpga
eduardo__ has quit [Ping timeout: 260 seconds]
<whitequark>
wtf why do lattice technotes recommend obviously wrong things
<rqou>
Vendors(TM)
<whitequark>
it says use 49 dummy SCK cycles in one place and 100 in another
<whitequark>
and the real number that the FPGA uses is 14
<rqou>
tololo
<rqou>
*trololo
<rqou>
damn it's late
<whitequark>
this can lead to bus contention...
* rqou
zzzz
<whitequark>
well I guess if a 8mA driver is fighting with a 4mA one
<awygle>
rqou should use that to implement his parametric footprint generator
m_w has joined ##openfpga
<kc8apf>
mithro: CircuitData-Language seems in the vein of IPC-2581. Many attempts to standardize PCB manufacturing data formats but no real success.
<awygle>
which is a bummer
<awygle>
whitequark: every component is now in kicad PR form
<awygle>
i have other stuff to pivot to for probably the rest of today but i'll keep an eye on the PRs and address anything that comes up from the maintainers
<pointfree>
...maybe that could actually be useful in some way: easily subdivided endlessly, combine with sequential logic and logic minimization to minimize expressions with relative timing.
<pointfree>
The direction of the microwave plate reverses from the previous direction every time I turn it on again.
<pie__>
is...the microwave plate related to the gray code
<pie__>
because yeah i thin ka lot of microwaves do that
<pointfree>
pie__: it most likely uses a gray-code rotary encoder.
<pie__>
huh.
<pie__>
why would a microwave need to keep track of plate rotation
<qu1j0t3>
oh, yeah, why aren't grey coded DACs more common
<qu1j0t3>
gray*
<pie__>
*rainbow
<pointfree>
each digit of a gray code would be a frequency. Mask digits to filter out frequencies
mumptai has quit [Quit: Verlassend]
pie__ has quit [Ping timeout: 255 seconds]
pie_ has joined ##openfpga
<awygle>
ugh pcb assembly is the worst lol
pie_ has quit [Ping timeout: 264 seconds]
<Prf_Jakob>
Tonights progress on the crazy plan of using DDR3 SODIMM as a FPGA breakout board. https://i.imgur.com/q6uPzFK.png
marcan has quit [Ping timeout: 240 seconds]
marcan has joined ##openfpga
<awygle>
ooo so many dimensions
<Prf_Jakob>
Heh, thanks. Kicad's learning curve is not the friendliest.
<awygle>
very true
<awygle>
well that's cool, icecube thinks my host id doesn't match even though it does. great.
<awygle>
why the hell do they even have licenses on a tool that is 100% free