<azonenberg>
This is the admissions exam for the local nerd & geek society back when i was in high school
<azonenberg>
(well, one version of the exam)
<azonenberg>
I was the admissions officer and apparently retained one of our candidate's tests after grading it
<azonenberg>
He got a 30%, which was better than we expected :p
<rqou>
lol is this the nerd version of hazing? :P
<azonenberg>
rqou: Not exactly
<azonenberg>
Basically, to join the society you had to prove you were a nerd
<azonenberg>
We asked for employment history, school grades, etc to see what you were good at
<azonenberg>
then pulled questions from our pool tailored to your weaknesses
<azonenberg>
In order to create a take-home exam that would test your resolve, motivation, and research skills rather than your knowledge
<azonenberg>
If the candidate knew the answer to a question off the top of his head we considered it a failure on the part of the exam writer
* qu1j0t3_
runs a mile
<azonenberg>
Some of these questions are a lot easier to google now but back in 2003 or so this was a pretty hard exam
<azonenberg>
Mind you we gave this to a 7th grader
<azonenberg>
asking questions on subjects ranging from history to digits of pi to the IMAGE_DOS_HEADER
<Bike>
that explains the "POOP"
<azonenberg>
Lol
<azonenberg>
oh, and The Black Speech
<azonenberg>
(#19)
<awygle>
That's fun. Did they have to do this offhand? I would have got like 5 of those
<azonenberg>
Two-week take home exam
<azonenberg>
Any and all resources allowed other than a current member of the society
<azonenberg>
or another candidate taking the same version of the exam
<awygle>
Ah mk, much easier to answer e.g. 19 then
<azonenberg>
If you're a LOTR geek you'd know that off the top of your head
<azonenberg>
my one brother who wrote that question is actually fluent in both spoken and written Elvish
<azonenberg>
As well as the limited vocabulary from the Black Speech that was present in the books
<azonenberg>
But again, back in 2003 this was a lot harder to google
<azonenberg>
the 'net was a lot smaller
<awygle>
I'm a level 2 LOTR geek, defined as "read some of the other books but not all of them and mostly only once"
<awygle>
Many higher levels than that exist obvi
<azonenberg>
Another type of question we used was to give a photo of an obscure historical figure with no context
<azonenberg>
and ask who he was
<azonenberg>
(pre google image reverse search)
<azonenberg>
let's see, some other favorites
<azonenberg>
"In the movie Harry Potter and the Order of the Phoenix, a WW2 British warship is seen briefly. What is the name of the ship?"
<azonenberg>
This is during the scene when they're flying around London on their brooms
<azonenberg>
the nameplate of the ship is never seen
<azonenberg>
he frame-by-framed the scene to make sure :p
<azonenberg>
But if you find some pictures of the London skyline you can identify landmarks during the flight, figure out where they are
<azonenberg>
and narrow it down to one specific museum ship
<azonenberg>
Another one, i cant remember the wording, involved knowledge of ballistics and paleontology
<azonenberg>
scenario is, you're a zookeeper at Jurassic Park
<azonenberg>
A dinosaur has escaped and you need to knock it out so you can bring it back to the enclosure
<azonenberg>
You're given a sight picture through a tranquilizer gun with a mil-dot scope
<azonenberg>
Knowing the dino is an adult male, figure out the typical size of an adult male
<azonenberg>
then use the reticle to estimate the range given the angular size
<cr1901_modern>
sqrt(42) _is_ 6.whatever and it's still wrong?
qu1j0t3_ is now known as qu1j0t3
pie_ has quit [Remote host closed the connection]
<cr1901_modern>
Fun fact: When I was in high school, I didn't know how to traverse a file system
pie_ has joined ##openfpga
pie_ has quit [Remote host closed the connection]
<azonenberg>
cr1901_modern: hmm
<azonenberg>
That was the correct answer
<azonenberg>
i think
<azonenberg>
So not sure why I x'd it
<cr1901_modern>
B/c you just felt like it?
<azonenberg>
Lol
<azonenberg>
i may have messed up, not sure
<azonenberg>
it *was* like 15 years ago...
digshadow has quit [Ping timeout: 240 seconds]
balrog has quit [Ping timeout: 240 seconds]
balrog has joined ##openfpga
<qu1j0t3>
cr1901_modern | Fun fact: When I was in high school, || I thought division was done with repeated subtraction and that's how i coded it in assembler
balrog has quit [Quit: Bye]
balrog has joined ##openfpga
<azonenberg>
lol eew
digshadow has joined ##openfpga
digshadow has quit [Ping timeout: 248 seconds]
<qu1j0t3>
:-)
<azonenberg>
Hmmm
<azonenberg>
Power sequencing @_@
<cr1901_modern>
azonenberg: Can't ask clifford b/c not here, but you might know too...
<cr1901_modern>
Does Verilog specify attributes of the form (* my_attribute *), without a value attached to it?
<cr1901_modern>
B/c Xilinx doesn't appear to support this, but yosys has a pass to convert between (* my_attribute = bool *) and (* my_attribute *)
<azonenberg>
I think, but dont have the LRM in front of me
<azonenberg>
that this is equivalent to (* foo = 1 *)
<cr1901_modern>
azonenberg: According to SystemVerilog LRM, this is correct at least
<rqou>
"If a value is not specifically assigned to the attribute, then its value shall be 1 ."
<azonenberg>
i mean you probably know as much about it as me by now... :p
<rqou>
if i'm trying to get a certain set of outputs out of the ZIA
<rqou>
do you think a greedy search will work?
<rqou>
i.e.
<rqou>
collect the set of outputs needed
<rqou>
make sure there are <=40
<rqou>
for each output:
<rqou>
search ZIA table until found
<rqou>
return first output
<azonenberg>
You mean for routing?
<azonenberg>
i'd do max-flow
<rqou>
yeah
<rqou>
er, why do you need max-flow?
<azonenberg>
greedy would need backtracking
<azonenberg>
max-flow is a well known algorithm
<rqou>
does it though?
<rqou>
does it _really_ need backtracking?
<azonenberg>
there are potential conflicts otherwise
<rqou>
hmm really?
<azonenberg>
It's fairly easy to construct a set of inputs that, if you always choose the first possible location
<azonenberg>
result in an unroutable situation later on
<azonenberg>
you have to rip up some old routing
<rqou>
hmm, but if i try, most of these end up being unroutable always
<azonenberg>
Just max-flow, its a solved problem
<rqou>
hmm, i don't see how this is a max-flow problem?
<azonenberg>
Create a source node of infinite capacity, add an edge to a node representing each input you want to route
<azonenberg>
add edges from those nodes to each legal routing destination
<azonenberg>
add edge from each output to an infinite capacity sink
<azonenberg>
if the max flow is less than the number of inputs the design is unroutable
<azonenberg>
if equal, the solution gives you the routing
<rqou>
um, that's not _really_ max-flow :P
<rqou>
that has no better computational complexity than backtracking search
<azonenberg>
that isnt max flow?
<azonenberg>
sure sounds like it
<rqou>
i mean, i guess it technically is
<azonenberg>
Also, it's a well known algorithm you dont have to reinvent the wheel for
<rqou>
so is backtracking search :P
<rqou>
aka "a for loop"
<azonenberg>
max flow seems to be cleaner for this but w/e
<azonenberg>
make it work :p
<rqou>
"add edges from those nodes to each legal routing destination" produces the same number of edges as "loop over every possible site for every wanted input"
<rqou>
and almost all max-flow algos have a multiple of E in their complexity
<azonenberg>
Yeah it may not be algorithmically any faster
<azonenberg>
i just think it would be easier to follow code
<rqou>
hm, maybe i just really like backtracking search
<azonenberg>
lol
<rqou>
ah, i have an excuse!
<rqou>
constraints are easier to express in backtracking search
awygle has quit [Ping timeout: 240 seconds]
Hootch has joined ##openfpga
teepee has quit [Ping timeout: 258 seconds]
teepee has joined ##openfpga
teepee has quit [Ping timeout: 248 seconds]
teepee has joined ##openfpga
<rqou>
azonenberg: so if i go with my "greedy+min-conflicts" approach to xc2 par
<rqou>
i just realized that my algorithm currently will never move input-only pins
<rqou>
is it ever beneficial to do so?
<rqou>
input-only pins don't consume p-terms or zia inputs, and afaict it can only affect zia routability
<rqou>
which should be almost 100% anyways
<azonenberg>
i'm not super concerned about it finding optimal IOB locations
<azonenberg>
as i almost always do the PCB then constrain the chip to the PCB
<rqou>
right, but it's possible this can lead to unroutables that should be routable
<azonenberg>
at this point in the game i care a lot more about correctness than QoR
<azonenberg>
i.e. if it does route a design it must do so correctly
<azonenberg>
but it's OK to fail to route in rare circumstances
<rqou>
well, you're not going to like my new algo :P
<azonenberg>
oh?
<rqou>
(proving correctness is much harder)
<azonenberg>
not even provable correctness
<azonenberg>
at a minimum, thoroughly tested
qu1j0t3 has quit [Ping timeout: 248 seconds]
<azonenberg>
thats the nice thing about my max-flow alg btw
<azonenberg>
it's fairly easy to prove max flow leads to correct routing
<azonenberg>
and it should be easy to prove the algorithm is max flow by inspection
teepee has quit [Ping timeout: 252 seconds]
teepee has joined ##openfpga
teepee has quit [Ping timeout: 240 seconds]
teepee has joined ##openfpga
teepee has quit [Ping timeout: 258 seconds]
qu1j0t3 has joined ##openfpga
teepee has joined ##openfpga
m_t has joined ##openfpga
teepee has quit [Ping timeout: 248 seconds]
teepee has joined ##openfpga
ZipCPU|Laptop has quit [Quit: Transitioning to a lower energy state]
enriq has joined ##openfpga
xdeller has quit [Read error: Connection reset by peer]
xdeller_ has joined ##openfpga
xdeller_ has quit [Ping timeout: 248 seconds]
teepee has quit [Ping timeout: 252 seconds]
teepee has joined ##openfpga
stoopkid has quit [Quit: Connection closed for inactivity]
eduardo__ has joined ##openfpga
Ultrasauce has quit [Read error: Connection reset by peer]
eduardo_ has quit [Ping timeout: 240 seconds]
xdeller has joined ##openfpga
enriq has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
<awygle>
Because non infosec people don't understand this, and also reuse passwords.
<awygle>
I assume
<rqou>
i would also consider password reuse as a "that's your problem"/"you're holding it wrong" problem
digshadow has quit [Ping timeout: 248 seconds]
<azonenberg>
So, first question is
<azonenberg>
Why is HTTP with no TLS even still deployed for... well, anything really?
<whitequark>
rqou: because a "that's your problem" attitude is known to lead to exclusively negative results
<azonenberg>
If browsers start rejecting non-TLS connections unless some developer mode setting is enabled
<azonenberg>
problem solved :p
<whitequark>
azonenberg: well for one not everything is on a globally accessible domain
<azonenberg>
This is what self-signed certs are for
<whitequark>
how do I log onto my router at 192.168.1.1?
<azonenberg>
or, local CAs
<rqou>
also there's still the PKI protection racket that nobody wants to talk about
<azonenberg>
letsencrypt is doing a good job of smashing that up, no?
<whitequark>
if you teach people to clickthrough self-signed certs that's as bad as having http
<whitequark>
or even worse, really
<rqou>
let's encrypt is dismantling quite a bit of it, but there's still some protection racket stuff going on
<rqou>
e.g. "my desired name is blacklisted, why?" -> "we can't tell you, but we fixed it just for you because you complained"
<rqou>
or "how come you revoked this phishing cert because microsoft asked? why can't i get certs revoked? what about 'it's not the CA's job to police phishing?'" -> "*crickets*, vague mumbling"
<whitequark>
in letsencrypt?
<rqou>
yes
<rqou>
anyways, for the "192.168.1.1" problem, i actually had an idea to deal with that
<azonenberg>
Yeah they're not a fix-all
<azonenberg>
but a lot better than nothign
<azonenberg>
rqou: First-round easy fix: have browsers not require TLS for RFC1918 IP addresses
<azonenberg>
If you're somewhere that gives world-routable IPv4 addresses to everything on the LAN you're probably in a corporate network with an IT dept that can issue an in-house CA to everyone
<rqou>
but unfortunately i can't do it anymore, because the idea involved manipulating the PSL, and the PSL now has an explicit rule that entries added for the purpose of tricking let's encrypt are no longer allowed
<rqou>
so it's once again a "list of public suffixes, but only for companies that paid their protection fees"
<rqou>
this isn't exclusively about let's encrypt either
<rqou>
if you don't participate in the racket, you don't get supercookie protection
<grantsmith>
mmmmm suuuupercoookieee
digshadow has joined ##openfpga
<rqou>
"set a supercookie for '.com' what could go wrong?"
<rqou>
(fortunately this doesn't work)
<rqou>
you'll have to switch to a different supercookie mechanism, like "Like" buttons :P
digshadow has quit [Ping timeout: 258 seconds]
xdeller__ has quit [Ping timeout: 248 seconds]
digshadow has joined ##openfpga
<awygle>
rqou: "not my problem" doesn't work for passwords for the same reason it doesn't work for anti-vaxxers - it hurts people who can't defend themselves and it weakens herd immunity
<rqou>
passwords have herd immunity?
<awygle>
No but security practices do
<rqou>
hmm, i suppose so
pie_ has joined ##openfpga
<rqou>
hmm, i don't see any good way to fix "the website _owner_ was an idiot" problems
<rqou>
other than "make toolkits have fewer footguns and hope for diffusion"
<azonenberg>
rqou: you cant fix stupid
<rqou>
or making their bug report go viral so the site gets free pentests :P
<awygle>
Much more aggressive laws/enforcement of laws?
<rqou>
that worked _great_ for spam
<azonenberg>
Spam is sent by people who pretty much already know they're criminals though, and are in hiding
<azonenberg>
if you're trying to discourage behavior by legitimate businesses
<awygle>
Or in other words, aligning the incentives and preventing externalities
<azonenberg>
they can work
<awygle>
If you have a non-legal way to do that I am also fine with that, the law is just the lazy way lol
Bike has joined ##openfpga
<azonenberg>
"a non-legal way"
<azonenberg>
you mean Batman? :p
<rqou>
interestingly, somehow my .edu email seems to have gotten on a spammer mailing list
<rqou>
(it's also not hidden at all, so i guess i'm not surprised)
<azonenberg>
yeah my persona laddress doesnt get spammed too much but the work one gets it a lot
<azonenberg>
probably from cons etc
<azonenberg>
and/or contact info on various thigns
<azonenberg>
things*
<rqou>
most of it is (presumably) romance scams
<rqou>
what happened to the old trope of email scam all being dick pills?
<awygle>
My old address from running a business gets an astonishing amount of spam
<azonenberg>
I get maybe 10% dick pills and 90% "tech industry news"
<rqou>
i'm curious what distribution of spam you get
<azonenberg>
oh and also PMP training, for some interesting reason
<azonenberg>
actually there's also a sizeable fraction of Chinese academic conferences i've never heard of
<rqou>
no romance/traditional 419 spam?
<azonenberg>
i.e. pay-for-publication scams
<azonenberg>
I get the occasional 419 but they're not super common
<azonenberg>
cant remember ever seeing a romance
<azonenberg>
But when I see an email with the subject line "MR JOE SCHMOE"
<azonenberg>
I typically delete without opening
<azonenberg>
So some could well be romances and not bog-standard 419
<rqou>
oh yeah, lkml sub-lists seem to get a lot of traditional 419 spam
<rqou>
huh, i just checked my spam and there's a chinese guy who wants to buy my rqou.com domain for 800 RMB
<rqou>
also i get SEO spam
<mtp>
i get SEO spam phone calls
<azonenberg>
I get that by phone
<azonenberg>
But not email
<mtp>
and i tell them "i actually want to be harder to find online, do you have any services that can lower my search engine rankings instead"
<azonenberg>
Funny enough, i get it on my landline phone
<mtp>
none of them have a really good response to that
<azonenberg>
Which isn't in any way connected to any of my domains
<azonenberg>
so i feel like they're just robodialing
<azonenberg>
either that or somebody else used to own a domain on this phone #
<rqou>
interestingly i don't get seo spam on my phone
<rqou>
i do occasionally get actual physical mail, which is interesting
<rqou>
you would expect that to be the most expensive
<azonenberg>
i get that too
<azonenberg>
but much less common
<rqou>
hmm azonenberg how well do you know telephony infrastructure? i bet haxing that would be fun
<azonenberg>
Not at all
<rqou>
i did look into shady-looking wholesale voip providers
<rqou>
there's a (currently unavailable) 100gb dump
<azonenberg>
Dont know
<azonenberg>
i know some stuff was redacted
<azonenberg>
and the original dump seems to be hard to find now
<rqou>
but yes, i want the .sav files too because of morbid curiosity
digshadow has quit [Quit: Leaving.]
digshadow has joined ##openfpga
digshadow has quit [Ping timeout: 258 seconds]
<awygle>
99.9% of my spam wants to sell me details of my competitors' businesses or update my Dun & Bradstreet records
<rqou>
azonenberg: have you ever seen devices that defeat UAC and other security toasters by simulating a keyboard to press Win+R, enter, Y, etc. "in the wild?"
<rqou>
or is this just an idea that people have floated but never implemented?
<azonenberg>
I have never seen that in the wild
<azonenberg>
but i dont normally see hardware implants in general