<rqou>
aargh, maintaining gpg is such a pain in the ***
<rqou>
all of my openfpga auto-builds are now failing because i let the key expire
<rqou>
fails with the best error too: "secret key parts are not available"
<rqou>
does anybody actually _use_ gpg?
<lain>
what are you doing with gpg that it breaks your build?
<rqou>
after building a tarball, i sign it with gpg to tell people "yes, it was indeed built on this computer that i administer"
<rqou>
which isn't a very strong guarantee, but still
<rqou>
e.g. as usual it doesn't guarantee that the code is "safe"
<lain>
that implies you're able to sign without being physically present
<lain>
which defeats any guarantees, as far as I'm concerned :P
<rqou>
well, the key is stored on a smartcard, but there's no cryptographic way to verify that
<rqou>
like i said, it's a pretty weak guarantee
<rqou>
lain: what type of guarantees are even useful to offer on unattended nightly builds?
<lain>
hm
<lain>
I guess all you can do is exactly what you're doing - guarantee that they were built on a given machine. it makes no guarantee that, eg., the machine is not compromised or etc
<lain>
as long as the gpg key is only ever used for signing nightlies, I don't see a problem with that
<lain>
if it's used for other things, I would consider the persistent passwordless access to it equivalent to a key compromise
<rqou>
oh yeah, it's a separate key
<lain>
I'd just give it an arbitrarily far expiry (like, 10+ years), and maybe pre-generate a revocation, to store somewhere safe. though that's probably even more than needs to be done under the circumstances
<rqou>
also, access to the key isn't passwordless
<rqou>
but the password is stored on the machine and can be retrieved with a privesc
xdeller_ has joined ##openfpga
rohitksingh_wor1 has joined ##openfpga
rohitksingh_work has quit [Ping timeout: 248 seconds]
xdeller has quit [Ping timeout: 268 seconds]
Bike has quit [Quit: Lost terminal]
sgstair has quit [Ping timeout: 256 seconds]
rohitksingh_wor1 has quit [Ping timeout: 240 seconds]
rohitksingh_work has joined ##openfpga
<whitequark>
rqou: why even use gpg
<rqou>
what would you use instead?
<whitequark>
nothing
<rqou>
i mean, sure that works
sgstair has joined ##openfpga
<awygle>
i feel vaguely guilty for never using gpg but its utility seems pretty sharply limited
<rqou>
why johnny still still still still still still still {...} can't encrypt
<rqou>
although the current gen of e2e encrypted chat is starting to finally approach a hint of usable by normal people
<whitequark>
dunno, signal is pretty usable
<rqou>
have you tried to get a "normal person" to use signal?
<whitequark>
yes?
<rqou>
hmm, that's pretty impressive
<whitequark>
impressive?
<whitequark>
signal isn't any harder to use than whatsapp or whatever
<rqou>
i've also succeeded in getting a "normal person" to use FB's (yes, eww, i know) e2e encrypted chat
<rqou>
so i suppose this gen of e2e encryption is usable
<rqou>
i expected the difficulty for Signal to arise in "why do i care about this? why do i need a whole 'nother app for this?
<whitequark>
"because i'm about to talk to you about illegal shit" lol
<rqou>
i see
<rqou>
there's still a bit of inertia to installing yet another app though
<awygle>
i don't know anyone i'd talk to about illegal shit that i consider "normal", but i feel like signal is getting kind of trendy. or that other one, telegram? which is apparently a security dumpster fire?
<awygle>
i dunno i don't actually work here
<whitequark>
telegram is made by a team of people who won a lot of programming contests
<whitequark>
that's why they think they're really smart and reimplement everything from scratch
<whitequark>
the culture is painfully obvious
<awygle>
i see
pie___ has quit [Ping timeout: 256 seconds]
pie___ has joined ##openfpga
<azonenberg>
rqou: we use gpg at work all the time
user10032 has joined ##openfpga
ondrej2 has quit [Ping timeout: 265 seconds]
ondrej2 has joined ##openfpga
indy has quit [Ping timeout: 245 seconds]
user10032 has quit [Remote host closed the connection]
pie___ has quit [Ping timeout: 245 seconds]
futarisIRCcloud has quit [Quit: Connection closed for inactivity]
sgstair has quit [Ping timeout: 260 seconds]
<lain>
the fact that Signal requires a phone number put me off of it for a long time, but eventually I caved and set it up with a VoIP number so I could talk to some people
<lain>
getting the other party to actually validate the "safety number" in a meaningful way is another matter entirely, however
pie_ has joined ##openfpga
xdeller_ has quit [Quit: Leaving]
xdeller has joined ##openfpga
<whitequark>
lain: that's exactly what makes it usable for normal people though
Bike has joined ##openfpga
Bike is now known as Bicyclidine
indy has joined ##openfpga
pie_ has quit [Ping timeout: 255 seconds]
rohitksingh_work has quit [Read error: Connection reset by peer]
ZipCPU has joined ##openfpga
pie_ has joined ##openfpga
oeuf has quit [Read error: Connection reset by peer]
oeuf has joined ##openfpga
pie_ has quit [Ping timeout: 256 seconds]
pie_ has joined ##openfpga
genii has joined ##openfpga
m_t has joined ##openfpga
rohitksingh has joined ##openfpga
pie_ has quit [Ping timeout: 240 seconds]
pie_ has joined ##openfpga
plaes has quit [Remote host closed the connection]
rohitksingh has quit [Quit: Leaving.]
rohitksingh has joined ##openfpga
plaes has joined ##openfpga
plaes has joined ##openfpga
eduardo__ has joined ##openfpga
m_t_ has joined ##openfpga
eduardo_ has quit [Ping timeout: 240 seconds]
m_t has quit [Ping timeout: 260 seconds]
eric_j_ is now known as eric_j
rohitksingh has quit [Quit: Leaving.]
mumptai has joined ##openfpga
user10032 has joined ##openfpga
uovo has joined ##openfpga
oeuf has quit [Ping timeout: 252 seconds]
balrog has quit [Ping timeout: 265 seconds]
balrog has joined ##openfpga
sgstair has joined ##openfpga
jeandet has quit [Read error: Connection reset by peer]
jeandet has joined ##openfpga
<mithro>
daveshah: The issue wasn't that the files where missing, it was because they had absolute paths in them, they were looking for files in the wrong place!
<daveshah>
mithro: That makes sense
<daveshah>
mithro: Didn't have a chance to do XML stuff today unfortunately
<mithro>
daveshah: We now have yosys + vtr packaged up in the TimVideos conda, so I can deploy it on travis
<daveshah>
mithro: Great, will be nice to have Travis working
<mithro>
daveshah: I just need to fix up the prjxray importers
<mithro>
daveshah: and get the image rendering stuff working again and I can get back to trying to make pnr work
mircea_popescu has joined ##openfpga
<mircea_popescu>
rqou someone indeed is using it ; see the whole V build system.
<mircea_popescu>
but it's being replaced, for being exactly a pos.
<rqou>
using what?
<pie_>
so my lack of knowledge of specifics resulted in a faliure to convince my materials science teacher that IC reversing is feasible
<pie_>
today.
<qu1j0t3>
what.
user10033 has joined ##openfpga
<pie_>
a specific problem point was that he thought sample prep isnt easy and that its not sufficient to image the top layer
<pie_>
something something
user10032 has quit [Ping timeout: 240 seconds]
<mircea_popescu>
rqou gpg
<mircea_popescu>
well, rsa sigs for code certification, anyway.
<mircea_popescu>
pie_ that's funny, i know a guy who did/does it for a living.
<mircea_popescu>
would you like a quote from people who make it their business to peel ic layer by layer and photograph the results ? iirc it was to the tune of five digit for a bolix chip.
sgstair has quit [Ping timeout: 240 seconds]
<pie_>
mircea_popescu, well i know its *possible* different question whether i can come up with a project proposal to have them let me use the EM lol :C
<pie_>
i did mention people do this for a livign
<mircea_popescu>
not what you originally said though. feasible, it is. whether useful to you, well... i have nfi.
<pie_>
well yeh
<pie_>
i just want to try it :/
<mircea_popescu>
why ?
<pie_>
seems fun
<qu1j0t3>
mircea_popescu: was that actually done for a Symbolics chip? MacIvory was it? (I had guessed that that was a process too modern to be RE'd)
<pie_>
anywy i need to look into it more anyway
<mircea_popescu>
you familiar with naggum's "matrix reversal" objection ?
<pie_>
no im not
<mircea_popescu>
qu1j0t3 not yet done afaik ; not usably fully yet at any rate. they're dancing around it but maybe before the decade's out.
<qu1j0t3>
pie_: You'd probably want to attempt a very simple chip at first.
<pie_>
qu1j0t3, of course
<qu1j0t3>
pie_: I have a dead LM248N to donate to your initiative.
<pie_>
on the tech side, we probably have imaging tech, havent really studied the deprocessing enough past depackaging to have much of a clue about that
<pie_>
qu1j0t3, well i can probably just grab some random junk if nothing else, probably the least of the problems
<qu1j0t3>
definitely the least :-)
<pie_>
well in any case, i need to do more on my side
<pie_>
mircea_popescu, so whats this matric reversal stuff?
<mircea_popescu>
and you would of course want to reverse the only chip worth even studying that's yet been made, ie the z80.
<pie_>
Like, you don't buy a 150-million-dollar
<pie_>
printing press just because you got an idea about publishing a newspaper --
<pie_>
( you upgrade from the 75-million-dollar printing press when you approach 20
<pie_>
out of 24 hours running time 7 days a week and want to not run out of hours
<pie_>
of the day before the new press can be delivered and run in.)
<mircea_popescu>
the fact that your teacher didn't link you to that makes me very suspicious of the entire programme. it doesn't sound like much of a university (and he certainly doesn't sound like he has any business teaching anyone anything)
<mircea_popescu>
but, to make a long story short, you don't become a better wizard by upgrading your want to the more expensive version, helpfully labeled "professional" by the marketing dept of acme wands co.
<pie_>
sorry for being dumb, im sort of missing your point
renze_ has quit [Quit: Spaceserver reboot?!]
<Ultrasauce>
you can get pretty far doing this with a simple optical scope rather than a SEM
<mircea_popescu>
especially on 80s tech.
<Ultrasauce>
and there are plenty of die images available that you could start analyzing today
<pie_>
Ultrasauce, well youre right about that
<pie_>
Ultrasauce, that too
<pie_>
i guess i have a craving for some hands on stuff
renze has joined ##openfpga
<pie_>
anyway optical scope acess would probably be a lot easier to source since theres a metallurgical lab...keyword probably
<pie_>
im more hung up at this point on actually depackaging something
<pie_>
i guess i should poke my friend at the chem department
<pie_>
my home is definitely not a suitable place for chemistry
<pie_>
mircea_popescu, is it that expensive btw because they can or just cost of everything; tooling depreciation, maintenance, etc
<mircea_popescu>
that is actually cheap, us firms want a degree of magnitude more.
<qu1j0t3>
i thought it was cheap as well
<pie_>
well, i guess if you have a legit reson for requesting stuff like that youll have that kind of money
<mircea_popescu>
indeed.
<pie_>
:/
<qu1j0t3>
i'd also want to see proof of what the results would look like.
<pie_>
businesss pls
* pie_
is just a dude
<qu1j0t3>
looong before writing a cheque.
<mircea_popescu>
i'm sure he saw something, didn't press the matter. guy's on freenode tho, you can certainly ask.
<mircea_popescu>
but yes, considering how few of the chips are still about (leaving aside how much they "cost", in such situations of zero supply mkt is known to not price well)...
<pie_>
im slightly confused because at one point the teacher said the running costs of the microscope arent really a problem but later when i brought this up he said the hourly rate is about 100$
<pie_>
maybe the qualifier for this was the former case is covered by reasearch stuff or somethin
<pie_>
*Shrug*
<mircea_popescu>
pie_ very much depends what resolution is involved.
<pie_>
im pretty sure zooming doesnt cost extra :P
<mircea_popescu>
do you understand how microscopes work ?
<pie_>
unless you mean you need more time to cover the sample
<mircea_popescu>
or rather, heisenberg's limits on when they don't ?
<pie_>
fwiw i study physics
<mithro>
tinyfpga: If you have any questions about the utmi board, ask rohit singh who is in this channel a lot of the time
<pie_>
though the degree is a bit far away right now. the answer to your question is more or less
<mircea_popescu>
good. so then, there is such a thing as the finest detail that can be seen with a certain set-up. zooming does indeed cost extra.
<tinyfpga>
mithro: ok, thanks
<mithro>
tinyfpga: he designed the pmod adapter board and is writing a migen based USB core
<pie_>
ok sure but im not going to be imaging at 7 nanometers
<pie_>
or rather, im doubtful
<mithro>
tinyfpga: You should also now have a board for each of the major Xilinx parts I care about, Spartan 3, Spartan 6 and Artix 7
<tinyfpga>
mithro: the spartan 3 part _might_ be too small for the bootloader
<mircea_popescu>
mithro do you have an open process to use the spartans btw ?
<mithro>
tinyfpga: Possibly
<mithro>
mircea_popescu: Nope
<mithro>
mircea_popescu: I would like one but it doesn't really make sense for me to spend any time on it
<mircea_popescu>
mithro kinda why s.nsa prefers the ices.
<mithro>
mircea_popescu: It only makes sense for someone to do if they want to learn the process - otherwise if your goal is to actually do something which is useful - concentrating on the Xilinx Series 7 is much more logical
<mircea_popescu>
the received wisdom is that "well, xilinx mostly try to prevent reversers by simply shuffling everything around periodically and retiring any boards people put time into"
<mircea_popescu>
so there's no republican concentrating on xilinx at all atm.
<mithro>
mircea_popescu: Have you seen SymbiFlow?
<mircea_popescu>
i have not.
<mithro>
mircea_popescu: symbiflow.github.io -- what I'm spending all my spare time on
* mircea_popescu
puts in hopper.
<mithro>
mircea_popescu: Including time I should probably be sleeping :-P
<mircea_popescu>
hey, i'm doing 7 hours ~naturally~ these days. i have nfi how it works, but apparently it does.
<pie_>
mithro, do you have an IR? would be nice if someone made a CLaSH frontend at osme point maybe
<mithro>
IR?
<pie_>
intermediate representation
<mithro>
what is CLaSH?
<pie_>
well i mean theres always output to verilog but meh
<pie_>
:P
<pie_>
clash-lang.org
<kc8apf>
spartan 3 looks pretty straightforward to support. just not worth doing right now
<mithro>
pie_: Clifford's advice is that Verilog is our best bet at an IR :-P
<pie_>
waiting on my ice40 to actualyl start poking at it
<pie_>
fair enough *shrug*
<pie_>
oh that reminds me of something i wanted to ask on the topic of bitstream reversing
<kc8apf>
Ugh. Verilog is a terrible IR
<pie_>
im in no position to tell them to use something else :P
<kc8apf>
well, I hack on SymbiFlow as well
<pie_>
so since simulated annealing is used for pnr, is bitstream gen even deterministic? do they let you specify a seed or something or just press the route button over and over
<mithro>
pie_: kc8apf is probably a person to answer those questions for you
<mithro>
pie_: about bitstream questions, I can answer PnR related stuff
sgstair has joined ##openfpga
<pie_>
the reason im asking is if you can just keep passing the same input and get different results, maybe you can classify things in the bistream without even using different inputs
<kc8apf>
pie_: different software takes different approaches
* pie_
vaguely muses uninformedly about inference sometimes
<kc8apf>
from what I see in VPR, the placement should be deterministic
<kc8apf>
routing might not be
<pie_>
i feel like there could be some neat statistical/deductional inference methods for reversing bitstreams but i dunno, i need to read more of the literature
<kc8apf>
VPR uses a clustering algorithm for packing
* pie_
needs more time and energy and focus
<kc8apf>
Writing verilog using the primitives directly work pretty well to get outputs
<kc8apf>
challenge is writing the variations to trigger all the different configurations
<pie_>
right
<kc8apf>
frequently, that is within a single BEL so PnR won't change it
<pie_>
well sure that makes sense, in this specific case i was wondering if this approach could yield some kind of classification information not for the primitives but maybe on some other level
<pie_>
im mostly talking out of my ass though
<kc8apf>
interconnect is pretty easy to work out
<kc8apf>
decoding the config options within a BRAM tile is the kind of thing that takes a long time
<mircea_popescu>
i dunno, he's this mysterious fellow from some research institute near moscow, drops by now and again to point out errors in alf's FFA impl.
<mircea_popescu>
but he's the guy who originally linked your workpile.
<pie_>
mircea_popescu, though if i had a student come up to me with some mildly plausible crazy shit maybe id be more supportive, idk
<pie_>
im also less articulate verbally than in writing, which probably didnt help :|
<mircea_popescu>
pie_ you familiar with greenspun's objection to supportive teaching at the undergrad level ?
<pie_>
mircea_popescu, no but i could see some advantages to either side
<pie_>
theres a difference between crackpot and crazy
<mircea_popescu>
"Chuck Vest, the president of MIT, in a private communication to some faculty, once described MIT as "a no-praise zone". My first week as an electrical engineering and computer science graduate student I asked a professor for help with a problem. He talked to me for a bit and then said "You're having trouble with this problem because you don't know anything and you're not working very hard.""
<pie_>
like, "ok maybe you should look into XYZ and consider if it makes sense" or "write down some pages on what exactly you want to do and why you think it would work"
<pie_>
"You're having trouble with this problem because you don't know anything and you're not working very hard." - even that would have been helpful
<pie_>
though...ok fine in all fairness i figured that out myself
<pie_>
so i should stop spamming and get to work :P
RaivisR has quit [Read error: Connection reset by peer]
DrLuke has quit [Quit: No Ping reply in 180 seconds.]
DrLuke has joined ##openfpga
user10033 has quit [Quit: Leaving]
cr1901_modern has quit [Read error: Connection reset by peer]
<mithro>
pie_: Still a better connection than some of the copper in the ground in Australia
<rqou>
why does internet in AU suck so much? do your wild animals chew up all the wires or something?
<mithro>
rqou: Because in the 1990's we privatized our telecom industry and then kept voting in conservative governments that let the new private company get away with not doing any maintenance
<mithro>
rqou: Then when we finally had a *good* plan to replace it all with upgradable fiber to the home, we voted in another conservative government that gutted the plan
<pie_>
"oh."
cr1901_modern has joined ##openfpga
<awygle>
suddenly the timing of "morning"s from mithro makes sense to me :P
<mithro>
awygle: Actually, I'm in the US now
<mithro>
But I am Australian
* awygle
returns his default state of confusion
<rqou>
btw awygle how's your foot?
<awygle>
rqou: getting there! physical therapy. doctors appointment on the 13th where i hope to recover the ability to drive
<mithro>
awygle: It's always morning on the internet
<awygle>
if you are looking for a fun thing to do on a tuesday afternoon, holding your foot in a bucket of ice water is not it.
<awygle>
awygle: i have a coworker who only says good morning regardless of time
<awygle>
.... mithro: ^
<awygle>
it's been a long day.... lol
<awygle>
anyway i am predicting a week to drive, 2-3 weeks to being able to mop my floors, and probably 5-6 weeks to being back in the gym
<rqou>
O_o healing a broken foot takes that long?
<awygle>
6 weeks for bones, another 6ish for soft tissue according to my doctor
<awygle>
protip: don't break your foot. or if you do, break the left one.
<pie_>
:| onoes
<awygle>
eh i'm ok. could have been worse. and i can't imagine how people who can't afford e.g. lyft manage with broken feet.
<awygle>
rqou: lol no i haven't, i'll send it around
<awygle>
aww dave likes us
<awygle>
these eevblog videos are so much longer than they need to be
<mircea_popescu>
all vlogging is like that ; turn a html worth 5 minute's read into a droning hour of boring nonsense.
<mircea_popescu>
unsolvable problem, too. when reading i stop to think when i need. when watching, the thinking breaks must be included by the author, an impossible task.
mumptai has quit [Quit: Verlassend]
<qu1j0t3>
or hit pause?
<mircea_popescu>
yeah, i could edit it in my own, hitting pause and shift-right all the time in vlc. except these are never in vlc, they're in shittube which doesn't even have shift-right.
<qu1j0t3>
i don't really define hitting pause as editing
<mircea_popescu>
but note that the problem wasn't that they're TOO FAST.
* qu1j0t3
watches most things on 1.25x
<mircea_popescu>
in any case, if you want the user to do the editing, it's always smarter to publish the storyboard instead. hence html.
<qu1j0t3>
leave a comment to that effect
<mircea_popescu>
i did :)
<qu1j0t3>
awygle: Dave likes to repeat himself. :)