Readit News logoReadit News
sliken commented on Cloth Simulation   cloth.mikail-khan.com/... · Posted by u/adamch
sliken · 7 days ago
Nice first approximation. The cloth has no momentum, a piece of cloth that clearly would swing down, past vertical, and then swing up just damps down and stops at vertical.

Also the falling pieces don't accelerate downward, which looks unnatural

sliken commented on Signal knows who you're talking to (2023)   sanesecurityguy.com/artic... · Posted by u/kekqqq
sandblast · 25 days ago
It's useless in the sense that it makes an anonymity promise to users that it cannot fulfill.
sliken · 21 days ago
Just because it's not perfect, does not mean it useless.

A central signal message service receives millions of messages, I've seen claims of 40M active users a month. If each user sends 25 messages a day, that's 12,000 ish a second.

Drawing conclusions about who is talking to each other out of a 12,000 message per second stream is far from trivial since both signal users are just sending and receiving encrypted packets to a central service. Much depends on how much you believe about how signal handles things on the server size.

Not sure federation or pure p2p would improve things, especially since some fraction of the service could be malicious.

sliken commented on Signal knows who you're talking to (2023)   sanesecurityguy.com/artic... · Posted by u/kekqqq
udev4096 · 21 days ago
> dragnet of surveillance by ISPs

Yet relying on them for even signing up. How ironic. Signal is good for normies seeking privacy but it's so bad if you look past that

sliken · 21 days ago
Signal seems pretty good, not sure it could be better and have evolved so quickly and gained so many users. Sure it could be more resistant to traffic analysis. What do you use?

I've pondered writing a p2p client that uses the signal encryption (double ratchet) and bounces fixed size packets off 2-3 other clients before delivery. All packets would be the same size, including those for the upkeep of the DHT.

To help make traffic analysis more difficult forwarding would include a random delay, DHT traffic would be indistinguishable from message traffic, and chaff would be added to allow for plausible deniability. Your client would talk to at least 3x as many other peers with similar timings and frequencies.

However the inherent compromises of P2P like increased CPU, network, and battery usage combined with higher latency and startup time seems like the adoption would be lucky to hit 0.1% of signal and then it's less useful since using it would raise flags.

Signal is so valuable because it has good e2e, it's popular, and whoever you want to talk to is likely to have at least heard of signal if not already running it.

sliken commented on Signal knows who you're talking to (2023)   sanesecurityguy.com/artic... · Posted by u/kekqqq
baxuz · 24 days ago
Number spoofing is trivial, and SIM cards can be bought retail for as little as 1€ in the EU and many countries around the world.

You can buy them in bulk on shady sites for as little as 5c per pop.

Most abuse happens on an industrial scale, and it's trivially easy and practically free to bypass this kind of "security" feature.

sliken · 22 days ago
Right, but 1€ isn't free. So if you manage to spam 1M people and make less than $0.05 * 1M = $50,000 then you are losing money.

Thus no spam on signal.

sliken commented on Signal knows who you're talking to (2023)   sanesecurityguy.com/artic... · Posted by u/kekqqq
udev4096 · 24 days ago
Moxie thinks everyone in the world is a fucking normie and people shouldn't be running servers because he hates freedom and loves centralizing everything. It's rare when such a genius cryptographer has hatred towards decentralization
sliken · 22 days ago
Wow, that's a pretty negative take.

Signals mission seems to be something along the lines of helping the most people increase their privacy. Better to help millions resist the dragnet of surveillance by ISPs, governments, and large organizations then to have perfect security for a few. This requires a very easy to use client (i.e. click on signal in the app store and launch), features users want (send receipts, typing notifications, emoji, video, calls, etc), and making wrong choices hard. Like say installing a random compatible with signal client from an untrustworthy source.

So Moxie is fine with people forking the open source client, but wants them to use their own servers.

Distributed/decentralization isn't some magic pixy dust that makes everything better.

So sure federation can work, but it's harder, and you run into things like XMPP. Are there secure XMPP servers out there, sure, but how do you tell? Which XMPP server supports which extension? How many people use XMPP for their chat/calls on a daily basis?

Seems kind of weird to pick on signal for doing things well and getting popular. Could it be more secure/private, sure. Could it do so AND be more popular, not so sure.

sliken commented on Strix Halo's Memory Subsystem: Tackling iGPU Challenges   chipsandcheese.com/p/stri... · Posted by u/PaulHoule
pixelpoet · a month ago
I actually cancelled my first FD order after seeing how much cheaper the Beelink was. Then after some weeks of waiting I noticed their website said sold out, and when I contacted their support they said oh yeah whoops, you might get your order in 3 months (website said up to one month).

So right then I asked for a refund worrying I'd been scammed (paying a Chinese company in USD from Germany without seeing VAT was pretty sus already).

Another thing is that apparently the ethernet is seriously broken, like makes the machine hang. Sill unfixed apparently, and also apparently the cooling isn't very good.

Soooo I went back to FD preorder, got it soon after. Expensive, but ehhh... every time I look at it I get a little dopamine hit <3333

sliken · a month ago
The network issue is the windows driver, only relevant if you are running windows. There is a work around by pinning the old version and I believe there's a new driver that works, but isn't the final driver.

Several reviewers have mentioned this.

sliken commented on Strix Halo's Memory Subsystem: Tackling iGPU Challenges   chipsandcheese.com/p/stri... · Posted by u/PaulHoule
Bairfhionn · a month ago
Framework Desktop Mainboard only, mini itx, 128gb, delivery in Q4 (which we are in)
sliken · a month ago
I got my framework desktop a few weeks ago, I'm quite fond of it.
sliken commented on Email verification protocol   github.com/WICG/email-ver... · Posted by u/sgoto
echelon · a month ago
> There is no advantage.

I can't tell you how many times email verification context switches made me completely lose track of what I was doing.

There's literally no worse context switch than having to go into your inbox, wait for an email, then come back to the appropriate tab to complete registration or login.

There are probably dozens, maybe hundreds, of services I never finished registering for all on account of this problem.

I worked authc/authz and security for a large fintech and we constantly butted heads against the growth folks. They fought hard and eventually won the right to do account creation and IDV without email verification. You don't have to verify your email until you're already making transactions, and that does wonders for growth. We're still accountable for all the stringent KYC regulations, of course.

sliken · a month ago
What's worse is that the email is often delayed at the sender (cheap bulk email services) or the receiver (gray listing), but for no reason I can fathom have a short expiration date.

What's worse they are often unique AND delivered out of order AND have no timestamp or sequence number. So you get to guess which is the newest, using any other fails, and the ones that succeed often time out before they can be used.

Having an expiration date as short as 15 minutes seems insane and counter productive.

sliken commented on Unexpected patterns in historical astronomical observations   su.se/english/news/unexpe... · Posted by u/XzetaU8
Yizahi · 2 months ago
To send and then slow a device of meaningful size across ten or hundreds of light years would require an enormous amount of energy, like truly incomprehensible amount. Then a civilization would need to produce them in millions and send to every single rock in the galaxy sector, because nuclear fission blasts are undetectable outside of star system. And then these robots need to function for billions of years continuously without any failure, because who knows which rock and at which time may develop sentient life. And when detection fission decay, such a robot must produce an enormous amount of power, to send a coherent optical signal over the tens of light years of distance. Meaning it has a gigantic power generator and equally impressive emitter. Which means even more mass has to be accelerated and then decelerated initially. And his sentient robot has to stare at a rock for billions of years without degrading electronically and without going insane.

And all that galaxy construction level effort for what? To learn hundreds or thousands of years late, that at rock number 123ABCD a fission has happened? And do what exactly with that useful information? Send extermination fleet? Or a robot with flowers, to pay respects?

People for some reason refuse to comprehend just how hard is it to send a speck of dust over light years of distance, let alone anything meaningful which won't break down in the process.

sliken · 2 months ago
Only if you are in a hurry, say an advanced civilization has been around for 1M years (0.07% faster than us). It might well be worth sending out millions of drones to the most promising areas at 1% of the speed of light, their advanced sensors and telescopes and science would likely be able to pick the most likely stars based on metal content, vicinity (i.e. stable of 1B years), water, temp, etc.

Not to mention they could send probes closer and further from the galactic center to take advantage of the slower and faster rotation rate to see new stars.

As for the nuclear fission blast I have my doubts. Ham radio folks brag about 1000 miles a watt, in a lossy atmosphere and multiple bounces that reflect less than 1% for each bounce. Using advanced things like tubes of transistors and a copper cable thrown over a tree branch.

Using the 1 watt per 1000 miles the largest nuclear explosion would be 22 light years, and clear line of sight through space is going to transmit quite a bit better than bouncing off the atmosphere then off the ground several times.

An advanced civilization could make say a square km array (which us lowly humans have managed) and would understand nuclear bombs enough to know their likely signature, decay rate, shape of the curve, etc. Much like how astronomers use supernovas as standard candles for distance, despite crazy different red shifts.

Seems quite reasonable for a civilization to keep track of anything going on in their fraction of the galaxy.

"People for some reason refuse to comprehend just how hard is it to send a speck of dust over light years of distance" It's only hard if you are in a hurry, in fact we have 3 rocks come through our solar system from well more than a light year away.

sliken commented on Interstellar Mission to a Black Hole   centauri-dreams.org/2025/... · Posted by u/JPLeRouzic
AlessandroF6587 · 2 months ago
How a nanoprobe (required by the propulsion solution) can send data back to us from >10 ly away?
sliken · 2 months ago
send 1 a day, that way you only have to communicate to the nearest probe.
s

u/sliken

KarmaCake day5603January 25, 2014View Original