1 2012-03-27 00:00:01 <luke-jr> in any case, shall I interpret your response as "I don't intend for 0.5.4 to hit SourceForge at all"?
2 2012-03-27 00:01:10 <gavinandresen> I'm not planning on spending any time downloading/uploading/creating SHASUMS for it
3 2012-03-27 00:02:26 <luke-jr> so "it's okay so long as some other 3 people do the gitian builds, and nanotube uploads"? :P
4 2012-03-27 00:02:43 <gavinandresen> sure, I'm not King of SourceForge
5 2012-03-27 00:02:49 <luke-jr> k
6 2012-03-27 00:03:35 <luke-jr> BlueMatt: sipa: devrandom: ping :P
7 2012-03-27 00:06:04 supson has joined
8 2012-03-27 00:06:17 MC1984 has quit (Quit: Leaving)
9 2012-03-27 00:06:31 darsk1ez has joined
10 2012-03-27 00:06:56 forsetifox has joined
11 2012-03-27 00:08:47 bluemoon23 is now known as bluemoon44
12 2012-03-27 00:12:35 * nanotube crowns gavinandresen king of sourceforge.
13 2012-03-27 00:12:50 <nanotube> sorry gavinandresen can't claim absence of kinghood anymore. :P
14 2012-03-27 00:13:29 OneFixt_ has joined
15 2012-03-27 00:14:50 <gavinandresen> P2SH support currently at: Found 113 matches in 144 blocks (78.5 percent)
16 2012-03-27 00:14:57 <Joric> get to the top 10 sourceforge projects first
17 2012-03-27 00:15:12 <Joric> i remember emule or edonkey was there back then
18 2012-03-27 00:15:53 <Joric> http://sourceforge.net/top yep still there
19 2012-03-27 00:16:07 OneFixt has quit (Ping timeout: 246 seconds)
20 2012-03-27 00:16:18 <Joric> which is kindof funny, since emule is dead
21 2012-03-27 00:17:09 <gavinandresen> 600 million downloads? that's.... wow.
22 2012-03-27 00:17:18 OneFixt_ is now known as OneFixt
23 2012-03-27 00:17:59 <sipa> let me just write a script to let all nodes in my botnet download bitcoin, instead of mining 1-tx blocks
24 2012-03-27 00:18:03 <sipa> oh, wait...
25 2012-03-27 00:18:44 <gavinandresen> i get the feeling the 1-transaction miner is just somebody disgruntled with the BIP16 changes.
26 2012-03-27 00:19:19 <sipa> why?
27 2012-03-27 00:19:19 <luke-jr> there's a way to find outâ¦
28 2012-03-27 00:19:26 <luke-jr> that IP subnet submit any blocks before?
29 2012-03-27 00:20:07 * luke-jr wonders if there's a way to ask blockchain.info
30 2012-03-27 00:20:08 <gavinandresen> dunno, I don't care about the issue enough to bother with it. Why do I think that? Just a few messages on the forums hinting at that being the reason.
31 2012-03-27 00:20:12 <[Tycho]> gavinandresen: but she can't do anything with BIP16 acting like this.
32 2012-03-27 00:20:23 <sipa> she? :o
33 2012-03-27 00:20:46 <Joric> Mystery Miner is a woman!
34 2012-03-27 00:20:48 <gavinandresen> She's moody, MUST be a woman.
35 2012-03-27 00:20:51 <luke-jr> LOL
36 2012-03-27 00:21:13 <sipa> Mystery Minerette
37 2012-03-27 00:21:34 <gavinandresen> Miss-tery miner
38 2012-03-27 00:22:10 <gavinandresen> If she doesn't support BIP16 by 1 April she'll be hit-and-miss-tery miner
39 2012-03-27 00:23:26 <splatster> Would anyone ever consider adding a patch that doesn't relay TXs from deepbit? Their TXs make up 27% of all the networks TXs because they refuse to use sendmany
40 2012-03-27 00:23:49 <sipa> splatster: they'd just mine their own txs
41 2012-03-27 00:24:09 <splatster> sipa: Ya, but it wouldn't fuck with the rest of the blocks
42 2012-03-27 00:24:27 <gavinandresen> Look on the bright side, it is good exercise for the network, helping us find scaling issues sooner.....
43 2012-03-27 00:24:58 <sipa> splatster: since deepbit has over 27% of the mining power, they can easily include all their own transactions without making the blockchain any smaller
44 2012-03-27 00:25:32 <splatster> sipa: But it might compel them to -consider- using sendmany.
45 2012-03-27 00:26:09 <sipa> splatster: ps, [Tycho] is here :)
46 2012-03-27 00:26:10 <Karmaon> wat are you gonna do now? stop relaying blocks from deepbit?
47 2012-03-27 00:26:20 <gavinandresen> splatster: if we were going to consider that, a more general "should I add this transaction to my memory pool" mechanism would be a better way to go, I think.
48 2012-03-27 00:26:27 <splatster> Karmaon: Not blocks, TXs
49 2012-03-27 00:26:34 <splatster> ok
50 2012-03-27 00:26:43 <Karmaon> splatster: yes, heard what you said ealier
51 2012-03-27 00:27:09 <Karmaon> 19:24:50 splatster | sipa: But it might compel them to -consider- using sendmany.
52 2012-03-27 00:27:21 <splatster> sipa: I don't care, in fact, I want him to know that I think their lack of adoption of sendmany is stupid
53 2012-03-27 00:27:46 <copumpkin> what's the reasoning for not using sendmany, by the way?
54 2012-03-27 00:28:05 <Karmaon> copumpkin: piss off guys like splatster :)
55 2012-03-27 00:28:18 <copumpkin> seems like a worthy goal
56 2012-03-27 00:28:53 <copumpkin> [Tycho]: I'll give you 100 coins to use sendmany
57 2012-03-27 00:28:57 <gavinandresen> Tycho's pool is the biggest because he's been very reliable.... changing things means risking things breaking
58 2012-03-27 00:29:00 <splatster> grrr, eliguis just made a 1-tx block
59 2012-03-27 00:29:23 <splatster> And there were 65 unconfirmed TXs
60 2012-03-27 00:29:25 iocor has quit (Ping timeout: 246 seconds)
61 2012-03-27 00:29:27 <[Tycho]> sipa: everyone does occasionally.
62 2012-03-27 00:29:34 <[Tycho]> err, splatster
63 2012-03-27 00:29:49 <sipa> splatster: "made" or "relayed" ?
64 2012-03-27 00:29:55 <splatster> [Tycho]: [6:26 PM] <copumpkin> what's the reasoning for not using sendmany, by the way?
65 2012-03-27 00:30:16 <[Tycho]> I think that "official" bitcoind can create 1tx blocks if POW is found in less than 2 minutes
66 2012-03-27 00:30:51 iocor has joined
67 2012-03-27 00:31:08 <[Tycho]> splatster: it would require changing things in the pool core.
68 2012-03-27 00:31:27 <splatster> [Tycho]: And it wouldn't at all be worth it?
69 2012-03-27 00:31:30 <[Tycho]> Also, there are at least two or more other reasons.
70 2012-03-27 00:32:10 <splatster> Do tell.
71 2012-03-27 00:32:16 <[Tycho]> Well, I'm considering switching to sendmany as a part of new security measures, but it's not a high-priority part.
72 2012-03-27 00:33:08 <[Tycho]> As for the blockchain bloat: do you think that this will save you from doing anything with it later ?
73 2012-03-27 00:33:56 <Joric> my Capital's shrinking please fix
74 2012-03-27 00:34:05 <Joric> is there a bug #1?
75 2012-03-27 00:34:16 <[Tycho]> It's already uncomfortably big enough.
76 2012-03-27 00:34:19 <splatster> I'm saying you are doing something unnecessary, especially considering how much you make every day.
77 2012-03-27 00:36:00 <[Tycho]> All those TXes are completely legitimate, I'm limiting autopayments to just one per 24 hours and at least 0.01 BTC, so I'm not breaking any rules.
78 2012-03-27 00:36:25 localhost has quit (Remote host closed the connection)
79 2012-03-27 00:36:49 BTC_Bear is now known as hbrntng!~BTC_Bear@unaffiliated/btc-bear/x-5233302|BTC_Bear
80 2012-03-27 00:37:01 <splatster> I never said you were breaking rules, I am saying you are being careless and, for lack of a better word, lazy
81 2012-03-27 00:37:59 <[Tycho]> You can tell that to me, but can you ask everyone to be careful and stop sending transactions to protect the blockchain ?
82 2012-03-27 00:38:19 <Karmaon> how can one break rules in bitcoin?
83 2012-03-27 00:38:24 <[Tycho]> Yes, I know that sendmany is way more optimal, but that's not how you fix such issues.
84 2012-03-27 00:38:30 <Joric> bitcoin just need a built-in p2p miner implementation to get rid of all pools
85 2012-03-27 00:38:36 <splatster> I never said you should stop sending TXs
86 2012-03-27 00:38:54 <splatster> You should consolidate them
87 2012-03-27 00:39:19 <[Tycho]> splatster: ok, let's imagine that someone starts sending such TXes instead of me. What will you do then ?
88 2012-03-27 00:40:06 <splatster> I will do my best to convince them to use sendmany, as I am trying to convince you
89 2012-03-27 00:40:06 localhost has joined
90 2012-03-27 00:40:23 <[Tycho]> How can you convince them if you can't even know who is it ?
91 2012-03-27 00:40:26 <Karmaon> lol
92 2012-03-27 00:40:58 <[Tycho]> You won't last long, especially if widespread adoption happens.
93 2012-03-27 00:41:21 <splatster> [Tycho]: Well then I would be SOL on that one, But It is quite obvious that 1vaynert is your addy
94 2012-03-27 00:41:42 <sipa> [Tycho]: unless that other person has a load of mining power, he will have to obey to whatever tx acceptance rules pools enforce, and the relaying rules for the rest of the network
95 2012-03-27 00:42:02 <sipa> sure, they may accept his transactions, and so be it in that case
96 2012-03-27 00:42:18 <[Tycho]> sipa: my fee policy is equal for all TXes.
97 2012-03-27 00:43:09 <[Tycho]> splatster: [04:31] [Tycho]: Well, I'm considering switching to sendmany as a part of new security measures, but it's not a high-priority part.
98 2012-03-27 00:43:30 <splatster> [Tycho]: Then do it.
99 2012-03-27 00:43:50 da2ce7 has joined
100 2012-03-27 00:43:50 <[Tycho]> But "convincing" is not how you act when someone is wrong in the internets.
101 2012-03-27 00:44:11 <gribble> New news from bitcoinrss: TheBlueMatt reopened pull request 973 on bitcoin/bitcoin <https://github.com/bitcoin/bitcoin/pull/973>
102 2012-03-27 00:44:19 <[Tycho]> In my case I already KNOW that sendmany is better.
103 2012-03-27 00:44:33 <[Tycho]> Otherwise it would be useful to explain it to me.
104 2012-03-27 00:44:55 <splatster> [Tycho]: WOW. You drop another block and yet again, a worthy TX with appropriate fees is not included over your own TXs
105 2012-03-27 00:45:09 <[Tycho]> splatster: what fees ?
106 2012-03-27 00:45:52 <Karmaon> if the network allows it, he's not breaking any rules.
107 2012-03-27 00:45:57 <Karmaon> lolollolololol
108 2012-03-27 00:46:16 <Joric> http://btcmsg.staticloud.com is PR'ing on forum https://bitcointalk.org/index.php?topic=47283.0 - 'I think this is really cool, good going.' :D
109 2012-03-27 00:46:21 <sipa> depends what rules you mean, but i general, i agree: he isn't: he's making the rules himself :)
110 2012-03-27 00:46:28 <[Tycho]> splatster: you can publish the TX hash and I can check it.
111 2012-03-27 00:47:36 <sipa> already 5 0.6.0rc5 nodes!
112 2012-03-27 00:50:32 <Joric> 6!
113 2012-03-27 00:51:46 <sipa> it takes around half an hour to show up in my node list (http://bitcoin.sipa.be/seeds.txt)
114 2012-03-27 00:52:49 d4de has joined
115 2012-03-27 00:52:49 d4de has quit (Changing host)
116 2012-03-27 00:52:49 d4de has joined
117 2012-03-27 00:53:12 <[Tycho]> Hmm, something happened with splatster
118 2012-03-27 00:53:48 <Karmaon> i bet he's making his own coin with his own rules
119 2012-03-27 00:57:02 <copumpkin> lol, I guess my bribe wasn't even worth acknowledging
120 2012-03-27 01:00:52 <sipa> copumpkin: the 100 coins for [Tycho] using sendmany?
121 2012-03-27 01:01:24 <copumpkin> yeah, but I'll retract it :(
122 2012-03-27 01:02:30 <[Tycho]> :)
123 2012-03-27 01:02:50 gfinn has quit (Ping timeout: 276 seconds)
124 2012-03-27 01:03:04 <sipa> copumpkin: which currency and/or chain? ;)
125 2012-03-27 01:03:07 danbri has joined
126 2012-03-27 01:03:10 <sipa> solidcoin testnet?
127 2012-03-27 01:03:11 <[Tycho]> copumpkin: sorry.
128 2012-03-27 01:03:15 <copumpkin> I was thinking btc :)
129 2012-03-27 01:04:57 danbri has quit (Excess Flood)
130 2012-03-27 01:06:48 splatster has quit (Ping timeout: 245 seconds)
131 2012-03-27 01:07:25 danbri has joined
132 2012-03-27 01:11:35 danbri has quit (Ping timeout: 246 seconds)
133 2012-03-27 01:12:53 danbri has joined
134 2012-03-27 01:13:14 splatster has joined
135 2012-03-27 01:14:54 Cablesaurus has joined
136 2012-03-27 01:14:54 Cablesaurus has quit (Changing host)
137 2012-03-27 01:14:54 Cablesaurus has joined
138 2012-03-27 01:18:35 <luke-jr> sipa: can you do a 0.5.4rc2 build?
139 2012-03-27 01:21:46 gfinn has joined
140 2012-03-27 01:21:58 <Joric> did you move tray / minimize settings to the registry?
141 2012-03-27 01:22:46 <Joric> oh i see, a whole bunch of settings
142 2012-03-27 01:24:46 Cablesaurus has quit (Quit: Oops. My brain just hit a bad sector)
143 2012-03-27 01:25:12 <luke-jr> Joric: that's in 0.6
144 2012-03-27 01:25:56 <sipa> luke-jr: depends on the OS; it may be the registry on windows
145 2012-03-27 01:26:06 <sipa> on linux it's a config file
146 2012-03-27 01:26:38 <luke-jr> sipa: yes, I meant it isn't the case in 0.5 :P
147 2012-03-27 01:26:42 <luke-jr> sipa: can you do a 0.5.4rc2 build?
148 2012-03-27 01:27:03 <Joric> what about bitcoin.conf on windows ppl like portable apps
149 2012-03-27 01:27:38 Cablesaurus has joined
150 2012-03-27 01:27:38 Cablesaurus has quit (Changing host)
151 2012-03-27 01:27:38 Cablesaurus has joined
152 2012-03-27 01:27:53 <luke-jr> Joric: bitcoin.conf still works afaik
153 2012-03-27 01:29:47 JRWR has quit (Quit: "If the dinosaurs had a space program, they'd still be here." - Ron Garan)
154 2012-03-27 01:30:03 * luke-jr pokes sipa :p
155 2012-03-27 01:32:43 <sipa> yes yes, already building
156 2012-03-27 01:32:56 <luke-jr> thx
157 2012-03-27 01:33:11 * luke-jr ponders who else can do the 3rd build
158 2012-03-27 01:35:56 <luke-jr> Ahimoth coblee coingenuity copumpkin da2ce7 dooglus ForceMajeure imsaguy2 Keefe makomk MagicalTux nanotube phantomcircuit tcatm twmz wumpus? :p
159 2012-03-27 01:36:49 <copumpkin> I suck
160 2012-03-27 01:36:57 <Joric> how do you even do that i got a whole bunch of boost and bdb errors
161 2012-03-27 01:39:14 <luke-jr> Joric: got Ubuntu?
162 2012-03-27 01:39:58 <Joric> *proudly* i got windows 7!
163 2012-03-27 01:40:08 <Karmaon> wat
164 2012-03-27 01:40:32 <luke-jr> Joric: can't build Windows binaries on Windows, sorry
165 2012-03-27 01:40:44 <luke-jr> at least not ones that gitian-verify
166 2012-03-27 01:42:35 noagendamarket has quit (Ping timeout: 260 seconds)
167 2012-03-27 01:42:47 <luke-jr> 3e9382041239e412838379547c15b456f55a5ff96dba32fe92979a706ceb63c7 bitcoin-0.5.4rc2-win32-setup.exe
168 2012-03-27 01:48:20 iocor has quit (Ping timeout: 276 seconds)
169 2012-03-27 01:50:54 iocor has joined
170 2012-03-27 01:51:36 iocor has quit (Client Quit)
171 2012-03-27 01:53:06 JRWR has joined
172 2012-03-27 02:01:32 Karmaon has quit (Read error: Connection reset by peer)
173 2012-03-27 02:02:11 Karmaon has joined
174 2012-03-27 02:04:30 <luke-jr> doh, gavinandresen forgot to pull #987 :p
175 2012-03-27 02:06:59 <splatster> What was in 987?
176 2012-03-27 02:07:24 <luke-jr> a code cleanup fix
177 2012-03-27 02:07:36 <luke-jr> I guess not as important with Bitcoin URI handlign being disabled
178 2012-03-27 02:07:43 * splatster <3 clean code
179 2012-03-27 02:08:03 <splatster> Especially if it has comments.
180 2012-03-27 02:10:01 <luke-jr> heh
181 2012-03-27 02:10:04 <luke-jr> it's mostly s/URL/URI
182 2012-03-27 02:10:23 barmstrong has quit (Remote host closed the connection)
183 2012-03-27 02:14:12 andytoshi has joined
184 2012-03-27 02:23:45 darsk1ez has quit (Ping timeout: 250 seconds)
185 2012-03-27 02:26:27 darsk1ez has joined
186 2012-03-27 02:50:06 Karmaon has quit (Read error: Connection reset by peer)
187 2012-03-27 03:06:11 Joric has quit ()
188 2012-03-27 03:08:08 danbri has quit (Ping timeout: 246 seconds)
189 2012-03-27 03:08:45 danbri has joined
190 2012-03-27 03:11:36 Karmaon has joined
191 2012-03-27 03:13:24 danbri has quit (Excess Flood)
192 2012-03-27 03:13:53 Phoebus has quit (Read error: Operation timed out)
193 2012-03-27 03:14:17 danbri has joined
194 2012-03-27 03:16:05 LittleDuke has quit (Ping timeout: 276 seconds)
195 2012-03-27 03:16:41 LittleDuke has joined
196 2012-03-27 03:17:49 Phoebus has joined
197 2012-03-27 03:18:38 phantomfakeBNC has joined
198 2012-03-27 03:21:51 diki has quit (Ping timeout: 252 seconds)
199 2012-03-27 03:24:05 LittleDuke has quit (Excess Flood)
200 2012-03-27 03:25:40 LittleDuke has joined
201 2012-03-27 03:28:52 user has quit (Quit: Leaving)
202 2012-03-27 03:29:55 darsk1ez has quit (Ping timeout: 260 seconds)
203 2012-03-27 03:31:08 d4de has quit (Read error: Connection reset by peer)
204 2012-03-27 03:32:34 darsk1ez has joined
205 2012-03-27 03:32:47 [7] has quit (Disconnected by services)
206 2012-03-27 03:32:54 TheSeven has joined
207 2012-03-27 03:42:13 d4de has joined
208 2012-03-27 03:42:14 d4de has quit (Changing host)
209 2012-03-27 03:42:14 d4de has joined
210 2012-03-27 03:52:32 barmstrong has joined
211 2012-03-27 03:58:20 h4ckm3-away is now known as h4ckm3
212 2012-03-27 03:59:55 StewieMcFluffy has joined
213 2012-03-27 04:05:10 GTRsdk has quit (Quit: git clone sleep)
214 2012-03-27 04:17:56 sawpson has joined
215 2012-03-27 04:21:27 supson has quit (Ping timeout: 244 seconds)
216 2012-03-27 04:25:16 sawpson is now known as bitcoinn
217 2012-03-27 04:25:23 bitcoinn is now known as supson
218 2012-03-27 04:29:05 EPiSKiNG- has joined
219 2012-03-27 04:37:54 RazielZ has joined
220 2012-03-27 05:02:02 gfinn has quit (Ping timeout: 276 seconds)
221 2012-03-27 05:04:34 forsetifox has left ()
222 2012-03-27 05:05:09 danbri has quit (Ping timeout: 252 seconds)
223 2012-03-27 05:10:23 delt0r has quit (Ping timeout: 272 seconds)
224 2012-03-27 05:10:52 delt0r has joined
225 2012-03-27 05:13:13 danbri has joined
226 2012-03-27 05:14:47 ThomasV has joined
227 2012-03-27 05:16:24 Cablesaurus has quit (Quit: Man who run behind car get exhausted)
228 2012-03-27 05:18:06 Cablesaurus has joined
229 2012-03-27 05:18:06 Cablesaurus has quit (Changing host)
230 2012-03-27 05:18:06 Cablesaurus has joined
231 2012-03-27 05:25:09 <devrandom> sipa: luke-jr: I would love to build, but I'm having issues with generating base vm images
232 2012-03-27 05:27:17 <devrandom> I only hae a 32 bit image, so I could build for win32
233 2012-03-27 05:29:18 luke-jr has quit (Ping timeout: 260 seconds)
234 2012-03-27 05:30:01 _W_ has quit (Ping timeout: 272 seconds)
235 2012-03-27 05:32:41 <devrandom> building...
236 2012-03-27 05:39:08 lfm has quit (Quit: ircII EPIC4-2.10.1 -- Are we there yet?)
237 2012-03-27 05:41:38 dwon has joined
238 2012-03-27 05:41:52 _W_ has joined
239 2012-03-27 05:44:28 Titanium has quit (Ping timeout: 260 seconds)
240 2012-03-27 05:49:11 luke-jr has joined
241 2012-03-27 05:56:52 Titanium has joined
242 2012-03-27 05:58:27 dwon has quit (Quit: Leaving)
243 2012-03-27 06:02:07 <devrandom> win32 pushed
244 2012-03-27 06:07:05 <wumpus> I get different hashes...
245 2012-03-27 06:07:06 <wumpus> - 2ae5ee63bbcd738db11eb90f5acd3ce5c8f6818251c220eb37f822bafdba0f5a bitcoin-0.6.0-win32-setup.exe
246 2012-03-27 06:07:06 <wumpus> - a05222321370fd3d2bebd0babe862de65be6f3a939327e9aa53ec56d5557af4e bitcoin-qt.exe
247 2012-03-27 06:07:06 <wumpus> + 411eba7b1ebf5b03af1d1c37e698db3ff76a8f6a11de9158575ae1e684e9a3be bitcoin-0.6.0-win32-setup.exe
248 2012-03-27 06:07:06 <wumpus> + 6b4991d1cb3ee174251da624b8b92fcd41c3d49bf4fede391b131245e43b3578 bitcoin-qt.exe
249 2012-03-27 06:07:46 <wumpus> qt-win32 and boost-win32 also differ, apart from that all the files are the same...
250 2012-03-27 06:08:53 djoot is now known as popedjootofdisco
251 2012-03-27 06:09:44 <wumpus> guess I need to rebuild those as well...
252 2012-03-27 06:12:55 danbri has quit (Ping timeout: 248 seconds)
253 2012-03-27 06:14:10 d4de has quit (Ping timeout: 246 seconds)
254 2012-03-27 06:14:10 Clipse has quit (Ping timeout: 246 seconds)
255 2012-03-27 06:14:14 danbri has joined
256 2012-03-27 06:23:05 supson has quit (Read error: Connection reset by peer)
257 2012-03-27 06:23:49 supson has joined
258 2012-03-27 06:25:59 <devrandom> wumpus: qt-win32 will not match, but the end result should match. qt-win32 did change since rc4 so it needs rebuilding AFAIK
259 2012-03-27 06:29:55 popedjootofdisco is now known as djoot
260 2012-03-27 06:32:34 Cory has quit (Ping timeout: 244 seconds)
261 2012-03-27 06:32:44 Pasha has joined
262 2012-03-27 06:33:11 Pasha has quit (Client Quit)
263 2012-03-27 06:35:46 Cory has joined
264 2012-03-27 06:35:54 Cory has quit (Excess Flood)
265 2012-03-27 06:42:40 Cory has joined
266 2012-03-27 06:54:53 a_meteorite has quit (Ping timeout: 272 seconds)
267 2012-03-27 07:00:20 Karmaon has quit (Ping timeout: 276 seconds)
268 2012-03-27 07:04:15 BTC_Bear is now known as BTC_Bear|hbrntng
269 2012-03-27 07:12:43 <wumpus> devrandom: thanks, it matches now
270 2012-03-27 07:14:52 ThomasV has quit (Ping timeout: 265 seconds)
271 2012-03-27 07:19:43 bx_ has quit ()
272 2012-03-27 07:23:59 Tril has quit (Ping timeout: 246 seconds)
273 2012-03-27 07:26:03 Tril has joined
274 2012-03-27 07:26:29 Tril is now known as Guest2724
275 2012-03-27 07:34:18 andytoshi has quit (Remote host closed the connection)
276 2012-03-27 07:37:31 [Tycho] has quit (Read error: Connection reset by peer)
277 2012-03-27 07:42:46 splatster has quit (Quit: https://bitcointalk.org/index.php?topic=74216.0)
278 2012-03-27 07:42:59 OneFixt_ has joined
279 2012-03-27 07:43:30 fiddur has joined
280 2012-03-27 07:43:53 danbri has quit (Ping timeout: 276 seconds)
281 2012-03-27 07:46:34 OneFixt has quit (Ping timeout: 246 seconds)
282 2012-03-27 07:46:56 OneFixt_ is now known as OneFixt
283 2012-03-27 07:50:32 andytoshi has joined
284 2012-03-27 07:58:20 wood has quit (Ping timeout: 244 seconds)
285 2012-03-27 08:03:06 t7 has joined
286 2012-03-27 08:07:26 word_ has joined
287 2012-03-27 08:10:58 word has quit (Ping timeout: 240 seconds)
288 2012-03-27 08:16:05 OneFixt_ has joined
289 2012-03-27 08:19:28 <gribble> New news from bitcoinrss: Diapolo opened pull request 996 on bitcoin/bitcoin <https://github.com/bitcoin/bitcoin/pull/996>
290 2012-03-27 08:19:28 OneFixt has quit (Ping timeout: 246 seconds)
291 2012-03-27 08:21:13 copumpkin has quit (Remote host closed the connection)
292 2012-03-27 08:21:26 copumpkin has joined
293 2012-03-27 08:21:38 OneFixt_ is now known as OneFixt
294 2012-03-27 08:21:46 danbri has joined
295 2012-03-27 08:22:53 ThomasV has joined
296 2012-03-27 08:33:07 specular has joined
297 2012-03-27 09:00:35 pickett has quit (Ping timeout: 276 seconds)
298 2012-03-27 09:02:40 Turingi has joined
299 2012-03-27 09:04:16 pickett has joined
300 2012-03-27 09:14:46 Sedra- has joined
301 2012-03-27 09:16:14 sneak has quit (Ping timeout: 260 seconds)
302 2012-03-27 09:16:19 sneak has joined
303 2012-03-27 09:17:30 Sedra has quit (Ping timeout: 244 seconds)
304 2012-03-27 09:17:30 justmoon has joined
305 2012-03-27 09:17:59 justmoon has quit (Client Quit)
306 2012-03-27 09:18:37 zeiris has quit (Ping timeout: 252 seconds)
307 2012-03-27 09:20:05 devrandom has quit (Ping timeout: 276 seconds)
308 2012-03-27 09:20:44 devrandom has joined
309 2012-03-27 09:25:40 zeiris has joined
310 2012-03-27 09:27:30 RazielZ has quit (Ping timeout: 260 seconds)
311 2012-03-27 09:29:56 Joric has joined
312 2012-03-27 09:30:58 Marf has joined
313 2012-03-27 09:43:22 wood has joined
314 2012-03-27 09:55:40 diki has joined
315 2012-03-27 10:15:29 toffoo has quit ()
316 2012-03-27 10:15:52 RazielZ has joined
317 2012-03-27 10:15:54 rebroad has joined
318 2012-03-27 10:22:07 Diablo-D3 has quit (Ping timeout: 250 seconds)
319 2012-03-27 10:22:09 rebroad has quit (Ping timeout: 260 seconds)
320 2012-03-27 10:25:47 Clipse has joined
321 2012-03-27 10:33:53 rebroad has joined
322 2012-03-27 10:37:32 erle- has joined
323 2012-03-27 10:40:10 darsk1ez has quit (Remote host closed the connection)
324 2012-03-27 10:45:10 Turingi has quit (Quit: Leaving)
325 2012-03-27 11:00:13 Sedra has joined
326 2012-03-27 11:03:47 Sedra- has quit (Ping timeout: 272 seconds)
327 2012-03-27 11:08:29 JRWR has quit (Ping timeout: 245 seconds)
328 2012-03-27 11:09:02 JRWR has joined
329 2012-03-27 11:15:52 Cory has quit (Ping timeout: 252 seconds)
330 2012-03-27 11:19:10 Cory has joined
331 2012-03-27 11:28:30 danbri has quit (Remote host closed the connection)
332 2012-03-27 11:30:58 danbri has joined
333 2012-03-27 11:38:33 andytoshi has quit (Ping timeout: 276 seconds)
334 2012-03-27 11:44:12 Guest2724 has left ()
335 2012-03-27 11:49:45 danbri has quit (Remote host closed the connection)
336 2012-03-27 11:50:25 danbri has joined
337 2012-03-27 11:55:07 slush has joined
338 2012-03-27 12:03:28 diki has quit (Ping timeout: 246 seconds)
339 2012-03-27 12:03:41 diki has joined
340 2012-03-27 12:04:15 diki is now known as Guest10617
341 2012-03-27 12:11:48 datagutt has joined
342 2012-03-27 12:12:00 agricocb has quit (Quit: Leaving.)
343 2012-03-27 12:23:48 Guest10617 is now known as diki
344 2012-03-27 12:24:11 <diki> gavinandresen:I like the explanation about Joe and his wallet :D
345 2012-03-27 12:26:50 danbri has quit (Remote host closed the connection)
346 2012-03-27 12:31:53 danbri has joined
347 2012-03-27 12:33:19 olp has quit (Ping timeout: 244 seconds)
348 2012-03-27 12:39:54 JRWR has quit (Ping timeout: 250 seconds)
349 2012-03-27 12:51:44 agricocb has joined
350 2012-03-27 12:53:30 danbri has quit (Remote host closed the connection)
351 2012-03-27 12:54:35 GMP has joined
352 2012-03-27 12:54:39 JRWR has joined
353 2012-03-27 12:55:06 ThomasV has quit (Ping timeout: 246 seconds)
354 2012-03-27 12:57:06 danbri has joined
355 2012-03-27 12:58:35 Turingi has joined
356 2012-03-27 12:58:43 Turingi has quit (Changing host)
357 2012-03-27 12:58:43 Turingi has joined
358 2012-03-27 12:59:57 <imsaguy2> * luke-jr ponders who else can do the 3rd build << What?
359 2012-03-27 13:04:39 dikidera has joined
360 2012-03-27 13:04:47 diki is now known as Guest82201
361 2012-03-27 13:04:52 dikidera is now known as diki
362 2012-03-27 13:06:43 Guest82201 has quit (Ping timeout: 245 seconds)
363 2012-03-27 13:19:35 Marf has quit (Ping timeout: 248 seconds)
364 2012-03-27 13:26:34 ThomasV has joined
365 2012-03-27 13:27:57 Joric has quit (Ping timeout: 264 seconds)
366 2012-03-27 13:37:51 bitvampi_ has joined
367 2012-03-27 13:38:59 darsk1ez has joined
368 2012-03-27 13:39:13 bitvampire has quit (Ping timeout: 245 seconds)
369 2012-03-27 13:40:34 bitvampi_ has quit (Remote host closed the connection)
370 2012-03-27 13:42:34 copumpkin has quit (Quit: Computer has gone to sleep.)
371 2012-03-27 13:50:45 Joric has joined
372 2012-03-27 14:01:35 gp5st has joined
373 2012-03-27 14:04:50 copumpkin has joined
374 2012-03-27 14:07:07 gp5st has left ()
375 2012-03-27 14:10:47 Joric_ has joined
376 2012-03-27 14:10:47 Joric_ has quit (Changing host)
377 2012-03-27 14:10:47 Joric_ has joined
378 2012-03-27 14:10:59 splatster has joined
379 2012-03-27 14:13:10 Joric has quit (Ping timeout: 272 seconds)
380 2012-03-27 14:13:24 Joric_ is now known as Joric
381 2012-03-27 14:20:10 olp has joined
382 2012-03-27 14:28:10 fiddur has quit (Quit: Leaving.)
383 2012-03-27 14:30:48 da2ce7 has quit (Ping timeout: 276 seconds)
384 2012-03-27 14:34:01 <mcorlett> How can I query for firstbits addresses myself?
385 2012-03-27 14:35:05 iocor has joined
386 2012-03-27 14:39:15 danbri has quit (Remote host closed the connection)
387 2012-03-27 14:39:57 <luke-jr> mcorlett: don't.
388 2012-03-27 14:41:19 <mcorlett> luke-jr: Explain yourself.
389 2012-03-27 14:41:36 <luke-jr> mcorlett: nobody should ever use or encourage firstbits
390 2012-03-27 14:46:18 sje has joined
391 2012-03-27 14:46:18 sje has quit (Changing host)
392 2012-03-27 14:46:18 sje has joined
393 2012-03-27 14:49:43 <Blitzboom> luke-jr: explain yourself, fascist
394 2012-03-27 14:50:03 <luke-jr> Blitzboom: no u
395 2012-03-27 14:50:13 <Blitzboom> no u
396 2012-03-27 14:50:24 <luke-jr> I'm pretty sure 100% of developers agree firstbits is a bad thing
397 2012-03-27 14:50:34 <Blitzboom> but why
398 2012-03-27 14:50:34 <gavinandresen> firstbits is a bad thing
399 2012-03-27 14:50:55 <luke-jr> Blitzboom: because it only encourages blockchain spam
400 2012-03-27 14:50:55 <copumpkin> Blitzboom: because it lets the admin of the site have control over which addresses are seen
401 2012-03-27 14:51:14 <sipa> firstbits encourages the use of static addresses, and encourages spamming the block chain
402 2012-03-27 14:51:24 <mcorlett> copumpkin: This is why I'd like to implement it myself.
403 2012-03-27 14:51:27 <Blitzboom> ok
404 2012-03-27 14:52:52 <sipa> luke-jr: 7977e7508c023b8f062d32bca56ffa656ea72eb16e193f075e7da206f1f318a2 bitcoin-0.5.4-win32-setup.exe
405 2012-03-27 14:55:06 PsiliPharm has joined
406 2012-03-27 14:56:18 TD has joined
407 2012-03-27 14:57:42 TD has quit (Client Quit)
408 2012-03-27 14:58:04 <luke-jr> 3e9382041239e412838379547c15b456f55a5ff96dba32fe92979a706ceb63c7 bitcoin-0.5.4rc2-win32-setup.exe
409 2012-03-27 14:58:07 <luke-jr> sipa: O.o
410 2012-03-27 14:58:22 <sipa> 86b2d35c328092f33f2f2c907026dfecd7aa7259f56538f722cac6ef9a061010 bitcoin-qt.exe
411 2012-03-27 14:58:25 <sipa> facefcb6eda163a4e31c231b5a0185ce653a7998d4cd0566b4208ccdd33de931 daemon/bitcoind.exe
412 2012-03-27 14:58:56 <luke-jr> fe72a6276b01df3f2380b1d7f604fa92a66741bceecd70fec2044acb028d6f94 bitcoin-0.5.4rc2-win32/bitcoin-qt.exe
413 2012-03-27 14:59:04 <luke-jr> facefcb6eda163a4e31c231b5a0185ce653a7998d4cd0566b4208ccdd33de931 bitcoin-0.5.4rc2-win32/daemon/bitcoind.exe
414 2012-03-27 14:59:08 <luke-jr> stupid Qt
415 2012-03-27 14:59:12 <luke-jr> I'll rebuild mineâ¦
416 2012-03-27 14:59:26 <sipa> did you use the qt build from gavin's site?
417 2012-03-27 14:59:29 <luke-jr> in the meantime, we still need a 3rd builder
418 2012-03-27 14:59:31 <luke-jr> sipa: no?
419 2012-03-27 14:59:42 <gavinandresen> skypaint.com/bitcoin/ has a qt.zip
420 2012-03-27 14:59:50 <sipa> qt builds are not deterministic, afaik
421 2012-03-27 15:00:33 <luke-jr> gavinandresen: you forgot to pull #987 for rc5 btw :p
422 2012-03-27 15:00:39 danbri has joined
423 2012-03-27 15:03:48 danbri has quit (Remote host closed the connection)
424 2012-03-27 15:04:39 <sipa> i'm thinking about implementing full ipv6 support, it shouldn't be hard anymore; what do you all think: a) enable listening on ipv6 by default, but only relay non-ipv4 addresses when a reachable ipv6 interface is detected b) always listen on ipv6 and always relay non-ipv4 addresses c) have a -ipv6 switch to enable relaying/listening
425 2012-03-27 15:10:47 ashton has joined
426 2012-03-27 15:11:55 Marf has joined
427 2012-03-27 15:13:23 wood has quit (Quit: Leave me alone. kthx)
428 2012-03-27 15:14:33 danbri has joined
429 2012-03-27 15:16:20 wood has joined
430 2012-03-27 15:17:15 agricocb has quit (Quit: Leaving.)
431 2012-03-27 15:18:30 ashton has quit (Quit: Page closed)
432 2012-03-27 15:18:54 splatster has quit (Ping timeout: 276 seconds)
433 2012-03-27 15:19:24 <gavinandresen> sipa: RE: ipv6 : no preference from me, ipv6 support isn't on the list of things I care much about (sorry!)
434 2012-03-27 15:20:44 <gavinandresen> What IS on the list, and that I'd like to get more brains thinking about, is the "There is a trojan on my computer rewriting bitcoin payment addresses" problem.
435 2012-03-27 15:22:03 <luke-jr> gavinandresen: I'm not sure there's really anything we can do about that :/
436 2012-03-27 15:22:23 <luke-jr> short of including an antivirus in the clinet
437 2012-03-27 15:22:37 <gavinandresen> I think there is a lot we can do about that, and I think it ties into multi-device authentication
438 2012-03-27 15:23:20 <luke-jr> IMO, users aren't going to manually go to the website on multiple devices, even if they could get the same address displayed on each
439 2012-03-27 15:24:20 <gavinandresen> Before I describe what I'm thinking, anybody know if I'm missing existing proposals for solving the problem?
440 2012-03-27 15:24:51 <luke-jr> if there was a known "master address", the merchant could sign the per-use address with it'
441 2012-03-27 15:25:09 <luke-jr> not sure how viable that is either, though
442 2012-03-27 15:31:26 olp has quit (Quit: Leaving.)
443 2012-03-27 15:31:44 olp has joined
444 2012-03-27 15:35:18 sje has quit (Remote host closed the connection)
445 2012-03-27 15:37:40 agricocb has joined
446 2012-03-27 15:40:41 olp has quit (Ping timeout: 252 seconds)
447 2012-03-27 15:47:33 <mcorlett> What's rewriting addresses? Flash applets?
448 2012-03-27 15:49:06 <iddo> deterministic wallets help with this issue? if payment addr is derived using master_pubkey+hash(num|seed) then the sender can verify it independently, and double-check using several devices to see there are no trojans?
449 2012-03-27 15:49:43 danbri has quit (Remote host closed the connection)
450 2012-03-27 15:51:57 t7 has quit (Quit: ChatZilla 0.9.88.1 [Firefox 12.0/20120321033733])
451 2012-03-27 15:52:01 <gavinandresen> mcorlett: rewriting addresses is a trojan got onto your machine and replaced your bitcoin.exe with an attacker's bitcoin.exe
452 2012-03-27 15:52:18 <gavinandresen> ... so they have complete control over what information you see
453 2012-03-27 15:53:09 <luke-jr> ah, I thought you meant replacing what you see in your browser, as the merchant's payment address
454 2012-03-27 15:53:12 <gavinandresen> iddo: I agree with luke that most users won't bother... but maybe if the transaction is large enough they should be prompted to bother (on a second, un-compromised device)
455 2012-03-27 15:53:17 <helo> every transaction would have to be multisig, so that compromise of one device isn't enough?
456 2012-03-27 15:53:26 <iddo> ah i thought just replacing receiving addresses
457 2012-03-27 15:54:16 <luke-jr> sipa: are your builds fetchable btw?
458 2012-03-27 15:54:29 <gavinandresen> luke-jr: I assume the attacker can replace both your bitcoin.exe and your firefox/chrome/ie/safari.exe
459 2012-03-27 15:54:55 <iddo> helo: i thought the point was replacing multisig receiving addr with an attacker non-multisig addr, and giving the malicious addr to the sender
460 2012-03-27 15:55:07 <luke-jr> O.O
461 2012-03-27 15:55:30 * luke-jr didn't even consider that attack vector
462 2012-03-27 15:59:16 <helo> general security problem is problem
463 2012-03-27 15:59:44 PsiliPharm has quit (Ping timeout: 246 seconds)
464 2012-03-27 16:00:26 <helo> "prolific compromise prolific"
465 2012-03-27 16:01:45 erle- has quit (Quit: erle-)
466 2012-03-27 16:01:50 <mcorlett> gavinandresen: How is this even a problem? If the attacker has enough access to overwrite bitcoin.exe, you can say bye-bye to your private keys. What am I missing?
467 2012-03-27 16:02:23 <vegard> is this accurate? http://folk.uio.no/vegardno/block-hashing-algorithm.png
468 2012-03-27 16:02:51 <gavinandresen> mcorlett: I assume a 2-device multisignature wallet to begin with
469 2012-03-27 16:03:09 PsiliPharm has joined
470 2012-03-27 16:03:35 <mcorlett> That makes sense. Sorry.
471 2012-03-27 16:04:50 <gavinandresen> mcorlett: no problem. I'm writing up a gist with my thoughts where I'll try to lay out assumptions like that.
472 2012-03-27 16:06:12 <devrandom> gavinandresen: have you seen this when trying to make-base-vm? 2012-03-26 23:17:31,850 INFO : umount: /tmp/tmp8W6bEp/dev: device is busy.
473 2012-03-27 16:06:43 <gavinandresen> devrandom: no
474 2012-03-27 16:06:58 <luke-jr> devrandom: hey, can you do the 3rd 0.5.4rc2 build for us? :D
475 2012-03-27 16:07:55 <luke-jr> hmm
476 2012-03-27 16:08:29 <luke-jr> my new 0.5.4rc2 build still doesn't match sipa's for Bitcoin-Qt; what is different about Gavin's Qt that it doesn't match default gitian? :/
477 2012-03-27 16:09:21 <devrandom> luke-jr: I have to run, but could look at it tonight. is the qt for 0.5 same as 0.6 or does it need rebuilding?
478 2012-03-27 16:09:38 <luke-jr> devrandom: should be the same
479 2012-03-27 16:10:16 <devrandom> (there were some build options changing in 0.6)
480 2012-03-27 16:10:53 <luke-jr> devrandom: they were reverted
481 2012-03-27 16:11:38 <luke-jr> or rather, moved to the .pro file
482 2012-03-27 16:12:26 <specular> 1 question
483 2012-03-27 16:12:32 <specular> does the encryption cause new private keys to be generated?
484 2012-03-27 16:12:59 Sedra- has joined
485 2012-03-27 16:13:08 <luke-jr> specular: for new addresses, yes
486 2012-03-27 16:13:14 <specular> oh
487 2012-03-27 16:13:15 PsiliPharm has quit (Remote host closed the connection)
488 2012-03-27 16:13:25 <specular> what about for existing addresses?
489 2012-03-27 16:13:45 <luke-jr> impossible
490 2012-03-27 16:14:28 <luke-jr> hmm, interesting
491 2012-03-27 16:14:41 <luke-jr> despite being different SHA256, the bitcoin-qt.exe I have disassemble the same
492 2012-03-27 16:14:56 <luke-jr> err, nm, mine don't have different SHA256
493 2012-03-27 16:15:20 <luke-jr> guess I need to wait on sipa's
494 2012-03-27 16:15:38 Joric has quit ()
495 2012-03-27 16:15:50 Sedra has quit (Ping timeout: 260 seconds)
496 2012-03-27 16:22:42 <vegard> luke-jr: can you verify my infographic?
497 2012-03-27 16:23:09 splatster has joined
498 2012-03-27 16:23:54 <mod6> does it take a while for GLBSE to ack the coins sent into a new account? I sent mine in yesterday, and they were confirmed +6 after 4am CDT.
499 2012-03-27 16:24:01 <mod6> (this morning, not yesterday actually)
500 2012-03-27 16:24:12 <mod6> No coins in account yet :/
501 2012-03-27 16:24:20 <luke-jr> vegard: what?
502 2012-03-27 16:24:23 <gribble> New news from bitcoinrss: runeksvendsen opened issue 997 on bitcoin/bitcoin <https://github.com/bitcoin/bitcoin/issues/997>
503 2012-03-27 16:24:38 <vegard> luke-jr: I made this infographic: http://folk.uio.no/vegardno/block-hashing-algorithm.png
504 2012-03-27 16:25:03 <specular> is it safe to create a wallet, add some addresses... back it up... then send some bitcoins to the original wallet and delete it afterwards?
505 2012-03-27 16:25:10 <specular> im a little confused on how the private keys work
506 2012-03-27 16:25:48 <mod6> bah, wrong channel.
507 2012-03-27 16:26:09 <luke-jr> vegard: I guess
508 2012-03-27 16:27:03 <specular> ?
509 2012-03-27 16:27:13 <mod6> hey whats up - Sent some coins to new GLBSE account at 2am .. was confirmed >6 at 4... still no coins in my account. What am I missing? Does it just take a while?
510 2012-03-27 16:27:36 <mod6> ^^^^ for smickles or splatster
511 2012-03-27 16:28:02 <splatster> mod6: I'm not sure what's wrong
512 2012-03-27 16:28:05 <vegard> luke-jr: thanks.
513 2012-03-27 16:28:12 <mod6> jesus, how did i get it in here again.
514 2012-03-27 16:28:18 <mod6> im sorry guys.
515 2012-03-27 16:28:26 mod6 has left ()
516 2012-03-27 16:29:43 <specular> anyone?
517 2012-03-27 16:31:23 <gavinandresen> specular: yes, it is safe to do that. wallet.dat will contain all of your private keys, they are never deleted (unless you do something wacky like use PyWallet)
518 2012-03-27 16:38:12 JRWR has quit (Ping timeout: 276 seconds)
519 2012-03-27 16:39:37 <specular> ok, so to make 100% sure... gavinandresen, if i create a wallet, with 12 addresses added to it... once that wallet.dat is saved, those keys are fixed?
520 2012-03-27 16:41:19 <gavinandresen> specular: yes... private keys are never deleted. And they are only rewritten if you encrypt the wallet.
521 2012-03-27 16:41:21 Marf has quit (Ping timeout: 265 seconds)
522 2012-03-27 16:42:47 Marf has joined
523 2012-03-27 16:44:50 pusle has joined
524 2012-03-27 16:48:39 <specular> theyre rewritten if you encrypt the wallet?
525 2012-03-27 16:48:43 <specular> what do you mean?
526 2012-03-27 16:50:18 graingert has joined
527 2012-03-27 16:51:18 <helo> they are encrypted
528 2012-03-27 16:51:28 <specular> but the private keys remain the same?
529 2012-03-27 16:51:31 <helo> yes
530 2012-03-27 16:51:36 <specular> thx
531 2012-03-27 16:51:46 <specular> what do you recommend for encrypting the wallet on windows?
532 2012-03-27 16:51:52 <specular> if u dont wanna use the client
533 2012-03-27 16:52:29 <helo> i would probably use pgp, but i haven't used it before
534 2012-03-27 16:52:55 T_SG has joined
535 2012-03-27 16:53:05 T_SG has left ("Leaving...")
536 2012-03-27 16:53:07 <specular> the one by symantec?
537 2012-03-27 16:55:32 <luke-jr> specular: you probably want an encrypted filesystem, so you can actually run bitcoin :p
538 2012-03-27 16:56:12 <twmz> luke-jr: you still looking for me about ubuntu or did you find someone else?
539 2012-03-27 16:56:17 <helo> hmm... i don't see the old "PGP Desktop" (only "PGP Desktop Email")... so i guess PGP Whole Disk Encryption, and put it on a thumb drive
540 2012-03-27 16:56:39 <luke-jr> twmz: yeah, we need a 3rd person to build 0.5.4rc2
541 2012-03-27 16:56:49 <luke-jr> twmz: (gitian requires Ubuntu)
542 2012-03-27 16:56:55 <twmz> luke-jr: what does that mean? I am not familiar with the official processes.
543 2012-03-27 16:57:17 <luke-jr> twmz: gitian is the software we use to make deterministic builds (identical for all builders)
544 2012-03-27 16:57:34 <luke-jr> twmz: releases for SourceForge need 3 people to sign off on the output
545 2012-03-27 16:57:40 <specular> no luke-jr, i jsut want to encrypt the wallet.dat file
546 2012-03-27 16:58:16 <twmz> luke-jr: I am happy to help. I have a variety of linux boxes that include 11.04 ubuntu and 11.10 ubuntu. what do you need me to do?
547 2012-03-27 16:58:30 <specular> isnt that good enough?
548 2012-03-27 16:58:51 <luke-jr> specular: my point is if you use file encryption, you won't be able to USE the wallet
549 2012-03-27 16:59:05 BTC_Bear is now known as hbrntng!~BTC_Bear@unaffiliated/btc-bear/x-5233302|BTC_Bear
550 2012-03-27 16:59:05 <specular> no, i just decrypt it as needed...
551 2012-03-27 16:59:07 <luke-jr> twmz: https://gist.github.com/806265
552 2012-03-27 17:00:31 <twmz> what does apt-cacher do to my system?
553 2012-03-27 17:02:03 gfinn has joined
554 2012-03-27 17:03:01 <twmz> following the steps now...
555 2012-03-27 17:03:20 <twmz> I assume ubuntu 11.10 is acceptable
556 2012-03-27 17:05:02 <luke-jr> I assume.
557 2012-03-27 17:05:09 <luke-jr> apt-cacher just caches dpkgs I think
558 2012-03-27 17:07:57 agricocb has quit (Quit: Leaving.)
559 2012-03-27 17:10:40 Diablo-D3 has joined
560 2012-03-27 17:18:12 splatster has quit (Quit: bbiab)
561 2012-03-27 17:18:48 <specular> hi im trying to transfer bitcoins from one wallet to another in windows
562 2012-03-27 17:19:02 <twmz> it errored out: http://pastebin.com/fTGU53K3
563 2012-03-27 17:19:03 <specular> im doing it by using notepad to store the public keys and renaming the different wallet.dat files
564 2012-03-27 17:19:19 <specular> ive just transferred some bitcoins to my new wallet but its not showing up even though it has 2 confirmations with my old wallet
565 2012-03-27 17:19:20 <specular> whats wrong?
566 2012-03-27 17:22:24 StewieMcFluffy has quit (Ping timeout: 276 seconds)
567 2012-03-27 17:26:08 Z0rZ0rZ0r has joined
568 2012-03-27 17:26:20 agricocb has joined
569 2012-03-27 17:26:48 SphericalCow has joined
570 2012-03-27 17:27:36 devrandom has quit (Ping timeout: 276 seconds)
571 2012-03-27 17:27:49 Stewie__ has joined
572 2012-03-27 17:29:04 <specular> ??
573 2012-03-27 17:29:42 <sipa> specular: you transfer keys by doing what?
574 2012-03-27 17:31:38 dvide has quit ()
575 2012-03-27 17:33:20 Cablesaurus has quit (Quit: He who laughs last, thinks slowest)
576 2012-03-27 17:33:27 Stewie__ has quit (Ping timeout: 276 seconds)
577 2012-03-27 17:33:36 devrandom has joined
578 2012-03-27 17:34:07 Stewie__ has joined
579 2012-03-27 17:34:45 erle- has joined
580 2012-03-27 17:36:50 <specular> sipa: i goto my old wallet, and send the bitcoins to the new public keys in the new wallet
581 2012-03-27 17:36:59 <specular> then close the client
582 2012-03-27 17:37:06 <sipa> ok, and how is notepad involved?
583 2012-03-27 17:37:07 <specular> and rename the files so the new wallet is wallet.dat
584 2012-03-27 17:37:19 <specular> i use notepad to record the public keys in my new wallet
585 2012-03-27 17:37:23 <sipa> ok
586 2012-03-27 17:37:40 <sipa> (they're called addresses, and are derived from a hash of a public key, not the public key itself)
587 2012-03-27 17:37:41 <specular> when i open the client again there are no signs of the transaction
588 2012-03-27 17:37:46 <specular> oh i see
589 2012-03-27 17:38:04 <sipa> anyway, if the receiver is not online when the transaction is transmitted, it will not see it immediately
590 2012-03-27 17:38:29 <sipa> only when it is mined into a block
591 2012-03-27 17:40:17 <BlueMatt> specular: truecrypt - for all your windows encryption needs (tm)
592 2012-03-27 17:40:28 supson has quit (Ping timeout: 240 seconds)
593 2012-03-27 17:43:57 JRWR has joined
594 2012-03-27 17:47:36 agricocb has quit (Quit: Leaving.)
595 2012-03-27 17:48:08 [Tycho] has joined
596 2012-03-27 17:51:37 SphericalCow has quit (Remote host closed the connection)
597 2012-03-27 17:51:48 d4de has joined
598 2012-03-27 17:51:48 d4de has quit (Changing host)
599 2012-03-27 17:51:48 d4de has joined
600 2012-03-27 17:52:13 <specular> sipa: its got 2 confirms
601 2012-03-27 17:52:40 <specular> and that was ages ago
602 2012-03-27 17:52:51 SphericalCow has joined
603 2012-03-27 17:53:01 <sipa> specular: the sender, but not the receiver?
604 2012-03-27 17:53:09 <sipa> try starting the receiver with -rescan
605 2012-03-27 17:53:23 <sipa> shouldn't be necessary, though...
606 2012-03-27 17:53:24 <specular> will that reload the blockchain?
607 2012-03-27 17:53:27 <sipa> no
608 2012-03-27 17:53:42 <sipa> it will scan the blockchain for transactions that are missing in your wallet
609 2012-03-27 17:54:23 splatster has joined
610 2012-03-27 17:55:10 <specular> oh i see
611 2012-03-27 17:56:27 <specular> ah its worked
612 2012-03-27 17:57:22 <sipa> which version is this?
613 2012-03-27 17:57:35 <sipa> luke-jr: http://bitcoin.sipa.be/builds
614 2012-03-27 17:57:39 <luke-jr> sipa: ty
615 2012-03-27 17:58:44 <gavinandresen> BlueMatt: ping
616 2012-03-27 18:00:33 <gavinandresen> luke-jr sipa BlueMatt and anybody else awake and interested: https://gist.github.com/2217885 <-- thoughts on wallet and payment security
617 2012-03-27 18:01:19 <Blitzboom> great to see such plans
618 2012-03-27 18:03:18 GMP has quit (Read error: Connection reset by peer)
619 2012-03-27 18:04:45 denisx has joined
620 2012-03-27 18:06:39 denisx has quit (Client Quit)
621 2012-03-27 18:07:07 denisx has joined
622 2012-03-27 18:09:37 <luke-jr> sipa: hmm, the diffs between ours look like the diff between 0.5.3 and 0.5.3.1, but neither have the bug
623 2012-03-27 18:09:50 <luke-jr> I'm going to rebuild my qt just in case
624 2012-03-27 18:18:44 RazielZ has quit (Ping timeout: 252 seconds)
625 2012-03-27 18:22:42 agricocb has joined
626 2012-03-27 18:27:02 agricocb has quit (Remote host closed the connection)
627 2012-03-27 18:31:03 Joric has joined
628 2012-03-27 18:35:26 mologie is now known as Hugo
629 2012-03-27 18:35:35 Hugo is now known as anotherhugo
630 2012-03-27 18:44:22 minimoose has joined
631 2012-03-27 18:49:50 ThomasV has quit (Ping timeout: 260 seconds)
632 2012-03-27 18:56:00 zeiris has quit (Ping timeout: 276 seconds)
633 2012-03-27 19:01:06 tucenaber has quit (Ping timeout: 260 seconds)
634 2012-03-27 19:01:30 user_ has joined
635 2012-03-27 19:01:45 pusle has quit ()
636 2012-03-27 19:02:28 <BlueMatt> gavinandresen: pong
637 2012-03-27 19:02:35 ThomasV has joined
638 2012-03-27 19:02:48 <BlueMatt> gavinandresen: Ill take a look in an hour or two
639 2012-03-27 19:03:12 <gavinandresen> BlueMatt: cool, I'm about to run out the door. But where should I send bug reports for BIP 21 ?
640 2012-03-27 19:03:28 <gavinandresen> (there are no & 's in the BNF grammar....)
641 2012-03-27 19:03:47 <BlueMatt> pull request a fix ;), or email it
642 2012-03-27 19:04:17 <gavinandresen> ok
643 2012-03-27 19:07:30 tucenaber has joined
644 2012-03-27 19:08:37 BlueMatt has quit (Quit: Quit!)
645 2012-03-27 19:10:20 BlueMatt has joined
646 2012-03-27 19:24:10 minimoose has quit (Quit: minimoose)
647 2012-03-27 19:35:48 datagutt has quit (Quit: Textual IRC Client: www.textualapp.com)
648 2012-03-27 19:39:02 tower has quit (Disconnected by services)
649 2012-03-27 19:39:16 tower has joined
650 2012-03-27 19:40:55 agricocb has joined
651 2012-03-27 19:47:21 BlueMatt has quit (Quit: Quit!)
652 2012-03-27 19:48:12 BlueMatt has joined
653 2012-03-27 19:51:18 forsetifox has joined
654 2012-03-27 19:57:39 specular has quit ()
655 2012-03-27 19:59:39 <luke-jr> FWIW, Qt itself does seem to be deterministic to meâ¦
656 2012-03-27 19:59:42 slush has quit (Ping timeout: 276 seconds)
657 2012-03-27 19:59:47 <luke-jr> I just recreated an input I made months ago
658 2012-03-27 20:10:16 agricocb has quit (Quit: Leaving.)
659 2012-03-27 20:11:04 Sedra has joined
660 2012-03-27 20:12:47 diki has quit (Ping timeout: 246 seconds)
661 2012-03-27 20:13:50 Sedra- has quit (Ping timeout: 246 seconds)
662 2012-03-27 20:14:18 MC1984 has joined
663 2012-03-27 20:17:08 mod6 has joined
664 2012-03-27 20:20:32 TD has joined
665 2012-03-27 20:20:57 <BlueMatt> TD: mind acking/commenting on https://github.com/bitcoin/bitcoin/pull/951
666 2012-03-27 20:21:45 <TD> LGTM
667 2012-03-27 20:22:14 <BlueMatt> alright, just wanted to make sure
668 2012-03-27 20:22:21 <BlueMatt> thanks
669 2012-03-27 20:24:31 <Diablo-D3> td: now you're just making up acronyms
670 2012-03-27 20:25:17 <BlueMatt> how is lgtm made up?
671 2012-03-27 20:25:45 Clipse has quit (Quit: Clipse)
672 2012-03-27 20:26:34 <BlueMatt> TD: oh, and mr payment protocols, gavin just sketched this out in case you are interested: https://gist.github.com/2217885
673 2012-03-27 20:28:00 <Diablo-D3> I have never seen lgtm used once
674 2012-03-27 20:28:15 <upb> IMO LGTM MTSA GA ISP FYI
675 2012-03-27 20:28:30 <upb> mtsa = means the same as, isp = in software projets
676 2012-03-27 20:28:52 <BlueMatt> Diablo-D3: I have
677 2012-03-27 20:29:02 <BlueMatt> upb: now you are just going overboard...
678 2012-03-27 20:29:33 <gavinandresen> what does upb stand for?
679 2012-03-27 20:29:37 <TD> LGTM is the standard google way to sign off on a code review. i didn't see it used much outside the firm, indeed
680 2012-03-27 20:29:41 Clipse has joined
681 2012-03-27 20:30:13 <BlueMatt> funny how google has developed its own internal culture... (at least replacing kernel acks with lgtm)
682 2012-03-27 20:30:13 ThomasV has quit (Ping timeout: 244 seconds)
683 2012-03-27 20:30:21 <upb> looks googly to me ?
684 2012-03-27 20:30:25 <BlueMatt> heh
685 2012-03-27 20:30:35 <TD> gavins proposal looks good. it's the same as i mentioned a few times before, i think. replace user-visible addresses with SSL validated identities
686 2012-03-27 20:30:47 <TD> payment information can come from a file transferred via SSL so you know it's valid
687 2012-03-27 20:30:57 <Diablo-D3> heh, google culture
688 2012-03-27 20:31:00 <Diablo-D3> its rather disgusting in a way
689 2012-03-27 20:31:20 <TD> there are a few other useful acronyms like PTAL - please take another look
690 2012-03-27 20:31:22 <upb> SSL validated or X509 PKI validated ?:P
691 2012-03-27 20:31:25 <upb> why use SSL
692 2012-03-27 20:31:33 <BlueMatt> TD: oh that one would be useful...
693 2012-03-27 20:32:13 <gavinandresen> upb: why use SSL: because it is there and that's what 99.99% of the web uses?
694 2012-03-27 20:32:21 <Diablo-D3> does google culture at least use RSN?
695 2012-03-27 20:32:26 <gavinandresen> (I'm probably underestimating that percentage)
696 2012-03-27 20:33:02 <upb> yeah i have no idea what youre building atm but... seems fishy :P
697 2012-03-27 20:33:23 t7 has joined
698 2012-03-27 20:33:24 <upb> 'validating' files by requiring them to be transferred using ssl
699 2012-03-27 20:33:32 <Diablo-D3> gavinandresen: also, you do realize SSL is a complete pile of shit, right?
700 2012-03-27 20:33:35 <Diablo-D3> its not secure.
701 2012-03-27 20:33:42 <BlueMatt> ...
702 2012-03-27 20:33:43 <gavinandresen> sigh.
703 2012-03-27 20:33:47 <BlueMatt> and you recommend?
704 2012-03-27 20:34:03 <Diablo-D3> bluematt: depends entirely on whats needed
705 2012-03-27 20:34:11 <TD> read the linked article
706 2012-03-27 20:34:12 <BlueMatt> https://gist.github.com/2217885
707 2012-03-27 20:34:13 <upb> atleast TLS 1.1 :)
708 2012-03-27 20:34:21 <TD> ssl/tls is the best fit
709 2012-03-27 20:34:30 <t7> Diablo-D3: gud trol lul
710 2012-03-27 20:34:48 <BlueMatt> TD: I agree
711 2012-03-27 20:34:55 <Diablo-D3> yes, but what exactly is being secured here? just the socket layer?
712 2012-03-27 20:35:09 <BlueMatt> it would be cool if we could require bitcoin: uris to come from ssl/tls-secured sites
713 2012-03-27 20:35:22 <gavinandresen> No, the identity: are you paying "amazon.com" ?
714 2012-03-27 20:35:32 <Diablo-D3> gavinandresen: ssl isnt directly useful there
715 2012-03-27 20:35:37 <Diablo-D3> you need those special signed certs
716 2012-03-27 20:35:46 <gavinandresen> .... read the gist ....
717 2012-03-27 20:35:55 <Diablo-D3> Im in the middle of something so I cant read it
718 2012-03-27 20:36:01 <BlueMatt> then dont comment...
719 2012-03-27 20:36:02 <gavinandresen> ... then be quiet ...
720 2012-03-27 20:36:18 <Diablo-D3> I just dont want people thinking ssl is a viable security protocol when its not
721 2012-03-27 20:36:28 <gavinandresen> okey dokey
722 2012-03-27 20:36:51 <Diablo-D3> tls 1.2 with properly formed certs is enough to verify the identity of the remote host
723 2012-03-27 20:37:01 <Diablo-D3> and enough to verify the socket stream hasnt been tampered with
724 2012-03-27 20:37:06 <Diablo-D3> anything less most likely isnt secure
725 2012-03-27 20:37:17 <gavinandresen> So the one thing I'm not sure of is mentioned at the end: is it reasonable to expect web pages to be able to sign information using the server's private ssl key when they're generating payment information.
726 2012-03-27 20:37:28 <Diablo-D3> gavinandresen: no.
727 2012-03-27 20:37:30 <upb> its not
728 2012-03-27 20:37:37 <gavinandresen> why not?
729 2012-03-27 20:37:42 TD_ has joined
730 2012-03-27 20:37:47 <Diablo-D3> why would it be?
731 2012-03-27 20:37:57 * BlueMatt also doesnt really like that idea, its reasonable, but I dont like it really
732 2012-03-27 20:38:20 <gavinandresen> Because the web page is being generated on the server, the server MUST have access to the private key to serve up the page.....
733 2012-03-27 20:38:26 TD has quit (Read error: Connection reset by peer)
734 2012-03-27 20:38:26 TD_ is now known as TD
735 2012-03-27 20:38:28 * Diablo-D3 wonders why tls 1.2 isnt mandated by money-using websites
736 2012-03-27 20:38:50 <upb> the web page might be generated on the server if its a small site
737 2012-03-27 20:39:09 <Diablo-D3> the web page isnt generated on the server if its a big one
738 2012-03-27 20:39:14 <upb> but for anything serious the private key wont be accessible to the server where the 'web page' is generated on
739 2012-03-27 20:39:18 <Diablo-D3> or its being passed through a dedicated ssl daemon
740 2012-03-27 20:39:42 <Diablo-D3> lots of bigger sites (amz/goog sized) used dedicated ssl hardware to proxy the actual shit
741 2012-03-27 20:40:26 <gavinandresen> Well, the payment information must be signed by the server at some point, to say "Yes, I really am amazon.com and I really do want you to send 11 BTC to that address to pay for order# 11,111"
742 2012-03-27 20:40:44 <Diablo-D3> gavinandresen: yes, BUT
743 2012-03-27 20:40:51 <gavinandresen> but.....
744 2012-03-27 20:41:16 <Diablo-D3> I think you want authenticated encryption
745 2012-03-27 20:42:02 <gavinandresen> No, I want the payment information signed with an identity that has some amount of trust (bestowed by a certificate authority or whatever your favorite mechanism for that is)
746 2012-03-27 20:42:03 <Diablo-D3> as in, it requires an additional component to authenticate not only is the TLS connection from amazon, but that they also explicitly allow the operation
747 2012-03-27 20:42:10 <BlueMatt> or...the bitcoin: link just gives you an https website which you can ping and it will give you the address which the bitcoin: uri links to, then both the phone and client can display send to address 1.... verified by amazon.com (Amazon LTD)
748 2012-03-27 20:42:22 <BlueMatt> then its a regular https request like anything else
749 2012-03-27 20:42:25 <BlueMatt> and its signed
750 2012-03-27 20:42:36 <Diablo-D3> bluematt: well, it wouldnt be a REGULAR https request
751 2012-03-27 20:42:43 <Diablo-D3> I said tls 1.2 for a reason
752 2012-03-27 20:42:52 <BlueMatt> ok, tls1.2-required https link
753 2012-03-27 20:42:56 <Diablo-D3> browser support seems to be lacking with tls 1.2 (they must hate security)
754 2012-03-27 20:43:06 <BlueMatt> ie bitcoin:1A...?verify=https://amazon.com/bitcoin-verify?order-id=1234
755 2012-03-27 20:43:12 <gavinandresen> BlueMatt: yeah.... but why not save a round-trip (in the case you already have the amazon cert cached) and have the server sign the payment information up-front?
756 2012-03-27 20:43:15 <Diablo-D3> yeah, a daemon that specifically just says "yeah, thats really my address"
757 2012-03-27 20:43:19 <Diablo-D3> would work
758 2012-03-27 20:43:31 <Diablo-D3> gavinandresen: cert caching is required anyhow
759 2012-03-27 20:43:34 <Diablo-D3> for security reasons
760 2012-03-27 20:43:36 <BlueMatt> gavinandresen: it would be nice, but its not as "clean" for proxy-using sites, and isnt as easy to set up
761 2012-03-27 20:43:46 <Diablo-D3> same way with TLS identity fingerprinting shit
762 2012-03-27 20:44:08 <BlueMatt> (plus I really, really hate using privkeys for more than one use, ie signing bitcoin addresses...)
763 2012-03-27 20:44:33 <BlueMatt> grumble, grumble, signmessage, grumble
764 2012-03-27 20:45:27 <TD> yeah, implementation wise having the server sign a nonce with the bitcoin key is easiest to implement
765 2012-03-27 20:45:44 <TD> mixing SSL and bitcoin keys would just get complicated. but that's fine.
766 2012-03-27 20:45:46 <gavinandresen> Hmm? I'm not talking about bitcoin private keys, I'm talking web server private keys (and associated certificates)
767 2012-03-27 20:46:04 <BlueMatt> TD: I dont see how signing the with the bitcoin address would allow verification...
768 2012-03-27 20:46:18 <gavinandresen> If you're sending to a multisig address then there is no single bitcoin private key to sign with anyway.
769 2012-03-27 20:46:20 <BlueMatt> TD: I was commenting that I dont like using bitcoin privkeys for BOTH sending and signing messages...
770 2012-03-27 20:46:34 <TD> the first device sends (example.com, bitcoin pubkey[s]) to the second device
771 2012-03-27 20:46:42 <TD> second device contacts example.com and says "are these your keys"
772 2012-03-27 20:47:37 <TD> i agree with upb that signing some arbitrary data packet with SSL keys would be painful for large sites. it'd be annoying to implement at google, at least.
773 2012-03-27 20:47:54 <gavinandresen> ok, good to know.
774 2012-03-27 20:48:12 <TD> for obvious reasons distribution of the keys is restricted, they rotate from time to time, etc
775 2012-03-27 20:49:09 <BlueMatt> hmm...I do like that better
776 2012-03-27 20:49:14 <TD> by the way, amazon.com uses EV SSL
777 2012-03-27 20:49:18 RazielZ has joined
778 2012-03-27 20:49:26 RazielZ has quit (Read error: Connection reset by peer)
779 2012-03-27 20:49:29 <BlueMatt> simple https://amazon.com/bitcoin-signing-keys.txt would work nicely...
780 2012-03-27 20:49:37 PsiliPharm has joined
781 2012-03-27 20:50:02 <splatster> S² Capital Management's IPO has started! Go to https://glbse.com/asset/view/SS to buy shares. Visit https://bitcointalk.org/index.php?topic=74216.0 to learn more or join #S2CM.
782 2012-03-27 20:50:05 <TD> oh, hmm, maybe only sometimes. ok paypal.com does :) so then you can display an authenticated "friendly name"
783 2012-03-27 20:50:06 <splatster> oops
784 2012-03-27 20:50:20 <splatster> Didn't mean to post that here, sorry.
785 2012-03-27 20:50:22 <TD> BlueMatt: well you need to ask the server to sign with the keys sent by your first device, which are presumably fresh for each transaction
786 2012-03-27 20:50:38 <TD> BlueMatt: so the "well known" verify endpoint is the way to go
787 2012-03-27 20:51:33 <TD> it's simple enough. You can just POST a pubkey + nonce to the endpoint and get back a signature in the response.
788 2012-03-27 20:52:54 <BlueMatt> oh, I was thinking bitcoin:1...?sig=1234 but yea, yours is better
789 2012-03-27 20:53:12 <gavinandresen> so lets think through how it would work using pgp identities...
790 2012-03-27 20:53:31 <BlueMatt> still, it would be good to have a list of pubkeys so that we can solve the "non-repudiation" problem
791 2012-03-27 20:53:47 <BlueMatt> and then the response to the query is logged
792 2012-03-27 20:54:05 <BlueMatt> though that could be done without a list either way...
793 2012-03-27 20:54:12 molecular has quit (Ping timeout: 252 seconds)
794 2012-03-27 20:54:13 <TD> given the low adoption of PGP for individuals your best bet is just to use DKIM and email, imho. it's easy / transparent for users.
795 2012-03-27 20:54:18 JRWR has quit (Quit: "If the dinosaurs had a space program, they'd still be here." - Ron Garan)
796 2012-03-27 20:54:19 <TD> "pki without the pain"
797 2012-03-27 20:55:00 <TD> social networking integration also is interesting to explore
798 2012-03-27 20:55:07 <gavinandresen> if the query was "Is this your signature?" instead of "Is this your bitcoin address?" we get non-repudiation. The private key for the signature doesn't have to be the SSL private key.
799 2012-03-27 20:55:18 molecular has joined
800 2012-03-27 20:55:51 <TD> how do you create such a query? the second device needs to challenge the sever
801 2012-03-27 20:55:52 <TD> server
802 2012-03-27 20:56:30 <BlueMatt> if the query is over tls its verifiable either way (given certain session details logged)
803 2012-03-27 20:56:33 <gavinandresen> Same way: query the endpoint via SSL
804 2012-03-27 20:57:03 <BlueMatt> but it would be easier to avoid having to detail session keys from the tls session
805 2012-03-27 20:58:31 <TD> so .... the first device talks to amazon.com and obtains a payment descriptor containing an output script, and a signature over the descriptor calculated using the keys in the output script?
806 2012-03-27 20:58:52 <TD> i don't get it
807 2012-03-27 20:58:54 <TD> the payment goes to keys
808 2012-03-27 20:59:09 <TD> the second device has to prove that the keys its paying to are owned by the given identity.
809 2012-03-27 20:59:10 <gavinandresen> TD: no, just a signature using whatever key is convenient for amazon.com.
810 2012-03-27 20:59:49 <TD> (or at least that one of them is)
811 2012-03-27 20:59:54 <gavinandresen> TD: the second device then does an SSL query to amazon.com (certificate checks to confirm identity) and asks "Is this your signature on this payment info?"
812 2012-03-27 21:00:27 <TD> what links the signature and the keys the device will pay to? what stops the first device providing a valid signature, but different keys?
813 2012-03-27 21:00:45 PsiliPharm has quit (Quit: Colloquy for iPad - http://colloquy.mobi)
814 2012-03-27 21:00:46 <gavinandresen> the signature comes from amazon.com, not the first device
815 2012-03-27 21:01:14 <gavinandresen> (signature over "where should the payment go to")
816 2012-03-27 21:01:51 <BlueMatt> how does a user prove that the coins they sent were to amazon?
817 2012-03-27 21:01:58 <BlueMatt> if amazon backs out?
818 2012-03-27 21:02:49 <BlueMatt> I mean you could log all the local ssl/tls session details and log the connection, but that is ugly
819 2012-03-27 21:02:50 <gavinandresen> Darn good question. That's why I wanted to use the well-known-to-everybody CA-signed SSL private key.
820 2012-03-27 21:03:24 <BlueMatt> how about: amazon publishes the list of keys they use to sign payment info
821 2012-03-27 21:03:32 <gavinandresen> That'd work.
822 2012-03-27 21:04:03 <BlueMatt> they can rotate them, but have to do it slowly anyway to avoid issues with lag between user devices
823 2012-03-27 21:04:09 <BlueMatt> and people can log changes
824 2012-03-27 21:06:48 agricocb has joined
825 2012-03-27 21:06:57 <BlueMatt> I kinda prefer no sig on the original bitcoin: link, just a https url to post to like https://amazon.com/bitcoin-verf?orderid=1234 and you first get the list of acceptable keys from https://amazon.com/bitcoin-keys.txt and POST https://amazon.com/bitcoin-verf?orderid=1234&nonce=2345 with the bitcoin address, amount, etc and gets a signed copy with a key from bitcoin-keys.txt
826 2012-03-27 21:07:00 <TD> i actually quite like the idea of logging the TLS traffic in such a way that you can verify it
827 2012-03-27 21:07:03 <BlueMatt> (all ssl obv)
828 2012-03-27 21:07:29 <BlueMatt> TD: is there software out there to verify a tls session given the necessary local random values?
829 2012-03-27 21:07:34 <TD> key management is a pain. i wonder if it's possible to do it well
830 2012-03-27 21:07:38 <TD> good question
831 2012-03-27 21:07:40 <BlueMatt> (Im assuming so, for decryption stuff..)
832 2012-03-27 21:07:40 <TD> i don't know
833 2012-03-27 21:07:55 <BlueMatt> also, does openssl allow us to get at that info...
834 2012-03-27 21:08:33 <BlueMatt> that said, yea its much simpler than key management via bitcoin-keys.txt...
835 2012-03-27 21:08:41 <gmaxwell> TD: thats really a pain to doâ especially if the far end signals PFS. Plus no one has tools to check that, and the site could change certs before you made your claim.
836 2012-03-27 21:09:01 <TD> the old cert would still be signed by the CA though, and you could keep a copy of the cert
837 2012-03-27 21:09:05 <TD> PFS?
838 2012-03-27 21:09:35 <BlueMatt> perfect forward secrecy?
839 2012-03-27 21:09:40 <gmaxwell> perfect forward secrecy, the diffie hellman ciphersuites.
840 2012-03-27 21:09:54 <gmaxwell> TD: okay, point on keeping a copy of the certchain.
841 2012-03-27 21:10:04 <BlueMatt> yea, but if you log all your local random values that you use in the exchange, its still verifiable?
842 2012-03-27 21:10:20 <BlueMatt> though, I really doubt any tls library will let us get that info
843 2012-03-27 21:10:35 <TD> openssl s_client has a -debug option that prints a lot of data
844 2012-03-27 21:10:41 <TD> i'm assuming it doesn't use any internal-only APIs
845 2012-03-27 21:10:48 <TD> but yeah, probably, annoying to do across platforms
846 2012-03-27 21:10:57 <gmaxwell> BlueMatt: I _THINK_ so ... but it's possible to make exchanges that are denyable, but the TLS ones are not I think.
847 2012-03-27 21:11:23 <gmaxwell> (e.g. OTR's usage is denyable)
848 2012-03-27 21:11:29 <BlueMatt> yea
849 2012-03-27 21:11:50 <BlueMatt> we could tell openssl to blacklist denyable algos, but that would take a lot of work...
850 2012-03-27 21:12:00 ThomasV has joined
851 2012-03-27 21:12:21 <upb> acutually not :)
852 2012-03-27 21:12:28 <upb> as you can specify the acceptable methods
853 2012-03-27 21:12:54 <BlueMatt> well either way, its an elegant(ish) solution, but it sounds like it would take a lot of work to get it to function...
854 2012-03-27 21:12:57 <gmaxwell> The hardwer work is just convincing yourself that none are. Denying PFS is bad, so I hope it isn't denyable.
855 2012-03-27 21:13:34 <TD> the thing is, if you want users to be able to prove a transaction took place with foo.com at that time, doing it entirely independently of SSL is probably a huge infrastructure
856 2012-03-27 21:13:48 <BlueMatt> yea, kinda
857 2012-03-27 21:13:49 <TD> you need lots of people to verify that the ecdsa keys used by foo.com at time X were Y
858 2012-03-27 21:13:58 <TD> sounds like .... hmm .... a distributed p2p consensus :)
859 2012-03-27 21:14:13 <BlueMatt> heh, lets put everyone's name in the blockchain
860 2012-03-27 21:15:08 <gmaxwell> ThomasV has opinions on this subject.
861 2012-03-27 21:15:20 <ThomasV> ?
862 2012-03-27 21:15:36 <gmaxwell> ThomasV: they're talking about signing payment addresses. I thought you had opinions here.
863 2012-03-27 21:15:58 <ThomasV> oh yes I do. very strong opinions!
864 2012-03-27 21:16:23 <BlueMatt> gmaxwell: actually, I really, really dont think any ssl/tls algos will have deniable authentication
865 2012-03-27 21:16:41 <BlueMatt> gmaxwell: I dont think its possible without revealing keys after the exchange
866 2012-03-27 21:16:46 <ThomasV> gmaxwell: don't you?
867 2012-03-27 21:16:48 <BlueMatt> gmaxwell: and ssl/tls certainly wont do that?
868 2012-03-27 21:16:48 <gmaxwell> BlueMatt: You're probably right.
869 2012-03-27 21:17:04 <BlueMatt> ThomasV: care to share?
870 2012-03-27 21:17:19 <BlueMatt> but yea, more research would be needed before any kind of implementation...
871 2012-03-27 21:17:20 <gavinandresen> ThomasV: I put up a straw-man to get the discussion rolling again at https://gist.github.com/2217885
872 2012-03-27 21:17:41 <ThomasV> BlueMatt: http://ecdsa.org/bitcoin_URIs.html
873 2012-03-27 21:19:16 <TD> heh. you use a self signed cert
874 2012-03-27 21:19:30 <BlueMatt> heh
875 2012-03-27 21:19:41 erle- has quit (Quit: erle-)
876 2012-03-27 21:21:48 <ThomasV> I guess we need to wait for a working DIANNA in order to use signed URIs
877 2012-03-27 21:22:24 <TD> why?
878 2012-03-27 21:22:53 <gavinandresen> Hmm? the SSL Certificate Authority system is broken and nasty... and works well enough that I regularly use it to do online banking.
879 2012-03-27 21:23:26 Turingi has quit (Read error: Connection reset by peer)
880 2012-03-27 21:23:44 <ThomasV> TD: it depends what you want to do with it, but I want to make sure that the owner of the alias cannot change it covertly
881 2012-03-27 21:24:04 <gmaxwell> Logging an SSL exchange isn't mutually exclusive with doing other SSL independant things inside it.
882 2012-03-27 21:24:05 <BlueMatt> gavinandresen: if we do implement aliases (not saying we should...) how would the proposal change?
883 2012-03-27 21:24:17 <TD> right. well gavins proposal is intended to be the next building block for 2-factor tx signing
884 2012-03-27 21:24:32 <gmaxwell> ThomasV: they're proposing to log the SSL exchange so I could later prove that the address I used was one they gave me.
885 2012-03-27 21:24:53 <luke-jr> gavinandresen: LOL nice
886 2012-03-27 21:24:55 <ThomasV> gmaxwell: that's not a good idea
887 2012-03-27 21:25:31 <gmaxwell> BlueMatt: actually it looks like it would be denyable... the exchange just derrives hmac and encryption keys. Either side could use it to produce payload which passes the test.
888 2012-03-27 21:26:02 <gmaxwell> (same way that OTR worksâ the publication isn't required for the remote end to fabricate the data)
889 2012-03-27 21:26:26 <ThomasV> the SSL can only be used on websites that use SSL; it would not work on a forum with many users, each with their key
890 2012-03-27 21:26:45 <TD> yeah, but a lot of transactions are between merchant and buyer
891 2012-03-27 21:26:45 <ThomasV> and it would not work on other channels, eg IRC
892 2012-03-27 21:26:50 <TD> merchants today use SSL as a de-facto standard
893 2012-03-27 21:27:09 <TD> solving the person-to-person use case is much harder, given that ~nobody understands PKI
894 2012-03-27 21:27:30 <TD> any system that requires people to actually understand public/private keys might as well be junked before you even begin, assuming you care about the mass market
895 2012-03-27 21:27:30 <gmaxwell> I agree with TDâ but as I said above, it won't actually work.
896 2012-03-27 21:27:59 <TD> gmaxwell: pure SSL handshake, you mean?
897 2012-03-27 21:27:59 <BlueMatt> gmaxwell: ah, ofc, yea Im a dumbass...
898 2012-03-27 21:28:14 <gavinandresen> agreed. Although I was hoping to throw in won't-never-be-used-except-by-crypto-geeks-who-complain-loudly pgp wot stuff
899 2012-03-27 21:29:05 <gmaxwell> TD: If you log the all the SSL data you can prove to yourself that the server sent you thatâ but not to anyone else, because you have enough data to fabricate any address you like.
900 2012-03-27 21:29:06 <TD> gmaxwell: oh, your point is, you could fake having received a particular file
901 2012-03-27 21:29:10 <TD> right
902 2012-03-27 21:29:44 <gmaxwell> You could do something wacked, like use the bitcoin public key as a nonce in part of the ssl exchange.. and that _would_ non-reputably bind it... but that requires far deeper intergration on the server side. :(
903 2012-03-27 21:29:45 <BlueMatt> gavinandresen: now _that_ complicates things...
904 2012-03-27 21:29:47 <gribble> New news from bitcoinrss: Diapolo opened pull request 998 on bitcoin/bitcoin <https://github.com/bitcoin/bitcoin/pull/998>
905 2012-03-27 21:30:06 <gavinandresen> BlueMatt: not conceptually, it is all just identity and signatures
906 2012-03-27 21:30:19 <gmaxwell> At that point it would be easier to just make an external signing tool that writes a message file signed with the SSL cert.
907 2012-03-27 21:30:27 <BlueMatt> well, yea but in implementation, it complicates things greatly...
908 2012-03-27 21:30:31 denisx has quit (Quit: denisx)
909 2012-03-27 21:30:38 <TD> ssl is fairly complicated. i wonder if there's a way to do it ...
910 2012-03-27 21:30:55 <gmaxwell> (and if you use a message signed with the SSL cert you could also support signing with GPG keys pretty easily)
911 2012-03-27 21:31:01 * BlueMatt doesnt want to be messing with ssl internals...seems like a good way to make something really insecure...
912 2012-03-27 21:31:13 <BlueMatt> unless we have some cryptographers here?
913 2012-03-27 21:31:18 <ThomasV> lol
914 2012-03-27 21:31:18 <gmaxwell> gavinandresen: people would use the gpg signed stuffâ they'd just never validate it and they'd get ripped off. Alas.
915 2012-03-27 21:31:58 <gmaxwell> BlueMatt: That was a bad idea I gave. I just mentioned it to avoid some lurking pedant saying "oh sure you can do it!"
916 2012-03-27 21:32:14 <BlueMatt> ah, good
917 2012-03-27 21:32:19 <ThomasV> I think that verifying a signed URI is the job of the bitcoin client, not of the web browser.
918 2012-03-27 21:32:41 <gmaxwell> ThomasV: this doesn't have anything to do with the web browser.
919 2012-03-27 21:32:42 <BlueMatt> gmaxwell: just the idea of messing with ssl internals though...yuck
920 2012-03-27 21:32:43 <TD> hmm, i guess it's fundamental. the actual encrypted data is always done with a symmetric key
921 2012-03-27 21:32:53 <BlueMatt> TD: yep :(
922 2012-03-27 21:33:19 <ThomasV> gmaxwell: the bitcoin client would open a SSL session with the webserver?
923 2012-03-27 21:33:33 <gmaxwell> ThomasV: correct. And log the data required to prove it.
924 2012-03-27 21:33:37 <delt0r> TD: if you didn't do that it would a massive amount of CPU for even a really slow data rate
925 2012-03-27 21:33:42 <gmaxwell> But as I pointed out above, this doesn't actually work. :(
926 2012-03-27 21:33:47 <TD> yes, i know
927 2012-03-27 21:33:53 <TD> pki is expensive
928 2012-03-27 21:34:08 <ThomasV> gmaxwell: then you'll need to mess with the users password manager in order to open a session...
929 2012-03-27 21:34:09 <TD> ssl has a concept of sessions
930 2012-03-27 21:34:29 <TD> i wonder if it's possible to resume a session after the traffic and get a signed message containing some state that could only have come from the previous traffic
931 2012-03-27 21:34:31 * TD digs a bit more
932 2012-03-27 21:34:50 diki has joined
933 2012-03-27 21:35:23 <gmaxwell> ThomasV: no. You won't.
934 2012-03-27 21:35:38 <ThomasV> how so?
935 2012-03-27 21:35:57 <upb> but even if it was possible, in order to use that, it would require indefinite storage of session cache on the server side TD :)
936 2012-03-27 21:36:22 <TD> why indefinite? it only has to be temporary
937 2012-03-27 21:36:28 <TD> fwiw google does do distributed ssl session caching :)
938 2012-03-27 21:36:29 <gmaxwell> ThomasV: you connect to some publically accessible CGI on the server and say "my cookie is X did you just give me this address Y?" and it says "Yep".
939 2012-03-27 21:36:46 <gmaxwell> (though as mentioned it doesn't actually work, so discussing it is dumb)
940 2012-03-27 21:37:05 <ThomasV> ok, then let's not discuss it :)
941 2012-03-27 21:37:11 <BlueMatt> hummm... ok so if messing with ssl/tls gets ugly, what other solutions do we have?
942 2012-03-27 21:37:19 <gmaxwell> td: I think it's a lot harder to justify when you have to do some crazy deep manipulation on the server side.
943 2012-03-27 21:37:24 <upb> TD: oh i thought you were proposing to resume the session later to prove that the previous recorded data was valid
944 2012-03-27 21:37:31 <TD> hmm
945 2012-03-27 21:37:33 <gmaxwell> BlueMatt: you could still use the x509 public cert to sign random messages.
946 2012-03-27 21:37:38 <BlueMatt> https://amazon.com/bitcoin-keys.txt gets really complicated when you have to rotate keys
947 2012-03-27 21:37:45 <TD> yeah. but the session resume just remembers the symmetric key.
948 2012-03-27 21:37:51 darkee has quit (Ping timeout: 276 seconds)
949 2012-03-27 21:37:57 <TD> gmaxwell: yes. it is.
950 2012-03-27 21:38:13 <TD> gmaxwell: too bad. it would have been convenient. i guess there needs to be a different way to do receipts
951 2012-03-27 21:38:16 <BlueMatt> gmaxwell: yea, but I still really dont like that...
952 2012-03-27 21:38:39 <BlueMatt> you try telling google's ssl privkey holder to use it for something other than https...
953 2012-03-27 21:38:46 <gavinandresen> I still like the sign-stuff with the x509 cert approach. Could be a different x509 cert than is used for TLS if necessary....
954 2012-03-27 21:38:53 d4de has quit (Ping timeout: 246 seconds)
955 2012-03-27 21:38:57 <Diablo-D3> man
956 2012-03-27 21:39:00 <Diablo-D3> why the fucking hell
957 2012-03-27 21:39:01 <gmaxwell> BlueMatt: so just have the server sign a message saying, yep my address is XXX, with the x.509 cert and the client can just do browser like validation of it and keep a copy of the cert.
958 2012-03-27 21:39:07 <Diablo-D3> are people so fucking shitty
959 2012-03-27 21:39:10 <TD> no, wait
960 2012-03-27 21:39:18 <gmaxwell> BlueMatt: yes, butâ well, better than telling him to apply a crazy openssl patch to pick special nonces or whatever!
961 2012-03-27 21:39:23 <TD> gmaxwell: are you sure? i thought every ssl message sent was HMACd?
962 2012-03-27 21:39:25 <Diablo-D3> if there was a country that was filled with normal goddamned people
963 2012-03-27 21:39:27 <TD> gmaxwell: including all traffic
964 2012-03-27 21:39:29 <Diablo-D3> I'd move there in a heart beat
965 2012-03-27 21:39:30 <gmaxwell> TD: it is.
966 2012-03-27 21:39:38 <BlueMatt> gmaxwell: well, yea but we are going for a good solution, not better than what we had a minute ago ;)
967 2012-03-27 21:39:48 <gmaxwell> TD: I mentioned this above. but you have the hmac key, otherwise you couldn't verify the hmac.
968 2012-03-27 21:40:00 <gmaxwell> TD: because you have the hmac key you can fake hmaced messages yourself.
969 2012-03-27 21:40:08 darkee has joined
970 2012-03-27 21:40:08 <Diablo-D3> seriously, someone answer my question, I fucking dare you
971 2012-03-27 21:40:12 <BlueMatt> Diablo-D3: I dont think you would be allowed in...
972 2012-03-27 21:40:16 <Diablo-D3> most of you are reasonably intelligent people
973 2012-03-27 21:40:26 <BlueMatt> intelligent != normal
974 2012-03-27 21:40:30 <gmaxwell> Diablo-D3: Antarctica
975 2012-03-27 21:40:34 <BlueMatt> in fact, they are often the opposite...
976 2012-03-27 21:40:36 <Diablo-D3> bluematt: probably not, goddamned if Im allowed to actually not hate people for once
977 2012-03-27 21:42:48 Slix` has joined
978 2012-03-27 21:42:51 <gavinandresen> So: the bitcoin group at google gets one or more CA-signed keys, and uses them to sign bitcoin payment information. The certificate authorities are built-in to bitcoin clients, and bob's your uncle.
979 2012-03-27 21:42:56 JRWR has joined
980 2012-03-27 21:43:45 <TD> gmaxwell: right, got it
981 2012-03-27 21:44:24 <Diablo-D3> gavinandresen: yeah but like
982 2012-03-27 21:44:27 <t7> and the blockchain is so huge that newbies get disgruntled
983 2012-03-27 21:44:28 <Diablo-D3> what happens if the CA gets fucked.
984 2012-03-27 21:44:32 <gavinandresen> If we're not google and we're cheap, then we use the same key for both TLS and bitcoin payment information, and bob's still our uncle. All assuming our PHP or Python or whatever web code that generates bitcon payment information URI's or files can call openssl.
985 2012-03-27 21:44:37 <BlueMatt> Diablo-D3: then so is your bank
986 2012-03-27 21:44:56 <Diablo-D3> gavinandresen: and you're going to have to enforce certain cert features
987 2012-03-27 21:45:00 makomk has quit (Ping timeout: 276 seconds)
988 2012-03-27 21:45:59 <BlueMatt> gavinandresen: ok, sounds fine to me, wanna update the gist so we are all on the same page again?
989 2012-03-27 21:46:01 minimoose has joined
990 2012-03-27 21:46:44 <gavinandresen> BlueMatt: will do.
991 2012-03-27 21:48:37 <gmaxwell> t7: pshaw. Upgrade to 0.6.
992 2012-03-27 21:48:46 <TD> gavinandresen: OCSP could be enabled for bitcoin clients, as performance is not so important for them
993 2012-03-27 21:49:40 <gavinandresen> TD: ACK
994 2012-03-27 21:49:55 <BlueMatt> should be required imo
995 2012-03-27 21:50:13 <TD> well
996 2012-03-27 21:50:20 <TD> CA outages would then prevent payments being processed
997 2012-03-27 21:50:34 <TD> (for those merchants)
998 2012-03-27 21:50:48 <TD> but yeah, maybe
999 2012-03-27 21:50:49 <BlueMatt> user-overrideable, but ocsp isnt worth much if it soft-fails
1000 2012-03-27 21:51:00 minimoose has quit (Read error: Connection reset by peer)
1001 2012-03-27 21:51:02 <BlueMatt> mitm and you are dead
1002 2012-03-27 21:51:19 minimoose has joined
1003 2012-03-27 21:51:36 <TD> alright
1004 2012-03-27 21:51:53 <TD> so i guess we have agreement on this topic. big corps will just have to suck up the key distribution issues :)
1005 2012-03-27 21:52:17 <BlueMatt> big corps can afford a second ssl key
1006 2012-03-27 21:52:23 <TD> for person-to-person authentication. a WOT isn't inherently a bad idea, it's just a geeky word for a social network. the problem is the need to do it without keys or key exchanges ever becoming visible in the ui
1007 2012-03-27 21:53:16 <TD> maybe you could use phones + bluetooth. look on your screen, see a name + photo that corresponds to the person standing in front of you. tapping them is "good enough" to be considered a key exchange
1008 2012-03-27 21:54:54 <TD> phones that find each other can exchange name+photo+key+signature sets in the background. all we have to do is hang out and now i can see your mutual acquaintances. we need never even think about bitcoin. if you wanted to key exchange with somebody but keep that fact private, i guess you'd need to mark the relationship as such
1009 2012-03-27 21:54:59 <TD> so it wouldn't be handed out willy nilly
1010 2012-03-27 21:55:15 <TD> spreading around social graph data is inherent in the WOT model, though
1011 2012-03-27 21:56:27 <BlueMatt> I dont know about blindly exchanging info in the background if you are near another phone for long enough
1012 2012-03-27 21:56:34 <BlueMatt> that could make for some interesting attacks
1013 2012-03-27 21:57:01 <BlueMatt> but manual exchange with people who you wanna exchange with is cool
1014 2012-03-27 21:57:08 d4de has joined
1015 2012-03-27 21:57:09 d4de has quit (Remote host closed the connection)
1016 2012-03-27 21:57:12 <BlueMatt> over bluetooth or nfc or whatever
1017 2012-03-27 21:57:16 <gavinandresen> https://gist.github.com/2217885 updated
1018 2012-03-27 21:57:20 <BlueMatt> (nfc is better, bluetooth is too insecure...)
1019 2012-03-27 21:57:41 <TD> what attacks are you imagining?
1020 2012-03-27 21:57:50 <TD> i don't think a WOT has to be bullet-proof
1021 2012-03-27 21:58:29 <BlueMatt> bluetooth has had too many attacks over the years, plus it works over long(ish) distances if the attacker has good hardware
1022 2012-03-27 21:58:58 <TD> that's fine though
1023 2012-03-27 21:59:06 <TD> bear in mind the data being exchanged is all signed
1024 2012-03-27 21:59:11 <BlueMatt> bluetooth is mitmdable
1025 2012-03-27 21:59:16 <t7> gmaxwell: whats new in 0.6 ?
1026 2012-03-27 21:59:36 <t7> i run the git head on my server but 0.5.3.1 on windows
1027 2012-03-27 21:59:47 <BlueMatt> TD: well if you sign it well on top, then you have to make users verify a short code on both sides...
1028 2012-03-27 21:59:50 <TD> yes, so? my phone broadcasts my name, photo and a key. other people only "confirm" by tapping my entry in their apps list if they are actually near me and can see me
1029 2012-03-27 22:00:01 <TD> so now if somebody wants to interfere with that, they could try adding another entry that looks identical
1030 2012-03-27 22:00:18 <BlueMatt> wait, are you broadcasting it, I thought this was a one-on-one exchange
1031 2012-03-27 22:00:19 <TD> but you'd notice because there'd be two identical looking entries in the list
1032 2012-03-27 22:00:26 <TD> no, insecure bluetooth broadcast
1033 2012-03-27 22:00:27 <BlueMatt> ie I hold my phone next to yours and it signs
1034 2012-03-27 22:00:33 <BlueMatt> oh, well then yea nvm
1035 2012-03-27 22:00:45 <BlueMatt> again, not a big fan of broadcasting though
1036 2012-03-27 22:00:46 <TD> the app would presumably drop both if there were conflicting entries
1037 2012-03-27 22:01:05 <Diablo-D3> heh, who really cares if it can be mitmed
1038 2012-03-27 22:01:13 <gmaxwell> t7: being able to fully sync the chain in under an hour on ordinary systems.
1039 2012-03-27 22:01:14 <Diablo-D3> if its signed, producing a false signature wont help
1040 2012-03-27 22:01:18 <TD> well, it's an interesting social model. imagine a bunch of people going to a bitcoin meetup or conference. the WOT would automatically establish itself and anyone who attended would be able to pay anyone else, pretty much, as long as there was some chain between you and them
1041 2012-03-27 22:01:19 <BlueMatt> oh, thats no good, I make 2 entries, one conflicts (the original gets dropped) and another one with a pixel in the image changed, and that gets signed...
1042 2012-03-27 22:01:50 <t7> gmaxwell: what changed?
1043 2012-03-27 22:01:51 <TD> BlueMatt: you could drop based on name similarity too, or flag in the UI as invalid, or something
1044 2012-03-27 22:01:58 <BlueMatt> yea
1045 2012-03-27 22:01:59 <t7> to the dl process
1046 2012-03-27 22:02:11 <BlueMatt> anyway, I dont really get the point though, what does it provide?
1047 2012-03-27 22:02:22 <BlueMatt> I thought the point was to provide secure name->address mappings
1048 2012-03-27 22:02:29 <BlueMatt> not just a huge list of insecure ones?
1049 2012-03-27 22:03:07 <TD> it's "secure enough", right? the point of the WOT is to let you send money to somebody when you aren't physically in front of them (otherwise you could just exchange a raw tx)
1050 2012-03-27 22:03:08 <BlueMatt> at some point you have to have users manually ack the name->address mapping that they get
1051 2012-03-27 22:03:16 <gmaxwell> t7: the poor performance had little to do with the download itself, and everything to do with validation and database updating speed. The bdb settings were tweaked to greatly improve performance.
1052 2012-03-27 22:03:17 <TD> well, you just have to have users ack physical presence
1053 2012-03-27 22:03:23 Nicksasa has quit (Ping timeout: 246 seconds)
1054 2012-03-27 22:03:26 <TD> the "address" doesn't mean anything to them
1055 2012-03-27 22:03:46 <TD> you just say, yes, this person is in front of me, i've met them and they did indeed tell me they were on the WOT
1056 2012-03-27 22:03:49 <BlueMatt> interesting, but I just dont like the potential for abuse there...
1057 2012-03-27 22:04:18 <BlueMatt> ah, and then you might as well do local nfc one-on-one exchanges
1058 2012-03-27 22:04:22 <TD> now when you meet somebody else, your phone sends the key + details of the first person you met. it shows up for them automatically, and their phone trusts that it's valid because you sent it to them, and YOU were physically present
1059 2012-03-27 22:04:24 <BlueMatt> which are way more secure and sane
1060 2012-03-27 22:04:47 <BlueMatt> if you have to ack each person as physically present, you might as well just exchange one-on-one
1061 2012-03-27 22:05:10 <TD> bluetooth is more widely supported than nfc and it's a bit more convenient if you want to ack several people. but sure.
1062 2012-03-27 22:05:19 <gmaxwell> TD: I just feed you a fake wot full of addresses which belong to me. Then when you pay anyone you pay meâ all I have to do is meet you once?
1063 2012-03-27 22:05:33 <BlueMatt> well, bluetooth or nfc doesnt matter much, I was just suggesting nfc because its much shorter range
1064 2012-03-27 22:05:36 <TD> i have to confirm that i trust you by tapping your entry
1065 2012-03-27 22:05:38 minimoose has quit (Read error: Operation timed out)
1066 2012-03-27 22:05:43 * BlueMatt bbl
1067 2012-03-27 22:05:45 <TD> once i do that, i take all your WOT entries too
1068 2012-03-27 22:05:51 <TD> so yes, if you scam me, i'm out of luck
1069 2012-03-27 22:06:43 <BlueMatt> well take all your wot entries but mark them as 1-away
1070 2012-03-27 22:06:52 <TD> yes
1071 2012-03-27 22:06:52 <BlueMatt> and use that in calculating "trust" of an entry
1072 2012-03-27 22:06:55 <gmaxwell> yea, I don't think it's possible to do wot trust securely without understanding.
1073 2012-03-27 22:08:47 minimoose has joined
1074 2012-03-27 22:09:04 agricocb has quit (Quit: Leaving.)
1075 2012-03-27 22:10:20 ThomasV has quit (Ping timeout: 244 seconds)
1076 2012-03-27 22:11:38 Snapman is now known as Snapman[afkers]
1077 2012-03-27 22:14:20 Karmaon has joined
1078 2012-03-27 22:15:59 <luke-jr> sipa: I can't get a match on your bitcoin-qt :/
1079 2012-03-27 22:16:07 <luke-jr> (nor on gavinandresen's qtâ¦)
1080 2012-03-27 22:16:35 minimoose has quit (Quit: minimoose)
1081 2012-03-27 22:19:06 <luke-jr> sipa: sorry, my mistake
1082 2012-03-27 22:19:14 <luke-jr> I was comparing the wrong SHA256 this last time. it does match
1083 2012-03-27 22:19:28 forsetifox has left ()
1084 2012-03-27 22:22:35 <bluemoon44> qt
1085 2012-03-27 22:24:54 pklaus has joined
1086 2012-03-27 22:31:00 TD has quit (Quit: TD)
1087 2012-03-27 22:33:22 <amiller> so i posed an alternate proof of work scheme back a few weeks ago
1088 2012-03-27 22:33:34 <amiller> i decided it wouldn't work, but now i think i was wrong and it _would_ work
1089 2012-03-27 22:33:43 <amiller> so i'm just gonna blather about it again
1090 2012-03-27 22:34:16 <amiller> there's two parameters, a 'difficulty' and a 'path-length'
1091 2012-03-27 22:35:00 <amiller> the miner begins by choosing a nonce, then that nonce is used to pick a block from the blockchain
1092 2012-03-27 22:35:13 <amiller> like nonce % 20000 if there are 20,000 blocks.
1093 2012-03-27 22:35:46 <amiller> then you hash the nonce and the blockchain data at that block (the whole block data, not just the hash or the header)
1094 2012-03-27 22:36:09 <amiller> then you use that resulting hash to index into the blockchain again, % 20000 again
1095 2012-03-27 22:36:23 <amiller> you keep going N=<path-length> times
1096 2012-03-27 22:36:45 <amiller> if the final hash is less than the difficulty threshold, then you win the block
1097 2012-03-27 22:37:14 <amiller> the point of this alternate proof of work scheme is that the kind of equipment you would need to be a competitive miner is different than in bitcoin
1098 2012-03-27 22:37:18 <amiller> to compete in bitcoin, you need GPUs
1099 2012-03-27 22:37:29 <amiller> to compete with this alternate proof of work scheme, you need randomly accessible copies of the entire blockchain history
1100 2012-03-27 22:37:54 <amiller> this is a significant advantage to the security of the protocol because it changes the incentives
1101 2012-03-27 22:38:19 <amiller> right now, pool miners are 'mining' competitive but there's no incentive for them to independently check against double spends
1102 2012-03-27 22:38:35 <sipa> if a miner can choose the nonce, wouldn't it just pick nonces of blocks it knows?
1103 2012-03-27 22:38:47 <amiller> that's what i thought when i decided a few weeks ago this wouldn't work
1104 2012-03-27 22:39:00 <amiller> could a miner get an advantage by just keeping a small subset of data and only checking those
1105 2012-03-27 22:39:10 <sipa> it would appear so
1106 2012-03-27 22:39:12 <amiller> but the thing is you don't know where the hash is going to take you next
1107 2012-03-27 22:39:20 <amiller> there's a tradeoff with this path-length parameter
1108 2012-03-27 22:39:37 <amiller> but even if you only store 2 blockchain entries
1109 2012-03-27 22:39:58 <amiller> you could easily choose a nonce so that the first block you need to check is in your subset
1110 2012-03-27 22:40:05 <amiller> but the chances are the next block you'd have to check is outside the subset
1111 2012-03-27 22:40:18 <amiller> so doing that would cause you to waste a lot of time
1112 2012-03-27 22:40:39 <amiller> you _could_ find a winning hash using only a subset
1113 2012-03-27 22:40:43 <amiller> but it would take you exponentially more time
1114 2012-03-27 22:40:47 darkskiez has quit (Remote host closed the connection)
1115 2012-03-27 22:40:50 <amiller> than someone who has the full blockchain
1116 2012-03-27 22:41:20 agricocb has joined
1117 2012-03-27 22:41:36 <amiller> it's exponentially more efficient to store the whole blockchain than it is to cheat by using a subset
1118 2012-03-27 22:42:05 <sipa> i see, that sounds valid
1119 2012-03-27 22:44:01 <gmaxwell> amiller: Did you see see my "Forgetting the forgetful" post?
1120 2012-03-27 22:44:08 <amiller> no
1121 2012-03-27 22:44:42 <gmaxwell> Okay, it's from the same general class of approachesâ but not as a POW replacement.
1122 2012-03-27 22:45:01 bluemoon44 has quit ()
1123 2012-03-27 22:45:27 <gmaxwell> I hadn't thought of it as a POW replacement is simply because there is no reason to have ultrafast blockchain accessâ it only needs to be 'fast enough'.
1124 2012-03-27 22:45:38 <gmaxwell> amiller: https://bitcointalk.org/index.php?topic=68396
1125 2012-03-27 22:46:09 <sipa> gmaxwell's idea is certainly easier to implement and roll our
1126 2012-03-27 22:46:11 <sipa> our
1127 2012-03-27 22:46:14 <sipa> ouT
1128 2012-03-27 22:47:32 <gmaxwell> (regarding the last line in that message, what I really meant was 'pseudorandom based on the hash of the prior blocks' or the like)
1129 2012-03-27 22:49:48 <gmaxwell> Unfortunately the thread is full of people who _just don't get it_ and I don't know how to express it any more clearly.
1130 2012-03-27 22:50:11 <luke-jr> amiller: what if the path had to be based on the hash?
1131 2012-03-27 22:50:29 <amiller> the path should probalby be based on the hash
1132 2012-03-27 22:50:47 <gmaxwell> It was probably a mistake to even mention this in the context of 1txn blocks.
1133 2012-03-27 22:51:13 <luke-jr> amiller: this sounds like it could have the same problem as scrypt
1134 2012-03-27 22:51:29 <gmaxwell> Since it's really just a proof-you-know-the-blockchain â I'd been thinking about that for a while and the 1txn blocks sounded like a fine reason to make it public after people hypothesized they were due to mining without the chain.
1135 2012-03-27 22:51:32 <luke-jr> hard to do on commodity hardware, so specialized equipment would have more of an advantage
1136 2012-03-27 22:51:41 Clipse has quit (Ping timeout: 246 seconds)
1137 2012-03-27 22:51:52 <sipa> luke-jr: so, what's the problem with specialized equipment?
1138 2012-03-27 22:52:15 <luke-jr> sipa: any proof-of-work should be sufficiently easy that commodity hardware can keep up with specialized
1139 2012-03-27 22:52:23 makomk has joined
1140 2012-03-27 22:52:40 <sipa> there will always be a point where it becomes viable to invest in specialized equipment
1141 2012-03-27 22:52:41 <gmaxwell> sipa: it means that targeted entities could get big control advantages over the general community of users. â but at least in amiller's case it would actually correlate well with txn processing ability.
1142 2012-03-27 22:53:27 <luke-jr> sipa: yes, but the advantage needs to be small enough that it isn't an immediate 50% attack
1143 2012-03-27 22:55:41 <Cory> After a hard crash, I used Diapolo's fix for the GUI crash which worked for me before (deleting C:\ProgramData\boost_interprocess), but now I'm getting this error: http://i.imgur.com/Jx3o1.png
1144 2012-03-27 22:56:01 Stewie__ has quit (Quit: Extraction complete.)
1145 2012-03-27 22:56:15 <gmaxwell> Cory: you're using an old 0.6 RC?
1146 2012-03-27 22:57:13 <sipa> Cory: it seems you're using rc4; that bug (as well as the GUI lockup) were fixed in RC5
1147 2012-03-27 22:58:24 <Cory> I'll update.
1148 2012-03-27 22:58:54 <Cory> Thanks. :)
1149 2012-03-27 22:59:30 <amiller> ok i guess i should write this up better
1150 2012-03-27 22:59:52 <amiller> that's what i'd have to argue i think, that it's a disadvantage not to have the whole blockchain
1151 2012-03-27 23:00:21 <amiller> pretty much the 'commodity hardware' that would be used for this is SSDs with blockchain history on them
1152 2012-03-27 23:00:38 <amiller> the more SSDs with blockchain history, the more paths you can check in parallel
1153 2012-03-27 23:01:06 <amiller> so it's directly a scheme that incentivizes having tons of copies of blockchain history on extra disks
1154 2012-03-27 23:01:30 <amiller> being "honest", i.e. processing txns is marginal additional effort for a competitive miner
1155 2012-03-27 23:04:04 <gmaxwell> amiller: But I think that arugment will ultimately fail. I only need enough random access to validate the maximum transaction rate in << 10 minutes. Beyond that, there isn't any gain except whatever artificial one the POW creates.
1156 2012-03-27 23:04:13 ThomasV has joined
1157 2012-03-27 23:04:16 <gmaxwell> And the current maximum rate is helpfully pretty modest.
1158 2012-03-27 23:04:46 <gmaxwell> (and if we raise the maximum rate â well, that will hose up decenteraliztaion because it will force nodes to SPV)
1159 2012-03-27 23:05:46 <amiller> there's still a partial hash collision as part of this scheme
1160 2012-03-27 23:05:59 splatster has quit (Quit: Be back in 2 minutes!)
1161 2012-03-27 23:06:00 <amiller> i don't think i understand your comment
1162 2012-03-27 23:06:37 ivan\ has quit (Quit: ERC Version 5.3 (IRC client for Emacs))
1163 2012-03-27 23:09:16 splatster has joined
1164 2012-03-27 23:10:36 danbri has joined
1165 2012-03-27 23:15:21 paraipan has quit (Ping timeout: 276 seconds)
1166 2012-03-27 23:16:46 <nanotube> gmaxwell: interesting idea on your btalk post. i think to make it clearer, you could try adding bold on the word 'inputs'. :) and maybe explaining in parentheses that you're not talking about the transactions in the previous block, but transactions that are upstream of the transactions in the previous block, which may be anywhere in the block chain). also, fun response to maged ;)
1167 2012-03-27 23:17:21 dvide has joined
1168 2012-03-27 23:19:17 <gmaxwell> amiller: There is no advantage to the system to having people who can verify transactions faster than the maximum rate the system needs. That maximum isn't very highâ and can't be highâ because if bitcoin is to remain decenteralized a great many nodes need to be validating the rules (many more than those mining it).
1169 2012-03-27 23:19:31 <gmaxwell> So once you cross that point your POW scheme is just another POW schemeâ work for the sake of work.
1170 2012-03-27 23:19:44 ThomasV has quit (Ping timeout: 260 seconds)
1171 2012-03-27 23:19:45 paraipan has joined
1172 2012-03-27 23:20:06 <gmaxwell> Luke suggested that it might not be an excellent one because it has too much hyperspecialization gain.
1173 2012-03-27 23:20:08 <t7> im unemployed
1174 2012-03-27 23:20:18 <t7> how do i proof of work?
1175 2012-03-27 23:20:54 <amiller> the point is for the marginal cost of being 'honest' to be zero
1176 2012-03-27 23:21:10 <amiller> so the proof of work is still a lot of additional work over the necessary maximum rate
1177 2012-03-27 23:21:12 <iz> t7: by presenting a valid hash with the right number of leading zero bits
1178 2012-03-27 23:21:22 <amiller> but that means there's no way for a miner to save costs by not bothering to double check
1179 2012-03-27 23:21:39 ivan\ has joined
1180 2012-03-27 23:23:45 <gmaxwell> amiller: I think I am going to stab you now.
1181 2012-03-27 23:24:04 <gmaxwell> Because I _understand_ what you're trying to accomplish. Thats not the source of the disagreement here.
1182 2012-03-27 23:24:30 <gmaxwell> amiller: Lets imagine for a moment that bitcoin couldâ by designâ only process one transaction per hour.
1183 2012-03-27 23:24:31 Z0rZ0rZ0r1 has joined
1184 2012-03-27 23:25:03 <gmaxwell> amiller: You implement your system, and achieve your goal: because POW requires fast txn lookups any miner will do the txn processing work.
1185 2012-03-27 23:25:51 <gmaxwell> amiller: however, you now have a POW system that makes miners that can process thousands of times faster than the system could possibly need. By itself thats harmless.
1186 2012-03-27 23:26:41 Z0rZ0rZ0r has quit (Ping timeout: 246 seconds)
1187 2012-03-27 23:26:52 <gmaxwell> amiller: but then someone implements a miner using TCAMs and can process tens of millions of times faster. Majority attacking the chain mined by SSDminers until they catch up by buying tcams. (and never mind that the ecc sig validation became the binder long before this point)
1188 2012-03-27 23:27:00 <gmaxwell> This is probably not an ideal outcome.
1189 2012-03-27 23:28:12 <gmaxwell> I suspect it would be better to just use enough proof-of-memory to show that you have no incentive to exclude transactionsâ and use simple computation that general purpose devices are efficient at in order to minimize the hyperspecialization gain.
1190 2012-03-27 23:28:18 copumpkin has quit (Quit: Computer has gone to sleep.)
1191 2012-03-27 23:28:28 t7 has quit (Remote host closed the connection)
1192 2012-03-27 23:28:49 <gmaxwell> "enough" can actually be set as a constantâ it doesn't have to be a POW race, because the network transaction rate has a constant maximum.
1193 2012-03-27 23:29:56 GMP has joined
1194 2012-03-27 23:31:09 da2ce7 has joined
1195 2012-03-27 23:32:52 <gmaxwell> amiller: ah, here is a killer point: that pow can't be validated without the chain. bye bye spv clients.
1196 2012-03-27 23:34:17 graingert has quit (Remote host closed the connection)
1197 2012-03-27 23:36:06 Marf has quit (Ping timeout: 244 seconds)
1198 2012-03-27 23:36:11 <luke-jr> sipa: 0.6 signmessage isn't compatible with 0.5? :/
1199 2012-03-27 23:36:52 <gmaxwell> 0_o
1200 2012-03-27 23:37:22 Snapman[afkers] is now known as Snapman
1201 2012-03-27 23:37:46 <gmaxwell> amiller: hm. I guess it would beâ just not fully. but thats no worse than a seperate memory proof.
1202 2012-03-27 23:37:47 * luke-jr bisects
1203 2012-03-27 23:37:51 <BlueMatt> does compressed pubkeys break that?
1204 2012-03-27 23:38:24 <luke-jr> BlueMatt: I wonder
1205 2012-03-27 23:38:54 <luke-jr> probably since verifymessage uses key recovery and compares :/
1206 2012-03-27 23:39:02 <gmaxwell> I don't see how.
1207 2012-03-27 23:39:04 BTC_Bear is now known as BTC_Bear|hbrntng
1208 2012-03-27 23:39:24 <luke-jr> gmaxwell: 0.5 recovers the non-compressed key, uses that for the address, and it doesn't match?
1209 2012-03-27 23:40:18 <sipa> if you sign with a compressed key, it won't be verifiable by 0.5, no
1210 2012-03-27 23:40:18 <gmaxwell> ah! you're signing with a compressed key address.
1211 2012-03-27 23:40:31 <luke-jr> sipa: by design, or oversight?
1212 2012-03-27 23:40:32 <gmaxwell> sipa: How does it know which to use?
1213 2012-03-27 23:40:43 <sipa> it sets a bit flag
1214 2012-03-27 23:41:00 <gmaxwell> I totally missed that change. :(
1215 2012-03-27 23:41:24 <sipa> luke-jr: actually, oversight, but it's not really possible anyway
1216 2012-03-27 23:41:41 <sipa> i never thought about compatibility issues when i added then
1217 2012-03-27 23:41:43 <sipa> that
1218 2012-03-27 23:42:18 Karmaon has quit (Read error: Connection reset by peer)
1219 2012-03-27 23:42:21 <luke-jr> bisect looks like it's about to confirm that's the case here
1220 2012-03-27 23:42:30 <sipa> i can tell you which commit added that
1221 2012-03-27 23:42:52 <luke-jr> sipa: btw, any reason not to support "long" sigs?
1222 2012-03-27 23:43:24 <luke-jr> ie, base64(used-for-txn-sigs)
1223 2012-03-27 23:43:50 <luke-jr> d4d9c734c315e99136fe245c5733ca75cab9f8bf is the first bad commit
1224 2012-03-27 23:43:53 <luke-jr> Compact signatures with compressed pubkeys
1225 2012-03-27 23:44:11 Friggles has joined
1226 2012-03-27 23:44:32 <sipa> there it is
1227 2012-03-27 23:45:06 <sipa> all signatures are base64, no?
1228 2012-03-27 23:45:25 <luke-jr> DER(pubkey+sig)
1229 2012-03-27 23:45:27 <luke-jr> I mean
1230 2012-03-27 23:45:53 <sipa> oh; what a waste
1231 2012-03-27 23:46:35 <luke-jr> MtGox uses it for signmessage <.<
1232 2012-03-27 23:46:46 <luke-jr> because they don't like the patent issue apparently
1233 2012-03-27 23:46:59 <luke-jr> it would also have enabled workaround for this issue if it were in 0.5
1234 2012-03-27 23:47:45 d4de has joined
1235 2012-03-27 23:47:45 d4de has quit (Changing host)
1236 2012-03-27 23:47:45 d4de has joined
1237 2012-03-27 23:48:24 <gmaxwell> luke-jr: They're idiots. I offered to have a patent attorney go over it with them and declined.
1238 2012-03-27 23:48:48 <luke-jr> gmaxwell: still, it turns out supporting it would have been a good idea for 0.5 :p
1239 2012-03-27 23:49:33 * luke-jr wonders if it's practical to backport verifying compressed pubkey messages only
1240 2012-03-27 23:49:43 pklaus has quit ()
1241 2012-03-27 23:49:47 <sipa> that wouldn't be hard
1242 2012-03-27 23:50:33 <sipa> just add CKey::SetCompressed, and make verifymessage check for the bit, and call that function if it's set
1243 2012-03-27 23:50:46 <luke-jr> gmaxwell: btw, can you do the final 0.5.4rc2 gitian build?
1244 2012-03-27 23:50:59 <luke-jr> gmaxwell: note that you'll need to be sure to use the right qt input, or it'll come out wrong
1245 2012-03-27 23:51:18 <sipa> BlueMatt: how far are we on getting qt builds deterministic?
1246 2012-03-27 23:51:43 <BlueMatt> sipa: I havent bothered looking into it since bitcoin-qt is
1247 2012-03-27 23:51:49 <luke-jr> sipa: they seem to be deterministic for me, but I had been using the 0.5.3.1-pre qt
1248 2012-03-27 23:52:12 <luke-jr> with the final fix, that makes a subtle linking difference
1249 2012-03-27 23:52:16 <luke-jr> (implicit vs explicit)
1250 2012-03-27 23:52:18 <sipa> BlueMatt: bitcoin-qt is? gavin had a different build for 0.6.0rc5 than me
1251 2012-03-27 23:52:26 <sipa> until he switched to the skypaint one
1252 2012-03-27 23:52:41 <luke-jr> sipa: everyone needs to be sure to use the current/original qt gitian
1253 2012-03-27 23:52:59 <sipa> did it change recently?
1254 2012-03-27 23:53:01 <BlueMatt> sipa: oh...
1255 2012-03-27 23:53:06 <BlueMatt> sipa: wait, the skypaint qt?
1256 2012-03-27 23:53:14 <sipa> yes
1257 2012-03-27 23:53:20 <BlueMatt> isnt that pre-fix? or did the fix move to bitcoin-qt.pro?
1258 2012-03-27 23:53:44 <luke-jr> sipa: it changed for 0.6.0rc4, then changed back
1259 2012-03-27 23:54:00 copumpkin has joined
1260 2012-03-27 23:54:01 <sipa> i can't follow anymore
1261 2012-03-27 23:54:05 <luke-jr> >_<
1262 2012-03-27 23:54:13 <luke-jr> BlueMatt: pre-fix = current
1263 2012-03-27 23:54:18 <luke-jr> fix is just in .pro now
1264 2012-03-27 23:54:24 <BlueMatt> luke-jr: ok, thats right
1265 2012-03-27 23:54:42 <sipa> so the skypaint qt build should be fine for building current?
1266 2012-03-27 23:54:47 <luke-jr> sipa: yes
1267 2012-03-27 23:55:03 <luke-jr> f09ab is the right input
1268 2012-03-27 23:55:10 <sipa> ok, let me try to rebuild qt as it is now, and then redo 0.6.0rc5
1269 2012-03-27 23:55:19 <sipa> to check whether it indeed is deterministic
1270 2012-03-27 23:56:19 pickett has quit (Remote host closed the connection)
1271 2012-03-27 23:58:55 <sipa> where to download qt-everywhere?
1272 2012-03-27 23:59:25 <BlueMatt> http://qt.nokia.com/downloads
1273 2012-03-27 23:59:36 Joric has quit ()
1274 2012-03-27 23:59:43 <sipa> couldn't find it there, but googling for the filename helped
1275 2012-03-27 23:59:52 <sipa> http://get.qt.nokia.com/qt/source/qt-everywhere-opensource-src-4.8.0.tar.gz