  1 2015-02-18 00:26:03 <earlz> So, where is there any documentation about the gitian suites?
  2 2015-02-18 00:26:06 <earlz> like lucid or precise
  3 2015-02-18 01:27:40 <harding> mappum: https://bitcoin.org/en/rss/releases.rss
  4 2015-02-18 03:12:56 <sipa> earlz: those are just ububtu releases
  5 2015-02-18 08:19:08 <chovy> i get an error about some ancient version of berkeley db?
  6 2015-02-18 08:19:12 <chovy> 4.8 is required?
  7 2015-02-18 08:19:17 <chovy> I'm on debian 7
  8 2015-02-18 08:19:27 <chovy> 5.3 is latest
  9 2015-02-18 08:29:18 <aliasaila__> 5.3 wallets won't be compatible with the official builds
 10 2015-02-18 08:29:38 <chovy> so how do i install this thing?
 11 2015-02-18 08:29:39 <aliasaila__> guess it depends on how you'll be using it
 12 2015-02-18 08:29:52 <chovy> i really have to downgrade to 4.8 db?
 13 2015-02-18 08:29:55 <chovy> why?
 14 2015-02-18 08:30:00 <bengt_> you should be able to build it fine with 5.3, just that you won't be able to use wallet file from a client using 4.8 (they're not compatible), thats why there is a warning
 15 2015-02-18 08:30:25 <chovy> i see
 16 2015-02-18 08:30:27 <bengt_> because oracle likes to break compatiblity between major versions
 17 2015-02-18 08:32:19 <chovy> what version of boost do I need
 18 2015-02-18 08:34:06 <moa> chovy: are you building it yourself?
 19 2015-02-18 08:35:02 <chovy> trying to.
 20 2015-02-18 08:35:04 <chovy> about to give up
 21 2015-02-18 08:35:16 <chovy> configure: error: Could not link against boost_system !
 22 2015-02-18 08:35:24 <moa> take a look at the depends build could be an option
 23 2015-02-18 08:35:41 <chovy> the what?
 24 2015-02-18 08:36:16 <moa> cd depends
 25 2015-02-18 08:36:30 <moa> less README
 26 2015-02-18 08:38:06 <chovy> it looks like this will download and compile all the dependencies?
 27 2015-02-18 08:38:14 <moa> right
 28 2015-02-18 08:38:18 <chovy> heh
 29 2015-02-18 08:38:19 <chovy> ok
 30 2015-02-18 08:38:21 <moa> from source
 31 2015-02-18 08:38:24 <chovy> i'm done with this
 32 2015-02-18 08:39:01 <chovy> why don't you guys just put up an apt repo we can change our sources.list and be done with it. this is what other projects do.
 33 2015-02-18 08:39:09 <chovy> like mongodb
 34 2015-02-18 08:39:11 <chovy> nginx
 35 2015-02-18 08:39:27 <chovy> took me literally 30 seconds to install both those
 36 2015-02-18 08:39:33 <chovy> this is amateur hour over here
 37 2015-02-18 08:41:01 <wumpus> chovy, stop being so noisy
 38 2015-02-18 08:41:18 <wumpus> this is about development related discussion, not make 101
 39 2015-02-18 09:41:02 <Luke-Jr> someone should have pointed chovy to the PPA and #Bitcoin :x
 40 2015-02-18 09:42:12 <wumpus> the PPA is for ubuntu not debian 7
 41 2015-02-18 09:45:14 <Luke-Jr> can't it be added on Debian too? O.o
 42 2015-02-18 09:49:43 <wumpus> I didn't know that for sure, that's why I didn't mention it
 43 2015-02-18 09:54:01 <ciemon> Alternatively chovy could help the Debian package maintainer out :)
 44 2015-02-18 09:54:27 <Luke-Jr> doubtful
 45 2015-02-18 09:54:41 <Luke-Jr> Debian policy and Bitcoin packaging requirements conflict
 46 2015-02-18 09:55:05 <Luke-Jr> so a Debian package should not exist until that is resolved
 47 2015-02-18 09:57:06 <ciemon> Nothing's ever easy is it.
 48 2015-02-18 09:57:16 <phantomcircuit> of course not
 49 2015-02-18 09:57:45 <Luke-Jr> not in totally new fields of computer science, no
 50 2015-02-18 10:08:37 <wumpus> hehe or rather, nothing *worth doing* is ever easy
 51 2015-02-18 10:17:43 <ciemon> I haven't done any Ubuntu packaging for years. I hope BlueMatt will look at the latest release soon.
 52 2015-02-18 10:20:32 <wumpus> cfields: https://github.com/bitcoin/bitcoin/pull/5799 / https://travis-ci.org/bitcoin/bitcoin/jobs/51080203 is a mildly worrying intermittent travis issue, see my post for my observations, I don't know how to debug it further
 53 2015-02-18 10:22:47 <wumpus> the travis output is both too long and too short. Ideally if test sections (such as the build) succeed the output would not be logged, or at least collased, and if something goes wrong we'd log more specific information about the problem
 54 2015-02-18 10:23:53 <wumpus> although in a sense this already happens; the log tail is printed when the comparison tool fails, however due to all the lock/unlock spam we may be missing the reason *why* it gets disconnected
 55 2015-02-18 10:25:25 <Luke-Jr> ciemon: I think he said he'd do it when he got home, which was at like 1 AM so maybe tomorrow
 56 2015-02-18 10:33:31 <ciemon> Excellent, although I'm far from a power user.
 57 2015-02-18 10:40:14 <gmaxwell> ::sigh:: http://www.reddit.com/r/Bitcoin/comments/2wa4zo/bitcoinqt_0100_reminder_to_upgrade_your_full_node/
 58 2015-02-18 10:42:31 <justanotheruser> neato, autoupdates on -Qt
 59 2015-02-18 10:42:33 <Luke-Jr> >_<
 60 2015-02-18 10:42:49 <Luke-Jr> justanotheruser: please tell me that was sarcasm
 61 2015-02-18 10:43:24 <justanotheruser> Luke-Jr: it is convenient, who cares about some guy being able to execute whatever code he wants as super user on my machine
 62 2015-02-18 10:43:45 <Luke-Jr> â¦
 63 2015-02-18 10:43:59 <wumpus> if only it was just a backdoor for that guy :)
 64 2015-02-18 10:44:05 <Luke-Jr> passwd root \n anonymous \n anonymous
 65 2015-02-18 10:44:21 <Luke-Jr> ^ just as useful
 66 2015-02-18 10:44:33 <wumpus> this is well-meant, but completely dangerous
 67 2015-02-18 10:45:54 <sw1f7> justanotheruser laughs in the face of danger :)
 68 2015-02-18 10:46:45 <gmaxwell> I really don't want to be super negative to someone who means well, but I do not understand how someone can think echo `date +"%Y-%m-%d %H:%M:%S $RANDOM"` | md5sum | md5sum  is an acceptable way to generate passwords.
 69 2015-02-18 10:47:03 <justanotheruser> lol
 70 2015-02-18 10:47:12 <gmaxwell> If I were trying to make a backdoored script I'd consider that too obvious.
 71 2015-02-18 10:47:32 <Luke-Jr> gmaxwell: hah, you're not the average shell scripter
 72 2015-02-18 10:47:48 <gmaxwell> ($RANDOM is a 15-bit rand() output)
 73 2015-02-18 10:47:58 <Luke-Jr> to me, that looks like a serious attempt
 74 2015-02-18 10:48:31 <sw1f7> Well...his password isn't going to have problems with pre-computed hastables
 75 2015-02-18 10:48:46 <gmaxwell> I mean, I've been writing shell scripts for about 25 years and never would I have thought this reasonable. :(  it does look like a serious attempt at _something_, it certantly does lots of stuff.
 76 2015-02-18 10:48:48 <sw1f7> and statistical analysis won't be very easy either
 77 2015-02-18 10:48:52 <gmaxwell> ...
 78 2015-02-18 10:49:12 <sw1f7> Not saying I love it..but it's not like a guy in a forensics lab is gonna find that trivial
 79 2015-02-18 10:49:27 <gmaxwell> sw1f7: this is trivial and crackable in minutes if you have any idea that people are using this scheme.
 80 2015-02-18 10:49:35 <justanotheruser> sw1f7: Someone with ten days of programming eperience could figure out how to crack that
 81 2015-02-18 10:49:42 <sw1f7> yes...but so is ANYTHING
 82 2015-02-18 10:49:46 <Luke-Jr> especially if you have localhost access, and can see the modify time ;)
 83 2015-02-18 10:49:49 <gmaxwell> and the passwords can be nicely precomputed too.
 84 2015-02-18 10:49:53 <gmaxwell> sw1f7: no, thats not correct.
 85 2015-02-18 10:50:01 <sw1f7> if you assume that someone knows the scheme for generating passwords, then it is easy to break
 86 2015-02-18 10:50:26 <gmaxwell> sw1f7: Again, incorrect. You're making yourself look foolish. Try another channel.
 87 2015-02-18 10:50:42 <sw1f7> gmaxwell: educate me then
 88 2015-02-18 10:51:05 <sw1f7> and please list your assumptions
 89 2015-02-18 10:52:22 <wumpus> it's kind of rude to expect random people on IRC to educate you
 90 2015-02-18 10:52:27 <wumpus> and off topic too, here
 91 2015-02-18 10:52:48 <justanotheruser> assume the password is useful because you want to stop someone from accessing your wallet. Assume the attacker has the computation power of an average computer from 1995, assume the attacker has at least 30 seconds to pull off the attack
 92 2015-02-18 10:53:11 <justanotheruser> that may be liberal actually, but it's not too far off
 93 2015-02-18 10:54:52 <sw1f7> if it's offtopic we can leave it be. But I was assuming they'd be using an exahaustive brutefoce approach to break it.
 94 2015-02-18 10:55:29 <sw1f7> and I'm assuming you are using the password that will be used as an input to another hashing algo
 95 2015-02-18 10:55:35 <sw1f7> or crypt function
 96 2015-02-18 10:55:41 <sw1f7> but alas..off topic
 97 2015-02-18 10:55:45 <wumpus> please move this to #bitcoin
 98 2015-02-18 10:56:06 <sw1f7> and wumpus: I'm not trying to be rude. especially if someone wants to call me out. But I'll lay it to rest since it's off topic
 99 2015-02-18 10:56:46 <gmaxwell> sw1f7: I have no clue what your background is, but it's clearly not in this area.  It's trivial to set a secure key for something like this, you use a cryptographic number source directly. (e.g. od -vAn -N16 -tx8 < /dev/urandom or the like). hashing adds nothing to the security there, it's just snake oil and obfsucation.
100 2015-02-18 10:58:03 <stonecoldpat> sw1f7: only comment i'll make, for a hash function to be useful, you need to make sure its input is uniformally random. if the range of an input to a hash function is restricted, then so will be the output - so the hash function would not give you any additional security for that scheme.
101 2015-02-18 10:58:05 <gmaxwell> sw1f7: the premise of any modern cryptographic (or computer for that matter) security system is that you start by assuming the attacker knows all that you know except they keys (any other obfscuation can be logically transformed into more key knoweldge); and the systems are required to be secure in that setting.
102 2015-02-18 10:58:46 <gmaxwell> In the example here all the attacker need to is just make 32768 guesses per second of the day on the whatever days they think you might have done the install and they're in, which can be _trivially_ automated.
103 2015-02-18 10:58:46 <sw1f7> Yes..I do know that. But I'ved pm'd you out of respect for the #chan
104 2015-02-18 11:06:51 <bedeho> lol, last few minutes was a good read over lunch :D
105 2015-02-18 11:11:30 <sw1f7> :D
106 2015-02-18 11:31:15 <fanquake> ;;blocks
107 2015-02-18 11:31:16 <gribble> 344029
108 2015-02-18 11:34:03 <hearn> sipa: w00t!
109 2015-02-18 11:34:08 <hearn> sipa: i finally know how to pronounce your last name :)
110 2015-02-18 12:03:03 <fanquake> wumpus there are a couple outstanding pulls for the gitian sigs repo
111 2015-02-18 12:06:36 <wumpus> fanquake: I'll get to that
112 2015-02-18 12:06:45 <wumpus> fanquake: though Cory already did a good job replying to some
113 2015-02-18 12:06:57 <wumpus> (e.g. if the PGP key is unknown it makes no sense to merge them)
114 2015-02-18 12:07:48 <fanquake> 3/4 should be ok to merge
115 2015-02-18 12:08:23 <fanquake> no rush anyways, theâre not going anywhere
116 2015-02-18 12:31:33 <wumpus> would even be possible to automate the sigs merging; if a commit only adds files in the appropriate places (e.g. based on github username), and the gpg signature checks out, merge it
117 2015-02-18 19:01:59 <Vanta> Hey can anyone spare me a few moments and message me, need some help with Bitcoin Core.
118 2015-02-18 19:03:53 <stonecoldpat> whats your problem? better off just saying it here, then anyone who knows how to help can just answer
119 2015-02-18 19:04:33 <Vanta> I'm just a bit new to all of this, since you don't have a login to Bitcoin Core. How does it keep track of your money, like... When I format my entire PC, how will it still be there?
120 2015-02-18 19:04:59 <Vanta> Or if I want to access it from another device, how do I access my coins?
121 2015-02-18 19:05:23 <Vanta> Since there is no logins and so forth.
122 2015-02-18 19:06:21 <stonecoldpat> #bitcoin would be better for those type of questions and check out https://bitcoin.org/en/faq (should be plenty of videos online that explain better as well)
123 2015-02-18 20:14:42 <helo> is there a recent discussion about bip32 in bitcoin co[Dre?
124 2015-02-18 20:14:48 <helo> *core -.-
125 2015-02-18 20:16:21 <justanotheruser> theres a really long ago discussion where I asked about it and the response was that the wallet was supposed to be minimalistic and stable
126 2015-02-18 20:18:01 <denisx> can someone tell me how far away is block version 3 is ca.?
127 2015-02-18 20:18:03 <helo> valid long term backups seem like a minimally required feature...
128 2015-02-18 20:19:37 <helo> it goes along with saving users from the hazards of trying to reason about addresses/keys, which non-BIP32 wallets fail at
129 2015-02-18 20:20:33 <helo> i'm sure it's been rehashed so many times it's barely worth commenting on at this point. is there an old bip32 pullreq somewhere?
130 2015-02-18 20:40:40 <helo> (thanks jonasschnelli) https://github.com/bitcoin/bitcoin/issues/5761
131 2015-02-18 21:48:27 <BlueMatt> cfields: looks like we fail to build on gcc 4.4 now :(
132 2015-02-18 21:48:40 <cfields> BlueMatt: hmm?
133 2015-02-18 21:48:44 <BlueMatt> https://launchpadlibrarian.net/198078160/buildlog_ubuntu-lucid-amd64.bitcoin_0.10.0-lucid1_FAILEDTOBUILD.txt.gz
134 2015-02-18 21:48:50 <BlueMatt> helpers/memenv/memenv.cc:65: error: 'SIZE_MAX' was not declared in this scope
135 2015-02-18 21:48:55 <BlueMatt> (0.10)
136 2015-02-18 21:49:19 <BlueMatt> ubuntu 10.04 is still supported for another two months by canonical and ships gcc 4.4
137 2015-02-18 21:49:22 <cfields> BlueMatt: sure it just doesn't need a stdint include?
138 2015-02-18 21:49:35 <BlueMatt> cfields: it might, yes, but 0.10 doesnt have it :p
139 2015-02-18 21:51:09 <cfields> BlueMatt: btw, what's the reason for not just shipping the official binaries for the ppa?
140 2015-02-18 21:59:01 <BlueMatt> cfields: (a) I'd prefer to upload source than binaries, (b) Id even more prefer to upload gitian-downloader and let it do updates by checking gitian sigs but (c) I havent had time to push that to completion
141 2015-02-18 21:59:38 <BlueMatt> hmmmm.....why does bitcoin-util-test.py fail???
142 2015-02-18 21:59:48 <cfields> BlueMatt: aren't those mutually exclusive?
143 2015-02-18 22:00:02 <BlueMatt> cfields: which?
144 2015-02-18 22:00:12 <cfields> uploading source and using gitian downloader
145 2015-02-18 22:00:22 <BlueMatt> yes
146 2015-02-18 22:00:34 <BlueMatt> well, I'd prefer to upload gitian-downloader source
147 2015-02-18 22:00:55 <BlueMatt> any known reason why bitcoin-util-test.py might fail?
148 2015-02-18 22:02:29 <cfields> are you running via 'make check' ?
149 2015-02-18 22:03:09 <BlueMatt> yes
150 2015-02-18 22:03:21 <BlueMatt> ./autogen.sh && ./configure && make check
151 2015-02-18 22:04:20 <cfields> how is it failing?
152 2015-02-18 22:04:26 <BlueMatt> dunno yet, checking