19:02:12 <moneromooo> If anyone wants to try it out, it's now checks gitian.
19:03:02 <moneromooo> If anyone groks GPG well, please check the code in verify_signature. The bitflags isn't super obvious, and I'm not sure there's not a way to bypass it.
19:15:30 <KiloLima> I was thinking that maybe using a browser extension, similar to what TAILS uses to verify signatures, for Chromium and Firefox browsers may help people who don't use PGP.
19:16:22 <KiloLima> Verify their downloads from getmonero.org if they have the extension. It's open source, to the best of my knowledge, and a fork dedicated to monero distributions may help less tech savvy people
19:16:56 <KiloLima> As the currency is fungible and functions great as an Electronic Cash unlike BTC and BCH (since confidential transactions/coinjoin aren't standard practice)
19:18:51 <moneromooo> Oh, and it'd nice if it could get tested by one windows person and one mac person, since there's some rewriting since platform names aren't the same between DNS records and gitian.
19:19:07 <iDunk> error: 'sleep' was not declared in this scope
19:20:28 <moneromooo> Fixed (probably)
19:20:44 <selsta> Mine says no gitian signatures found
19:20:47 <selsta> anything I have to import ?
19:21:02 <moneromooo> No.
19:21:26 <selsta> ok -mac is -osx
19:22:48 <moneromooo> Ah, the directory name is also different -_- will fix.
19:31:18 <hyc> should really be using depends to setup the build dependencies
19:31:28 <hyc> then GUI builds wouldn't miss these things
19:32:30 <hyc> KiloLima: browser extensions are notoriously untrustworthy
19:34:40 <KiloLima> If we talk metaphorically, these are people that have unprotected sex, and a browser extension is essentially the cheapest grade condom available on the market. Replace condom with free browser extension and unprotected sex with non-verified or verifiable downloads.
19:35:16 <KiloLima> It's better than absolutely nothing and provides a veneer.
19:37:07 <hyc> moneromooo: you don't need this runtime check https://github.com/moneromooo-monero/monero-update/blob/master/src/updater.cpp#L70
19:37:25 <hyc> just use #if defined __linux__
19:37:35 <hyc>   #if defined __aarch64__
19:37:44 <hyc>  #elif defined __arm__
19:37:49 <hyc>   #endif
19:37:51 <hyc> #endif
19:38:20 <hyc> anyway your if has a typo, should be __aarch64__ not __arch64__
19:39:06 <moneromooo> So __aarch64__ is always v8, and __arm__ otherwise is v7 ?
19:39:48 <hyc> yes
19:45:51 <selsta> Is there a current min / max openssl version that is required?
19:47:54 <moneromooo> Not that I know of, though you typically want something as recent as you can get.
19:49:09 <selsta> ok both my local build and buildbot stopped building because of linking error (the ones I posted yesterday)
19:49:36 <selsta> maybe a macOS update changed the shipping openssl version
19:50:58 <hyc> btw, checking gcc here, aarch64 does not define arm
19:54:49 <rehrar> is what we discussed earlier in the day about the Linux GUI the reason it's not available for download right now?
19:55:17 <needmonero90> What happened with Monero support on old-school TREZOR?
19:55:32 <needmonero90> Was it something to do with memory constraints, so it didn't work post ring t?
19:55:36 <selsta> rehrar: linux GUI is available
19:55:39 <needmonero90> Ringct*
19:55:43 <rehrar> oh shoot, now it is.
19:55:49 <selsta> it always was lol
19:55:54 <rehrar> I kept getting some error with downloading because the file wasn't there or something
19:56:03 <rehrar> bro, I was literally clicking my mouse as hard as I could
19:56:06 <selsta> browser cache maybe
19:56:21 <needmonero90> Ctrl shift R next time
19:56:24 <rehrar> impossibru. fresh laptop
19:56:26 <needmonero90> Forced cache reload
19:56:33 <needmonero90> Rehrar: X to doubt
19:57:12 <moneromooo> At the moment, checking gitian requires two (or more) matches from TheCharlatan/hyc/iDunk. Two more people uploaded hashes. We want to give those people some weight, but less than people with existing history. I'm thinking of allowing any uploaded key, with count as one point, make well known people 3 points, and require, say, 6 points. So you'd need 2 established people or 6 randoms (or 1+3). Any
19:57:18 <moneromooo> other idea ?
19:59:40 <needmonero90> Perhaps only allow the new keys to add weight to hashes signed by known people?
20:00:00 <needmonero90> So, thecharlatan posts a hash, and three new keys sign it, or hyc/idunk signs it, it goes through
20:00:07 <needmonero90> But still requires at least one known person to vouch
20:01:18 <needmonero90> I'm only worried about sybil/long-range sybil if we allow 6+ keys from unknown people through (as they could railroad a verification without any known people)
20:01:51 <needmonero90> Basically, I see little to no benefit to letting a build be verified entirely by unknown/untrusted parties.
20:02:00 <selsta> Wouldn’t we only merge matching keys to gitian.sigs anyway?
20:02:34 <moneromooo> Matching hashes ? Yes, but someone migh be MITM the connection to github and serving fake data.
20:03:31 <moneromooo> So I'll keep it that way for now (2+ known people).
20:03:56 <moneromooo> TheCharlatan: btw, your signing key's expired, so your gitian sig gets ignored.
21:34:17 <selsta> Does monero support openssl 1.1 ?
21:34:25 <selsta> I think that’s my problem, my package manager updated to 1.1
21:34:42 <selsta> I had 1.0.2t previously
21:36:09 <selsta> https://github.com/Homebrew/homebrew-core/pull/46876 removed 3 days ago, that explains it
21:36:55 <iDunk> It does.
21:37:01 <moneromooo> Yes.
21:37:20 <selsta> ok than maybe some cmake thing because it does not work on Mac with 1.1 :/
21:40:49 <selsta> found the issue, monero builds with 1.1 but GUI links to 1.0