is there dev meeting today?

I remember someone asking for one a couple days ago, so yes.

All devs still drunk from Monero anniversary ...

No meeting then?

If anyone has something to say or ask, feel free.

I know UkoeHB_ had been working this weekend on a particular issue summary regarding Janus handling

Not sure if they wanted to discuss this

I think ErCiccione[m] was the one who asked for a meeting.

I remember likewise, maybe because of the recent move back to GitHub for the Monero website

Weird crash: paste.centos.org/view/d15fd5ce

nothing to discuss from me, please read the issue and leave comments if possible ^.^

Note the jump in timestamp from first line to second one is becayse my computer was hibernating in between

Ah ok UkoeHB_!

Lots to catch up on with your discussions with knaccc this weekend

binaryFate: repeatedly fails to load.

load what?

The data from the URL you posted.

"The connection to paste.centos.org was interrupted while the page was loading." all the time.

Mmm works for me without any issue over clearnet

what else is tor-friendly?

paste.debian.net is. pastebin.com usually is these days.

paste.ubuntu.com is also ok.

I suspect anything that goes cloudflare is likely to be not ok.

Would it be possible to set up a self-hosted pastebin?

Then it's understood where the data is stored and how it can be accessed

Surely there's a useful service that's also FOSS and can be hosted

agree, would be useful to us + other projects, and a nice "statement"

moneromooo: paste.debian.net/1141389

A random search found this (no clue if it's actually trustworthy): github.com/PrivateBin/PrivateBin

Please note that that isn't a red flag for me, but one of the other mods thought I should raise it here.

Remind me again why we don't just use GitHub for signed release binaries?

We already trust GitHub (to an extent) for source

because GitHub are evil now

Sure, but everyone is ideally checking signatures anyway

and it provides a nice firewall between the web hosting (which provides the hashes) and the binaries

I get the idealism of self-hosting binaries

but in practice it's failed at least once

needbrrrrrrr90 the throttling is pretty strict on downloads and I get myself some error on a particular link/bin until I wait few tens of seconds again. It would correspond to what the post describes.

Would you mind commenting as such, and potentially indicating that we're looking at alternative hosting platforms (like github)?

I can also comment too, but I would prefer it not be second-hand if they ask more questions :)

(AFAIK github is not being considered by anyone for this; that was purely my question)

I mean. It's a valid suggestion.

What do you mean with platforms? Currently we do CDN -> cloudflare -> our server

I'd consider it lol

I certainly think it is

The throttling might come from any of these layers I'm not sure

Oh you mean using github to serv our binaries?

The suggestion of hosting binaries on GitHub (perhaps in parallel) is what I was thinking of when I said alternative hosting platforms

Yes

yes

Sorry, i didn't think understand people wanted to actually have the meeting at the end. Here now

We have a huge example of when self-hosting failed

Ok was not aware of that. Anyway sure I can comment to the post

good idea the self hosted pastebin.

I guess you could say this might be our Binary Fate, so to speak 👀

-_____-

To be clear, I don't particular trust Microsoft to be a good steward of so much of the open-source community

sarang I think it's not fair to say that self-hosting "failed". A one-off one-in-many-yeasr shit event might well occure on github as well

Sure, but in that case, you at least have a much bigger firewall

between the web hosting and the binary serving

Those five nines are hard to get

and github almost certainly has many more engineers on staff working specifically to ensure that kind of safety

and at that point, why not just offload the bandwidth to github?

they do it for free

If they turn evil, switch back

It's not like they can do anything evil except deny access

and that's already a risk with the source

yes you're right, in terms of DoS protection and bandwidth access they're probably more stable than what we can hope for on ourselves

I think there are basically no downsides

none that we don't already take on, at least

Because of some tin foil hat risk that they intentionally compromise our binaries, which are signed, first. Before any other project around. We would have zero canary in the proverbial coal mine.

not sure about access from China though

And sure, have an alternate self-hosting if you want

But if they have a method for serving binaries that's free bandwidth and with a good track record, why not take it?

I think its silly to assume Monero would be intentionally targeted by Microsoft, first, before any other project

People should always check sigs anyway

agreed

All this deserves more discussions clearly, didn't know they were ongoing if they were but yeah let's explore.

And again, I don't particularly trust them. But ideally this is set up so that you don't _need_ to trust them

You're simply using a service they provide, with plenty of distribution to account for any possible evildoing in the future

Even if it's not targeted, there's something icky about them IMO

Well, they host the source right now

why don't we just start seeding torrents for binaries

Expressed bluntly, a 1 GBit VPS is not exactly expensive

Hyc aren't torrents not adversarial?

yanmaani: I don't particulary like the idea of needing _any_ hosted service for stuff like PRs and issues and such, but it is what it is

There's a whole host of attacks that could bring it down afaik

That said, the binaries are absurdly large

and we have at least one example where binaries were compromised

like 200 MB?

Of course GitHub could be compromised. But self-hosting _was_ compromised

needbrrrrrrr90: torrents are rock solid, also I think there already are torrents

Rock solid until someone with a mind to throw a wrench in your distribution appears*

how?

@torrent

!torrent

hyc: check #monero

binaryFate: do you have a stack of the crash ?

Unless they've improved since I last checked, I thought torrents were vulnerable to attack (either denial of service or otherwise)

i ultimately think multiple solutions should be used.

no, I mean, how does an attacker screw up a torrent

i mean, if the sigs are verified it doesn't matter where it comes from

needbrrrrrrr90: torrents are far less vulnerable to DoS than HTTP

and have been this way since what, 2002?

Hm. I'm not sure why I'm recalling otherwise.

I'm probably wrong

+1 for torrent. We could CCS a seedbox

moneromooo: nope sorry :( will try to catch one next time

and really we only need to worry about the monero updater software downloader tool

did that happen?

so you only need to have a trusted event happen once, and then it chains trust from their

mooo wrote the updater tool

It also depends on someone to bump the update TXT records, which currently still advertise 0.15.0.1.

haven't seen much about it

ErCiccione[m]: CCS? We are not exactly dealing with terabytes of data here

well its always gonna require a human finger to click some buttons

Well, it's finished. Except for the GUI part, which I'm waiting for the GUI to have gitian builds to push.

yanmaani: Would be just for reliability.

You can use web seeds for it.

Since it's identified by hash, safety is rather unimportant.

but I mean, you could just use any random VPS

seedboxes are way overkill

How are GUI det. builds going?

I haven't checked in with that in a while

<moneromooo> It also depends on someone to bump the update TXT records, which currently still advertise 0.15.0.1. >>> who's sposed to do this?

pony for now, binaryFate as soon as the massive security enhanced military grade safe has been opened.

(allegedly)

we should be distributing updates via the monero p2p protocol ...

Oooh, and add twitter support. And a chat.

Do you really want to do down that road?

go*

if done correctly, that means all fullnodes will self-update, which removes a lot of the problem of sites not updating in time

They could do it right now. They can download and verify (from HTTPS though) already.

OTOH, it's a literal botnet with only one key compromise.

Piggybacking on Bittorrent seems safer and less work.

As well as horrible, horrible centralization

How about this? Add in a Bitcoin-style alert key, multisig.

Yu gotta be kidding. A botnet is 100% centralized by deifnition.

If signed by >70% of developers, propagate it

And devs can post messages, such as "Hardfork soon, pls update from monero-best-download.co.biz.ru.asia.tk/wp-content/login.php"

Or I suppose you can just add in libtorrent and call it a day.

using torrent protocol is less dev work, yes. more end-user work to administer bandwidth to two separate systems instead of just one

Well the end-user work would be the same. If you include libtorrent inside, I mean.

So, it gets a "signed update" message, and starts downloading, with its immediate p2p neighbors as peers, then does PEX

So: what's the best next step for self-hosting a pastebin?

That seems like an easy win for helpful functionality

(unless there are good reasons to avoid this that I am not thinking of)

github gists have version history

Spam is one.

I suppose we might not care if it gets added to robots.txt to avoid.

Set an auto-expire?

And require some kind of captcha?

spitballing here

proof of work is nicer than captcha tbh

but pastebins are dime a dozen

Well, local encryption is important

As in, the server can't view plaintext

OTOH it requires JS :)

a compromise is to have encryption at rest with optional client-side decryption

A server that can host arbitrary plaintext may run into liability issues (but I am not a lawyer)

nah

you could just dump it somewhere else

like on Freenet

that solves all the liability problems

all sorts of shit there but I haven't gotten any abuse notices yet

The throttling issue on getmonero is a bug / config problem and pigeons is looking into it.

GUI has its own auto update system now and we could bring it to CLI in the future, it requires GPG signatures from 2 maintainers.

Obviously modified to take advantage of gitian.sigs

19:08 <pigeons> Let me know if you get download failures on getmonero.org again. Should be good for now, there was a uid mismatch for the nginx cache volume

^ hopefully solved now