16:38:45 <UkoeHB_> is there dev meeting today?
16:40:45 <moneromooo> I remember someone asking for one a couple days ago, so yes.
17:03:25 <rbrunner> All devs still drunk from Monero anniversary ...
17:17:37 <sarang> No meeting then?
17:18:24 <moneromooo> If anyone has something to say or ask, feel free.
17:19:15 <sarang> I know UkoeHB_ had been working this weekend on a particular issue summary regarding Janus handling
17:19:26 <sarang> Not sure if they wanted to discuss this
17:19:51 <moneromooo> I think ErCiccione[m] was the one who asked for a meeting.
17:20:12 <rbrunner> I remember likewise, maybe because of the recent move back to GitHub for the Monero website
17:25:07 <binaryFate> Weird crash: https://paste.centos.org/view/d15fd5ce
17:25:29 <UkoeHB_> nothing to discuss from me, please read the issue and leave comments if possible ^.^
17:25:37 <binaryFate> Note the jump in timestamp from first line to second one is becayse my computer was hibernating in between
17:30:10 <sarang> Ah ok UkoeHB_!
17:30:23 <sarang> Lots to catch up on with your discussions with knaccc this weekend
17:42:56 <moneromooo> binaryFate: repeatedly fails to load.
17:47:35 <binaryFate> load what?
17:48:48 <moneromooo> The data from the URL you posted.
17:49:23 <moneromooo> "The connection to paste.centos.org was interrupted while the page was loading." all the time.
17:49:55 <binaryFate> Mmm works for me without any issue over clearnet
17:50:39 <binaryFate> what else is tor-friendly?
17:51:22 <moneromooo> paste.debian.net is. pastebin.com usually is these days.
17:51:31 <moneromooo> paste.ubuntu.com is also ok.
17:52:08 <moneromooo> I suspect anything that goes cloudflare is likely to be not ok.
17:54:04 <sarang> Would it be possible to set up a self-hosted pastebin?
17:54:16 <sarang> Then it's understood where the data is stored and how it can be accessed
17:54:35 <sarang> Surely there's a useful service that's also FOSS and can be hosted
18:01:59 <binaryFate> agree, would be useful to us + other projects, and a nice "statement"
18:02:49 <binaryFate> moneromooo: https://paste.debian.net/1141389/
18:04:05 <sarang> A random search found this (no clue if it's actually trustworthy): https://github.com/PrivateBin/PrivateBin
18:04:37 <needbrrrrrrr90> https://www.reddit.com/r/xmrtrader/comments/g441pp/daily_discussion_sunday_april_19th/fnwcjmp
18:05:08 <needbrrrrrrr90> Please note that that isn't a red flag for me, but one of the other mods thought I should raise it here.
18:06:14 <sarang> Remind me again why we don't just use GitHub for signed release binaries?
18:06:27 <sarang> We already trust GitHub (to an extent) for source
18:06:31 <wizardsmoke> because GitHub are evil now
18:06:42 <sarang> Sure, but everyone is ideally checking signatures anyway
18:06:58 <sarang> and it provides a nice firewall between the web hosting (which provides the hashes) and the binaries
18:07:13 <sarang> I get the idealism of self-hosting binaries
18:07:23 <sarang> but in practice it's failed at least once
18:08:05 <binaryFate> needbrrrrrrr90 the throttling is pretty strict on downloads and I get myself some error on a particular link/bin until I wait few tens of seconds again. It would correspond to what the post describes.
18:09:17 <needbrrrrrrr90> Would you mind commenting as such, and potentially indicating that we're looking at alternative hosting platforms (like github)?
18:10:01 <needbrrrrrrr90> I can also comment too, but I would prefer it not be second-hand if they ask more questions :)
18:10:09 <sarang> (AFAIK github is not being considered by anyone for this; that was purely my question)
18:10:27 <needbrrrrrrr90> I mean. It's a valid suggestion.
18:10:29 <binaryFate> What do you mean with platforms? Currently we do CDN -> cloudflare -> our server
18:10:30 <needbrrrrrrr90> I'd consider it lol
18:10:32 <sarang> I certainly think it is
18:10:41 <binaryFate> The throttling might come from any of these layers I'm not sure
18:11:06 <binaryFate> Oh you mean using github to serv our binaries?
18:11:08 <needbrrrrrrr90> The suggestion of hosting binaries on GitHub (perhaps in parallel) is what I was thinking of when I said alternative hosting platforms
18:11:10 <needbrrrrrrr90> Yes
18:11:10 <sarang> yes
18:11:27 <ErCiccione[m]> Sorry, i didn't think understand people wanted to actually have the meeting at the end. Here now
18:11:28 <sarang> We have a huge example of when self-hosting failed
18:11:28 <binaryFate> Ok was not aware of that. Anyway sure I can comment to the post
18:11:47 <ErCiccione[m]> good idea the self hosted pastebin.
18:12:03 <needbrrrrrrr90> I guess you could say this might be our Binary Fate, so to speak 👀
18:12:13 <sarang> -_____-
18:12:40 <sarang> To be clear, I don't particular trust Microsoft to be a good steward of so much of the open-source community
18:12:47 <binaryFate> sarang I think it's not fair to say that self-hosting "failed". A one-off one-in-many-yeasr shit event might well occure on github as well
18:13:00 <sarang> Sure, but in that case, you at least have a much bigger firewall
18:13:06 <sarang> between the web hosting and the binary serving
18:13:22 <needbrrrrrrr90> Those five nines are hard to get
18:13:27 <sarang> and github almost certainly has many more engineers on staff working specifically to ensure that kind of safety
18:13:41 <sarang> and at that point, why not just offload the bandwidth to github?
18:13:43 <sarang> they do it for free
18:13:49 <sarang> If they turn evil, switch back
18:14:08 <sarang> It's not like they can do anything evil except deny access
18:14:12 <sarang> and that's already a risk with the source
18:14:17 <binaryFate> yes you're right, in terms of DoS protection and bandwidth access they're probably more stable than what we can hope for on ourselves
18:14:22 <sarang> I think there are basically no downsides
18:14:28 <sarang> none that we don't already take on, at least
18:14:28 <needbrrrrrrr90> Because of some tin foil hat risk that they intentionally compromise our binaries, which are signed, first. Before any other project around. We would have zero canary in the proverbial coal mine.
18:14:29 <binaryFate> not sure about access from China though
18:14:44 <sarang> And sure, have an alternate self-hosting if you want
18:15:01 <sarang> But if they have a method for serving binaries that's free bandwidth and with a good track record, why not take it?
18:15:07 <needbrrrrrrr90> I think its silly to assume Monero would be intentionally targeted by Microsoft, first, before any other project
18:15:09 <sarang> People should always check sigs anyway
18:15:12 <sarang> agreed
18:16:04 <binaryFate> All this deserves more discussions clearly, didn't know they were ongoing if they were but yeah let's explore.
18:16:08 <sarang> And again, I don't particularly trust them. But ideally this is set up so that you don't _need_ to trust them
18:16:26 <sarang> You're simply using a service they provide, with plenty of distribution to account for any possible evildoing in the future
18:17:01 <yanmaani> Even if it's not targeted, there's something icky about them IMO
18:17:09 <sarang> Well, they host the source right now
18:17:21 <hyc> why don't we just start seeding torrents for binaries
18:17:37 <yanmaani> Expressed bluntly, a 1 GBit VPS is not exactly expensive
18:17:49 <needbrrrrrrr90> Hyc aren't torrents not adversarial?
18:17:51 <sarang> yanmaani: I don't particulary like the idea of needing _any_ hosted service for stuff like PRs and issues and such, but it is what it is
18:18:03 <needbrrrrrrr90> There's a whole host of attacks that could bring it down afaik
18:18:07 <yanmaani> That said, the binaries are absurdly large
18:18:10 <sarang> and we have at least one example where binaries were compromised
18:18:14 <yanmaani> like 200 MB?
18:18:31 <sarang> Of course GitHub could be compromised. But self-hosting _was_ compromised
18:18:32 <yanmaani> needbrrrrrrr90: torrents are rock solid, also I think there already are torrents
18:18:57 <needbrrrrrrr90> Rock solid until someone with a mind to throw a wrench in your distribution appears*
18:19:08 <hyc> how?
18:19:11 <yanmaani> @torrent
18:19:13 <yanmaani> !torrent
18:19:28 <yanmaani> hyc: check #monero
18:19:32 <moneromooo> binaryFate: do you have a stack of the crash ?
18:19:42 <needbrrrrrrr90> Unless they've improved since I last checked, I thought torrents were vulnerable to attack (either denial of service or otherwise)
18:19:46 <gingeropolous> i ultimately think multiple solutions should be used.
18:19:50 <hyc> no, I mean, how does an attacker screw up a torrent
18:19:57 <gingeropolous> i mean, if the sigs are verified it doesn't matter where it comes from
18:20:10 <yanmaani> needbrrrrrrr90: torrents are far less vulnerable to DoS than HTTP
18:20:18 <yanmaani> and have been this way since what, 2002?
18:20:36 <needbrrrrrrr90> Hm. I'm not sure why I'm recalling otherwise.
18:20:44 <needbrrrrrrr90> I'm probably wrong
18:21:34 <ErCiccione[m]> +1 for torrent. We could CCS a seedbox
18:21:45 <binaryFate> moneromooo: nope sorry :( will try to catch one next time
18:22:05 <gingeropolous> and really we only need to worry about the monero updater software downloader tool
18:22:07 <gingeropolous> did that happen?
18:22:31 <gingeropolous> so you only need to have a trusted event happen once, and then it chains trust from their
18:23:05 <hyc> mooo wrote the updater tool
18:23:12 <moneromooo> It also depends on someone to bump the update TXT records, which currently still advertise 0.15.0.1.
18:23:14 <hyc> haven't seen much about it
18:23:20 <yanmaani> ErCiccione[m]: CCS? We are not exactly dealing with terabytes of data here
18:23:39 <gingeropolous> well its always gonna require a human finger to click some buttons
18:23:41 <needbrrrrrrr90> https://security.stackexchange.com/q/76043
18:23:46 <moneromooo> Well, it's finished. Except for the GUI part, which I'm waiting for the GUI to have gitian builds to push.
18:24:21 <ErCiccione[m]> yanmaani: Would be just for reliability.
18:25:13 <yanmaani> You can use web seeds for it.
18:25:21 <yanmaani> Since it's identified by hash, safety is rather unimportant.
18:26:11 <yanmaani> but I mean, you could just use any random VPS
18:26:15 <yanmaani> seedboxes are way overkill
18:26:42 <sarang> How are GUI det. builds going?
18:26:46 <sarang> I haven't checked in with that in a while
18:28:29 <gingeropolous> <moneromooo> It also depends on someone to bump the update TXT records, which currently still advertise 0.15.0.1. >>> who's sposed to do this?
18:29:24 <moneromooo> pony for now, binaryFate as soon as the massive security enhanced military grade safe has been opened.
18:29:36 <moneromooo> (allegedly)
18:29:51 <sarang> https://www.youtube.com/watch?v=Sz4KgGb9HzA
18:30:34 <hyc> we should be distributing updates via the monero p2p protocol ...
18:31:30 <moneromooo> Oooh, and add twitter support. And a chat.
18:31:31 <yanmaani> Do you really want to do down that road?
18:31:35 <yanmaani> go*
18:32:24 <hyc> if done correctly, that means all fullnodes will self-update, which removes a lot of the problem of sites not updating in time
18:32:53 <moneromooo> They could do it right now. They can download and verify (from HTTPS though) already.
18:33:05 <yanmaani> OTOH, it's a literal botnet with only one key compromise.
18:33:15 <moneromooo> Piggybacking on Bittorrent seems safer and less work.
18:33:18 <yanmaani> As well as horrible, horrible centralization
18:33:29 <yanmaani> How about this? Add in a Bitcoin-style alert key, multisig.
18:33:46 <moneromooo> Yu gotta be kidding. A botnet is 100% centralized by deifnition.
18:33:50 <yanmaani> If signed by >70% of developers, propagate it
18:34:33 <yanmaani> And devs can post messages, such as "Hardfork soon, pls update from monero-best-download.co.biz.ru.asia.tk/wp-content/login.php"
18:34:57 <yanmaani> Or I suppose you can just add in libtorrent and call it a day.
18:39:20 <hyc> using torrent protocol is less dev work, yes. more end-user work to administer bandwidth to two separate systems instead of just one
18:45:44 <yanmaani> Well the end-user work would be the same. If you include libtorrent inside, I mean.
18:46:14 <yanmaani> So, it gets a "signed update" message, and starts downloading, with its immediate p2p neighbors as peers, then does PEX
18:56:18 <sarang> So: what's the best next step for self-hosting a pastebin?
18:56:28 <sarang> That seems like an easy win for helpful functionality
18:57:11 <sarang> (unless there are good reasons to avoid this that I am not thinking of)
18:58:21 <kinghat[m]> github gists have version history
19:00:33 <moneromooo> Spam is one.
19:01:13 <moneromooo> I suppose we might not care if it gets added to robots.txt to avoid.
19:01:56 <sarang> Set an auto-expire?
19:02:01 <sarang> And require some kind of captcha?
19:03:11 <sarang> spitballing here
19:03:35 <yanmaani> proof of work is nicer than captcha tbh
19:03:42 <yanmaani> but pastebins are dime a dozen
19:04:33 <sarang> Well, local encryption is important
19:04:38 <sarang> As in, the server can't view plaintext
19:06:06 <yanmaani> OTOH it requires JS :)
19:06:22 <yanmaani> a compromise is to have encryption at rest with optional client-side decryption
19:06:41 <sarang> A server that can host arbitrary plaintext may run into liability issues (but I am not a lawyer)
19:07:19 <yanmaani> nah
19:07:23 <yanmaani> you could just dump it somewhere else
19:07:28 <yanmaani> like on Freenet
19:07:32 <yanmaani> that solves all the liability problems
19:08:19 <yanmaani> all sorts of shit there but I haven't gotten any abuse notices yet
20:11:39 <selsta> The throttling issue on getmonero is a bug / config problem and pigeons is looking into it.
20:15:21 <selsta> GUI has its own auto update system now and we could bring it to CLI in the future, it requires GPG signatures from 2 maintainers.
20:15:39 <selsta> Obviously modified to take advantage of gitian.sigs
20:17:22 <selsta> 19:08 <pigeons> Let me know if you get download failures on getmonero.org again. Should be good for now, there was a uid mismatch for the nginx cache volume
20:17:32 <selsta> ^ hopefully solved now