16:38:45 is there dev meeting today? 16:40:45 I remember someone asking for one a couple days ago, so yes. 17:03:25 All devs still drunk from Monero anniversary ... 17:17:37 No meeting then? 17:18:24 If anyone has something to say or ask, feel free. 17:19:15 I know UkoeHB_ had been working this weekend on a particular issue summary regarding Janus handling 17:19:26 Not sure if they wanted to discuss this 17:19:51 I think ErCiccione[m] was the one who asked for a meeting. 17:20:12 I remember likewise, maybe because of the recent move back to GitHub for the Monero website 17:25:07 Weird crash: https://paste.centos.org/view/d15fd5ce 17:25:29 nothing to discuss from me, please read the issue and leave comments if possible ^.^ 17:25:37 Note the jump in timestamp from first line to second one is becayse my computer was hibernating in between 17:30:10 Ah ok UkoeHB_! 17:30:23 Lots to catch up on with your discussions with knaccc this weekend 17:42:56 binaryFate: repeatedly fails to load. 17:47:35 load what? 17:48:48 The data from the URL you posted. 17:49:23 "The connection to paste.centos.org was interrupted while the page was loading." all the time. 17:49:55 Mmm works for me without any issue over clearnet 17:50:39 what else is tor-friendly? 17:51:22 paste.debian.net is. pastebin.com usually is these days. 17:51:31 paste.ubuntu.com is also ok. 17:52:08 I suspect anything that goes cloudflare is likely to be not ok. 17:54:04 Would it be possible to set up a self-hosted pastebin? 17:54:16 Then it's understood where the data is stored and how it can be accessed 17:54:35 Surely there's a useful service that's also FOSS and can be hosted 18:01:59 agree, would be useful to us + other projects, and a nice "statement" 18:02:49 moneromooo: https://paste.debian.net/1141389/ 18:04:05 A random search found this (no clue if it's actually trustworthy): https://github.com/PrivateBin/PrivateBin 18:04:37 https://www.reddit.com/r/xmrtrader/comments/g441pp/daily_discussion_sunday_april_19th/fnwcjmp 18:05:08 Please note that that isn't a red flag for me, but one of the other mods thought I should raise it here. 18:06:14 Remind me again why we don't just use GitHub for signed release binaries? 18:06:27 We already trust GitHub (to an extent) for source 18:06:31 because GitHub are evil now 18:06:42 Sure, but everyone is ideally checking signatures anyway 18:06:58 and it provides a nice firewall between the web hosting (which provides the hashes) and the binaries 18:07:13 I get the idealism of self-hosting binaries 18:07:23 but in practice it's failed at least once 18:08:05 needbrrrrrrr90 the throttling is pretty strict on downloads and I get myself some error on a particular link/bin until I wait few tens of seconds again. It would correspond to what the post describes. 18:09:17 Would you mind commenting as such, and potentially indicating that we're looking at alternative hosting platforms (like github)? 18:10:01 I can also comment too, but I would prefer it not be second-hand if they ask more questions :) 18:10:09 (AFAIK github is not being considered by anyone for this; that was purely my question) 18:10:27 I mean. It's a valid suggestion. 18:10:29 What do you mean with platforms? Currently we do CDN -> cloudflare -> our server 18:10:30 I'd consider it lol 18:10:32 I certainly think it is 18:10:41 The throttling might come from any of these layers I'm not sure 18:11:06 Oh you mean using github to serv our binaries? 18:11:08 The suggestion of hosting binaries on GitHub (perhaps in parallel) is what I was thinking of when I said alternative hosting platforms 18:11:10 Yes 18:11:10 yes 18:11:27 Sorry, i didn't think understand people wanted to actually have the meeting at the end. Here now 18:11:28 We have a huge example of when self-hosting failed 18:11:28 Ok was not aware of that. Anyway sure I can comment to the post 18:11:47 good idea the self hosted pastebin. 18:12:03 I guess you could say this might be our Binary Fate, so to speak 👀 18:12:13 -_____- 18:12:40 To be clear, I don't particular trust Microsoft to be a good steward of so much of the open-source community 18:12:47 sarang I think it's not fair to say that self-hosting "failed". A one-off one-in-many-yeasr shit event might well occure on github as well 18:13:00 Sure, but in that case, you at least have a much bigger firewall 18:13:06 between the web hosting and the binary serving 18:13:22 Those five nines are hard to get 18:13:27 and github almost certainly has many more engineers on staff working specifically to ensure that kind of safety 18:13:41 and at that point, why not just offload the bandwidth to github? 18:13:43 they do it for free 18:13:49 If they turn evil, switch back 18:14:08 It's not like they can do anything evil except deny access 18:14:12 and that's already a risk with the source 18:14:17 yes you're right, in terms of DoS protection and bandwidth access they're probably more stable than what we can hope for on ourselves 18:14:22 I think there are basically no downsides 18:14:28 none that we don't already take on, at least 18:14:28 Because of some tin foil hat risk that they intentionally compromise our binaries, which are signed, first. Before any other project around. We would have zero canary in the proverbial coal mine. 18:14:29 not sure about access from China though 18:14:44 And sure, have an alternate self-hosting if you want 18:15:01 But if they have a method for serving binaries that's free bandwidth and with a good track record, why not take it? 18:15:07 I think its silly to assume Monero would be intentionally targeted by Microsoft, first, before any other project 18:15:09 People should always check sigs anyway 18:15:12 agreed 18:16:04 All this deserves more discussions clearly, didn't know they were ongoing if they were but yeah let's explore. 18:16:08 And again, I don't particularly trust them. But ideally this is set up so that you don't _need_ to trust them 18:16:26 You're simply using a service they provide, with plenty of distribution to account for any possible evildoing in the future 18:17:01 Even if it's not targeted, there's something icky about them IMO 18:17:09 Well, they host the source right now 18:17:21 why don't we just start seeding torrents for binaries 18:17:37 Expressed bluntly, a 1 GBit VPS is not exactly expensive 18:17:49 Hyc aren't torrents not adversarial? 18:17:51 yanmaani: I don't particulary like the idea of needing _any_ hosted service for stuff like PRs and issues and such, but it is what it is 18:18:03 There's a whole host of attacks that could bring it down afaik 18:18:07 That said, the binaries are absurdly large 18:18:10 and we have at least one example where binaries were compromised 18:18:14 like 200 MB? 18:18:31 Of course GitHub could be compromised. But self-hosting _was_ compromised 18:18:32 needbrrrrrrr90: torrents are rock solid, also I think there already are torrents 18:18:57 Rock solid until someone with a mind to throw a wrench in your distribution appears* 18:19:08 how? 18:19:11 @torrent 18:19:13 !torrent 18:19:28 hyc: check #monero 18:19:32 binaryFate: do you have a stack of the crash ? 18:19:42 Unless they've improved since I last checked, I thought torrents were vulnerable to attack (either denial of service or otherwise) 18:19:46 i ultimately think multiple solutions should be used. 18:19:50 no, I mean, how does an attacker screw up a torrent 18:19:57 i mean, if the sigs are verified it doesn't matter where it comes from 18:20:10 needbrrrrrrr90: torrents are far less vulnerable to DoS than HTTP 18:20:18 and have been this way since what, 2002? 18:20:36 Hm. I'm not sure why I'm recalling otherwise. 18:20:44 I'm probably wrong 18:21:34 +1 for torrent. We could CCS a seedbox 18:21:45 moneromooo: nope sorry :( will try to catch one next time 18:22:05 and really we only need to worry about the monero updater software downloader tool 18:22:07 did that happen? 18:22:31 so you only need to have a trusted event happen once, and then it chains trust from their 18:23:05 mooo wrote the updater tool 18:23:12 It also depends on someone to bump the update TXT records, which currently still advertise 0.15.0.1. 18:23:14 haven't seen much about it 18:23:20 ErCiccione[m]: CCS? We are not exactly dealing with terabytes of data here 18:23:39 well its always gonna require a human finger to click some buttons 18:23:41 https://security.stackexchange.com/q/76043 18:23:46 Well, it's finished. Except for the GUI part, which I'm waiting for the GUI to have gitian builds to push. 18:24:21 yanmaani: Would be just for reliability. 18:25:13 You can use web seeds for it. 18:25:21 Since it's identified by hash, safety is rather unimportant. 18:26:11 but I mean, you could just use any random VPS 18:26:15 seedboxes are way overkill 18:26:42 How are GUI det. builds going? 18:26:46 I haven't checked in with that in a while 18:28:29 It also depends on someone to bump the update TXT records, which currently still advertise 0.15.0.1. >>> who's sposed to do this? 18:29:24 pony for now, binaryFate as soon as the massive security enhanced military grade safe has been opened. 18:29:36 (allegedly) 18:29:51 https://www.youtube.com/watch?v=Sz4KgGb9HzA 18:30:34 we should be distributing updates via the monero p2p protocol ... 18:31:30 Oooh, and add twitter support. And a chat. 18:31:31 Do you really want to do down that road? 18:31:35 go* 18:32:24 if done correctly, that means all fullnodes will self-update, which removes a lot of the problem of sites not updating in time 18:32:53 They could do it right now. They can download and verify (from HTTPS though) already. 18:33:05 OTOH, it's a literal botnet with only one key compromise. 18:33:15 Piggybacking on Bittorrent seems safer and less work. 18:33:18 As well as horrible, horrible centralization 18:33:29 How about this? Add in a Bitcoin-style alert key, multisig. 18:33:46 Yu gotta be kidding. A botnet is 100% centralized by deifnition. 18:33:50 If signed by >70% of developers, propagate it 18:34:33 And devs can post messages, such as "Hardfork soon, pls update from monero-best-download.co.biz.ru.asia.tk/wp-content/login.php" 18:34:57 Or I suppose you can just add in libtorrent and call it a day. 18:39:20 using torrent protocol is less dev work, yes. more end-user work to administer bandwidth to two separate systems instead of just one 18:45:44 Well the end-user work would be the same. If you include libtorrent inside, I mean. 18:46:14 So, it gets a "signed update" message, and starts downloading, with its immediate p2p neighbors as peers, then does PEX 18:56:18 So: what's the best next step for self-hosting a pastebin? 18:56:28 That seems like an easy win for helpful functionality 18:57:11 (unless there are good reasons to avoid this that I am not thinking of) 18:58:21 github gists have version history 19:00:33 Spam is one. 19:01:13 I suppose we might not care if it gets added to robots.txt to avoid. 19:01:56 Set an auto-expire? 19:02:01 And require some kind of captcha? 19:03:11 spitballing here 19:03:35 proof of work is nicer than captcha tbh 19:03:42 but pastebins are dime a dozen 19:04:33 Well, local encryption is important 19:04:38 As in, the server can't view plaintext 19:06:06 OTOH it requires JS :) 19:06:22 a compromise is to have encryption at rest with optional client-side decryption 19:06:41 A server that can host arbitrary plaintext may run into liability issues (but I am not a lawyer) 19:07:19 nah 19:07:23 you could just dump it somewhere else 19:07:28 like on Freenet 19:07:32 that solves all the liability problems 19:08:19 all sorts of shit there but I haven't gotten any abuse notices yet 20:11:39 The throttling issue on getmonero is a bug / config problem and pigeons is looking into it. 20:15:21 GUI has its own auto update system now and we could bring it to CLI in the future, it requires GPG signatures from 2 maintainers. 20:15:39 Obviously modified to take advantage of gitian.sigs 20:17:22 19:08 Let me know if you get download failures on getmonero.org again. Should be good for now, there was a uid mismatch for the nginx cache volume 20:17:32 ^ hopefully solved now