00:58:02 https://www.microsoft.com/security/blog/2021/04/26/defending-against-cryptojacking-with-microsoft-defender-for-endpoint-and-intel-tdt/ 00:58:16 I wonder if MS finally adopted the methods from randomx-sniffer 00:58:51 they block downloading of xmrig now lol 00:59:26 sniffer would save them a lot of effort 01:23:46 hyc: surely that wouldn't help? I mean, you can just use a reverse proxy for the pool 01:24:01 or even access it over tor, or anything 01:28:00 So free CI services have never run into power viruses before? 01:56:15 seems like this is a first. among many other firsts ;) 02:00:04 using a proxy is a bit of a gabmel. the added latency may mean your solution isn't first to get published. 02:00:10 gamble* 03:32:50 hyc: a proxy will only add 2ms or so if it's correctly positioned geographically, even if it's all in software 06:41:15 https://www.microsoft.com/security/blog/2021/04/26/defending-against-cryptojacking-with-microsoft-defender-for-endpoint-and-intel-tdt/ 06:41:27 lol, even the screenshot there shows randomx-benchmark as "malware" 06:41:36 https://www.microsoft.com/security/blog/wp-content/uploads/2021/04/Malware-detection.png 12:00:54 What's the story with Argon2? Is it more "secure" than sha256? Or is that a stupid question? 12:01:12 I am asking as it came up in a project I am working on 12:01:46 Suggested as an alternative to sha256 as it is more secure against certain attacks. Is that true? 12:03:05 AFAIK argon2 is a KDF. It uses lots of RAM. SHA256 is meant to use very very little. 12:08:34 "Argon2 is a key derivation function that was selected as the winner of the Password Hashing Competition in July 2015" 12:08:41 so more secure for password hashing 12:08:52 presumably to prevent cracking leaked hashes of passwords 12:09:47 It was designed to be GPU-resistant but in reality only GPUs and ASICs mine Argon2 coins 12:44:17 hmm my version of hashcat doesn't support any mode for Argon 12:44:55 nope 12:44:58 jtr has it tho 14:13:14 it's supposed to slow down hashcat yea