00:40:04 /msg NickServ VERIFY REGISTER slighty_toasted nqhgwdsogxfh 00:41:27 dont worry about fucking up sending that, it's not a password or a secret token 00:41:39 it's a one time use string for email verification. happens to the best of us 00:42:05 I guess copy/pasting it doesnt activate the /msg command 00:42:18 it does, but you copied a space before the / 00:42:26 aha 00:42:32 easily done 00:47:14 I'd like to run a full node, I assume that means a full 75gb download 00:48:09 95GB as of right now 00:49:30 Does a service similar to torservers.net exist but for monero nodes? 00:50:24 With the influx of people wanting to set up VPS nodes but not being technically capable of doing so I think it's a great idea 00:51:11 mark_bleep[m]: you can also run a pruned node which is about 35GB now 00:51:33 K. Thx. Is there somewhere that tracks size and growth rate of these ledgers? Would be interesting to compile if not. 00:52:29 Agreed. 00:53:04 mark_bleep[m] I'm not aware of any services providing that information accurately 00:53:07 What's the difference? Can it still process transactions? 00:53:37 yes you can 00:54:05 mark_bleep[m] 1/3 the blockchain size, 1/8 the network contribution, 100% same functionality as full node. 00:54:08 So, what's the point of a full node beyond archive? 00:54:24 if you do go that way sync pruned to start, not aftaer syncing the whole chain 00:54:30 Ah, ok. 1/8 contribution is the difference 00:55:38 I run a full node cause it's only 95GB 00:56:11 Size is meaningless given storage cost, but getting a new node online seems like it should be a focus is it's going to be a real primary monetary tool. 00:56:25 also HDD is slow to initially sync vs an SSD 00:57:07 takes the same amount of time to do an initial sync for full or pruned node 00:57:59 "1/8 contribution is the difference" <-- 1/8th of some historical data, but it fully contributes propagating transactions and blocks 00:58:01 I believe it still needs to verify all the blocks 01:39:27 8 is running good so far no block list. Height: 2263929/2263929 (100.0%) on mainnet, not mining, net hash 1.84 GH/s, v14, 12(out)+34(in) connections, uptime 0d 2h 15m 15s 04:38:15 is block.txt anymore updated since there is now the enable-dns-blocklist? 04:38:50 yes, I will keep updating it 07:07:27 looks like the "bad actors" nodes are stuck at 2263960 lol! 07:07:37 block height that is 07:20:58 Both 2263960 and 2263958 07:28:57 Well that's great news seeing that they are not functioning. 08:12:02 selsta: enable dns blocklist is using your online txt as source and no need to update any file locally? 08:12:08 why are these people doing this? 09:34:53 jess: I can tell you why you can't stop the 'spam'. You are thinking in cult doctrine. If it was real spam, and I was selling Viagra for example - you could easily ban keywords and urls. Instead, stop being a sheep, think like a cult leader. Recoginse that this 'spam' is just some bullshit that you tell to the sheep. 10:12:04 what an idiot well-kicked ™️ 10:14:52 I don't understand this 10:15:05 mark_bleep[m]: ignore 10:15:47 09:12 selsta: enable dns blocklist is using your online txt as source and no need to update any file locally? <-- correct 10:46:08 Will you HODL XMR or sell it to buy Tari when it comes out? 10:46:32 sell of course 10:46:43 is that even an honest question? 10:46:46 idiot. 10:50:09 we demand better trolls 10:50:47 actually there's a telegram OTC brokerage selling Tari IOUs. Maybe I should hook fireice with a contact over there, he seems very interested 10:51:14 I have my fair share with NFT stuff with Btc already, but... whatever floats your boat. 10:52:08 wtf is tari 10:52:25 and of course there's somebody on telegram shilling it... 10:53:48 hehehe 11:51:10 raecarruth: Monero merge-mined sidechain focused on digital assets 11:51:33 ok 12:10:46 It is ... not really comparable to private p2p money 13:48:18 Howdy. 13:48:29 howdy 14:02:00 whatever happened to xmr being on binance? 14:04:37 it still is 14:05:36 not for americans :v 14:05:59 https://www.binance.com/en/trade/XMR_BTC 14:06:17 yeah, binance.us has no such option, though 14:06:31 wild. oh well, i'll switch to kraken. 14:06:31 really 14:18:18 If dex delists xmr further thats could be problematic? Cause localmonero users force you to ID too and noone wants to give that info to some random guy on the net 14:18:52 Hello! My GUI wallet is convinced that I have my keyfile already opened (Couldn't open wallet: internal error: "..." is opened by another wallet program). (Linux 0.17.1.8). Anybody know how to get passed that? 14:19:39 Restarting your computer might work. 14:20:23 salsta: I am on a Linux system. 14:21:08 the former Head of XRP Institutional Liquidity for Ripple is the current CEO of binance.us. That might have something to do with XMR not being supported. 14:21:37 they really liked to trace where their XRP went 14:23:30 rupee, hah! 14:28:50 Anybody know how the UI keeps track of locked wallet files? There are no active processes and I do not see any .locked files are anything that would suggest that the wallet is locked. Ofcause I would look through the source but I am just feeling lazy. ;-) 14:28:57 elchupacabra420[ yeah, that's why atomic swaps will help in this situation a lot 14:29:24 but I don't think DEX can delist monero, because it's decentralized tho;D 14:31:14 nobody[m]: XMR never used to be on Binance US 14:31:34 Minimons: A reboot is still advisable 14:41:36 the fact that the error does not appear until after you enter your password, makes me suspect the information is stored in the wallet cache somehow. but yeah I'd reboot before getting all crazy with the wallet cache 14:42:48 Hi 14:42:56 I’m from the government and I’m here to help 14:45:05 Must be you're first time then. 14:45:39 never remembered a helpful gov. 14:46:17 They want to help you part with your money 14:50:46 It's for your safety 14:53:27 :) 14:57:50 hey guys, what's the difference between DCC CHAT and MSG? my understanding is that DCC CHAT is unencrypted and directly between the two participants while CHAT goes through the server and is encrypted if TLS is used, correct? 14:58:24 Lyza - I talked with dEBRUYNE about it. The problem is that the UI misunderstands a 'permission denied' for 'file is open by another process'. Fixing the permissions makes it work again but it misleads the user. I promissed to create an issue on github (when I get sober again) ;-) 14:58:45 oh fuck, wrong channel 14:59:10 The fix for the '2 blocks remaining' in .8 works GREAT. Thanks my HEROs for that update! 14:59:10 f9ad5567e6e1e4a88213190cbde6d974265640438e9f2de41ce0d4839cb021f4 monero-gui-mac-x64-v0.17.1.8.dmg 14:59:20 that hash doesn't match getmonero.org 15:00:03 it matches this one: https://www.getmonero.org/downloads/hashes.txt 15:00:25 but not the Verify Hashes part of this page https://www.getmonero.org/downloads/#gui 15:01:20 Check if it's not an old release that is displayed 15:01:34 looks ok here 15:02:09 after refreshing the page it matches 15:02:15 maybe I had the tab open a while 15:02:28 thanks for double checking 15:03:11 maybe some caching 15:03:30 rupee, I've had that issue too. I always open the download page in an incognito browser window to prevent that now. 15:12:57 selsta possibly bad IP 64.225.123.149 (stuck at same block 2263960 for am long time "sychronizing") 15:13:07 so monero mining is best with CPU not GPU right? 15:16:39 monerouser1144: added 15:18:22 ayahuaza: correct 15:21:19 what hash algo does monero use 15:21:30 i hope it's something pog like scrypt 15:23:08 For PoW ? Custom one called randomx. Otherwise mostly keccak (pre-standard AES). 15:23:08 RandomX? 15:23:26 er, pre standard SHA3. 15:23:27 same timing :D 15:23:38 interesting 15:25:14 It exploits strengths of current microprocessors to keep ASICs from being so much more dominant. It's slow to verify though, which is a very annoying drawback. 15:34:07 Following up yesterday's thoughts about creating resilient monero public nodes, has anyone worked on an AppArmor profile for monerod yet? (note: AppArmor is like SELinux, and can be used to prevent an exploit to a daemon from escalating). 15:37:23 my updated node went down. how can i find out why? ~/.bitmonero/bitmonero.conf didn't display anything 15:37:43 more attacks 15:37:51 different one this time 15:38:12 what's up with that CipherTrace monero transaction tracing tool? 15:38:30 monerouser1144: it's on my list of TODO (with lots of other time consuming things)... 15:39:51 or was it just to scare people? 15:40:45 it's to make money 15:40:55 ayahuaza: mostly big talk, they could be able to trace some old tx as monero was lacking in some areas back then, but they can only guess when it comes to newer tx 15:41:02 without any real capabilities 15:42:03 I have been connecting to moneroworld node without incident for cli wallet 15:42:04 fair enuf 15:53:12 what's the best way one could provide strength to monero network, by running a full node? 15:53:36 ayahuaza: yes! 15:57:34 SerHack to running public full node + Tor or i2p? is safest bet? 15:59:56 Has anyone tried running HAproxy in front of monerod ? http://cbonte.github.io/haproxy-dconv/2.4/intro.html#3 16:31:03 <_I3^RELATIVISM> its a shame anonimal stop developing kovri because of all the monero people nonsense 16:31:29 <_I3^RELATIVISM> garlic routing inside onion routing is a interesting concept 16:31:51 he decided to stop developing kovri because he wanted to work on other things 16:31:56 not because monero people wanted it stopped? 16:32:40 <_I3^RELATIVISM> not really the backlash from some usuless pwoplw was the incentive for him to stop 16:32:56 <_I3^RELATIVISM> not because he "wanted" 16:32:59 <_I3^RELATIVISM> selsta: 16:33:07 it isn't because nobody uses i2p... 16:33:12 wasn't kovri just different implementation of i2p? 16:33:19 <_I3^RELATIVISM> no onf 16:33:30 <_I3^RELATIVISM> I2P is garlic routing 16:33:41 why is it called garlic 16:33:45 <_I3^RELATIVISM> kovri was garlic routing inside onion routing 16:33:45 A different router, for the same protocol (mostly). 16:33:47 garlic doesn't have layers like an onion does 16:33:53 <_I3^RELATIVISM> which is what tor uses 16:34:03 <_I3^RELATIVISM> moneromooo: not really 16:34:12 <_I3^RELATIVISM> they are 2 diferent concepts 16:34:29 <_I3^RELATIVISM> garlic routing you bundle packets in a clove 16:34:47 <_I3^RELATIVISM> so you encrypt bundle packets toghether 16:34:53 i know i2p is faster than tor, but is it safer? 16:34:54 <_I3^RELATIVISM> so no packet can be targeted 16:35:11 <_I3^RELATIVISM> while in onion routing(akator) 16:35:26 I2P and kovri are both not tor... 16:35:35 ayahuaza: it's not faster, but it's decentralized unlike tor 16:35:40 <_I3^RELATIVISM> you just encrypt each packet seperate protected by encryption layer 16:35:46 ayahuaza: which actually leads to it being slower 16:35:56 oowh okay, well then someone lied to me on the net 16:36:01 ty onf 16:36:06 <_I3^RELATIVISM> onf: both are decentrlized 16:36:16 <_I3^RELATIVISM> ayahuaza: 16:36:36 _I3^RELATIVISM: not really, in tor there are centralized authorities afaik 16:36:40 but I heard of exploits when running exit node 16:36:42 <_I3^RELATIVISM> the only deiferenced is oe uses garlic routing while another uses onion routing 16:36:52 on TOR 16:36:57 <_I3^RELATIVISM> onf: that is not truth 16:37:14 Directory auths are semi centralized. 16:37:30 Wait. I'm getting pulled in. Mistake :D 16:37:33 _I3^RELATIVISM: aha, so why does anonimal list it as one of the two issues with tor in kovri proposal? 16:38:05 (kinda like seed nodes in monero, actually) 16:38:25 centralized authorities in tor? o_0 16:38:28 since when? 16:39:23 <_I3^RELATIVISM> ^^ "KOVRI was garlic routing inside onion routing. They are 2 different concepts. Garlic routing, you bundle packets in a clove so you encrypt bundled packets together so no packet can be targeted. While in onion routing (akaTOR) you just encrypt each packet separate protected by encryption layers." 16:40:34 do you mean https://gitlab.com/sekreta/sekreta/ ? 16:40:40 because Kovri is based on the I2P spec 16:40:49 <_I3^RELATIVISM> its called garlic given the structure of a gralic with cloves and onion given the onion layers 16:41:23 <_I3^RELATIVISM> selsta: exactly kovri is based of I2Pd but it is not just that 16:41:40 <_I3^RELATIVISM> it uses TOR like onion routing inside each clove 16:42:07 <_I3^RELATIVISM> so being "based of" is not the same thing as being "equal to" selsta 16:42:53 <_I3^RELATIVISM> that is why it is a fork of it 16:43:07 <_I3^RELATIVISM> if not one would just use I2Pd 16:44:23 <_I3^RELATIVISM> trully a shame, hopefully one day project gets restarted, preferebly outside monero, so the same thing doesnt happend again. 16:44:34 ayahuaza: well either way, there are several core differences between tor and i2p in how the network works: 1. in tor, volunteers run nodes that route traffic, in i2p everyone routes traffic by default (this leads to strong decentralization, but also slow users can (and do) bottleneck the network's speed) 2. tor was primarily built as a way to anonymize connections to clearnet with exit nodes being 16:44:34 <_I3^RELATIVISM> anyway Cheers. 16:44:40 significant part of the design, while in i2p the so called outproxies to the clearnet are ad-hoc services similar to tor gateways on the clearnet 16:45:31 <_I3^RELATIVISM> agreed 16:46:13 <_I3^RELATIVISM> is anybody else here interested in restarting such project btw? 16:47:55 It sounds interesting, but I have neither the time nor domain knowledge. 16:48:15 If it does get mostly finished, I could help plugging it in though. 16:53:37 hi 16:54:09 the attacker must have come up with a new attack. my node with no blocklist has ohnly been up for 6 minutes 16:54:27 Yes, they did. 16:54:57 is there anything i can do to help? 16:55:07 I don't think so. 16:55:26 7243 might be enough to fix. Otherwise a second patchj will get in when a dep is merged first. 16:56:18 ok i'll run with --enable-dns-blocklist and see what happens when the new release comes out 16:56:30 dns blocklist does not block tor currently 16:57:07 in that case i'll just use the banlist 17:00:29 fwiw I use monerod with selsta's smaller block.txt (187 IPs) & --enable-dns-blocklist . And at the system level I use iptables+ipset that blocks all tor exit nodes (1745 IPs). Works fine and never had a problem during the past month. 17:00:32 h2017: actually, somthing you can do to help: 17:01:19 Merge 7228, then 7244, then https://paste.debian.net/hidden/cdd5ded0/ and see if you get any more trouble. 17:02:04 i'll look it into. no promises. i'm not that familiar with git 17:02:39 pray you never have to be 17:04:12 And pray you never have to be familiar with anything useful either. 17:06:19 I admit it is kinda useful 17:06:32 HAPPY NEW YEAR 17:07:51 marmulak: seems kinda early 17:08:19 not in Australia! 17:08:26 oh :D 17:08:30 happy new year then :) 17:08:42 and soon the rest of the world 17:10:49 yeah happy new year all, may you all be equanimous 17:12:02 "The I2P network does not officially "Exit" traffic. It has outproxies to the Internet run by volunteers, which are centralized services. I2P is primarily a hidden service network and outproxying is not an official function, nor is it advised. The privacy benefits you get from participating in the the I2P network come from remaining in the network and not accessing the internet. I2P recommends that you use Tor Browser or a trusted VPN when you 17:12:02 want to browse the Internet privately." 17:12:24 That's what I said 17:12:42 indeed, thanks onf 17:13:58 np 17:14:09 Kinda like a p2p bulletinBoard? 17:14:13 Put together a (hopefully) simple guide to installing monerod as a systemd service on any Ubuntu/Debian box: https://sethsimmons.me/guides/run-a-monero-node/ 17:14:13 Would love any feedback you all may have before I share it more widely. 17:14:54 damn. someone posted a systemd thing to help with the memory exhaustion 17:14:58 anyone remember where / who it was? 17:15:42 https://www.freedesktop.org/software/systemd/man/systemd.exec.html#LimitCPU= 17:15:50 https://serverfault.com/questions/772301/how-to-limit-memory-for-a-service-managed-by-systemd 17:16:07 it was like memory accounting or something 17:16:11 It wouldn't help, per se, but would reboot the node if it hit that limit 17:16:35 goddamnit reddits search is useless. pretty sure it was reddit 17:16:58 It was here IIRC, just not sure which channel/who it was 17:19:10 ah sweet. i can grep logs. thanks 17:31:41 anyone running without ban list and can say if the attack is still ongoing? 17:31:57 I am running with DNSBL and no issues so far. 17:32:34 might be because you have enough RAM 17:32:38 to survive the attack 17:33:04 Still ongoing, logs show I got one 3 minutes ago. 17:33:06 Possible, but I haven’t seen any undue usage. 17:33:40 Actually, 3 mins ago, 4 mins ago, 4 mins ago. Busy. 17:34:06 * sethsimmons uploaded an image: ima_b46a068.jpeg (219KiB) < https://matrix.org/_matrix/media/r0/download/matrix.org/SmgEvnGmStisLsHDlkirGBRH/ima_b46a068.jpeg > 17:34:17 The major RAM usage drop-off was me restarting for a config change. 17:35:47 Not sure if this is worth a look - https://github.com/konstruktoid/ansible-role-hardening 17:36:06 haven't seen anything ram dropping in the past 6h selsta 17:36:10 selsta: I' m running a node without ban list. Attack seeems to be ongoing 17:36:28 M5M400: they use tor 17:37:03 ye. I iptabled off a good chunk of exit nodes 17:37:52 had very big ram usage, one last spike gave it the final blow 17:38:11 Almost resynced again, let's see what happens 17:38:48 ackdroid those hardening rules are for a generic server, I think we need to tailor them to a monero node. 17:38:56 been pretty quiet since yesterday https://i.imgur.com/zDHQqVB.png 17:40:10 My monerod is at ~500MB RES, 43.1GB VIRT 17:41:59 Supernoob here curious about crypto. Can anyone explain how Monero is more private than btc when all crypto transactions need to pass through 'know your customer' institutions anyway to convert to and from fiat? It seems that all crypto is non-private in the end. 17:43:59 with btc you know what address a tx was sent from, what address it was sent to, how much the tx was for and how much change went back to you 17:44:15 with monero none of that info is public 17:44:52 M5M400, can you explain how you got monerod to sync fast? I swear I had seen you had a way to sync faster a few weeks back? 17:45:26 thanks, nioc. Makes sense. 17:47:14 :) 17:48:15 sethsimmons I quickly glanced over your systemd scripts and one comment is that I'd create a separate monero user and put everything under /home/monero (instead of the default user) 17:49:12 PS: I'm referring to the instructions at https://sethsimmons.me/guides/run-a-monero-node/ 17:49:48 Also, until an AppArmor profile is ready, one could use systemd to harden the daemon. 17:49:55 Kronovestan: just 1gbit, nvme and 128 in/out peers. and a bunch of other nodes in the same DC (hetzner) 17:50:19 Good idea, rather than leaving it as whatever user they get, which can be root. 17:50:23 Can standardize docs then too 17:50:28 I’ll make thoise changes! 17:51:54 slipcritical: realistically speaking, it's not incredibly difficult to obtain XMR without KYC 17:52:32 Well, I have to head back home for New Year's eve. Happy new year everyone, with health and happiness :-) 17:53:00 KYC is certainly a pain in the ass, but is so easy to get around that it's not an issue for most people. 17:54:12 M5M400, ah ok it's the peer number I'm missing. What about syncing from a local node on the same network? like 10.0.0.2 syncing to 10.0.0.3? Just add priority node right? Would that be faster? 17:55:41 and even if you do opt in for a KYC exchange, the only information that's really collected is that you're buying and selling the coin - what you do while on the network is entirely anonymous. an apt metaphor would be that a survellience camera on your street can watch you go to and from your home every day, but doesn't know what you're upto when you're at said home. 17:55:49 Mining is KYC free :) 17:57:19 mining is something i don't understand well enough to explain. 17:57:19 But it's easy! https://www.youtube.com/watch?v=RXJKdh1KZ0w 17:57:27 especially in regards to how it's profitable 17:57:32 considering the cost of power in the US 18:25:07 moneromooo, i put the data-dir under /var/lib/monorod 18:26:09 sorry meant for monerouser1144 18:37:22 nobody[m], that's the key to understand... you're "buying xmr" with your power bill when you mine. Now unless the power company does KYC .... lol 19:12:24 Despite youve some deeper electrian skills or house in Uruguay... 19:55:05 Monero can't be fully decentralized.. can it? 19:55:55 Define "fully decentralized" 19:56:40 the nodes where you first start your sync if you don't have any of the blockchain data 19:57:02 Kronovestan: the project as a whole definitely can't as it needs a centralized group of developers. 20:00:15 That's a common problem among all decentralized networks. I2P has the same issue. 20:01:44 So until someone figures out how to solve this bootstrapping problem, we need a few hardcoded nodes to act as an entry point to the network 20:02:18 The seed nodes are semi centralised. They're run by various people. I run one. 20:02:44 They do not have particular powers others don't have though, and you dont have to use them, you can use --add-exclusive-node IPHERE. 20:02:57 Then you'll get your first peer list from that node, then you can run normally. 20:17:27 moneromooo, ah gotcha... it works kind of like a bittorent 20:19:07 something just crashed my new node!! 20:21:08 it was runing for a couple days [killed] 20:21:33 agentpatience: which block list are you using? also which version? 20:24:11 i used the latest from yesterday it was like 24K in length if I recall 20:25:18 https://ibb.co/9sbbz7X 20:25:50 block_tor.txt 20:25:55 please restart it again 20:26:18 and wait until v0.17.1.9 is out 20:26:26 you might also want to use https://gui.xmr.pm/files/block_tor_new.txt it includes more IPs 20:26:31 what do you guys think about pivx? 20:29:27 looks good on paper, but as I heard lots of design flaws 20:31:54 selsta, can you please append ll the ip to just one file? It is hard to version track this stuff... 20:32:06 *all 20:32:12 https://gui.xmr.pm/files/block_tor_new.txt includes all IPs 20:32:34 yea but you keep changing it how the hell is anyone on www supposed to know about this? 20:32:45 you keep changing filename? 20:32:52 I ask people to use https://gui.xmr.pm/files/block_tor.txt and if they still have issues to use https://gui.xmr.pm/files/block_tor_new.txt 20:33:03 block_tor_new might contain a couple false positives 20:33:09 keep it the same so we don't have to keep wondering what the next variant is? 20:34:06 calm down buddy 20:34:20 it is confusing :P 20:34:22 Hes doing this for free on his own time 20:34:36 block_tor_new is not a good name I agree 20:34:39 some poor bastard that wants to try out monero trading doesn't know about any of this shit, and really its a goofy workaround. The block list file shouldn't change its ID it complicates things even more to the people that know about it. 20:34:52 then use the DNSBL 20:34:55 That wont change 20:35:03 —enable-dns-blocklist 20:35:07 DNS does not contain Tor 20:35:47 I would rather have some more crashes than a lot of legit nodes getting banned 20:35:52 if you are going to release a new version at least but in the notes that you need to pull a certain block list to circumvent KILLS lol, ? 20:36:21 it’s a different attack 20:36:30 we can’t predict that lol 20:36:36 <_I3^RELATIVISM> contribute instead of complaining agentpatience 20:37:05 <_I3^RELATIVISM> and patience would help agentpatience 20:38:04 <_I3^RELATIVISM> sorry if you are offended but such types or demands are nor helpfull or productive 20:38:23 <_I3^RELATIVISM> Im not a active meber of monero though just my own opinion 20:42:14 Is this not a default for monerod? Mine keeps crashing I assume this would help a bit? 20:42:19 I hear ya selsta. I don't mean to sound off 20:42:49 No, and it shouldnt ever be a default as its by definition centralized. 20:43:28 mark_bleep[m]: --enable-dns-blocklist does not contain tor so your node will keep crashing 20:43:46 <_I3^RELATIVISM "and patience would help agentpat"> Ironic.... Still I don't see demands more firm criticism which don't appear to be ignored so I think everyone's on the same page actually 20:43:50 I am restarting the nodewith -enable-dns-blocklist but this is just testing right? 20:44:07 you can download https://gui.xmr.pm/files/block_tor_new.txt and start with --ban-list /path/to/block_tor_new.txt 20:45:00 Ok, so is it blocking just known tor exit nodes or known bad actors that happen to be all tor exit nodes 20:45:23 just known tor exit nodes, once the attacks cool down I will recommend to remove this list again 20:45:58 if you are familiar with compiling monero yourself you can also fix it that way 20:46:02 Kk. Because that would explain my problem trying to sync a new node from tor? 😂 20:46:31 possible :D 20:46:58 ok, i started my node here with --enable-dns-blocklist however, i am uncertain if I need to pass other block lists? 20:47:05 you guys have something for the next network upgrade? i thought i remember talk of it. 20:47:44 What do you mean? 20:47:59 That is basically the Tor-less version of selsta’s blocklist. 20:48:10 If you want to block Tor IPs you need to use his as well. 20:48:26 oh ffs 20:48:34 hes got 3 versions! 20:48:41 do i pass all 3 lol 20:48:48 actually maybe 4 now 20:48:48 no. 20:48:56 Maybe actually embody your name and slow down. 20:49:05 He’s explained it to you above. 20:49:07 Read the scrollback. 20:49:13 like I said, https://gui.xmr.pm/files/block_tor_new.txt contains all IPs that you need 20:49:30 with this list your node should stay online for multiple hours 20:49:32 Can this app do pinning? 20:49:42 i dont know, thats why im asking. i thought there was a protocol change or something that other p2p networks employ to make it harder to attack the network but needed a network upgrade and we are not doing one for a while 🤷‍♂️ 20:49:46 NVM doesn't look like it 20:49:46 mark_bleep: not sure. 20:50:10 The long-term fix for one of the attacks will be part of the next hard fork. A short term fix is in place and working properly. 20:50:15 why can't he keep his blocklist to one file, i don't get it. Theres no harm done doing that and it centralizes the versioning. 20:50:26 Make your own list 20:50:32 If you want to merely complain about the work of others 20:50:36 Thats not the answer. 20:50:40 ya, whats the long term fix? 20:51:06 https://github.com/monero-project/monero/pull/7135 20:51:08 i just dont remember what it was 20:51:10 I'm here as a end user to file legitimate issues to developers of a project I use. 20:51:28 Then file an issue, whining about file names over and over isn’t helpful. 20:51:34 This is an unfortunate necessity short-term. 20:51:47 agentpatience: you as an end user should be grateful for the work of others and not complain about minor inconveniences 20:51:53 Not worth the time to make it the perfect UX when it won’t be needed long term. 20:52:01 These things are being doen FOR FREE FOR YOUR OWN BENEFIT. 20:52:14 Feel free to give ideas on how to improve but whining helps no one. 20:52:22 well said 20:52:31 selsta clearly explained how to use the block lists and what each does. 20:52:32 Fwiw a simple, current string for deploying a node is almost, but not quite what people need. Given attacks and change I realize that isn't necessarily easy but if hash site is right and only 1200 or so full nodes are running globally then it's not much of a network until more are running. 20:52:36 I just wanted to provide feedback here instead of opening tickets on github but if you prefer that then I will do so. 20:52:50 Not for this “issue”, as it’s a non-issue. 20:53:03 Yes, Ansible/Docker would be a great way to build a simple deployment tool for end-users. 20:53:07 If you have the experience go for it :) 20:53:35 actually having multiple block lists to save a node really disturbs me deep down inside. 20:53:44 agentpatience: https://gui.xmr.pm/files/block_simple.txt 20:53:56 this list will always contain the block list you should use 20:53:58 is that better? 20:54:00 Ansible yes, docker... Ugh. Maybe. The problem always arises in edge cases 20:54:14 lmao, fuck off man with your varients 20:54:34 I can make more variants :D 20:54:35 Dude, getfo of here. 20:55:02 agentpatience: please be civil, especially when everyone is trying to help volunteering on new years eve 20:56:21 I hear you. I recpect everyones advice and opnions here. I am duly noted. 20:57:11 but I was serious, I will make sure that https://gui.xmr.pm/files/block_simple.txt always contains the list to use 20:57:13 you can ignore all the others 20:57:20 ok 20:57:25 I think the issue he's having is at its core too abstract. 20:57:46 Thanks for clearing that up, hopefully I won't hear about those others again I couldn't sleep for days 20:57:50 always contains the list you should use until these attacks are over 20:58:03 then no block list is necessary 20:58:12 Would it be possible to put https://gui.xmr.pm/files/block_tor.txt in a secondary dns blocklist? It may improve the situation for complete monero noobs who only use the gui and have no idea how to add blocklists 20:58:33 * mark_bleep[m] sent a long message: < https://matrix.org/_matrix/media/r0/download/matrix.org/zWyHiuSNMrfvCKsFxdtAgqNr/message.txt > 20:59:19 > <@mark_bleep:matrix.org> I think the issue he's having is at its core too abstract. 20:59:39 monerofanboy2: everything we add to the dns list will be blocked for 10 days 20:59:48 A secondary dns blocklist would just be more confusing to newbs 21:00:00 binaryFate: opinion on adding Tor exit nodes to DNS block list? 21:00:03 or rather not 21:01:00 "everything we add to the dns list will be blocked for 10 days" I get that, but the malicious tor exist nodes are not in the dns block list, right? 21:01:19 no, we have to add all tor exit nodes 21:01:23 Tricky one, because we're about to fix current attack, so 10 days will be longer than necessary 21:02:30 though once people update the DNS list will reload anyway 21:02:48 some of those onion nodes are suspected owned, prob not the attackers 21:02:58 Is ten days based on DNS TTL? 21:03:31 afaik ten days once loaded in monerod 21:03:33 it's based on the time at which you query and get the list afaik 21:04:21 though once people update the DNS list will reload anyway <-- are you sure? 21:04:45 restarting resets the bans 21:04:58 Right, but dns replicates based on a TTL value that can be modified for each record to be anywhere from 5m to two weeks (standard) and checks for updates halfway through 21:06:08 I think the dns TTL is short, the 10 days is entirely internal to monerod 21:06:10 I guess I could look up the TTL myself instead of asking.. it's a txt record, but I'll need to track down it's name 21:06:38 selsta: ok then I would be on the cautious side and add tor nodes to dns list now, so that it helps user experience until next release 21:07:10 Ok, that's what I was wondering, because 10 days is a bit long for Dns expirey 21:08:35 idk, I'm running 8 nodes currently. 7 with block_tor.txt and 1 with block.txt and the DNS blocklist on all 8. The 1 node not using the block_tor.txt appears from the logs to be crashing hourly. The other 7 nodes appears to still be going strong. 21:09:45 mark_bleep[m]: Check https://github.com/monero-project/monero/pull/7138 it's a fairly simple one to follow 21:10:18 monerofanboy2: yes we know, there is a new attack. The fix is coming. 21:11:12