swirepe's comments

There are some other outdoor keypad options - tv remotes, security gates, garage door openers, etc.

The case doesn't need to be special for a first pass. We just need enough of a fucking owl to decide what to do next.

https://i.imgur.com/KmaZLNy.jpg

Edit: my plan was to find a configuration of hardware that does what we want to do first. Next would be trying the new platform from a desk and, if that goes well, designing a case for the parts we selected. You can't really make a custom case without knowing what's going inside :)

Okay, we'll need an rtl-sdr, a raspberry pi, a battery, a keypad, and a screen. We can 3d print a case, or put it in a project box. Both can be ruggedized later.

I found this for the keypad and screen: https://wiki.dfrobot.com/I_O_Expansion_HAT_for_Pi_zero_V1_0_...

There are separate options for keypad and screen, e.g eink and a number pad, but for a first pass this might be enough.

An rtl-sdr won't plug directly into a pi zero w, so we'll need an internal adapter. I know that HATs stack, so if there isn't a hard requirement for an rtl-sdr, we could find an sdr hat to put between the pi and the keypad.

Have you tried a hackrf portapack? It's an order of magnitude more expensive than a pi zero and an rtl-sdr, but it might be close to what you want.

The two big dangerous things to withdraw from are alcohol and benzodiazepines. Opiates withdrawal won't kill you (but you'll want it to)

>if you only care about Linux forever.

You caught me, and you're right: sh (not bash) is the portable option.

For what it's worth, I don't think it's weird that you don't drink alcohol.

'Slinging cat' is slang for selling methcathinone. Interestingly, this doesn't change the meaning of your first sentence.

https://en.wikipedia.org/wiki/Methcathinone

>Despite remaining in zsh while in a terminal, I still find myself writing only bash scripts when a script it needed.

I do this too. I think it's good practice; zsh is amazing as an interactive shell, but bash is everywhere.

I liked the way you framed drug use as temporary happiness loans. That's very insightful.

>Now, I'm aware that this is quite complex, but still I wonder how many people there are out there who can self-control themself and diligently keep their debt in order.

The analogy breaks down a bit here for me.

Before I had a cat, I couldn't understand how people could pay so much for veterinary bills. After I got a cat, I could see myself spending more on her than I would spend on myself. Like, what's the point of having money if not to make my cat happy? My relationship to money itself changed. Self-control isn't a factor.

I'm stretching this analogy, but I wonder how many drug users with their happiness debts in balance have really just reframed their happiness finances around their addiction.

Addiction controls what you want, regardless of whether you like the thing you are addicted to. That's what makes it hard to beat by just white-knuckling it; whatever strength or will you have gets redirected against you.

You might enjoy some of the accounts in The Realm of Hungry Ghosts: https://www.google.com/books/edition/In_the_Realm_of_Hungry_...

8 hours for sleeping

8 hours for getting your $80 for the day to get high

4 hours to get high

4 hours for...I don't know, working on a novel or something

(They are definitely going to exceed their storage quotas.)

I want to see how well weights for these models compress, but it will take me some time to run this code and generate some. I'm guessing they won't compress well, but I can't articulate a reason why.

>As I said - condescending - and now we can see that your answer was in bad faith.

Lol I stopped reading here

>If you really were making a joke, you could have just said so when I ‘didn’t get it’. I’d probably have said something like ‘fair play’, or ‘nice’.

Lol ok

>Have you considered the possibility that I am asking what other people think because I want to know what other people think, and that ‘being encouraged to think it through’ will simply not answer that question?

Had you considered the possibility that you asked a low-effort question? "What kind of useful information [might malicious actors look for]?" is about as deep as "hey how long should my password be". You are on Hacker News. I honestly thought you were joking when you asked it.

Do you really just want to talk about how the article makes China look bad? That's legit, but not at all related to the question you asked.

>There is nothing to suggest that you are an expert on this topic. Your own knowledge of it is limited despite having ‘thought it through’, proven by the fact that my response to your first real answer immediately showed you had missed something.

Nobody said I'm an expert? You asked about very basic threat modeling and I tried to walk you through a very basic exercise.

The thing I missed (the article itself is disinformation) wouldn't actually change much about the threat model. The writers still have to decide what/how much information about their business practices to share, and the attackers still gather every bit of info they can. The attack in the article could be a lie. The article could still accidentally revealed something new (or confirm something old) to any potential attackers. If the article mentions a specific factory, for example, another data point an adversary can use to model their supply chain. If it mentions a name and that name leads to a LinkedIn profile, the attackers get a little bit of the company's org chart. Those little leaks add up and must be actively managed.

>There is nothing wrong with making jokes, even bad ones, but following up with condescension makes it look like you weren’t actually joking. We’ll never know now.

I invite you to puzzle that one through yourself :-)

>Are you trying to create the impression that you are in personal possession of secrets about this attack?

Lol

> I just wanted to know what classes of information people thought the journalists might be protecting.

I just made a joke. You didn't get it (?), so I encouraged you to think through some possible answers to your own question. If you can think of more than one class of information that you wouldn't want your attacker to know you have, then you can arrive at the punchline yourself.

It's not too late to try it, by the way. Thinking like the attacker is a good exercise. The attacker doesn't even have to be real.

>At some level yes, but not at the level of this discussion. The ideas we’re talking about here are widely present even in pop-culture.

I'm not sure what you mean by this, but operational security would still apply even when you have to make press releases. Companies juggle this all the time, e.g. sharing just enough about their proprietary technology to attract new employees/customers without giving everything away.

>it’s possible the article is complete bullshit. Another possibility is that the article is itself disinformation.

Okay, that's fair.

Your question was about what kinds of information an attacker can use. I didn't think of your question in the context of the entire article being disinformation.

I need to think more about that.

>Yes, it’s possible there is more than one attack and they want to avoid revealing which ones have been detected.

>This may be the class of information they are protecting.

>There was no reason not to answer straightforwardly at the beginning. Weird that you didn’t.

I'm glad I didn't, and I'm glad you took the time to puzzle that through.

>Nice try

You want to give your attacker as little information as possible. Even information about the kinds of information you're restricting can be used against you.

Not helpful.

But that's okay, I'm going to hold your hand for a bit. Pretend the article said "three hidden microphones were found to be added to this board." That tells the attacker which board is being tested, that they are testing for microphones, and how many of their microphones have been found.

If your job is to hide microphones every day, do you see how this information could help you moving forward? Do you see why this is more than a binary caught/not caught?

If you were sneaking chips into boards and wanted to know if you were caught, what classes of information would you find useful?

What classes of information wouldn't be immediately useful, but would be useful in aggregate?

Nice try

Is your project non-commercial? You can use this[1] official bsd-licensed[2] library for non-commercial projects.

[1] https://trueskill.org/

[2] https://github.com/sublee/trueskill/blob/master/LICENSE