<__monty__>
infinisil: Enlighten me. Other than quantum-proof crypto I'm pretty sure general quantum computers break the assumptions behind all popular crypto.
<__monty__>
Note that I'm not talking about the quantum computers that have thus far been realized. I don't really understand how they differ from real general quantum computing but apparently they do.
<infinisil>
OH, maybe I'm the fool after all here
<infinisil>
I only thought there was an algorithm that *halved* the complexity, and we could just double the key size to be secure against that
<infinisil>
Oh, it's exponentially faster, but maybe that's factor 2 in the exponent
<infinisil>
Out of time for now though, bbl
<infinisil>
__monty__: And I also think there's a whole bunch of crypto techniques currently in use whose cracking can't be sped up with Shor's algo. Ecdns curved i believe too
<__monty__>
infinisil: Shor literally stomps all over factoring. I think it makes it linear time? May be misremembering though. I'm not 100% sure about elliptic curves but I'm pretty sure they're not safe either. There *are* quantum-proof crypto techniques, Learning With Errors is pretty cool but none of them are really all that practical time/space-wise on non-quantum hardware.
<__monty__>
Also, the bigger impact would imo be that homomorphic encryption schemes are relegated to obscure research again : /
<infinisil>
Aw darn, seems that I was wrong indeed, sorry
<__monty__>
Are you scared yet? : )
<infinisil>
Not sure where I heard the thing about doubling the key size
<infinisil>
A bit, yes!
<infinisil>
Aha!
<infinisil>
"Unlike other quantum algorithms, which may provide exponential speedup over their classical counterparts, Grover's algorithm provides only a quadratic speedup. However, even quadratic speedup is considerable when
<infinisil>
N is large."
<infinisil>
N
<infinisil>
Grover's algorithm could brute-force a 128-bit symmetric cryptographic key in roughly 264 iterations, or a 256-bit key in roughly 2128 iterations. As a result, it is sometimes suggested[3] that symmetric key lengths be doubled to protect against future quantum attacks.
<infinisil>
So quantum computing breaks asymmetric encryption, but not symmetric one
<infinisil>
So yeah, I wasn't totally wrong after all
jD91mZM2 has quit [Remote host closed the connection]
jD91mZM2 has joined #nixos-chat
<elvishjerricco>
I don't know anything about quantum computing. But I think I remember reading somewhere that even if quantum computers are time efficient, they may not be energy efficient. So potentially, encryption breaking quantum algorithms might still be prohibitively expensive just in the energy cost.
<elvishjerricco>
But I think it also said that even if the energy cost isn't asymptotically lower, the constant factors could be so many orders of magnitude lower that there could still be some risk.
ottidmes has joined #nixos-chat
<gchristensen>
anyone looking for a side project? :P
<gchristensen>
samueldr: are you still looking for docs from a bunch of distros / macos / etc?
<etu>
gchristensen: That sounds dangerous. You just hope for someone to say anything that sounds like a positive answer before disclosing what it is ;)
<gchristensen>
3v4l.org takes arbitrary PHP and executes it across a zillion versions of PHP, and diffs the result.
<gchristensen>
anyway, I'd love something similar (I noticed the domain exec.lol is available) which takes arbitrary shell commansd like "umask -S | sed -e 's/[wx]//g'" and executes them across a zillion distros and macos and windows
<samueldr>
gchristensen: not really, there were others who spoke a bit mire about a kind of "caniuse" but for man pages
<samueldr>
gchristensen: and then there's the man page from apple situation, which is just sad :(
<gchristensen>
ahh right
iqubic has left #nixos-chat ["ERC (IRC client for Emacs 26.1)"]
endformationage has joined #nixos-chat
obadz has quit [Ping timeout: 245 seconds]
<tilpner>
Goodbye ZFS :c
<gchristensen>
why so?
* tilpner
moves back to the stone ages (ext4)
<tilpner>
I mostly tried zfs to avoid the md code-paths that would trigger a system freeze
<tilpner>
It kind of worked, the frequency decreased, but it didn't stop
<tilpner>
Snapshots are nice, but I don't think I'd use them much. And it puts a little too much restriction (from what I can tell) on what kernel version I can use
<gchristensen>
is this just from the 5.0 FUD?
* infinisil
couldn't live without snapshots
<tilpner>
No, I also tried to get zfs working with a custom kernel for my pinebook, and 4.20.3
<samueldr>
even forgetting the sparks from the 5.0 thing, zfs-stable rc kernels seems to have been spotty (going from the new_kernel iso builds since zfs was added)
drakonis has quit [Ping timeout: 250 seconds]
<tilpner>
But then it said it's not supported
<gchristensen>
ah
<samueldr>
iirc we haven't had new_kernel iso built successfully since 4.20
<tilpner>
There is a cost to being out-of-tree. It's not *that* high (not a blocker by itself), but it is a little annoying
<tilpner>
I don't claim to have to put a lot of effort into getting zfs to play nice with my desired kernel versions
<samueldr>
the OOBE (out of box experience) is something that can make it or break it
<tilpner>
To be fair, usually I wouldn't care which exact kernel version I'm running
<tilpner>
It'd be fine for zfs to restrict my choice
<tilpner>
But when there are multiple things restricting your choice in kernel versions, you might end up with 0 valid choice
<tilpner>
So, uhh, yay
<gchristensen>
sure
obadz has joined #nixos-chat
<sphalerite>
oh yeah, I seem to remember having that problem with my old laptop. nvidia-compatible ∩ zfs-compatible = Ø
<sphalerite>
(at certain points in time)
* etu
has never tried zfs
<gchristensen>
it is pretty neat
<etu>
But I got plenty of bad experiences with btrfs
<gchristensen>
same
<gchristensen>
(but many years ago, maybe it is different)
<etu>
So I'm mostly on ext4 or xfs... Having the hopes up for bcachefs
<elvishjerricco>
is bcachefs going to have snapshots and (incremental) send/recv functionality?
<tilpner>
But it's going to be a while until they claim it's ready, and then another while before it's well-tested enough for you to trust it with all your data
<srk>
providing similar functionality in one package like zfs is the goal of RHs Stratis which unlike zfs combines bunch of tools like dm-*/lvm
<srk>
with some json metadata
<srk>
After two years of development, Stratis 1.0 has stabilized its on-disk metadata format and command-line interface, and is ready for more widespread testing and evaluation by potential users.
<srk>
early stages
<sphalerite>
etu: zfs is nice
<sphalerite>
srk: ooh I didn't know about this. But also don't really have any toy machines where I could suitably test it
<etu>
sphalerite: People keep saying that, just haven't got around to it :D
<gchristensen>
sphalerite: would you like to shepherd my RFC?
* sphalerite
looks up the rfc rfc to work out what that means again
<sphalerite>
but probably yes :)
<sphalerite>
sure
<gchristensen>
want to self-nominate? :)
tilpner has quit [Quit: WeeChat 2.3]
<colemickens>
srk: have you tried out stratis yet? curious to hear about any first impressions. I was surprised at how fast they decided to 1.0 the disk format, but I guess they're taking a different approach than some other FSes have in that regard.
drakonis1 has joined #nixos-chat
drakonis1 has quit [Client Quit]
drakonis has joined #nixos-chat
<elvishjerricco>
Looking through the stratis FAQ, it looks like it supports almost *none* of the reasons I use ZFS.
<sphalerite>
no send/receive? yeah no x)
<cransom>
'is stratis a 2 year old file system? yes' *don't run, please don't run!*
<gchristensen>
bah, cransom, you should try having more excitement
<cransom>
years of experience have taught me to weary of 'excitement'.
<elvishjerricco>
cransom: To its credit, it's not a file system, it's an orchestration tool for other older things.
<gchristensen>
O.o
<elvishjerricco>
gchristensen: Is that not correct?
<cransom>
it's some kind of block storage and it uses xfs underneath. like an enchanced-ish lvm
<elvishjerricco>
I think it actually uses lvm
<gchristensen>
I dunno
<elvishjerricco>
IIUC, it just orchestrates XFS filesystems over LVM, growing and shrinking them on the LVM with a daemon as needed
<gchristensen>
but I'll be happy to never use lvm again
<elvishjerricco>
why's that?
<gchristensen>
I never remember what the heck I'm doing until I've already accidentallied my data
<ottidmes>
"Instead, Stratis chose to use some of the Linux kernel's other existing capabilities: The device mapper subsystem, which is most notably used by LVM to provide RAID, thin-provisioning, and other features on top of block devices; and the well-tested and high-performance XFS filesystem." https://opensource.com/article/18/4/stratis-lessons-learned
<__monty__>
gchristensen: It's not as if LVM is much (any?) more complicated than ZFS though.
<gchristensen>
much simpler, operationally
<elvishjerricco>
Total guess: I'm guessing it creates a block device for each XFS, and somehow maps those in a fragmented fashion over a pool of block devices, so that XFSes can be resized or added without moving other XFSes around
<ottidmes>
on this machine I am using btrfs on LVM on LUKS
<__monty__>
Another btrfs on lvm here.
<elvishjerricco>
Why put LUKS under LVM? Doesn't that mean needing multiple keys if you have multiple disks?
<ottidmes>
elvishjerricco: just got the one disk
<ottidmes>
swap and btrfs are partition via LVM on a LUKS encrypted block
<infinisil>
I guess security is always a bit of a delicate topic
<simpson>
infinisil: No idea. Incedentally I wouldn't use this when Tahoe-LAFS and magic-wormhole already exist; something can be both not bad and also not the best choice.
Synthetica has joined #nixos-chat
<colemickens>
I'd rather just derive a GPG key from a bip0039 word list and call it good.
<colemickens>
Should have similar properties and can rely on much more tested crypto, albeit gpg
<simpson>
colemickens: Check out magic-wormhole; you generate a short passphrase like 3-entropy-ballerina, and the system uses that to bootstrap the rest of the key exchange.
<colemickens>
There are some repos out there that use the same process and create GPG keys.
<colemickens>
And/or there are Trezor apps you can get that will use the root Trezor key to derive a GPG key. Kind of cool, on the newer Trezor 2, you can actually confirm the key operations on the screen of the Trezor itself.
<colemickens>
simpson: hm, interesting. thanks for the pointer