Blog‎ > ‎

IPv6, Cipher, Hash, Dev / Sysadmin / DevOps, Hdparm, Discard, Guerrilla, Iridium

posted Aug 12, 2017, 9:17 PM by Sami Lehtinen   [ updated Aug 12, 2017, 9:17 PM ]
  • Global IPv6 address scanning 33c3 (c3tv) talk "You can -j REJECT but you can not hide" reminded my about: This approach reminded my from binary split protocol I wrote to map out address spaces. It always splits the remaining space(s) in half, looks for neighbors and does that again. The platform didn't provide a feature to list all entires, so I had to write a code which will search for entries efficiently by splitting up the address space until all are found. Yes I've heard rumors that this addressing scheme might get changed. So that would force me to re-invent the method to find 'unlisted' items from the address space efficiently. It remains to be seen if and when I'm continuing this project. I've got several algorithmic projects open related on multiple things. No rocket science, but basic implementation which I find interesting. At least it's not basic CRUD stuff, which is very common for ETL stuff which I do daily.
  • I had to rethink what's the difference of cipher and hash and I couldn't actually come up with any reasonable outcome. Other than that those could potentially be designed and tested to resist different kind of attacks. But if the hash or cipher is working well, both should be actually as good for both purposes. Maybe I'll have to write bit more about this. In both cases it's all about taking input and turning it into pseudo-random. I did read many articles giving extremely shallow and hollow reasoning between differences. But none of those explained whats the actual technical difference.
  • New Ethernet standards between 1 Gbps and 10 Gbps to allow longer distances with old(er?) cabling. 2.5GBASE-T and 5GBASE-T. I haven't had too long cables, so 10 Gbps has been working just fine with cat6 cabling. Of course there's the single mode fiber which you can use, if the good old copper seems to be too slow.
  • Reminded my self about basic stuff: OFDM, IEEE 802.11n, IEEE 802.11ax, Chaffing and winnowing, All or nothing transform, Known plaintext attack. - I guess I've written about almost of all of these topics earlier. So no comments.
  • Software Developers Should Have Sysadmin Experience - Lol, I've written so much about this. I just make this, I don't use those. Hahah, everyone knows what kind of crap that ends up being. How about supporting your own product, as well as maintaining it. Eat your own dog food. It's also so legendary that it works here well and fast. First the developer is using latest high power computer. And he's trying that crappy code with database with 10 rows. But in reality, customers use old crap which still somehow happens to run, and have databases of tens or hundreds of millions of rows. I'm just wondering why developers don't figure out that it's being really slow code.
  • Configured bunch of servers at new service provider to use IPv6. It's actually extremely easy with static addressing, to only use IPv6. When you're not responsible for the whole network and configuration.
  • Can't stop loving false claims. Many say that hdparm.conf issues have been fixed years ago. But that's not true. Only using hdparm in rc.local worked, changing settings in hdparm.conf didn't work out as promised. It's always necessary to confirm that configuration actually works. Changing configuration is never enough.
  • Another story which is full of lies is the discard / trim story. Many tell that you should check if device supports trim, and then add discard to fstab. But you know what, that doesn't mean it would be actually working or enabled. Several guides tell "how to check that". But all of these guides are full of lies, and tell you to check the configuration. None of the guides, actually describe a process to actually see if trim / discard is being used. Phew. I've been witnessing this kind of incidents for ages, I really hate this kind of brain dead approach.
  • Is it encryption, if two pseudo-random streams are masked together? Technically it's not encryption, it's just a mask. But you have to know the original streams to get the data out, so it's still encryption?
  • Finished reading a book about Guerrilla warfare organization, tactics and strategies.
  • Iridium NEXT - Truly Global IoT / M2M communications.